search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
ide: Turn drive serial into a qdev property ide-drive.serial
[qemu/mdroth.git] / hw / ide / core.c
blob70af1b60434fe134e1dfc527becdc24e34630fdf
1 /*
2 * QEMU IDE disk and CD/DVD-ROM Emulator
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
25 #include <hw/hw.h>
26 #include <hw/pc.h>
27 #include <hw/pci.h>
28 #include <hw/scsi.h>
29 #include "block.h"
30 #include "block_int.h"
31 #include "qemu-timer.h"
32 #include "sysemu.h"
33 #include "dma.h"
34
35 #include <hw/ide/internal.h>
36
37 #define IDE_PAGE_SIZE 4096
38
39 static const int smart_attributes[][5] = {
40 /* id, flags, val, wrst, thrsh */
41 { 0x01, 0x03, 0x64, 0x64, 0x06}, /* raw read */
42 { 0x03, 0x03, 0x64, 0x64, 0x46}, /* spin up */
43 { 0x04, 0x02, 0x64, 0x64, 0x14}, /* start stop count */
44 { 0x05, 0x03, 0x64, 0x64, 0x36}, /* remapped sectors */
45 { 0x00, 0x00, 0x00, 0x00, 0x00}
46 };
47
48 /* XXX: DVDs that could fit on a CD will be reported as a CD */
49 static inline int media_present(IDEState *s)
50 {
51 return (s->nb_sectors > 0);
52 }
53
54 static inline int media_is_dvd(IDEState *s)
55 {
56 return (media_present(s) && s->nb_sectors > CD_MAX_SECTORS);
57 }
58
59 static inline int media_is_cd(IDEState *s)
60 {
61 return (media_present(s) && s->nb_sectors <= CD_MAX_SECTORS);
62 }
63
64 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb);
65 static void ide_dma_restart(IDEState *s, int is_read);
66 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
67 static int ide_handle_rw_error(IDEState *s, int error, int op);
68
69 static void padstr(char *str, const char *src, int len)
70 {
71 int i, v;
72 for(i = 0; i < len; i++) {
73 if (*src)
74 v = *src++;
75 else
76 v = ' ';
77 str[i^1] = v;
78 }
79 }
80
81 static void padstr8(uint8_t *buf, int buf_size, const char *src)
82 {
83 int i;
84 for(i = 0; i < buf_size; i++) {
85 if (*src)
86 buf[i] = *src++;
87 else
88 buf[i] = ' ';
89 }
90 }
91
92 static void put_le16(uint16_t *p, unsigned int v)
93 {
94 *p = cpu_to_le16(v);
95 }
96
97 static void ide_identify(IDEState *s)
98 {
99 uint16_t *p;
100 unsigned int oldsize;
101 IDEDevice *dev;
102
103 if (s->identify_set) {
104 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
105 return;
106 }
107
108 memset(s->io_buffer, 0, 512);
109 p = (uint16_t *)s->io_buffer;
110 put_le16(p + 0, 0x0040);
111 put_le16(p + 1, s->cylinders);
112 put_le16(p + 3, s->heads);
113 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
114 put_le16(p + 5, 512); /* XXX: retired, remove ? */
115 put_le16(p + 6, s->sectors);
116 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
117 put_le16(p + 20, 3); /* XXX: retired, remove ? */
118 put_le16(p + 21, 512); /* cache size in sectors */
119 put_le16(p + 22, 4); /* ecc bytes */
120 padstr((char *)(p + 23), s->version, 8); /* firmware version */
121 padstr((char *)(p + 27), "QEMU HARDDISK", 40); /* model */
122 #if MAX_MULT_SECTORS > 1
123 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
124 #endif
125 put_le16(p + 48, 1); /* dword I/O */
126 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
127 put_le16(p + 51, 0x200); /* PIO transfer cycle */
128 put_le16(p + 52, 0x200); /* DMA transfer cycle */
129 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
130 put_le16(p + 54, s->cylinders);
131 put_le16(p + 55, s->heads);
132 put_le16(p + 56, s->sectors);
133 oldsize = s->cylinders * s->heads * s->sectors;
134 put_le16(p + 57, oldsize);
135 put_le16(p + 58, oldsize >> 16);
136 if (s->mult_sectors)
137 put_le16(p + 59, 0x100 | s->mult_sectors);
138 put_le16(p + 60, s->nb_sectors);
139 put_le16(p + 61, s->nb_sectors >> 16);
140 put_le16(p + 62, 0x07); /* single word dma0-2 supported */
141 put_le16(p + 63, 0x07); /* mdma0-2 supported */
142 put_le16(p + 65, 120);
143 put_le16(p + 66, 120);
144 put_le16(p + 67, 120);
145 put_le16(p + 68, 120);
146 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
147 put_le16(p + 81, 0x16); /* conforms to ata5 */
148 /* 14=NOP supported, 0=SMART supported */
149 put_le16(p + 82, (1 << 14) | 1);
150 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
151 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
152 /* 14=set to 1, 1=SMART self test, 0=SMART error logging */
153 put_le16(p + 84, (1 << 14) | 0);
154 /* 14 = NOP supported, 5=WCACHE enabled, 0=SMART feature set enabled */
155 if (bdrv_enable_write_cache(s->bs))
156 put_le16(p + 85, (1 << 14) | (1 << 5) | 1);
157 else
158 put_le16(p + 85, (1 << 14) | 1);
159 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
160 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
161 /* 14=set to 1, 1=smart self test, 0=smart error logging */
162 put_le16(p + 87, (1 << 14) | 0);
163 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
164 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
165 put_le16(p + 100, s->nb_sectors);
166 put_le16(p + 101, s->nb_sectors >> 16);
167 put_le16(p + 102, s->nb_sectors >> 32);
168 put_le16(p + 103, s->nb_sectors >> 48);
169 dev = s->unit ? s->bus->slave : s->bus->master;
170 if (dev && dev->conf.physical_block_size)
171 put_le16(p + 106, 0x6000 | get_physical_block_exp(&dev->conf));
172
173 memcpy(s->identify_data, p, sizeof(s->identify_data));
174 s->identify_set = 1;
175 }
176
177 static void ide_atapi_identify(IDEState *s)
178 {
179 uint16_t *p;
180
181 if (s->identify_set) {
182 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
183 return;
184 }
185
186 memset(s->io_buffer, 0, 512);
187 p = (uint16_t *)s->io_buffer;
188 /* Removable CDROM, 50us response, 12 byte packets */
189 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
190 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
191 put_le16(p + 20, 3); /* buffer type */
192 put_le16(p + 21, 512); /* cache size in sectors */
193 put_le16(p + 22, 4); /* ecc bytes */
194 padstr((char *)(p + 23), s->version, 8); /* firmware version */
195 padstr((char *)(p + 27), "QEMU DVD-ROM", 40); /* model */
196 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
197 #ifdef USE_DMA_CDROM
198 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
199 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
200 put_le16(p + 62, 7); /* single word dma0-2 supported */
201 put_le16(p + 63, 7); /* mdma0-2 supported */
202 put_le16(p + 64, 0x3f); /* PIO modes supported */
203 #else
204 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
205 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
206 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
207 put_le16(p + 64, 1); /* PIO modes */
208 #endif
209 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
210 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
211 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
212 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
213
214 put_le16(p + 71, 30); /* in ns */
215 put_le16(p + 72, 30); /* in ns */
216
217 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
218 #ifdef USE_DMA_CDROM
219 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
220 #endif
221 memcpy(s->identify_data, p, sizeof(s->identify_data));
222 s->identify_set = 1;
223 }
224
225 static void ide_cfata_identify(IDEState *s)
226 {
227 uint16_t *p;
228 uint32_t cur_sec;
229
230 p = (uint16_t *) s->identify_data;
231 if (s->identify_set)
232 goto fill_buffer;
233
234 memset(p, 0, sizeof(s->identify_data));
235
236 cur_sec = s->cylinders * s->heads * s->sectors;
237
238 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
239 put_le16(p + 1, s->cylinders); /* Default cylinders */
240 put_le16(p + 3, s->heads); /* Default heads */
241 put_le16(p + 6, s->sectors); /* Default sectors per track */
242 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
243 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
244 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
245 put_le16(p + 22, 0x0004); /* ECC bytes */
246 padstr((char *) (p + 23), s->version, 8); /* Firmware Revision */
247 padstr((char *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */
248 #if MAX_MULT_SECTORS > 1
249 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
250 #else
251 put_le16(p + 47, 0x0000);
252 #endif
253 put_le16(p + 49, 0x0f00); /* Capabilities */
254 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
255 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
256 put_le16(p + 53, 0x0003); /* Translation params valid */
257 put_le16(p + 54, s->cylinders); /* Current cylinders */
258 put_le16(p + 55, s->heads); /* Current heads */
259 put_le16(p + 56, s->sectors); /* Current sectors */
260 put_le16(p + 57, cur_sec); /* Current capacity */
261 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
262 if (s->mult_sectors) /* Multiple sector setting */
263 put_le16(p + 59, 0x100 | s->mult_sectors);
264 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
265 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
266 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
267 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
268 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
269 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
270 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
271 put_le16(p + 82, 0x400c); /* Command Set supported */
272 put_le16(p + 83, 0x7068); /* Command Set supported */
273 put_le16(p + 84, 0x4000); /* Features supported */
274 put_le16(p + 85, 0x000c); /* Command Set enabled */
275 put_le16(p + 86, 0x7044); /* Command Set enabled */
276 put_le16(p + 87, 0x4000); /* Features enabled */
277 put_le16(p + 91, 0x4060); /* Current APM level */
278 put_le16(p + 129, 0x0002); /* Current features option */
279 put_le16(p + 130, 0x0005); /* Reassigned sectors */
280 put_le16(p + 131, 0x0001); /* Initial power mode */
281 put_le16(p + 132, 0x0000); /* User signature */
282 put_le16(p + 160, 0x8100); /* Power requirement */
283 put_le16(p + 161, 0x8001); /* CF command set */
284
285 s->identify_set = 1;
286
287 fill_buffer:
288 memcpy(s->io_buffer, p, sizeof(s->identify_data));
289 }
290
291 static void ide_set_signature(IDEState *s)
292 {
293 s->select &= 0xf0; /* clear head */
294 /* put signature */
295 s->nsector = 1;
296 s->sector = 1;
297 if (s->is_cdrom) {
298 s->lcyl = 0x14;
299 s->hcyl = 0xeb;
300 } else if (s->bs) {
301 s->lcyl = 0;
302 s->hcyl = 0;
303 } else {
304 s->lcyl = 0xff;
305 s->hcyl = 0xff;
306 }
307 }
308
309 static inline void ide_abort_command(IDEState *s)
310 {
311 s->status = READY_STAT | ERR_STAT;
312 s->error = ABRT_ERR;
313 }
314
315 static inline void ide_dma_submit_check(IDEState *s,
316 BlockDriverCompletionFunc *dma_cb, BMDMAState *bm)
317 {
318 if (bm->aiocb)
319 return;
320 dma_cb(bm, -1);
321 }
322
323 /* prepare data transfer and tell what to do after */
324 static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
325 EndTransferFunc *end_transfer_func)
326 {
327 s->end_transfer_func = end_transfer_func;
328 s->data_ptr = buf;
329 s->data_end = buf + size;
330 if (!(s->status & ERR_STAT))
331 s->status |= DRQ_STAT;
332 }
333
334 static void ide_transfer_stop(IDEState *s)
335 {
336 s->end_transfer_func = ide_transfer_stop;
337 s->data_ptr = s->io_buffer;
338 s->data_end = s->io_buffer;
339 s->status &= ~DRQ_STAT;
340 }
341
342 int64_t ide_get_sector(IDEState *s)
343 {
344 int64_t sector_num;
345 if (s->select & 0x40) {
346 /* lba */
347 if (!s->lba48) {
348 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
349 (s->lcyl << 8) | s->sector;
350 } else {
351 sector_num = ((int64_t)s->hob_hcyl << 40) |
352 ((int64_t) s->hob_lcyl << 32) |
353 ((int64_t) s->hob_sector << 24) |
354 ((int64_t) s->hcyl << 16) |
355 ((int64_t) s->lcyl << 8) | s->sector;
356 }
357 } else {
358 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
359 (s->select & 0x0f) * s->sectors + (s->sector - 1);
360 }
361 return sector_num;
362 }
363
364 void ide_set_sector(IDEState *s, int64_t sector_num)
365 {
366 unsigned int cyl, r;
367 if (s->select & 0x40) {
368 if (!s->lba48) {
369 s->select = (s->select & 0xf0) | (sector_num >> 24);
370 s->hcyl = (sector_num >> 16);
371 s->lcyl = (sector_num >> 8);
372 s->sector = (sector_num);
373 } else {
374 s->sector = sector_num;
375 s->lcyl = sector_num >> 8;
376 s->hcyl = sector_num >> 16;
377 s->hob_sector = sector_num >> 24;
378 s->hob_lcyl = sector_num >> 32;
379 s->hob_hcyl = sector_num >> 40;
380 }
381 } else {
382 cyl = sector_num / (s->heads * s->sectors);
383 r = sector_num % (s->heads * s->sectors);
384 s->hcyl = cyl >> 8;
385 s->lcyl = cyl;
386 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
387 s->sector = (r % s->sectors) + 1;
388 }
389 }
390
391 static void ide_rw_error(IDEState *s) {
392 ide_abort_command(s);
393 ide_set_irq(s->bus);
394 }
395
396 static void ide_sector_read(IDEState *s)
397 {
398 int64_t sector_num;
399 int ret, n;
400
401 s->status = READY_STAT | SEEK_STAT;
402 s->error = 0; /* not needed by IDE spec, but needed by Windows */
403 sector_num = ide_get_sector(s);
404 n = s->nsector;
405 if (n == 0) {
406 /* no more sector to read from disk */
407 ide_transfer_stop(s);
408 } else {
409 #if defined(DEBUG_IDE)
410 printf("read sector=%" PRId64 "\n", sector_num);
411 #endif
412 if (n > s->req_nb_sectors)
413 n = s->req_nb_sectors;
414 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
415 if (ret != 0) {
416 if (ide_handle_rw_error(s, -ret,
417 BM_STATUS_PIO_RETRY | BM_STATUS_RETRY_READ))
418 {
419 return;
420 }
421 }
422 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
423 ide_set_irq(s->bus);
424 ide_set_sector(s, sector_num + n);
425 s->nsector -= n;
426 }
427 }
428
429
430 /* return 0 if buffer completed */
431 static int dma_buf_prepare(BMDMAState *bm, int is_write)
432 {
433 IDEState *s = bmdma_active_if(bm);
434 struct {
435 uint32_t addr;
436 uint32_t size;
437 } prd;
438 int l, len;
439
440 qemu_sglist_init(&s->sg, s->nsector / (IDE_PAGE_SIZE / 512) + 1);
441 s->io_buffer_size = 0;
442 for(;;) {
443 if (bm->cur_prd_len == 0) {
444 /* end of table (with a fail safe of one page) */
445 if (bm->cur_prd_last ||
446 (bm->cur_addr - bm->addr) >= IDE_PAGE_SIZE)
447 return s->io_buffer_size != 0;
448 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
449 bm->cur_addr += 8;
450 prd.addr = le32_to_cpu(prd.addr);
451 prd.size = le32_to_cpu(prd.size);
452 len = prd.size & 0xfffe;
453 if (len == 0)
454 len = 0x10000;
455 bm->cur_prd_len = len;
456 bm->cur_prd_addr = prd.addr;
457 bm->cur_prd_last = (prd.size & 0x80000000);
458 }
459 l = bm->cur_prd_len;
460 if (l > 0) {
461 qemu_sglist_add(&s->sg, bm->cur_prd_addr, l);
462 bm->cur_prd_addr += l;
463 bm->cur_prd_len -= l;
464 s->io_buffer_size += l;
465 }
466 }
467 return 1;
468 }
469
470 static void dma_buf_commit(IDEState *s, int is_write)
471 {
472 qemu_sglist_destroy(&s->sg);
473 }
474
475 void ide_dma_error(IDEState *s)
476 {
477 ide_transfer_stop(s);
478 s->error = ABRT_ERR;
479 s->status = READY_STAT | ERR_STAT;
480 ide_set_irq(s->bus);
481 }
482
483 static int ide_handle_rw_error(IDEState *s, int error, int op)
484 {
485 int is_read = (op & BM_STATUS_RETRY_READ);
486 BlockInterfaceErrorAction action = drive_get_on_error(s->bs, is_read);
487
488 if (action == BLOCK_ERR_IGNORE) {
489 bdrv_mon_event(s->bs, BDRV_ACTION_IGNORE, is_read);
490 return 0;
491 }
492
493 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
494 || action == BLOCK_ERR_STOP_ANY) {
495 s->bus->bmdma->unit = s->unit;
496 s->bus->bmdma->status |= op;
497 bdrv_mon_event(s->bs, BDRV_ACTION_STOP, is_read);
498 vm_stop(0);
499 } else {
500 if (op & BM_STATUS_DMA_RETRY) {
501 dma_buf_commit(s, 0);
502 ide_dma_error(s);
503 } else {
504 ide_rw_error(s);
505 }
506 bdrv_mon_event(s->bs, BDRV_ACTION_REPORT, is_read);
507 }
508
509 return 1;
510 }
511
512 /* return 0 if buffer completed */
513 static int dma_buf_rw(BMDMAState *bm, int is_write)
514 {
515 IDEState *s = bmdma_active_if(bm);
516 struct {
517 uint32_t addr;
518 uint32_t size;
519 } prd;
520 int l, len;
521
522 for(;;) {
523 l = s->io_buffer_size - s->io_buffer_index;
524 if (l <= 0)
525 break;
526 if (bm->cur_prd_len == 0) {
527 /* end of table (with a fail safe of one page) */
528 if (bm->cur_prd_last ||
529 (bm->cur_addr - bm->addr) >= IDE_PAGE_SIZE)
530 return 0;
531 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
532 bm->cur_addr += 8;
533 prd.addr = le32_to_cpu(prd.addr);
534 prd.size = le32_to_cpu(prd.size);
535 len = prd.size & 0xfffe;
536 if (len == 0)
537 len = 0x10000;
538 bm->cur_prd_len = len;
539 bm->cur_prd_addr = prd.addr;
540 bm->cur_prd_last = (prd.size & 0x80000000);
541 }
542 if (l > bm->cur_prd_len)
543 l = bm->cur_prd_len;
544 if (l > 0) {
545 if (is_write) {
546 cpu_physical_memory_write(bm->cur_prd_addr,
547 s->io_buffer + s->io_buffer_index, l);
548 } else {
549 cpu_physical_memory_read(bm->cur_prd_addr,
550 s->io_buffer + s->io_buffer_index, l);
551 }
552 bm->cur_prd_addr += l;
553 bm->cur_prd_len -= l;
554 s->io_buffer_index += l;
555 }
556 }
557 return 1;
558 }
559
560 static void ide_read_dma_cb(void *opaque, int ret)
561 {
562 BMDMAState *bm = opaque;
563 IDEState *s = bmdma_active_if(bm);
564 int n;
565 int64_t sector_num;
566
567 if (ret < 0) {
568 if (ide_handle_rw_error(s, -ret,
569 BM_STATUS_DMA_RETRY | BM_STATUS_RETRY_READ))
570 {
571 return;
572 }
573 }
574
575 n = s->io_buffer_size >> 9;
576 sector_num = ide_get_sector(s);
577 if (n > 0) {
578 dma_buf_commit(s, 1);
579 sector_num += n;
580 ide_set_sector(s, sector_num);
581 s->nsector -= n;
582 }
583
584 /* end of transfer ? */
585 if (s->nsector == 0) {
586 s->status = READY_STAT | SEEK_STAT;
587 ide_set_irq(s->bus);
588 eot:
589 bm->status &= ~BM_STATUS_DMAING;
590 bm->status |= BM_STATUS_INT;
591 bm->dma_cb = NULL;
592 bm->unit = -1;
593 bm->aiocb = NULL;
594 return;
595 }
596
597 /* launch next transfer */
598 n = s->nsector;
599 s->io_buffer_index = 0;
600 s->io_buffer_size = n * 512;
601 if (dma_buf_prepare(bm, 1) == 0)
602 goto eot;
603 #ifdef DEBUG_AIO
604 printf("aio_read: sector_num=%" PRId64 " n=%d\n", sector_num, n);
605 #endif
606 bm->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num, ide_read_dma_cb, bm);
607 ide_dma_submit_check(s, ide_read_dma_cb, bm);
608 }
609
610 static void ide_sector_read_dma(IDEState *s)
611 {
612 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
613 s->io_buffer_index = 0;
614 s->io_buffer_size = 0;
615 s->is_read = 1;
616 ide_dma_start(s, ide_read_dma_cb);
617 }
618
619 static void ide_sector_write_timer_cb(void *opaque)
620 {
621 IDEState *s = opaque;
622 ide_set_irq(s->bus);
623 }
624
625 static void ide_sector_write(IDEState *s)
626 {
627 int64_t sector_num;
628 int ret, n, n1;
629
630 s->status = READY_STAT | SEEK_STAT;
631 sector_num = ide_get_sector(s);
632 #if defined(DEBUG_IDE)
633 printf("write sector=%" PRId64 "\n", sector_num);
634 #endif
635 n = s->nsector;
636 if (n > s->req_nb_sectors)
637 n = s->req_nb_sectors;
638 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
639
640 if (ret != 0) {
641 if (ide_handle_rw_error(s, -ret, BM_STATUS_PIO_RETRY))
642 return;
643 }
644
645 s->nsector -= n;
646 if (s->nsector == 0) {
647 /* no more sectors to write */
648 ide_transfer_stop(s);
649 } else {
650 n1 = s->nsector;
651 if (n1 > s->req_nb_sectors)
652 n1 = s->req_nb_sectors;
653 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
654 }
655 ide_set_sector(s, sector_num + n);
656
657 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
658 /* It seems there is a bug in the Windows 2000 installer HDD
659 IDE driver which fills the disk with empty logs when the
660 IDE write IRQ comes too early. This hack tries to correct
661 that at the expense of slower write performances. Use this
662 option _only_ to install Windows 2000. You must disable it
663 for normal use. */
664 qemu_mod_timer(s->sector_write_timer,
665 qemu_get_clock(vm_clock) + (get_ticks_per_sec() / 1000));
666 } else {
667 ide_set_irq(s->bus);
668 }
669 }
670
671 static void ide_dma_restart_bh(void *opaque)
672 {
673 BMDMAState *bm = opaque;
674 int is_read;
675
676 qemu_bh_delete(bm->bh);
677 bm->bh = NULL;
678
679 is_read = !!(bm->status & BM_STATUS_RETRY_READ);
680
681 if (bm->status & BM_STATUS_DMA_RETRY) {
682 bm->status &= ~(BM_STATUS_DMA_RETRY | BM_STATUS_RETRY_READ);
683 ide_dma_restart(bmdma_active_if(bm), is_read);
684 } else if (bm->status & BM_STATUS_PIO_RETRY) {
685 bm->status &= ~(BM_STATUS_PIO_RETRY | BM_STATUS_RETRY_READ);
686 if (is_read) {
687 ide_sector_read(bmdma_active_if(bm));
688 } else {
689 ide_sector_write(bmdma_active_if(bm));
690 }
691 }
692 }
693
694 void ide_dma_restart_cb(void *opaque, int running, int reason)
695 {
696 BMDMAState *bm = opaque;
697
698 if (!running)
699 return;
700
701 if (!bm->bh) {
702 bm->bh = qemu_bh_new(ide_dma_restart_bh, bm);
703 qemu_bh_schedule(bm->bh);
704 }
705 }
706
707 static void ide_write_dma_cb(void *opaque, int ret)
708 {
709 BMDMAState *bm = opaque;
710 IDEState *s = bmdma_active_if(bm);
711 int n;
712 int64_t sector_num;
713
714 if (ret < 0) {
715 if (ide_handle_rw_error(s, -ret, BM_STATUS_DMA_RETRY))
716 return;
717 }
718
719 n = s->io_buffer_size >> 9;
720 sector_num = ide_get_sector(s);
721 if (n > 0) {
722 dma_buf_commit(s, 0);
723 sector_num += n;
724 ide_set_sector(s, sector_num);
725 s->nsector -= n;
726 }
727
728 /* end of transfer ? */
729 if (s->nsector == 0) {
730 s->status = READY_STAT | SEEK_STAT;
731 ide_set_irq(s->bus);
732 eot:
733 bm->status &= ~BM_STATUS_DMAING;
734 bm->status |= BM_STATUS_INT;
735 bm->dma_cb = NULL;
736 bm->unit = -1;
737 bm->aiocb = NULL;
738 return;
739 }
740
741 n = s->nsector;
742 s->io_buffer_size = n * 512;
743 /* launch next transfer */
744 if (dma_buf_prepare(bm, 0) == 0)
745 goto eot;
746 #ifdef DEBUG_AIO
747 printf("aio_write: sector_num=%" PRId64 " n=%d\n", sector_num, n);
748 #endif
749 bm->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num, ide_write_dma_cb, bm);
750 ide_dma_submit_check(s, ide_write_dma_cb, bm);
751 }
752
753 static void ide_sector_write_dma(IDEState *s)
754 {
755 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
756 s->io_buffer_index = 0;
757 s->io_buffer_size = 0;
758 s->is_read = 0;
759 ide_dma_start(s, ide_write_dma_cb);
760 }
761
762 void ide_atapi_cmd_ok(IDEState *s)
763 {
764 s->error = 0;
765 s->status = READY_STAT | SEEK_STAT;
766 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
767 ide_set_irq(s->bus);
768 }
769
770 void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
771 {
772 #ifdef DEBUG_IDE_ATAPI
773 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
774 #endif
775 s->error = sense_key << 4;
776 s->status = READY_STAT | ERR_STAT;
777 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
778 s->sense_key = sense_key;
779 s->asc = asc;
780 ide_set_irq(s->bus);
781 }
782
783 static void ide_atapi_cmd_check_status(IDEState *s)
784 {
785 #ifdef DEBUG_IDE_ATAPI
786 printf("atapi_cmd_check_status\n");
787 #endif
788 s->error = MC_ERR | (SENSE_UNIT_ATTENTION << 4);
789 s->status = ERR_STAT;
790 s->nsector = 0;
791 ide_set_irq(s->bus);
792 }
793
794 static void ide_flush_cb(void *opaque, int ret)
795 {
796 IDEState *s = opaque;
797
798 /* XXX: how do we signal I/O errors here? */
799
800 s->status = READY_STAT | SEEK_STAT;
801 ide_set_irq(s->bus);
802 }
803
804 static inline void cpu_to_ube16(uint8_t *buf, int val)
805 {
806 buf[0] = val >> 8;
807 buf[1] = val & 0xff;
808 }
809
810 static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
811 {
812 buf[0] = val >> 24;
813 buf[1] = val >> 16;
814 buf[2] = val >> 8;
815 buf[3] = val & 0xff;
816 }
817
818 static inline int ube16_to_cpu(const uint8_t *buf)
819 {
820 return (buf[0] << 8) | buf[1];
821 }
822
823 static inline int ube32_to_cpu(const uint8_t *buf)
824 {
825 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
826 }
827
828 static void lba_to_msf(uint8_t *buf, int lba)
829 {
830 lba += 150;
831 buf[0] = (lba / 75) / 60;
832 buf[1] = (lba / 75) % 60;
833 buf[2] = lba % 75;
834 }
835
836 static void cd_data_to_raw(uint8_t *buf, int lba)
837 {
838 /* sync bytes */
839 buf[0] = 0x00;
840 memset(buf + 1, 0xff, 10);
841 buf[11] = 0x00;
842 buf += 12;
843 /* MSF */
844 lba_to_msf(buf, lba);
845 buf[3] = 0x01; /* mode 1 data */
846 buf += 4;
847 /* data */
848 buf += 2048;
849 /* XXX: ECC not computed */
850 memset(buf, 0, 288);
851 }
852
853 static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
854 int sector_size)
855 {
856 int ret;
857
858 switch(sector_size) {
859 case 2048:
860 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
861 break;
862 case 2352:
863 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
864 if (ret < 0)
865 return ret;
866 cd_data_to_raw(buf, lba);
867 break;
868 default:
869 ret = -EIO;
870 break;
871 }
872 return ret;
873 }
874
875 void ide_atapi_io_error(IDEState *s, int ret)
876 {
877 /* XXX: handle more errors */
878 if (ret == -ENOMEDIUM) {
879 ide_atapi_cmd_error(s, SENSE_NOT_READY,
880 ASC_MEDIUM_NOT_PRESENT);
881 } else {
882 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
883 ASC_LOGICAL_BLOCK_OOR);
884 }
885 }
886
887 /* The whole ATAPI transfer logic is handled in this function */
888 static void ide_atapi_cmd_reply_end(IDEState *s)
889 {
890 int byte_count_limit, size, ret;
891 #ifdef DEBUG_IDE_ATAPI
892 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
893 s->packet_transfer_size,
894 s->elementary_transfer_size,
895 s->io_buffer_index);
896 #endif
897 if (s->packet_transfer_size <= 0) {
898 /* end of transfer */
899 ide_transfer_stop(s);
900 s->status = READY_STAT | SEEK_STAT;
901 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
902 ide_set_irq(s->bus);
903 #ifdef DEBUG_IDE_ATAPI
904 printf("status=0x%x\n", s->status);
905 #endif
906 } else {
907 /* see if a new sector must be read */
908 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
909 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
910 if (ret < 0) {
911 ide_transfer_stop(s);
912 ide_atapi_io_error(s, ret);
913 return;
914 }
915 s->lba++;
916 s->io_buffer_index = 0;
917 }
918 if (s->elementary_transfer_size > 0) {
919 /* there are some data left to transmit in this elementary
920 transfer */
921 size = s->cd_sector_size - s->io_buffer_index;
922 if (size > s->elementary_transfer_size)
923 size = s->elementary_transfer_size;
924 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
925 size, ide_atapi_cmd_reply_end);
926 s->packet_transfer_size -= size;
927 s->elementary_transfer_size -= size;
928 s->io_buffer_index += size;
929 } else {
930 /* a new transfer is needed */
931 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
932 byte_count_limit = s->lcyl | (s->hcyl << 8);
933 #ifdef DEBUG_IDE_ATAPI
934 printf("byte_count_limit=%d\n", byte_count_limit);
935 #endif
936 if (byte_count_limit == 0xffff)
937 byte_count_limit--;
938 size = s->packet_transfer_size;
939 if (size > byte_count_limit) {
940 /* byte count limit must be even if this case */
941 if (byte_count_limit & 1)
942 byte_count_limit--;
943 size = byte_count_limit;
944 }
945 s->lcyl = size;
946 s->hcyl = size >> 8;
947 s->elementary_transfer_size = size;
948 /* we cannot transmit more than one sector at a time */
949 if (s->lba != -1) {
950 if (size > (s->cd_sector_size - s->io_buffer_index))
951 size = (s->cd_sector_size - s->io_buffer_index);
952 }
953 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
954 size, ide_atapi_cmd_reply_end);
955 s->packet_transfer_size -= size;
956 s->elementary_transfer_size -= size;
957 s->io_buffer_index += size;
958 ide_set_irq(s->bus);
959 #ifdef DEBUG_IDE_ATAPI
960 printf("status=0x%x\n", s->status);
961 #endif
962 }
963 }
964 }
965
966 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
967 static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
968 {
969 if (size > max_size)
970 size = max_size;
971 s->lba = -1; /* no sector read */
972 s->packet_transfer_size = size;
973 s->io_buffer_size = size; /* dma: send the reply data as one chunk */
974 s->elementary_transfer_size = 0;
975 s->io_buffer_index = 0;
976
977 if (s->atapi_dma) {
978 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
979 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
980 } else {
981 s->status = READY_STAT | SEEK_STAT;
982 ide_atapi_cmd_reply_end(s);
983 }
984 }
985
986 /* start a CD-CDROM read command */
987 static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
988 int sector_size)
989 {
990 s->lba = lba;
991 s->packet_transfer_size = nb_sectors * sector_size;
992 s->elementary_transfer_size = 0;
993 s->io_buffer_index = sector_size;
994 s->cd_sector_size = sector_size;
995
996 s->status = READY_STAT | SEEK_STAT;
997 ide_atapi_cmd_reply_end(s);
998 }
999
1000 /* ATAPI DMA support */
1001
1002 /* XXX: handle read errors */
1003 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
1004 {
1005 BMDMAState *bm = opaque;
1006 IDEState *s = bmdma_active_if(bm);
1007 int data_offset, n;
1008
1009 if (ret < 0) {
1010 ide_atapi_io_error(s, ret);
1011 goto eot;
1012 }
1013
1014 if (s->io_buffer_size > 0) {
1015 /*
1016 * For a cdrom read sector command (s->lba != -1),
1017 * adjust the lba for the next s->io_buffer_size chunk
1018 * and dma the current chunk.
1019 * For a command != read (s->lba == -1), just transfer
1020 * the reply data.
1021 */
1022 if (s->lba != -1) {
1023 if (s->cd_sector_size == 2352) {
1024 n = 1;
1025 cd_data_to_raw(s->io_buffer, s->lba);
1026 } else {
1027 n = s->io_buffer_size >> 11;
1028 }
1029 s->lba += n;
1030 }
1031 s->packet_transfer_size -= s->io_buffer_size;
1032 if (dma_buf_rw(bm, 1) == 0)
1033 goto eot;
1034 }
1035
1036 if (s->packet_transfer_size <= 0) {
1037 s->status = READY_STAT | SEEK_STAT;
1038 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1039 ide_set_irq(s->bus);
1040 eot:
1041 bm->status &= ~BM_STATUS_DMAING;
1042 bm->status |= BM_STATUS_INT;
1043 bm->dma_cb = NULL;
1044 bm->unit = -1;
1045 bm->aiocb = NULL;
1046 return;
1047 }
1048
1049 s->io_buffer_index = 0;
1050 if (s->cd_sector_size == 2352) {
1051 n = 1;
1052 s->io_buffer_size = s->cd_sector_size;
1053 data_offset = 16;
1054 } else {
1055 n = s->packet_transfer_size >> 11;
1056 if (n > (IDE_DMA_BUF_SECTORS / 4))
1057 n = (IDE_DMA_BUF_SECTORS / 4);
1058 s->io_buffer_size = n * 2048;
1059 data_offset = 0;
1060 }
1061 #ifdef DEBUG_AIO
1062 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
1063 #endif
1064 bm->iov.iov_base = (void *)(s->io_buffer + data_offset);
1065 bm->iov.iov_len = n * 4 * 512;
1066 qemu_iovec_init_external(&bm->qiov, &bm->iov, 1);
1067 bm->aiocb = bdrv_aio_readv(s->bs, (int64_t)s->lba << 2, &bm->qiov,
1068 n * 4, ide_atapi_cmd_read_dma_cb, bm);
1069 if (!bm->aiocb) {
1070 /* Note: media not present is the most likely case */
1071 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1072 ASC_MEDIUM_NOT_PRESENT);
1073 goto eot;
1074 }
1075 }
1076
1077 /* start a CD-CDROM read command with DMA */
1078 /* XXX: test if DMA is available */
1079 static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1080 int sector_size)
1081 {
1082 s->lba = lba;
1083 s->packet_transfer_size = nb_sectors * sector_size;
1084 s->io_buffer_index = 0;
1085 s->io_buffer_size = 0;
1086 s->cd_sector_size = sector_size;
1087
1088 /* XXX: check if BUSY_STAT should be set */
1089 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
1090 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1091 }
1092
1093 static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
1094 int sector_size)
1095 {
1096 #ifdef DEBUG_IDE_ATAPI
1097 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
1098 lba, nb_sectors);
1099 #endif
1100 if (s->atapi_dma) {
1101 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1102 } else {
1103 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1104 }
1105 }
1106
1107 static inline uint8_t ide_atapi_set_profile(uint8_t *buf, uint8_t *index,
1108 uint16_t profile)
1109 {
1110 uint8_t *buf_profile = buf + 12; /* start of profiles */
1111
1112 buf_profile += ((*index) * 4); /* start of indexed profile */
1113 cpu_to_ube16 (buf_profile, profile);
1114 buf_profile[2] = ((buf_profile[0] == buf[6]) && (buf_profile[1] == buf[7]));
1115
1116 /* each profile adds 4 bytes to the response */
1117 (*index)++;
1118 buf[11] += 4; /* Additional Length */
1119
1120 return 4;
1121 }
1122
1123 static int ide_dvd_read_structure(IDEState *s, int format,
1124 const uint8_t *packet, uint8_t *buf)
1125 {
1126 switch (format) {
1127 case 0x0: /* Physical format information */
1128 {
1129 int layer = packet[6];
1130 uint64_t total_sectors;
1131
1132 if (layer != 0)
1133 return -ASC_INV_FIELD_IN_CMD_PACKET;
1134
1135 bdrv_get_geometry(s->bs, &total_sectors);
1136 total_sectors >>= 2;
1137 if (total_sectors == 0)
1138 return -ASC_MEDIUM_NOT_PRESENT;
1139
1140 buf[4] = 1; /* DVD-ROM, part version 1 */
1141 buf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
1142 buf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
1143 buf[7] = 0; /* default densities */
1144
1145 /* FIXME: 0x30000 per spec? */
1146 cpu_to_ube32(buf + 8, 0); /* start sector */
1147 cpu_to_ube32(buf + 12, total_sectors - 1); /* end sector */
1148 cpu_to_ube32(buf + 16, total_sectors - 1); /* l0 end sector */
1149
1150 /* Size of buffer, not including 2 byte size field */
1151 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1152
1153 /* 2k data + 4 byte header */
1154 return (2048 + 4);
1155 }
1156
1157 case 0x01: /* DVD copyright information */
1158 buf[4] = 0; /* no copyright data */
1159 buf[5] = 0; /* no region restrictions */
1160
1161 /* Size of buffer, not including 2 byte size field */
1162 cpu_to_be16wu((uint16_t *)buf, 4 + 2);
1163
1164 /* 4 byte header + 4 byte data */
1165 return (4 + 4);
1166
1167 case 0x03: /* BCA information - invalid field for no BCA info */
1168 return -ASC_INV_FIELD_IN_CMD_PACKET;
1169
1170 case 0x04: /* DVD disc manufacturing information */
1171 /* Size of buffer, not including 2 byte size field */
1172 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1173
1174 /* 2k data + 4 byte header */
1175 return (2048 + 4);
1176
1177 case 0xff:
1178 /*
1179 * This lists all the command capabilities above. Add new ones
1180 * in order and update the length and buffer return values.
1181 */
1182
1183 buf[4] = 0x00; /* Physical format */
1184 buf[5] = 0x40; /* Not writable, is readable */
1185 cpu_to_be16wu((uint16_t *)(buf + 6), 2048 + 4);
1186
1187 buf[8] = 0x01; /* Copyright info */
1188 buf[9] = 0x40; /* Not writable, is readable */
1189 cpu_to_be16wu((uint16_t *)(buf + 10), 4 + 4);
1190
1191 buf[12] = 0x03; /* BCA info */
1192 buf[13] = 0x40; /* Not writable, is readable */
1193 cpu_to_be16wu((uint16_t *)(buf + 14), 188 + 4);
1194
1195 buf[16] = 0x04; /* Manufacturing info */
1196 buf[17] = 0x40; /* Not writable, is readable */
1197 cpu_to_be16wu((uint16_t *)(buf + 18), 2048 + 4);
1198
1199 /* Size of buffer, not including 2 byte size field */
1200 cpu_to_be16wu((uint16_t *)buf, 16 + 2);
1201
1202 /* data written + 4 byte header */
1203 return (16 + 4);
1204
1205 default: /* TODO: formats beyond DVD-ROM requires */
1206 return -ASC_INV_FIELD_IN_CMD_PACKET;
1207 }
1208 }
1209
1210 static void ide_atapi_cmd(IDEState *s)
1211 {
1212 const uint8_t *packet;
1213 uint8_t *buf;
1214 int max_len;
1215
1216 packet = s->io_buffer;
1217 buf = s->io_buffer;
1218 #ifdef DEBUG_IDE_ATAPI
1219 {
1220 int i;
1221 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1222 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1223 printf(" %02x", packet[i]);
1224 }
1225 printf("\n");
1226 }
1227 #endif
1228 /* If there's a UNIT_ATTENTION condition pending, only
1229 REQUEST_SENSE and INQUIRY commands are allowed to complete. */
1230 if (s->sense_key == SENSE_UNIT_ATTENTION &&
1231 s->io_buffer[0] != GPCMD_REQUEST_SENSE &&
1232 s->io_buffer[0] != GPCMD_INQUIRY) {
1233 ide_atapi_cmd_check_status(s);
1234 return;
1235 }
1236 switch(s->io_buffer[0]) {
1237 case GPCMD_TEST_UNIT_READY:
1238 if (bdrv_is_inserted(s->bs) && !s->cdrom_changed) {
1239 ide_atapi_cmd_ok(s);
1240 } else {
1241 s->cdrom_changed = 0;
1242 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1243 ASC_MEDIUM_NOT_PRESENT);
1244 }
1245 break;
1246 case GPCMD_MODE_SENSE_6:
1247 case GPCMD_MODE_SENSE_10:
1248 {
1249 int action, code;
1250 if (packet[0] == GPCMD_MODE_SENSE_10)
1251 max_len = ube16_to_cpu(packet + 7);
1252 else
1253 max_len = packet[4];
1254 action = packet[2] >> 6;
1255 code = packet[2] & 0x3f;
1256 switch(action) {
1257 case 0: /* current values */
1258 switch(code) {
1259 case GPMODE_R_W_ERROR_PAGE: /* error recovery */
1260 cpu_to_ube16(&buf[0], 16 + 6);
1261 buf[2] = 0x70;
1262 buf[3] = 0;
1263 buf[4] = 0;
1264 buf[5] = 0;
1265 buf[6] = 0;
1266 buf[7] = 0;
1267
1268 buf[8] = 0x01;
1269 buf[9] = 0x06;
1270 buf[10] = 0x00;
1271 buf[11] = 0x05;
1272 buf[12] = 0x00;
1273 buf[13] = 0x00;
1274 buf[14] = 0x00;
1275 buf[15] = 0x00;
1276 ide_atapi_cmd_reply(s, 16, max_len);
1277 break;
1278 case GPMODE_AUDIO_CTL_PAGE:
1279 cpu_to_ube16(&buf[0], 24 + 6);
1280 buf[2] = 0x70;
1281 buf[3] = 0;
1282 buf[4] = 0;
1283 buf[5] = 0;
1284 buf[6] = 0;
1285 buf[7] = 0;
1286
1287 /* Fill with CDROM audio volume */
1288 buf[17] = 0;
1289 buf[19] = 0;
1290 buf[21] = 0;
1291 buf[23] = 0;
1292
1293 ide_atapi_cmd_reply(s, 24, max_len);
1294 break;
1295 case GPMODE_CAPABILITIES_PAGE:
1296 cpu_to_ube16(&buf[0], 28 + 6);
1297 buf[2] = 0x70;
1298 buf[3] = 0;
1299 buf[4] = 0;
1300 buf[5] = 0;
1301 buf[6] = 0;
1302 buf[7] = 0;
1303
1304 buf[8] = 0x2a;
1305 buf[9] = 0x12;
1306 buf[10] = 0x00;
1307 buf[11] = 0x00;
1308
1309 /* Claim PLAY_AUDIO capability (0x01) since some Linux
1310 code checks for this to automount media. */
1311 buf[12] = 0x71;
1312 buf[13] = 3 << 5;
1313 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
1314 if (bdrv_is_locked(s->bs))
1315 buf[6] |= 1 << 1;
1316 buf[15] = 0x00;
1317 cpu_to_ube16(&buf[16], 706);
1318 buf[18] = 0;
1319 buf[19] = 2;
1320 cpu_to_ube16(&buf[20], 512);
1321 cpu_to_ube16(&buf[22], 706);
1322 buf[24] = 0;
1323 buf[25] = 0;
1324 buf[26] = 0;
1325 buf[27] = 0;
1326 ide_atapi_cmd_reply(s, 28, max_len);
1327 break;
1328 default:
1329 goto error_cmd;
1330 }
1331 break;
1332 case 1: /* changeable values */
1333 goto error_cmd;
1334 case 2: /* default values */
1335 goto error_cmd;
1336 default:
1337 case 3: /* saved values */
1338 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1339 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1340 break;
1341 }
1342 }
1343 break;
1344 case GPCMD_REQUEST_SENSE:
1345 max_len = packet[4];
1346 memset(buf, 0, 18);
1347 buf[0] = 0x70 | (1 << 7);
1348 buf[2] = s->sense_key;
1349 buf[7] = 10;
1350 buf[12] = s->asc;
1351 if (s->sense_key == SENSE_UNIT_ATTENTION)
1352 s->sense_key = SENSE_NONE;
1353 ide_atapi_cmd_reply(s, 18, max_len);
1354 break;
1355 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
1356 if (bdrv_is_inserted(s->bs)) {
1357 bdrv_set_locked(s->bs, packet[4] & 1);
1358 ide_atapi_cmd_ok(s);
1359 } else {
1360 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1361 ASC_MEDIUM_NOT_PRESENT);
1362 }
1363 break;
1364 case GPCMD_READ_10:
1365 case GPCMD_READ_12:
1366 {
1367 int nb_sectors, lba;
1368
1369 if (packet[0] == GPCMD_READ_10)
1370 nb_sectors = ube16_to_cpu(packet + 7);
1371 else
1372 nb_sectors = ube32_to_cpu(packet + 6);
1373 lba = ube32_to_cpu(packet + 2);
1374 if (nb_sectors == 0) {
1375 ide_atapi_cmd_ok(s);
1376 break;
1377 }
1378 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1379 }
1380 break;
1381 case GPCMD_READ_CD:
1382 {
1383 int nb_sectors, lba, transfer_request;
1384
1385 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1386 lba = ube32_to_cpu(packet + 2);
1387 if (nb_sectors == 0) {
1388 ide_atapi_cmd_ok(s);
1389 break;
1390 }
1391 transfer_request = packet[9];
1392 switch(transfer_request & 0xf8) {
1393 case 0x00:
1394 /* nothing */
1395 ide_atapi_cmd_ok(s);
1396 break;
1397 case 0x10:
1398 /* normal read */
1399 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1400 break;
1401 case 0xf8:
1402 /* read all data */
1403 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1404 break;
1405 default:
1406 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1407 ASC_INV_FIELD_IN_CMD_PACKET);
1408 break;
1409 }
1410 }
1411 break;
1412 case GPCMD_SEEK:
1413 {
1414 unsigned int lba;
1415 uint64_t total_sectors;
1416
1417 bdrv_get_geometry(s->bs, &total_sectors);
1418 total_sectors >>= 2;
1419 if (total_sectors == 0) {
1420 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1421 ASC_MEDIUM_NOT_PRESENT);
1422 break;
1423 }
1424 lba = ube32_to_cpu(packet + 2);
1425 if (lba >= total_sectors) {
1426 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1427 ASC_LOGICAL_BLOCK_OOR);
1428 break;
1429 }
1430 ide_atapi_cmd_ok(s);
1431 }
1432 break;
1433 case GPCMD_START_STOP_UNIT:
1434 {
1435 int start, eject, err = 0;
1436 start = packet[4] & 1;
1437 eject = (packet[4] >> 1) & 1;
1438
1439 if (eject) {
1440 err = bdrv_eject(s->bs, !start);
1441 }
1442
1443 switch (err) {
1444 case 0:
1445 ide_atapi_cmd_ok(s);
1446 break;
1447 case -EBUSY:
1448 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1449 ASC_MEDIA_REMOVAL_PREVENTED);
1450 break;
1451 default:
1452 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1453 ASC_MEDIUM_NOT_PRESENT);
1454 break;
1455 }
1456 }
1457 break;
1458 case GPCMD_MECHANISM_STATUS:
1459 {
1460 max_len = ube16_to_cpu(packet + 8);
1461 cpu_to_ube16(buf, 0);
1462 /* no current LBA */
1463 buf[2] = 0;
1464 buf[3] = 0;
1465 buf[4] = 0;
1466 buf[5] = 1;
1467 cpu_to_ube16(buf + 6, 0);
1468 ide_atapi_cmd_reply(s, 8, max_len);
1469 }
1470 break;
1471 case GPCMD_READ_TOC_PMA_ATIP:
1472 {
1473 int format, msf, start_track, len;
1474 uint64_t total_sectors;
1475
1476 bdrv_get_geometry(s->bs, &total_sectors);
1477 total_sectors >>= 2;
1478 if (total_sectors == 0) {
1479 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1480 ASC_MEDIUM_NOT_PRESENT);
1481 break;
1482 }
1483 max_len = ube16_to_cpu(packet + 7);
1484 format = packet[9] >> 6;
1485 msf = (packet[1] >> 1) & 1;
1486 start_track = packet[6];
1487 switch(format) {
1488 case 0:
1489 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
1490 if (len < 0)
1491 goto error_cmd;
1492 ide_atapi_cmd_reply(s, len, max_len);
1493 break;
1494 case 1:
1495 /* multi session : only a single session defined */
1496 memset(buf, 0, 12);
1497 buf[1] = 0x0a;
1498 buf[2] = 0x01;
1499 buf[3] = 0x01;
1500 ide_atapi_cmd_reply(s, 12, max_len);
1501 break;
1502 case 2:
1503 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
1504 if (len < 0)
1505 goto error_cmd;
1506 ide_atapi_cmd_reply(s, len, max_len);
1507 break;
1508 default:
1509 error_cmd:
1510 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1511 ASC_INV_FIELD_IN_CMD_PACKET);
1512 break;
1513 }
1514 }
1515 break;
1516 case GPCMD_READ_CDVD_CAPACITY:
1517 {
1518 uint64_t total_sectors;
1519
1520 bdrv_get_geometry(s->bs, &total_sectors);
1521 total_sectors >>= 2;
1522 if (total_sectors == 0) {
1523 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1524 ASC_MEDIUM_NOT_PRESENT);
1525 break;
1526 }
1527 /* NOTE: it is really the number of sectors minus 1 */
1528 cpu_to_ube32(buf, total_sectors - 1);
1529 cpu_to_ube32(buf + 4, 2048);
1530 ide_atapi_cmd_reply(s, 8, 8);
1531 }
1532 break;
1533 case GPCMD_READ_DVD_STRUCTURE:
1534 {
1535 int media = packet[1];
1536 int format = packet[7];
1537 int ret;
1538
1539 max_len = ube16_to_cpu(packet + 8);
1540
1541 if (format < 0xff) {
1542 if (media_is_cd(s)) {
1543 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1544 ASC_INCOMPATIBLE_FORMAT);
1545 break;
1546 } else if (!media_present(s)) {
1547 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1548 ASC_INV_FIELD_IN_CMD_PACKET);
1549 break;
1550 }
1551 }
1552
1553 memset(buf, 0, max_len > IDE_DMA_BUF_SECTORS * 512 + 4 ?
1554 IDE_DMA_BUF_SECTORS * 512 + 4 : max_len);
1555
1556 switch (format) {
1557 case 0x00 ... 0x7f:
1558 case 0xff:
1559 if (media == 0) {
1560 ret = ide_dvd_read_structure(s, format, packet, buf);
1561
1562 if (ret < 0)
1563 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, -ret);
1564 else
1565 ide_atapi_cmd_reply(s, ret, max_len);
1566
1567 break;
1568 }
1569 /* TODO: BD support, fall through for now */
1570
1571 /* Generic disk structures */
1572 case 0x80: /* TODO: AACS volume identifier */
1573 case 0x81: /* TODO: AACS media serial number */
1574 case 0x82: /* TODO: AACS media identifier */
1575 case 0x83: /* TODO: AACS media key block */
1576 case 0x90: /* TODO: List of recognized format layers */
1577 case 0xc0: /* TODO: Write protection status */
1578 default:
1579 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1580 ASC_INV_FIELD_IN_CMD_PACKET);
1581 break;
1582 }
1583 }
1584 break;
1585 case GPCMD_SET_SPEED:
1586 ide_atapi_cmd_ok(s);
1587 break;
1588 case GPCMD_INQUIRY:
1589 max_len = packet[4];
1590 buf[0] = 0x05; /* CD-ROM */
1591 buf[1] = 0x80; /* removable */
1592 buf[2] = 0x00; /* ISO */
1593 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1594 buf[4] = 31; /* additional length */
1595 buf[5] = 0; /* reserved */
1596 buf[6] = 0; /* reserved */
1597 buf[7] = 0; /* reserved */
1598 padstr8(buf + 8, 8, "QEMU");
1599 padstr8(buf + 16, 16, "QEMU DVD-ROM");
1600 padstr8(buf + 32, 4, s->version);
1601 ide_atapi_cmd_reply(s, 36, max_len);
1602 break;
1603 case GPCMD_GET_CONFIGURATION:
1604 {
1605 uint32_t len;
1606 uint8_t index = 0;
1607
1608 /* only feature 0 is supported */
1609 if (packet[2] != 0 || packet[3] != 0) {
1610 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1611 ASC_INV_FIELD_IN_CMD_PACKET);
1612 break;
1613 }
1614
1615 /* XXX: could result in alignment problems in some architectures */
1616 max_len = ube16_to_cpu(packet + 7);
1617
1618 /*
1619 * XXX: avoid overflow for io_buffer if max_len is bigger than
1620 * the size of that buffer (dimensioned to max number of
1621 * sectors to transfer at once)
1622 *
1623 * Only a problem if the feature/profiles grow.
1624 */
1625 if (max_len > 512) /* XXX: assume 1 sector */
1626 max_len = 512;
1627
1628 memset(buf, 0, max_len);
1629 /*
1630 * the number of sectors from the media tells us which profile
1631 * to use as current. 0 means there is no media
1632 */
1633 if (media_is_dvd(s))
1634 cpu_to_ube16(buf + 6, MMC_PROFILE_DVD_ROM);
1635 else if (media_is_cd(s))
1636 cpu_to_ube16(buf + 6, MMC_PROFILE_CD_ROM);
1637
1638 buf[10] = 0x02 | 0x01; /* persistent and current */
1639 len = 12; /* headers: 8 + 4 */
1640 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_DVD_ROM);
1641 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_CD_ROM);
1642 cpu_to_ube32(buf, len - 4); /* data length */
1643
1644 ide_atapi_cmd_reply(s, len, max_len);
1645 break;
1646 }
1647 default:
1648 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1649 ASC_ILLEGAL_OPCODE);
1650 break;
1651 }
1652 }
1653
1654 static void ide_cfata_metadata_inquiry(IDEState *s)
1655 {
1656 uint16_t *p;
1657 uint32_t spd;
1658
1659 p = (uint16_t *) s->io_buffer;
1660 memset(p, 0, 0x200);
1661 spd = ((s->mdata_size - 1) >> 9) + 1;
1662
1663 put_le16(p + 0, 0x0001); /* Data format revision */
1664 put_le16(p + 1, 0x0000); /* Media property: silicon */
1665 put_le16(p + 2, s->media_changed); /* Media status */
1666 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
1667 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
1668 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
1669 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
1670 }
1671
1672 static void ide_cfata_metadata_read(IDEState *s)
1673 {
1674 uint16_t *p;
1675
1676 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1677 s->status = ERR_STAT;
1678 s->error = ABRT_ERR;
1679 return;
1680 }
1681
1682 p = (uint16_t *) s->io_buffer;
1683 memset(p, 0, 0x200);
1684
1685 put_le16(p + 0, s->media_changed); /* Media status */
1686 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1687 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1688 s->nsector << 9), 0x200 - 2));
1689 }
1690
1691 static void ide_cfata_metadata_write(IDEState *s)
1692 {
1693 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1694 s->status = ERR_STAT;
1695 s->error = ABRT_ERR;
1696 return;
1697 }
1698
1699 s->media_changed = 0;
1700
1701 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1702 s->io_buffer + 2,
1703 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1704 s->nsector << 9), 0x200 - 2));
1705 }
1706
1707 /* called when the inserted state of the media has changed */
1708 static void cdrom_change_cb(void *opaque)
1709 {
1710 IDEState *s = opaque;
1711 uint64_t nb_sectors;
1712
1713 bdrv_get_geometry(s->bs, &nb_sectors);
1714 s->nb_sectors = nb_sectors;
1715
1716 s->sense_key = SENSE_UNIT_ATTENTION;
1717 s->asc = ASC_MEDIUM_MAY_HAVE_CHANGED;
1718 s->cdrom_changed = 1;
1719 ide_set_irq(s->bus);
1720 }
1721
1722 static void ide_cmd_lba48_transform(IDEState *s, int lba48)
1723 {
1724 s->lba48 = lba48;
1725
1726 /* handle the 'magic' 0 nsector count conversion here. to avoid
1727 * fiddling with the rest of the read logic, we just store the
1728 * full sector count in ->nsector and ignore ->hob_nsector from now
1729 */
1730 if (!s->lba48) {
1731 if (!s->nsector)
1732 s->nsector = 256;
1733 } else {
1734 if (!s->nsector && !s->hob_nsector)
1735 s->nsector = 65536;
1736 else {
1737 int lo = s->nsector;
1738 int hi = s->hob_nsector;
1739
1740 s->nsector = (hi << 8) | lo;
1741 }
1742 }
1743 }
1744
1745 static void ide_clear_hob(IDEBus *bus)
1746 {
1747 /* any write clears HOB high bit of device control register */
1748 bus->ifs[0].select &= ~(1 << 7);
1749 bus->ifs[1].select &= ~(1 << 7);
1750 }
1751
1752 void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
1753 {
1754 IDEBus *bus = opaque;
1755 IDEState *s;
1756 int n;
1757 int lba48 = 0;
1758
1759 #ifdef DEBUG_IDE
1760 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1761 #endif
1762
1763 addr &= 7;
1764
1765 /* ignore writes to command block while busy with previous command */
1766 if (addr != 7 && (idebus_active_if(bus)->status & (BUSY_STAT|DRQ_STAT)))
1767 return;
1768
1769 switch(addr) {
1770 case 0:
1771 break;
1772 case 1:
1773 ide_clear_hob(bus);
1774 /* NOTE: data is written to the two drives */
1775 bus->ifs[0].hob_feature = bus->ifs[0].feature;
1776 bus->ifs[1].hob_feature = bus->ifs[1].feature;
1777 bus->ifs[0].feature = val;
1778 bus->ifs[1].feature = val;
1779 break;
1780 case 2:
1781 ide_clear_hob(bus);
1782 bus->ifs[0].hob_nsector = bus->ifs[0].nsector;
1783 bus->ifs[1].hob_nsector = bus->ifs[1].nsector;
1784 bus->ifs[0].nsector = val;
1785 bus->ifs[1].nsector = val;
1786 break;
1787 case 3:
1788 ide_clear_hob(bus);
1789 bus->ifs[0].hob_sector = bus->ifs[0].sector;
1790 bus->ifs[1].hob_sector = bus->ifs[1].sector;
1791 bus->ifs[0].sector = val;
1792 bus->ifs[1].sector = val;
1793 break;
1794 case 4:
1795 ide_clear_hob(bus);
1796 bus->ifs[0].hob_lcyl = bus->ifs[0].lcyl;
1797 bus->ifs[1].hob_lcyl = bus->ifs[1].lcyl;
1798 bus->ifs[0].lcyl = val;
1799 bus->ifs[1].lcyl = val;
1800 break;
1801 case 5:
1802 ide_clear_hob(bus);
1803 bus->ifs[0].hob_hcyl = bus->ifs[0].hcyl;
1804 bus->ifs[1].hob_hcyl = bus->ifs[1].hcyl;
1805 bus->ifs[0].hcyl = val;
1806 bus->ifs[1].hcyl = val;
1807 break;
1808 case 6:
1809 /* FIXME: HOB readback uses bit 7 */
1810 bus->ifs[0].select = (val & ~0x10) | 0xa0;
1811 bus->ifs[1].select = (val | 0x10) | 0xa0;
1812 /* select drive */
1813 bus->unit = (val >> 4) & 1;
1814 break;
1815 default:
1816 case 7:
1817 /* command */
1818 #if defined(DEBUG_IDE)
1819 printf("ide: CMD=%02x\n", val);
1820 #endif
1821 s = idebus_active_if(bus);
1822 /* ignore commands to non existant slave */
1823 if (s != bus->ifs && !s->bs)
1824 break;
1825
1826 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */
1827 if ((s->status & (BUSY_STAT|DRQ_STAT)) && val != WIN_DEVICE_RESET)
1828 break;
1829
1830 switch(val) {
1831 case WIN_IDENTIFY:
1832 if (s->bs && !s->is_cdrom) {
1833 if (!s->is_cf)
1834 ide_identify(s);
1835 else
1836 ide_cfata_identify(s);
1837 s->status = READY_STAT | SEEK_STAT;
1838 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1839 } else {
1840 if (s->is_cdrom) {
1841 ide_set_signature(s);
1842 }
1843 ide_abort_command(s);
1844 }
1845 ide_set_irq(s->bus);
1846 break;
1847 case WIN_SPECIFY:
1848 case WIN_RECAL:
1849 s->error = 0;
1850 s->status = READY_STAT | SEEK_STAT;
1851 ide_set_irq(s->bus);
1852 break;
1853 case WIN_SETMULT:
1854 if (s->is_cf && s->nsector == 0) {
1855 /* Disable Read and Write Multiple */
1856 s->mult_sectors = 0;
1857 s->status = READY_STAT | SEEK_STAT;
1858 } else if ((s->nsector & 0xff) != 0 &&
1859 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
1860 (s->nsector & (s->nsector - 1)) != 0)) {
1861 ide_abort_command(s);
1862 } else {
1863 s->mult_sectors = s->nsector & 0xff;
1864 s->status = READY_STAT | SEEK_STAT;
1865 }
1866 ide_set_irq(s->bus);
1867 break;
1868 case WIN_VERIFY_EXT:
1869 lba48 = 1;
1870 case WIN_VERIFY:
1871 case WIN_VERIFY_ONCE:
1872 /* do sector number check ? */
1873 ide_cmd_lba48_transform(s, lba48);
1874 s->status = READY_STAT | SEEK_STAT;
1875 ide_set_irq(s->bus);
1876 break;
1877 case WIN_READ_EXT:
1878 lba48 = 1;
1879 case WIN_READ:
1880 case WIN_READ_ONCE:
1881 if (!s->bs)
1882 goto abort_cmd;
1883 ide_cmd_lba48_transform(s, lba48);
1884 s->req_nb_sectors = 1;
1885 ide_sector_read(s);
1886 break;
1887 case WIN_WRITE_EXT:
1888 lba48 = 1;
1889 case WIN_WRITE:
1890 case WIN_WRITE_ONCE:
1891 case CFA_WRITE_SECT_WO_ERASE:
1892 case WIN_WRITE_VERIFY:
1893 ide_cmd_lba48_transform(s, lba48);
1894 s->error = 0;
1895 s->status = SEEK_STAT | READY_STAT;
1896 s->req_nb_sectors = 1;
1897 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1898 s->media_changed = 1;
1899 break;
1900 case WIN_MULTREAD_EXT:
1901 lba48 = 1;
1902 case WIN_MULTREAD:
1903 if (!s->mult_sectors)
1904 goto abort_cmd;
1905 ide_cmd_lba48_transform(s, lba48);
1906 s->req_nb_sectors = s->mult_sectors;
1907 ide_sector_read(s);
1908 break;
1909 case WIN_MULTWRITE_EXT:
1910 lba48 = 1;
1911 case WIN_MULTWRITE:
1912 case CFA_WRITE_MULTI_WO_ERASE:
1913 if (!s->mult_sectors)
1914 goto abort_cmd;
1915 ide_cmd_lba48_transform(s, lba48);
1916 s->error = 0;
1917 s->status = SEEK_STAT | READY_STAT;
1918 s->req_nb_sectors = s->mult_sectors;
1919 n = s->nsector;
1920 if (n > s->req_nb_sectors)
1921 n = s->req_nb_sectors;
1922 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1923 s->media_changed = 1;
1924 break;
1925 case WIN_READDMA_EXT:
1926 lba48 = 1;
1927 case WIN_READDMA:
1928 case WIN_READDMA_ONCE:
1929 if (!s->bs)
1930 goto abort_cmd;
1931 ide_cmd_lba48_transform(s, lba48);
1932 ide_sector_read_dma(s);
1933 break;
1934 case WIN_WRITEDMA_EXT:
1935 lba48 = 1;
1936 case WIN_WRITEDMA:
1937 case WIN_WRITEDMA_ONCE:
1938 if (!s->bs)
1939 goto abort_cmd;
1940 ide_cmd_lba48_transform(s, lba48);
1941 ide_sector_write_dma(s);
1942 s->media_changed = 1;
1943 break;
1944 case WIN_READ_NATIVE_MAX_EXT:
1945 lba48 = 1;
1946 case WIN_READ_NATIVE_MAX:
1947 ide_cmd_lba48_transform(s, lba48);
1948 ide_set_sector(s, s->nb_sectors - 1);
1949 s->status = READY_STAT | SEEK_STAT;
1950 ide_set_irq(s->bus);
1951 break;
1952 case WIN_CHECKPOWERMODE1:
1953 case WIN_CHECKPOWERMODE2:
1954 s->nsector = 0xff; /* device active or idle */
1955 s->status = READY_STAT | SEEK_STAT;
1956 ide_set_irq(s->bus);
1957 break;
1958 case WIN_SETFEATURES:
1959 if (!s->bs)
1960 goto abort_cmd;
1961 /* XXX: valid for CDROM ? */
1962 switch(s->feature) {
1963 case 0xcc: /* reverting to power-on defaults enable */
1964 case 0x66: /* reverting to power-on defaults disable */
1965 case 0x02: /* write cache enable */
1966 case 0x82: /* write cache disable */
1967 case 0xaa: /* read look-ahead enable */
1968 case 0x55: /* read look-ahead disable */
1969 case 0x05: /* set advanced power management mode */
1970 case 0x85: /* disable advanced power management mode */
1971 case 0x69: /* NOP */
1972 case 0x67: /* NOP */
1973 case 0x96: /* NOP */
1974 case 0x9a: /* NOP */
1975 case 0x42: /* enable Automatic Acoustic Mode */
1976 case 0xc2: /* disable Automatic Acoustic Mode */
1977 s->status = READY_STAT | SEEK_STAT;
1978 ide_set_irq(s->bus);
1979 break;
1980 case 0x03: { /* set transfer mode */
1981 uint8_t val = s->nsector & 0x07;
1982 uint16_t *identify_data = (uint16_t *)s->identify_data;
1983
1984 switch (s->nsector >> 3) {
1985 case 0x00: /* pio default */
1986 case 0x01: /* pio mode */
1987 put_le16(identify_data + 62,0x07);
1988 put_le16(identify_data + 63,0x07);
1989 put_le16(identify_data + 88,0x3f);
1990 break;
1991 case 0x02: /* sigle word dma mode*/
1992 put_le16(identify_data + 62,0x07 | (1 << (val + 8)));
1993 put_le16(identify_data + 63,0x07);
1994 put_le16(identify_data + 88,0x3f);
1995 break;
1996 case 0x04: /* mdma mode */
1997 put_le16(identify_data + 62,0x07);
1998 put_le16(identify_data + 63,0x07 | (1 << (val + 8)));
1999 put_le16(identify_data + 88,0x3f);
2000 break;
2001 case 0x08: /* udma mode */
2002 put_le16(identify_data + 62,0x07);
2003 put_le16(identify_data + 63,0x07);
2004 put_le16(identify_data + 88,0x3f | (1 << (val + 8)));
2005 break;
2006 default:
2007 goto abort_cmd;
2008 }
2009 s->status = READY_STAT | SEEK_STAT;
2010 ide_set_irq(s->bus);
2011 break;
2012 }
2013 default:
2014 goto abort_cmd;
2015 }
2016 break;
2017 case WIN_FLUSH_CACHE:
2018 case WIN_FLUSH_CACHE_EXT:
2019 if (s->bs)
2020 bdrv_aio_flush(s->bs, ide_flush_cb, s);
2021 else
2022 ide_flush_cb(s, 0);
2023 break;
2024 case WIN_STANDBY:
2025 case WIN_STANDBY2:
2026 case WIN_STANDBYNOW1:
2027 case WIN_STANDBYNOW2:
2028 case WIN_IDLEIMMEDIATE:
2029 case CFA_IDLEIMMEDIATE:
2030 case WIN_SETIDLE1:
2031 case WIN_SETIDLE2:
2032 case WIN_SLEEPNOW1:
2033 case WIN_SLEEPNOW2:
2034 s->status = READY_STAT;
2035 ide_set_irq(s->bus);
2036 break;
2037 case WIN_SEEK:
2038 if(s->is_cdrom)
2039 goto abort_cmd;
2040 /* XXX: Check that seek is within bounds */
2041 s->status = READY_STAT | SEEK_STAT;
2042 ide_set_irq(s->bus);
2043 break;
2044 /* ATAPI commands */
2045 case WIN_PIDENTIFY:
2046 if (s->is_cdrom) {
2047 ide_atapi_identify(s);
2048 s->status = READY_STAT | SEEK_STAT;
2049 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2050 } else {
2051 ide_abort_command(s);
2052 }
2053 ide_set_irq(s->bus);
2054 break;
2055 case WIN_DIAGNOSE:
2056 ide_set_signature(s);
2057 if (s->is_cdrom)
2058 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet
2059 * devices to return a clear status register
2060 * with READY_STAT *not* set. */
2061 else
2062 s->status = READY_STAT | SEEK_STAT;
2063 s->error = 0x01; /* Device 0 passed, Device 1 passed or not
2064 * present.
2065 */
2066 ide_set_irq(s->bus);
2067 break;
2068 case WIN_SRST:
2069 if (!s->is_cdrom)
2070 goto abort_cmd;
2071 ide_set_signature(s);
2072 s->status = 0x00; /* NOTE: READY is _not_ set */
2073 s->error = 0x01;
2074 break;
2075 case WIN_PACKETCMD:
2076 if (!s->is_cdrom)
2077 goto abort_cmd;
2078 /* overlapping commands not supported */
2079 if (s->feature & 0x02)
2080 goto abort_cmd;
2081 s->status = READY_STAT | SEEK_STAT;
2082 s->atapi_dma = s->feature & 1;
2083 s->nsector = 1;
2084 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
2085 ide_atapi_cmd);
2086 break;
2087 /* CF-ATA commands */
2088 case CFA_REQ_EXT_ERROR_CODE:
2089 if (!s->is_cf)
2090 goto abort_cmd;
2091 s->error = 0x09; /* miscellaneous error */
2092 s->status = READY_STAT | SEEK_STAT;
2093 ide_set_irq(s->bus);
2094 break;
2095 case CFA_ERASE_SECTORS:
2096 case CFA_WEAR_LEVEL:
2097 if (!s->is_cf)
2098 goto abort_cmd;
2099 if (val == CFA_WEAR_LEVEL)
2100 s->nsector = 0;
2101 if (val == CFA_ERASE_SECTORS)
2102 s->media_changed = 1;
2103 s->error = 0x00;
2104 s->status = READY_STAT | SEEK_STAT;
2105 ide_set_irq(s->bus);
2106 break;
2107 case CFA_TRANSLATE_SECTOR:
2108 if (!s->is_cf)
2109 goto abort_cmd;
2110 s->error = 0x00;
2111 s->status = READY_STAT | SEEK_STAT;
2112 memset(s->io_buffer, 0, 0x200);
2113 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
2114 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
2115 s->io_buffer[0x02] = s->select; /* Head */
2116 s->io_buffer[0x03] = s->sector; /* Sector */
2117 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
2118 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
2119 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
2120 s->io_buffer[0x13] = 0x00; /* Erase flag */
2121 s->io_buffer[0x18] = 0x00; /* Hot count */
2122 s->io_buffer[0x19] = 0x00; /* Hot count */
2123 s->io_buffer[0x1a] = 0x01; /* Hot count */
2124 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2125 ide_set_irq(s->bus);
2126 break;
2127 case CFA_ACCESS_METADATA_STORAGE:
2128 if (!s->is_cf)
2129 goto abort_cmd;
2130 switch (s->feature) {
2131 case 0x02: /* Inquiry Metadata Storage */
2132 ide_cfata_metadata_inquiry(s);
2133 break;
2134 case 0x03: /* Read Metadata Storage */
2135 ide_cfata_metadata_read(s);
2136 break;
2137 case 0x04: /* Write Metadata Storage */
2138 ide_cfata_metadata_write(s);
2139 break;
2140 default:
2141 goto abort_cmd;
2142 }
2143 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2144 s->status = 0x00; /* NOTE: READY is _not_ set */
2145 ide_set_irq(s->bus);
2146 break;
2147 case IBM_SENSE_CONDITION:
2148 if (!s->is_cf)
2149 goto abort_cmd;
2150 switch (s->feature) {
2151 case 0x01: /* sense temperature in device */
2152 s->nsector = 0x50; /* +20 C */
2153 break;
2154 default:
2155 goto abort_cmd;
2156 }
2157 s->status = READY_STAT | SEEK_STAT;
2158 ide_set_irq(s->bus);
2159 break;
2160
2161 case WIN_SMART:
2162 if (s->is_cdrom)
2163 goto abort_cmd;
2164 if (s->hcyl != 0xc2 || s->lcyl != 0x4f)
2165 goto abort_cmd;
2166 if (!s->smart_enabled && s->feature != SMART_ENABLE)
2167 goto abort_cmd;
2168 switch (s->feature) {
2169 case SMART_DISABLE:
2170 s->smart_enabled = 0;
2171 s->status = READY_STAT | SEEK_STAT;
2172 ide_set_irq(s->bus);
2173 break;
2174 case SMART_ENABLE:
2175 s->smart_enabled = 1;
2176 s->status = READY_STAT | SEEK_STAT;
2177 ide_set_irq(s->bus);
2178 break;
2179 case SMART_ATTR_AUTOSAVE:
2180 switch (s->sector) {
2181 case 0x00:
2182 s->smart_autosave = 0;
2183 break;
2184 case 0xf1:
2185 s->smart_autosave = 1;
2186 break;
2187 default:
2188 goto abort_cmd;
2189 }
2190 s->status = READY_STAT | SEEK_STAT;
2191 ide_set_irq(s->bus);
2192 break;
2193 case SMART_STATUS:
2194 if (!s->smart_errors) {
2195 s->hcyl = 0xc2;
2196 s->lcyl = 0x4f;
2197 } else {
2198 s->hcyl = 0x2c;
2199 s->lcyl = 0xf4;
2200 }
2201 s->status = READY_STAT | SEEK_STAT;
2202 ide_set_irq(s->bus);
2203 break;
2204 case SMART_READ_THRESH:
2205 memset(s->io_buffer, 0, 0x200);
2206 s->io_buffer[0] = 0x01; /* smart struct version */
2207 for (n=0; n<30; n++) {
2208 if (smart_attributes[n][0] == 0)
2209 break;
2210 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0];
2211 s->io_buffer[2+1+(n*12)] = smart_attributes[n][4];
2212 }
2213 for (n=0; n<511; n++) /* checksum */
2214 s->io_buffer[511] += s->io_buffer[n];
2215 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2216 s->status = READY_STAT | SEEK_STAT;
2217 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2218 ide_set_irq(s->bus);
2219 break;
2220 case SMART_READ_DATA:
2221 memset(s->io_buffer, 0, 0x200);
2222 s->io_buffer[0] = 0x01; /* smart struct version */
2223 for (n=0; n<30; n++) {
2224 if (smart_attributes[n][0] == 0)
2225 break;
2226 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0];
2227 s->io_buffer[2+1+(n*12)] = smart_attributes[n][1];
2228 s->io_buffer[2+3+(n*12)] = smart_attributes[n][2];
2229 s->io_buffer[2+4+(n*12)] = smart_attributes[n][3];
2230 }
2231 s->io_buffer[362] = 0x02 | (s->smart_autosave?0x80:0x00);
2232 if (s->smart_selftest_count == 0) {
2233 s->io_buffer[363] = 0;
2234 } else {
2235 s->io_buffer[363] =
2236 s->smart_selftest_data[3 +
2237 (s->smart_selftest_count - 1) *
2238 24];
2239 }
2240 s->io_buffer[364] = 0x20;
2241 s->io_buffer[365] = 0x01;
2242 /* offline data collection capacity: execute + self-test*/
2243 s->io_buffer[367] = (1<<4 | 1<<3 | 1);
2244 s->io_buffer[368] = 0x03; /* smart capability (1) */
2245 s->io_buffer[369] = 0x00; /* smart capability (2) */
2246 s->io_buffer[370] = 0x01; /* error logging supported */
2247 s->io_buffer[372] = 0x02; /* minutes for poll short test */
2248 s->io_buffer[373] = 0x36; /* minutes for poll ext test */
2249 s->io_buffer[374] = 0x01; /* minutes for poll conveyance */
2250
2251 for (n=0; n<511; n++)
2252 s->io_buffer[511] += s->io_buffer[n];
2253 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2254 s->status = READY_STAT | SEEK_STAT;
2255 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2256 ide_set_irq(s->bus);
2257 break;
2258 case SMART_READ_LOG:
2259 switch (s->sector) {
2260 case 0x01: /* summary smart error log */
2261 memset(s->io_buffer, 0, 0x200);
2262 s->io_buffer[0] = 0x01;
2263 s->io_buffer[1] = 0x00; /* no error entries */
2264 s->io_buffer[452] = s->smart_errors & 0xff;
2265 s->io_buffer[453] = (s->smart_errors & 0xff00) >> 8;
2266
2267 for (n=0; n<511; n++)
2268 s->io_buffer[511] += s->io_buffer[n];
2269 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2270 break;
2271 case 0x06: /* smart self test log */
2272 memset(s->io_buffer, 0, 0x200);
2273 s->io_buffer[0] = 0x01;
2274 if (s->smart_selftest_count == 0) {
2275 s->io_buffer[508] = 0;
2276 } else {
2277 s->io_buffer[508] = s->smart_selftest_count;
2278 for (n=2; n<506; n++)
2279 s->io_buffer[n] = s->smart_selftest_data[n];
2280 }
2281 for (n=0; n<511; n++)
2282 s->io_buffer[511] += s->io_buffer[n];
2283 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2284 break;
2285 default:
2286 goto abort_cmd;
2287 }
2288 s->status = READY_STAT | SEEK_STAT;
2289 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2290 ide_set_irq(s->bus);
2291 break;
2292 case SMART_EXECUTE_OFFLINE:
2293 switch (s->sector) {
2294 case 0: /* off-line routine */
2295 case 1: /* short self test */
2296 case 2: /* extended self test */
2297 s->smart_selftest_count++;
2298 if(s->smart_selftest_count > 21)
2299 s->smart_selftest_count = 0;
2300 n = 2 + (s->smart_selftest_count - 1) * 24;
2301 s->smart_selftest_data[n] = s->sector;
2302 s->smart_selftest_data[n+1] = 0x00; /* OK and finished */
2303 s->smart_selftest_data[n+2] = 0x34; /* hour count lsb */
2304 s->smart_selftest_data[n+3] = 0x12; /* hour count msb */
2305 s->status = READY_STAT | SEEK_STAT;
2306 ide_set_irq(s->bus);
2307 break;
2308 default:
2309 goto abort_cmd;
2310 }
2311 break;
2312 default:
2313 goto abort_cmd;
2314 }
2315 break;
2316 default:
2317 abort_cmd:
2318 ide_abort_command(s);
2319 ide_set_irq(s->bus);
2320 break;
2321 }
2322 }
2323 }
2324
2325 uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
2326 {
2327 IDEBus *bus = opaque;
2328 IDEState *s = idebus_active_if(bus);
2329 uint32_t addr;
2330 int ret, hob;
2331
2332 addr = addr1 & 7;
2333 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2334 //hob = s->select & (1 << 7);
2335 hob = 0;
2336 switch(addr) {
2337 case 0:
2338 ret = 0xff;
2339 break;
2340 case 1:
2341 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2342 (s != bus->ifs && !s->bs))
2343 ret = 0;
2344 else if (!hob)
2345 ret = s->error;
2346 else
2347 ret = s->hob_feature;
2348 break;
2349 case 2:
2350 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2351 ret = 0;
2352 else if (!hob)
2353 ret = s->nsector & 0xff;
2354 else
2355 ret = s->hob_nsector;
2356 break;
2357 case 3:
2358 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2359 ret = 0;
2360 else if (!hob)
2361 ret = s->sector;
2362 else
2363 ret = s->hob_sector;
2364 break;
2365 case 4:
2366 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2367 ret = 0;
2368 else if (!hob)
2369 ret = s->lcyl;
2370 else
2371 ret = s->hob_lcyl;
2372 break;
2373 case 5:
2374 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2375 ret = 0;
2376 else if (!hob)
2377 ret = s->hcyl;
2378 else
2379 ret = s->hob_hcyl;
2380 break;
2381 case 6:
2382 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2383 ret = 0;
2384 else
2385 ret = s->select;
2386 break;
2387 default:
2388 case 7:
2389 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2390 (s != bus->ifs && !s->bs))
2391 ret = 0;
2392 else
2393 ret = s->status;
2394 qemu_irq_lower(bus->irq);
2395 break;
2396 }
2397 #ifdef DEBUG_IDE
2398 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
2399 #endif
2400 return ret;
2401 }
2402
2403 uint32_t ide_status_read(void *opaque, uint32_t addr)
2404 {
2405 IDEBus *bus = opaque;
2406 IDEState *s = idebus_active_if(bus);
2407 int ret;
2408
2409 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2410 (s != bus->ifs && !s->bs))
2411 ret = 0;
2412 else
2413 ret = s->status;
2414 #ifdef DEBUG_IDE
2415 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
2416 #endif
2417 return ret;
2418 }
2419
2420 void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
2421 {
2422 IDEBus *bus = opaque;
2423 IDEState *s;
2424 int i;
2425
2426 #ifdef DEBUG_IDE
2427 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
2428 #endif
2429 /* common for both drives */
2430 if (!(bus->cmd & IDE_CMD_RESET) &&
2431 (val & IDE_CMD_RESET)) {
2432 /* reset low to high */
2433 for(i = 0;i < 2; i++) {
2434 s = &bus->ifs[i];
2435 s->status = BUSY_STAT | SEEK_STAT;
2436 s->error = 0x01;
2437 }
2438 } else if ((bus->cmd & IDE_CMD_RESET) &&
2439 !(val & IDE_CMD_RESET)) {
2440 /* high to low */
2441 for(i = 0;i < 2; i++) {
2442 s = &bus->ifs[i];
2443 if (s->is_cdrom)
2444 s->status = 0x00; /* NOTE: READY is _not_ set */
2445 else
2446 s->status = READY_STAT | SEEK_STAT;
2447 ide_set_signature(s);
2448 }
2449 }
2450
2451 bus->cmd = val;
2452 }
2453
2454 void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
2455 {
2456 IDEBus *bus = opaque;
2457 IDEState *s = idebus_active_if(bus);
2458 uint8_t *p;
2459
2460 /* PIO data access allowed only when DRQ bit is set */
2461 if (!(s->status & DRQ_STAT))
2462 return;
2463
2464 p = s->data_ptr;
2465 *(uint16_t *)p = le16_to_cpu(val);
2466 p += 2;
2467 s->data_ptr = p;
2468 if (p >= s->data_end)
2469 s->end_transfer_func(s);
2470 }
2471
2472 uint32_t ide_data_readw(void *opaque, uint32_t addr)
2473 {
2474 IDEBus *bus = opaque;
2475 IDEState *s = idebus_active_if(bus);
2476 uint8_t *p;
2477 int ret;
2478
2479 /* PIO data access allowed only when DRQ bit is set */
2480 if (!(s->status & DRQ_STAT))
2481 return 0;
2482
2483 p = s->data_ptr;
2484 ret = cpu_to_le16(*(uint16_t *)p);
2485 p += 2;
2486 s->data_ptr = p;
2487 if (p >= s->data_end)
2488 s->end_transfer_func(s);
2489 return ret;
2490 }
2491
2492 void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
2493 {
2494 IDEBus *bus = opaque;
2495 IDEState *s = idebus_active_if(bus);
2496 uint8_t *p;
2497
2498 /* PIO data access allowed only when DRQ bit is set */
2499 if (!(s->status & DRQ_STAT))
2500 return;
2501
2502 p = s->data_ptr;
2503 *(uint32_t *)p = le32_to_cpu(val);
2504 p += 4;
2505 s->data_ptr = p;
2506 if (p >= s->data_end)
2507 s->end_transfer_func(s);
2508 }
2509
2510 uint32_t ide_data_readl(void *opaque, uint32_t addr)
2511 {
2512 IDEBus *bus = opaque;
2513 IDEState *s = idebus_active_if(bus);
2514 uint8_t *p;
2515 int ret;
2516
2517 /* PIO data access allowed only when DRQ bit is set */
2518 if (!(s->status & DRQ_STAT))
2519 return 0;
2520
2521 p = s->data_ptr;
2522 ret = cpu_to_le32(*(uint32_t *)p);
2523 p += 4;
2524 s->data_ptr = p;
2525 if (p >= s->data_end)
2526 s->end_transfer_func(s);
2527 return ret;
2528 }
2529
2530 static void ide_dummy_transfer_stop(IDEState *s)
2531 {
2532 s->data_ptr = s->io_buffer;
2533 s->data_end = s->io_buffer;
2534 s->io_buffer[0] = 0xff;
2535 s->io_buffer[1] = 0xff;
2536 s->io_buffer[2] = 0xff;
2537 s->io_buffer[3] = 0xff;
2538 }
2539
2540 static void ide_reset(IDEState *s)
2541 {
2542 #ifdef DEBUG_IDE
2543 printf("ide: reset\n");
2544 #endif
2545 if (s->is_cf)
2546 s->mult_sectors = 0;
2547 else
2548 s->mult_sectors = MAX_MULT_SECTORS;
2549 /* ide regs */
2550 s->feature = 0;
2551 s->error = 0;
2552 s->nsector = 0;
2553 s->sector = 0;
2554 s->lcyl = 0;
2555 s->hcyl = 0;
2556
2557 /* lba48 */
2558 s->hob_feature = 0;
2559 s->hob_sector = 0;
2560 s->hob_nsector = 0;
2561 s->hob_lcyl = 0;
2562 s->hob_hcyl = 0;
2563
2564 s->select = 0xa0;
2565 s->status = READY_STAT | SEEK_STAT;
2566
2567 s->lba48 = 0;
2568
2569 /* ATAPI specific */
2570 s->sense_key = 0;
2571 s->asc = 0;
2572 s->cdrom_changed = 0;
2573 s->packet_transfer_size = 0;
2574 s->elementary_transfer_size = 0;
2575 s->io_buffer_index = 0;
2576 s->cd_sector_size = 0;
2577 s->atapi_dma = 0;
2578 /* ATA DMA state */
2579 s->io_buffer_size = 0;
2580 s->req_nb_sectors = 0;
2581
2582 ide_set_signature(s);
2583 /* init the transfer handler so that 0xffff is returned on data
2584 accesses */
2585 s->end_transfer_func = ide_dummy_transfer_stop;
2586 ide_dummy_transfer_stop(s);
2587 s->media_changed = 0;
2588 }
2589
2590 void ide_bus_reset(IDEBus *bus)
2591 {
2592 bus->unit = 0;
2593 bus->cmd = 0;
2594 ide_reset(&bus->ifs[0]);
2595 ide_reset(&bus->ifs[1]);
2596 ide_clear_hob(bus);
2597 }
2598
2599 void ide_init_drive(IDEState *s, DriveInfo *dinfo,
2600 const char *version, const char *serial)
2601 {
2602 int cylinders, heads, secs;
2603 uint64_t nb_sectors;
2604
2605 s->bs = dinfo->bdrv;
2606 bdrv_get_geometry(s->bs, &nb_sectors);
2607 bdrv_guess_geometry(s->bs, &cylinders, &heads, &secs);
2608 s->cylinders = cylinders;
2609 s->heads = heads;
2610 s->sectors = secs;
2611 s->nb_sectors = nb_sectors;
2612 /* The SMART values should be preserved across power cycles
2613 but they aren't. */
2614 s->smart_enabled = 1;
2615 s->smart_autosave = 1;
2616 s->smart_errors = 0;
2617 s->smart_selftest_count = 0;
2618 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
2619 s->is_cdrom = 1;
2620 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
2621 }
2622 if (serial && *serial) {
2623 strncpy(s->drive_serial_str, serial, sizeof(s->drive_serial_str));
2624 } else {
2625 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str),
2626 "QM%05d", s->drive_serial);
2627 }
2628 if (version) {
2629 pstrcpy(s->version, sizeof(s->version), version);
2630 } else {
2631 pstrcpy(s->version, sizeof(s->version), QEMU_VERSION);
2632 }
2633 ide_reset(s);
2634 }
2635
2636 static void ide_init1(IDEBus *bus, int unit)
2637 {
2638 static int drive_serial = 1;
2639 IDEState *s = &bus->ifs[unit];
2640
2641 s->bus = bus;
2642 s->unit = unit;
2643 s->drive_serial = drive_serial++;
2644 s->io_buffer = qemu_blockalign(s->bs, IDE_DMA_BUF_SECTORS*512 + 4);
2645 s->io_buffer_total_len = IDE_DMA_BUF_SECTORS*512 + 4;
2646 s->smart_selftest_data = qemu_blockalign(s->bs, 512);
2647 s->sector_write_timer = qemu_new_timer(vm_clock,
2648 ide_sector_write_timer_cb, s);
2649 }
2650
2651 void ide_init2(IDEBus *bus, qemu_irq irq)
2652 {
2653 int i;
2654
2655 for(i = 0; i < 2; i++) {
2656 ide_init1(bus, i);
2657 ide_reset(&bus->ifs[i]);
2658 }
2659 bus->irq = irq;
2660 }
2661
2662 /* TODO convert users to qdev and remove */
2663 void ide_init2_with_non_qdev_drives(IDEBus *bus, DriveInfo *hd0,
2664 DriveInfo *hd1, qemu_irq irq)
2665 {
2666 int i;
2667 DriveInfo *dinfo;
2668
2669 for(i = 0; i < 2; i++) {
2670 dinfo = i == 0 ? hd0 : hd1;
2671 ide_init1(bus, i);
2672 if (dinfo) {
2673 ide_init_drive(&bus->ifs[i], dinfo, NULL, dinfo->serial);
2674 } else {
2675 ide_reset(&bus->ifs[i]);
2676 }
2677 }
2678 bus->irq = irq;
2679 }
2680
2681 void ide_init_ioport(IDEBus *bus, int iobase, int iobase2)
2682 {
2683 register_ioport_write(iobase, 8, 1, ide_ioport_write, bus);
2684 register_ioport_read(iobase, 8, 1, ide_ioport_read, bus);
2685 if (iobase2) {
2686 register_ioport_read(iobase2, 1, 1, ide_status_read, bus);
2687 register_ioport_write(iobase2, 1, 1, ide_cmd_write, bus);
2688 }
2689
2690 /* data ports */
2691 register_ioport_write(iobase, 2, 2, ide_data_writew, bus);
2692 register_ioport_read(iobase, 2, 2, ide_data_readw, bus);
2693 register_ioport_write(iobase, 4, 4, ide_data_writel, bus);
2694 register_ioport_read(iobase, 4, 4, ide_data_readl, bus);
2695 }
2696
2697 static bool is_identify_set(void *opaque, int version_id)
2698 {
2699 IDEState *s = opaque;
2700
2701 return s->identify_set != 0;
2702 }
2703
2704 static EndTransferFunc* transfer_end_table[] = {
2705 ide_sector_read,
2706 ide_sector_write,
2707 ide_transfer_stop,
2708 ide_atapi_cmd_reply_end,
2709 ide_atapi_cmd,
2710 };
2711
2712 static int transfer_end_table_idx(EndTransferFunc *fn)
2713 {
2714 int i;
2715
2716 for (i = 0; i < ARRAY_SIZE(transfer_end_table); i++)
2717 if (transfer_end_table[i] == fn)
2718 return i;
2719
2720 return -1;
2721 }
2722
2723 static int ide_drive_post_load(void *opaque, int version_id)
2724 {
2725 IDEState *s = opaque;
2726
2727 if (version_id < 3) {
2728 if (s->sense_key == SENSE_UNIT_ATTENTION &&
2729 s->asc == ASC_MEDIUM_MAY_HAVE_CHANGED) {
2730 s->cdrom_changed = 1;
2731 }
2732 }
2733
2734 if (s->cur_io_buffer_len) {
2735 s->end_transfer_func = transfer_end_table[s->end_transfer_fn_idx];
2736 s->data_ptr = s->io_buffer + s->cur_io_buffer_offset;
2737 s->data_end = s->data_ptr + s->cur_io_buffer_len;
2738 }
2739
2740 return 0;
2741 }
2742
2743 static void ide_drive_pre_save(void *opaque)
2744 {
2745 IDEState *s = opaque;
2746 int idx;
2747
2748 s->cur_io_buffer_len = 0;
2749
2750 if (!(s->status & DRQ_STAT))
2751 return;
2752
2753 s->cur_io_buffer_offset = s->data_ptr - s->io_buffer;
2754 s->cur_io_buffer_len = s->data_end - s->data_ptr;
2755
2756 idx = transfer_end_table_idx(s->end_transfer_func);
2757 if (idx == -1) {
2758 fprintf(stderr, "%s: invalid end_transfer_func for DRQ_STAT\n",
2759 __func__);
2760 s->end_transfer_fn_idx = 2;
2761 } else {
2762 s->end_transfer_fn_idx = idx;
2763 }
2764 }
2765
2766 const VMStateDescription vmstate_ide_drive = {
2767 .name = "ide_drive",
2768 .version_id = 4,
2769 .minimum_version_id = 0,
2770 .minimum_version_id_old = 0,
2771 .pre_save = ide_drive_pre_save,
2772 .post_load = ide_drive_post_load,
2773 .fields = (VMStateField []) {
2774 VMSTATE_INT32(mult_sectors, IDEState),
2775 VMSTATE_INT32(identify_set, IDEState),
2776 VMSTATE_BUFFER_TEST(identify_data, IDEState, is_identify_set),
2777 VMSTATE_UINT8(feature, IDEState),
2778 VMSTATE_UINT8(error, IDEState),
2779 VMSTATE_UINT32(nsector, IDEState),
2780 VMSTATE_UINT8(sector, IDEState),
2781 VMSTATE_UINT8(lcyl, IDEState),
2782 VMSTATE_UINT8(hcyl, IDEState),
2783 VMSTATE_UINT8(hob_feature, IDEState),
2784 VMSTATE_UINT8(hob_sector, IDEState),
2785 VMSTATE_UINT8(hob_nsector, IDEState),
2786 VMSTATE_UINT8(hob_lcyl, IDEState),
2787 VMSTATE_UINT8(hob_hcyl, IDEState),
2788 VMSTATE_UINT8(select, IDEState),
2789 VMSTATE_UINT8(status, IDEState),
2790 VMSTATE_UINT8(lba48, IDEState),
2791 VMSTATE_UINT8(sense_key, IDEState),
2792 VMSTATE_UINT8(asc, IDEState),
2793 VMSTATE_UINT8_V(cdrom_changed, IDEState, 3),
2794 VMSTATE_INT32_V(req_nb_sectors, IDEState, 4),
2795 VMSTATE_VARRAY_INT32(io_buffer, IDEState, io_buffer_total_len, 4,
2796 vmstate_info_uint8, uint8_t),
2797 VMSTATE_INT32_V(cur_io_buffer_offset, IDEState, 4),
2798 VMSTATE_INT32_V(cur_io_buffer_len, IDEState, 4),
2799 VMSTATE_UINT8_V(end_transfer_fn_idx, IDEState, 4),
2800 VMSTATE_INT32_V(elementary_transfer_size, IDEState, 4),
2801 VMSTATE_INT32_V(packet_transfer_size, IDEState, 4),
2802 VMSTATE_END_OF_LIST()
2803 }
2804 };
2805
2806 const VMStateDescription vmstate_ide_bus = {
2807 .name = "ide_bus",
2808 .version_id = 1,
2809 .minimum_version_id = 1,
2810 .minimum_version_id_old = 1,
2811 .fields = (VMStateField []) {
2812 VMSTATE_UINT8(cmd, IDEBus),
2813 VMSTATE_UINT8(unit, IDEBus),
2814 VMSTATE_END_OF_LIST()
2815 }
2816 };
2817
2818 /***********************************************************/
2819 /* PCI IDE definitions */
2820
2821 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb)
2822 {
2823 BMDMAState *bm = s->bus->bmdma;
2824 if(!bm)
2825 return;
2826 bm->unit = s->unit;
2827 bm->dma_cb = dma_cb;
2828 bm->cur_prd_last = 0;
2829 bm->cur_prd_addr = 0;
2830 bm->cur_prd_len = 0;
2831 bm->sector_num = ide_get_sector(s);
2832 bm->nsector = s->nsector;
2833 if (bm->status & BM_STATUS_DMAING) {
2834 bm->dma_cb(bm, 0);
2835 }
2836 }
2837
2838 static void ide_dma_restart(IDEState *s, int is_read)
2839 {
2840 BMDMAState *bm = s->bus->bmdma;
2841 ide_set_sector(s, bm->sector_num);
2842 s->io_buffer_index = 0;
2843 s->io_buffer_size = 0;
2844 s->nsector = bm->nsector;
2845 bm->cur_addr = bm->addr;
2846
2847 if (is_read) {
2848 bm->dma_cb = ide_read_dma_cb;
2849 } else {
2850 bm->dma_cb = ide_write_dma_cb;
2851 }
2852
2853 ide_dma_start(s, bm->dma_cb);
2854 }
2855
2856 void ide_dma_cancel(BMDMAState *bm)
2857 {
2858 if (bm->status & BM_STATUS_DMAING) {
2859 if (bm->aiocb) {
2860 #ifdef DEBUG_AIO
2861 printf("aio_cancel\n");
2862 #endif
2863 bdrv_aio_cancel(bm->aiocb);
2864 bm->aiocb = NULL;
2865 }
2866 bm->status &= ~BM_STATUS_DMAING;
2867 /* cancel DMA request */
2868 bm->unit = -1;
2869 bm->dma_cb = NULL;
2870 }
2871 }
2872
2873 void ide_dma_reset(BMDMAState *bm)
2874 {
2875 #ifdef DEBUG_IDE
2876 printf("ide: dma_reset\n");
2877 #endif
2878 ide_dma_cancel(bm);
2879 bm->cmd = 0;
2880 bm->status = 0;
2881 bm->addr = 0;
2882 bm->cur_addr = 0;
2883 bm->cur_prd_last = 0;
2884 bm->cur_prd_addr = 0;
2885 bm->cur_prd_len = 0;
2886 bm->sector_num = 0;
2887 bm->nsector = 0;
2888 }
various patches