]> git.proxmox.com Git - mirror_qemu.git/blame - hw/ide/core.c
projects / mirror_qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
hw/ide/piix: properly initialize the BMIBA register
[mirror_qemu.git] / hw / ide / core.c
CommitLineData
5391d806 1/*
38cdea7c 2 * QEMU IDE disk and CD/DVD-ROM Emulator
5fafdf24 3 *
5391d806 4 * Copyright (c) 2003 Fabrice Bellard
201a51fc 5 * Copyright (c) 2006 Openedhand Ltd.
5fafdf24 6 *
5391d806
FB		 7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
e688df6b 25
53239262 26#include "qemu/osdep.h"
da9f1172 27#include "hw/irq.h"
a9c94277 28#include "hw/isa/isa.h"
d6454270 29#include "migration/vmstate.h"
1de7afc9 30#include "qemu/error-report.h"
db725815 31#include "qemu/main-loop.h"
1de7afc9 32#include "qemu/timer.h"
15e09912 33#include "qemu/hw-version.h"
5df022cf 34#include "qemu/memalign.h"
9c17d615 35#include "sysemu/sysemu.h"
78631611 36#include "sysemu/blockdev.h"
9c17d615 37#include "sysemu/dma.h"
0d09e41a 38#include "hw/block/block.h"
4be74634 39#include "sysemu/block-backend.h"
e688df6b 40#include "qapi/error.h"
f348b6d1 41#include "qemu/cutils.h"
b255df7e 42#include "sysemu/replay.h"
54d31236 43#include "sysemu/runstate.h"
a9c94277 44#include "hw/ide/internal.h"
3eee2611 45#include "trace.h"
e8b54394 46
b93af93d
BW		 47/* These values were based on a Seagate ST3500418AS but have been modified
48 to make more sense in QEMU */
49static const int smart_attributes[][12] = {
50 /* id, flags, hflags, val, wrst, raw (6 bytes), threshold */
51 /* raw read error rate*/
52 { 0x01, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06},
53 /* spin up */
54 { 0x03, 0x03, 0x00, 0x64, 0x64, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
55 /* start stop count */
56 { 0x04, 0x02, 0x00, 0x64, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x14},
57 /* remapped sectors */
58 { 0x05, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x24},
59 /* power on hours */
60 { 0x09, 0x03, 0x00, 0x64, 0x64, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
61 /* power cycle count */
62 { 0x0c, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
63 /* airflow-temperature-celsius */
64 { 190, 0x03, 0x00, 0x45, 0x45, 0x1f, 0x00, 0x1f, 0x1f, 0x00, 0x00, 0x32},
e8b54394
BW		 65};
66
0e168d35
JS		 67const char *IDE_DMA_CMD_lookup[IDE_DMA__COUNT] = {
68 [IDE_DMA_READ] = "DMA READ",
69 [IDE_DMA_WRITE] = "DMA WRITE",
70 [IDE_DMA_TRIM] = "DMA TRIM",
71 [IDE_DMA_ATAPI] = "DMA ATAPI"
72};
73
74static const char *IDE_DMA_CMD_str(enum ide_dma_cmd enval)
75{
159a9df0 76 if ((unsigned)enval < IDE_DMA__COUNT) {
0e168d35
JS		 77 return IDE_DMA_CMD_lookup[enval];
78 }
79 return "DMA UNKNOWN CMD";
80}
81
40c4ed3f 82static void ide_dummy_transfer_stop(IDEState *s);
98087450 83
5391d806
FB		 84static void padstr(char *str, const char *src, int len)
85{
86 int i, v;
87 for(i = 0; i < len; i++) {
88 if (*src)
89 v = *src++;
90 else
91 v = ' ';
69b34976 92 str[i^1] = v;
5391d806
FB		 93 }
94}
95
67b915a5
FB		 96static void put_le16(uint16_t *p, unsigned int v)
97{
0c4ad8dc 98 *p = cpu_to_le16(v);
67b915a5
FB		 99}
100
01ce352e
JS		 101static void ide_identify_size(IDEState *s)
102{
103 uint16_t *p = (uint16_t *)s->identify_data;
46e018e9
ST		 104 int64_t nb_sectors_lba28 = s->nb_sectors;
105 if (nb_sectors_lba28 >= 1 << 28) {
106 nb_sectors_lba28 = (1 << 28) - 1;
107 }
108 put_le16(p + 60, nb_sectors_lba28);
109 put_le16(p + 61, nb_sectors_lba28 >> 16);
01ce352e
JS		 110 put_le16(p + 100, s->nb_sectors);
111 put_le16(p + 101, s->nb_sectors >> 16);
112 put_le16(p + 102, s->nb_sectors >> 32);
113 put_le16(p + 103, s->nb_sectors >> 48);
114}
115
5391d806
FB		 116static void ide_identify(IDEState *s)
117{
118 uint16_t *p;
119 unsigned int oldsize;
d353fb72 120 IDEDevice *dev = s->unit ? s->bus->slave : s->bus->master;
5391d806 121
4bf6637d 122 p = (uint16_t *)s->identify_data;
94458802 123 if (s->identify_set) {
4bf6637d 124 goto fill_buffer;
94458802 125 }
4bf6637d 126 memset(p, 0, sizeof(s->identify_data));
94458802 127
67b915a5 128 put_le16(p + 0, 0x0040);
5fafdf24 129 put_le16(p + 1, s->cylinders);
67b915a5
FB		 130 put_le16(p + 3, s->heads);
131 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
132 put_le16(p + 5, 512); /* XXX: retired, remove ? */
5fafdf24 133 put_le16(p + 6, s->sectors);
fa879c64 134 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
67b915a5
FB		 135 put_le16(p + 20, 3); /* XXX: retired, remove ? */
136 put_le16(p + 21, 512); /* cache size in sectors */
137 put_le16(p + 22, 4); /* ecc bytes */
47c06340 138 padstr((char *)(p + 23), s->version, 8); /* firmware version */
27e0c9a1 139 padstr((char *)(p + 27), s->drive_model_str, 40); /* model */
3b46e624 140#if MAX_MULT_SECTORS > 1
67b915a5 141 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
5391d806 142#endif
67b915a5 143 put_le16(p + 48, 1); /* dword I/O */
94458802 144 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
67b915a5
FB		 145 put_le16(p + 51, 0x200); /* PIO transfer cycle */
146 put_le16(p + 52, 0x200); /* DMA transfer cycle */
94458802 147 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
67b915a5
FB		 148 put_le16(p + 54, s->cylinders);
149 put_le16(p + 55, s->heads);
150 put_le16(p + 56, s->sectors);
5391d806 151 oldsize = s->cylinders * s->heads * s->sectors;
67b915a5
FB		 152 put_le16(p + 57, oldsize);
153 put_le16(p + 58, oldsize >> 16);
5391d806 154 if (s->mult_sectors)
67b915a5 155 put_le16(p + 59, 0x100 | s->mult_sectors);
01ce352e
JS		 156 /* *(p + 60) := nb_sectors -- see ide_identify_size */
157 /* *(p + 61) := nb_sectors >> 16 -- see ide_identify_size */
d1b5c20d 158 put_le16(p + 62, 0x07); /* single word dma0-2 supported */
94458802 159 put_le16(p + 63, 0x07); /* mdma0-2 supported */
79d1d331 160 put_le16(p + 64, 0x03); /* pio3-4 supported */
94458802
FB		 161 put_le16(p + 65, 120);
162 put_le16(p + 66, 120);
163 put_le16(p + 67, 120);
164 put_le16(p + 68, 120);
d353fb72
CH		 165 if (dev && dev->conf.discard_granularity) {
166 put_le16(p + 69, (1 << 14)); /* determinate TRIM behavior */
167 }
ccf0fd8b
RE		 168
169 if (s->ncq_queues) {
170 put_le16(p + 75, s->ncq_queues - 1);
171 /* NCQ supported */
172 put_le16(p + 76, (1 << 8));
173 }
174
94458802
FB		 175 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
176 put_le16(p + 81, 0x16); /* conforms to ata5 */
a58b8d54
CH		 177 /* 14=NOP supported, 5=WCACHE supported, 0=SMART supported */
178 put_le16(p + 82, (1 << 14) | (1 << 5) | 1);
c2ff060f
FB		 179 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
180 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
95ebda85
FB		 181 /* 14=set to 1, 8=has WWN, 1=SMART self test, 0=SMART error logging */
182 if (s->wwn) {
183 put_le16(p + 84, (1 << 14) | (1 << 8) | 0);
184 } else {
185 put_le16(p + 84, (1 << 14) | 0);
186 }
e900a7b7 187 /* 14 = NOP supported, 5=WCACHE enabled, 0=SMART feature set enabled */
4be74634
MA		 188 if (blk_enable_write_cache(s->blk)) {
189 put_le16(p + 85, (1 << 14) | (1 << 5) | 1);
190 } else {
191 put_le16(p + 85, (1 << 14) | 1);
192 }
c2ff060f 193 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
2844bdd9 194 put_le16(p + 86, (1 << 13) | (1 <<12) | (1 << 10));
95ebda85
FB		 195 /* 14=set to 1, 8=has WWN, 1=SMART self test, 0=SMART error logging */
196 if (s->wwn) {
197 put_le16(p + 87, (1 << 14) | (1 << 8) | 0);
198 } else {
199 put_le16(p + 87, (1 << 14) | 0);
200 }
94458802
FB		 201 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
202 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
01ce352e
JS		 203 /* *(p + 100) := nb_sectors -- see ide_identify_size */
204 /* *(p + 101) := nb_sectors >> 16 -- see ide_identify_size */
205 /* *(p + 102) := nb_sectors >> 32 -- see ide_identify_size */
206 /* *(p + 103) := nb_sectors >> 48 -- see ide_identify_size */
d353fb72 207
57dac7ef
MA		 208 if (dev && dev->conf.physical_block_size)
209 put_le16(p + 106, 0x6000 | get_physical_block_exp(&dev->conf));
95ebda85
FB		 210 if (s->wwn) {
211 /* LE 16-bit words 111-108 contain 64-bit World Wide Name */
212 put_le16(p + 108, s->wwn >> 48);
213 put_le16(p + 109, s->wwn >> 32);
214 put_le16(p + 110, s->wwn >> 16);
215 put_le16(p + 111, s->wwn);
216 }
d353fb72
CH		 217 if (dev && dev->conf.discard_granularity) {
218 put_le16(p + 169, 1); /* TRIM support */
219 }
96f43c2b
DB		 220 if (dev) {
221 put_le16(p + 217, dev->rotation_rate); /* Nominal media rotation rate */
222 }
94458802 223
01ce352e 224 ide_identify_size(s);
94458802 225 s->identify_set = 1;
4bf6637d
JS		 226
227fill_buffer:
228 memcpy(s->io_buffer, p, sizeof(s->identify_data));
5391d806
FB		 229}
230
231static void ide_atapi_identify(IDEState *s)
232{
233 uint16_t *p;
234
4bf6637d 235 p = (uint16_t *)s->identify_data;
94458802 236 if (s->identify_set) {
4bf6637d 237 goto fill_buffer;
94458802 238 }
4bf6637d 239 memset(p, 0, sizeof(s->identify_data));
94458802 240
5391d806 241 /* Removable CDROM, 50us response, 12 byte packets */
67b915a5 242 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
fa879c64 243 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
67b915a5
FB		 244 put_le16(p + 20, 3); /* buffer type */
245 put_le16(p + 21, 512); /* cache size in sectors */
246 put_le16(p + 22, 4); /* ecc bytes */
47c06340 247 padstr((char *)(p + 23), s->version, 8); /* firmware version */
27e0c9a1 248 padstr((char *)(p + 27), s->drive_model_str, 40); /* model */
67b915a5 249 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
8ccad811
FB		 250#ifdef USE_DMA_CDROM
251 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
252 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
d1b5c20d 253 put_le16(p + 62, 7); /* single word dma0-2 supported */
8ccad811 254 put_le16(p + 63, 7); /* mdma0-2 supported */
8ccad811 255#else
67b915a5
FB		 256 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
257 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
258 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
8ccad811 259#endif
79d1d331 260 put_le16(p + 64, 3); /* pio3-4 supported */
67b915a5
FB		 261 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
262 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
263 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
264 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
94458802 265
67b915a5
FB		 266 put_le16(p + 71, 30); /* in ns */
267 put_le16(p + 72, 30); /* in ns */
5391d806 268
1bdaa28d
AG		 269 if (s->ncq_queues) {
270 put_le16(p + 75, s->ncq_queues - 1);
271 /* NCQ supported */
272 put_le16(p + 76, (1 << 8));
273 }
274
67b915a5 275 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
c5fe97e3
JS		 276 if (s->wwn) {
277 put_le16(p + 84, (1 << 8)); /* supports WWN for words 108-111 */
278 put_le16(p + 87, (1 << 8)); /* WWN enabled */
279 }
280
8ccad811
FB		 281#ifdef USE_DMA_CDROM
282 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
283#endif
c5fe97e3
JS		 284
285 if (s->wwn) {
286 /* LE 16-bit words 111-108 contain 64-bit World Wide Name */
287 put_le16(p + 108, s->wwn >> 48);
288 put_le16(p + 109, s->wwn >> 32);
289 put_le16(p + 110, s->wwn >> 16);
290 put_le16(p + 111, s->wwn);
291 }
292
94458802 293 s->identify_set = 1;
4bf6637d
JS		 294
295fill_buffer:
296 memcpy(s->io_buffer, p, sizeof(s->identify_data));
5391d806
FB		 297}
298
01ce352e
JS		 299static void ide_cfata_identify_size(IDEState *s)
300{
301 uint16_t *p = (uint16_t *)s->identify_data;
302 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
303 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
304 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
305 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
306}
307
201a51fc
AZ		 308static void ide_cfata_identify(IDEState *s)
309{
310 uint16_t *p;
311 uint32_t cur_sec;
201a51fc 312
4bf6637d
JS		 313 p = (uint16_t *)s->identify_data;
314 if (s->identify_set) {
201a51fc 315 goto fill_buffer;
4bf6637d 316 }
201a51fc
AZ		 317 memset(p, 0, sizeof(s->identify_data));
318
319 cur_sec = s->cylinders * s->heads * s->sectors;
320
0030b244
YF		 321 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
322 put_le16(p + 1, s->cylinders); /* Default cylinders */
323 put_le16(p + 3, s->heads); /* Default heads */
324 put_le16(p + 6, s->sectors); /* Default sectors per track */
01ce352e
JS		 325 /* *(p + 7) := nb_sectors >> 16 -- see ide_cfata_identify_size */
326 /* *(p + 8) := nb_sectors -- see ide_cfata_identify_size */
fa879c64 327 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
0030b244
YF		 328 put_le16(p + 22, 0x0004); /* ECC bytes */
329 padstr((char *) (p + 23), s->version, 8); /* Firmware Revision */
27e0c9a1 330 padstr((char *) (p + 27), s->drive_model_str, 40);/* Model number */
201a51fc
AZ		 331#if MAX_MULT_SECTORS > 1
332 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
333#else
334 put_le16(p + 47, 0x0000);
335#endif
0030b244
YF		 336 put_le16(p + 49, 0x0f00); /* Capabilities */
337 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
338 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
339 put_le16(p + 53, 0x0003); /* Translation params valid */
340 put_le16(p + 54, s->cylinders); /* Current cylinders */
341 put_le16(p + 55, s->heads); /* Current heads */
342 put_le16(p + 56, s->sectors); /* Current sectors */
343 put_le16(p + 57, cur_sec); /* Current capacity */
344 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
345 if (s->mult_sectors) /* Multiple sector setting */
201a51fc 346 put_le16(p + 59, 0x100 | s->mult_sectors);
01ce352e
JS		 347 /* *(p + 60) := nb_sectors -- see ide_cfata_identify_size */
348 /* *(p + 61) := nb_sectors >> 16 -- see ide_cfata_identify_size */
0030b244
YF		 349 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
350 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
351 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
352 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
353 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
354 put_le16(p + 82, 0x400c); /* Command Set supported */
355 put_le16(p + 83, 0x7068); /* Command Set supported */
356 put_le16(p + 84, 0x4000); /* Features supported */
357 put_le16(p + 85, 0x000c); /* Command Set enabled */
358 put_le16(p + 86, 0x7044); /* Command Set enabled */
359 put_le16(p + 87, 0x4000); /* Features enabled */
360 put_le16(p + 91, 0x4060); /* Current APM level */
361 put_le16(p + 129, 0x0002); /* Current features option */
362 put_le16(p + 130, 0x0005); /* Reassigned sectors */
363 put_le16(p + 131, 0x0001); /* Initial power mode */
364 put_le16(p + 132, 0x0000); /* User signature */
365 put_le16(p + 160, 0x8100); /* Power requirement */
366 put_le16(p + 161, 0x8001); /* CF command set */
201a51fc 367
01ce352e 368 ide_cfata_identify_size(s);
201a51fc
AZ		 369 s->identify_set = 1;
370
371fill_buffer:
372 memcpy(s->io_buffer, p, sizeof(s->identify_data));
373}
374
5391d806
FB		 375static void ide_set_signature(IDEState *s)
376{
0c7515e1 377 s->select &= ~(ATA_DEV_HS); /* clear head */
5391d806
FB		 378 /* put signature */
379 s->nsector = 1;
380 s->sector = 1;
cd8722bb 381 if (s->drive_kind == IDE_CD) {
5391d806
FB		 382 s->lcyl = 0x14;
383 s->hcyl = 0xeb;
4be74634 384 } else if (s->blk) {
5391d806
FB		 385 s->lcyl = 0;
386 s->hcyl = 0;
387 } else {
388 s->lcyl = 0xff;
389 s->hcyl = 0xff;
390 }
391}
392
d8b070fe
AN		 393static bool ide_sect_range_ok(IDEState *s,
394 uint64_t sector, uint64_t nb_sectors)
395{
396 uint64_t total_sectors;
397
398 blk_get_geometry(s->blk, &total_sectors);
399 if (sector > total_sectors || nb_sectors > total_sectors - sector) {
400 return false;
401 }
402 return true;
403}
404
d353fb72 405typedef struct TrimAIOCB {
7c84b1b8 406 BlockAIOCB common;
ef0e64a9 407 IDEState *s;
d353fb72
CH		 408 QEMUBH *bh;
409 int ret;
501378c3 410 QEMUIOVector *qiov;
7c84b1b8 411 BlockAIOCB *aiocb;
501378c3 412 int i, j;
d353fb72
CH		 413} TrimAIOCB;
414
7c84b1b8 415static void trim_aio_cancel(BlockAIOCB *acb)
d353fb72
CH		 416{
417 TrimAIOCB *iocb = container_of(acb, TrimAIOCB, common);
418
e551c999 419 /* Exit the loop so ide_issue_trim_cb will not continue */
501378c3
PB		 420 iocb->j = iocb->qiov->niov - 1;
421 iocb->i = (iocb->qiov->iov[iocb->j].iov_len / 8) - 1;
422
e551c999 423 iocb->ret = -ECANCELED;
501378c3
PB		 424
425 if (iocb->aiocb) {
4be74634 426 blk_aio_cancel_async(iocb->aiocb);
e551c999 427 iocb->aiocb = NULL;
501378c3 428 }
d353fb72
CH		 429}
430
d7331bed 431static const AIOCBInfo trim_aiocb_info = {
d353fb72 432 .aiocb_size = sizeof(TrimAIOCB),
e551c999 433 .cancel_async = trim_aio_cancel,
d353fb72
CH		 434};
435
436static void ide_trim_bh_cb(void *opaque)
437{
438 TrimAIOCB *iocb = opaque;
7e5cdb34 439 BlockBackend *blk = iocb->s->blk;
d353fb72 440
caeadbc8
AN		 441 iocb->common.cb(iocb->common.opaque, iocb->ret);
442
d353fb72
CH		 443 qemu_bh_delete(iocb->bh);
444 iocb->bh = NULL;
8007429a 445 qemu_aio_unref(iocb);
7e5cdb34
HR		 446
447 /* Paired with an increment in ide_issue_trim() */
448 blk_dec_in_flight(blk);
d353fb72
CH		 449}
450
501378c3
PB		 451static void ide_issue_trim_cb(void *opaque, int ret)
452{
453 TrimAIOCB *iocb = opaque;
ef0e64a9
AN		 454 IDEState *s = iocb->s;
455
99f18035
AN		 456 if (iocb->i >= 0) {
457 if (ret >= 0) {
458 block_acct_done(blk_get_stats(s->blk), &s->acct);
459 } else {
460 block_acct_failed(blk_get_stats(s->blk), &s->acct);
461 }
462 }
463
501378c3
PB		 464 if (ret >= 0) {
465 while (iocb->j < iocb->qiov->niov) {
466 int j = iocb->j;
467 while (++iocb->i < iocb->qiov->iov[j].iov_len / 8) {
468 int i = iocb->i;
469 uint64_t *buffer = iocb->qiov->iov[j].iov_base;
470
471 /* 6-byte LBA + 2-byte range per entry */
472 uint64_t entry = le64_to_cpu(buffer[i]);
473 uint64_t sector = entry & 0x0000ffffffffffffULL;
474 uint16_t count = entry >> 48;
475
476 if (count == 0) {
477 continue;
478 }
479
947858b0 480 if (!ide_sect_range_ok(s, sector, count)) {
99f18035 481 block_acct_invalid(blk_get_stats(s->blk), BLOCK_ACCT_UNMAP);
caeadbc8 482 iocb->ret = -EINVAL;
947858b0
AN		 483 goto done;
484 }
485
99f18035
AN		 486 block_acct_start(blk_get_stats(s->blk), &s->acct,
487 count << BDRV_SECTOR_BITS, BLOCK_ACCT_UNMAP);
488
501378c3 489 /* Got an entry! Submit and exit. */
ef0e64a9 490 iocb->aiocb = blk_aio_pdiscard(s->blk,
1c6c4bb7
EB		 491 sector << BDRV_SECTOR_BITS,
492 count << BDRV_SECTOR_BITS,
493 ide_issue_trim_cb, opaque);
501378c3
PB		 494 return;
495 }
496
497 iocb->j++;
498 iocb->i = -1;
499 }
500 } else {
501 iocb->ret = ret;
502 }
503
947858b0 504done:
501378c3
PB		 505 iocb->aiocb = NULL;
506 if (iocb->bh) {
b255df7e 507 replay_bh_schedule_event(iocb->bh);
501378c3
PB		 508 }
509}
510
8a8e63eb
PB		 511BlockAIOCB *ide_issue_trim(
512 int64_t offset, QEMUIOVector *qiov,
513 BlockCompletionFunc *cb, void *cb_opaque, void *opaque)
d353fb72 514{
ef0e64a9 515 IDEState *s = opaque;
f63192b0 516 IDEDevice *dev = s->unit ? s->bus->slave : s->bus->master;
d353fb72 517 TrimAIOCB *iocb;
d353fb72 518
7e5cdb34
HR		 519 /* Paired with a decrement in ide_trim_bh_cb() */
520 blk_inc_in_flight(s->blk);
521
ef0e64a9
AN		 522 iocb = blk_aio_get(&trim_aiocb_info, s->blk, cb, cb_opaque);
523 iocb->s = s;
f63192b0
AB		 524 iocb->bh = qemu_bh_new_guarded(ide_trim_bh_cb, iocb,
525 &DEVICE(dev)->mem_reentrancy_guard);
d353fb72 526 iocb->ret = 0;
501378c3
PB		 527 iocb->qiov = qiov;
528 iocb->i = -1;
529 iocb->j = 0;
530 ide_issue_trim_cb(iocb, 0);
d353fb72
CH		 531 return &iocb->common;
532}
533
9ef2e93f 534void ide_abort_command(IDEState *s)
5391d806 535{
08ee9e33 536 ide_transfer_stop(s);
5391d806
FB		 537 s->status = READY_STAT | ERR_STAT;
538 s->error = ABRT_ERR;
539}
540
0eeee07e
EY		 541static void ide_set_retry(IDEState *s)
542{
543 s->bus->retry_unit = s->unit;
544 s->bus->retry_sector_num = ide_get_sector(s);
545 s->bus->retry_nsector = s->nsector;
546}
547
548static void ide_clear_retry(IDEState *s)
549{
550 s->bus->retry_unit = -1;
551 s->bus->retry_sector_num = 0;
552 s->bus->retry_nsector = 0;
553}
554
5391d806 555/* prepare data transfer and tell what to do after */
c173723f
PB		 556bool ide_transfer_start_norecurse(IDEState *s, uint8_t *buf, int size,
557 EndTransferFunc *end_transfer_func)
5391d806 558{
5391d806
FB		 559 s->data_ptr = buf;
560 s->data_end = buf + size;
35f78ab4 561 ide_set_retry(s);
40a6238a 562 if (!(s->status & ERR_STAT)) {
7603d156 563 s->status |= DRQ_STAT;
40a6238a 564 }
bed9bcfa
PB		 565 if (!s->bus->dma->ops->pio_transfer) {
566 s->end_transfer_func = end_transfer_func;
c173723f 567 return false;
44635123 568 }
bed9bcfa 569 s->bus->dma->ops->pio_transfer(s->bus->dma);
c173723f
PB		 570 return true;
571}
572
573void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
574 EndTransferFunc *end_transfer_func)
575{
576 if (ide_transfer_start_norecurse(s, buf, size, end_transfer_func)) {
577 end_transfer_func(s);
578 }
5391d806
FB		 579}
580
c7e73adb
PB		 581static void ide_cmd_done(IDEState *s)
582{
583 if (s->bus->dma->ops->cmd_done) {
584 s->bus->dma->ops->cmd_done(s->bus->dma);
585 }
586}
587
882941a5 588static void ide_transfer_halt(IDEState *s)
5391d806 589{
882941a5 590 s->end_transfer_func = ide_transfer_stop;
5391d806
FB		 591 s->data_ptr = s->io_buffer;
592 s->data_end = s->io_buffer;
593 s->status &= ~DRQ_STAT;
e3044e23
JS		 594}
595
596void ide_transfer_stop(IDEState *s)
597{
882941a5 598 ide_transfer_halt(s);
ee4cd662 599 ide_cmd_done(s);
e3044e23
JS		 600}
601
356721ae 602int64_t ide_get_sector(IDEState *s)
5391d806
FB		 603{
604 int64_t sector_num;
0c7515e1 605 if (s->select & (ATA_DEV_LBA)) {
14ee9b53 606 if (s->lba48) {
7d37435b
PB		 607 sector_num = ((int64_t)s->hob_hcyl << 40) |
608 ((int64_t) s->hob_lcyl << 32) |
609 ((int64_t) s->hob_sector << 24) |
610 ((int64_t) s->hcyl << 16) |
611 ((int64_t) s->lcyl << 8) | s->sector;
14ee9b53
JS		 612 } else {
613 /* LBA28 */
0c7515e1
JS		 614 sector_num = ((s->select & (ATA_DEV_LBA_MSB)) << 24) |
615 (s->hcyl << 16) | (s->lcyl << 8) | s->sector;
7d37435b 616 }
5391d806 617 } else {
14ee9b53 618 /* CHS */
5391d806 619 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
0c7515e1 620 (s->select & (ATA_DEV_HS)) * s->sectors + (s->sector - 1);
5391d806 621 }
14ee9b53 622
5391d806
FB		 623 return sector_num;
624}
625
356721ae 626void ide_set_sector(IDEState *s, int64_t sector_num)
5391d806
FB		 627{
628 unsigned int cyl, r;
0c7515e1 629 if (s->select & (ATA_DEV_LBA)) {
14ee9b53 630 if (s->lba48) {
7d37435b
PB		 631 s->sector = sector_num;
632 s->lcyl = sector_num >> 8;
633 s->hcyl = sector_num >> 16;
634 s->hob_sector = sector_num >> 24;
635 s->hob_lcyl = sector_num >> 32;
636 s->hob_hcyl = sector_num >> 40;
14ee9b53
JS		 637 } else {
638 /* LBA28 */
0c7515e1
JS		 639 s->select = (s->select & ~(ATA_DEV_LBA_MSB)) |
640 ((sector_num >> 24) & (ATA_DEV_LBA_MSB));
14ee9b53
JS		 641 s->hcyl = (sector_num >> 16);
642 s->lcyl = (sector_num >> 8);
643 s->sector = (sector_num);
7d37435b 644 }
5391d806 645 } else {
14ee9b53 646 /* CHS */
5391d806
FB		 647 cyl = sector_num / (s->heads * s->sectors);
648 r = sector_num % (s->heads * s->sectors);
649 s->hcyl = cyl >> 8;
650 s->lcyl = cyl;
0c7515e1
JS		 651 s->select = (s->select & ~(ATA_DEV_HS)) |
652 ((r / s->sectors) & (ATA_DEV_HS));
5391d806
FB		 653 s->sector = (r % s->sectors) + 1;
654 }
655}
656
e162cfb0
AZ		 657static void ide_rw_error(IDEState *s) {
658 ide_abort_command(s);
0cfe719d 659 ide_bus_set_irq(s->bus);
e162cfb0
AZ		 660}
661
1d8c11d6
PL		 662static void ide_buffered_readv_cb(void *opaque, int ret)
663{
664 IDEBufferedRequest *req = opaque;
665 if (!req->orphaned) {
666 if (!ret) {
5bbe9325
VSO		 667 assert(req->qiov.size == req->original_qiov->size);
668 qemu_iovec_from_buf(req->original_qiov, 0,
669 req->qiov.local_iov.iov_base,
1d8c11d6
PL		 670 req->original_qiov->size);
671 }
672 req->original_cb(req->original_opaque, ret);
673 }
674 QLIST_REMOVE(req, list);
5bbe9325 675 qemu_vfree(qemu_iovec_buf(&req->qiov));
1d8c11d6
PL		 676 g_free(req);
677}
678
679#define MAX_BUFFERED_REQS 16
680
681BlockAIOCB *ide_buffered_readv(IDEState *s, int64_t sector_num,
682 QEMUIOVector *iov, int nb_sectors,
683 BlockCompletionFunc *cb, void *opaque)
684{
685 BlockAIOCB *aioreq;
686 IDEBufferedRequest *req;
687 int c = 0;
688
689 QLIST_FOREACH(req, &s->buffered_requests, list) {
690 c++;
691 }
692 if (c > MAX_BUFFERED_REQS) {
693 return blk_abort_aio_request(s->blk, cb, opaque, -EIO);
694 }
695
696 req = g_new0(IDEBufferedRequest, 1);
697 req->original_qiov = iov;
698 req->original_cb = cb;
699 req->original_opaque = opaque;
5bbe9325
VSO		 700 qemu_iovec_init_buf(&req->qiov, blk_blockalign(s->blk, iov->size),
701 iov->size);
1d8c11d6 702
d4f510eb
EB		 703 aioreq = blk_aio_preadv(s->blk, sector_num << BDRV_SECTOR_BITS,
704 &req->qiov, 0, ide_buffered_readv_cb, req);
1d8c11d6
PL		 705
706 QLIST_INSERT_HEAD(&s->buffered_requests, req, list);
707 return aioreq;
708}
709
86698a12
JS		 710/**
711 * Cancel all pending DMA requests.
712 * Any buffered DMA requests are instantly canceled,
713 * but any pending unbuffered DMA requests must be waited on.
714 */
715void ide_cancel_dma_sync(IDEState *s)
716{
717 IDEBufferedRequest *req;
718
719 /* First invoke the callbacks of all buffered requests
720 * and flag those requests as orphaned. Ideally there
721 * are no unbuffered (Scatter Gather DMA Requests or
722 * write requests) pending and we can avoid to drain. */
723 QLIST_FOREACH(req, &s->buffered_requests, list) {
724 if (!req->orphaned) {
3eee2611 725 trace_ide_cancel_dma_sync_buffered(req->original_cb, req);
86698a12
JS		 726 req->original_cb(req->original_opaque, -ECANCELED);
727 }
728 req->orphaned = true;
729 }
730
731 /*
732 * We can't cancel Scatter Gather DMA in the middle of the
733 * operation or a partial (not full) DMA transfer would reach
68b57b0d 734 * the storage so we wait for completion instead (we behave
86698a12
JS		 735 * like if the DMA was completed by the time the guest trying
736 * to cancel dma with bmdma_cmd_writeb with BM_CMD_START not
737 * set).
738 *
739 * In the future we'll be able to safely cancel the I/O if the
740 * whole DMA operation will be submitted to disk with a single
741 * aio operation with preadv/pwritev.
742 */
743 if (s->bus->dma->aiocb) {
3eee2611 744 trace_ide_cancel_dma_sync_remaining();
51f7b5b8 745 blk_drain(s->blk);
86698a12
JS		 746 assert(s->bus->dma->aiocb == NULL);
747 }
748}
749
4e2b8b4a
PB		 750static void ide_sector_read(IDEState *s);
751
bef0fd59
SH		 752static void ide_sector_read_cb(void *opaque, int ret)
753{
754 IDEState *s = opaque;
755 int n;
756
757 s->pio_aiocb = NULL;
758 s->status &= ~BUSY_STAT;
759
bef0fd59 760 if (ret != 0) {
fd648f10
PB		 761 if (ide_handle_rw_error(s, -ret, IDE_RETRY_PIO |
762 IDE_RETRY_READ)) {
bef0fd59
SH		 763 return;
764 }
765 }
766
ecca3b39
AG		 767 block_acct_done(blk_get_stats(s->blk), &s->acct);
768
bef0fd59
SH		 769 n = s->nsector;
770 if (n > s->req_nb_sectors) {
771 n = s->req_nb_sectors;
772 }
773
bef0fd59
SH		 774 ide_set_sector(s, ide_get_sector(s) + n);
775 s->nsector -= n;
dd0bf7ba
JS		 776 /* Allow the guest to read the io_buffer */
777 ide_transfer_start(s, s->io_buffer, n * BDRV_SECTOR_SIZE, ide_sector_read);
0cfe719d 778 ide_bus_set_irq(s->bus);
bef0fd59
SH		 779}
780
4e2b8b4a 781static void ide_sector_read(IDEState *s)
5391d806
FB		 782{
783 int64_t sector_num;
bef0fd59 784 int n;
5391d806
FB		 785
786 s->status = READY_STAT | SEEK_STAT;
a136e5a8 787 s->error = 0; /* not needed by IDE spec, but needed by Windows */
5391d806
FB		 788 sector_num = ide_get_sector(s);
789 n = s->nsector;
bef0fd59 790
5391d806 791 if (n == 0) {
5391d806 792 ide_transfer_stop(s);
bef0fd59
SH		 793 return;
794 }
795
796 s->status |= BUSY_STAT;
797
798 if (n > s->req_nb_sectors) {
799 n = s->req_nb_sectors;
800 }
801
3eee2611 802 trace_ide_sector_read(sector_num, n);
a597e79c 803
58ac3211
MA		 804 if (!ide_sect_range_ok(s, sector_num, n)) {
805 ide_rw_error(s);
ecca3b39 806 block_acct_invalid(blk_get_stats(s->blk), BLOCK_ACCT_READ);
58ac3211
MA		 807 return;
808 }
809
e5863d49 810 qemu_iovec_init_buf(&s->qiov, s->io_buffer, n * BDRV_SECTOR_SIZE);
bef0fd59 811
4be74634 812 block_acct_start(blk_get_stats(s->blk), &s->acct,
5366d0c8 813 n * BDRV_SECTOR_SIZE, BLOCK_ACCT_READ);
d66a8fa8
PL		 814 s->pio_aiocb = ide_buffered_readv(s, sector_num, &s->qiov, n,
815 ide_sector_read_cb, s);
5391d806
FB		 816}
817
aaeda4a3 818void dma_buf_commit(IDEState *s, uint32_t tx_bytes)
7aea4412 819{
659142ec
JS		 820 if (s->bus->dma->ops->commit_buf) {
821 s->bus->dma->ops->commit_buf(s->bus->dma, tx_bytes);
822 }
aaeda4a3 823 s->io_buffer_offset += tx_bytes;
1fb8648d 824 qemu_sglist_destroy(&s->sg);
7aea4412
AL		 825}
826
0e7ce54c 827void ide_set_inactive(IDEState *s, bool more)
8337606d 828{
40a6238a 829 s->bus->dma->aiocb = NULL;
0eeee07e 830 ide_clear_retry(s);
829b933b 831 if (s->bus->dma->ops->set_inactive) {
0e7ce54c 832 s->bus->dma->ops->set_inactive(s->bus->dma, more);
829b933b 833 }
c7e73adb 834 ide_cmd_done(s);
8337606d
KW		 835}
836
356721ae 837void ide_dma_error(IDEState *s)
e162cfb0 838{
659142ec 839 dma_buf_commit(s, 0);
08ee9e33 840 ide_abort_command(s);
0e7ce54c 841 ide_set_inactive(s, false);
0cfe719d 842 ide_bus_set_irq(s->bus);
e162cfb0
AZ		 843}
844
502356ee 845int ide_handle_rw_error(IDEState *s, int error, int op)
428c5705 846{
fd648f10 847 bool is_read = (op & IDE_RETRY_READ) != 0;
4be74634 848 BlockErrorAction action = blk_get_error_action(s->blk, is_read, error);
428c5705 849
a589569f 850 if (action == BLOCK_ERROR_ACTION_STOP) {
a96cb236 851 assert(s->bus->retry_unit == s->unit);
def93791 852 s->bus->error_status = op;
a589569f 853 } else if (action == BLOCK_ERROR_ACTION_REPORT) {
ecca3b39 854 block_acct_failed(blk_get_stats(s->blk), &s->acct);
502356ee 855 if (IS_IDE_RETRY_DMA(op)) {
428c5705 856 ide_dma_error(s);
502356ee
PB		 857 } else if (IS_IDE_RETRY_ATAPI(op)) {
858 ide_atapi_io_error(s, -error);
7aea4412 859 } else {
428c5705 860 ide_rw_error(s);
7aea4412 861 }
428c5705 862 }
4be74634 863 blk_error_action(s->blk, action, is_read, error);
a589569f 864 return action != BLOCK_ERROR_ACTION_IGNORE;
428c5705
AL		 865}
866
4e2b8b4a 867static void ide_dma_cb(void *opaque, int ret)
98087450 868{
40a6238a 869 IDEState *s = opaque;
8ccad811
FB		 870 int n;
871 int64_t sector_num;
cbe0ed62 872 uint64_t offset;
038268e2 873 bool stay_active = false;
ed78352a 874 int32_t prep_size = 0;
8ccad811 875
caeadbc8
AN		 876 if (ret == -EINVAL) {
877 ide_dma_error(s);
878 return;
879 }
880
e162cfb0 881 if (ret < 0) {
218fd37c 882 if (ide_handle_rw_error(s, -ret, ide_dma_cmd_to_retry(s->dma_cmd))) {
87ac25fd 883 s->bus->dma->aiocb = NULL;
5839df7b 884 dma_buf_commit(s, 0);
ce4b6522
KW		 885 return;
886 }
e162cfb0
AZ		 887 }
888
ed78352a
AP		 889 if (s->io_buffer_size > s->nsector * 512) {
890 /*
891 * The PRDs were longer than needed for this request.
892 * The Active bit must remain set after the request completes.
893 */
038268e2
KW		 894 n = s->nsector;
895 stay_active = true;
ed78352a
AP		 896 } else {
897 n = s->io_buffer_size >> 9;
038268e2
KW		 898 }
899
8ccad811
FB		 900 sector_num = ide_get_sector(s);
901 if (n > 0) {
a718978e
JS		 902 assert(n * 512 == s->sg.size);
903 dma_buf_commit(s, s->sg.size);
8ccad811
FB		 904 sector_num += n;
905 ide_set_sector(s, sector_num);
906 s->nsector -= n;
8ccad811
FB		 907 }
908
909 /* end of transfer ? */
910 if (s->nsector == 0) {
98087450 911 s->status = READY_STAT | SEEK_STAT;
0cfe719d 912 ide_bus_set_irq(s->bus);
cd369c46 913 goto eot;
98087450 914 }
8ccad811
FB		 915
916 /* launch next transfer */
917 n = s->nsector;
596bb44d 918 s->io_buffer_index = 0;
8ccad811 919 s->io_buffer_size = n * 512;
ed78352a
AP		 920 prep_size = s->bus->dma->ops->prepare_buf(s->bus->dma, s->io_buffer_size);
921 /* prepare_buf() must succeed and respect the limit */
922 assert(prep_size >= 0 && prep_size <= n * 512);
923
924 /*
925 * Now prep_size stores the number of bytes in the sglist, and
926 * s->io_buffer_size stores the number of bytes described by the PRDs.
927 */
928
929 if (prep_size < n * 512) {
930 /*
931 * The PRDs are too short for this request. Error condition!
932 * Reset the Active bit and don't raise the interrupt.
933 */
72bcca73 934 s->status = READY_STAT | SEEK_STAT;
3251bdcf 935 dma_buf_commit(s, 0);
7aea4412 936 goto eot;
69c38b8f 937 }
cd369c46 938
0e168d35 939 trace_ide_dma_cb(s, sector_num, n, IDE_DMA_CMD_str(s->dma_cmd));
cd369c46 940
d66168ed
MT		 941 if ((s->dma_cmd == IDE_DMA_READ || s->dma_cmd == IDE_DMA_WRITE) &&
942 !ide_sect_range_ok(s, sector_num, n)) {
58ac3211 943 ide_dma_error(s);
ecca3b39 944 block_acct_invalid(blk_get_stats(s->blk), s->acct.type);
58ac3211
MA		 945 return;
946 }
947
cbe0ed62 948 offset = sector_num << BDRV_SECTOR_BITS;
4e1e0051
CH		 949 switch (s->dma_cmd) {
950 case IDE_DMA_READ:
cbe0ed62 951 s->bus->dma->aiocb = dma_blk_read(s->blk, &s->sg, offset,
99868af3 952 BDRV_SECTOR_SIZE, ide_dma_cb, s);
4e1e0051
CH		 953 break;
954 case IDE_DMA_WRITE:
cbe0ed62 955 s->bus->dma->aiocb = dma_blk_write(s->blk, &s->sg, offset,
99868af3 956 BDRV_SECTOR_SIZE, ide_dma_cb, s);
4e1e0051 957 break;
d353fb72 958 case IDE_DMA_TRIM:
8a8e63eb 959 s->bus->dma->aiocb = dma_blk_io(blk_get_aio_context(s->blk),
99868af3 960 &s->sg, offset, BDRV_SECTOR_SIZE,
ef0e64a9 961 ide_issue_trim, s, ide_dma_cb, s,
4be74634 962 DMA_DIRECTION_TO_DEVICE);
d353fb72 963 break;
502356ee
PB		 964 default:
965 abort();
cd369c46 966 }
cd369c46
CH		 967 return;
968
969eot:
a597e79c 970 if (s->dma_cmd == IDE_DMA_READ || s->dma_cmd == IDE_DMA_WRITE) {
4be74634 971 block_acct_done(blk_get_stats(s->blk), &s->acct);
a597e79c 972 }
0e7ce54c 973 ide_set_inactive(s, stay_active);
98087450
FB		 974}
975
4e1e0051 976static void ide_sector_start_dma(IDEState *s, enum ide_dma_cmd dma_cmd)
98087450 977{
9da82227 978 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
98087450 979 s->io_buffer_size = 0;
4e1e0051 980 s->dma_cmd = dma_cmd;
a597e79c
CH		 981
982 switch (dma_cmd) {
983 case IDE_DMA_READ:
4be74634 984 block_acct_start(blk_get_stats(s->blk), &s->acct,
5366d0c8 985 s->nsector * BDRV_SECTOR_SIZE, BLOCK_ACCT_READ);
a597e79c
CH		 986 break;
987 case IDE_DMA_WRITE:
4be74634 988 block_acct_start(blk_get_stats(s->blk), &s->acct,
5366d0c8 989 s->nsector * BDRV_SECTOR_SIZE, BLOCK_ACCT_WRITE);
a597e79c
CH		 990 break;
991 default:
992 break;
993 }
994
4855b576
PB		 995 ide_start_dma(s, ide_dma_cb);
996}
997
097310b5 998void ide_start_dma(IDEState *s, BlockCompletionFunc *cb)
4855b576 999{
c71c06d4 1000 s->io_buffer_index = 0;
0eeee07e 1001 ide_set_retry(s);
4855b576
PB		 1002 if (s->bus->dma->ops->start_dma) {
1003 s->bus->dma->ops->start_dma(s->bus->dma, s, cb);
1004 }
98087450
FB		 1005}
1006
4e2b8b4a
PB		 1007static void ide_sector_write(IDEState *s);
1008
a09db21f
FB		 1009static void ide_sector_write_timer_cb(void *opaque)
1010{
1011 IDEState *s = opaque;
0cfe719d 1012 ide_bus_set_irq(s->bus);
a09db21f
FB		 1013}
1014
e82dabd8 1015static void ide_sector_write_cb(void *opaque, int ret)
5391d806 1016{
e82dabd8
SH		 1017 IDEState *s = opaque;
1018 int n;
a597e79c 1019
e82dabd8
SH		 1020 s->pio_aiocb = NULL;
1021 s->status &= ~BUSY_STAT;
1022
e162cfb0 1023 if (ret != 0) {
fd648f10 1024 if (ide_handle_rw_error(s, -ret, IDE_RETRY_PIO)) {
428c5705 1025 return;
e82dabd8 1026 }
e162cfb0
AZ		 1027 }
1028
ecca3b39
AG		 1029 block_acct_done(blk_get_stats(s->blk), &s->acct);
1030
e82dabd8
SH		 1031 n = s->nsector;
1032 if (n > s->req_nb_sectors) {
1033 n = s->req_nb_sectors;
1034 }
5391d806 1035 s->nsector -= n;
36334faf 1036
6aff22c0 1037 ide_set_sector(s, ide_get_sector(s) + n);
5391d806 1038 if (s->nsector == 0) {
292eef5a 1039 /* no more sectors to write */
5391d806
FB		 1040 ide_transfer_stop(s);
1041 } else {
e82dabd8
SH		 1042 int n1 = s->nsector;
1043 if (n1 > s->req_nb_sectors) {
5391d806 1044 n1 = s->req_nb_sectors;
e82dabd8
SH		 1045 }
1046 ide_transfer_start(s, s->io_buffer, n1 * BDRV_SECTOR_SIZE,
1047 ide_sector_write);
5391d806 1048 }
3b46e624 1049
31c2a146
TS		 1050 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
1051 /* It seems there is a bug in the Windows 2000 installer HDD
1052 IDE driver which fills the disk with empty logs when the
1053 IDE write IRQ comes too early. This hack tries to correct
1054 that at the expense of slower write performances. Use this
1055 option _only_ to install Windows 2000. You must disable it
1056 for normal use. */
73bcb24d
RS		 1057 timer_mod(s->sector_write_timer, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) +
1058 (NANOSECONDS_PER_SECOND / 1000));
f7736b91 1059 } else {
0cfe719d 1060 ide_bus_set_irq(s->bus);
31c2a146 1061 }
5391d806
FB		 1062}
1063
4e2b8b4a 1064static void ide_sector_write(IDEState *s)
e82dabd8
SH		 1065{
1066 int64_t sector_num;
1067 int n;
1068
1069 s->status = READY_STAT | SEEK_STAT | BUSY_STAT;
1070 sector_num = ide_get_sector(s);
3eee2611 1071
e82dabd8
SH		 1072 n = s->nsector;
1073 if (n > s->req_nb_sectors) {
1074 n = s->req_nb_sectors;
1075 }
1076
3eee2611
JS		 1077 trace_ide_sector_write(sector_num, n);
1078
58ac3211
MA		 1079 if (!ide_sect_range_ok(s, sector_num, n)) {
1080 ide_rw_error(s);
ecca3b39 1081 block_acct_invalid(blk_get_stats(s->blk), BLOCK_ACCT_WRITE);
58ac3211
MA		 1082 return;
1083 }
1084
e5863d49 1085 qemu_iovec_init_buf(&s->qiov, s->io_buffer, n * BDRV_SECTOR_SIZE);
e82dabd8 1086
4be74634 1087 block_acct_start(blk_get_stats(s->blk), &s->acct,
c618f331 1088 n * BDRV_SECTOR_SIZE, BLOCK_ACCT_WRITE);
d4f510eb
EB		 1089 s->pio_aiocb = blk_aio_pwritev(s->blk, sector_num << BDRV_SECTOR_BITS,
1090 &s->qiov, 0, ide_sector_write_cb, s);
e82dabd8
SH		 1091}
1092
b0484ae4
CH		 1093static void ide_flush_cb(void *opaque, int ret)
1094{
1095 IDEState *s = opaque;
1096
69f72a22
PB		 1097 s->pio_aiocb = NULL;
1098
e2bcadad
KW		 1099 if (ret < 0) {
1100 /* XXX: What sector number to set here? */
fd648f10 1101 if (ide_handle_rw_error(s, -ret, IDE_RETRY_FLUSH)) {
e2bcadad
KW		 1102 return;
1103 }
1104 }
b0484ae4 1105
4be74634
MA		 1106 if (s->blk) {
1107 block_acct_done(blk_get_stats(s->blk), &s->acct);
f7f3ff1d 1108 }
b0484ae4 1109 s->status = READY_STAT | SEEK_STAT;
c7e73adb 1110 ide_cmd_done(s);
0cfe719d 1111 ide_bus_set_irq(s->bus);
b0484ae4
CH		 1112}
1113
4e2b8b4a 1114static void ide_flush_cache(IDEState *s)
6bcb1a79 1115{
4be74634 1116 if (s->blk == NULL) {
6bcb1a79 1117 ide_flush_cb(s, 0);
b2df7531
KW		 1118 return;
1119 }
1120
f68ec837 1121 s->status |= BUSY_STAT;
35f78ab4 1122 ide_set_retry(s);
4be74634 1123 block_acct_start(blk_get_stats(s->blk), &s->acct, 0, BLOCK_ACCT_FLUSH);
13471a40 1124 s->pio_aiocb = blk_aio_flush(s->blk, ide_flush_cb, s);
6bcb1a79
KW		 1125}
1126
201a51fc
AZ		 1127static void ide_cfata_metadata_inquiry(IDEState *s)
1128{
1129 uint16_t *p;
1130 uint32_t spd;
1131
1132 p = (uint16_t *) s->io_buffer;
1133 memset(p, 0, 0x200);
1134 spd = ((s->mdata_size - 1) >> 9) + 1;
1135
0030b244
YF		 1136 put_le16(p + 0, 0x0001); /* Data format revision */
1137 put_le16(p + 1, 0x0000); /* Media property: silicon */
1138 put_le16(p + 2, s->media_changed); /* Media status */
1139 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
1140 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
1141 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
1142 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
201a51fc
AZ		 1143}
1144
1145static void ide_cfata_metadata_read(IDEState *s)
1146{
1147 uint16_t *p;
1148
1149 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1150 s->status = ERR_STAT;
1151 s->error = ABRT_ERR;
1152 return;
1153 }
1154
1155 p = (uint16_t *) s->io_buffer;
1156 memset(p, 0, 0x200);
1157
0030b244 1158 put_le16(p + 0, s->media_changed); /* Media status */
201a51fc
AZ		 1159 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1160 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1161 s->nsector << 9), 0x200 - 2));
1162}
1163
1164static void ide_cfata_metadata_write(IDEState *s)
1165{
1166 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1167 s->status = ERR_STAT;
1168 s->error = ABRT_ERR;
1169 return;
1170 }
1171
1172 s->media_changed = 0;
1173
1174 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1175 s->io_buffer + 2,
1176 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1177 s->nsector << 9), 0x200 - 2));
1178}
1179
bd491d6a 1180/* called when the inserted state of the media has changed */
39829a01 1181static void ide_cd_change_cb(void *opaque, bool load, Error **errp)
bd491d6a
TS		 1182{
1183 IDEState *s = opaque;
96b8f136 1184 uint64_t nb_sectors;
bd491d6a 1185
25ad22bc 1186 s->tray_open = !load;
4be74634 1187 blk_get_geometry(s->blk, &nb_sectors);
bd491d6a 1188 s->nb_sectors = nb_sectors;
9118e7f0 1189
4b9b7092
AS		 1190 /*
1191 * First indicate to the guest that a CD has been removed. That's
1192 * done on the next command the guest sends us.
1193 *
67cc61e4 1194 * Then we set UNIT_ATTENTION, by which the guest will
4b9b7092
AS		 1195 * detect a new CD in the drive. See ide_atapi_cmd() for details.
1196 */
93c8cfd9 1197 s->cdrom_changed = 1;
996faf1a 1198 s->events.new_media = true;
2df0a3a3 1199 s->events.eject_request = false;
0cfe719d 1200 ide_bus_set_irq(s->bus);
2df0a3a3
PB		 1201}
1202
1203static void ide_cd_eject_request_cb(void *opaque, bool force)
1204{
1205 IDEState *s = opaque;
1206
1207 s->events.eject_request = true;
1208 if (force) {
1209 s->tray_locked = false;
1210 }
0cfe719d 1211 ide_bus_set_irq(s->bus);
bd491d6a
TS		 1212}
1213
c2ff060f
FB		 1214static void ide_cmd_lba48_transform(IDEState *s, int lba48)
1215{
1216 s->lba48 = lba48;
1217
1218 /* handle the 'magic' 0 nsector count conversion here. to avoid
1219 * fiddling with the rest of the read logic, we just store the
1220 * full sector count in ->nsector and ignore ->hob_nsector from now
1221 */
1222 if (!s->lba48) {
7d37435b
PB		 1223 if (!s->nsector)
1224 s->nsector = 256;
c2ff060f 1225 } else {
7d37435b
PB		 1226 if (!s->nsector && !s->hob_nsector)
1227 s->nsector = 65536;
1228 else {
1229 int lo = s->nsector;
1230 int hi = s->hob_nsector;
c2ff060f 1231
7d37435b
PB		 1232 s->nsector = (hi << 8) | lo;
1233 }
c2ff060f
FB		 1234 }
1235}
1236
bcbdc4d3 1237static void ide_clear_hob(IDEBus *bus)
c2ff060f
FB		 1238{
1239 /* any write clears HOB high bit of device control register */
be8c9423 1240 bus->cmd &= ~(IDE_CTRL_HOB);
c2ff060f
FB		 1241}
1242
335ca2f2
JS		 1243/* IOport [W]rite [R]egisters */
1244enum ATA_IOPORT_WR {
1245 ATA_IOPORT_WR_DATA = 0,
1246 ATA_IOPORT_WR_FEATURES = 1,
1247 ATA_IOPORT_WR_SECTOR_COUNT = 2,
1248 ATA_IOPORT_WR_SECTOR_NUMBER = 3,
1249 ATA_IOPORT_WR_CYLINDER_LOW = 4,
1250 ATA_IOPORT_WR_CYLINDER_HIGH = 5,
1251 ATA_IOPORT_WR_DEVICE_HEAD = 6,
1252 ATA_IOPORT_WR_COMMAND = 7,
1253 ATA_IOPORT_WR_NUM_REGISTERS,
1254};
1255
1256const char *ATA_IOPORT_WR_lookup[ATA_IOPORT_WR_NUM_REGISTERS] = {
1257 [ATA_IOPORT_WR_DATA] = "Data",
1258 [ATA_IOPORT_WR_FEATURES] = "Features",
1259 [ATA_IOPORT_WR_SECTOR_COUNT] = "Sector Count",
1260 [ATA_IOPORT_WR_SECTOR_NUMBER] = "Sector Number",
1261 [ATA_IOPORT_WR_CYLINDER_LOW] = "Cylinder Low",
1262 [ATA_IOPORT_WR_CYLINDER_HIGH] = "Cylinder High",
1263 [ATA_IOPORT_WR_DEVICE_HEAD] = "Device/Head",
1264 [ATA_IOPORT_WR_COMMAND] = "Command"
1265};
1266
356721ae 1267void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
caed8802 1268{
bcbdc4d3 1269 IDEBus *bus = opaque;
2c50207f 1270 IDEState *s = ide_bus_active_if(bus);
3eee2611 1271 int reg_num = addr & 7;
5391d806 1272
335ca2f2 1273 trace_ide_ioport_write(addr, ATA_IOPORT_WR_lookup[reg_num], val, bus, s);
fcdd25ab
AL		 1274
1275 /* ignore writes to command block while busy with previous command */
3eee2611 1276 if (reg_num != 7 && (s->status & (BUSY_STAT|DRQ_STAT))) {
fcdd25ab 1277 return;
3eee2611 1278 }
fcdd25ab 1279
be8c9423
JS		 1280 /* NOTE: Device0 and Device1 both receive incoming register writes.
1281 * (They're on the same bus! They have to!) */
1282
3eee2611 1283 switch (reg_num) {
5391d806
FB		 1284 case 0:
1285 break;
335ca2f2
JS		 1286 case ATA_IOPORT_WR_FEATURES:
1287 ide_clear_hob(bus);
335ca2f2
JS		 1288 bus->ifs[0].hob_feature = bus->ifs[0].feature;
1289 bus->ifs[1].hob_feature = bus->ifs[1].feature;
bcbdc4d3
GH		 1290 bus->ifs[0].feature = val;
1291 bus->ifs[1].feature = val;
5391d806 1292 break;
335ca2f2 1293 case ATA_IOPORT_WR_SECTOR_COUNT:
7d37435b
PB		 1294 ide_clear_hob(bus);
1295 bus->ifs[0].hob_nsector = bus->ifs[0].nsector;
1296 bus->ifs[1].hob_nsector = bus->ifs[1].nsector;
bcbdc4d3
GH		 1297 bus->ifs[0].nsector = val;
1298 bus->ifs[1].nsector = val;
5391d806 1299 break;
335ca2f2 1300 case ATA_IOPORT_WR_SECTOR_NUMBER:
7d37435b
PB		 1301 ide_clear_hob(bus);
1302 bus->ifs[0].hob_sector = bus->ifs[0].sector;
1303 bus->ifs[1].hob_sector = bus->ifs[1].sector;
bcbdc4d3
GH		 1304 bus->ifs[0].sector = val;
1305 bus->ifs[1].sector = val;
5391d806 1306 break;
335ca2f2 1307 case ATA_IOPORT_WR_CYLINDER_LOW:
7d37435b
PB		 1308 ide_clear_hob(bus);
1309 bus->ifs[0].hob_lcyl = bus->ifs[0].lcyl;
1310 bus->ifs[1].hob_lcyl = bus->ifs[1].lcyl;
bcbdc4d3
GH		 1311 bus->ifs[0].lcyl = val;
1312 bus->ifs[1].lcyl = val;
5391d806 1313 break;
335ca2f2 1314 case ATA_IOPORT_WR_CYLINDER_HIGH:
7d37435b
PB		 1315 ide_clear_hob(bus);
1316 bus->ifs[0].hob_hcyl = bus->ifs[0].hcyl;
1317 bus->ifs[1].hob_hcyl = bus->ifs[1].hcyl;
bcbdc4d3
GH		 1318 bus->ifs[0].hcyl = val;
1319 bus->ifs[1].hcyl = val;
5391d806 1320 break;
335ca2f2 1321 case ATA_IOPORT_WR_DEVICE_HEAD:
be8c9423 1322 ide_clear_hob(bus);
0c7515e1
JS		 1323 bus->ifs[0].select = val | (ATA_DEV_ALWAYS_ON);
1324 bus->ifs[1].select = val | (ATA_DEV_ALWAYS_ON);
5391d806 1325 /* select drive */
0c7515e1 1326 bus->unit = (val & (ATA_DEV_SELECT)) ? 1 : 0;
5391d806
FB		 1327 break;
1328 default:
335ca2f2 1329 case ATA_IOPORT_WR_COMMAND:
be8c9423 1330 ide_clear_hob(bus);
6f52e69f 1331 qemu_irq_lower(bus->irq);
783f4474 1332 ide_bus_exec_cmd(bus, val);
7cff87ff
AG		 1333 break;
1334 }
1335}
1336
4590355b
JS		 1337static void ide_reset(IDEState *s)
1338{
3eee2611 1339 trace_ide_reset(s);
4590355b
JS		 1340
1341 if (s->pio_aiocb) {
1342 blk_aio_cancel(s->pio_aiocb);
1343 s->pio_aiocb = NULL;
1344 }
1345
176e4961
LK		 1346 if (s->reset_reverts) {
1347 s->reset_reverts = false;
1348 s->heads = s->drive_heads;
1349 s->sectors = s->drive_sectors;
1350 }
4590355b
JS		 1351 if (s->drive_kind == IDE_CFATA)
1352 s->mult_sectors = 0;
1353 else
1354 s->mult_sectors = MAX_MULT_SECTORS;
1355 /* ide regs */
1356 s->feature = 0;
1357 s->error = 0;
1358 s->nsector = 0;
1359 s->sector = 0;
1360 s->lcyl = 0;
1361 s->hcyl = 0;
1362
1363 /* lba48 */
1364 s->hob_feature = 0;
1365 s->hob_sector = 0;
1366 s->hob_nsector = 0;
1367 s->hob_lcyl = 0;
1368 s->hob_hcyl = 0;
1369
0c7515e1 1370 s->select = (ATA_DEV_ALWAYS_ON);
4590355b
JS		 1371 s->status = READY_STAT | SEEK_STAT;
1372
1373 s->lba48 = 0;
1374
1375 /* ATAPI specific */
1376 s->sense_key = 0;
1377 s->asc = 0;
1378 s->cdrom_changed = 0;
1379 s->packet_transfer_size = 0;
1380 s->elementary_transfer_size = 0;
1381 s->io_buffer_index = 0;
1382 s->cd_sector_size = 0;
1383 s->atapi_dma = 0;
1384 s->tray_locked = 0;
1385 s->tray_open = 0;
1386 /* ATA DMA state */
1387 s->io_buffer_size = 0;
1388 s->req_nb_sectors = 0;
1389
1390 ide_set_signature(s);
1391 /* init the transfer handler so that 0xffff is returned on data
1392 accesses */
1393 s->end_transfer_func = ide_dummy_transfer_stop;
1394 ide_dummy_transfer_stop(s);
1395 s->media_changed = 0;
1396}
1397
b300337e
KW		 1398static bool cmd_nop(IDEState *s, uint8_t cmd)
1399{
1400 return true;
1401}
1402
f34ae00d
JS		 1403static bool cmd_device_reset(IDEState *s, uint8_t cmd)
1404{
1405 /* Halt PIO (in the DRQ phase), then DMA */
882941a5 1406 ide_transfer_halt(s);
f34ae00d
JS		 1407 ide_cancel_dma_sync(s);
1408
1409 /* Reset any PIO commands, reset signature, etc */
1410 ide_reset(s);
1411
1412 /* RESET: ATA8-ACS3 7.10.4 "Normal Outputs";
1413 * ATA8-ACS3 Table 184 "Device Signatures for Normal Output" */
1414 s->status = 0x00;
1415
1416 /* Do not overwrite status register */
1417 return false;
1418}
1419
4286434c
KW		 1420static bool cmd_data_set_management(IDEState *s, uint8_t cmd)
1421{
1422 switch (s->feature) {
1423 case DSM_TRIM:
4be74634 1424 if (s->blk) {
4286434c
KW		 1425 ide_sector_start_dma(s, IDE_DMA_TRIM);
1426 return false;
1427 }
1428 break;
1429 }
1430
1431 ide_abort_command(s);
1432 return true;
1433}
1434
1c66869a
KW		 1435static bool cmd_identify(IDEState *s, uint8_t cmd)
1436{
4be74634 1437 if (s->blk && s->drive_kind != IDE_CD) {
1c66869a
KW		 1438 if (s->drive_kind != IDE_CFATA) {
1439 ide_identify(s);
1440 } else {
1441 ide_cfata_identify(s);
1442 }
1443 s->status = READY_STAT | SEEK_STAT;
1444 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
0cfe719d 1445 ide_bus_set_irq(s->bus);
1c66869a
KW		 1446 return false;
1447 } else {
1448 if (s->drive_kind == IDE_CD) {
1449 ide_set_signature(s);
1450 }
1451 ide_abort_command(s);
1452 }
1453
1454 return true;
1455}
1456
413860cf
KW		 1457static bool cmd_verify(IDEState *s, uint8_t cmd)
1458{
1459 bool lba48 = (cmd == WIN_VERIFY_EXT);
1460
1461 /* do sector number check ? */
1462 ide_cmd_lba48_transform(s, lba48);
1463
1464 return true;
1465}
1466
adf3a2c4
KW		 1467static bool cmd_set_multiple_mode(IDEState *s, uint8_t cmd)
1468{
1469 if (s->drive_kind == IDE_CFATA && s->nsector == 0) {
1470 /* Disable Read and Write Multiple */
1471 s->mult_sectors = 0;
1472 } else if ((s->nsector & 0xff) != 0 &&
1473 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
1474 (s->nsector & (s->nsector - 1)) != 0)) {
1475 ide_abort_command(s);
1476 } else {
1477 s->mult_sectors = s->nsector & 0xff;
1478 }
1479
1480 return true;
1481}
1482
1483static bool cmd_read_multiple(IDEState *s, uint8_t cmd)
1484{
1485 bool lba48 = (cmd == WIN_MULTREAD_EXT);
1486
4be74634 1487 if (!s->blk || !s->mult_sectors) {
adf3a2c4
KW		 1488 ide_abort_command(s);
1489 return true;
1490 }
1491
1492 ide_cmd_lba48_transform(s, lba48);
1493 s->req_nb_sectors = s->mult_sectors;
1494 ide_sector_read(s);
1495 return false;
1496}
1497
1498static bool cmd_write_multiple(IDEState *s, uint8_t cmd)
1499{
1500 bool lba48 = (cmd == WIN_MULTWRITE_EXT);
1501 int n;
1502
4be74634 1503 if (!s->blk || !s->mult_sectors) {
adf3a2c4
KW		 1504 ide_abort_command(s);
1505 return true;
1506 }
1507
1508 ide_cmd_lba48_transform(s, lba48);
1509
1510 s->req_nb_sectors = s->mult_sectors;
1511 n = MIN(s->nsector, s->req_nb_sectors);
1512
1513 s->status = SEEK_STAT | READY_STAT;
1514 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1515
1516 s->media_changed = 1;
1517
1518 return false;
1519}
1520
0e6498ed
KW		 1521static bool cmd_read_pio(IDEState *s, uint8_t cmd)
1522{
1523 bool lba48 = (cmd == WIN_READ_EXT);
1524
1525 if (s->drive_kind == IDE_CD) {
1526 ide_set_signature(s); /* odd, but ATA4 8.27.5.2 requires it */
1527 ide_abort_command(s);
1528 return true;
1529 }
1530
4be74634 1531 if (!s->blk) {
0e6498ed
KW		 1532 ide_abort_command(s);
1533 return true;
1534 }
1535
1536 ide_cmd_lba48_transform(s, lba48);
1537 s->req_nb_sectors = 1;
1538 ide_sector_read(s);
1539
1540 return false;
1541}
1542
1543static bool cmd_write_pio(IDEState *s, uint8_t cmd)
1544{
1545 bool lba48 = (cmd == WIN_WRITE_EXT);
1546
4be74634 1547 if (!s->blk) {
0e6498ed
KW		 1548 ide_abort_command(s);
1549 return true;
1550 }
1551
1552 ide_cmd_lba48_transform(s, lba48);
1553
1554 s->req_nb_sectors = 1;
1555 s->status = SEEK_STAT | READY_STAT;
1556 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1557
1558 s->media_changed = 1;
1559
1560 return false;
1561}
1562
92a6a6f6
KW		 1563static bool cmd_read_dma(IDEState *s, uint8_t cmd)
1564{
1565 bool lba48 = (cmd == WIN_READDMA_EXT);
1566
4be74634 1567 if (!s->blk) {
92a6a6f6
KW		 1568 ide_abort_command(s);
1569 return true;
1570 }
1571
1572 ide_cmd_lba48_transform(s, lba48);
1573 ide_sector_start_dma(s, IDE_DMA_READ);
1574
1575 return false;
1576}
1577
1578static bool cmd_write_dma(IDEState *s, uint8_t cmd)
1579{
1580 bool lba48 = (cmd == WIN_WRITEDMA_EXT);
1581
4be74634 1582 if (!s->blk) {
92a6a6f6
KW		 1583 ide_abort_command(s);
1584 return true;
1585 }
1586
1587 ide_cmd_lba48_transform(s, lba48);
1588 ide_sector_start_dma(s, IDE_DMA_WRITE);
1589
1590 s->media_changed = 1;
1591
1592 return false;
1593}
1594
9afce429
KW		 1595static bool cmd_flush_cache(IDEState *s, uint8_t cmd)
1596{
1597 ide_flush_cache(s);
1598 return false;
1599}
1600
61fdda37
KW		 1601static bool cmd_seek(IDEState *s, uint8_t cmd)
1602{
1603 /* XXX: Check that seek is within bounds */
1604 return true;
1605}
1606
63a82e6a
KW		 1607static bool cmd_read_native_max(IDEState *s, uint8_t cmd)
1608{
1609 bool lba48 = (cmd == WIN_READ_NATIVE_MAX_EXT);
1610
1611 /* Refuse if no sectors are addressable (e.g. medium not inserted) */
1612 if (s->nb_sectors == 0) {
1613 ide_abort_command(s);
1614 return true;
1615 }
1616
1617 ide_cmd_lba48_transform(s, lba48);
1618 ide_set_sector(s, s->nb_sectors - 1);
1619
1620 return true;
1621}
1622
785f6320
KW		 1623static bool cmd_check_power_mode(IDEState *s, uint8_t cmd)
1624{
1625 s->nsector = 0xff; /* device active or idle */
1626 return true;
1627}
1628
176e4961
LK		 1629/* INITIALIZE DEVICE PARAMETERS */
1630static bool cmd_specify(IDEState *s, uint8_t cmd)
1631{
1632 if (s->blk && s->drive_kind != IDE_CD) {
1633 s->heads = (s->select & (ATA_DEV_HS)) + 1;
1634 s->sectors = s->nsector;
0cfe719d 1635 ide_bus_set_irq(s->bus);
176e4961
LK		 1636 } else {
1637 ide_abort_command(s);
1638 }
1639
1640 return true;
1641}
1642
ee03398c
KW		 1643static bool cmd_set_features(IDEState *s, uint8_t cmd)
1644{
1645 uint16_t *identify_data;
1646
4be74634 1647 if (!s->blk) {
ee03398c
KW		 1648 ide_abort_command(s);
1649 return true;
1650 }
1651
1652 /* XXX: valid for CDROM ? */
1653 switch (s->feature) {
1ea17d22
LR		 1654 case 0x01: /* 8-bit I/O enable (CompactFlash) */
1655 case 0x81: /* 8-bit I/O disable (CompactFlash) */
1656 if (s->drive_kind != IDE_CFATA) {
1657 goto abort_cmd;
1658 }
1659 s->io8 = !(s->feature & 0x80);
1660 return true;
ee03398c 1661 case 0x02: /* write cache enable */
4be74634 1662 blk_set_enable_write_cache(s->blk, true);
ee03398c
KW		 1663 identify_data = (uint16_t *)s->identify_data;
1664 put_le16(identify_data + 85, (1 << 14) | (1 << 5) | 1);
1665 return true;
1666 case 0x82: /* write cache disable */
4be74634 1667 blk_set_enable_write_cache(s->blk, false);
ee03398c
KW		 1668 identify_data = (uint16_t *)s->identify_data;
1669 put_le16(identify_data + 85, (1 << 14) | 1);
1670 ide_flush_cache(s);
1671 return false;
1672 case 0xcc: /* reverting to power-on defaults enable */
176e4961
LK		 1673 s->reset_reverts = true;
1674 return true;
ee03398c 1675 case 0x66: /* reverting to power-on defaults disable */
176e4961
LK		 1676 s->reset_reverts = false;
1677 return true;
ee03398c
KW		 1678 case 0xaa: /* read look-ahead enable */
1679 case 0x55: /* read look-ahead disable */
1680 case 0x05: /* set advanced power management mode */
1681 case 0x85: /* disable advanced power management mode */
1682 case 0x69: /* NOP */
1683 case 0x67: /* NOP */
1684 case 0x96: /* NOP */
1685 case 0x9a: /* NOP */
1686 case 0x42: /* enable Automatic Acoustic Mode */
1687 case 0xc2: /* disable Automatic Acoustic Mode */
1688 return true;
1689 case 0x03: /* set transfer mode */
1690 {
1691 uint8_t val = s->nsector & 0x07;
1692 identify_data = (uint16_t *)s->identify_data;
1693
1694 switch (s->nsector >> 3) {
1695 case 0x00: /* pio default */
1696 case 0x01: /* pio mode */
1697 put_le16(identify_data + 62, 0x07);
1698 put_le16(identify_data + 63, 0x07);
1699 put_le16(identify_data + 88, 0x3f);
1700 break;
1701 case 0x02: /* sigle word dma mode*/
1702 put_le16(identify_data + 62, 0x07 | (1 << (val + 8)));
1703 put_le16(identify_data + 63, 0x07);
1704 put_le16(identify_data + 88, 0x3f);
1705 break;
1706 case 0x04: /* mdma mode */
1707 put_le16(identify_data + 62, 0x07);
1708 put_le16(identify_data + 63, 0x07 | (1 << (val + 8)));
1709 put_le16(identify_data + 88, 0x3f);
1710 break;
1711 case 0x08: /* udma mode */
1712 put_le16(identify_data + 62, 0x07);
1713 put_le16(identify_data + 63, 0x07);
1714 put_le16(identify_data + 88, 0x3f | (1 << (val + 8)));
1715 break;
1716 default:
1717 goto abort_cmd;
1718 }
1719 return true;
1720 }
1721 }
1722
1723abort_cmd:
1724 ide_abort_command(s);
1725 return true;
1726}
1727
ee425c78
KW		 1728
1729/*** ATAPI commands ***/
1730
1731static bool cmd_identify_packet(IDEState *s, uint8_t cmd)
1732{
1733 ide_atapi_identify(s);
1734 s->status = READY_STAT | SEEK_STAT;
1735 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
0cfe719d 1736 ide_bus_set_irq(s->bus);
ee425c78
KW		 1737 return false;
1738}
1739
3195c9e6 1740/* EXECUTE DEVICE DIAGNOSTIC */
ee425c78
KW		 1741static bool cmd_exec_dev_diagnostic(IDEState *s, uint8_t cmd)
1742{
3195c9e6
LK		 1743 /*
1744 * Clear the device register per the ATA (v6) specification,
1745 * because ide_set_signature does not clear LBA or drive bits.
1746 */
1747 s->select = (ATA_DEV_ALWAYS_ON);
ee425c78
KW		 1748 ide_set_signature(s);
1749
1750 if (s->drive_kind == IDE_CD) {
1751 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet
1752 * devices to return a clear status register
1753 * with READY_STAT *not* set. */
850484a2 1754 s->error = 0x01;
ee425c78
KW		 1755 } else {
1756 s->status = READY_STAT | SEEK_STAT;
1757 /* The bits of the error register are not as usual for this command!
1758 * They are part of the regular output (this is why ERR_STAT isn't set)
1759 * Device 0 passed, Device 1 passed or not present. */
1760 s->error = 0x01;
0cfe719d 1761 ide_bus_set_irq(s->bus);
ee425c78
KW		 1762 }
1763
1764 return false;
1765}
1766
ee425c78
KW		 1767static bool cmd_packet(IDEState *s, uint8_t cmd)
1768{
1769 /* overlapping commands not supported */
1770 if (s->feature & 0x02) {
1771 ide_abort_command(s);
1772 return true;
1773 }
1774
1775 s->status = READY_STAT | SEEK_STAT;
1776 s->atapi_dma = s->feature & 1;
502356ee
PB		 1777 if (s->atapi_dma) {
1778 s->dma_cmd = IDE_DMA_ATAPI;
1779 }
ee425c78
KW		 1780 s->nsector = 1;
1781 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
1782 ide_atapi_cmd);
1783 return false;
1784}
1785
6b1dd744
KW		 1786
1787/*** CF-ATA commands ***/
1788
1789static bool cmd_cfa_req_ext_error_code(IDEState *s, uint8_t cmd)
1790{
1791 s->error = 0x09; /* miscellaneous error */
1792 s->status = READY_STAT | SEEK_STAT;
0cfe719d 1793 ide_bus_set_irq(s->bus);
6b1dd744
KW		 1794
1795 return false;
1796}
1797
1798static bool cmd_cfa_erase_sectors(IDEState *s, uint8_t cmd)
1799{
1800 /* WIN_SECURITY_FREEZE_LOCK has the same ID as CFA_WEAR_LEVEL and is
1801 * required for Windows 8 to work with AHCI */
1802
1803 if (cmd == CFA_WEAR_LEVEL) {
1804 s->nsector = 0;
1805 }
1806
1807 if (cmd == CFA_ERASE_SECTORS) {
1808 s->media_changed = 1;
1809 }
1810
1811 return true;
1812}
1813
1814static bool cmd_cfa_translate_sector(IDEState *s, uint8_t cmd)
1815{
1816 s->status = READY_STAT | SEEK_STAT;
1817
1818 memset(s->io_buffer, 0, 0x200);
1819 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
1820 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
1821 s->io_buffer[0x02] = s->select; /* Head */
1822 s->io_buffer[0x03] = s->sector; /* Sector */
1823 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
1824 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
1825 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
1826 s->io_buffer[0x13] = 0x00; /* Erase flag */
1827 s->io_buffer[0x18] = 0x00; /* Hot count */
1828 s->io_buffer[0x19] = 0x00; /* Hot count */
1829 s->io_buffer[0x1a] = 0x01; /* Hot count */
1830
1831 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
0cfe719d 1832 ide_bus_set_irq(s->bus);
6b1dd744
KW		 1833
1834 return false;
1835}
1836
1837static bool cmd_cfa_access_metadata_storage(IDEState *s, uint8_t cmd)
1838{
1839 switch (s->feature) {
1840 case 0x02: /* Inquiry Metadata Storage */
1841 ide_cfata_metadata_inquiry(s);
1842 break;
1843 case 0x03: /* Read Metadata Storage */
1844 ide_cfata_metadata_read(s);
1845 break;
1846 case 0x04: /* Write Metadata Storage */
1847 ide_cfata_metadata_write(s);
1848 break;
1849 default:
1850 ide_abort_command(s);
1851 return true;
1852 }
1853
1854 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
1855 s->status = 0x00; /* NOTE: READY is _not_ set */
0cfe719d 1856 ide_bus_set_irq(s->bus);
6b1dd744
KW		 1857
1858 return false;
1859}
1860
1861static bool cmd_ibm_sense_condition(IDEState *s, uint8_t cmd)
1862{
1863 switch (s->feature) {
1864 case 0x01: /* sense temperature in device */
1865 s->nsector = 0x50; /* +20 C */
1866 break;
1867 default:
1868 ide_abort_command(s);
1869 return true;
1870 }
1871
1872 return true;
1873}
1874
ff352677
KW		 1875
1876/*** SMART commands ***/
1877
1878static bool cmd_smart(IDEState *s, uint8_t cmd)
1879{
1880 int n;
1881
1882 if (s->hcyl != 0xc2 || s->lcyl != 0x4f) {
1883 goto abort_cmd;
1884 }
1885
1886 if (!s->smart_enabled && s->feature != SMART_ENABLE) {
1887 goto abort_cmd;
1888 }
1889
1890 switch (s->feature) {
1891 case SMART_DISABLE:
1892 s->smart_enabled = 0;
1893 return true;
1894
1895 case SMART_ENABLE:
1896 s->smart_enabled = 1;
1897 return true;
1898
1899 case SMART_ATTR_AUTOSAVE:
1900 switch (s->sector) {
1901 case 0x00:
1902 s->smart_autosave = 0;
1903 break;
1904 case 0xf1:
1905 s->smart_autosave = 1;
1906 break;
1907 default:
1908 goto abort_cmd;
1909 }
1910 return true;
1911
1912 case SMART_STATUS:
1913 if (!s->smart_errors) {
1914 s->hcyl = 0xc2;
1915 s->lcyl = 0x4f;
1916 } else {
1917 s->hcyl = 0x2c;
1918 s->lcyl = 0xf4;
1919 }
1920 return true;
1921
1922 case SMART_READ_THRESH:
1923 memset(s->io_buffer, 0, 0x200);
1924 s->io_buffer[0] = 0x01; /* smart struct version */
1925
1926 for (n = 0; n < ARRAY_SIZE(smart_attributes); n++) {
1927 s->io_buffer[2 + 0 + (n * 12)] = smart_attributes[n][0];
1928 s->io_buffer[2 + 1 + (n * 12)] = smart_attributes[n][11];
1929 }
1930
1931 /* checksum */
1932 for (n = 0; n < 511; n++) {
1933 s->io_buffer[511] += s->io_buffer[n];
1934 }
1935 s->io_buffer[511] = 0x100 - s->io_buffer[511];
1936
1937 s->status = READY_STAT | SEEK_STAT;
1938 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
0cfe719d 1939 ide_bus_set_irq(s->bus);
ff352677
KW		 1940 return false;
1941
1942 case SMART_READ_DATA:
1943 memset(s->io_buffer, 0, 0x200);
1944 s->io_buffer[0] = 0x01; /* smart struct version */
1945
1946 for (n = 0; n < ARRAY_SIZE(smart_attributes); n++) {
1947 int i;
1948 for (i = 0; i < 11; i++) {
1949 s->io_buffer[2 + i + (n * 12)] = smart_attributes[n][i];
1950 }
1951 }
1952
1953 s->io_buffer[362] = 0x02 | (s->smart_autosave ? 0x80 : 0x00);
1954 if (s->smart_selftest_count == 0) {
1955 s->io_buffer[363] = 0;
1956 } else {
1957 s->io_buffer[363] =
1958 s->smart_selftest_data[3 +
1959 (s->smart_selftest_count - 1) *
1960 24];
1961 }
1962 s->io_buffer[364] = 0x20;
1963 s->io_buffer[365] = 0x01;
1964 /* offline data collection capacity: execute + self-test*/
1965 s->io_buffer[367] = (1 << 4 | 1 << 3 | 1);
1966 s->io_buffer[368] = 0x03; /* smart capability (1) */
1967 s->io_buffer[369] = 0x00; /* smart capability (2) */
1968 s->io_buffer[370] = 0x01; /* error logging supported */
1969 s->io_buffer[372] = 0x02; /* minutes for poll short test */
1970 s->io_buffer[373] = 0x36; /* minutes for poll ext test */
1971 s->io_buffer[374] = 0x01; /* minutes for poll conveyance */
1972
1973 for (n = 0; n < 511; n++) {
1974 s->io_buffer[511] += s->io_buffer[n];
1975 }
1976 s->io_buffer[511] = 0x100 - s->io_buffer[511];
1977
1978 s->status = READY_STAT | SEEK_STAT;
1979 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
0cfe719d 1980 ide_bus_set_irq(s->bus);
ff352677
KW		 1981 return false;
1982
1983 case SMART_READ_LOG:
1984 switch (s->sector) {
1985 case 0x01: /* summary smart error log */
1986 memset(s->io_buffer, 0, 0x200);
1987 s->io_buffer[0] = 0x01;
1988 s->io_buffer[1] = 0x00; /* no error entries */
1989 s->io_buffer[452] = s->smart_errors & 0xff;
1990 s->io_buffer[453] = (s->smart_errors & 0xff00) >> 8;
1991
1992 for (n = 0; n < 511; n++) {
1993 s->io_buffer[511] += s->io_buffer[n];
1994 }
1995 s->io_buffer[511] = 0x100 - s->io_buffer[511];
1996 break;
1997 case 0x06: /* smart self test log */
1998 memset(s->io_buffer, 0, 0x200);
1999 s->io_buffer[0] = 0x01;
2000 if (s->smart_selftest_count == 0) {
2001 s->io_buffer[508] = 0;
2002 } else {
2003 s->io_buffer[508] = s->smart_selftest_count;
2004 for (n = 2; n < 506; n++) {
2005 s->io_buffer[n] = s->smart_selftest_data[n];
2006 }
2007 }
2008
2009 for (n = 0; n < 511; n++) {
2010 s->io_buffer[511] += s->io_buffer[n];
2011 }
2012 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2013 break;
2014 default:
2015 goto abort_cmd;
2016 }
2017 s->status = READY_STAT | SEEK_STAT;
2018 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
0cfe719d 2019 ide_bus_set_irq(s->bus);
ff352677
KW		 2020 return false;
2021
2022 case SMART_EXECUTE_OFFLINE:
2023 switch (s->sector) {
2024 case 0: /* off-line routine */
2025 case 1: /* short self test */
2026 case 2: /* extended self test */
2027 s->smart_selftest_count++;
2028 if (s->smart_selftest_count > 21) {
940973ae 2029 s->smart_selftest_count = 1;
ff352677
KW		 2030 }
2031 n = 2 + (s->smart_selftest_count - 1) * 24;
2032 s->smart_selftest_data[n] = s->sector;
2033 s->smart_selftest_data[n + 1] = 0x00; /* OK and finished */
2034 s->smart_selftest_data[n + 2] = 0x34; /* hour count lsb */
2035 s->smart_selftest_data[n + 3] = 0x12; /* hour count msb */
2036 break;
2037 default:
2038 goto abort_cmd;
2039 }
2040 return true;
2041 }
2042
2043abort_cmd:
2044 ide_abort_command(s);
2045 return true;
2046}
2047
844505b1
MA		 2048#define HD_OK (1u << IDE_HD)
2049#define CD_OK (1u << IDE_CD)
2050#define CFA_OK (1u << IDE_CFATA)
2051#define HD_CFA_OK (HD_OK | CFA_OK)
2052#define ALL_OK (HD_OK | CD_OK | CFA_OK)
2053
a0436e92
KW		 2054/* Set the Disk Seek Completed status bit during completion */
2055#define SET_DSC (1u << 8)
2056
844505b1 2057/* See ACS-2 T13/2015-D Table B.2 Command codes */
a0436e92
KW		 2058static const struct {
2059 /* Returns true if the completion code should be run */
2060 bool (*handler)(IDEState *s, uint8_t cmd);
2061 int flags;
2062} ide_cmd_table[0x100] = {
844505b1 2063 /* NOP not implemented, mandatory for CD */
6b1dd744 2064 [CFA_REQ_EXT_ERROR_CODE] = { cmd_cfa_req_ext_error_code, CFA_OK },
d9033e1d 2065 [WIN_DSM] = { cmd_data_set_management, HD_CFA_OK },
ee425c78 2066 [WIN_DEVICE_RESET] = { cmd_device_reset, CD_OK },
b300337e 2067 [WIN_RECAL] = { cmd_nop, HD_CFA_OK | SET_DSC},
0e6498ed 2068 [WIN_READ] = { cmd_read_pio, ALL_OK },
d9033e1d 2069 [WIN_READ_ONCE] = { cmd_read_pio, HD_CFA_OK },
0e6498ed 2070 [WIN_READ_EXT] = { cmd_read_pio, HD_CFA_OK },
92a6a6f6 2071 [WIN_READDMA_EXT] = { cmd_read_dma, HD_CFA_OK },
63a82e6a 2072 [WIN_READ_NATIVE_MAX_EXT] = { cmd_read_native_max, HD_CFA_OK | SET_DSC },
adf3a2c4 2073 [WIN_MULTREAD_EXT] = { cmd_read_multiple, HD_CFA_OK },
0e6498ed
KW		 2074 [WIN_WRITE] = { cmd_write_pio, HD_CFA_OK },
2075 [WIN_WRITE_ONCE] = { cmd_write_pio, HD_CFA_OK },
2076 [WIN_WRITE_EXT] = { cmd_write_pio, HD_CFA_OK },
92a6a6f6 2077 [WIN_WRITEDMA_EXT] = { cmd_write_dma, HD_CFA_OK },
0e6498ed 2078 [CFA_WRITE_SECT_WO_ERASE] = { cmd_write_pio, CFA_OK },
adf3a2c4 2079 [WIN_MULTWRITE_EXT] = { cmd_write_multiple, HD_CFA_OK },
0e6498ed 2080 [WIN_WRITE_VERIFY] = { cmd_write_pio, HD_CFA_OK },
413860cf
KW		 2081 [WIN_VERIFY] = { cmd_verify, HD_CFA_OK | SET_DSC },
2082 [WIN_VERIFY_ONCE] = { cmd_verify, HD_CFA_OK | SET_DSC },
2083 [WIN_VERIFY_EXT] = { cmd_verify, HD_CFA_OK | SET_DSC },
61fdda37 2084 [WIN_SEEK] = { cmd_seek, HD_CFA_OK | SET_DSC },
6b1dd744 2085 [CFA_TRANSLATE_SECTOR] = { cmd_cfa_translate_sector, CFA_OK },
ee425c78 2086 [WIN_DIAGNOSE] = { cmd_exec_dev_diagnostic, ALL_OK },
176e4961 2087 [WIN_SPECIFY] = { cmd_specify, HD_CFA_OK | SET_DSC },
d9033e1d
JS		 2088 [WIN_STANDBYNOW2] = { cmd_nop, HD_CFA_OK },
2089 [WIN_IDLEIMMEDIATE2] = { cmd_nop, HD_CFA_OK },
2090 [WIN_STANDBY2] = { cmd_nop, HD_CFA_OK },
2091 [WIN_SETIDLE2] = { cmd_nop, HD_CFA_OK },
2092 [WIN_CHECKPOWERMODE2] = { cmd_check_power_mode, HD_CFA_OK | SET_DSC },
2093 [WIN_SLEEPNOW2] = { cmd_nop, HD_CFA_OK },
ee425c78
KW		 2094 [WIN_PACKETCMD] = { cmd_packet, CD_OK },
2095 [WIN_PIDENTIFY] = { cmd_identify_packet, CD_OK },
ff352677 2096 [WIN_SMART] = { cmd_smart, HD_CFA_OK | SET_DSC },
6b1dd744
KW		 2097 [CFA_ACCESS_METADATA_STORAGE] = { cmd_cfa_access_metadata_storage, CFA_OK },
2098 [CFA_ERASE_SECTORS] = { cmd_cfa_erase_sectors, CFA_OK | SET_DSC },
adf3a2c4
KW		 2099 [WIN_MULTREAD] = { cmd_read_multiple, HD_CFA_OK },
2100 [WIN_MULTWRITE] = { cmd_write_multiple, HD_CFA_OK },
2101 [WIN_SETMULT] = { cmd_set_multiple_mode, HD_CFA_OK | SET_DSC },
92a6a6f6
KW		 2102 [WIN_READDMA] = { cmd_read_dma, HD_CFA_OK },
2103 [WIN_READDMA_ONCE] = { cmd_read_dma, HD_CFA_OK },
2104 [WIN_WRITEDMA] = { cmd_write_dma, HD_CFA_OK },
2105 [WIN_WRITEDMA_ONCE] = { cmd_write_dma, HD_CFA_OK },
adf3a2c4 2106 [CFA_WRITE_MULTI_WO_ERASE] = { cmd_write_multiple, CFA_OK },
d9033e1d
JS		 2107 [WIN_STANDBYNOW1] = { cmd_nop, HD_CFA_OK },
2108 [WIN_IDLEIMMEDIATE] = { cmd_nop, HD_CFA_OK },
2109 [WIN_STANDBY] = { cmd_nop, HD_CFA_OK },
2110 [WIN_SETIDLE1] = { cmd_nop, HD_CFA_OK },
2111 [WIN_CHECKPOWERMODE1] = { cmd_check_power_mode, HD_CFA_OK | SET_DSC },
2112 [WIN_SLEEPNOW1] = { cmd_nop, HD_CFA_OK },
9afce429
KW		 2113 [WIN_FLUSH_CACHE] = { cmd_flush_cache, ALL_OK },
2114 [WIN_FLUSH_CACHE_EXT] = { cmd_flush_cache, HD_CFA_OK },
1c66869a 2115 [WIN_IDENTIFY] = { cmd_identify, ALL_OK },
ee03398c 2116 [WIN_SETFEATURES] = { cmd_set_features, ALL_OK | SET_DSC },
6b1dd744
KW		 2117 [IBM_SENSE_CONDITION] = { cmd_ibm_sense_condition, CFA_OK | SET_DSC },
2118 [CFA_WEAR_LEVEL] = { cmd_cfa_erase_sectors, HD_CFA_OK | SET_DSC },
d9033e1d 2119 [WIN_READ_NATIVE_MAX] = { cmd_read_native_max, HD_CFA_OK | SET_DSC },
844505b1
MA		 2120};
2121
2122static bool ide_cmd_permitted(IDEState *s, uint32_t cmd)
2123{
2124 return cmd < ARRAY_SIZE(ide_cmd_table)
a0436e92 2125 && (ide_cmd_table[cmd].flags & (1u << s->drive_kind));
844505b1 2126}
7cff87ff 2127
783f4474 2128void ide_bus_exec_cmd(IDEBus *bus, uint32_t val)
7cff87ff
AG		 2129{
2130 IDEState *s;
dfe1ea8f 2131 bool complete;
7cff87ff 2132
2c50207f 2133 s = ide_bus_active_if(bus);
783f4474 2134 trace_ide_bus_exec_cmd(bus, s, val);
3eee2611 2135
66a0a2cb 2136 /* ignore commands to non existent slave */
4be74634 2137 if (s != bus->ifs && !s->blk) {
6ef2ba5e 2138 return;
4be74634 2139 }
c2ff060f 2140
266e7781
JS		 2141 /* Only RESET is allowed while BSY and/or DRQ are set,
2142 * and only to ATAPI devices. */
2143 if (s->status & (BUSY_STAT|DRQ_STAT)) {
2144 if (val != WIN_DEVICE_RESET || s->drive_kind != IDE_CD) {
2145 return;
2146 }
2147 }
fcdd25ab 2148
844505b1 2149 if (!ide_cmd_permitted(s, val)) {
dfe1ea8f 2150 ide_abort_command(s);
0cfe719d 2151 ide_bus_set_irq(s->bus);
dfe1ea8f 2152 return;
844505b1
MA		 2153 }
2154
dfe1ea8f
KW		 2155 s->status = READY_STAT | BUSY_STAT;
2156 s->error = 0;
36334faf 2157 s->io_buffer_offset = 0;
a0436e92 2158
dfe1ea8f
KW		 2159 complete = ide_cmd_table[val].handler(s, val);
2160 if (complete) {
2161 s->status &= ~BUSY_STAT;
2162 assert(!!s->error == !!(s->status & ERR_STAT));
a0436e92 2163
dfe1ea8f
KW		 2164 if ((ide_cmd_table[val].flags & SET_DSC) && !s->error) {
2165 s->status |= SEEK_STAT;
a0436e92
KW		 2166 }
2167
c7e73adb 2168 ide_cmd_done(s);
0cfe719d 2169 ide_bus_set_irq(s->bus);
6ef2ba5e 2170 }
5391d806
FB		 2171}
2172
335ca2f2
JS		 2173/* IOport [R]ead [R]egisters */
2174enum ATA_IOPORT_RR {
2175 ATA_IOPORT_RR_DATA = 0,
2176 ATA_IOPORT_RR_ERROR = 1,
2177 ATA_IOPORT_RR_SECTOR_COUNT = 2,
2178 ATA_IOPORT_RR_SECTOR_NUMBER = 3,
2179 ATA_IOPORT_RR_CYLINDER_LOW = 4,
2180 ATA_IOPORT_RR_CYLINDER_HIGH = 5,
2181 ATA_IOPORT_RR_DEVICE_HEAD = 6,
2182 ATA_IOPORT_RR_STATUS = 7,
2183 ATA_IOPORT_RR_NUM_REGISTERS,
2184};
2185
2186const char *ATA_IOPORT_RR_lookup[ATA_IOPORT_RR_NUM_REGISTERS] = {
2187 [ATA_IOPORT_RR_DATA] = "Data",
2188 [ATA_IOPORT_RR_ERROR] = "Error",
2189 [ATA_IOPORT_RR_SECTOR_COUNT] = "Sector Count",
2190 [ATA_IOPORT_RR_SECTOR_NUMBER] = "Sector Number",
2191 [ATA_IOPORT_RR_CYLINDER_LOW] = "Cylinder Low",
2192 [ATA_IOPORT_RR_CYLINDER_HIGH] = "Cylinder High",
2193 [ATA_IOPORT_RR_DEVICE_HEAD] = "Device/Head",
2194 [ATA_IOPORT_RR_STATUS] = "Status"
2195};
2196
3eee2611 2197uint32_t ide_ioport_read(void *opaque, uint32_t addr)
5391d806 2198{
bcbdc4d3 2199 IDEBus *bus = opaque;
2c50207f 2200 IDEState *s = ide_bus_active_if(bus);
3eee2611 2201 uint32_t reg_num;
c2ff060f 2202 int ret, hob;
5391d806 2203
3eee2611 2204 reg_num = addr & 7;
be8c9423 2205 hob = bus->cmd & (IDE_CTRL_HOB);
3eee2611 2206 switch (reg_num) {
335ca2f2 2207 case ATA_IOPORT_RR_DATA:
758c925e
LK		 2208 /*
2209 * The pre-GRUB Solaris x86 bootloader relies upon inb
2210 * consuming a word from the drive's sector buffer.
2211 */
2212 ret = ide_data_readw(bus, addr) & 0xff;
5391d806 2213 break;
335ca2f2 2214 case ATA_IOPORT_RR_ERROR:
4be74634
MA		 2215 if ((!bus->ifs[0].blk && !bus->ifs[1].blk) ||
2216 (s != bus->ifs && !s->blk)) {
c45c3d00 2217 ret = 0;
4be74634 2218 } else if (!hob) {
c45c3d00 2219 ret = s->error;
4be74634 2220 } else {
7d37435b 2221 ret = s->hob_feature;
4be74634 2222 }
5391d806 2223 break;
335ca2f2 2224 case ATA_IOPORT_RR_SECTOR_COUNT:
4be74634 2225 if (!bus->ifs[0].blk && !bus->ifs[1].blk) {
c45c3d00 2226 ret = 0;
4be74634 2227 } else if (!hob) {
c45c3d00 2228 ret = s->nsector & 0xff;
4be74634 2229 } else {
7d37435b 2230 ret = s->hob_nsector;
4be74634 2231 }
5391d806 2232 break;
335ca2f2 2233 case ATA_IOPORT_RR_SECTOR_NUMBER:
4be74634 2234 if (!bus->ifs[0].blk && !bus->ifs[1].blk) {
c45c3d00 2235 ret = 0;
4be74634 2236 } else if (!hob) {
c45c3d00 2237 ret = s->sector;
4be74634 2238 } else {
7d37435b 2239 ret = s->hob_sector;
4be74634 2240 }
5391d806 2241 break;
335ca2f2 2242 case ATA_IOPORT_RR_CYLINDER_LOW:
4be74634 2243 if (!bus->ifs[0].blk && !bus->ifs[1].blk) {
c45c3d00 2244 ret = 0;
4be74634 2245 } else if (!hob) {
c45c3d00 2246 ret = s->lcyl;
4be74634 2247 } else {
7d37435b 2248 ret = s->hob_lcyl;
4be74634 2249 }
5391d806 2250 break;
335ca2f2 2251 case ATA_IOPORT_RR_CYLINDER_HIGH:
4be74634 2252 if (!bus->ifs[0].blk && !bus->ifs[1].blk) {
c45c3d00 2253 ret = 0;
4be74634 2254 } else if (!hob) {
c45c3d00 2255 ret = s->hcyl;
4be74634 2256 } else {
7d37435b 2257 ret = s->hob_hcyl;
4be74634 2258 }
5391d806 2259 break;
335ca2f2 2260 case ATA_IOPORT_RR_DEVICE_HEAD:
4be74634 2261 if (!bus->ifs[0].blk && !bus->ifs[1].blk) {
c45c3d00 2262 ret = 0;
4be74634 2263 } else {
7ae98627 2264 ret = s->select;
4be74634 2265 }
5391d806
FB		 2266 break;
2267 default:
335ca2f2 2268 case ATA_IOPORT_RR_STATUS:
4be74634
MA		 2269 if ((!bus->ifs[0].blk && !bus->ifs[1].blk) ||
2270 (s != bus->ifs && !s->blk)) {
c45c3d00 2271 ret = 0;
4be74634 2272 } else {
c45c3d00 2273 ret = s->status;
4be74634 2274 }
9cdd03a7 2275 qemu_irq_lower(bus->irq);
5391d806
FB		 2276 break;
2277 }
3eee2611 2278
335ca2f2 2279 trace_ide_ioport_read(addr, ATA_IOPORT_RR_lookup[reg_num], ret, bus, s);
5391d806
FB		 2280 return ret;
2281}
2282
356721ae 2283uint32_t ide_status_read(void *opaque, uint32_t addr)
5391d806 2284{
bcbdc4d3 2285 IDEBus *bus = opaque;
2c50207f 2286 IDEState *s = ide_bus_active_if(bus);
5391d806 2287 int ret;
7ae98627 2288
4be74634
MA		 2289 if ((!bus->ifs[0].blk && !bus->ifs[1].blk) ||
2290 (s != bus->ifs && !s->blk)) {
7ae98627 2291 ret = 0;
4be74634 2292 } else {
7ae98627 2293 ret = s->status;
4be74634 2294 }
3eee2611
JS		 2295
2296 trace_ide_status_read(addr, ret, bus, s);
5391d806
FB		 2297 return ret;
2298}
2299
55adb3c4
JS		 2300static void ide_perform_srst(IDEState *s)
2301{
2302 s->status |= BUSY_STAT;
2303
2304 /* Halt PIO (Via register state); PIO BH remains scheduled. */
2305 ide_transfer_halt(s);
2306
2307 /* Cancel DMA -- may drain block device and invoke callbacks */
2308 ide_cancel_dma_sync(s);
2309
2310 /* Cancel PIO callback, reset registers/signature, etc */
2311 ide_reset(s);
2312
4ac4e728
JS		 2313 /* perform diagnostic */
2314 cmd_exec_dev_diagnostic(s, WIN_DIAGNOSE);
55adb3c4
JS		 2315}
2316
2317static void ide_bus_perform_srst(void *opaque)
2318{
2319 IDEBus *bus = opaque;
2320 IDEState *s;
2321 int i;
2322
2323 for (i = 0; i < 2; i++) {
2324 s = &bus->ifs[i];
2325 ide_perform_srst(s);
2326 }
1a9925e3
JS		 2327
2328 bus->cmd &= ~IDE_CTRL_RESET;
55adb3c4
JS		 2329}
2330
98d98912 2331void ide_ctrl_write(void *opaque, uint32_t addr, uint32_t val)
5391d806 2332{
bcbdc4d3 2333 IDEBus *bus = opaque;
5391d806
FB		 2334 IDEState *s;
2335 int i;
2336
98d98912 2337 trace_ide_ctrl_write(addr, val, bus);
3eee2611 2338
55adb3c4
JS		 2339 /* Device0 and Device1 each have their own control register,
2340 * but QEMU models it as just one register in the controller. */
b45bcd81 2341 if (!(bus->cmd & IDE_CTRL_RESET) && (val & IDE_CTRL_RESET)) {
55adb3c4 2342 for (i = 0; i < 2; i++) {
bcbdc4d3 2343 s = &bus->ifs[i];
55adb3c4 2344 s->status |= BUSY_STAT;
5391d806 2345 }
de00b8b3
AB		 2346 replay_bh_schedule_oneshot_event(qemu_get_aio_context(),
2347 ide_bus_perform_srst, bus);
5391d806
FB		 2348 }
2349
9cdd03a7 2350 bus->cmd = val;
5391d806
FB		 2351}
2352
40c4ed3f
KW		 2353/*
2354 * Returns true if the running PIO transfer is a PIO out (i.e. data is
2355 * transferred from the device to the guest), false if it's a PIO in
2356 */
2357static bool ide_is_pio_out(IDEState *s)
2358{
2359 if (s->end_transfer_func == ide_sector_write ||
2360 s->end_transfer_func == ide_atapi_cmd) {
2361 return false;
2362 } else if (s->end_transfer_func == ide_sector_read ||
2363 s->end_transfer_func == ide_transfer_stop ||
2364 s->end_transfer_func == ide_atapi_cmd_reply_end ||
2365 s->end_transfer_func == ide_dummy_transfer_stop) {
2366 return true;
2367 }
2368
2369 abort();
2370}
2371
356721ae 2372void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
5391d806 2373{
bcbdc4d3 2374 IDEBus *bus = opaque;
2c50207f 2375 IDEState *s = ide_bus_active_if(bus);
5391d806
FB		 2376 uint8_t *p;
2377
1787efc3
JS		 2378 trace_ide_data_writew(addr, val, bus, s);
2379
40c4ed3f
KW		 2380 /* PIO data access allowed only when DRQ bit is set. The result of a write
2381 * during PIO out is indeterminate, just ignore it. */
2382 if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) {
fcdd25ab 2383 return;
40c4ed3f 2384 }
fcdd25ab 2385
5391d806 2386 p = s->data_ptr;
1ea17d22
LR		 2387 if (s->io8) {
2388 if (p + 1 > s->data_end) {
2389 return;
2390 }
2391
2392 *p++ = val;
2393 } else {
2394 if (p + 2 > s->data_end) {
2395 return;
2396 }
d2ff8585 2397
1ea17d22
LR		 2398 *(uint16_t *)p = le16_to_cpu(val);
2399 p += 2;
2400 }
5391d806 2401 s->data_ptr = p;
cb72cba8
KW		 2402 if (p >= s->data_end) {
2403 s->status &= ~DRQ_STAT;
5391d806 2404 s->end_transfer_func(s);
cb72cba8 2405 }
5391d806
FB		 2406}
2407
356721ae 2408uint32_t ide_data_readw(void *opaque, uint32_t addr)
5391d806 2409{
bcbdc4d3 2410 IDEBus *bus = opaque;
2c50207f 2411 IDEState *s = ide_bus_active_if(bus);
5391d806
FB		 2412 uint8_t *p;
2413 int ret;
fcdd25ab 2414
40c4ed3f
KW		 2415 /* PIO data access allowed only when DRQ bit is set. The result of a read
2416 * during PIO in is indeterminate, return 0 and don't move forward. */
2417 if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) {
fcdd25ab 2418 return 0;
40c4ed3f 2419 }
fcdd25ab 2420
5391d806 2421 p = s->data_ptr;
1ea17d22
LR		 2422 if (s->io8) {
2423 if (p + 1 > s->data_end) {
2424 return 0;
2425 }
d2ff8585 2426
1ea17d22
LR		 2427 ret = *p++;
2428 } else {
2429 if (p + 2 > s->data_end) {
2430 return 0;
2431 }
2432
2433 ret = cpu_to_le16(*(uint16_t *)p);
2434 p += 2;
2435 }
5391d806 2436 s->data_ptr = p;
cb72cba8
KW		 2437 if (p >= s->data_end) {
2438 s->status &= ~DRQ_STAT;
5391d806 2439 s->end_transfer_func(s);
cb72cba8 2440 }
1787efc3
JS		 2441
2442 trace_ide_data_readw(addr, ret, bus, s);
5391d806
FB		 2443 return ret;
2444}
2445
356721ae 2446void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
5391d806 2447{
bcbdc4d3 2448 IDEBus *bus = opaque;
2c50207f 2449 IDEState *s = ide_bus_active_if(bus);
5391d806
FB		 2450 uint8_t *p;
2451
1787efc3
JS		 2452 trace_ide_data_writel(addr, val, bus, s);
2453
40c4ed3f
KW		 2454 /* PIO data access allowed only when DRQ bit is set. The result of a write
2455 * during PIO out is indeterminate, just ignore it. */
2456 if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) {
fcdd25ab 2457 return;
40c4ed3f 2458 }
fcdd25ab 2459
5391d806 2460 p = s->data_ptr;
d2ff8585
KW		 2461 if (p + 4 > s->data_end) {
2462 return;
2463 }
2464
0c4ad8dc 2465 *(uint32_t *)p = le32_to_cpu(val);
5391d806
FB		 2466 p += 4;
2467 s->data_ptr = p;
cb72cba8
KW		 2468 if (p >= s->data_end) {
2469 s->status &= ~DRQ_STAT;
5391d806 2470 s->end_transfer_func(s);
cb72cba8 2471 }
5391d806
FB		 2472}
2473
356721ae 2474uint32_t ide_data_readl(void *opaque, uint32_t addr)
5391d806 2475{
bcbdc4d3 2476 IDEBus *bus = opaque;
2c50207f 2477 IDEState *s = ide_bus_active_if(bus);
5391d806
FB		 2478 uint8_t *p;
2479 int ret;
3b46e624 2480
40c4ed3f
KW		 2481 /* PIO data access allowed only when DRQ bit is set. The result of a read
2482 * during PIO in is indeterminate, return 0 and don't move forward. */
2483 if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) {
1787efc3
JS		 2484 ret = 0;
2485 goto out;
40c4ed3f 2486 }
fcdd25ab 2487
5391d806 2488 p = s->data_ptr;
d2ff8585
KW		 2489 if (p + 4 > s->data_end) {
2490 return 0;
2491 }
2492
0c4ad8dc 2493 ret = cpu_to_le32(*(uint32_t *)p);
5391d806
FB		 2494 p += 4;
2495 s->data_ptr = p;
cb72cba8
KW		 2496 if (p >= s->data_end) {
2497 s->status &= ~DRQ_STAT;
5391d806 2498 s->end_transfer_func(s);
cb72cba8 2499 }
1787efc3
JS		 2500
2501out:
2502 trace_ide_data_readl(addr, ret, bus, s);
5391d806
FB		 2503 return ret;
2504}
2505
a7dfe172
FB		 2506static void ide_dummy_transfer_stop(IDEState *s)
2507{
2508 s->data_ptr = s->io_buffer;
2509 s->data_end = s->io_buffer;
2510 s->io_buffer[0] = 0xff;
2511 s->io_buffer[1] = 0xff;
2512 s->io_buffer[2] = 0xff;
2513 s->io_buffer[3] = 0xff;
2514}
2515
4a643563
BS		 2516void ide_bus_reset(IDEBus *bus)
2517{
2518 bus->unit = 0;
2519 bus->cmd = 0;
2520 ide_reset(&bus->ifs[0]);
2521 ide_reset(&bus->ifs[1]);
2522 ide_clear_hob(bus);
40a6238a
AG		 2523
2524 /* pending async DMA */
2525 if (bus->dma->aiocb) {
0e168d35 2526 trace_ide_bus_reset_aio();
4be74634 2527 blk_aio_cancel(bus->dma->aiocb);
40a6238a
AG		 2528 bus->dma->aiocb = NULL;
2529 }
2530
2531 /* reset dma provider too */
1374bec0
PB		 2532 if (bus->dma->ops->reset) {
2533 bus->dma->ops->reset(bus->dma);
2534 }
4a643563
BS		 2535}
2536
e4def80b
MA		 2537static bool ide_cd_is_tray_open(void *opaque)
2538{
2539 return ((IDEState *)opaque)->tray_open;
2540}
2541
f107639a
MA		 2542static bool ide_cd_is_medium_locked(void *opaque)
2543{
2544 return ((IDEState *)opaque)->tray_locked;
2545}
2546
01ce352e
JS		 2547static void ide_resize_cb(void *opaque)
2548{
2549 IDEState *s = opaque;
2550 uint64_t nb_sectors;
2551
2552 if (!s->identify_set) {
2553 return;
2554 }
2555
4be74634 2556 blk_get_geometry(s->blk, &nb_sectors);
01ce352e
JS		 2557 s->nb_sectors = nb_sectors;
2558
2559 /* Update the identify data buffer. */
2560 if (s->drive_kind == IDE_CFATA) {
2561 ide_cfata_identify_size(s);
2562 } else {
2563 /* IDE_CD uses a different set of callbacks entirely. */
2564 assert(s->drive_kind != IDE_CD);
2565 ide_identify_size(s);
2566 }
2567}
2568
0e49de52 2569static const BlockDevOps ide_cd_block_ops = {
145feb17 2570 .change_media_cb = ide_cd_change_cb,
2df0a3a3 2571 .eject_request_cb = ide_cd_eject_request_cb,
e4def80b 2572 .is_tray_open = ide_cd_is_tray_open,
f107639a 2573 .is_medium_locked = ide_cd_is_medium_locked,
0e49de52
MA		 2574};
2575
01ce352e
JS		 2576static const BlockDevOps ide_hd_block_ops = {
2577 .resize_cb = ide_resize_cb,
2578};
2579
4be74634 2580int ide_init_drive(IDEState *s, BlockBackend *blk, IDEDriveKind kind,
95ebda85 2581 const char *version, const char *serial, const char *model,
ba801960
MA		 2582 uint64_t wwn,
2583 uint32_t cylinders, uint32_t heads, uint32_t secs,
794939e8 2584 int chs_trans, Error **errp)
88804180 2585{
88804180
GH		 2586 uint64_t nb_sectors;
2587
4be74634 2588 s->blk = blk;
1f56e32a
MA		 2589 s->drive_kind = kind;
2590
4be74634 2591 blk_get_geometry(blk, &nb_sectors);
870111c8 2592 s->cylinders = cylinders;
176e4961
LK		 2593 s->heads = s->drive_heads = heads;
2594 s->sectors = s->drive_sectors = secs;
ba801960 2595 s->chs_trans = chs_trans;
870111c8 2596 s->nb_sectors = nb_sectors;
95ebda85 2597 s->wwn = wwn;
870111c8
MA		 2598 /* The SMART values should be preserved across power cycles
2599 but they aren't. */
2600 s->smart_enabled = 1;
2601 s->smart_autosave = 1;
2602 s->smart_errors = 0;
2603 s->smart_selftest_count = 0;
1f56e32a 2604 if (kind == IDE_CD) {
4be74634 2605 blk_set_dev_ops(blk, &ide_cd_block_ops, s);
7aa9c811 2606 } else {
4be74634 2607 if (!blk_is_inserted(s->blk)) {
794939e8 2608 error_setg(errp, "Device needs media, but drive is empty");
98f28ad7
MA		 2609 return -1;
2610 }
86b1cf32 2611 if (!blk_is_writable(blk)) {
794939e8 2612 error_setg(errp, "Can't use a read-only drive");
7aa9c811
MA		 2613 return -1;
2614 }
4be74634 2615 blk_set_dev_ops(blk, &ide_hd_block_ops, s);
88804180 2616 }
f8b6cc00 2617 if (serial) {
aa2c91bd 2618 pstrcpy(s->drive_serial_str, sizeof(s->drive_serial_str), serial);
6ced55a5 2619 } else {
88804180
GH		 2620 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str),
2621 "QM%05d", s->drive_serial);
870111c8 2622 }
27e0c9a1
FB		 2623 if (model) {
2624 pstrcpy(s->drive_model_str, sizeof(s->drive_model_str), model);
2625 } else {
2626 switch (kind) {
2627 case IDE_CD:
2628 strcpy(s->drive_model_str, "QEMU DVD-ROM");
2629 break;
2630 case IDE_CFATA:
2631 strcpy(s->drive_model_str, "QEMU MICRODRIVE");
2632 break;
2633 default:
2634 strcpy(s->drive_model_str, "QEMU HARDDISK");
2635 break;
2636 }
2637 }
2638
47c06340
GH		 2639 if (version) {
2640 pstrcpy(s->version, sizeof(s->version), version);
2641 } else {
35c2c8dc 2642 pstrcpy(s->version, sizeof(s->version), qemu_hw_version());
47c06340 2643 }
40a6238a 2644
88804180 2645 ide_reset(s);
4be74634 2646 blk_iostatus_enable(blk);
c4d74df7 2647 return 0;
88804180
GH		 2648}
2649
57234ee4 2650static void ide_init1(IDEBus *bus, int unit)
d459da0e
MA		 2651{
2652 static int drive_serial = 1;
2653 IDEState *s = &bus->ifs[unit];
2654
2655 s->bus = bus;
2656 s->unit = unit;
2657 s->drive_serial = drive_serial++;
1b2adf28 2658 /* we need at least 2k alignment for accessing CDROMs using O_DIRECT */
50641c5c 2659 s->io_buffer_total_len = IDE_DMA_BUF_SECTORS*512 + 4;
c925400b
KW		 2660 s->io_buffer = qemu_memalign(2048, s->io_buffer_total_len);
2661 memset(s->io_buffer, 0, s->io_buffer_total_len);
2662
4be74634 2663 s->smart_selftest_data = blk_blockalign(s->blk, 512);
c925400b
KW		 2664 memset(s->smart_selftest_data, 0, 512);
2665
bc72ad67 2666 s->sector_write_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL,
d459da0e 2667 ide_sector_write_timer_cb, s);
57234ee4
MA		 2668}
2669
ae0cebd7 2670static int ide_nop_int(const IDEDMA *dma, bool is_write)
40a6238a
AG		 2671{
2672 return 0;
2673}
2674
ae0cebd7 2675static void ide_nop(const IDEDMA *dma)
9898586d
PB		 2676{
2677}
2678
ae0cebd7 2679static int32_t ide_nop_int32(const IDEDMA *dma, int32_t l)
3251bdcf
JS		 2680{
2681 return 0;
2682}
2683
40a6238a 2684static const IDEDMAOps ide_dma_nop_ops = {
3251bdcf 2685 .prepare_buf = ide_nop_int32,
9898586d 2686 .restart_dma = ide_nop,
40a6238a 2687 .rw_buf = ide_nop_int,
40a6238a
AG		 2688};
2689
9898586d
PB		 2690static void ide_restart_dma(IDEState *s, enum ide_dma_cmd dma_cmd)
2691{
a96cb236 2692 s->unit = s->bus->retry_unit;
dc5d0af4
PB		 2693 ide_set_sector(s, s->bus->retry_sector_num);
2694 s->nsector = s->bus->retry_nsector;
9898586d 2695 s->bus->dma->ops->restart_dma(s->bus->dma);
9898586d
PB		 2696 s->io_buffer_size = 0;
2697 s->dma_cmd = dma_cmd;
2698 ide_start_dma(s, ide_dma_cb);
2699}
2700
2701static void ide_restart_bh(void *opaque)
2702{
2703 IDEBus *bus = opaque;
2704 IDEState *s;
2705 bool is_read;
2706 int error_status;
2707
2708 qemu_bh_delete(bus->bh);
2709 bus->bh = NULL;
2710
2711 error_status = bus->error_status;
2712 if (bus->error_status == 0) {
2713 return;
2714 }
2715
2c50207f 2716 s = ide_bus_active_if(bus);
9898586d
PB		 2717 is_read = (bus->error_status & IDE_RETRY_READ) != 0;
2718
2719 /* The error status must be cleared before resubmitting the request: The
2720 * request may fail again, and this case can only be distinguished if the
2721 * called function can set a new error status. */
2722 bus->error_status = 0;
2723
7c03a691
JS		 2724 /* The HBA has generically asked to be kicked on retry */
2725 if (error_status & IDE_RETRY_HBA) {
2726 if (s->bus->dma->ops->restart) {
2727 s->bus->dma->ops->restart(s->bus->dma);
2728 }
502356ee 2729 } else if (IS_IDE_RETRY_DMA(error_status)) {
9898586d
PB		 2730 if (error_status & IDE_RETRY_TRIM) {
2731 ide_restart_dma(s, IDE_DMA_TRIM);
2732 } else {
2733 ide_restart_dma(s, is_read ? IDE_DMA_READ : IDE_DMA_WRITE);
2734 }
502356ee 2735 } else if (IS_IDE_RETRY_PIO(error_status)) {
9898586d
PB		 2736 if (is_read) {
2737 ide_sector_read(s);
2738 } else {
2739 ide_sector_write(s);
2740 }
2741 } else if (error_status & IDE_RETRY_FLUSH) {
2742 ide_flush_cache(s);
502356ee
PB		 2743 } else if (IS_IDE_RETRY_ATAPI(error_status)) {
2744 assert(s->end_transfer_func == ide_atapi_cmd);
2745 ide_atapi_dma_restart(s);
9898586d 2746 } else {
502356ee 2747 abort();
9898586d
PB		 2748 }
2749}
2750
538f0497 2751static void ide_restart_cb(void *opaque, bool running, RunState state)
9898586d
PB		 2752{
2753 IDEBus *bus = opaque;
2754
2755 if (!running)
2756 return;
2757
2758 if (!bus->bh) {
2759 bus->bh = qemu_bh_new(ide_restart_bh, bus);
2760 qemu_bh_schedule(bus->bh);
2761 }
2762}
2763
e29b1246 2764void ide_bus_register_restart_cb(IDEBus *bus)
f878c916 2765{
9898586d 2766 if (bus->dma->ops->restart_dma) {
ca44141d 2767 bus->vmstate = qemu_add_vm_change_state_handler(ide_restart_cb, bus);
9898586d 2768 }
f878c916
PB		 2769}
2770
40a6238a
AG		 2771static IDEDMA ide_dma_nop = {
2772 .ops = &ide_dma_nop_ops,
2773 .aiocb = NULL,
2774};
2775
c9519630 2776void ide_bus_init_output_irq(IDEBus *bus, qemu_irq irq_out)
57234ee4
MA		 2777{
2778 int i;
2779
2780 for(i = 0; i < 2; i++) {
2781 ide_init1(bus, i);
2782 ide_reset(&bus->ifs[i]);
870111c8 2783 }
c9519630 2784 bus->irq = irq_out;
40a6238a 2785 bus->dma = &ide_dma_nop;
d459da0e
MA		 2786}
2787
0cfe719d 2788void ide_bus_set_irq(IDEBus *bus)
da9f1172
PMD		 2789{
2790 if (!(bus->cmd & IDE_CTRL_DISABLE_IRQ)) {
2791 qemu_irq_raise(bus->irq);
2792 }
2793}
2794
c9f08641
LQ		 2795void ide_exit(IDEState *s)
2796{
c9f08641
LQ		 2797 timer_free(s->sector_write_timer);
2798 qemu_vfree(s->smart_selftest_data);
2799 qemu_vfree(s->io_buffer);
2800}
2801
37159f13 2802static bool is_identify_set(void *opaque, int version_id)
aa941b94 2803{
37159f13
JQ		 2804 IDEState *s = opaque;
2805
2806 return s->identify_set != 0;
2807}
2808
50641c5c
JQ		 2809static EndTransferFunc* transfer_end_table[] = {
2810 ide_sector_read,
2811 ide_sector_write,
2812 ide_transfer_stop,
2813 ide_atapi_cmd_reply_end,
2814 ide_atapi_cmd,
2815 ide_dummy_transfer_stop,
2816};
2817
2818static int transfer_end_table_idx(EndTransferFunc *fn)
2819{
2820 int i;
2821
2822 for (i = 0; i < ARRAY_SIZE(transfer_end_table); i++)
2823 if (transfer_end_table[i] == fn)
2824 return i;
2825
2826 return -1;
2827}
2828
37159f13 2829static int ide_drive_post_load(void *opaque, int version_id)
aa941b94 2830{
37159f13
JQ		 2831 IDEState *s = opaque;
2832
6b896ab2 2833 if (s->blk && s->identify_set) {
4be74634 2834 blk_set_enable_write_cache(s->blk, !!(s->identify_data[85] & (1 << 5)));
7cdd481c 2835 }
37159f13 2836 return 0;
aa941b94
AZ		 2837}
2838
50641c5c
JQ		 2839static int ide_drive_pio_post_load(void *opaque, int version_id)
2840{
2841 IDEState *s = opaque;
2842
fb60105d 2843 if (s->end_transfer_fn_idx >= ARRAY_SIZE(transfer_end_table)) {
50641c5c
JQ		 2844 return -EINVAL;
2845 }
2846 s->end_transfer_func = transfer_end_table[s->end_transfer_fn_idx];
2847 s->data_ptr = s->io_buffer + s->cur_io_buffer_offset;
2848 s->data_end = s->data_ptr + s->cur_io_buffer_len;
819fa276 2849 s->atapi_dma = s->feature & 1; /* as per cmd_packet */
50641c5c
JQ		 2850
2851 return 0;
2852}
2853
44b1ff31 2854static int ide_drive_pio_pre_save(void *opaque)
50641c5c
JQ		 2855{
2856 IDEState *s = opaque;
2857 int idx;
2858
2859 s->cur_io_buffer_offset = s->data_ptr - s->io_buffer;
2860 s->cur_io_buffer_len = s->data_end - s->data_ptr;
2861
2862 idx = transfer_end_table_idx(s->end_transfer_func);
2863 if (idx == -1) {
2864 fprintf(stderr, "%s: invalid end_transfer_func for DRQ_STAT\n",
2865 __func__);
2866 s->end_transfer_fn_idx = 2;
2867 } else {
2868 s->end_transfer_fn_idx = idx;
2869 }
44b1ff31
DDAG		 2870
2871 return 0;
50641c5c
JQ		 2872}
2873
2874static bool ide_drive_pio_state_needed(void *opaque)
2875{
2876 IDEState *s = opaque;
2877
fdc650d7 2878 return ((s->status & DRQ_STAT) != 0)
fd648f10 2879 || (s->bus->error_status & IDE_RETRY_PIO);
50641c5c
JQ		 2880}
2881
db118fe7
MA		 2882static bool ide_tray_state_needed(void *opaque)
2883{
2884 IDEState *s = opaque;
2885
2886 return s->tray_open || s->tray_locked;
2887}
2888
996faf1a
AS		 2889static bool ide_atapi_gesn_needed(void *opaque)
2890{
2891 IDEState *s = opaque;
2892
2893 return s->events.new_media || s->events.eject_request;
2894}
2895
def93791
KW		 2896static bool ide_error_needed(void *opaque)
2897{
2898 IDEBus *bus = opaque;
2899
2900 return (bus->error_status != 0);
2901}
2902
996faf1a 2903/* Fields for GET_EVENT_STATUS_NOTIFICATION ATAPI command */
656fbeff 2904static const VMStateDescription vmstate_ide_atapi_gesn_state = {
996faf1a
AS		 2905 .name ="ide_drive/atapi/gesn_state",
2906 .version_id = 1,
2907 .minimum_version_id = 1,
5cd8cada 2908 .needed = ide_atapi_gesn_needed,
35d08458 2909 .fields = (VMStateField[]) {
996faf1a
AS		 2910 VMSTATE_BOOL(events.new_media, IDEState),
2911 VMSTATE_BOOL(events.eject_request, IDEState),
0754f9ec 2912 VMSTATE_END_OF_LIST()
996faf1a
AS		 2913 }
2914};
2915
db118fe7
MA		 2916static const VMStateDescription vmstate_ide_tray_state = {
2917 .name = "ide_drive/tray_state",
2918 .version_id = 1,
2919 .minimum_version_id = 1,
5cd8cada 2920 .needed = ide_tray_state_needed,
db118fe7
MA		 2921 .fields = (VMStateField[]) {
2922 VMSTATE_BOOL(tray_open, IDEState),
2923 VMSTATE_BOOL(tray_locked, IDEState),
2924 VMSTATE_END_OF_LIST()
2925 }
2926};
2927
656fbeff 2928static const VMStateDescription vmstate_ide_drive_pio_state = {
50641c5c
JQ		 2929 .name = "ide_drive/pio_state",
2930 .version_id = 1,
2931 .minimum_version_id = 1,
50641c5c
JQ		 2932 .pre_save = ide_drive_pio_pre_save,
2933 .post_load = ide_drive_pio_post_load,
5cd8cada 2934 .needed = ide_drive_pio_state_needed,
35d08458 2935 .fields = (VMStateField[]) {
50641c5c
JQ		 2936 VMSTATE_INT32(req_nb_sectors, IDEState),
2937 VMSTATE_VARRAY_INT32(io_buffer, IDEState, io_buffer_total_len, 1,
7d37435b 2938 vmstate_info_uint8, uint8_t),
50641c5c
JQ		 2939 VMSTATE_INT32(cur_io_buffer_offset, IDEState),
2940 VMSTATE_INT32(cur_io_buffer_len, IDEState),
2941 VMSTATE_UINT8(end_transfer_fn_idx, IDEState),
2942 VMSTATE_INT32(elementary_transfer_size, IDEState),
2943 VMSTATE_INT32(packet_transfer_size, IDEState),
2944 VMSTATE_END_OF_LIST()
2945 }
2946};
2947
37159f13
JQ		 2948const VMStateDescription vmstate_ide_drive = {
2949 .name = "ide_drive",
3abb6260 2950 .version_id = 3,
37159f13 2951 .minimum_version_id = 0,
37159f13 2952 .post_load = ide_drive_post_load,
35d08458 2953 .fields = (VMStateField[]) {
37159f13
JQ		 2954 VMSTATE_INT32(mult_sectors, IDEState),
2955 VMSTATE_INT32(identify_set, IDEState),
2956 VMSTATE_BUFFER_TEST(identify_data, IDEState, is_identify_set),
2957 VMSTATE_UINT8(feature, IDEState),
2958 VMSTATE_UINT8(error, IDEState),
2959 VMSTATE_UINT32(nsector, IDEState),
2960 VMSTATE_UINT8(sector, IDEState),
2961 VMSTATE_UINT8(lcyl, IDEState),
2962 VMSTATE_UINT8(hcyl, IDEState),
2963 VMSTATE_UINT8(hob_feature, IDEState),
2964 VMSTATE_UINT8(hob_sector, IDEState),
2965 VMSTATE_UINT8(hob_nsector, IDEState),
2966 VMSTATE_UINT8(hob_lcyl, IDEState),
2967 VMSTATE_UINT8(hob_hcyl, IDEState),
2968 VMSTATE_UINT8(select, IDEState),
2969 VMSTATE_UINT8(status, IDEState),
2970 VMSTATE_UINT8(lba48, IDEState),
2971 VMSTATE_UINT8(sense_key, IDEState),
2972 VMSTATE_UINT8(asc, IDEState),
2973 VMSTATE_UINT8_V(cdrom_changed, IDEState, 3),
37159f13 2974 VMSTATE_END_OF_LIST()
50641c5c 2975 },
5cd8cada
JQ		 2976 .subsections = (const VMStateDescription*[]) {
2977 &vmstate_ide_drive_pio_state,
2978 &vmstate_ide_tray_state,
2979 &vmstate_ide_atapi_gesn_state,
2980 NULL
37159f13
JQ		 2981 }
2982};
2983
656fbeff 2984static const VMStateDescription vmstate_ide_error_status = {
def93791 2985 .name ="ide_bus/error",
d12b9ff2 2986 .version_id = 2,
def93791 2987 .minimum_version_id = 1,
5cd8cada 2988 .needed = ide_error_needed,
35d08458 2989 .fields = (VMStateField[]) {
def93791 2990 VMSTATE_INT32(error_status, IDEBus),
d12b9ff2
PB		 2991 VMSTATE_INT64_V(retry_sector_num, IDEBus, 2),
2992 VMSTATE_UINT32_V(retry_nsector, IDEBus, 2),
2993 VMSTATE_UINT8_V(retry_unit, IDEBus, 2),
def93791
KW		 2994 VMSTATE_END_OF_LIST()
2995 }
2996};
2997
6521dc62
JQ		 2998const VMStateDescription vmstate_ide_bus = {
2999 .name = "ide_bus",
3000 .version_id = 1,
3001 .minimum_version_id = 1,
35d08458 3002 .fields = (VMStateField[]) {
6521dc62
JQ		 3003 VMSTATE_UINT8(cmd, IDEBus),
3004 VMSTATE_UINT8(unit, IDEBus),
3005 VMSTATE_END_OF_LIST()
def93791 3006 },
5cd8cada
JQ		 3007 .subsections = (const VMStateDescription*[]) {
3008 &vmstate_ide_error_status,
3009 NULL
6521dc62
JQ		 3010 }
3011};
75717903 3012
d8f94e1b 3013void ide_drive_get(DriveInfo **hd, int n)
75717903
IY		 3014{
3015 int i;
75717903 3016
d8f94e1b
JS		 3017 for (i = 0; i < n; i++) {
3018 hd[i] = drive_get_by_index(IF_IDE, i);
75717903
IY		 3019 }
3020}
QEMU mirror