]> git.proxmox.com Git - qemu.git/blame - hw/ide/core.c
projects / qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
ide: Fix error messages from static code analysis (no real error)
[qemu.git] / hw / ide / core.c
CommitLineData
5391d806 1/*
38cdea7c 2 * QEMU IDE disk and CD/DVD-ROM Emulator
5fafdf24 3 *
5391d806 4 * Copyright (c) 2003 Fabrice Bellard
201a51fc 5 * Copyright (c) 2006 Openedhand Ltd.
5fafdf24 6 *
5391d806
FB		 7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
59f2a787
GH		 25#include <hw/hw.h>
26#include <hw/pc.h>
27#include <hw/pci.h>
4a91d3b3 28#include <hw/isa.h>
c4d74df7 29#include "qemu-error.h"
87ecb68b
PB		 30#include "qemu-timer.h"
31#include "sysemu.h"
1fb8648d 32#include "dma.h"
9db1c0f7 33#include "hw/block-common.h"
2446333c 34#include "blockdev.h"
59f2a787
GH		 35
36#include <hw/ide/internal.h>
e8b54394 37
b93af93d
BW		 38/* These values were based on a Seagate ST3500418AS but have been modified
39 to make more sense in QEMU */
40static const int smart_attributes[][12] = {
41 /* id, flags, hflags, val, wrst, raw (6 bytes), threshold */
42 /* raw read error rate*/
43 { 0x01, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06},
44 /* spin up */
45 { 0x03, 0x03, 0x00, 0x64, 0x64, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
46 /* start stop count */
47 { 0x04, 0x02, 0x00, 0x64, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x14},
48 /* remapped sectors */
49 { 0x05, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x24},
50 /* power on hours */
51 { 0x09, 0x03, 0x00, 0x64, 0x64, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
52 /* power cycle count */
53 { 0x0c, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
54 /* airflow-temperature-celsius */
55 { 190, 0x03, 0x00, 0x45, 0x45, 0x1f, 0x00, 0x1f, 0x1f, 0x00, 0x00, 0x32},
e8b54394
BW		 56};
57
ce4b6522 58static int ide_handle_rw_error(IDEState *s, int error, int op);
40c4ed3f 59static void ide_dummy_transfer_stop(IDEState *s);
98087450 60
5391d806
FB		 61static void padstr(char *str, const char *src, int len)
62{
63 int i, v;
64 for(i = 0; i < len; i++) {
65 if (*src)
66 v = *src++;
67 else
68 v = ' ';
69b34976 69 str[i^1] = v;
5391d806
FB		 70 }
71}
72
67b915a5
FB		 73static void put_le16(uint16_t *p, unsigned int v)
74{
0c4ad8dc 75 *p = cpu_to_le16(v);
67b915a5
FB		 76}
77
5391d806
FB		 78static void ide_identify(IDEState *s)
79{
80 uint16_t *p;
81 unsigned int oldsize;
d353fb72 82 IDEDevice *dev = s->unit ? s->bus->slave : s->bus->master;
5391d806 83
94458802
FB		 84 if (s->identify_set) {
85 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
86 return;
87 }
88
5391d806
FB		 89 memset(s->io_buffer, 0, 512);
90 p = (uint16_t *)s->io_buffer;
67b915a5 91 put_le16(p + 0, 0x0040);
5fafdf24 92 put_le16(p + 1, s->cylinders);
67b915a5
FB		 93 put_le16(p + 3, s->heads);
94 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
95 put_le16(p + 5, 512); /* XXX: retired, remove ? */
5fafdf24 96 put_le16(p + 6, s->sectors);
fa879c64 97 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
67b915a5
FB		 98 put_le16(p + 20, 3); /* XXX: retired, remove ? */
99 put_le16(p + 21, 512); /* cache size in sectors */
100 put_le16(p + 22, 4); /* ecc bytes */
47c06340 101 padstr((char *)(p + 23), s->version, 8); /* firmware version */
27e0c9a1 102 padstr((char *)(p + 27), s->drive_model_str, 40); /* model */
3b46e624 103#if MAX_MULT_SECTORS > 1
67b915a5 104 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
5391d806 105#endif
67b915a5 106 put_le16(p + 48, 1); /* dword I/O */
94458802 107 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
67b915a5
FB		 108 put_le16(p + 51, 0x200); /* PIO transfer cycle */
109 put_le16(p + 52, 0x200); /* DMA transfer cycle */
94458802 110 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
67b915a5
FB		 111 put_le16(p + 54, s->cylinders);
112 put_le16(p + 55, s->heads);
113 put_le16(p + 56, s->sectors);
5391d806 114 oldsize = s->cylinders * s->heads * s->sectors;
67b915a5
FB		 115 put_le16(p + 57, oldsize);
116 put_le16(p + 58, oldsize >> 16);
5391d806 117 if (s->mult_sectors)
67b915a5
FB		 118 put_le16(p + 59, 0x100 | s->mult_sectors);
119 put_le16(p + 60, s->nb_sectors);
120 put_le16(p + 61, s->nb_sectors >> 16);
d1b5c20d 121 put_le16(p + 62, 0x07); /* single word dma0-2 supported */
94458802 122 put_le16(p + 63, 0x07); /* mdma0-2 supported */
79d1d331 123 put_le16(p + 64, 0x03); /* pio3-4 supported */
94458802
FB		 124 put_le16(p + 65, 120);
125 put_le16(p + 66, 120);
126 put_le16(p + 67, 120);
127 put_le16(p + 68, 120);
d353fb72
CH		 128 if (dev && dev->conf.discard_granularity) {
129 put_le16(p + 69, (1 << 14)); /* determinate TRIM behavior */
130 }
ccf0fd8b
RE		 131
132 if (s->ncq_queues) {
133 put_le16(p + 75, s->ncq_queues - 1);
134 /* NCQ supported */
135 put_le16(p + 76, (1 << 8));
136 }
137
94458802
FB		 138 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
139 put_le16(p + 81, 0x16); /* conforms to ata5 */
a58b8d54
CH		 140 /* 14=NOP supported, 5=WCACHE supported, 0=SMART supported */
141 put_le16(p + 82, (1 << 14) | (1 << 5) | 1);
c2ff060f
FB		 142 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
143 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
95ebda85
FB		 144 /* 14=set to 1, 8=has WWN, 1=SMART self test, 0=SMART error logging */
145 if (s->wwn) {
146 put_le16(p + 84, (1 << 14) | (1 << 8) | 0);
147 } else {
148 put_le16(p + 84, (1 << 14) | 0);
149 }
e900a7b7
CH		 150 /* 14 = NOP supported, 5=WCACHE enabled, 0=SMART feature set enabled */
151 if (bdrv_enable_write_cache(s->bs))
152 put_le16(p + 85, (1 << 14) | (1 << 5) | 1);
153 else
154 put_le16(p + 85, (1 << 14) | 1);
c2ff060f 155 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
2844bdd9 156 put_le16(p + 86, (1 << 13) | (1 <<12) | (1 << 10));
95ebda85
FB		 157 /* 14=set to 1, 8=has WWN, 1=SMART self test, 0=SMART error logging */
158 if (s->wwn) {
159 put_le16(p + 87, (1 << 14) | (1 << 8) | 0);
160 } else {
161 put_le16(p + 87, (1 << 14) | 0);
162 }
94458802
FB		 163 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
164 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
c2ff060f
FB		 165 put_le16(p + 100, s->nb_sectors);
166 put_le16(p + 101, s->nb_sectors >> 16);
167 put_le16(p + 102, s->nb_sectors >> 32);
168 put_le16(p + 103, s->nb_sectors >> 48);
d353fb72 169
57dac7ef
MA		 170 if (dev && dev->conf.physical_block_size)
171 put_le16(p + 106, 0x6000 | get_physical_block_exp(&dev->conf));
95ebda85
FB		 172 if (s->wwn) {
173 /* LE 16-bit words 111-108 contain 64-bit World Wide Name */
174 put_le16(p + 108, s->wwn >> 48);
175 put_le16(p + 109, s->wwn >> 32);
176 put_le16(p + 110, s->wwn >> 16);
177 put_le16(p + 111, s->wwn);
178 }
d353fb72
CH		 179 if (dev && dev->conf.discard_granularity) {
180 put_le16(p + 169, 1); /* TRIM support */
181 }
94458802
FB		 182
183 memcpy(s->identify_data, p, sizeof(s->identify_data));
184 s->identify_set = 1;
5391d806
FB		 185}
186
187static void ide_atapi_identify(IDEState *s)
188{
189 uint16_t *p;
190
94458802
FB		 191 if (s->identify_set) {
192 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
193 return;
194 }
195
5391d806
FB		 196 memset(s->io_buffer, 0, 512);
197 p = (uint16_t *)s->io_buffer;
198 /* Removable CDROM, 50us response, 12 byte packets */
67b915a5 199 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
fa879c64 200 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
67b915a5
FB		 201 put_le16(p + 20, 3); /* buffer type */
202 put_le16(p + 21, 512); /* cache size in sectors */
203 put_le16(p + 22, 4); /* ecc bytes */
47c06340 204 padstr((char *)(p + 23), s->version, 8); /* firmware version */
27e0c9a1 205 padstr((char *)(p + 27), s->drive_model_str, 40); /* model */
67b915a5 206 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
8ccad811
FB		 207#ifdef USE_DMA_CDROM
208 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
209 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
d1b5c20d 210 put_le16(p + 62, 7); /* single word dma0-2 supported */
8ccad811 211 put_le16(p + 63, 7); /* mdma0-2 supported */
8ccad811 212#else
67b915a5
FB		 213 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
214 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
215 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
8ccad811 216#endif
79d1d331 217 put_le16(p + 64, 3); /* pio3-4 supported */
67b915a5
FB		 218 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
219 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
220 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
221 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
94458802 222
67b915a5
FB		 223 put_le16(p + 71, 30); /* in ns */
224 put_le16(p + 72, 30); /* in ns */
5391d806 225
1bdaa28d
AG		 226 if (s->ncq_queues) {
227 put_le16(p + 75, s->ncq_queues - 1);
228 /* NCQ supported */
229 put_le16(p + 76, (1 << 8));
230 }
231
67b915a5 232 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
8ccad811
FB		 233#ifdef USE_DMA_CDROM
234 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
235#endif
94458802
FB		 236 memcpy(s->identify_data, p, sizeof(s->identify_data));
237 s->identify_set = 1;
5391d806
FB		 238}
239
201a51fc
AZ		 240static void ide_cfata_identify(IDEState *s)
241{
242 uint16_t *p;
243 uint32_t cur_sec;
201a51fc
AZ		 244
245 p = (uint16_t *) s->identify_data;
246 if (s->identify_set)
247 goto fill_buffer;
248
249 memset(p, 0, sizeof(s->identify_data));
250
251 cur_sec = s->cylinders * s->heads * s->sectors;
252
253 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
254 put_le16(p + 1, s->cylinders); /* Default cylinders */
255 put_le16(p + 3, s->heads); /* Default heads */
256 put_le16(p + 6, s->sectors); /* Default sectors per track */
257 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
258 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
fa879c64 259 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
201a51fc 260 put_le16(p + 22, 0x0004); /* ECC bytes */
47c06340 261 padstr((char *) (p + 23), s->version, 8); /* Firmware Revision */
27e0c9a1 262 padstr((char *) (p + 27), s->drive_model_str, 40);/* Model number */
201a51fc
AZ		 263#if MAX_MULT_SECTORS > 1
264 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
265#else
266 put_le16(p + 47, 0x0000);
267#endif
268 put_le16(p + 49, 0x0f00); /* Capabilities */
269 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
270 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
271 put_le16(p + 53, 0x0003); /* Translation params valid */
272 put_le16(p + 54, s->cylinders); /* Current cylinders */
273 put_le16(p + 55, s->heads); /* Current heads */
274 put_le16(p + 56, s->sectors); /* Current sectors */
275 put_le16(p + 57, cur_sec); /* Current capacity */
276 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
277 if (s->mult_sectors) /* Multiple sector setting */
278 put_le16(p + 59, 0x100 | s->mult_sectors);
279 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
280 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
281 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
282 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
283 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
284 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
285 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
286 put_le16(p + 82, 0x400c); /* Command Set supported */
287 put_le16(p + 83, 0x7068); /* Command Set supported */
288 put_le16(p + 84, 0x4000); /* Features supported */
289 put_le16(p + 85, 0x000c); /* Command Set enabled */
290 put_le16(p + 86, 0x7044); /* Command Set enabled */
291 put_le16(p + 87, 0x4000); /* Features enabled */
292 put_le16(p + 91, 0x4060); /* Current APM level */
293 put_le16(p + 129, 0x0002); /* Current features option */
294 put_le16(p + 130, 0x0005); /* Reassigned sectors */
295 put_le16(p + 131, 0x0001); /* Initial power mode */
296 put_le16(p + 132, 0x0000); /* User signature */
297 put_le16(p + 160, 0x8100); /* Power requirement */
298 put_le16(p + 161, 0x8001); /* CF command set */
299
300 s->identify_set = 1;
301
302fill_buffer:
303 memcpy(s->io_buffer, p, sizeof(s->identify_data));
304}
305
5391d806
FB		 306static void ide_set_signature(IDEState *s)
307{
308 s->select &= 0xf0; /* clear head */
309 /* put signature */
310 s->nsector = 1;
311 s->sector = 1;
cd8722bb 312 if (s->drive_kind == IDE_CD) {
5391d806
FB		 313 s->lcyl = 0x14;
314 s->hcyl = 0xeb;
315 } else if (s->bs) {
316 s->lcyl = 0;
317 s->hcyl = 0;
318 } else {
319 s->lcyl = 0xff;
320 s->hcyl = 0xff;
321 }
322}
323
d353fb72
CH		 324typedef struct TrimAIOCB {
325 BlockDriverAIOCB common;
326 QEMUBH *bh;
327 int ret;
328} TrimAIOCB;
329
330static void trim_aio_cancel(BlockDriverAIOCB *acb)
331{
332 TrimAIOCB *iocb = container_of(acb, TrimAIOCB, common);
333
334 qemu_bh_delete(iocb->bh);
335 iocb->bh = NULL;
336 qemu_aio_release(iocb);
337}
338
339static AIOPool trim_aio_pool = {
340 .aiocb_size = sizeof(TrimAIOCB),
341 .cancel = trim_aio_cancel,
342};
343
344static void ide_trim_bh_cb(void *opaque)
345{
346 TrimAIOCB *iocb = opaque;
347
348 iocb->common.cb(iocb->common.opaque, iocb->ret);
349
350 qemu_bh_delete(iocb->bh);
351 iocb->bh = NULL;
352
353 qemu_aio_release(iocb);
354}
355
356BlockDriverAIOCB *ide_issue_trim(BlockDriverState *bs,
357 int64_t sector_num, QEMUIOVector *qiov, int nb_sectors,
358 BlockDriverCompletionFunc *cb, void *opaque)
359{
360 TrimAIOCB *iocb;
361 int i, j, ret;
362
363 iocb = qemu_aio_get(&trim_aio_pool, bs, cb, opaque);
364 iocb->bh = qemu_bh_new(ide_trim_bh_cb, iocb);
365 iocb->ret = 0;
366
367 for (j = 0; j < qiov->niov; j++) {
368 uint64_t *buffer = qiov->iov[j].iov_base;
369
370 for (i = 0; i < qiov->iov[j].iov_len / 8; i++) {
371 /* 6-byte LBA + 2-byte range per entry */
372 uint64_t entry = le64_to_cpu(buffer[i]);
373 uint64_t sector = entry & 0x0000ffffffffffffULL;
374 uint16_t count = entry >> 48;
375
376 if (count == 0) {
377 break;
378 }
379
380 ret = bdrv_discard(bs, sector, count);
381 if (!iocb->ret) {
382 iocb->ret = ret;
383 }
384 }
385 }
386
387 qemu_bh_schedule(iocb->bh);
388
389 return &iocb->common;
390}
391
5391d806
FB		 392static inline void ide_abort_command(IDEState *s)
393{
394 s->status = READY_STAT | ERR_STAT;
395 s->error = ABRT_ERR;
396}
397
5391d806 398/* prepare data transfer and tell what to do after */
33231e0e
KW		 399void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
400 EndTransferFunc *end_transfer_func)
5391d806
FB		 401{
402 s->end_transfer_func = end_transfer_func;
403 s->data_ptr = buf;
404 s->data_end = buf + size;
40a6238a 405 if (!(s->status & ERR_STAT)) {
7603d156 406 s->status |= DRQ_STAT;
40a6238a
AG		 407 }
408 s->bus->dma->ops->start_transfer(s->bus->dma);
5391d806
FB		 409}
410
33231e0e 411void ide_transfer_stop(IDEState *s)
5391d806
FB		 412{
413 s->end_transfer_func = ide_transfer_stop;
414 s->data_ptr = s->io_buffer;
415 s->data_end = s->io_buffer;
416 s->status &= ~DRQ_STAT;
417}
418
356721ae 419int64_t ide_get_sector(IDEState *s)
5391d806
FB		 420{
421 int64_t sector_num;
422 if (s->select & 0x40) {
423 /* lba */
c2ff060f
FB		 424 if (!s->lba48) {
425 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
426 (s->lcyl << 8) | s->sector;
427 } else {
428 sector_num = ((int64_t)s->hob_hcyl << 40) |
429 ((int64_t) s->hob_lcyl << 32) |
430 ((int64_t) s->hob_sector << 24) |
431 ((int64_t) s->hcyl << 16) |
432 ((int64_t) s->lcyl << 8) | s->sector;
433 }
5391d806
FB		 434 } else {
435 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
c2ff060f 436 (s->select & 0x0f) * s->sectors + (s->sector - 1);
5391d806
FB		 437 }
438 return sector_num;
439}
440
356721ae 441void ide_set_sector(IDEState *s, int64_t sector_num)
5391d806
FB		 442{
443 unsigned int cyl, r;
444 if (s->select & 0x40) {
c2ff060f
FB		 445 if (!s->lba48) {
446 s->select = (s->select & 0xf0) | (sector_num >> 24);
447 s->hcyl = (sector_num >> 16);
448 s->lcyl = (sector_num >> 8);
449 s->sector = (sector_num);
450 } else {
451 s->sector = sector_num;
452 s->lcyl = sector_num >> 8;
453 s->hcyl = sector_num >> 16;
454 s->hob_sector = sector_num >> 24;
455 s->hob_lcyl = sector_num >> 32;
456 s->hob_hcyl = sector_num >> 40;
457 }
5391d806
FB		 458 } else {
459 cyl = sector_num / (s->heads * s->sectors);
460 r = sector_num % (s->heads * s->sectors);
461 s->hcyl = cyl >> 8;
462 s->lcyl = cyl;
1b8eb456 463 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
5391d806
FB		 464 s->sector = (r % s->sectors) + 1;
465 }
466}
467
e162cfb0
AZ		 468static void ide_rw_error(IDEState *s) {
469 ide_abort_command(s);
9cdd03a7 470 ide_set_irq(s->bus);
e162cfb0
AZ		 471}
472
bef0fd59
SH		 473static void ide_sector_read_cb(void *opaque, int ret)
474{
475 IDEState *s = opaque;
476 int n;
477
478 s->pio_aiocb = NULL;
479 s->status &= ~BUSY_STAT;
480
481 bdrv_acct_done(s->bs, &s->acct);
482 if (ret != 0) {
483 if (ide_handle_rw_error(s, -ret, BM_STATUS_PIO_RETRY |
484 BM_STATUS_RETRY_READ)) {
485 return;
486 }
487 }
488
489 n = s->nsector;
490 if (n > s->req_nb_sectors) {
491 n = s->req_nb_sectors;
492 }
493
494 /* Allow the guest to read the io_buffer */
495 ide_transfer_start(s, s->io_buffer, n * BDRV_SECTOR_SIZE, ide_sector_read);
496
497 ide_set_irq(s->bus);
498
499 ide_set_sector(s, ide_get_sector(s) + n);
500 s->nsector -= n;
501}
502
40a6238a 503void ide_sector_read(IDEState *s)
5391d806
FB		 504{
505 int64_t sector_num;
bef0fd59 506 int n;
5391d806
FB		 507
508 s->status = READY_STAT | SEEK_STAT;
a136e5a8 509 s->error = 0; /* not needed by IDE spec, but needed by Windows */
5391d806
FB		 510 sector_num = ide_get_sector(s);
511 n = s->nsector;
bef0fd59 512
5391d806 513 if (n == 0) {
5391d806 514 ide_transfer_stop(s);
bef0fd59
SH		 515 return;
516 }
517
518 s->status |= BUSY_STAT;
519
520 if (n > s->req_nb_sectors) {
521 n = s->req_nb_sectors;
522 }
523
5391d806 524#if defined(DEBUG_IDE)
bef0fd59 525 printf("sector=%" PRId64 "\n", sector_num);
5391d806 526#endif
a597e79c 527
bef0fd59
SH		 528 s->iov.iov_base = s->io_buffer;
529 s->iov.iov_len = n * BDRV_SECTOR_SIZE;
530 qemu_iovec_init_external(&s->qiov, &s->iov, 1);
531
532 bdrv_acct_start(s->bs, &s->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ);
533 s->pio_aiocb = bdrv_aio_readv(s->bs, sector_num, &s->qiov, n,
534 ide_sector_read_cb, s);
5391d806
FB		 535}
536
b61744b3 537static void dma_buf_commit(IDEState *s)
7aea4412 538{
1fb8648d 539 qemu_sglist_destroy(&s->sg);
7aea4412
AL		 540}
541
33231e0e 542void ide_set_inactive(IDEState *s)
8337606d 543{
40a6238a
AG		 544 s->bus->dma->aiocb = NULL;
545 s->bus->dma->ops->set_inactive(s->bus->dma);
8337606d
KW		 546}
547
356721ae 548void ide_dma_error(IDEState *s)
e162cfb0
AZ		 549{
550 ide_transfer_stop(s);
551 s->error = ABRT_ERR;
552 s->status = READY_STAT | ERR_STAT;
40a6238a 553 ide_set_inactive(s);
9cdd03a7 554 ide_set_irq(s->bus);
e162cfb0
AZ		 555}
556
ce4b6522 557static int ide_handle_rw_error(IDEState *s, int error, int op)
428c5705 558{
ce4b6522 559 int is_read = (op & BM_STATUS_RETRY_READ);
abd7f68d 560 BlockErrorAction action = bdrv_get_on_error(s->bs, is_read);
428c5705 561
7ad7e3c3 562 if (action == BLOCK_ERR_IGNORE) {
329c0a48 563 bdrv_emit_qmp_error_event(s->bs, BDRV_ACTION_IGNORE, is_read);
428c5705 564 return 0;
7ad7e3c3 565 }
428c5705
AL		 566
567 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
568 || action == BLOCK_ERR_STOP_ANY) {
40a6238a 569 s->bus->dma->ops->set_unit(s->bus->dma, s->unit);
def93791 570 s->bus->error_status = op;
329c0a48 571 bdrv_emit_qmp_error_event(s->bs, BDRV_ACTION_STOP, is_read);
0461d5a6 572 vm_stop(RUN_STATE_IO_ERROR);
50fb1900 573 bdrv_iostatus_set_err(s->bs, error);
428c5705 574 } else {
ce4b6522 575 if (op & BM_STATUS_DMA_RETRY) {
b61744b3 576 dma_buf_commit(s);
428c5705 577 ide_dma_error(s);
7aea4412 578 } else {
428c5705 579 ide_rw_error(s);
7aea4412 580 }
329c0a48 581 bdrv_emit_qmp_error_event(s->bs, BDRV_ACTION_REPORT, is_read);
428c5705
AL		 582 }
583
584 return 1;
585}
586
cd369c46 587void ide_dma_cb(void *opaque, int ret)
98087450 588{
40a6238a 589 IDEState *s = opaque;
8ccad811
FB		 590 int n;
591 int64_t sector_num;
592
e162cfb0 593 if (ret < 0) {
cd369c46
CH		 594 int op = BM_STATUS_DMA_RETRY;
595
4e1e0051 596 if (s->dma_cmd == IDE_DMA_READ)
cd369c46 597 op |= BM_STATUS_RETRY_READ;
d353fb72
CH		 598 else if (s->dma_cmd == IDE_DMA_TRIM)
599 op |= BM_STATUS_RETRY_TRIM;
600
cd369c46 601 if (ide_handle_rw_error(s, -ret, op)) {
ce4b6522
KW		 602 return;
603 }
e162cfb0
AZ		 604 }
605
8ccad811
FB		 606 n = s->io_buffer_size >> 9;
607 sector_num = ide_get_sector(s);
608 if (n > 0) {
b61744b3 609 dma_buf_commit(s);
8ccad811
FB		 610 sector_num += n;
611 ide_set_sector(s, sector_num);
612 s->nsector -= n;
8ccad811
FB		 613 }
614
615 /* end of transfer ? */
616 if (s->nsector == 0) {
98087450 617 s->status = READY_STAT | SEEK_STAT;
9cdd03a7 618 ide_set_irq(s->bus);
cd369c46 619 goto eot;
98087450 620 }
8ccad811
FB		 621
622 /* launch next transfer */
623 n = s->nsector;
596bb44d 624 s->io_buffer_index = 0;
8ccad811 625 s->io_buffer_size = n * 512;
4e1e0051 626 if (s->bus->dma->ops->prepare_buf(s->bus->dma, ide_cmd_is_read(s)) == 0) {
69c38b8f
KW		 627 /* The PRDs were too short. Reset the Active bit, but don't raise an
628 * interrupt. */
7aea4412 629 goto eot;
69c38b8f 630 }
cd369c46 631
8ccad811 632#ifdef DEBUG_AIO
4e1e0051
CH		 633 printf("ide_dma_cb: sector_num=%" PRId64 " n=%d, cmd_cmd=%d\n",
634 sector_num, n, s->dma_cmd);
8ccad811 635#endif
cd369c46 636
4e1e0051
CH		 637 switch (s->dma_cmd) {
638 case IDE_DMA_READ:
cd369c46
CH		 639 s->bus->dma->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num,
640 ide_dma_cb, s);
4e1e0051
CH		 641 break;
642 case IDE_DMA_WRITE:
cd369c46
CH		 643 s->bus->dma->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num,
644 ide_dma_cb, s);
4e1e0051 645 break;
d353fb72
CH		 646 case IDE_DMA_TRIM:
647 s->bus->dma->aiocb = dma_bdrv_io(s->bs, &s->sg, sector_num,
43cf8ae6
DG		 648 ide_issue_trim, ide_dma_cb, s,
649 DMA_DIRECTION_TO_DEVICE);
d353fb72 650 break;
cd369c46 651 }
cd369c46
CH		 652 return;
653
654eot:
a597e79c
CH		 655 if (s->dma_cmd == IDE_DMA_READ || s->dma_cmd == IDE_DMA_WRITE) {
656 bdrv_acct_done(s->bs, &s->acct);
657 }
658 ide_set_inactive(s);
98087450
FB		 659}
660
4e1e0051 661static void ide_sector_start_dma(IDEState *s, enum ide_dma_cmd dma_cmd)
98087450 662{
8ccad811 663 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
98087450
FB		 664 s->io_buffer_index = 0;
665 s->io_buffer_size = 0;
4e1e0051 666 s->dma_cmd = dma_cmd;
a597e79c
CH		 667
668 switch (dma_cmd) {
669 case IDE_DMA_READ:
670 bdrv_acct_start(s->bs, &s->acct, s->nsector * BDRV_SECTOR_SIZE,
671 BDRV_ACCT_READ);
672 break;
673 case IDE_DMA_WRITE:
674 bdrv_acct_start(s->bs, &s->acct, s->nsector * BDRV_SECTOR_SIZE,
675 BDRV_ACCT_WRITE);
676 break;
677 default:
678 break;
679 }
680
cd369c46 681 s->bus->dma->ops->start_dma(s->bus->dma, s, ide_dma_cb);
98087450
FB		 682}
683
a09db21f
FB		 684static void ide_sector_write_timer_cb(void *opaque)
685{
686 IDEState *s = opaque;
9cdd03a7 687 ide_set_irq(s->bus);
a09db21f
FB		 688}
689
e82dabd8 690static void ide_sector_write_cb(void *opaque, int ret)
5391d806 691{
e82dabd8
SH		 692 IDEState *s = opaque;
693 int n;
a597e79c 694
a597e79c 695 bdrv_acct_done(s->bs, &s->acct);
428c5705 696
e82dabd8
SH		 697 s->pio_aiocb = NULL;
698 s->status &= ~BUSY_STAT;
699
e162cfb0 700 if (ret != 0) {
e82dabd8 701 if (ide_handle_rw_error(s, -ret, BM_STATUS_PIO_RETRY)) {
428c5705 702 return;
e82dabd8 703 }
e162cfb0
AZ		 704 }
705
e82dabd8
SH		 706 n = s->nsector;
707 if (n > s->req_nb_sectors) {
708 n = s->req_nb_sectors;
709 }
5391d806
FB		 710 s->nsector -= n;
711 if (s->nsector == 0) {
292eef5a 712 /* no more sectors to write */
5391d806
FB		 713 ide_transfer_stop(s);
714 } else {
e82dabd8
SH		 715 int n1 = s->nsector;
716 if (n1 > s->req_nb_sectors) {
5391d806 717 n1 = s->req_nb_sectors;
e82dabd8
SH		 718 }
719 ide_transfer_start(s, s->io_buffer, n1 * BDRV_SECTOR_SIZE,
720 ide_sector_write);
5391d806 721 }
e82dabd8 722 ide_set_sector(s, ide_get_sector(s) + n);
3b46e624 723
31c2a146
TS		 724 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
725 /* It seems there is a bug in the Windows 2000 installer HDD
726 IDE driver which fills the disk with empty logs when the
727 IDE write IRQ comes too early. This hack tries to correct
728 that at the expense of slower write performances. Use this
729 option _only_ to install Windows 2000. You must disable it
730 for normal use. */
f7736b91 731 qemu_mod_timer(s->sector_write_timer,
74475455 732 qemu_get_clock_ns(vm_clock) + (get_ticks_per_sec() / 1000));
f7736b91 733 } else {
9cdd03a7 734 ide_set_irq(s->bus);
31c2a146 735 }
5391d806
FB		 736}
737
e82dabd8
SH		 738void ide_sector_write(IDEState *s)
739{
740 int64_t sector_num;
741 int n;
742
743 s->status = READY_STAT | SEEK_STAT | BUSY_STAT;
744 sector_num = ide_get_sector(s);
745#if defined(DEBUG_IDE)
746 printf("sector=%" PRId64 "\n", sector_num);
747#endif
748 n = s->nsector;
749 if (n > s->req_nb_sectors) {
750 n = s->req_nb_sectors;
751 }
752
753 s->iov.iov_base = s->io_buffer;
754 s->iov.iov_len = n * BDRV_SECTOR_SIZE;
755 qemu_iovec_init_external(&s->qiov, &s->iov, 1);
756
757 bdrv_acct_start(s->bs, &s->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ);
758 s->pio_aiocb = bdrv_aio_writev(s->bs, sector_num, &s->qiov, n,
759 ide_sector_write_cb, s);
760}
761
b0484ae4
CH		 762static void ide_flush_cb(void *opaque, int ret)
763{
764 IDEState *s = opaque;
765
e2bcadad
KW		 766 if (ret < 0) {
767 /* XXX: What sector number to set here? */
768 if (ide_handle_rw_error(s, -ret, BM_STATUS_RETRY_FLUSH)) {
769 return;
770 }
771 }
b0484ae4 772
a597e79c 773 bdrv_acct_done(s->bs, &s->acct);
b0484ae4
CH		 774 s->status = READY_STAT | SEEK_STAT;
775 ide_set_irq(s->bus);
776}
777
40a6238a 778void ide_flush_cache(IDEState *s)
6bcb1a79 779{
b2df7531 780 if (s->bs == NULL) {
6bcb1a79 781 ide_flush_cb(s, 0);
b2df7531
KW		 782 return;
783 }
784
a597e79c 785 bdrv_acct_start(s->bs, &s->acct, 0, BDRV_ACCT_FLUSH);
ad54ae80 786 bdrv_aio_flush(s->bs, ide_flush_cb, s);
6bcb1a79
KW		 787}
788
201a51fc
AZ		 789static void ide_cfata_metadata_inquiry(IDEState *s)
790{
791 uint16_t *p;
792 uint32_t spd;
793
794 p = (uint16_t *) s->io_buffer;
795 memset(p, 0, 0x200);
796 spd = ((s->mdata_size - 1) >> 9) + 1;
797
798 put_le16(p + 0, 0x0001); /* Data format revision */
799 put_le16(p + 1, 0x0000); /* Media property: silicon */
800 put_le16(p + 2, s->media_changed); /* Media status */
801 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
802 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
803 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
804 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
805}
806
807static void ide_cfata_metadata_read(IDEState *s)
808{
809 uint16_t *p;
810
811 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
812 s->status = ERR_STAT;
813 s->error = ABRT_ERR;
814 return;
815 }
816
817 p = (uint16_t *) s->io_buffer;
818 memset(p, 0, 0x200);
819
820 put_le16(p + 0, s->media_changed); /* Media status */
821 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
822 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
823 s->nsector << 9), 0x200 - 2));
824}
825
826static void ide_cfata_metadata_write(IDEState *s)
827{
828 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
829 s->status = ERR_STAT;
830 s->error = ABRT_ERR;
831 return;
832 }
833
834 s->media_changed = 0;
835
836 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
837 s->io_buffer + 2,
838 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
839 s->nsector << 9), 0x200 - 2));
840}
841
bd491d6a 842/* called when the inserted state of the media has changed */
7d4b4ba5 843static void ide_cd_change_cb(void *opaque, bool load)
bd491d6a
TS		 844{
845 IDEState *s = opaque;
96b8f136 846 uint64_t nb_sectors;
bd491d6a 847
25ad22bc 848 s->tray_open = !load;
bd491d6a
TS		 849 bdrv_get_geometry(s->bs, &nb_sectors);
850 s->nb_sectors = nb_sectors;
9118e7f0 851
4b9b7092
AS		 852 /*
853 * First indicate to the guest that a CD has been removed. That's
854 * done on the next command the guest sends us.
855 *
67cc61e4 856 * Then we set UNIT_ATTENTION, by which the guest will
4b9b7092
AS		 857 * detect a new CD in the drive. See ide_atapi_cmd() for details.
858 */
93c8cfd9 859 s->cdrom_changed = 1;
996faf1a 860 s->events.new_media = true;
2df0a3a3
PB		 861 s->events.eject_request = false;
862 ide_set_irq(s->bus);
863}
864
865static void ide_cd_eject_request_cb(void *opaque, bool force)
866{
867 IDEState *s = opaque;
868
869 s->events.eject_request = true;
870 if (force) {
871 s->tray_locked = false;
872 }
9cdd03a7 873 ide_set_irq(s->bus);
bd491d6a
TS		 874}
875
c2ff060f
FB		 876static void ide_cmd_lba48_transform(IDEState *s, int lba48)
877{
878 s->lba48 = lba48;
879
880 /* handle the 'magic' 0 nsector count conversion here. to avoid
881 * fiddling with the rest of the read logic, we just store the
882 * full sector count in ->nsector and ignore ->hob_nsector from now
883 */
884 if (!s->lba48) {
885 if (!s->nsector)
886 s->nsector = 256;
887 } else {
888 if (!s->nsector && !s->hob_nsector)
889 s->nsector = 65536;
890 else {
891 int lo = s->nsector;
892 int hi = s->hob_nsector;
893
894 s->nsector = (hi << 8) | lo;
895 }
896 }
897}
898
bcbdc4d3 899static void ide_clear_hob(IDEBus *bus)
c2ff060f
FB		 900{
901 /* any write clears HOB high bit of device control register */
bcbdc4d3
GH		 902 bus->ifs[0].select &= ~(1 << 7);
903 bus->ifs[1].select &= ~(1 << 7);
c2ff060f
FB		 904}
905
356721ae 906void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
caed8802 907{
bcbdc4d3 908 IDEBus *bus = opaque;
5391d806
FB		 909
910#ifdef DEBUG_IDE
911 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
912#endif
c2ff060f 913
5391d806 914 addr &= 7;
fcdd25ab
AL		 915
916 /* ignore writes to command block while busy with previous command */
bcbdc4d3 917 if (addr != 7 && (idebus_active_if(bus)->status & (BUSY_STAT|DRQ_STAT)))
fcdd25ab
AL		 918 return;
919
5391d806
FB		 920 switch(addr) {
921 case 0:
922 break;
923 case 1:
bcbdc4d3 924 ide_clear_hob(bus);
c45c3d00 925 /* NOTE: data is written to the two drives */
bcbdc4d3
GH		 926 bus->ifs[0].hob_feature = bus->ifs[0].feature;
927 bus->ifs[1].hob_feature = bus->ifs[1].feature;
928 bus->ifs[0].feature = val;
929 bus->ifs[1].feature = val;
5391d806
FB		 930 break;
931 case 2:
bcbdc4d3
GH		 932 ide_clear_hob(bus);
933 bus->ifs[0].hob_nsector = bus->ifs[0].nsector;
934 bus->ifs[1].hob_nsector = bus->ifs[1].nsector;
935 bus->ifs[0].nsector = val;
936 bus->ifs[1].nsector = val;
5391d806
FB		 937 break;
938 case 3:
bcbdc4d3
GH		 939 ide_clear_hob(bus);
940 bus->ifs[0].hob_sector = bus->ifs[0].sector;
941 bus->ifs[1].hob_sector = bus->ifs[1].sector;
942 bus->ifs[0].sector = val;
943 bus->ifs[1].sector = val;
5391d806
FB		 944 break;
945 case 4:
bcbdc4d3
GH		 946 ide_clear_hob(bus);
947 bus->ifs[0].hob_lcyl = bus->ifs[0].lcyl;
948 bus->ifs[1].hob_lcyl = bus->ifs[1].lcyl;
949 bus->ifs[0].lcyl = val;
950 bus->ifs[1].lcyl = val;
5391d806
FB		 951 break;
952 case 5:
bcbdc4d3
GH		 953 ide_clear_hob(bus);
954 bus->ifs[0].hob_hcyl = bus->ifs[0].hcyl;
955 bus->ifs[1].hob_hcyl = bus->ifs[1].hcyl;
956 bus->ifs[0].hcyl = val;
957 bus->ifs[1].hcyl = val;
5391d806
FB		 958 break;
959 case 6:
c2ff060f 960 /* FIXME: HOB readback uses bit 7 */
bcbdc4d3
GH		 961 bus->ifs[0].select = (val & ~0x10) | 0xa0;
962 bus->ifs[1].select = (val | 0x10) | 0xa0;
5391d806 963 /* select drive */
bcbdc4d3 964 bus->unit = (val >> 4) & 1;
5391d806
FB		 965 break;
966 default:
967 case 7:
968 /* command */
7cff87ff
AG		 969 ide_exec_cmd(bus, val);
970 break;
971 }
972}
973
844505b1
MA		 974#define HD_OK (1u << IDE_HD)
975#define CD_OK (1u << IDE_CD)
976#define CFA_OK (1u << IDE_CFATA)
977#define HD_CFA_OK (HD_OK | CFA_OK)
978#define ALL_OK (HD_OK | CD_OK | CFA_OK)
979
980/* See ACS-2 T13/2015-D Table B.2 Command codes */
981static const uint8_t ide_cmd_table[0x100] = {
982 /* NOP not implemented, mandatory for CD */
983 [CFA_REQ_EXT_ERROR_CODE] = CFA_OK,
984 [WIN_DSM] = ALL_OK,
985 [WIN_DEVICE_RESET] = CD_OK,
3cfc2269 986 [WIN_RECAL] = HD_CFA_OK,
844505b1
MA		 987 [WIN_READ] = ALL_OK,
988 [WIN_READ_ONCE] = ALL_OK,
3cfc2269
MA		 989 [WIN_READ_EXT] = HD_CFA_OK,
990 [WIN_READDMA_EXT] = HD_CFA_OK,
991 [WIN_READ_NATIVE_MAX_EXT] = HD_CFA_OK,
992 [WIN_MULTREAD_EXT] = HD_CFA_OK,
993 [WIN_WRITE] = HD_CFA_OK,
994 [WIN_WRITE_ONCE] = HD_CFA_OK,
995 [WIN_WRITE_EXT] = HD_CFA_OK,
996 [WIN_WRITEDMA_EXT] = HD_CFA_OK,
997 [CFA_WRITE_SECT_WO_ERASE] = CFA_OK,
998 [WIN_MULTWRITE_EXT] = HD_CFA_OK,
999 [WIN_WRITE_VERIFY] = HD_CFA_OK,
1000 [WIN_VERIFY] = HD_CFA_OK,
1001 [WIN_VERIFY_ONCE] = HD_CFA_OK,
1002 [WIN_VERIFY_EXT] = HD_CFA_OK,
844505b1
MA		 1003 [WIN_SEEK] = HD_CFA_OK,
1004 [CFA_TRANSLATE_SECTOR] = CFA_OK,
1005 [WIN_DIAGNOSE] = ALL_OK,
3cfc2269 1006 [WIN_SPECIFY] = HD_CFA_OK,
844505b1
MA		 1007 [WIN_STANDBYNOW2] = ALL_OK,
1008 [WIN_IDLEIMMEDIATE2] = ALL_OK,
1009 [WIN_STANDBY2] = ALL_OK,
1010 [WIN_SETIDLE2] = ALL_OK,
1011 [WIN_CHECKPOWERMODE2] = ALL_OK,
1012 [WIN_SLEEPNOW2] = ALL_OK,
1013 [WIN_PACKETCMD] = CD_OK,
1014 [WIN_PIDENTIFY] = CD_OK,
1015 [WIN_SMART] = HD_CFA_OK,
1016 [CFA_ACCESS_METADATA_STORAGE] = CFA_OK,
1017 [CFA_ERASE_SECTORS] = CFA_OK,
3cfc2269
MA		 1018 [WIN_MULTREAD] = HD_CFA_OK,
1019 [WIN_MULTWRITE] = HD_CFA_OK,
1020 [WIN_SETMULT] = HD_CFA_OK,
1021 [WIN_READDMA] = HD_CFA_OK,
1022 [WIN_READDMA_ONCE] = HD_CFA_OK,
1023 [WIN_WRITEDMA] = HD_CFA_OK,
1024 [WIN_WRITEDMA_ONCE] = HD_CFA_OK,
1025 [CFA_WRITE_MULTI_WO_ERASE] = CFA_OK,
844505b1
MA		 1026 [WIN_STANDBYNOW1] = ALL_OK,
1027 [WIN_IDLEIMMEDIATE] = ALL_OK,
1028 [WIN_STANDBY] = ALL_OK,
1029 [WIN_SETIDLE1] = ALL_OK,
1030 [WIN_CHECKPOWERMODE1] = ALL_OK,
1031 [WIN_SLEEPNOW1] = ALL_OK,
1032 [WIN_FLUSH_CACHE] = ALL_OK,
3cfc2269 1033 [WIN_FLUSH_CACHE_EXT] = HD_CFA_OK,
844505b1
MA		 1034 [WIN_IDENTIFY] = ALL_OK,
1035 [WIN_SETFEATURES] = ALL_OK,
1036 [IBM_SENSE_CONDITION] = CFA_OK,
d5b406d9 1037 [CFA_WEAR_LEVEL] = HD_CFA_OK,
844505b1
MA		 1038 [WIN_READ_NATIVE_MAX] = ALL_OK,
1039};
1040
1041static bool ide_cmd_permitted(IDEState *s, uint32_t cmd)
1042{
1043 return cmd < ARRAY_SIZE(ide_cmd_table)
1044 && (ide_cmd_table[cmd] & (1u << s->drive_kind));
1045}
7cff87ff
AG		 1046
1047void ide_exec_cmd(IDEBus *bus, uint32_t val)
1048{
7cdd481c 1049 uint16_t *identify_data;
7cff87ff
AG		 1050 IDEState *s;
1051 int n;
1052 int lba48 = 0;
1053
5391d806 1054#if defined(DEBUG_IDE)
6ef2ba5e 1055 printf("ide: CMD=%02x\n", val);
5391d806 1056#endif
6ef2ba5e 1057 s = idebus_active_if(bus);
66a0a2cb 1058 /* ignore commands to non existent slave */
6ef2ba5e
AG		 1059 if (s != bus->ifs && !s->bs)
1060 return;
c2ff060f 1061
6ef2ba5e
AG		 1062 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */
1063 if ((s->status & (BUSY_STAT|DRQ_STAT)) && val != WIN_DEVICE_RESET)
1064 return;
fcdd25ab 1065
844505b1
MA		 1066 if (!ide_cmd_permitted(s, val)) {
1067 goto abort_cmd;
1068 }
1069
6ef2ba5e 1070 switch(val) {
d353fb72
CH		 1071 case WIN_DSM:
1072 switch (s->feature) {
1073 case DSM_TRIM:
1074 if (!s->bs) {
1075 goto abort_cmd;
1076 }
1077 ide_sector_start_dma(s, IDE_DMA_TRIM);
1078 break;
1079 default:
1080 goto abort_cmd;
1081 }
1082 break;
6ef2ba5e
AG		 1083 case WIN_IDENTIFY:
1084 if (s->bs && s->drive_kind != IDE_CD) {
1085 if (s->drive_kind != IDE_CFATA)
1086 ide_identify(s);
1087 else
1088 ide_cfata_identify(s);
769bec72 1089 s->status = READY_STAT | SEEK_STAT;
6ef2ba5e
AG		 1090 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1091 } else {
1092 if (s->drive_kind == IDE_CD) {
1093 ide_set_signature(s);
5391d806 1094 }
6ef2ba5e
AG		 1095 ide_abort_command(s);
1096 }
1097 ide_set_irq(s->bus);
1098 break;
1099 case WIN_SPECIFY:
1100 case WIN_RECAL:
1101 s->error = 0;
1102 s->status = READY_STAT | SEEK_STAT;
1103 ide_set_irq(s->bus);
1104 break;
1105 case WIN_SETMULT:
1106 if (s->drive_kind == IDE_CFATA && s->nsector == 0) {
1107 /* Disable Read and Write Multiple */
1108 s->mult_sectors = 0;
41a2b959 1109 s->status = READY_STAT | SEEK_STAT;
6ef2ba5e
AG		 1110 } else if ((s->nsector & 0xff) != 0 &&
1111 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
1112 (s->nsector & (s->nsector - 1)) != 0)) {
1113 ide_abort_command(s);
1114 } else {
1115 s->mult_sectors = s->nsector & 0xff;
1116 s->status = READY_STAT | SEEK_STAT;
1117 }
1118 ide_set_irq(s->bus);
1119 break;
1120 case WIN_VERIFY_EXT:
1121 lba48 = 1;
1122 case WIN_VERIFY:
1123 case WIN_VERIFY_ONCE:
1124 /* do sector number check ? */
1125 ide_cmd_lba48_transform(s, lba48);
1126 s->status = READY_STAT | SEEK_STAT;
1127 ide_set_irq(s->bus);
1128 break;
814839c0 1129 case WIN_READ_EXT:
6ef2ba5e
AG		 1130 lba48 = 1;
1131 case WIN_READ:
1132 case WIN_READ_ONCE:
3f76a7c3
MA		 1133 if (s->drive_kind == IDE_CD) {
1134 ide_set_signature(s); /* odd, but ATA4 8.27.5.2 requires it */
6ef2ba5e 1135 goto abort_cmd;
3f76a7c3 1136 }
d53cdb30
PB		 1137 if (!s->bs) {
1138 goto abort_cmd;
1139 }
6ef2ba5e
AG		 1140 ide_cmd_lba48_transform(s, lba48);
1141 s->req_nb_sectors = 1;
1142 ide_sector_read(s);
1143 break;
814839c0 1144 case WIN_WRITE_EXT:
6ef2ba5e
AG		 1145 lba48 = 1;
1146 case WIN_WRITE:
1147 case WIN_WRITE_ONCE:
1148 case CFA_WRITE_SECT_WO_ERASE:
1149 case WIN_WRITE_VERIFY:
d53cdb30
PB		 1150 if (!s->bs) {
1151 goto abort_cmd;
1152 }
6ef2ba5e
AG		 1153 ide_cmd_lba48_transform(s, lba48);
1154 s->error = 0;
1155 s->status = SEEK_STAT | READY_STAT;
1156 s->req_nb_sectors = 1;
1157 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1158 s->media_changed = 1;
1159 break;
814839c0 1160 case WIN_MULTREAD_EXT:
6ef2ba5e
AG		 1161 lba48 = 1;
1162 case WIN_MULTREAD:
d53cdb30
PB		 1163 if (!s->bs) {
1164 goto abort_cmd;
1165 }
1166 if (!s->mult_sectors) {
6ef2ba5e 1167 goto abort_cmd;
d53cdb30 1168 }
6ef2ba5e
AG		 1169 ide_cmd_lba48_transform(s, lba48);
1170 s->req_nb_sectors = s->mult_sectors;
1171 ide_sector_read(s);
1172 break;
1173 case WIN_MULTWRITE_EXT:
1174 lba48 = 1;
1175 case WIN_MULTWRITE:
1176 case CFA_WRITE_MULTI_WO_ERASE:
d53cdb30
PB		 1177 if (!s->bs) {
1178 goto abort_cmd;
1179 }
1180 if (!s->mult_sectors) {
6ef2ba5e 1181 goto abort_cmd;
d53cdb30 1182 }
6ef2ba5e
AG		 1183 ide_cmd_lba48_transform(s, lba48);
1184 s->error = 0;
1185 s->status = SEEK_STAT | READY_STAT;
1186 s->req_nb_sectors = s->mult_sectors;
1187 n = s->nsector;
1188 if (n > s->req_nb_sectors)
1189 n = s->req_nb_sectors;
1190 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1191 s->media_changed = 1;
1192 break;
814839c0 1193 case WIN_READDMA_EXT:
6ef2ba5e
AG		 1194 lba48 = 1;
1195 case WIN_READDMA:
1196 case WIN_READDMA_ONCE:
d53cdb30 1197 if (!s->bs) {
6ef2ba5e 1198 goto abort_cmd;
d53cdb30 1199 }
6ef2ba5e 1200 ide_cmd_lba48_transform(s, lba48);
4e1e0051 1201 ide_sector_start_dma(s, IDE_DMA_READ);
6ef2ba5e 1202 break;
814839c0 1203 case WIN_WRITEDMA_EXT:
6ef2ba5e
AG		 1204 lba48 = 1;
1205 case WIN_WRITEDMA:
1206 case WIN_WRITEDMA_ONCE:
d53cdb30 1207 if (!s->bs) {
6ef2ba5e 1208 goto abort_cmd;
d53cdb30 1209 }
6ef2ba5e 1210 ide_cmd_lba48_transform(s, lba48);
4e1e0051 1211 ide_sector_start_dma(s, IDE_DMA_WRITE);
6ef2ba5e
AG		 1212 s->media_changed = 1;
1213 break;
1214 case WIN_READ_NATIVE_MAX_EXT:
1215 lba48 = 1;
1216 case WIN_READ_NATIVE_MAX:
1217 ide_cmd_lba48_transform(s, lba48);
1218 ide_set_sector(s, s->nb_sectors - 1);
1219 s->status = READY_STAT | SEEK_STAT;
1220 ide_set_irq(s->bus);
1221 break;
1222 case WIN_CHECKPOWERMODE1:
1223 case WIN_CHECKPOWERMODE2:
b93af93d 1224 s->error = 0;
6ef2ba5e
AG		 1225 s->nsector = 0xff; /* device active or idle */
1226 s->status = READY_STAT | SEEK_STAT;
1227 ide_set_irq(s->bus);
1228 break;
1229 case WIN_SETFEATURES:
1230 if (!s->bs)
1231 goto abort_cmd;
1232 /* XXX: valid for CDROM ? */
1233 switch(s->feature) {
6ef2ba5e 1234 case 0x02: /* write cache enable */
7cdd481c
PB		 1235 bdrv_set_enable_write_cache(s->bs, true);
1236 identify_data = (uint16_t *)s->identify_data;
1237 put_le16(identify_data + 85, (1 << 14) | (1 << 5) | 1);
1238 s->status = READY_STAT | SEEK_STAT;
1239 ide_set_irq(s->bus);
1240 break;
6ef2ba5e 1241 case 0x82: /* write cache disable */
7cdd481c
PB		 1242 bdrv_set_enable_write_cache(s->bs, false);
1243 identify_data = (uint16_t *)s->identify_data;
1244 put_le16(identify_data + 85, (1 << 14) | 1);
1245 ide_flush_cache(s);
1246 break;
1247 case 0xcc: /* reverting to power-on defaults enable */
1248 case 0x66: /* reverting to power-on defaults disable */
6ef2ba5e
AG		 1249 case 0xaa: /* read look-ahead enable */
1250 case 0x55: /* read look-ahead disable */
1251 case 0x05: /* set advanced power management mode */
1252 case 0x85: /* disable advanced power management mode */
1253 case 0x69: /* NOP */
1254 case 0x67: /* NOP */
1255 case 0x96: /* NOP */
1256 case 0x9a: /* NOP */
1257 case 0x42: /* enable Automatic Acoustic Mode */
1258 case 0xc2: /* disable Automatic Acoustic Mode */
41a2b959 1259 s->status = READY_STAT | SEEK_STAT;
9cdd03a7 1260 ide_set_irq(s->bus);
a136e5a8 1261 break;
6ef2ba5e 1262 case 0x03: { /* set transfer mode */
94458802 1263 uint8_t val = s->nsector & 0x07;
7cdd481c 1264 identify_data = (uint16_t *)s->identify_data;
94458802
FB		 1265
1266 switch (s->nsector >> 3) {
6ef2ba5e
AG		 1267 case 0x00: /* pio default */
1268 case 0x01: /* pio mode */
96c35ceb
JQ		 1269 put_le16(identify_data + 62,0x07);
1270 put_le16(identify_data + 63,0x07);
1271 put_le16(identify_data + 88,0x3f);
d1b5c20d 1272 break;
6ef2ba5e 1273 case 0x02: /* sigle word dma mode*/
96c35ceb
JQ		 1274 put_le16(identify_data + 62,0x07 | (1 << (val + 8)));
1275 put_le16(identify_data + 63,0x07);
1276 put_le16(identify_data + 88,0x3f);
94458802 1277 break;
6ef2ba5e 1278 case 0x04: /* mdma mode */
96c35ceb
JQ		 1279 put_le16(identify_data + 62,0x07);
1280 put_le16(identify_data + 63,0x07 | (1 << (val + 8)));
1281 put_le16(identify_data + 88,0x3f);
94458802 1282 break;
6ef2ba5e 1283 case 0x08: /* udma mode */
96c35ceb
JQ		 1284 put_le16(identify_data + 62,0x07);
1285 put_le16(identify_data + 63,0x07);
1286 put_le16(identify_data + 88,0x3f | (1 << (val + 8)));
94458802 1287 break;
6ef2ba5e 1288 default:
94458802
FB		 1289 goto abort_cmd;
1290 }
4fbfcd6d 1291 s->status = READY_STAT | SEEK_STAT;
9cdd03a7 1292 ide_set_irq(s->bus);
4fbfcd6d 1293 break;
6ef2ba5e
AG		 1294 }
1295 default:
1296 goto abort_cmd;
1297 }
1298 break;
1299 case WIN_FLUSH_CACHE:
1300 case WIN_FLUSH_CACHE_EXT:
1301 ide_flush_cache(s);
1302 break;
1303 case WIN_STANDBY:
1304 case WIN_STANDBY2:
1305 case WIN_STANDBYNOW1:
1306 case WIN_STANDBYNOW2:
1307 case WIN_IDLEIMMEDIATE:
1d4316d3 1308 case WIN_IDLEIMMEDIATE2:
6ef2ba5e
AG		 1309 case WIN_SETIDLE1:
1310 case WIN_SETIDLE2:
1311 case WIN_SLEEPNOW1:
1312 case WIN_SLEEPNOW2:
1313 s->status = READY_STAT;
1314 ide_set_irq(s->bus);
1315 break;
1316 case WIN_SEEK:
6ef2ba5e
AG		 1317 /* XXX: Check that seek is within bounds */
1318 s->status = READY_STAT | SEEK_STAT;
1319 ide_set_irq(s->bus);
1320 break;
1321 /* ATAPI commands */
1322 case WIN_PIDENTIFY:
844505b1
MA		 1323 ide_atapi_identify(s);
1324 s->status = READY_STAT | SEEK_STAT;
1325 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
6ef2ba5e
AG		 1326 ide_set_irq(s->bus);
1327 break;
1328 case WIN_DIAGNOSE:
1329 ide_set_signature(s);
1330 if (s->drive_kind == IDE_CD)
1331 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet
1332 * devices to return a clear status register
1333 * with READY_STAT *not* set. */
1334 else
41a2b959 1335 s->status = READY_STAT | SEEK_STAT;
6ef2ba5e
AG		 1336 s->error = 0x01; /* Device 0 passed, Device 1 passed or not
1337 * present.
1338 */
1339 ide_set_irq(s->bus);
1340 break;
1d4316d3 1341 case WIN_DEVICE_RESET:
6ef2ba5e
AG		 1342 ide_set_signature(s);
1343 s->status = 0x00; /* NOTE: READY is _not_ set */
1344 s->error = 0x01;
1345 break;
1346 case WIN_PACKETCMD:
6ef2ba5e
AG		 1347 /* overlapping commands not supported */
1348 if (s->feature & 0x02)
1349 goto abort_cmd;
1350 s->status = READY_STAT | SEEK_STAT;
1351 s->atapi_dma = s->feature & 1;
1352 s->nsector = 1;
1353 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
1354 ide_atapi_cmd);
1355 break;
1356 /* CF-ATA commands */
1357 case CFA_REQ_EXT_ERROR_CODE:
6ef2ba5e
AG		 1358 s->error = 0x09; /* miscellaneous error */
1359 s->status = READY_STAT | SEEK_STAT;
1360 ide_set_irq(s->bus);
1361 break;
1362 case CFA_ERASE_SECTORS:
1363 case CFA_WEAR_LEVEL:
d5b406d9
AG		 1364#if 0
1365 /* This one has the same ID as CFA_WEAR_LEVEL and is required for
1366 Windows 8 to work with AHCI */
1367 case WIN_SECURITY_FREEZE_LOCK:
1368#endif
6ef2ba5e
AG		 1369 if (val == CFA_WEAR_LEVEL)
1370 s->nsector = 0;
1371 if (val == CFA_ERASE_SECTORS)
1372 s->media_changed = 1;
1373 s->error = 0x00;
1374 s->status = READY_STAT | SEEK_STAT;
1375 ide_set_irq(s->bus);
1376 break;
1377 case CFA_TRANSLATE_SECTOR:
6ef2ba5e
AG		 1378 s->error = 0x00;
1379 s->status = READY_STAT | SEEK_STAT;
1380 memset(s->io_buffer, 0, 0x200);
1381 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
1382 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
1383 s->io_buffer[0x02] = s->select; /* Head */
1384 s->io_buffer[0x03] = s->sector; /* Sector */
1385 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
1386 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
1387 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
1388 s->io_buffer[0x13] = 0x00; /* Erase flag */
1389 s->io_buffer[0x18] = 0x00; /* Hot count */
1390 s->io_buffer[0x19] = 0x00; /* Hot count */
1391 s->io_buffer[0x1a] = 0x01; /* Hot count */
1392 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
1393 ide_set_irq(s->bus);
1394 break;
1395 case CFA_ACCESS_METADATA_STORAGE:
6ef2ba5e
AG		 1396 switch (s->feature) {
1397 case 0x02: /* Inquiry Metadata Storage */
1398 ide_cfata_metadata_inquiry(s);
201a51fc 1399 break;
6ef2ba5e
AG		 1400 case 0x03: /* Read Metadata Storage */
1401 ide_cfata_metadata_read(s);
201a51fc 1402 break;
6ef2ba5e
AG		 1403 case 0x04: /* Write Metadata Storage */
1404 ide_cfata_metadata_write(s);
201a51fc 1405 break;
6ef2ba5e
AG		 1406 default:
1407 goto abort_cmd;
1408 }
1409 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
1410 s->status = 0x00; /* NOTE: READY is _not_ set */
1411 ide_set_irq(s->bus);
1412 break;
1413 case IBM_SENSE_CONDITION:
6ef2ba5e
AG		 1414 switch (s->feature) {
1415 case 0x01: /* sense temperature in device */
1416 s->nsector = 0x50; /* +20 C */
201a51fc 1417 break;
6ef2ba5e
AG		 1418 default:
1419 goto abort_cmd;
1420 }
1421 s->status = READY_STAT | SEEK_STAT;
1422 ide_set_irq(s->bus);
1423 break;
e8b54394 1424
814839c0 1425 case WIN_SMART:
6ef2ba5e 1426 if (s->hcyl != 0xc2 || s->lcyl != 0x4f)
e8b54394 1427 goto abort_cmd;
6ef2ba5e 1428 if (!s->smart_enabled && s->feature != SMART_ENABLE)
e8b54394 1429 goto abort_cmd;
6ef2ba5e
AG		 1430 switch (s->feature) {
1431 case SMART_DISABLE:
e8b54394
BW		 1432 s->smart_enabled = 0;
1433 s->status = READY_STAT | SEEK_STAT;
9cdd03a7 1434 ide_set_irq(s->bus);
e8b54394 1435 break;
6ef2ba5e 1436 case SMART_ENABLE:
e8b54394
BW		 1437 s->smart_enabled = 1;
1438 s->status = READY_STAT | SEEK_STAT;
9cdd03a7 1439 ide_set_irq(s->bus);
e8b54394 1440 break;
6ef2ba5e 1441 case SMART_ATTR_AUTOSAVE:
e8b54394
BW		 1442 switch (s->sector) {
1443 case 0x00:
6ef2ba5e
AG		 1444 s->smart_autosave = 0;
1445 break;
e8b54394 1446 case 0xf1:
6ef2ba5e
AG		 1447 s->smart_autosave = 1;
1448 break;
e8b54394 1449 default:
6ef2ba5e 1450 goto abort_cmd;
e8b54394
BW		 1451 }
1452 s->status = READY_STAT | SEEK_STAT;
9cdd03a7 1453 ide_set_irq(s->bus);
e8b54394 1454 break;
6ef2ba5e 1455 case SMART_STATUS:
e8b54394 1456 if (!s->smart_errors) {
6ef2ba5e
AG		 1457 s->hcyl = 0xc2;
1458 s->lcyl = 0x4f;
e8b54394 1459 } else {
6ef2ba5e
AG		 1460 s->hcyl = 0x2c;
1461 s->lcyl = 0xf4;
e8b54394
BW		 1462 }
1463 s->status = READY_STAT | SEEK_STAT;
9cdd03a7 1464 ide_set_irq(s->bus);
e8b54394 1465 break;
6ef2ba5e 1466 case SMART_READ_THRESH:
e8b54394
BW		 1467 memset(s->io_buffer, 0, 0x200);
1468 s->io_buffer[0] = 0x01; /* smart struct version */
1e53537f 1469 for (n = 0; n < ARRAY_SIZE(smart_attributes); n++) {
6ef2ba5e 1470 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0];
b93af93d 1471 s->io_buffer[2+1+(n*12)] = smart_attributes[n][11];
e8b54394
BW		 1472 }
1473 for (n=0; n<511; n++) /* checksum */
6ef2ba5e 1474 s->io_buffer[511] += s->io_buffer[n];
e8b54394
BW		 1475 s->io_buffer[511] = 0x100 - s->io_buffer[511];
1476 s->status = READY_STAT | SEEK_STAT;
1477 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
9cdd03a7 1478 ide_set_irq(s->bus);
e8b54394 1479 break;
6ef2ba5e 1480 case SMART_READ_DATA:
e8b54394
BW		 1481 memset(s->io_buffer, 0, 0x200);
1482 s->io_buffer[0] = 0x01; /* smart struct version */
1e53537f 1483 for (n = 0; n < ARRAY_SIZE(smart_attributes); n++) {
b93af93d
BW		 1484 int i;
1485 for(i = 0; i < 11; i++) {
1486 s->io_buffer[2+i+(n*12)] = smart_attributes[n][i];
1487 }
e8b54394
BW		 1488 }
1489 s->io_buffer[362] = 0x02 | (s->smart_autosave?0x80:0x00);
1490 if (s->smart_selftest_count == 0) {
6ef2ba5e 1491 s->io_buffer[363] = 0;
e8b54394 1492 } else {
6ef2ba5e 1493 s->io_buffer[363] =
e8b54394 1494 s->smart_selftest_data[3 +
6ef2ba5e
AG		 1495 (s->smart_selftest_count - 1) *
1496 24];
e8b54394
BW		 1497 }
1498 s->io_buffer[364] = 0x20;
1499 s->io_buffer[365] = 0x01;
1500 /* offline data collection capacity: execute + self-test*/
1501 s->io_buffer[367] = (1<<4 | 1<<3 | 1);
1502 s->io_buffer[368] = 0x03; /* smart capability (1) */
1503 s->io_buffer[369] = 0x00; /* smart capability (2) */
1504 s->io_buffer[370] = 0x01; /* error logging supported */
1505 s->io_buffer[372] = 0x02; /* minutes for poll short test */
1506 s->io_buffer[373] = 0x36; /* minutes for poll ext test */
1507 s->io_buffer[374] = 0x01; /* minutes for poll conveyance */
1508
1509 for (n=0; n<511; n++)
6ef2ba5e 1510 s->io_buffer[511] += s->io_buffer[n];
e8b54394
BW		 1511 s->io_buffer[511] = 0x100 - s->io_buffer[511];
1512 s->status = READY_STAT | SEEK_STAT;
1513 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
9cdd03a7 1514 ide_set_irq(s->bus);
e8b54394 1515 break;
6ef2ba5e 1516 case SMART_READ_LOG:
e8b54394
BW		 1517 switch (s->sector) {
1518 case 0x01: /* summary smart error log */
6ef2ba5e
AG		 1519 memset(s->io_buffer, 0, 0x200);
1520 s->io_buffer[0] = 0x01;
1521 s->io_buffer[1] = 0x00; /* no error entries */
1522 s->io_buffer[452] = s->smart_errors & 0xff;
1523 s->io_buffer[453] = (s->smart_errors & 0xff00) >> 8;
e8b54394 1524
6ef2ba5e 1525 for (n=0; n<511; n++)
e8b54394 1526 s->io_buffer[511] += s->io_buffer[n];
6ef2ba5e
AG		 1527 s->io_buffer[511] = 0x100 - s->io_buffer[511];
1528 break;
e8b54394 1529 case 0x06: /* smart self test log */
6ef2ba5e
AG		 1530 memset(s->io_buffer, 0, 0x200);
1531 s->io_buffer[0] = 0x01;
1532 if (s->smart_selftest_count == 0) {
e8b54394 1533 s->io_buffer[508] = 0;
6ef2ba5e 1534 } else {
e8b54394
BW		 1535 s->io_buffer[508] = s->smart_selftest_count;
1536 for (n=2; n<506; n++)
6ef2ba5e
AG		 1537 s->io_buffer[n] = s->smart_selftest_data[n];
1538 }
1539 for (n=0; n<511; n++)
e8b54394 1540 s->io_buffer[511] += s->io_buffer[n];
6ef2ba5e
AG		 1541 s->io_buffer[511] = 0x100 - s->io_buffer[511];
1542 break;
e8b54394 1543 default:
6ef2ba5e 1544 goto abort_cmd;
e8b54394
BW		 1545 }
1546 s->status = READY_STAT | SEEK_STAT;
1547 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
9cdd03a7 1548 ide_set_irq(s->bus);
e8b54394 1549 break;
6ef2ba5e 1550 case SMART_EXECUTE_OFFLINE:
e8b54394
BW		 1551 switch (s->sector) {
1552 case 0: /* off-line routine */
1553 case 1: /* short self test */
1554 case 2: /* extended self test */
6ef2ba5e
AG		 1555 s->smart_selftest_count++;
1556 if(s->smart_selftest_count > 21)
e8b54394 1557 s->smart_selftest_count = 0;
6ef2ba5e
AG		 1558 n = 2 + (s->smart_selftest_count - 1) * 24;
1559 s->smart_selftest_data[n] = s->sector;
1560 s->smart_selftest_data[n+1] = 0x00; /* OK and finished */
1561 s->smart_selftest_data[n+2] = 0x34; /* hour count lsb */
1562 s->smart_selftest_data[n+3] = 0x12; /* hour count msb */
1563 s->status = READY_STAT | SEEK_STAT;
1564 ide_set_irq(s->bus);
1565 break;
e8b54394 1566 default:
6ef2ba5e 1567 goto abort_cmd;
e8b54394
BW		 1568 }
1569 break;
6ef2ba5e 1570 default:
e8b54394 1571 goto abort_cmd;
6ef2ba5e
AG		 1572 }
1573 break;
1574 default:
844505b1 1575 /* should not be reachable */
6ef2ba5e
AG		 1576 abort_cmd:
1577 ide_abort_command(s);
1578 ide_set_irq(s->bus);
1579 break;
1580 }
5391d806
FB		 1581}
1582
356721ae 1583uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
5391d806 1584{
bcbdc4d3
GH		 1585 IDEBus *bus = opaque;
1586 IDEState *s = idebus_active_if(bus);
5391d806 1587 uint32_t addr;
c2ff060f 1588 int ret, hob;
5391d806
FB		 1589
1590 addr = addr1 & 7;
c2ff060f
FB		 1591 /* FIXME: HOB readback uses bit 7, but it's always set right now */
1592 //hob = s->select & (1 << 7);
1593 hob = 0;
5391d806
FB		 1594 switch(addr) {
1595 case 0:
1596 ret = 0xff;
1597 break;
1598 case 1:
bcbdc4d3
GH		 1599 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
1600 (s != bus->ifs && !s->bs))
c45c3d00 1601 ret = 0;
c2ff060f 1602 else if (!hob)
c45c3d00 1603 ret = s->error;
c2ff060f
FB		 1604 else
1605 ret = s->hob_feature;
5391d806
FB		 1606 break;
1607 case 2:
bcbdc4d3 1608 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
c45c3d00 1609 ret = 0;
c2ff060f 1610 else if (!hob)
c45c3d00 1611 ret = s->nsector & 0xff;
c2ff060f
FB		 1612 else
1613 ret = s->hob_nsector;
5391d806
FB		 1614 break;
1615 case 3:
bcbdc4d3 1616 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
c45c3d00 1617 ret = 0;
c2ff060f 1618 else if (!hob)
c45c3d00 1619 ret = s->sector;
c2ff060f
FB		 1620 else
1621 ret = s->hob_sector;
5391d806
FB		 1622 break;
1623 case 4:
bcbdc4d3 1624 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
c45c3d00 1625 ret = 0;
c2ff060f 1626 else if (!hob)
c45c3d00 1627 ret = s->lcyl;
c2ff060f
FB		 1628 else
1629 ret = s->hob_lcyl;
5391d806
FB		 1630 break;
1631 case 5:
bcbdc4d3 1632 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
c45c3d00 1633 ret = 0;
c2ff060f 1634 else if (!hob)
c45c3d00 1635 ret = s->hcyl;
c2ff060f
FB		 1636 else
1637 ret = s->hob_hcyl;
5391d806
FB		 1638 break;
1639 case 6:
bcbdc4d3 1640 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
c45c3d00
FB		 1641 ret = 0;
1642 else
7ae98627 1643 ret = s->select;
5391d806
FB		 1644 break;
1645 default:
1646 case 7:
bcbdc4d3
GH		 1647 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
1648 (s != bus->ifs && !s->bs))
c45c3d00
FB		 1649 ret = 0;
1650 else
1651 ret = s->status;
9cdd03a7 1652 qemu_irq_lower(bus->irq);
5391d806
FB		 1653 break;
1654 }
1655#ifdef DEBUG_IDE
1656 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
1657#endif
1658 return ret;
1659}
1660
356721ae 1661uint32_t ide_status_read(void *opaque, uint32_t addr)
5391d806 1662{
bcbdc4d3
GH		 1663 IDEBus *bus = opaque;
1664 IDEState *s = idebus_active_if(bus);
5391d806 1665 int ret;
7ae98627 1666
bcbdc4d3
GH		 1667 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
1668 (s != bus->ifs && !s->bs))
7ae98627
FB		 1669 ret = 0;
1670 else
1671 ret = s->status;
5391d806
FB		 1672#ifdef DEBUG_IDE
1673 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
1674#endif
1675 return ret;
1676}
1677
356721ae 1678void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
5391d806 1679{
bcbdc4d3 1680 IDEBus *bus = opaque;
5391d806
FB		 1681 IDEState *s;
1682 int i;
1683
1684#ifdef DEBUG_IDE
1685 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
1686#endif
1687 /* common for both drives */
9cdd03a7 1688 if (!(bus->cmd & IDE_CMD_RESET) &&
5391d806
FB		 1689 (val & IDE_CMD_RESET)) {
1690 /* reset low to high */
1691 for(i = 0;i < 2; i++) {
bcbdc4d3 1692 s = &bus->ifs[i];
5391d806
FB		 1693 s->status = BUSY_STAT | SEEK_STAT;
1694 s->error = 0x01;
1695 }
9cdd03a7 1696 } else if ((bus->cmd & IDE_CMD_RESET) &&
5391d806
FB		 1697 !(val & IDE_CMD_RESET)) {
1698 /* high to low */
1699 for(i = 0;i < 2; i++) {
bcbdc4d3 1700 s = &bus->ifs[i];
cd8722bb 1701 if (s->drive_kind == IDE_CD)
6b136f9e
FB		 1702 s->status = 0x00; /* NOTE: READY is _not_ set */
1703 else
56bf1d37 1704 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 1705 ide_set_signature(s);
1706 }
1707 }
1708
9cdd03a7 1709 bus->cmd = val;
5391d806
FB		 1710}
1711
40c4ed3f
KW		 1712/*
1713 * Returns true if the running PIO transfer is a PIO out (i.e. data is
1714 * transferred from the device to the guest), false if it's a PIO in
1715 */
1716static bool ide_is_pio_out(IDEState *s)
1717{
1718 if (s->end_transfer_func == ide_sector_write ||
1719 s->end_transfer_func == ide_atapi_cmd) {
1720 return false;
1721 } else if (s->end_transfer_func == ide_sector_read ||
1722 s->end_transfer_func == ide_transfer_stop ||
1723 s->end_transfer_func == ide_atapi_cmd_reply_end ||
1724 s->end_transfer_func == ide_dummy_transfer_stop) {
1725 return true;
1726 }
1727
1728 abort();
1729}
1730
356721ae 1731void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
5391d806 1732{
bcbdc4d3
GH		 1733 IDEBus *bus = opaque;
1734 IDEState *s = idebus_active_if(bus);
5391d806
FB		 1735 uint8_t *p;
1736
40c4ed3f
KW		 1737 /* PIO data access allowed only when DRQ bit is set. The result of a write
1738 * during PIO out is indeterminate, just ignore it. */
1739 if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) {
fcdd25ab 1740 return;
40c4ed3f 1741 }
fcdd25ab 1742
5391d806 1743 p = s->data_ptr;
0c4ad8dc 1744 *(uint16_t *)p = le16_to_cpu(val);
5391d806
FB		 1745 p += 2;
1746 s->data_ptr = p;
1747 if (p >= s->data_end)
1748 s->end_transfer_func(s);
1749}
1750
356721ae 1751uint32_t ide_data_readw(void *opaque, uint32_t addr)
5391d806 1752{
bcbdc4d3
GH		 1753 IDEBus *bus = opaque;
1754 IDEState *s = idebus_active_if(bus);
5391d806
FB		 1755 uint8_t *p;
1756 int ret;
fcdd25ab 1757
40c4ed3f
KW		 1758 /* PIO data access allowed only when DRQ bit is set. The result of a read
1759 * during PIO in is indeterminate, return 0 and don't move forward. */
1760 if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) {
fcdd25ab 1761 return 0;
40c4ed3f 1762 }
fcdd25ab 1763
5391d806 1764 p = s->data_ptr;
0c4ad8dc 1765 ret = cpu_to_le16(*(uint16_t *)p);
5391d806
FB		 1766 p += 2;
1767 s->data_ptr = p;
1768 if (p >= s->data_end)
1769 s->end_transfer_func(s);
1770 return ret;
1771}
1772
356721ae 1773void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
5391d806 1774{
bcbdc4d3
GH		 1775 IDEBus *bus = opaque;
1776 IDEState *s = idebus_active_if(bus);
5391d806
FB		 1777 uint8_t *p;
1778
40c4ed3f
KW		 1779 /* PIO data access allowed only when DRQ bit is set. The result of a write
1780 * during PIO out is indeterminate, just ignore it. */
1781 if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) {
fcdd25ab 1782 return;
40c4ed3f 1783 }
fcdd25ab 1784
5391d806 1785 p = s->data_ptr;
0c4ad8dc 1786 *(uint32_t *)p = le32_to_cpu(val);
5391d806
FB		 1787 p += 4;
1788 s->data_ptr = p;
1789 if (p >= s->data_end)
1790 s->end_transfer_func(s);
1791}
1792
356721ae 1793uint32_t ide_data_readl(void *opaque, uint32_t addr)
5391d806 1794{
bcbdc4d3
GH		 1795 IDEBus *bus = opaque;
1796 IDEState *s = idebus_active_if(bus);
5391d806
FB		 1797 uint8_t *p;
1798 int ret;
3b46e624 1799
40c4ed3f
KW		 1800 /* PIO data access allowed only when DRQ bit is set. The result of a read
1801 * during PIO in is indeterminate, return 0 and don't move forward. */
1802 if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) {
fcdd25ab 1803 return 0;
40c4ed3f 1804 }
fcdd25ab 1805
5391d806 1806 p = s->data_ptr;
0c4ad8dc 1807 ret = cpu_to_le32(*(uint32_t *)p);
5391d806
FB		 1808 p += 4;
1809 s->data_ptr = p;
1810 if (p >= s->data_end)
1811 s->end_transfer_func(s);
1812 return ret;
1813}
1814
a7dfe172
FB		 1815static void ide_dummy_transfer_stop(IDEState *s)
1816{
1817 s->data_ptr = s->io_buffer;
1818 s->data_end = s->io_buffer;
1819 s->io_buffer[0] = 0xff;
1820 s->io_buffer[1] = 0xff;
1821 s->io_buffer[2] = 0xff;
1822 s->io_buffer[3] = 0xff;
1823}
1824
4a643563 1825static void ide_reset(IDEState *s)
5391d806 1826{
4a643563
BS		 1827#ifdef DEBUG_IDE
1828 printf("ide: reset\n");
1829#endif
bef0fd59
SH		 1830
1831 if (s->pio_aiocb) {
1832 bdrv_aio_cancel(s->pio_aiocb);
1833 s->pio_aiocb = NULL;
1834 }
1835
cd8722bb 1836 if (s->drive_kind == IDE_CFATA)
201a51fc
AZ		 1837 s->mult_sectors = 0;
1838 else
1839 s->mult_sectors = MAX_MULT_SECTORS;
4a643563
BS		 1840 /* ide regs */
1841 s->feature = 0;
1842 s->error = 0;
1843 s->nsector = 0;
1844 s->sector = 0;
1845 s->lcyl = 0;
1846 s->hcyl = 0;
1847
1848 /* lba48 */
1849 s->hob_feature = 0;
1850 s->hob_sector = 0;
1851 s->hob_nsector = 0;
1852 s->hob_lcyl = 0;
1853 s->hob_hcyl = 0;
1854
5391d806 1855 s->select = 0xa0;
41a2b959 1856 s->status = READY_STAT | SEEK_STAT;
4a643563
BS		 1857
1858 s->lba48 = 0;
1859
1860 /* ATAPI specific */
1861 s->sense_key = 0;
1862 s->asc = 0;
1863 s->cdrom_changed = 0;
1864 s->packet_transfer_size = 0;
1865 s->elementary_transfer_size = 0;
1866 s->io_buffer_index = 0;
1867 s->cd_sector_size = 0;
1868 s->atapi_dma = 0;
1869 /* ATA DMA state */
1870 s->io_buffer_size = 0;
1871 s->req_nb_sectors = 0;
1872
5391d806 1873 ide_set_signature(s);
a7dfe172
FB		 1874 /* init the transfer handler so that 0xffff is returned on data
1875 accesses */
1876 s->end_transfer_func = ide_dummy_transfer_stop;
1877 ide_dummy_transfer_stop(s);
201a51fc 1878 s->media_changed = 0;
5391d806
FB		 1879}
1880
4a643563
BS		 1881void ide_bus_reset(IDEBus *bus)
1882{
1883 bus->unit = 0;
1884 bus->cmd = 0;
1885 ide_reset(&bus->ifs[0]);
1886 ide_reset(&bus->ifs[1]);
1887 ide_clear_hob(bus);
40a6238a
AG		 1888
1889 /* pending async DMA */
1890 if (bus->dma->aiocb) {
1891#ifdef DEBUG_AIO
1892 printf("aio_cancel\n");
1893#endif
1894 bdrv_aio_cancel(bus->dma->aiocb);
1895 bus->dma->aiocb = NULL;
1896 }
1897
1898 /* reset dma provider too */
1899 bus->dma->ops->reset(bus->dma);
4a643563
BS		 1900}
1901
e4def80b
MA		 1902static bool ide_cd_is_tray_open(void *opaque)
1903{
1904 return ((IDEState *)opaque)->tray_open;
1905}
1906
f107639a
MA		 1907static bool ide_cd_is_medium_locked(void *opaque)
1908{
1909 return ((IDEState *)opaque)->tray_locked;
1910}
1911
0e49de52 1912static const BlockDevOps ide_cd_block_ops = {
145feb17 1913 .change_media_cb = ide_cd_change_cb,
2df0a3a3 1914 .eject_request_cb = ide_cd_eject_request_cb,
e4def80b 1915 .is_tray_open = ide_cd_is_tray_open,
f107639a 1916 .is_medium_locked = ide_cd_is_medium_locked,
0e49de52
MA		 1917};
1918
1f56e32a 1919int ide_init_drive(IDEState *s, BlockDriverState *bs, IDEDriveKind kind,
95ebda85 1920 const char *version, const char *serial, const char *model,
ba801960
MA		 1921 uint64_t wwn,
1922 uint32_t cylinders, uint32_t heads, uint32_t secs,
1923 int chs_trans)
88804180 1924{
88804180
GH		 1925 uint64_t nb_sectors;
1926
f8b6cc00 1927 s->bs = bs;
1f56e32a
MA		 1928 s->drive_kind = kind;
1929
f8b6cc00 1930 bdrv_get_geometry(bs, &nb_sectors);
870111c8
MA		 1931 s->cylinders = cylinders;
1932 s->heads = heads;
1933 s->sectors = secs;
ba801960 1934 s->chs_trans = chs_trans;
870111c8 1935 s->nb_sectors = nb_sectors;
95ebda85 1936 s->wwn = wwn;
870111c8
MA		 1937 /* The SMART values should be preserved across power cycles
1938 but they aren't. */
1939 s->smart_enabled = 1;
1940 s->smart_autosave = 1;
1941 s->smart_errors = 0;
1942 s->smart_selftest_count = 0;
1f56e32a 1943 if (kind == IDE_CD) {
0e49de52 1944 bdrv_set_dev_ops(bs, &ide_cd_block_ops, s);
7b6f9300 1945 bdrv_set_buffer_alignment(bs, 2048);
7aa9c811 1946 } else {
98f28ad7
MA		 1947 if (!bdrv_is_inserted(s->bs)) {
1948 error_report("Device needs media, but drive is empty");
1949 return -1;
1950 }
7aa9c811
MA		 1951 if (bdrv_is_read_only(bs)) {
1952 error_report("Can't use a read-only drive");
1953 return -1;
1954 }
88804180 1955 }
f8b6cc00 1956 if (serial) {
aa2c91bd 1957 pstrcpy(s->drive_serial_str, sizeof(s->drive_serial_str), serial);
6ced55a5 1958 } else {
88804180
GH		 1959 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str),
1960 "QM%05d", s->drive_serial);
870111c8 1961 }
27e0c9a1
FB		 1962 if (model) {
1963 pstrcpy(s->drive_model_str, sizeof(s->drive_model_str), model);
1964 } else {
1965 switch (kind) {
1966 case IDE_CD:
1967 strcpy(s->drive_model_str, "QEMU DVD-ROM");
1968 break;
1969 case IDE_CFATA:
1970 strcpy(s->drive_model_str, "QEMU MICRODRIVE");
1971 break;
1972 default:
1973 strcpy(s->drive_model_str, "QEMU HARDDISK");
1974 break;
1975 }
1976 }
1977
47c06340
GH		 1978 if (version) {
1979 pstrcpy(s->version, sizeof(s->version), version);
1980 } else {
93bfef4c 1981 pstrcpy(s->version, sizeof(s->version), qemu_get_version());
47c06340 1982 }
40a6238a 1983
88804180 1984 ide_reset(s);
50fb1900 1985 bdrv_iostatus_enable(bs);
c4d74df7 1986 return 0;
88804180
GH		 1987}
1988
57234ee4 1989static void ide_init1(IDEBus *bus, int unit)
d459da0e
MA		 1990{
1991 static int drive_serial = 1;
1992 IDEState *s = &bus->ifs[unit];
1993
1994 s->bus = bus;
1995 s->unit = unit;
1996 s->drive_serial = drive_serial++;
1b2adf28 1997 /* we need at least 2k alignment for accessing CDROMs using O_DIRECT */
50641c5c 1998 s->io_buffer_total_len = IDE_DMA_BUF_SECTORS*512 + 4;
c925400b
KW		 1999 s->io_buffer = qemu_memalign(2048, s->io_buffer_total_len);
2000 memset(s->io_buffer, 0, s->io_buffer_total_len);
2001
d459da0e 2002 s->smart_selftest_data = qemu_blockalign(s->bs, 512);
c925400b
KW		 2003 memset(s->smart_selftest_data, 0, 512);
2004
74475455 2005 s->sector_write_timer = qemu_new_timer_ns(vm_clock,
d459da0e 2006 ide_sector_write_timer_cb, s);
57234ee4
MA		 2007}
2008
40a6238a
AG		 2009static void ide_nop_start(IDEDMA *dma, IDEState *s,
2010 BlockDriverCompletionFunc *cb)
2011{
2012}
2013
2014static int ide_nop(IDEDMA *dma)
2015{
2016 return 0;
2017}
2018
2019static int ide_nop_int(IDEDMA *dma, int x)
2020{
2021 return 0;
2022}
2023
1dfb4dd9 2024static void ide_nop_restart(void *opaque, int x, RunState y)
40a6238a
AG		 2025{
2026}
2027
2028static const IDEDMAOps ide_dma_nop_ops = {
2029 .start_dma = ide_nop_start,
2030 .start_transfer = ide_nop,
2031 .prepare_buf = ide_nop_int,
2032 .rw_buf = ide_nop_int,
2033 .set_unit = ide_nop_int,
2034 .add_status = ide_nop_int,
2035 .set_inactive = ide_nop,
2036 .restart_cb = ide_nop_restart,
2037 .reset = ide_nop,
2038};
2039
2040static IDEDMA ide_dma_nop = {
2041 .ops = &ide_dma_nop_ops,
2042 .aiocb = NULL,
2043};
2044
57234ee4
MA		 2045void ide_init2(IDEBus *bus, qemu_irq irq)
2046{
2047 int i;
2048
2049 for(i = 0; i < 2; i++) {
2050 ide_init1(bus, i);
2051 ide_reset(&bus->ifs[i]);
870111c8 2052 }
57234ee4 2053 bus->irq = irq;
40a6238a 2054 bus->dma = &ide_dma_nop;
d459da0e
MA		 2055}
2056
57234ee4
MA		 2057/* TODO convert users to qdev and remove */
2058void ide_init2_with_non_qdev_drives(IDEBus *bus, DriveInfo *hd0,
2059 DriveInfo *hd1, qemu_irq irq)
5391d806 2060{
ba801960 2061 int i, trans;
57234ee4 2062 DriveInfo *dinfo;
ba801960 2063 uint32_t cyls, heads, secs;
5391d806 2064
caed8802 2065 for(i = 0; i < 2; i++) {
57234ee4
MA		 2066 dinfo = i == 0 ? hd0 : hd1;
2067 ide_init1(bus, i);
2068 if (dinfo) {
ba801960
MA		 2069 cyls = dinfo->cyls;
2070 heads = dinfo->heads;
2071 secs = dinfo->secs;
2072 trans = dinfo->trans;
2073 if (!cyls && !heads && !secs) {
2074 hd_geometry_guess(dinfo->bdrv, &cyls, &heads, &secs, &trans);
2adc99b2
MA		 2075 } else if (trans == BIOS_ATA_TRANSLATION_AUTO) {
2076 trans = hd_bios_chs_auto_trans(cyls, heads, secs);
ba801960 2077 }
b7eb0c9f
MA		 2078 if (cyls < 1 || cyls > 65535) {
2079 error_report("cyls must be between 1 and 65535");
2080 exit(1);
2081 }
2082 if (heads < 1 || heads > 16) {
2083 error_report("heads must be between 1 and 16");
2084 exit(1);
2085 }
2086 if (secs < 1 || secs > 255) {
2087 error_report("secs must be between 1 and 255");
2088 exit(1);
2089 }
1f56e32a 2090 if (ide_init_drive(&bus->ifs[i], dinfo->bdrv,
577d0a38
MA		 2091 dinfo->media_cd ? IDE_CD : IDE_HD,
2092 NULL, dinfo->serial, NULL, 0,
2093 cyls, heads, secs, trans) < 0) {
c4d74df7
MA		 2094 error_report("Can't set up IDE drive %s", dinfo->id);
2095 exit(1);
2096 }
fa879d62 2097 bdrv_attach_dev_nofail(dinfo->bdrv, &bus->ifs[i]);
57234ee4
MA		 2098 } else {
2099 ide_reset(&bus->ifs[i]);
2100 }
5391d806 2101 }
9cdd03a7 2102 bus->irq = irq;
40a6238a 2103 bus->dma = &ide_dma_nop;
69b91039
FB		 2104}
2105
4a91d3b3
RH		 2106static const MemoryRegionPortio ide_portio_list[] = {
2107 { 0, 8, 1, .read = ide_ioport_read, .write = ide_ioport_write },
2108 { 0, 2, 2, .read = ide_data_readw, .write = ide_data_writew },
2109 { 0, 4, 4, .read = ide_data_readl, .write = ide_data_writel },
2110 PORTIO_END_OF_LIST(),
2111};
2112
2113static const MemoryRegionPortio ide_portio2_list[] = {
2114 { 0, 1, 1, .read = ide_status_read, .write = ide_cmd_write },
2115 PORTIO_END_OF_LIST(),
2116};
2117
2118void ide_init_ioport(IDEBus *bus, ISADevice *dev, int iobase, int iobase2)
69b91039 2119{
4a91d3b3
RH		 2120 /* ??? Assume only ISA and PCI configurations, and that the PCI-ISA
2121 bridge has been setup properly to always register with ISA. */
2122 isa_register_portio_list(dev, iobase, ide_portio_list, bus, "ide");
2123
caed8802 2124 if (iobase2) {
4a91d3b3 2125 isa_register_portio_list(dev, iobase2, ide_portio2_list, bus, "ide");
5391d806 2126 }
5391d806 2127}
69b91039 2128
37159f13 2129static bool is_identify_set(void *opaque, int version_id)
aa941b94 2130{
37159f13
JQ		 2131 IDEState *s = opaque;
2132
2133 return s->identify_set != 0;
2134}
2135
50641c5c
JQ		 2136static EndTransferFunc* transfer_end_table[] = {
2137 ide_sector_read,
2138 ide_sector_write,
2139 ide_transfer_stop,
2140 ide_atapi_cmd_reply_end,
2141 ide_atapi_cmd,
2142 ide_dummy_transfer_stop,
2143};
2144
2145static int transfer_end_table_idx(EndTransferFunc *fn)
2146{
2147 int i;
2148
2149 for (i = 0; i < ARRAY_SIZE(transfer_end_table); i++)
2150 if (transfer_end_table[i] == fn)
2151 return i;
2152
2153 return -1;
2154}
2155
37159f13 2156static int ide_drive_post_load(void *opaque, int version_id)
aa941b94 2157{
37159f13
JQ		 2158 IDEState *s = opaque;
2159
2160 if (version_id < 3) {
67cc61e4 2161 if (s->sense_key == UNIT_ATTENTION &&
37159f13 2162 s->asc == ASC_MEDIUM_MAY_HAVE_CHANGED) {
93c8cfd9 2163 s->cdrom_changed = 1;
37159f13 2164 }
93c8cfd9 2165 }
7cdd481c
PB		 2166 if (s->identify_set) {
2167 bdrv_set_enable_write_cache(s->bs, !!(s->identify_data[85] & (1 << 5)));
2168 }
37159f13 2169 return 0;
aa941b94
AZ		 2170}
2171
50641c5c
JQ		 2172static int ide_drive_pio_post_load(void *opaque, int version_id)
2173{
2174 IDEState *s = opaque;
2175
fb60105d 2176 if (s->end_transfer_fn_idx >= ARRAY_SIZE(transfer_end_table)) {
50641c5c
JQ		 2177 return -EINVAL;
2178 }
2179 s->end_transfer_func = transfer_end_table[s->end_transfer_fn_idx];
2180 s->data_ptr = s->io_buffer + s->cur_io_buffer_offset;
2181 s->data_end = s->data_ptr + s->cur_io_buffer_len;
2182
2183 return 0;
2184}
2185
2186static void ide_drive_pio_pre_save(void *opaque)
2187{
2188 IDEState *s = opaque;
2189 int idx;
2190
2191 s->cur_io_buffer_offset = s->data_ptr - s->io_buffer;
2192 s->cur_io_buffer_len = s->data_end - s->data_ptr;
2193
2194 idx = transfer_end_table_idx(s->end_transfer_func);
2195 if (idx == -1) {
2196 fprintf(stderr, "%s: invalid end_transfer_func for DRQ_STAT\n",
2197 __func__);
2198 s->end_transfer_fn_idx = 2;
2199 } else {
2200 s->end_transfer_fn_idx = idx;
2201 }
2202}
2203
2204static bool ide_drive_pio_state_needed(void *opaque)
2205{
2206 IDEState *s = opaque;
2207
fdc650d7
KW		 2208 return ((s->status & DRQ_STAT) != 0)
2209 || (s->bus->error_status & BM_STATUS_PIO_RETRY);
50641c5c
JQ		 2210}
2211
db118fe7
MA		 2212static bool ide_tray_state_needed(void *opaque)
2213{
2214 IDEState *s = opaque;
2215
2216 return s->tray_open || s->tray_locked;
2217}
2218
996faf1a
AS		 2219static bool ide_atapi_gesn_needed(void *opaque)
2220{
2221 IDEState *s = opaque;
2222
2223 return s->events.new_media || s->events.eject_request;
2224}
2225
def93791
KW		 2226static bool ide_error_needed(void *opaque)
2227{
2228 IDEBus *bus = opaque;
2229
2230 return (bus->error_status != 0);
2231}
2232
996faf1a 2233/* Fields for GET_EVENT_STATUS_NOTIFICATION ATAPI command */
656fbeff 2234static const VMStateDescription vmstate_ide_atapi_gesn_state = {
996faf1a
AS		 2235 .name ="ide_drive/atapi/gesn_state",
2236 .version_id = 1,
2237 .minimum_version_id = 1,
2238 .minimum_version_id_old = 1,
2239 .fields = (VMStateField []) {
2240 VMSTATE_BOOL(events.new_media, IDEState),
2241 VMSTATE_BOOL(events.eject_request, IDEState),
0754f9ec 2242 VMSTATE_END_OF_LIST()
996faf1a
AS		 2243 }
2244};
2245
db118fe7
MA		 2246static const VMStateDescription vmstate_ide_tray_state = {
2247 .name = "ide_drive/tray_state",
2248 .version_id = 1,
2249 .minimum_version_id = 1,
2250 .minimum_version_id_old = 1,
db118fe7
MA		 2251 .fields = (VMStateField[]) {
2252 VMSTATE_BOOL(tray_open, IDEState),
2253 VMSTATE_BOOL(tray_locked, IDEState),
2254 VMSTATE_END_OF_LIST()
2255 }
2256};
2257
656fbeff 2258static const VMStateDescription vmstate_ide_drive_pio_state = {
50641c5c
JQ		 2259 .name = "ide_drive/pio_state",
2260 .version_id = 1,
2261 .minimum_version_id = 1,
2262 .minimum_version_id_old = 1,
2263 .pre_save = ide_drive_pio_pre_save,
2264 .post_load = ide_drive_pio_post_load,
2265 .fields = (VMStateField []) {
2266 VMSTATE_INT32(req_nb_sectors, IDEState),
2267 VMSTATE_VARRAY_INT32(io_buffer, IDEState, io_buffer_total_len, 1,
2268 vmstate_info_uint8, uint8_t),
2269 VMSTATE_INT32(cur_io_buffer_offset, IDEState),
2270 VMSTATE_INT32(cur_io_buffer_len, IDEState),
2271 VMSTATE_UINT8(end_transfer_fn_idx, IDEState),
2272 VMSTATE_INT32(elementary_transfer_size, IDEState),
2273 VMSTATE_INT32(packet_transfer_size, IDEState),
2274 VMSTATE_END_OF_LIST()
2275 }
2276};
2277
37159f13
JQ		 2278const VMStateDescription vmstate_ide_drive = {
2279 .name = "ide_drive",
3abb6260 2280 .version_id = 3,
37159f13
JQ		 2281 .minimum_version_id = 0,
2282 .minimum_version_id_old = 0,
2283 .post_load = ide_drive_post_load,
2284 .fields = (VMStateField []) {
2285 VMSTATE_INT32(mult_sectors, IDEState),
2286 VMSTATE_INT32(identify_set, IDEState),
2287 VMSTATE_BUFFER_TEST(identify_data, IDEState, is_identify_set),
2288 VMSTATE_UINT8(feature, IDEState),
2289 VMSTATE_UINT8(error, IDEState),
2290 VMSTATE_UINT32(nsector, IDEState),
2291 VMSTATE_UINT8(sector, IDEState),
2292 VMSTATE_UINT8(lcyl, IDEState),
2293 VMSTATE_UINT8(hcyl, IDEState),
2294 VMSTATE_UINT8(hob_feature, IDEState),
2295 VMSTATE_UINT8(hob_sector, IDEState),
2296 VMSTATE_UINT8(hob_nsector, IDEState),
2297 VMSTATE_UINT8(hob_lcyl, IDEState),
2298 VMSTATE_UINT8(hob_hcyl, IDEState),
2299 VMSTATE_UINT8(select, IDEState),
2300 VMSTATE_UINT8(status, IDEState),
2301 VMSTATE_UINT8(lba48, IDEState),
2302 VMSTATE_UINT8(sense_key, IDEState),
2303 VMSTATE_UINT8(asc, IDEState),
2304 VMSTATE_UINT8_V(cdrom_changed, IDEState, 3),
37159f13 2305 VMSTATE_END_OF_LIST()
50641c5c
JQ		 2306 },
2307 .subsections = (VMStateSubsection []) {
2308 {
2309 .vmsd = &vmstate_ide_drive_pio_state,
2310 .needed = ide_drive_pio_state_needed,
db118fe7
MA		 2311 }, {
2312 .vmsd = &vmstate_ide_tray_state,
2313 .needed = ide_tray_state_needed,
996faf1a
AS		 2314 }, {
2315 .vmsd = &vmstate_ide_atapi_gesn_state,
2316 .needed = ide_atapi_gesn_needed,
50641c5c
JQ		 2317 }, {
2318 /* empty */
2319 }
37159f13
JQ		 2320 }
2321};
2322
656fbeff 2323static const VMStateDescription vmstate_ide_error_status = {
def93791
KW		 2324 .name ="ide_bus/error",
2325 .version_id = 1,
2326 .minimum_version_id = 1,
2327 .minimum_version_id_old = 1,
2328 .fields = (VMStateField []) {
2329 VMSTATE_INT32(error_status, IDEBus),
2330 VMSTATE_END_OF_LIST()
2331 }
2332};
2333
6521dc62
JQ		 2334const VMStateDescription vmstate_ide_bus = {
2335 .name = "ide_bus",
2336 .version_id = 1,
2337 .minimum_version_id = 1,
2338 .minimum_version_id_old = 1,
2339 .fields = (VMStateField []) {
2340 VMSTATE_UINT8(cmd, IDEBus),
2341 VMSTATE_UINT8(unit, IDEBus),
2342 VMSTATE_END_OF_LIST()
def93791
KW		 2343 },
2344 .subsections = (VMStateSubsection []) {
2345 {
2346 .vmsd = &vmstate_ide_error_status,
2347 .needed = ide_error_needed,
2348 }, {
2349 /* empty */
2350 }
6521dc62
JQ		 2351 }
2352};
75717903
IY		 2353
2354void ide_drive_get(DriveInfo **hd, int max_bus)
2355{
2356 int i;
2357
2358 if (drive_get_max_bus(IF_IDE) >= max_bus) {
2359 fprintf(stderr, "qemu: too many IDE bus: %d\n", max_bus);
2360 exit(1);
2361 }
2362
2363 for(i = 0; i < max_bus * MAX_IDE_DEVS; i++) {
2364 hd[i] = drive_get(IF_IDE, i / MAX_IDE_DEVS, i % MAX_IDE_DEVS);
2365 }
2366}
Qemu copy for testing