]> git.proxmox.com Git - mirror_qemu.git/blame - hw/ide/core.c
projects / mirror_qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
block: test blk_aio_flush() with blk->root == NULL
[mirror_qemu.git] / hw / ide / core.c
CommitLineData
5391d806 1/*
38cdea7c 2 * QEMU IDE disk and CD/DVD-ROM Emulator
5fafdf24 3 *
5391d806 4 * Copyright (c) 2003 Fabrice Bellard
201a51fc 5 * Copyright (c) 2006 Openedhand Ltd.
5fafdf24 6 *
5391d806
FB		 7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
e688df6b 25
53239262 26#include "qemu/osdep.h"
a9c94277 27#include "hw/hw.h"
a9c94277
MA		 28#include "hw/pci/pci.h"
29#include "hw/isa/isa.h"
1de7afc9
PB		 30#include "qemu/error-report.h"
31#include "qemu/timer.h"
9c17d615 32#include "sysemu/sysemu.h"
78631611 33#include "sysemu/blockdev.h"
9c17d615 34#include "sysemu/dma.h"
0d09e41a 35#include "hw/block/block.h"
4be74634 36#include "sysemu/block-backend.h"
e688df6b 37#include "qapi/error.h"
f348b6d1 38#include "qemu/cutils.h"
59f2a787 39
a9c94277 40#include "hw/ide/internal.h"
3eee2611 41#include "trace.h"
e8b54394 42
b93af93d
BW		 43/* These values were based on a Seagate ST3500418AS but have been modified
44 to make more sense in QEMU */
45static const int smart_attributes[][12] = {
46 /* id, flags, hflags, val, wrst, raw (6 bytes), threshold */
47 /* raw read error rate*/
48 { 0x01, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06},
49 /* spin up */
50 { 0x03, 0x03, 0x00, 0x64, 0x64, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
51 /* start stop count */
52 { 0x04, 0x02, 0x00, 0x64, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x14},
53 /* remapped sectors */
54 { 0x05, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x24},
55 /* power on hours */
56 { 0x09, 0x03, 0x00, 0x64, 0x64, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
57 /* power cycle count */
58 { 0x0c, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
59 /* airflow-temperature-celsius */
60 { 190, 0x03, 0x00, 0x45, 0x45, 0x1f, 0x00, 0x1f, 0x1f, 0x00, 0x00, 0x32},
e8b54394
BW		 61};
62
0e168d35
JS		 63const char *IDE_DMA_CMD_lookup[IDE_DMA__COUNT] = {
64 [IDE_DMA_READ] = "DMA READ",
65 [IDE_DMA_WRITE] = "DMA WRITE",
66 [IDE_DMA_TRIM] = "DMA TRIM",
67 [IDE_DMA_ATAPI] = "DMA ATAPI"
68};
69
70static const char *IDE_DMA_CMD_str(enum ide_dma_cmd enval)
71{
159a9df0 72 if ((unsigned)enval < IDE_DMA__COUNT) {
0e168d35
JS		 73 return IDE_DMA_CMD_lookup[enval];
74 }
75 return "DMA UNKNOWN CMD";
76}
77
40c4ed3f 78static void ide_dummy_transfer_stop(IDEState *s);
98087450 79
5391d806
FB		 80static void padstr(char *str, const char *src, int len)
81{
82 int i, v;
83 for(i = 0; i < len; i++) {
84 if (*src)
85 v = *src++;
86 else
87 v = ' ';
69b34976 88 str[i^1] = v;
5391d806
FB		 89 }
90}
91
67b915a5
FB		 92static void put_le16(uint16_t *p, unsigned int v)
93{
0c4ad8dc 94 *p = cpu_to_le16(v);
67b915a5
FB		 95}
96
01ce352e
JS		 97static void ide_identify_size(IDEState *s)
98{
99 uint16_t *p = (uint16_t *)s->identify_data;
100 put_le16(p + 60, s->nb_sectors);
101 put_le16(p + 61, s->nb_sectors >> 16);
102 put_le16(p + 100, s->nb_sectors);
103 put_le16(p + 101, s->nb_sectors >> 16);
104 put_le16(p + 102, s->nb_sectors >> 32);
105 put_le16(p + 103, s->nb_sectors >> 48);
106}
107
5391d806
FB		 108static void ide_identify(IDEState *s)
109{
110 uint16_t *p;
111 unsigned int oldsize;
d353fb72 112 IDEDevice *dev = s->unit ? s->bus->slave : s->bus->master;
5391d806 113
4bf6637d 114 p = (uint16_t *)s->identify_data;
94458802 115 if (s->identify_set) {
4bf6637d 116 goto fill_buffer;
94458802 117 }
4bf6637d 118 memset(p, 0, sizeof(s->identify_data));
94458802 119
67b915a5 120 put_le16(p + 0, 0x0040);
5fafdf24 121 put_le16(p + 1, s->cylinders);
67b915a5
FB		 122 put_le16(p + 3, s->heads);
123 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
124 put_le16(p + 5, 512); /* XXX: retired, remove ? */
5fafdf24 125 put_le16(p + 6, s->sectors);
fa879c64 126 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
67b915a5
FB		 127 put_le16(p + 20, 3); /* XXX: retired, remove ? */
128 put_le16(p + 21, 512); /* cache size in sectors */
129 put_le16(p + 22, 4); /* ecc bytes */
47c06340 130 padstr((char *)(p + 23), s->version, 8); /* firmware version */
27e0c9a1 131 padstr((char *)(p + 27), s->drive_model_str, 40); /* model */
3b46e624 132#if MAX_MULT_SECTORS > 1
67b915a5 133 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
5391d806 134#endif
67b915a5 135 put_le16(p + 48, 1); /* dword I/O */
94458802 136 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
67b915a5
FB		 137 put_le16(p + 51, 0x200); /* PIO transfer cycle */
138 put_le16(p + 52, 0x200); /* DMA transfer cycle */
94458802 139 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
67b915a5
FB		 140 put_le16(p + 54, s->cylinders);
141 put_le16(p + 55, s->heads);
142 put_le16(p + 56, s->sectors);
5391d806 143 oldsize = s->cylinders * s->heads * s->sectors;
67b915a5
FB		 144 put_le16(p + 57, oldsize);
145 put_le16(p + 58, oldsize >> 16);
5391d806 146 if (s->mult_sectors)
67b915a5 147 put_le16(p + 59, 0x100 | s->mult_sectors);
01ce352e
JS		 148 /* *(p + 60) := nb_sectors -- see ide_identify_size */
149 /* *(p + 61) := nb_sectors >> 16 -- see ide_identify_size */
d1b5c20d 150 put_le16(p + 62, 0x07); /* single word dma0-2 supported */
94458802 151 put_le16(p + 63, 0x07); /* mdma0-2 supported */
79d1d331 152 put_le16(p + 64, 0x03); /* pio3-4 supported */
94458802
FB		 153 put_le16(p + 65, 120);
154 put_le16(p + 66, 120);
155 put_le16(p + 67, 120);
156 put_le16(p + 68, 120);
d353fb72
CH		 157 if (dev && dev->conf.discard_granularity) {
158 put_le16(p + 69, (1 << 14)); /* determinate TRIM behavior */
159 }
ccf0fd8b
RE		 160
161 if (s->ncq_queues) {
162 put_le16(p + 75, s->ncq_queues - 1);
163 /* NCQ supported */
164 put_le16(p + 76, (1 << 8));
165 }
166
94458802
FB		 167 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
168 put_le16(p + 81, 0x16); /* conforms to ata5 */
a58b8d54
CH		 169 /* 14=NOP supported, 5=WCACHE supported, 0=SMART supported */
170 put_le16(p + 82, (1 << 14) | (1 << 5) | 1);
c2ff060f
FB		 171 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
172 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
95ebda85
FB		 173 /* 14=set to 1, 8=has WWN, 1=SMART self test, 0=SMART error logging */
174 if (s->wwn) {
175 put_le16(p + 84, (1 << 14) | (1 << 8) | 0);
176 } else {
177 put_le16(p + 84, (1 << 14) | 0);
178 }
e900a7b7 179 /* 14 = NOP supported, 5=WCACHE enabled, 0=SMART feature set enabled */
4be74634
MA		 180 if (blk_enable_write_cache(s->blk)) {
181 put_le16(p + 85, (1 << 14) | (1 << 5) | 1);
182 } else {
183 put_le16(p + 85, (1 << 14) | 1);
184 }
c2ff060f 185 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
2844bdd9 186 put_le16(p + 86, (1 << 13) | (1 <<12) | (1 << 10));
95ebda85
FB		 187 /* 14=set to 1, 8=has WWN, 1=SMART self test, 0=SMART error logging */
188 if (s->wwn) {
189 put_le16(p + 87, (1 << 14) | (1 << 8) | 0);
190 } else {
191 put_le16(p + 87, (1 << 14) | 0);
192 }
94458802
FB		 193 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
194 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
01ce352e
JS		 195 /* *(p + 100) := nb_sectors -- see ide_identify_size */
196 /* *(p + 101) := nb_sectors >> 16 -- see ide_identify_size */
197 /* *(p + 102) := nb_sectors >> 32 -- see ide_identify_size */
198 /* *(p + 103) := nb_sectors >> 48 -- see ide_identify_size */
d353fb72 199
57dac7ef
MA		 200 if (dev && dev->conf.physical_block_size)
201 put_le16(p + 106, 0x6000 | get_physical_block_exp(&dev->conf));
95ebda85
FB		 202 if (s->wwn) {
203 /* LE 16-bit words 111-108 contain 64-bit World Wide Name */
204 put_le16(p + 108, s->wwn >> 48);
205 put_le16(p + 109, s->wwn >> 32);
206 put_le16(p + 110, s->wwn >> 16);
207 put_le16(p + 111, s->wwn);
208 }
d353fb72
CH		 209 if (dev && dev->conf.discard_granularity) {
210 put_le16(p + 169, 1); /* TRIM support */
211 }
96f43c2b
DB		 212 if (dev) {
213 put_le16(p + 217, dev->rotation_rate); /* Nominal media rotation rate */
214 }
94458802 215
01ce352e 216 ide_identify_size(s);
94458802 217 s->identify_set = 1;
4bf6637d
JS		 218
219fill_buffer:
220 memcpy(s->io_buffer, p, sizeof(s->identify_data));
5391d806
FB		 221}
222
223static void ide_atapi_identify(IDEState *s)
224{
225 uint16_t *p;
226
4bf6637d 227 p = (uint16_t *)s->identify_data;
94458802 228 if (s->identify_set) {
4bf6637d 229 goto fill_buffer;
94458802 230 }
4bf6637d 231 memset(p, 0, sizeof(s->identify_data));
94458802 232
5391d806 233 /* Removable CDROM, 50us response, 12 byte packets */
67b915a5 234 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
fa879c64 235 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
67b915a5
FB		 236 put_le16(p + 20, 3); /* buffer type */
237 put_le16(p + 21, 512); /* cache size in sectors */
238 put_le16(p + 22, 4); /* ecc bytes */
47c06340 239 padstr((char *)(p + 23), s->version, 8); /* firmware version */
27e0c9a1 240 padstr((char *)(p + 27), s->drive_model_str, 40); /* model */
67b915a5 241 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
8ccad811
FB		 242#ifdef USE_DMA_CDROM
243 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
244 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
d1b5c20d 245 put_le16(p + 62, 7); /* single word dma0-2 supported */
8ccad811 246 put_le16(p + 63, 7); /* mdma0-2 supported */
8ccad811 247#else
67b915a5
FB		 248 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
249 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
250 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
8ccad811 251#endif
79d1d331 252 put_le16(p + 64, 3); /* pio3-4 supported */
67b915a5
FB		 253 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
254 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
255 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
256 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
94458802 257
67b915a5
FB		 258 put_le16(p + 71, 30); /* in ns */
259 put_le16(p + 72, 30); /* in ns */
5391d806 260
1bdaa28d
AG		 261 if (s->ncq_queues) {
262 put_le16(p + 75, s->ncq_queues - 1);
263 /* NCQ supported */
264 put_le16(p + 76, (1 << 8));
265 }
266
67b915a5 267 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
c5fe97e3
JS		 268 if (s->wwn) {
269 put_le16(p + 84, (1 << 8)); /* supports WWN for words 108-111 */
270 put_le16(p + 87, (1 << 8)); /* WWN enabled */
271 }
272
8ccad811
FB		 273#ifdef USE_DMA_CDROM
274 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
275#endif
c5fe97e3
JS		 276
277 if (s->wwn) {
278 /* LE 16-bit words 111-108 contain 64-bit World Wide Name */
279 put_le16(p + 108, s->wwn >> 48);
280 put_le16(p + 109, s->wwn >> 32);
281 put_le16(p + 110, s->wwn >> 16);
282 put_le16(p + 111, s->wwn);
283 }
284
94458802 285 s->identify_set = 1;
4bf6637d
JS		 286
287fill_buffer:
288 memcpy(s->io_buffer, p, sizeof(s->identify_data));
5391d806
FB		 289}
290
01ce352e
JS		 291static void ide_cfata_identify_size(IDEState *s)
292{
293 uint16_t *p = (uint16_t *)s->identify_data;
294 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
295 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
296 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
297 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
298}
299
201a51fc
AZ		 300static void ide_cfata_identify(IDEState *s)
301{
302 uint16_t *p;
303 uint32_t cur_sec;
201a51fc 304
4bf6637d
JS		 305 p = (uint16_t *)s->identify_data;
306 if (s->identify_set) {
201a51fc 307 goto fill_buffer;
4bf6637d 308 }
201a51fc
AZ		 309 memset(p, 0, sizeof(s->identify_data));
310
311 cur_sec = s->cylinders * s->heads * s->sectors;
312
313 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
314 put_le16(p + 1, s->cylinders); /* Default cylinders */
315 put_le16(p + 3, s->heads); /* Default heads */
316 put_le16(p + 6, s->sectors); /* Default sectors per track */
01ce352e
JS		 317 /* *(p + 7) := nb_sectors >> 16 -- see ide_cfata_identify_size */
318 /* *(p + 8) := nb_sectors -- see ide_cfata_identify_size */
fa879c64 319 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
201a51fc 320 put_le16(p + 22, 0x0004); /* ECC bytes */
47c06340 321 padstr((char *) (p + 23), s->version, 8); /* Firmware Revision */
27e0c9a1 322 padstr((char *) (p + 27), s->drive_model_str, 40);/* Model number */
201a51fc
AZ		 323#if MAX_MULT_SECTORS > 1
324 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
325#else
326 put_le16(p + 47, 0x0000);
327#endif
328 put_le16(p + 49, 0x0f00); /* Capabilities */
329 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
330 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
331 put_le16(p + 53, 0x0003); /* Translation params valid */
332 put_le16(p + 54, s->cylinders); /* Current cylinders */
333 put_le16(p + 55, s->heads); /* Current heads */
334 put_le16(p + 56, s->sectors); /* Current sectors */
335 put_le16(p + 57, cur_sec); /* Current capacity */
336 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
337 if (s->mult_sectors) /* Multiple sector setting */
338 put_le16(p + 59, 0x100 | s->mult_sectors);
01ce352e
JS		 339 /* *(p + 60) := nb_sectors -- see ide_cfata_identify_size */
340 /* *(p + 61) := nb_sectors >> 16 -- see ide_cfata_identify_size */
201a51fc
AZ		 341 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
342 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
343 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
344 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
345 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
346 put_le16(p + 82, 0x400c); /* Command Set supported */
347 put_le16(p + 83, 0x7068); /* Command Set supported */
348 put_le16(p + 84, 0x4000); /* Features supported */
349 put_le16(p + 85, 0x000c); /* Command Set enabled */
350 put_le16(p + 86, 0x7044); /* Command Set enabled */
351 put_le16(p + 87, 0x4000); /* Features enabled */
352 put_le16(p + 91, 0x4060); /* Current APM level */
353 put_le16(p + 129, 0x0002); /* Current features option */
354 put_le16(p + 130, 0x0005); /* Reassigned sectors */
355 put_le16(p + 131, 0x0001); /* Initial power mode */
356 put_le16(p + 132, 0x0000); /* User signature */
357 put_le16(p + 160, 0x8100); /* Power requirement */
358 put_le16(p + 161, 0x8001); /* CF command set */
359
01ce352e 360 ide_cfata_identify_size(s);
201a51fc
AZ		 361 s->identify_set = 1;
362
363fill_buffer:
364 memcpy(s->io_buffer, p, sizeof(s->identify_data));
365}
366
5391d806
FB		 367static void ide_set_signature(IDEState *s)
368{
369 s->select &= 0xf0; /* clear head */
370 /* put signature */
371 s->nsector = 1;
372 s->sector = 1;
cd8722bb 373 if (s->drive_kind == IDE_CD) {
5391d806
FB		 374 s->lcyl = 0x14;
375 s->hcyl = 0xeb;
4be74634 376 } else if (s->blk) {
5391d806
FB		 377 s->lcyl = 0;
378 s->hcyl = 0;
379 } else {
380 s->lcyl = 0xff;
381 s->hcyl = 0xff;
382 }
383}
384
d8b070fe
AN		 385static bool ide_sect_range_ok(IDEState *s,
386 uint64_t sector, uint64_t nb_sectors)
387{
388 uint64_t total_sectors;
389
390 blk_get_geometry(s->blk, &total_sectors);
391 if (sector > total_sectors || nb_sectors > total_sectors - sector) {
392 return false;
393 }
394 return true;
395}
396
d353fb72 397typedef struct TrimAIOCB {
7c84b1b8 398 BlockAIOCB common;
ef0e64a9 399 IDEState *s;
d353fb72
CH		 400 QEMUBH *bh;
401 int ret;
501378c3 402 QEMUIOVector *qiov;
7c84b1b8 403 BlockAIOCB *aiocb;
501378c3 404 int i, j;
947858b0 405 bool is_invalid;
d353fb72
CH		 406} TrimAIOCB;
407
7c84b1b8 408static void trim_aio_cancel(BlockAIOCB *acb)
d353fb72
CH		 409{
410 TrimAIOCB *iocb = container_of(acb, TrimAIOCB, common);
411
e551c999 412 /* Exit the loop so ide_issue_trim_cb will not continue */
501378c3
PB		 413 iocb->j = iocb->qiov->niov - 1;
414 iocb->i = (iocb->qiov->iov[iocb->j].iov_len / 8) - 1;
415
e551c999 416 iocb->ret = -ECANCELED;
501378c3
PB		 417
418 if (iocb->aiocb) {
4be74634 419 blk_aio_cancel_async(iocb->aiocb);
e551c999 420 iocb->aiocb = NULL;
501378c3 421 }
d353fb72
CH		 422}
423
d7331bed 424static const AIOCBInfo trim_aiocb_info = {
d353fb72 425 .aiocb_size = sizeof(TrimAIOCB),
e551c999 426 .cancel_async = trim_aio_cancel,
d353fb72
CH		 427};
428
429static void ide_trim_bh_cb(void *opaque)
430{
431 TrimAIOCB *iocb = opaque;
432
947858b0
AN		 433 if (iocb->is_invalid) {
434 ide_dma_error(iocb->s);
435 } else {
436 iocb->common.cb(iocb->common.opaque, iocb->ret);
437 }
d353fb72
CH		 438 qemu_bh_delete(iocb->bh);
439 iocb->bh = NULL;
8007429a 440 qemu_aio_unref(iocb);
d353fb72
CH		 441}
442
501378c3
PB		 443static void ide_issue_trim_cb(void *opaque, int ret)
444{
445 TrimAIOCB *iocb = opaque;
ef0e64a9
AN		 446 IDEState *s = iocb->s;
447
501378c3
PB		 448 if (ret >= 0) {
449 while (iocb->j < iocb->qiov->niov) {
450 int j = iocb->j;
451 while (++iocb->i < iocb->qiov->iov[j].iov_len / 8) {
452 int i = iocb->i;
453 uint64_t *buffer = iocb->qiov->iov[j].iov_base;
454
455 /* 6-byte LBA + 2-byte range per entry */
456 uint64_t entry = le64_to_cpu(buffer[i]);
457 uint64_t sector = entry & 0x0000ffffffffffffULL;
458 uint16_t count = entry >> 48;
459
460 if (count == 0) {
461 continue;
462 }
463
947858b0
AN		 464 if (!ide_sect_range_ok(s, sector, count)) {
465 iocb->is_invalid = true;
466 goto done;
467 }
468
501378c3 469 /* Got an entry! Submit and exit. */
ef0e64a9 470 iocb->aiocb = blk_aio_pdiscard(s->blk,
1c6c4bb7
EB		 471 sector << BDRV_SECTOR_BITS,
472 count << BDRV_SECTOR_BITS,
473 ide_issue_trim_cb, opaque);
501378c3
PB		 474 return;
475 }
476
477 iocb->j++;
478 iocb->i = -1;
479 }
480 } else {
481 iocb->ret = ret;
482 }
483
947858b0 484done:
501378c3
PB		 485 iocb->aiocb = NULL;
486 if (iocb->bh) {
487 qemu_bh_schedule(iocb->bh);
488 }
489}
490
8a8e63eb
PB		 491BlockAIOCB *ide_issue_trim(
492 int64_t offset, QEMUIOVector *qiov,
493 BlockCompletionFunc *cb, void *cb_opaque, void *opaque)
d353fb72 494{
ef0e64a9 495 IDEState *s = opaque;
d353fb72 496 TrimAIOCB *iocb;
d353fb72 497
ef0e64a9
AN		 498 iocb = blk_aio_get(&trim_aiocb_info, s->blk, cb, cb_opaque);
499 iocb->s = s;
d353fb72
CH		 500 iocb->bh = qemu_bh_new(ide_trim_bh_cb, iocb);
501 iocb->ret = 0;
501378c3
PB		 502 iocb->qiov = qiov;
503 iocb->i = -1;
504 iocb->j = 0;
947858b0 505 iocb->is_invalid = false;
501378c3 506 ide_issue_trim_cb(iocb, 0);
d353fb72
CH		 507 return &iocb->common;
508}
509
9ef2e93f 510void ide_abort_command(IDEState *s)
5391d806 511{
08ee9e33 512 ide_transfer_stop(s);
5391d806
FB		 513 s->status = READY_STAT | ERR_STAT;
514 s->error = ABRT_ERR;
515}
516
0eeee07e
EY		 517static void ide_set_retry(IDEState *s)
518{
519 s->bus->retry_unit = s->unit;
520 s->bus->retry_sector_num = ide_get_sector(s);
521 s->bus->retry_nsector = s->nsector;
522}
523
524static void ide_clear_retry(IDEState *s)
525{
526 s->bus->retry_unit = -1;
527 s->bus->retry_sector_num = 0;
528 s->bus->retry_nsector = 0;
529}
530
5391d806 531/* prepare data transfer and tell what to do after */
33231e0e
KW		 532void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
533 EndTransferFunc *end_transfer_func)
5391d806
FB		 534{
535 s->end_transfer_func = end_transfer_func;
536 s->data_ptr = buf;
537 s->data_end = buf + size;
35f78ab4 538 ide_set_retry(s);
40a6238a 539 if (!(s->status & ERR_STAT)) {
7603d156 540 s->status |= DRQ_STAT;
40a6238a 541 }
44635123
PB		 542 if (s->bus->dma->ops->start_transfer) {
543 s->bus->dma->ops->start_transfer(s->bus->dma);
544 }
5391d806
FB		 545}
546
c7e73adb
PB		 547static void ide_cmd_done(IDEState *s)
548{
549 if (s->bus->dma->ops->cmd_done) {
550 s->bus->dma->ops->cmd_done(s->bus->dma);
551 }
552}
553
e3044e23
JS		 554static void ide_transfer_halt(IDEState *s,
555 void(*end_transfer_func)(IDEState *),
556 bool notify)
5391d806 557{
e3044e23 558 s->end_transfer_func = end_transfer_func;
5391d806
FB		 559 s->data_ptr = s->io_buffer;
560 s->data_end = s->io_buffer;
561 s->status &= ~DRQ_STAT;
e3044e23
JS		 562 if (notify) {
563 ide_cmd_done(s);
564 }
565}
566
567void ide_transfer_stop(IDEState *s)
568{
569 ide_transfer_halt(s, ide_transfer_stop, true);
570}
571
e3044e23
JS		 572static void ide_transfer_cancel(IDEState *s)
573{
574 ide_transfer_halt(s, ide_transfer_cancel, false);
5391d806
FB		 575}
576
356721ae 577int64_t ide_get_sector(IDEState *s)
5391d806
FB		 578{
579 int64_t sector_num;
580 if (s->select & 0x40) {
581 /* lba */
c2ff060f
FB		 582 if (!s->lba48) {
583 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
584 (s->lcyl << 8) | s->sector;
585 } else {
586 sector_num = ((int64_t)s->hob_hcyl << 40) |
587 ((int64_t) s->hob_lcyl << 32) |
588 ((int64_t) s->hob_sector << 24) |
589 ((int64_t) s->hcyl << 16) |
590 ((int64_t) s->lcyl << 8) | s->sector;
591 }
5391d806
FB		 592 } else {
593 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
c2ff060f 594 (s->select & 0x0f) * s->sectors + (s->sector - 1);
5391d806
FB		 595 }
596 return sector_num;
597}
598
356721ae 599void ide_set_sector(IDEState *s, int64_t sector_num)
5391d806
FB		 600{
601 unsigned int cyl, r;
602 if (s->select & 0x40) {
c2ff060f
FB		 603 if (!s->lba48) {
604 s->select = (s->select & 0xf0) | (sector_num >> 24);
605 s->hcyl = (sector_num >> 16);
606 s->lcyl = (sector_num >> 8);
607 s->sector = (sector_num);
608 } else {
609 s->sector = sector_num;
610 s->lcyl = sector_num >> 8;
611 s->hcyl = sector_num >> 16;
612 s->hob_sector = sector_num >> 24;
613 s->hob_lcyl = sector_num >> 32;
614 s->hob_hcyl = sector_num >> 40;
615 }
5391d806
FB		 616 } else {
617 cyl = sector_num / (s->heads * s->sectors);
618 r = sector_num % (s->heads * s->sectors);
619 s->hcyl = cyl >> 8;
620 s->lcyl = cyl;
1b8eb456 621 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
5391d806
FB		 622 s->sector = (r % s->sectors) + 1;
623 }
624}
625
e162cfb0
AZ		 626static void ide_rw_error(IDEState *s) {
627 ide_abort_command(s);
9cdd03a7 628 ide_set_irq(s->bus);
e162cfb0
AZ		 629}
630
1d8c11d6
PL		 631static void ide_buffered_readv_cb(void *opaque, int ret)
632{
633 IDEBufferedRequest *req = opaque;
634 if (!req->orphaned) {
635 if (!ret) {
636 qemu_iovec_from_buf(req->original_qiov, 0, req->iov.iov_base,
637 req->original_qiov->size);
638 }
639 req->original_cb(req->original_opaque, ret);
640 }
641 QLIST_REMOVE(req, list);
642 qemu_vfree(req->iov.iov_base);
643 g_free(req);
644}
645
646#define MAX_BUFFERED_REQS 16
647
648BlockAIOCB *ide_buffered_readv(IDEState *s, int64_t sector_num,
649 QEMUIOVector *iov, int nb_sectors,
650 BlockCompletionFunc *cb, void *opaque)
651{
652 BlockAIOCB *aioreq;
653 IDEBufferedRequest *req;
654 int c = 0;
655
656 QLIST_FOREACH(req, &s->buffered_requests, list) {
657 c++;
658 }
659 if (c > MAX_BUFFERED_REQS) {
660 return blk_abort_aio_request(s->blk, cb, opaque, -EIO);
661 }
662
663 req = g_new0(IDEBufferedRequest, 1);
664 req->original_qiov = iov;
665 req->original_cb = cb;
666 req->original_opaque = opaque;
667 req->iov.iov_base = qemu_blockalign(blk_bs(s->blk), iov->size);
668 req->iov.iov_len = iov->size;
669 qemu_iovec_init_external(&req->qiov, &req->iov, 1);
670
d4f510eb
EB		 671 aioreq = blk_aio_preadv(s->blk, sector_num << BDRV_SECTOR_BITS,
672 &req->qiov, 0, ide_buffered_readv_cb, req);
1d8c11d6
PL		 673
674 QLIST_INSERT_HEAD(&s->buffered_requests, req, list);
675 return aioreq;
676}
677
86698a12
JS		 678/**
679 * Cancel all pending DMA requests.
680 * Any buffered DMA requests are instantly canceled,
681 * but any pending unbuffered DMA requests must be waited on.
682 */
683void ide_cancel_dma_sync(IDEState *s)
684{
685 IDEBufferedRequest *req;
686
687 /* First invoke the callbacks of all buffered requests
688 * and flag those requests as orphaned. Ideally there
689 * are no unbuffered (Scatter Gather DMA Requests or
690 * write requests) pending and we can avoid to drain. */
691 QLIST_FOREACH(req, &s->buffered_requests, list) {
692 if (!req->orphaned) {
3eee2611 693 trace_ide_cancel_dma_sync_buffered(req->original_cb, req);
86698a12
JS		 694 req->original_cb(req->original_opaque, -ECANCELED);
695 }
696 req->orphaned = true;
697 }
698
699 /*
700 * We can't cancel Scatter Gather DMA in the middle of the
701 * operation or a partial (not full) DMA transfer would reach
702 * the storage so we wait for completion instead (we beahve
703 * like if the DMA was completed by the time the guest trying
704 * to cancel dma with bmdma_cmd_writeb with BM_CMD_START not
705 * set).
706 *
707 * In the future we'll be able to safely cancel the I/O if the
708 * whole DMA operation will be submitted to disk with a single
709 * aio operation with preadv/pwritev.
710 */
711 if (s->bus->dma->aiocb) {
3eee2611 712 trace_ide_cancel_dma_sync_remaining();
51f7b5b8 713 blk_drain(s->blk);
86698a12
JS		 714 assert(s->bus->dma->aiocb == NULL);
715 }
716}
717
4e2b8b4a
PB		 718static void ide_sector_read(IDEState *s);
719
bef0fd59
SH		 720static void ide_sector_read_cb(void *opaque, int ret)
721{
722 IDEState *s = opaque;
723 int n;
724
725 s->pio_aiocb = NULL;
726 s->status &= ~BUSY_STAT;
727
0d910cfe
FZ		 728 if (ret == -ECANCELED) {
729 return;
730 }
bef0fd59 731 if (ret != 0) {
fd648f10
PB		 732 if (ide_handle_rw_error(s, -ret, IDE_RETRY_PIO |
733 IDE_RETRY_READ)) {
bef0fd59
SH		 734 return;
735 }
736 }
737
ecca3b39
AG		 738 block_acct_done(blk_get_stats(s->blk), &s->acct);
739
bef0fd59
SH		 740 n = s->nsector;
741 if (n > s->req_nb_sectors) {
742 n = s->req_nb_sectors;
743 }
744
bef0fd59
SH		 745 ide_set_sector(s, ide_get_sector(s) + n);
746 s->nsector -= n;
dd0bf7ba
JS		 747 /* Allow the guest to read the io_buffer */
748 ide_transfer_start(s, s->io_buffer, n * BDRV_SECTOR_SIZE, ide_sector_read);
dd0bf7ba 749 ide_set_irq(s->bus);
bef0fd59
SH		 750}
751
4e2b8b4a 752static void ide_sector_read(IDEState *s)
5391d806
FB		 753{
754 int64_t sector_num;
bef0fd59 755 int n;
5391d806
FB		 756
757 s->status = READY_STAT | SEEK_STAT;
a136e5a8 758 s->error = 0; /* not needed by IDE spec, but needed by Windows */
5391d806
FB		 759 sector_num = ide_get_sector(s);
760 n = s->nsector;
bef0fd59 761
5391d806 762 if (n == 0) {
5391d806 763 ide_transfer_stop(s);
bef0fd59
SH		 764 return;
765 }
766
767 s->status |= BUSY_STAT;
768
769 if (n > s->req_nb_sectors) {
770 n = s->req_nb_sectors;
771 }
772
3eee2611 773 trace_ide_sector_read(sector_num, n);
a597e79c 774
58ac3211
MA		 775 if (!ide_sect_range_ok(s, sector_num, n)) {
776 ide_rw_error(s);
ecca3b39 777 block_acct_invalid(blk_get_stats(s->blk), BLOCK_ACCT_READ);
58ac3211
MA		 778 return;
779 }
780
bef0fd59
SH		 781 s->iov.iov_base = s->io_buffer;
782 s->iov.iov_len = n * BDRV_SECTOR_SIZE;
783 qemu_iovec_init_external(&s->qiov, &s->iov, 1);
784
4be74634 785 block_acct_start(blk_get_stats(s->blk), &s->acct,
5366d0c8 786 n * BDRV_SECTOR_SIZE, BLOCK_ACCT_READ);
d66a8fa8
PL		 787 s->pio_aiocb = ide_buffered_readv(s, sector_num, &s->qiov, n,
788 ide_sector_read_cb, s);
5391d806
FB		 789}
790
aaeda4a3 791void dma_buf_commit(IDEState *s, uint32_t tx_bytes)
7aea4412 792{
659142ec
JS		 793 if (s->bus->dma->ops->commit_buf) {
794 s->bus->dma->ops->commit_buf(s->bus->dma, tx_bytes);
795 }
aaeda4a3 796 s->io_buffer_offset += tx_bytes;
1fb8648d 797 qemu_sglist_destroy(&s->sg);
7aea4412
AL		 798}
799
0e7ce54c 800void ide_set_inactive(IDEState *s, bool more)
8337606d 801{
40a6238a 802 s->bus->dma->aiocb = NULL;
0eeee07e 803 ide_clear_retry(s);
829b933b 804 if (s->bus->dma->ops->set_inactive) {
0e7ce54c 805 s->bus->dma->ops->set_inactive(s->bus->dma, more);
829b933b 806 }
c7e73adb 807 ide_cmd_done(s);
8337606d
KW		 808}
809
356721ae 810void ide_dma_error(IDEState *s)
e162cfb0 811{
659142ec 812 dma_buf_commit(s, 0);
08ee9e33 813 ide_abort_command(s);
0e7ce54c 814 ide_set_inactive(s, false);
9cdd03a7 815 ide_set_irq(s->bus);
e162cfb0
AZ		 816}
817
502356ee 818int ide_handle_rw_error(IDEState *s, int error, int op)
428c5705 819{
fd648f10 820 bool is_read = (op & IDE_RETRY_READ) != 0;
4be74634 821 BlockErrorAction action = blk_get_error_action(s->blk, is_read, error);
428c5705 822
a589569f 823 if (action == BLOCK_ERROR_ACTION_STOP) {
a96cb236 824 assert(s->bus->retry_unit == s->unit);
def93791 825 s->bus->error_status = op;
a589569f 826 } else if (action == BLOCK_ERROR_ACTION_REPORT) {
ecca3b39 827 block_acct_failed(blk_get_stats(s->blk), &s->acct);
502356ee 828 if (IS_IDE_RETRY_DMA(op)) {
428c5705 829 ide_dma_error(s);
502356ee
PB		 830 } else if (IS_IDE_RETRY_ATAPI(op)) {
831 ide_atapi_io_error(s, -error);
7aea4412 832 } else {
428c5705 833 ide_rw_error(s);
7aea4412 834 }
428c5705 835 }
4be74634 836 blk_error_action(s->blk, action, is_read, error);
a589569f 837 return action != BLOCK_ERROR_ACTION_IGNORE;
428c5705
AL		 838}
839
4e2b8b4a 840static void ide_dma_cb(void *opaque, int ret)
98087450 841{
40a6238a 842 IDEState *s = opaque;
8ccad811
FB		 843 int n;
844 int64_t sector_num;
cbe0ed62 845 uint64_t offset;
038268e2 846 bool stay_active = false;
8ccad811 847
0d910cfe
FZ		 848 if (ret == -ECANCELED) {
849 return;
850 }
e162cfb0 851 if (ret < 0) {
218fd37c 852 if (ide_handle_rw_error(s, -ret, ide_dma_cmd_to_retry(s->dma_cmd))) {
87ac25fd 853 s->bus->dma->aiocb = NULL;
5839df7b 854 dma_buf_commit(s, 0);
ce4b6522
KW		 855 return;
856 }
e162cfb0
AZ		 857 }
858
8ccad811 859 n = s->io_buffer_size >> 9;
038268e2
KW		 860 if (n > s->nsector) {
861 /* The PRDs were longer than needed for this request. Shorten them so
862 * we don't get a negative remainder. The Active bit must remain set
863 * after the request completes. */
864 n = s->nsector;
865 stay_active = true;
866 }
867
8ccad811
FB		 868 sector_num = ide_get_sector(s);
869 if (n > 0) {
a718978e
JS		 870 assert(n * 512 == s->sg.size);
871 dma_buf_commit(s, s->sg.size);
8ccad811
FB		 872 sector_num += n;
873 ide_set_sector(s, sector_num);
874 s->nsector -= n;
8ccad811
FB		 875 }
876
877 /* end of transfer ? */
878 if (s->nsector == 0) {
98087450 879 s->status = READY_STAT | SEEK_STAT;
9cdd03a7 880 ide_set_irq(s->bus);
cd369c46 881 goto eot;
98087450 882 }
8ccad811
FB		 883
884 /* launch next transfer */
885 n = s->nsector;
596bb44d 886 s->io_buffer_index = 0;
8ccad811 887 s->io_buffer_size = n * 512;
a718978e 888 if (s->bus->dma->ops->prepare_buf(s->bus->dma, s->io_buffer_size) < 512) {
69c38b8f
KW		 889 /* The PRDs were too short. Reset the Active bit, but don't raise an
890 * interrupt. */
72bcca73 891 s->status = READY_STAT | SEEK_STAT;
3251bdcf 892 dma_buf_commit(s, 0);
7aea4412 893 goto eot;
69c38b8f 894 }
cd369c46 895
0e168d35 896 trace_ide_dma_cb(s, sector_num, n, IDE_DMA_CMD_str(s->dma_cmd));
cd369c46 897
d66168ed
MT		 898 if ((s->dma_cmd == IDE_DMA_READ || s->dma_cmd == IDE_DMA_WRITE) &&
899 !ide_sect_range_ok(s, sector_num, n)) {
58ac3211 900 ide_dma_error(s);
ecca3b39 901 block_acct_invalid(blk_get_stats(s->blk), s->acct.type);
58ac3211
MA		 902 return;
903 }
904
cbe0ed62 905 offset = sector_num << BDRV_SECTOR_BITS;
4e1e0051
CH		 906 switch (s->dma_cmd) {
907 case IDE_DMA_READ:
cbe0ed62 908 s->bus->dma->aiocb = dma_blk_read(s->blk, &s->sg, offset,
99868af3 909 BDRV_SECTOR_SIZE, ide_dma_cb, s);
4e1e0051
CH		 910 break;
911 case IDE_DMA_WRITE:
cbe0ed62 912 s->bus->dma->aiocb = dma_blk_write(s->blk, &s->sg, offset,
99868af3 913 BDRV_SECTOR_SIZE, ide_dma_cb, s);
4e1e0051 914 break;
d353fb72 915 case IDE_DMA_TRIM:
8a8e63eb 916 s->bus->dma->aiocb = dma_blk_io(blk_get_aio_context(s->blk),
99868af3 917 &s->sg, offset, BDRV_SECTOR_SIZE,
ef0e64a9 918 ide_issue_trim, s, ide_dma_cb, s,
4be74634 919 DMA_DIRECTION_TO_DEVICE);
d353fb72 920 break;
502356ee
PB		 921 default:
922 abort();
cd369c46 923 }
cd369c46
CH		 924 return;
925
926eot:
a597e79c 927 if (s->dma_cmd == IDE_DMA_READ || s->dma_cmd == IDE_DMA_WRITE) {
4be74634 928 block_acct_done(blk_get_stats(s->blk), &s->acct);
a597e79c 929 }
0e7ce54c 930 ide_set_inactive(s, stay_active);
98087450
FB		 931}
932
4e1e0051 933static void ide_sector_start_dma(IDEState *s, enum ide_dma_cmd dma_cmd)
98087450 934{
9da82227 935 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
98087450 936 s->io_buffer_size = 0;
4e1e0051 937 s->dma_cmd = dma_cmd;
a597e79c
CH		 938
939 switch (dma_cmd) {
940 case IDE_DMA_READ:
4be74634 941 block_acct_start(blk_get_stats(s->blk), &s->acct,
5366d0c8 942 s->nsector * BDRV_SECTOR_SIZE, BLOCK_ACCT_READ);
a597e79c
CH		 943 break;
944 case IDE_DMA_WRITE:
4be74634 945 block_acct_start(blk_get_stats(s->blk), &s->acct,
5366d0c8 946 s->nsector * BDRV_SECTOR_SIZE, BLOCK_ACCT_WRITE);
a597e79c
CH		 947 break;
948 default:
949 break;
950 }
951
4855b576
PB		 952 ide_start_dma(s, ide_dma_cb);
953}
954
097310b5 955void ide_start_dma(IDEState *s, BlockCompletionFunc *cb)
4855b576 956{
c71c06d4 957 s->io_buffer_index = 0;
0eeee07e 958 ide_set_retry(s);
4855b576
PB		 959 if (s->bus->dma->ops->start_dma) {
960 s->bus->dma->ops->start_dma(s->bus->dma, s, cb);
961 }
98087450
FB		 962}
963
4e2b8b4a
PB		 964static void ide_sector_write(IDEState *s);
965
a09db21f
FB		 966static void ide_sector_write_timer_cb(void *opaque)
967{
968 IDEState *s = opaque;
9cdd03a7 969 ide_set_irq(s->bus);
a09db21f
FB		 970}
971
e82dabd8 972static void ide_sector_write_cb(void *opaque, int ret)
5391d806 973{
e82dabd8
SH		 974 IDEState *s = opaque;
975 int n;
a597e79c 976
0d910cfe
FZ		 977 if (ret == -ECANCELED) {
978 return;
979 }
428c5705 980
e82dabd8
SH		 981 s->pio_aiocb = NULL;
982 s->status &= ~BUSY_STAT;
983
e162cfb0 984 if (ret != 0) {
fd648f10 985 if (ide_handle_rw_error(s, -ret, IDE_RETRY_PIO)) {
428c5705 986 return;
e82dabd8 987 }
e162cfb0
AZ		 988 }
989
ecca3b39
AG		 990 block_acct_done(blk_get_stats(s->blk), &s->acct);
991
e82dabd8
SH		 992 n = s->nsector;
993 if (n > s->req_nb_sectors) {
994 n = s->req_nb_sectors;
995 }
5391d806 996 s->nsector -= n;
36334faf 997
6aff22c0 998 ide_set_sector(s, ide_get_sector(s) + n);
5391d806 999 if (s->nsector == 0) {
292eef5a 1000 /* no more sectors to write */
5391d806
FB		 1001 ide_transfer_stop(s);
1002 } else {
e82dabd8
SH		 1003 int n1 = s->nsector;
1004 if (n1 > s->req_nb_sectors) {
5391d806 1005 n1 = s->req_nb_sectors;
e82dabd8
SH		 1006 }
1007 ide_transfer_start(s, s->io_buffer, n1 * BDRV_SECTOR_SIZE,
1008 ide_sector_write);
5391d806 1009 }
3b46e624 1010
31c2a146
TS		 1011 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
1012 /* It seems there is a bug in the Windows 2000 installer HDD
1013 IDE driver which fills the disk with empty logs when the
1014 IDE write IRQ comes too early. This hack tries to correct
1015 that at the expense of slower write performances. Use this
1016 option _only_ to install Windows 2000. You must disable it
1017 for normal use. */
73bcb24d
RS		 1018 timer_mod(s->sector_write_timer, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) +
1019 (NANOSECONDS_PER_SECOND / 1000));
f7736b91 1020 } else {
9cdd03a7 1021 ide_set_irq(s->bus);
31c2a146 1022 }
5391d806
FB		 1023}
1024
4e2b8b4a 1025static void ide_sector_write(IDEState *s)
e82dabd8
SH		 1026{
1027 int64_t sector_num;
1028 int n;
1029
1030 s->status = READY_STAT | SEEK_STAT | BUSY_STAT;
1031 sector_num = ide_get_sector(s);
3eee2611 1032
e82dabd8
SH		 1033 n = s->nsector;
1034 if (n > s->req_nb_sectors) {
1035 n = s->req_nb_sectors;
1036 }
1037
3eee2611
JS		 1038 trace_ide_sector_write(sector_num, n);
1039
58ac3211
MA		 1040 if (!ide_sect_range_ok(s, sector_num, n)) {
1041 ide_rw_error(s);
ecca3b39 1042 block_acct_invalid(blk_get_stats(s->blk), BLOCK_ACCT_WRITE);
58ac3211
MA		 1043 return;
1044 }
1045
e82dabd8
SH		 1046 s->iov.iov_base = s->io_buffer;
1047 s->iov.iov_len = n * BDRV_SECTOR_SIZE;
1048 qemu_iovec_init_external(&s->qiov, &s->iov, 1);
1049
4be74634 1050 block_acct_start(blk_get_stats(s->blk), &s->acct,
c618f331 1051 n * BDRV_SECTOR_SIZE, BLOCK_ACCT_WRITE);
d4f510eb
EB		 1052 s->pio_aiocb = blk_aio_pwritev(s->blk, sector_num << BDRV_SECTOR_BITS,
1053 &s->qiov, 0, ide_sector_write_cb, s);
e82dabd8
SH		 1054}
1055
b0484ae4
CH		 1056static void ide_flush_cb(void *opaque, int ret)
1057{
1058 IDEState *s = opaque;
1059
69f72a22
PB		 1060 s->pio_aiocb = NULL;
1061
0d910cfe
FZ		 1062 if (ret == -ECANCELED) {
1063 return;
1064 }
e2bcadad
KW		 1065 if (ret < 0) {
1066 /* XXX: What sector number to set here? */
fd648f10 1067 if (ide_handle_rw_error(s, -ret, IDE_RETRY_FLUSH)) {
e2bcadad
KW		 1068 return;
1069 }
1070 }
b0484ae4 1071
4be74634
MA		 1072 if (s->blk) {
1073 block_acct_done(blk_get_stats(s->blk), &s->acct);
f7f3ff1d 1074 }
b0484ae4 1075 s->status = READY_STAT | SEEK_STAT;
c7e73adb 1076 ide_cmd_done(s);
b0484ae4
CH		 1077 ide_set_irq(s->bus);
1078}
1079
4e2b8b4a 1080static void ide_flush_cache(IDEState *s)
6bcb1a79 1081{
4be74634 1082 if (s->blk == NULL) {
6bcb1a79 1083 ide_flush_cb(s, 0);
b2df7531
KW		 1084 return;
1085 }
1086
f68ec837 1087 s->status |= BUSY_STAT;
35f78ab4 1088 ide_set_retry(s);
4be74634 1089 block_acct_start(blk_get_stats(s->blk), &s->acct, 0, BLOCK_ACCT_FLUSH);
4da97120
SH		 1090
1091 if (blk_bs(s->blk)) {
1092 s->pio_aiocb = blk_aio_flush(s->blk, ide_flush_cb, s);
1093 } else {
1094 /* XXX blk_aio_flush() crashes when blk_bs(blk) is NULL, remove this
1095 * temporary workaround when blk_aio_*() functions handle NULL blk_bs.
1096 */
1097 ide_flush_cb(s, 0);
1098 }
6bcb1a79
KW		 1099}
1100
201a51fc
AZ		 1101static void ide_cfata_metadata_inquiry(IDEState *s)
1102{
1103 uint16_t *p;
1104 uint32_t spd;
1105
1106 p = (uint16_t *) s->io_buffer;
1107 memset(p, 0, 0x200);
1108 spd = ((s->mdata_size - 1) >> 9) + 1;
1109
1110 put_le16(p + 0, 0x0001); /* Data format revision */
1111 put_le16(p + 1, 0x0000); /* Media property: silicon */
1112 put_le16(p + 2, s->media_changed); /* Media status */
1113 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
1114 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
1115 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
1116 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
1117}
1118
1119static void ide_cfata_metadata_read(IDEState *s)
1120{
1121 uint16_t *p;
1122
1123 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1124 s->status = ERR_STAT;
1125 s->error = ABRT_ERR;
1126 return;
1127 }
1128
1129 p = (uint16_t *) s->io_buffer;
1130 memset(p, 0, 0x200);
1131
1132 put_le16(p + 0, s->media_changed); /* Media status */
1133 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1134 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1135 s->nsector << 9), 0x200 - 2));
1136}
1137
1138static void ide_cfata_metadata_write(IDEState *s)
1139{
1140 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1141 s->status = ERR_STAT;
1142 s->error = ABRT_ERR;
1143 return;
1144 }
1145
1146 s->media_changed = 0;
1147
1148 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1149 s->io_buffer + 2,
1150 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1151 s->nsector << 9), 0x200 - 2));
1152}
1153
bd491d6a 1154/* called when the inserted state of the media has changed */
39829a01 1155static void ide_cd_change_cb(void *opaque, bool load, Error **errp)
bd491d6a
TS		 1156{
1157 IDEState *s = opaque;
96b8f136 1158 uint64_t nb_sectors;
bd491d6a 1159
25ad22bc 1160 s->tray_open = !load;
4be74634 1161 blk_get_geometry(s->blk, &nb_sectors);
bd491d6a 1162 s->nb_sectors = nb_sectors;
9118e7f0 1163
4b9b7092
AS		 1164 /*
1165 * First indicate to the guest that a CD has been removed. That's
1166 * done on the next command the guest sends us.
1167 *
67cc61e4 1168 * Then we set UNIT_ATTENTION, by which the guest will
4b9b7092
AS		 1169 * detect a new CD in the drive. See ide_atapi_cmd() for details.
1170 */
93c8cfd9 1171 s->cdrom_changed = 1;
996faf1a 1172 s->events.new_media = true;
2df0a3a3
PB		 1173 s->events.eject_request = false;
1174 ide_set_irq(s->bus);
1175}
1176
1177static void ide_cd_eject_request_cb(void *opaque, bool force)
1178{
1179 IDEState *s = opaque;
1180
1181 s->events.eject_request = true;
1182 if (force) {
1183 s->tray_locked = false;
1184 }
9cdd03a7 1185 ide_set_irq(s->bus);
bd491d6a
TS		 1186}
1187
c2ff060f
FB		 1188static void ide_cmd_lba48_transform(IDEState *s, int lba48)
1189{
1190 s->lba48 = lba48;
1191
1192 /* handle the 'magic' 0 nsector count conversion here. to avoid
1193 * fiddling with the rest of the read logic, we just store the
1194 * full sector count in ->nsector and ignore ->hob_nsector from now
1195 */
1196 if (!s->lba48) {
1197 if (!s->nsector)
1198 s->nsector = 256;
1199 } else {
1200 if (!s->nsector && !s->hob_nsector)
1201 s->nsector = 65536;
1202 else {
1203 int lo = s->nsector;
1204 int hi = s->hob_nsector;
1205
1206 s->nsector = (hi << 8) | lo;
1207 }
1208 }
1209}
1210
bcbdc4d3 1211static void ide_clear_hob(IDEBus *bus)
c2ff060f
FB		 1212{
1213 /* any write clears HOB high bit of device control register */
bcbdc4d3
GH		 1214 bus->ifs[0].select &= ~(1 << 7);
1215 bus->ifs[1].select &= ~(1 << 7);
c2ff060f
FB		 1216}
1217
335ca2f2
JS		 1218/* IOport [W]rite [R]egisters */
1219enum ATA_IOPORT_WR {
1220 ATA_IOPORT_WR_DATA = 0,
1221 ATA_IOPORT_WR_FEATURES = 1,
1222 ATA_IOPORT_WR_SECTOR_COUNT = 2,
1223 ATA_IOPORT_WR_SECTOR_NUMBER = 3,
1224 ATA_IOPORT_WR_CYLINDER_LOW = 4,
1225 ATA_IOPORT_WR_CYLINDER_HIGH = 5,
1226 ATA_IOPORT_WR_DEVICE_HEAD = 6,
1227 ATA_IOPORT_WR_COMMAND = 7,
1228 ATA_IOPORT_WR_NUM_REGISTERS,
1229};
1230
1231const char *ATA_IOPORT_WR_lookup[ATA_IOPORT_WR_NUM_REGISTERS] = {
1232 [ATA_IOPORT_WR_DATA] = "Data",
1233 [ATA_IOPORT_WR_FEATURES] = "Features",
1234 [ATA_IOPORT_WR_SECTOR_COUNT] = "Sector Count",
1235 [ATA_IOPORT_WR_SECTOR_NUMBER] = "Sector Number",
1236 [ATA_IOPORT_WR_CYLINDER_LOW] = "Cylinder Low",
1237 [ATA_IOPORT_WR_CYLINDER_HIGH] = "Cylinder High",
1238 [ATA_IOPORT_WR_DEVICE_HEAD] = "Device/Head",
1239 [ATA_IOPORT_WR_COMMAND] = "Command"
1240};
1241
356721ae 1242void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
caed8802 1243{
bcbdc4d3 1244 IDEBus *bus = opaque;
3eee2611
JS		 1245 IDEState *s = idebus_active_if(bus);
1246 int reg_num = addr & 7;
5391d806 1247
335ca2f2 1248 trace_ide_ioport_write(addr, ATA_IOPORT_WR_lookup[reg_num], val, bus, s);
fcdd25ab
AL		 1249
1250 /* ignore writes to command block while busy with previous command */
3eee2611 1251 if (reg_num != 7 && (s->status & (BUSY_STAT|DRQ_STAT))) {
fcdd25ab 1252 return;
3eee2611 1253 }
fcdd25ab 1254
3eee2611 1255 switch (reg_num) {
5391d806
FB		 1256 case 0:
1257 break;
335ca2f2
JS		 1258 case ATA_IOPORT_WR_FEATURES:
1259 ide_clear_hob(bus);
c45c3d00 1260 /* NOTE: data is written to the two drives */
335ca2f2
JS		 1261 bus->ifs[0].hob_feature = bus->ifs[0].feature;
1262 bus->ifs[1].hob_feature = bus->ifs[1].feature;
bcbdc4d3
GH		 1263 bus->ifs[0].feature = val;
1264 bus->ifs[1].feature = val;
5391d806 1265 break;
335ca2f2 1266 case ATA_IOPORT_WR_SECTOR_COUNT:
bcbdc4d3
GH		 1267 ide_clear_hob(bus);
1268 bus->ifs[0].hob_nsector = bus->ifs[0].nsector;
1269 bus->ifs[1].hob_nsector = bus->ifs[1].nsector;
1270 bus->ifs[0].nsector = val;
1271 bus->ifs[1].nsector = val;
5391d806 1272 break;
335ca2f2 1273 case ATA_IOPORT_WR_SECTOR_NUMBER:
bcbdc4d3
GH		 1274 ide_clear_hob(bus);
1275 bus->ifs[0].hob_sector = bus->ifs[0].sector;
1276 bus->ifs[1].hob_sector = bus->ifs[1].sector;
1277 bus->ifs[0].sector = val;
1278 bus->ifs[1].sector = val;
5391d806 1279 break;
335ca2f2 1280 case ATA_IOPORT_WR_CYLINDER_LOW:
bcbdc4d3
GH		 1281 ide_clear_hob(bus);
1282 bus->ifs[0].hob_lcyl = bus->ifs[0].lcyl;
1283 bus->ifs[1].hob_lcyl = bus->ifs[1].lcyl;
1284 bus->ifs[0].lcyl = val;
1285 bus->ifs[1].lcyl = val;
5391d806 1286 break;
335ca2f2 1287 case ATA_IOPORT_WR_CYLINDER_HIGH:
bcbdc4d3
GH		 1288 ide_clear_hob(bus);
1289 bus->ifs[0].hob_hcyl = bus->ifs[0].hcyl;
1290 bus->ifs[1].hob_hcyl = bus->ifs[1].hcyl;
1291 bus->ifs[0].hcyl = val;
1292 bus->ifs[1].hcyl = val;
5391d806 1293 break;
335ca2f2 1294 case ATA_IOPORT_WR_DEVICE_HEAD:
c2ff060f 1295 /* FIXME: HOB readback uses bit 7 */
bcbdc4d3
GH		 1296 bus->ifs[0].select = (val & ~0x10) | 0xa0;
1297 bus->ifs[1].select = (val | 0x10) | 0xa0;
5391d806 1298 /* select drive */
bcbdc4d3 1299 bus->unit = (val >> 4) & 1;
5391d806
FB		 1300 break;
1301 default:
335ca2f2 1302 case ATA_IOPORT_WR_COMMAND:
5391d806 1303 /* command */
7cff87ff
AG		 1304 ide_exec_cmd(bus, val);
1305 break;
1306 }
1307}
1308
4590355b
JS		 1309static void ide_reset(IDEState *s)
1310{
3eee2611 1311 trace_ide_reset(s);
4590355b
JS		 1312
1313 if (s->pio_aiocb) {
1314 blk_aio_cancel(s->pio_aiocb);
1315 s->pio_aiocb = NULL;
1316 }
1317
1318 if (s->drive_kind == IDE_CFATA)
1319 s->mult_sectors = 0;
1320 else
1321 s->mult_sectors = MAX_MULT_SECTORS;
1322 /* ide regs */
1323 s->feature = 0;
1324 s->error = 0;
1325 s->nsector = 0;
1326 s->sector = 0;
1327 s->lcyl = 0;
1328 s->hcyl = 0;
1329
1330 /* lba48 */
1331 s->hob_feature = 0;
1332 s->hob_sector = 0;
1333 s->hob_nsector = 0;
1334 s->hob_lcyl = 0;
1335 s->hob_hcyl = 0;
1336
1337 s->select = 0xa0;
1338 s->status = READY_STAT | SEEK_STAT;
1339
1340 s->lba48 = 0;
1341
1342 /* ATAPI specific */
1343 s->sense_key = 0;
1344 s->asc = 0;
1345 s->cdrom_changed = 0;
1346 s->packet_transfer_size = 0;
1347 s->elementary_transfer_size = 0;
1348 s->io_buffer_index = 0;
1349 s->cd_sector_size = 0;
1350 s->atapi_dma = 0;
1351 s->tray_locked = 0;
1352 s->tray_open = 0;
1353 /* ATA DMA state */
1354 s->io_buffer_size = 0;
1355 s->req_nb_sectors = 0;
1356
1357 ide_set_signature(s);
1358 /* init the transfer handler so that 0xffff is returned on data
1359 accesses */
1360 s->end_transfer_func = ide_dummy_transfer_stop;
1361 ide_dummy_transfer_stop(s);
1362 s->media_changed = 0;
1363}
1364
b300337e
KW		 1365static bool cmd_nop(IDEState *s, uint8_t cmd)
1366{
1367 return true;
1368}
1369
f34ae00d
JS		 1370static bool cmd_device_reset(IDEState *s, uint8_t cmd)
1371{
1372 /* Halt PIO (in the DRQ phase), then DMA */
1373 ide_transfer_cancel(s);
1374 ide_cancel_dma_sync(s);
1375
1376 /* Reset any PIO commands, reset signature, etc */
1377 ide_reset(s);
1378
1379 /* RESET: ATA8-ACS3 7.10.4 "Normal Outputs";
1380 * ATA8-ACS3 Table 184 "Device Signatures for Normal Output" */
1381 s->status = 0x00;
1382
1383 /* Do not overwrite status register */
1384 return false;
1385}
1386
4286434c
KW		 1387static bool cmd_data_set_management(IDEState *s, uint8_t cmd)
1388{
1389 switch (s->feature) {
1390 case DSM_TRIM:
4be74634 1391 if (s->blk) {
4286434c
KW		 1392 ide_sector_start_dma(s, IDE_DMA_TRIM);
1393 return false;
1394 }
1395 break;
1396 }
1397
1398 ide_abort_command(s);
1399 return true;
1400}
1401
1c66869a
KW		 1402static bool cmd_identify(IDEState *s, uint8_t cmd)
1403{
4be74634 1404 if (s->blk && s->drive_kind != IDE_CD) {
1c66869a
KW		 1405 if (s->drive_kind != IDE_CFATA) {
1406 ide_identify(s);
1407 } else {
1408 ide_cfata_identify(s);
1409 }
1410 s->status = READY_STAT | SEEK_STAT;
1411 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1412 ide_set_irq(s->bus);
1413 return false;
1414 } else {
1415 if (s->drive_kind == IDE_CD) {
1416 ide_set_signature(s);
1417 }
1418 ide_abort_command(s);
1419 }
1420
1421 return true;
1422}
1423
413860cf
KW		 1424static bool cmd_verify(IDEState *s, uint8_t cmd)
1425{
1426 bool lba48 = (cmd == WIN_VERIFY_EXT);
1427
1428 /* do sector number check ? */
1429 ide_cmd_lba48_transform(s, lba48);
1430
1431 return true;
1432}
1433
adf3a2c4
KW		 1434static bool cmd_set_multiple_mode(IDEState *s, uint8_t cmd)
1435{
1436 if (s->drive_kind == IDE_CFATA && s->nsector == 0) {
1437 /* Disable Read and Write Multiple */
1438 s->mult_sectors = 0;
1439 } else if ((s->nsector & 0xff) != 0 &&
1440 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
1441 (s->nsector & (s->nsector - 1)) != 0)) {
1442 ide_abort_command(s);
1443 } else {
1444 s->mult_sectors = s->nsector & 0xff;
1445 }
1446
1447 return true;
1448}
1449
1450static bool cmd_read_multiple(IDEState *s, uint8_t cmd)
1451{
1452 bool lba48 = (cmd == WIN_MULTREAD_EXT);
1453
4be74634 1454 if (!s->blk || !s->mult_sectors) {
adf3a2c4
KW		 1455 ide_abort_command(s);
1456 return true;
1457 }
1458
1459 ide_cmd_lba48_transform(s, lba48);
1460 s->req_nb_sectors = s->mult_sectors;
1461 ide_sector_read(s);
1462 return false;
1463}
1464
1465static bool cmd_write_multiple(IDEState *s, uint8_t cmd)
1466{
1467 bool lba48 = (cmd == WIN_MULTWRITE_EXT);
1468 int n;
1469
4be74634 1470 if (!s->blk || !s->mult_sectors) {
adf3a2c4
KW		 1471 ide_abort_command(s);
1472 return true;
1473 }
1474
1475 ide_cmd_lba48_transform(s, lba48);
1476
1477 s->req_nb_sectors = s->mult_sectors;
1478 n = MIN(s->nsector, s->req_nb_sectors);
1479
1480 s->status = SEEK_STAT | READY_STAT;
1481 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1482
1483 s->media_changed = 1;
1484
1485 return false;
1486}
1487
0e6498ed
KW		 1488static bool cmd_read_pio(IDEState *s, uint8_t cmd)
1489{
1490 bool lba48 = (cmd == WIN_READ_EXT);
1491
1492 if (s->drive_kind == IDE_CD) {
1493 ide_set_signature(s); /* odd, but ATA4 8.27.5.2 requires it */
1494 ide_abort_command(s);
1495 return true;
1496 }
1497
4be74634 1498 if (!s->blk) {
0e6498ed
KW		 1499 ide_abort_command(s);
1500 return true;
1501 }
1502
1503 ide_cmd_lba48_transform(s, lba48);
1504 s->req_nb_sectors = 1;
1505 ide_sector_read(s);
1506
1507 return false;
1508}
1509
1510static bool cmd_write_pio(IDEState *s, uint8_t cmd)
1511{
1512 bool lba48 = (cmd == WIN_WRITE_EXT);
1513
4be74634 1514 if (!s->blk) {
0e6498ed
KW		 1515 ide_abort_command(s);
1516 return true;
1517 }
1518
1519 ide_cmd_lba48_transform(s, lba48);
1520
1521 s->req_nb_sectors = 1;
1522 s->status = SEEK_STAT | READY_STAT;
1523 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1524
1525 s->media_changed = 1;
1526
1527 return false;
1528}
1529
92a6a6f6
KW		 1530static bool cmd_read_dma(IDEState *s, uint8_t cmd)
1531{
1532 bool lba48 = (cmd == WIN_READDMA_EXT);
1533
4be74634 1534 if (!s->blk) {
92a6a6f6
KW		 1535 ide_abort_command(s);
1536 return true;
1537 }
1538
1539 ide_cmd_lba48_transform(s, lba48);
1540 ide_sector_start_dma(s, IDE_DMA_READ);
1541
1542 return false;
1543}
1544
1545static bool cmd_write_dma(IDEState *s, uint8_t cmd)
1546{
1547 bool lba48 = (cmd == WIN_WRITEDMA_EXT);
1548
4be74634 1549 if (!s->blk) {
92a6a6f6
KW		 1550 ide_abort_command(s);
1551 return true;
1552 }
1553
1554 ide_cmd_lba48_transform(s, lba48);
1555 ide_sector_start_dma(s, IDE_DMA_WRITE);
1556
1557 s->media_changed = 1;
1558
1559 return false;
1560}
1561
9afce429
KW		 1562static bool cmd_flush_cache(IDEState *s, uint8_t cmd)
1563{
1564 ide_flush_cache(s);
1565 return false;
1566}
1567
61fdda37
KW		 1568static bool cmd_seek(IDEState *s, uint8_t cmd)
1569{
1570 /* XXX: Check that seek is within bounds */
1571 return true;
1572}
1573
63a82e6a
KW		 1574static bool cmd_read_native_max(IDEState *s, uint8_t cmd)
1575{
1576 bool lba48 = (cmd == WIN_READ_NATIVE_MAX_EXT);
1577
1578 /* Refuse if no sectors are addressable (e.g. medium not inserted) */
1579 if (s->nb_sectors == 0) {
1580 ide_abort_command(s);
1581 return true;
1582 }
1583
1584 ide_cmd_lba48_transform(s, lba48);
1585 ide_set_sector(s, s->nb_sectors - 1);
1586
1587 return true;
1588}
1589
785f6320
KW		 1590static bool cmd_check_power_mode(IDEState *s, uint8_t cmd)
1591{
1592 s->nsector = 0xff; /* device active or idle */
1593 return true;
1594}
1595
ee03398c
KW		 1596static bool cmd_set_features(IDEState *s, uint8_t cmd)
1597{
1598 uint16_t *identify_data;
1599
4be74634 1600 if (!s->blk) {
ee03398c
KW		 1601 ide_abort_command(s);
1602 return true;
1603 }
1604
1605 /* XXX: valid for CDROM ? */
1606 switch (s->feature) {
1607 case 0x02: /* write cache enable */
4be74634 1608 blk_set_enable_write_cache(s->blk, true);
ee03398c
KW		 1609 identify_data = (uint16_t *)s->identify_data;
1610 put_le16(identify_data + 85, (1 << 14) | (1 << 5) | 1);
1611 return true;
1612 case 0x82: /* write cache disable */
4be74634 1613 blk_set_enable_write_cache(s->blk, false);
ee03398c
KW		 1614 identify_data = (uint16_t *)s->identify_data;
1615 put_le16(identify_data + 85, (1 << 14) | 1);
1616 ide_flush_cache(s);
1617 return false;
1618 case 0xcc: /* reverting to power-on defaults enable */
1619 case 0x66: /* reverting to power-on defaults disable */
1620 case 0xaa: /* read look-ahead enable */
1621 case 0x55: /* read look-ahead disable */
1622 case 0x05: /* set advanced power management mode */
1623 case 0x85: /* disable advanced power management mode */
1624 case 0x69: /* NOP */
1625 case 0x67: /* NOP */
1626 case 0x96: /* NOP */
1627 case 0x9a: /* NOP */
1628 case 0x42: /* enable Automatic Acoustic Mode */
1629 case 0xc2: /* disable Automatic Acoustic Mode */
1630 return true;
1631 case 0x03: /* set transfer mode */
1632 {
1633 uint8_t val = s->nsector & 0x07;
1634 identify_data = (uint16_t *)s->identify_data;
1635
1636 switch (s->nsector >> 3) {
1637 case 0x00: /* pio default */
1638 case 0x01: /* pio mode */
1639 put_le16(identify_data + 62, 0x07);
1640 put_le16(identify_data + 63, 0x07);
1641 put_le16(identify_data + 88, 0x3f);
1642 break;
1643 case 0x02: /* sigle word dma mode*/
1644 put_le16(identify_data + 62, 0x07 | (1 << (val + 8)));
1645 put_le16(identify_data + 63, 0x07);
1646 put_le16(identify_data + 88, 0x3f);
1647 break;
1648 case 0x04: /* mdma mode */
1649 put_le16(identify_data + 62, 0x07);
1650 put_le16(identify_data + 63, 0x07 | (1 << (val + 8)));
1651 put_le16(identify_data + 88, 0x3f);
1652 break;
1653 case 0x08: /* udma mode */
1654 put_le16(identify_data + 62, 0x07);
1655 put_le16(identify_data + 63, 0x07);
1656 put_le16(identify_data + 88, 0x3f | (1 << (val + 8)));
1657 break;
1658 default:
1659 goto abort_cmd;
1660 }
1661 return true;
1662 }
1663 }
1664
1665abort_cmd:
1666 ide_abort_command(s);
1667 return true;
1668}
1669
ee425c78
KW		 1670
1671/*** ATAPI commands ***/
1672
1673static bool cmd_identify_packet(IDEState *s, uint8_t cmd)
1674{
1675 ide_atapi_identify(s);
1676 s->status = READY_STAT | SEEK_STAT;
1677 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1678 ide_set_irq(s->bus);
1679 return false;
1680}
1681
1682static bool cmd_exec_dev_diagnostic(IDEState *s, uint8_t cmd)
1683{
1684 ide_set_signature(s);
1685
1686 if (s->drive_kind == IDE_CD) {
1687 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet
1688 * devices to return a clear status register
1689 * with READY_STAT *not* set. */
850484a2 1690 s->error = 0x01;
ee425c78
KW		 1691 } else {
1692 s->status = READY_STAT | SEEK_STAT;
1693 /* The bits of the error register are not as usual for this command!
1694 * They are part of the regular output (this is why ERR_STAT isn't set)
1695 * Device 0 passed, Device 1 passed or not present. */
1696 s->error = 0x01;
1697 ide_set_irq(s->bus);
1698 }
1699
1700 return false;
1701}
1702
ee425c78
KW		 1703static bool cmd_packet(IDEState *s, uint8_t cmd)
1704{
1705 /* overlapping commands not supported */
1706 if (s->feature & 0x02) {
1707 ide_abort_command(s);
1708 return true;
1709 }
1710
1711 s->status = READY_STAT | SEEK_STAT;
1712 s->atapi_dma = s->feature & 1;
502356ee
PB		 1713 if (s->atapi_dma) {
1714 s->dma_cmd = IDE_DMA_ATAPI;
1715 }
ee425c78
KW		 1716 s->nsector = 1;
1717 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
1718 ide_atapi_cmd);
1719 return false;
1720}
1721
6b1dd744
KW		 1722
1723/*** CF-ATA commands ***/
1724
1725static bool cmd_cfa_req_ext_error_code(IDEState *s, uint8_t cmd)
1726{
1727 s->error = 0x09; /* miscellaneous error */
1728 s->status = READY_STAT | SEEK_STAT;
1729 ide_set_irq(s->bus);
1730
1731 return false;
1732}
1733
1734static bool cmd_cfa_erase_sectors(IDEState *s, uint8_t cmd)
1735{
1736 /* WIN_SECURITY_FREEZE_LOCK has the same ID as CFA_WEAR_LEVEL and is
1737 * required for Windows 8 to work with AHCI */
1738
1739 if (cmd == CFA_WEAR_LEVEL) {
1740 s->nsector = 0;
1741 }
1742
1743 if (cmd == CFA_ERASE_SECTORS) {
1744 s->media_changed = 1;
1745 }
1746
1747 return true;
1748}
1749
1750static bool cmd_cfa_translate_sector(IDEState *s, uint8_t cmd)
1751{
1752 s->status = READY_STAT | SEEK_STAT;
1753
1754 memset(s->io_buffer, 0, 0x200);
1755 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
1756 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
1757 s->io_buffer[0x02] = s->select; /* Head */
1758 s->io_buffer[0x03] = s->sector; /* Sector */
1759 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
1760 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
1761 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
1762 s->io_buffer[0x13] = 0x00; /* Erase flag */
1763 s->io_buffer[0x18] = 0x00; /* Hot count */
1764 s->io_buffer[0x19] = 0x00; /* Hot count */
1765 s->io_buffer[0x1a] = 0x01; /* Hot count */
1766
1767 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
1768 ide_set_irq(s->bus);
1769
1770 return false;
1771}
1772
1773static bool cmd_cfa_access_metadata_storage(IDEState *s, uint8_t cmd)
1774{
1775 switch (s->feature) {
1776 case 0x02: /* Inquiry Metadata Storage */
1777 ide_cfata_metadata_inquiry(s);
1778 break;
1779 case 0x03: /* Read Metadata Storage */
1780 ide_cfata_metadata_read(s);
1781 break;
1782 case 0x04: /* Write Metadata Storage */
1783 ide_cfata_metadata_write(s);
1784 break;
1785 default:
1786 ide_abort_command(s);
1787 return true;
1788 }
1789
1790 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
1791 s->status = 0x00; /* NOTE: READY is _not_ set */
1792 ide_set_irq(s->bus);
1793
1794 return false;
1795}
1796
1797static bool cmd_ibm_sense_condition(IDEState *s, uint8_t cmd)
1798{
1799 switch (s->feature) {
1800 case 0x01: /* sense temperature in device */
1801 s->nsector = 0x50; /* +20 C */
1802 break;
1803 default:
1804 ide_abort_command(s);
1805 return true;
1806 }
1807
1808 return true;
1809}
1810
ff352677
KW		 1811
1812/*** SMART commands ***/
1813
1814static bool cmd_smart(IDEState *s, uint8_t cmd)
1815{
1816 int n;
1817
1818 if (s->hcyl != 0xc2 || s->lcyl != 0x4f) {
1819 goto abort_cmd;
1820 }
1821
1822 if (!s->smart_enabled && s->feature != SMART_ENABLE) {
1823 goto abort_cmd;
1824 }
1825
1826 switch (s->feature) {
1827 case SMART_DISABLE:
1828 s->smart_enabled = 0;
1829 return true;
1830
1831 case SMART_ENABLE:
1832 s->smart_enabled = 1;
1833 return true;
1834
1835 case SMART_ATTR_AUTOSAVE:
1836 switch (s->sector) {
1837 case 0x00:
1838 s->smart_autosave = 0;
1839 break;
1840 case 0xf1:
1841 s->smart_autosave = 1;
1842 break;
1843 default:
1844 goto abort_cmd;
1845 }
1846 return true;
1847
1848 case SMART_STATUS:
1849 if (!s->smart_errors) {
1850 s->hcyl = 0xc2;
1851 s->lcyl = 0x4f;
1852 } else {
1853 s->hcyl = 0x2c;
1854 s->lcyl = 0xf4;
1855 }
1856 return true;
1857
1858 case SMART_READ_THRESH:
1859 memset(s->io_buffer, 0, 0x200);
1860 s->io_buffer[0] = 0x01; /* smart struct version */
1861
1862 for (n = 0; n < ARRAY_SIZE(smart_attributes); n++) {
1863 s->io_buffer[2 + 0 + (n * 12)] = smart_attributes[n][0];
1864 s->io_buffer[2 + 1 + (n * 12)] = smart_attributes[n][11];
1865 }
1866
1867 /* checksum */
1868 for (n = 0; n < 511; n++) {
1869 s->io_buffer[511] += s->io_buffer[n];
1870 }
1871 s->io_buffer[511] = 0x100 - s->io_buffer[511];
1872
1873 s->status = READY_STAT | SEEK_STAT;
1874 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
1875 ide_set_irq(s->bus);
1876 return false;
1877
1878 case SMART_READ_DATA:
1879 memset(s->io_buffer, 0, 0x200);
1880 s->io_buffer[0] = 0x01; /* smart struct version */
1881
1882 for (n = 0; n < ARRAY_SIZE(smart_attributes); n++) {
1883 int i;
1884 for (i = 0; i < 11; i++) {
1885 s->io_buffer[2 + i + (n * 12)] = smart_attributes[n][i];
1886 }
1887 }
1888
1889 s->io_buffer[362] = 0x02 | (s->smart_autosave ? 0x80 : 0x00);
1890 if (s->smart_selftest_count == 0) {
1891 s->io_buffer[363] = 0;
1892 } else {
1893 s->io_buffer[363] =
1894 s->smart_selftest_data[3 +
1895 (s->smart_selftest_count - 1) *
1896 24];
1897 }
1898 s->io_buffer[364] = 0x20;
1899 s->io_buffer[365] = 0x01;
1900 /* offline data collection capacity: execute + self-test*/
1901 s->io_buffer[367] = (1 << 4 | 1 << 3 | 1);
1902 s->io_buffer[368] = 0x03; /* smart capability (1) */
1903 s->io_buffer[369] = 0x00; /* smart capability (2) */
1904 s->io_buffer[370] = 0x01; /* error logging supported */
1905 s->io_buffer[372] = 0x02; /* minutes for poll short test */
1906 s->io_buffer[373] = 0x36; /* minutes for poll ext test */
1907 s->io_buffer[374] = 0x01; /* minutes for poll conveyance */
1908
1909 for (n = 0; n < 511; n++) {
1910 s->io_buffer[511] += s->io_buffer[n];
1911 }
1912 s->io_buffer[511] = 0x100 - s->io_buffer[511];
1913
1914 s->status = READY_STAT | SEEK_STAT;
1915 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
1916 ide_set_irq(s->bus);
1917 return false;
1918
1919 case SMART_READ_LOG:
1920 switch (s->sector) {
1921 case 0x01: /* summary smart error log */
1922 memset(s->io_buffer, 0, 0x200);
1923 s->io_buffer[0] = 0x01;
1924 s->io_buffer[1] = 0x00; /* no error entries */
1925 s->io_buffer[452] = s->smart_errors & 0xff;
1926 s->io_buffer[453] = (s->smart_errors & 0xff00) >> 8;
1927
1928 for (n = 0; n < 511; n++) {
1929 s->io_buffer[511] += s->io_buffer[n];
1930 }
1931 s->io_buffer[511] = 0x100 - s->io_buffer[511];
1932 break;
1933 case 0x06: /* smart self test log */
1934 memset(s->io_buffer, 0, 0x200);
1935 s->io_buffer[0] = 0x01;
1936 if (s->smart_selftest_count == 0) {
1937 s->io_buffer[508] = 0;
1938 } else {
1939 s->io_buffer[508] = s->smart_selftest_count;
1940 for (n = 2; n < 506; n++) {
1941 s->io_buffer[n] = s->smart_selftest_data[n];
1942 }
1943 }
1944
1945 for (n = 0; n < 511; n++) {
1946 s->io_buffer[511] += s->io_buffer[n];
1947 }
1948 s->io_buffer[511] = 0x100 - s->io_buffer[511];
1949 break;
1950 default:
1951 goto abort_cmd;
1952 }
1953 s->status = READY_STAT | SEEK_STAT;
1954 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
1955 ide_set_irq(s->bus);
1956 return false;
1957
1958 case SMART_EXECUTE_OFFLINE:
1959 switch (s->sector) {
1960 case 0: /* off-line routine */
1961 case 1: /* short self test */
1962 case 2: /* extended self test */
1963 s->smart_selftest_count++;
1964 if (s->smart_selftest_count > 21) {
940973ae 1965 s->smart_selftest_count = 1;
ff352677
KW		 1966 }
1967 n = 2 + (s->smart_selftest_count - 1) * 24;
1968 s->smart_selftest_data[n] = s->sector;
1969 s->smart_selftest_data[n + 1] = 0x00; /* OK and finished */
1970 s->smart_selftest_data[n + 2] = 0x34; /* hour count lsb */
1971 s->smart_selftest_data[n + 3] = 0x12; /* hour count msb */
1972 break;
1973 default:
1974 goto abort_cmd;
1975 }
1976 return true;
1977 }
1978
1979abort_cmd:
1980 ide_abort_command(s);
1981 return true;
1982}
1983
844505b1
MA		 1984#define HD_OK (1u << IDE_HD)
1985#define CD_OK (1u << IDE_CD)
1986#define CFA_OK (1u << IDE_CFATA)
1987#define HD_CFA_OK (HD_OK | CFA_OK)
1988#define ALL_OK (HD_OK | CD_OK | CFA_OK)
1989
a0436e92
KW		 1990/* Set the Disk Seek Completed status bit during completion */
1991#define SET_DSC (1u << 8)
1992
844505b1 1993/* See ACS-2 T13/2015-D Table B.2 Command codes */
a0436e92
KW		 1994static const struct {
1995 /* Returns true if the completion code should be run */
1996 bool (*handler)(IDEState *s, uint8_t cmd);
1997 int flags;
1998} ide_cmd_table[0x100] = {
844505b1 1999 /* NOP not implemented, mandatory for CD */
6b1dd744 2000 [CFA_REQ_EXT_ERROR_CODE] = { cmd_cfa_req_ext_error_code, CFA_OK },
d9033e1d 2001 [WIN_DSM] = { cmd_data_set_management, HD_CFA_OK },
ee425c78 2002 [WIN_DEVICE_RESET] = { cmd_device_reset, CD_OK },
b300337e 2003 [WIN_RECAL] = { cmd_nop, HD_CFA_OK | SET_DSC},
0e6498ed 2004 [WIN_READ] = { cmd_read_pio, ALL_OK },
d9033e1d 2005 [WIN_READ_ONCE] = { cmd_read_pio, HD_CFA_OK },
0e6498ed 2006 [WIN_READ_EXT] = { cmd_read_pio, HD_CFA_OK },
92a6a6f6 2007 [WIN_READDMA_EXT] = { cmd_read_dma, HD_CFA_OK },
63a82e6a 2008 [WIN_READ_NATIVE_MAX_EXT] = { cmd_read_native_max, HD_CFA_OK | SET_DSC },
adf3a2c4 2009 [WIN_MULTREAD_EXT] = { cmd_read_multiple, HD_CFA_OK },
0e6498ed
KW		 2010 [WIN_WRITE] = { cmd_write_pio, HD_CFA_OK },
2011 [WIN_WRITE_ONCE] = { cmd_write_pio, HD_CFA_OK },
2012 [WIN_WRITE_EXT] = { cmd_write_pio, HD_CFA_OK },
92a6a6f6 2013 [WIN_WRITEDMA_EXT] = { cmd_write_dma, HD_CFA_OK },
0e6498ed 2014 [CFA_WRITE_SECT_WO_ERASE] = { cmd_write_pio, CFA_OK },
adf3a2c4 2015 [WIN_MULTWRITE_EXT] = { cmd_write_multiple, HD_CFA_OK },
0e6498ed 2016 [WIN_WRITE_VERIFY] = { cmd_write_pio, HD_CFA_OK },
413860cf
KW		 2017 [WIN_VERIFY] = { cmd_verify, HD_CFA_OK | SET_DSC },
2018 [WIN_VERIFY_ONCE] = { cmd_verify, HD_CFA_OK | SET_DSC },
2019 [WIN_VERIFY_EXT] = { cmd_verify, HD_CFA_OK | SET_DSC },
61fdda37 2020 [WIN_SEEK] = { cmd_seek, HD_CFA_OK | SET_DSC },
6b1dd744 2021 [CFA_TRANSLATE_SECTOR] = { cmd_cfa_translate_sector, CFA_OK },
ee425c78 2022 [WIN_DIAGNOSE] = { cmd_exec_dev_diagnostic, ALL_OK },
b300337e 2023 [WIN_SPECIFY] = { cmd_nop, HD_CFA_OK | SET_DSC },
d9033e1d
JS		 2024 [WIN_STANDBYNOW2] = { cmd_nop, HD_CFA_OK },
2025 [WIN_IDLEIMMEDIATE2] = { cmd_nop, HD_CFA_OK },
2026 [WIN_STANDBY2] = { cmd_nop, HD_CFA_OK },
2027 [WIN_SETIDLE2] = { cmd_nop, HD_CFA_OK },
2028 [WIN_CHECKPOWERMODE2] = { cmd_check_power_mode, HD_CFA_OK | SET_DSC },
2029 [WIN_SLEEPNOW2] = { cmd_nop, HD_CFA_OK },
ee425c78
KW		 2030 [WIN_PACKETCMD] = { cmd_packet, CD_OK },
2031 [WIN_PIDENTIFY] = { cmd_identify_packet, CD_OK },
ff352677 2032 [WIN_SMART] = { cmd_smart, HD_CFA_OK | SET_DSC },
6b1dd744
KW		 2033 [CFA_ACCESS_METADATA_STORAGE] = { cmd_cfa_access_metadata_storage, CFA_OK },
2034 [CFA_ERASE_SECTORS] = { cmd_cfa_erase_sectors, CFA_OK | SET_DSC },
adf3a2c4
KW		 2035 [WIN_MULTREAD] = { cmd_read_multiple, HD_CFA_OK },
2036 [WIN_MULTWRITE] = { cmd_write_multiple, HD_CFA_OK },
2037 [WIN_SETMULT] = { cmd_set_multiple_mode, HD_CFA_OK | SET_DSC },
92a6a6f6
KW		 2038 [WIN_READDMA] = { cmd_read_dma, HD_CFA_OK },
2039 [WIN_READDMA_ONCE] = { cmd_read_dma, HD_CFA_OK },
2040 [WIN_WRITEDMA] = { cmd_write_dma, HD_CFA_OK },
2041 [WIN_WRITEDMA_ONCE] = { cmd_write_dma, HD_CFA_OK },
adf3a2c4 2042 [CFA_WRITE_MULTI_WO_ERASE] = { cmd_write_multiple, CFA_OK },
d9033e1d
JS		 2043 [WIN_STANDBYNOW1] = { cmd_nop, HD_CFA_OK },
2044 [WIN_IDLEIMMEDIATE] = { cmd_nop, HD_CFA_OK },
2045 [WIN_STANDBY] = { cmd_nop, HD_CFA_OK },
2046 [WIN_SETIDLE1] = { cmd_nop, HD_CFA_OK },
2047 [WIN_CHECKPOWERMODE1] = { cmd_check_power_mode, HD_CFA_OK | SET_DSC },
2048 [WIN_SLEEPNOW1] = { cmd_nop, HD_CFA_OK },
9afce429
KW		 2049 [WIN_FLUSH_CACHE] = { cmd_flush_cache, ALL_OK },
2050 [WIN_FLUSH_CACHE_EXT] = { cmd_flush_cache, HD_CFA_OK },
1c66869a 2051 [WIN_IDENTIFY] = { cmd_identify, ALL_OK },
ee03398c 2052 [WIN_SETFEATURES] = { cmd_set_features, ALL_OK | SET_DSC },
6b1dd744
KW		 2053 [IBM_SENSE_CONDITION] = { cmd_ibm_sense_condition, CFA_OK | SET_DSC },
2054 [CFA_WEAR_LEVEL] = { cmd_cfa_erase_sectors, HD_CFA_OK | SET_DSC },
d9033e1d 2055 [WIN_READ_NATIVE_MAX] = { cmd_read_native_max, HD_CFA_OK | SET_DSC },
844505b1
MA		 2056};
2057
2058static bool ide_cmd_permitted(IDEState *s, uint32_t cmd)
2059{
2060 return cmd < ARRAY_SIZE(ide_cmd_table)
a0436e92 2061 && (ide_cmd_table[cmd].flags & (1u << s->drive_kind));
844505b1 2062}
7cff87ff
AG		 2063
2064void ide_exec_cmd(IDEBus *bus, uint32_t val)
2065{
2066 IDEState *s;
dfe1ea8f 2067 bool complete;
7cff87ff 2068
6ef2ba5e 2069 s = idebus_active_if(bus);
3eee2611
JS		 2070 trace_ide_exec_cmd(bus, s, val);
2071
66a0a2cb 2072 /* ignore commands to non existent slave */
4be74634 2073 if (s != bus->ifs && !s->blk) {
6ef2ba5e 2074 return;
4be74634 2075 }
c2ff060f 2076
266e7781
JS		 2077 /* Only RESET is allowed while BSY and/or DRQ are set,
2078 * and only to ATAPI devices. */
2079 if (s->status & (BUSY_STAT|DRQ_STAT)) {
2080 if (val != WIN_DEVICE_RESET || s->drive_kind != IDE_CD) {
2081 return;
2082 }
2083 }
fcdd25ab 2084
844505b1 2085 if (!ide_cmd_permitted(s, val)) {
dfe1ea8f
KW		 2086 ide_abort_command(s);
2087 ide_set_irq(s->bus);
2088 return;
844505b1
MA		 2089 }
2090
dfe1ea8f
KW		 2091 s->status = READY_STAT | BUSY_STAT;
2092 s->error = 0;
36334faf 2093 s->io_buffer_offset = 0;
a0436e92 2094
dfe1ea8f
KW		 2095 complete = ide_cmd_table[val].handler(s, val);
2096 if (complete) {
2097 s->status &= ~BUSY_STAT;
2098 assert(!!s->error == !!(s->status & ERR_STAT));
a0436e92 2099
dfe1ea8f
KW		 2100 if ((ide_cmd_table[val].flags & SET_DSC) && !s->error) {
2101 s->status |= SEEK_STAT;
a0436e92
KW		 2102 }
2103
c7e73adb 2104 ide_cmd_done(s);
6ef2ba5e 2105 ide_set_irq(s->bus);
6ef2ba5e 2106 }
5391d806
FB		 2107}
2108
335ca2f2
JS		 2109/* IOport [R]ead [R]egisters */
2110enum ATA_IOPORT_RR {
2111 ATA_IOPORT_RR_DATA = 0,
2112 ATA_IOPORT_RR_ERROR = 1,
2113 ATA_IOPORT_RR_SECTOR_COUNT = 2,
2114 ATA_IOPORT_RR_SECTOR_NUMBER = 3,
2115 ATA_IOPORT_RR_CYLINDER_LOW = 4,
2116 ATA_IOPORT_RR_CYLINDER_HIGH = 5,
2117 ATA_IOPORT_RR_DEVICE_HEAD = 6,
2118 ATA_IOPORT_RR_STATUS = 7,
2119 ATA_IOPORT_RR_NUM_REGISTERS,
2120};
2121
2122const char *ATA_IOPORT_RR_lookup[ATA_IOPORT_RR_NUM_REGISTERS] = {
2123 [ATA_IOPORT_RR_DATA] = "Data",
2124 [ATA_IOPORT_RR_ERROR] = "Error",
2125 [ATA_IOPORT_RR_SECTOR_COUNT] = "Sector Count",
2126 [ATA_IOPORT_RR_SECTOR_NUMBER] = "Sector Number",
2127 [ATA_IOPORT_RR_CYLINDER_LOW] = "Cylinder Low",
2128 [ATA_IOPORT_RR_CYLINDER_HIGH] = "Cylinder High",
2129 [ATA_IOPORT_RR_DEVICE_HEAD] = "Device/Head",
2130 [ATA_IOPORT_RR_STATUS] = "Status"
2131};
2132
3eee2611 2133uint32_t ide_ioport_read(void *opaque, uint32_t addr)
5391d806 2134{
bcbdc4d3
GH		 2135 IDEBus *bus = opaque;
2136 IDEState *s = idebus_active_if(bus);
3eee2611 2137 uint32_t reg_num;
c2ff060f 2138 int ret, hob;
5391d806 2139
3eee2611 2140 reg_num = addr & 7;
c2ff060f
FB		 2141 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2142 //hob = s->select & (1 << 7);
2143 hob = 0;
3eee2611 2144 switch (reg_num) {
335ca2f2 2145 case ATA_IOPORT_RR_DATA:
5391d806
FB		 2146 ret = 0xff;
2147 break;
335ca2f2 2148 case ATA_IOPORT_RR_ERROR:
4be74634
MA		 2149 if ((!bus->ifs[0].blk && !bus->ifs[1].blk) ||
2150 (s != bus->ifs && !s->blk)) {
c45c3d00 2151 ret = 0;
4be74634 2152 } else if (!hob) {
c45c3d00 2153 ret = s->error;
4be74634 2154 } else {
c2ff060f 2155 ret = s->hob_feature;
4be74634 2156 }
5391d806 2157 break;
335ca2f2 2158 case ATA_IOPORT_RR_SECTOR_COUNT:
4be74634 2159 if (!bus->ifs[0].blk && !bus->ifs[1].blk) {
c45c3d00 2160 ret = 0;
4be74634 2161 } else if (!hob) {
c45c3d00 2162 ret = s->nsector & 0xff;
4be74634 2163 } else {
c2ff060f 2164 ret = s->hob_nsector;
4be74634 2165 }
5391d806 2166 break;
335ca2f2 2167 case ATA_IOPORT_RR_SECTOR_NUMBER:
4be74634 2168 if (!bus->ifs[0].blk && !bus->ifs[1].blk) {
c45c3d00 2169 ret = 0;
4be74634 2170 } else if (!hob) {
c45c3d00 2171 ret = s->sector;
4be74634 2172 } else {
c2ff060f 2173 ret = s->hob_sector;
4be74634 2174 }
5391d806 2175 break;
335ca2f2 2176 case ATA_IOPORT_RR_CYLINDER_LOW:
4be74634 2177 if (!bus->ifs[0].blk && !bus->ifs[1].blk) {
c45c3d00 2178 ret = 0;
4be74634 2179 } else if (!hob) {
c45c3d00 2180 ret = s->lcyl;
4be74634 2181 } else {
c2ff060f 2182 ret = s->hob_lcyl;
4be74634 2183 }
5391d806 2184 break;
335ca2f2 2185 case ATA_IOPORT_RR_CYLINDER_HIGH:
4be74634 2186 if (!bus->ifs[0].blk && !bus->ifs[1].blk) {
c45c3d00 2187 ret = 0;
4be74634 2188 } else if (!hob) {
c45c3d00 2189 ret = s->hcyl;
4be74634 2190 } else {
c2ff060f 2191 ret = s->hob_hcyl;
4be74634 2192 }
5391d806 2193 break;
335ca2f2 2194 case ATA_IOPORT_RR_DEVICE_HEAD:
4be74634 2195 if (!bus->ifs[0].blk && !bus->ifs[1].blk) {
c45c3d00 2196 ret = 0;
4be74634 2197 } else {
7ae98627 2198 ret = s->select;
4be74634 2199 }
5391d806
FB		 2200 break;
2201 default:
335ca2f2 2202 case ATA_IOPORT_RR_STATUS:
4be74634
MA		 2203 if ((!bus->ifs[0].blk && !bus->ifs[1].blk) ||
2204 (s != bus->ifs && !s->blk)) {
c45c3d00 2205 ret = 0;
4be74634 2206 } else {
c45c3d00 2207 ret = s->status;
4be74634 2208 }
9cdd03a7 2209 qemu_irq_lower(bus->irq);
5391d806
FB		 2210 break;
2211 }
3eee2611 2212
335ca2f2 2213 trace_ide_ioport_read(addr, ATA_IOPORT_RR_lookup[reg_num], ret, bus, s);
5391d806
FB		 2214 return ret;
2215}
2216
356721ae 2217uint32_t ide_status_read(void *opaque, uint32_t addr)
5391d806 2218{
bcbdc4d3
GH		 2219 IDEBus *bus = opaque;
2220 IDEState *s = idebus_active_if(bus);
5391d806 2221 int ret;
7ae98627 2222
4be74634
MA		 2223 if ((!bus->ifs[0].blk && !bus->ifs[1].blk) ||
2224 (s != bus->ifs && !s->blk)) {
7ae98627 2225 ret = 0;
4be74634 2226 } else {
7ae98627 2227 ret = s->status;
4be74634 2228 }
3eee2611
JS		 2229
2230 trace_ide_status_read(addr, ret, bus, s);
5391d806
FB		 2231 return ret;
2232}
2233
356721ae 2234void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
5391d806 2235{
bcbdc4d3 2236 IDEBus *bus = opaque;
5391d806
FB		 2237 IDEState *s;
2238 int i;
2239
3eee2611
JS		 2240 trace_ide_cmd_write(addr, val, bus);
2241
5391d806 2242 /* common for both drives */
9cdd03a7 2243 if (!(bus->cmd & IDE_CMD_RESET) &&
5391d806
FB		 2244 (val & IDE_CMD_RESET)) {
2245 /* reset low to high */
2246 for(i = 0;i < 2; i++) {
bcbdc4d3 2247 s = &bus->ifs[i];
5391d806
FB		 2248 s->status = BUSY_STAT | SEEK_STAT;
2249 s->error = 0x01;
2250 }
9cdd03a7 2251 } else if ((bus->cmd & IDE_CMD_RESET) &&
5391d806
FB		 2252 !(val & IDE_CMD_RESET)) {
2253 /* high to low */
2254 for(i = 0;i < 2; i++) {
bcbdc4d3 2255 s = &bus->ifs[i];
cd8722bb 2256 if (s->drive_kind == IDE_CD)
6b136f9e
FB		 2257 s->status = 0x00; /* NOTE: READY is _not_ set */
2258 else
56bf1d37 2259 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 2260 ide_set_signature(s);
2261 }
2262 }
2263
9cdd03a7 2264 bus->cmd = val;
5391d806
FB		 2265}
2266
40c4ed3f
KW		 2267/*
2268 * Returns true if the running PIO transfer is a PIO out (i.e. data is
2269 * transferred from the device to the guest), false if it's a PIO in
2270 */
2271static bool ide_is_pio_out(IDEState *s)
2272{
2273 if (s->end_transfer_func == ide_sector_write ||
2274 s->end_transfer_func == ide_atapi_cmd) {
2275 return false;
2276 } else if (s->end_transfer_func == ide_sector_read ||
2277 s->end_transfer_func == ide_transfer_stop ||
2278 s->end_transfer_func == ide_atapi_cmd_reply_end ||
2279 s->end_transfer_func == ide_dummy_transfer_stop) {
2280 return true;
2281 }
2282
2283 abort();
2284}
2285
356721ae 2286void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
5391d806 2287{
bcbdc4d3
GH		 2288 IDEBus *bus = opaque;
2289 IDEState *s = idebus_active_if(bus);
5391d806
FB		 2290 uint8_t *p;
2291
1787efc3
JS		 2292 trace_ide_data_writew(addr, val, bus, s);
2293
40c4ed3f
KW		 2294 /* PIO data access allowed only when DRQ bit is set. The result of a write
2295 * during PIO out is indeterminate, just ignore it. */
2296 if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) {
fcdd25ab 2297 return;
40c4ed3f 2298 }
fcdd25ab 2299
5391d806 2300 p = s->data_ptr;
d2ff8585
KW		 2301 if (p + 2 > s->data_end) {
2302 return;
2303 }
2304
0c4ad8dc 2305 *(uint16_t *)p = le16_to_cpu(val);
5391d806
FB		 2306 p += 2;
2307 s->data_ptr = p;
cb72cba8
KW		 2308 if (p >= s->data_end) {
2309 s->status &= ~DRQ_STAT;
5391d806 2310 s->end_transfer_func(s);
cb72cba8 2311 }
5391d806
FB		 2312}
2313
356721ae 2314uint32_t ide_data_readw(void *opaque, uint32_t addr)
5391d806 2315{
bcbdc4d3
GH		 2316 IDEBus *bus = opaque;
2317 IDEState *s = idebus_active_if(bus);
5391d806
FB		 2318 uint8_t *p;
2319 int ret;
fcdd25ab 2320
40c4ed3f
KW		 2321 /* PIO data access allowed only when DRQ bit is set. The result of a read
2322 * during PIO in is indeterminate, return 0 and don't move forward. */
2323 if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) {
fcdd25ab 2324 return 0;
40c4ed3f 2325 }
fcdd25ab 2326
5391d806 2327 p = s->data_ptr;
d2ff8585
KW		 2328 if (p + 2 > s->data_end) {
2329 return 0;
2330 }
2331
0c4ad8dc 2332 ret = cpu_to_le16(*(uint16_t *)p);
5391d806
FB		 2333 p += 2;
2334 s->data_ptr = p;
cb72cba8
KW		 2335 if (p >= s->data_end) {
2336 s->status &= ~DRQ_STAT;
5391d806 2337 s->end_transfer_func(s);
cb72cba8 2338 }
1787efc3
JS		 2339
2340 trace_ide_data_readw(addr, ret, bus, s);
5391d806
FB		 2341 return ret;
2342}
2343
356721ae 2344void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
5391d806 2345{
bcbdc4d3
GH		 2346 IDEBus *bus = opaque;
2347 IDEState *s = idebus_active_if(bus);
5391d806
FB		 2348 uint8_t *p;
2349
1787efc3
JS		 2350 trace_ide_data_writel(addr, val, bus, s);
2351
40c4ed3f
KW		 2352 /* PIO data access allowed only when DRQ bit is set. The result of a write
2353 * during PIO out is indeterminate, just ignore it. */
2354 if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) {
fcdd25ab 2355 return;
40c4ed3f 2356 }
fcdd25ab 2357
5391d806 2358 p = s->data_ptr;
d2ff8585
KW		 2359 if (p + 4 > s->data_end) {
2360 return;
2361 }
2362
0c4ad8dc 2363 *(uint32_t *)p = le32_to_cpu(val);
5391d806
FB		 2364 p += 4;
2365 s->data_ptr = p;
cb72cba8
KW		 2366 if (p >= s->data_end) {
2367 s->status &= ~DRQ_STAT;
5391d806 2368 s->end_transfer_func(s);
cb72cba8 2369 }
5391d806
FB		 2370}
2371
356721ae 2372uint32_t ide_data_readl(void *opaque, uint32_t addr)
5391d806 2373{
bcbdc4d3
GH		 2374 IDEBus *bus = opaque;
2375 IDEState *s = idebus_active_if(bus);
5391d806
FB		 2376 uint8_t *p;
2377 int ret;
3b46e624 2378
40c4ed3f
KW		 2379 /* PIO data access allowed only when DRQ bit is set. The result of a read
2380 * during PIO in is indeterminate, return 0 and don't move forward. */
2381 if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) {
1787efc3
JS		 2382 ret = 0;
2383 goto out;
40c4ed3f 2384 }
fcdd25ab 2385
5391d806 2386 p = s->data_ptr;
d2ff8585
KW		 2387 if (p + 4 > s->data_end) {
2388 return 0;
2389 }
2390
0c4ad8dc 2391 ret = cpu_to_le32(*(uint32_t *)p);
5391d806
FB		 2392 p += 4;
2393 s->data_ptr = p;
cb72cba8
KW		 2394 if (p >= s->data_end) {
2395 s->status &= ~DRQ_STAT;
5391d806 2396 s->end_transfer_func(s);
cb72cba8 2397 }
1787efc3
JS		 2398
2399out:
2400 trace_ide_data_readl(addr, ret, bus, s);
5391d806
FB		 2401 return ret;
2402}
2403
a7dfe172
FB		 2404static void ide_dummy_transfer_stop(IDEState *s)
2405{
2406 s->data_ptr = s->io_buffer;
2407 s->data_end = s->io_buffer;
2408 s->io_buffer[0] = 0xff;
2409 s->io_buffer[1] = 0xff;
2410 s->io_buffer[2] = 0xff;
2411 s->io_buffer[3] = 0xff;
2412}
2413
4a643563
BS		 2414void ide_bus_reset(IDEBus *bus)
2415{
2416 bus->unit = 0;
2417 bus->cmd = 0;
2418 ide_reset(&bus->ifs[0]);
2419 ide_reset(&bus->ifs[1]);
2420 ide_clear_hob(bus);
40a6238a
AG		 2421
2422 /* pending async DMA */
2423 if (bus->dma->aiocb) {
0e168d35 2424 trace_ide_bus_reset_aio();
4be74634 2425 blk_aio_cancel(bus->dma->aiocb);
40a6238a
AG		 2426 bus->dma->aiocb = NULL;
2427 }
2428
2429 /* reset dma provider too */
1374bec0
PB		 2430 if (bus->dma->ops->reset) {
2431 bus->dma->ops->reset(bus->dma);
2432 }
4a643563
BS		 2433}
2434
e4def80b
MA		 2435static bool ide_cd_is_tray_open(void *opaque)
2436{
2437 return ((IDEState *)opaque)->tray_open;
2438}
2439
f107639a
MA		 2440static bool ide_cd_is_medium_locked(void *opaque)
2441{
2442 return ((IDEState *)opaque)->tray_locked;
2443}
2444
01ce352e
JS		 2445static void ide_resize_cb(void *opaque)
2446{
2447 IDEState *s = opaque;
2448 uint64_t nb_sectors;
2449
2450 if (!s->identify_set) {
2451 return;
2452 }
2453
4be74634 2454 blk_get_geometry(s->blk, &nb_sectors);
01ce352e
JS		 2455 s->nb_sectors = nb_sectors;
2456
2457 /* Update the identify data buffer. */
2458 if (s->drive_kind == IDE_CFATA) {
2459 ide_cfata_identify_size(s);
2460 } else {
2461 /* IDE_CD uses a different set of callbacks entirely. */
2462 assert(s->drive_kind != IDE_CD);
2463 ide_identify_size(s);
2464 }
2465}
2466
0e49de52 2467static const BlockDevOps ide_cd_block_ops = {
145feb17 2468 .change_media_cb = ide_cd_change_cb,
2df0a3a3 2469 .eject_request_cb = ide_cd_eject_request_cb,
e4def80b 2470 .is_tray_open = ide_cd_is_tray_open,
f107639a 2471 .is_medium_locked = ide_cd_is_medium_locked,
0e49de52
MA		 2472};
2473
01ce352e
JS		 2474static const BlockDevOps ide_hd_block_ops = {
2475 .resize_cb = ide_resize_cb,
2476};
2477
4be74634 2478int ide_init_drive(IDEState *s, BlockBackend *blk, IDEDriveKind kind,
95ebda85 2479 const char *version, const char *serial, const char *model,
ba801960
MA		 2480 uint64_t wwn,
2481 uint32_t cylinders, uint32_t heads, uint32_t secs,
794939e8 2482 int chs_trans, Error **errp)
88804180 2483{
88804180
GH		 2484 uint64_t nb_sectors;
2485
4be74634 2486 s->blk = blk;
1f56e32a
MA		 2487 s->drive_kind = kind;
2488
4be74634 2489 blk_get_geometry(blk, &nb_sectors);
870111c8
MA		 2490 s->cylinders = cylinders;
2491 s->heads = heads;
2492 s->sectors = secs;
ba801960 2493 s->chs_trans = chs_trans;
870111c8 2494 s->nb_sectors = nb_sectors;
95ebda85 2495 s->wwn = wwn;
870111c8
MA		 2496 /* The SMART values should be preserved across power cycles
2497 but they aren't. */
2498 s->smart_enabled = 1;
2499 s->smart_autosave = 1;
2500 s->smart_errors = 0;
2501 s->smart_selftest_count = 0;
1f56e32a 2502 if (kind == IDE_CD) {
4be74634
MA		 2503 blk_set_dev_ops(blk, &ide_cd_block_ops, s);
2504 blk_set_guest_block_size(blk, 2048);
7aa9c811 2505 } else {
4be74634 2506 if (!blk_is_inserted(s->blk)) {
794939e8 2507 error_setg(errp, "Device needs media, but drive is empty");
98f28ad7
MA		 2508 return -1;
2509 }
4be74634 2510 if (blk_is_read_only(blk)) {
794939e8 2511 error_setg(errp, "Can't use a read-only drive");
7aa9c811
MA		 2512 return -1;
2513 }
4be74634 2514 blk_set_dev_ops(blk, &ide_hd_block_ops, s);
88804180 2515 }
f8b6cc00 2516 if (serial) {
aa2c91bd 2517 pstrcpy(s->drive_serial_str, sizeof(s->drive_serial_str), serial);
6ced55a5 2518 } else {
88804180
GH		 2519 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str),
2520 "QM%05d", s->drive_serial);
870111c8 2521 }
27e0c9a1
FB		 2522 if (model) {
2523 pstrcpy(s->drive_model_str, sizeof(s->drive_model_str), model);
2524 } else {
2525 switch (kind) {
2526 case IDE_CD:
2527 strcpy(s->drive_model_str, "QEMU DVD-ROM");
2528 break;
2529 case IDE_CFATA:
2530 strcpy(s->drive_model_str, "QEMU MICRODRIVE");
2531 break;
2532 default:
2533 strcpy(s->drive_model_str, "QEMU HARDDISK");
2534 break;
2535 }
2536 }
2537
47c06340
GH		 2538 if (version) {
2539 pstrcpy(s->version, sizeof(s->version), version);
2540 } else {
35c2c8dc 2541 pstrcpy(s->version, sizeof(s->version), qemu_hw_version());
47c06340 2542 }
40a6238a 2543
88804180 2544 ide_reset(s);
4be74634 2545 blk_iostatus_enable(blk);
c4d74df7 2546 return 0;
88804180
GH		 2547}
2548
57234ee4 2549static void ide_init1(IDEBus *bus, int unit)
d459da0e
MA		 2550{
2551 static int drive_serial = 1;
2552 IDEState *s = &bus->ifs[unit];
2553
2554 s->bus = bus;
2555 s->unit = unit;
2556 s->drive_serial = drive_serial++;
1b2adf28 2557 /* we need at least 2k alignment for accessing CDROMs using O_DIRECT */
50641c5c 2558 s->io_buffer_total_len = IDE_DMA_BUF_SECTORS*512 + 4;
c925400b
KW		 2559 s->io_buffer = qemu_memalign(2048, s->io_buffer_total_len);
2560 memset(s->io_buffer, 0, s->io_buffer_total_len);
2561
4be74634 2562 s->smart_selftest_data = blk_blockalign(s->blk, 512);
c925400b
KW		 2563 memset(s->smart_selftest_data, 0, 512);
2564
bc72ad67 2565 s->sector_write_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL,
d459da0e 2566 ide_sector_write_timer_cb, s);
57234ee4
MA		 2567}
2568
40a6238a
AG		 2569static int ide_nop_int(IDEDMA *dma, int x)
2570{
2571 return 0;
2572}
2573
9898586d
PB		 2574static void ide_nop(IDEDMA *dma)
2575{
2576}
2577
a718978e 2578static int32_t ide_nop_int32(IDEDMA *dma, int32_t l)
3251bdcf
JS		 2579{
2580 return 0;
2581}
2582
40a6238a 2583static const IDEDMAOps ide_dma_nop_ops = {
3251bdcf 2584 .prepare_buf = ide_nop_int32,
9898586d 2585 .restart_dma = ide_nop,
40a6238a 2586 .rw_buf = ide_nop_int,
40a6238a
AG		 2587};
2588
9898586d
PB		 2589static void ide_restart_dma(IDEState *s, enum ide_dma_cmd dma_cmd)
2590{
a96cb236 2591 s->unit = s->bus->retry_unit;
dc5d0af4
PB		 2592 ide_set_sector(s, s->bus->retry_sector_num);
2593 s->nsector = s->bus->retry_nsector;
9898586d 2594 s->bus->dma->ops->restart_dma(s->bus->dma);
9898586d
PB		 2595 s->io_buffer_size = 0;
2596 s->dma_cmd = dma_cmd;
2597 ide_start_dma(s, ide_dma_cb);
2598}
2599
2600static void ide_restart_bh(void *opaque)
2601{
2602 IDEBus *bus = opaque;
2603 IDEState *s;
2604 bool is_read;
2605 int error_status;
2606
2607 qemu_bh_delete(bus->bh);
2608 bus->bh = NULL;
2609
2610 error_status = bus->error_status;
2611 if (bus->error_status == 0) {
2612 return;
2613 }
2614
2615 s = idebus_active_if(bus);
2616 is_read = (bus->error_status & IDE_RETRY_READ) != 0;
2617
2618 /* The error status must be cleared before resubmitting the request: The
2619 * request may fail again, and this case can only be distinguished if the
2620 * called function can set a new error status. */
2621 bus->error_status = 0;
2622
7c03a691
JS		 2623 /* The HBA has generically asked to be kicked on retry */
2624 if (error_status & IDE_RETRY_HBA) {
2625 if (s->bus->dma->ops->restart) {
2626 s->bus->dma->ops->restart(s->bus->dma);
2627 }
502356ee 2628 } else if (IS_IDE_RETRY_DMA(error_status)) {
9898586d
PB		 2629 if (error_status & IDE_RETRY_TRIM) {
2630 ide_restart_dma(s, IDE_DMA_TRIM);
2631 } else {
2632 ide_restart_dma(s, is_read ? IDE_DMA_READ : IDE_DMA_WRITE);
2633 }
502356ee 2634 } else if (IS_IDE_RETRY_PIO(error_status)) {
9898586d
PB		 2635 if (is_read) {
2636 ide_sector_read(s);
2637 } else {
2638 ide_sector_write(s);
2639 }
2640 } else if (error_status & IDE_RETRY_FLUSH) {
2641 ide_flush_cache(s);
502356ee
PB		 2642 } else if (IS_IDE_RETRY_ATAPI(error_status)) {
2643 assert(s->end_transfer_func == ide_atapi_cmd);
2644 ide_atapi_dma_restart(s);
9898586d 2645 } else {
502356ee 2646 abort();
9898586d
PB		 2647 }
2648}
2649
2650static void ide_restart_cb(void *opaque, int running, RunState state)
2651{
2652 IDEBus *bus = opaque;
2653
2654 if (!running)
2655 return;
2656
2657 if (!bus->bh) {
2658 bus->bh = qemu_bh_new(ide_restart_bh, bus);
2659 qemu_bh_schedule(bus->bh);
2660 }
2661}
2662
f878c916
PB		 2663void ide_register_restart_cb(IDEBus *bus)
2664{
9898586d 2665 if (bus->dma->ops->restart_dma) {
ca44141d 2666 bus->vmstate = qemu_add_vm_change_state_handler(ide_restart_cb, bus);
9898586d 2667 }
f878c916
PB		 2668}
2669
40a6238a
AG		 2670static IDEDMA ide_dma_nop = {
2671 .ops = &ide_dma_nop_ops,
2672 .aiocb = NULL,
2673};
2674
57234ee4
MA		 2675void ide_init2(IDEBus *bus, qemu_irq irq)
2676{
2677 int i;
2678
2679 for(i = 0; i < 2; i++) {
2680 ide_init1(bus, i);
2681 ide_reset(&bus->ifs[i]);
870111c8 2682 }
57234ee4 2683 bus->irq = irq;
40a6238a 2684 bus->dma = &ide_dma_nop;
d459da0e
MA		 2685}
2686
c9f08641
LQ		 2687void ide_exit(IDEState *s)
2688{
2689 timer_del(s->sector_write_timer);
2690 timer_free(s->sector_write_timer);
2691 qemu_vfree(s->smart_selftest_data);
2692 qemu_vfree(s->io_buffer);
2693}
2694
4a91d3b3
RH		 2695static const MemoryRegionPortio ide_portio_list[] = {
2696 { 0, 8, 1, .read = ide_ioport_read, .write = ide_ioport_write },
e477317c
PB		 2697 { 0, 1, 2, .read = ide_data_readw, .write = ide_data_writew },
2698 { 0, 1, 4, .read = ide_data_readl, .write = ide_data_writel },
4a91d3b3
RH		 2699 PORTIO_END_OF_LIST(),
2700};
2701
2702static const MemoryRegionPortio ide_portio2_list[] = {
2703 { 0, 1, 1, .read = ide_status_read, .write = ide_cmd_write },
2704 PORTIO_END_OF_LIST(),
2705};
2706
2707void ide_init_ioport(IDEBus *bus, ISADevice *dev, int iobase, int iobase2)
69b91039 2708{
4a91d3b3
RH		 2709 /* ??? Assume only ISA and PCI configurations, and that the PCI-ISA
2710 bridge has been setup properly to always register with ISA. */
e305a165
MAL		 2711 isa_register_portio_list(dev, &bus->portio_list,
2712 iobase, ide_portio_list, bus, "ide");
4a91d3b3 2713
caed8802 2714 if (iobase2) {
e305a165
MAL		 2715 isa_register_portio_list(dev, &bus->portio2_list,
2716 iobase2, ide_portio2_list, bus, "ide");
5391d806 2717 }
5391d806 2718}
69b91039 2719
37159f13 2720static bool is_identify_set(void *opaque, int version_id)
aa941b94 2721{
37159f13
JQ		 2722 IDEState *s = opaque;
2723
2724 return s->identify_set != 0;
2725}
2726
50641c5c
JQ		 2727static EndTransferFunc* transfer_end_table[] = {
2728 ide_sector_read,
2729 ide_sector_write,
2730 ide_transfer_stop,
2731 ide_atapi_cmd_reply_end,
2732 ide_atapi_cmd,
2733 ide_dummy_transfer_stop,
2734};
2735
2736static int transfer_end_table_idx(EndTransferFunc *fn)
2737{
2738 int i;
2739
2740 for (i = 0; i < ARRAY_SIZE(transfer_end_table); i++)
2741 if (transfer_end_table[i] == fn)
2742 return i;
2743
2744 return -1;
2745}
2746
37159f13 2747static int ide_drive_post_load(void *opaque, int version_id)
aa941b94 2748{
37159f13
JQ		 2749 IDEState *s = opaque;
2750
6b896ab2 2751 if (s->blk && s->identify_set) {
4be74634 2752 blk_set_enable_write_cache(s->blk, !!(s->identify_data[85] & (1 << 5)));
7cdd481c 2753 }
37159f13 2754 return 0;
aa941b94
AZ		 2755}
2756
50641c5c
JQ		 2757static int ide_drive_pio_post_load(void *opaque, int version_id)
2758{
2759 IDEState *s = opaque;
2760
fb60105d 2761 if (s->end_transfer_fn_idx >= ARRAY_SIZE(transfer_end_table)) {
50641c5c
JQ		 2762 return -EINVAL;
2763 }
2764 s->end_transfer_func = transfer_end_table[s->end_transfer_fn_idx];
2765 s->data_ptr = s->io_buffer + s->cur_io_buffer_offset;
2766 s->data_end = s->data_ptr + s->cur_io_buffer_len;
819fa276 2767 s->atapi_dma = s->feature & 1; /* as per cmd_packet */
50641c5c
JQ		 2768
2769 return 0;
2770}
2771
44b1ff31 2772static int ide_drive_pio_pre_save(void *opaque)
50641c5c
JQ		 2773{
2774 IDEState *s = opaque;
2775 int idx;
2776
2777 s->cur_io_buffer_offset = s->data_ptr - s->io_buffer;
2778 s->cur_io_buffer_len = s->data_end - s->data_ptr;
2779
2780 idx = transfer_end_table_idx(s->end_transfer_func);
2781 if (idx == -1) {
2782 fprintf(stderr, "%s: invalid end_transfer_func for DRQ_STAT\n",
2783 __func__);
2784 s->end_transfer_fn_idx = 2;
2785 } else {
2786 s->end_transfer_fn_idx = idx;
2787 }
44b1ff31
DDAG		 2788
2789 return 0;
50641c5c
JQ		 2790}
2791
2792static bool ide_drive_pio_state_needed(void *opaque)
2793{
2794 IDEState *s = opaque;
2795
fdc650d7 2796 return ((s->status & DRQ_STAT) != 0)
fd648f10 2797 || (s->bus->error_status & IDE_RETRY_PIO);
50641c5c
JQ		 2798}
2799
db118fe7
MA		 2800static bool ide_tray_state_needed(void *opaque)
2801{
2802 IDEState *s = opaque;
2803
2804 return s->tray_open || s->tray_locked;
2805}
2806
996faf1a
AS		 2807static bool ide_atapi_gesn_needed(void *opaque)
2808{
2809 IDEState *s = opaque;
2810
2811 return s->events.new_media || s->events.eject_request;
2812}
2813
def93791
KW		 2814static bool ide_error_needed(void *opaque)
2815{
2816 IDEBus *bus = opaque;
2817
2818 return (bus->error_status != 0);
2819}
2820
996faf1a 2821/* Fields for GET_EVENT_STATUS_NOTIFICATION ATAPI command */
656fbeff 2822static const VMStateDescription vmstate_ide_atapi_gesn_state = {
996faf1a
AS		 2823 .name ="ide_drive/atapi/gesn_state",
2824 .version_id = 1,
2825 .minimum_version_id = 1,
5cd8cada 2826 .needed = ide_atapi_gesn_needed,
35d08458 2827 .fields = (VMStateField[]) {
996faf1a
AS		 2828 VMSTATE_BOOL(events.new_media, IDEState),
2829 VMSTATE_BOOL(events.eject_request, IDEState),
0754f9ec 2830 VMSTATE_END_OF_LIST()
996faf1a
AS		 2831 }
2832};
2833
db118fe7
MA		 2834static const VMStateDescription vmstate_ide_tray_state = {
2835 .name = "ide_drive/tray_state",
2836 .version_id = 1,
2837 .minimum_version_id = 1,
5cd8cada 2838 .needed = ide_tray_state_needed,
db118fe7
MA		 2839 .fields = (VMStateField[]) {
2840 VMSTATE_BOOL(tray_open, IDEState),
2841 VMSTATE_BOOL(tray_locked, IDEState),
2842 VMSTATE_END_OF_LIST()
2843 }
2844};
2845
656fbeff 2846static const VMStateDescription vmstate_ide_drive_pio_state = {
50641c5c
JQ		 2847 .name = "ide_drive/pio_state",
2848 .version_id = 1,
2849 .minimum_version_id = 1,
50641c5c
JQ		 2850 .pre_save = ide_drive_pio_pre_save,
2851 .post_load = ide_drive_pio_post_load,
5cd8cada 2852 .needed = ide_drive_pio_state_needed,
35d08458 2853 .fields = (VMStateField[]) {
50641c5c
JQ		 2854 VMSTATE_INT32(req_nb_sectors, IDEState),
2855 VMSTATE_VARRAY_INT32(io_buffer, IDEState, io_buffer_total_len, 1,
2856 vmstate_info_uint8, uint8_t),
2857 VMSTATE_INT32(cur_io_buffer_offset, IDEState),
2858 VMSTATE_INT32(cur_io_buffer_len, IDEState),
2859 VMSTATE_UINT8(end_transfer_fn_idx, IDEState),
2860 VMSTATE_INT32(elementary_transfer_size, IDEState),
2861 VMSTATE_INT32(packet_transfer_size, IDEState),
2862 VMSTATE_END_OF_LIST()
2863 }
2864};
2865
37159f13
JQ		 2866const VMStateDescription vmstate_ide_drive = {
2867 .name = "ide_drive",
3abb6260 2868 .version_id = 3,
37159f13 2869 .minimum_version_id = 0,
37159f13 2870 .post_load = ide_drive_post_load,
35d08458 2871 .fields = (VMStateField[]) {
37159f13
JQ		 2872 VMSTATE_INT32(mult_sectors, IDEState),
2873 VMSTATE_INT32(identify_set, IDEState),
2874 VMSTATE_BUFFER_TEST(identify_data, IDEState, is_identify_set),
2875 VMSTATE_UINT8(feature, IDEState),
2876 VMSTATE_UINT8(error, IDEState),
2877 VMSTATE_UINT32(nsector, IDEState),
2878 VMSTATE_UINT8(sector, IDEState),
2879 VMSTATE_UINT8(lcyl, IDEState),
2880 VMSTATE_UINT8(hcyl, IDEState),
2881 VMSTATE_UINT8(hob_feature, IDEState),
2882 VMSTATE_UINT8(hob_sector, IDEState),
2883 VMSTATE_UINT8(hob_nsector, IDEState),
2884 VMSTATE_UINT8(hob_lcyl, IDEState),
2885 VMSTATE_UINT8(hob_hcyl, IDEState),
2886 VMSTATE_UINT8(select, IDEState),
2887 VMSTATE_UINT8(status, IDEState),
2888 VMSTATE_UINT8(lba48, IDEState),
2889 VMSTATE_UINT8(sense_key, IDEState),
2890 VMSTATE_UINT8(asc, IDEState),
2891 VMSTATE_UINT8_V(cdrom_changed, IDEState, 3),
37159f13 2892 VMSTATE_END_OF_LIST()
50641c5c 2893 },
5cd8cada
JQ		 2894 .subsections = (const VMStateDescription*[]) {
2895 &vmstate_ide_drive_pio_state,
2896 &vmstate_ide_tray_state,
2897 &vmstate_ide_atapi_gesn_state,
2898 NULL
37159f13
JQ		 2899 }
2900};
2901
656fbeff 2902static const VMStateDescription vmstate_ide_error_status = {
def93791 2903 .name ="ide_bus/error",
d12b9ff2 2904 .version_id = 2,
def93791 2905 .minimum_version_id = 1,
5cd8cada 2906 .needed = ide_error_needed,
35d08458 2907 .fields = (VMStateField[]) {
def93791 2908 VMSTATE_INT32(error_status, IDEBus),
d12b9ff2
PB		 2909 VMSTATE_INT64_V(retry_sector_num, IDEBus, 2),
2910 VMSTATE_UINT32_V(retry_nsector, IDEBus, 2),
2911 VMSTATE_UINT8_V(retry_unit, IDEBus, 2),
def93791
KW		 2912 VMSTATE_END_OF_LIST()
2913 }
2914};
2915
6521dc62
JQ		 2916const VMStateDescription vmstate_ide_bus = {
2917 .name = "ide_bus",
2918 .version_id = 1,
2919 .minimum_version_id = 1,
35d08458 2920 .fields = (VMStateField[]) {
6521dc62
JQ		 2921 VMSTATE_UINT8(cmd, IDEBus),
2922 VMSTATE_UINT8(unit, IDEBus),
2923 VMSTATE_END_OF_LIST()
def93791 2924 },
5cd8cada
JQ		 2925 .subsections = (const VMStateDescription*[]) {
2926 &vmstate_ide_error_status,
2927 NULL
6521dc62
JQ		 2928 }
2929};
75717903 2930
d8f94e1b 2931void ide_drive_get(DriveInfo **hd, int n)
75717903
IY		 2932{
2933 int i;
75717903 2934
d8f94e1b
JS		 2935 for (i = 0; i < n; i++) {
2936 hd[i] = drive_get_by_index(IF_IDE, i);
75717903
IY		 2937 }
2938}
QEMU mirror