]> git.proxmox.com Git - qemu.git/blob - hw/ide/core.c
projects / qemu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Rearrange block headers
[qemu.git] / hw / ide / core.c
1 /*
2 * QEMU IDE disk and CD/DVD-ROM Emulator
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
25 #include <hw/hw.h>
26 #include <hw/pc.h>
27 #include <hw/pci.h>
28 #include <hw/scsi.h>
29 #include "qemu-error.h"
30 #include "qemu-timer.h"
31 #include "sysemu.h"
32 #include "dma.h"
33 #include "blockdev.h"
34
35 #include <hw/ide/internal.h>
36
37 #define IDE_PAGE_SIZE 4096
38
39 static const int smart_attributes[][5] = {
40 /* id, flags, val, wrst, thrsh */
41 { 0x01, 0x03, 0x64, 0x64, 0x06}, /* raw read */
42 { 0x03, 0x03, 0x64, 0x64, 0x46}, /* spin up */
43 { 0x04, 0x02, 0x64, 0x64, 0x14}, /* start stop count */
44 { 0x05, 0x03, 0x64, 0x64, 0x36}, /* remapped sectors */
45 { 0x00, 0x00, 0x00, 0x00, 0x00}
46 };
47
48 /* XXX: DVDs that could fit on a CD will be reported as a CD */
49 static inline int media_present(IDEState *s)
50 {
51 return (s->nb_sectors > 0);
52 }
53
54 static inline int media_is_dvd(IDEState *s)
55 {
56 return (media_present(s) && s->nb_sectors > CD_MAX_SECTORS);
57 }
58
59 static inline int media_is_cd(IDEState *s)
60 {
61 return (media_present(s) && s->nb_sectors <= CD_MAX_SECTORS);
62 }
63
64 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb);
65 static void ide_dma_restart(IDEState *s, int is_read);
66 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
67 static int ide_handle_rw_error(IDEState *s, int error, int op);
68
69 static void padstr(char *str, const char *src, int len)
70 {
71 int i, v;
72 for(i = 0; i < len; i++) {
73 if (*src)
74 v = *src++;
75 else
76 v = ' ';
77 str[i^1] = v;
78 }
79 }
80
81 static void padstr8(uint8_t *buf, int buf_size, const char *src)
82 {
83 int i;
84 for(i = 0; i < buf_size; i++) {
85 if (*src)
86 buf[i] = *src++;
87 else
88 buf[i] = ' ';
89 }
90 }
91
92 static void put_le16(uint16_t *p, unsigned int v)
93 {
94 *p = cpu_to_le16(v);
95 }
96
97 static void ide_identify(IDEState *s)
98 {
99 uint16_t *p;
100 unsigned int oldsize;
101 IDEDevice *dev;
102
103 if (s->identify_set) {
104 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
105 return;
106 }
107
108 memset(s->io_buffer, 0, 512);
109 p = (uint16_t *)s->io_buffer;
110 put_le16(p + 0, 0x0040);
111 put_le16(p + 1, s->cylinders);
112 put_le16(p + 3, s->heads);
113 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
114 put_le16(p + 5, 512); /* XXX: retired, remove ? */
115 put_le16(p + 6, s->sectors);
116 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
117 put_le16(p + 20, 3); /* XXX: retired, remove ? */
118 put_le16(p + 21, 512); /* cache size in sectors */
119 put_le16(p + 22, 4); /* ecc bytes */
120 padstr((char *)(p + 23), s->version, 8); /* firmware version */
121 padstr((char *)(p + 27), "QEMU HARDDISK", 40); /* model */
122 #if MAX_MULT_SECTORS > 1
123 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
124 #endif
125 put_le16(p + 48, 1); /* dword I/O */
126 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
127 put_le16(p + 51, 0x200); /* PIO transfer cycle */
128 put_le16(p + 52, 0x200); /* DMA transfer cycle */
129 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
130 put_le16(p + 54, s->cylinders);
131 put_le16(p + 55, s->heads);
132 put_le16(p + 56, s->sectors);
133 oldsize = s->cylinders * s->heads * s->sectors;
134 put_le16(p + 57, oldsize);
135 put_le16(p + 58, oldsize >> 16);
136 if (s->mult_sectors)
137 put_le16(p + 59, 0x100 | s->mult_sectors);
138 put_le16(p + 60, s->nb_sectors);
139 put_le16(p + 61, s->nb_sectors >> 16);
140 put_le16(p + 62, 0x07); /* single word dma0-2 supported */
141 put_le16(p + 63, 0x07); /* mdma0-2 supported */
142 put_le16(p + 65, 120);
143 put_le16(p + 66, 120);
144 put_le16(p + 67, 120);
145 put_le16(p + 68, 120);
146 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
147 put_le16(p + 81, 0x16); /* conforms to ata5 */
148 /* 14=NOP supported, 0=SMART supported */
149 put_le16(p + 82, (1 << 14) | 1);
150 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
151 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
152 /* 14=set to 1, 1=SMART self test, 0=SMART error logging */
153 put_le16(p + 84, (1 << 14) | 0);
154 /* 14 = NOP supported, 5=WCACHE enabled, 0=SMART feature set enabled */
155 if (bdrv_enable_write_cache(s->bs))
156 put_le16(p + 85, (1 << 14) | (1 << 5) | 1);
157 else
158 put_le16(p + 85, (1 << 14) | 1);
159 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
160 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
161 /* 14=set to 1, 1=smart self test, 0=smart error logging */
162 put_le16(p + 87, (1 << 14) | 0);
163 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
164 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
165 put_le16(p + 100, s->nb_sectors);
166 put_le16(p + 101, s->nb_sectors >> 16);
167 put_le16(p + 102, s->nb_sectors >> 32);
168 put_le16(p + 103, s->nb_sectors >> 48);
169 dev = s->unit ? s->bus->slave : s->bus->master;
170 if (dev && dev->conf.physical_block_size)
171 put_le16(p + 106, 0x6000 | get_physical_block_exp(&dev->conf));
172
173 memcpy(s->identify_data, p, sizeof(s->identify_data));
174 s->identify_set = 1;
175 }
176
177 static void ide_atapi_identify(IDEState *s)
178 {
179 uint16_t *p;
180
181 if (s->identify_set) {
182 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
183 return;
184 }
185
186 memset(s->io_buffer, 0, 512);
187 p = (uint16_t *)s->io_buffer;
188 /* Removable CDROM, 50us response, 12 byte packets */
189 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
190 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
191 put_le16(p + 20, 3); /* buffer type */
192 put_le16(p + 21, 512); /* cache size in sectors */
193 put_le16(p + 22, 4); /* ecc bytes */
194 padstr((char *)(p + 23), s->version, 8); /* firmware version */
195 padstr((char *)(p + 27), "QEMU DVD-ROM", 40); /* model */
196 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
197 #ifdef USE_DMA_CDROM
198 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
199 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
200 put_le16(p + 62, 7); /* single word dma0-2 supported */
201 put_le16(p + 63, 7); /* mdma0-2 supported */
202 put_le16(p + 64, 0x3f); /* PIO modes supported */
203 #else
204 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
205 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
206 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
207 put_le16(p + 64, 1); /* PIO modes */
208 #endif
209 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
210 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
211 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
212 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
213
214 put_le16(p + 71, 30); /* in ns */
215 put_le16(p + 72, 30); /* in ns */
216
217 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
218 #ifdef USE_DMA_CDROM
219 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
220 #endif
221 memcpy(s->identify_data, p, sizeof(s->identify_data));
222 s->identify_set = 1;
223 }
224
225 static void ide_cfata_identify(IDEState *s)
226 {
227 uint16_t *p;
228 uint32_t cur_sec;
229
230 p = (uint16_t *) s->identify_data;
231 if (s->identify_set)
232 goto fill_buffer;
233
234 memset(p, 0, sizeof(s->identify_data));
235
236 cur_sec = s->cylinders * s->heads * s->sectors;
237
238 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
239 put_le16(p + 1, s->cylinders); /* Default cylinders */
240 put_le16(p + 3, s->heads); /* Default heads */
241 put_le16(p + 6, s->sectors); /* Default sectors per track */
242 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
243 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
244 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
245 put_le16(p + 22, 0x0004); /* ECC bytes */
246 padstr((char *) (p + 23), s->version, 8); /* Firmware Revision */
247 padstr((char *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */
248 #if MAX_MULT_SECTORS > 1
249 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
250 #else
251 put_le16(p + 47, 0x0000);
252 #endif
253 put_le16(p + 49, 0x0f00); /* Capabilities */
254 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
255 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
256 put_le16(p + 53, 0x0003); /* Translation params valid */
257 put_le16(p + 54, s->cylinders); /* Current cylinders */
258 put_le16(p + 55, s->heads); /* Current heads */
259 put_le16(p + 56, s->sectors); /* Current sectors */
260 put_le16(p + 57, cur_sec); /* Current capacity */
261 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
262 if (s->mult_sectors) /* Multiple sector setting */
263 put_le16(p + 59, 0x100 | s->mult_sectors);
264 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
265 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
266 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
267 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
268 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
269 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
270 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
271 put_le16(p + 82, 0x400c); /* Command Set supported */
272 put_le16(p + 83, 0x7068); /* Command Set supported */
273 put_le16(p + 84, 0x4000); /* Features supported */
274 put_le16(p + 85, 0x000c); /* Command Set enabled */
275 put_le16(p + 86, 0x7044); /* Command Set enabled */
276 put_le16(p + 87, 0x4000); /* Features enabled */
277 put_le16(p + 91, 0x4060); /* Current APM level */
278 put_le16(p + 129, 0x0002); /* Current features option */
279 put_le16(p + 130, 0x0005); /* Reassigned sectors */
280 put_le16(p + 131, 0x0001); /* Initial power mode */
281 put_le16(p + 132, 0x0000); /* User signature */
282 put_le16(p + 160, 0x8100); /* Power requirement */
283 put_le16(p + 161, 0x8001); /* CF command set */
284
285 s->identify_set = 1;
286
287 fill_buffer:
288 memcpy(s->io_buffer, p, sizeof(s->identify_data));
289 }
290
291 static void ide_set_signature(IDEState *s)
292 {
293 s->select &= 0xf0; /* clear head */
294 /* put signature */
295 s->nsector = 1;
296 s->sector = 1;
297 if (s->drive_kind == IDE_CD) {
298 s->lcyl = 0x14;
299 s->hcyl = 0xeb;
300 } else if (s->bs) {
301 s->lcyl = 0;
302 s->hcyl = 0;
303 } else {
304 s->lcyl = 0xff;
305 s->hcyl = 0xff;
306 }
307 }
308
309 static inline void ide_abort_command(IDEState *s)
310 {
311 s->status = READY_STAT | ERR_STAT;
312 s->error = ABRT_ERR;
313 }
314
315 static inline void ide_dma_submit_check(IDEState *s,
316 BlockDriverCompletionFunc *dma_cb, BMDMAState *bm)
317 {
318 if (bm->aiocb)
319 return;
320 dma_cb(bm, -1);
321 }
322
323 /* prepare data transfer and tell what to do after */
324 static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
325 EndTransferFunc *end_transfer_func)
326 {
327 s->end_transfer_func = end_transfer_func;
328 s->data_ptr = buf;
329 s->data_end = buf + size;
330 if (!(s->status & ERR_STAT))
331 s->status |= DRQ_STAT;
332 }
333
334 static void ide_transfer_stop(IDEState *s)
335 {
336 s->end_transfer_func = ide_transfer_stop;
337 s->data_ptr = s->io_buffer;
338 s->data_end = s->io_buffer;
339 s->status &= ~DRQ_STAT;
340 }
341
342 int64_t ide_get_sector(IDEState *s)
343 {
344 int64_t sector_num;
345 if (s->select & 0x40) {
346 /* lba */
347 if (!s->lba48) {
348 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
349 (s->lcyl << 8) | s->sector;
350 } else {
351 sector_num = ((int64_t)s->hob_hcyl << 40) |
352 ((int64_t) s->hob_lcyl << 32) |
353 ((int64_t) s->hob_sector << 24) |
354 ((int64_t) s->hcyl << 16) |
355 ((int64_t) s->lcyl << 8) | s->sector;
356 }
357 } else {
358 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
359 (s->select & 0x0f) * s->sectors + (s->sector - 1);
360 }
361 return sector_num;
362 }
363
364 void ide_set_sector(IDEState *s, int64_t sector_num)
365 {
366 unsigned int cyl, r;
367 if (s->select & 0x40) {
368 if (!s->lba48) {
369 s->select = (s->select & 0xf0) | (sector_num >> 24);
370 s->hcyl = (sector_num >> 16);
371 s->lcyl = (sector_num >> 8);
372 s->sector = (sector_num);
373 } else {
374 s->sector = sector_num;
375 s->lcyl = sector_num >> 8;
376 s->hcyl = sector_num >> 16;
377 s->hob_sector = sector_num >> 24;
378 s->hob_lcyl = sector_num >> 32;
379 s->hob_hcyl = sector_num >> 40;
380 }
381 } else {
382 cyl = sector_num / (s->heads * s->sectors);
383 r = sector_num % (s->heads * s->sectors);
384 s->hcyl = cyl >> 8;
385 s->lcyl = cyl;
386 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
387 s->sector = (r % s->sectors) + 1;
388 }
389 }
390
391 static void ide_rw_error(IDEState *s) {
392 ide_abort_command(s);
393 ide_set_irq(s->bus);
394 }
395
396 static void ide_sector_read(IDEState *s)
397 {
398 int64_t sector_num;
399 int ret, n;
400
401 s->status = READY_STAT | SEEK_STAT;
402 s->error = 0; /* not needed by IDE spec, but needed by Windows */
403 sector_num = ide_get_sector(s);
404 n = s->nsector;
405 if (n == 0) {
406 /* no more sector to read from disk */
407 ide_transfer_stop(s);
408 } else {
409 #if defined(DEBUG_IDE)
410 printf("read sector=%" PRId64 "\n", sector_num);
411 #endif
412 if (n > s->req_nb_sectors)
413 n = s->req_nb_sectors;
414 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
415 if (ret != 0) {
416 if (ide_handle_rw_error(s, -ret,
417 BM_STATUS_PIO_RETRY | BM_STATUS_RETRY_READ))
418 {
419 return;
420 }
421 }
422 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
423 ide_set_irq(s->bus);
424 ide_set_sector(s, sector_num + n);
425 s->nsector -= n;
426 }
427 }
428
429
430 /* return 0 if buffer completed */
431 static int dma_buf_prepare(BMDMAState *bm, int is_write)
432 {
433 IDEState *s = bmdma_active_if(bm);
434 struct {
435 uint32_t addr;
436 uint32_t size;
437 } prd;
438 int l, len;
439
440 qemu_sglist_init(&s->sg, s->nsector / (IDE_PAGE_SIZE / 512) + 1);
441 s->io_buffer_size = 0;
442 for(;;) {
443 if (bm->cur_prd_len == 0) {
444 /* end of table (with a fail safe of one page) */
445 if (bm->cur_prd_last ||
446 (bm->cur_addr - bm->addr) >= IDE_PAGE_SIZE)
447 return s->io_buffer_size != 0;
448 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
449 bm->cur_addr += 8;
450 prd.addr = le32_to_cpu(prd.addr);
451 prd.size = le32_to_cpu(prd.size);
452 len = prd.size & 0xfffe;
453 if (len == 0)
454 len = 0x10000;
455 bm->cur_prd_len = len;
456 bm->cur_prd_addr = prd.addr;
457 bm->cur_prd_last = (prd.size & 0x80000000);
458 }
459 l = bm->cur_prd_len;
460 if (l > 0) {
461 qemu_sglist_add(&s->sg, bm->cur_prd_addr, l);
462 bm->cur_prd_addr += l;
463 bm->cur_prd_len -= l;
464 s->io_buffer_size += l;
465 }
466 }
467 return 1;
468 }
469
470 static void dma_buf_commit(IDEState *s, int is_write)
471 {
472 qemu_sglist_destroy(&s->sg);
473 }
474
475 void ide_dma_error(IDEState *s)
476 {
477 ide_transfer_stop(s);
478 s->error = ABRT_ERR;
479 s->status = READY_STAT | ERR_STAT;
480 ide_set_irq(s->bus);
481 }
482
483 static int ide_handle_rw_error(IDEState *s, int error, int op)
484 {
485 int is_read = (op & BM_STATUS_RETRY_READ);
486 BlockErrorAction action = bdrv_get_on_error(s->bs, is_read);
487
488 if (action == BLOCK_ERR_IGNORE) {
489 bdrv_mon_event(s->bs, BDRV_ACTION_IGNORE, is_read);
490 return 0;
491 }
492
493 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
494 || action == BLOCK_ERR_STOP_ANY) {
495 s->bus->bmdma->unit = s->unit;
496 s->bus->bmdma->status |= op;
497 bdrv_mon_event(s->bs, BDRV_ACTION_STOP, is_read);
498 vm_stop(0);
499 } else {
500 if (op & BM_STATUS_DMA_RETRY) {
501 dma_buf_commit(s, 0);
502 ide_dma_error(s);
503 } else {
504 ide_rw_error(s);
505 }
506 bdrv_mon_event(s->bs, BDRV_ACTION_REPORT, is_read);
507 }
508
509 return 1;
510 }
511
512 /* return 0 if buffer completed */
513 static int dma_buf_rw(BMDMAState *bm, int is_write)
514 {
515 IDEState *s = bmdma_active_if(bm);
516 struct {
517 uint32_t addr;
518 uint32_t size;
519 } prd;
520 int l, len;
521
522 for(;;) {
523 l = s->io_buffer_size - s->io_buffer_index;
524 if (l <= 0)
525 break;
526 if (bm->cur_prd_len == 0) {
527 /* end of table (with a fail safe of one page) */
528 if (bm->cur_prd_last ||
529 (bm->cur_addr - bm->addr) >= IDE_PAGE_SIZE)
530 return 0;
531 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
532 bm->cur_addr += 8;
533 prd.addr = le32_to_cpu(prd.addr);
534 prd.size = le32_to_cpu(prd.size);
535 len = prd.size & 0xfffe;
536 if (len == 0)
537 len = 0x10000;
538 bm->cur_prd_len = len;
539 bm->cur_prd_addr = prd.addr;
540 bm->cur_prd_last = (prd.size & 0x80000000);
541 }
542 if (l > bm->cur_prd_len)
543 l = bm->cur_prd_len;
544 if (l > 0) {
545 if (is_write) {
546 cpu_physical_memory_write(bm->cur_prd_addr,
547 s->io_buffer + s->io_buffer_index, l);
548 } else {
549 cpu_physical_memory_read(bm->cur_prd_addr,
550 s->io_buffer + s->io_buffer_index, l);
551 }
552 bm->cur_prd_addr += l;
553 bm->cur_prd_len -= l;
554 s->io_buffer_index += l;
555 }
556 }
557 return 1;
558 }
559
560 static void ide_read_dma_cb(void *opaque, int ret)
561 {
562 BMDMAState *bm = opaque;
563 IDEState *s = bmdma_active_if(bm);
564 int n;
565 int64_t sector_num;
566
567 if (ret < 0) {
568 if (ide_handle_rw_error(s, -ret,
569 BM_STATUS_DMA_RETRY | BM_STATUS_RETRY_READ))
570 {
571 return;
572 }
573 }
574
575 n = s->io_buffer_size >> 9;
576 sector_num = ide_get_sector(s);
577 if (n > 0) {
578 dma_buf_commit(s, 1);
579 sector_num += n;
580 ide_set_sector(s, sector_num);
581 s->nsector -= n;
582 }
583
584 /* end of transfer ? */
585 if (s->nsector == 0) {
586 s->status = READY_STAT | SEEK_STAT;
587 ide_set_irq(s->bus);
588 eot:
589 bm->status &= ~BM_STATUS_DMAING;
590 bm->status |= BM_STATUS_INT;
591 bm->dma_cb = NULL;
592 bm->unit = -1;
593 bm->aiocb = NULL;
594 return;
595 }
596
597 /* launch next transfer */
598 n = s->nsector;
599 s->io_buffer_index = 0;
600 s->io_buffer_size = n * 512;
601 if (dma_buf_prepare(bm, 1) == 0)
602 goto eot;
603 #ifdef DEBUG_AIO
604 printf("aio_read: sector_num=%" PRId64 " n=%d\n", sector_num, n);
605 #endif
606 bm->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num, ide_read_dma_cb, bm);
607 ide_dma_submit_check(s, ide_read_dma_cb, bm);
608 }
609
610 static void ide_sector_read_dma(IDEState *s)
611 {
612 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
613 s->io_buffer_index = 0;
614 s->io_buffer_size = 0;
615 s->is_read = 1;
616 ide_dma_start(s, ide_read_dma_cb);
617 }
618
619 static void ide_sector_write_timer_cb(void *opaque)
620 {
621 IDEState *s = opaque;
622 ide_set_irq(s->bus);
623 }
624
625 static void ide_sector_write(IDEState *s)
626 {
627 int64_t sector_num;
628 int ret, n, n1;
629
630 s->status = READY_STAT | SEEK_STAT;
631 sector_num = ide_get_sector(s);
632 #if defined(DEBUG_IDE)
633 printf("write sector=%" PRId64 "\n", sector_num);
634 #endif
635 n = s->nsector;
636 if (n > s->req_nb_sectors)
637 n = s->req_nb_sectors;
638 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
639
640 if (ret != 0) {
641 if (ide_handle_rw_error(s, -ret, BM_STATUS_PIO_RETRY))
642 return;
643 }
644
645 s->nsector -= n;
646 if (s->nsector == 0) {
647 /* no more sectors to write */
648 ide_transfer_stop(s);
649 } else {
650 n1 = s->nsector;
651 if (n1 > s->req_nb_sectors)
652 n1 = s->req_nb_sectors;
653 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
654 }
655 ide_set_sector(s, sector_num + n);
656
657 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
658 /* It seems there is a bug in the Windows 2000 installer HDD
659 IDE driver which fills the disk with empty logs when the
660 IDE write IRQ comes too early. This hack tries to correct
661 that at the expense of slower write performances. Use this
662 option _only_ to install Windows 2000. You must disable it
663 for normal use. */
664 qemu_mod_timer(s->sector_write_timer,
665 qemu_get_clock(vm_clock) + (get_ticks_per_sec() / 1000));
666 } else {
667 ide_set_irq(s->bus);
668 }
669 }
670
671 static void ide_dma_restart_bh(void *opaque)
672 {
673 BMDMAState *bm = opaque;
674 int is_read;
675
676 qemu_bh_delete(bm->bh);
677 bm->bh = NULL;
678
679 is_read = !!(bm->status & BM_STATUS_RETRY_READ);
680
681 if (bm->status & BM_STATUS_DMA_RETRY) {
682 bm->status &= ~(BM_STATUS_DMA_RETRY | BM_STATUS_RETRY_READ);
683 ide_dma_restart(bmdma_active_if(bm), is_read);
684 } else if (bm->status & BM_STATUS_PIO_RETRY) {
685 bm->status &= ~(BM_STATUS_PIO_RETRY | BM_STATUS_RETRY_READ);
686 if (is_read) {
687 ide_sector_read(bmdma_active_if(bm));
688 } else {
689 ide_sector_write(bmdma_active_if(bm));
690 }
691 }
692 }
693
694 void ide_dma_restart_cb(void *opaque, int running, int reason)
695 {
696 BMDMAState *bm = opaque;
697
698 if (!running)
699 return;
700
701 if (!bm->bh) {
702 bm->bh = qemu_bh_new(ide_dma_restart_bh, bm);
703 qemu_bh_schedule(bm->bh);
704 }
705 }
706
707 static void ide_write_dma_cb(void *opaque, int ret)
708 {
709 BMDMAState *bm = opaque;
710 IDEState *s = bmdma_active_if(bm);
711 int n;
712 int64_t sector_num;
713
714 if (ret < 0) {
715 if (ide_handle_rw_error(s, -ret, BM_STATUS_DMA_RETRY))
716 return;
717 }
718
719 n = s->io_buffer_size >> 9;
720 sector_num = ide_get_sector(s);
721 if (n > 0) {
722 dma_buf_commit(s, 0);
723 sector_num += n;
724 ide_set_sector(s, sector_num);
725 s->nsector -= n;
726 }
727
728 /* end of transfer ? */
729 if (s->nsector == 0) {
730 s->status = READY_STAT | SEEK_STAT;
731 ide_set_irq(s->bus);
732 eot:
733 bm->status &= ~BM_STATUS_DMAING;
734 bm->status |= BM_STATUS_INT;
735 bm->dma_cb = NULL;
736 bm->unit = -1;
737 bm->aiocb = NULL;
738 return;
739 }
740
741 n = s->nsector;
742 s->io_buffer_size = n * 512;
743 /* launch next transfer */
744 if (dma_buf_prepare(bm, 0) == 0)
745 goto eot;
746 #ifdef DEBUG_AIO
747 printf("aio_write: sector_num=%" PRId64 " n=%d\n", sector_num, n);
748 #endif
749 bm->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num, ide_write_dma_cb, bm);
750 ide_dma_submit_check(s, ide_write_dma_cb, bm);
751 }
752
753 static void ide_sector_write_dma(IDEState *s)
754 {
755 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
756 s->io_buffer_index = 0;
757 s->io_buffer_size = 0;
758 s->is_read = 0;
759 ide_dma_start(s, ide_write_dma_cb);
760 }
761
762 void ide_atapi_cmd_ok(IDEState *s)
763 {
764 s->error = 0;
765 s->status = READY_STAT | SEEK_STAT;
766 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
767 ide_set_irq(s->bus);
768 }
769
770 void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
771 {
772 #ifdef DEBUG_IDE_ATAPI
773 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
774 #endif
775 s->error = sense_key << 4;
776 s->status = READY_STAT | ERR_STAT;
777 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
778 s->sense_key = sense_key;
779 s->asc = asc;
780 ide_set_irq(s->bus);
781 }
782
783 static void ide_atapi_cmd_check_status(IDEState *s)
784 {
785 #ifdef DEBUG_IDE_ATAPI
786 printf("atapi_cmd_check_status\n");
787 #endif
788 s->error = MC_ERR | (SENSE_UNIT_ATTENTION << 4);
789 s->status = ERR_STAT;
790 s->nsector = 0;
791 ide_set_irq(s->bus);
792 }
793
794 static void ide_flush_cb(void *opaque, int ret)
795 {
796 IDEState *s = opaque;
797
798 /* XXX: how do we signal I/O errors here? */
799
800 s->status = READY_STAT | SEEK_STAT;
801 ide_set_irq(s->bus);
802 }
803
804 static inline void cpu_to_ube16(uint8_t *buf, int val)
805 {
806 buf[0] = val >> 8;
807 buf[1] = val & 0xff;
808 }
809
810 static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
811 {
812 buf[0] = val >> 24;
813 buf[1] = val >> 16;
814 buf[2] = val >> 8;
815 buf[3] = val & 0xff;
816 }
817
818 static inline int ube16_to_cpu(const uint8_t *buf)
819 {
820 return (buf[0] << 8) | buf[1];
821 }
822
823 static inline int ube32_to_cpu(const uint8_t *buf)
824 {
825 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
826 }
827
828 static void lba_to_msf(uint8_t *buf, int lba)
829 {
830 lba += 150;
831 buf[0] = (lba / 75) / 60;
832 buf[1] = (lba / 75) % 60;
833 buf[2] = lba % 75;
834 }
835
836 static void cd_data_to_raw(uint8_t *buf, int lba)
837 {
838 /* sync bytes */
839 buf[0] = 0x00;
840 memset(buf + 1, 0xff, 10);
841 buf[11] = 0x00;
842 buf += 12;
843 /* MSF */
844 lba_to_msf(buf, lba);
845 buf[3] = 0x01; /* mode 1 data */
846 buf += 4;
847 /* data */
848 buf += 2048;
849 /* XXX: ECC not computed */
850 memset(buf, 0, 288);
851 }
852
853 static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
854 int sector_size)
855 {
856 int ret;
857
858 switch(sector_size) {
859 case 2048:
860 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
861 break;
862 case 2352:
863 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
864 if (ret < 0)
865 return ret;
866 cd_data_to_raw(buf, lba);
867 break;
868 default:
869 ret = -EIO;
870 break;
871 }
872 return ret;
873 }
874
875 void ide_atapi_io_error(IDEState *s, int ret)
876 {
877 /* XXX: handle more errors */
878 if (ret == -ENOMEDIUM) {
879 ide_atapi_cmd_error(s, SENSE_NOT_READY,
880 ASC_MEDIUM_NOT_PRESENT);
881 } else {
882 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
883 ASC_LOGICAL_BLOCK_OOR);
884 }
885 }
886
887 /* The whole ATAPI transfer logic is handled in this function */
888 static void ide_atapi_cmd_reply_end(IDEState *s)
889 {
890 int byte_count_limit, size, ret;
891 #ifdef DEBUG_IDE_ATAPI
892 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
893 s->packet_transfer_size,
894 s->elementary_transfer_size,
895 s->io_buffer_index);
896 #endif
897 if (s->packet_transfer_size <= 0) {
898 /* end of transfer */
899 ide_transfer_stop(s);
900 s->status = READY_STAT | SEEK_STAT;
901 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
902 ide_set_irq(s->bus);
903 #ifdef DEBUG_IDE_ATAPI
904 printf("status=0x%x\n", s->status);
905 #endif
906 } else {
907 /* see if a new sector must be read */
908 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
909 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
910 if (ret < 0) {
911 ide_transfer_stop(s);
912 ide_atapi_io_error(s, ret);
913 return;
914 }
915 s->lba++;
916 s->io_buffer_index = 0;
917 }
918 if (s->elementary_transfer_size > 0) {
919 /* there are some data left to transmit in this elementary
920 transfer */
921 size = s->cd_sector_size - s->io_buffer_index;
922 if (size > s->elementary_transfer_size)
923 size = s->elementary_transfer_size;
924 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
925 size, ide_atapi_cmd_reply_end);
926 s->packet_transfer_size -= size;
927 s->elementary_transfer_size -= size;
928 s->io_buffer_index += size;
929 } else {
930 /* a new transfer is needed */
931 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
932 byte_count_limit = s->lcyl | (s->hcyl << 8);
933 #ifdef DEBUG_IDE_ATAPI
934 printf("byte_count_limit=%d\n", byte_count_limit);
935 #endif
936 if (byte_count_limit == 0xffff)
937 byte_count_limit--;
938 size = s->packet_transfer_size;
939 if (size > byte_count_limit) {
940 /* byte count limit must be even if this case */
941 if (byte_count_limit & 1)
942 byte_count_limit--;
943 size = byte_count_limit;
944 }
945 s->lcyl = size;
946 s->hcyl = size >> 8;
947 s->elementary_transfer_size = size;
948 /* we cannot transmit more than one sector at a time */
949 if (s->lba != -1) {
950 if (size > (s->cd_sector_size - s->io_buffer_index))
951 size = (s->cd_sector_size - s->io_buffer_index);
952 }
953 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
954 size, ide_atapi_cmd_reply_end);
955 s->packet_transfer_size -= size;
956 s->elementary_transfer_size -= size;
957 s->io_buffer_index += size;
958 ide_set_irq(s->bus);
959 #ifdef DEBUG_IDE_ATAPI
960 printf("status=0x%x\n", s->status);
961 #endif
962 }
963 }
964 }
965
966 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
967 static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
968 {
969 if (size > max_size)
970 size = max_size;
971 s->lba = -1; /* no sector read */
972 s->packet_transfer_size = size;
973 s->io_buffer_size = size; /* dma: send the reply data as one chunk */
974 s->elementary_transfer_size = 0;
975 s->io_buffer_index = 0;
976
977 if (s->atapi_dma) {
978 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
979 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
980 } else {
981 s->status = READY_STAT | SEEK_STAT;
982 ide_atapi_cmd_reply_end(s);
983 }
984 }
985
986 /* start a CD-CDROM read command */
987 static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
988 int sector_size)
989 {
990 s->lba = lba;
991 s->packet_transfer_size = nb_sectors * sector_size;
992 s->elementary_transfer_size = 0;
993 s->io_buffer_index = sector_size;
994 s->cd_sector_size = sector_size;
995
996 s->status = READY_STAT | SEEK_STAT;
997 ide_atapi_cmd_reply_end(s);
998 }
999
1000 /* ATAPI DMA support */
1001
1002 /* XXX: handle read errors */
1003 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
1004 {
1005 BMDMAState *bm = opaque;
1006 IDEState *s = bmdma_active_if(bm);
1007 int data_offset, n;
1008
1009 if (ret < 0) {
1010 ide_atapi_io_error(s, ret);
1011 goto eot;
1012 }
1013
1014 if (s->io_buffer_size > 0) {
1015 /*
1016 * For a cdrom read sector command (s->lba != -1),
1017 * adjust the lba for the next s->io_buffer_size chunk
1018 * and dma the current chunk.
1019 * For a command != read (s->lba == -1), just transfer
1020 * the reply data.
1021 */
1022 if (s->lba != -1) {
1023 if (s->cd_sector_size == 2352) {
1024 n = 1;
1025 cd_data_to_raw(s->io_buffer, s->lba);
1026 } else {
1027 n = s->io_buffer_size >> 11;
1028 }
1029 s->lba += n;
1030 }
1031 s->packet_transfer_size -= s->io_buffer_size;
1032 if (dma_buf_rw(bm, 1) == 0)
1033 goto eot;
1034 }
1035
1036 if (s->packet_transfer_size <= 0) {
1037 s->status = READY_STAT | SEEK_STAT;
1038 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1039 ide_set_irq(s->bus);
1040 eot:
1041 bm->status &= ~BM_STATUS_DMAING;
1042 bm->status |= BM_STATUS_INT;
1043 bm->dma_cb = NULL;
1044 bm->unit = -1;
1045 bm->aiocb = NULL;
1046 return;
1047 }
1048
1049 s->io_buffer_index = 0;
1050 if (s->cd_sector_size == 2352) {
1051 n = 1;
1052 s->io_buffer_size = s->cd_sector_size;
1053 data_offset = 16;
1054 } else {
1055 n = s->packet_transfer_size >> 11;
1056 if (n > (IDE_DMA_BUF_SECTORS / 4))
1057 n = (IDE_DMA_BUF_SECTORS / 4);
1058 s->io_buffer_size = n * 2048;
1059 data_offset = 0;
1060 }
1061 #ifdef DEBUG_AIO
1062 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
1063 #endif
1064 bm->iov.iov_base = (void *)(s->io_buffer + data_offset);
1065 bm->iov.iov_len = n * 4 * 512;
1066 qemu_iovec_init_external(&bm->qiov, &bm->iov, 1);
1067 bm->aiocb = bdrv_aio_readv(s->bs, (int64_t)s->lba << 2, &bm->qiov,
1068 n * 4, ide_atapi_cmd_read_dma_cb, bm);
1069 if (!bm->aiocb) {
1070 /* Note: media not present is the most likely case */
1071 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1072 ASC_MEDIUM_NOT_PRESENT);
1073 goto eot;
1074 }
1075 }
1076
1077 /* start a CD-CDROM read command with DMA */
1078 /* XXX: test if DMA is available */
1079 static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1080 int sector_size)
1081 {
1082 s->lba = lba;
1083 s->packet_transfer_size = nb_sectors * sector_size;
1084 s->io_buffer_index = 0;
1085 s->io_buffer_size = 0;
1086 s->cd_sector_size = sector_size;
1087
1088 /* XXX: check if BUSY_STAT should be set */
1089 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
1090 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1091 }
1092
1093 static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
1094 int sector_size)
1095 {
1096 #ifdef DEBUG_IDE_ATAPI
1097 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
1098 lba, nb_sectors);
1099 #endif
1100 if (s->atapi_dma) {
1101 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1102 } else {
1103 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1104 }
1105 }
1106
1107 static inline uint8_t ide_atapi_set_profile(uint8_t *buf, uint8_t *index,
1108 uint16_t profile)
1109 {
1110 uint8_t *buf_profile = buf + 12; /* start of profiles */
1111
1112 buf_profile += ((*index) * 4); /* start of indexed profile */
1113 cpu_to_ube16 (buf_profile, profile);
1114 buf_profile[2] = ((buf_profile[0] == buf[6]) && (buf_profile[1] == buf[7]));
1115
1116 /* each profile adds 4 bytes to the response */
1117 (*index)++;
1118 buf[11] += 4; /* Additional Length */
1119
1120 return 4;
1121 }
1122
1123 static int ide_dvd_read_structure(IDEState *s, int format,
1124 const uint8_t *packet, uint8_t *buf)
1125 {
1126 switch (format) {
1127 case 0x0: /* Physical format information */
1128 {
1129 int layer = packet[6];
1130 uint64_t total_sectors;
1131
1132 if (layer != 0)
1133 return -ASC_INV_FIELD_IN_CMD_PACKET;
1134
1135 bdrv_get_geometry(s->bs, &total_sectors);
1136 total_sectors >>= 2;
1137 if (total_sectors == 0)
1138 return -ASC_MEDIUM_NOT_PRESENT;
1139
1140 buf[4] = 1; /* DVD-ROM, part version 1 */
1141 buf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
1142 buf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
1143 buf[7] = 0; /* default densities */
1144
1145 /* FIXME: 0x30000 per spec? */
1146 cpu_to_ube32(buf + 8, 0); /* start sector */
1147 cpu_to_ube32(buf + 12, total_sectors - 1); /* end sector */
1148 cpu_to_ube32(buf + 16, total_sectors - 1); /* l0 end sector */
1149
1150 /* Size of buffer, not including 2 byte size field */
1151 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1152
1153 /* 2k data + 4 byte header */
1154 return (2048 + 4);
1155 }
1156
1157 case 0x01: /* DVD copyright information */
1158 buf[4] = 0; /* no copyright data */
1159 buf[5] = 0; /* no region restrictions */
1160
1161 /* Size of buffer, not including 2 byte size field */
1162 cpu_to_be16wu((uint16_t *)buf, 4 + 2);
1163
1164 /* 4 byte header + 4 byte data */
1165 return (4 + 4);
1166
1167 case 0x03: /* BCA information - invalid field for no BCA info */
1168 return -ASC_INV_FIELD_IN_CMD_PACKET;
1169
1170 case 0x04: /* DVD disc manufacturing information */
1171 /* Size of buffer, not including 2 byte size field */
1172 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1173
1174 /* 2k data + 4 byte header */
1175 return (2048 + 4);
1176
1177 case 0xff:
1178 /*
1179 * This lists all the command capabilities above. Add new ones
1180 * in order and update the length and buffer return values.
1181 */
1182
1183 buf[4] = 0x00; /* Physical format */
1184 buf[5] = 0x40; /* Not writable, is readable */
1185 cpu_to_be16wu((uint16_t *)(buf + 6), 2048 + 4);
1186
1187 buf[8] = 0x01; /* Copyright info */
1188 buf[9] = 0x40; /* Not writable, is readable */
1189 cpu_to_be16wu((uint16_t *)(buf + 10), 4 + 4);
1190
1191 buf[12] = 0x03; /* BCA info */
1192 buf[13] = 0x40; /* Not writable, is readable */
1193 cpu_to_be16wu((uint16_t *)(buf + 14), 188 + 4);
1194
1195 buf[16] = 0x04; /* Manufacturing info */
1196 buf[17] = 0x40; /* Not writable, is readable */
1197 cpu_to_be16wu((uint16_t *)(buf + 18), 2048 + 4);
1198
1199 /* Size of buffer, not including 2 byte size field */
1200 cpu_to_be16wu((uint16_t *)buf, 16 + 2);
1201
1202 /* data written + 4 byte header */
1203 return (16 + 4);
1204
1205 default: /* TODO: formats beyond DVD-ROM requires */
1206 return -ASC_INV_FIELD_IN_CMD_PACKET;
1207 }
1208 }
1209
1210 static void ide_atapi_cmd(IDEState *s)
1211 {
1212 const uint8_t *packet;
1213 uint8_t *buf;
1214 int max_len;
1215
1216 packet = s->io_buffer;
1217 buf = s->io_buffer;
1218 #ifdef DEBUG_IDE_ATAPI
1219 {
1220 int i;
1221 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1222 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1223 printf(" %02x", packet[i]);
1224 }
1225 printf("\n");
1226 }
1227 #endif
1228 /* If there's a UNIT_ATTENTION condition pending, only
1229 REQUEST_SENSE and INQUIRY commands are allowed to complete. */
1230 if (s->sense_key == SENSE_UNIT_ATTENTION &&
1231 s->io_buffer[0] != GPCMD_REQUEST_SENSE &&
1232 s->io_buffer[0] != GPCMD_INQUIRY) {
1233 ide_atapi_cmd_check_status(s);
1234 return;
1235 }
1236 switch(s->io_buffer[0]) {
1237 case GPCMD_TEST_UNIT_READY:
1238 if (bdrv_is_inserted(s->bs) && !s->cdrom_changed) {
1239 ide_atapi_cmd_ok(s);
1240 } else {
1241 s->cdrom_changed = 0;
1242 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1243 ASC_MEDIUM_NOT_PRESENT);
1244 }
1245 break;
1246 case GPCMD_MODE_SENSE_6:
1247 case GPCMD_MODE_SENSE_10:
1248 {
1249 int action, code;
1250 if (packet[0] == GPCMD_MODE_SENSE_10)
1251 max_len = ube16_to_cpu(packet + 7);
1252 else
1253 max_len = packet[4];
1254 action = packet[2] >> 6;
1255 code = packet[2] & 0x3f;
1256 switch(action) {
1257 case 0: /* current values */
1258 switch(code) {
1259 case GPMODE_R_W_ERROR_PAGE: /* error recovery */
1260 cpu_to_ube16(&buf[0], 16 + 6);
1261 buf[2] = 0x70;
1262 buf[3] = 0;
1263 buf[4] = 0;
1264 buf[5] = 0;
1265 buf[6] = 0;
1266 buf[7] = 0;
1267
1268 buf[8] = 0x01;
1269 buf[9] = 0x06;
1270 buf[10] = 0x00;
1271 buf[11] = 0x05;
1272 buf[12] = 0x00;
1273 buf[13] = 0x00;
1274 buf[14] = 0x00;
1275 buf[15] = 0x00;
1276 ide_atapi_cmd_reply(s, 16, max_len);
1277 break;
1278 case GPMODE_AUDIO_CTL_PAGE:
1279 cpu_to_ube16(&buf[0], 24 + 6);
1280 buf[2] = 0x70;
1281 buf[3] = 0;
1282 buf[4] = 0;
1283 buf[5] = 0;
1284 buf[6] = 0;
1285 buf[7] = 0;
1286
1287 /* Fill with CDROM audio volume */
1288 buf[17] = 0;
1289 buf[19] = 0;
1290 buf[21] = 0;
1291 buf[23] = 0;
1292
1293 ide_atapi_cmd_reply(s, 24, max_len);
1294 break;
1295 case GPMODE_CAPABILITIES_PAGE:
1296 cpu_to_ube16(&buf[0], 28 + 6);
1297 buf[2] = 0x70;
1298 buf[3] = 0;
1299 buf[4] = 0;
1300 buf[5] = 0;
1301 buf[6] = 0;
1302 buf[7] = 0;
1303
1304 buf[8] = 0x2a;
1305 buf[9] = 0x12;
1306 buf[10] = 0x00;
1307 buf[11] = 0x00;
1308
1309 /* Claim PLAY_AUDIO capability (0x01) since some Linux
1310 code checks for this to automount media. */
1311 buf[12] = 0x71;
1312 buf[13] = 3 << 5;
1313 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
1314 if (bdrv_is_locked(s->bs))
1315 buf[6] |= 1 << 1;
1316 buf[15] = 0x00;
1317 cpu_to_ube16(&buf[16], 706);
1318 buf[18] = 0;
1319 buf[19] = 2;
1320 cpu_to_ube16(&buf[20], 512);
1321 cpu_to_ube16(&buf[22], 706);
1322 buf[24] = 0;
1323 buf[25] = 0;
1324 buf[26] = 0;
1325 buf[27] = 0;
1326 ide_atapi_cmd_reply(s, 28, max_len);
1327 break;
1328 default:
1329 goto error_cmd;
1330 }
1331 break;
1332 case 1: /* changeable values */
1333 goto error_cmd;
1334 case 2: /* default values */
1335 goto error_cmd;
1336 default:
1337 case 3: /* saved values */
1338 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1339 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1340 break;
1341 }
1342 }
1343 break;
1344 case GPCMD_REQUEST_SENSE:
1345 max_len = packet[4];
1346 memset(buf, 0, 18);
1347 buf[0] = 0x70 | (1 << 7);
1348 buf[2] = s->sense_key;
1349 buf[7] = 10;
1350 buf[12] = s->asc;
1351 if (s->sense_key == SENSE_UNIT_ATTENTION)
1352 s->sense_key = SENSE_NONE;
1353 ide_atapi_cmd_reply(s, 18, max_len);
1354 break;
1355 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
1356 if (bdrv_is_inserted(s->bs)) {
1357 bdrv_set_locked(s->bs, packet[4] & 1);
1358 ide_atapi_cmd_ok(s);
1359 } else {
1360 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1361 ASC_MEDIUM_NOT_PRESENT);
1362 }
1363 break;
1364 case GPCMD_READ_10:
1365 case GPCMD_READ_12:
1366 {
1367 int nb_sectors, lba;
1368
1369 if (packet[0] == GPCMD_READ_10)
1370 nb_sectors = ube16_to_cpu(packet + 7);
1371 else
1372 nb_sectors = ube32_to_cpu(packet + 6);
1373 lba = ube32_to_cpu(packet + 2);
1374 if (nb_sectors == 0) {
1375 ide_atapi_cmd_ok(s);
1376 break;
1377 }
1378 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1379 }
1380 break;
1381 case GPCMD_READ_CD:
1382 {
1383 int nb_sectors, lba, transfer_request;
1384
1385 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1386 lba = ube32_to_cpu(packet + 2);
1387 if (nb_sectors == 0) {
1388 ide_atapi_cmd_ok(s);
1389 break;
1390 }
1391 transfer_request = packet[9];
1392 switch(transfer_request & 0xf8) {
1393 case 0x00:
1394 /* nothing */
1395 ide_atapi_cmd_ok(s);
1396 break;
1397 case 0x10:
1398 /* normal read */
1399 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1400 break;
1401 case 0xf8:
1402 /* read all data */
1403 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1404 break;
1405 default:
1406 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1407 ASC_INV_FIELD_IN_CMD_PACKET);
1408 break;
1409 }
1410 }
1411 break;
1412 case GPCMD_SEEK:
1413 {
1414 unsigned int lba;
1415 uint64_t total_sectors;
1416
1417 bdrv_get_geometry(s->bs, &total_sectors);
1418 total_sectors >>= 2;
1419 if (total_sectors == 0) {
1420 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1421 ASC_MEDIUM_NOT_PRESENT);
1422 break;
1423 }
1424 lba = ube32_to_cpu(packet + 2);
1425 if (lba >= total_sectors) {
1426 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1427 ASC_LOGICAL_BLOCK_OOR);
1428 break;
1429 }
1430 ide_atapi_cmd_ok(s);
1431 }
1432 break;
1433 case GPCMD_START_STOP_UNIT:
1434 {
1435 int start, eject, err = 0;
1436 start = packet[4] & 1;
1437 eject = (packet[4] >> 1) & 1;
1438
1439 if (eject) {
1440 err = bdrv_eject(s->bs, !start);
1441 }
1442
1443 switch (err) {
1444 case 0:
1445 ide_atapi_cmd_ok(s);
1446 break;
1447 case -EBUSY:
1448 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1449 ASC_MEDIA_REMOVAL_PREVENTED);
1450 break;
1451 default:
1452 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1453 ASC_MEDIUM_NOT_PRESENT);
1454 break;
1455 }
1456 }
1457 break;
1458 case GPCMD_MECHANISM_STATUS:
1459 {
1460 max_len = ube16_to_cpu(packet + 8);
1461 cpu_to_ube16(buf, 0);
1462 /* no current LBA */
1463 buf[2] = 0;
1464 buf[3] = 0;
1465 buf[4] = 0;
1466 buf[5] = 1;
1467 cpu_to_ube16(buf + 6, 0);
1468 ide_atapi_cmd_reply(s, 8, max_len);
1469 }
1470 break;
1471 case GPCMD_READ_TOC_PMA_ATIP:
1472 {
1473 int format, msf, start_track, len;
1474 uint64_t total_sectors;
1475
1476 bdrv_get_geometry(s->bs, &total_sectors);
1477 total_sectors >>= 2;
1478 if (total_sectors == 0) {
1479 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1480 ASC_MEDIUM_NOT_PRESENT);
1481 break;
1482 }
1483 max_len = ube16_to_cpu(packet + 7);
1484 format = packet[9] >> 6;
1485 msf = (packet[1] >> 1) & 1;
1486 start_track = packet[6];
1487 switch(format) {
1488 case 0:
1489 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
1490 if (len < 0)
1491 goto error_cmd;
1492 ide_atapi_cmd_reply(s, len, max_len);
1493 break;
1494 case 1:
1495 /* multi session : only a single session defined */
1496 memset(buf, 0, 12);
1497 buf[1] = 0x0a;
1498 buf[2] = 0x01;
1499 buf[3] = 0x01;
1500 ide_atapi_cmd_reply(s, 12, max_len);
1501 break;
1502 case 2:
1503 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
1504 if (len < 0)
1505 goto error_cmd;
1506 ide_atapi_cmd_reply(s, len, max_len);
1507 break;
1508 default:
1509 error_cmd:
1510 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1511 ASC_INV_FIELD_IN_CMD_PACKET);
1512 break;
1513 }
1514 }
1515 break;
1516 case GPCMD_READ_CDVD_CAPACITY:
1517 {
1518 uint64_t total_sectors;
1519
1520 bdrv_get_geometry(s->bs, &total_sectors);
1521 total_sectors >>= 2;
1522 if (total_sectors == 0) {
1523 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1524 ASC_MEDIUM_NOT_PRESENT);
1525 break;
1526 }
1527 /* NOTE: it is really the number of sectors minus 1 */
1528 cpu_to_ube32(buf, total_sectors - 1);
1529 cpu_to_ube32(buf + 4, 2048);
1530 ide_atapi_cmd_reply(s, 8, 8);
1531 }
1532 break;
1533 case GPCMD_READ_DVD_STRUCTURE:
1534 {
1535 int media = packet[1];
1536 int format = packet[7];
1537 int ret;
1538
1539 max_len = ube16_to_cpu(packet + 8);
1540
1541 if (format < 0xff) {
1542 if (media_is_cd(s)) {
1543 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1544 ASC_INCOMPATIBLE_FORMAT);
1545 break;
1546 } else if (!media_present(s)) {
1547 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1548 ASC_INV_FIELD_IN_CMD_PACKET);
1549 break;
1550 }
1551 }
1552
1553 memset(buf, 0, max_len > IDE_DMA_BUF_SECTORS * 512 + 4 ?
1554 IDE_DMA_BUF_SECTORS * 512 + 4 : max_len);
1555
1556 switch (format) {
1557 case 0x00 ... 0x7f:
1558 case 0xff:
1559 if (media == 0) {
1560 ret = ide_dvd_read_structure(s, format, packet, buf);
1561
1562 if (ret < 0)
1563 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, -ret);
1564 else
1565 ide_atapi_cmd_reply(s, ret, max_len);
1566
1567 break;
1568 }
1569 /* TODO: BD support, fall through for now */
1570
1571 /* Generic disk structures */
1572 case 0x80: /* TODO: AACS volume identifier */
1573 case 0x81: /* TODO: AACS media serial number */
1574 case 0x82: /* TODO: AACS media identifier */
1575 case 0x83: /* TODO: AACS media key block */
1576 case 0x90: /* TODO: List of recognized format layers */
1577 case 0xc0: /* TODO: Write protection status */
1578 default:
1579 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1580 ASC_INV_FIELD_IN_CMD_PACKET);
1581 break;
1582 }
1583 }
1584 break;
1585 case GPCMD_SET_SPEED:
1586 ide_atapi_cmd_ok(s);
1587 break;
1588 case GPCMD_INQUIRY:
1589 max_len = packet[4];
1590 buf[0] = 0x05; /* CD-ROM */
1591 buf[1] = 0x80; /* removable */
1592 buf[2] = 0x00; /* ISO */
1593 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1594 buf[4] = 31; /* additional length */
1595 buf[5] = 0; /* reserved */
1596 buf[6] = 0; /* reserved */
1597 buf[7] = 0; /* reserved */
1598 padstr8(buf + 8, 8, "QEMU");
1599 padstr8(buf + 16, 16, "QEMU DVD-ROM");
1600 padstr8(buf + 32, 4, s->version);
1601 ide_atapi_cmd_reply(s, 36, max_len);
1602 break;
1603 case GPCMD_GET_CONFIGURATION:
1604 {
1605 uint32_t len;
1606 uint8_t index = 0;
1607
1608 /* only feature 0 is supported */
1609 if (packet[2] != 0 || packet[3] != 0) {
1610 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1611 ASC_INV_FIELD_IN_CMD_PACKET);
1612 break;
1613 }
1614
1615 /* XXX: could result in alignment problems in some architectures */
1616 max_len = ube16_to_cpu(packet + 7);
1617
1618 /*
1619 * XXX: avoid overflow for io_buffer if max_len is bigger than
1620 * the size of that buffer (dimensioned to max number of
1621 * sectors to transfer at once)
1622 *
1623 * Only a problem if the feature/profiles grow.
1624 */
1625 if (max_len > 512) /* XXX: assume 1 sector */
1626 max_len = 512;
1627
1628 memset(buf, 0, max_len);
1629 /*
1630 * the number of sectors from the media tells us which profile
1631 * to use as current. 0 means there is no media
1632 */
1633 if (media_is_dvd(s))
1634 cpu_to_ube16(buf + 6, MMC_PROFILE_DVD_ROM);
1635 else if (media_is_cd(s))
1636 cpu_to_ube16(buf + 6, MMC_PROFILE_CD_ROM);
1637
1638 buf[10] = 0x02 | 0x01; /* persistent and current */
1639 len = 12; /* headers: 8 + 4 */
1640 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_DVD_ROM);
1641 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_CD_ROM);
1642 cpu_to_ube32(buf, len - 4); /* data length */
1643
1644 ide_atapi_cmd_reply(s, len, max_len);
1645 break;
1646 }
1647 case GPCMD_GET_EVENT_STATUS_NOTIFICATION:
1648 max_len = ube16_to_cpu(packet + 7);
1649
1650 if (packet[1] & 0x01) { /* polling */
1651 /* We don't support any event class (yet). */
1652 cpu_to_ube16(buf, 0x00); /* No event descriptor returned */
1653 buf[2] = 0x80; /* No Event Available (NEA) */
1654 buf[3] = 0x00; /* Empty supported event classes */
1655 ide_atapi_cmd_reply(s, 4, max_len);
1656 } else { /* asynchronous mode */
1657 /* Only polling is supported, asynchronous mode is not. */
1658 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1659 ASC_INV_FIELD_IN_CMD_PACKET);
1660 }
1661 break;
1662 default:
1663 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1664 ASC_ILLEGAL_OPCODE);
1665 break;
1666 }
1667 }
1668
1669 static void ide_cfata_metadata_inquiry(IDEState *s)
1670 {
1671 uint16_t *p;
1672 uint32_t spd;
1673
1674 p = (uint16_t *) s->io_buffer;
1675 memset(p, 0, 0x200);
1676 spd = ((s->mdata_size - 1) >> 9) + 1;
1677
1678 put_le16(p + 0, 0x0001); /* Data format revision */
1679 put_le16(p + 1, 0x0000); /* Media property: silicon */
1680 put_le16(p + 2, s->media_changed); /* Media status */
1681 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
1682 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
1683 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
1684 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
1685 }
1686
1687 static void ide_cfata_metadata_read(IDEState *s)
1688 {
1689 uint16_t *p;
1690
1691 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1692 s->status = ERR_STAT;
1693 s->error = ABRT_ERR;
1694 return;
1695 }
1696
1697 p = (uint16_t *) s->io_buffer;
1698 memset(p, 0, 0x200);
1699
1700 put_le16(p + 0, s->media_changed); /* Media status */
1701 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1702 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1703 s->nsector << 9), 0x200 - 2));
1704 }
1705
1706 static void ide_cfata_metadata_write(IDEState *s)
1707 {
1708 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1709 s->status = ERR_STAT;
1710 s->error = ABRT_ERR;
1711 return;
1712 }
1713
1714 s->media_changed = 0;
1715
1716 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1717 s->io_buffer + 2,
1718 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1719 s->nsector << 9), 0x200 - 2));
1720 }
1721
1722 /* called when the inserted state of the media has changed */
1723 static void cdrom_change_cb(void *opaque)
1724 {
1725 IDEState *s = opaque;
1726 uint64_t nb_sectors;
1727
1728 bdrv_get_geometry(s->bs, &nb_sectors);
1729 s->nb_sectors = nb_sectors;
1730
1731 s->sense_key = SENSE_UNIT_ATTENTION;
1732 s->asc = ASC_MEDIUM_MAY_HAVE_CHANGED;
1733 s->cdrom_changed = 1;
1734 ide_set_irq(s->bus);
1735 }
1736
1737 static void ide_cmd_lba48_transform(IDEState *s, int lba48)
1738 {
1739 s->lba48 = lba48;
1740
1741 /* handle the 'magic' 0 nsector count conversion here. to avoid
1742 * fiddling with the rest of the read logic, we just store the
1743 * full sector count in ->nsector and ignore ->hob_nsector from now
1744 */
1745 if (!s->lba48) {
1746 if (!s->nsector)
1747 s->nsector = 256;
1748 } else {
1749 if (!s->nsector && !s->hob_nsector)
1750 s->nsector = 65536;
1751 else {
1752 int lo = s->nsector;
1753 int hi = s->hob_nsector;
1754
1755 s->nsector = (hi << 8) | lo;
1756 }
1757 }
1758 }
1759
1760 static void ide_clear_hob(IDEBus *bus)
1761 {
1762 /* any write clears HOB high bit of device control register */
1763 bus->ifs[0].select &= ~(1 << 7);
1764 bus->ifs[1].select &= ~(1 << 7);
1765 }
1766
1767 void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
1768 {
1769 IDEBus *bus = opaque;
1770 IDEState *s;
1771 int n;
1772 int lba48 = 0;
1773
1774 #ifdef DEBUG_IDE
1775 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1776 #endif
1777
1778 addr &= 7;
1779
1780 /* ignore writes to command block while busy with previous command */
1781 if (addr != 7 && (idebus_active_if(bus)->status & (BUSY_STAT|DRQ_STAT)))
1782 return;
1783
1784 switch(addr) {
1785 case 0:
1786 break;
1787 case 1:
1788 ide_clear_hob(bus);
1789 /* NOTE: data is written to the two drives */
1790 bus->ifs[0].hob_feature = bus->ifs[0].feature;
1791 bus->ifs[1].hob_feature = bus->ifs[1].feature;
1792 bus->ifs[0].feature = val;
1793 bus->ifs[1].feature = val;
1794 break;
1795 case 2:
1796 ide_clear_hob(bus);
1797 bus->ifs[0].hob_nsector = bus->ifs[0].nsector;
1798 bus->ifs[1].hob_nsector = bus->ifs[1].nsector;
1799 bus->ifs[0].nsector = val;
1800 bus->ifs[1].nsector = val;
1801 break;
1802 case 3:
1803 ide_clear_hob(bus);
1804 bus->ifs[0].hob_sector = bus->ifs[0].sector;
1805 bus->ifs[1].hob_sector = bus->ifs[1].sector;
1806 bus->ifs[0].sector = val;
1807 bus->ifs[1].sector = val;
1808 break;
1809 case 4:
1810 ide_clear_hob(bus);
1811 bus->ifs[0].hob_lcyl = bus->ifs[0].lcyl;
1812 bus->ifs[1].hob_lcyl = bus->ifs[1].lcyl;
1813 bus->ifs[0].lcyl = val;
1814 bus->ifs[1].lcyl = val;
1815 break;
1816 case 5:
1817 ide_clear_hob(bus);
1818 bus->ifs[0].hob_hcyl = bus->ifs[0].hcyl;
1819 bus->ifs[1].hob_hcyl = bus->ifs[1].hcyl;
1820 bus->ifs[0].hcyl = val;
1821 bus->ifs[1].hcyl = val;
1822 break;
1823 case 6:
1824 /* FIXME: HOB readback uses bit 7 */
1825 bus->ifs[0].select = (val & ~0x10) | 0xa0;
1826 bus->ifs[1].select = (val | 0x10) | 0xa0;
1827 /* select drive */
1828 bus->unit = (val >> 4) & 1;
1829 break;
1830 default:
1831 case 7:
1832 /* command */
1833 #if defined(DEBUG_IDE)
1834 printf("ide: CMD=%02x\n", val);
1835 #endif
1836 s = idebus_active_if(bus);
1837 /* ignore commands to non existant slave */
1838 if (s != bus->ifs && !s->bs)
1839 break;
1840
1841 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */
1842 if ((s->status & (BUSY_STAT|DRQ_STAT)) && val != WIN_DEVICE_RESET)
1843 break;
1844
1845 switch(val) {
1846 case WIN_IDENTIFY:
1847 if (s->bs && s->drive_kind != IDE_CD) {
1848 if (s->drive_kind != IDE_CFATA)
1849 ide_identify(s);
1850 else
1851 ide_cfata_identify(s);
1852 s->status = READY_STAT | SEEK_STAT;
1853 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1854 } else {
1855 if (s->drive_kind == IDE_CD) {
1856 ide_set_signature(s);
1857 }
1858 ide_abort_command(s);
1859 }
1860 ide_set_irq(s->bus);
1861 break;
1862 case WIN_SPECIFY:
1863 case WIN_RECAL:
1864 s->error = 0;
1865 s->status = READY_STAT | SEEK_STAT;
1866 ide_set_irq(s->bus);
1867 break;
1868 case WIN_SETMULT:
1869 if (s->drive_kind == IDE_CFATA && s->nsector == 0) {
1870 /* Disable Read and Write Multiple */
1871 s->mult_sectors = 0;
1872 s->status = READY_STAT | SEEK_STAT;
1873 } else if ((s->nsector & 0xff) != 0 &&
1874 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
1875 (s->nsector & (s->nsector - 1)) != 0)) {
1876 ide_abort_command(s);
1877 } else {
1878 s->mult_sectors = s->nsector & 0xff;
1879 s->status = READY_STAT | SEEK_STAT;
1880 }
1881 ide_set_irq(s->bus);
1882 break;
1883 case WIN_VERIFY_EXT:
1884 lba48 = 1;
1885 case WIN_VERIFY:
1886 case WIN_VERIFY_ONCE:
1887 /* do sector number check ? */
1888 ide_cmd_lba48_transform(s, lba48);
1889 s->status = READY_STAT | SEEK_STAT;
1890 ide_set_irq(s->bus);
1891 break;
1892 case WIN_READ_EXT:
1893 lba48 = 1;
1894 case WIN_READ:
1895 case WIN_READ_ONCE:
1896 if (!s->bs)
1897 goto abort_cmd;
1898 ide_cmd_lba48_transform(s, lba48);
1899 s->req_nb_sectors = 1;
1900 ide_sector_read(s);
1901 break;
1902 case WIN_WRITE_EXT:
1903 lba48 = 1;
1904 case WIN_WRITE:
1905 case WIN_WRITE_ONCE:
1906 case CFA_WRITE_SECT_WO_ERASE:
1907 case WIN_WRITE_VERIFY:
1908 ide_cmd_lba48_transform(s, lba48);
1909 s->error = 0;
1910 s->status = SEEK_STAT | READY_STAT;
1911 s->req_nb_sectors = 1;
1912 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1913 s->media_changed = 1;
1914 break;
1915 case WIN_MULTREAD_EXT:
1916 lba48 = 1;
1917 case WIN_MULTREAD:
1918 if (!s->mult_sectors)
1919 goto abort_cmd;
1920 ide_cmd_lba48_transform(s, lba48);
1921 s->req_nb_sectors = s->mult_sectors;
1922 ide_sector_read(s);
1923 break;
1924 case WIN_MULTWRITE_EXT:
1925 lba48 = 1;
1926 case WIN_MULTWRITE:
1927 case CFA_WRITE_MULTI_WO_ERASE:
1928 if (!s->mult_sectors)
1929 goto abort_cmd;
1930 ide_cmd_lba48_transform(s, lba48);
1931 s->error = 0;
1932 s->status = SEEK_STAT | READY_STAT;
1933 s->req_nb_sectors = s->mult_sectors;
1934 n = s->nsector;
1935 if (n > s->req_nb_sectors)
1936 n = s->req_nb_sectors;
1937 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1938 s->media_changed = 1;
1939 break;
1940 case WIN_READDMA_EXT:
1941 lba48 = 1;
1942 case WIN_READDMA:
1943 case WIN_READDMA_ONCE:
1944 if (!s->bs)
1945 goto abort_cmd;
1946 ide_cmd_lba48_transform(s, lba48);
1947 ide_sector_read_dma(s);
1948 break;
1949 case WIN_WRITEDMA_EXT:
1950 lba48 = 1;
1951 case WIN_WRITEDMA:
1952 case WIN_WRITEDMA_ONCE:
1953 if (!s->bs)
1954 goto abort_cmd;
1955 ide_cmd_lba48_transform(s, lba48);
1956 ide_sector_write_dma(s);
1957 s->media_changed = 1;
1958 break;
1959 case WIN_READ_NATIVE_MAX_EXT:
1960 lba48 = 1;
1961 case WIN_READ_NATIVE_MAX:
1962 ide_cmd_lba48_transform(s, lba48);
1963 ide_set_sector(s, s->nb_sectors - 1);
1964 s->status = READY_STAT | SEEK_STAT;
1965 ide_set_irq(s->bus);
1966 break;
1967 case WIN_CHECKPOWERMODE1:
1968 case WIN_CHECKPOWERMODE2:
1969 s->nsector = 0xff; /* device active or idle */
1970 s->status = READY_STAT | SEEK_STAT;
1971 ide_set_irq(s->bus);
1972 break;
1973 case WIN_SETFEATURES:
1974 if (!s->bs)
1975 goto abort_cmd;
1976 /* XXX: valid for CDROM ? */
1977 switch(s->feature) {
1978 case 0xcc: /* reverting to power-on defaults enable */
1979 case 0x66: /* reverting to power-on defaults disable */
1980 case 0x02: /* write cache enable */
1981 case 0x82: /* write cache disable */
1982 case 0xaa: /* read look-ahead enable */
1983 case 0x55: /* read look-ahead disable */
1984 case 0x05: /* set advanced power management mode */
1985 case 0x85: /* disable advanced power management mode */
1986 case 0x69: /* NOP */
1987 case 0x67: /* NOP */
1988 case 0x96: /* NOP */
1989 case 0x9a: /* NOP */
1990 case 0x42: /* enable Automatic Acoustic Mode */
1991 case 0xc2: /* disable Automatic Acoustic Mode */
1992 s->status = READY_STAT | SEEK_STAT;
1993 ide_set_irq(s->bus);
1994 break;
1995 case 0x03: { /* set transfer mode */
1996 uint8_t val = s->nsector & 0x07;
1997 uint16_t *identify_data = (uint16_t *)s->identify_data;
1998
1999 switch (s->nsector >> 3) {
2000 case 0x00: /* pio default */
2001 case 0x01: /* pio mode */
2002 put_le16(identify_data + 62,0x07);
2003 put_le16(identify_data + 63,0x07);
2004 put_le16(identify_data + 88,0x3f);
2005 break;
2006 case 0x02: /* sigle word dma mode*/
2007 put_le16(identify_data + 62,0x07 | (1 << (val + 8)));
2008 put_le16(identify_data + 63,0x07);
2009 put_le16(identify_data + 88,0x3f);
2010 break;
2011 case 0x04: /* mdma mode */
2012 put_le16(identify_data + 62,0x07);
2013 put_le16(identify_data + 63,0x07 | (1 << (val + 8)));
2014 put_le16(identify_data + 88,0x3f);
2015 break;
2016 case 0x08: /* udma mode */
2017 put_le16(identify_data + 62,0x07);
2018 put_le16(identify_data + 63,0x07);
2019 put_le16(identify_data + 88,0x3f | (1 << (val + 8)));
2020 break;
2021 default:
2022 goto abort_cmd;
2023 }
2024 s->status = READY_STAT | SEEK_STAT;
2025 ide_set_irq(s->bus);
2026 break;
2027 }
2028 default:
2029 goto abort_cmd;
2030 }
2031 break;
2032 case WIN_FLUSH_CACHE:
2033 case WIN_FLUSH_CACHE_EXT:
2034 if (s->bs)
2035 bdrv_aio_flush(s->bs, ide_flush_cb, s);
2036 else
2037 ide_flush_cb(s, 0);
2038 break;
2039 case WIN_STANDBY:
2040 case WIN_STANDBY2:
2041 case WIN_STANDBYNOW1:
2042 case WIN_STANDBYNOW2:
2043 case WIN_IDLEIMMEDIATE:
2044 case CFA_IDLEIMMEDIATE:
2045 case WIN_SETIDLE1:
2046 case WIN_SETIDLE2:
2047 case WIN_SLEEPNOW1:
2048 case WIN_SLEEPNOW2:
2049 s->status = READY_STAT;
2050 ide_set_irq(s->bus);
2051 break;
2052 case WIN_SEEK:
2053 if(s->drive_kind == IDE_CD)
2054 goto abort_cmd;
2055 /* XXX: Check that seek is within bounds */
2056 s->status = READY_STAT | SEEK_STAT;
2057 ide_set_irq(s->bus);
2058 break;
2059 /* ATAPI commands */
2060 case WIN_PIDENTIFY:
2061 if (s->drive_kind == IDE_CD) {
2062 ide_atapi_identify(s);
2063 s->status = READY_STAT | SEEK_STAT;
2064 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2065 } else {
2066 ide_abort_command(s);
2067 }
2068 ide_set_irq(s->bus);
2069 break;
2070 case WIN_DIAGNOSE:
2071 ide_set_signature(s);
2072 if (s->drive_kind == IDE_CD)
2073 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet
2074 * devices to return a clear status register
2075 * with READY_STAT *not* set. */
2076 else
2077 s->status = READY_STAT | SEEK_STAT;
2078 s->error = 0x01; /* Device 0 passed, Device 1 passed or not
2079 * present.
2080 */
2081 ide_set_irq(s->bus);
2082 break;
2083 case WIN_SRST:
2084 if (s->drive_kind != IDE_CD)
2085 goto abort_cmd;
2086 ide_set_signature(s);
2087 s->status = 0x00; /* NOTE: READY is _not_ set */
2088 s->error = 0x01;
2089 break;
2090 case WIN_PACKETCMD:
2091 if (s->drive_kind != IDE_CD)
2092 goto abort_cmd;
2093 /* overlapping commands not supported */
2094 if (s->feature & 0x02)
2095 goto abort_cmd;
2096 s->status = READY_STAT | SEEK_STAT;
2097 s->atapi_dma = s->feature & 1;
2098 s->nsector = 1;
2099 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
2100 ide_atapi_cmd);
2101 break;
2102 /* CF-ATA commands */
2103 case CFA_REQ_EXT_ERROR_CODE:
2104 if (s->drive_kind != IDE_CFATA)
2105 goto abort_cmd;
2106 s->error = 0x09; /* miscellaneous error */
2107 s->status = READY_STAT | SEEK_STAT;
2108 ide_set_irq(s->bus);
2109 break;
2110 case CFA_ERASE_SECTORS:
2111 case CFA_WEAR_LEVEL:
2112 if (s->drive_kind != IDE_CFATA)
2113 goto abort_cmd;
2114 if (val == CFA_WEAR_LEVEL)
2115 s->nsector = 0;
2116 if (val == CFA_ERASE_SECTORS)
2117 s->media_changed = 1;
2118 s->error = 0x00;
2119 s->status = READY_STAT | SEEK_STAT;
2120 ide_set_irq(s->bus);
2121 break;
2122 case CFA_TRANSLATE_SECTOR:
2123 if (s->drive_kind != IDE_CFATA)
2124 goto abort_cmd;
2125 s->error = 0x00;
2126 s->status = READY_STAT | SEEK_STAT;
2127 memset(s->io_buffer, 0, 0x200);
2128 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
2129 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
2130 s->io_buffer[0x02] = s->select; /* Head */
2131 s->io_buffer[0x03] = s->sector; /* Sector */
2132 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
2133 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
2134 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
2135 s->io_buffer[0x13] = 0x00; /* Erase flag */
2136 s->io_buffer[0x18] = 0x00; /* Hot count */
2137 s->io_buffer[0x19] = 0x00; /* Hot count */
2138 s->io_buffer[0x1a] = 0x01; /* Hot count */
2139 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2140 ide_set_irq(s->bus);
2141 break;
2142 case CFA_ACCESS_METADATA_STORAGE:
2143 if (s->drive_kind != IDE_CFATA)
2144 goto abort_cmd;
2145 switch (s->feature) {
2146 case 0x02: /* Inquiry Metadata Storage */
2147 ide_cfata_metadata_inquiry(s);
2148 break;
2149 case 0x03: /* Read Metadata Storage */
2150 ide_cfata_metadata_read(s);
2151 break;
2152 case 0x04: /* Write Metadata Storage */
2153 ide_cfata_metadata_write(s);
2154 break;
2155 default:
2156 goto abort_cmd;
2157 }
2158 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2159 s->status = 0x00; /* NOTE: READY is _not_ set */
2160 ide_set_irq(s->bus);
2161 break;
2162 case IBM_SENSE_CONDITION:
2163 if (s->drive_kind != IDE_CFATA)
2164 goto abort_cmd;
2165 switch (s->feature) {
2166 case 0x01: /* sense temperature in device */
2167 s->nsector = 0x50; /* +20 C */
2168 break;
2169 default:
2170 goto abort_cmd;
2171 }
2172 s->status = READY_STAT | SEEK_STAT;
2173 ide_set_irq(s->bus);
2174 break;
2175
2176 case WIN_SMART:
2177 if (s->drive_kind == IDE_CD)
2178 goto abort_cmd;
2179 if (s->hcyl != 0xc2 || s->lcyl != 0x4f)
2180 goto abort_cmd;
2181 if (!s->smart_enabled && s->feature != SMART_ENABLE)
2182 goto abort_cmd;
2183 switch (s->feature) {
2184 case SMART_DISABLE:
2185 s->smart_enabled = 0;
2186 s->status = READY_STAT | SEEK_STAT;
2187 ide_set_irq(s->bus);
2188 break;
2189 case SMART_ENABLE:
2190 s->smart_enabled = 1;
2191 s->status = READY_STAT | SEEK_STAT;
2192 ide_set_irq(s->bus);
2193 break;
2194 case SMART_ATTR_AUTOSAVE:
2195 switch (s->sector) {
2196 case 0x00:
2197 s->smart_autosave = 0;
2198 break;
2199 case 0xf1:
2200 s->smart_autosave = 1;
2201 break;
2202 default:
2203 goto abort_cmd;
2204 }
2205 s->status = READY_STAT | SEEK_STAT;
2206 ide_set_irq(s->bus);
2207 break;
2208 case SMART_STATUS:
2209 if (!s->smart_errors) {
2210 s->hcyl = 0xc2;
2211 s->lcyl = 0x4f;
2212 } else {
2213 s->hcyl = 0x2c;
2214 s->lcyl = 0xf4;
2215 }
2216 s->status = READY_STAT | SEEK_STAT;
2217 ide_set_irq(s->bus);
2218 break;
2219 case SMART_READ_THRESH:
2220 memset(s->io_buffer, 0, 0x200);
2221 s->io_buffer[0] = 0x01; /* smart struct version */
2222 for (n=0; n<30; n++) {
2223 if (smart_attributes[n][0] == 0)
2224 break;
2225 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0];
2226 s->io_buffer[2+1+(n*12)] = smart_attributes[n][4];
2227 }
2228 for (n=0; n<511; n++) /* checksum */
2229 s->io_buffer[511] += s->io_buffer[n];
2230 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2231 s->status = READY_STAT | SEEK_STAT;
2232 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2233 ide_set_irq(s->bus);
2234 break;
2235 case SMART_READ_DATA:
2236 memset(s->io_buffer, 0, 0x200);
2237 s->io_buffer[0] = 0x01; /* smart struct version */
2238 for (n=0; n<30; n++) {
2239 if (smart_attributes[n][0] == 0)
2240 break;
2241 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0];
2242 s->io_buffer[2+1+(n*12)] = smart_attributes[n][1];
2243 s->io_buffer[2+3+(n*12)] = smart_attributes[n][2];
2244 s->io_buffer[2+4+(n*12)] = smart_attributes[n][3];
2245 }
2246 s->io_buffer[362] = 0x02 | (s->smart_autosave?0x80:0x00);
2247 if (s->smart_selftest_count == 0) {
2248 s->io_buffer[363] = 0;
2249 } else {
2250 s->io_buffer[363] =
2251 s->smart_selftest_data[3 +
2252 (s->smart_selftest_count - 1) *
2253 24];
2254 }
2255 s->io_buffer[364] = 0x20;
2256 s->io_buffer[365] = 0x01;
2257 /* offline data collection capacity: execute + self-test*/
2258 s->io_buffer[367] = (1<<4 | 1<<3 | 1);
2259 s->io_buffer[368] = 0x03; /* smart capability (1) */
2260 s->io_buffer[369] = 0x00; /* smart capability (2) */
2261 s->io_buffer[370] = 0x01; /* error logging supported */
2262 s->io_buffer[372] = 0x02; /* minutes for poll short test */
2263 s->io_buffer[373] = 0x36; /* minutes for poll ext test */
2264 s->io_buffer[374] = 0x01; /* minutes for poll conveyance */
2265
2266 for (n=0; n<511; n++)
2267 s->io_buffer[511] += s->io_buffer[n];
2268 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2269 s->status = READY_STAT | SEEK_STAT;
2270 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2271 ide_set_irq(s->bus);
2272 break;
2273 case SMART_READ_LOG:
2274 switch (s->sector) {
2275 case 0x01: /* summary smart error log */
2276 memset(s->io_buffer, 0, 0x200);
2277 s->io_buffer[0] = 0x01;
2278 s->io_buffer[1] = 0x00; /* no error entries */
2279 s->io_buffer[452] = s->smart_errors & 0xff;
2280 s->io_buffer[453] = (s->smart_errors & 0xff00) >> 8;
2281
2282 for (n=0; n<511; n++)
2283 s->io_buffer[511] += s->io_buffer[n];
2284 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2285 break;
2286 case 0x06: /* smart self test log */
2287 memset(s->io_buffer, 0, 0x200);
2288 s->io_buffer[0] = 0x01;
2289 if (s->smart_selftest_count == 0) {
2290 s->io_buffer[508] = 0;
2291 } else {
2292 s->io_buffer[508] = s->smart_selftest_count;
2293 for (n=2; n<506; n++)
2294 s->io_buffer[n] = s->smart_selftest_data[n];
2295 }
2296 for (n=0; n<511; n++)
2297 s->io_buffer[511] += s->io_buffer[n];
2298 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2299 break;
2300 default:
2301 goto abort_cmd;
2302 }
2303 s->status = READY_STAT | SEEK_STAT;
2304 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2305 ide_set_irq(s->bus);
2306 break;
2307 case SMART_EXECUTE_OFFLINE:
2308 switch (s->sector) {
2309 case 0: /* off-line routine */
2310 case 1: /* short self test */
2311 case 2: /* extended self test */
2312 s->smart_selftest_count++;
2313 if(s->smart_selftest_count > 21)
2314 s->smart_selftest_count = 0;
2315 n = 2 + (s->smart_selftest_count - 1) * 24;
2316 s->smart_selftest_data[n] = s->sector;
2317 s->smart_selftest_data[n+1] = 0x00; /* OK and finished */
2318 s->smart_selftest_data[n+2] = 0x34; /* hour count lsb */
2319 s->smart_selftest_data[n+3] = 0x12; /* hour count msb */
2320 s->status = READY_STAT | SEEK_STAT;
2321 ide_set_irq(s->bus);
2322 break;
2323 default:
2324 goto abort_cmd;
2325 }
2326 break;
2327 default:
2328 goto abort_cmd;
2329 }
2330 break;
2331 default:
2332 abort_cmd:
2333 ide_abort_command(s);
2334 ide_set_irq(s->bus);
2335 break;
2336 }
2337 }
2338 }
2339
2340 uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
2341 {
2342 IDEBus *bus = opaque;
2343 IDEState *s = idebus_active_if(bus);
2344 uint32_t addr;
2345 int ret, hob;
2346
2347 addr = addr1 & 7;
2348 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2349 //hob = s->select & (1 << 7);
2350 hob = 0;
2351 switch(addr) {
2352 case 0:
2353 ret = 0xff;
2354 break;
2355 case 1:
2356 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2357 (s != bus->ifs && !s->bs))
2358 ret = 0;
2359 else if (!hob)
2360 ret = s->error;
2361 else
2362 ret = s->hob_feature;
2363 break;
2364 case 2:
2365 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2366 ret = 0;
2367 else if (!hob)
2368 ret = s->nsector & 0xff;
2369 else
2370 ret = s->hob_nsector;
2371 break;
2372 case 3:
2373 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2374 ret = 0;
2375 else if (!hob)
2376 ret = s->sector;
2377 else
2378 ret = s->hob_sector;
2379 break;
2380 case 4:
2381 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2382 ret = 0;
2383 else if (!hob)
2384 ret = s->lcyl;
2385 else
2386 ret = s->hob_lcyl;
2387 break;
2388 case 5:
2389 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2390 ret = 0;
2391 else if (!hob)
2392 ret = s->hcyl;
2393 else
2394 ret = s->hob_hcyl;
2395 break;
2396 case 6:
2397 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2398 ret = 0;
2399 else
2400 ret = s->select;
2401 break;
2402 default:
2403 case 7:
2404 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2405 (s != bus->ifs && !s->bs))
2406 ret = 0;
2407 else
2408 ret = s->status;
2409 qemu_irq_lower(bus->irq);
2410 break;
2411 }
2412 #ifdef DEBUG_IDE
2413 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
2414 #endif
2415 return ret;
2416 }
2417
2418 uint32_t ide_status_read(void *opaque, uint32_t addr)
2419 {
2420 IDEBus *bus = opaque;
2421 IDEState *s = idebus_active_if(bus);
2422 int ret;
2423
2424 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2425 (s != bus->ifs && !s->bs))
2426 ret = 0;
2427 else
2428 ret = s->status;
2429 #ifdef DEBUG_IDE
2430 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
2431 #endif
2432 return ret;
2433 }
2434
2435 void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
2436 {
2437 IDEBus *bus = opaque;
2438 IDEState *s;
2439 int i;
2440
2441 #ifdef DEBUG_IDE
2442 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
2443 #endif
2444 /* common for both drives */
2445 if (!(bus->cmd & IDE_CMD_RESET) &&
2446 (val & IDE_CMD_RESET)) {
2447 /* reset low to high */
2448 for(i = 0;i < 2; i++) {
2449 s = &bus->ifs[i];
2450 s->status = BUSY_STAT | SEEK_STAT;
2451 s->error = 0x01;
2452 }
2453 } else if ((bus->cmd & IDE_CMD_RESET) &&
2454 !(val & IDE_CMD_RESET)) {
2455 /* high to low */
2456 for(i = 0;i < 2; i++) {
2457 s = &bus->ifs[i];
2458 if (s->drive_kind == IDE_CD)
2459 s->status = 0x00; /* NOTE: READY is _not_ set */
2460 else
2461 s->status = READY_STAT | SEEK_STAT;
2462 ide_set_signature(s);
2463 }
2464 }
2465
2466 bus->cmd = val;
2467 }
2468
2469 void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
2470 {
2471 IDEBus *bus = opaque;
2472 IDEState *s = idebus_active_if(bus);
2473 uint8_t *p;
2474
2475 /* PIO data access allowed only when DRQ bit is set */
2476 if (!(s->status & DRQ_STAT))
2477 return;
2478
2479 p = s->data_ptr;
2480 *(uint16_t *)p = le16_to_cpu(val);
2481 p += 2;
2482 s->data_ptr = p;
2483 if (p >= s->data_end)
2484 s->end_transfer_func(s);
2485 }
2486
2487 uint32_t ide_data_readw(void *opaque, uint32_t addr)
2488 {
2489 IDEBus *bus = opaque;
2490 IDEState *s = idebus_active_if(bus);
2491 uint8_t *p;
2492 int ret;
2493
2494 /* PIO data access allowed only when DRQ bit is set */
2495 if (!(s->status & DRQ_STAT))
2496 return 0;
2497
2498 p = s->data_ptr;
2499 ret = cpu_to_le16(*(uint16_t *)p);
2500 p += 2;
2501 s->data_ptr = p;
2502 if (p >= s->data_end)
2503 s->end_transfer_func(s);
2504 return ret;
2505 }
2506
2507 void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
2508 {
2509 IDEBus *bus = opaque;
2510 IDEState *s = idebus_active_if(bus);
2511 uint8_t *p;
2512
2513 /* PIO data access allowed only when DRQ bit is set */
2514 if (!(s->status & DRQ_STAT))
2515 return;
2516
2517 p = s->data_ptr;
2518 *(uint32_t *)p = le32_to_cpu(val);
2519 p += 4;
2520 s->data_ptr = p;
2521 if (p >= s->data_end)
2522 s->end_transfer_func(s);
2523 }
2524
2525 uint32_t ide_data_readl(void *opaque, uint32_t addr)
2526 {
2527 IDEBus *bus = opaque;
2528 IDEState *s = idebus_active_if(bus);
2529 uint8_t *p;
2530 int ret;
2531
2532 /* PIO data access allowed only when DRQ bit is set */
2533 if (!(s->status & DRQ_STAT))
2534 return 0;
2535
2536 p = s->data_ptr;
2537 ret = cpu_to_le32(*(uint32_t *)p);
2538 p += 4;
2539 s->data_ptr = p;
2540 if (p >= s->data_end)
2541 s->end_transfer_func(s);
2542 return ret;
2543 }
2544
2545 static void ide_dummy_transfer_stop(IDEState *s)
2546 {
2547 s->data_ptr = s->io_buffer;
2548 s->data_end = s->io_buffer;
2549 s->io_buffer[0] = 0xff;
2550 s->io_buffer[1] = 0xff;
2551 s->io_buffer[2] = 0xff;
2552 s->io_buffer[3] = 0xff;
2553 }
2554
2555 static void ide_reset(IDEState *s)
2556 {
2557 #ifdef DEBUG_IDE
2558 printf("ide: reset\n");
2559 #endif
2560 if (s->drive_kind == IDE_CFATA)
2561 s->mult_sectors = 0;
2562 else
2563 s->mult_sectors = MAX_MULT_SECTORS;
2564 /* ide regs */
2565 s->feature = 0;
2566 s->error = 0;
2567 s->nsector = 0;
2568 s->sector = 0;
2569 s->lcyl = 0;
2570 s->hcyl = 0;
2571
2572 /* lba48 */
2573 s->hob_feature = 0;
2574 s->hob_sector = 0;
2575 s->hob_nsector = 0;
2576 s->hob_lcyl = 0;
2577 s->hob_hcyl = 0;
2578
2579 s->select = 0xa0;
2580 s->status = READY_STAT | SEEK_STAT;
2581
2582 s->lba48 = 0;
2583
2584 /* ATAPI specific */
2585 s->sense_key = 0;
2586 s->asc = 0;
2587 s->cdrom_changed = 0;
2588 s->packet_transfer_size = 0;
2589 s->elementary_transfer_size = 0;
2590 s->io_buffer_index = 0;
2591 s->cd_sector_size = 0;
2592 s->atapi_dma = 0;
2593 /* ATA DMA state */
2594 s->io_buffer_size = 0;
2595 s->req_nb_sectors = 0;
2596
2597 ide_set_signature(s);
2598 /* init the transfer handler so that 0xffff is returned on data
2599 accesses */
2600 s->end_transfer_func = ide_dummy_transfer_stop;
2601 ide_dummy_transfer_stop(s);
2602 s->media_changed = 0;
2603 }
2604
2605 void ide_bus_reset(IDEBus *bus)
2606 {
2607 bus->unit = 0;
2608 bus->cmd = 0;
2609 ide_reset(&bus->ifs[0]);
2610 ide_reset(&bus->ifs[1]);
2611 ide_clear_hob(bus);
2612 }
2613
2614 int ide_init_drive(IDEState *s, BlockDriverState *bs,
2615 const char *version, const char *serial)
2616 {
2617 int cylinders, heads, secs;
2618 uint64_t nb_sectors;
2619
2620 s->bs = bs;
2621 bdrv_get_geometry(bs, &nb_sectors);
2622 bdrv_guess_geometry(bs, &cylinders, &heads, &secs);
2623 if (cylinders < 1 || cylinders > 16383) {
2624 error_report("cyls must be between 1 and 16383");
2625 return -1;
2626 }
2627 if (heads < 1 || heads > 16) {
2628 error_report("heads must be between 1 and 16");
2629 return -1;
2630 }
2631 if (secs < 1 || secs > 63) {
2632 error_report("secs must be between 1 and 63");
2633 return -1;
2634 }
2635 s->cylinders = cylinders;
2636 s->heads = heads;
2637 s->sectors = secs;
2638 s->nb_sectors = nb_sectors;
2639 /* The SMART values should be preserved across power cycles
2640 but they aren't. */
2641 s->smart_enabled = 1;
2642 s->smart_autosave = 1;
2643 s->smart_errors = 0;
2644 s->smart_selftest_count = 0;
2645 if (bdrv_get_type_hint(bs) == BDRV_TYPE_CDROM) {
2646 s->drive_kind = IDE_CD;
2647 bdrv_set_change_cb(bs, cdrom_change_cb, s);
2648 } else {
2649 if (!bdrv_is_inserted(s->bs)) {
2650 error_report("Device needs media, but drive is empty");
2651 return -1;
2652 }
2653 if (bdrv_is_read_only(bs)) {
2654 error_report("Can't use a read-only drive");
2655 return -1;
2656 }
2657 }
2658 if (serial) {
2659 strncpy(s->drive_serial_str, serial, sizeof(s->drive_serial_str));
2660 } else {
2661 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str),
2662 "QM%05d", s->drive_serial);
2663 }
2664 if (version) {
2665 pstrcpy(s->version, sizeof(s->version), version);
2666 } else {
2667 pstrcpy(s->version, sizeof(s->version), QEMU_VERSION);
2668 }
2669 ide_reset(s);
2670 bdrv_set_removable(bs, s->drive_kind == IDE_CD);
2671 return 0;
2672 }
2673
2674 static void ide_init1(IDEBus *bus, int unit)
2675 {
2676 static int drive_serial = 1;
2677 IDEState *s = &bus->ifs[unit];
2678
2679 s->bus = bus;
2680 s->unit = unit;
2681 s->drive_serial = drive_serial++;
2682 s->io_buffer = qemu_blockalign(s->bs, IDE_DMA_BUF_SECTORS*512 + 4);
2683 s->io_buffer_total_len = IDE_DMA_BUF_SECTORS*512 + 4;
2684 s->smart_selftest_data = qemu_blockalign(s->bs, 512);
2685 s->sector_write_timer = qemu_new_timer(vm_clock,
2686 ide_sector_write_timer_cb, s);
2687 }
2688
2689 void ide_init2(IDEBus *bus, qemu_irq irq)
2690 {
2691 int i;
2692
2693 for(i = 0; i < 2; i++) {
2694 ide_init1(bus, i);
2695 ide_reset(&bus->ifs[i]);
2696 }
2697 bus->irq = irq;
2698 }
2699
2700 /* TODO convert users to qdev and remove */
2701 void ide_init2_with_non_qdev_drives(IDEBus *bus, DriveInfo *hd0,
2702 DriveInfo *hd1, qemu_irq irq)
2703 {
2704 int i;
2705 DriveInfo *dinfo;
2706
2707 for(i = 0; i < 2; i++) {
2708 dinfo = i == 0 ? hd0 : hd1;
2709 ide_init1(bus, i);
2710 if (dinfo) {
2711 if (ide_init_drive(&bus->ifs[i], dinfo->bdrv, NULL,
2712 *dinfo->serial ? dinfo->serial : NULL) < 0) {
2713 error_report("Can't set up IDE drive %s", dinfo->id);
2714 exit(1);
2715 }
2716 } else {
2717 ide_reset(&bus->ifs[i]);
2718 }
2719 }
2720 bus->irq = irq;
2721 }
2722
2723 void ide_init_ioport(IDEBus *bus, int iobase, int iobase2)
2724 {
2725 register_ioport_write(iobase, 8, 1, ide_ioport_write, bus);
2726 register_ioport_read(iobase, 8, 1, ide_ioport_read, bus);
2727 if (iobase2) {
2728 register_ioport_read(iobase2, 1, 1, ide_status_read, bus);
2729 register_ioport_write(iobase2, 1, 1, ide_cmd_write, bus);
2730 }
2731
2732 /* data ports */
2733 register_ioport_write(iobase, 2, 2, ide_data_writew, bus);
2734 register_ioport_read(iobase, 2, 2, ide_data_readw, bus);
2735 register_ioport_write(iobase, 4, 4, ide_data_writel, bus);
2736 register_ioport_read(iobase, 4, 4, ide_data_readl, bus);
2737 }
2738
2739 static bool is_identify_set(void *opaque, int version_id)
2740 {
2741 IDEState *s = opaque;
2742
2743 return s->identify_set != 0;
2744 }
2745
2746 static EndTransferFunc* transfer_end_table[] = {
2747 ide_sector_read,
2748 ide_sector_write,
2749 ide_transfer_stop,
2750 ide_atapi_cmd_reply_end,
2751 ide_atapi_cmd,
2752 ide_dummy_transfer_stop,
2753 };
2754
2755 static int transfer_end_table_idx(EndTransferFunc *fn)
2756 {
2757 int i;
2758
2759 for (i = 0; i < ARRAY_SIZE(transfer_end_table); i++)
2760 if (transfer_end_table[i] == fn)
2761 return i;
2762
2763 return -1;
2764 }
2765
2766 static int ide_drive_post_load(void *opaque, int version_id)
2767 {
2768 IDEState *s = opaque;
2769
2770 if (version_id < 3) {
2771 if (s->sense_key == SENSE_UNIT_ATTENTION &&
2772 s->asc == ASC_MEDIUM_MAY_HAVE_CHANGED) {
2773 s->cdrom_changed = 1;
2774 }
2775 }
2776 return 0;
2777 }
2778
2779 static int ide_drive_pio_post_load(void *opaque, int version_id)
2780 {
2781 IDEState *s = opaque;
2782
2783 if (s->end_transfer_fn_idx > ARRAY_SIZE(transfer_end_table)) {
2784 return -EINVAL;
2785 }
2786 s->end_transfer_func = transfer_end_table[s->end_transfer_fn_idx];
2787 s->data_ptr = s->io_buffer + s->cur_io_buffer_offset;
2788 s->data_end = s->data_ptr + s->cur_io_buffer_len;
2789
2790 return 0;
2791 }
2792
2793 static void ide_drive_pio_pre_save(void *opaque)
2794 {
2795 IDEState *s = opaque;
2796 int idx;
2797
2798 s->cur_io_buffer_offset = s->data_ptr - s->io_buffer;
2799 s->cur_io_buffer_len = s->data_end - s->data_ptr;
2800
2801 idx = transfer_end_table_idx(s->end_transfer_func);
2802 if (idx == -1) {
2803 fprintf(stderr, "%s: invalid end_transfer_func for DRQ_STAT\n",
2804 __func__);
2805 s->end_transfer_fn_idx = 2;
2806 } else {
2807 s->end_transfer_fn_idx = idx;
2808 }
2809 }
2810
2811 static bool ide_drive_pio_state_needed(void *opaque)
2812 {
2813 IDEState *s = opaque;
2814
2815 return (s->status & DRQ_STAT) != 0;
2816 }
2817
2818 const VMStateDescription vmstate_ide_drive_pio_state = {
2819 .name = "ide_drive/pio_state",
2820 .version_id = 1,
2821 .minimum_version_id = 1,
2822 .minimum_version_id_old = 1,
2823 .pre_save = ide_drive_pio_pre_save,
2824 .post_load = ide_drive_pio_post_load,
2825 .fields = (VMStateField []) {
2826 VMSTATE_INT32(req_nb_sectors, IDEState),
2827 VMSTATE_VARRAY_INT32(io_buffer, IDEState, io_buffer_total_len, 1,
2828 vmstate_info_uint8, uint8_t),
2829 VMSTATE_INT32(cur_io_buffer_offset, IDEState),
2830 VMSTATE_INT32(cur_io_buffer_len, IDEState),
2831 VMSTATE_UINT8(end_transfer_fn_idx, IDEState),
2832 VMSTATE_INT32(elementary_transfer_size, IDEState),
2833 VMSTATE_INT32(packet_transfer_size, IDEState),
2834 VMSTATE_END_OF_LIST()
2835 }
2836 };
2837
2838 const VMStateDescription vmstate_ide_drive = {
2839 .name = "ide_drive",
2840 .version_id = 3,
2841 .minimum_version_id = 0,
2842 .minimum_version_id_old = 0,
2843 .post_load = ide_drive_post_load,
2844 .fields = (VMStateField []) {
2845 VMSTATE_INT32(mult_sectors, IDEState),
2846 VMSTATE_INT32(identify_set, IDEState),
2847 VMSTATE_BUFFER_TEST(identify_data, IDEState, is_identify_set),
2848 VMSTATE_UINT8(feature, IDEState),
2849 VMSTATE_UINT8(error, IDEState),
2850 VMSTATE_UINT32(nsector, IDEState),
2851 VMSTATE_UINT8(sector, IDEState),
2852 VMSTATE_UINT8(lcyl, IDEState),
2853 VMSTATE_UINT8(hcyl, IDEState),
2854 VMSTATE_UINT8(hob_feature, IDEState),
2855 VMSTATE_UINT8(hob_sector, IDEState),
2856 VMSTATE_UINT8(hob_nsector, IDEState),
2857 VMSTATE_UINT8(hob_lcyl, IDEState),
2858 VMSTATE_UINT8(hob_hcyl, IDEState),
2859 VMSTATE_UINT8(select, IDEState),
2860 VMSTATE_UINT8(status, IDEState),
2861 VMSTATE_UINT8(lba48, IDEState),
2862 VMSTATE_UINT8(sense_key, IDEState),
2863 VMSTATE_UINT8(asc, IDEState),
2864 VMSTATE_UINT8_V(cdrom_changed, IDEState, 3),
2865 VMSTATE_END_OF_LIST()
2866 },
2867 .subsections = (VMStateSubsection []) {
2868 {
2869 .vmsd = &vmstate_ide_drive_pio_state,
2870 .needed = ide_drive_pio_state_needed,
2871 }, {
2872 /* empty */
2873 }
2874 }
2875 };
2876
2877 const VMStateDescription vmstate_ide_bus = {
2878 .name = "ide_bus",
2879 .version_id = 1,
2880 .minimum_version_id = 1,
2881 .minimum_version_id_old = 1,
2882 .fields = (VMStateField []) {
2883 VMSTATE_UINT8(cmd, IDEBus),
2884 VMSTATE_UINT8(unit, IDEBus),
2885 VMSTATE_END_OF_LIST()
2886 }
2887 };
2888
2889 /***********************************************************/
2890 /* PCI IDE definitions */
2891
2892 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb)
2893 {
2894 BMDMAState *bm = s->bus->bmdma;
2895 if(!bm)
2896 return;
2897 bm->unit = s->unit;
2898 bm->dma_cb = dma_cb;
2899 bm->cur_prd_last = 0;
2900 bm->cur_prd_addr = 0;
2901 bm->cur_prd_len = 0;
2902 bm->sector_num = ide_get_sector(s);
2903 bm->nsector = s->nsector;
2904 if (bm->status & BM_STATUS_DMAING) {
2905 bm->dma_cb(bm, 0);
2906 }
2907 }
2908
2909 static void ide_dma_restart(IDEState *s, int is_read)
2910 {
2911 BMDMAState *bm = s->bus->bmdma;
2912 ide_set_sector(s, bm->sector_num);
2913 s->io_buffer_index = 0;
2914 s->io_buffer_size = 0;
2915 s->nsector = bm->nsector;
2916 bm->cur_addr = bm->addr;
2917
2918 if (is_read) {
2919 bm->dma_cb = ide_read_dma_cb;
2920 } else {
2921 bm->dma_cb = ide_write_dma_cb;
2922 }
2923
2924 ide_dma_start(s, bm->dma_cb);
2925 }
2926
2927 void ide_dma_cancel(BMDMAState *bm)
2928 {
2929 if (bm->status & BM_STATUS_DMAING) {
2930 if (bm->aiocb) {
2931 #ifdef DEBUG_AIO
2932 printf("aio_cancel\n");
2933 #endif
2934 bdrv_aio_cancel(bm->aiocb);
2935 bm->aiocb = NULL;
2936 }
2937 bm->status &= ~BM_STATUS_DMAING;
2938 /* cancel DMA request */
2939 bm->unit = -1;
2940 bm->dma_cb = NULL;
2941 }
2942 }
2943
2944 void ide_dma_reset(BMDMAState *bm)
2945 {
2946 #ifdef DEBUG_IDE
2947 printf("ide: dma_reset\n");
2948 #endif
2949 ide_dma_cancel(bm);
2950 bm->cmd = 0;
2951 bm->status = 0;
2952 bm->addr = 0;
2953 bm->cur_addr = 0;
2954 bm->cur_prd_last = 0;
2955 bm->cur_prd_addr = 0;
2956 bm->cur_prd_len = 0;
2957 bm->sector_num = 0;
2958 bm->nsector = 0;
2959 }
Qemu copy for testing