]> git.proxmox.com Git - mirror_qemu.git/blob - hw/ide/core.c
projects / mirror_qemu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Compile ide/core only once
[mirror_qemu.git] / hw / ide / core.c
1 /*
2 * QEMU IDE disk and CD/DVD-ROM Emulator
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
25 #include <hw/hw.h>
26 #include <hw/pc.h>
27 #include <hw/pci.h>
28 #include <hw/scsi.h>
29 #include "block.h"
30 #include "block_int.h"
31 #include "qemu-timer.h"
32 #include "sysemu.h"
33 #include "dma.h"
34
35 #include <hw/ide/internal.h>
36
37 static int smart_attributes[][5] = {
38 /* id, flags, val, wrst, thrsh */
39 { 0x01, 0x03, 0x64, 0x64, 0x06}, /* raw read */
40 { 0x03, 0x03, 0x64, 0x64, 0x46}, /* spin up */
41 { 0x04, 0x02, 0x64, 0x64, 0x14}, /* start stop count */
42 { 0x05, 0x03, 0x64, 0x64, 0x36}, /* remapped sectors */
43 { 0x00, 0x00, 0x00, 0x00, 0x00}
44 };
45
46 /* XXX: DVDs that could fit on a CD will be reported as a CD */
47 static inline int media_present(IDEState *s)
48 {
49 return (s->nb_sectors > 0);
50 }
51
52 static inline int media_is_dvd(IDEState *s)
53 {
54 return (media_present(s) && s->nb_sectors > CD_MAX_SECTORS);
55 }
56
57 static inline int media_is_cd(IDEState *s)
58 {
59 return (media_present(s) && s->nb_sectors <= CD_MAX_SECTORS);
60 }
61
62 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb);
63 static void ide_dma_restart(IDEState *s, int is_read);
64 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
65 static int ide_handle_rw_error(IDEState *s, int error, int op);
66
67 static void padstr(char *str, const char *src, int len)
68 {
69 int i, v;
70 for(i = 0; i < len; i++) {
71 if (*src)
72 v = *src++;
73 else
74 v = ' ';
75 str[i^1] = v;
76 }
77 }
78
79 static void padstr8(uint8_t *buf, int buf_size, const char *src)
80 {
81 int i;
82 for(i = 0; i < buf_size; i++) {
83 if (*src)
84 buf[i] = *src++;
85 else
86 buf[i] = ' ';
87 }
88 }
89
90 static void put_le16(uint16_t *p, unsigned int v)
91 {
92 *p = cpu_to_le16(v);
93 }
94
95 static void ide_identify(IDEState *s)
96 {
97 uint16_t *p;
98 unsigned int oldsize;
99
100 if (s->identify_set) {
101 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
102 return;
103 }
104
105 memset(s->io_buffer, 0, 512);
106 p = (uint16_t *)s->io_buffer;
107 put_le16(p + 0, 0x0040);
108 put_le16(p + 1, s->cylinders);
109 put_le16(p + 3, s->heads);
110 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
111 put_le16(p + 5, 512); /* XXX: retired, remove ? */
112 put_le16(p + 6, s->sectors);
113 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
114 put_le16(p + 20, 3); /* XXX: retired, remove ? */
115 put_le16(p + 21, 512); /* cache size in sectors */
116 put_le16(p + 22, 4); /* ecc bytes */
117 padstr((char *)(p + 23), s->version, 8); /* firmware version */
118 padstr((char *)(p + 27), "QEMU HARDDISK", 40); /* model */
119 #if MAX_MULT_SECTORS > 1
120 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
121 #endif
122 put_le16(p + 48, 1); /* dword I/O */
123 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
124 put_le16(p + 51, 0x200); /* PIO transfer cycle */
125 put_le16(p + 52, 0x200); /* DMA transfer cycle */
126 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
127 put_le16(p + 54, s->cylinders);
128 put_le16(p + 55, s->heads);
129 put_le16(p + 56, s->sectors);
130 oldsize = s->cylinders * s->heads * s->sectors;
131 put_le16(p + 57, oldsize);
132 put_le16(p + 58, oldsize >> 16);
133 if (s->mult_sectors)
134 put_le16(p + 59, 0x100 | s->mult_sectors);
135 put_le16(p + 60, s->nb_sectors);
136 put_le16(p + 61, s->nb_sectors >> 16);
137 put_le16(p + 62, 0x07); /* single word dma0-2 supported */
138 put_le16(p + 63, 0x07); /* mdma0-2 supported */
139 put_le16(p + 65, 120);
140 put_le16(p + 66, 120);
141 put_le16(p + 67, 120);
142 put_le16(p + 68, 120);
143 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
144 put_le16(p + 81, 0x16); /* conforms to ata5 */
145 /* 14=NOP supported, 0=SMART supported */
146 put_le16(p + 82, (1 << 14) | 1);
147 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
148 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
149 /* 14=set to 1, 1=SMART self test, 0=SMART error logging */
150 put_le16(p + 84, (1 << 14) | 0);
151 /* 14 = NOP supported, 5=WCACHE enabled, 0=SMART feature set enabled */
152 if (bdrv_enable_write_cache(s->bs))
153 put_le16(p + 85, (1 << 14) | (1 << 5) | 1);
154 else
155 put_le16(p + 85, (1 << 14) | 1);
156 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
157 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
158 /* 14=set to 1, 1=smart self test, 0=smart error logging */
159 put_le16(p + 87, (1 << 14) | 0);
160 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
161 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
162 put_le16(p + 100, s->nb_sectors);
163 put_le16(p + 101, s->nb_sectors >> 16);
164 put_le16(p + 102, s->nb_sectors >> 32);
165 put_le16(p + 103, s->nb_sectors >> 48);
166 if (s->conf && s->conf->physical_block_size)
167 put_le16(p + 106, 0x6000 | get_physical_block_exp(s->conf));
168
169 memcpy(s->identify_data, p, sizeof(s->identify_data));
170 s->identify_set = 1;
171 }
172
173 static void ide_atapi_identify(IDEState *s)
174 {
175 uint16_t *p;
176
177 if (s->identify_set) {
178 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
179 return;
180 }
181
182 memset(s->io_buffer, 0, 512);
183 p = (uint16_t *)s->io_buffer;
184 /* Removable CDROM, 50us response, 12 byte packets */
185 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
186 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
187 put_le16(p + 20, 3); /* buffer type */
188 put_le16(p + 21, 512); /* cache size in sectors */
189 put_le16(p + 22, 4); /* ecc bytes */
190 padstr((char *)(p + 23), s->version, 8); /* firmware version */
191 padstr((char *)(p + 27), "QEMU DVD-ROM", 40); /* model */
192 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
193 #ifdef USE_DMA_CDROM
194 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
195 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
196 put_le16(p + 62, 7); /* single word dma0-2 supported */
197 put_le16(p + 63, 7); /* mdma0-2 supported */
198 put_le16(p + 64, 0x3f); /* PIO modes supported */
199 #else
200 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
201 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
202 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
203 put_le16(p + 64, 1); /* PIO modes */
204 #endif
205 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
206 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
207 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
208 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
209
210 put_le16(p + 71, 30); /* in ns */
211 put_le16(p + 72, 30); /* in ns */
212
213 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
214 #ifdef USE_DMA_CDROM
215 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
216 #endif
217 memcpy(s->identify_data, p, sizeof(s->identify_data));
218 s->identify_set = 1;
219 }
220
221 static void ide_cfata_identify(IDEState *s)
222 {
223 uint16_t *p;
224 uint32_t cur_sec;
225
226 p = (uint16_t *) s->identify_data;
227 if (s->identify_set)
228 goto fill_buffer;
229
230 memset(p, 0, sizeof(s->identify_data));
231
232 cur_sec = s->cylinders * s->heads * s->sectors;
233
234 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
235 put_le16(p + 1, s->cylinders); /* Default cylinders */
236 put_le16(p + 3, s->heads); /* Default heads */
237 put_le16(p + 6, s->sectors); /* Default sectors per track */
238 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
239 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
240 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
241 put_le16(p + 22, 0x0004); /* ECC bytes */
242 padstr((char *) (p + 23), s->version, 8); /* Firmware Revision */
243 padstr((char *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */
244 #if MAX_MULT_SECTORS > 1
245 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
246 #else
247 put_le16(p + 47, 0x0000);
248 #endif
249 put_le16(p + 49, 0x0f00); /* Capabilities */
250 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
251 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
252 put_le16(p + 53, 0x0003); /* Translation params valid */
253 put_le16(p + 54, s->cylinders); /* Current cylinders */
254 put_le16(p + 55, s->heads); /* Current heads */
255 put_le16(p + 56, s->sectors); /* Current sectors */
256 put_le16(p + 57, cur_sec); /* Current capacity */
257 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
258 if (s->mult_sectors) /* Multiple sector setting */
259 put_le16(p + 59, 0x100 | s->mult_sectors);
260 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
261 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
262 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
263 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
264 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
265 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
266 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
267 put_le16(p + 82, 0x400c); /* Command Set supported */
268 put_le16(p + 83, 0x7068); /* Command Set supported */
269 put_le16(p + 84, 0x4000); /* Features supported */
270 put_le16(p + 85, 0x000c); /* Command Set enabled */
271 put_le16(p + 86, 0x7044); /* Command Set enabled */
272 put_le16(p + 87, 0x4000); /* Features enabled */
273 put_le16(p + 91, 0x4060); /* Current APM level */
274 put_le16(p + 129, 0x0002); /* Current features option */
275 put_le16(p + 130, 0x0005); /* Reassigned sectors */
276 put_le16(p + 131, 0x0001); /* Initial power mode */
277 put_le16(p + 132, 0x0000); /* User signature */
278 put_le16(p + 160, 0x8100); /* Power requirement */
279 put_le16(p + 161, 0x8001); /* CF command set */
280
281 s->identify_set = 1;
282
283 fill_buffer:
284 memcpy(s->io_buffer, p, sizeof(s->identify_data));
285 }
286
287 static void ide_set_signature(IDEState *s)
288 {
289 s->select &= 0xf0; /* clear head */
290 /* put signature */
291 s->nsector = 1;
292 s->sector = 1;
293 if (s->is_cdrom) {
294 s->lcyl = 0x14;
295 s->hcyl = 0xeb;
296 } else if (s->bs) {
297 s->lcyl = 0;
298 s->hcyl = 0;
299 } else {
300 s->lcyl = 0xff;
301 s->hcyl = 0xff;
302 }
303 }
304
305 static inline void ide_abort_command(IDEState *s)
306 {
307 s->status = READY_STAT | ERR_STAT;
308 s->error = ABRT_ERR;
309 }
310
311 static inline void ide_dma_submit_check(IDEState *s,
312 BlockDriverCompletionFunc *dma_cb, BMDMAState *bm)
313 {
314 if (bm->aiocb)
315 return;
316 dma_cb(bm, -1);
317 }
318
319 /* prepare data transfer and tell what to do after */
320 static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
321 EndTransferFunc *end_transfer_func)
322 {
323 s->end_transfer_func = end_transfer_func;
324 s->data_ptr = buf;
325 s->data_end = buf + size;
326 if (!(s->status & ERR_STAT))
327 s->status |= DRQ_STAT;
328 }
329
330 static void ide_transfer_stop(IDEState *s)
331 {
332 s->end_transfer_func = ide_transfer_stop;
333 s->data_ptr = s->io_buffer;
334 s->data_end = s->io_buffer;
335 s->status &= ~DRQ_STAT;
336 }
337
338 int64_t ide_get_sector(IDEState *s)
339 {
340 int64_t sector_num;
341 if (s->select & 0x40) {
342 /* lba */
343 if (!s->lba48) {
344 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
345 (s->lcyl << 8) | s->sector;
346 } else {
347 sector_num = ((int64_t)s->hob_hcyl << 40) |
348 ((int64_t) s->hob_lcyl << 32) |
349 ((int64_t) s->hob_sector << 24) |
350 ((int64_t) s->hcyl << 16) |
351 ((int64_t) s->lcyl << 8) | s->sector;
352 }
353 } else {
354 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
355 (s->select & 0x0f) * s->sectors + (s->sector - 1);
356 }
357 return sector_num;
358 }
359
360 void ide_set_sector(IDEState *s, int64_t sector_num)
361 {
362 unsigned int cyl, r;
363 if (s->select & 0x40) {
364 if (!s->lba48) {
365 s->select = (s->select & 0xf0) | (sector_num >> 24);
366 s->hcyl = (sector_num >> 16);
367 s->lcyl = (sector_num >> 8);
368 s->sector = (sector_num);
369 } else {
370 s->sector = sector_num;
371 s->lcyl = sector_num >> 8;
372 s->hcyl = sector_num >> 16;
373 s->hob_sector = sector_num >> 24;
374 s->hob_lcyl = sector_num >> 32;
375 s->hob_hcyl = sector_num >> 40;
376 }
377 } else {
378 cyl = sector_num / (s->heads * s->sectors);
379 r = sector_num % (s->heads * s->sectors);
380 s->hcyl = cyl >> 8;
381 s->lcyl = cyl;
382 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
383 s->sector = (r % s->sectors) + 1;
384 }
385 }
386
387 static void ide_rw_error(IDEState *s) {
388 ide_abort_command(s);
389 ide_set_irq(s->bus);
390 }
391
392 static void ide_sector_read(IDEState *s)
393 {
394 int64_t sector_num;
395 int ret, n;
396
397 s->status = READY_STAT | SEEK_STAT;
398 s->error = 0; /* not needed by IDE spec, but needed by Windows */
399 sector_num = ide_get_sector(s);
400 n = s->nsector;
401 if (n == 0) {
402 /* no more sector to read from disk */
403 ide_transfer_stop(s);
404 } else {
405 #if defined(DEBUG_IDE)
406 printf("read sector=%" PRId64 "\n", sector_num);
407 #endif
408 if (n > s->req_nb_sectors)
409 n = s->req_nb_sectors;
410 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
411 if (ret != 0) {
412 if (ide_handle_rw_error(s, -ret,
413 BM_STATUS_PIO_RETRY | BM_STATUS_RETRY_READ))
414 {
415 return;
416 }
417 }
418 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
419 ide_set_irq(s->bus);
420 ide_set_sector(s, sector_num + n);
421 s->nsector -= n;
422 }
423 }
424
425
426 /* return 0 if buffer completed */
427 static int dma_buf_prepare(BMDMAState *bm, int is_write)
428 {
429 IDEState *s = bmdma_active_if(bm);
430 struct {
431 uint32_t addr;
432 uint32_t size;
433 } prd;
434 int l, len;
435
436 qemu_sglist_init(&s->sg, s->nsector / (PAGE_SIZE / 512) + 1);
437 s->io_buffer_size = 0;
438 for(;;) {
439 if (bm->cur_prd_len == 0) {
440 /* end of table (with a fail safe of one page) */
441 if (bm->cur_prd_last ||
442 (bm->cur_addr - bm->addr) >= PAGE_SIZE)
443 return s->io_buffer_size != 0;
444 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
445 bm->cur_addr += 8;
446 prd.addr = le32_to_cpu(prd.addr);
447 prd.size = le32_to_cpu(prd.size);
448 len = prd.size & 0xfffe;
449 if (len == 0)
450 len = 0x10000;
451 bm->cur_prd_len = len;
452 bm->cur_prd_addr = prd.addr;
453 bm->cur_prd_last = (prd.size & 0x80000000);
454 }
455 l = bm->cur_prd_len;
456 if (l > 0) {
457 qemu_sglist_add(&s->sg, bm->cur_prd_addr, l);
458 bm->cur_prd_addr += l;
459 bm->cur_prd_len -= l;
460 s->io_buffer_size += l;
461 }
462 }
463 return 1;
464 }
465
466 static void dma_buf_commit(IDEState *s, int is_write)
467 {
468 qemu_sglist_destroy(&s->sg);
469 }
470
471 void ide_dma_error(IDEState *s)
472 {
473 ide_transfer_stop(s);
474 s->error = ABRT_ERR;
475 s->status = READY_STAT | ERR_STAT;
476 ide_set_irq(s->bus);
477 }
478
479 static int ide_handle_rw_error(IDEState *s, int error, int op)
480 {
481 int is_read = (op & BM_STATUS_RETRY_READ);
482 BlockInterfaceErrorAction action = drive_get_on_error(s->bs, is_read);
483
484 if (action == BLOCK_ERR_IGNORE) {
485 bdrv_mon_event(s->bs, BDRV_ACTION_IGNORE, is_read);
486 return 0;
487 }
488
489 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
490 || action == BLOCK_ERR_STOP_ANY) {
491 s->bus->bmdma->unit = s->unit;
492 s->bus->bmdma->status |= op;
493 bdrv_mon_event(s->bs, BDRV_ACTION_STOP, is_read);
494 vm_stop(0);
495 } else {
496 if (op & BM_STATUS_DMA_RETRY) {
497 dma_buf_commit(s, 0);
498 ide_dma_error(s);
499 } else {
500 ide_rw_error(s);
501 }
502 bdrv_mon_event(s->bs, BDRV_ACTION_REPORT, is_read);
503 }
504
505 return 1;
506 }
507
508 /* return 0 if buffer completed */
509 static int dma_buf_rw(BMDMAState *bm, int is_write)
510 {
511 IDEState *s = bmdma_active_if(bm);
512 struct {
513 uint32_t addr;
514 uint32_t size;
515 } prd;
516 int l, len;
517
518 for(;;) {
519 l = s->io_buffer_size - s->io_buffer_index;
520 if (l <= 0)
521 break;
522 if (bm->cur_prd_len == 0) {
523 /* end of table (with a fail safe of one page) */
524 if (bm->cur_prd_last ||
525 (bm->cur_addr - bm->addr) >= PAGE_SIZE)
526 return 0;
527 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
528 bm->cur_addr += 8;
529 prd.addr = le32_to_cpu(prd.addr);
530 prd.size = le32_to_cpu(prd.size);
531 len = prd.size & 0xfffe;
532 if (len == 0)
533 len = 0x10000;
534 bm->cur_prd_len = len;
535 bm->cur_prd_addr = prd.addr;
536 bm->cur_prd_last = (prd.size & 0x80000000);
537 }
538 if (l > bm->cur_prd_len)
539 l = bm->cur_prd_len;
540 if (l > 0) {
541 if (is_write) {
542 cpu_physical_memory_write(bm->cur_prd_addr,
543 s->io_buffer + s->io_buffer_index, l);
544 } else {
545 cpu_physical_memory_read(bm->cur_prd_addr,
546 s->io_buffer + s->io_buffer_index, l);
547 }
548 bm->cur_prd_addr += l;
549 bm->cur_prd_len -= l;
550 s->io_buffer_index += l;
551 }
552 }
553 return 1;
554 }
555
556 static void ide_read_dma_cb(void *opaque, int ret)
557 {
558 BMDMAState *bm = opaque;
559 IDEState *s = bmdma_active_if(bm);
560 int n;
561 int64_t sector_num;
562
563 if (ret < 0) {
564 if (ide_handle_rw_error(s, -ret,
565 BM_STATUS_DMA_RETRY | BM_STATUS_RETRY_READ))
566 {
567 return;
568 }
569 }
570
571 n = s->io_buffer_size >> 9;
572 sector_num = ide_get_sector(s);
573 if (n > 0) {
574 dma_buf_commit(s, 1);
575 sector_num += n;
576 ide_set_sector(s, sector_num);
577 s->nsector -= n;
578 }
579
580 /* end of transfer ? */
581 if (s->nsector == 0) {
582 s->status = READY_STAT | SEEK_STAT;
583 ide_set_irq(s->bus);
584 eot:
585 bm->status &= ~BM_STATUS_DMAING;
586 bm->status |= BM_STATUS_INT;
587 bm->dma_cb = NULL;
588 bm->unit = -1;
589 bm->aiocb = NULL;
590 return;
591 }
592
593 /* launch next transfer */
594 n = s->nsector;
595 s->io_buffer_index = 0;
596 s->io_buffer_size = n * 512;
597 if (dma_buf_prepare(bm, 1) == 0)
598 goto eot;
599 #ifdef DEBUG_AIO
600 printf("aio_read: sector_num=%" PRId64 " n=%d\n", sector_num, n);
601 #endif
602 bm->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num, ide_read_dma_cb, bm);
603 ide_dma_submit_check(s, ide_read_dma_cb, bm);
604 }
605
606 static void ide_sector_read_dma(IDEState *s)
607 {
608 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
609 s->io_buffer_index = 0;
610 s->io_buffer_size = 0;
611 s->is_read = 1;
612 ide_dma_start(s, ide_read_dma_cb);
613 }
614
615 static void ide_sector_write_timer_cb(void *opaque)
616 {
617 IDEState *s = opaque;
618 ide_set_irq(s->bus);
619 }
620
621 static void ide_sector_write(IDEState *s)
622 {
623 int64_t sector_num;
624 int ret, n, n1;
625
626 s->status = READY_STAT | SEEK_STAT;
627 sector_num = ide_get_sector(s);
628 #if defined(DEBUG_IDE)
629 printf("write sector=%" PRId64 "\n", sector_num);
630 #endif
631 n = s->nsector;
632 if (n > s->req_nb_sectors)
633 n = s->req_nb_sectors;
634 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
635
636 if (ret != 0) {
637 if (ide_handle_rw_error(s, -ret, BM_STATUS_PIO_RETRY))
638 return;
639 }
640
641 s->nsector -= n;
642 if (s->nsector == 0) {
643 /* no more sectors to write */
644 ide_transfer_stop(s);
645 } else {
646 n1 = s->nsector;
647 if (n1 > s->req_nb_sectors)
648 n1 = s->req_nb_sectors;
649 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
650 }
651 ide_set_sector(s, sector_num + n);
652
653 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
654 /* It seems there is a bug in the Windows 2000 installer HDD
655 IDE driver which fills the disk with empty logs when the
656 IDE write IRQ comes too early. This hack tries to correct
657 that at the expense of slower write performances. Use this
658 option _only_ to install Windows 2000. You must disable it
659 for normal use. */
660 qemu_mod_timer(s->sector_write_timer,
661 qemu_get_clock(vm_clock) + (get_ticks_per_sec() / 1000));
662 } else {
663 ide_set_irq(s->bus);
664 }
665 }
666
667 static void ide_dma_restart_bh(void *opaque)
668 {
669 BMDMAState *bm = opaque;
670 int is_read;
671
672 qemu_bh_delete(bm->bh);
673 bm->bh = NULL;
674
675 is_read = !!(bm->status & BM_STATUS_RETRY_READ);
676
677 if (bm->status & BM_STATUS_DMA_RETRY) {
678 bm->status &= ~(BM_STATUS_DMA_RETRY | BM_STATUS_RETRY_READ);
679 ide_dma_restart(bmdma_active_if(bm), is_read);
680 } else if (bm->status & BM_STATUS_PIO_RETRY) {
681 bm->status &= ~(BM_STATUS_PIO_RETRY | BM_STATUS_RETRY_READ);
682 if (is_read) {
683 ide_sector_read(bmdma_active_if(bm));
684 } else {
685 ide_sector_write(bmdma_active_if(bm));
686 }
687 }
688 }
689
690 void ide_dma_restart_cb(void *opaque, int running, int reason)
691 {
692 BMDMAState *bm = opaque;
693
694 if (!running)
695 return;
696
697 if (!bm->bh) {
698 bm->bh = qemu_bh_new(ide_dma_restart_bh, bm);
699 qemu_bh_schedule(bm->bh);
700 }
701 }
702
703 static void ide_write_dma_cb(void *opaque, int ret)
704 {
705 BMDMAState *bm = opaque;
706 IDEState *s = bmdma_active_if(bm);
707 int n;
708 int64_t sector_num;
709
710 if (ret < 0) {
711 if (ide_handle_rw_error(s, -ret, BM_STATUS_DMA_RETRY))
712 return;
713 }
714
715 n = s->io_buffer_size >> 9;
716 sector_num = ide_get_sector(s);
717 if (n > 0) {
718 dma_buf_commit(s, 0);
719 sector_num += n;
720 ide_set_sector(s, sector_num);
721 s->nsector -= n;
722 }
723
724 /* end of transfer ? */
725 if (s->nsector == 0) {
726 s->status = READY_STAT | SEEK_STAT;
727 ide_set_irq(s->bus);
728 eot:
729 bm->status &= ~BM_STATUS_DMAING;
730 bm->status |= BM_STATUS_INT;
731 bm->dma_cb = NULL;
732 bm->unit = -1;
733 bm->aiocb = NULL;
734 return;
735 }
736
737 n = s->nsector;
738 s->io_buffer_size = n * 512;
739 /* launch next transfer */
740 if (dma_buf_prepare(bm, 0) == 0)
741 goto eot;
742 #ifdef DEBUG_AIO
743 printf("aio_write: sector_num=%" PRId64 " n=%d\n", sector_num, n);
744 #endif
745 bm->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num, ide_write_dma_cb, bm);
746 ide_dma_submit_check(s, ide_write_dma_cb, bm);
747 }
748
749 static void ide_sector_write_dma(IDEState *s)
750 {
751 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
752 s->io_buffer_index = 0;
753 s->io_buffer_size = 0;
754 s->is_read = 0;
755 ide_dma_start(s, ide_write_dma_cb);
756 }
757
758 void ide_atapi_cmd_ok(IDEState *s)
759 {
760 s->error = 0;
761 s->status = READY_STAT | SEEK_STAT;
762 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
763 ide_set_irq(s->bus);
764 }
765
766 void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
767 {
768 #ifdef DEBUG_IDE_ATAPI
769 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
770 #endif
771 s->error = sense_key << 4;
772 s->status = READY_STAT | ERR_STAT;
773 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
774 s->sense_key = sense_key;
775 s->asc = asc;
776 ide_set_irq(s->bus);
777 }
778
779 static void ide_atapi_cmd_check_status(IDEState *s)
780 {
781 #ifdef DEBUG_IDE_ATAPI
782 printf("atapi_cmd_check_status\n");
783 #endif
784 s->error = MC_ERR | (SENSE_UNIT_ATTENTION << 4);
785 s->status = ERR_STAT;
786 s->nsector = 0;
787 ide_set_irq(s->bus);
788 }
789
790 static void ide_flush_cb(void *opaque, int ret)
791 {
792 IDEState *s = opaque;
793
794 /* XXX: how do we signal I/O errors here? */
795
796 s->status = READY_STAT | SEEK_STAT;
797 ide_set_irq(s->bus);
798 }
799
800 static inline void cpu_to_ube16(uint8_t *buf, int val)
801 {
802 buf[0] = val >> 8;
803 buf[1] = val & 0xff;
804 }
805
806 static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
807 {
808 buf[0] = val >> 24;
809 buf[1] = val >> 16;
810 buf[2] = val >> 8;
811 buf[3] = val & 0xff;
812 }
813
814 static inline int ube16_to_cpu(const uint8_t *buf)
815 {
816 return (buf[0] << 8) | buf[1];
817 }
818
819 static inline int ube32_to_cpu(const uint8_t *buf)
820 {
821 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
822 }
823
824 static void lba_to_msf(uint8_t *buf, int lba)
825 {
826 lba += 150;
827 buf[0] = (lba / 75) / 60;
828 buf[1] = (lba / 75) % 60;
829 buf[2] = lba % 75;
830 }
831
832 static void cd_data_to_raw(uint8_t *buf, int lba)
833 {
834 /* sync bytes */
835 buf[0] = 0x00;
836 memset(buf + 1, 0xff, 10);
837 buf[11] = 0x00;
838 buf += 12;
839 /* MSF */
840 lba_to_msf(buf, lba);
841 buf[3] = 0x01; /* mode 1 data */
842 buf += 4;
843 /* data */
844 buf += 2048;
845 /* XXX: ECC not computed */
846 memset(buf, 0, 288);
847 }
848
849 static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
850 int sector_size)
851 {
852 int ret;
853
854 switch(sector_size) {
855 case 2048:
856 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
857 break;
858 case 2352:
859 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
860 if (ret < 0)
861 return ret;
862 cd_data_to_raw(buf, lba);
863 break;
864 default:
865 ret = -EIO;
866 break;
867 }
868 return ret;
869 }
870
871 void ide_atapi_io_error(IDEState *s, int ret)
872 {
873 /* XXX: handle more errors */
874 if (ret == -ENOMEDIUM) {
875 ide_atapi_cmd_error(s, SENSE_NOT_READY,
876 ASC_MEDIUM_NOT_PRESENT);
877 } else {
878 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
879 ASC_LOGICAL_BLOCK_OOR);
880 }
881 }
882
883 /* The whole ATAPI transfer logic is handled in this function */
884 static void ide_atapi_cmd_reply_end(IDEState *s)
885 {
886 int byte_count_limit, size, ret;
887 #ifdef DEBUG_IDE_ATAPI
888 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
889 s->packet_transfer_size,
890 s->elementary_transfer_size,
891 s->io_buffer_index);
892 #endif
893 if (s->packet_transfer_size <= 0) {
894 /* end of transfer */
895 ide_transfer_stop(s);
896 s->status = READY_STAT | SEEK_STAT;
897 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
898 ide_set_irq(s->bus);
899 #ifdef DEBUG_IDE_ATAPI
900 printf("status=0x%x\n", s->status);
901 #endif
902 } else {
903 /* see if a new sector must be read */
904 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
905 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
906 if (ret < 0) {
907 ide_transfer_stop(s);
908 ide_atapi_io_error(s, ret);
909 return;
910 }
911 s->lba++;
912 s->io_buffer_index = 0;
913 }
914 if (s->elementary_transfer_size > 0) {
915 /* there are some data left to transmit in this elementary
916 transfer */
917 size = s->cd_sector_size - s->io_buffer_index;
918 if (size > s->elementary_transfer_size)
919 size = s->elementary_transfer_size;
920 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
921 size, ide_atapi_cmd_reply_end);
922 s->packet_transfer_size -= size;
923 s->elementary_transfer_size -= size;
924 s->io_buffer_index += size;
925 } else {
926 /* a new transfer is needed */
927 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
928 byte_count_limit = s->lcyl | (s->hcyl << 8);
929 #ifdef DEBUG_IDE_ATAPI
930 printf("byte_count_limit=%d\n", byte_count_limit);
931 #endif
932 if (byte_count_limit == 0xffff)
933 byte_count_limit--;
934 size = s->packet_transfer_size;
935 if (size > byte_count_limit) {
936 /* byte count limit must be even if this case */
937 if (byte_count_limit & 1)
938 byte_count_limit--;
939 size = byte_count_limit;
940 }
941 s->lcyl = size;
942 s->hcyl = size >> 8;
943 s->elementary_transfer_size = size;
944 /* we cannot transmit more than one sector at a time */
945 if (s->lba != -1) {
946 if (size > (s->cd_sector_size - s->io_buffer_index))
947 size = (s->cd_sector_size - s->io_buffer_index);
948 }
949 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
950 size, ide_atapi_cmd_reply_end);
951 s->packet_transfer_size -= size;
952 s->elementary_transfer_size -= size;
953 s->io_buffer_index += size;
954 ide_set_irq(s->bus);
955 #ifdef DEBUG_IDE_ATAPI
956 printf("status=0x%x\n", s->status);
957 #endif
958 }
959 }
960 }
961
962 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
963 static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
964 {
965 if (size > max_size)
966 size = max_size;
967 s->lba = -1; /* no sector read */
968 s->packet_transfer_size = size;
969 s->io_buffer_size = size; /* dma: send the reply data as one chunk */
970 s->elementary_transfer_size = 0;
971 s->io_buffer_index = 0;
972
973 if (s->atapi_dma) {
974 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
975 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
976 } else {
977 s->status = READY_STAT | SEEK_STAT;
978 ide_atapi_cmd_reply_end(s);
979 }
980 }
981
982 /* start a CD-CDROM read command */
983 static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
984 int sector_size)
985 {
986 s->lba = lba;
987 s->packet_transfer_size = nb_sectors * sector_size;
988 s->elementary_transfer_size = 0;
989 s->io_buffer_index = sector_size;
990 s->cd_sector_size = sector_size;
991
992 s->status = READY_STAT | SEEK_STAT;
993 ide_atapi_cmd_reply_end(s);
994 }
995
996 /* ATAPI DMA support */
997
998 /* XXX: handle read errors */
999 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
1000 {
1001 BMDMAState *bm = opaque;
1002 IDEState *s = bmdma_active_if(bm);
1003 int data_offset, n;
1004
1005 if (ret < 0) {
1006 ide_atapi_io_error(s, ret);
1007 goto eot;
1008 }
1009
1010 if (s->io_buffer_size > 0) {
1011 /*
1012 * For a cdrom read sector command (s->lba != -1),
1013 * adjust the lba for the next s->io_buffer_size chunk
1014 * and dma the current chunk.
1015 * For a command != read (s->lba == -1), just transfer
1016 * the reply data.
1017 */
1018 if (s->lba != -1) {
1019 if (s->cd_sector_size == 2352) {
1020 n = 1;
1021 cd_data_to_raw(s->io_buffer, s->lba);
1022 } else {
1023 n = s->io_buffer_size >> 11;
1024 }
1025 s->lba += n;
1026 }
1027 s->packet_transfer_size -= s->io_buffer_size;
1028 if (dma_buf_rw(bm, 1) == 0)
1029 goto eot;
1030 }
1031
1032 if (s->packet_transfer_size <= 0) {
1033 s->status = READY_STAT | SEEK_STAT;
1034 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1035 ide_set_irq(s->bus);
1036 eot:
1037 bm->status &= ~BM_STATUS_DMAING;
1038 bm->status |= BM_STATUS_INT;
1039 bm->dma_cb = NULL;
1040 bm->unit = -1;
1041 bm->aiocb = NULL;
1042 return;
1043 }
1044
1045 s->io_buffer_index = 0;
1046 if (s->cd_sector_size == 2352) {
1047 n = 1;
1048 s->io_buffer_size = s->cd_sector_size;
1049 data_offset = 16;
1050 } else {
1051 n = s->packet_transfer_size >> 11;
1052 if (n > (IDE_DMA_BUF_SECTORS / 4))
1053 n = (IDE_DMA_BUF_SECTORS / 4);
1054 s->io_buffer_size = n * 2048;
1055 data_offset = 0;
1056 }
1057 #ifdef DEBUG_AIO
1058 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
1059 #endif
1060 bm->iov.iov_base = (void *)(s->io_buffer + data_offset);
1061 bm->iov.iov_len = n * 4 * 512;
1062 qemu_iovec_init_external(&bm->qiov, &bm->iov, 1);
1063 bm->aiocb = bdrv_aio_readv(s->bs, (int64_t)s->lba << 2, &bm->qiov,
1064 n * 4, ide_atapi_cmd_read_dma_cb, bm);
1065 if (!bm->aiocb) {
1066 /* Note: media not present is the most likely case */
1067 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1068 ASC_MEDIUM_NOT_PRESENT);
1069 goto eot;
1070 }
1071 }
1072
1073 /* start a CD-CDROM read command with DMA */
1074 /* XXX: test if DMA is available */
1075 static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1076 int sector_size)
1077 {
1078 s->lba = lba;
1079 s->packet_transfer_size = nb_sectors * sector_size;
1080 s->io_buffer_index = 0;
1081 s->io_buffer_size = 0;
1082 s->cd_sector_size = sector_size;
1083
1084 /* XXX: check if BUSY_STAT should be set */
1085 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
1086 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1087 }
1088
1089 static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
1090 int sector_size)
1091 {
1092 #ifdef DEBUG_IDE_ATAPI
1093 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
1094 lba, nb_sectors);
1095 #endif
1096 if (s->atapi_dma) {
1097 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1098 } else {
1099 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1100 }
1101 }
1102
1103 static inline uint8_t ide_atapi_set_profile(uint8_t *buf, uint8_t *index,
1104 uint16_t profile)
1105 {
1106 uint8_t *buf_profile = buf + 12; /* start of profiles */
1107
1108 buf_profile += ((*index) * 4); /* start of indexed profile */
1109 cpu_to_ube16 (buf_profile, profile);
1110 buf_profile[2] = ((buf_profile[0] == buf[6]) && (buf_profile[1] == buf[7]));
1111
1112 /* each profile adds 4 bytes to the response */
1113 (*index)++;
1114 buf[11] += 4; /* Additional Length */
1115
1116 return 4;
1117 }
1118
1119 static int ide_dvd_read_structure(IDEState *s, int format,
1120 const uint8_t *packet, uint8_t *buf)
1121 {
1122 switch (format) {
1123 case 0x0: /* Physical format information */
1124 {
1125 int layer = packet[6];
1126 uint64_t total_sectors;
1127
1128 if (layer != 0)
1129 return -ASC_INV_FIELD_IN_CMD_PACKET;
1130
1131 bdrv_get_geometry(s->bs, &total_sectors);
1132 total_sectors >>= 2;
1133 if (total_sectors == 0)
1134 return -ASC_MEDIUM_NOT_PRESENT;
1135
1136 buf[4] = 1; /* DVD-ROM, part version 1 */
1137 buf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
1138 buf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
1139 buf[7] = 0; /* default densities */
1140
1141 /* FIXME: 0x30000 per spec? */
1142 cpu_to_ube32(buf + 8, 0); /* start sector */
1143 cpu_to_ube32(buf + 12, total_sectors - 1); /* end sector */
1144 cpu_to_ube32(buf + 16, total_sectors - 1); /* l0 end sector */
1145
1146 /* Size of buffer, not including 2 byte size field */
1147 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1148
1149 /* 2k data + 4 byte header */
1150 return (2048 + 4);
1151 }
1152
1153 case 0x01: /* DVD copyright information */
1154 buf[4] = 0; /* no copyright data */
1155 buf[5] = 0; /* no region restrictions */
1156
1157 /* Size of buffer, not including 2 byte size field */
1158 cpu_to_be16wu((uint16_t *)buf, 4 + 2);
1159
1160 /* 4 byte header + 4 byte data */
1161 return (4 + 4);
1162
1163 case 0x03: /* BCA information - invalid field for no BCA info */
1164 return -ASC_INV_FIELD_IN_CMD_PACKET;
1165
1166 case 0x04: /* DVD disc manufacturing information */
1167 /* Size of buffer, not including 2 byte size field */
1168 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1169
1170 /* 2k data + 4 byte header */
1171 return (2048 + 4);
1172
1173 case 0xff:
1174 /*
1175 * This lists all the command capabilities above. Add new ones
1176 * in order and update the length and buffer return values.
1177 */
1178
1179 buf[4] = 0x00; /* Physical format */
1180 buf[5] = 0x40; /* Not writable, is readable */
1181 cpu_to_be16wu((uint16_t *)(buf + 6), 2048 + 4);
1182
1183 buf[8] = 0x01; /* Copyright info */
1184 buf[9] = 0x40; /* Not writable, is readable */
1185 cpu_to_be16wu((uint16_t *)(buf + 10), 4 + 4);
1186
1187 buf[12] = 0x03; /* BCA info */
1188 buf[13] = 0x40; /* Not writable, is readable */
1189 cpu_to_be16wu((uint16_t *)(buf + 14), 188 + 4);
1190
1191 buf[16] = 0x04; /* Manufacturing info */
1192 buf[17] = 0x40; /* Not writable, is readable */
1193 cpu_to_be16wu((uint16_t *)(buf + 18), 2048 + 4);
1194
1195 /* Size of buffer, not including 2 byte size field */
1196 cpu_to_be16wu((uint16_t *)buf, 16 + 2);
1197
1198 /* data written + 4 byte header */
1199 return (16 + 4);
1200
1201 default: /* TODO: formats beyond DVD-ROM requires */
1202 return -ASC_INV_FIELD_IN_CMD_PACKET;
1203 }
1204 }
1205
1206 static void ide_atapi_cmd(IDEState *s)
1207 {
1208 const uint8_t *packet;
1209 uint8_t *buf;
1210 int max_len;
1211
1212 packet = s->io_buffer;
1213 buf = s->io_buffer;
1214 #ifdef DEBUG_IDE_ATAPI
1215 {
1216 int i;
1217 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1218 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1219 printf(" %02x", packet[i]);
1220 }
1221 printf("\n");
1222 }
1223 #endif
1224 /* If there's a UNIT_ATTENTION condition pending, only
1225 REQUEST_SENSE and INQUIRY commands are allowed to complete. */
1226 if (s->sense_key == SENSE_UNIT_ATTENTION &&
1227 s->io_buffer[0] != GPCMD_REQUEST_SENSE &&
1228 s->io_buffer[0] != GPCMD_INQUIRY) {
1229 ide_atapi_cmd_check_status(s);
1230 return;
1231 }
1232 switch(s->io_buffer[0]) {
1233 case GPCMD_TEST_UNIT_READY:
1234 if (bdrv_is_inserted(s->bs) && !s->cdrom_changed) {
1235 ide_atapi_cmd_ok(s);
1236 } else {
1237 s->cdrom_changed = 0;
1238 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1239 ASC_MEDIUM_NOT_PRESENT);
1240 }
1241 break;
1242 case GPCMD_MODE_SENSE_6:
1243 case GPCMD_MODE_SENSE_10:
1244 {
1245 int action, code;
1246 if (packet[0] == GPCMD_MODE_SENSE_10)
1247 max_len = ube16_to_cpu(packet + 7);
1248 else
1249 max_len = packet[4];
1250 action = packet[2] >> 6;
1251 code = packet[2] & 0x3f;
1252 switch(action) {
1253 case 0: /* current values */
1254 switch(code) {
1255 case GPMODE_R_W_ERROR_PAGE: /* error recovery */
1256 cpu_to_ube16(&buf[0], 16 + 6);
1257 buf[2] = 0x70;
1258 buf[3] = 0;
1259 buf[4] = 0;
1260 buf[5] = 0;
1261 buf[6] = 0;
1262 buf[7] = 0;
1263
1264 buf[8] = 0x01;
1265 buf[9] = 0x06;
1266 buf[10] = 0x00;
1267 buf[11] = 0x05;
1268 buf[12] = 0x00;
1269 buf[13] = 0x00;
1270 buf[14] = 0x00;
1271 buf[15] = 0x00;
1272 ide_atapi_cmd_reply(s, 16, max_len);
1273 break;
1274 case GPMODE_AUDIO_CTL_PAGE:
1275 cpu_to_ube16(&buf[0], 24 + 6);
1276 buf[2] = 0x70;
1277 buf[3] = 0;
1278 buf[4] = 0;
1279 buf[5] = 0;
1280 buf[6] = 0;
1281 buf[7] = 0;
1282
1283 /* Fill with CDROM audio volume */
1284 buf[17] = 0;
1285 buf[19] = 0;
1286 buf[21] = 0;
1287 buf[23] = 0;
1288
1289 ide_atapi_cmd_reply(s, 24, max_len);
1290 break;
1291 case GPMODE_CAPABILITIES_PAGE:
1292 cpu_to_ube16(&buf[0], 28 + 6);
1293 buf[2] = 0x70;
1294 buf[3] = 0;
1295 buf[4] = 0;
1296 buf[5] = 0;
1297 buf[6] = 0;
1298 buf[7] = 0;
1299
1300 buf[8] = 0x2a;
1301 buf[9] = 0x12;
1302 buf[10] = 0x00;
1303 buf[11] = 0x00;
1304
1305 /* Claim PLAY_AUDIO capability (0x01) since some Linux
1306 code checks for this to automount media. */
1307 buf[12] = 0x71;
1308 buf[13] = 3 << 5;
1309 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
1310 if (bdrv_is_locked(s->bs))
1311 buf[6] |= 1 << 1;
1312 buf[15] = 0x00;
1313 cpu_to_ube16(&buf[16], 706);
1314 buf[18] = 0;
1315 buf[19] = 2;
1316 cpu_to_ube16(&buf[20], 512);
1317 cpu_to_ube16(&buf[22], 706);
1318 buf[24] = 0;
1319 buf[25] = 0;
1320 buf[26] = 0;
1321 buf[27] = 0;
1322 ide_atapi_cmd_reply(s, 28, max_len);
1323 break;
1324 default:
1325 goto error_cmd;
1326 }
1327 break;
1328 case 1: /* changeable values */
1329 goto error_cmd;
1330 case 2: /* default values */
1331 goto error_cmd;
1332 default:
1333 case 3: /* saved values */
1334 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1335 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1336 break;
1337 }
1338 }
1339 break;
1340 case GPCMD_REQUEST_SENSE:
1341 max_len = packet[4];
1342 memset(buf, 0, 18);
1343 buf[0] = 0x70 | (1 << 7);
1344 buf[2] = s->sense_key;
1345 buf[7] = 10;
1346 buf[12] = s->asc;
1347 if (s->sense_key == SENSE_UNIT_ATTENTION)
1348 s->sense_key = SENSE_NONE;
1349 ide_atapi_cmd_reply(s, 18, max_len);
1350 break;
1351 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
1352 if (bdrv_is_inserted(s->bs)) {
1353 bdrv_set_locked(s->bs, packet[4] & 1);
1354 ide_atapi_cmd_ok(s);
1355 } else {
1356 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1357 ASC_MEDIUM_NOT_PRESENT);
1358 }
1359 break;
1360 case GPCMD_READ_10:
1361 case GPCMD_READ_12:
1362 {
1363 int nb_sectors, lba;
1364
1365 if (packet[0] == GPCMD_READ_10)
1366 nb_sectors = ube16_to_cpu(packet + 7);
1367 else
1368 nb_sectors = ube32_to_cpu(packet + 6);
1369 lba = ube32_to_cpu(packet + 2);
1370 if (nb_sectors == 0) {
1371 ide_atapi_cmd_ok(s);
1372 break;
1373 }
1374 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1375 }
1376 break;
1377 case GPCMD_READ_CD:
1378 {
1379 int nb_sectors, lba, transfer_request;
1380
1381 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1382 lba = ube32_to_cpu(packet + 2);
1383 if (nb_sectors == 0) {
1384 ide_atapi_cmd_ok(s);
1385 break;
1386 }
1387 transfer_request = packet[9];
1388 switch(transfer_request & 0xf8) {
1389 case 0x00:
1390 /* nothing */
1391 ide_atapi_cmd_ok(s);
1392 break;
1393 case 0x10:
1394 /* normal read */
1395 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1396 break;
1397 case 0xf8:
1398 /* read all data */
1399 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1400 break;
1401 default:
1402 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1403 ASC_INV_FIELD_IN_CMD_PACKET);
1404 break;
1405 }
1406 }
1407 break;
1408 case GPCMD_SEEK:
1409 {
1410 unsigned int lba;
1411 uint64_t total_sectors;
1412
1413 bdrv_get_geometry(s->bs, &total_sectors);
1414 total_sectors >>= 2;
1415 if (total_sectors == 0) {
1416 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1417 ASC_MEDIUM_NOT_PRESENT);
1418 break;
1419 }
1420 lba = ube32_to_cpu(packet + 2);
1421 if (lba >= total_sectors) {
1422 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1423 ASC_LOGICAL_BLOCK_OOR);
1424 break;
1425 }
1426 ide_atapi_cmd_ok(s);
1427 }
1428 break;
1429 case GPCMD_START_STOP_UNIT:
1430 {
1431 int start, eject, err = 0;
1432 start = packet[4] & 1;
1433 eject = (packet[4] >> 1) & 1;
1434
1435 if (eject) {
1436 err = bdrv_eject(s->bs, !start);
1437 }
1438
1439 switch (err) {
1440 case 0:
1441 ide_atapi_cmd_ok(s);
1442 break;
1443 case -EBUSY:
1444 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1445 ASC_MEDIA_REMOVAL_PREVENTED);
1446 break;
1447 default:
1448 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1449 ASC_MEDIUM_NOT_PRESENT);
1450 break;
1451 }
1452 }
1453 break;
1454 case GPCMD_MECHANISM_STATUS:
1455 {
1456 max_len = ube16_to_cpu(packet + 8);
1457 cpu_to_ube16(buf, 0);
1458 /* no current LBA */
1459 buf[2] = 0;
1460 buf[3] = 0;
1461 buf[4] = 0;
1462 buf[5] = 1;
1463 cpu_to_ube16(buf + 6, 0);
1464 ide_atapi_cmd_reply(s, 8, max_len);
1465 }
1466 break;
1467 case GPCMD_READ_TOC_PMA_ATIP:
1468 {
1469 int format, msf, start_track, len;
1470 uint64_t total_sectors;
1471
1472 bdrv_get_geometry(s->bs, &total_sectors);
1473 total_sectors >>= 2;
1474 if (total_sectors == 0) {
1475 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1476 ASC_MEDIUM_NOT_PRESENT);
1477 break;
1478 }
1479 max_len = ube16_to_cpu(packet + 7);
1480 format = packet[9] >> 6;
1481 msf = (packet[1] >> 1) & 1;
1482 start_track = packet[6];
1483 switch(format) {
1484 case 0:
1485 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
1486 if (len < 0)
1487 goto error_cmd;
1488 ide_atapi_cmd_reply(s, len, max_len);
1489 break;
1490 case 1:
1491 /* multi session : only a single session defined */
1492 memset(buf, 0, 12);
1493 buf[1] = 0x0a;
1494 buf[2] = 0x01;
1495 buf[3] = 0x01;
1496 ide_atapi_cmd_reply(s, 12, max_len);
1497 break;
1498 case 2:
1499 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
1500 if (len < 0)
1501 goto error_cmd;
1502 ide_atapi_cmd_reply(s, len, max_len);
1503 break;
1504 default:
1505 error_cmd:
1506 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1507 ASC_INV_FIELD_IN_CMD_PACKET);
1508 break;
1509 }
1510 }
1511 break;
1512 case GPCMD_READ_CDVD_CAPACITY:
1513 {
1514 uint64_t total_sectors;
1515
1516 bdrv_get_geometry(s->bs, &total_sectors);
1517 total_sectors >>= 2;
1518 if (total_sectors == 0) {
1519 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1520 ASC_MEDIUM_NOT_PRESENT);
1521 break;
1522 }
1523 /* NOTE: it is really the number of sectors minus 1 */
1524 cpu_to_ube32(buf, total_sectors - 1);
1525 cpu_to_ube32(buf + 4, 2048);
1526 ide_atapi_cmd_reply(s, 8, 8);
1527 }
1528 break;
1529 case GPCMD_READ_DVD_STRUCTURE:
1530 {
1531 int media = packet[1];
1532 int format = packet[7];
1533 int ret;
1534
1535 max_len = ube16_to_cpu(packet + 8);
1536
1537 if (format < 0xff) {
1538 if (media_is_cd(s)) {
1539 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1540 ASC_INCOMPATIBLE_FORMAT);
1541 break;
1542 } else if (!media_present(s)) {
1543 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1544 ASC_INV_FIELD_IN_CMD_PACKET);
1545 break;
1546 }
1547 }
1548
1549 memset(buf, 0, max_len > IDE_DMA_BUF_SECTORS * 512 + 4 ?
1550 IDE_DMA_BUF_SECTORS * 512 + 4 : max_len);
1551
1552 switch (format) {
1553 case 0x00 ... 0x7f:
1554 case 0xff:
1555 if (media == 0) {
1556 ret = ide_dvd_read_structure(s, format, packet, buf);
1557
1558 if (ret < 0)
1559 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, -ret);
1560 else
1561 ide_atapi_cmd_reply(s, ret, max_len);
1562
1563 break;
1564 }
1565 /* TODO: BD support, fall through for now */
1566
1567 /* Generic disk structures */
1568 case 0x80: /* TODO: AACS volume identifier */
1569 case 0x81: /* TODO: AACS media serial number */
1570 case 0x82: /* TODO: AACS media identifier */
1571 case 0x83: /* TODO: AACS media key block */
1572 case 0x90: /* TODO: List of recognized format layers */
1573 case 0xc0: /* TODO: Write protection status */
1574 default:
1575 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1576 ASC_INV_FIELD_IN_CMD_PACKET);
1577 break;
1578 }
1579 }
1580 break;
1581 case GPCMD_SET_SPEED:
1582 ide_atapi_cmd_ok(s);
1583 break;
1584 case GPCMD_INQUIRY:
1585 max_len = packet[4];
1586 buf[0] = 0x05; /* CD-ROM */
1587 buf[1] = 0x80; /* removable */
1588 buf[2] = 0x00; /* ISO */
1589 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1590 buf[4] = 31; /* additional length */
1591 buf[5] = 0; /* reserved */
1592 buf[6] = 0; /* reserved */
1593 buf[7] = 0; /* reserved */
1594 padstr8(buf + 8, 8, "QEMU");
1595 padstr8(buf + 16, 16, "QEMU DVD-ROM");
1596 padstr8(buf + 32, 4, s->version);
1597 ide_atapi_cmd_reply(s, 36, max_len);
1598 break;
1599 case GPCMD_GET_CONFIGURATION:
1600 {
1601 uint32_t len;
1602 uint8_t index = 0;
1603
1604 /* only feature 0 is supported */
1605 if (packet[2] != 0 || packet[3] != 0) {
1606 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1607 ASC_INV_FIELD_IN_CMD_PACKET);
1608 break;
1609 }
1610
1611 /* XXX: could result in alignment problems in some architectures */
1612 max_len = ube16_to_cpu(packet + 7);
1613
1614 /*
1615 * XXX: avoid overflow for io_buffer if max_len is bigger than
1616 * the size of that buffer (dimensioned to max number of
1617 * sectors to transfer at once)
1618 *
1619 * Only a problem if the feature/profiles grow.
1620 */
1621 if (max_len > 512) /* XXX: assume 1 sector */
1622 max_len = 512;
1623
1624 memset(buf, 0, max_len);
1625 /*
1626 * the number of sectors from the media tells us which profile
1627 * to use as current. 0 means there is no media
1628 */
1629 if (media_is_dvd(s))
1630 cpu_to_ube16(buf + 6, MMC_PROFILE_DVD_ROM);
1631 else if (media_is_cd(s))
1632 cpu_to_ube16(buf + 6, MMC_PROFILE_CD_ROM);
1633
1634 buf[10] = 0x02 | 0x01; /* persistent and current */
1635 len = 12; /* headers: 8 + 4 */
1636 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_DVD_ROM);
1637 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_CD_ROM);
1638 cpu_to_ube32(buf, len - 4); /* data length */
1639
1640 ide_atapi_cmd_reply(s, len, max_len);
1641 break;
1642 }
1643 default:
1644 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1645 ASC_ILLEGAL_OPCODE);
1646 break;
1647 }
1648 }
1649
1650 static void ide_cfata_metadata_inquiry(IDEState *s)
1651 {
1652 uint16_t *p;
1653 uint32_t spd;
1654
1655 p = (uint16_t *) s->io_buffer;
1656 memset(p, 0, 0x200);
1657 spd = ((s->mdata_size - 1) >> 9) + 1;
1658
1659 put_le16(p + 0, 0x0001); /* Data format revision */
1660 put_le16(p + 1, 0x0000); /* Media property: silicon */
1661 put_le16(p + 2, s->media_changed); /* Media status */
1662 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
1663 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
1664 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
1665 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
1666 }
1667
1668 static void ide_cfata_metadata_read(IDEState *s)
1669 {
1670 uint16_t *p;
1671
1672 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1673 s->status = ERR_STAT;
1674 s->error = ABRT_ERR;
1675 return;
1676 }
1677
1678 p = (uint16_t *) s->io_buffer;
1679 memset(p, 0, 0x200);
1680
1681 put_le16(p + 0, s->media_changed); /* Media status */
1682 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1683 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1684 s->nsector << 9), 0x200 - 2));
1685 }
1686
1687 static void ide_cfata_metadata_write(IDEState *s)
1688 {
1689 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1690 s->status = ERR_STAT;
1691 s->error = ABRT_ERR;
1692 return;
1693 }
1694
1695 s->media_changed = 0;
1696
1697 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1698 s->io_buffer + 2,
1699 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1700 s->nsector << 9), 0x200 - 2));
1701 }
1702
1703 /* called when the inserted state of the media has changed */
1704 static void cdrom_change_cb(void *opaque)
1705 {
1706 IDEState *s = opaque;
1707 uint64_t nb_sectors;
1708
1709 bdrv_get_geometry(s->bs, &nb_sectors);
1710 s->nb_sectors = nb_sectors;
1711
1712 s->sense_key = SENSE_UNIT_ATTENTION;
1713 s->asc = ASC_MEDIUM_MAY_HAVE_CHANGED;
1714 s->cdrom_changed = 1;
1715 ide_set_irq(s->bus);
1716 }
1717
1718 static void ide_cmd_lba48_transform(IDEState *s, int lba48)
1719 {
1720 s->lba48 = lba48;
1721
1722 /* handle the 'magic' 0 nsector count conversion here. to avoid
1723 * fiddling with the rest of the read logic, we just store the
1724 * full sector count in ->nsector and ignore ->hob_nsector from now
1725 */
1726 if (!s->lba48) {
1727 if (!s->nsector)
1728 s->nsector = 256;
1729 } else {
1730 if (!s->nsector && !s->hob_nsector)
1731 s->nsector = 65536;
1732 else {
1733 int lo = s->nsector;
1734 int hi = s->hob_nsector;
1735
1736 s->nsector = (hi << 8) | lo;
1737 }
1738 }
1739 }
1740
1741 static void ide_clear_hob(IDEBus *bus)
1742 {
1743 /* any write clears HOB high bit of device control register */
1744 bus->ifs[0].select &= ~(1 << 7);
1745 bus->ifs[1].select &= ~(1 << 7);
1746 }
1747
1748 void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
1749 {
1750 IDEBus *bus = opaque;
1751 IDEState *s;
1752 int n;
1753 int lba48 = 0;
1754
1755 #ifdef DEBUG_IDE
1756 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1757 #endif
1758
1759 addr &= 7;
1760
1761 /* ignore writes to command block while busy with previous command */
1762 if (addr != 7 && (idebus_active_if(bus)->status & (BUSY_STAT|DRQ_STAT)))
1763 return;
1764
1765 switch(addr) {
1766 case 0:
1767 break;
1768 case 1:
1769 ide_clear_hob(bus);
1770 /* NOTE: data is written to the two drives */
1771 bus->ifs[0].hob_feature = bus->ifs[0].feature;
1772 bus->ifs[1].hob_feature = bus->ifs[1].feature;
1773 bus->ifs[0].feature = val;
1774 bus->ifs[1].feature = val;
1775 break;
1776 case 2:
1777 ide_clear_hob(bus);
1778 bus->ifs[0].hob_nsector = bus->ifs[0].nsector;
1779 bus->ifs[1].hob_nsector = bus->ifs[1].nsector;
1780 bus->ifs[0].nsector = val;
1781 bus->ifs[1].nsector = val;
1782 break;
1783 case 3:
1784 ide_clear_hob(bus);
1785 bus->ifs[0].hob_sector = bus->ifs[0].sector;
1786 bus->ifs[1].hob_sector = bus->ifs[1].sector;
1787 bus->ifs[0].sector = val;
1788 bus->ifs[1].sector = val;
1789 break;
1790 case 4:
1791 ide_clear_hob(bus);
1792 bus->ifs[0].hob_lcyl = bus->ifs[0].lcyl;
1793 bus->ifs[1].hob_lcyl = bus->ifs[1].lcyl;
1794 bus->ifs[0].lcyl = val;
1795 bus->ifs[1].lcyl = val;
1796 break;
1797 case 5:
1798 ide_clear_hob(bus);
1799 bus->ifs[0].hob_hcyl = bus->ifs[0].hcyl;
1800 bus->ifs[1].hob_hcyl = bus->ifs[1].hcyl;
1801 bus->ifs[0].hcyl = val;
1802 bus->ifs[1].hcyl = val;
1803 break;
1804 case 6:
1805 /* FIXME: HOB readback uses bit 7 */
1806 bus->ifs[0].select = (val & ~0x10) | 0xa0;
1807 bus->ifs[1].select = (val | 0x10) | 0xa0;
1808 /* select drive */
1809 bus->unit = (val >> 4) & 1;
1810 break;
1811 default:
1812 case 7:
1813 /* command */
1814 #if defined(DEBUG_IDE)
1815 printf("ide: CMD=%02x\n", val);
1816 #endif
1817 s = idebus_active_if(bus);
1818 /* ignore commands to non existant slave */
1819 if (s != bus->ifs && !s->bs)
1820 break;
1821
1822 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */
1823 if ((s->status & (BUSY_STAT|DRQ_STAT)) && val != WIN_DEVICE_RESET)
1824 break;
1825
1826 switch(val) {
1827 case WIN_IDENTIFY:
1828 if (s->bs && !s->is_cdrom) {
1829 if (!s->is_cf)
1830 ide_identify(s);
1831 else
1832 ide_cfata_identify(s);
1833 s->status = READY_STAT | SEEK_STAT;
1834 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1835 } else {
1836 if (s->is_cdrom) {
1837 ide_set_signature(s);
1838 }
1839 ide_abort_command(s);
1840 }
1841 ide_set_irq(s->bus);
1842 break;
1843 case WIN_SPECIFY:
1844 case WIN_RECAL:
1845 s->error = 0;
1846 s->status = READY_STAT | SEEK_STAT;
1847 ide_set_irq(s->bus);
1848 break;
1849 case WIN_SETMULT:
1850 if (s->is_cf && s->nsector == 0) {
1851 /* Disable Read and Write Multiple */
1852 s->mult_sectors = 0;
1853 s->status = READY_STAT | SEEK_STAT;
1854 } else if ((s->nsector & 0xff) != 0 &&
1855 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
1856 (s->nsector & (s->nsector - 1)) != 0)) {
1857 ide_abort_command(s);
1858 } else {
1859 s->mult_sectors = s->nsector & 0xff;
1860 s->status = READY_STAT | SEEK_STAT;
1861 }
1862 ide_set_irq(s->bus);
1863 break;
1864 case WIN_VERIFY_EXT:
1865 lba48 = 1;
1866 case WIN_VERIFY:
1867 case WIN_VERIFY_ONCE:
1868 /* do sector number check ? */
1869 ide_cmd_lba48_transform(s, lba48);
1870 s->status = READY_STAT | SEEK_STAT;
1871 ide_set_irq(s->bus);
1872 break;
1873 case WIN_READ_EXT:
1874 lba48 = 1;
1875 case WIN_READ:
1876 case WIN_READ_ONCE:
1877 if (!s->bs)
1878 goto abort_cmd;
1879 ide_cmd_lba48_transform(s, lba48);
1880 s->req_nb_sectors = 1;
1881 ide_sector_read(s);
1882 break;
1883 case WIN_WRITE_EXT:
1884 lba48 = 1;
1885 case WIN_WRITE:
1886 case WIN_WRITE_ONCE:
1887 case CFA_WRITE_SECT_WO_ERASE:
1888 case WIN_WRITE_VERIFY:
1889 ide_cmd_lba48_transform(s, lba48);
1890 s->error = 0;
1891 s->status = SEEK_STAT | READY_STAT;
1892 s->req_nb_sectors = 1;
1893 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1894 s->media_changed = 1;
1895 break;
1896 case WIN_MULTREAD_EXT:
1897 lba48 = 1;
1898 case WIN_MULTREAD:
1899 if (!s->mult_sectors)
1900 goto abort_cmd;
1901 ide_cmd_lba48_transform(s, lba48);
1902 s->req_nb_sectors = s->mult_sectors;
1903 ide_sector_read(s);
1904 break;
1905 case WIN_MULTWRITE_EXT:
1906 lba48 = 1;
1907 case WIN_MULTWRITE:
1908 case CFA_WRITE_MULTI_WO_ERASE:
1909 if (!s->mult_sectors)
1910 goto abort_cmd;
1911 ide_cmd_lba48_transform(s, lba48);
1912 s->error = 0;
1913 s->status = SEEK_STAT | READY_STAT;
1914 s->req_nb_sectors = s->mult_sectors;
1915 n = s->nsector;
1916 if (n > s->req_nb_sectors)
1917 n = s->req_nb_sectors;
1918 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1919 s->media_changed = 1;
1920 break;
1921 case WIN_READDMA_EXT:
1922 lba48 = 1;
1923 case WIN_READDMA:
1924 case WIN_READDMA_ONCE:
1925 if (!s->bs)
1926 goto abort_cmd;
1927 ide_cmd_lba48_transform(s, lba48);
1928 ide_sector_read_dma(s);
1929 break;
1930 case WIN_WRITEDMA_EXT:
1931 lba48 = 1;
1932 case WIN_WRITEDMA:
1933 case WIN_WRITEDMA_ONCE:
1934 if (!s->bs)
1935 goto abort_cmd;
1936 ide_cmd_lba48_transform(s, lba48);
1937 ide_sector_write_dma(s);
1938 s->media_changed = 1;
1939 break;
1940 case WIN_READ_NATIVE_MAX_EXT:
1941 lba48 = 1;
1942 case WIN_READ_NATIVE_MAX:
1943 ide_cmd_lba48_transform(s, lba48);
1944 ide_set_sector(s, s->nb_sectors - 1);
1945 s->status = READY_STAT | SEEK_STAT;
1946 ide_set_irq(s->bus);
1947 break;
1948 case WIN_CHECKPOWERMODE1:
1949 case WIN_CHECKPOWERMODE2:
1950 s->nsector = 0xff; /* device active or idle */
1951 s->status = READY_STAT | SEEK_STAT;
1952 ide_set_irq(s->bus);
1953 break;
1954 case WIN_SETFEATURES:
1955 if (!s->bs)
1956 goto abort_cmd;
1957 /* XXX: valid for CDROM ? */
1958 switch(s->feature) {
1959 case 0xcc: /* reverting to power-on defaults enable */
1960 case 0x66: /* reverting to power-on defaults disable */
1961 case 0x02: /* write cache enable */
1962 case 0x82: /* write cache disable */
1963 case 0xaa: /* read look-ahead enable */
1964 case 0x55: /* read look-ahead disable */
1965 case 0x05: /* set advanced power management mode */
1966 case 0x85: /* disable advanced power management mode */
1967 case 0x69: /* NOP */
1968 case 0x67: /* NOP */
1969 case 0x96: /* NOP */
1970 case 0x9a: /* NOP */
1971 case 0x42: /* enable Automatic Acoustic Mode */
1972 case 0xc2: /* disable Automatic Acoustic Mode */
1973 s->status = READY_STAT | SEEK_STAT;
1974 ide_set_irq(s->bus);
1975 break;
1976 case 0x03: { /* set transfer mode */
1977 uint8_t val = s->nsector & 0x07;
1978 uint16_t *identify_data = (uint16_t *)s->identify_data;
1979
1980 switch (s->nsector >> 3) {
1981 case 0x00: /* pio default */
1982 case 0x01: /* pio mode */
1983 put_le16(identify_data + 62,0x07);
1984 put_le16(identify_data + 63,0x07);
1985 put_le16(identify_data + 88,0x3f);
1986 break;
1987 case 0x02: /* sigle word dma mode*/
1988 put_le16(identify_data + 62,0x07 | (1 << (val + 8)));
1989 put_le16(identify_data + 63,0x07);
1990 put_le16(identify_data + 88,0x3f);
1991 break;
1992 case 0x04: /* mdma mode */
1993 put_le16(identify_data + 62,0x07);
1994 put_le16(identify_data + 63,0x07 | (1 << (val + 8)));
1995 put_le16(identify_data + 88,0x3f);
1996 break;
1997 case 0x08: /* udma mode */
1998 put_le16(identify_data + 62,0x07);
1999 put_le16(identify_data + 63,0x07);
2000 put_le16(identify_data + 88,0x3f | (1 << (val + 8)));
2001 break;
2002 default:
2003 goto abort_cmd;
2004 }
2005 s->status = READY_STAT | SEEK_STAT;
2006 ide_set_irq(s->bus);
2007 break;
2008 }
2009 default:
2010 goto abort_cmd;
2011 }
2012 break;
2013 case WIN_FLUSH_CACHE:
2014 case WIN_FLUSH_CACHE_EXT:
2015 if (s->bs)
2016 bdrv_aio_flush(s->bs, ide_flush_cb, s);
2017 else
2018 ide_flush_cb(s, 0);
2019 break;
2020 case WIN_STANDBY:
2021 case WIN_STANDBY2:
2022 case WIN_STANDBYNOW1:
2023 case WIN_STANDBYNOW2:
2024 case WIN_IDLEIMMEDIATE:
2025 case CFA_IDLEIMMEDIATE:
2026 case WIN_SETIDLE1:
2027 case WIN_SETIDLE2:
2028 case WIN_SLEEPNOW1:
2029 case WIN_SLEEPNOW2:
2030 s->status = READY_STAT;
2031 ide_set_irq(s->bus);
2032 break;
2033 case WIN_SEEK:
2034 if(s->is_cdrom)
2035 goto abort_cmd;
2036 /* XXX: Check that seek is within bounds */
2037 s->status = READY_STAT | SEEK_STAT;
2038 ide_set_irq(s->bus);
2039 break;
2040 /* ATAPI commands */
2041 case WIN_PIDENTIFY:
2042 if (s->is_cdrom) {
2043 ide_atapi_identify(s);
2044 s->status = READY_STAT | SEEK_STAT;
2045 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2046 } else {
2047 ide_abort_command(s);
2048 }
2049 ide_set_irq(s->bus);
2050 break;
2051 case WIN_DIAGNOSE:
2052 ide_set_signature(s);
2053 if (s->is_cdrom)
2054 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet
2055 * devices to return a clear status register
2056 * with READY_STAT *not* set. */
2057 else
2058 s->status = READY_STAT | SEEK_STAT;
2059 s->error = 0x01; /* Device 0 passed, Device 1 passed or not
2060 * present.
2061 */
2062 ide_set_irq(s->bus);
2063 break;
2064 case WIN_SRST:
2065 if (!s->is_cdrom)
2066 goto abort_cmd;
2067 ide_set_signature(s);
2068 s->status = 0x00; /* NOTE: READY is _not_ set */
2069 s->error = 0x01;
2070 break;
2071 case WIN_PACKETCMD:
2072 if (!s->is_cdrom)
2073 goto abort_cmd;
2074 /* overlapping commands not supported */
2075 if (s->feature & 0x02)
2076 goto abort_cmd;
2077 s->status = READY_STAT | SEEK_STAT;
2078 s->atapi_dma = s->feature & 1;
2079 s->nsector = 1;
2080 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
2081 ide_atapi_cmd);
2082 break;
2083 /* CF-ATA commands */
2084 case CFA_REQ_EXT_ERROR_CODE:
2085 if (!s->is_cf)
2086 goto abort_cmd;
2087 s->error = 0x09; /* miscellaneous error */
2088 s->status = READY_STAT | SEEK_STAT;
2089 ide_set_irq(s->bus);
2090 break;
2091 case CFA_ERASE_SECTORS:
2092 case CFA_WEAR_LEVEL:
2093 if (!s->is_cf)
2094 goto abort_cmd;
2095 if (val == CFA_WEAR_LEVEL)
2096 s->nsector = 0;
2097 if (val == CFA_ERASE_SECTORS)
2098 s->media_changed = 1;
2099 s->error = 0x00;
2100 s->status = READY_STAT | SEEK_STAT;
2101 ide_set_irq(s->bus);
2102 break;
2103 case CFA_TRANSLATE_SECTOR:
2104 if (!s->is_cf)
2105 goto abort_cmd;
2106 s->error = 0x00;
2107 s->status = READY_STAT | SEEK_STAT;
2108 memset(s->io_buffer, 0, 0x200);
2109 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
2110 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
2111 s->io_buffer[0x02] = s->select; /* Head */
2112 s->io_buffer[0x03] = s->sector; /* Sector */
2113 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
2114 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
2115 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
2116 s->io_buffer[0x13] = 0x00; /* Erase flag */
2117 s->io_buffer[0x18] = 0x00; /* Hot count */
2118 s->io_buffer[0x19] = 0x00; /* Hot count */
2119 s->io_buffer[0x1a] = 0x01; /* Hot count */
2120 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2121 ide_set_irq(s->bus);
2122 break;
2123 case CFA_ACCESS_METADATA_STORAGE:
2124 if (!s->is_cf)
2125 goto abort_cmd;
2126 switch (s->feature) {
2127 case 0x02: /* Inquiry Metadata Storage */
2128 ide_cfata_metadata_inquiry(s);
2129 break;
2130 case 0x03: /* Read Metadata Storage */
2131 ide_cfata_metadata_read(s);
2132 break;
2133 case 0x04: /* Write Metadata Storage */
2134 ide_cfata_metadata_write(s);
2135 break;
2136 default:
2137 goto abort_cmd;
2138 }
2139 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2140 s->status = 0x00; /* NOTE: READY is _not_ set */
2141 ide_set_irq(s->bus);
2142 break;
2143 case IBM_SENSE_CONDITION:
2144 if (!s->is_cf)
2145 goto abort_cmd;
2146 switch (s->feature) {
2147 case 0x01: /* sense temperature in device */
2148 s->nsector = 0x50; /* +20 C */
2149 break;
2150 default:
2151 goto abort_cmd;
2152 }
2153 s->status = READY_STAT | SEEK_STAT;
2154 ide_set_irq(s->bus);
2155 break;
2156
2157 case WIN_SMART:
2158 if (s->is_cdrom)
2159 goto abort_cmd;
2160 if (s->hcyl != 0xc2 || s->lcyl != 0x4f)
2161 goto abort_cmd;
2162 if (!s->smart_enabled && s->feature != SMART_ENABLE)
2163 goto abort_cmd;
2164 switch (s->feature) {
2165 case SMART_DISABLE:
2166 s->smart_enabled = 0;
2167 s->status = READY_STAT | SEEK_STAT;
2168 ide_set_irq(s->bus);
2169 break;
2170 case SMART_ENABLE:
2171 s->smart_enabled = 1;
2172 s->status = READY_STAT | SEEK_STAT;
2173 ide_set_irq(s->bus);
2174 break;
2175 case SMART_ATTR_AUTOSAVE:
2176 switch (s->sector) {
2177 case 0x00:
2178 s->smart_autosave = 0;
2179 break;
2180 case 0xf1:
2181 s->smart_autosave = 1;
2182 break;
2183 default:
2184 goto abort_cmd;
2185 }
2186 s->status = READY_STAT | SEEK_STAT;
2187 ide_set_irq(s->bus);
2188 break;
2189 case SMART_STATUS:
2190 if (!s->smart_errors) {
2191 s->hcyl = 0xc2;
2192 s->lcyl = 0x4f;
2193 } else {
2194 s->hcyl = 0x2c;
2195 s->lcyl = 0xf4;
2196 }
2197 s->status = READY_STAT | SEEK_STAT;
2198 ide_set_irq(s->bus);
2199 break;
2200 case SMART_READ_THRESH:
2201 memset(s->io_buffer, 0, 0x200);
2202 s->io_buffer[0] = 0x01; /* smart struct version */
2203 for (n=0; n<30; n++) {
2204 if (smart_attributes[n][0] == 0)
2205 break;
2206 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0];
2207 s->io_buffer[2+1+(n*12)] = smart_attributes[n][4];
2208 }
2209 for (n=0; n<511; n++) /* checksum */
2210 s->io_buffer[511] += s->io_buffer[n];
2211 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2212 s->status = READY_STAT | SEEK_STAT;
2213 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2214 ide_set_irq(s->bus);
2215 break;
2216 case SMART_READ_DATA:
2217 memset(s->io_buffer, 0, 0x200);
2218 s->io_buffer[0] = 0x01; /* smart struct version */
2219 for (n=0; n<30; n++) {
2220 if (smart_attributes[n][0] == 0)
2221 break;
2222 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0];
2223 s->io_buffer[2+1+(n*12)] = smart_attributes[n][1];
2224 s->io_buffer[2+3+(n*12)] = smart_attributes[n][2];
2225 s->io_buffer[2+4+(n*12)] = smart_attributes[n][3];
2226 }
2227 s->io_buffer[362] = 0x02 | (s->smart_autosave?0x80:0x00);
2228 if (s->smart_selftest_count == 0) {
2229 s->io_buffer[363] = 0;
2230 } else {
2231 s->io_buffer[363] =
2232 s->smart_selftest_data[3 +
2233 (s->smart_selftest_count - 1) *
2234 24];
2235 }
2236 s->io_buffer[364] = 0x20;
2237 s->io_buffer[365] = 0x01;
2238 /* offline data collection capacity: execute + self-test*/
2239 s->io_buffer[367] = (1<<4 | 1<<3 | 1);
2240 s->io_buffer[368] = 0x03; /* smart capability (1) */
2241 s->io_buffer[369] = 0x00; /* smart capability (2) */
2242 s->io_buffer[370] = 0x01; /* error logging supported */
2243 s->io_buffer[372] = 0x02; /* minutes for poll short test */
2244 s->io_buffer[373] = 0x36; /* minutes for poll ext test */
2245 s->io_buffer[374] = 0x01; /* minutes for poll conveyance */
2246
2247 for (n=0; n<511; n++)
2248 s->io_buffer[511] += s->io_buffer[n];
2249 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2250 s->status = READY_STAT | SEEK_STAT;
2251 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2252 ide_set_irq(s->bus);
2253 break;
2254 case SMART_READ_LOG:
2255 switch (s->sector) {
2256 case 0x01: /* summary smart error log */
2257 memset(s->io_buffer, 0, 0x200);
2258 s->io_buffer[0] = 0x01;
2259 s->io_buffer[1] = 0x00; /* no error entries */
2260 s->io_buffer[452] = s->smart_errors & 0xff;
2261 s->io_buffer[453] = (s->smart_errors & 0xff00) >> 8;
2262
2263 for (n=0; n<511; n++)
2264 s->io_buffer[511] += s->io_buffer[n];
2265 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2266 break;
2267 case 0x06: /* smart self test log */
2268 memset(s->io_buffer, 0, 0x200);
2269 s->io_buffer[0] = 0x01;
2270 if (s->smart_selftest_count == 0) {
2271 s->io_buffer[508] = 0;
2272 } else {
2273 s->io_buffer[508] = s->smart_selftest_count;
2274 for (n=2; n<506; n++)
2275 s->io_buffer[n] = s->smart_selftest_data[n];
2276 }
2277 for (n=0; n<511; n++)
2278 s->io_buffer[511] += s->io_buffer[n];
2279 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2280 break;
2281 default:
2282 goto abort_cmd;
2283 }
2284 s->status = READY_STAT | SEEK_STAT;
2285 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2286 ide_set_irq(s->bus);
2287 break;
2288 case SMART_EXECUTE_OFFLINE:
2289 switch (s->sector) {
2290 case 0: /* off-line routine */
2291 case 1: /* short self test */
2292 case 2: /* extended self test */
2293 s->smart_selftest_count++;
2294 if(s->smart_selftest_count > 21)
2295 s->smart_selftest_count = 0;
2296 n = 2 + (s->smart_selftest_count - 1) * 24;
2297 s->smart_selftest_data[n] = s->sector;
2298 s->smart_selftest_data[n+1] = 0x00; /* OK and finished */
2299 s->smart_selftest_data[n+2] = 0x34; /* hour count lsb */
2300 s->smart_selftest_data[n+3] = 0x12; /* hour count msb */
2301 s->status = READY_STAT | SEEK_STAT;
2302 ide_set_irq(s->bus);
2303 break;
2304 default:
2305 goto abort_cmd;
2306 }
2307 break;
2308 default:
2309 goto abort_cmd;
2310 }
2311 break;
2312 default:
2313 abort_cmd:
2314 ide_abort_command(s);
2315 ide_set_irq(s->bus);
2316 break;
2317 }
2318 }
2319 }
2320
2321 uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
2322 {
2323 IDEBus *bus = opaque;
2324 IDEState *s = idebus_active_if(bus);
2325 uint32_t addr;
2326 int ret, hob;
2327
2328 addr = addr1 & 7;
2329 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2330 //hob = s->select & (1 << 7);
2331 hob = 0;
2332 switch(addr) {
2333 case 0:
2334 ret = 0xff;
2335 break;
2336 case 1:
2337 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2338 (s != bus->ifs && !s->bs))
2339 ret = 0;
2340 else if (!hob)
2341 ret = s->error;
2342 else
2343 ret = s->hob_feature;
2344 break;
2345 case 2:
2346 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2347 ret = 0;
2348 else if (!hob)
2349 ret = s->nsector & 0xff;
2350 else
2351 ret = s->hob_nsector;
2352 break;
2353 case 3:
2354 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2355 ret = 0;
2356 else if (!hob)
2357 ret = s->sector;
2358 else
2359 ret = s->hob_sector;
2360 break;
2361 case 4:
2362 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2363 ret = 0;
2364 else if (!hob)
2365 ret = s->lcyl;
2366 else
2367 ret = s->hob_lcyl;
2368 break;
2369 case 5:
2370 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2371 ret = 0;
2372 else if (!hob)
2373 ret = s->hcyl;
2374 else
2375 ret = s->hob_hcyl;
2376 break;
2377 case 6:
2378 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2379 ret = 0;
2380 else
2381 ret = s->select;
2382 break;
2383 default:
2384 case 7:
2385 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2386 (s != bus->ifs && !s->bs))
2387 ret = 0;
2388 else
2389 ret = s->status;
2390 qemu_irq_lower(bus->irq);
2391 break;
2392 }
2393 #ifdef DEBUG_IDE
2394 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
2395 #endif
2396 return ret;
2397 }
2398
2399 uint32_t ide_status_read(void *opaque, uint32_t addr)
2400 {
2401 IDEBus *bus = opaque;
2402 IDEState *s = idebus_active_if(bus);
2403 int ret;
2404
2405 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2406 (s != bus->ifs && !s->bs))
2407 ret = 0;
2408 else
2409 ret = s->status;
2410 #ifdef DEBUG_IDE
2411 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
2412 #endif
2413 return ret;
2414 }
2415
2416 void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
2417 {
2418 IDEBus *bus = opaque;
2419 IDEState *s;
2420 int i;
2421
2422 #ifdef DEBUG_IDE
2423 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
2424 #endif
2425 /* common for both drives */
2426 if (!(bus->cmd & IDE_CMD_RESET) &&
2427 (val & IDE_CMD_RESET)) {
2428 /* reset low to high */
2429 for(i = 0;i < 2; i++) {
2430 s = &bus->ifs[i];
2431 s->status = BUSY_STAT | SEEK_STAT;
2432 s->error = 0x01;
2433 }
2434 } else if ((bus->cmd & IDE_CMD_RESET) &&
2435 !(val & IDE_CMD_RESET)) {
2436 /* high to low */
2437 for(i = 0;i < 2; i++) {
2438 s = &bus->ifs[i];
2439 if (s->is_cdrom)
2440 s->status = 0x00; /* NOTE: READY is _not_ set */
2441 else
2442 s->status = READY_STAT | SEEK_STAT;
2443 ide_set_signature(s);
2444 }
2445 }
2446
2447 bus->cmd = val;
2448 }
2449
2450 void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
2451 {
2452 IDEBus *bus = opaque;
2453 IDEState *s = idebus_active_if(bus);
2454 uint8_t *p;
2455
2456 /* PIO data access allowed only when DRQ bit is set */
2457 if (!(s->status & DRQ_STAT))
2458 return;
2459
2460 p = s->data_ptr;
2461 *(uint16_t *)p = le16_to_cpu(val);
2462 p += 2;
2463 s->data_ptr = p;
2464 if (p >= s->data_end)
2465 s->end_transfer_func(s);
2466 }
2467
2468 uint32_t ide_data_readw(void *opaque, uint32_t addr)
2469 {
2470 IDEBus *bus = opaque;
2471 IDEState *s = idebus_active_if(bus);
2472 uint8_t *p;
2473 int ret;
2474
2475 /* PIO data access allowed only when DRQ bit is set */
2476 if (!(s->status & DRQ_STAT))
2477 return 0;
2478
2479 p = s->data_ptr;
2480 ret = cpu_to_le16(*(uint16_t *)p);
2481 p += 2;
2482 s->data_ptr = p;
2483 if (p >= s->data_end)
2484 s->end_transfer_func(s);
2485 return ret;
2486 }
2487
2488 void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
2489 {
2490 IDEBus *bus = opaque;
2491 IDEState *s = idebus_active_if(bus);
2492 uint8_t *p;
2493
2494 /* PIO data access allowed only when DRQ bit is set */
2495 if (!(s->status & DRQ_STAT))
2496 return;
2497
2498 p = s->data_ptr;
2499 *(uint32_t *)p = le32_to_cpu(val);
2500 p += 4;
2501 s->data_ptr = p;
2502 if (p >= s->data_end)
2503 s->end_transfer_func(s);
2504 }
2505
2506 uint32_t ide_data_readl(void *opaque, uint32_t addr)
2507 {
2508 IDEBus *bus = opaque;
2509 IDEState *s = idebus_active_if(bus);
2510 uint8_t *p;
2511 int ret;
2512
2513 /* PIO data access allowed only when DRQ bit is set */
2514 if (!(s->status & DRQ_STAT))
2515 return 0;
2516
2517 p = s->data_ptr;
2518 ret = cpu_to_le32(*(uint32_t *)p);
2519 p += 4;
2520 s->data_ptr = p;
2521 if (p >= s->data_end)
2522 s->end_transfer_func(s);
2523 return ret;
2524 }
2525
2526 static void ide_dummy_transfer_stop(IDEState *s)
2527 {
2528 s->data_ptr = s->io_buffer;
2529 s->data_end = s->io_buffer;
2530 s->io_buffer[0] = 0xff;
2531 s->io_buffer[1] = 0xff;
2532 s->io_buffer[2] = 0xff;
2533 s->io_buffer[3] = 0xff;
2534 }
2535
2536 static void ide_reset(IDEState *s)
2537 {
2538 #ifdef DEBUG_IDE
2539 printf("ide: reset\n");
2540 #endif
2541 if (s->is_cf)
2542 s->mult_sectors = 0;
2543 else
2544 s->mult_sectors = MAX_MULT_SECTORS;
2545 /* ide regs */
2546 s->feature = 0;
2547 s->error = 0;
2548 s->nsector = 0;
2549 s->sector = 0;
2550 s->lcyl = 0;
2551 s->hcyl = 0;
2552
2553 /* lba48 */
2554 s->hob_feature = 0;
2555 s->hob_sector = 0;
2556 s->hob_nsector = 0;
2557 s->hob_lcyl = 0;
2558 s->hob_hcyl = 0;
2559
2560 s->select = 0xa0;
2561 s->status = READY_STAT | SEEK_STAT;
2562
2563 s->lba48 = 0;
2564
2565 /* ATAPI specific */
2566 s->sense_key = 0;
2567 s->asc = 0;
2568 s->cdrom_changed = 0;
2569 s->packet_transfer_size = 0;
2570 s->elementary_transfer_size = 0;
2571 s->io_buffer_index = 0;
2572 s->cd_sector_size = 0;
2573 s->atapi_dma = 0;
2574 /* ATA DMA state */
2575 s->io_buffer_size = 0;
2576 s->req_nb_sectors = 0;
2577
2578 ide_set_signature(s);
2579 /* init the transfer handler so that 0xffff is returned on data
2580 accesses */
2581 s->end_transfer_func = ide_dummy_transfer_stop;
2582 ide_dummy_transfer_stop(s);
2583 s->media_changed = 0;
2584 }
2585
2586 void ide_bus_reset(IDEBus *bus)
2587 {
2588 bus->unit = 0;
2589 bus->cmd = 0;
2590 ide_reset(&bus->ifs[0]);
2591 ide_reset(&bus->ifs[1]);
2592 ide_clear_hob(bus);
2593 }
2594
2595 void ide_init_drive(IDEState *s, DriveInfo *dinfo, BlockConf *conf,
2596 const char *version)
2597 {
2598 int cylinders, heads, secs;
2599 uint64_t nb_sectors;
2600
2601 if (dinfo && dinfo->bdrv) {
2602 s->bs = dinfo->bdrv;
2603 bdrv_get_geometry(s->bs, &nb_sectors);
2604 bdrv_guess_geometry(s->bs, &cylinders, &heads, &secs);
2605 s->cylinders = cylinders;
2606 s->heads = heads;
2607 s->sectors = secs;
2608 s->nb_sectors = nb_sectors;
2609 /* The SMART values should be preserved across power cycles
2610 but they aren't. */
2611 s->smart_enabled = 1;
2612 s->smart_autosave = 1;
2613 s->smart_errors = 0;
2614 s->smart_selftest_count = 0;
2615 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
2616 s->is_cdrom = 1;
2617 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
2618 }
2619 strncpy(s->drive_serial_str, drive_get_serial(s->bs),
2620 sizeof(s->drive_serial_str));
2621 if (conf) {
2622 s->conf = conf;
2623 }
2624 }
2625 if (strlen(s->drive_serial_str) == 0)
2626 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str),
2627 "QM%05d", s->drive_serial);
2628 if (version) {
2629 pstrcpy(s->version, sizeof(s->version), version);
2630 } else {
2631 pstrcpy(s->version, sizeof(s->version), QEMU_VERSION);
2632 }
2633 ide_reset(s);
2634 }
2635
2636 void ide_init2(IDEBus *bus, DriveInfo *hd0, DriveInfo *hd1,
2637 qemu_irq irq)
2638 {
2639 IDEState *s;
2640 static int drive_serial = 1;
2641 int i;
2642
2643 for(i = 0; i < 2; i++) {
2644 s = bus->ifs + i;
2645 s->bus = bus;
2646 s->unit = i;
2647 s->drive_serial = drive_serial++;
2648 s->io_buffer = qemu_blockalign(s->bs, IDE_DMA_BUF_SECTORS*512 + 4);
2649 s->io_buffer_total_len = IDE_DMA_BUF_SECTORS*512 + 4;
2650 s->smart_selftest_data = qemu_blockalign(s->bs, 512);
2651 s->sector_write_timer = qemu_new_timer(vm_clock,
2652 ide_sector_write_timer_cb, s);
2653 if (i == 0)
2654 ide_init_drive(s, hd0, NULL, NULL);
2655 if (i == 1)
2656 ide_init_drive(s, hd1, NULL, NULL);
2657 }
2658 bus->irq = irq;
2659 }
2660
2661 void ide_init_ioport(IDEBus *bus, int iobase, int iobase2)
2662 {
2663 register_ioport_write(iobase, 8, 1, ide_ioport_write, bus);
2664 register_ioport_read(iobase, 8, 1, ide_ioport_read, bus);
2665 if (iobase2) {
2666 register_ioport_read(iobase2, 1, 1, ide_status_read, bus);
2667 register_ioport_write(iobase2, 1, 1, ide_cmd_write, bus);
2668 }
2669
2670 /* data ports */
2671 register_ioport_write(iobase, 2, 2, ide_data_writew, bus);
2672 register_ioport_read(iobase, 2, 2, ide_data_readw, bus);
2673 register_ioport_write(iobase, 4, 4, ide_data_writel, bus);
2674 register_ioport_read(iobase, 4, 4, ide_data_readl, bus);
2675 }
2676
2677 static bool is_identify_set(void *opaque, int version_id)
2678 {
2679 IDEState *s = opaque;
2680
2681 return s->identify_set != 0;
2682 }
2683
2684 static EndTransferFunc* transfer_end_table[] = {
2685 ide_sector_read,
2686 ide_sector_write,
2687 ide_transfer_stop,
2688 ide_atapi_cmd_reply_end,
2689 ide_atapi_cmd,
2690 };
2691
2692 static int transfer_end_table_idx(EndTransferFunc *fn)
2693 {
2694 int i;
2695
2696 for (i = 0; i < ARRAY_SIZE(transfer_end_table); i++)
2697 if (transfer_end_table[i] == fn)
2698 return i;
2699
2700 return -1;
2701 }
2702
2703 static int ide_drive_post_load(void *opaque, int version_id)
2704 {
2705 IDEState *s = opaque;
2706
2707 if (version_id < 3) {
2708 if (s->sense_key == SENSE_UNIT_ATTENTION &&
2709 s->asc == ASC_MEDIUM_MAY_HAVE_CHANGED) {
2710 s->cdrom_changed = 1;
2711 }
2712 }
2713
2714 if (s->cur_io_buffer_len) {
2715 s->end_transfer_func = transfer_end_table[s->end_transfer_fn_idx];
2716 s->data_ptr = s->io_buffer + s->cur_io_buffer_offset;
2717 s->data_end = s->data_ptr + s->cur_io_buffer_len;
2718 }
2719
2720 return 0;
2721 }
2722
2723 static void ide_drive_pre_save(void *opaque)
2724 {
2725 IDEState *s = opaque;
2726 int idx;
2727
2728 s->cur_io_buffer_len = 0;
2729
2730 if (!(s->status & DRQ_STAT))
2731 return;
2732
2733 s->cur_io_buffer_offset = s->data_ptr - s->io_buffer;
2734 s->cur_io_buffer_len = s->data_end - s->data_ptr;
2735
2736 idx = transfer_end_table_idx(s->end_transfer_func);
2737 if (idx == -1) {
2738 fprintf(stderr, "%s: invalid end_transfer_func for DRQ_STAT\n",
2739 __func__);
2740 s->end_transfer_fn_idx = 2;
2741 } else {
2742 s->end_transfer_fn_idx = idx;
2743 }
2744 }
2745
2746 const VMStateDescription vmstate_ide_drive = {
2747 .name = "ide_drive",
2748 .version_id = 4,
2749 .minimum_version_id = 0,
2750 .minimum_version_id_old = 0,
2751 .pre_save = ide_drive_pre_save,
2752 .post_load = ide_drive_post_load,
2753 .fields = (VMStateField []) {
2754 VMSTATE_INT32(mult_sectors, IDEState),
2755 VMSTATE_INT32(identify_set, IDEState),
2756 VMSTATE_BUFFER_TEST(identify_data, IDEState, is_identify_set),
2757 VMSTATE_UINT8(feature, IDEState),
2758 VMSTATE_UINT8(error, IDEState),
2759 VMSTATE_UINT32(nsector, IDEState),
2760 VMSTATE_UINT8(sector, IDEState),
2761 VMSTATE_UINT8(lcyl, IDEState),
2762 VMSTATE_UINT8(hcyl, IDEState),
2763 VMSTATE_UINT8(hob_feature, IDEState),
2764 VMSTATE_UINT8(hob_sector, IDEState),
2765 VMSTATE_UINT8(hob_nsector, IDEState),
2766 VMSTATE_UINT8(hob_lcyl, IDEState),
2767 VMSTATE_UINT8(hob_hcyl, IDEState),
2768 VMSTATE_UINT8(select, IDEState),
2769 VMSTATE_UINT8(status, IDEState),
2770 VMSTATE_UINT8(lba48, IDEState),
2771 VMSTATE_UINT8(sense_key, IDEState),
2772 VMSTATE_UINT8(asc, IDEState),
2773 VMSTATE_UINT8_V(cdrom_changed, IDEState, 3),
2774 VMSTATE_INT32_V(req_nb_sectors, IDEState, 4),
2775 VMSTATE_VARRAY_INT32(io_buffer, IDEState, io_buffer_total_len, 4,
2776 vmstate_info_uint8, uint8_t),
2777 VMSTATE_INT32_V(cur_io_buffer_offset, IDEState, 4),
2778 VMSTATE_INT32_V(cur_io_buffer_len, IDEState, 4),
2779 VMSTATE_UINT8_V(end_transfer_fn_idx, IDEState, 4),
2780 VMSTATE_INT32_V(elementary_transfer_size, IDEState, 4),
2781 VMSTATE_INT32_V(packet_transfer_size, IDEState, 4),
2782 VMSTATE_END_OF_LIST()
2783 }
2784 };
2785
2786 const VMStateDescription vmstate_ide_bus = {
2787 .name = "ide_bus",
2788 .version_id = 1,
2789 .minimum_version_id = 1,
2790 .minimum_version_id_old = 1,
2791 .fields = (VMStateField []) {
2792 VMSTATE_UINT8(cmd, IDEBus),
2793 VMSTATE_UINT8(unit, IDEBus),
2794 VMSTATE_END_OF_LIST()
2795 }
2796 };
2797
2798 /***********************************************************/
2799 /* PCI IDE definitions */
2800
2801 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb)
2802 {
2803 BMDMAState *bm = s->bus->bmdma;
2804 if(!bm)
2805 return;
2806 bm->unit = s->unit;
2807 bm->dma_cb = dma_cb;
2808 bm->cur_prd_last = 0;
2809 bm->cur_prd_addr = 0;
2810 bm->cur_prd_len = 0;
2811 bm->sector_num = ide_get_sector(s);
2812 bm->nsector = s->nsector;
2813 if (bm->status & BM_STATUS_DMAING) {
2814 bm->dma_cb(bm, 0);
2815 }
2816 }
2817
2818 static void ide_dma_restart(IDEState *s, int is_read)
2819 {
2820 BMDMAState *bm = s->bus->bmdma;
2821 ide_set_sector(s, bm->sector_num);
2822 s->io_buffer_index = 0;
2823 s->io_buffer_size = 0;
2824 s->nsector = bm->nsector;
2825 bm->cur_addr = bm->addr;
2826
2827 if (is_read) {
2828 bm->dma_cb = ide_read_dma_cb;
2829 } else {
2830 bm->dma_cb = ide_write_dma_cb;
2831 }
2832
2833 ide_dma_start(s, bm->dma_cb);
2834 }
2835
2836 void ide_dma_cancel(BMDMAState *bm)
2837 {
2838 if (bm->status & BM_STATUS_DMAING) {
2839 bm->status &= ~BM_STATUS_DMAING;
2840 /* cancel DMA request */
2841 bm->unit = -1;
2842 bm->dma_cb = NULL;
2843 if (bm->aiocb) {
2844 #ifdef DEBUG_AIO
2845 printf("aio_cancel\n");
2846 #endif
2847 bdrv_aio_cancel(bm->aiocb);
2848 bm->aiocb = NULL;
2849 }
2850 }
2851 }
2852
2853 void ide_dma_reset(BMDMAState *bm)
2854 {
2855 #ifdef DEBUG_IDE
2856 printf("ide: dma_reset\n");
2857 #endif
2858 ide_dma_cancel(bm);
2859 bm->cmd = 0;
2860 bm->status = 0;
2861 bm->addr = 0;
2862 bm->cur_addr = 0;
2863 bm->cur_prd_last = 0;
2864 bm->cur_prd_addr = 0;
2865 bm->cur_prd_len = 0;
2866 bm->sector_num = 0;
2867 bm->nsector = 0;
2868 }
QEMU mirror