]> git.proxmox.com Git - qemu.git/blob - hw/ide/core.c
projects / qemu.git / blob
? search:


c2ab78753a18359c07ec4a9b80399254ce716c30
[qemu.git] / hw / ide / core.c
1 /*
2 * QEMU IDE disk and CD/DVD-ROM Emulator
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
25 #include <hw/hw.h>
26 #include <hw/pc.h>
27 #include <hw/pci.h>
28 #include <hw/isa.h>
29 #include "qemu-error.h"
30 #include "qemu-timer.h"
31 #include "sysemu.h"
32 #include "dma.h"
33 #include "hw/block-common.h"
34 #include "blockdev.h"
35
36 #include <hw/ide/internal.h>
37
38 /* These values were based on a Seagate ST3500418AS but have been modified
39 to make more sense in QEMU */
40 static const int smart_attributes[][12] = {
41 /* id, flags, hflags, val, wrst, raw (6 bytes), threshold */
42 /* raw read error rate*/
43 { 0x01, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06},
44 /* spin up */
45 { 0x03, 0x03, 0x00, 0x64, 0x64, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
46 /* start stop count */
47 { 0x04, 0x02, 0x00, 0x64, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x14},
48 /* remapped sectors */
49 { 0x05, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x24},
50 /* power on hours */
51 { 0x09, 0x03, 0x00, 0x64, 0x64, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
52 /* power cycle count */
53 { 0x0c, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
54 /* airflow-temperature-celsius */
55 { 190, 0x03, 0x00, 0x45, 0x45, 0x1f, 0x00, 0x1f, 0x1f, 0x00, 0x00, 0x32},
56 };
57
58 static int ide_handle_rw_error(IDEState *s, int error, int op);
59 static void ide_dummy_transfer_stop(IDEState *s);
60
61 static void padstr(char *str, const char *src, int len)
62 {
63 int i, v;
64 for(i = 0; i < len; i++) {
65 if (*src)
66 v = *src++;
67 else
68 v = ' ';
69 str[i^1] = v;
70 }
71 }
72
73 static void put_le16(uint16_t *p, unsigned int v)
74 {
75 *p = cpu_to_le16(v);
76 }
77
78 static void ide_identify(IDEState *s)
79 {
80 uint16_t *p;
81 unsigned int oldsize;
82 IDEDevice *dev = s->unit ? s->bus->slave : s->bus->master;
83
84 if (s->identify_set) {
85 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
86 return;
87 }
88
89 memset(s->io_buffer, 0, 512);
90 p = (uint16_t *)s->io_buffer;
91 put_le16(p + 0, 0x0040);
92 put_le16(p + 1, s->cylinders);
93 put_le16(p + 3, s->heads);
94 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
95 put_le16(p + 5, 512); /* XXX: retired, remove ? */
96 put_le16(p + 6, s->sectors);
97 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
98 put_le16(p + 20, 3); /* XXX: retired, remove ? */
99 put_le16(p + 21, 512); /* cache size in sectors */
100 put_le16(p + 22, 4); /* ecc bytes */
101 padstr((char *)(p + 23), s->version, 8); /* firmware version */
102 padstr((char *)(p + 27), s->drive_model_str, 40); /* model */
103 #if MAX_MULT_SECTORS > 1
104 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
105 #endif
106 put_le16(p + 48, 1); /* dword I/O */
107 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
108 put_le16(p + 51, 0x200); /* PIO transfer cycle */
109 put_le16(p + 52, 0x200); /* DMA transfer cycle */
110 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
111 put_le16(p + 54, s->cylinders);
112 put_le16(p + 55, s->heads);
113 put_le16(p + 56, s->sectors);
114 oldsize = s->cylinders * s->heads * s->sectors;
115 put_le16(p + 57, oldsize);
116 put_le16(p + 58, oldsize >> 16);
117 if (s->mult_sectors)
118 put_le16(p + 59, 0x100 | s->mult_sectors);
119 put_le16(p + 60, s->nb_sectors);
120 put_le16(p + 61, s->nb_sectors >> 16);
121 put_le16(p + 62, 0x07); /* single word dma0-2 supported */
122 put_le16(p + 63, 0x07); /* mdma0-2 supported */
123 put_le16(p + 64, 0x03); /* pio3-4 supported */
124 put_le16(p + 65, 120);
125 put_le16(p + 66, 120);
126 put_le16(p + 67, 120);
127 put_le16(p + 68, 120);
128 if (dev && dev->conf.discard_granularity) {
129 put_le16(p + 69, (1 << 14)); /* determinate TRIM behavior */
130 }
131
132 if (s->ncq_queues) {
133 put_le16(p + 75, s->ncq_queues - 1);
134 /* NCQ supported */
135 put_le16(p + 76, (1 << 8));
136 }
137
138 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
139 put_le16(p + 81, 0x16); /* conforms to ata5 */
140 /* 14=NOP supported, 5=WCACHE supported, 0=SMART supported */
141 put_le16(p + 82, (1 << 14) | (1 << 5) | 1);
142 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
143 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
144 /* 14=set to 1, 8=has WWN, 1=SMART self test, 0=SMART error logging */
145 if (s->wwn) {
146 put_le16(p + 84, (1 << 14) | (1 << 8) | 0);
147 } else {
148 put_le16(p + 84, (1 << 14) | 0);
149 }
150 /* 14 = NOP supported, 5=WCACHE enabled, 0=SMART feature set enabled */
151 if (bdrv_enable_write_cache(s->bs))
152 put_le16(p + 85, (1 << 14) | (1 << 5) | 1);
153 else
154 put_le16(p + 85, (1 << 14) | 1);
155 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
156 put_le16(p + 86, (1 << 13) | (1 <<12) | (1 << 10));
157 /* 14=set to 1, 8=has WWN, 1=SMART self test, 0=SMART error logging */
158 if (s->wwn) {
159 put_le16(p + 87, (1 << 14) | (1 << 8) | 0);
160 } else {
161 put_le16(p + 87, (1 << 14) | 0);
162 }
163 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
164 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
165 put_le16(p + 100, s->nb_sectors);
166 put_le16(p + 101, s->nb_sectors >> 16);
167 put_le16(p + 102, s->nb_sectors >> 32);
168 put_le16(p + 103, s->nb_sectors >> 48);
169
170 if (dev && dev->conf.physical_block_size)
171 put_le16(p + 106, 0x6000 | get_physical_block_exp(&dev->conf));
172 if (s->wwn) {
173 /* LE 16-bit words 111-108 contain 64-bit World Wide Name */
174 put_le16(p + 108, s->wwn >> 48);
175 put_le16(p + 109, s->wwn >> 32);
176 put_le16(p + 110, s->wwn >> 16);
177 put_le16(p + 111, s->wwn);
178 }
179 if (dev && dev->conf.discard_granularity) {
180 put_le16(p + 169, 1); /* TRIM support */
181 }
182
183 memcpy(s->identify_data, p, sizeof(s->identify_data));
184 s->identify_set = 1;
185 }
186
187 static void ide_atapi_identify(IDEState *s)
188 {
189 uint16_t *p;
190
191 if (s->identify_set) {
192 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
193 return;
194 }
195
196 memset(s->io_buffer, 0, 512);
197 p = (uint16_t *)s->io_buffer;
198 /* Removable CDROM, 50us response, 12 byte packets */
199 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
200 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
201 put_le16(p + 20, 3); /* buffer type */
202 put_le16(p + 21, 512); /* cache size in sectors */
203 put_le16(p + 22, 4); /* ecc bytes */
204 padstr((char *)(p + 23), s->version, 8); /* firmware version */
205 padstr((char *)(p + 27), s->drive_model_str, 40); /* model */
206 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
207 #ifdef USE_DMA_CDROM
208 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
209 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
210 put_le16(p + 62, 7); /* single word dma0-2 supported */
211 put_le16(p + 63, 7); /* mdma0-2 supported */
212 #else
213 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
214 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
215 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
216 #endif
217 put_le16(p + 64, 3); /* pio3-4 supported */
218 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
219 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
220 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
221 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
222
223 put_le16(p + 71, 30); /* in ns */
224 put_le16(p + 72, 30); /* in ns */
225
226 if (s->ncq_queues) {
227 put_le16(p + 75, s->ncq_queues - 1);
228 /* NCQ supported */
229 put_le16(p + 76, (1 << 8));
230 }
231
232 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
233 #ifdef USE_DMA_CDROM
234 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
235 #endif
236 memcpy(s->identify_data, p, sizeof(s->identify_data));
237 s->identify_set = 1;
238 }
239
240 static void ide_cfata_identify(IDEState *s)
241 {
242 uint16_t *p;
243 uint32_t cur_sec;
244
245 p = (uint16_t *) s->identify_data;
246 if (s->identify_set)
247 goto fill_buffer;
248
249 memset(p, 0, sizeof(s->identify_data));
250
251 cur_sec = s->cylinders * s->heads * s->sectors;
252
253 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
254 put_le16(p + 1, s->cylinders); /* Default cylinders */
255 put_le16(p + 3, s->heads); /* Default heads */
256 put_le16(p + 6, s->sectors); /* Default sectors per track */
257 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
258 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
259 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
260 put_le16(p + 22, 0x0004); /* ECC bytes */
261 padstr((char *) (p + 23), s->version, 8); /* Firmware Revision */
262 padstr((char *) (p + 27), s->drive_model_str, 40);/* Model number */
263 #if MAX_MULT_SECTORS > 1
264 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
265 #else
266 put_le16(p + 47, 0x0000);
267 #endif
268 put_le16(p + 49, 0x0f00); /* Capabilities */
269 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
270 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
271 put_le16(p + 53, 0x0003); /* Translation params valid */
272 put_le16(p + 54, s->cylinders); /* Current cylinders */
273 put_le16(p + 55, s->heads); /* Current heads */
274 put_le16(p + 56, s->sectors); /* Current sectors */
275 put_le16(p + 57, cur_sec); /* Current capacity */
276 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
277 if (s->mult_sectors) /* Multiple sector setting */
278 put_le16(p + 59, 0x100 | s->mult_sectors);
279 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
280 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
281 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
282 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
283 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
284 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
285 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
286 put_le16(p + 82, 0x400c); /* Command Set supported */
287 put_le16(p + 83, 0x7068); /* Command Set supported */
288 put_le16(p + 84, 0x4000); /* Features supported */
289 put_le16(p + 85, 0x000c); /* Command Set enabled */
290 put_le16(p + 86, 0x7044); /* Command Set enabled */
291 put_le16(p + 87, 0x4000); /* Features enabled */
292 put_le16(p + 91, 0x4060); /* Current APM level */
293 put_le16(p + 129, 0x0002); /* Current features option */
294 put_le16(p + 130, 0x0005); /* Reassigned sectors */
295 put_le16(p + 131, 0x0001); /* Initial power mode */
296 put_le16(p + 132, 0x0000); /* User signature */
297 put_le16(p + 160, 0x8100); /* Power requirement */
298 put_le16(p + 161, 0x8001); /* CF command set */
299
300 s->identify_set = 1;
301
302 fill_buffer:
303 memcpy(s->io_buffer, p, sizeof(s->identify_data));
304 }
305
306 static void ide_set_signature(IDEState *s)
307 {
308 s->select &= 0xf0; /* clear head */
309 /* put signature */
310 s->nsector = 1;
311 s->sector = 1;
312 if (s->drive_kind == IDE_CD) {
313 s->lcyl = 0x14;
314 s->hcyl = 0xeb;
315 } else if (s->bs) {
316 s->lcyl = 0;
317 s->hcyl = 0;
318 } else {
319 s->lcyl = 0xff;
320 s->hcyl = 0xff;
321 }
322 }
323
324 typedef struct TrimAIOCB {
325 BlockDriverAIOCB common;
326 QEMUBH *bh;
327 int ret;
328 } TrimAIOCB;
329
330 static void trim_aio_cancel(BlockDriverAIOCB *acb)
331 {
332 TrimAIOCB *iocb = container_of(acb, TrimAIOCB, common);
333
334 qemu_bh_delete(iocb->bh);
335 iocb->bh = NULL;
336 qemu_aio_release(iocb);
337 }
338
339 static const AIOCBInfo trim_aiocb_info = {
340 .aiocb_size = sizeof(TrimAIOCB),
341 .cancel = trim_aio_cancel,
342 };
343
344 static void ide_trim_bh_cb(void *opaque)
345 {
346 TrimAIOCB *iocb = opaque;
347
348 iocb->common.cb(iocb->common.opaque, iocb->ret);
349
350 qemu_bh_delete(iocb->bh);
351 iocb->bh = NULL;
352
353 qemu_aio_release(iocb);
354 }
355
356 BlockDriverAIOCB *ide_issue_trim(BlockDriverState *bs,
357 int64_t sector_num, QEMUIOVector *qiov, int nb_sectors,
358 BlockDriverCompletionFunc *cb, void *opaque)
359 {
360 TrimAIOCB *iocb;
361 int i, j, ret;
362
363 iocb = qemu_aio_get(&trim_aiocb_info, bs, cb, opaque);
364 iocb->bh = qemu_bh_new(ide_trim_bh_cb, iocb);
365 iocb->ret = 0;
366
367 for (j = 0; j < qiov->niov; j++) {
368 uint64_t *buffer = qiov->iov[j].iov_base;
369
370 for (i = 0; i < qiov->iov[j].iov_len / 8; i++) {
371 /* 6-byte LBA + 2-byte range per entry */
372 uint64_t entry = le64_to_cpu(buffer[i]);
373 uint64_t sector = entry & 0x0000ffffffffffffULL;
374 uint16_t count = entry >> 48;
375
376 if (count == 0) {
377 break;
378 }
379
380 ret = bdrv_discard(bs, sector, count);
381 if (!iocb->ret) {
382 iocb->ret = ret;
383 }
384 }
385 }
386
387 qemu_bh_schedule(iocb->bh);
388
389 return &iocb->common;
390 }
391
392 static inline void ide_abort_command(IDEState *s)
393 {
394 s->status = READY_STAT | ERR_STAT;
395 s->error = ABRT_ERR;
396 }
397
398 /* prepare data transfer and tell what to do after */
399 void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
400 EndTransferFunc *end_transfer_func)
401 {
402 s->end_transfer_func = end_transfer_func;
403 s->data_ptr = buf;
404 s->data_end = buf + size;
405 if (!(s->status & ERR_STAT)) {
406 s->status |= DRQ_STAT;
407 }
408 s->bus->dma->ops->start_transfer(s->bus->dma);
409 }
410
411 void ide_transfer_stop(IDEState *s)
412 {
413 s->end_transfer_func = ide_transfer_stop;
414 s->data_ptr = s->io_buffer;
415 s->data_end = s->io_buffer;
416 s->status &= ~DRQ_STAT;
417 }
418
419 int64_t ide_get_sector(IDEState *s)
420 {
421 int64_t sector_num;
422 if (s->select & 0x40) {
423 /* lba */
424 if (!s->lba48) {
425 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
426 (s->lcyl << 8) | s->sector;
427 } else {
428 sector_num = ((int64_t)s->hob_hcyl << 40) |
429 ((int64_t) s->hob_lcyl << 32) |
430 ((int64_t) s->hob_sector << 24) |
431 ((int64_t) s->hcyl << 16) |
432 ((int64_t) s->lcyl << 8) | s->sector;
433 }
434 } else {
435 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
436 (s->select & 0x0f) * s->sectors + (s->sector - 1);
437 }
438 return sector_num;
439 }
440
441 void ide_set_sector(IDEState *s, int64_t sector_num)
442 {
443 unsigned int cyl, r;
444 if (s->select & 0x40) {
445 if (!s->lba48) {
446 s->select = (s->select & 0xf0) | (sector_num >> 24);
447 s->hcyl = (sector_num >> 16);
448 s->lcyl = (sector_num >> 8);
449 s->sector = (sector_num);
450 } else {
451 s->sector = sector_num;
452 s->lcyl = sector_num >> 8;
453 s->hcyl = sector_num >> 16;
454 s->hob_sector = sector_num >> 24;
455 s->hob_lcyl = sector_num >> 32;
456 s->hob_hcyl = sector_num >> 40;
457 }
458 } else {
459 cyl = sector_num / (s->heads * s->sectors);
460 r = sector_num % (s->heads * s->sectors);
461 s->hcyl = cyl >> 8;
462 s->lcyl = cyl;
463 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
464 s->sector = (r % s->sectors) + 1;
465 }
466 }
467
468 static void ide_rw_error(IDEState *s) {
469 ide_abort_command(s);
470 ide_set_irq(s->bus);
471 }
472
473 static void ide_sector_read_cb(void *opaque, int ret)
474 {
475 IDEState *s = opaque;
476 int n;
477
478 s->pio_aiocb = NULL;
479 s->status &= ~BUSY_STAT;
480
481 bdrv_acct_done(s->bs, &s->acct);
482 if (ret != 0) {
483 if (ide_handle_rw_error(s, -ret, BM_STATUS_PIO_RETRY |
484 BM_STATUS_RETRY_READ)) {
485 return;
486 }
487 }
488
489 n = s->nsector;
490 if (n > s->req_nb_sectors) {
491 n = s->req_nb_sectors;
492 }
493
494 /* Allow the guest to read the io_buffer */
495 ide_transfer_start(s, s->io_buffer, n * BDRV_SECTOR_SIZE, ide_sector_read);
496
497 ide_set_irq(s->bus);
498
499 ide_set_sector(s, ide_get_sector(s) + n);
500 s->nsector -= n;
501 }
502
503 void ide_sector_read(IDEState *s)
504 {
505 int64_t sector_num;
506 int n;
507
508 s->status = READY_STAT | SEEK_STAT;
509 s->error = 0; /* not needed by IDE spec, but needed by Windows */
510 sector_num = ide_get_sector(s);
511 n = s->nsector;
512
513 if (n == 0) {
514 ide_transfer_stop(s);
515 return;
516 }
517
518 s->status |= BUSY_STAT;
519
520 if (n > s->req_nb_sectors) {
521 n = s->req_nb_sectors;
522 }
523
524 #if defined(DEBUG_IDE)
525 printf("sector=%" PRId64 "\n", sector_num);
526 #endif
527
528 s->iov.iov_base = s->io_buffer;
529 s->iov.iov_len = n * BDRV_SECTOR_SIZE;
530 qemu_iovec_init_external(&s->qiov, &s->iov, 1);
531
532 bdrv_acct_start(s->bs, &s->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ);
533 s->pio_aiocb = bdrv_aio_readv(s->bs, sector_num, &s->qiov, n,
534 ide_sector_read_cb, s);
535 }
536
537 static void dma_buf_commit(IDEState *s)
538 {
539 qemu_sglist_destroy(&s->sg);
540 }
541
542 void ide_set_inactive(IDEState *s)
543 {
544 s->bus->dma->aiocb = NULL;
545 s->bus->dma->ops->set_inactive(s->bus->dma);
546 }
547
548 void ide_dma_error(IDEState *s)
549 {
550 ide_transfer_stop(s);
551 s->error = ABRT_ERR;
552 s->status = READY_STAT | ERR_STAT;
553 ide_set_inactive(s);
554 ide_set_irq(s->bus);
555 }
556
557 static int ide_handle_rw_error(IDEState *s, int error, int op)
558 {
559 bool is_read = (op & BM_STATUS_RETRY_READ) != 0;
560 BlockErrorAction action = bdrv_get_error_action(s->bs, is_read, error);
561
562 if (action == BDRV_ACTION_STOP) {
563 s->bus->dma->ops->set_unit(s->bus->dma, s->unit);
564 s->bus->error_status = op;
565 } else if (action == BDRV_ACTION_REPORT) {
566 if (op & BM_STATUS_DMA_RETRY) {
567 dma_buf_commit(s);
568 ide_dma_error(s);
569 } else {
570 ide_rw_error(s);
571 }
572 }
573 bdrv_error_action(s->bs, action, is_read, error);
574 return action != BDRV_ACTION_IGNORE;
575 }
576
577 void ide_dma_cb(void *opaque, int ret)
578 {
579 IDEState *s = opaque;
580 int n;
581 int64_t sector_num;
582 bool stay_active = false;
583
584 if (ret < 0) {
585 int op = BM_STATUS_DMA_RETRY;
586
587 if (s->dma_cmd == IDE_DMA_READ)
588 op |= BM_STATUS_RETRY_READ;
589 else if (s->dma_cmd == IDE_DMA_TRIM)
590 op |= BM_STATUS_RETRY_TRIM;
591
592 if (ide_handle_rw_error(s, -ret, op)) {
593 return;
594 }
595 }
596
597 n = s->io_buffer_size >> 9;
598 if (n > s->nsector) {
599 /* The PRDs were longer than needed for this request. Shorten them so
600 * we don't get a negative remainder. The Active bit must remain set
601 * after the request completes. */
602 n = s->nsector;
603 stay_active = true;
604 }
605
606 sector_num = ide_get_sector(s);
607 if (n > 0) {
608 dma_buf_commit(s);
609 sector_num += n;
610 ide_set_sector(s, sector_num);
611 s->nsector -= n;
612 }
613
614 /* end of transfer ? */
615 if (s->nsector == 0) {
616 s->status = READY_STAT | SEEK_STAT;
617 ide_set_irq(s->bus);
618 goto eot;
619 }
620
621 /* launch next transfer */
622 n = s->nsector;
623 s->io_buffer_index = 0;
624 s->io_buffer_size = n * 512;
625 if (s->bus->dma->ops->prepare_buf(s->bus->dma, ide_cmd_is_read(s)) == 0) {
626 /* The PRDs were too short. Reset the Active bit, but don't raise an
627 * interrupt. */
628 goto eot;
629 }
630
631 #ifdef DEBUG_AIO
632 printf("ide_dma_cb: sector_num=%" PRId64 " n=%d, cmd_cmd=%d\n",
633 sector_num, n, s->dma_cmd);
634 #endif
635
636 switch (s->dma_cmd) {
637 case IDE_DMA_READ:
638 s->bus->dma->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num,
639 ide_dma_cb, s);
640 break;
641 case IDE_DMA_WRITE:
642 s->bus->dma->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num,
643 ide_dma_cb, s);
644 break;
645 case IDE_DMA_TRIM:
646 s->bus->dma->aiocb = dma_bdrv_io(s->bs, &s->sg, sector_num,
647 ide_issue_trim, ide_dma_cb, s,
648 DMA_DIRECTION_TO_DEVICE);
649 break;
650 }
651 return;
652
653 eot:
654 if (s->dma_cmd == IDE_DMA_READ || s->dma_cmd == IDE_DMA_WRITE) {
655 bdrv_acct_done(s->bs, &s->acct);
656 }
657 ide_set_inactive(s);
658 if (stay_active) {
659 s->bus->dma->ops->add_status(s->bus->dma, BM_STATUS_DMAING);
660 }
661 }
662
663 static void ide_sector_start_dma(IDEState *s, enum ide_dma_cmd dma_cmd)
664 {
665 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
666 s->io_buffer_index = 0;
667 s->io_buffer_size = 0;
668 s->dma_cmd = dma_cmd;
669
670 switch (dma_cmd) {
671 case IDE_DMA_READ:
672 bdrv_acct_start(s->bs, &s->acct, s->nsector * BDRV_SECTOR_SIZE,
673 BDRV_ACCT_READ);
674 break;
675 case IDE_DMA_WRITE:
676 bdrv_acct_start(s->bs, &s->acct, s->nsector * BDRV_SECTOR_SIZE,
677 BDRV_ACCT_WRITE);
678 break;
679 default:
680 break;
681 }
682
683 s->bus->dma->ops->start_dma(s->bus->dma, s, ide_dma_cb);
684 }
685
686 static void ide_sector_write_timer_cb(void *opaque)
687 {
688 IDEState *s = opaque;
689 ide_set_irq(s->bus);
690 }
691
692 static void ide_sector_write_cb(void *opaque, int ret)
693 {
694 IDEState *s = opaque;
695 int n;
696
697 bdrv_acct_done(s->bs, &s->acct);
698
699 s->pio_aiocb = NULL;
700 s->status &= ~BUSY_STAT;
701
702 if (ret != 0) {
703 if (ide_handle_rw_error(s, -ret, BM_STATUS_PIO_RETRY)) {
704 return;
705 }
706 }
707
708 n = s->nsector;
709 if (n > s->req_nb_sectors) {
710 n = s->req_nb_sectors;
711 }
712 s->nsector -= n;
713 if (s->nsector == 0) {
714 /* no more sectors to write */
715 ide_transfer_stop(s);
716 } else {
717 int n1 = s->nsector;
718 if (n1 > s->req_nb_sectors) {
719 n1 = s->req_nb_sectors;
720 }
721 ide_transfer_start(s, s->io_buffer, n1 * BDRV_SECTOR_SIZE,
722 ide_sector_write);
723 }
724 ide_set_sector(s, ide_get_sector(s) + n);
725
726 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
727 /* It seems there is a bug in the Windows 2000 installer HDD
728 IDE driver which fills the disk with empty logs when the
729 IDE write IRQ comes too early. This hack tries to correct
730 that at the expense of slower write performances. Use this
731 option _only_ to install Windows 2000. You must disable it
732 for normal use. */
733 qemu_mod_timer(s->sector_write_timer,
734 qemu_get_clock_ns(vm_clock) + (get_ticks_per_sec() / 1000));
735 } else {
736 ide_set_irq(s->bus);
737 }
738 }
739
740 void ide_sector_write(IDEState *s)
741 {
742 int64_t sector_num;
743 int n;
744
745 s->status = READY_STAT | SEEK_STAT | BUSY_STAT;
746 sector_num = ide_get_sector(s);
747 #if defined(DEBUG_IDE)
748 printf("sector=%" PRId64 "\n", sector_num);
749 #endif
750 n = s->nsector;
751 if (n > s->req_nb_sectors) {
752 n = s->req_nb_sectors;
753 }
754
755 s->iov.iov_base = s->io_buffer;
756 s->iov.iov_len = n * BDRV_SECTOR_SIZE;
757 qemu_iovec_init_external(&s->qiov, &s->iov, 1);
758
759 bdrv_acct_start(s->bs, &s->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ);
760 s->pio_aiocb = bdrv_aio_writev(s->bs, sector_num, &s->qiov, n,
761 ide_sector_write_cb, s);
762 }
763
764 static void ide_flush_cb(void *opaque, int ret)
765 {
766 IDEState *s = opaque;
767
768 if (ret < 0) {
769 /* XXX: What sector number to set here? */
770 if (ide_handle_rw_error(s, -ret, BM_STATUS_RETRY_FLUSH)) {
771 return;
772 }
773 }
774
775 bdrv_acct_done(s->bs, &s->acct);
776 s->status = READY_STAT | SEEK_STAT;
777 ide_set_irq(s->bus);
778 }
779
780 void ide_flush_cache(IDEState *s)
781 {
782 if (s->bs == NULL) {
783 ide_flush_cb(s, 0);
784 return;
785 }
786
787 bdrv_acct_start(s->bs, &s->acct, 0, BDRV_ACCT_FLUSH);
788 bdrv_aio_flush(s->bs, ide_flush_cb, s);
789 }
790
791 static void ide_cfata_metadata_inquiry(IDEState *s)
792 {
793 uint16_t *p;
794 uint32_t spd;
795
796 p = (uint16_t *) s->io_buffer;
797 memset(p, 0, 0x200);
798 spd = ((s->mdata_size - 1) >> 9) + 1;
799
800 put_le16(p + 0, 0x0001); /* Data format revision */
801 put_le16(p + 1, 0x0000); /* Media property: silicon */
802 put_le16(p + 2, s->media_changed); /* Media status */
803 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
804 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
805 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
806 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
807 }
808
809 static void ide_cfata_metadata_read(IDEState *s)
810 {
811 uint16_t *p;
812
813 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
814 s->status = ERR_STAT;
815 s->error = ABRT_ERR;
816 return;
817 }
818
819 p = (uint16_t *) s->io_buffer;
820 memset(p, 0, 0x200);
821
822 put_le16(p + 0, s->media_changed); /* Media status */
823 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
824 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
825 s->nsector << 9), 0x200 - 2));
826 }
827
828 static void ide_cfata_metadata_write(IDEState *s)
829 {
830 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
831 s->status = ERR_STAT;
832 s->error = ABRT_ERR;
833 return;
834 }
835
836 s->media_changed = 0;
837
838 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
839 s->io_buffer + 2,
840 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
841 s->nsector << 9), 0x200 - 2));
842 }
843
844 /* called when the inserted state of the media has changed */
845 static void ide_cd_change_cb(void *opaque, bool load)
846 {
847 IDEState *s = opaque;
848 uint64_t nb_sectors;
849
850 s->tray_open = !load;
851 bdrv_get_geometry(s->bs, &nb_sectors);
852 s->nb_sectors = nb_sectors;
853
854 /*
855 * First indicate to the guest that a CD has been removed. That's
856 * done on the next command the guest sends us.
857 *
858 * Then we set UNIT_ATTENTION, by which the guest will
859 * detect a new CD in the drive. See ide_atapi_cmd() for details.
860 */
861 s->cdrom_changed = 1;
862 s->events.new_media = true;
863 s->events.eject_request = false;
864 ide_set_irq(s->bus);
865 }
866
867 static void ide_cd_eject_request_cb(void *opaque, bool force)
868 {
869 IDEState *s = opaque;
870
871 s->events.eject_request = true;
872 if (force) {
873 s->tray_locked = false;
874 }
875 ide_set_irq(s->bus);
876 }
877
878 static void ide_cmd_lba48_transform(IDEState *s, int lba48)
879 {
880 s->lba48 = lba48;
881
882 /* handle the 'magic' 0 nsector count conversion here. to avoid
883 * fiddling with the rest of the read logic, we just store the
884 * full sector count in ->nsector and ignore ->hob_nsector from now
885 */
886 if (!s->lba48) {
887 if (!s->nsector)
888 s->nsector = 256;
889 } else {
890 if (!s->nsector && !s->hob_nsector)
891 s->nsector = 65536;
892 else {
893 int lo = s->nsector;
894 int hi = s->hob_nsector;
895
896 s->nsector = (hi << 8) | lo;
897 }
898 }
899 }
900
901 static void ide_clear_hob(IDEBus *bus)
902 {
903 /* any write clears HOB high bit of device control register */
904 bus->ifs[0].select &= ~(1 << 7);
905 bus->ifs[1].select &= ~(1 << 7);
906 }
907
908 void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
909 {
910 IDEBus *bus = opaque;
911
912 #ifdef DEBUG_IDE
913 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
914 #endif
915
916 addr &= 7;
917
918 /* ignore writes to command block while busy with previous command */
919 if (addr != 7 && (idebus_active_if(bus)->status & (BUSY_STAT|DRQ_STAT)))
920 return;
921
922 switch(addr) {
923 case 0:
924 break;
925 case 1:
926 ide_clear_hob(bus);
927 /* NOTE: data is written to the two drives */
928 bus->ifs[0].hob_feature = bus->ifs[0].feature;
929 bus->ifs[1].hob_feature = bus->ifs[1].feature;
930 bus->ifs[0].feature = val;
931 bus->ifs[1].feature = val;
932 break;
933 case 2:
934 ide_clear_hob(bus);
935 bus->ifs[0].hob_nsector = bus->ifs[0].nsector;
936 bus->ifs[1].hob_nsector = bus->ifs[1].nsector;
937 bus->ifs[0].nsector = val;
938 bus->ifs[1].nsector = val;
939 break;
940 case 3:
941 ide_clear_hob(bus);
942 bus->ifs[0].hob_sector = bus->ifs[0].sector;
943 bus->ifs[1].hob_sector = bus->ifs[1].sector;
944 bus->ifs[0].sector = val;
945 bus->ifs[1].sector = val;
946 break;
947 case 4:
948 ide_clear_hob(bus);
949 bus->ifs[0].hob_lcyl = bus->ifs[0].lcyl;
950 bus->ifs[1].hob_lcyl = bus->ifs[1].lcyl;
951 bus->ifs[0].lcyl = val;
952 bus->ifs[1].lcyl = val;
953 break;
954 case 5:
955 ide_clear_hob(bus);
956 bus->ifs[0].hob_hcyl = bus->ifs[0].hcyl;
957 bus->ifs[1].hob_hcyl = bus->ifs[1].hcyl;
958 bus->ifs[0].hcyl = val;
959 bus->ifs[1].hcyl = val;
960 break;
961 case 6:
962 /* FIXME: HOB readback uses bit 7 */
963 bus->ifs[0].select = (val & ~0x10) | 0xa0;
964 bus->ifs[1].select = (val | 0x10) | 0xa0;
965 /* select drive */
966 bus->unit = (val >> 4) & 1;
967 break;
968 default:
969 case 7:
970 /* command */
971 ide_exec_cmd(bus, val);
972 break;
973 }
974 }
975
976 #define HD_OK (1u << IDE_HD)
977 #define CD_OK (1u << IDE_CD)
978 #define CFA_OK (1u << IDE_CFATA)
979 #define HD_CFA_OK (HD_OK | CFA_OK)
980 #define ALL_OK (HD_OK | CD_OK | CFA_OK)
981
982 /* See ACS-2 T13/2015-D Table B.2 Command codes */
983 static const uint8_t ide_cmd_table[0x100] = {
984 /* NOP not implemented, mandatory for CD */
985 [CFA_REQ_EXT_ERROR_CODE] = CFA_OK,
986 [WIN_DSM] = ALL_OK,
987 [WIN_DEVICE_RESET] = CD_OK,
988 [WIN_RECAL] = HD_CFA_OK,
989 [WIN_READ] = ALL_OK,
990 [WIN_READ_ONCE] = ALL_OK,
991 [WIN_READ_EXT] = HD_CFA_OK,
992 [WIN_READDMA_EXT] = HD_CFA_OK,
993 [WIN_READ_NATIVE_MAX_EXT] = HD_CFA_OK,
994 [WIN_MULTREAD_EXT] = HD_CFA_OK,
995 [WIN_WRITE] = HD_CFA_OK,
996 [WIN_WRITE_ONCE] = HD_CFA_OK,
997 [WIN_WRITE_EXT] = HD_CFA_OK,
998 [WIN_WRITEDMA_EXT] = HD_CFA_OK,
999 [CFA_WRITE_SECT_WO_ERASE] = CFA_OK,
1000 [WIN_MULTWRITE_EXT] = HD_CFA_OK,
1001 [WIN_WRITE_VERIFY] = HD_CFA_OK,
1002 [WIN_VERIFY] = HD_CFA_OK,
1003 [WIN_VERIFY_ONCE] = HD_CFA_OK,
1004 [WIN_VERIFY_EXT] = HD_CFA_OK,
1005 [WIN_SEEK] = HD_CFA_OK,
1006 [CFA_TRANSLATE_SECTOR] = CFA_OK,
1007 [WIN_DIAGNOSE] = ALL_OK,
1008 [WIN_SPECIFY] = HD_CFA_OK,
1009 [WIN_STANDBYNOW2] = ALL_OK,
1010 [WIN_IDLEIMMEDIATE2] = ALL_OK,
1011 [WIN_STANDBY2] = ALL_OK,
1012 [WIN_SETIDLE2] = ALL_OK,
1013 [WIN_CHECKPOWERMODE2] = ALL_OK,
1014 [WIN_SLEEPNOW2] = ALL_OK,
1015 [WIN_PACKETCMD] = CD_OK,
1016 [WIN_PIDENTIFY] = CD_OK,
1017 [WIN_SMART] = HD_CFA_OK,
1018 [CFA_ACCESS_METADATA_STORAGE] = CFA_OK,
1019 [CFA_ERASE_SECTORS] = CFA_OK,
1020 [WIN_MULTREAD] = HD_CFA_OK,
1021 [WIN_MULTWRITE] = HD_CFA_OK,
1022 [WIN_SETMULT] = HD_CFA_OK,
1023 [WIN_READDMA] = HD_CFA_OK,
1024 [WIN_READDMA_ONCE] = HD_CFA_OK,
1025 [WIN_WRITEDMA] = HD_CFA_OK,
1026 [WIN_WRITEDMA_ONCE] = HD_CFA_OK,
1027 [CFA_WRITE_MULTI_WO_ERASE] = CFA_OK,
1028 [WIN_STANDBYNOW1] = ALL_OK,
1029 [WIN_IDLEIMMEDIATE] = ALL_OK,
1030 [WIN_STANDBY] = ALL_OK,
1031 [WIN_SETIDLE1] = ALL_OK,
1032 [WIN_CHECKPOWERMODE1] = ALL_OK,
1033 [WIN_SLEEPNOW1] = ALL_OK,
1034 [WIN_FLUSH_CACHE] = ALL_OK,
1035 [WIN_FLUSH_CACHE_EXT] = HD_CFA_OK,
1036 [WIN_IDENTIFY] = ALL_OK,
1037 [WIN_SETFEATURES] = ALL_OK,
1038 [IBM_SENSE_CONDITION] = CFA_OK,
1039 [CFA_WEAR_LEVEL] = HD_CFA_OK,
1040 [WIN_READ_NATIVE_MAX] = ALL_OK,
1041 };
1042
1043 static bool ide_cmd_permitted(IDEState *s, uint32_t cmd)
1044 {
1045 return cmd < ARRAY_SIZE(ide_cmd_table)
1046 && (ide_cmd_table[cmd] & (1u << s->drive_kind));
1047 }
1048
1049 void ide_exec_cmd(IDEBus *bus, uint32_t val)
1050 {
1051 uint16_t *identify_data;
1052 IDEState *s;
1053 int n;
1054 int lba48 = 0;
1055
1056 #if defined(DEBUG_IDE)
1057 printf("ide: CMD=%02x\n", val);
1058 #endif
1059 s = idebus_active_if(bus);
1060 /* ignore commands to non existent slave */
1061 if (s != bus->ifs && !s->bs)
1062 return;
1063
1064 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */
1065 if ((s->status & (BUSY_STAT|DRQ_STAT)) && val != WIN_DEVICE_RESET)
1066 return;
1067
1068 if (!ide_cmd_permitted(s, val)) {
1069 goto abort_cmd;
1070 }
1071
1072 switch(val) {
1073 case WIN_DSM:
1074 switch (s->feature) {
1075 case DSM_TRIM:
1076 if (!s->bs) {
1077 goto abort_cmd;
1078 }
1079 ide_sector_start_dma(s, IDE_DMA_TRIM);
1080 break;
1081 default:
1082 goto abort_cmd;
1083 }
1084 break;
1085 case WIN_IDENTIFY:
1086 if (s->bs && s->drive_kind != IDE_CD) {
1087 if (s->drive_kind != IDE_CFATA)
1088 ide_identify(s);
1089 else
1090 ide_cfata_identify(s);
1091 s->status = READY_STAT | SEEK_STAT;
1092 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1093 } else {
1094 if (s->drive_kind == IDE_CD) {
1095 ide_set_signature(s);
1096 }
1097 ide_abort_command(s);
1098 }
1099 ide_set_irq(s->bus);
1100 break;
1101 case WIN_SPECIFY:
1102 case WIN_RECAL:
1103 s->error = 0;
1104 s->status = READY_STAT | SEEK_STAT;
1105 ide_set_irq(s->bus);
1106 break;
1107 case WIN_SETMULT:
1108 if (s->drive_kind == IDE_CFATA && s->nsector == 0) {
1109 /* Disable Read and Write Multiple */
1110 s->mult_sectors = 0;
1111 s->status = READY_STAT | SEEK_STAT;
1112 } else if ((s->nsector & 0xff) != 0 &&
1113 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
1114 (s->nsector & (s->nsector - 1)) != 0)) {
1115 ide_abort_command(s);
1116 } else {
1117 s->mult_sectors = s->nsector & 0xff;
1118 s->status = READY_STAT | SEEK_STAT;
1119 }
1120 ide_set_irq(s->bus);
1121 break;
1122 case WIN_VERIFY_EXT:
1123 lba48 = 1;
1124 case WIN_VERIFY:
1125 case WIN_VERIFY_ONCE:
1126 /* do sector number check ? */
1127 ide_cmd_lba48_transform(s, lba48);
1128 s->status = READY_STAT | SEEK_STAT;
1129 ide_set_irq(s->bus);
1130 break;
1131 case WIN_READ_EXT:
1132 lba48 = 1;
1133 case WIN_READ:
1134 case WIN_READ_ONCE:
1135 if (s->drive_kind == IDE_CD) {
1136 ide_set_signature(s); /* odd, but ATA4 8.27.5.2 requires it */
1137 goto abort_cmd;
1138 }
1139 if (!s->bs) {
1140 goto abort_cmd;
1141 }
1142 ide_cmd_lba48_transform(s, lba48);
1143 s->req_nb_sectors = 1;
1144 ide_sector_read(s);
1145 break;
1146 case WIN_WRITE_EXT:
1147 lba48 = 1;
1148 case WIN_WRITE:
1149 case WIN_WRITE_ONCE:
1150 case CFA_WRITE_SECT_WO_ERASE:
1151 case WIN_WRITE_VERIFY:
1152 if (!s->bs) {
1153 goto abort_cmd;
1154 }
1155 ide_cmd_lba48_transform(s, lba48);
1156 s->error = 0;
1157 s->status = SEEK_STAT | READY_STAT;
1158 s->req_nb_sectors = 1;
1159 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1160 s->media_changed = 1;
1161 break;
1162 case WIN_MULTREAD_EXT:
1163 lba48 = 1;
1164 case WIN_MULTREAD:
1165 if (!s->bs) {
1166 goto abort_cmd;
1167 }
1168 if (!s->mult_sectors) {
1169 goto abort_cmd;
1170 }
1171 ide_cmd_lba48_transform(s, lba48);
1172 s->req_nb_sectors = s->mult_sectors;
1173 ide_sector_read(s);
1174 break;
1175 case WIN_MULTWRITE_EXT:
1176 lba48 = 1;
1177 case WIN_MULTWRITE:
1178 case CFA_WRITE_MULTI_WO_ERASE:
1179 if (!s->bs) {
1180 goto abort_cmd;
1181 }
1182 if (!s->mult_sectors) {
1183 goto abort_cmd;
1184 }
1185 ide_cmd_lba48_transform(s, lba48);
1186 s->error = 0;
1187 s->status = SEEK_STAT | READY_STAT;
1188 s->req_nb_sectors = s->mult_sectors;
1189 n = s->nsector;
1190 if (n > s->req_nb_sectors)
1191 n = s->req_nb_sectors;
1192 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1193 s->media_changed = 1;
1194 break;
1195 case WIN_READDMA_EXT:
1196 lba48 = 1;
1197 case WIN_READDMA:
1198 case WIN_READDMA_ONCE:
1199 if (!s->bs) {
1200 goto abort_cmd;
1201 }
1202 ide_cmd_lba48_transform(s, lba48);
1203 ide_sector_start_dma(s, IDE_DMA_READ);
1204 break;
1205 case WIN_WRITEDMA_EXT:
1206 lba48 = 1;
1207 case WIN_WRITEDMA:
1208 case WIN_WRITEDMA_ONCE:
1209 if (!s->bs) {
1210 goto abort_cmd;
1211 }
1212 ide_cmd_lba48_transform(s, lba48);
1213 ide_sector_start_dma(s, IDE_DMA_WRITE);
1214 s->media_changed = 1;
1215 break;
1216 case WIN_READ_NATIVE_MAX_EXT:
1217 lba48 = 1;
1218 case WIN_READ_NATIVE_MAX:
1219 ide_cmd_lba48_transform(s, lba48);
1220 ide_set_sector(s, s->nb_sectors - 1);
1221 s->status = READY_STAT | SEEK_STAT;
1222 ide_set_irq(s->bus);
1223 break;
1224 case WIN_CHECKPOWERMODE1:
1225 case WIN_CHECKPOWERMODE2:
1226 s->error = 0;
1227 s->nsector = 0xff; /* device active or idle */
1228 s->status = READY_STAT | SEEK_STAT;
1229 ide_set_irq(s->bus);
1230 break;
1231 case WIN_SETFEATURES:
1232 if (!s->bs)
1233 goto abort_cmd;
1234 /* XXX: valid for CDROM ? */
1235 switch(s->feature) {
1236 case 0x02: /* write cache enable */
1237 bdrv_set_enable_write_cache(s->bs, true);
1238 identify_data = (uint16_t *)s->identify_data;
1239 put_le16(identify_data + 85, (1 << 14) | (1 << 5) | 1);
1240 s->status = READY_STAT | SEEK_STAT;
1241 ide_set_irq(s->bus);
1242 break;
1243 case 0x82: /* write cache disable */
1244 bdrv_set_enable_write_cache(s->bs, false);
1245 identify_data = (uint16_t *)s->identify_data;
1246 put_le16(identify_data + 85, (1 << 14) | 1);
1247 ide_flush_cache(s);
1248 break;
1249 case 0xcc: /* reverting to power-on defaults enable */
1250 case 0x66: /* reverting to power-on defaults disable */
1251 case 0xaa: /* read look-ahead enable */
1252 case 0x55: /* read look-ahead disable */
1253 case 0x05: /* set advanced power management mode */
1254 case 0x85: /* disable advanced power management mode */
1255 case 0x69: /* NOP */
1256 case 0x67: /* NOP */
1257 case 0x96: /* NOP */
1258 case 0x9a: /* NOP */
1259 case 0x42: /* enable Automatic Acoustic Mode */
1260 case 0xc2: /* disable Automatic Acoustic Mode */
1261 s->status = READY_STAT | SEEK_STAT;
1262 ide_set_irq(s->bus);
1263 break;
1264 case 0x03: { /* set transfer mode */
1265 uint8_t val = s->nsector & 0x07;
1266 identify_data = (uint16_t *)s->identify_data;
1267
1268 switch (s->nsector >> 3) {
1269 case 0x00: /* pio default */
1270 case 0x01: /* pio mode */
1271 put_le16(identify_data + 62,0x07);
1272 put_le16(identify_data + 63,0x07);
1273 put_le16(identify_data + 88,0x3f);
1274 break;
1275 case 0x02: /* sigle word dma mode*/
1276 put_le16(identify_data + 62,0x07 | (1 << (val + 8)));
1277 put_le16(identify_data + 63,0x07);
1278 put_le16(identify_data + 88,0x3f);
1279 break;
1280 case 0x04: /* mdma mode */
1281 put_le16(identify_data + 62,0x07);
1282 put_le16(identify_data + 63,0x07 | (1 << (val + 8)));
1283 put_le16(identify_data + 88,0x3f);
1284 break;
1285 case 0x08: /* udma mode */
1286 put_le16(identify_data + 62,0x07);
1287 put_le16(identify_data + 63,0x07);
1288 put_le16(identify_data + 88,0x3f | (1 << (val + 8)));
1289 break;
1290 default:
1291 goto abort_cmd;
1292 }
1293 s->status = READY_STAT | SEEK_STAT;
1294 ide_set_irq(s->bus);
1295 break;
1296 }
1297 default:
1298 goto abort_cmd;
1299 }
1300 break;
1301 case WIN_FLUSH_CACHE:
1302 case WIN_FLUSH_CACHE_EXT:
1303 ide_flush_cache(s);
1304 break;
1305 case WIN_STANDBY:
1306 case WIN_STANDBY2:
1307 case WIN_STANDBYNOW1:
1308 case WIN_STANDBYNOW2:
1309 case WIN_IDLEIMMEDIATE:
1310 case WIN_IDLEIMMEDIATE2:
1311 case WIN_SETIDLE1:
1312 case WIN_SETIDLE2:
1313 case WIN_SLEEPNOW1:
1314 case WIN_SLEEPNOW2:
1315 s->status = READY_STAT;
1316 ide_set_irq(s->bus);
1317 break;
1318 case WIN_SEEK:
1319 /* XXX: Check that seek is within bounds */
1320 s->status = READY_STAT | SEEK_STAT;
1321 ide_set_irq(s->bus);
1322 break;
1323 /* ATAPI commands */
1324 case WIN_PIDENTIFY:
1325 ide_atapi_identify(s);
1326 s->status = READY_STAT | SEEK_STAT;
1327 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1328 ide_set_irq(s->bus);
1329 break;
1330 case WIN_DIAGNOSE:
1331 ide_set_signature(s);
1332 if (s->drive_kind == IDE_CD)
1333 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet
1334 * devices to return a clear status register
1335 * with READY_STAT *not* set. */
1336 else
1337 s->status = READY_STAT | SEEK_STAT;
1338 s->error = 0x01; /* Device 0 passed, Device 1 passed or not
1339 * present.
1340 */
1341 ide_set_irq(s->bus);
1342 break;
1343 case WIN_DEVICE_RESET:
1344 ide_set_signature(s);
1345 s->status = 0x00; /* NOTE: READY is _not_ set */
1346 s->error = 0x01;
1347 break;
1348 case WIN_PACKETCMD:
1349 /* overlapping commands not supported */
1350 if (s->feature & 0x02)
1351 goto abort_cmd;
1352 s->status = READY_STAT | SEEK_STAT;
1353 s->atapi_dma = s->feature & 1;
1354 s->nsector = 1;
1355 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
1356 ide_atapi_cmd);
1357 break;
1358 /* CF-ATA commands */
1359 case CFA_REQ_EXT_ERROR_CODE:
1360 s->error = 0x09; /* miscellaneous error */
1361 s->status = READY_STAT | SEEK_STAT;
1362 ide_set_irq(s->bus);
1363 break;
1364 case CFA_ERASE_SECTORS:
1365 case CFA_WEAR_LEVEL:
1366 #if 0
1367 /* This one has the same ID as CFA_WEAR_LEVEL and is required for
1368 Windows 8 to work with AHCI */
1369 case WIN_SECURITY_FREEZE_LOCK:
1370 #endif
1371 if (val == CFA_WEAR_LEVEL)
1372 s->nsector = 0;
1373 if (val == CFA_ERASE_SECTORS)
1374 s->media_changed = 1;
1375 s->error = 0x00;
1376 s->status = READY_STAT | SEEK_STAT;
1377 ide_set_irq(s->bus);
1378 break;
1379 case CFA_TRANSLATE_SECTOR:
1380 s->error = 0x00;
1381 s->status = READY_STAT | SEEK_STAT;
1382 memset(s->io_buffer, 0, 0x200);
1383 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
1384 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
1385 s->io_buffer[0x02] = s->select; /* Head */
1386 s->io_buffer[0x03] = s->sector; /* Sector */
1387 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
1388 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
1389 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
1390 s->io_buffer[0x13] = 0x00; /* Erase flag */
1391 s->io_buffer[0x18] = 0x00; /* Hot count */
1392 s->io_buffer[0x19] = 0x00; /* Hot count */
1393 s->io_buffer[0x1a] = 0x01; /* Hot count */
1394 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
1395 ide_set_irq(s->bus);
1396 break;
1397 case CFA_ACCESS_METADATA_STORAGE:
1398 switch (s->feature) {
1399 case 0x02: /* Inquiry Metadata Storage */
1400 ide_cfata_metadata_inquiry(s);
1401 break;
1402 case 0x03: /* Read Metadata Storage */
1403 ide_cfata_metadata_read(s);
1404 break;
1405 case 0x04: /* Write Metadata Storage */
1406 ide_cfata_metadata_write(s);
1407 break;
1408 default:
1409 goto abort_cmd;
1410 }
1411 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
1412 s->status = 0x00; /* NOTE: READY is _not_ set */
1413 ide_set_irq(s->bus);
1414 break;
1415 case IBM_SENSE_CONDITION:
1416 switch (s->feature) {
1417 case 0x01: /* sense temperature in device */
1418 s->nsector = 0x50; /* +20 C */
1419 break;
1420 default:
1421 goto abort_cmd;
1422 }
1423 s->status = READY_STAT | SEEK_STAT;
1424 ide_set_irq(s->bus);
1425 break;
1426
1427 case WIN_SMART:
1428 if (s->hcyl != 0xc2 || s->lcyl != 0x4f)
1429 goto abort_cmd;
1430 if (!s->smart_enabled && s->feature != SMART_ENABLE)
1431 goto abort_cmd;
1432 switch (s->feature) {
1433 case SMART_DISABLE:
1434 s->smart_enabled = 0;
1435 s->status = READY_STAT | SEEK_STAT;
1436 ide_set_irq(s->bus);
1437 break;
1438 case SMART_ENABLE:
1439 s->smart_enabled = 1;
1440 s->status = READY_STAT | SEEK_STAT;
1441 ide_set_irq(s->bus);
1442 break;
1443 case SMART_ATTR_AUTOSAVE:
1444 switch (s->sector) {
1445 case 0x00:
1446 s->smart_autosave = 0;
1447 break;
1448 case 0xf1:
1449 s->smart_autosave = 1;
1450 break;
1451 default:
1452 goto abort_cmd;
1453 }
1454 s->status = READY_STAT | SEEK_STAT;
1455 ide_set_irq(s->bus);
1456 break;
1457 case SMART_STATUS:
1458 if (!s->smart_errors) {
1459 s->hcyl = 0xc2;
1460 s->lcyl = 0x4f;
1461 } else {
1462 s->hcyl = 0x2c;
1463 s->lcyl = 0xf4;
1464 }
1465 s->status = READY_STAT | SEEK_STAT;
1466 ide_set_irq(s->bus);
1467 break;
1468 case SMART_READ_THRESH:
1469 memset(s->io_buffer, 0, 0x200);
1470 s->io_buffer[0] = 0x01; /* smart struct version */
1471 for (n = 0; n < ARRAY_SIZE(smart_attributes); n++) {
1472 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0];
1473 s->io_buffer[2+1+(n*12)] = smart_attributes[n][11];
1474 }
1475 for (n=0; n<511; n++) /* checksum */
1476 s->io_buffer[511] += s->io_buffer[n];
1477 s->io_buffer[511] = 0x100 - s->io_buffer[511];
1478 s->status = READY_STAT | SEEK_STAT;
1479 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
1480 ide_set_irq(s->bus);
1481 break;
1482 case SMART_READ_DATA:
1483 memset(s->io_buffer, 0, 0x200);
1484 s->io_buffer[0] = 0x01; /* smart struct version */
1485 for (n = 0; n < ARRAY_SIZE(smart_attributes); n++) {
1486 int i;
1487 for(i = 0; i < 11; i++) {
1488 s->io_buffer[2+i+(n*12)] = smart_attributes[n][i];
1489 }
1490 }
1491 s->io_buffer[362] = 0x02 | (s->smart_autosave?0x80:0x00);
1492 if (s->smart_selftest_count == 0) {
1493 s->io_buffer[363] = 0;
1494 } else {
1495 s->io_buffer[363] =
1496 s->smart_selftest_data[3 +
1497 (s->smart_selftest_count - 1) *
1498 24];
1499 }
1500 s->io_buffer[364] = 0x20;
1501 s->io_buffer[365] = 0x01;
1502 /* offline data collection capacity: execute + self-test*/
1503 s->io_buffer[367] = (1<<4 | 1<<3 | 1);
1504 s->io_buffer[368] = 0x03; /* smart capability (1) */
1505 s->io_buffer[369] = 0x00; /* smart capability (2) */
1506 s->io_buffer[370] = 0x01; /* error logging supported */
1507 s->io_buffer[372] = 0x02; /* minutes for poll short test */
1508 s->io_buffer[373] = 0x36; /* minutes for poll ext test */
1509 s->io_buffer[374] = 0x01; /* minutes for poll conveyance */
1510
1511 for (n=0; n<511; n++)
1512 s->io_buffer[511] += s->io_buffer[n];
1513 s->io_buffer[511] = 0x100 - s->io_buffer[511];
1514 s->status = READY_STAT | SEEK_STAT;
1515 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
1516 ide_set_irq(s->bus);
1517 break;
1518 case SMART_READ_LOG:
1519 switch (s->sector) {
1520 case 0x01: /* summary smart error log */
1521 memset(s->io_buffer, 0, 0x200);
1522 s->io_buffer[0] = 0x01;
1523 s->io_buffer[1] = 0x00; /* no error entries */
1524 s->io_buffer[452] = s->smart_errors & 0xff;
1525 s->io_buffer[453] = (s->smart_errors & 0xff00) >> 8;
1526
1527 for (n=0; n<511; n++)
1528 s->io_buffer[511] += s->io_buffer[n];
1529 s->io_buffer[511] = 0x100 - s->io_buffer[511];
1530 break;
1531 case 0x06: /* smart self test log */
1532 memset(s->io_buffer, 0, 0x200);
1533 s->io_buffer[0] = 0x01;
1534 if (s->smart_selftest_count == 0) {
1535 s->io_buffer[508] = 0;
1536 } else {
1537 s->io_buffer[508] = s->smart_selftest_count;
1538 for (n=2; n<506; n++)
1539 s->io_buffer[n] = s->smart_selftest_data[n];
1540 }
1541 for (n=0; n<511; n++)
1542 s->io_buffer[511] += s->io_buffer[n];
1543 s->io_buffer[511] = 0x100 - s->io_buffer[511];
1544 break;
1545 default:
1546 goto abort_cmd;
1547 }
1548 s->status = READY_STAT | SEEK_STAT;
1549 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
1550 ide_set_irq(s->bus);
1551 break;
1552 case SMART_EXECUTE_OFFLINE:
1553 switch (s->sector) {
1554 case 0: /* off-line routine */
1555 case 1: /* short self test */
1556 case 2: /* extended self test */
1557 s->smart_selftest_count++;
1558 if(s->smart_selftest_count > 21)
1559 s->smart_selftest_count = 0;
1560 n = 2 + (s->smart_selftest_count - 1) * 24;
1561 s->smart_selftest_data[n] = s->sector;
1562 s->smart_selftest_data[n+1] = 0x00; /* OK and finished */
1563 s->smart_selftest_data[n+2] = 0x34; /* hour count lsb */
1564 s->smart_selftest_data[n+3] = 0x12; /* hour count msb */
1565 s->status = READY_STAT | SEEK_STAT;
1566 ide_set_irq(s->bus);
1567 break;
1568 default:
1569 goto abort_cmd;
1570 }
1571 break;
1572 default:
1573 goto abort_cmd;
1574 }
1575 break;
1576 default:
1577 /* should not be reachable */
1578 abort_cmd:
1579 ide_abort_command(s);
1580 ide_set_irq(s->bus);
1581 break;
1582 }
1583 }
1584
1585 uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
1586 {
1587 IDEBus *bus = opaque;
1588 IDEState *s = idebus_active_if(bus);
1589 uint32_t addr;
1590 int ret, hob;
1591
1592 addr = addr1 & 7;
1593 /* FIXME: HOB readback uses bit 7, but it's always set right now */
1594 //hob = s->select & (1 << 7);
1595 hob = 0;
1596 switch(addr) {
1597 case 0:
1598 ret = 0xff;
1599 break;
1600 case 1:
1601 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
1602 (s != bus->ifs && !s->bs))
1603 ret = 0;
1604 else if (!hob)
1605 ret = s->error;
1606 else
1607 ret = s->hob_feature;
1608 break;
1609 case 2:
1610 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
1611 ret = 0;
1612 else if (!hob)
1613 ret = s->nsector & 0xff;
1614 else
1615 ret = s->hob_nsector;
1616 break;
1617 case 3:
1618 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
1619 ret = 0;
1620 else if (!hob)
1621 ret = s->sector;
1622 else
1623 ret = s->hob_sector;
1624 break;
1625 case 4:
1626 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
1627 ret = 0;
1628 else if (!hob)
1629 ret = s->lcyl;
1630 else
1631 ret = s->hob_lcyl;
1632 break;
1633 case 5:
1634 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
1635 ret = 0;
1636 else if (!hob)
1637 ret = s->hcyl;
1638 else
1639 ret = s->hob_hcyl;
1640 break;
1641 case 6:
1642 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
1643 ret = 0;
1644 else
1645 ret = s->select;
1646 break;
1647 default:
1648 case 7:
1649 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
1650 (s != bus->ifs && !s->bs))
1651 ret = 0;
1652 else
1653 ret = s->status;
1654 qemu_irq_lower(bus->irq);
1655 break;
1656 }
1657 #ifdef DEBUG_IDE
1658 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
1659 #endif
1660 return ret;
1661 }
1662
1663 uint32_t ide_status_read(void *opaque, uint32_t addr)
1664 {
1665 IDEBus *bus = opaque;
1666 IDEState *s = idebus_active_if(bus);
1667 int ret;
1668
1669 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
1670 (s != bus->ifs && !s->bs))
1671 ret = 0;
1672 else
1673 ret = s->status;
1674 #ifdef DEBUG_IDE
1675 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
1676 #endif
1677 return ret;
1678 }
1679
1680 void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
1681 {
1682 IDEBus *bus = opaque;
1683 IDEState *s;
1684 int i;
1685
1686 #ifdef DEBUG_IDE
1687 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
1688 #endif
1689 /* common for both drives */
1690 if (!(bus->cmd & IDE_CMD_RESET) &&
1691 (val & IDE_CMD_RESET)) {
1692 /* reset low to high */
1693 for(i = 0;i < 2; i++) {
1694 s = &bus->ifs[i];
1695 s->status = BUSY_STAT | SEEK_STAT;
1696 s->error = 0x01;
1697 }
1698 } else if ((bus->cmd & IDE_CMD_RESET) &&
1699 !(val & IDE_CMD_RESET)) {
1700 /* high to low */
1701 for(i = 0;i < 2; i++) {
1702 s = &bus->ifs[i];
1703 if (s->drive_kind == IDE_CD)
1704 s->status = 0x00; /* NOTE: READY is _not_ set */
1705 else
1706 s->status = READY_STAT | SEEK_STAT;
1707 ide_set_signature(s);
1708 }
1709 }
1710
1711 bus->cmd = val;
1712 }
1713
1714 /*
1715 * Returns true if the running PIO transfer is a PIO out (i.e. data is
1716 * transferred from the device to the guest), false if it's a PIO in
1717 */
1718 static bool ide_is_pio_out(IDEState *s)
1719 {
1720 if (s->end_transfer_func == ide_sector_write ||
1721 s->end_transfer_func == ide_atapi_cmd) {
1722 return false;
1723 } else if (s->end_transfer_func == ide_sector_read ||
1724 s->end_transfer_func == ide_transfer_stop ||
1725 s->end_transfer_func == ide_atapi_cmd_reply_end ||
1726 s->end_transfer_func == ide_dummy_transfer_stop) {
1727 return true;
1728 }
1729
1730 abort();
1731 }
1732
1733 void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
1734 {
1735 IDEBus *bus = opaque;
1736 IDEState *s = idebus_active_if(bus);
1737 uint8_t *p;
1738
1739 /* PIO data access allowed only when DRQ bit is set. The result of a write
1740 * during PIO out is indeterminate, just ignore it. */
1741 if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) {
1742 return;
1743 }
1744
1745 p = s->data_ptr;
1746 *(uint16_t *)p = le16_to_cpu(val);
1747 p += 2;
1748 s->data_ptr = p;
1749 if (p >= s->data_end)
1750 s->end_transfer_func(s);
1751 }
1752
1753 uint32_t ide_data_readw(void *opaque, uint32_t addr)
1754 {
1755 IDEBus *bus = opaque;
1756 IDEState *s = idebus_active_if(bus);
1757 uint8_t *p;
1758 int ret;
1759
1760 /* PIO data access allowed only when DRQ bit is set. The result of a read
1761 * during PIO in is indeterminate, return 0 and don't move forward. */
1762 if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) {
1763 return 0;
1764 }
1765
1766 p = s->data_ptr;
1767 ret = cpu_to_le16(*(uint16_t *)p);
1768 p += 2;
1769 s->data_ptr = p;
1770 if (p >= s->data_end)
1771 s->end_transfer_func(s);
1772 return ret;
1773 }
1774
1775 void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
1776 {
1777 IDEBus *bus = opaque;
1778 IDEState *s = idebus_active_if(bus);
1779 uint8_t *p;
1780
1781 /* PIO data access allowed only when DRQ bit is set. The result of a write
1782 * during PIO out is indeterminate, just ignore it. */
1783 if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) {
1784 return;
1785 }
1786
1787 p = s->data_ptr;
1788 *(uint32_t *)p = le32_to_cpu(val);
1789 p += 4;
1790 s->data_ptr = p;
1791 if (p >= s->data_end)
1792 s->end_transfer_func(s);
1793 }
1794
1795 uint32_t ide_data_readl(void *opaque, uint32_t addr)
1796 {
1797 IDEBus *bus = opaque;
1798 IDEState *s = idebus_active_if(bus);
1799 uint8_t *p;
1800 int ret;
1801
1802 /* PIO data access allowed only when DRQ bit is set. The result of a read
1803 * during PIO in is indeterminate, return 0 and don't move forward. */
1804 if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) {
1805 return 0;
1806 }
1807
1808 p = s->data_ptr;
1809 ret = cpu_to_le32(*(uint32_t *)p);
1810 p += 4;
1811 s->data_ptr = p;
1812 if (p >= s->data_end)
1813 s->end_transfer_func(s);
1814 return ret;
1815 }
1816
1817 static void ide_dummy_transfer_stop(IDEState *s)
1818 {
1819 s->data_ptr = s->io_buffer;
1820 s->data_end = s->io_buffer;
1821 s->io_buffer[0] = 0xff;
1822 s->io_buffer[1] = 0xff;
1823 s->io_buffer[2] = 0xff;
1824 s->io_buffer[3] = 0xff;
1825 }
1826
1827 static void ide_reset(IDEState *s)
1828 {
1829 #ifdef DEBUG_IDE
1830 printf("ide: reset\n");
1831 #endif
1832
1833 if (s->pio_aiocb) {
1834 bdrv_aio_cancel(s->pio_aiocb);
1835 s->pio_aiocb = NULL;
1836 }
1837
1838 if (s->drive_kind == IDE_CFATA)
1839 s->mult_sectors = 0;
1840 else
1841 s->mult_sectors = MAX_MULT_SECTORS;
1842 /* ide regs */
1843 s->feature = 0;
1844 s->error = 0;
1845 s->nsector = 0;
1846 s->sector = 0;
1847 s->lcyl = 0;
1848 s->hcyl = 0;
1849
1850 /* lba48 */
1851 s->hob_feature = 0;
1852 s->hob_sector = 0;
1853 s->hob_nsector = 0;
1854 s->hob_lcyl = 0;
1855 s->hob_hcyl = 0;
1856
1857 s->select = 0xa0;
1858 s->status = READY_STAT | SEEK_STAT;
1859
1860 s->lba48 = 0;
1861
1862 /* ATAPI specific */
1863 s->sense_key = 0;
1864 s->asc = 0;
1865 s->cdrom_changed = 0;
1866 s->packet_transfer_size = 0;
1867 s->elementary_transfer_size = 0;
1868 s->io_buffer_index = 0;
1869 s->cd_sector_size = 0;
1870 s->atapi_dma = 0;
1871 /* ATA DMA state */
1872 s->io_buffer_size = 0;
1873 s->req_nb_sectors = 0;
1874
1875 ide_set_signature(s);
1876 /* init the transfer handler so that 0xffff is returned on data
1877 accesses */
1878 s->end_transfer_func = ide_dummy_transfer_stop;
1879 ide_dummy_transfer_stop(s);
1880 s->media_changed = 0;
1881 }
1882
1883 void ide_bus_reset(IDEBus *bus)
1884 {
1885 bus->unit = 0;
1886 bus->cmd = 0;
1887 ide_reset(&bus->ifs[0]);
1888 ide_reset(&bus->ifs[1]);
1889 ide_clear_hob(bus);
1890
1891 /* pending async DMA */
1892 if (bus->dma->aiocb) {
1893 #ifdef DEBUG_AIO
1894 printf("aio_cancel\n");
1895 #endif
1896 bdrv_aio_cancel(bus->dma->aiocb);
1897 bus->dma->aiocb = NULL;
1898 }
1899
1900 /* reset dma provider too */
1901 bus->dma->ops->reset(bus->dma);
1902 }
1903
1904 static bool ide_cd_is_tray_open(void *opaque)
1905 {
1906 return ((IDEState *)opaque)->tray_open;
1907 }
1908
1909 static bool ide_cd_is_medium_locked(void *opaque)
1910 {
1911 return ((IDEState *)opaque)->tray_locked;
1912 }
1913
1914 static const BlockDevOps ide_cd_block_ops = {
1915 .change_media_cb = ide_cd_change_cb,
1916 .eject_request_cb = ide_cd_eject_request_cb,
1917 .is_tray_open = ide_cd_is_tray_open,
1918 .is_medium_locked = ide_cd_is_medium_locked,
1919 };
1920
1921 int ide_init_drive(IDEState *s, BlockDriverState *bs, IDEDriveKind kind,
1922 const char *version, const char *serial, const char *model,
1923 uint64_t wwn,
1924 uint32_t cylinders, uint32_t heads, uint32_t secs,
1925 int chs_trans)
1926 {
1927 uint64_t nb_sectors;
1928
1929 s->bs = bs;
1930 s->drive_kind = kind;
1931
1932 bdrv_get_geometry(bs, &nb_sectors);
1933 s->cylinders = cylinders;
1934 s->heads = heads;
1935 s->sectors = secs;
1936 s->chs_trans = chs_trans;
1937 s->nb_sectors = nb_sectors;
1938 s->wwn = wwn;
1939 /* The SMART values should be preserved across power cycles
1940 but they aren't. */
1941 s->smart_enabled = 1;
1942 s->smart_autosave = 1;
1943 s->smart_errors = 0;
1944 s->smart_selftest_count = 0;
1945 if (kind == IDE_CD) {
1946 bdrv_set_dev_ops(bs, &ide_cd_block_ops, s);
1947 bdrv_set_buffer_alignment(bs, 2048);
1948 } else {
1949 if (!bdrv_is_inserted(s->bs)) {
1950 error_report("Device needs media, but drive is empty");
1951 return -1;
1952 }
1953 if (bdrv_is_read_only(bs)) {
1954 error_report("Can't use a read-only drive");
1955 return -1;
1956 }
1957 }
1958 if (serial) {
1959 pstrcpy(s->drive_serial_str, sizeof(s->drive_serial_str), serial);
1960 } else {
1961 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str),
1962 "QM%05d", s->drive_serial);
1963 }
1964 if (model) {
1965 pstrcpy(s->drive_model_str, sizeof(s->drive_model_str), model);
1966 } else {
1967 switch (kind) {
1968 case IDE_CD:
1969 strcpy(s->drive_model_str, "QEMU DVD-ROM");
1970 break;
1971 case IDE_CFATA:
1972 strcpy(s->drive_model_str, "QEMU MICRODRIVE");
1973 break;
1974 default:
1975 strcpy(s->drive_model_str, "QEMU HARDDISK");
1976 break;
1977 }
1978 }
1979
1980 if (version) {
1981 pstrcpy(s->version, sizeof(s->version), version);
1982 } else {
1983 pstrcpy(s->version, sizeof(s->version), qemu_get_version());
1984 }
1985
1986 ide_reset(s);
1987 bdrv_iostatus_enable(bs);
1988 return 0;
1989 }
1990
1991 static void ide_init1(IDEBus *bus, int unit)
1992 {
1993 static int drive_serial = 1;
1994 IDEState *s = &bus->ifs[unit];
1995
1996 s->bus = bus;
1997 s->unit = unit;
1998 s->drive_serial = drive_serial++;
1999 /* we need at least 2k alignment for accessing CDROMs using O_DIRECT */
2000 s->io_buffer_total_len = IDE_DMA_BUF_SECTORS*512 + 4;
2001 s->io_buffer = qemu_memalign(2048, s->io_buffer_total_len);
2002 memset(s->io_buffer, 0, s->io_buffer_total_len);
2003
2004 s->smart_selftest_data = qemu_blockalign(s->bs, 512);
2005 memset(s->smart_selftest_data, 0, 512);
2006
2007 s->sector_write_timer = qemu_new_timer_ns(vm_clock,
2008 ide_sector_write_timer_cb, s);
2009 }
2010
2011 static void ide_nop_start(IDEDMA *dma, IDEState *s,
2012 BlockDriverCompletionFunc *cb)
2013 {
2014 }
2015
2016 static int ide_nop(IDEDMA *dma)
2017 {
2018 return 0;
2019 }
2020
2021 static int ide_nop_int(IDEDMA *dma, int x)
2022 {
2023 return 0;
2024 }
2025
2026 static void ide_nop_restart(void *opaque, int x, RunState y)
2027 {
2028 }
2029
2030 static const IDEDMAOps ide_dma_nop_ops = {
2031 .start_dma = ide_nop_start,
2032 .start_transfer = ide_nop,
2033 .prepare_buf = ide_nop_int,
2034 .rw_buf = ide_nop_int,
2035 .set_unit = ide_nop_int,
2036 .add_status = ide_nop_int,
2037 .set_inactive = ide_nop,
2038 .restart_cb = ide_nop_restart,
2039 .reset = ide_nop,
2040 };
2041
2042 static IDEDMA ide_dma_nop = {
2043 .ops = &ide_dma_nop_ops,
2044 .aiocb = NULL,
2045 };
2046
2047 void ide_init2(IDEBus *bus, qemu_irq irq)
2048 {
2049 int i;
2050
2051 for(i = 0; i < 2; i++) {
2052 ide_init1(bus, i);
2053 ide_reset(&bus->ifs[i]);
2054 }
2055 bus->irq = irq;
2056 bus->dma = &ide_dma_nop;
2057 }
2058
2059 /* TODO convert users to qdev and remove */
2060 void ide_init2_with_non_qdev_drives(IDEBus *bus, DriveInfo *hd0,
2061 DriveInfo *hd1, qemu_irq irq)
2062 {
2063 int i, trans;
2064 DriveInfo *dinfo;
2065 uint32_t cyls, heads, secs;
2066
2067 for(i = 0; i < 2; i++) {
2068 dinfo = i == 0 ? hd0 : hd1;
2069 ide_init1(bus, i);
2070 if (dinfo) {
2071 cyls = dinfo->cyls;
2072 heads = dinfo->heads;
2073 secs = dinfo->secs;
2074 trans = dinfo->trans;
2075 if (!cyls && !heads && !secs) {
2076 hd_geometry_guess(dinfo->bdrv, &cyls, &heads, &secs, &trans);
2077 } else if (trans == BIOS_ATA_TRANSLATION_AUTO) {
2078 trans = hd_bios_chs_auto_trans(cyls, heads, secs);
2079 }
2080 if (cyls < 1 || cyls > 65535) {
2081 error_report("cyls must be between 1 and 65535");
2082 exit(1);
2083 }
2084 if (heads < 1 || heads > 16) {
2085 error_report("heads must be between 1 and 16");
2086 exit(1);
2087 }
2088 if (secs < 1 || secs > 255) {
2089 error_report("secs must be between 1 and 255");
2090 exit(1);
2091 }
2092 if (ide_init_drive(&bus->ifs[i], dinfo->bdrv,
2093 dinfo->media_cd ? IDE_CD : IDE_HD,
2094 NULL, dinfo->serial, NULL, 0,
2095 cyls, heads, secs, trans) < 0) {
2096 error_report("Can't set up IDE drive %s", dinfo->id);
2097 exit(1);
2098 }
2099 bdrv_attach_dev_nofail(dinfo->bdrv, &bus->ifs[i]);
2100 } else {
2101 ide_reset(&bus->ifs[i]);
2102 }
2103 }
2104 bus->irq = irq;
2105 bus->dma = &ide_dma_nop;
2106 }
2107
2108 static const MemoryRegionPortio ide_portio_list[] = {
2109 { 0, 8, 1, .read = ide_ioport_read, .write = ide_ioport_write },
2110 { 0, 2, 2, .read = ide_data_readw, .write = ide_data_writew },
2111 { 0, 4, 4, .read = ide_data_readl, .write = ide_data_writel },
2112 PORTIO_END_OF_LIST(),
2113 };
2114
2115 static const MemoryRegionPortio ide_portio2_list[] = {
2116 { 0, 1, 1, .read = ide_status_read, .write = ide_cmd_write },
2117 PORTIO_END_OF_LIST(),
2118 };
2119
2120 void ide_init_ioport(IDEBus *bus, ISADevice *dev, int iobase, int iobase2)
2121 {
2122 /* ??? Assume only ISA and PCI configurations, and that the PCI-ISA
2123 bridge has been setup properly to always register with ISA. */
2124 isa_register_portio_list(dev, iobase, ide_portio_list, bus, "ide");
2125
2126 if (iobase2) {
2127 isa_register_portio_list(dev, iobase2, ide_portio2_list, bus, "ide");
2128 }
2129 }
2130
2131 static bool is_identify_set(void *opaque, int version_id)
2132 {
2133 IDEState *s = opaque;
2134
2135 return s->identify_set != 0;
2136 }
2137
2138 static EndTransferFunc* transfer_end_table[] = {
2139 ide_sector_read,
2140 ide_sector_write,
2141 ide_transfer_stop,
2142 ide_atapi_cmd_reply_end,
2143 ide_atapi_cmd,
2144 ide_dummy_transfer_stop,
2145 };
2146
2147 static int transfer_end_table_idx(EndTransferFunc *fn)
2148 {
2149 int i;
2150
2151 for (i = 0; i < ARRAY_SIZE(transfer_end_table); i++)
2152 if (transfer_end_table[i] == fn)
2153 return i;
2154
2155 return -1;
2156 }
2157
2158 static int ide_drive_post_load(void *opaque, int version_id)
2159 {
2160 IDEState *s = opaque;
2161
2162 if (version_id < 3) {
2163 if (s->sense_key == UNIT_ATTENTION &&
2164 s->asc == ASC_MEDIUM_MAY_HAVE_CHANGED) {
2165 s->cdrom_changed = 1;
2166 }
2167 }
2168 if (s->identify_set) {
2169 bdrv_set_enable_write_cache(s->bs, !!(s->identify_data[85] & (1 << 5)));
2170 }
2171 return 0;
2172 }
2173
2174 static int ide_drive_pio_post_load(void *opaque, int version_id)
2175 {
2176 IDEState *s = opaque;
2177
2178 if (s->end_transfer_fn_idx >= ARRAY_SIZE(transfer_end_table)) {
2179 return -EINVAL;
2180 }
2181 s->end_transfer_func = transfer_end_table[s->end_transfer_fn_idx];
2182 s->data_ptr = s->io_buffer + s->cur_io_buffer_offset;
2183 s->data_end = s->data_ptr + s->cur_io_buffer_len;
2184
2185 return 0;
2186 }
2187
2188 static void ide_drive_pio_pre_save(void *opaque)
2189 {
2190 IDEState *s = opaque;
2191 int idx;
2192
2193 s->cur_io_buffer_offset = s->data_ptr - s->io_buffer;
2194 s->cur_io_buffer_len = s->data_end - s->data_ptr;
2195
2196 idx = transfer_end_table_idx(s->end_transfer_func);
2197 if (idx == -1) {
2198 fprintf(stderr, "%s: invalid end_transfer_func for DRQ_STAT\n",
2199 __func__);
2200 s->end_transfer_fn_idx = 2;
2201 } else {
2202 s->end_transfer_fn_idx = idx;
2203 }
2204 }
2205
2206 static bool ide_drive_pio_state_needed(void *opaque)
2207 {
2208 IDEState *s = opaque;
2209
2210 return ((s->status & DRQ_STAT) != 0)
2211 || (s->bus->error_status & BM_STATUS_PIO_RETRY);
2212 }
2213
2214 static bool ide_tray_state_needed(void *opaque)
2215 {
2216 IDEState *s = opaque;
2217
2218 return s->tray_open || s->tray_locked;
2219 }
2220
2221 static bool ide_atapi_gesn_needed(void *opaque)
2222 {
2223 IDEState *s = opaque;
2224
2225 return s->events.new_media || s->events.eject_request;
2226 }
2227
2228 static bool ide_error_needed(void *opaque)
2229 {
2230 IDEBus *bus = opaque;
2231
2232 return (bus->error_status != 0);
2233 }
2234
2235 /* Fields for GET_EVENT_STATUS_NOTIFICATION ATAPI command */
2236 static const VMStateDescription vmstate_ide_atapi_gesn_state = {
2237 .name ="ide_drive/atapi/gesn_state",
2238 .version_id = 1,
2239 .minimum_version_id = 1,
2240 .minimum_version_id_old = 1,
2241 .fields = (VMStateField []) {
2242 VMSTATE_BOOL(events.new_media, IDEState),
2243 VMSTATE_BOOL(events.eject_request, IDEState),
2244 VMSTATE_END_OF_LIST()
2245 }
2246 };
2247
2248 static const VMStateDescription vmstate_ide_tray_state = {
2249 .name = "ide_drive/tray_state",
2250 .version_id = 1,
2251 .minimum_version_id = 1,
2252 .minimum_version_id_old = 1,
2253 .fields = (VMStateField[]) {
2254 VMSTATE_BOOL(tray_open, IDEState),
2255 VMSTATE_BOOL(tray_locked, IDEState),
2256 VMSTATE_END_OF_LIST()
2257 }
2258 };
2259
2260 static const VMStateDescription vmstate_ide_drive_pio_state = {
2261 .name = "ide_drive/pio_state",
2262 .version_id = 1,
2263 .minimum_version_id = 1,
2264 .minimum_version_id_old = 1,
2265 .pre_save = ide_drive_pio_pre_save,
2266 .post_load = ide_drive_pio_post_load,
2267 .fields = (VMStateField []) {
2268 VMSTATE_INT32(req_nb_sectors, IDEState),
2269 VMSTATE_VARRAY_INT32(io_buffer, IDEState, io_buffer_total_len, 1,
2270 vmstate_info_uint8, uint8_t),
2271 VMSTATE_INT32(cur_io_buffer_offset, IDEState),
2272 VMSTATE_INT32(cur_io_buffer_len, IDEState),
2273 VMSTATE_UINT8(end_transfer_fn_idx, IDEState),
2274 VMSTATE_INT32(elementary_transfer_size, IDEState),
2275 VMSTATE_INT32(packet_transfer_size, IDEState),
2276 VMSTATE_END_OF_LIST()
2277 }
2278 };
2279
2280 const VMStateDescription vmstate_ide_drive = {
2281 .name = "ide_drive",
2282 .version_id = 3,
2283 .minimum_version_id = 0,
2284 .minimum_version_id_old = 0,
2285 .post_load = ide_drive_post_load,
2286 .fields = (VMStateField []) {
2287 VMSTATE_INT32(mult_sectors, IDEState),
2288 VMSTATE_INT32(identify_set, IDEState),
2289 VMSTATE_BUFFER_TEST(identify_data, IDEState, is_identify_set),
2290 VMSTATE_UINT8(feature, IDEState),
2291 VMSTATE_UINT8(error, IDEState),
2292 VMSTATE_UINT32(nsector, IDEState),
2293 VMSTATE_UINT8(sector, IDEState),
2294 VMSTATE_UINT8(lcyl, IDEState),
2295 VMSTATE_UINT8(hcyl, IDEState),
2296 VMSTATE_UINT8(hob_feature, IDEState),
2297 VMSTATE_UINT8(hob_sector, IDEState),
2298 VMSTATE_UINT8(hob_nsector, IDEState),
2299 VMSTATE_UINT8(hob_lcyl, IDEState),
2300 VMSTATE_UINT8(hob_hcyl, IDEState),
2301 VMSTATE_UINT8(select, IDEState),
2302 VMSTATE_UINT8(status, IDEState),
2303 VMSTATE_UINT8(lba48, IDEState),
2304 VMSTATE_UINT8(sense_key, IDEState),
2305 VMSTATE_UINT8(asc, IDEState),
2306 VMSTATE_UINT8_V(cdrom_changed, IDEState, 3),
2307 VMSTATE_END_OF_LIST()
2308 },
2309 .subsections = (VMStateSubsection []) {
2310 {
2311 .vmsd = &vmstate_ide_drive_pio_state,
2312 .needed = ide_drive_pio_state_needed,
2313 }, {
2314 .vmsd = &vmstate_ide_tray_state,
2315 .needed = ide_tray_state_needed,
2316 }, {
2317 .vmsd = &vmstate_ide_atapi_gesn_state,
2318 .needed = ide_atapi_gesn_needed,
2319 }, {
2320 /* empty */
2321 }
2322 }
2323 };
2324
2325 static const VMStateDescription vmstate_ide_error_status = {
2326 .name ="ide_bus/error",
2327 .version_id = 1,
2328 .minimum_version_id = 1,
2329 .minimum_version_id_old = 1,
2330 .fields = (VMStateField []) {
2331 VMSTATE_INT32(error_status, IDEBus),
2332 VMSTATE_END_OF_LIST()
2333 }
2334 };
2335
2336 const VMStateDescription vmstate_ide_bus = {
2337 .name = "ide_bus",
2338 .version_id = 1,
2339 .minimum_version_id = 1,
2340 .minimum_version_id_old = 1,
2341 .fields = (VMStateField []) {
2342 VMSTATE_UINT8(cmd, IDEBus),
2343 VMSTATE_UINT8(unit, IDEBus),
2344 VMSTATE_END_OF_LIST()
2345 },
2346 .subsections = (VMStateSubsection []) {
2347 {
2348 .vmsd = &vmstate_ide_error_status,
2349 .needed = ide_error_needed,
2350 }, {
2351 /* empty */
2352 }
2353 }
2354 };
2355
2356 void ide_drive_get(DriveInfo **hd, int max_bus)
2357 {
2358 int i;
2359
2360 if (drive_get_max_bus(IF_IDE) >= max_bus) {
2361 fprintf(stderr, "qemu: too many IDE bus: %d\n", max_bus);
2362 exit(1);
2363 }
2364
2365 for(i = 0; i < max_bus * MAX_IDE_DEVS; i++) {
2366 hd[i] = drive_get(IF_IDE, i / MAX_IDE_DEVS, i % MAX_IDE_DEVS);
2367 }
2368 }
Qemu copy for testing