]> git.proxmox.com Git - qemu.git/blob - hw/ide/core.c
projects / qemu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
ide: Fix error messages from static code analysis (no real error)
[qemu.git] / hw / ide / core.c
1 /*
2 * QEMU IDE disk and CD/DVD-ROM Emulator
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
25 #include <hw/hw.h>
26 #include <hw/pc.h>
27 #include <hw/pci.h>
28 #include <hw/isa.h>
29 #include "qemu-error.h"
30 #include "qemu-timer.h"
31 #include "sysemu.h"
32 #include "dma.h"
33 #include "hw/block-common.h"
34 #include "blockdev.h"
35
36 #include <hw/ide/internal.h>
37
38 /* These values were based on a Seagate ST3500418AS but have been modified
39 to make more sense in QEMU */
40 static const int smart_attributes[][12] = {
41 /* id, flags, hflags, val, wrst, raw (6 bytes), threshold */
42 /* raw read error rate*/
43 { 0x01, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06},
44 /* spin up */
45 { 0x03, 0x03, 0x00, 0x64, 0x64, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
46 /* start stop count */
47 { 0x04, 0x02, 0x00, 0x64, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x14},
48 /* remapped sectors */
49 { 0x05, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x24},
50 /* power on hours */
51 { 0x09, 0x03, 0x00, 0x64, 0x64, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
52 /* power cycle count */
53 { 0x0c, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
54 /* airflow-temperature-celsius */
55 { 190, 0x03, 0x00, 0x45, 0x45, 0x1f, 0x00, 0x1f, 0x1f, 0x00, 0x00, 0x32},
56 };
57
58 static int ide_handle_rw_error(IDEState *s, int error, int op);
59 static void ide_dummy_transfer_stop(IDEState *s);
60
61 static void padstr(char *str, const char *src, int len)
62 {
63 int i, v;
64 for(i = 0; i < len; i++) {
65 if (*src)
66 v = *src++;
67 else
68 v = ' ';
69 str[i^1] = v;
70 }
71 }
72
73 static void put_le16(uint16_t *p, unsigned int v)
74 {
75 *p = cpu_to_le16(v);
76 }
77
78 static void ide_identify(IDEState *s)
79 {
80 uint16_t *p;
81 unsigned int oldsize;
82 IDEDevice *dev = s->unit ? s->bus->slave : s->bus->master;
83
84 if (s->identify_set) {
85 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
86 return;
87 }
88
89 memset(s->io_buffer, 0, 512);
90 p = (uint16_t *)s->io_buffer;
91 put_le16(p + 0, 0x0040);
92 put_le16(p + 1, s->cylinders);
93 put_le16(p + 3, s->heads);
94 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
95 put_le16(p + 5, 512); /* XXX: retired, remove ? */
96 put_le16(p + 6, s->sectors);
97 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
98 put_le16(p + 20, 3); /* XXX: retired, remove ? */
99 put_le16(p + 21, 512); /* cache size in sectors */
100 put_le16(p + 22, 4); /* ecc bytes */
101 padstr((char *)(p + 23), s->version, 8); /* firmware version */
102 padstr((char *)(p + 27), s->drive_model_str, 40); /* model */
103 #if MAX_MULT_SECTORS > 1
104 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
105 #endif
106 put_le16(p + 48, 1); /* dword I/O */
107 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
108 put_le16(p + 51, 0x200); /* PIO transfer cycle */
109 put_le16(p + 52, 0x200); /* DMA transfer cycle */
110 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
111 put_le16(p + 54, s->cylinders);
112 put_le16(p + 55, s->heads);
113 put_le16(p + 56, s->sectors);
114 oldsize = s->cylinders * s->heads * s->sectors;
115 put_le16(p + 57, oldsize);
116 put_le16(p + 58, oldsize >> 16);
117 if (s->mult_sectors)
118 put_le16(p + 59, 0x100 | s->mult_sectors);
119 put_le16(p + 60, s->nb_sectors);
120 put_le16(p + 61, s->nb_sectors >> 16);
121 put_le16(p + 62, 0x07); /* single word dma0-2 supported */
122 put_le16(p + 63, 0x07); /* mdma0-2 supported */
123 put_le16(p + 64, 0x03); /* pio3-4 supported */
124 put_le16(p + 65, 120);
125 put_le16(p + 66, 120);
126 put_le16(p + 67, 120);
127 put_le16(p + 68, 120);
128 if (dev && dev->conf.discard_granularity) {
129 put_le16(p + 69, (1 << 14)); /* determinate TRIM behavior */
130 }
131
132 if (s->ncq_queues) {
133 put_le16(p + 75, s->ncq_queues - 1);
134 /* NCQ supported */
135 put_le16(p + 76, (1 << 8));
136 }
137
138 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
139 put_le16(p + 81, 0x16); /* conforms to ata5 */
140 /* 14=NOP supported, 5=WCACHE supported, 0=SMART supported */
141 put_le16(p + 82, (1 << 14) | (1 << 5) | 1);
142 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
143 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
144 /* 14=set to 1, 8=has WWN, 1=SMART self test, 0=SMART error logging */
145 if (s->wwn) {
146 put_le16(p + 84, (1 << 14) | (1 << 8) | 0);
147 } else {
148 put_le16(p + 84, (1 << 14) | 0);
149 }
150 /* 14 = NOP supported, 5=WCACHE enabled, 0=SMART feature set enabled */
151 if (bdrv_enable_write_cache(s->bs))
152 put_le16(p + 85, (1 << 14) | (1 << 5) | 1);
153 else
154 put_le16(p + 85, (1 << 14) | 1);
155 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
156 put_le16(p + 86, (1 << 13) | (1 <<12) | (1 << 10));
157 /* 14=set to 1, 8=has WWN, 1=SMART self test, 0=SMART error logging */
158 if (s->wwn) {
159 put_le16(p + 87, (1 << 14) | (1 << 8) | 0);
160 } else {
161 put_le16(p + 87, (1 << 14) | 0);
162 }
163 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
164 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
165 put_le16(p + 100, s->nb_sectors);
166 put_le16(p + 101, s->nb_sectors >> 16);
167 put_le16(p + 102, s->nb_sectors >> 32);
168 put_le16(p + 103, s->nb_sectors >> 48);
169
170 if (dev && dev->conf.physical_block_size)
171 put_le16(p + 106, 0x6000 | get_physical_block_exp(&dev->conf));
172 if (s->wwn) {
173 /* LE 16-bit words 111-108 contain 64-bit World Wide Name */
174 put_le16(p + 108, s->wwn >> 48);
175 put_le16(p + 109, s->wwn >> 32);
176 put_le16(p + 110, s->wwn >> 16);
177 put_le16(p + 111, s->wwn);
178 }
179 if (dev && dev->conf.discard_granularity) {
180 put_le16(p + 169, 1); /* TRIM support */
181 }
182
183 memcpy(s->identify_data, p, sizeof(s->identify_data));
184 s->identify_set = 1;
185 }
186
187 static void ide_atapi_identify(IDEState *s)
188 {
189 uint16_t *p;
190
191 if (s->identify_set) {
192 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
193 return;
194 }
195
196 memset(s->io_buffer, 0, 512);
197 p = (uint16_t *)s->io_buffer;
198 /* Removable CDROM, 50us response, 12 byte packets */
199 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
200 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
201 put_le16(p + 20, 3); /* buffer type */
202 put_le16(p + 21, 512); /* cache size in sectors */
203 put_le16(p + 22, 4); /* ecc bytes */
204 padstr((char *)(p + 23), s->version, 8); /* firmware version */
205 padstr((char *)(p + 27), s->drive_model_str, 40); /* model */
206 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
207 #ifdef USE_DMA_CDROM
208 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
209 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
210 put_le16(p + 62, 7); /* single word dma0-2 supported */
211 put_le16(p + 63, 7); /* mdma0-2 supported */
212 #else
213 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
214 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
215 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
216 #endif
217 put_le16(p + 64, 3); /* pio3-4 supported */
218 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
219 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
220 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
221 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
222
223 put_le16(p + 71, 30); /* in ns */
224 put_le16(p + 72, 30); /* in ns */
225
226 if (s->ncq_queues) {
227 put_le16(p + 75, s->ncq_queues - 1);
228 /* NCQ supported */
229 put_le16(p + 76, (1 << 8));
230 }
231
232 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
233 #ifdef USE_DMA_CDROM
234 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
235 #endif
236 memcpy(s->identify_data, p, sizeof(s->identify_data));
237 s->identify_set = 1;
238 }
239
240 static void ide_cfata_identify(IDEState *s)
241 {
242 uint16_t *p;
243 uint32_t cur_sec;
244
245 p = (uint16_t *) s->identify_data;
246 if (s->identify_set)
247 goto fill_buffer;
248
249 memset(p, 0, sizeof(s->identify_data));
250
251 cur_sec = s->cylinders * s->heads * s->sectors;
252
253 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
254 put_le16(p + 1, s->cylinders); /* Default cylinders */
255 put_le16(p + 3, s->heads); /* Default heads */
256 put_le16(p + 6, s->sectors); /* Default sectors per track */
257 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
258 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
259 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
260 put_le16(p + 22, 0x0004); /* ECC bytes */
261 padstr((char *) (p + 23), s->version, 8); /* Firmware Revision */
262 padstr((char *) (p + 27), s->drive_model_str, 40);/* Model number */
263 #if MAX_MULT_SECTORS > 1
264 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
265 #else
266 put_le16(p + 47, 0x0000);
267 #endif
268 put_le16(p + 49, 0x0f00); /* Capabilities */
269 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
270 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
271 put_le16(p + 53, 0x0003); /* Translation params valid */
272 put_le16(p + 54, s->cylinders); /* Current cylinders */
273 put_le16(p + 55, s->heads); /* Current heads */
274 put_le16(p + 56, s->sectors); /* Current sectors */
275 put_le16(p + 57, cur_sec); /* Current capacity */
276 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
277 if (s->mult_sectors) /* Multiple sector setting */
278 put_le16(p + 59, 0x100 | s->mult_sectors);
279 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
280 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
281 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
282 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
283 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
284 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
285 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
286 put_le16(p + 82, 0x400c); /* Command Set supported */
287 put_le16(p + 83, 0x7068); /* Command Set supported */
288 put_le16(p + 84, 0x4000); /* Features supported */
289 put_le16(p + 85, 0x000c); /* Command Set enabled */
290 put_le16(p + 86, 0x7044); /* Command Set enabled */
291 put_le16(p + 87, 0x4000); /* Features enabled */
292 put_le16(p + 91, 0x4060); /* Current APM level */
293 put_le16(p + 129, 0x0002); /* Current features option */
294 put_le16(p + 130, 0x0005); /* Reassigned sectors */
295 put_le16(p + 131, 0x0001); /* Initial power mode */
296 put_le16(p + 132, 0x0000); /* User signature */
297 put_le16(p + 160, 0x8100); /* Power requirement */
298 put_le16(p + 161, 0x8001); /* CF command set */
299
300 s->identify_set = 1;
301
302 fill_buffer:
303 memcpy(s->io_buffer, p, sizeof(s->identify_data));
304 }
305
306 static void ide_set_signature(IDEState *s)
307 {
308 s->select &= 0xf0; /* clear head */
309 /* put signature */
310 s->nsector = 1;
311 s->sector = 1;
312 if (s->drive_kind == IDE_CD) {
313 s->lcyl = 0x14;
314 s->hcyl = 0xeb;
315 } else if (s->bs) {
316 s->lcyl = 0;
317 s->hcyl = 0;
318 } else {
319 s->lcyl = 0xff;
320 s->hcyl = 0xff;
321 }
322 }
323
324 typedef struct TrimAIOCB {
325 BlockDriverAIOCB common;
326 QEMUBH *bh;
327 int ret;
328 } TrimAIOCB;
329
330 static void trim_aio_cancel(BlockDriverAIOCB *acb)
331 {
332 TrimAIOCB *iocb = container_of(acb, TrimAIOCB, common);
333
334 qemu_bh_delete(iocb->bh);
335 iocb->bh = NULL;
336 qemu_aio_release(iocb);
337 }
338
339 static AIOPool trim_aio_pool = {
340 .aiocb_size = sizeof(TrimAIOCB),
341 .cancel = trim_aio_cancel,
342 };
343
344 static void ide_trim_bh_cb(void *opaque)
345 {
346 TrimAIOCB *iocb = opaque;
347
348 iocb->common.cb(iocb->common.opaque, iocb->ret);
349
350 qemu_bh_delete(iocb->bh);
351 iocb->bh = NULL;
352
353 qemu_aio_release(iocb);
354 }
355
356 BlockDriverAIOCB *ide_issue_trim(BlockDriverState *bs,
357 int64_t sector_num, QEMUIOVector *qiov, int nb_sectors,
358 BlockDriverCompletionFunc *cb, void *opaque)
359 {
360 TrimAIOCB *iocb;
361 int i, j, ret;
362
363 iocb = qemu_aio_get(&trim_aio_pool, bs, cb, opaque);
364 iocb->bh = qemu_bh_new(ide_trim_bh_cb, iocb);
365 iocb->ret = 0;
366
367 for (j = 0; j < qiov->niov; j++) {
368 uint64_t *buffer = qiov->iov[j].iov_base;
369
370 for (i = 0; i < qiov->iov[j].iov_len / 8; i++) {
371 /* 6-byte LBA + 2-byte range per entry */
372 uint64_t entry = le64_to_cpu(buffer[i]);
373 uint64_t sector = entry & 0x0000ffffffffffffULL;
374 uint16_t count = entry >> 48;
375
376 if (count == 0) {
377 break;
378 }
379
380 ret = bdrv_discard(bs, sector, count);
381 if (!iocb->ret) {
382 iocb->ret = ret;
383 }
384 }
385 }
386
387 qemu_bh_schedule(iocb->bh);
388
389 return &iocb->common;
390 }
391
392 static inline void ide_abort_command(IDEState *s)
393 {
394 s->status = READY_STAT | ERR_STAT;
395 s->error = ABRT_ERR;
396 }
397
398 /* prepare data transfer and tell what to do after */
399 void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
400 EndTransferFunc *end_transfer_func)
401 {
402 s->end_transfer_func = end_transfer_func;
403 s->data_ptr = buf;
404 s->data_end = buf + size;
405 if (!(s->status & ERR_STAT)) {
406 s->status |= DRQ_STAT;
407 }
408 s->bus->dma->ops->start_transfer(s->bus->dma);
409 }
410
411 void ide_transfer_stop(IDEState *s)
412 {
413 s->end_transfer_func = ide_transfer_stop;
414 s->data_ptr = s->io_buffer;
415 s->data_end = s->io_buffer;
416 s->status &= ~DRQ_STAT;
417 }
418
419 int64_t ide_get_sector(IDEState *s)
420 {
421 int64_t sector_num;
422 if (s->select & 0x40) {
423 /* lba */
424 if (!s->lba48) {
425 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
426 (s->lcyl << 8) | s->sector;
427 } else {
428 sector_num = ((int64_t)s->hob_hcyl << 40) |
429 ((int64_t) s->hob_lcyl << 32) |
430 ((int64_t) s->hob_sector << 24) |
431 ((int64_t) s->hcyl << 16) |
432 ((int64_t) s->lcyl << 8) | s->sector;
433 }
434 } else {
435 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
436 (s->select & 0x0f) * s->sectors + (s->sector - 1);
437 }
438 return sector_num;
439 }
440
441 void ide_set_sector(IDEState *s, int64_t sector_num)
442 {
443 unsigned int cyl, r;
444 if (s->select & 0x40) {
445 if (!s->lba48) {
446 s->select = (s->select & 0xf0) | (sector_num >> 24);
447 s->hcyl = (sector_num >> 16);
448 s->lcyl = (sector_num >> 8);
449 s->sector = (sector_num);
450 } else {
451 s->sector = sector_num;
452 s->lcyl = sector_num >> 8;
453 s->hcyl = sector_num >> 16;
454 s->hob_sector = sector_num >> 24;
455 s->hob_lcyl = sector_num >> 32;
456 s->hob_hcyl = sector_num >> 40;
457 }
458 } else {
459 cyl = sector_num / (s->heads * s->sectors);
460 r = sector_num % (s->heads * s->sectors);
461 s->hcyl = cyl >> 8;
462 s->lcyl = cyl;
463 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
464 s->sector = (r % s->sectors) + 1;
465 }
466 }
467
468 static void ide_rw_error(IDEState *s) {
469 ide_abort_command(s);
470 ide_set_irq(s->bus);
471 }
472
473 static void ide_sector_read_cb(void *opaque, int ret)
474 {
475 IDEState *s = opaque;
476 int n;
477
478 s->pio_aiocb = NULL;
479 s->status &= ~BUSY_STAT;
480
481 bdrv_acct_done(s->bs, &s->acct);
482 if (ret != 0) {
483 if (ide_handle_rw_error(s, -ret, BM_STATUS_PIO_RETRY |
484 BM_STATUS_RETRY_READ)) {
485 return;
486 }
487 }
488
489 n = s->nsector;
490 if (n > s->req_nb_sectors) {
491 n = s->req_nb_sectors;
492 }
493
494 /* Allow the guest to read the io_buffer */
495 ide_transfer_start(s, s->io_buffer, n * BDRV_SECTOR_SIZE, ide_sector_read);
496
497 ide_set_irq(s->bus);
498
499 ide_set_sector(s, ide_get_sector(s) + n);
500 s->nsector -= n;
501 }
502
503 void ide_sector_read(IDEState *s)
504 {
505 int64_t sector_num;
506 int n;
507
508 s->status = READY_STAT | SEEK_STAT;
509 s->error = 0; /* not needed by IDE spec, but needed by Windows */
510 sector_num = ide_get_sector(s);
511 n = s->nsector;
512
513 if (n == 0) {
514 ide_transfer_stop(s);
515 return;
516 }
517
518 s->status |= BUSY_STAT;
519
520 if (n > s->req_nb_sectors) {
521 n = s->req_nb_sectors;
522 }
523
524 #if defined(DEBUG_IDE)
525 printf("sector=%" PRId64 "\n", sector_num);
526 #endif
527
528 s->iov.iov_base = s->io_buffer;
529 s->iov.iov_len = n * BDRV_SECTOR_SIZE;
530 qemu_iovec_init_external(&s->qiov, &s->iov, 1);
531
532 bdrv_acct_start(s->bs, &s->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ);
533 s->pio_aiocb = bdrv_aio_readv(s->bs, sector_num, &s->qiov, n,
534 ide_sector_read_cb, s);
535 }
536
537 static void dma_buf_commit(IDEState *s)
538 {
539 qemu_sglist_destroy(&s->sg);
540 }
541
542 void ide_set_inactive(IDEState *s)
543 {
544 s->bus->dma->aiocb = NULL;
545 s->bus->dma->ops->set_inactive(s->bus->dma);
546 }
547
548 void ide_dma_error(IDEState *s)
549 {
550 ide_transfer_stop(s);
551 s->error = ABRT_ERR;
552 s->status = READY_STAT | ERR_STAT;
553 ide_set_inactive(s);
554 ide_set_irq(s->bus);
555 }
556
557 static int ide_handle_rw_error(IDEState *s, int error, int op)
558 {
559 int is_read = (op & BM_STATUS_RETRY_READ);
560 BlockErrorAction action = bdrv_get_on_error(s->bs, is_read);
561
562 if (action == BLOCK_ERR_IGNORE) {
563 bdrv_emit_qmp_error_event(s->bs, BDRV_ACTION_IGNORE, is_read);
564 return 0;
565 }
566
567 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
568 || action == BLOCK_ERR_STOP_ANY) {
569 s->bus->dma->ops->set_unit(s->bus->dma, s->unit);
570 s->bus->error_status = op;
571 bdrv_emit_qmp_error_event(s->bs, BDRV_ACTION_STOP, is_read);
572 vm_stop(RUN_STATE_IO_ERROR);
573 bdrv_iostatus_set_err(s->bs, error);
574 } else {
575 if (op & BM_STATUS_DMA_RETRY) {
576 dma_buf_commit(s);
577 ide_dma_error(s);
578 } else {
579 ide_rw_error(s);
580 }
581 bdrv_emit_qmp_error_event(s->bs, BDRV_ACTION_REPORT, is_read);
582 }
583
584 return 1;
585 }
586
587 void ide_dma_cb(void *opaque, int ret)
588 {
589 IDEState *s = opaque;
590 int n;
591 int64_t sector_num;
592
593 if (ret < 0) {
594 int op = BM_STATUS_DMA_RETRY;
595
596 if (s->dma_cmd == IDE_DMA_READ)
597 op |= BM_STATUS_RETRY_READ;
598 else if (s->dma_cmd == IDE_DMA_TRIM)
599 op |= BM_STATUS_RETRY_TRIM;
600
601 if (ide_handle_rw_error(s, -ret, op)) {
602 return;
603 }
604 }
605
606 n = s->io_buffer_size >> 9;
607 sector_num = ide_get_sector(s);
608 if (n > 0) {
609 dma_buf_commit(s);
610 sector_num += n;
611 ide_set_sector(s, sector_num);
612 s->nsector -= n;
613 }
614
615 /* end of transfer ? */
616 if (s->nsector == 0) {
617 s->status = READY_STAT | SEEK_STAT;
618 ide_set_irq(s->bus);
619 goto eot;
620 }
621
622 /* launch next transfer */
623 n = s->nsector;
624 s->io_buffer_index = 0;
625 s->io_buffer_size = n * 512;
626 if (s->bus->dma->ops->prepare_buf(s->bus->dma, ide_cmd_is_read(s)) == 0) {
627 /* The PRDs were too short. Reset the Active bit, but don't raise an
628 * interrupt. */
629 goto eot;
630 }
631
632 #ifdef DEBUG_AIO
633 printf("ide_dma_cb: sector_num=%" PRId64 " n=%d, cmd_cmd=%d\n",
634 sector_num, n, s->dma_cmd);
635 #endif
636
637 switch (s->dma_cmd) {
638 case IDE_DMA_READ:
639 s->bus->dma->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num,
640 ide_dma_cb, s);
641 break;
642 case IDE_DMA_WRITE:
643 s->bus->dma->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num,
644 ide_dma_cb, s);
645 break;
646 case IDE_DMA_TRIM:
647 s->bus->dma->aiocb = dma_bdrv_io(s->bs, &s->sg, sector_num,
648 ide_issue_trim, ide_dma_cb, s,
649 DMA_DIRECTION_TO_DEVICE);
650 break;
651 }
652 return;
653
654 eot:
655 if (s->dma_cmd == IDE_DMA_READ || s->dma_cmd == IDE_DMA_WRITE) {
656 bdrv_acct_done(s->bs, &s->acct);
657 }
658 ide_set_inactive(s);
659 }
660
661 static void ide_sector_start_dma(IDEState *s, enum ide_dma_cmd dma_cmd)
662 {
663 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
664 s->io_buffer_index = 0;
665 s->io_buffer_size = 0;
666 s->dma_cmd = dma_cmd;
667
668 switch (dma_cmd) {
669 case IDE_DMA_READ:
670 bdrv_acct_start(s->bs, &s->acct, s->nsector * BDRV_SECTOR_SIZE,
671 BDRV_ACCT_READ);
672 break;
673 case IDE_DMA_WRITE:
674 bdrv_acct_start(s->bs, &s->acct, s->nsector * BDRV_SECTOR_SIZE,
675 BDRV_ACCT_WRITE);
676 break;
677 default:
678 break;
679 }
680
681 s->bus->dma->ops->start_dma(s->bus->dma, s, ide_dma_cb);
682 }
683
684 static void ide_sector_write_timer_cb(void *opaque)
685 {
686 IDEState *s = opaque;
687 ide_set_irq(s->bus);
688 }
689
690 static void ide_sector_write_cb(void *opaque, int ret)
691 {
692 IDEState *s = opaque;
693 int n;
694
695 bdrv_acct_done(s->bs, &s->acct);
696
697 s->pio_aiocb = NULL;
698 s->status &= ~BUSY_STAT;
699
700 if (ret != 0) {
701 if (ide_handle_rw_error(s, -ret, BM_STATUS_PIO_RETRY)) {
702 return;
703 }
704 }
705
706 n = s->nsector;
707 if (n > s->req_nb_sectors) {
708 n = s->req_nb_sectors;
709 }
710 s->nsector -= n;
711 if (s->nsector == 0) {
712 /* no more sectors to write */
713 ide_transfer_stop(s);
714 } else {
715 int n1 = s->nsector;
716 if (n1 > s->req_nb_sectors) {
717 n1 = s->req_nb_sectors;
718 }
719 ide_transfer_start(s, s->io_buffer, n1 * BDRV_SECTOR_SIZE,
720 ide_sector_write);
721 }
722 ide_set_sector(s, ide_get_sector(s) + n);
723
724 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
725 /* It seems there is a bug in the Windows 2000 installer HDD
726 IDE driver which fills the disk with empty logs when the
727 IDE write IRQ comes too early. This hack tries to correct
728 that at the expense of slower write performances. Use this
729 option _only_ to install Windows 2000. You must disable it
730 for normal use. */
731 qemu_mod_timer(s->sector_write_timer,
732 qemu_get_clock_ns(vm_clock) + (get_ticks_per_sec() / 1000));
733 } else {
734 ide_set_irq(s->bus);
735 }
736 }
737
738 void ide_sector_write(IDEState *s)
739 {
740 int64_t sector_num;
741 int n;
742
743 s->status = READY_STAT | SEEK_STAT | BUSY_STAT;
744 sector_num = ide_get_sector(s);
745 #if defined(DEBUG_IDE)
746 printf("sector=%" PRId64 "\n", sector_num);
747 #endif
748 n = s->nsector;
749 if (n > s->req_nb_sectors) {
750 n = s->req_nb_sectors;
751 }
752
753 s->iov.iov_base = s->io_buffer;
754 s->iov.iov_len = n * BDRV_SECTOR_SIZE;
755 qemu_iovec_init_external(&s->qiov, &s->iov, 1);
756
757 bdrv_acct_start(s->bs, &s->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ);
758 s->pio_aiocb = bdrv_aio_writev(s->bs, sector_num, &s->qiov, n,
759 ide_sector_write_cb, s);
760 }
761
762 static void ide_flush_cb(void *opaque, int ret)
763 {
764 IDEState *s = opaque;
765
766 if (ret < 0) {
767 /* XXX: What sector number to set here? */
768 if (ide_handle_rw_error(s, -ret, BM_STATUS_RETRY_FLUSH)) {
769 return;
770 }
771 }
772
773 bdrv_acct_done(s->bs, &s->acct);
774 s->status = READY_STAT | SEEK_STAT;
775 ide_set_irq(s->bus);
776 }
777
778 void ide_flush_cache(IDEState *s)
779 {
780 if (s->bs == NULL) {
781 ide_flush_cb(s, 0);
782 return;
783 }
784
785 bdrv_acct_start(s->bs, &s->acct, 0, BDRV_ACCT_FLUSH);
786 bdrv_aio_flush(s->bs, ide_flush_cb, s);
787 }
788
789 static void ide_cfata_metadata_inquiry(IDEState *s)
790 {
791 uint16_t *p;
792 uint32_t spd;
793
794 p = (uint16_t *) s->io_buffer;
795 memset(p, 0, 0x200);
796 spd = ((s->mdata_size - 1) >> 9) + 1;
797
798 put_le16(p + 0, 0x0001); /* Data format revision */
799 put_le16(p + 1, 0x0000); /* Media property: silicon */
800 put_le16(p + 2, s->media_changed); /* Media status */
801 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
802 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
803 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
804 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
805 }
806
807 static void ide_cfata_metadata_read(IDEState *s)
808 {
809 uint16_t *p;
810
811 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
812 s->status = ERR_STAT;
813 s->error = ABRT_ERR;
814 return;
815 }
816
817 p = (uint16_t *) s->io_buffer;
818 memset(p, 0, 0x200);
819
820 put_le16(p + 0, s->media_changed); /* Media status */
821 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
822 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
823 s->nsector << 9), 0x200 - 2));
824 }
825
826 static void ide_cfata_metadata_write(IDEState *s)
827 {
828 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
829 s->status = ERR_STAT;
830 s->error = ABRT_ERR;
831 return;
832 }
833
834 s->media_changed = 0;
835
836 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
837 s->io_buffer + 2,
838 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
839 s->nsector << 9), 0x200 - 2));
840 }
841
842 /* called when the inserted state of the media has changed */
843 static void ide_cd_change_cb(void *opaque, bool load)
844 {
845 IDEState *s = opaque;
846 uint64_t nb_sectors;
847
848 s->tray_open = !load;
849 bdrv_get_geometry(s->bs, &nb_sectors);
850 s->nb_sectors = nb_sectors;
851
852 /*
853 * First indicate to the guest that a CD has been removed. That's
854 * done on the next command the guest sends us.
855 *
856 * Then we set UNIT_ATTENTION, by which the guest will
857 * detect a new CD in the drive. See ide_atapi_cmd() for details.
858 */
859 s->cdrom_changed = 1;
860 s->events.new_media = true;
861 s->events.eject_request = false;
862 ide_set_irq(s->bus);
863 }
864
865 static void ide_cd_eject_request_cb(void *opaque, bool force)
866 {
867 IDEState *s = opaque;
868
869 s->events.eject_request = true;
870 if (force) {
871 s->tray_locked = false;
872 }
873 ide_set_irq(s->bus);
874 }
875
876 static void ide_cmd_lba48_transform(IDEState *s, int lba48)
877 {
878 s->lba48 = lba48;
879
880 /* handle the 'magic' 0 nsector count conversion here. to avoid
881 * fiddling with the rest of the read logic, we just store the
882 * full sector count in ->nsector and ignore ->hob_nsector from now
883 */
884 if (!s->lba48) {
885 if (!s->nsector)
886 s->nsector = 256;
887 } else {
888 if (!s->nsector && !s->hob_nsector)
889 s->nsector = 65536;
890 else {
891 int lo = s->nsector;
892 int hi = s->hob_nsector;
893
894 s->nsector = (hi << 8) | lo;
895 }
896 }
897 }
898
899 static void ide_clear_hob(IDEBus *bus)
900 {
901 /* any write clears HOB high bit of device control register */
902 bus->ifs[0].select &= ~(1 << 7);
903 bus->ifs[1].select &= ~(1 << 7);
904 }
905
906 void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
907 {
908 IDEBus *bus = opaque;
909
910 #ifdef DEBUG_IDE
911 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
912 #endif
913
914 addr &= 7;
915
916 /* ignore writes to command block while busy with previous command */
917 if (addr != 7 && (idebus_active_if(bus)->status & (BUSY_STAT|DRQ_STAT)))
918 return;
919
920 switch(addr) {
921 case 0:
922 break;
923 case 1:
924 ide_clear_hob(bus);
925 /* NOTE: data is written to the two drives */
926 bus->ifs[0].hob_feature = bus->ifs[0].feature;
927 bus->ifs[1].hob_feature = bus->ifs[1].feature;
928 bus->ifs[0].feature = val;
929 bus->ifs[1].feature = val;
930 break;
931 case 2:
932 ide_clear_hob(bus);
933 bus->ifs[0].hob_nsector = bus->ifs[0].nsector;
934 bus->ifs[1].hob_nsector = bus->ifs[1].nsector;
935 bus->ifs[0].nsector = val;
936 bus->ifs[1].nsector = val;
937 break;
938 case 3:
939 ide_clear_hob(bus);
940 bus->ifs[0].hob_sector = bus->ifs[0].sector;
941 bus->ifs[1].hob_sector = bus->ifs[1].sector;
942 bus->ifs[0].sector = val;
943 bus->ifs[1].sector = val;
944 break;
945 case 4:
946 ide_clear_hob(bus);
947 bus->ifs[0].hob_lcyl = bus->ifs[0].lcyl;
948 bus->ifs[1].hob_lcyl = bus->ifs[1].lcyl;
949 bus->ifs[0].lcyl = val;
950 bus->ifs[1].lcyl = val;
951 break;
952 case 5:
953 ide_clear_hob(bus);
954 bus->ifs[0].hob_hcyl = bus->ifs[0].hcyl;
955 bus->ifs[1].hob_hcyl = bus->ifs[1].hcyl;
956 bus->ifs[0].hcyl = val;
957 bus->ifs[1].hcyl = val;
958 break;
959 case 6:
960 /* FIXME: HOB readback uses bit 7 */
961 bus->ifs[0].select = (val & ~0x10) | 0xa0;
962 bus->ifs[1].select = (val | 0x10) | 0xa0;
963 /* select drive */
964 bus->unit = (val >> 4) & 1;
965 break;
966 default:
967 case 7:
968 /* command */
969 ide_exec_cmd(bus, val);
970 break;
971 }
972 }
973
974 #define HD_OK (1u << IDE_HD)
975 #define CD_OK (1u << IDE_CD)
976 #define CFA_OK (1u << IDE_CFATA)
977 #define HD_CFA_OK (HD_OK | CFA_OK)
978 #define ALL_OK (HD_OK | CD_OK | CFA_OK)
979
980 /* See ACS-2 T13/2015-D Table B.2 Command codes */
981 static const uint8_t ide_cmd_table[0x100] = {
982 /* NOP not implemented, mandatory for CD */
983 [CFA_REQ_EXT_ERROR_CODE] = CFA_OK,
984 [WIN_DSM] = ALL_OK,
985 [WIN_DEVICE_RESET] = CD_OK,
986 [WIN_RECAL] = HD_CFA_OK,
987 [WIN_READ] = ALL_OK,
988 [WIN_READ_ONCE] = ALL_OK,
989 [WIN_READ_EXT] = HD_CFA_OK,
990 [WIN_READDMA_EXT] = HD_CFA_OK,
991 [WIN_READ_NATIVE_MAX_EXT] = HD_CFA_OK,
992 [WIN_MULTREAD_EXT] = HD_CFA_OK,
993 [WIN_WRITE] = HD_CFA_OK,
994 [WIN_WRITE_ONCE] = HD_CFA_OK,
995 [WIN_WRITE_EXT] = HD_CFA_OK,
996 [WIN_WRITEDMA_EXT] = HD_CFA_OK,
997 [CFA_WRITE_SECT_WO_ERASE] = CFA_OK,
998 [WIN_MULTWRITE_EXT] = HD_CFA_OK,
999 [WIN_WRITE_VERIFY] = HD_CFA_OK,
1000 [WIN_VERIFY] = HD_CFA_OK,
1001 [WIN_VERIFY_ONCE] = HD_CFA_OK,
1002 [WIN_VERIFY_EXT] = HD_CFA_OK,
1003 [WIN_SEEK] = HD_CFA_OK,
1004 [CFA_TRANSLATE_SECTOR] = CFA_OK,
1005 [WIN_DIAGNOSE] = ALL_OK,
1006 [WIN_SPECIFY] = HD_CFA_OK,
1007 [WIN_STANDBYNOW2] = ALL_OK,
1008 [WIN_IDLEIMMEDIATE2] = ALL_OK,
1009 [WIN_STANDBY2] = ALL_OK,
1010 [WIN_SETIDLE2] = ALL_OK,
1011 [WIN_CHECKPOWERMODE2] = ALL_OK,
1012 [WIN_SLEEPNOW2] = ALL_OK,
1013 [WIN_PACKETCMD] = CD_OK,
1014 [WIN_PIDENTIFY] = CD_OK,
1015 [WIN_SMART] = HD_CFA_OK,
1016 [CFA_ACCESS_METADATA_STORAGE] = CFA_OK,
1017 [CFA_ERASE_SECTORS] = CFA_OK,
1018 [WIN_MULTREAD] = HD_CFA_OK,
1019 [WIN_MULTWRITE] = HD_CFA_OK,
1020 [WIN_SETMULT] = HD_CFA_OK,
1021 [WIN_READDMA] = HD_CFA_OK,
1022 [WIN_READDMA_ONCE] = HD_CFA_OK,
1023 [WIN_WRITEDMA] = HD_CFA_OK,
1024 [WIN_WRITEDMA_ONCE] = HD_CFA_OK,
1025 [CFA_WRITE_MULTI_WO_ERASE] = CFA_OK,
1026 [WIN_STANDBYNOW1] = ALL_OK,
1027 [WIN_IDLEIMMEDIATE] = ALL_OK,
1028 [WIN_STANDBY] = ALL_OK,
1029 [WIN_SETIDLE1] = ALL_OK,
1030 [WIN_CHECKPOWERMODE1] = ALL_OK,
1031 [WIN_SLEEPNOW1] = ALL_OK,
1032 [WIN_FLUSH_CACHE] = ALL_OK,
1033 [WIN_FLUSH_CACHE_EXT] = HD_CFA_OK,
1034 [WIN_IDENTIFY] = ALL_OK,
1035 [WIN_SETFEATURES] = ALL_OK,
1036 [IBM_SENSE_CONDITION] = CFA_OK,
1037 [CFA_WEAR_LEVEL] = HD_CFA_OK,
1038 [WIN_READ_NATIVE_MAX] = ALL_OK,
1039 };
1040
1041 static bool ide_cmd_permitted(IDEState *s, uint32_t cmd)
1042 {
1043 return cmd < ARRAY_SIZE(ide_cmd_table)
1044 && (ide_cmd_table[cmd] & (1u << s->drive_kind));
1045 }
1046
1047 void ide_exec_cmd(IDEBus *bus, uint32_t val)
1048 {
1049 uint16_t *identify_data;
1050 IDEState *s;
1051 int n;
1052 int lba48 = 0;
1053
1054 #if defined(DEBUG_IDE)
1055 printf("ide: CMD=%02x\n", val);
1056 #endif
1057 s = idebus_active_if(bus);
1058 /* ignore commands to non existent slave */
1059 if (s != bus->ifs && !s->bs)
1060 return;
1061
1062 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */
1063 if ((s->status & (BUSY_STAT|DRQ_STAT)) && val != WIN_DEVICE_RESET)
1064 return;
1065
1066 if (!ide_cmd_permitted(s, val)) {
1067 goto abort_cmd;
1068 }
1069
1070 switch(val) {
1071 case WIN_DSM:
1072 switch (s->feature) {
1073 case DSM_TRIM:
1074 if (!s->bs) {
1075 goto abort_cmd;
1076 }
1077 ide_sector_start_dma(s, IDE_DMA_TRIM);
1078 break;
1079 default:
1080 goto abort_cmd;
1081 }
1082 break;
1083 case WIN_IDENTIFY:
1084 if (s->bs && s->drive_kind != IDE_CD) {
1085 if (s->drive_kind != IDE_CFATA)
1086 ide_identify(s);
1087 else
1088 ide_cfata_identify(s);
1089 s->status = READY_STAT | SEEK_STAT;
1090 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1091 } else {
1092 if (s->drive_kind == IDE_CD) {
1093 ide_set_signature(s);
1094 }
1095 ide_abort_command(s);
1096 }
1097 ide_set_irq(s->bus);
1098 break;
1099 case WIN_SPECIFY:
1100 case WIN_RECAL:
1101 s->error = 0;
1102 s->status = READY_STAT | SEEK_STAT;
1103 ide_set_irq(s->bus);
1104 break;
1105 case WIN_SETMULT:
1106 if (s->drive_kind == IDE_CFATA && s->nsector == 0) {
1107 /* Disable Read and Write Multiple */
1108 s->mult_sectors = 0;
1109 s->status = READY_STAT | SEEK_STAT;
1110 } else if ((s->nsector & 0xff) != 0 &&
1111 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
1112 (s->nsector & (s->nsector - 1)) != 0)) {
1113 ide_abort_command(s);
1114 } else {
1115 s->mult_sectors = s->nsector & 0xff;
1116 s->status = READY_STAT | SEEK_STAT;
1117 }
1118 ide_set_irq(s->bus);
1119 break;
1120 case WIN_VERIFY_EXT:
1121 lba48 = 1;
1122 case WIN_VERIFY:
1123 case WIN_VERIFY_ONCE:
1124 /* do sector number check ? */
1125 ide_cmd_lba48_transform(s, lba48);
1126 s->status = READY_STAT | SEEK_STAT;
1127 ide_set_irq(s->bus);
1128 break;
1129 case WIN_READ_EXT:
1130 lba48 = 1;
1131 case WIN_READ:
1132 case WIN_READ_ONCE:
1133 if (s->drive_kind == IDE_CD) {
1134 ide_set_signature(s); /* odd, but ATA4 8.27.5.2 requires it */
1135 goto abort_cmd;
1136 }
1137 if (!s->bs) {
1138 goto abort_cmd;
1139 }
1140 ide_cmd_lba48_transform(s, lba48);
1141 s->req_nb_sectors = 1;
1142 ide_sector_read(s);
1143 break;
1144 case WIN_WRITE_EXT:
1145 lba48 = 1;
1146 case WIN_WRITE:
1147 case WIN_WRITE_ONCE:
1148 case CFA_WRITE_SECT_WO_ERASE:
1149 case WIN_WRITE_VERIFY:
1150 if (!s->bs) {
1151 goto abort_cmd;
1152 }
1153 ide_cmd_lba48_transform(s, lba48);
1154 s->error = 0;
1155 s->status = SEEK_STAT | READY_STAT;
1156 s->req_nb_sectors = 1;
1157 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1158 s->media_changed = 1;
1159 break;
1160 case WIN_MULTREAD_EXT:
1161 lba48 = 1;
1162 case WIN_MULTREAD:
1163 if (!s->bs) {
1164 goto abort_cmd;
1165 }
1166 if (!s->mult_sectors) {
1167 goto abort_cmd;
1168 }
1169 ide_cmd_lba48_transform(s, lba48);
1170 s->req_nb_sectors = s->mult_sectors;
1171 ide_sector_read(s);
1172 break;
1173 case WIN_MULTWRITE_EXT:
1174 lba48 = 1;
1175 case WIN_MULTWRITE:
1176 case CFA_WRITE_MULTI_WO_ERASE:
1177 if (!s->bs) {
1178 goto abort_cmd;
1179 }
1180 if (!s->mult_sectors) {
1181 goto abort_cmd;
1182 }
1183 ide_cmd_lba48_transform(s, lba48);
1184 s->error = 0;
1185 s->status = SEEK_STAT | READY_STAT;
1186 s->req_nb_sectors = s->mult_sectors;
1187 n = s->nsector;
1188 if (n > s->req_nb_sectors)
1189 n = s->req_nb_sectors;
1190 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1191 s->media_changed = 1;
1192 break;
1193 case WIN_READDMA_EXT:
1194 lba48 = 1;
1195 case WIN_READDMA:
1196 case WIN_READDMA_ONCE:
1197 if (!s->bs) {
1198 goto abort_cmd;
1199 }
1200 ide_cmd_lba48_transform(s, lba48);
1201 ide_sector_start_dma(s, IDE_DMA_READ);
1202 break;
1203 case WIN_WRITEDMA_EXT:
1204 lba48 = 1;
1205 case WIN_WRITEDMA:
1206 case WIN_WRITEDMA_ONCE:
1207 if (!s->bs) {
1208 goto abort_cmd;
1209 }
1210 ide_cmd_lba48_transform(s, lba48);
1211 ide_sector_start_dma(s, IDE_DMA_WRITE);
1212 s->media_changed = 1;
1213 break;
1214 case WIN_READ_NATIVE_MAX_EXT:
1215 lba48 = 1;
1216 case WIN_READ_NATIVE_MAX:
1217 ide_cmd_lba48_transform(s, lba48);
1218 ide_set_sector(s, s->nb_sectors - 1);
1219 s->status = READY_STAT | SEEK_STAT;
1220 ide_set_irq(s->bus);
1221 break;
1222 case WIN_CHECKPOWERMODE1:
1223 case WIN_CHECKPOWERMODE2:
1224 s->error = 0;
1225 s->nsector = 0xff; /* device active or idle */
1226 s->status = READY_STAT | SEEK_STAT;
1227 ide_set_irq(s->bus);
1228 break;
1229 case WIN_SETFEATURES:
1230 if (!s->bs)
1231 goto abort_cmd;
1232 /* XXX: valid for CDROM ? */
1233 switch(s->feature) {
1234 case 0x02: /* write cache enable */
1235 bdrv_set_enable_write_cache(s->bs, true);
1236 identify_data = (uint16_t *)s->identify_data;
1237 put_le16(identify_data + 85, (1 << 14) | (1 << 5) | 1);
1238 s->status = READY_STAT | SEEK_STAT;
1239 ide_set_irq(s->bus);
1240 break;
1241 case 0x82: /* write cache disable */
1242 bdrv_set_enable_write_cache(s->bs, false);
1243 identify_data = (uint16_t *)s->identify_data;
1244 put_le16(identify_data + 85, (1 << 14) | 1);
1245 ide_flush_cache(s);
1246 break;
1247 case 0xcc: /* reverting to power-on defaults enable */
1248 case 0x66: /* reverting to power-on defaults disable */
1249 case 0xaa: /* read look-ahead enable */
1250 case 0x55: /* read look-ahead disable */
1251 case 0x05: /* set advanced power management mode */
1252 case 0x85: /* disable advanced power management mode */
1253 case 0x69: /* NOP */
1254 case 0x67: /* NOP */
1255 case 0x96: /* NOP */
1256 case 0x9a: /* NOP */
1257 case 0x42: /* enable Automatic Acoustic Mode */
1258 case 0xc2: /* disable Automatic Acoustic Mode */
1259 s->status = READY_STAT | SEEK_STAT;
1260 ide_set_irq(s->bus);
1261 break;
1262 case 0x03: { /* set transfer mode */
1263 uint8_t val = s->nsector & 0x07;
1264 identify_data = (uint16_t *)s->identify_data;
1265
1266 switch (s->nsector >> 3) {
1267 case 0x00: /* pio default */
1268 case 0x01: /* pio mode */
1269 put_le16(identify_data + 62,0x07);
1270 put_le16(identify_data + 63,0x07);
1271 put_le16(identify_data + 88,0x3f);
1272 break;
1273 case 0x02: /* sigle word dma mode*/
1274 put_le16(identify_data + 62,0x07 | (1 << (val + 8)));
1275 put_le16(identify_data + 63,0x07);
1276 put_le16(identify_data + 88,0x3f);
1277 break;
1278 case 0x04: /* mdma mode */
1279 put_le16(identify_data + 62,0x07);
1280 put_le16(identify_data + 63,0x07 | (1 << (val + 8)));
1281 put_le16(identify_data + 88,0x3f);
1282 break;
1283 case 0x08: /* udma mode */
1284 put_le16(identify_data + 62,0x07);
1285 put_le16(identify_data + 63,0x07);
1286 put_le16(identify_data + 88,0x3f | (1 << (val + 8)));
1287 break;
1288 default:
1289 goto abort_cmd;
1290 }
1291 s->status = READY_STAT | SEEK_STAT;
1292 ide_set_irq(s->bus);
1293 break;
1294 }
1295 default:
1296 goto abort_cmd;
1297 }
1298 break;
1299 case WIN_FLUSH_CACHE:
1300 case WIN_FLUSH_CACHE_EXT:
1301 ide_flush_cache(s);
1302 break;
1303 case WIN_STANDBY:
1304 case WIN_STANDBY2:
1305 case WIN_STANDBYNOW1:
1306 case WIN_STANDBYNOW2:
1307 case WIN_IDLEIMMEDIATE:
1308 case WIN_IDLEIMMEDIATE2:
1309 case WIN_SETIDLE1:
1310 case WIN_SETIDLE2:
1311 case WIN_SLEEPNOW1:
1312 case WIN_SLEEPNOW2:
1313 s->status = READY_STAT;
1314 ide_set_irq(s->bus);
1315 break;
1316 case WIN_SEEK:
1317 /* XXX: Check that seek is within bounds */
1318 s->status = READY_STAT | SEEK_STAT;
1319 ide_set_irq(s->bus);
1320 break;
1321 /* ATAPI commands */
1322 case WIN_PIDENTIFY:
1323 ide_atapi_identify(s);
1324 s->status = READY_STAT | SEEK_STAT;
1325 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1326 ide_set_irq(s->bus);
1327 break;
1328 case WIN_DIAGNOSE:
1329 ide_set_signature(s);
1330 if (s->drive_kind == IDE_CD)
1331 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet
1332 * devices to return a clear status register
1333 * with READY_STAT *not* set. */
1334 else
1335 s->status = READY_STAT | SEEK_STAT;
1336 s->error = 0x01; /* Device 0 passed, Device 1 passed or not
1337 * present.
1338 */
1339 ide_set_irq(s->bus);
1340 break;
1341 case WIN_DEVICE_RESET:
1342 ide_set_signature(s);
1343 s->status = 0x00; /* NOTE: READY is _not_ set */
1344 s->error = 0x01;
1345 break;
1346 case WIN_PACKETCMD:
1347 /* overlapping commands not supported */
1348 if (s->feature & 0x02)
1349 goto abort_cmd;
1350 s->status = READY_STAT | SEEK_STAT;
1351 s->atapi_dma = s->feature & 1;
1352 s->nsector = 1;
1353 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
1354 ide_atapi_cmd);
1355 break;
1356 /* CF-ATA commands */
1357 case CFA_REQ_EXT_ERROR_CODE:
1358 s->error = 0x09; /* miscellaneous error */
1359 s->status = READY_STAT | SEEK_STAT;
1360 ide_set_irq(s->bus);
1361 break;
1362 case CFA_ERASE_SECTORS:
1363 case CFA_WEAR_LEVEL:
1364 #if 0
1365 /* This one has the same ID as CFA_WEAR_LEVEL and is required for
1366 Windows 8 to work with AHCI */
1367 case WIN_SECURITY_FREEZE_LOCK:
1368 #endif
1369 if (val == CFA_WEAR_LEVEL)
1370 s->nsector = 0;
1371 if (val == CFA_ERASE_SECTORS)
1372 s->media_changed = 1;
1373 s->error = 0x00;
1374 s->status = READY_STAT | SEEK_STAT;
1375 ide_set_irq(s->bus);
1376 break;
1377 case CFA_TRANSLATE_SECTOR:
1378 s->error = 0x00;
1379 s->status = READY_STAT | SEEK_STAT;
1380 memset(s->io_buffer, 0, 0x200);
1381 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
1382 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
1383 s->io_buffer[0x02] = s->select; /* Head */
1384 s->io_buffer[0x03] = s->sector; /* Sector */
1385 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
1386 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
1387 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
1388 s->io_buffer[0x13] = 0x00; /* Erase flag */
1389 s->io_buffer[0x18] = 0x00; /* Hot count */
1390 s->io_buffer[0x19] = 0x00; /* Hot count */
1391 s->io_buffer[0x1a] = 0x01; /* Hot count */
1392 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
1393 ide_set_irq(s->bus);
1394 break;
1395 case CFA_ACCESS_METADATA_STORAGE:
1396 switch (s->feature) {
1397 case 0x02: /* Inquiry Metadata Storage */
1398 ide_cfata_metadata_inquiry(s);
1399 break;
1400 case 0x03: /* Read Metadata Storage */
1401 ide_cfata_metadata_read(s);
1402 break;
1403 case 0x04: /* Write Metadata Storage */
1404 ide_cfata_metadata_write(s);
1405 break;
1406 default:
1407 goto abort_cmd;
1408 }
1409 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
1410 s->status = 0x00; /* NOTE: READY is _not_ set */
1411 ide_set_irq(s->bus);
1412 break;
1413 case IBM_SENSE_CONDITION:
1414 switch (s->feature) {
1415 case 0x01: /* sense temperature in device */
1416 s->nsector = 0x50; /* +20 C */
1417 break;
1418 default:
1419 goto abort_cmd;
1420 }
1421 s->status = READY_STAT | SEEK_STAT;
1422 ide_set_irq(s->bus);
1423 break;
1424
1425 case WIN_SMART:
1426 if (s->hcyl != 0xc2 || s->lcyl != 0x4f)
1427 goto abort_cmd;
1428 if (!s->smart_enabled && s->feature != SMART_ENABLE)
1429 goto abort_cmd;
1430 switch (s->feature) {
1431 case SMART_DISABLE:
1432 s->smart_enabled = 0;
1433 s->status = READY_STAT | SEEK_STAT;
1434 ide_set_irq(s->bus);
1435 break;
1436 case SMART_ENABLE:
1437 s->smart_enabled = 1;
1438 s->status = READY_STAT | SEEK_STAT;
1439 ide_set_irq(s->bus);
1440 break;
1441 case SMART_ATTR_AUTOSAVE:
1442 switch (s->sector) {
1443 case 0x00:
1444 s->smart_autosave = 0;
1445 break;
1446 case 0xf1:
1447 s->smart_autosave = 1;
1448 break;
1449 default:
1450 goto abort_cmd;
1451 }
1452 s->status = READY_STAT | SEEK_STAT;
1453 ide_set_irq(s->bus);
1454 break;
1455 case SMART_STATUS:
1456 if (!s->smart_errors) {
1457 s->hcyl = 0xc2;
1458 s->lcyl = 0x4f;
1459 } else {
1460 s->hcyl = 0x2c;
1461 s->lcyl = 0xf4;
1462 }
1463 s->status = READY_STAT | SEEK_STAT;
1464 ide_set_irq(s->bus);
1465 break;
1466 case SMART_READ_THRESH:
1467 memset(s->io_buffer, 0, 0x200);
1468 s->io_buffer[0] = 0x01; /* smart struct version */
1469 for (n = 0; n < ARRAY_SIZE(smart_attributes); n++) {
1470 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0];
1471 s->io_buffer[2+1+(n*12)] = smart_attributes[n][11];
1472 }
1473 for (n=0; n<511; n++) /* checksum */
1474 s->io_buffer[511] += s->io_buffer[n];
1475 s->io_buffer[511] = 0x100 - s->io_buffer[511];
1476 s->status = READY_STAT | SEEK_STAT;
1477 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
1478 ide_set_irq(s->bus);
1479 break;
1480 case SMART_READ_DATA:
1481 memset(s->io_buffer, 0, 0x200);
1482 s->io_buffer[0] = 0x01; /* smart struct version */
1483 for (n = 0; n < ARRAY_SIZE(smart_attributes); n++) {
1484 int i;
1485 for(i = 0; i < 11; i++) {
1486 s->io_buffer[2+i+(n*12)] = smart_attributes[n][i];
1487 }
1488 }
1489 s->io_buffer[362] = 0x02 | (s->smart_autosave?0x80:0x00);
1490 if (s->smart_selftest_count == 0) {
1491 s->io_buffer[363] = 0;
1492 } else {
1493 s->io_buffer[363] =
1494 s->smart_selftest_data[3 +
1495 (s->smart_selftest_count - 1) *
1496 24];
1497 }
1498 s->io_buffer[364] = 0x20;
1499 s->io_buffer[365] = 0x01;
1500 /* offline data collection capacity: execute + self-test*/
1501 s->io_buffer[367] = (1<<4 | 1<<3 | 1);
1502 s->io_buffer[368] = 0x03; /* smart capability (1) */
1503 s->io_buffer[369] = 0x00; /* smart capability (2) */
1504 s->io_buffer[370] = 0x01; /* error logging supported */
1505 s->io_buffer[372] = 0x02; /* minutes for poll short test */
1506 s->io_buffer[373] = 0x36; /* minutes for poll ext test */
1507 s->io_buffer[374] = 0x01; /* minutes for poll conveyance */
1508
1509 for (n=0; n<511; n++)
1510 s->io_buffer[511] += s->io_buffer[n];
1511 s->io_buffer[511] = 0x100 - s->io_buffer[511];
1512 s->status = READY_STAT | SEEK_STAT;
1513 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
1514 ide_set_irq(s->bus);
1515 break;
1516 case SMART_READ_LOG:
1517 switch (s->sector) {
1518 case 0x01: /* summary smart error log */
1519 memset(s->io_buffer, 0, 0x200);
1520 s->io_buffer[0] = 0x01;
1521 s->io_buffer[1] = 0x00; /* no error entries */
1522 s->io_buffer[452] = s->smart_errors & 0xff;
1523 s->io_buffer[453] = (s->smart_errors & 0xff00) >> 8;
1524
1525 for (n=0; n<511; n++)
1526 s->io_buffer[511] += s->io_buffer[n];
1527 s->io_buffer[511] = 0x100 - s->io_buffer[511];
1528 break;
1529 case 0x06: /* smart self test log */
1530 memset(s->io_buffer, 0, 0x200);
1531 s->io_buffer[0] = 0x01;
1532 if (s->smart_selftest_count == 0) {
1533 s->io_buffer[508] = 0;
1534 } else {
1535 s->io_buffer[508] = s->smart_selftest_count;
1536 for (n=2; n<506; n++)
1537 s->io_buffer[n] = s->smart_selftest_data[n];
1538 }
1539 for (n=0; n<511; n++)
1540 s->io_buffer[511] += s->io_buffer[n];
1541 s->io_buffer[511] = 0x100 - s->io_buffer[511];
1542 break;
1543 default:
1544 goto abort_cmd;
1545 }
1546 s->status = READY_STAT | SEEK_STAT;
1547 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
1548 ide_set_irq(s->bus);
1549 break;
1550 case SMART_EXECUTE_OFFLINE:
1551 switch (s->sector) {
1552 case 0: /* off-line routine */
1553 case 1: /* short self test */
1554 case 2: /* extended self test */
1555 s->smart_selftest_count++;
1556 if(s->smart_selftest_count > 21)
1557 s->smart_selftest_count = 0;
1558 n = 2 + (s->smart_selftest_count - 1) * 24;
1559 s->smart_selftest_data[n] = s->sector;
1560 s->smart_selftest_data[n+1] = 0x00; /* OK and finished */
1561 s->smart_selftest_data[n+2] = 0x34; /* hour count lsb */
1562 s->smart_selftest_data[n+3] = 0x12; /* hour count msb */
1563 s->status = READY_STAT | SEEK_STAT;
1564 ide_set_irq(s->bus);
1565 break;
1566 default:
1567 goto abort_cmd;
1568 }
1569 break;
1570 default:
1571 goto abort_cmd;
1572 }
1573 break;
1574 default:
1575 /* should not be reachable */
1576 abort_cmd:
1577 ide_abort_command(s);
1578 ide_set_irq(s->bus);
1579 break;
1580 }
1581 }
1582
1583 uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
1584 {
1585 IDEBus *bus = opaque;
1586 IDEState *s = idebus_active_if(bus);
1587 uint32_t addr;
1588 int ret, hob;
1589
1590 addr = addr1 & 7;
1591 /* FIXME: HOB readback uses bit 7, but it's always set right now */
1592 //hob = s->select & (1 << 7);
1593 hob = 0;
1594 switch(addr) {
1595 case 0:
1596 ret = 0xff;
1597 break;
1598 case 1:
1599 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
1600 (s != bus->ifs && !s->bs))
1601 ret = 0;
1602 else if (!hob)
1603 ret = s->error;
1604 else
1605 ret = s->hob_feature;
1606 break;
1607 case 2:
1608 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
1609 ret = 0;
1610 else if (!hob)
1611 ret = s->nsector & 0xff;
1612 else
1613 ret = s->hob_nsector;
1614 break;
1615 case 3:
1616 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
1617 ret = 0;
1618 else if (!hob)
1619 ret = s->sector;
1620 else
1621 ret = s->hob_sector;
1622 break;
1623 case 4:
1624 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
1625 ret = 0;
1626 else if (!hob)
1627 ret = s->lcyl;
1628 else
1629 ret = s->hob_lcyl;
1630 break;
1631 case 5:
1632 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
1633 ret = 0;
1634 else if (!hob)
1635 ret = s->hcyl;
1636 else
1637 ret = s->hob_hcyl;
1638 break;
1639 case 6:
1640 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
1641 ret = 0;
1642 else
1643 ret = s->select;
1644 break;
1645 default:
1646 case 7:
1647 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
1648 (s != bus->ifs && !s->bs))
1649 ret = 0;
1650 else
1651 ret = s->status;
1652 qemu_irq_lower(bus->irq);
1653 break;
1654 }
1655 #ifdef DEBUG_IDE
1656 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
1657 #endif
1658 return ret;
1659 }
1660
1661 uint32_t ide_status_read(void *opaque, uint32_t addr)
1662 {
1663 IDEBus *bus = opaque;
1664 IDEState *s = idebus_active_if(bus);
1665 int ret;
1666
1667 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
1668 (s != bus->ifs && !s->bs))
1669 ret = 0;
1670 else
1671 ret = s->status;
1672 #ifdef DEBUG_IDE
1673 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
1674 #endif
1675 return ret;
1676 }
1677
1678 void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
1679 {
1680 IDEBus *bus = opaque;
1681 IDEState *s;
1682 int i;
1683
1684 #ifdef DEBUG_IDE
1685 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
1686 #endif
1687 /* common for both drives */
1688 if (!(bus->cmd & IDE_CMD_RESET) &&
1689 (val & IDE_CMD_RESET)) {
1690 /* reset low to high */
1691 for(i = 0;i < 2; i++) {
1692 s = &bus->ifs[i];
1693 s->status = BUSY_STAT | SEEK_STAT;
1694 s->error = 0x01;
1695 }
1696 } else if ((bus->cmd & IDE_CMD_RESET) &&
1697 !(val & IDE_CMD_RESET)) {
1698 /* high to low */
1699 for(i = 0;i < 2; i++) {
1700 s = &bus->ifs[i];
1701 if (s->drive_kind == IDE_CD)
1702 s->status = 0x00; /* NOTE: READY is _not_ set */
1703 else
1704 s->status = READY_STAT | SEEK_STAT;
1705 ide_set_signature(s);
1706 }
1707 }
1708
1709 bus->cmd = val;
1710 }
1711
1712 /*
1713 * Returns true if the running PIO transfer is a PIO out (i.e. data is
1714 * transferred from the device to the guest), false if it's a PIO in
1715 */
1716 static bool ide_is_pio_out(IDEState *s)
1717 {
1718 if (s->end_transfer_func == ide_sector_write ||
1719 s->end_transfer_func == ide_atapi_cmd) {
1720 return false;
1721 } else if (s->end_transfer_func == ide_sector_read ||
1722 s->end_transfer_func == ide_transfer_stop ||
1723 s->end_transfer_func == ide_atapi_cmd_reply_end ||
1724 s->end_transfer_func == ide_dummy_transfer_stop) {
1725 return true;
1726 }
1727
1728 abort();
1729 }
1730
1731 void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
1732 {
1733 IDEBus *bus = opaque;
1734 IDEState *s = idebus_active_if(bus);
1735 uint8_t *p;
1736
1737 /* PIO data access allowed only when DRQ bit is set. The result of a write
1738 * during PIO out is indeterminate, just ignore it. */
1739 if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) {
1740 return;
1741 }
1742
1743 p = s->data_ptr;
1744 *(uint16_t *)p = le16_to_cpu(val);
1745 p += 2;
1746 s->data_ptr = p;
1747 if (p >= s->data_end)
1748 s->end_transfer_func(s);
1749 }
1750
1751 uint32_t ide_data_readw(void *opaque, uint32_t addr)
1752 {
1753 IDEBus *bus = opaque;
1754 IDEState *s = idebus_active_if(bus);
1755 uint8_t *p;
1756 int ret;
1757
1758 /* PIO data access allowed only when DRQ bit is set. The result of a read
1759 * during PIO in is indeterminate, return 0 and don't move forward. */
1760 if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) {
1761 return 0;
1762 }
1763
1764 p = s->data_ptr;
1765 ret = cpu_to_le16(*(uint16_t *)p);
1766 p += 2;
1767 s->data_ptr = p;
1768 if (p >= s->data_end)
1769 s->end_transfer_func(s);
1770 return ret;
1771 }
1772
1773 void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
1774 {
1775 IDEBus *bus = opaque;
1776 IDEState *s = idebus_active_if(bus);
1777 uint8_t *p;
1778
1779 /* PIO data access allowed only when DRQ bit is set. The result of a write
1780 * during PIO out is indeterminate, just ignore it. */
1781 if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) {
1782 return;
1783 }
1784
1785 p = s->data_ptr;
1786 *(uint32_t *)p = le32_to_cpu(val);
1787 p += 4;
1788 s->data_ptr = p;
1789 if (p >= s->data_end)
1790 s->end_transfer_func(s);
1791 }
1792
1793 uint32_t ide_data_readl(void *opaque, uint32_t addr)
1794 {
1795 IDEBus *bus = opaque;
1796 IDEState *s = idebus_active_if(bus);
1797 uint8_t *p;
1798 int ret;
1799
1800 /* PIO data access allowed only when DRQ bit is set. The result of a read
1801 * during PIO in is indeterminate, return 0 and don't move forward. */
1802 if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) {
1803 return 0;
1804 }
1805
1806 p = s->data_ptr;
1807 ret = cpu_to_le32(*(uint32_t *)p);
1808 p += 4;
1809 s->data_ptr = p;
1810 if (p >= s->data_end)
1811 s->end_transfer_func(s);
1812 return ret;
1813 }
1814
1815 static void ide_dummy_transfer_stop(IDEState *s)
1816 {
1817 s->data_ptr = s->io_buffer;
1818 s->data_end = s->io_buffer;
1819 s->io_buffer[0] = 0xff;
1820 s->io_buffer[1] = 0xff;
1821 s->io_buffer[2] = 0xff;
1822 s->io_buffer[3] = 0xff;
1823 }
1824
1825 static void ide_reset(IDEState *s)
1826 {
1827 #ifdef DEBUG_IDE
1828 printf("ide: reset\n");
1829 #endif
1830
1831 if (s->pio_aiocb) {
1832 bdrv_aio_cancel(s->pio_aiocb);
1833 s->pio_aiocb = NULL;
1834 }
1835
1836 if (s->drive_kind == IDE_CFATA)
1837 s->mult_sectors = 0;
1838 else
1839 s->mult_sectors = MAX_MULT_SECTORS;
1840 /* ide regs */
1841 s->feature = 0;
1842 s->error = 0;
1843 s->nsector = 0;
1844 s->sector = 0;
1845 s->lcyl = 0;
1846 s->hcyl = 0;
1847
1848 /* lba48 */
1849 s->hob_feature = 0;
1850 s->hob_sector = 0;
1851 s->hob_nsector = 0;
1852 s->hob_lcyl = 0;
1853 s->hob_hcyl = 0;
1854
1855 s->select = 0xa0;
1856 s->status = READY_STAT | SEEK_STAT;
1857
1858 s->lba48 = 0;
1859
1860 /* ATAPI specific */
1861 s->sense_key = 0;
1862 s->asc = 0;
1863 s->cdrom_changed = 0;
1864 s->packet_transfer_size = 0;
1865 s->elementary_transfer_size = 0;
1866 s->io_buffer_index = 0;
1867 s->cd_sector_size = 0;
1868 s->atapi_dma = 0;
1869 /* ATA DMA state */
1870 s->io_buffer_size = 0;
1871 s->req_nb_sectors = 0;
1872
1873 ide_set_signature(s);
1874 /* init the transfer handler so that 0xffff is returned on data
1875 accesses */
1876 s->end_transfer_func = ide_dummy_transfer_stop;
1877 ide_dummy_transfer_stop(s);
1878 s->media_changed = 0;
1879 }
1880
1881 void ide_bus_reset(IDEBus *bus)
1882 {
1883 bus->unit = 0;
1884 bus->cmd = 0;
1885 ide_reset(&bus->ifs[0]);
1886 ide_reset(&bus->ifs[1]);
1887 ide_clear_hob(bus);
1888
1889 /* pending async DMA */
1890 if (bus->dma->aiocb) {
1891 #ifdef DEBUG_AIO
1892 printf("aio_cancel\n");
1893 #endif
1894 bdrv_aio_cancel(bus->dma->aiocb);
1895 bus->dma->aiocb = NULL;
1896 }
1897
1898 /* reset dma provider too */
1899 bus->dma->ops->reset(bus->dma);
1900 }
1901
1902 static bool ide_cd_is_tray_open(void *opaque)
1903 {
1904 return ((IDEState *)opaque)->tray_open;
1905 }
1906
1907 static bool ide_cd_is_medium_locked(void *opaque)
1908 {
1909 return ((IDEState *)opaque)->tray_locked;
1910 }
1911
1912 static const BlockDevOps ide_cd_block_ops = {
1913 .change_media_cb = ide_cd_change_cb,
1914 .eject_request_cb = ide_cd_eject_request_cb,
1915 .is_tray_open = ide_cd_is_tray_open,
1916 .is_medium_locked = ide_cd_is_medium_locked,
1917 };
1918
1919 int ide_init_drive(IDEState *s, BlockDriverState *bs, IDEDriveKind kind,
1920 const char *version, const char *serial, const char *model,
1921 uint64_t wwn,
1922 uint32_t cylinders, uint32_t heads, uint32_t secs,
1923 int chs_trans)
1924 {
1925 uint64_t nb_sectors;
1926
1927 s->bs = bs;
1928 s->drive_kind = kind;
1929
1930 bdrv_get_geometry(bs, &nb_sectors);
1931 s->cylinders = cylinders;
1932 s->heads = heads;
1933 s->sectors = secs;
1934 s->chs_trans = chs_trans;
1935 s->nb_sectors = nb_sectors;
1936 s->wwn = wwn;
1937 /* The SMART values should be preserved across power cycles
1938 but they aren't. */
1939 s->smart_enabled = 1;
1940 s->smart_autosave = 1;
1941 s->smart_errors = 0;
1942 s->smart_selftest_count = 0;
1943 if (kind == IDE_CD) {
1944 bdrv_set_dev_ops(bs, &ide_cd_block_ops, s);
1945 bdrv_set_buffer_alignment(bs, 2048);
1946 } else {
1947 if (!bdrv_is_inserted(s->bs)) {
1948 error_report("Device needs media, but drive is empty");
1949 return -1;
1950 }
1951 if (bdrv_is_read_only(bs)) {
1952 error_report("Can't use a read-only drive");
1953 return -1;
1954 }
1955 }
1956 if (serial) {
1957 pstrcpy(s->drive_serial_str, sizeof(s->drive_serial_str), serial);
1958 } else {
1959 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str),
1960 "QM%05d", s->drive_serial);
1961 }
1962 if (model) {
1963 pstrcpy(s->drive_model_str, sizeof(s->drive_model_str), model);
1964 } else {
1965 switch (kind) {
1966 case IDE_CD:
1967 strcpy(s->drive_model_str, "QEMU DVD-ROM");
1968 break;
1969 case IDE_CFATA:
1970 strcpy(s->drive_model_str, "QEMU MICRODRIVE");
1971 break;
1972 default:
1973 strcpy(s->drive_model_str, "QEMU HARDDISK");
1974 break;
1975 }
1976 }
1977
1978 if (version) {
1979 pstrcpy(s->version, sizeof(s->version), version);
1980 } else {
1981 pstrcpy(s->version, sizeof(s->version), qemu_get_version());
1982 }
1983
1984 ide_reset(s);
1985 bdrv_iostatus_enable(bs);
1986 return 0;
1987 }
1988
1989 static void ide_init1(IDEBus *bus, int unit)
1990 {
1991 static int drive_serial = 1;
1992 IDEState *s = &bus->ifs[unit];
1993
1994 s->bus = bus;
1995 s->unit = unit;
1996 s->drive_serial = drive_serial++;
1997 /* we need at least 2k alignment for accessing CDROMs using O_DIRECT */
1998 s->io_buffer_total_len = IDE_DMA_BUF_SECTORS*512 + 4;
1999 s->io_buffer = qemu_memalign(2048, s->io_buffer_total_len);
2000 memset(s->io_buffer, 0, s->io_buffer_total_len);
2001
2002 s->smart_selftest_data = qemu_blockalign(s->bs, 512);
2003 memset(s->smart_selftest_data, 0, 512);
2004
2005 s->sector_write_timer = qemu_new_timer_ns(vm_clock,
2006 ide_sector_write_timer_cb, s);
2007 }
2008
2009 static void ide_nop_start(IDEDMA *dma, IDEState *s,
2010 BlockDriverCompletionFunc *cb)
2011 {
2012 }
2013
2014 static int ide_nop(IDEDMA *dma)
2015 {
2016 return 0;
2017 }
2018
2019 static int ide_nop_int(IDEDMA *dma, int x)
2020 {
2021 return 0;
2022 }
2023
2024 static void ide_nop_restart(void *opaque, int x, RunState y)
2025 {
2026 }
2027
2028 static const IDEDMAOps ide_dma_nop_ops = {
2029 .start_dma = ide_nop_start,
2030 .start_transfer = ide_nop,
2031 .prepare_buf = ide_nop_int,
2032 .rw_buf = ide_nop_int,
2033 .set_unit = ide_nop_int,
2034 .add_status = ide_nop_int,
2035 .set_inactive = ide_nop,
2036 .restart_cb = ide_nop_restart,
2037 .reset = ide_nop,
2038 };
2039
2040 static IDEDMA ide_dma_nop = {
2041 .ops = &ide_dma_nop_ops,
2042 .aiocb = NULL,
2043 };
2044
2045 void ide_init2(IDEBus *bus, qemu_irq irq)
2046 {
2047 int i;
2048
2049 for(i = 0; i < 2; i++) {
2050 ide_init1(bus, i);
2051 ide_reset(&bus->ifs[i]);
2052 }
2053 bus->irq = irq;
2054 bus->dma = &ide_dma_nop;
2055 }
2056
2057 /* TODO convert users to qdev and remove */
2058 void ide_init2_with_non_qdev_drives(IDEBus *bus, DriveInfo *hd0,
2059 DriveInfo *hd1, qemu_irq irq)
2060 {
2061 int i, trans;
2062 DriveInfo *dinfo;
2063 uint32_t cyls, heads, secs;
2064
2065 for(i = 0; i < 2; i++) {
2066 dinfo = i == 0 ? hd0 : hd1;
2067 ide_init1(bus, i);
2068 if (dinfo) {
2069 cyls = dinfo->cyls;
2070 heads = dinfo->heads;
2071 secs = dinfo->secs;
2072 trans = dinfo->trans;
2073 if (!cyls && !heads && !secs) {
2074 hd_geometry_guess(dinfo->bdrv, &cyls, &heads, &secs, &trans);
2075 } else if (trans == BIOS_ATA_TRANSLATION_AUTO) {
2076 trans = hd_bios_chs_auto_trans(cyls, heads, secs);
2077 }
2078 if (cyls < 1 || cyls > 65535) {
2079 error_report("cyls must be between 1 and 65535");
2080 exit(1);
2081 }
2082 if (heads < 1 || heads > 16) {
2083 error_report("heads must be between 1 and 16");
2084 exit(1);
2085 }
2086 if (secs < 1 || secs > 255) {
2087 error_report("secs must be between 1 and 255");
2088 exit(1);
2089 }
2090 if (ide_init_drive(&bus->ifs[i], dinfo->bdrv,
2091 dinfo->media_cd ? IDE_CD : IDE_HD,
2092 NULL, dinfo->serial, NULL, 0,
2093 cyls, heads, secs, trans) < 0) {
2094 error_report("Can't set up IDE drive %s", dinfo->id);
2095 exit(1);
2096 }
2097 bdrv_attach_dev_nofail(dinfo->bdrv, &bus->ifs[i]);
2098 } else {
2099 ide_reset(&bus->ifs[i]);
2100 }
2101 }
2102 bus->irq = irq;
2103 bus->dma = &ide_dma_nop;
2104 }
2105
2106 static const MemoryRegionPortio ide_portio_list[] = {
2107 { 0, 8, 1, .read = ide_ioport_read, .write = ide_ioport_write },
2108 { 0, 2, 2, .read = ide_data_readw, .write = ide_data_writew },
2109 { 0, 4, 4, .read = ide_data_readl, .write = ide_data_writel },
2110 PORTIO_END_OF_LIST(),
2111 };
2112
2113 static const MemoryRegionPortio ide_portio2_list[] = {
2114 { 0, 1, 1, .read = ide_status_read, .write = ide_cmd_write },
2115 PORTIO_END_OF_LIST(),
2116 };
2117
2118 void ide_init_ioport(IDEBus *bus, ISADevice *dev, int iobase, int iobase2)
2119 {
2120 /* ??? Assume only ISA and PCI configurations, and that the PCI-ISA
2121 bridge has been setup properly to always register with ISA. */
2122 isa_register_portio_list(dev, iobase, ide_portio_list, bus, "ide");
2123
2124 if (iobase2) {
2125 isa_register_portio_list(dev, iobase2, ide_portio2_list, bus, "ide");
2126 }
2127 }
2128
2129 static bool is_identify_set(void *opaque, int version_id)
2130 {
2131 IDEState *s = opaque;
2132
2133 return s->identify_set != 0;
2134 }
2135
2136 static EndTransferFunc* transfer_end_table[] = {
2137 ide_sector_read,
2138 ide_sector_write,
2139 ide_transfer_stop,
2140 ide_atapi_cmd_reply_end,
2141 ide_atapi_cmd,
2142 ide_dummy_transfer_stop,
2143 };
2144
2145 static int transfer_end_table_idx(EndTransferFunc *fn)
2146 {
2147 int i;
2148
2149 for (i = 0; i < ARRAY_SIZE(transfer_end_table); i++)
2150 if (transfer_end_table[i] == fn)
2151 return i;
2152
2153 return -1;
2154 }
2155
2156 static int ide_drive_post_load(void *opaque, int version_id)
2157 {
2158 IDEState *s = opaque;
2159
2160 if (version_id < 3) {
2161 if (s->sense_key == UNIT_ATTENTION &&
2162 s->asc == ASC_MEDIUM_MAY_HAVE_CHANGED) {
2163 s->cdrom_changed = 1;
2164 }
2165 }
2166 if (s->identify_set) {
2167 bdrv_set_enable_write_cache(s->bs, !!(s->identify_data[85] & (1 << 5)));
2168 }
2169 return 0;
2170 }
2171
2172 static int ide_drive_pio_post_load(void *opaque, int version_id)
2173 {
2174 IDEState *s = opaque;
2175
2176 if (s->end_transfer_fn_idx >= ARRAY_SIZE(transfer_end_table)) {
2177 return -EINVAL;
2178 }
2179 s->end_transfer_func = transfer_end_table[s->end_transfer_fn_idx];
2180 s->data_ptr = s->io_buffer + s->cur_io_buffer_offset;
2181 s->data_end = s->data_ptr + s->cur_io_buffer_len;
2182
2183 return 0;
2184 }
2185
2186 static void ide_drive_pio_pre_save(void *opaque)
2187 {
2188 IDEState *s = opaque;
2189 int idx;
2190
2191 s->cur_io_buffer_offset = s->data_ptr - s->io_buffer;
2192 s->cur_io_buffer_len = s->data_end - s->data_ptr;
2193
2194 idx = transfer_end_table_idx(s->end_transfer_func);
2195 if (idx == -1) {
2196 fprintf(stderr, "%s: invalid end_transfer_func for DRQ_STAT\n",
2197 __func__);
2198 s->end_transfer_fn_idx = 2;
2199 } else {
2200 s->end_transfer_fn_idx = idx;
2201 }
2202 }
2203
2204 static bool ide_drive_pio_state_needed(void *opaque)
2205 {
2206 IDEState *s = opaque;
2207
2208 return ((s->status & DRQ_STAT) != 0)
2209 || (s->bus->error_status & BM_STATUS_PIO_RETRY);
2210 }
2211
2212 static bool ide_tray_state_needed(void *opaque)
2213 {
2214 IDEState *s = opaque;
2215
2216 return s->tray_open || s->tray_locked;
2217 }
2218
2219 static bool ide_atapi_gesn_needed(void *opaque)
2220 {
2221 IDEState *s = opaque;
2222
2223 return s->events.new_media || s->events.eject_request;
2224 }
2225
2226 static bool ide_error_needed(void *opaque)
2227 {
2228 IDEBus *bus = opaque;
2229
2230 return (bus->error_status != 0);
2231 }
2232
2233 /* Fields for GET_EVENT_STATUS_NOTIFICATION ATAPI command */
2234 static const VMStateDescription vmstate_ide_atapi_gesn_state = {
2235 .name ="ide_drive/atapi/gesn_state",
2236 .version_id = 1,
2237 .minimum_version_id = 1,
2238 .minimum_version_id_old = 1,
2239 .fields = (VMStateField []) {
2240 VMSTATE_BOOL(events.new_media, IDEState),
2241 VMSTATE_BOOL(events.eject_request, IDEState),
2242 VMSTATE_END_OF_LIST()
2243 }
2244 };
2245
2246 static const VMStateDescription vmstate_ide_tray_state = {
2247 .name = "ide_drive/tray_state",
2248 .version_id = 1,
2249 .minimum_version_id = 1,
2250 .minimum_version_id_old = 1,
2251 .fields = (VMStateField[]) {
2252 VMSTATE_BOOL(tray_open, IDEState),
2253 VMSTATE_BOOL(tray_locked, IDEState),
2254 VMSTATE_END_OF_LIST()
2255 }
2256 };
2257
2258 static const VMStateDescription vmstate_ide_drive_pio_state = {
2259 .name = "ide_drive/pio_state",
2260 .version_id = 1,
2261 .minimum_version_id = 1,
2262 .minimum_version_id_old = 1,
2263 .pre_save = ide_drive_pio_pre_save,
2264 .post_load = ide_drive_pio_post_load,
2265 .fields = (VMStateField []) {
2266 VMSTATE_INT32(req_nb_sectors, IDEState),
2267 VMSTATE_VARRAY_INT32(io_buffer, IDEState, io_buffer_total_len, 1,
2268 vmstate_info_uint8, uint8_t),
2269 VMSTATE_INT32(cur_io_buffer_offset, IDEState),
2270 VMSTATE_INT32(cur_io_buffer_len, IDEState),
2271 VMSTATE_UINT8(end_transfer_fn_idx, IDEState),
2272 VMSTATE_INT32(elementary_transfer_size, IDEState),
2273 VMSTATE_INT32(packet_transfer_size, IDEState),
2274 VMSTATE_END_OF_LIST()
2275 }
2276 };
2277
2278 const VMStateDescription vmstate_ide_drive = {
2279 .name = "ide_drive",
2280 .version_id = 3,
2281 .minimum_version_id = 0,
2282 .minimum_version_id_old = 0,
2283 .post_load = ide_drive_post_load,
2284 .fields = (VMStateField []) {
2285 VMSTATE_INT32(mult_sectors, IDEState),
2286 VMSTATE_INT32(identify_set, IDEState),
2287 VMSTATE_BUFFER_TEST(identify_data, IDEState, is_identify_set),
2288 VMSTATE_UINT8(feature, IDEState),
2289 VMSTATE_UINT8(error, IDEState),
2290 VMSTATE_UINT32(nsector, IDEState),
2291 VMSTATE_UINT8(sector, IDEState),
2292 VMSTATE_UINT8(lcyl, IDEState),
2293 VMSTATE_UINT8(hcyl, IDEState),
2294 VMSTATE_UINT8(hob_feature, IDEState),
2295 VMSTATE_UINT8(hob_sector, IDEState),
2296 VMSTATE_UINT8(hob_nsector, IDEState),
2297 VMSTATE_UINT8(hob_lcyl, IDEState),
2298 VMSTATE_UINT8(hob_hcyl, IDEState),
2299 VMSTATE_UINT8(select, IDEState),
2300 VMSTATE_UINT8(status, IDEState),
2301 VMSTATE_UINT8(lba48, IDEState),
2302 VMSTATE_UINT8(sense_key, IDEState),
2303 VMSTATE_UINT8(asc, IDEState),
2304 VMSTATE_UINT8_V(cdrom_changed, IDEState, 3),
2305 VMSTATE_END_OF_LIST()
2306 },
2307 .subsections = (VMStateSubsection []) {
2308 {
2309 .vmsd = &vmstate_ide_drive_pio_state,
2310 .needed = ide_drive_pio_state_needed,
2311 }, {
2312 .vmsd = &vmstate_ide_tray_state,
2313 .needed = ide_tray_state_needed,
2314 }, {
2315 .vmsd = &vmstate_ide_atapi_gesn_state,
2316 .needed = ide_atapi_gesn_needed,
2317 }, {
2318 /* empty */
2319 }
2320 }
2321 };
2322
2323 static const VMStateDescription vmstate_ide_error_status = {
2324 .name ="ide_bus/error",
2325 .version_id = 1,
2326 .minimum_version_id = 1,
2327 .minimum_version_id_old = 1,
2328 .fields = (VMStateField []) {
2329 VMSTATE_INT32(error_status, IDEBus),
2330 VMSTATE_END_OF_LIST()
2331 }
2332 };
2333
2334 const VMStateDescription vmstate_ide_bus = {
2335 .name = "ide_bus",
2336 .version_id = 1,
2337 .minimum_version_id = 1,
2338 .minimum_version_id_old = 1,
2339 .fields = (VMStateField []) {
2340 VMSTATE_UINT8(cmd, IDEBus),
2341 VMSTATE_UINT8(unit, IDEBus),
2342 VMSTATE_END_OF_LIST()
2343 },
2344 .subsections = (VMStateSubsection []) {
2345 {
2346 .vmsd = &vmstate_ide_error_status,
2347 .needed = ide_error_needed,
2348 }, {
2349 /* empty */
2350 }
2351 }
2352 };
2353
2354 void ide_drive_get(DriveInfo **hd, int max_bus)
2355 {
2356 int i;
2357
2358 if (drive_get_max_bus(IF_IDE) >= max_bus) {
2359 fprintf(stderr, "qemu: too many IDE bus: %d\n", max_bus);
2360 exit(1);
2361 }
2362
2363 for(i = 0; i < max_bus * MAX_IDE_DEVS; i++) {
2364 hd[i] = drive_get(IF_IDE, i / MAX_IDE_DEVS, i % MAX_IDE_DEVS);
2365 }
2366 }
Qemu copy for testing