]> git.proxmox.com Git - qemu.git/blob - hw/ide/core.c
projects / qemu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
atapi: GESN: Use structs for commonly-used field types
[qemu.git] / hw / ide / core.c
1 /*
2 * QEMU IDE disk and CD/DVD-ROM Emulator
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
25 #include <hw/hw.h>
26 #include <hw/pc.h>
27 #include <hw/pci.h>
28 #include <hw/scsi.h>
29 #include "qemu-error.h"
30 #include "qemu-timer.h"
31 #include "sysemu.h"
32 #include "dma.h"
33 #include "blockdev.h"
34
35 #include <hw/ide/internal.h>
36
37 /* These values were based on a Seagate ST3500418AS but have been modified
38 to make more sense in QEMU */
39 static const int smart_attributes[][12] = {
40 /* id, flags, hflags, val, wrst, raw (6 bytes), threshold */
41 /* raw read error rate*/
42 { 0x01, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06},
43 /* spin up */
44 { 0x03, 0x03, 0x00, 0x64, 0x64, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
45 /* start stop count */
46 { 0x04, 0x02, 0x00, 0x64, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x14},
47 /* remapped sectors */
48 { 0x05, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x24},
49 /* power on hours */
50 { 0x09, 0x03, 0x00, 0x64, 0x64, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
51 /* power cycle count */
52 { 0x0c, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
53 /* airflow-temperature-celsius */
54 { 190, 0x03, 0x00, 0x45, 0x45, 0x1f, 0x00, 0x1f, 0x1f, 0x00, 0x00, 0x32},
55 /* end of list */
56 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}
57 };
58
59 /* XXX: DVDs that could fit on a CD will be reported as a CD */
60 static inline int media_present(IDEState *s)
61 {
62 return (s->nb_sectors > 0);
63 }
64
65 static inline int media_is_dvd(IDEState *s)
66 {
67 return (media_present(s) && s->nb_sectors > CD_MAX_SECTORS);
68 }
69
70 static inline int media_is_cd(IDEState *s)
71 {
72 return (media_present(s) && s->nb_sectors <= CD_MAX_SECTORS);
73 }
74
75 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
76 static int ide_handle_rw_error(IDEState *s, int error, int op);
77
78 static void padstr(char *str, const char *src, int len)
79 {
80 int i, v;
81 for(i = 0; i < len; i++) {
82 if (*src)
83 v = *src++;
84 else
85 v = ' ';
86 str[i^1] = v;
87 }
88 }
89
90 static void padstr8(uint8_t *buf, int buf_size, const char *src)
91 {
92 int i;
93 for(i = 0; i < buf_size; i++) {
94 if (*src)
95 buf[i] = *src++;
96 else
97 buf[i] = ' ';
98 }
99 }
100
101 static void put_le16(uint16_t *p, unsigned int v)
102 {
103 *p = cpu_to_le16(v);
104 }
105
106 static void ide_identify(IDEState *s)
107 {
108 uint16_t *p;
109 unsigned int oldsize;
110 IDEDevice *dev;
111
112 if (s->identify_set) {
113 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
114 return;
115 }
116
117 memset(s->io_buffer, 0, 512);
118 p = (uint16_t *)s->io_buffer;
119 put_le16(p + 0, 0x0040);
120 put_le16(p + 1, s->cylinders);
121 put_le16(p + 3, s->heads);
122 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
123 put_le16(p + 5, 512); /* XXX: retired, remove ? */
124 put_le16(p + 6, s->sectors);
125 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
126 put_le16(p + 20, 3); /* XXX: retired, remove ? */
127 put_le16(p + 21, 512); /* cache size in sectors */
128 put_le16(p + 22, 4); /* ecc bytes */
129 padstr((char *)(p + 23), s->version, 8); /* firmware version */
130 padstr((char *)(p + 27), "QEMU HARDDISK", 40); /* model */
131 #if MAX_MULT_SECTORS > 1
132 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
133 #endif
134 put_le16(p + 48, 1); /* dword I/O */
135 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
136 put_le16(p + 51, 0x200); /* PIO transfer cycle */
137 put_le16(p + 52, 0x200); /* DMA transfer cycle */
138 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
139 put_le16(p + 54, s->cylinders);
140 put_le16(p + 55, s->heads);
141 put_le16(p + 56, s->sectors);
142 oldsize = s->cylinders * s->heads * s->sectors;
143 put_le16(p + 57, oldsize);
144 put_le16(p + 58, oldsize >> 16);
145 if (s->mult_sectors)
146 put_le16(p + 59, 0x100 | s->mult_sectors);
147 put_le16(p + 60, s->nb_sectors);
148 put_le16(p + 61, s->nb_sectors >> 16);
149 put_le16(p + 62, 0x07); /* single word dma0-2 supported */
150 put_le16(p + 63, 0x07); /* mdma0-2 supported */
151 put_le16(p + 64, 0x03); /* pio3-4 supported */
152 put_le16(p + 65, 120);
153 put_le16(p + 66, 120);
154 put_le16(p + 67, 120);
155 put_le16(p + 68, 120);
156
157 if (s->ncq_queues) {
158 put_le16(p + 75, s->ncq_queues - 1);
159 /* NCQ supported */
160 put_le16(p + 76, (1 << 8));
161 }
162
163 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
164 put_le16(p + 81, 0x16); /* conforms to ata5 */
165 /* 14=NOP supported, 5=WCACHE supported, 0=SMART supported */
166 put_le16(p + 82, (1 << 14) | (1 << 5) | 1);
167 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
168 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
169 /* 14=set to 1, 1=SMART self test, 0=SMART error logging */
170 put_le16(p + 84, (1 << 14) | 0);
171 /* 14 = NOP supported, 5=WCACHE enabled, 0=SMART feature set enabled */
172 if (bdrv_enable_write_cache(s->bs))
173 put_le16(p + 85, (1 << 14) | (1 << 5) | 1);
174 else
175 put_le16(p + 85, (1 << 14) | 1);
176 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
177 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
178 /* 14=set to 1, 1=smart self test, 0=smart error logging */
179 put_le16(p + 87, (1 << 14) | 0);
180 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
181 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
182 put_le16(p + 100, s->nb_sectors);
183 put_le16(p + 101, s->nb_sectors >> 16);
184 put_le16(p + 102, s->nb_sectors >> 32);
185 put_le16(p + 103, s->nb_sectors >> 48);
186 dev = s->unit ? s->bus->slave : s->bus->master;
187 if (dev && dev->conf.physical_block_size)
188 put_le16(p + 106, 0x6000 | get_physical_block_exp(&dev->conf));
189
190 memcpy(s->identify_data, p, sizeof(s->identify_data));
191 s->identify_set = 1;
192 }
193
194 static void ide_atapi_identify(IDEState *s)
195 {
196 uint16_t *p;
197
198 if (s->identify_set) {
199 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
200 return;
201 }
202
203 memset(s->io_buffer, 0, 512);
204 p = (uint16_t *)s->io_buffer;
205 /* Removable CDROM, 50us response, 12 byte packets */
206 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
207 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
208 put_le16(p + 20, 3); /* buffer type */
209 put_le16(p + 21, 512); /* cache size in sectors */
210 put_le16(p + 22, 4); /* ecc bytes */
211 padstr((char *)(p + 23), s->version, 8); /* firmware version */
212 padstr((char *)(p + 27), "QEMU DVD-ROM", 40); /* model */
213 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
214 #ifdef USE_DMA_CDROM
215 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
216 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
217 put_le16(p + 62, 7); /* single word dma0-2 supported */
218 put_le16(p + 63, 7); /* mdma0-2 supported */
219 #else
220 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
221 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
222 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
223 #endif
224 put_le16(p + 64, 3); /* pio3-4 supported */
225 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
226 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
227 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
228 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
229
230 put_le16(p + 71, 30); /* in ns */
231 put_le16(p + 72, 30); /* in ns */
232
233 if (s->ncq_queues) {
234 put_le16(p + 75, s->ncq_queues - 1);
235 /* NCQ supported */
236 put_le16(p + 76, (1 << 8));
237 }
238
239 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
240 #ifdef USE_DMA_CDROM
241 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
242 #endif
243 memcpy(s->identify_data, p, sizeof(s->identify_data));
244 s->identify_set = 1;
245 }
246
247 static void ide_cfata_identify(IDEState *s)
248 {
249 uint16_t *p;
250 uint32_t cur_sec;
251
252 p = (uint16_t *) s->identify_data;
253 if (s->identify_set)
254 goto fill_buffer;
255
256 memset(p, 0, sizeof(s->identify_data));
257
258 cur_sec = s->cylinders * s->heads * s->sectors;
259
260 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
261 put_le16(p + 1, s->cylinders); /* Default cylinders */
262 put_le16(p + 3, s->heads); /* Default heads */
263 put_le16(p + 6, s->sectors); /* Default sectors per track */
264 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
265 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
266 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
267 put_le16(p + 22, 0x0004); /* ECC bytes */
268 padstr((char *) (p + 23), s->version, 8); /* Firmware Revision */
269 padstr((char *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */
270 #if MAX_MULT_SECTORS > 1
271 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
272 #else
273 put_le16(p + 47, 0x0000);
274 #endif
275 put_le16(p + 49, 0x0f00); /* Capabilities */
276 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
277 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
278 put_le16(p + 53, 0x0003); /* Translation params valid */
279 put_le16(p + 54, s->cylinders); /* Current cylinders */
280 put_le16(p + 55, s->heads); /* Current heads */
281 put_le16(p + 56, s->sectors); /* Current sectors */
282 put_le16(p + 57, cur_sec); /* Current capacity */
283 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
284 if (s->mult_sectors) /* Multiple sector setting */
285 put_le16(p + 59, 0x100 | s->mult_sectors);
286 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
287 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
288 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
289 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
290 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
291 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
292 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
293 put_le16(p + 82, 0x400c); /* Command Set supported */
294 put_le16(p + 83, 0x7068); /* Command Set supported */
295 put_le16(p + 84, 0x4000); /* Features supported */
296 put_le16(p + 85, 0x000c); /* Command Set enabled */
297 put_le16(p + 86, 0x7044); /* Command Set enabled */
298 put_le16(p + 87, 0x4000); /* Features enabled */
299 put_le16(p + 91, 0x4060); /* Current APM level */
300 put_le16(p + 129, 0x0002); /* Current features option */
301 put_le16(p + 130, 0x0005); /* Reassigned sectors */
302 put_le16(p + 131, 0x0001); /* Initial power mode */
303 put_le16(p + 132, 0x0000); /* User signature */
304 put_le16(p + 160, 0x8100); /* Power requirement */
305 put_le16(p + 161, 0x8001); /* CF command set */
306
307 s->identify_set = 1;
308
309 fill_buffer:
310 memcpy(s->io_buffer, p, sizeof(s->identify_data));
311 }
312
313 static void ide_set_signature(IDEState *s)
314 {
315 s->select &= 0xf0; /* clear head */
316 /* put signature */
317 s->nsector = 1;
318 s->sector = 1;
319 if (s->drive_kind == IDE_CD) {
320 s->lcyl = 0x14;
321 s->hcyl = 0xeb;
322 } else if (s->bs) {
323 s->lcyl = 0;
324 s->hcyl = 0;
325 } else {
326 s->lcyl = 0xff;
327 s->hcyl = 0xff;
328 }
329 }
330
331 static inline void ide_abort_command(IDEState *s)
332 {
333 s->status = READY_STAT | ERR_STAT;
334 s->error = ABRT_ERR;
335 }
336
337 /* prepare data transfer and tell what to do after */
338 static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
339 EndTransferFunc *end_transfer_func)
340 {
341 s->end_transfer_func = end_transfer_func;
342 s->data_ptr = buf;
343 s->data_end = buf + size;
344 if (!(s->status & ERR_STAT)) {
345 s->status |= DRQ_STAT;
346 }
347 s->bus->dma->ops->start_transfer(s->bus->dma);
348 }
349
350 static void ide_transfer_stop(IDEState *s)
351 {
352 s->end_transfer_func = ide_transfer_stop;
353 s->data_ptr = s->io_buffer;
354 s->data_end = s->io_buffer;
355 s->status &= ~DRQ_STAT;
356 }
357
358 int64_t ide_get_sector(IDEState *s)
359 {
360 int64_t sector_num;
361 if (s->select & 0x40) {
362 /* lba */
363 if (!s->lba48) {
364 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
365 (s->lcyl << 8) | s->sector;
366 } else {
367 sector_num = ((int64_t)s->hob_hcyl << 40) |
368 ((int64_t) s->hob_lcyl << 32) |
369 ((int64_t) s->hob_sector << 24) |
370 ((int64_t) s->hcyl << 16) |
371 ((int64_t) s->lcyl << 8) | s->sector;
372 }
373 } else {
374 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
375 (s->select & 0x0f) * s->sectors + (s->sector - 1);
376 }
377 return sector_num;
378 }
379
380 void ide_set_sector(IDEState *s, int64_t sector_num)
381 {
382 unsigned int cyl, r;
383 if (s->select & 0x40) {
384 if (!s->lba48) {
385 s->select = (s->select & 0xf0) | (sector_num >> 24);
386 s->hcyl = (sector_num >> 16);
387 s->lcyl = (sector_num >> 8);
388 s->sector = (sector_num);
389 } else {
390 s->sector = sector_num;
391 s->lcyl = sector_num >> 8;
392 s->hcyl = sector_num >> 16;
393 s->hob_sector = sector_num >> 24;
394 s->hob_lcyl = sector_num >> 32;
395 s->hob_hcyl = sector_num >> 40;
396 }
397 } else {
398 cyl = sector_num / (s->heads * s->sectors);
399 r = sector_num % (s->heads * s->sectors);
400 s->hcyl = cyl >> 8;
401 s->lcyl = cyl;
402 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
403 s->sector = (r % s->sectors) + 1;
404 }
405 }
406
407 static void ide_rw_error(IDEState *s) {
408 ide_abort_command(s);
409 ide_set_irq(s->bus);
410 }
411
412 void ide_sector_read(IDEState *s)
413 {
414 int64_t sector_num;
415 int ret, n;
416
417 s->status = READY_STAT | SEEK_STAT;
418 s->error = 0; /* not needed by IDE spec, but needed by Windows */
419 sector_num = ide_get_sector(s);
420 n = s->nsector;
421 if (n == 0) {
422 /* no more sector to read from disk */
423 ide_transfer_stop(s);
424 } else {
425 #if defined(DEBUG_IDE)
426 printf("read sector=%" PRId64 "\n", sector_num);
427 #endif
428 if (n > s->req_nb_sectors)
429 n = s->req_nb_sectors;
430 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
431 if (ret != 0) {
432 if (ide_handle_rw_error(s, -ret,
433 BM_STATUS_PIO_RETRY | BM_STATUS_RETRY_READ))
434 {
435 return;
436 }
437 }
438 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
439 ide_set_irq(s->bus);
440 ide_set_sector(s, sector_num + n);
441 s->nsector -= n;
442 }
443 }
444
445 static void dma_buf_commit(IDEState *s, int is_write)
446 {
447 qemu_sglist_destroy(&s->sg);
448 }
449
450 static void ide_set_inactive(IDEState *s)
451 {
452 s->bus->dma->aiocb = NULL;
453 s->bus->dma->ops->set_inactive(s->bus->dma);
454 }
455
456 void ide_dma_error(IDEState *s)
457 {
458 ide_transfer_stop(s);
459 s->error = ABRT_ERR;
460 s->status = READY_STAT | ERR_STAT;
461 ide_set_inactive(s);
462 s->bus->dma->ops->add_status(s->bus->dma, BM_STATUS_INT);
463 ide_set_irq(s->bus);
464 }
465
466 static int ide_handle_rw_error(IDEState *s, int error, int op)
467 {
468 int is_read = (op & BM_STATUS_RETRY_READ);
469 BlockErrorAction action = bdrv_get_on_error(s->bs, is_read);
470
471 if (action == BLOCK_ERR_IGNORE) {
472 bdrv_mon_event(s->bs, BDRV_ACTION_IGNORE, is_read);
473 return 0;
474 }
475
476 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
477 || action == BLOCK_ERR_STOP_ANY) {
478 s->bus->dma->ops->set_unit(s->bus->dma, s->unit);
479 s->bus->dma->ops->add_status(s->bus->dma, op);
480 bdrv_mon_event(s->bs, BDRV_ACTION_STOP, is_read);
481 vm_stop(VMSTOP_DISKFULL);
482 } else {
483 if (op & BM_STATUS_DMA_RETRY) {
484 dma_buf_commit(s, 0);
485 ide_dma_error(s);
486 } else {
487 ide_rw_error(s);
488 }
489 bdrv_mon_event(s->bs, BDRV_ACTION_REPORT, is_read);
490 }
491
492 return 1;
493 }
494
495 void ide_dma_cb(void *opaque, int ret)
496 {
497 IDEState *s = opaque;
498 int n;
499 int64_t sector_num;
500
501 handle_rw_error:
502 if (ret < 0) {
503 int op = BM_STATUS_DMA_RETRY;
504
505 if (s->is_read)
506 op |= BM_STATUS_RETRY_READ;
507 if (ide_handle_rw_error(s, -ret, op)) {
508 return;
509 }
510 }
511
512 n = s->io_buffer_size >> 9;
513 sector_num = ide_get_sector(s);
514 if (n > 0) {
515 dma_buf_commit(s, s->is_read);
516 sector_num += n;
517 ide_set_sector(s, sector_num);
518 s->nsector -= n;
519 }
520
521 /* end of transfer ? */
522 if (s->nsector == 0) {
523 s->status = READY_STAT | SEEK_STAT;
524 ide_set_irq(s->bus);
525 goto eot;
526 }
527
528 /* launch next transfer */
529 n = s->nsector;
530 s->io_buffer_index = 0;
531 s->io_buffer_size = n * 512;
532 if (s->bus->dma->ops->prepare_buf(s->bus->dma, s->is_read) == 0)
533 goto eot;
534
535 #ifdef DEBUG_AIO
536 printf("ide_dma_cb: sector_num=%" PRId64 " n=%d, is_read=%d\n",
537 sector_num, n, s->is_read);
538 #endif
539
540 if (s->is_read) {
541 s->bus->dma->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num,
542 ide_dma_cb, s);
543 } else {
544 s->bus->dma->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num,
545 ide_dma_cb, s);
546 }
547
548 if (!s->bus->dma->aiocb) {
549 ret = -1;
550 goto handle_rw_error;
551 }
552 return;
553
554 eot:
555 s->bus->dma->ops->add_status(s->bus->dma, BM_STATUS_INT);
556 ide_set_inactive(s);
557 }
558
559 static void ide_sector_start_dma(IDEState *s, int is_read)
560 {
561 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
562 s->io_buffer_index = 0;
563 s->io_buffer_size = 0;
564 s->is_read = is_read;
565 s->bus->dma->ops->start_dma(s->bus->dma, s, ide_dma_cb);
566 }
567
568 static void ide_sector_write_timer_cb(void *opaque)
569 {
570 IDEState *s = opaque;
571 ide_set_irq(s->bus);
572 }
573
574 void ide_sector_write(IDEState *s)
575 {
576 int64_t sector_num;
577 int ret, n, n1;
578
579 s->status = READY_STAT | SEEK_STAT;
580 sector_num = ide_get_sector(s);
581 #if defined(DEBUG_IDE)
582 printf("write sector=%" PRId64 "\n", sector_num);
583 #endif
584 n = s->nsector;
585 if (n > s->req_nb_sectors)
586 n = s->req_nb_sectors;
587 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
588
589 if (ret != 0) {
590 if (ide_handle_rw_error(s, -ret, BM_STATUS_PIO_RETRY))
591 return;
592 }
593
594 s->nsector -= n;
595 if (s->nsector == 0) {
596 /* no more sectors to write */
597 ide_transfer_stop(s);
598 } else {
599 n1 = s->nsector;
600 if (n1 > s->req_nb_sectors)
601 n1 = s->req_nb_sectors;
602 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
603 }
604 ide_set_sector(s, sector_num + n);
605
606 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
607 /* It seems there is a bug in the Windows 2000 installer HDD
608 IDE driver which fills the disk with empty logs when the
609 IDE write IRQ comes too early. This hack tries to correct
610 that at the expense of slower write performances. Use this
611 option _only_ to install Windows 2000. You must disable it
612 for normal use. */
613 qemu_mod_timer(s->sector_write_timer,
614 qemu_get_clock_ns(vm_clock) + (get_ticks_per_sec() / 1000));
615 } else {
616 ide_set_irq(s->bus);
617 }
618 }
619
620 void ide_atapi_cmd_ok(IDEState *s)
621 {
622 s->error = 0;
623 s->status = READY_STAT | SEEK_STAT;
624 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
625 ide_set_irq(s->bus);
626 }
627
628 void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
629 {
630 #ifdef DEBUG_IDE_ATAPI
631 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
632 #endif
633 s->error = sense_key << 4;
634 s->status = READY_STAT | ERR_STAT;
635 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
636 s->sense_key = sense_key;
637 s->asc = asc;
638 ide_set_irq(s->bus);
639 }
640
641 static void ide_atapi_cmd_check_status(IDEState *s)
642 {
643 #ifdef DEBUG_IDE_ATAPI
644 printf("atapi_cmd_check_status\n");
645 #endif
646 s->error = MC_ERR | (SENSE_UNIT_ATTENTION << 4);
647 s->status = ERR_STAT;
648 s->nsector = 0;
649 ide_set_irq(s->bus);
650 }
651
652 static void ide_flush_cb(void *opaque, int ret)
653 {
654 IDEState *s = opaque;
655
656 if (ret < 0) {
657 /* XXX: What sector number to set here? */
658 if (ide_handle_rw_error(s, -ret, BM_STATUS_RETRY_FLUSH)) {
659 return;
660 }
661 }
662
663 s->status = READY_STAT | SEEK_STAT;
664 ide_set_irq(s->bus);
665 }
666
667 void ide_flush_cache(IDEState *s)
668 {
669 BlockDriverAIOCB *acb;
670
671 if (s->bs == NULL) {
672 ide_flush_cb(s, 0);
673 return;
674 }
675
676 acb = bdrv_aio_flush(s->bs, ide_flush_cb, s);
677 if (acb == NULL) {
678 ide_flush_cb(s, -EIO);
679 }
680 }
681
682 static inline void cpu_to_ube16(uint8_t *buf, int val)
683 {
684 buf[0] = val >> 8;
685 buf[1] = val & 0xff;
686 }
687
688 static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
689 {
690 buf[0] = val >> 24;
691 buf[1] = val >> 16;
692 buf[2] = val >> 8;
693 buf[3] = val & 0xff;
694 }
695
696 static inline int ube16_to_cpu(const uint8_t *buf)
697 {
698 return (buf[0] << 8) | buf[1];
699 }
700
701 static inline int ube32_to_cpu(const uint8_t *buf)
702 {
703 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
704 }
705
706 static void lba_to_msf(uint8_t *buf, int lba)
707 {
708 lba += 150;
709 buf[0] = (lba / 75) / 60;
710 buf[1] = (lba / 75) % 60;
711 buf[2] = lba % 75;
712 }
713
714 static void cd_data_to_raw(uint8_t *buf, int lba)
715 {
716 /* sync bytes */
717 buf[0] = 0x00;
718 memset(buf + 1, 0xff, 10);
719 buf[11] = 0x00;
720 buf += 12;
721 /* MSF */
722 lba_to_msf(buf, lba);
723 buf[3] = 0x01; /* mode 1 data */
724 buf += 4;
725 /* data */
726 buf += 2048;
727 /* XXX: ECC not computed */
728 memset(buf, 0, 288);
729 }
730
731 static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
732 int sector_size)
733 {
734 int ret;
735
736 switch(sector_size) {
737 case 2048:
738 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
739 break;
740 case 2352:
741 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
742 if (ret < 0)
743 return ret;
744 cd_data_to_raw(buf, lba);
745 break;
746 default:
747 ret = -EIO;
748 break;
749 }
750 return ret;
751 }
752
753 void ide_atapi_io_error(IDEState *s, int ret)
754 {
755 /* XXX: handle more errors */
756 if (ret == -ENOMEDIUM) {
757 ide_atapi_cmd_error(s, SENSE_NOT_READY,
758 ASC_MEDIUM_NOT_PRESENT);
759 } else {
760 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
761 ASC_LOGICAL_BLOCK_OOR);
762 }
763 }
764
765 /* The whole ATAPI transfer logic is handled in this function */
766 static void ide_atapi_cmd_reply_end(IDEState *s)
767 {
768 int byte_count_limit, size, ret;
769 #ifdef DEBUG_IDE_ATAPI
770 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
771 s->packet_transfer_size,
772 s->elementary_transfer_size,
773 s->io_buffer_index);
774 #endif
775 if (s->packet_transfer_size <= 0) {
776 /* end of transfer */
777 ide_transfer_stop(s);
778 s->status = READY_STAT | SEEK_STAT;
779 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
780 ide_set_irq(s->bus);
781 #ifdef DEBUG_IDE_ATAPI
782 printf("status=0x%x\n", s->status);
783 #endif
784 } else {
785 /* see if a new sector must be read */
786 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
787 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
788 if (ret < 0) {
789 ide_transfer_stop(s);
790 ide_atapi_io_error(s, ret);
791 return;
792 }
793 s->lba++;
794 s->io_buffer_index = 0;
795 }
796 if (s->elementary_transfer_size > 0) {
797 /* there are some data left to transmit in this elementary
798 transfer */
799 size = s->cd_sector_size - s->io_buffer_index;
800 if (size > s->elementary_transfer_size)
801 size = s->elementary_transfer_size;
802 s->packet_transfer_size -= size;
803 s->elementary_transfer_size -= size;
804 s->io_buffer_index += size;
805 ide_transfer_start(s, s->io_buffer + s->io_buffer_index - size,
806 size, ide_atapi_cmd_reply_end);
807 } else {
808 /* a new transfer is needed */
809 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
810 byte_count_limit = s->lcyl | (s->hcyl << 8);
811 #ifdef DEBUG_IDE_ATAPI
812 printf("byte_count_limit=%d\n", byte_count_limit);
813 #endif
814 if (byte_count_limit == 0xffff)
815 byte_count_limit--;
816 size = s->packet_transfer_size;
817 if (size > byte_count_limit) {
818 /* byte count limit must be even if this case */
819 if (byte_count_limit & 1)
820 byte_count_limit--;
821 size = byte_count_limit;
822 }
823 s->lcyl = size;
824 s->hcyl = size >> 8;
825 s->elementary_transfer_size = size;
826 /* we cannot transmit more than one sector at a time */
827 if (s->lba != -1) {
828 if (size > (s->cd_sector_size - s->io_buffer_index))
829 size = (s->cd_sector_size - s->io_buffer_index);
830 }
831 s->packet_transfer_size -= size;
832 s->elementary_transfer_size -= size;
833 s->io_buffer_index += size;
834 ide_transfer_start(s, s->io_buffer + s->io_buffer_index - size,
835 size, ide_atapi_cmd_reply_end);
836 ide_set_irq(s->bus);
837 #ifdef DEBUG_IDE_ATAPI
838 printf("status=0x%x\n", s->status);
839 #endif
840 }
841 }
842 }
843
844 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
845 static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
846 {
847 if (size > max_size)
848 size = max_size;
849 s->lba = -1; /* no sector read */
850 s->packet_transfer_size = size;
851 s->io_buffer_size = size; /* dma: send the reply data as one chunk */
852 s->elementary_transfer_size = 0;
853 s->io_buffer_index = 0;
854
855 if (s->atapi_dma) {
856 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
857 s->bus->dma->ops->start_dma(s->bus->dma, s,
858 ide_atapi_cmd_read_dma_cb);
859 } else {
860 s->status = READY_STAT | SEEK_STAT;
861 ide_atapi_cmd_reply_end(s);
862 }
863 }
864
865 /* start a CD-CDROM read command */
866 static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
867 int sector_size)
868 {
869 s->lba = lba;
870 s->packet_transfer_size = nb_sectors * sector_size;
871 s->elementary_transfer_size = 0;
872 s->io_buffer_index = sector_size;
873 s->cd_sector_size = sector_size;
874
875 s->status = READY_STAT | SEEK_STAT;
876 ide_atapi_cmd_reply_end(s);
877 }
878
879 /* ATAPI DMA support */
880
881 /* XXX: handle read errors */
882 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
883 {
884 IDEState *s = opaque;
885 int data_offset, n;
886
887 if (ret < 0) {
888 ide_atapi_io_error(s, ret);
889 goto eot;
890 }
891
892 if (s->io_buffer_size > 0) {
893 /*
894 * For a cdrom read sector command (s->lba != -1),
895 * adjust the lba for the next s->io_buffer_size chunk
896 * and dma the current chunk.
897 * For a command != read (s->lba == -1), just transfer
898 * the reply data.
899 */
900 if (s->lba != -1) {
901 if (s->cd_sector_size == 2352) {
902 n = 1;
903 cd_data_to_raw(s->io_buffer, s->lba);
904 } else {
905 n = s->io_buffer_size >> 11;
906 }
907 s->lba += n;
908 }
909 s->packet_transfer_size -= s->io_buffer_size;
910 if (s->bus->dma->ops->rw_buf(s->bus->dma, 1) == 0)
911 goto eot;
912 }
913
914 if (s->packet_transfer_size <= 0) {
915 s->status = READY_STAT | SEEK_STAT;
916 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
917 ide_set_irq(s->bus);
918 eot:
919 s->bus->dma->ops->add_status(s->bus->dma, BM_STATUS_INT);
920 ide_set_inactive(s);
921 return;
922 }
923
924 s->io_buffer_index = 0;
925 if (s->cd_sector_size == 2352) {
926 n = 1;
927 s->io_buffer_size = s->cd_sector_size;
928 data_offset = 16;
929 } else {
930 n = s->packet_transfer_size >> 11;
931 if (n > (IDE_DMA_BUF_SECTORS / 4))
932 n = (IDE_DMA_BUF_SECTORS / 4);
933 s->io_buffer_size = n * 2048;
934 data_offset = 0;
935 }
936 #ifdef DEBUG_AIO
937 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
938 #endif
939 s->bus->dma->iov.iov_base = (void *)(s->io_buffer + data_offset);
940 s->bus->dma->iov.iov_len = n * 4 * 512;
941 qemu_iovec_init_external(&s->bus->dma->qiov, &s->bus->dma->iov, 1);
942 s->bus->dma->aiocb = bdrv_aio_readv(s->bs, (int64_t)s->lba << 2,
943 &s->bus->dma->qiov, n * 4,
944 ide_atapi_cmd_read_dma_cb, s);
945 if (!s->bus->dma->aiocb) {
946 /* Note: media not present is the most likely case */
947 ide_atapi_cmd_error(s, SENSE_NOT_READY,
948 ASC_MEDIUM_NOT_PRESENT);
949 goto eot;
950 }
951 }
952
953 /* start a CD-CDROM read command with DMA */
954 /* XXX: test if DMA is available */
955 static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
956 int sector_size)
957 {
958 s->lba = lba;
959 s->packet_transfer_size = nb_sectors * sector_size;
960 s->io_buffer_index = 0;
961 s->io_buffer_size = 0;
962 s->cd_sector_size = sector_size;
963
964 /* XXX: check if BUSY_STAT should be set */
965 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
966 s->bus->dma->ops->start_dma(s->bus->dma, s,
967 ide_atapi_cmd_read_dma_cb);
968 }
969
970 static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
971 int sector_size)
972 {
973 #ifdef DEBUG_IDE_ATAPI
974 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
975 lba, nb_sectors);
976 #endif
977 if (s->atapi_dma) {
978 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
979 } else {
980 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
981 }
982 }
983
984 static inline uint8_t ide_atapi_set_profile(uint8_t *buf, uint8_t *index,
985 uint16_t profile)
986 {
987 uint8_t *buf_profile = buf + 12; /* start of profiles */
988
989 buf_profile += ((*index) * 4); /* start of indexed profile */
990 cpu_to_ube16 (buf_profile, profile);
991 buf_profile[2] = ((buf_profile[0] == buf[6]) && (buf_profile[1] == buf[7]));
992
993 /* each profile adds 4 bytes to the response */
994 (*index)++;
995 buf[11] += 4; /* Additional Length */
996
997 return 4;
998 }
999
1000 static int ide_dvd_read_structure(IDEState *s, int format,
1001 const uint8_t *packet, uint8_t *buf)
1002 {
1003 switch (format) {
1004 case 0x0: /* Physical format information */
1005 {
1006 int layer = packet[6];
1007 uint64_t total_sectors;
1008
1009 if (layer != 0)
1010 return -ASC_INV_FIELD_IN_CMD_PACKET;
1011
1012 bdrv_get_geometry(s->bs, &total_sectors);
1013 total_sectors >>= 2;
1014 if (total_sectors == 0)
1015 return -ASC_MEDIUM_NOT_PRESENT;
1016
1017 buf[4] = 1; /* DVD-ROM, part version 1 */
1018 buf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
1019 buf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
1020 buf[7] = 0; /* default densities */
1021
1022 /* FIXME: 0x30000 per spec? */
1023 cpu_to_ube32(buf + 8, 0); /* start sector */
1024 cpu_to_ube32(buf + 12, total_sectors - 1); /* end sector */
1025 cpu_to_ube32(buf + 16, total_sectors - 1); /* l0 end sector */
1026
1027 /* Size of buffer, not including 2 byte size field */
1028 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1029
1030 /* 2k data + 4 byte header */
1031 return (2048 + 4);
1032 }
1033
1034 case 0x01: /* DVD copyright information */
1035 buf[4] = 0; /* no copyright data */
1036 buf[5] = 0; /* no region restrictions */
1037
1038 /* Size of buffer, not including 2 byte size field */
1039 cpu_to_be16wu((uint16_t *)buf, 4 + 2);
1040
1041 /* 4 byte header + 4 byte data */
1042 return (4 + 4);
1043
1044 case 0x03: /* BCA information - invalid field for no BCA info */
1045 return -ASC_INV_FIELD_IN_CMD_PACKET;
1046
1047 case 0x04: /* DVD disc manufacturing information */
1048 /* Size of buffer, not including 2 byte size field */
1049 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1050
1051 /* 2k data + 4 byte header */
1052 return (2048 + 4);
1053
1054 case 0xff:
1055 /*
1056 * This lists all the command capabilities above. Add new ones
1057 * in order and update the length and buffer return values.
1058 */
1059
1060 buf[4] = 0x00; /* Physical format */
1061 buf[5] = 0x40; /* Not writable, is readable */
1062 cpu_to_be16wu((uint16_t *)(buf + 6), 2048 + 4);
1063
1064 buf[8] = 0x01; /* Copyright info */
1065 buf[9] = 0x40; /* Not writable, is readable */
1066 cpu_to_be16wu((uint16_t *)(buf + 10), 4 + 4);
1067
1068 buf[12] = 0x03; /* BCA info */
1069 buf[13] = 0x40; /* Not writable, is readable */
1070 cpu_to_be16wu((uint16_t *)(buf + 14), 188 + 4);
1071
1072 buf[16] = 0x04; /* Manufacturing info */
1073 buf[17] = 0x40; /* Not writable, is readable */
1074 cpu_to_be16wu((uint16_t *)(buf + 18), 2048 + 4);
1075
1076 /* Size of buffer, not including 2 byte size field */
1077 cpu_to_be16wu((uint16_t *)buf, 16 + 2);
1078
1079 /* data written + 4 byte header */
1080 return (16 + 4);
1081
1082 default: /* TODO: formats beyond DVD-ROM requires */
1083 return -ASC_INV_FIELD_IN_CMD_PACKET;
1084 }
1085 }
1086
1087 static void handle_get_event_status_notification(IDEState *s,
1088 uint8_t *buf,
1089 const uint8_t *packet)
1090 {
1091 struct {
1092 uint8_t opcode;
1093 uint8_t polled; /* lsb bit is polled; others are reserved */
1094 uint8_t reserved2[2];
1095 uint8_t class;
1096 uint8_t reserved3[2];
1097 uint16_t len;
1098 uint8_t control;
1099 } __attribute__((packed)) *gesn_cdb;
1100
1101 unsigned int max_len;
1102
1103 gesn_cdb = (void *)packet;
1104 max_len = be16_to_cpu(gesn_cdb->len);
1105
1106 /* It is fine by the MMC spec to not support async mode operations */
1107 if (!(gesn_cdb->polled & 0x01)) { /* asynchronous mode */
1108 /* Only polling is supported, asynchronous mode is not. */
1109 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1110 ASC_INV_FIELD_IN_CMD_PACKET);
1111 return;
1112 }
1113
1114 /* polling */
1115 /* We don't support any event class (yet). */
1116 cpu_to_ube16(buf, 0x00); /* No event descriptor returned */
1117 buf[2] = 0x80; /* No Event Available (NEA) */
1118 buf[3] = 0x00; /* Empty supported event classes */
1119 ide_atapi_cmd_reply(s, 4, max_len);
1120 }
1121
1122 static void ide_atapi_cmd(IDEState *s)
1123 {
1124 const uint8_t *packet;
1125 uint8_t *buf;
1126 int max_len;
1127
1128 packet = s->io_buffer;
1129 buf = s->io_buffer;
1130 #ifdef DEBUG_IDE_ATAPI
1131 {
1132 int i;
1133 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1134 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1135 printf(" %02x", packet[i]);
1136 }
1137 printf("\n");
1138 }
1139 #endif
1140 /*
1141 * If there's a UNIT_ATTENTION condition pending, only
1142 * REQUEST_SENSE, INQUIRY, GET_CONFIGURATION and
1143 * GET_EVENT_STATUS_NOTIFICATION commands are allowed to complete.
1144 * MMC-5, section 4.1.6.1 lists only these commands being allowed
1145 * to complete, with other commands getting a CHECK condition
1146 * response unless a higher priority status, defined by the drive
1147 * here, is pending.
1148 */
1149 if (s->sense_key == SENSE_UNIT_ATTENTION &&
1150 s->io_buffer[0] != GPCMD_REQUEST_SENSE &&
1151 s->io_buffer[0] != GPCMD_INQUIRY &&
1152 s->io_buffer[0] != GPCMD_GET_EVENT_STATUS_NOTIFICATION) {
1153 ide_atapi_cmd_check_status(s);
1154 return;
1155 }
1156 switch(s->io_buffer[0]) {
1157 case GPCMD_TEST_UNIT_READY:
1158 if (bdrv_is_inserted(s->bs) && !s->cdrom_changed) {
1159 ide_atapi_cmd_ok(s);
1160 } else {
1161 s->cdrom_changed = 0;
1162 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1163 ASC_MEDIUM_NOT_PRESENT);
1164 }
1165 break;
1166 case GPCMD_MODE_SENSE_6:
1167 case GPCMD_MODE_SENSE_10:
1168 {
1169 int action, code;
1170 if (packet[0] == GPCMD_MODE_SENSE_10)
1171 max_len = ube16_to_cpu(packet + 7);
1172 else
1173 max_len = packet[4];
1174 action = packet[2] >> 6;
1175 code = packet[2] & 0x3f;
1176 switch(action) {
1177 case 0: /* current values */
1178 switch(code) {
1179 case GPMODE_R_W_ERROR_PAGE: /* error recovery */
1180 cpu_to_ube16(&buf[0], 16 + 6);
1181 buf[2] = 0x70;
1182 buf[3] = 0;
1183 buf[4] = 0;
1184 buf[5] = 0;
1185 buf[6] = 0;
1186 buf[7] = 0;
1187
1188 buf[8] = 0x01;
1189 buf[9] = 0x06;
1190 buf[10] = 0x00;
1191 buf[11] = 0x05;
1192 buf[12] = 0x00;
1193 buf[13] = 0x00;
1194 buf[14] = 0x00;
1195 buf[15] = 0x00;
1196 ide_atapi_cmd_reply(s, 16, max_len);
1197 break;
1198 case GPMODE_AUDIO_CTL_PAGE:
1199 cpu_to_ube16(&buf[0], 24 + 6);
1200 buf[2] = 0x70;
1201 buf[3] = 0;
1202 buf[4] = 0;
1203 buf[5] = 0;
1204 buf[6] = 0;
1205 buf[7] = 0;
1206
1207 /* Fill with CDROM audio volume */
1208 buf[17] = 0;
1209 buf[19] = 0;
1210 buf[21] = 0;
1211 buf[23] = 0;
1212
1213 ide_atapi_cmd_reply(s, 24, max_len);
1214 break;
1215 case GPMODE_CAPABILITIES_PAGE:
1216 cpu_to_ube16(&buf[0], 28 + 6);
1217 buf[2] = 0x70;
1218 buf[3] = 0;
1219 buf[4] = 0;
1220 buf[5] = 0;
1221 buf[6] = 0;
1222 buf[7] = 0;
1223
1224 buf[8] = 0x2a;
1225 buf[9] = 0x12;
1226 buf[10] = 0x00;
1227 buf[11] = 0x00;
1228
1229 /* Claim PLAY_AUDIO capability (0x01) since some Linux
1230 code checks for this to automount media. */
1231 buf[12] = 0x71;
1232 buf[13] = 3 << 5;
1233 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
1234 if (bdrv_is_locked(s->bs))
1235 buf[6] |= 1 << 1;
1236 buf[15] = 0x00;
1237 cpu_to_ube16(&buf[16], 706);
1238 buf[18] = 0;
1239 buf[19] = 2;
1240 cpu_to_ube16(&buf[20], 512);
1241 cpu_to_ube16(&buf[22], 706);
1242 buf[24] = 0;
1243 buf[25] = 0;
1244 buf[26] = 0;
1245 buf[27] = 0;
1246 ide_atapi_cmd_reply(s, 28, max_len);
1247 break;
1248 default:
1249 goto error_cmd;
1250 }
1251 break;
1252 case 1: /* changeable values */
1253 goto error_cmd;
1254 case 2: /* default values */
1255 goto error_cmd;
1256 default:
1257 case 3: /* saved values */
1258 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1259 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1260 break;
1261 }
1262 }
1263 break;
1264 case GPCMD_REQUEST_SENSE:
1265 max_len = packet[4];
1266 memset(buf, 0, 18);
1267 buf[0] = 0x70 | (1 << 7);
1268 buf[2] = s->sense_key;
1269 buf[7] = 10;
1270 buf[12] = s->asc;
1271 if (s->sense_key == SENSE_UNIT_ATTENTION)
1272 s->sense_key = SENSE_NONE;
1273 ide_atapi_cmd_reply(s, 18, max_len);
1274 break;
1275 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
1276 bdrv_set_locked(s->bs, packet[4] & 1);
1277 ide_atapi_cmd_ok(s);
1278 break;
1279 case GPCMD_READ_10:
1280 case GPCMD_READ_12:
1281 {
1282 int nb_sectors, lba;
1283
1284 if (packet[0] == GPCMD_READ_10)
1285 nb_sectors = ube16_to_cpu(packet + 7);
1286 else
1287 nb_sectors = ube32_to_cpu(packet + 6);
1288 lba = ube32_to_cpu(packet + 2);
1289 if (nb_sectors == 0) {
1290 ide_atapi_cmd_ok(s);
1291 break;
1292 }
1293 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1294 }
1295 break;
1296 case GPCMD_READ_CD:
1297 {
1298 int nb_sectors, lba, transfer_request;
1299
1300 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1301 lba = ube32_to_cpu(packet + 2);
1302 if (nb_sectors == 0) {
1303 ide_atapi_cmd_ok(s);
1304 break;
1305 }
1306 transfer_request = packet[9];
1307 switch(transfer_request & 0xf8) {
1308 case 0x00:
1309 /* nothing */
1310 ide_atapi_cmd_ok(s);
1311 break;
1312 case 0x10:
1313 /* normal read */
1314 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1315 break;
1316 case 0xf8:
1317 /* read all data */
1318 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1319 break;
1320 default:
1321 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1322 ASC_INV_FIELD_IN_CMD_PACKET);
1323 break;
1324 }
1325 }
1326 break;
1327 case GPCMD_SEEK:
1328 {
1329 unsigned int lba;
1330 uint64_t total_sectors;
1331
1332 bdrv_get_geometry(s->bs, &total_sectors);
1333 total_sectors >>= 2;
1334 if (total_sectors == 0) {
1335 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1336 ASC_MEDIUM_NOT_PRESENT);
1337 break;
1338 }
1339 lba = ube32_to_cpu(packet + 2);
1340 if (lba >= total_sectors) {
1341 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1342 ASC_LOGICAL_BLOCK_OOR);
1343 break;
1344 }
1345 ide_atapi_cmd_ok(s);
1346 }
1347 break;
1348 case GPCMD_START_STOP_UNIT:
1349 {
1350 int start, eject, sense, err = 0;
1351 start = packet[4] & 1;
1352 eject = (packet[4] >> 1) & 1;
1353
1354 if (eject) {
1355 err = bdrv_eject(s->bs, !start);
1356 }
1357
1358 switch (err) {
1359 case 0:
1360 ide_atapi_cmd_ok(s);
1361 break;
1362 case -EBUSY:
1363 sense = SENSE_NOT_READY;
1364 if (bdrv_is_inserted(s->bs)) {
1365 sense = SENSE_ILLEGAL_REQUEST;
1366 }
1367 ide_atapi_cmd_error(s, sense,
1368 ASC_MEDIA_REMOVAL_PREVENTED);
1369 break;
1370 default:
1371 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1372 ASC_MEDIUM_NOT_PRESENT);
1373 break;
1374 }
1375 }
1376 break;
1377 case GPCMD_MECHANISM_STATUS:
1378 {
1379 max_len = ube16_to_cpu(packet + 8);
1380 cpu_to_ube16(buf, 0);
1381 /* no current LBA */
1382 buf[2] = 0;
1383 buf[3] = 0;
1384 buf[4] = 0;
1385 buf[5] = 1;
1386 cpu_to_ube16(buf + 6, 0);
1387 ide_atapi_cmd_reply(s, 8, max_len);
1388 }
1389 break;
1390 case GPCMD_READ_TOC_PMA_ATIP:
1391 {
1392 int format, msf, start_track, len;
1393 uint64_t total_sectors;
1394
1395 bdrv_get_geometry(s->bs, &total_sectors);
1396 total_sectors >>= 2;
1397 if (total_sectors == 0) {
1398 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1399 ASC_MEDIUM_NOT_PRESENT);
1400 break;
1401 }
1402 max_len = ube16_to_cpu(packet + 7);
1403 format = packet[9] >> 6;
1404 msf = (packet[1] >> 1) & 1;
1405 start_track = packet[6];
1406 switch(format) {
1407 case 0:
1408 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
1409 if (len < 0)
1410 goto error_cmd;
1411 ide_atapi_cmd_reply(s, len, max_len);
1412 break;
1413 case 1:
1414 /* multi session : only a single session defined */
1415 memset(buf, 0, 12);
1416 buf[1] = 0x0a;
1417 buf[2] = 0x01;
1418 buf[3] = 0x01;
1419 ide_atapi_cmd_reply(s, 12, max_len);
1420 break;
1421 case 2:
1422 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
1423 if (len < 0)
1424 goto error_cmd;
1425 ide_atapi_cmd_reply(s, len, max_len);
1426 break;
1427 default:
1428 error_cmd:
1429 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1430 ASC_INV_FIELD_IN_CMD_PACKET);
1431 break;
1432 }
1433 }
1434 break;
1435 case GPCMD_READ_CDVD_CAPACITY:
1436 {
1437 uint64_t total_sectors;
1438
1439 bdrv_get_geometry(s->bs, &total_sectors);
1440 total_sectors >>= 2;
1441 if (total_sectors == 0) {
1442 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1443 ASC_MEDIUM_NOT_PRESENT);
1444 break;
1445 }
1446 /* NOTE: it is really the number of sectors minus 1 */
1447 cpu_to_ube32(buf, total_sectors - 1);
1448 cpu_to_ube32(buf + 4, 2048);
1449 ide_atapi_cmd_reply(s, 8, 8);
1450 }
1451 break;
1452 case GPCMD_READ_DVD_STRUCTURE:
1453 {
1454 int media = packet[1];
1455 int format = packet[7];
1456 int ret;
1457
1458 max_len = ube16_to_cpu(packet + 8);
1459
1460 if (format < 0xff) {
1461 if (media_is_cd(s)) {
1462 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1463 ASC_INCOMPATIBLE_FORMAT);
1464 break;
1465 } else if (!media_present(s)) {
1466 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1467 ASC_INV_FIELD_IN_CMD_PACKET);
1468 break;
1469 }
1470 }
1471
1472 memset(buf, 0, max_len > IDE_DMA_BUF_SECTORS * 512 + 4 ?
1473 IDE_DMA_BUF_SECTORS * 512 + 4 : max_len);
1474
1475 switch (format) {
1476 case 0x00 ... 0x7f:
1477 case 0xff:
1478 if (media == 0) {
1479 ret = ide_dvd_read_structure(s, format, packet, buf);
1480
1481 if (ret < 0)
1482 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, -ret);
1483 else
1484 ide_atapi_cmd_reply(s, ret, max_len);
1485
1486 break;
1487 }
1488 /* TODO: BD support, fall through for now */
1489
1490 /* Generic disk structures */
1491 case 0x80: /* TODO: AACS volume identifier */
1492 case 0x81: /* TODO: AACS media serial number */
1493 case 0x82: /* TODO: AACS media identifier */
1494 case 0x83: /* TODO: AACS media key block */
1495 case 0x90: /* TODO: List of recognized format layers */
1496 case 0xc0: /* TODO: Write protection status */
1497 default:
1498 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1499 ASC_INV_FIELD_IN_CMD_PACKET);
1500 break;
1501 }
1502 }
1503 break;
1504 case GPCMD_SET_SPEED:
1505 ide_atapi_cmd_ok(s);
1506 break;
1507 case GPCMD_INQUIRY:
1508 max_len = packet[4];
1509 buf[0] = 0x05; /* CD-ROM */
1510 buf[1] = 0x80; /* removable */
1511 buf[2] = 0x00; /* ISO */
1512 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1513 buf[4] = 31; /* additional length */
1514 buf[5] = 0; /* reserved */
1515 buf[6] = 0; /* reserved */
1516 buf[7] = 0; /* reserved */
1517 padstr8(buf + 8, 8, "QEMU");
1518 padstr8(buf + 16, 16, "QEMU DVD-ROM");
1519 padstr8(buf + 32, 4, s->version);
1520 ide_atapi_cmd_reply(s, 36, max_len);
1521 break;
1522 case GPCMD_GET_CONFIGURATION:
1523 {
1524 uint32_t len;
1525 uint8_t index = 0;
1526
1527 /* only feature 0 is supported */
1528 if (packet[2] != 0 || packet[3] != 0) {
1529 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1530 ASC_INV_FIELD_IN_CMD_PACKET);
1531 break;
1532 }
1533
1534 /* XXX: could result in alignment problems in some architectures */
1535 max_len = ube16_to_cpu(packet + 7);
1536
1537 /*
1538 * XXX: avoid overflow for io_buffer if max_len is bigger than
1539 * the size of that buffer (dimensioned to max number of
1540 * sectors to transfer at once)
1541 *
1542 * Only a problem if the feature/profiles grow.
1543 */
1544 if (max_len > 512) /* XXX: assume 1 sector */
1545 max_len = 512;
1546
1547 memset(buf, 0, max_len);
1548 /*
1549 * the number of sectors from the media tells us which profile
1550 * to use as current. 0 means there is no media
1551 */
1552 if (media_is_dvd(s))
1553 cpu_to_ube16(buf + 6, MMC_PROFILE_DVD_ROM);
1554 else if (media_is_cd(s))
1555 cpu_to_ube16(buf + 6, MMC_PROFILE_CD_ROM);
1556
1557 buf[10] = 0x02 | 0x01; /* persistent and current */
1558 len = 12; /* headers: 8 + 4 */
1559 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_DVD_ROM);
1560 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_CD_ROM);
1561 cpu_to_ube32(buf, len - 4); /* data length */
1562
1563 ide_atapi_cmd_reply(s, len, max_len);
1564 break;
1565 }
1566 case GPCMD_GET_EVENT_STATUS_NOTIFICATION:
1567 handle_get_event_status_notification(s, buf, packet);
1568 break;
1569 default:
1570 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1571 ASC_ILLEGAL_OPCODE);
1572 break;
1573 }
1574 }
1575
1576 static void ide_cfata_metadata_inquiry(IDEState *s)
1577 {
1578 uint16_t *p;
1579 uint32_t spd;
1580
1581 p = (uint16_t *) s->io_buffer;
1582 memset(p, 0, 0x200);
1583 spd = ((s->mdata_size - 1) >> 9) + 1;
1584
1585 put_le16(p + 0, 0x0001); /* Data format revision */
1586 put_le16(p + 1, 0x0000); /* Media property: silicon */
1587 put_le16(p + 2, s->media_changed); /* Media status */
1588 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
1589 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
1590 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
1591 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
1592 }
1593
1594 static void ide_cfata_metadata_read(IDEState *s)
1595 {
1596 uint16_t *p;
1597
1598 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1599 s->status = ERR_STAT;
1600 s->error = ABRT_ERR;
1601 return;
1602 }
1603
1604 p = (uint16_t *) s->io_buffer;
1605 memset(p, 0, 0x200);
1606
1607 put_le16(p + 0, s->media_changed); /* Media status */
1608 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1609 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1610 s->nsector << 9), 0x200 - 2));
1611 }
1612
1613 static void ide_cfata_metadata_write(IDEState *s)
1614 {
1615 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1616 s->status = ERR_STAT;
1617 s->error = ABRT_ERR;
1618 return;
1619 }
1620
1621 s->media_changed = 0;
1622
1623 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1624 s->io_buffer + 2,
1625 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1626 s->nsector << 9), 0x200 - 2));
1627 }
1628
1629 /* called when the inserted state of the media has changed */
1630 static void cdrom_change_cb(void *opaque, int reason)
1631 {
1632 IDEState *s = opaque;
1633 uint64_t nb_sectors;
1634
1635 if (!(reason & CHANGE_MEDIA)) {
1636 return;
1637 }
1638
1639 bdrv_get_geometry(s->bs, &nb_sectors);
1640 s->nb_sectors = nb_sectors;
1641
1642 s->sense_key = SENSE_UNIT_ATTENTION;
1643 s->asc = ASC_MEDIUM_MAY_HAVE_CHANGED;
1644 s->cdrom_changed = 1;
1645 ide_set_irq(s->bus);
1646 }
1647
1648 static void ide_cmd_lba48_transform(IDEState *s, int lba48)
1649 {
1650 s->lba48 = lba48;
1651
1652 /* handle the 'magic' 0 nsector count conversion here. to avoid
1653 * fiddling with the rest of the read logic, we just store the
1654 * full sector count in ->nsector and ignore ->hob_nsector from now
1655 */
1656 if (!s->lba48) {
1657 if (!s->nsector)
1658 s->nsector = 256;
1659 } else {
1660 if (!s->nsector && !s->hob_nsector)
1661 s->nsector = 65536;
1662 else {
1663 int lo = s->nsector;
1664 int hi = s->hob_nsector;
1665
1666 s->nsector = (hi << 8) | lo;
1667 }
1668 }
1669 }
1670
1671 static void ide_clear_hob(IDEBus *bus)
1672 {
1673 /* any write clears HOB high bit of device control register */
1674 bus->ifs[0].select &= ~(1 << 7);
1675 bus->ifs[1].select &= ~(1 << 7);
1676 }
1677
1678 void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
1679 {
1680 IDEBus *bus = opaque;
1681
1682 #ifdef DEBUG_IDE
1683 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1684 #endif
1685
1686 addr &= 7;
1687
1688 /* ignore writes to command block while busy with previous command */
1689 if (addr != 7 && (idebus_active_if(bus)->status & (BUSY_STAT|DRQ_STAT)))
1690 return;
1691
1692 switch(addr) {
1693 case 0:
1694 break;
1695 case 1:
1696 ide_clear_hob(bus);
1697 /* NOTE: data is written to the two drives */
1698 bus->ifs[0].hob_feature = bus->ifs[0].feature;
1699 bus->ifs[1].hob_feature = bus->ifs[1].feature;
1700 bus->ifs[0].feature = val;
1701 bus->ifs[1].feature = val;
1702 break;
1703 case 2:
1704 ide_clear_hob(bus);
1705 bus->ifs[0].hob_nsector = bus->ifs[0].nsector;
1706 bus->ifs[1].hob_nsector = bus->ifs[1].nsector;
1707 bus->ifs[0].nsector = val;
1708 bus->ifs[1].nsector = val;
1709 break;
1710 case 3:
1711 ide_clear_hob(bus);
1712 bus->ifs[0].hob_sector = bus->ifs[0].sector;
1713 bus->ifs[1].hob_sector = bus->ifs[1].sector;
1714 bus->ifs[0].sector = val;
1715 bus->ifs[1].sector = val;
1716 break;
1717 case 4:
1718 ide_clear_hob(bus);
1719 bus->ifs[0].hob_lcyl = bus->ifs[0].lcyl;
1720 bus->ifs[1].hob_lcyl = bus->ifs[1].lcyl;
1721 bus->ifs[0].lcyl = val;
1722 bus->ifs[1].lcyl = val;
1723 break;
1724 case 5:
1725 ide_clear_hob(bus);
1726 bus->ifs[0].hob_hcyl = bus->ifs[0].hcyl;
1727 bus->ifs[1].hob_hcyl = bus->ifs[1].hcyl;
1728 bus->ifs[0].hcyl = val;
1729 bus->ifs[1].hcyl = val;
1730 break;
1731 case 6:
1732 /* FIXME: HOB readback uses bit 7 */
1733 bus->ifs[0].select = (val & ~0x10) | 0xa0;
1734 bus->ifs[1].select = (val | 0x10) | 0xa0;
1735 /* select drive */
1736 bus->unit = (val >> 4) & 1;
1737 break;
1738 default:
1739 case 7:
1740 /* command */
1741 ide_exec_cmd(bus, val);
1742 break;
1743 }
1744 }
1745
1746
1747 void ide_exec_cmd(IDEBus *bus, uint32_t val)
1748 {
1749 IDEState *s;
1750 int n;
1751 int lba48 = 0;
1752
1753 #if defined(DEBUG_IDE)
1754 printf("ide: CMD=%02x\n", val);
1755 #endif
1756 s = idebus_active_if(bus);
1757 /* ignore commands to non existant slave */
1758 if (s != bus->ifs && !s->bs)
1759 return;
1760
1761 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */
1762 if ((s->status & (BUSY_STAT|DRQ_STAT)) && val != WIN_DEVICE_RESET)
1763 return;
1764
1765 switch(val) {
1766 case WIN_IDENTIFY:
1767 if (s->bs && s->drive_kind != IDE_CD) {
1768 if (s->drive_kind != IDE_CFATA)
1769 ide_identify(s);
1770 else
1771 ide_cfata_identify(s);
1772 s->status = READY_STAT | SEEK_STAT;
1773 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1774 } else {
1775 if (s->drive_kind == IDE_CD) {
1776 ide_set_signature(s);
1777 }
1778 ide_abort_command(s);
1779 }
1780 ide_set_irq(s->bus);
1781 break;
1782 case WIN_SPECIFY:
1783 case WIN_RECAL:
1784 s->error = 0;
1785 s->status = READY_STAT | SEEK_STAT;
1786 ide_set_irq(s->bus);
1787 break;
1788 case WIN_SETMULT:
1789 if (s->drive_kind == IDE_CFATA && s->nsector == 0) {
1790 /* Disable Read and Write Multiple */
1791 s->mult_sectors = 0;
1792 s->status = READY_STAT | SEEK_STAT;
1793 } else if ((s->nsector & 0xff) != 0 &&
1794 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
1795 (s->nsector & (s->nsector - 1)) != 0)) {
1796 ide_abort_command(s);
1797 } else {
1798 s->mult_sectors = s->nsector & 0xff;
1799 s->status = READY_STAT | SEEK_STAT;
1800 }
1801 ide_set_irq(s->bus);
1802 break;
1803 case WIN_VERIFY_EXT:
1804 lba48 = 1;
1805 case WIN_VERIFY:
1806 case WIN_VERIFY_ONCE:
1807 /* do sector number check ? */
1808 ide_cmd_lba48_transform(s, lba48);
1809 s->status = READY_STAT | SEEK_STAT;
1810 ide_set_irq(s->bus);
1811 break;
1812 case WIN_READ_EXT:
1813 lba48 = 1;
1814 case WIN_READ:
1815 case WIN_READ_ONCE:
1816 if (!s->bs)
1817 goto abort_cmd;
1818 ide_cmd_lba48_transform(s, lba48);
1819 s->req_nb_sectors = 1;
1820 ide_sector_read(s);
1821 break;
1822 case WIN_WRITE_EXT:
1823 lba48 = 1;
1824 case WIN_WRITE:
1825 case WIN_WRITE_ONCE:
1826 case CFA_WRITE_SECT_WO_ERASE:
1827 case WIN_WRITE_VERIFY:
1828 ide_cmd_lba48_transform(s, lba48);
1829 s->error = 0;
1830 s->status = SEEK_STAT | READY_STAT;
1831 s->req_nb_sectors = 1;
1832 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1833 s->media_changed = 1;
1834 break;
1835 case WIN_MULTREAD_EXT:
1836 lba48 = 1;
1837 case WIN_MULTREAD:
1838 if (!s->mult_sectors)
1839 goto abort_cmd;
1840 ide_cmd_lba48_transform(s, lba48);
1841 s->req_nb_sectors = s->mult_sectors;
1842 ide_sector_read(s);
1843 break;
1844 case WIN_MULTWRITE_EXT:
1845 lba48 = 1;
1846 case WIN_MULTWRITE:
1847 case CFA_WRITE_MULTI_WO_ERASE:
1848 if (!s->mult_sectors)
1849 goto abort_cmd;
1850 ide_cmd_lba48_transform(s, lba48);
1851 s->error = 0;
1852 s->status = SEEK_STAT | READY_STAT;
1853 s->req_nb_sectors = s->mult_sectors;
1854 n = s->nsector;
1855 if (n > s->req_nb_sectors)
1856 n = s->req_nb_sectors;
1857 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1858 s->media_changed = 1;
1859 break;
1860 case WIN_READDMA_EXT:
1861 lba48 = 1;
1862 case WIN_READDMA:
1863 case WIN_READDMA_ONCE:
1864 if (!s->bs)
1865 goto abort_cmd;
1866 ide_cmd_lba48_transform(s, lba48);
1867 ide_sector_start_dma(s, 1);
1868 break;
1869 case WIN_WRITEDMA_EXT:
1870 lba48 = 1;
1871 case WIN_WRITEDMA:
1872 case WIN_WRITEDMA_ONCE:
1873 if (!s->bs)
1874 goto abort_cmd;
1875 ide_cmd_lba48_transform(s, lba48);
1876 ide_sector_start_dma(s, 0);
1877 s->media_changed = 1;
1878 break;
1879 case WIN_READ_NATIVE_MAX_EXT:
1880 lba48 = 1;
1881 case WIN_READ_NATIVE_MAX:
1882 ide_cmd_lba48_transform(s, lba48);
1883 ide_set_sector(s, s->nb_sectors - 1);
1884 s->status = READY_STAT | SEEK_STAT;
1885 ide_set_irq(s->bus);
1886 break;
1887 case WIN_CHECKPOWERMODE1:
1888 case WIN_CHECKPOWERMODE2:
1889 s->error = 0;
1890 s->nsector = 0xff; /* device active or idle */
1891 s->status = READY_STAT | SEEK_STAT;
1892 ide_set_irq(s->bus);
1893 break;
1894 case WIN_SETFEATURES:
1895 if (!s->bs)
1896 goto abort_cmd;
1897 /* XXX: valid for CDROM ? */
1898 switch(s->feature) {
1899 case 0xcc: /* reverting to power-on defaults enable */
1900 case 0x66: /* reverting to power-on defaults disable */
1901 case 0x02: /* write cache enable */
1902 case 0x82: /* write cache disable */
1903 case 0xaa: /* read look-ahead enable */
1904 case 0x55: /* read look-ahead disable */
1905 case 0x05: /* set advanced power management mode */
1906 case 0x85: /* disable advanced power management mode */
1907 case 0x69: /* NOP */
1908 case 0x67: /* NOP */
1909 case 0x96: /* NOP */
1910 case 0x9a: /* NOP */
1911 case 0x42: /* enable Automatic Acoustic Mode */
1912 case 0xc2: /* disable Automatic Acoustic Mode */
1913 s->status = READY_STAT | SEEK_STAT;
1914 ide_set_irq(s->bus);
1915 break;
1916 case 0x03: { /* set transfer mode */
1917 uint8_t val = s->nsector & 0x07;
1918 uint16_t *identify_data = (uint16_t *)s->identify_data;
1919
1920 switch (s->nsector >> 3) {
1921 case 0x00: /* pio default */
1922 case 0x01: /* pio mode */
1923 put_le16(identify_data + 62,0x07);
1924 put_le16(identify_data + 63,0x07);
1925 put_le16(identify_data + 88,0x3f);
1926 break;
1927 case 0x02: /* sigle word dma mode*/
1928 put_le16(identify_data + 62,0x07 | (1 << (val + 8)));
1929 put_le16(identify_data + 63,0x07);
1930 put_le16(identify_data + 88,0x3f);
1931 break;
1932 case 0x04: /* mdma mode */
1933 put_le16(identify_data + 62,0x07);
1934 put_le16(identify_data + 63,0x07 | (1 << (val + 8)));
1935 put_le16(identify_data + 88,0x3f);
1936 break;
1937 case 0x08: /* udma mode */
1938 put_le16(identify_data + 62,0x07);
1939 put_le16(identify_data + 63,0x07);
1940 put_le16(identify_data + 88,0x3f | (1 << (val + 8)));
1941 break;
1942 default:
1943 goto abort_cmd;
1944 }
1945 s->status = READY_STAT | SEEK_STAT;
1946 ide_set_irq(s->bus);
1947 break;
1948 }
1949 default:
1950 goto abort_cmd;
1951 }
1952 break;
1953 case WIN_FLUSH_CACHE:
1954 case WIN_FLUSH_CACHE_EXT:
1955 ide_flush_cache(s);
1956 break;
1957 case WIN_STANDBY:
1958 case WIN_STANDBY2:
1959 case WIN_STANDBYNOW1:
1960 case WIN_STANDBYNOW2:
1961 case WIN_IDLEIMMEDIATE:
1962 case CFA_IDLEIMMEDIATE:
1963 case WIN_SETIDLE1:
1964 case WIN_SETIDLE2:
1965 case WIN_SLEEPNOW1:
1966 case WIN_SLEEPNOW2:
1967 s->status = READY_STAT;
1968 ide_set_irq(s->bus);
1969 break;
1970 case WIN_SEEK:
1971 if(s->drive_kind == IDE_CD)
1972 goto abort_cmd;
1973 /* XXX: Check that seek is within bounds */
1974 s->status = READY_STAT | SEEK_STAT;
1975 ide_set_irq(s->bus);
1976 break;
1977 /* ATAPI commands */
1978 case WIN_PIDENTIFY:
1979 if (s->drive_kind == IDE_CD) {
1980 ide_atapi_identify(s);
1981 s->status = READY_STAT | SEEK_STAT;
1982 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1983 } else {
1984 ide_abort_command(s);
1985 }
1986 ide_set_irq(s->bus);
1987 break;
1988 case WIN_DIAGNOSE:
1989 ide_set_signature(s);
1990 if (s->drive_kind == IDE_CD)
1991 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet
1992 * devices to return a clear status register
1993 * with READY_STAT *not* set. */
1994 else
1995 s->status = READY_STAT | SEEK_STAT;
1996 s->error = 0x01; /* Device 0 passed, Device 1 passed or not
1997 * present.
1998 */
1999 ide_set_irq(s->bus);
2000 break;
2001 case WIN_SRST:
2002 if (s->drive_kind != IDE_CD)
2003 goto abort_cmd;
2004 ide_set_signature(s);
2005 s->status = 0x00; /* NOTE: READY is _not_ set */
2006 s->error = 0x01;
2007 break;
2008 case WIN_PACKETCMD:
2009 if (s->drive_kind != IDE_CD)
2010 goto abort_cmd;
2011 /* overlapping commands not supported */
2012 if (s->feature & 0x02)
2013 goto abort_cmd;
2014 s->status = READY_STAT | SEEK_STAT;
2015 s->atapi_dma = s->feature & 1;
2016 s->nsector = 1;
2017 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
2018 ide_atapi_cmd);
2019 break;
2020 /* CF-ATA commands */
2021 case CFA_REQ_EXT_ERROR_CODE:
2022 if (s->drive_kind != IDE_CFATA)
2023 goto abort_cmd;
2024 s->error = 0x09; /* miscellaneous error */
2025 s->status = READY_STAT | SEEK_STAT;
2026 ide_set_irq(s->bus);
2027 break;
2028 case CFA_ERASE_SECTORS:
2029 case CFA_WEAR_LEVEL:
2030 if (s->drive_kind != IDE_CFATA)
2031 goto abort_cmd;
2032 if (val == CFA_WEAR_LEVEL)
2033 s->nsector = 0;
2034 if (val == CFA_ERASE_SECTORS)
2035 s->media_changed = 1;
2036 s->error = 0x00;
2037 s->status = READY_STAT | SEEK_STAT;
2038 ide_set_irq(s->bus);
2039 break;
2040 case CFA_TRANSLATE_SECTOR:
2041 if (s->drive_kind != IDE_CFATA)
2042 goto abort_cmd;
2043 s->error = 0x00;
2044 s->status = READY_STAT | SEEK_STAT;
2045 memset(s->io_buffer, 0, 0x200);
2046 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
2047 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
2048 s->io_buffer[0x02] = s->select; /* Head */
2049 s->io_buffer[0x03] = s->sector; /* Sector */
2050 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
2051 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
2052 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
2053 s->io_buffer[0x13] = 0x00; /* Erase flag */
2054 s->io_buffer[0x18] = 0x00; /* Hot count */
2055 s->io_buffer[0x19] = 0x00; /* Hot count */
2056 s->io_buffer[0x1a] = 0x01; /* Hot count */
2057 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2058 ide_set_irq(s->bus);
2059 break;
2060 case CFA_ACCESS_METADATA_STORAGE:
2061 if (s->drive_kind != IDE_CFATA)
2062 goto abort_cmd;
2063 switch (s->feature) {
2064 case 0x02: /* Inquiry Metadata Storage */
2065 ide_cfata_metadata_inquiry(s);
2066 break;
2067 case 0x03: /* Read Metadata Storage */
2068 ide_cfata_metadata_read(s);
2069 break;
2070 case 0x04: /* Write Metadata Storage */
2071 ide_cfata_metadata_write(s);
2072 break;
2073 default:
2074 goto abort_cmd;
2075 }
2076 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2077 s->status = 0x00; /* NOTE: READY is _not_ set */
2078 ide_set_irq(s->bus);
2079 break;
2080 case IBM_SENSE_CONDITION:
2081 if (s->drive_kind != IDE_CFATA)
2082 goto abort_cmd;
2083 switch (s->feature) {
2084 case 0x01: /* sense temperature in device */
2085 s->nsector = 0x50; /* +20 C */
2086 break;
2087 default:
2088 goto abort_cmd;
2089 }
2090 s->status = READY_STAT | SEEK_STAT;
2091 ide_set_irq(s->bus);
2092 break;
2093
2094 case WIN_SMART:
2095 if (s->drive_kind == IDE_CD)
2096 goto abort_cmd;
2097 if (s->hcyl != 0xc2 || s->lcyl != 0x4f)
2098 goto abort_cmd;
2099 if (!s->smart_enabled && s->feature != SMART_ENABLE)
2100 goto abort_cmd;
2101 switch (s->feature) {
2102 case SMART_DISABLE:
2103 s->smart_enabled = 0;
2104 s->status = READY_STAT | SEEK_STAT;
2105 ide_set_irq(s->bus);
2106 break;
2107 case SMART_ENABLE:
2108 s->smart_enabled = 1;
2109 s->status = READY_STAT | SEEK_STAT;
2110 ide_set_irq(s->bus);
2111 break;
2112 case SMART_ATTR_AUTOSAVE:
2113 switch (s->sector) {
2114 case 0x00:
2115 s->smart_autosave = 0;
2116 break;
2117 case 0xf1:
2118 s->smart_autosave = 1;
2119 break;
2120 default:
2121 goto abort_cmd;
2122 }
2123 s->status = READY_STAT | SEEK_STAT;
2124 ide_set_irq(s->bus);
2125 break;
2126 case SMART_STATUS:
2127 if (!s->smart_errors) {
2128 s->hcyl = 0xc2;
2129 s->lcyl = 0x4f;
2130 } else {
2131 s->hcyl = 0x2c;
2132 s->lcyl = 0xf4;
2133 }
2134 s->status = READY_STAT | SEEK_STAT;
2135 ide_set_irq(s->bus);
2136 break;
2137 case SMART_READ_THRESH:
2138 memset(s->io_buffer, 0, 0x200);
2139 s->io_buffer[0] = 0x01; /* smart struct version */
2140 for (n=0; n<30; n++) {
2141 if (smart_attributes[n][0] == 0)
2142 break;
2143 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0];
2144 s->io_buffer[2+1+(n*12)] = smart_attributes[n][11];
2145 }
2146 for (n=0; n<511; n++) /* checksum */
2147 s->io_buffer[511] += s->io_buffer[n];
2148 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2149 s->status = READY_STAT | SEEK_STAT;
2150 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2151 ide_set_irq(s->bus);
2152 break;
2153 case SMART_READ_DATA:
2154 memset(s->io_buffer, 0, 0x200);
2155 s->io_buffer[0] = 0x01; /* smart struct version */
2156 for (n=0; n<30; n++) {
2157 if (smart_attributes[n][0] == 0) {
2158 break;
2159 }
2160 int i;
2161 for(i = 0; i < 11; i++) {
2162 s->io_buffer[2+i+(n*12)] = smart_attributes[n][i];
2163 }
2164 }
2165 s->io_buffer[362] = 0x02 | (s->smart_autosave?0x80:0x00);
2166 if (s->smart_selftest_count == 0) {
2167 s->io_buffer[363] = 0;
2168 } else {
2169 s->io_buffer[363] =
2170 s->smart_selftest_data[3 +
2171 (s->smart_selftest_count - 1) *
2172 24];
2173 }
2174 s->io_buffer[364] = 0x20;
2175 s->io_buffer[365] = 0x01;
2176 /* offline data collection capacity: execute + self-test*/
2177 s->io_buffer[367] = (1<<4 | 1<<3 | 1);
2178 s->io_buffer[368] = 0x03; /* smart capability (1) */
2179 s->io_buffer[369] = 0x00; /* smart capability (2) */
2180 s->io_buffer[370] = 0x01; /* error logging supported */
2181 s->io_buffer[372] = 0x02; /* minutes for poll short test */
2182 s->io_buffer[373] = 0x36; /* minutes for poll ext test */
2183 s->io_buffer[374] = 0x01; /* minutes for poll conveyance */
2184
2185 for (n=0; n<511; n++)
2186 s->io_buffer[511] += s->io_buffer[n];
2187 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2188 s->status = READY_STAT | SEEK_STAT;
2189 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2190 ide_set_irq(s->bus);
2191 break;
2192 case SMART_READ_LOG:
2193 switch (s->sector) {
2194 case 0x01: /* summary smart error log */
2195 memset(s->io_buffer, 0, 0x200);
2196 s->io_buffer[0] = 0x01;
2197 s->io_buffer[1] = 0x00; /* no error entries */
2198 s->io_buffer[452] = s->smart_errors & 0xff;
2199 s->io_buffer[453] = (s->smart_errors & 0xff00) >> 8;
2200
2201 for (n=0; n<511; n++)
2202 s->io_buffer[511] += s->io_buffer[n];
2203 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2204 break;
2205 case 0x06: /* smart self test log */
2206 memset(s->io_buffer, 0, 0x200);
2207 s->io_buffer[0] = 0x01;
2208 if (s->smart_selftest_count == 0) {
2209 s->io_buffer[508] = 0;
2210 } else {
2211 s->io_buffer[508] = s->smart_selftest_count;
2212 for (n=2; n<506; n++)
2213 s->io_buffer[n] = s->smart_selftest_data[n];
2214 }
2215 for (n=0; n<511; n++)
2216 s->io_buffer[511] += s->io_buffer[n];
2217 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2218 break;
2219 default:
2220 goto abort_cmd;
2221 }
2222 s->status = READY_STAT | SEEK_STAT;
2223 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2224 ide_set_irq(s->bus);
2225 break;
2226 case SMART_EXECUTE_OFFLINE:
2227 switch (s->sector) {
2228 case 0: /* off-line routine */
2229 case 1: /* short self test */
2230 case 2: /* extended self test */
2231 s->smart_selftest_count++;
2232 if(s->smart_selftest_count > 21)
2233 s->smart_selftest_count = 0;
2234 n = 2 + (s->smart_selftest_count - 1) * 24;
2235 s->smart_selftest_data[n] = s->sector;
2236 s->smart_selftest_data[n+1] = 0x00; /* OK and finished */
2237 s->smart_selftest_data[n+2] = 0x34; /* hour count lsb */
2238 s->smart_selftest_data[n+3] = 0x12; /* hour count msb */
2239 s->status = READY_STAT | SEEK_STAT;
2240 ide_set_irq(s->bus);
2241 break;
2242 default:
2243 goto abort_cmd;
2244 }
2245 break;
2246 default:
2247 goto abort_cmd;
2248 }
2249 break;
2250 default:
2251 abort_cmd:
2252 ide_abort_command(s);
2253 ide_set_irq(s->bus);
2254 break;
2255 }
2256 }
2257
2258 uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
2259 {
2260 IDEBus *bus = opaque;
2261 IDEState *s = idebus_active_if(bus);
2262 uint32_t addr;
2263 int ret, hob;
2264
2265 addr = addr1 & 7;
2266 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2267 //hob = s->select & (1 << 7);
2268 hob = 0;
2269 switch(addr) {
2270 case 0:
2271 ret = 0xff;
2272 break;
2273 case 1:
2274 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2275 (s != bus->ifs && !s->bs))
2276 ret = 0;
2277 else if (!hob)
2278 ret = s->error;
2279 else
2280 ret = s->hob_feature;
2281 break;
2282 case 2:
2283 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2284 ret = 0;
2285 else if (!hob)
2286 ret = s->nsector & 0xff;
2287 else
2288 ret = s->hob_nsector;
2289 break;
2290 case 3:
2291 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2292 ret = 0;
2293 else if (!hob)
2294 ret = s->sector;
2295 else
2296 ret = s->hob_sector;
2297 break;
2298 case 4:
2299 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2300 ret = 0;
2301 else if (!hob)
2302 ret = s->lcyl;
2303 else
2304 ret = s->hob_lcyl;
2305 break;
2306 case 5:
2307 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2308 ret = 0;
2309 else if (!hob)
2310 ret = s->hcyl;
2311 else
2312 ret = s->hob_hcyl;
2313 break;
2314 case 6:
2315 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2316 ret = 0;
2317 else
2318 ret = s->select;
2319 break;
2320 default:
2321 case 7:
2322 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2323 (s != bus->ifs && !s->bs))
2324 ret = 0;
2325 else
2326 ret = s->status;
2327 qemu_irq_lower(bus->irq);
2328 break;
2329 }
2330 #ifdef DEBUG_IDE
2331 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
2332 #endif
2333 return ret;
2334 }
2335
2336 uint32_t ide_status_read(void *opaque, uint32_t addr)
2337 {
2338 IDEBus *bus = opaque;
2339 IDEState *s = idebus_active_if(bus);
2340 int ret;
2341
2342 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2343 (s != bus->ifs && !s->bs))
2344 ret = 0;
2345 else
2346 ret = s->status;
2347 #ifdef DEBUG_IDE
2348 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
2349 #endif
2350 return ret;
2351 }
2352
2353 void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
2354 {
2355 IDEBus *bus = opaque;
2356 IDEState *s;
2357 int i;
2358
2359 #ifdef DEBUG_IDE
2360 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
2361 #endif
2362 /* common for both drives */
2363 if (!(bus->cmd & IDE_CMD_RESET) &&
2364 (val & IDE_CMD_RESET)) {
2365 /* reset low to high */
2366 for(i = 0;i < 2; i++) {
2367 s = &bus->ifs[i];
2368 s->status = BUSY_STAT | SEEK_STAT;
2369 s->error = 0x01;
2370 }
2371 } else if ((bus->cmd & IDE_CMD_RESET) &&
2372 !(val & IDE_CMD_RESET)) {
2373 /* high to low */
2374 for(i = 0;i < 2; i++) {
2375 s = &bus->ifs[i];
2376 if (s->drive_kind == IDE_CD)
2377 s->status = 0x00; /* NOTE: READY is _not_ set */
2378 else
2379 s->status = READY_STAT | SEEK_STAT;
2380 ide_set_signature(s);
2381 }
2382 }
2383
2384 bus->cmd = val;
2385 }
2386
2387 void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
2388 {
2389 IDEBus *bus = opaque;
2390 IDEState *s = idebus_active_if(bus);
2391 uint8_t *p;
2392
2393 /* PIO data access allowed only when DRQ bit is set */
2394 if (!(s->status & DRQ_STAT))
2395 return;
2396
2397 p = s->data_ptr;
2398 *(uint16_t *)p = le16_to_cpu(val);
2399 p += 2;
2400 s->data_ptr = p;
2401 if (p >= s->data_end)
2402 s->end_transfer_func(s);
2403 }
2404
2405 uint32_t ide_data_readw(void *opaque, uint32_t addr)
2406 {
2407 IDEBus *bus = opaque;
2408 IDEState *s = idebus_active_if(bus);
2409 uint8_t *p;
2410 int ret;
2411
2412 /* PIO data access allowed only when DRQ bit is set */
2413 if (!(s->status & DRQ_STAT))
2414 return 0;
2415
2416 p = s->data_ptr;
2417 ret = cpu_to_le16(*(uint16_t *)p);
2418 p += 2;
2419 s->data_ptr = p;
2420 if (p >= s->data_end)
2421 s->end_transfer_func(s);
2422 return ret;
2423 }
2424
2425 void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
2426 {
2427 IDEBus *bus = opaque;
2428 IDEState *s = idebus_active_if(bus);
2429 uint8_t *p;
2430
2431 /* PIO data access allowed only when DRQ bit is set */
2432 if (!(s->status & DRQ_STAT))
2433 return;
2434
2435 p = s->data_ptr;
2436 *(uint32_t *)p = le32_to_cpu(val);
2437 p += 4;
2438 s->data_ptr = p;
2439 if (p >= s->data_end)
2440 s->end_transfer_func(s);
2441 }
2442
2443 uint32_t ide_data_readl(void *opaque, uint32_t addr)
2444 {
2445 IDEBus *bus = opaque;
2446 IDEState *s = idebus_active_if(bus);
2447 uint8_t *p;
2448 int ret;
2449
2450 /* PIO data access allowed only when DRQ bit is set */
2451 if (!(s->status & DRQ_STAT))
2452 return 0;
2453
2454 p = s->data_ptr;
2455 ret = cpu_to_le32(*(uint32_t *)p);
2456 p += 4;
2457 s->data_ptr = p;
2458 if (p >= s->data_end)
2459 s->end_transfer_func(s);
2460 return ret;
2461 }
2462
2463 static void ide_dummy_transfer_stop(IDEState *s)
2464 {
2465 s->data_ptr = s->io_buffer;
2466 s->data_end = s->io_buffer;
2467 s->io_buffer[0] = 0xff;
2468 s->io_buffer[1] = 0xff;
2469 s->io_buffer[2] = 0xff;
2470 s->io_buffer[3] = 0xff;
2471 }
2472
2473 static void ide_reset(IDEState *s)
2474 {
2475 #ifdef DEBUG_IDE
2476 printf("ide: reset\n");
2477 #endif
2478 if (s->drive_kind == IDE_CFATA)
2479 s->mult_sectors = 0;
2480 else
2481 s->mult_sectors = MAX_MULT_SECTORS;
2482 /* ide regs */
2483 s->feature = 0;
2484 s->error = 0;
2485 s->nsector = 0;
2486 s->sector = 0;
2487 s->lcyl = 0;
2488 s->hcyl = 0;
2489
2490 /* lba48 */
2491 s->hob_feature = 0;
2492 s->hob_sector = 0;
2493 s->hob_nsector = 0;
2494 s->hob_lcyl = 0;
2495 s->hob_hcyl = 0;
2496
2497 s->select = 0xa0;
2498 s->status = READY_STAT | SEEK_STAT;
2499
2500 s->lba48 = 0;
2501
2502 /* ATAPI specific */
2503 s->sense_key = 0;
2504 s->asc = 0;
2505 s->cdrom_changed = 0;
2506 s->packet_transfer_size = 0;
2507 s->elementary_transfer_size = 0;
2508 s->io_buffer_index = 0;
2509 s->cd_sector_size = 0;
2510 s->atapi_dma = 0;
2511 /* ATA DMA state */
2512 s->io_buffer_size = 0;
2513 s->req_nb_sectors = 0;
2514
2515 ide_set_signature(s);
2516 /* init the transfer handler so that 0xffff is returned on data
2517 accesses */
2518 s->end_transfer_func = ide_dummy_transfer_stop;
2519 ide_dummy_transfer_stop(s);
2520 s->media_changed = 0;
2521 }
2522
2523 void ide_bus_reset(IDEBus *bus)
2524 {
2525 bus->unit = 0;
2526 bus->cmd = 0;
2527 ide_reset(&bus->ifs[0]);
2528 ide_reset(&bus->ifs[1]);
2529 ide_clear_hob(bus);
2530
2531 /* pending async DMA */
2532 if (bus->dma->aiocb) {
2533 #ifdef DEBUG_AIO
2534 printf("aio_cancel\n");
2535 #endif
2536 bdrv_aio_cancel(bus->dma->aiocb);
2537 bus->dma->aiocb = NULL;
2538 }
2539
2540 /* reset dma provider too */
2541 bus->dma->ops->reset(bus->dma);
2542 }
2543
2544 int ide_init_drive(IDEState *s, BlockDriverState *bs,
2545 const char *version, const char *serial)
2546 {
2547 int cylinders, heads, secs;
2548 uint64_t nb_sectors;
2549
2550 s->bs = bs;
2551 bdrv_get_geometry(bs, &nb_sectors);
2552 bdrv_guess_geometry(bs, &cylinders, &heads, &secs);
2553 if (cylinders < 1 || cylinders > 16383) {
2554 error_report("cyls must be between 1 and 16383");
2555 return -1;
2556 }
2557 if (heads < 1 || heads > 16) {
2558 error_report("heads must be between 1 and 16");
2559 return -1;
2560 }
2561 if (secs < 1 || secs > 63) {
2562 error_report("secs must be between 1 and 63");
2563 return -1;
2564 }
2565 s->cylinders = cylinders;
2566 s->heads = heads;
2567 s->sectors = secs;
2568 s->nb_sectors = nb_sectors;
2569 /* The SMART values should be preserved across power cycles
2570 but they aren't. */
2571 s->smart_enabled = 1;
2572 s->smart_autosave = 1;
2573 s->smart_errors = 0;
2574 s->smart_selftest_count = 0;
2575 if (bdrv_get_type_hint(bs) == BDRV_TYPE_CDROM) {
2576 s->drive_kind = IDE_CD;
2577 bdrv_set_change_cb(bs, cdrom_change_cb, s);
2578 bs->buffer_alignment = 2048;
2579 } else {
2580 if (!bdrv_is_inserted(s->bs)) {
2581 error_report("Device needs media, but drive is empty");
2582 return -1;
2583 }
2584 if (bdrv_is_read_only(bs)) {
2585 error_report("Can't use a read-only drive");
2586 return -1;
2587 }
2588 }
2589 if (serial) {
2590 strncpy(s->drive_serial_str, serial, sizeof(s->drive_serial_str));
2591 } else {
2592 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str),
2593 "QM%05d", s->drive_serial);
2594 }
2595 if (version) {
2596 pstrcpy(s->version, sizeof(s->version), version);
2597 } else {
2598 pstrcpy(s->version, sizeof(s->version), QEMU_VERSION);
2599 }
2600
2601 ide_reset(s);
2602 bdrv_set_removable(bs, s->drive_kind == IDE_CD);
2603 return 0;
2604 }
2605
2606 static void ide_init1(IDEBus *bus, int unit)
2607 {
2608 static int drive_serial = 1;
2609 IDEState *s = &bus->ifs[unit];
2610
2611 s->bus = bus;
2612 s->unit = unit;
2613 s->drive_serial = drive_serial++;
2614 /* we need at least 2k alignment for accessing CDROMs using O_DIRECT */
2615 s->io_buffer = qemu_memalign(2048, IDE_DMA_BUF_SECTORS*512 + 4);
2616 s->io_buffer_total_len = IDE_DMA_BUF_SECTORS*512 + 4;
2617 s->smart_selftest_data = qemu_blockalign(s->bs, 512);
2618 s->sector_write_timer = qemu_new_timer_ns(vm_clock,
2619 ide_sector_write_timer_cb, s);
2620 }
2621
2622 static void ide_nop_start(IDEDMA *dma, IDEState *s,
2623 BlockDriverCompletionFunc *cb)
2624 {
2625 }
2626
2627 static int ide_nop(IDEDMA *dma)
2628 {
2629 return 0;
2630 }
2631
2632 static int ide_nop_int(IDEDMA *dma, int x)
2633 {
2634 return 0;
2635 }
2636
2637 static void ide_nop_restart(void *opaque, int x, int y)
2638 {
2639 }
2640
2641 static const IDEDMAOps ide_dma_nop_ops = {
2642 .start_dma = ide_nop_start,
2643 .start_transfer = ide_nop,
2644 .prepare_buf = ide_nop_int,
2645 .rw_buf = ide_nop_int,
2646 .set_unit = ide_nop_int,
2647 .add_status = ide_nop_int,
2648 .set_inactive = ide_nop,
2649 .restart_cb = ide_nop_restart,
2650 .reset = ide_nop,
2651 };
2652
2653 static IDEDMA ide_dma_nop = {
2654 .ops = &ide_dma_nop_ops,
2655 .aiocb = NULL,
2656 };
2657
2658 void ide_init2(IDEBus *bus, qemu_irq irq)
2659 {
2660 int i;
2661
2662 for(i = 0; i < 2; i++) {
2663 ide_init1(bus, i);
2664 ide_reset(&bus->ifs[i]);
2665 }
2666 bus->irq = irq;
2667 bus->dma = &ide_dma_nop;
2668 }
2669
2670 /* TODO convert users to qdev and remove */
2671 void ide_init2_with_non_qdev_drives(IDEBus *bus, DriveInfo *hd0,
2672 DriveInfo *hd1, qemu_irq irq)
2673 {
2674 int i;
2675 DriveInfo *dinfo;
2676
2677 for(i = 0; i < 2; i++) {
2678 dinfo = i == 0 ? hd0 : hd1;
2679 ide_init1(bus, i);
2680 if (dinfo) {
2681 if (ide_init_drive(&bus->ifs[i], dinfo->bdrv, NULL,
2682 *dinfo->serial ? dinfo->serial : NULL) < 0) {
2683 error_report("Can't set up IDE drive %s", dinfo->id);
2684 exit(1);
2685 }
2686 } else {
2687 ide_reset(&bus->ifs[i]);
2688 }
2689 }
2690 bus->irq = irq;
2691 bus->dma = &ide_dma_nop;
2692 }
2693
2694 void ide_init_ioport(IDEBus *bus, int iobase, int iobase2)
2695 {
2696 register_ioport_write(iobase, 8, 1, ide_ioport_write, bus);
2697 register_ioport_read(iobase, 8, 1, ide_ioport_read, bus);
2698 if (iobase2) {
2699 register_ioport_read(iobase2, 1, 1, ide_status_read, bus);
2700 register_ioport_write(iobase2, 1, 1, ide_cmd_write, bus);
2701 }
2702
2703 /* data ports */
2704 register_ioport_write(iobase, 2, 2, ide_data_writew, bus);
2705 register_ioport_read(iobase, 2, 2, ide_data_readw, bus);
2706 register_ioport_write(iobase, 4, 4, ide_data_writel, bus);
2707 register_ioport_read(iobase, 4, 4, ide_data_readl, bus);
2708 }
2709
2710 static bool is_identify_set(void *opaque, int version_id)
2711 {
2712 IDEState *s = opaque;
2713
2714 return s->identify_set != 0;
2715 }
2716
2717 static EndTransferFunc* transfer_end_table[] = {
2718 ide_sector_read,
2719 ide_sector_write,
2720 ide_transfer_stop,
2721 ide_atapi_cmd_reply_end,
2722 ide_atapi_cmd,
2723 ide_dummy_transfer_stop,
2724 };
2725
2726 static int transfer_end_table_idx(EndTransferFunc *fn)
2727 {
2728 int i;
2729
2730 for (i = 0; i < ARRAY_SIZE(transfer_end_table); i++)
2731 if (transfer_end_table[i] == fn)
2732 return i;
2733
2734 return -1;
2735 }
2736
2737 static int ide_drive_post_load(void *opaque, int version_id)
2738 {
2739 IDEState *s = opaque;
2740
2741 if (version_id < 3) {
2742 if (s->sense_key == SENSE_UNIT_ATTENTION &&
2743 s->asc == ASC_MEDIUM_MAY_HAVE_CHANGED) {
2744 s->cdrom_changed = 1;
2745 }
2746 }
2747 return 0;
2748 }
2749
2750 static int ide_drive_pio_post_load(void *opaque, int version_id)
2751 {
2752 IDEState *s = opaque;
2753
2754 if (s->end_transfer_fn_idx > ARRAY_SIZE(transfer_end_table)) {
2755 return -EINVAL;
2756 }
2757 s->end_transfer_func = transfer_end_table[s->end_transfer_fn_idx];
2758 s->data_ptr = s->io_buffer + s->cur_io_buffer_offset;
2759 s->data_end = s->data_ptr + s->cur_io_buffer_len;
2760
2761 return 0;
2762 }
2763
2764 static void ide_drive_pio_pre_save(void *opaque)
2765 {
2766 IDEState *s = opaque;
2767 int idx;
2768
2769 s->cur_io_buffer_offset = s->data_ptr - s->io_buffer;
2770 s->cur_io_buffer_len = s->data_end - s->data_ptr;
2771
2772 idx = transfer_end_table_idx(s->end_transfer_func);
2773 if (idx == -1) {
2774 fprintf(stderr, "%s: invalid end_transfer_func for DRQ_STAT\n",
2775 __func__);
2776 s->end_transfer_fn_idx = 2;
2777 } else {
2778 s->end_transfer_fn_idx = idx;
2779 }
2780 }
2781
2782 static bool ide_drive_pio_state_needed(void *opaque)
2783 {
2784 IDEState *s = opaque;
2785
2786 return (s->status & DRQ_STAT) != 0;
2787 }
2788
2789 const VMStateDescription vmstate_ide_drive_pio_state = {
2790 .name = "ide_drive/pio_state",
2791 .version_id = 1,
2792 .minimum_version_id = 1,
2793 .minimum_version_id_old = 1,
2794 .pre_save = ide_drive_pio_pre_save,
2795 .post_load = ide_drive_pio_post_load,
2796 .fields = (VMStateField []) {
2797 VMSTATE_INT32(req_nb_sectors, IDEState),
2798 VMSTATE_VARRAY_INT32(io_buffer, IDEState, io_buffer_total_len, 1,
2799 vmstate_info_uint8, uint8_t),
2800 VMSTATE_INT32(cur_io_buffer_offset, IDEState),
2801 VMSTATE_INT32(cur_io_buffer_len, IDEState),
2802 VMSTATE_UINT8(end_transfer_fn_idx, IDEState),
2803 VMSTATE_INT32(elementary_transfer_size, IDEState),
2804 VMSTATE_INT32(packet_transfer_size, IDEState),
2805 VMSTATE_END_OF_LIST()
2806 }
2807 };
2808
2809 const VMStateDescription vmstate_ide_drive = {
2810 .name = "ide_drive",
2811 .version_id = 3,
2812 .minimum_version_id = 0,
2813 .minimum_version_id_old = 0,
2814 .post_load = ide_drive_post_load,
2815 .fields = (VMStateField []) {
2816 VMSTATE_INT32(mult_sectors, IDEState),
2817 VMSTATE_INT32(identify_set, IDEState),
2818 VMSTATE_BUFFER_TEST(identify_data, IDEState, is_identify_set),
2819 VMSTATE_UINT8(feature, IDEState),
2820 VMSTATE_UINT8(error, IDEState),
2821 VMSTATE_UINT32(nsector, IDEState),
2822 VMSTATE_UINT8(sector, IDEState),
2823 VMSTATE_UINT8(lcyl, IDEState),
2824 VMSTATE_UINT8(hcyl, IDEState),
2825 VMSTATE_UINT8(hob_feature, IDEState),
2826 VMSTATE_UINT8(hob_sector, IDEState),
2827 VMSTATE_UINT8(hob_nsector, IDEState),
2828 VMSTATE_UINT8(hob_lcyl, IDEState),
2829 VMSTATE_UINT8(hob_hcyl, IDEState),
2830 VMSTATE_UINT8(select, IDEState),
2831 VMSTATE_UINT8(status, IDEState),
2832 VMSTATE_UINT8(lba48, IDEState),
2833 VMSTATE_UINT8(sense_key, IDEState),
2834 VMSTATE_UINT8(asc, IDEState),
2835 VMSTATE_UINT8_V(cdrom_changed, IDEState, 3),
2836 VMSTATE_END_OF_LIST()
2837 },
2838 .subsections = (VMStateSubsection []) {
2839 {
2840 .vmsd = &vmstate_ide_drive_pio_state,
2841 .needed = ide_drive_pio_state_needed,
2842 }, {
2843 /* empty */
2844 }
2845 }
2846 };
2847
2848 const VMStateDescription vmstate_ide_bus = {
2849 .name = "ide_bus",
2850 .version_id = 1,
2851 .minimum_version_id = 1,
2852 .minimum_version_id_old = 1,
2853 .fields = (VMStateField []) {
2854 VMSTATE_UINT8(cmd, IDEBus),
2855 VMSTATE_UINT8(unit, IDEBus),
2856 VMSTATE_END_OF_LIST()
2857 }
2858 };
2859
2860 void ide_drive_get(DriveInfo **hd, int max_bus)
2861 {
2862 int i;
2863
2864 if (drive_get_max_bus(IF_IDE) >= max_bus) {
2865 fprintf(stderr, "qemu: too many IDE bus: %d\n", max_bus);
2866 exit(1);
2867 }
2868
2869 for(i = 0; i < max_bus * MAX_IDE_DEVS; i++) {
2870 hd[i] = drive_get(IF_IDE, i / MAX_IDE_DEVS, i % MAX_IDE_DEVS);
2871 }
2872 }
Qemu copy for testing