2 * QEMU IDE disk and CD/DVD-ROM Emulator
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
31 #include "block_int.h"
32 #include "qemu-timer.h"
36 #include <hw/ide/internal.h>
38 static int smart_attributes
[][5] = {
39 /* id, flags, val, wrst, thrsh */
40 { 0x01, 0x03, 0x64, 0x64, 0x06}, /* raw read */
41 { 0x03, 0x03, 0x64, 0x64, 0x46}, /* spin up */
42 { 0x04, 0x02, 0x64, 0x64, 0x14}, /* start stop count */
43 { 0x05, 0x03, 0x64, 0x64, 0x36}, /* remapped sectors */
44 { 0x00, 0x00, 0x00, 0x00, 0x00}
47 /* XXX: DVDs that could fit on a CD will be reported as a CD */
48 static inline int media_present(IDEState
*s
)
50 return (s
->nb_sectors
> 0);
53 static inline int media_is_dvd(IDEState
*s
)
55 return (media_present(s
) && s
->nb_sectors
> CD_MAX_SECTORS
);
58 static inline int media_is_cd(IDEState
*s
)
60 return (media_present(s
) && s
->nb_sectors
<= CD_MAX_SECTORS
);
63 static void ide_dma_start(IDEState
*s
, BlockDriverCompletionFunc
*dma_cb
);
64 static void ide_dma_restart(IDEState
*s
, int is_read
);
65 static void ide_atapi_cmd_read_dma_cb(void *opaque
, int ret
);
66 static int ide_handle_rw_error(IDEState
*s
, int error
, int op
);
68 static void padstr(char *str
, const char *src
, int len
)
71 for(i
= 0; i
< len
; i
++) {
80 static void padstr8(uint8_t *buf
, int buf_size
, const char *src
)
83 for(i
= 0; i
< buf_size
; i
++) {
91 static void put_le16(uint16_t *p
, unsigned int v
)
96 static void ide_identify(IDEState
*s
)
101 if (s
->identify_set
) {
102 memcpy(s
->io_buffer
, s
->identify_data
, sizeof(s
->identify_data
));
106 memset(s
->io_buffer
, 0, 512);
107 p
= (uint16_t *)s
->io_buffer
;
108 put_le16(p
+ 0, 0x0040);
109 put_le16(p
+ 1, s
->cylinders
);
110 put_le16(p
+ 3, s
->heads
);
111 put_le16(p
+ 4, 512 * s
->sectors
); /* XXX: retired, remove ? */
112 put_le16(p
+ 5, 512); /* XXX: retired, remove ? */
113 put_le16(p
+ 6, s
->sectors
);
114 padstr((char *)(p
+ 10), s
->drive_serial_str
, 20); /* serial number */
115 put_le16(p
+ 20, 3); /* XXX: retired, remove ? */
116 put_le16(p
+ 21, 512); /* cache size in sectors */
117 put_le16(p
+ 22, 4); /* ecc bytes */
118 padstr((char *)(p
+ 23), QEMU_VERSION
, 8); /* firmware version */
119 padstr((char *)(p
+ 27), "QEMU HARDDISK", 40); /* model */
120 #if MAX_MULT_SECTORS > 1
121 put_le16(p
+ 47, 0x8000 | MAX_MULT_SECTORS
);
123 put_le16(p
+ 48, 1); /* dword I/O */
124 put_le16(p
+ 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
125 put_le16(p
+ 51, 0x200); /* PIO transfer cycle */
126 put_le16(p
+ 52, 0x200); /* DMA transfer cycle */
127 put_le16(p
+ 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
128 put_le16(p
+ 54, s
->cylinders
);
129 put_le16(p
+ 55, s
->heads
);
130 put_le16(p
+ 56, s
->sectors
);
131 oldsize
= s
->cylinders
* s
->heads
* s
->sectors
;
132 put_le16(p
+ 57, oldsize
);
133 put_le16(p
+ 58, oldsize
>> 16);
135 put_le16(p
+ 59, 0x100 | s
->mult_sectors
);
136 put_le16(p
+ 60, s
->nb_sectors
);
137 put_le16(p
+ 61, s
->nb_sectors
>> 16);
138 put_le16(p
+ 62, 0x07); /* single word dma0-2 supported */
139 put_le16(p
+ 63, 0x07); /* mdma0-2 supported */
140 put_le16(p
+ 65, 120);
141 put_le16(p
+ 66, 120);
142 put_le16(p
+ 67, 120);
143 put_le16(p
+ 68, 120);
144 put_le16(p
+ 80, 0xf0); /* ata3 -> ata6 supported */
145 put_le16(p
+ 81, 0x16); /* conforms to ata5 */
146 /* 14=NOP supported, 0=SMART supported */
147 put_le16(p
+ 82, (1 << 14) | 1);
148 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
149 put_le16(p
+ 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
150 /* 14=set to 1, 1=SMART self test, 0=SMART error logging */
151 put_le16(p
+ 84, (1 << 14) | 0);
152 /* 14 = NOP supported, 5=WCACHE enabled, 0=SMART feature set enabled */
153 if (bdrv_enable_write_cache(s
->bs
))
154 put_le16(p
+ 85, (1 << 14) | (1 << 5) | 1);
156 put_le16(p
+ 85, (1 << 14) | 1);
157 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
158 put_le16(p
+ 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
159 /* 14=set to 1, 1=smart self test, 0=smart error logging */
160 put_le16(p
+ 87, (1 << 14) | 0);
161 put_le16(p
+ 88, 0x3f | (1 << 13)); /* udma5 set and supported */
162 put_le16(p
+ 93, 1 | (1 << 14) | 0x2000);
163 put_le16(p
+ 100, s
->nb_sectors
);
164 put_le16(p
+ 101, s
->nb_sectors
>> 16);
165 put_le16(p
+ 102, s
->nb_sectors
>> 32);
166 put_le16(p
+ 103, s
->nb_sectors
>> 48);
168 memcpy(s
->identify_data
, p
, sizeof(s
->identify_data
));
172 static void ide_atapi_identify(IDEState
*s
)
176 if (s
->identify_set
) {
177 memcpy(s
->io_buffer
, s
->identify_data
, sizeof(s
->identify_data
));
181 memset(s
->io_buffer
, 0, 512);
182 p
= (uint16_t *)s
->io_buffer
;
183 /* Removable CDROM, 50us response, 12 byte packets */
184 put_le16(p
+ 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
185 padstr((char *)(p
+ 10), s
->drive_serial_str
, 20); /* serial number */
186 put_le16(p
+ 20, 3); /* buffer type */
187 put_le16(p
+ 21, 512); /* cache size in sectors */
188 put_le16(p
+ 22, 4); /* ecc bytes */
189 padstr((char *)(p
+ 23), QEMU_VERSION
, 8); /* firmware version */
190 padstr((char *)(p
+ 27), "QEMU DVD-ROM", 40); /* model */
191 put_le16(p
+ 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
193 put_le16(p
+ 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
194 put_le16(p
+ 53, 7); /* words 64-70, 54-58, 88 valid */
195 put_le16(p
+ 62, 7); /* single word dma0-2 supported */
196 put_le16(p
+ 63, 7); /* mdma0-2 supported */
197 put_le16(p
+ 64, 0x3f); /* PIO modes supported */
199 put_le16(p
+ 49, 1 << 9); /* LBA supported, no DMA */
200 put_le16(p
+ 53, 3); /* words 64-70, 54-58 valid */
201 put_le16(p
+ 63, 0x103); /* DMA modes XXX: may be incorrect */
202 put_le16(p
+ 64, 1); /* PIO modes */
204 put_le16(p
+ 65, 0xb4); /* minimum DMA multiword tx cycle time */
205 put_le16(p
+ 66, 0xb4); /* recommended DMA multiword tx cycle time */
206 put_le16(p
+ 67, 0x12c); /* minimum PIO cycle time without flow control */
207 put_le16(p
+ 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
209 put_le16(p
+ 71, 30); /* in ns */
210 put_le16(p
+ 72, 30); /* in ns */
212 put_le16(p
+ 80, 0x1e); /* support up to ATA/ATAPI-4 */
214 put_le16(p
+ 88, 0x3f | (1 << 13)); /* udma5 set and supported */
216 memcpy(s
->identify_data
, p
, sizeof(s
->identify_data
));
220 static void ide_cfata_identify(IDEState
*s
)
225 p
= (uint16_t *) s
->identify_data
;
229 memset(p
, 0, sizeof(s
->identify_data
));
231 cur_sec
= s
->cylinders
* s
->heads
* s
->sectors
;
233 put_le16(p
+ 0, 0x848a); /* CF Storage Card signature */
234 put_le16(p
+ 1, s
->cylinders
); /* Default cylinders */
235 put_le16(p
+ 3, s
->heads
); /* Default heads */
236 put_le16(p
+ 6, s
->sectors
); /* Default sectors per track */
237 put_le16(p
+ 7, s
->nb_sectors
>> 16); /* Sectors per card */
238 put_le16(p
+ 8, s
->nb_sectors
); /* Sectors per card */
239 padstr((char *)(p
+ 10), s
->drive_serial_str
, 20); /* serial number */
240 put_le16(p
+ 22, 0x0004); /* ECC bytes */
241 padstr((char *) (p
+ 23), QEMU_VERSION
, 8); /* Firmware Revision */
242 padstr((char *) (p
+ 27), "QEMU MICRODRIVE", 40);/* Model number */
243 #if MAX_MULT_SECTORS > 1
244 put_le16(p
+ 47, 0x8000 | MAX_MULT_SECTORS
);
246 put_le16(p
+ 47, 0x0000);
248 put_le16(p
+ 49, 0x0f00); /* Capabilities */
249 put_le16(p
+ 51, 0x0002); /* PIO cycle timing mode */
250 put_le16(p
+ 52, 0x0001); /* DMA cycle timing mode */
251 put_le16(p
+ 53, 0x0003); /* Translation params valid */
252 put_le16(p
+ 54, s
->cylinders
); /* Current cylinders */
253 put_le16(p
+ 55, s
->heads
); /* Current heads */
254 put_le16(p
+ 56, s
->sectors
); /* Current sectors */
255 put_le16(p
+ 57, cur_sec
); /* Current capacity */
256 put_le16(p
+ 58, cur_sec
>> 16); /* Current capacity */
257 if (s
->mult_sectors
) /* Multiple sector setting */
258 put_le16(p
+ 59, 0x100 | s
->mult_sectors
);
259 put_le16(p
+ 60, s
->nb_sectors
); /* Total LBA sectors */
260 put_le16(p
+ 61, s
->nb_sectors
>> 16); /* Total LBA sectors */
261 put_le16(p
+ 63, 0x0203); /* Multiword DMA capability */
262 put_le16(p
+ 64, 0x0001); /* Flow Control PIO support */
263 put_le16(p
+ 65, 0x0096); /* Min. Multiword DMA cycle */
264 put_le16(p
+ 66, 0x0096); /* Rec. Multiword DMA cycle */
265 put_le16(p
+ 68, 0x00b4); /* Min. PIO cycle time */
266 put_le16(p
+ 82, 0x400c); /* Command Set supported */
267 put_le16(p
+ 83, 0x7068); /* Command Set supported */
268 put_le16(p
+ 84, 0x4000); /* Features supported */
269 put_le16(p
+ 85, 0x000c); /* Command Set enabled */
270 put_le16(p
+ 86, 0x7044); /* Command Set enabled */
271 put_le16(p
+ 87, 0x4000); /* Features enabled */
272 put_le16(p
+ 91, 0x4060); /* Current APM level */
273 put_le16(p
+ 129, 0x0002); /* Current features option */
274 put_le16(p
+ 130, 0x0005); /* Reassigned sectors */
275 put_le16(p
+ 131, 0x0001); /* Initial power mode */
276 put_le16(p
+ 132, 0x0000); /* User signature */
277 put_le16(p
+ 160, 0x8100); /* Power requirement */
278 put_le16(p
+ 161, 0x8001); /* CF command set */
283 memcpy(s
->io_buffer
, p
, sizeof(s
->identify_data
));
286 static void ide_set_signature(IDEState
*s
)
288 s
->select
&= 0xf0; /* clear head */
304 static inline void ide_abort_command(IDEState
*s
)
306 s
->status
= READY_STAT
| ERR_STAT
;
310 static inline void ide_dma_submit_check(IDEState
*s
,
311 BlockDriverCompletionFunc
*dma_cb
, BMDMAState
*bm
)
318 /* prepare data transfer and tell what to do after */
319 static void ide_transfer_start(IDEState
*s
, uint8_t *buf
, int size
,
320 EndTransferFunc
*end_transfer_func
)
322 s
->end_transfer_func
= end_transfer_func
;
324 s
->data_end
= buf
+ size
;
325 if (!(s
->status
& ERR_STAT
))
326 s
->status
|= DRQ_STAT
;
329 static void ide_transfer_stop(IDEState
*s
)
331 s
->end_transfer_func
= ide_transfer_stop
;
332 s
->data_ptr
= s
->io_buffer
;
333 s
->data_end
= s
->io_buffer
;
334 s
->status
&= ~DRQ_STAT
;
337 int64_t ide_get_sector(IDEState
*s
)
340 if (s
->select
& 0x40) {
343 sector_num
= ((s
->select
& 0x0f) << 24) | (s
->hcyl
<< 16) |
344 (s
->lcyl
<< 8) | s
->sector
;
346 sector_num
= ((int64_t)s
->hob_hcyl
<< 40) |
347 ((int64_t) s
->hob_lcyl
<< 32) |
348 ((int64_t) s
->hob_sector
<< 24) |
349 ((int64_t) s
->hcyl
<< 16) |
350 ((int64_t) s
->lcyl
<< 8) | s
->sector
;
353 sector_num
= ((s
->hcyl
<< 8) | s
->lcyl
) * s
->heads
* s
->sectors
+
354 (s
->select
& 0x0f) * s
->sectors
+ (s
->sector
- 1);
359 void ide_set_sector(IDEState
*s
, int64_t sector_num
)
362 if (s
->select
& 0x40) {
364 s
->select
= (s
->select
& 0xf0) | (sector_num
>> 24);
365 s
->hcyl
= (sector_num
>> 16);
366 s
->lcyl
= (sector_num
>> 8);
367 s
->sector
= (sector_num
);
369 s
->sector
= sector_num
;
370 s
->lcyl
= sector_num
>> 8;
371 s
->hcyl
= sector_num
>> 16;
372 s
->hob_sector
= sector_num
>> 24;
373 s
->hob_lcyl
= sector_num
>> 32;
374 s
->hob_hcyl
= sector_num
>> 40;
377 cyl
= sector_num
/ (s
->heads
* s
->sectors
);
378 r
= sector_num
% (s
->heads
* s
->sectors
);
381 s
->select
= (s
->select
& 0xf0) | ((r
/ s
->sectors
) & 0x0f);
382 s
->sector
= (r
% s
->sectors
) + 1;
386 static void ide_rw_error(IDEState
*s
) {
387 ide_abort_command(s
);
391 static void ide_sector_read(IDEState
*s
)
396 s
->status
= READY_STAT
| SEEK_STAT
;
397 s
->error
= 0; /* not needed by IDE spec, but needed by Windows */
398 sector_num
= ide_get_sector(s
);
401 /* no more sector to read from disk */
402 ide_transfer_stop(s
);
404 #if defined(DEBUG_IDE)
405 printf("read sector=%" PRId64
"\n", sector_num
);
407 if (n
> s
->req_nb_sectors
)
408 n
= s
->req_nb_sectors
;
409 ret
= bdrv_read(s
->bs
, sector_num
, s
->io_buffer
, n
);
411 if (ide_handle_rw_error(s
, -ret
,
412 BM_STATUS_PIO_RETRY
| BM_STATUS_RETRY_READ
))
417 ide_transfer_start(s
, s
->io_buffer
, 512 * n
, ide_sector_read
);
419 ide_set_sector(s
, sector_num
+ n
);
425 /* return 0 if buffer completed */
426 static int dma_buf_prepare(BMDMAState
*bm
, int is_write
)
428 IDEState
*s
= bmdma_active_if(bm
);
435 qemu_sglist_init(&s
->sg
, s
->nsector
/ (TARGET_PAGE_SIZE
/512) + 1);
436 s
->io_buffer_size
= 0;
438 if (bm
->cur_prd_len
== 0) {
439 /* end of table (with a fail safe of one page) */
440 if (bm
->cur_prd_last
||
441 (bm
->cur_addr
- bm
->addr
) >= 4096)
442 return s
->io_buffer_size
!= 0;
443 cpu_physical_memory_read(bm
->cur_addr
, (uint8_t *)&prd
, 8);
445 prd
.addr
= le32_to_cpu(prd
.addr
);
446 prd
.size
= le32_to_cpu(prd
.size
);
447 len
= prd
.size
& 0xfffe;
450 bm
->cur_prd_len
= len
;
451 bm
->cur_prd_addr
= prd
.addr
;
452 bm
->cur_prd_last
= (prd
.size
& 0x80000000);
456 qemu_sglist_add(&s
->sg
, bm
->cur_prd_addr
, l
);
457 bm
->cur_prd_addr
+= l
;
458 bm
->cur_prd_len
-= l
;
459 s
->io_buffer_size
+= l
;
465 static void dma_buf_commit(IDEState
*s
, int is_write
)
467 qemu_sglist_destroy(&s
->sg
);
470 void ide_dma_error(IDEState
*s
)
472 ide_transfer_stop(s
);
474 s
->status
= READY_STAT
| ERR_STAT
;
478 static int ide_handle_rw_error(IDEState
*s
, int error
, int op
)
480 int is_read
= (op
& BM_STATUS_RETRY_READ
);
481 BlockInterfaceErrorAction action
= drive_get_on_error(s
->bs
, is_read
);
483 if (action
== BLOCK_ERR_IGNORE
)
486 if ((error
== ENOSPC
&& action
== BLOCK_ERR_STOP_ENOSPC
)
487 || action
== BLOCK_ERR_STOP_ANY
) {
488 s
->bus
->bmdma
->unit
= s
->unit
;
489 s
->bus
->bmdma
->status
|= op
;
492 if (op
& BM_STATUS_DMA_RETRY
) {
493 dma_buf_commit(s
, 0);
503 /* return 0 if buffer completed */
504 static int dma_buf_rw(BMDMAState
*bm
, int is_write
)
506 IDEState
*s
= bmdma_active_if(bm
);
514 l
= s
->io_buffer_size
- s
->io_buffer_index
;
517 if (bm
->cur_prd_len
== 0) {
518 /* end of table (with a fail safe of one page) */
519 if (bm
->cur_prd_last
||
520 (bm
->cur_addr
- bm
->addr
) >= 4096)
522 cpu_physical_memory_read(bm
->cur_addr
, (uint8_t *)&prd
, 8);
524 prd
.addr
= le32_to_cpu(prd
.addr
);
525 prd
.size
= le32_to_cpu(prd
.size
);
526 len
= prd
.size
& 0xfffe;
529 bm
->cur_prd_len
= len
;
530 bm
->cur_prd_addr
= prd
.addr
;
531 bm
->cur_prd_last
= (prd
.size
& 0x80000000);
533 if (l
> bm
->cur_prd_len
)
537 cpu_physical_memory_write(bm
->cur_prd_addr
,
538 s
->io_buffer
+ s
->io_buffer_index
, l
);
540 cpu_physical_memory_read(bm
->cur_prd_addr
,
541 s
->io_buffer
+ s
->io_buffer_index
, l
);
543 bm
->cur_prd_addr
+= l
;
544 bm
->cur_prd_len
-= l
;
545 s
->io_buffer_index
+= l
;
551 static void ide_read_dma_cb(void *opaque
, int ret
)
553 BMDMAState
*bm
= opaque
;
554 IDEState
*s
= bmdma_active_if(bm
);
559 if (ide_handle_rw_error(s
, -ret
,
560 BM_STATUS_DMA_RETRY
| BM_STATUS_RETRY_READ
))
566 n
= s
->io_buffer_size
>> 9;
567 sector_num
= ide_get_sector(s
);
569 dma_buf_commit(s
, 1);
571 ide_set_sector(s
, sector_num
);
575 /* end of transfer ? */
576 if (s
->nsector
== 0) {
577 s
->status
= READY_STAT
| SEEK_STAT
;
580 bm
->status
&= ~BM_STATUS_DMAING
;
581 bm
->status
|= BM_STATUS_INT
;
588 /* launch next transfer */
590 s
->io_buffer_index
= 0;
591 s
->io_buffer_size
= n
* 512;
592 if (dma_buf_prepare(bm
, 1) == 0)
595 printf("aio_read: sector_num=%" PRId64
" n=%d\n", sector_num
, n
);
597 bm
->aiocb
= dma_bdrv_read(s
->bs
, &s
->sg
, sector_num
, ide_read_dma_cb
, bm
);
598 ide_dma_submit_check(s
, ide_read_dma_cb
, bm
);
601 static void ide_sector_read_dma(IDEState
*s
)
603 s
->status
= READY_STAT
| SEEK_STAT
| DRQ_STAT
| BUSY_STAT
;
604 s
->io_buffer_index
= 0;
605 s
->io_buffer_size
= 0;
607 ide_dma_start(s
, ide_read_dma_cb
);
610 static void ide_sector_write_timer_cb(void *opaque
)
612 IDEState
*s
= opaque
;
616 static void ide_sector_write(IDEState
*s
)
621 s
->status
= READY_STAT
| SEEK_STAT
;
622 sector_num
= ide_get_sector(s
);
623 #if defined(DEBUG_IDE)
624 printf("write sector=%" PRId64
"\n", sector_num
);
627 if (n
> s
->req_nb_sectors
)
628 n
= s
->req_nb_sectors
;
629 ret
= bdrv_write(s
->bs
, sector_num
, s
->io_buffer
, n
);
632 if (ide_handle_rw_error(s
, -ret
, BM_STATUS_PIO_RETRY
))
637 if (s
->nsector
== 0) {
638 /* no more sectors to write */
639 ide_transfer_stop(s
);
642 if (n1
> s
->req_nb_sectors
)
643 n1
= s
->req_nb_sectors
;
644 ide_transfer_start(s
, s
->io_buffer
, 512 * n1
, ide_sector_write
);
646 ide_set_sector(s
, sector_num
+ n
);
649 if (win2k_install_hack
&& ((++s
->irq_count
% 16) == 0)) {
650 /* It seems there is a bug in the Windows 2000 installer HDD
651 IDE driver which fills the disk with empty logs when the
652 IDE write IRQ comes too early. This hack tries to correct
653 that at the expense of slower write performances. Use this
654 option _only_ to install Windows 2000. You must disable it
656 qemu_mod_timer(s
->sector_write_timer
,
657 qemu_get_clock(vm_clock
) + (get_ticks_per_sec() / 1000));
665 static void ide_dma_restart_bh(void *opaque
)
667 BMDMAState
*bm
= opaque
;
670 qemu_bh_delete(bm
->bh
);
673 is_read
= !!(bm
->status
& BM_STATUS_RETRY_READ
);
675 if (bm
->status
& BM_STATUS_DMA_RETRY
) {
676 bm
->status
&= ~(BM_STATUS_DMA_RETRY
| BM_STATUS_RETRY_READ
);
677 ide_dma_restart(bmdma_active_if(bm
), is_read
);
678 } else if (bm
->status
& BM_STATUS_PIO_RETRY
) {
679 bm
->status
&= ~(BM_STATUS_PIO_RETRY
| BM_STATUS_RETRY_READ
);
681 ide_sector_read(bmdma_active_if(bm
));
683 ide_sector_write(bmdma_active_if(bm
));
688 void ide_dma_restart_cb(void *opaque
, int running
, int reason
)
690 BMDMAState
*bm
= opaque
;
696 bm
->bh
= qemu_bh_new(ide_dma_restart_bh
, bm
);
697 qemu_bh_schedule(bm
->bh
);
701 static void ide_write_dma_cb(void *opaque
, int ret
)
703 BMDMAState
*bm
= opaque
;
704 IDEState
*s
= bmdma_active_if(bm
);
709 if (ide_handle_rw_error(s
, -ret
, BM_STATUS_DMA_RETRY
))
713 n
= s
->io_buffer_size
>> 9;
714 sector_num
= ide_get_sector(s
);
716 dma_buf_commit(s
, 0);
718 ide_set_sector(s
, sector_num
);
722 /* end of transfer ? */
723 if (s
->nsector
== 0) {
724 s
->status
= READY_STAT
| SEEK_STAT
;
727 bm
->status
&= ~BM_STATUS_DMAING
;
728 bm
->status
|= BM_STATUS_INT
;
736 s
->io_buffer_size
= n
* 512;
737 /* launch next transfer */
738 if (dma_buf_prepare(bm
, 0) == 0)
741 printf("aio_write: sector_num=%" PRId64
" n=%d\n", sector_num
, n
);
743 bm
->aiocb
= dma_bdrv_write(s
->bs
, &s
->sg
, sector_num
, ide_write_dma_cb
, bm
);
744 ide_dma_submit_check(s
, ide_write_dma_cb
, bm
);
747 static void ide_sector_write_dma(IDEState
*s
)
749 s
->status
= READY_STAT
| SEEK_STAT
| DRQ_STAT
| BUSY_STAT
;
750 s
->io_buffer_index
= 0;
751 s
->io_buffer_size
= 0;
753 ide_dma_start(s
, ide_write_dma_cb
);
756 void ide_atapi_cmd_ok(IDEState
*s
)
759 s
->status
= READY_STAT
| SEEK_STAT
;
760 s
->nsector
= (s
->nsector
& ~7) | ATAPI_INT_REASON_IO
| ATAPI_INT_REASON_CD
;
764 void ide_atapi_cmd_error(IDEState
*s
, int sense_key
, int asc
)
766 #ifdef DEBUG_IDE_ATAPI
767 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key
, asc
);
769 s
->error
= sense_key
<< 4;
770 s
->status
= READY_STAT
| ERR_STAT
;
771 s
->nsector
= (s
->nsector
& ~7) | ATAPI_INT_REASON_IO
| ATAPI_INT_REASON_CD
;
772 s
->sense_key
= sense_key
;
777 static void ide_atapi_cmd_check_status(IDEState
*s
)
779 #ifdef DEBUG_IDE_ATAPI
780 printf("atapi_cmd_check_status\n");
782 s
->error
= MC_ERR
| (SENSE_UNIT_ATTENTION
<< 4);
783 s
->status
= ERR_STAT
;
788 static void ide_flush_cb(void *opaque
, int ret
)
790 IDEState
*s
= opaque
;
792 /* XXX: how do we signal I/O errors here? */
794 s
->status
= READY_STAT
| SEEK_STAT
;
798 static inline void cpu_to_ube16(uint8_t *buf
, int val
)
804 static inline void cpu_to_ube32(uint8_t *buf
, unsigned int val
)
812 static inline int ube16_to_cpu(const uint8_t *buf
)
814 return (buf
[0] << 8) | buf
[1];
817 static inline int ube32_to_cpu(const uint8_t *buf
)
819 return (buf
[0] << 24) | (buf
[1] << 16) | (buf
[2] << 8) | buf
[3];
822 static void lba_to_msf(uint8_t *buf
, int lba
)
825 buf
[0] = (lba
/ 75) / 60;
826 buf
[1] = (lba
/ 75) % 60;
830 static void cd_data_to_raw(uint8_t *buf
, int lba
)
834 memset(buf
+ 1, 0xff, 10);
838 lba_to_msf(buf
, lba
);
839 buf
[3] = 0x01; /* mode 1 data */
843 /* XXX: ECC not computed */
847 static int cd_read_sector(BlockDriverState
*bs
, int lba
, uint8_t *buf
,
852 switch(sector_size
) {
854 ret
= bdrv_read(bs
, (int64_t)lba
<< 2, buf
, 4);
857 ret
= bdrv_read(bs
, (int64_t)lba
<< 2, buf
+ 16, 4);
860 cd_data_to_raw(buf
, lba
);
869 void ide_atapi_io_error(IDEState
*s
, int ret
)
871 /* XXX: handle more errors */
872 if (ret
== -ENOMEDIUM
) {
873 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
874 ASC_MEDIUM_NOT_PRESENT
);
876 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
877 ASC_LOGICAL_BLOCK_OOR
);
881 /* The whole ATAPI transfer logic is handled in this function */
882 static void ide_atapi_cmd_reply_end(IDEState
*s
)
884 int byte_count_limit
, size
, ret
;
885 #ifdef DEBUG_IDE_ATAPI
886 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
887 s
->packet_transfer_size
,
888 s
->elementary_transfer_size
,
891 if (s
->packet_transfer_size
<= 0) {
892 /* end of transfer */
893 ide_transfer_stop(s
);
894 s
->status
= READY_STAT
| SEEK_STAT
;
895 s
->nsector
= (s
->nsector
& ~7) | ATAPI_INT_REASON_IO
| ATAPI_INT_REASON_CD
;
897 #ifdef DEBUG_IDE_ATAPI
898 printf("status=0x%x\n", s
->status
);
901 /* see if a new sector must be read */
902 if (s
->lba
!= -1 && s
->io_buffer_index
>= s
->cd_sector_size
) {
903 ret
= cd_read_sector(s
->bs
, s
->lba
, s
->io_buffer
, s
->cd_sector_size
);
905 ide_transfer_stop(s
);
906 ide_atapi_io_error(s
, ret
);
910 s
->io_buffer_index
= 0;
912 if (s
->elementary_transfer_size
> 0) {
913 /* there are some data left to transmit in this elementary
915 size
= s
->cd_sector_size
- s
->io_buffer_index
;
916 if (size
> s
->elementary_transfer_size
)
917 size
= s
->elementary_transfer_size
;
918 ide_transfer_start(s
, s
->io_buffer
+ s
->io_buffer_index
,
919 size
, ide_atapi_cmd_reply_end
);
920 s
->packet_transfer_size
-= size
;
921 s
->elementary_transfer_size
-= size
;
922 s
->io_buffer_index
+= size
;
924 /* a new transfer is needed */
925 s
->nsector
= (s
->nsector
& ~7) | ATAPI_INT_REASON_IO
;
926 byte_count_limit
= s
->lcyl
| (s
->hcyl
<< 8);
927 #ifdef DEBUG_IDE_ATAPI
928 printf("byte_count_limit=%d\n", byte_count_limit
);
930 if (byte_count_limit
== 0xffff)
932 size
= s
->packet_transfer_size
;
933 if (size
> byte_count_limit
) {
934 /* byte count limit must be even if this case */
935 if (byte_count_limit
& 1)
937 size
= byte_count_limit
;
941 s
->elementary_transfer_size
= size
;
942 /* we cannot transmit more than one sector at a time */
944 if (size
> (s
->cd_sector_size
- s
->io_buffer_index
))
945 size
= (s
->cd_sector_size
- s
->io_buffer_index
);
947 ide_transfer_start(s
, s
->io_buffer
+ s
->io_buffer_index
,
948 size
, ide_atapi_cmd_reply_end
);
949 s
->packet_transfer_size
-= size
;
950 s
->elementary_transfer_size
-= size
;
951 s
->io_buffer_index
+= size
;
953 #ifdef DEBUG_IDE_ATAPI
954 printf("status=0x%x\n", s
->status
);
960 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
961 static void ide_atapi_cmd_reply(IDEState
*s
, int size
, int max_size
)
965 s
->lba
= -1; /* no sector read */
966 s
->packet_transfer_size
= size
;
967 s
->io_buffer_size
= size
; /* dma: send the reply data as one chunk */
968 s
->elementary_transfer_size
= 0;
969 s
->io_buffer_index
= 0;
972 s
->status
= READY_STAT
| SEEK_STAT
| DRQ_STAT
;
973 ide_dma_start(s
, ide_atapi_cmd_read_dma_cb
);
975 s
->status
= READY_STAT
| SEEK_STAT
;
976 ide_atapi_cmd_reply_end(s
);
980 /* start a CD-CDROM read command */
981 static void ide_atapi_cmd_read_pio(IDEState
*s
, int lba
, int nb_sectors
,
985 s
->packet_transfer_size
= nb_sectors
* sector_size
;
986 s
->elementary_transfer_size
= 0;
987 s
->io_buffer_index
= sector_size
;
988 s
->cd_sector_size
= sector_size
;
990 s
->status
= READY_STAT
| SEEK_STAT
;
991 ide_atapi_cmd_reply_end(s
);
994 /* ATAPI DMA support */
996 /* XXX: handle read errors */
997 static void ide_atapi_cmd_read_dma_cb(void *opaque
, int ret
)
999 BMDMAState
*bm
= opaque
;
1000 IDEState
*s
= bmdma_active_if(bm
);
1004 ide_atapi_io_error(s
, ret
);
1008 if (s
->io_buffer_size
> 0) {
1010 * For a cdrom read sector command (s->lba != -1),
1011 * adjust the lba for the next s->io_buffer_size chunk
1012 * and dma the current chunk.
1013 * For a command != read (s->lba == -1), just transfer
1017 if (s
->cd_sector_size
== 2352) {
1019 cd_data_to_raw(s
->io_buffer
, s
->lba
);
1021 n
= s
->io_buffer_size
>> 11;
1025 s
->packet_transfer_size
-= s
->io_buffer_size
;
1026 if (dma_buf_rw(bm
, 1) == 0)
1030 if (s
->packet_transfer_size
<= 0) {
1031 s
->status
= READY_STAT
| SEEK_STAT
;
1032 s
->nsector
= (s
->nsector
& ~7) | ATAPI_INT_REASON_IO
| ATAPI_INT_REASON_CD
;
1033 ide_set_irq(s
->bus
);
1035 bm
->status
&= ~BM_STATUS_DMAING
;
1036 bm
->status
|= BM_STATUS_INT
;
1043 s
->io_buffer_index
= 0;
1044 if (s
->cd_sector_size
== 2352) {
1046 s
->io_buffer_size
= s
->cd_sector_size
;
1049 n
= s
->packet_transfer_size
>> 11;
1050 if (n
> (IDE_DMA_BUF_SECTORS
/ 4))
1051 n
= (IDE_DMA_BUF_SECTORS
/ 4);
1052 s
->io_buffer_size
= n
* 2048;
1056 printf("aio_read_cd: lba=%u n=%d\n", s
->lba
, n
);
1058 bm
->iov
.iov_base
= (void *)(s
->io_buffer
+ data_offset
);
1059 bm
->iov
.iov_len
= n
* 4 * 512;
1060 qemu_iovec_init_external(&bm
->qiov
, &bm
->iov
, 1);
1061 bm
->aiocb
= bdrv_aio_readv(s
->bs
, (int64_t)s
->lba
<< 2, &bm
->qiov
,
1062 n
* 4, ide_atapi_cmd_read_dma_cb
, bm
);
1064 /* Note: media not present is the most likely case */
1065 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1066 ASC_MEDIUM_NOT_PRESENT
);
1071 /* start a CD-CDROM read command with DMA */
1072 /* XXX: test if DMA is available */
1073 static void ide_atapi_cmd_read_dma(IDEState
*s
, int lba
, int nb_sectors
,
1077 s
->packet_transfer_size
= nb_sectors
* sector_size
;
1078 s
->io_buffer_index
= 0;
1079 s
->io_buffer_size
= 0;
1080 s
->cd_sector_size
= sector_size
;
1082 /* XXX: check if BUSY_STAT should be set */
1083 s
->status
= READY_STAT
| SEEK_STAT
| DRQ_STAT
| BUSY_STAT
;
1084 ide_dma_start(s
, ide_atapi_cmd_read_dma_cb
);
1087 static void ide_atapi_cmd_read(IDEState
*s
, int lba
, int nb_sectors
,
1090 #ifdef DEBUG_IDE_ATAPI
1091 printf("read %s: LBA=%d nb_sectors=%d\n", s
->atapi_dma
? "dma" : "pio",
1095 ide_atapi_cmd_read_dma(s
, lba
, nb_sectors
, sector_size
);
1097 ide_atapi_cmd_read_pio(s
, lba
, nb_sectors
, sector_size
);
1101 static inline uint8_t ide_atapi_set_profile(uint8_t *buf
, uint8_t *index
,
1104 uint8_t *buf_profile
= buf
+ 12; /* start of profiles */
1106 buf_profile
+= ((*index
) * 4); /* start of indexed profile */
1107 cpu_to_ube16 (buf_profile
, profile
);
1108 buf_profile
[2] = ((buf_profile
[0] == buf
[6]) && (buf_profile
[1] == buf
[7]));
1110 /* each profile adds 4 bytes to the response */
1112 buf
[11] += 4; /* Additional Length */
1117 static int ide_dvd_read_structure(IDEState
*s
, int format
,
1118 const uint8_t *packet
, uint8_t *buf
)
1121 case 0x0: /* Physical format information */
1123 int layer
= packet
[6];
1124 uint64_t total_sectors
;
1127 return -ASC_INV_FIELD_IN_CMD_PACKET
;
1129 bdrv_get_geometry(s
->bs
, &total_sectors
);
1130 total_sectors
>>= 2;
1131 if (total_sectors
== 0)
1132 return -ASC_MEDIUM_NOT_PRESENT
;
1134 buf
[4] = 1; /* DVD-ROM, part version 1 */
1135 buf
[5] = 0xf; /* 120mm disc, minimum rate unspecified */
1136 buf
[6] = 1; /* one layer, read-only (per MMC-2 spec) */
1137 buf
[7] = 0; /* default densities */
1139 /* FIXME: 0x30000 per spec? */
1140 cpu_to_ube32(buf
+ 8, 0); /* start sector */
1141 cpu_to_ube32(buf
+ 12, total_sectors
- 1); /* end sector */
1142 cpu_to_ube32(buf
+ 16, total_sectors
- 1); /* l0 end sector */
1144 /* Size of buffer, not including 2 byte size field */
1145 cpu_to_be16wu((uint16_t *)buf
, 2048 + 2);
1147 /* 2k data + 4 byte header */
1151 case 0x01: /* DVD copyright information */
1152 buf
[4] = 0; /* no copyright data */
1153 buf
[5] = 0; /* no region restrictions */
1155 /* Size of buffer, not including 2 byte size field */
1156 cpu_to_be16wu((uint16_t *)buf
, 4 + 2);
1158 /* 4 byte header + 4 byte data */
1161 case 0x03: /* BCA information - invalid field for no BCA info */
1162 return -ASC_INV_FIELD_IN_CMD_PACKET
;
1164 case 0x04: /* DVD disc manufacturing information */
1165 /* Size of buffer, not including 2 byte size field */
1166 cpu_to_be16wu((uint16_t *)buf
, 2048 + 2);
1168 /* 2k data + 4 byte header */
1173 * This lists all the command capabilities above. Add new ones
1174 * in order and update the length and buffer return values.
1177 buf
[4] = 0x00; /* Physical format */
1178 buf
[5] = 0x40; /* Not writable, is readable */
1179 cpu_to_be16wu((uint16_t *)(buf
+ 6), 2048 + 4);
1181 buf
[8] = 0x01; /* Copyright info */
1182 buf
[9] = 0x40; /* Not writable, is readable */
1183 cpu_to_be16wu((uint16_t *)(buf
+ 10), 4 + 4);
1185 buf
[12] = 0x03; /* BCA info */
1186 buf
[13] = 0x40; /* Not writable, is readable */
1187 cpu_to_be16wu((uint16_t *)(buf
+ 14), 188 + 4);
1189 buf
[16] = 0x04; /* Manufacturing info */
1190 buf
[17] = 0x40; /* Not writable, is readable */
1191 cpu_to_be16wu((uint16_t *)(buf
+ 18), 2048 + 4);
1193 /* Size of buffer, not including 2 byte size field */
1194 cpu_to_be16wu((uint16_t *)buf
, 16 + 2);
1196 /* data written + 4 byte header */
1199 default: /* TODO: formats beyond DVD-ROM requires */
1200 return -ASC_INV_FIELD_IN_CMD_PACKET
;
1204 static void ide_atapi_cmd(IDEState
*s
)
1206 const uint8_t *packet
;
1210 packet
= s
->io_buffer
;
1212 #ifdef DEBUG_IDE_ATAPI
1215 printf("ATAPI limit=0x%x packet:", s
->lcyl
| (s
->hcyl
<< 8));
1216 for(i
= 0; i
< ATAPI_PACKET_SIZE
; i
++) {
1217 printf(" %02x", packet
[i
]);
1222 /* If there's a UNIT_ATTENTION condition pending, only
1223 REQUEST_SENSE and INQUIRY commands are allowed to complete. */
1224 if (s
->sense_key
== SENSE_UNIT_ATTENTION
&&
1225 s
->io_buffer
[0] != GPCMD_REQUEST_SENSE
&&
1226 s
->io_buffer
[0] != GPCMD_INQUIRY
) {
1227 ide_atapi_cmd_check_status(s
);
1230 switch(s
->io_buffer
[0]) {
1231 case GPCMD_TEST_UNIT_READY
:
1232 if (bdrv_is_inserted(s
->bs
) && !s
->cdrom_changed
) {
1233 ide_atapi_cmd_ok(s
);
1235 s
->cdrom_changed
= 0;
1236 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1237 ASC_MEDIUM_NOT_PRESENT
);
1240 case GPCMD_MODE_SENSE_6
:
1241 case GPCMD_MODE_SENSE_10
:
1244 if (packet
[0] == GPCMD_MODE_SENSE_10
)
1245 max_len
= ube16_to_cpu(packet
+ 7);
1247 max_len
= packet
[4];
1248 action
= packet
[2] >> 6;
1249 code
= packet
[2] & 0x3f;
1251 case 0: /* current values */
1253 case 0x01: /* error recovery */
1254 cpu_to_ube16(&buf
[0], 16 + 6);
1270 ide_atapi_cmd_reply(s
, 16, max_len
);
1273 cpu_to_ube16(&buf
[0], 28 + 6);
1286 /* Claim PLAY_AUDIO capability (0x01) since some Linux
1287 code checks for this to automount media. */
1290 buf
[14] = (1 << 0) | (1 << 3) | (1 << 5);
1291 if (bdrv_is_locked(s
->bs
))
1294 cpu_to_ube16(&buf
[16], 706);
1297 cpu_to_ube16(&buf
[20], 512);
1298 cpu_to_ube16(&buf
[22], 706);
1303 ide_atapi_cmd_reply(s
, 28, max_len
);
1309 case 1: /* changeable values */
1311 case 2: /* default values */
1314 case 3: /* saved values */
1315 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1316 ASC_SAVING_PARAMETERS_NOT_SUPPORTED
);
1321 case GPCMD_REQUEST_SENSE
:
1322 max_len
= packet
[4];
1324 buf
[0] = 0x70 | (1 << 7);
1325 buf
[2] = s
->sense_key
;
1328 if (s
->sense_key
== SENSE_UNIT_ATTENTION
)
1329 s
->sense_key
= SENSE_NONE
;
1330 ide_atapi_cmd_reply(s
, 18, max_len
);
1332 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL
:
1333 if (bdrv_is_inserted(s
->bs
)) {
1334 bdrv_set_locked(s
->bs
, packet
[4] & 1);
1335 ide_atapi_cmd_ok(s
);
1337 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1338 ASC_MEDIUM_NOT_PRESENT
);
1344 int nb_sectors
, lba
;
1346 if (packet
[0] == GPCMD_READ_10
)
1347 nb_sectors
= ube16_to_cpu(packet
+ 7);
1349 nb_sectors
= ube32_to_cpu(packet
+ 6);
1350 lba
= ube32_to_cpu(packet
+ 2);
1351 if (nb_sectors
== 0) {
1352 ide_atapi_cmd_ok(s
);
1355 ide_atapi_cmd_read(s
, lba
, nb_sectors
, 2048);
1360 int nb_sectors
, lba
, transfer_request
;
1362 nb_sectors
= (packet
[6] << 16) | (packet
[7] << 8) | packet
[8];
1363 lba
= ube32_to_cpu(packet
+ 2);
1364 if (nb_sectors
== 0) {
1365 ide_atapi_cmd_ok(s
);
1368 transfer_request
= packet
[9];
1369 switch(transfer_request
& 0xf8) {
1372 ide_atapi_cmd_ok(s
);
1376 ide_atapi_cmd_read(s
, lba
, nb_sectors
, 2048);
1380 ide_atapi_cmd_read(s
, lba
, nb_sectors
, 2352);
1383 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1384 ASC_INV_FIELD_IN_CMD_PACKET
);
1392 uint64_t total_sectors
;
1394 bdrv_get_geometry(s
->bs
, &total_sectors
);
1395 total_sectors
>>= 2;
1396 if (total_sectors
== 0) {
1397 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1398 ASC_MEDIUM_NOT_PRESENT
);
1401 lba
= ube32_to_cpu(packet
+ 2);
1402 if (lba
>= total_sectors
) {
1403 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1404 ASC_LOGICAL_BLOCK_OOR
);
1407 ide_atapi_cmd_ok(s
);
1410 case GPCMD_START_STOP_UNIT
:
1412 int start
, eject
, err
= 0;
1413 start
= packet
[4] & 1;
1414 eject
= (packet
[4] >> 1) & 1;
1417 err
= bdrv_eject(s
->bs
, !start
);
1422 ide_atapi_cmd_ok(s
);
1425 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1426 ASC_MEDIA_REMOVAL_PREVENTED
);
1429 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1430 ASC_MEDIUM_NOT_PRESENT
);
1435 case GPCMD_MECHANISM_STATUS
:
1437 max_len
= ube16_to_cpu(packet
+ 8);
1438 cpu_to_ube16(buf
, 0);
1439 /* no current LBA */
1444 cpu_to_ube16(buf
+ 6, 0);
1445 ide_atapi_cmd_reply(s
, 8, max_len
);
1448 case GPCMD_READ_TOC_PMA_ATIP
:
1450 int format
, msf
, start_track
, len
;
1451 uint64_t total_sectors
;
1453 bdrv_get_geometry(s
->bs
, &total_sectors
);
1454 total_sectors
>>= 2;
1455 if (total_sectors
== 0) {
1456 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1457 ASC_MEDIUM_NOT_PRESENT
);
1460 max_len
= ube16_to_cpu(packet
+ 7);
1461 format
= packet
[9] >> 6;
1462 msf
= (packet
[1] >> 1) & 1;
1463 start_track
= packet
[6];
1466 len
= cdrom_read_toc(total_sectors
, buf
, msf
, start_track
);
1469 ide_atapi_cmd_reply(s
, len
, max_len
);
1472 /* multi session : only a single session defined */
1477 ide_atapi_cmd_reply(s
, 12, max_len
);
1480 len
= cdrom_read_toc_raw(total_sectors
, buf
, msf
, start_track
);
1483 ide_atapi_cmd_reply(s
, len
, max_len
);
1487 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1488 ASC_INV_FIELD_IN_CMD_PACKET
);
1493 case GPCMD_READ_CDVD_CAPACITY
:
1495 uint64_t total_sectors
;
1497 bdrv_get_geometry(s
->bs
, &total_sectors
);
1498 total_sectors
>>= 2;
1499 if (total_sectors
== 0) {
1500 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1501 ASC_MEDIUM_NOT_PRESENT
);
1504 /* NOTE: it is really the number of sectors minus 1 */
1505 cpu_to_ube32(buf
, total_sectors
- 1);
1506 cpu_to_ube32(buf
+ 4, 2048);
1507 ide_atapi_cmd_reply(s
, 8, 8);
1510 case GPCMD_READ_DVD_STRUCTURE
:
1512 int media
= packet
[1];
1513 int format
= packet
[7];
1516 max_len
= ube16_to_cpu(packet
+ 8);
1518 if (format
< 0xff) {
1519 if (media_is_cd(s
)) {
1520 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1521 ASC_INCOMPATIBLE_FORMAT
);
1523 } else if (!media_present(s
)) {
1524 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1525 ASC_INV_FIELD_IN_CMD_PACKET
);
1530 memset(buf
, 0, max_len
> IDE_DMA_BUF_SECTORS
* 512 + 4 ?
1531 IDE_DMA_BUF_SECTORS
* 512 + 4 : max_len
);
1537 ret
= ide_dvd_read_structure(s
, format
, packet
, buf
);
1540 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
, -ret
);
1542 ide_atapi_cmd_reply(s
, ret
, max_len
);
1546 /* TODO: BD support, fall through for now */
1548 /* Generic disk structures */
1549 case 0x80: /* TODO: AACS volume identifier */
1550 case 0x81: /* TODO: AACS media serial number */
1551 case 0x82: /* TODO: AACS media identifier */
1552 case 0x83: /* TODO: AACS media key block */
1553 case 0x90: /* TODO: List of recognized format layers */
1554 case 0xc0: /* TODO: Write protection status */
1556 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1557 ASC_INV_FIELD_IN_CMD_PACKET
);
1562 case GPCMD_SET_SPEED
:
1563 ide_atapi_cmd_ok(s
);
1566 max_len
= packet
[4];
1567 buf
[0] = 0x05; /* CD-ROM */
1568 buf
[1] = 0x80; /* removable */
1569 buf
[2] = 0x00; /* ISO */
1570 buf
[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1571 buf
[4] = 31; /* additional length */
1572 buf
[5] = 0; /* reserved */
1573 buf
[6] = 0; /* reserved */
1574 buf
[7] = 0; /* reserved */
1575 padstr8(buf
+ 8, 8, "QEMU");
1576 padstr8(buf
+ 16, 16, "QEMU DVD-ROM");
1577 padstr8(buf
+ 32, 4, QEMU_VERSION
);
1578 ide_atapi_cmd_reply(s
, 36, max_len
);
1580 case GPCMD_GET_CONFIGURATION
:
1585 /* only feature 0 is supported */
1586 if (packet
[2] != 0 || packet
[3] != 0) {
1587 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1588 ASC_INV_FIELD_IN_CMD_PACKET
);
1592 /* XXX: could result in alignment problems in some architectures */
1593 max_len
= ube16_to_cpu(packet
+ 7);
1596 * XXX: avoid overflow for io_buffer if max_len is bigger than
1597 * the size of that buffer (dimensioned to max number of
1598 * sectors to transfer at once)
1600 * Only a problem if the feature/profiles grow.
1602 if (max_len
> 512) /* XXX: assume 1 sector */
1605 memset(buf
, 0, max_len
);
1607 * the number of sectors from the media tells us which profile
1608 * to use as current. 0 means there is no media
1610 if (media_is_dvd(s
))
1611 cpu_to_ube16(buf
+ 6, MMC_PROFILE_DVD_ROM
);
1612 else if (media_is_cd(s
))
1613 cpu_to_ube16(buf
+ 6, MMC_PROFILE_CD_ROM
);
1615 buf
[10] = 0x02 | 0x01; /* persistent and current */
1616 len
= 12; /* headers: 8 + 4 */
1617 len
+= ide_atapi_set_profile(buf
, &index
, MMC_PROFILE_DVD_ROM
);
1618 len
+= ide_atapi_set_profile(buf
, &index
, MMC_PROFILE_CD_ROM
);
1619 cpu_to_ube32(buf
, len
- 4); /* data length */
1621 ide_atapi_cmd_reply(s
, len
, max_len
);
1625 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1626 ASC_ILLEGAL_OPCODE
);
1631 static void ide_cfata_metadata_inquiry(IDEState
*s
)
1636 p
= (uint16_t *) s
->io_buffer
;
1637 memset(p
, 0, 0x200);
1638 spd
= ((s
->mdata_size
- 1) >> 9) + 1;
1640 put_le16(p
+ 0, 0x0001); /* Data format revision */
1641 put_le16(p
+ 1, 0x0000); /* Media property: silicon */
1642 put_le16(p
+ 2, s
->media_changed
); /* Media status */
1643 put_le16(p
+ 3, s
->mdata_size
& 0xffff); /* Capacity in bytes (low) */
1644 put_le16(p
+ 4, s
->mdata_size
>> 16); /* Capacity in bytes (high) */
1645 put_le16(p
+ 5, spd
& 0xffff); /* Sectors per device (low) */
1646 put_le16(p
+ 6, spd
>> 16); /* Sectors per device (high) */
1649 static void ide_cfata_metadata_read(IDEState
*s
)
1653 if (((s
->hcyl
<< 16) | s
->lcyl
) << 9 > s
->mdata_size
+ 2) {
1654 s
->status
= ERR_STAT
;
1655 s
->error
= ABRT_ERR
;
1659 p
= (uint16_t *) s
->io_buffer
;
1660 memset(p
, 0, 0x200);
1662 put_le16(p
+ 0, s
->media_changed
); /* Media status */
1663 memcpy(p
+ 1, s
->mdata_storage
+ (((s
->hcyl
<< 16) | s
->lcyl
) << 9),
1664 MIN(MIN(s
->mdata_size
- (((s
->hcyl
<< 16) | s
->lcyl
) << 9),
1665 s
->nsector
<< 9), 0x200 - 2));
1668 static void ide_cfata_metadata_write(IDEState
*s
)
1670 if (((s
->hcyl
<< 16) | s
->lcyl
) << 9 > s
->mdata_size
+ 2) {
1671 s
->status
= ERR_STAT
;
1672 s
->error
= ABRT_ERR
;
1676 s
->media_changed
= 0;
1678 memcpy(s
->mdata_storage
+ (((s
->hcyl
<< 16) | s
->lcyl
) << 9),
1680 MIN(MIN(s
->mdata_size
- (((s
->hcyl
<< 16) | s
->lcyl
) << 9),
1681 s
->nsector
<< 9), 0x200 - 2));
1684 /* called when the inserted state of the media has changed */
1685 static void cdrom_change_cb(void *opaque
)
1687 IDEState
*s
= opaque
;
1688 uint64_t nb_sectors
;
1690 bdrv_get_geometry(s
->bs
, &nb_sectors
);
1691 s
->nb_sectors
= nb_sectors
;
1693 s
->sense_key
= SENSE_UNIT_ATTENTION
;
1694 s
->asc
= ASC_MEDIUM_MAY_HAVE_CHANGED
;
1695 s
->cdrom_changed
= 1;
1696 ide_set_irq(s
->bus
);
1699 static void ide_cmd_lba48_transform(IDEState
*s
, int lba48
)
1703 /* handle the 'magic' 0 nsector count conversion here. to avoid
1704 * fiddling with the rest of the read logic, we just store the
1705 * full sector count in ->nsector and ignore ->hob_nsector from now
1711 if (!s
->nsector
&& !s
->hob_nsector
)
1714 int lo
= s
->nsector
;
1715 int hi
= s
->hob_nsector
;
1717 s
->nsector
= (hi
<< 8) | lo
;
1722 static void ide_clear_hob(IDEBus
*bus
)
1724 /* any write clears HOB high bit of device control register */
1725 bus
->ifs
[0].select
&= ~(1 << 7);
1726 bus
->ifs
[1].select
&= ~(1 << 7);
1729 void ide_ioport_write(void *opaque
, uint32_t addr
, uint32_t val
)
1731 IDEBus
*bus
= opaque
;
1737 printf("IDE: write addr=0x%x val=0x%02x\n", addr
, val
);
1742 /* ignore writes to command block while busy with previous command */
1743 if (addr
!= 7 && (idebus_active_if(bus
)->status
& (BUSY_STAT
|DRQ_STAT
)))
1751 /* NOTE: data is written to the two drives */
1752 bus
->ifs
[0].hob_feature
= bus
->ifs
[0].feature
;
1753 bus
->ifs
[1].hob_feature
= bus
->ifs
[1].feature
;
1754 bus
->ifs
[0].feature
= val
;
1755 bus
->ifs
[1].feature
= val
;
1759 bus
->ifs
[0].hob_nsector
= bus
->ifs
[0].nsector
;
1760 bus
->ifs
[1].hob_nsector
= bus
->ifs
[1].nsector
;
1761 bus
->ifs
[0].nsector
= val
;
1762 bus
->ifs
[1].nsector
= val
;
1766 bus
->ifs
[0].hob_sector
= bus
->ifs
[0].sector
;
1767 bus
->ifs
[1].hob_sector
= bus
->ifs
[1].sector
;
1768 bus
->ifs
[0].sector
= val
;
1769 bus
->ifs
[1].sector
= val
;
1773 bus
->ifs
[0].hob_lcyl
= bus
->ifs
[0].lcyl
;
1774 bus
->ifs
[1].hob_lcyl
= bus
->ifs
[1].lcyl
;
1775 bus
->ifs
[0].lcyl
= val
;
1776 bus
->ifs
[1].lcyl
= val
;
1780 bus
->ifs
[0].hob_hcyl
= bus
->ifs
[0].hcyl
;
1781 bus
->ifs
[1].hob_hcyl
= bus
->ifs
[1].hcyl
;
1782 bus
->ifs
[0].hcyl
= val
;
1783 bus
->ifs
[1].hcyl
= val
;
1786 /* FIXME: HOB readback uses bit 7 */
1787 bus
->ifs
[0].select
= (val
& ~0x10) | 0xa0;
1788 bus
->ifs
[1].select
= (val
| 0x10) | 0xa0;
1790 bus
->unit
= (val
>> 4) & 1;
1795 #if defined(DEBUG_IDE)
1796 printf("ide: CMD=%02x\n", val
);
1798 s
= idebus_active_if(bus
);
1799 /* ignore commands to non existant slave */
1800 if (s
!= bus
->ifs
&& !s
->bs
)
1803 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */
1804 if ((s
->status
& (BUSY_STAT
|DRQ_STAT
)) && val
!= WIN_DEVICE_RESET
)
1809 if (s
->bs
&& !s
->is_cdrom
) {
1813 ide_cfata_identify(s
);
1814 s
->status
= READY_STAT
| SEEK_STAT
;
1815 ide_transfer_start(s
, s
->io_buffer
, 512, ide_transfer_stop
);
1818 ide_set_signature(s
);
1820 ide_abort_command(s
);
1822 ide_set_irq(s
->bus
);
1827 s
->status
= READY_STAT
| SEEK_STAT
;
1828 ide_set_irq(s
->bus
);
1831 if (s
->is_cf
&& s
->nsector
== 0) {
1832 /* Disable Read and Write Multiple */
1833 s
->mult_sectors
= 0;
1834 s
->status
= READY_STAT
| SEEK_STAT
;
1835 } else if ((s
->nsector
& 0xff) != 0 &&
1836 ((s
->nsector
& 0xff) > MAX_MULT_SECTORS
||
1837 (s
->nsector
& (s
->nsector
- 1)) != 0)) {
1838 ide_abort_command(s
);
1840 s
->mult_sectors
= s
->nsector
& 0xff;
1841 s
->status
= READY_STAT
| SEEK_STAT
;
1843 ide_set_irq(s
->bus
);
1845 case WIN_VERIFY_EXT
:
1848 case WIN_VERIFY_ONCE
:
1849 /* do sector number check ? */
1850 ide_cmd_lba48_transform(s
, lba48
);
1851 s
->status
= READY_STAT
| SEEK_STAT
;
1852 ide_set_irq(s
->bus
);
1860 ide_cmd_lba48_transform(s
, lba48
);
1861 s
->req_nb_sectors
= 1;
1867 case WIN_WRITE_ONCE
:
1868 case CFA_WRITE_SECT_WO_ERASE
:
1869 case WIN_WRITE_VERIFY
:
1870 ide_cmd_lba48_transform(s
, lba48
);
1872 s
->status
= SEEK_STAT
| READY_STAT
;
1873 s
->req_nb_sectors
= 1;
1874 ide_transfer_start(s
, s
->io_buffer
, 512, ide_sector_write
);
1875 s
->media_changed
= 1;
1877 case WIN_MULTREAD_EXT
:
1880 if (!s
->mult_sectors
)
1882 ide_cmd_lba48_transform(s
, lba48
);
1883 s
->req_nb_sectors
= s
->mult_sectors
;
1886 case WIN_MULTWRITE_EXT
:
1889 case CFA_WRITE_MULTI_WO_ERASE
:
1890 if (!s
->mult_sectors
)
1892 ide_cmd_lba48_transform(s
, lba48
);
1894 s
->status
= SEEK_STAT
| READY_STAT
;
1895 s
->req_nb_sectors
= s
->mult_sectors
;
1897 if (n
> s
->req_nb_sectors
)
1898 n
= s
->req_nb_sectors
;
1899 ide_transfer_start(s
, s
->io_buffer
, 512 * n
, ide_sector_write
);
1900 s
->media_changed
= 1;
1902 case WIN_READDMA_EXT
:
1905 case WIN_READDMA_ONCE
:
1908 ide_cmd_lba48_transform(s
, lba48
);
1909 ide_sector_read_dma(s
);
1911 case WIN_WRITEDMA_EXT
:
1914 case WIN_WRITEDMA_ONCE
:
1917 ide_cmd_lba48_transform(s
, lba48
);
1918 ide_sector_write_dma(s
);
1919 s
->media_changed
= 1;
1921 case WIN_READ_NATIVE_MAX_EXT
:
1923 case WIN_READ_NATIVE_MAX
:
1924 ide_cmd_lba48_transform(s
, lba48
);
1925 ide_set_sector(s
, s
->nb_sectors
- 1);
1926 s
->status
= READY_STAT
| SEEK_STAT
;
1927 ide_set_irq(s
->bus
);
1929 case WIN_CHECKPOWERMODE1
:
1930 case WIN_CHECKPOWERMODE2
:
1931 s
->nsector
= 0xff; /* device active or idle */
1932 s
->status
= READY_STAT
| SEEK_STAT
;
1933 ide_set_irq(s
->bus
);
1935 case WIN_SETFEATURES
:
1938 /* XXX: valid for CDROM ? */
1939 switch(s
->feature
) {
1940 case 0xcc: /* reverting to power-on defaults enable */
1941 case 0x66: /* reverting to power-on defaults disable */
1942 case 0x02: /* write cache enable */
1943 case 0x82: /* write cache disable */
1944 case 0xaa: /* read look-ahead enable */
1945 case 0x55: /* read look-ahead disable */
1946 case 0x05: /* set advanced power management mode */
1947 case 0x85: /* disable advanced power management mode */
1948 case 0x69: /* NOP */
1949 case 0x67: /* NOP */
1950 case 0x96: /* NOP */
1951 case 0x9a: /* NOP */
1952 case 0x42: /* enable Automatic Acoustic Mode */
1953 case 0xc2: /* disable Automatic Acoustic Mode */
1954 s
->status
= READY_STAT
| SEEK_STAT
;
1955 ide_set_irq(s
->bus
);
1957 case 0x03: { /* set transfer mode */
1958 uint8_t val
= s
->nsector
& 0x07;
1959 uint16_t *identify_data
= (uint16_t *)s
->identify_data
;
1961 switch (s
->nsector
>> 3) {
1962 case 0x00: /* pio default */
1963 case 0x01: /* pio mode */
1964 put_le16(identify_data
+ 62,0x07);
1965 put_le16(identify_data
+ 63,0x07);
1966 put_le16(identify_data
+ 88,0x3f);
1968 case 0x02: /* sigle word dma mode*/
1969 put_le16(identify_data
+ 62,0x07 | (1 << (val
+ 8)));
1970 put_le16(identify_data
+ 63,0x07);
1971 put_le16(identify_data
+ 88,0x3f);
1973 case 0x04: /* mdma mode */
1974 put_le16(identify_data
+ 62,0x07);
1975 put_le16(identify_data
+ 63,0x07 | (1 << (val
+ 8)));
1976 put_le16(identify_data
+ 88,0x3f);
1978 case 0x08: /* udma mode */
1979 put_le16(identify_data
+ 62,0x07);
1980 put_le16(identify_data
+ 63,0x07);
1981 put_le16(identify_data
+ 88,0x3f | (1 << (val
+ 8)));
1986 s
->status
= READY_STAT
| SEEK_STAT
;
1987 ide_set_irq(s
->bus
);
1994 case WIN_FLUSH_CACHE
:
1995 case WIN_FLUSH_CACHE_EXT
:
1997 bdrv_aio_flush(s
->bs
, ide_flush_cb
, s
);
2003 case WIN_STANDBYNOW1
:
2004 case WIN_STANDBYNOW2
:
2005 case WIN_IDLEIMMEDIATE
:
2006 case CFA_IDLEIMMEDIATE
:
2011 s
->status
= READY_STAT
;
2012 ide_set_irq(s
->bus
);
2017 /* XXX: Check that seek is within bounds */
2018 s
->status
= READY_STAT
| SEEK_STAT
;
2019 ide_set_irq(s
->bus
);
2021 /* ATAPI commands */
2024 ide_atapi_identify(s
);
2025 s
->status
= READY_STAT
| SEEK_STAT
;
2026 ide_transfer_start(s
, s
->io_buffer
, 512, ide_transfer_stop
);
2028 ide_abort_command(s
);
2030 ide_set_irq(s
->bus
);
2033 ide_set_signature(s
);
2035 s
->status
= 0; /* ATAPI spec (v6) section 9.10 defines packet
2036 * devices to return a clear status register
2037 * with READY_STAT *not* set. */
2039 s
->status
= READY_STAT
| SEEK_STAT
;
2040 s
->error
= 0x01; /* Device 0 passed, Device 1 passed or not
2043 ide_set_irq(s
->bus
);
2048 ide_set_signature(s
);
2049 s
->status
= 0x00; /* NOTE: READY is _not_ set */
2055 /* overlapping commands not supported */
2056 if (s
->feature
& 0x02)
2058 s
->status
= READY_STAT
| SEEK_STAT
;
2059 s
->atapi_dma
= s
->feature
& 1;
2061 ide_transfer_start(s
, s
->io_buffer
, ATAPI_PACKET_SIZE
,
2064 /* CF-ATA commands */
2065 case CFA_REQ_EXT_ERROR_CODE
:
2068 s
->error
= 0x09; /* miscellaneous error */
2069 s
->status
= READY_STAT
| SEEK_STAT
;
2070 ide_set_irq(s
->bus
);
2072 case CFA_ERASE_SECTORS
:
2073 case CFA_WEAR_LEVEL
:
2076 if (val
== CFA_WEAR_LEVEL
)
2078 if (val
== CFA_ERASE_SECTORS
)
2079 s
->media_changed
= 1;
2081 s
->status
= READY_STAT
| SEEK_STAT
;
2082 ide_set_irq(s
->bus
);
2084 case CFA_TRANSLATE_SECTOR
:
2088 s
->status
= READY_STAT
| SEEK_STAT
;
2089 memset(s
->io_buffer
, 0, 0x200);
2090 s
->io_buffer
[0x00] = s
->hcyl
; /* Cyl MSB */
2091 s
->io_buffer
[0x01] = s
->lcyl
; /* Cyl LSB */
2092 s
->io_buffer
[0x02] = s
->select
; /* Head */
2093 s
->io_buffer
[0x03] = s
->sector
; /* Sector */
2094 s
->io_buffer
[0x04] = ide_get_sector(s
) >> 16; /* LBA MSB */
2095 s
->io_buffer
[0x05] = ide_get_sector(s
) >> 8; /* LBA */
2096 s
->io_buffer
[0x06] = ide_get_sector(s
) >> 0; /* LBA LSB */
2097 s
->io_buffer
[0x13] = 0x00; /* Erase flag */
2098 s
->io_buffer
[0x18] = 0x00; /* Hot count */
2099 s
->io_buffer
[0x19] = 0x00; /* Hot count */
2100 s
->io_buffer
[0x1a] = 0x01; /* Hot count */
2101 ide_transfer_start(s
, s
->io_buffer
, 0x200, ide_transfer_stop
);
2102 ide_set_irq(s
->bus
);
2104 case CFA_ACCESS_METADATA_STORAGE
:
2107 switch (s
->feature
) {
2108 case 0x02: /* Inquiry Metadata Storage */
2109 ide_cfata_metadata_inquiry(s
);
2111 case 0x03: /* Read Metadata Storage */
2112 ide_cfata_metadata_read(s
);
2114 case 0x04: /* Write Metadata Storage */
2115 ide_cfata_metadata_write(s
);
2120 ide_transfer_start(s
, s
->io_buffer
, 0x200, ide_transfer_stop
);
2121 s
->status
= 0x00; /* NOTE: READY is _not_ set */
2122 ide_set_irq(s
->bus
);
2124 case IBM_SENSE_CONDITION
:
2127 switch (s
->feature
) {
2128 case 0x01: /* sense temperature in device */
2129 s
->nsector
= 0x50; /* +20 C */
2134 s
->status
= READY_STAT
| SEEK_STAT
;
2135 ide_set_irq(s
->bus
);
2141 if (s
->hcyl
!= 0xc2 || s
->lcyl
!= 0x4f)
2143 if (!s
->smart_enabled
&& s
->feature
!= SMART_ENABLE
)
2145 switch (s
->feature
) {
2147 s
->smart_enabled
= 0;
2148 s
->status
= READY_STAT
| SEEK_STAT
;
2149 ide_set_irq(s
->bus
);
2152 s
->smart_enabled
= 1;
2153 s
->status
= READY_STAT
| SEEK_STAT
;
2154 ide_set_irq(s
->bus
);
2156 case SMART_ATTR_AUTOSAVE
:
2157 switch (s
->sector
) {
2159 s
->smart_autosave
= 0;
2162 s
->smart_autosave
= 1;
2167 s
->status
= READY_STAT
| SEEK_STAT
;
2168 ide_set_irq(s
->bus
);
2171 if (!s
->smart_errors
) {
2178 s
->status
= READY_STAT
| SEEK_STAT
;
2179 ide_set_irq(s
->bus
);
2181 case SMART_READ_THRESH
:
2182 memset(s
->io_buffer
, 0, 0x200);
2183 s
->io_buffer
[0] = 0x01; /* smart struct version */
2184 for (n
=0; n
<30; n
++) {
2185 if (smart_attributes
[n
][0] == 0)
2187 s
->io_buffer
[2+0+(n
*12)] = smart_attributes
[n
][0];
2188 s
->io_buffer
[2+1+(n
*12)] = smart_attributes
[n
][4];
2190 for (n
=0; n
<511; n
++) /* checksum */
2191 s
->io_buffer
[511] += s
->io_buffer
[n
];
2192 s
->io_buffer
[511] = 0x100 - s
->io_buffer
[511];
2193 s
->status
= READY_STAT
| SEEK_STAT
;
2194 ide_transfer_start(s
, s
->io_buffer
, 0x200, ide_transfer_stop
);
2195 ide_set_irq(s
->bus
);
2197 case SMART_READ_DATA
:
2198 memset(s
->io_buffer
, 0, 0x200);
2199 s
->io_buffer
[0] = 0x01; /* smart struct version */
2200 for (n
=0; n
<30; n
++) {
2201 if (smart_attributes
[n
][0] == 0)
2203 s
->io_buffer
[2+0+(n
*12)] = smart_attributes
[n
][0];
2204 s
->io_buffer
[2+1+(n
*12)] = smart_attributes
[n
][1];
2205 s
->io_buffer
[2+3+(n
*12)] = smart_attributes
[n
][2];
2206 s
->io_buffer
[2+4+(n
*12)] = smart_attributes
[n
][3];
2208 s
->io_buffer
[362] = 0x02 | (s
->smart_autosave
?0x80:0x00);
2209 if (s
->smart_selftest_count
== 0) {
2210 s
->io_buffer
[363] = 0;
2213 s
->smart_selftest_data
[3 +
2214 (s
->smart_selftest_count
- 1) *
2217 s
->io_buffer
[364] = 0x20;
2218 s
->io_buffer
[365] = 0x01;
2219 /* offline data collection capacity: execute + self-test*/
2220 s
->io_buffer
[367] = (1<<4 | 1<<3 | 1);
2221 s
->io_buffer
[368] = 0x03; /* smart capability (1) */
2222 s
->io_buffer
[369] = 0x00; /* smart capability (2) */
2223 s
->io_buffer
[370] = 0x01; /* error logging supported */
2224 s
->io_buffer
[372] = 0x02; /* minutes for poll short test */
2225 s
->io_buffer
[373] = 0x36; /* minutes for poll ext test */
2226 s
->io_buffer
[374] = 0x01; /* minutes for poll conveyance */
2228 for (n
=0; n
<511; n
++)
2229 s
->io_buffer
[511] += s
->io_buffer
[n
];
2230 s
->io_buffer
[511] = 0x100 - s
->io_buffer
[511];
2231 s
->status
= READY_STAT
| SEEK_STAT
;
2232 ide_transfer_start(s
, s
->io_buffer
, 0x200, ide_transfer_stop
);
2233 ide_set_irq(s
->bus
);
2235 case SMART_READ_LOG
:
2236 switch (s
->sector
) {
2237 case 0x01: /* summary smart error log */
2238 memset(s
->io_buffer
, 0, 0x200);
2239 s
->io_buffer
[0] = 0x01;
2240 s
->io_buffer
[1] = 0x00; /* no error entries */
2241 s
->io_buffer
[452] = s
->smart_errors
& 0xff;
2242 s
->io_buffer
[453] = (s
->smart_errors
& 0xff00) >> 8;
2244 for (n
=0; n
<511; n
++)
2245 s
->io_buffer
[511] += s
->io_buffer
[n
];
2246 s
->io_buffer
[511] = 0x100 - s
->io_buffer
[511];
2248 case 0x06: /* smart self test log */
2249 memset(s
->io_buffer
, 0, 0x200);
2250 s
->io_buffer
[0] = 0x01;
2251 if (s
->smart_selftest_count
== 0) {
2252 s
->io_buffer
[508] = 0;
2254 s
->io_buffer
[508] = s
->smart_selftest_count
;
2255 for (n
=2; n
<506; n
++)
2256 s
->io_buffer
[n
] = s
->smart_selftest_data
[n
];
2258 for (n
=0; n
<511; n
++)
2259 s
->io_buffer
[511] += s
->io_buffer
[n
];
2260 s
->io_buffer
[511] = 0x100 - s
->io_buffer
[511];
2265 s
->status
= READY_STAT
| SEEK_STAT
;
2266 ide_transfer_start(s
, s
->io_buffer
, 0x200, ide_transfer_stop
);
2267 ide_set_irq(s
->bus
);
2269 case SMART_EXECUTE_OFFLINE
:
2270 switch (s
->sector
) {
2271 case 0: /* off-line routine */
2272 case 1: /* short self test */
2273 case 2: /* extended self test */
2274 s
->smart_selftest_count
++;
2275 if(s
->smart_selftest_count
> 21)
2276 s
->smart_selftest_count
= 0;
2277 n
= 2 + (s
->smart_selftest_count
- 1) * 24;
2278 s
->smart_selftest_data
[n
] = s
->sector
;
2279 s
->smart_selftest_data
[n
+1] = 0x00; /* OK and finished */
2280 s
->smart_selftest_data
[n
+2] = 0x34; /* hour count lsb */
2281 s
->smart_selftest_data
[n
+3] = 0x12; /* hour count msb */
2282 s
->status
= READY_STAT
| SEEK_STAT
;
2283 ide_set_irq(s
->bus
);
2295 ide_abort_command(s
);
2296 ide_set_irq(s
->bus
);
2302 uint32_t ide_ioport_read(void *opaque
, uint32_t addr1
)
2304 IDEBus
*bus
= opaque
;
2305 IDEState
*s
= idebus_active_if(bus
);
2310 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2311 //hob = s->select & (1 << 7);
2318 if ((!bus
->ifs
[0].bs
&& !bus
->ifs
[1].bs
) ||
2319 (s
!= bus
->ifs
&& !s
->bs
))
2324 ret
= s
->hob_feature
;
2327 if (!bus
->ifs
[0].bs
&& !bus
->ifs
[1].bs
)
2330 ret
= s
->nsector
& 0xff;
2332 ret
= s
->hob_nsector
;
2335 if (!bus
->ifs
[0].bs
&& !bus
->ifs
[1].bs
)
2340 ret
= s
->hob_sector
;
2343 if (!bus
->ifs
[0].bs
&& !bus
->ifs
[1].bs
)
2351 if (!bus
->ifs
[0].bs
&& !bus
->ifs
[1].bs
)
2359 if (!bus
->ifs
[0].bs
&& !bus
->ifs
[1].bs
)
2366 if ((!bus
->ifs
[0].bs
&& !bus
->ifs
[1].bs
) ||
2367 (s
!= bus
->ifs
&& !s
->bs
))
2371 qemu_irq_lower(bus
->irq
);
2375 printf("ide: read addr=0x%x val=%02x\n", addr1
, ret
);
2380 uint32_t ide_status_read(void *opaque
, uint32_t addr
)
2382 IDEBus
*bus
= opaque
;
2383 IDEState
*s
= idebus_active_if(bus
);
2386 if ((!bus
->ifs
[0].bs
&& !bus
->ifs
[1].bs
) ||
2387 (s
!= bus
->ifs
&& !s
->bs
))
2392 printf("ide: read status addr=0x%x val=%02x\n", addr
, ret
);
2397 void ide_cmd_write(void *opaque
, uint32_t addr
, uint32_t val
)
2399 IDEBus
*bus
= opaque
;
2404 printf("ide: write control addr=0x%x val=%02x\n", addr
, val
);
2406 /* common for both drives */
2407 if (!(bus
->cmd
& IDE_CMD_RESET
) &&
2408 (val
& IDE_CMD_RESET
)) {
2409 /* reset low to high */
2410 for(i
= 0;i
< 2; i
++) {
2412 s
->status
= BUSY_STAT
| SEEK_STAT
;
2415 } else if ((bus
->cmd
& IDE_CMD_RESET
) &&
2416 !(val
& IDE_CMD_RESET
)) {
2418 for(i
= 0;i
< 2; i
++) {
2421 s
->status
= 0x00; /* NOTE: READY is _not_ set */
2423 s
->status
= READY_STAT
| SEEK_STAT
;
2424 ide_set_signature(s
);
2431 void ide_data_writew(void *opaque
, uint32_t addr
, uint32_t val
)
2433 IDEBus
*bus
= opaque
;
2434 IDEState
*s
= idebus_active_if(bus
);
2437 /* PIO data access allowed only when DRQ bit is set */
2438 if (!(s
->status
& DRQ_STAT
))
2442 *(uint16_t *)p
= le16_to_cpu(val
);
2445 if (p
>= s
->data_end
)
2446 s
->end_transfer_func(s
);
2449 uint32_t ide_data_readw(void *opaque
, uint32_t addr
)
2451 IDEBus
*bus
= opaque
;
2452 IDEState
*s
= idebus_active_if(bus
);
2456 /* PIO data access allowed only when DRQ bit is set */
2457 if (!(s
->status
& DRQ_STAT
))
2461 ret
= cpu_to_le16(*(uint16_t *)p
);
2464 if (p
>= s
->data_end
)
2465 s
->end_transfer_func(s
);
2469 void ide_data_writel(void *opaque
, uint32_t addr
, uint32_t val
)
2471 IDEBus
*bus
= opaque
;
2472 IDEState
*s
= idebus_active_if(bus
);
2475 /* PIO data access allowed only when DRQ bit is set */
2476 if (!(s
->status
& DRQ_STAT
))
2480 *(uint32_t *)p
= le32_to_cpu(val
);
2483 if (p
>= s
->data_end
)
2484 s
->end_transfer_func(s
);
2487 uint32_t ide_data_readl(void *opaque
, uint32_t addr
)
2489 IDEBus
*bus
= opaque
;
2490 IDEState
*s
= idebus_active_if(bus
);
2494 /* PIO data access allowed only when DRQ bit is set */
2495 if (!(s
->status
& DRQ_STAT
))
2499 ret
= cpu_to_le32(*(uint32_t *)p
);
2502 if (p
>= s
->data_end
)
2503 s
->end_transfer_func(s
);
2507 static void ide_dummy_transfer_stop(IDEState
*s
)
2509 s
->data_ptr
= s
->io_buffer
;
2510 s
->data_end
= s
->io_buffer
;
2511 s
->io_buffer
[0] = 0xff;
2512 s
->io_buffer
[1] = 0xff;
2513 s
->io_buffer
[2] = 0xff;
2514 s
->io_buffer
[3] = 0xff;
2517 static void ide_reset(IDEState
*s
)
2520 printf("ide: reset\n");
2523 s
->mult_sectors
= 0;
2525 s
->mult_sectors
= MAX_MULT_SECTORS
;
2542 s
->status
= READY_STAT
| SEEK_STAT
;
2546 /* ATAPI specific */
2549 s
->cdrom_changed
= 0;
2550 s
->packet_transfer_size
= 0;
2551 s
->elementary_transfer_size
= 0;
2552 s
->io_buffer_index
= 0;
2553 s
->cd_sector_size
= 0;
2556 s
->io_buffer_size
= 0;
2557 s
->req_nb_sectors
= 0;
2559 ide_set_signature(s
);
2560 /* init the transfer handler so that 0xffff is returned on data
2562 s
->end_transfer_func
= ide_dummy_transfer_stop
;
2563 ide_dummy_transfer_stop(s
);
2564 s
->media_changed
= 0;
2567 void ide_bus_reset(IDEBus
*bus
)
2571 ide_reset(&bus
->ifs
[0]);
2572 ide_reset(&bus
->ifs
[1]);
2576 void ide_init_drive(IDEState
*s
, DriveInfo
*dinfo
)
2578 int cylinders
, heads
, secs
;
2579 uint64_t nb_sectors
;
2581 if (dinfo
&& dinfo
->bdrv
) {
2582 s
->bs
= dinfo
->bdrv
;
2583 bdrv_get_geometry(s
->bs
, &nb_sectors
);
2584 bdrv_guess_geometry(s
->bs
, &cylinders
, &heads
, &secs
);
2585 s
->cylinders
= cylinders
;
2588 s
->nb_sectors
= nb_sectors
;
2589 /* The SMART values should be preserved across power cycles
2591 s
->smart_enabled
= 1;
2592 s
->smart_autosave
= 1;
2593 s
->smart_errors
= 0;
2594 s
->smart_selftest_count
= 0;
2595 if (bdrv_get_type_hint(s
->bs
) == BDRV_TYPE_CDROM
) {
2597 bdrv_set_change_cb(s
->bs
, cdrom_change_cb
, s
);
2599 strncpy(s
->drive_serial_str
, drive_get_serial(s
->bs
),
2600 sizeof(s
->drive_serial_str
));
2602 if (strlen(s
->drive_serial_str
) == 0)
2603 snprintf(s
->drive_serial_str
, sizeof(s
->drive_serial_str
),
2604 "QM%05d", s
->drive_serial
);
2608 void ide_init2(IDEBus
*bus
, DriveInfo
*hd0
, DriveInfo
*hd1
,
2612 static int drive_serial
= 1;
2615 for(i
= 0; i
< 2; i
++) {
2619 s
->drive_serial
= drive_serial
++;
2620 s
->io_buffer
= qemu_blockalign(s
->bs
, IDE_DMA_BUF_SECTORS
*512 + 4);
2621 s
->smart_selftest_data
= qemu_blockalign(s
->bs
, 512);
2622 s
->sector_write_timer
= qemu_new_timer(vm_clock
,
2623 ide_sector_write_timer_cb
, s
);
2625 ide_init_drive(s
, hd0
);
2627 ide_init_drive(s
, hd1
);
2632 void ide_init_ioport(IDEBus
*bus
, int iobase
, int iobase2
)
2634 register_ioport_write(iobase
, 8, 1, ide_ioport_write
, bus
);
2635 register_ioport_read(iobase
, 8, 1, ide_ioport_read
, bus
);
2637 register_ioport_read(iobase2
, 1, 1, ide_status_read
, bus
);
2638 register_ioport_write(iobase2
, 1, 1, ide_cmd_write
, bus
);
2642 register_ioport_write(iobase
, 2, 2, ide_data_writew
, bus
);
2643 register_ioport_read(iobase
, 2, 2, ide_data_readw
, bus
);
2644 register_ioport_write(iobase
, 4, 4, ide_data_writel
, bus
);
2645 register_ioport_read(iobase
, 4, 4, ide_data_readl
, bus
);
2648 static bool is_identify_set(void *opaque
, int version_id
)
2650 IDEState
*s
= opaque
;
2652 return s
->identify_set
!= 0;
2655 static int ide_drive_post_load(void *opaque
, int version_id
)
2657 IDEState
*s
= opaque
;
2659 if (version_id
< 3) {
2660 if (s
->sense_key
== SENSE_UNIT_ATTENTION
&&
2661 s
->asc
== ASC_MEDIUM_MAY_HAVE_CHANGED
) {
2662 s
->cdrom_changed
= 1;
2668 const VMStateDescription vmstate_ide_drive
= {
2669 .name
= "ide_drive",
2671 .minimum_version_id
= 0,
2672 .minimum_version_id_old
= 0,
2673 .post_load
= ide_drive_post_load
,
2674 .fields
= (VMStateField
[]) {
2675 VMSTATE_INT32(mult_sectors
, IDEState
),
2676 VMSTATE_INT32(identify_set
, IDEState
),
2677 VMSTATE_BUFFER_TEST(identify_data
, IDEState
, is_identify_set
),
2678 VMSTATE_UINT8(feature
, IDEState
),
2679 VMSTATE_UINT8(error
, IDEState
),
2680 VMSTATE_UINT32(nsector
, IDEState
),
2681 VMSTATE_UINT8(sector
, IDEState
),
2682 VMSTATE_UINT8(lcyl
, IDEState
),
2683 VMSTATE_UINT8(hcyl
, IDEState
),
2684 VMSTATE_UINT8(hob_feature
, IDEState
),
2685 VMSTATE_UINT8(hob_sector
, IDEState
),
2686 VMSTATE_UINT8(hob_nsector
, IDEState
),
2687 VMSTATE_UINT8(hob_lcyl
, IDEState
),
2688 VMSTATE_UINT8(hob_hcyl
, IDEState
),
2689 VMSTATE_UINT8(select
, IDEState
),
2690 VMSTATE_UINT8(status
, IDEState
),
2691 VMSTATE_UINT8(lba48
, IDEState
),
2692 VMSTATE_UINT8(sense_key
, IDEState
),
2693 VMSTATE_UINT8(asc
, IDEState
),
2694 VMSTATE_UINT8_V(cdrom_changed
, IDEState
, 3),
2695 /* XXX: if a transfer is pending, we do not save it yet */
2696 VMSTATE_END_OF_LIST()
2700 const VMStateDescription vmstate_ide_bus
= {
2703 .minimum_version_id
= 1,
2704 .minimum_version_id_old
= 1,
2705 .fields
= (VMStateField
[]) {
2706 VMSTATE_UINT8(cmd
, IDEBus
),
2707 VMSTATE_UINT8(unit
, IDEBus
),
2708 VMSTATE_END_OF_LIST()
2712 /***********************************************************/
2713 /* PCI IDE definitions */
2715 static void ide_dma_start(IDEState
*s
, BlockDriverCompletionFunc
*dma_cb
)
2717 BMDMAState
*bm
= s
->bus
->bmdma
;
2721 bm
->dma_cb
= dma_cb
;
2722 bm
->cur_prd_last
= 0;
2723 bm
->cur_prd_addr
= 0;
2724 bm
->cur_prd_len
= 0;
2725 bm
->sector_num
= ide_get_sector(s
);
2726 bm
->nsector
= s
->nsector
;
2727 if (bm
->status
& BM_STATUS_DMAING
) {
2732 static void ide_dma_restart(IDEState
*s
, int is_read
)
2734 BMDMAState
*bm
= s
->bus
->bmdma
;
2735 ide_set_sector(s
, bm
->sector_num
);
2736 s
->io_buffer_index
= 0;
2737 s
->io_buffer_size
= 0;
2738 s
->nsector
= bm
->nsector
;
2739 bm
->cur_addr
= bm
->addr
;
2742 bm
->dma_cb
= ide_read_dma_cb
;
2744 bm
->dma_cb
= ide_write_dma_cb
;
2747 ide_dma_start(s
, bm
->dma_cb
);
2750 void ide_dma_cancel(BMDMAState
*bm
)
2752 if (bm
->status
& BM_STATUS_DMAING
) {
2753 bm
->status
&= ~BM_STATUS_DMAING
;
2754 /* cancel DMA request */
2759 printf("aio_cancel\n");
2761 bdrv_aio_cancel(bm
->aiocb
);
2767 void ide_dma_reset(BMDMAState
*bm
)
2770 printf("ide: dma_reset\n");
2777 bm
->cur_prd_last
= 0;
2778 bm
->cur_prd_addr
= 0;
2779 bm
->cur_prd_len
= 0;