2 * QEMU IDE Emulation: PCI Bus support.
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
26 #include <hw/i386/pc.h>
27 #include <hw/pci/pci.h>
28 #include <hw/isa/isa.h>
29 #include "sysemu/block-backend.h"
30 #include "sysemu/dma.h"
31 #include "qemu/error-report.h"
32 #include <hw/ide/pci.h>
34 #define BMDMA_PAGE_SIZE 4096
36 #define BM_MIGRATION_COMPAT_STATUS_BITS \
37 (IDE_RETRY_DMA | IDE_RETRY_PIO | \
38 IDE_RETRY_READ | IDE_RETRY_FLUSH)
40 static void bmdma_start_dma(IDEDMA *dma, IDEState *s,
41 BlockCompletionFunc *dma_cb)
43 BMDMAState *bm = DO_UPCAST(BMDMAState, dma, dma);
50 bm->sector_num = ide_get_sector(s);
51 bm->nsector = s->nsector;
53 if (bm->status & BM_STATUS_DMAING) {
54 bm->dma_cb(bmdma_active_if(bm), 0);
59 * Return the number of bytes successfully prepared.
62 static int32_t bmdma_prepare_buf(IDEDMA *dma, int is_write)
64 BMDMAState *bm = DO_UPCAST(BMDMAState, dma, dma);
65 IDEState *s = bmdma_active_if(bm);
66 PCIDevice *pci_dev = PCI_DEVICE(bm->pci_dev);
73 pci_dma_sglist_init(&s->sg, pci_dev,
74 s->nsector / (BMDMA_PAGE_SIZE / 512) + 1);
75 s->io_buffer_size = 0;
77 if (bm->cur_prd_len == 0) {
78 /* end of table (with a fail safe of one page) */
79 if (bm->cur_prd_last ||
80 (bm->cur_addr - bm->addr) >= BMDMA_PAGE_SIZE) {
81 return s->io_buffer_size;
83 pci_dma_read(pci_dev, bm->cur_addr, &prd, 8);
85 prd.addr = le32_to_cpu(prd.addr);
86 prd.size = le32_to_cpu(prd.size);
87 len = prd.size & 0xfffe;
90 bm->cur_prd_len = len;
91 bm->cur_prd_addr = prd.addr;
92 bm->cur_prd_last = (prd.size & 0x80000000);
96 qemu_sglist_add(&s->sg, bm->cur_prd_addr, l);
98 /* Note: We limit the max transfer to be 2GiB.
99 * This should accommodate the largest ATA transaction
100 * for LBA48 (65,536 sectors) and 32K sector sizes. */
101 if (s->sg.size > INT32_MAX) {
102 error_report("IDE: sglist describes more than 2GiB.\n");
105 bm->cur_prd_addr += l;
106 bm->cur_prd_len -= l;
107 s->io_buffer_size += l;
111 qemu_sglist_destroy(&s->sg);
112 s->io_buffer_size = 0;
116 /* return 0 if buffer completed */
117 static int bmdma_rw_buf(IDEDMA *dma, int is_write)
119 BMDMAState *bm = DO_UPCAST(BMDMAState, dma, dma);
120 IDEState *s = bmdma_active_if(bm);
121 PCIDevice *pci_dev = PCI_DEVICE(bm->pci_dev);
129 l = s->io_buffer_size - s->io_buffer_index;
132 if (bm->cur_prd_len == 0) {
133 /* end of table (with a fail safe of one page) */
134 if (bm->cur_prd_last ||
135 (bm->cur_addr - bm->addr) >= BMDMA_PAGE_SIZE)
137 pci_dma_read(pci_dev, bm->cur_addr, &prd, 8);
139 prd.addr = le32_to_cpu(prd.addr);
140 prd.size = le32_to_cpu(prd.size);
141 len = prd.size & 0xfffe;
144 bm->cur_prd_len = len;
145 bm->cur_prd_addr = prd.addr;
146 bm->cur_prd_last = (prd.size & 0x80000000);
148 if (l > bm->cur_prd_len)
152 pci_dma_write(pci_dev, bm->cur_prd_addr,
153 s->io_buffer + s->io_buffer_index, l);
155 pci_dma_read(pci_dev, bm->cur_prd_addr,
156 s->io_buffer + s->io_buffer_index, l);
158 bm->cur_prd_addr += l;
159 bm->cur_prd_len -= l;
160 s->io_buffer_index += l;
166 static int bmdma_set_unit(IDEDMA *dma, int unit)
168 BMDMAState *bm = DO_UPCAST(BMDMAState, dma, dma);
174 static void bmdma_set_inactive(IDEDMA *dma, bool more)
176 BMDMAState *bm = DO_UPCAST(BMDMAState, dma, dma);
181 bm->status |= BM_STATUS_DMAING;
183 bm->status &= ~BM_STATUS_DMAING;
187 static void bmdma_restart_dma(BMDMAState *bm, enum ide_dma_cmd dma_cmd)
189 IDEState *s = bmdma_active_if(bm);
191 ide_set_sector(s, bm->sector_num);
192 s->io_buffer_index = 0;
193 s->io_buffer_size = 0;
194 s->nsector = bm->nsector;
195 s->dma_cmd = dma_cmd;
196 bm->cur_addr = bm->addr;
197 bm->dma_cb = ide_dma_cb;
198 bmdma_start_dma(&bm->dma, s, bm->dma_cb);
201 /* TODO This should be common IDE code */
202 static void bmdma_restart_bh(void *opaque)
204 BMDMAState *bm = opaque;
205 IDEBus *bus = bm->bus;
209 qemu_bh_delete(bm->bh);
212 if (bm->unit == (uint8_t) -1) {
216 is_read = (bus->error_status & IDE_RETRY_READ) != 0;
218 /* The error status must be cleared before resubmitting the request: The
219 * request may fail again, and this case can only be distinguished if the
220 * called function can set a new error status. */
221 error_status = bus->error_status;
222 bus->error_status = 0;
224 if (error_status & IDE_RETRY_DMA) {
225 if (error_status & IDE_RETRY_TRIM) {
226 bmdma_restart_dma(bm, IDE_DMA_TRIM);
228 bmdma_restart_dma(bm, is_read ? IDE_DMA_READ : IDE_DMA_WRITE);
230 } else if (error_status & IDE_RETRY_PIO) {
232 ide_sector_read(bmdma_active_if(bm));
234 ide_sector_write(bmdma_active_if(bm));
236 } else if (error_status & IDE_RETRY_FLUSH) {
237 ide_flush_cache(bmdma_active_if(bm));
239 IDEState *s = bmdma_active_if(bm);
242 * We've not got any bits to tell us about ATAPI - but
243 * we do have the end_transfer_func that tells us what
244 * we're trying to do.
246 if (s->end_transfer_func == ide_atapi_cmd) {
247 ide_atapi_dma_restart(s);
252 static void bmdma_restart_cb(void *opaque, int running, RunState state)
254 IDEDMA *dma = opaque;
255 BMDMAState *bm = DO_UPCAST(BMDMAState, dma, dma);
261 bm->bh = qemu_bh_new(bmdma_restart_bh, &bm->dma);
262 qemu_bh_schedule(bm->bh);
266 static void bmdma_cancel(BMDMAState *bm)
268 if (bm->status & BM_STATUS_DMAING) {
269 /* cancel DMA request */
270 bmdma_set_inactive(&bm->dma, false);
274 static void bmdma_reset(IDEDMA *dma)
276 BMDMAState *bm = DO_UPCAST(BMDMAState, dma, dma);
279 printf("ide: dma_reset\n");
286 bm->cur_prd_last = 0;
287 bm->cur_prd_addr = 0;
293 static void bmdma_irq(void *opaque, int n, int level)
295 BMDMAState *bm = opaque;
298 /* pass through lower */
299 qemu_set_irq(bm->irq, level);
303 bm->status |= BM_STATUS_INT;
305 /* trigger the real irq */
306 qemu_set_irq(bm->irq, level);
309 void bmdma_cmd_writeb(BMDMAState *bm, uint32_t val)
312 printf("%s: 0x%08x\n", __func__, val);
315 /* Ignore writes to SSBM if it keeps the old value */
316 if ((val & BM_CMD_START) != (bm->cmd & BM_CMD_START)) {
317 if (!(val & BM_CMD_START)) {
319 * We can't cancel Scatter Gather DMA in the middle of the
320 * operation or a partial (not full) DMA transfer would reach
321 * the storage so we wait for completion instead (we beahve
322 * like if the DMA was completed by the time the guest trying
323 * to cancel dma with bmdma_cmd_writeb with BM_CMD_START not
326 * In the future we'll be able to safely cancel the I/O if the
327 * whole DMA operation will be submitted to disk with a single
328 * aio operation with preadv/pwritev.
330 if (bm->bus->dma->aiocb) {
332 assert(bm->bus->dma->aiocb == NULL);
334 bm->status &= ~BM_STATUS_DMAING;
336 bm->cur_addr = bm->addr;
337 if (!(bm->status & BM_STATUS_DMAING)) {
338 bm->status |= BM_STATUS_DMAING;
339 /* start dma transfer if possible */
341 bm->dma_cb(bmdma_active_if(bm), 0);
346 bm->cmd = val & 0x09;
349 static uint64_t bmdma_addr_read(void *opaque, hwaddr addr,
352 BMDMAState *bm = opaque;
353 uint32_t mask = (1ULL << (width * 8)) - 1;
356 data = (bm->addr >> (addr * 8)) & mask;
358 printf("%s: 0x%08x\n", __func__, (unsigned)data);
363 static void bmdma_addr_write(void *opaque, hwaddr addr,
364 uint64_t data, unsigned width)
366 BMDMAState *bm = opaque;
367 int shift = addr * 8;
368 uint32_t mask = (1ULL << (width * 8)) - 1;
371 printf("%s: 0x%08x\n", __func__, (unsigned)data);
373 bm->addr &= ~(mask << shift);
374 bm->addr |= ((data & mask) << shift) & ~3;
377 MemoryRegionOps bmdma_addr_ioport_ops = {
378 .read = bmdma_addr_read,
379 .write = bmdma_addr_write,
380 .endianness = DEVICE_LITTLE_ENDIAN,
383 static bool ide_bmdma_current_needed(void *opaque)
385 BMDMAState *bm = opaque;
387 return (bm->cur_prd_len != 0);
390 static bool ide_bmdma_status_needed(void *opaque)
392 BMDMAState *bm = opaque;
394 /* Older versions abused some bits in the status register for internal
395 * error state. If any of these bits are set, we must add a subsection to
396 * transfer the real status register */
397 uint8_t abused_bits = BM_MIGRATION_COMPAT_STATUS_BITS;
399 return ((bm->status & abused_bits) != 0);
402 static void ide_bmdma_pre_save(void *opaque)
404 BMDMAState *bm = opaque;
405 uint8_t abused_bits = BM_MIGRATION_COMPAT_STATUS_BITS;
407 bm->migration_compat_status =
408 (bm->status & ~abused_bits) | (bm->bus->error_status & abused_bits);
411 /* This function accesses bm->bus->error_status which is loaded only after
412 * BMDMA itself. This is why the function is called from ide_pci_post_load
413 * instead of being registered with VMState where it would run too early. */
414 static int ide_bmdma_post_load(void *opaque, int version_id)
416 BMDMAState *bm = opaque;
417 uint8_t abused_bits = BM_MIGRATION_COMPAT_STATUS_BITS;
419 if (bm->status == 0) {
420 bm->status = bm->migration_compat_status & ~abused_bits;
421 bm->bus->error_status |= bm->migration_compat_status & abused_bits;
427 static const VMStateDescription vmstate_bmdma_current = {
428 .name = "ide bmdma_current",
430 .minimum_version_id = 1,
431 .fields = (VMStateField[]) {
432 VMSTATE_UINT32(cur_addr, BMDMAState),
433 VMSTATE_UINT32(cur_prd_last, BMDMAState),
434 VMSTATE_UINT32(cur_prd_addr, BMDMAState),
435 VMSTATE_UINT32(cur_prd_len, BMDMAState),
436 VMSTATE_END_OF_LIST()
440 static const VMStateDescription vmstate_bmdma_status = {
441 .name ="ide bmdma/status",
443 .minimum_version_id = 1,
444 .fields = (VMStateField[]) {
445 VMSTATE_UINT8(status, BMDMAState),
446 VMSTATE_END_OF_LIST()
450 static const VMStateDescription vmstate_bmdma = {
453 .minimum_version_id = 0,
454 .pre_save = ide_bmdma_pre_save,
455 .fields = (VMStateField[]) {
456 VMSTATE_UINT8(cmd, BMDMAState),
457 VMSTATE_UINT8(migration_compat_status, BMDMAState),
458 VMSTATE_UINT32(addr, BMDMAState),
459 VMSTATE_INT64(sector_num, BMDMAState),
460 VMSTATE_UINT32(nsector, BMDMAState),
461 VMSTATE_UINT8(unit, BMDMAState),
462 VMSTATE_END_OF_LIST()
464 .subsections = (VMStateSubsection []) {
466 .vmsd = &vmstate_bmdma_current,
467 .needed = ide_bmdma_current_needed,
469 .vmsd = &vmstate_bmdma_status,
470 .needed = ide_bmdma_status_needed,
477 static int ide_pci_post_load(void *opaque, int version_id)
479 PCIIDEState *d = opaque;
482 for(i = 0; i < 2; i++) {
483 /* current versions always store 0/1, but older version
484 stored bigger values. We only need last bit */
485 d->bmdma[i].unit &= 1;
486 ide_bmdma_post_load(&d->bmdma[i], -1);
492 const VMStateDescription vmstate_ide_pci = {
495 .minimum_version_id = 0,
496 .post_load = ide_pci_post_load,
497 .fields = (VMStateField[]) {
498 VMSTATE_PCI_DEVICE(parent_obj, PCIIDEState),
499 VMSTATE_STRUCT_ARRAY(bmdma, PCIIDEState, 2, 0,
500 vmstate_bmdma, BMDMAState),
501 VMSTATE_IDE_BUS_ARRAY(bus, PCIIDEState, 2),
502 VMSTATE_IDE_DRIVES(bus[0].ifs, PCIIDEState),
503 VMSTATE_IDE_DRIVES(bus[1].ifs, PCIIDEState),
504 VMSTATE_END_OF_LIST()
508 void pci_ide_create_devs(PCIDevice *dev, DriveInfo **hd_table)
510 PCIIDEState *d = PCI_IDE(dev);
511 static const int bus[4] = { 0, 0, 1, 1 };
512 static const int unit[4] = { 0, 1, 0, 1 };
515 for (i = 0; i < 4; i++) {
516 if (hd_table[i] == NULL)
518 ide_create_drive(d->bus+bus[i], unit[i], hd_table[i]);
522 static const struct IDEDMAOps bmdma_ops = {
523 .start_dma = bmdma_start_dma,
524 .prepare_buf = bmdma_prepare_buf,
525 .rw_buf = bmdma_rw_buf,
526 .set_unit = bmdma_set_unit,
527 .set_inactive = bmdma_set_inactive,
528 .restart_cb = bmdma_restart_cb,
529 .reset = bmdma_reset,
532 void bmdma_init(IDEBus *bus, BMDMAState *bm, PCIIDEState *d)
536 if (bus->dma == &bm->dma) {
540 bm->dma.ops = &bmdma_ops;
543 irq = qemu_allocate_irqs(bmdma_irq, bm, 1);
548 static const TypeInfo pci_ide_type_info = {
549 .name = TYPE_PCI_IDE,
550 .parent = TYPE_PCI_DEVICE,
551 .instance_size = sizeof(PCIIDEState),
555 static void pci_ide_register_types(void)
557 type_register_static(&pci_ide_type_info);
560 type_init(pci_ide_register_types)