2 * QEMU IDE disk and CD/DVD-ROM Emulator
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
29 #include "qemu-error.h"
30 #include "qemu-timer.h"
34 #include "block_int.h"
36 #include <hw/ide/internal.h>
38 /* These values were based on a Seagate ST3500418AS but have been modified
39 to make more sense in QEMU */
40 static const int smart_attributes[][12] = {
41 /* id, flags, hflags, val, wrst, raw (6 bytes), threshold */
42 /* raw read error rate*/
43 { 0x01, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06},
45 { 0x03, 0x03, 0x00, 0x64, 0x64, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
46 /* start stop count */
47 { 0x04, 0x02, 0x00, 0x64, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x14},
48 /* remapped sectors */
49 { 0x05, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x24},
51 { 0x09, 0x03, 0x00, 0x64, 0x64, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
52 /* power cycle count */
53 { 0x0c, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
54 /* airflow-temperature-celsius */
55 { 190, 0x03, 0x00, 0x45, 0x45, 0x1f, 0x00, 0x1f, 0x1f, 0x00, 0x00, 0x32},
57 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}
60 static int ide_handle_rw_error(IDEState *s, int error, int op);
61 static void ide_dummy_transfer_stop(IDEState *s);
63 static void padstr(char *str, const char *src, int len)
66 for(i = 0; i < len; i++) {
75 static void put_le16(uint16_t *p, unsigned int v)
80 static void ide_identify(IDEState *s)
84 IDEDevice *dev = s->unit ? s->bus->slave : s->bus->master;
86 if (s->identify_set) {
87 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
91 memset(s->io_buffer, 0, 512);
92 p = (uint16_t *)s->io_buffer;
93 put_le16(p + 0, 0x0040);
94 put_le16(p + 1, s->cylinders);
95 put_le16(p + 3, s->heads);
96 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
97 put_le16(p + 5, 512); /* XXX: retired, remove ? */
98 put_le16(p + 6, s->sectors);
99 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
100 put_le16(p + 20, 3); /* XXX: retired, remove ? */
101 put_le16(p + 21, 512); /* cache size in sectors */
102 put_le16(p + 22, 4); /* ecc bytes */
103 padstr((char *)(p + 23), s->version, 8); /* firmware version */
104 padstr((char *)(p + 27), "QEMU HARDDISK", 40); /* model */
105 #if MAX_MULT_SECTORS > 1
106 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
108 put_le16(p + 48, 1); /* dword I/O */
109 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
110 put_le16(p + 51, 0x200); /* PIO transfer cycle */
111 put_le16(p + 52, 0x200); /* DMA transfer cycle */
112 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
113 put_le16(p + 54, s->cylinders);
114 put_le16(p + 55, s->heads);
115 put_le16(p + 56, s->sectors);
116 oldsize = s->cylinders * s->heads * s->sectors;
117 put_le16(p + 57, oldsize);
118 put_le16(p + 58, oldsize >> 16);
120 put_le16(p + 59, 0x100 | s->mult_sectors);
121 put_le16(p + 60, s->nb_sectors);
122 put_le16(p + 61, s->nb_sectors >> 16);
123 put_le16(p + 62, 0x07); /* single word dma0-2 supported */
124 put_le16(p + 63, 0x07); /* mdma0-2 supported */
125 put_le16(p + 64, 0x03); /* pio3-4 supported */
126 put_le16(p + 65, 120);
127 put_le16(p + 66, 120);
128 put_le16(p + 67, 120);
129 put_le16(p + 68, 120);
130 if (dev && dev->conf.discard_granularity) {
131 put_le16(p + 69, (1 << 14)); /* determinate TRIM behavior */
135 put_le16(p + 75, s->ncq_queues - 1);
137 put_le16(p + 76, (1 << 8));
140 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
141 put_le16(p + 81, 0x16); /* conforms to ata5 */
142 /* 14=NOP supported, 5=WCACHE supported, 0=SMART supported */
143 put_le16(p + 82, (1 << 14) | (1 << 5) | 1);
144 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
145 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
146 /* 14=set to 1, 1=SMART self test, 0=SMART error logging */
147 put_le16(p + 84, (1 << 14) | 0);
148 /* 14 = NOP supported, 5=WCACHE enabled, 0=SMART feature set enabled */
149 if (bdrv_enable_write_cache(s->bs))
150 put_le16(p + 85, (1 << 14) | (1 << 5) | 1);
152 put_le16(p + 85, (1 << 14) | 1);
153 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
154 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
155 /* 14=set to 1, 1=smart self test, 0=smart error logging */
156 put_le16(p + 87, (1 << 14) | 0);
157 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
158 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
159 put_le16(p + 100, s->nb_sectors);
160 put_le16(p + 101, s->nb_sectors >> 16);
161 put_le16(p + 102, s->nb_sectors >> 32);
162 put_le16(p + 103, s->nb_sectors >> 48);
164 if (dev && dev->conf.physical_block_size)
165 put_le16(p + 106, 0x6000 | get_physical_block_exp(&dev->conf));
166 if (dev && dev->conf.discard_granularity) {
167 put_le16(p + 169, 1); /* TRIM support */
170 memcpy(s->identify_data, p, sizeof(s->identify_data));
174 static void ide_atapi_identify(IDEState *s)
178 if (s->identify_set) {
179 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
183 memset(s->io_buffer, 0, 512);
184 p = (uint16_t *)s->io_buffer;
185 /* Removable CDROM, 50us response, 12 byte packets */
186 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
187 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
188 put_le16(p + 20, 3); /* buffer type */
189 put_le16(p + 21, 512); /* cache size in sectors */
190 put_le16(p + 22, 4); /* ecc bytes */
191 padstr((char *)(p + 23), s->version, 8); /* firmware version */
192 padstr((char *)(p + 27), "QEMU DVD-ROM", 40); /* model */
193 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
195 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
196 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
197 put_le16(p + 62, 7); /* single word dma0-2 supported */
198 put_le16(p + 63, 7); /* mdma0-2 supported */
200 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
201 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
202 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
204 put_le16(p + 64, 3); /* pio3-4 supported */
205 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
206 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
207 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
208 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
210 put_le16(p + 71, 30); /* in ns */
211 put_le16(p + 72, 30); /* in ns */
214 put_le16(p + 75, s->ncq_queues - 1);
216 put_le16(p + 76, (1 << 8));
219 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
221 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
223 memcpy(s->identify_data, p, sizeof(s->identify_data));
227 static void ide_cfata_identify(IDEState *s)
232 p = (uint16_t *) s->identify_data;
236 memset(p, 0, sizeof(s->identify_data));
238 cur_sec = s->cylinders * s->heads * s->sectors;
240 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
241 put_le16(p + 1, s->cylinders); /* Default cylinders */
242 put_le16(p + 3, s->heads); /* Default heads */
243 put_le16(p + 6, s->sectors); /* Default sectors per track */
244 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
245 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
246 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
247 put_le16(p + 22, 0x0004); /* ECC bytes */
248 padstr((char *) (p + 23), s->version, 8); /* Firmware Revision */
249 padstr((char *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */
250 #if MAX_MULT_SECTORS > 1
251 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
253 put_le16(p + 47, 0x0000);
255 put_le16(p + 49, 0x0f00); /* Capabilities */
256 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
257 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
258 put_le16(p + 53, 0x0003); /* Translation params valid */
259 put_le16(p + 54, s->cylinders); /* Current cylinders */
260 put_le16(p + 55, s->heads); /* Current heads */
261 put_le16(p + 56, s->sectors); /* Current sectors */
262 put_le16(p + 57, cur_sec); /* Current capacity */
263 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
264 if (s->mult_sectors) /* Multiple sector setting */
265 put_le16(p + 59, 0x100 | s->mult_sectors);
266 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
267 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
268 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
269 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
270 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
271 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
272 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
273 put_le16(p + 82, 0x400c); /* Command Set supported */
274 put_le16(p + 83, 0x7068); /* Command Set supported */
275 put_le16(p + 84, 0x4000); /* Features supported */
276 put_le16(p + 85, 0x000c); /* Command Set enabled */
277 put_le16(p + 86, 0x7044); /* Command Set enabled */
278 put_le16(p + 87, 0x4000); /* Features enabled */
279 put_le16(p + 91, 0x4060); /* Current APM level */
280 put_le16(p + 129, 0x0002); /* Current features option */
281 put_le16(p + 130, 0x0005); /* Reassigned sectors */
282 put_le16(p + 131, 0x0001); /* Initial power mode */
283 put_le16(p + 132, 0x0000); /* User signature */
284 put_le16(p + 160, 0x8100); /* Power requirement */
285 put_le16(p + 161, 0x8001); /* CF command set */
290 memcpy(s->io_buffer, p, sizeof(s->identify_data));
293 static void ide_set_signature(IDEState *s)
295 s->select &= 0xf0; /* clear head */
299 if (s->drive_kind == IDE_CD) {
311 typedef struct TrimAIOCB {
312 BlockDriverAIOCB common;
317 static void trim_aio_cancel(BlockDriverAIOCB *acb)
319 TrimAIOCB *iocb = container_of(acb, TrimAIOCB, common);
321 qemu_bh_delete(iocb->bh);
323 qemu_aio_release(iocb);
326 static AIOPool trim_aio_pool = {
327 .aiocb_size = sizeof(TrimAIOCB),
328 .cancel = trim_aio_cancel,
331 static void ide_trim_bh_cb(void *opaque)
333 TrimAIOCB *iocb = opaque;
335 iocb->common.cb(iocb->common.opaque, iocb->ret);
337 qemu_bh_delete(iocb->bh);
340 qemu_aio_release(iocb);
343 BlockDriverAIOCB *ide_issue_trim(BlockDriverState *bs,
344 int64_t sector_num, QEMUIOVector *qiov, int nb_sectors,
345 BlockDriverCompletionFunc *cb, void *opaque)
350 iocb = qemu_aio_get(&trim_aio_pool, bs, cb, opaque);
351 iocb->bh = qemu_bh_new(ide_trim_bh_cb, iocb);
354 for (j = 0; j < qiov->niov; j++) {
355 uint64_t *buffer = qiov->iov[j].iov_base;
357 for (i = 0; i < qiov->iov[j].iov_len / 8; i++) {
358 /* 6-byte LBA + 2-byte range per entry */
359 uint64_t entry = le64_to_cpu(buffer[i]);
360 uint64_t sector = entry & 0x0000ffffffffffffULL;
361 uint16_t count = entry >> 48;
367 ret = bdrv_discard(bs, sector, count);
374 qemu_bh_schedule(iocb->bh);
376 return &iocb->common;
379 static inline void ide_abort_command(IDEState *s)
381 s->status = READY_STAT | ERR_STAT;
385 /* prepare data transfer and tell what to do after */
386 void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
387 EndTransferFunc *end_transfer_func)
389 s->end_transfer_func = end_transfer_func;
391 s->data_end = buf + size;
392 if (!(s->status & ERR_STAT)) {
393 s->status |= DRQ_STAT;
395 s->bus->dma->ops->start_transfer(s->bus->dma);
398 void ide_transfer_stop(IDEState *s)
400 s->end_transfer_func = ide_transfer_stop;
401 s->data_ptr = s->io_buffer;
402 s->data_end = s->io_buffer;
403 s->status &= ~DRQ_STAT;
406 int64_t ide_get_sector(IDEState *s)
409 if (s->select & 0x40) {
412 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
413 (s->lcyl << 8) | s->sector;
415 sector_num = ((int64_t)s->hob_hcyl << 40) |
416 ((int64_t) s->hob_lcyl << 32) |
417 ((int64_t) s->hob_sector << 24) |
418 ((int64_t) s->hcyl << 16) |
419 ((int64_t) s->lcyl << 8) | s->sector;
422 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
423 (s->select & 0x0f) * s->sectors + (s->sector - 1);
428 void ide_set_sector(IDEState *s, int64_t sector_num)
431 if (s->select & 0x40) {
433 s->select = (s->select & 0xf0) | (sector_num >> 24);
434 s->hcyl = (sector_num >> 16);
435 s->lcyl = (sector_num >> 8);
436 s->sector = (sector_num);
438 s->sector = sector_num;
439 s->lcyl = sector_num >> 8;
440 s->hcyl = sector_num >> 16;
441 s->hob_sector = sector_num >> 24;
442 s->hob_lcyl = sector_num >> 32;
443 s->hob_hcyl = sector_num >> 40;
446 cyl = sector_num / (s->heads * s->sectors);
447 r = sector_num % (s->heads * s->sectors);
450 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
451 s->sector = (r % s->sectors) + 1;
455 static void ide_rw_error(IDEState *s) {
456 ide_abort_command(s);
460 void ide_sector_read(IDEState *s)
465 s->status = READY_STAT | SEEK_STAT;
466 s->error = 0; /* not needed by IDE spec, but needed by Windows */
467 sector_num = ide_get_sector(s);
470 /* no more sector to read from disk */
471 ide_transfer_stop(s);
473 #if defined(DEBUG_IDE)
474 printf("read sector=%" PRId64 "\n", sector_num);
476 if (n > s->req_nb_sectors)
477 n = s->req_nb_sectors;
479 bdrv_acct_start(s->bs, &s->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ);
480 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
481 bdrv_acct_done(s->bs, &s->acct);
483 if (ide_handle_rw_error(s, -ret,
484 BM_STATUS_PIO_RETRY | BM_STATUS_RETRY_READ))
489 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
491 ide_set_sector(s, sector_num + n);
496 static void dma_buf_commit(IDEState *s)
498 qemu_sglist_destroy(&s->sg);
501 void ide_set_inactive(IDEState *s)
503 s->bus->dma->aiocb = NULL;
504 s->bus->dma->ops->set_inactive(s->bus->dma);
507 void ide_dma_error(IDEState *s)
509 ide_transfer_stop(s);
511 s->status = READY_STAT | ERR_STAT;
516 static int ide_handle_rw_error(IDEState *s, int error, int op)
518 int is_read = (op & BM_STATUS_RETRY_READ);
519 BlockErrorAction action = bdrv_get_on_error(s->bs, is_read);
521 if (action == BLOCK_ERR_IGNORE) {
522 bdrv_mon_event(s->bs, BDRV_ACTION_IGNORE, is_read);
526 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
527 || action == BLOCK_ERR_STOP_ANY) {
528 s->bus->dma->ops->set_unit(s->bus->dma, s->unit);
529 s->bus->error_status = op;
530 bdrv_mon_event(s->bs, BDRV_ACTION_STOP, is_read);
531 vm_stop(RUN_STATE_IO_ERROR);
532 bdrv_iostatus_set_err(s->bs, error);
534 if (op & BM_STATUS_DMA_RETRY) {
540 bdrv_mon_event(s->bs, BDRV_ACTION_REPORT, is_read);
546 void ide_dma_cb(void *opaque, int ret)
548 IDEState *s = opaque;
553 int op = BM_STATUS_DMA_RETRY;
555 if (s->dma_cmd == IDE_DMA_READ)
556 op |= BM_STATUS_RETRY_READ;
557 else if (s->dma_cmd == IDE_DMA_TRIM)
558 op |= BM_STATUS_RETRY_TRIM;
560 if (ide_handle_rw_error(s, -ret, op)) {
565 n = s->io_buffer_size >> 9;
566 sector_num = ide_get_sector(s);
570 ide_set_sector(s, sector_num);
574 /* end of transfer ? */
575 if (s->nsector == 0) {
576 s->status = READY_STAT | SEEK_STAT;
581 /* launch next transfer */
583 s->io_buffer_index = 0;
584 s->io_buffer_size = n * 512;
585 if (s->bus->dma->ops->prepare_buf(s->bus->dma, ide_cmd_is_read(s)) == 0) {
586 /* The PRDs were too short. Reset the Active bit, but don't raise an
592 printf("ide_dma_cb: sector_num=%" PRId64 " n=%d, cmd_cmd=%d\n",
593 sector_num, n, s->dma_cmd);
596 switch (s->dma_cmd) {
598 s->bus->dma->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num,
602 s->bus->dma->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num,
606 s->bus->dma->aiocb = dma_bdrv_io(s->bs, &s->sg, sector_num,
607 ide_issue_trim, ide_dma_cb, s, true);
613 if (s->dma_cmd == IDE_DMA_READ || s->dma_cmd == IDE_DMA_WRITE) {
614 bdrv_acct_done(s->bs, &s->acct);
619 static void ide_sector_start_dma(IDEState *s, enum ide_dma_cmd dma_cmd)
621 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
622 s->io_buffer_index = 0;
623 s->io_buffer_size = 0;
624 s->dma_cmd = dma_cmd;
628 bdrv_acct_start(s->bs, &s->acct, s->nsector * BDRV_SECTOR_SIZE,
632 bdrv_acct_start(s->bs, &s->acct, s->nsector * BDRV_SECTOR_SIZE,
639 s->bus->dma->ops->start_dma(s->bus->dma, s, ide_dma_cb);
642 static void ide_sector_write_timer_cb(void *opaque)
644 IDEState *s = opaque;
648 void ide_sector_write(IDEState *s)
653 s->status = READY_STAT | SEEK_STAT;
654 sector_num = ide_get_sector(s);
655 #if defined(DEBUG_IDE)
656 printf("write sector=%" PRId64 "\n", sector_num);
659 if (n > s->req_nb_sectors)
660 n = s->req_nb_sectors;
662 bdrv_acct_start(s->bs, &s->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ);
663 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
664 bdrv_acct_done(s->bs, &s->acct);
667 if (ide_handle_rw_error(s, -ret, BM_STATUS_PIO_RETRY))
672 if (s->nsector == 0) {
673 /* no more sectors to write */
674 ide_transfer_stop(s);
677 if (n1 > s->req_nb_sectors)
678 n1 = s->req_nb_sectors;
679 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
681 ide_set_sector(s, sector_num + n);
683 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
684 /* It seems there is a bug in the Windows 2000 installer HDD
685 IDE driver which fills the disk with empty logs when the
686 IDE write IRQ comes too early. This hack tries to correct
687 that at the expense of slower write performances. Use this
688 option _only_ to install Windows 2000. You must disable it
690 qemu_mod_timer(s->sector_write_timer,
691 qemu_get_clock_ns(vm_clock) + (get_ticks_per_sec() / 1000));
697 static void ide_flush_cb(void *opaque, int ret)
699 IDEState *s = opaque;
702 /* XXX: What sector number to set here? */
703 if (ide_handle_rw_error(s, -ret, BM_STATUS_RETRY_FLUSH)) {
708 bdrv_acct_done(s->bs, &s->acct);
709 s->status = READY_STAT | SEEK_STAT;
713 void ide_flush_cache(IDEState *s)
720 bdrv_acct_start(s->bs, &s->acct, 0, BDRV_ACCT_FLUSH);
721 bdrv_aio_flush(s->bs, ide_flush_cb, s);
724 static void ide_cfata_metadata_inquiry(IDEState *s)
729 p = (uint16_t *) s->io_buffer;
731 spd = ((s->mdata_size - 1) >> 9) + 1;
733 put_le16(p + 0, 0x0001); /* Data format revision */
734 put_le16(p + 1, 0x0000); /* Media property: silicon */
735 put_le16(p + 2, s->media_changed); /* Media status */
736 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
737 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
738 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
739 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
742 static void ide_cfata_metadata_read(IDEState *s)
746 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
747 s->status = ERR_STAT;
752 p = (uint16_t *) s->io_buffer;
755 put_le16(p + 0, s->media_changed); /* Media status */
756 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
757 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
758 s->nsector << 9), 0x200 - 2));
761 static void ide_cfata_metadata_write(IDEState *s)
763 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
764 s->status = ERR_STAT;
769 s->media_changed = 0;
771 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
773 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
774 s->nsector << 9), 0x200 - 2));
777 /* called when the inserted state of the media has changed */
778 static void ide_cd_change_cb(void *opaque, bool load)
780 IDEState *s = opaque;
783 s->tray_open = !load;
784 bdrv_get_geometry(s->bs, &nb_sectors);
785 s->nb_sectors = nb_sectors;
788 * First indicate to the guest that a CD has been removed. That's
789 * done on the next command the guest sends us.
791 * Then we set UNIT_ATTENTION, by which the guest will
792 * detect a new CD in the drive. See ide_atapi_cmd() for details.
794 s->cdrom_changed = 1;
795 s->events.new_media = true;
796 s->events.eject_request = false;
800 static void ide_cd_eject_request_cb(void *opaque, bool force)
802 IDEState *s = opaque;
804 s->events.eject_request = true;
806 s->tray_locked = false;
811 static void ide_cmd_lba48_transform(IDEState *s, int lba48)
815 /* handle the 'magic' 0 nsector count conversion here. to avoid
816 * fiddling with the rest of the read logic, we just store the
817 * full sector count in ->nsector and ignore ->hob_nsector from now
823 if (!s->nsector && !s->hob_nsector)
827 int hi = s->hob_nsector;
829 s->nsector = (hi << 8) | lo;
834 static void ide_clear_hob(IDEBus *bus)
836 /* any write clears HOB high bit of device control register */
837 bus->ifs[0].select &= ~(1 << 7);
838 bus->ifs[1].select &= ~(1 << 7);
841 void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
843 IDEBus *bus = opaque;
846 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
851 /* ignore writes to command block while busy with previous command */
852 if (addr != 7 && (idebus_active_if(bus)->status & (BUSY_STAT|DRQ_STAT)))
860 /* NOTE: data is written to the two drives */
861 bus->ifs[0].hob_feature = bus->ifs[0].feature;
862 bus->ifs[1].hob_feature = bus->ifs[1].feature;
863 bus->ifs[0].feature = val;
864 bus->ifs[1].feature = val;
868 bus->ifs[0].hob_nsector = bus->ifs[0].nsector;
869 bus->ifs[1].hob_nsector = bus->ifs[1].nsector;
870 bus->ifs[0].nsector = val;
871 bus->ifs[1].nsector = val;
875 bus->ifs[0].hob_sector = bus->ifs[0].sector;
876 bus->ifs[1].hob_sector = bus->ifs[1].sector;
877 bus->ifs[0].sector = val;
878 bus->ifs[1].sector = val;
882 bus->ifs[0].hob_lcyl = bus->ifs[0].lcyl;
883 bus->ifs[1].hob_lcyl = bus->ifs[1].lcyl;
884 bus->ifs[0].lcyl = val;
885 bus->ifs[1].lcyl = val;
889 bus->ifs[0].hob_hcyl = bus->ifs[0].hcyl;
890 bus->ifs[1].hob_hcyl = bus->ifs[1].hcyl;
891 bus->ifs[0].hcyl = val;
892 bus->ifs[1].hcyl = val;
895 /* FIXME: HOB readback uses bit 7 */
896 bus->ifs[0].select = (val & ~0x10) | 0xa0;
897 bus->ifs[1].select = (val | 0x10) | 0xa0;
899 bus->unit = (val >> 4) & 1;
904 ide_exec_cmd(bus, val);
909 #define HD_OK (1u << IDE_HD)
910 #define CD_OK (1u << IDE_CD)
911 #define CFA_OK (1u << IDE_CFATA)
912 #define HD_CFA_OK (HD_OK | CFA_OK)
913 #define ALL_OK (HD_OK | CD_OK | CFA_OK)
915 /* See ACS-2 T13/2015-D Table B.2 Command codes */
916 static const uint8_t ide_cmd_table[0x100] = {
917 /* NOP not implemented, mandatory for CD */
918 [CFA_REQ_EXT_ERROR_CODE] = CFA_OK,
920 [WIN_DEVICE_RESET] = CD_OK,
921 [WIN_RECAL] = HD_CFA_OK,
923 [WIN_READ_ONCE] = ALL_OK,
924 [WIN_READ_EXT] = HD_CFA_OK,
925 [WIN_READDMA_EXT] = HD_CFA_OK,
926 [WIN_READ_NATIVE_MAX_EXT] = HD_CFA_OK,
927 [WIN_MULTREAD_EXT] = HD_CFA_OK,
928 [WIN_WRITE] = HD_CFA_OK,
929 [WIN_WRITE_ONCE] = HD_CFA_OK,
930 [WIN_WRITE_EXT] = HD_CFA_OK,
931 [WIN_WRITEDMA_EXT] = HD_CFA_OK,
932 [CFA_WRITE_SECT_WO_ERASE] = CFA_OK,
933 [WIN_MULTWRITE_EXT] = HD_CFA_OK,
934 [WIN_WRITE_VERIFY] = HD_CFA_OK,
935 [WIN_VERIFY] = HD_CFA_OK,
936 [WIN_VERIFY_ONCE] = HD_CFA_OK,
937 [WIN_VERIFY_EXT] = HD_CFA_OK,
938 [WIN_SEEK] = HD_CFA_OK,
939 [CFA_TRANSLATE_SECTOR] = CFA_OK,
940 [WIN_DIAGNOSE] = ALL_OK,
941 [WIN_SPECIFY] = HD_CFA_OK,
942 [WIN_STANDBYNOW2] = ALL_OK,
943 [WIN_IDLEIMMEDIATE2] = ALL_OK,
944 [WIN_STANDBY2] = ALL_OK,
945 [WIN_SETIDLE2] = ALL_OK,
946 [WIN_CHECKPOWERMODE2] = ALL_OK,
947 [WIN_SLEEPNOW2] = ALL_OK,
948 [WIN_PACKETCMD] = CD_OK,
949 [WIN_PIDENTIFY] = CD_OK,
950 [WIN_SMART] = HD_CFA_OK,
951 [CFA_ACCESS_METADATA_STORAGE] = CFA_OK,
952 [CFA_ERASE_SECTORS] = CFA_OK,
953 [WIN_MULTREAD] = HD_CFA_OK,
954 [WIN_MULTWRITE] = HD_CFA_OK,
955 [WIN_SETMULT] = HD_CFA_OK,
956 [WIN_READDMA] = HD_CFA_OK,
957 [WIN_READDMA_ONCE] = HD_CFA_OK,
958 [WIN_WRITEDMA] = HD_CFA_OK,
959 [WIN_WRITEDMA_ONCE] = HD_CFA_OK,
960 [CFA_WRITE_MULTI_WO_ERASE] = CFA_OK,
961 [WIN_STANDBYNOW1] = ALL_OK,
962 [WIN_IDLEIMMEDIATE] = ALL_OK,
963 [WIN_STANDBY] = ALL_OK,
964 [WIN_SETIDLE1] = ALL_OK,
965 [WIN_CHECKPOWERMODE1] = ALL_OK,
966 [WIN_SLEEPNOW1] = ALL_OK,
967 [WIN_FLUSH_CACHE] = ALL_OK,
968 [WIN_FLUSH_CACHE_EXT] = HD_CFA_OK,
969 [WIN_IDENTIFY] = ALL_OK,
970 [WIN_SETFEATURES] = ALL_OK,
971 [IBM_SENSE_CONDITION] = CFA_OK,
972 [CFA_WEAR_LEVEL] = CFA_OK,
973 [WIN_READ_NATIVE_MAX] = ALL_OK,
976 static bool ide_cmd_permitted(IDEState *s, uint32_t cmd)
978 return cmd < ARRAY_SIZE(ide_cmd_table)
979 && (ide_cmd_table[cmd] & (1u << s->drive_kind));
982 void ide_exec_cmd(IDEBus *bus, uint32_t val)
988 #if defined(DEBUG_IDE)
989 printf("ide: CMD=%02x\n", val);
991 s = idebus_active_if(bus);
992 /* ignore commands to non existent slave */
993 if (s != bus->ifs && !s->bs)
996 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */
997 if ((s->status & (BUSY_STAT|DRQ_STAT)) && val != WIN_DEVICE_RESET)
1000 if (!ide_cmd_permitted(s, val)) {
1006 switch (s->feature) {
1011 ide_sector_start_dma(s, IDE_DMA_TRIM);
1018 if (s->bs && s->drive_kind != IDE_CD) {
1019 if (s->drive_kind != IDE_CFATA)
1022 ide_cfata_identify(s);
1023 s->status = READY_STAT | SEEK_STAT;
1024 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1026 if (s->drive_kind == IDE_CD) {
1027 ide_set_signature(s);
1029 ide_abort_command(s);
1031 ide_set_irq(s->bus);
1036 s->status = READY_STAT | SEEK_STAT;
1037 ide_set_irq(s->bus);
1040 if (s->drive_kind == IDE_CFATA && s->nsector == 0) {
1041 /* Disable Read and Write Multiple */
1042 s->mult_sectors = 0;
1043 s->status = READY_STAT | SEEK_STAT;
1044 } else if ((s->nsector & 0xff) != 0 &&
1045 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
1046 (s->nsector & (s->nsector - 1)) != 0)) {
1047 ide_abort_command(s);
1049 s->mult_sectors = s->nsector & 0xff;
1050 s->status = READY_STAT | SEEK_STAT;
1052 ide_set_irq(s->bus);
1054 case WIN_VERIFY_EXT:
1057 case WIN_VERIFY_ONCE:
1058 /* do sector number check ? */
1059 ide_cmd_lba48_transform(s, lba48);
1060 s->status = READY_STAT | SEEK_STAT;
1061 ide_set_irq(s->bus);
1067 if (s->drive_kind == IDE_CD) {
1068 ide_set_signature(s); /* odd, but ATA4 8.27.5.2 requires it */
1071 ide_cmd_lba48_transform(s, lba48);
1072 s->req_nb_sectors = 1;
1078 case WIN_WRITE_ONCE:
1079 case CFA_WRITE_SECT_WO_ERASE:
1080 case WIN_WRITE_VERIFY:
1081 ide_cmd_lba48_transform(s, lba48);
1083 s->status = SEEK_STAT | READY_STAT;
1084 s->req_nb_sectors = 1;
1085 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1086 s->media_changed = 1;
1088 case WIN_MULTREAD_EXT:
1091 if (!s->mult_sectors)
1093 ide_cmd_lba48_transform(s, lba48);
1094 s->req_nb_sectors = s->mult_sectors;
1097 case WIN_MULTWRITE_EXT:
1100 case CFA_WRITE_MULTI_WO_ERASE:
1101 if (!s->mult_sectors)
1103 ide_cmd_lba48_transform(s, lba48);
1105 s->status = SEEK_STAT | READY_STAT;
1106 s->req_nb_sectors = s->mult_sectors;
1108 if (n > s->req_nb_sectors)
1109 n = s->req_nb_sectors;
1110 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1111 s->media_changed = 1;
1113 case WIN_READDMA_EXT:
1116 case WIN_READDMA_ONCE:
1119 ide_cmd_lba48_transform(s, lba48);
1120 ide_sector_start_dma(s, IDE_DMA_READ);
1122 case WIN_WRITEDMA_EXT:
1125 case WIN_WRITEDMA_ONCE:
1128 ide_cmd_lba48_transform(s, lba48);
1129 ide_sector_start_dma(s, IDE_DMA_WRITE);
1130 s->media_changed = 1;
1132 case WIN_READ_NATIVE_MAX_EXT:
1134 case WIN_READ_NATIVE_MAX:
1135 ide_cmd_lba48_transform(s, lba48);
1136 ide_set_sector(s, s->nb_sectors - 1);
1137 s->status = READY_STAT | SEEK_STAT;
1138 ide_set_irq(s->bus);
1140 case WIN_CHECKPOWERMODE1:
1141 case WIN_CHECKPOWERMODE2:
1143 s->nsector = 0xff; /* device active or idle */
1144 s->status = READY_STAT | SEEK_STAT;
1145 ide_set_irq(s->bus);
1147 case WIN_SETFEATURES:
1150 /* XXX: valid for CDROM ? */
1151 switch(s->feature) {
1152 case 0xcc: /* reverting to power-on defaults enable */
1153 case 0x66: /* reverting to power-on defaults disable */
1154 case 0x02: /* write cache enable */
1155 case 0x82: /* write cache disable */
1156 case 0xaa: /* read look-ahead enable */
1157 case 0x55: /* read look-ahead disable */
1158 case 0x05: /* set advanced power management mode */
1159 case 0x85: /* disable advanced power management mode */
1160 case 0x69: /* NOP */
1161 case 0x67: /* NOP */
1162 case 0x96: /* NOP */
1163 case 0x9a: /* NOP */
1164 case 0x42: /* enable Automatic Acoustic Mode */
1165 case 0xc2: /* disable Automatic Acoustic Mode */
1166 s->status = READY_STAT | SEEK_STAT;
1167 ide_set_irq(s->bus);
1169 case 0x03: { /* set transfer mode */
1170 uint8_t val = s->nsector & 0x07;
1171 uint16_t *identify_data = (uint16_t *)s->identify_data;
1173 switch (s->nsector >> 3) {
1174 case 0x00: /* pio default */
1175 case 0x01: /* pio mode */
1176 put_le16(identify_data + 62,0x07);
1177 put_le16(identify_data + 63,0x07);
1178 put_le16(identify_data + 88,0x3f);
1180 case 0x02: /* sigle word dma mode*/
1181 put_le16(identify_data + 62,0x07 | (1 << (val + 8)));
1182 put_le16(identify_data + 63,0x07);
1183 put_le16(identify_data + 88,0x3f);
1185 case 0x04: /* mdma mode */
1186 put_le16(identify_data + 62,0x07);
1187 put_le16(identify_data + 63,0x07 | (1 << (val + 8)));
1188 put_le16(identify_data + 88,0x3f);
1190 case 0x08: /* udma mode */
1191 put_le16(identify_data + 62,0x07);
1192 put_le16(identify_data + 63,0x07);
1193 put_le16(identify_data + 88,0x3f | (1 << (val + 8)));
1198 s->status = READY_STAT | SEEK_STAT;
1199 ide_set_irq(s->bus);
1206 case WIN_FLUSH_CACHE:
1207 case WIN_FLUSH_CACHE_EXT:
1212 case WIN_STANDBYNOW1:
1213 case WIN_STANDBYNOW2:
1214 case WIN_IDLEIMMEDIATE:
1215 case WIN_IDLEIMMEDIATE2:
1220 s->status = READY_STAT;
1221 ide_set_irq(s->bus);
1224 /* XXX: Check that seek is within bounds */
1225 s->status = READY_STAT | SEEK_STAT;
1226 ide_set_irq(s->bus);
1228 /* ATAPI commands */
1230 ide_atapi_identify(s);
1231 s->status = READY_STAT | SEEK_STAT;
1232 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1233 ide_set_irq(s->bus);
1236 ide_set_signature(s);
1237 if (s->drive_kind == IDE_CD)
1238 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet
1239 * devices to return a clear status register
1240 * with READY_STAT *not* set. */
1242 s->status = READY_STAT | SEEK_STAT;
1243 s->error = 0x01; /* Device 0 passed, Device 1 passed or not
1246 ide_set_irq(s->bus);
1248 case WIN_DEVICE_RESET:
1249 ide_set_signature(s);
1250 s->status = 0x00; /* NOTE: READY is _not_ set */
1254 /* overlapping commands not supported */
1255 if (s->feature & 0x02)
1257 s->status = READY_STAT | SEEK_STAT;
1258 s->atapi_dma = s->feature & 1;
1260 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
1263 /* CF-ATA commands */
1264 case CFA_REQ_EXT_ERROR_CODE:
1265 s->error = 0x09; /* miscellaneous error */
1266 s->status = READY_STAT | SEEK_STAT;
1267 ide_set_irq(s->bus);
1269 case CFA_ERASE_SECTORS:
1270 case CFA_WEAR_LEVEL:
1271 if (val == CFA_WEAR_LEVEL)
1273 if (val == CFA_ERASE_SECTORS)
1274 s->media_changed = 1;
1276 s->status = READY_STAT | SEEK_STAT;
1277 ide_set_irq(s->bus);
1279 case CFA_TRANSLATE_SECTOR:
1281 s->status = READY_STAT | SEEK_STAT;
1282 memset(s->io_buffer, 0, 0x200);
1283 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
1284 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
1285 s->io_buffer[0x02] = s->select; /* Head */
1286 s->io_buffer[0x03] = s->sector; /* Sector */
1287 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
1288 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
1289 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
1290 s->io_buffer[0x13] = 0x00; /* Erase flag */
1291 s->io_buffer[0x18] = 0x00; /* Hot count */
1292 s->io_buffer[0x19] = 0x00; /* Hot count */
1293 s->io_buffer[0x1a] = 0x01; /* Hot count */
1294 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
1295 ide_set_irq(s->bus);
1297 case CFA_ACCESS_METADATA_STORAGE:
1298 switch (s->feature) {
1299 case 0x02: /* Inquiry Metadata Storage */
1300 ide_cfata_metadata_inquiry(s);
1302 case 0x03: /* Read Metadata Storage */
1303 ide_cfata_metadata_read(s);
1305 case 0x04: /* Write Metadata Storage */
1306 ide_cfata_metadata_write(s);
1311 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
1312 s->status = 0x00; /* NOTE: READY is _not_ set */
1313 ide_set_irq(s->bus);
1315 case IBM_SENSE_CONDITION:
1316 switch (s->feature) {
1317 case 0x01: /* sense temperature in device */
1318 s->nsector = 0x50; /* +20 C */
1323 s->status = READY_STAT | SEEK_STAT;
1324 ide_set_irq(s->bus);
1328 if (s->hcyl != 0xc2 || s->lcyl != 0x4f)
1330 if (!s->smart_enabled && s->feature != SMART_ENABLE)
1332 switch (s->feature) {
1334 s->smart_enabled = 0;
1335 s->status = READY_STAT | SEEK_STAT;
1336 ide_set_irq(s->bus);
1339 s->smart_enabled = 1;
1340 s->status = READY_STAT | SEEK_STAT;
1341 ide_set_irq(s->bus);
1343 case SMART_ATTR_AUTOSAVE:
1344 switch (s->sector) {
1346 s->smart_autosave = 0;
1349 s->smart_autosave = 1;
1354 s->status = READY_STAT | SEEK_STAT;
1355 ide_set_irq(s->bus);
1358 if (!s->smart_errors) {
1365 s->status = READY_STAT | SEEK_STAT;
1366 ide_set_irq(s->bus);
1368 case SMART_READ_THRESH:
1369 memset(s->io_buffer, 0, 0x200);
1370 s->io_buffer[0] = 0x01; /* smart struct version */
1371 for (n=0; n<30; n++) {
1372 if (smart_attributes[n][0] == 0)
1374 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0];
1375 s->io_buffer[2+1+(n*12)] = smart_attributes[n][11];
1377 for (n=0; n<511; n++) /* checksum */
1378 s->io_buffer[511] += s->io_buffer[n];
1379 s->io_buffer[511] = 0x100 - s->io_buffer[511];
1380 s->status = READY_STAT | SEEK_STAT;
1381 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
1382 ide_set_irq(s->bus);
1384 case SMART_READ_DATA:
1385 memset(s->io_buffer, 0, 0x200);
1386 s->io_buffer[0] = 0x01; /* smart struct version */
1387 for (n=0; n<30; n++) {
1388 if (smart_attributes[n][0] == 0) {
1392 for(i = 0; i < 11; i++) {
1393 s->io_buffer[2+i+(n*12)] = smart_attributes[n][i];
1396 s->io_buffer[362] = 0x02 | (s->smart_autosave?0x80:0x00);
1397 if (s->smart_selftest_count == 0) {
1398 s->io_buffer[363] = 0;
1401 s->smart_selftest_data[3 +
1402 (s->smart_selftest_count - 1) *
1405 s->io_buffer[364] = 0x20;
1406 s->io_buffer[365] = 0x01;
1407 /* offline data collection capacity: execute + self-test*/
1408 s->io_buffer[367] = (1<<4 | 1<<3 | 1);
1409 s->io_buffer[368] = 0x03; /* smart capability (1) */
1410 s->io_buffer[369] = 0x00; /* smart capability (2) */
1411 s->io_buffer[370] = 0x01; /* error logging supported */
1412 s->io_buffer[372] = 0x02; /* minutes for poll short test */
1413 s->io_buffer[373] = 0x36; /* minutes for poll ext test */
1414 s->io_buffer[374] = 0x01; /* minutes for poll conveyance */
1416 for (n=0; n<511; n++)
1417 s->io_buffer[511] += s->io_buffer[n];
1418 s->io_buffer[511] = 0x100 - s->io_buffer[511];
1419 s->status = READY_STAT | SEEK_STAT;
1420 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
1421 ide_set_irq(s->bus);
1423 case SMART_READ_LOG:
1424 switch (s->sector) {
1425 case 0x01: /* summary smart error log */
1426 memset(s->io_buffer, 0, 0x200);
1427 s->io_buffer[0] = 0x01;
1428 s->io_buffer[1] = 0x00; /* no error entries */
1429 s->io_buffer[452] = s->smart_errors & 0xff;
1430 s->io_buffer[453] = (s->smart_errors & 0xff00) >> 8;
1432 for (n=0; n<511; n++)
1433 s->io_buffer[511] += s->io_buffer[n];
1434 s->io_buffer[511] = 0x100 - s->io_buffer[511];
1436 case 0x06: /* smart self test log */
1437 memset(s->io_buffer, 0, 0x200);
1438 s->io_buffer[0] = 0x01;
1439 if (s->smart_selftest_count == 0) {
1440 s->io_buffer[508] = 0;
1442 s->io_buffer[508] = s->smart_selftest_count;
1443 for (n=2; n<506; n++)
1444 s->io_buffer[n] = s->smart_selftest_data[n];
1446 for (n=0; n<511; n++)
1447 s->io_buffer[511] += s->io_buffer[n];
1448 s->io_buffer[511] = 0x100 - s->io_buffer[511];
1453 s->status = READY_STAT | SEEK_STAT;
1454 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
1455 ide_set_irq(s->bus);
1457 case SMART_EXECUTE_OFFLINE:
1458 switch (s->sector) {
1459 case 0: /* off-line routine */
1460 case 1: /* short self test */
1461 case 2: /* extended self test */
1462 s->smart_selftest_count++;
1463 if(s->smart_selftest_count > 21)
1464 s->smart_selftest_count = 0;
1465 n = 2 + (s->smart_selftest_count - 1) * 24;
1466 s->smart_selftest_data[n] = s->sector;
1467 s->smart_selftest_data[n+1] = 0x00; /* OK and finished */
1468 s->smart_selftest_data[n+2] = 0x34; /* hour count lsb */
1469 s->smart_selftest_data[n+3] = 0x12; /* hour count msb */
1470 s->status = READY_STAT | SEEK_STAT;
1471 ide_set_irq(s->bus);
1482 /* should not be reachable */
1484 ide_abort_command(s);
1485 ide_set_irq(s->bus);
1490 uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
1492 IDEBus *bus = opaque;
1493 IDEState *s = idebus_active_if(bus);
1498 /* FIXME: HOB readback uses bit 7, but it's always set right now */
1499 //hob = s->select & (1 << 7);
1506 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
1507 (s != bus->ifs && !s->bs))
1512 ret = s->hob_feature;
1515 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
1518 ret = s->nsector & 0xff;
1520 ret = s->hob_nsector;
1523 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
1528 ret = s->hob_sector;
1531 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
1539 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
1547 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
1554 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
1555 (s != bus->ifs && !s->bs))
1559 qemu_irq_lower(bus->irq);
1563 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
1568 uint32_t ide_status_read(void *opaque, uint32_t addr)
1570 IDEBus *bus = opaque;
1571 IDEState *s = idebus_active_if(bus);
1574 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
1575 (s != bus->ifs && !s->bs))
1580 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
1585 void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
1587 IDEBus *bus = opaque;
1592 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
1594 /* common for both drives */
1595 if (!(bus->cmd & IDE_CMD_RESET) &&
1596 (val & IDE_CMD_RESET)) {
1597 /* reset low to high */
1598 for(i = 0;i < 2; i++) {
1600 s->status = BUSY_STAT | SEEK_STAT;
1603 } else if ((bus->cmd & IDE_CMD_RESET) &&
1604 !(val & IDE_CMD_RESET)) {
1606 for(i = 0;i < 2; i++) {
1608 if (s->drive_kind == IDE_CD)
1609 s->status = 0x00; /* NOTE: READY is _not_ set */
1611 s->status = READY_STAT | SEEK_STAT;
1612 ide_set_signature(s);
1620 * Returns true if the running PIO transfer is a PIO out (i.e. data is
1621 * transferred from the device to the guest), false if it's a PIO in
1623 static bool ide_is_pio_out(IDEState *s)
1625 if (s->end_transfer_func == ide_sector_write ||
1626 s->end_transfer_func == ide_atapi_cmd) {
1628 } else if (s->end_transfer_func == ide_sector_read ||
1629 s->end_transfer_func == ide_transfer_stop ||
1630 s->end_transfer_func == ide_atapi_cmd_reply_end ||
1631 s->end_transfer_func == ide_dummy_transfer_stop) {
1638 void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
1640 IDEBus *bus = opaque;
1641 IDEState *s = idebus_active_if(bus);
1644 /* PIO data access allowed only when DRQ bit is set. The result of a write
1645 * during PIO out is indeterminate, just ignore it. */
1646 if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) {
1651 *(uint16_t *)p = le16_to_cpu(val);
1654 if (p >= s->data_end)
1655 s->end_transfer_func(s);
1658 uint32_t ide_data_readw(void *opaque, uint32_t addr)
1660 IDEBus *bus = opaque;
1661 IDEState *s = idebus_active_if(bus);
1665 /* PIO data access allowed only when DRQ bit is set. The result of a read
1666 * during PIO in is indeterminate, return 0 and don't move forward. */
1667 if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) {
1672 ret = cpu_to_le16(*(uint16_t *)p);
1675 if (p >= s->data_end)
1676 s->end_transfer_func(s);
1680 void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
1682 IDEBus *bus = opaque;
1683 IDEState *s = idebus_active_if(bus);
1686 /* PIO data access allowed only when DRQ bit is set. The result of a write
1687 * during PIO out is indeterminate, just ignore it. */
1688 if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) {
1693 *(uint32_t *)p = le32_to_cpu(val);
1696 if (p >= s->data_end)
1697 s->end_transfer_func(s);
1700 uint32_t ide_data_readl(void *opaque, uint32_t addr)
1702 IDEBus *bus = opaque;
1703 IDEState *s = idebus_active_if(bus);
1707 /* PIO data access allowed only when DRQ bit is set. The result of a read
1708 * during PIO in is indeterminate, return 0 and don't move forward. */
1709 if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) {
1714 ret = cpu_to_le32(*(uint32_t *)p);
1717 if (p >= s->data_end)
1718 s->end_transfer_func(s);
1722 static void ide_dummy_transfer_stop(IDEState *s)
1724 s->data_ptr = s->io_buffer;
1725 s->data_end = s->io_buffer;
1726 s->io_buffer[0] = 0xff;
1727 s->io_buffer[1] = 0xff;
1728 s->io_buffer[2] = 0xff;
1729 s->io_buffer[3] = 0xff;
1732 static void ide_reset(IDEState *s)
1735 printf("ide: reset\n");
1737 if (s->drive_kind == IDE_CFATA)
1738 s->mult_sectors = 0;
1740 s->mult_sectors = MAX_MULT_SECTORS;
1757 s->status = READY_STAT | SEEK_STAT;
1761 /* ATAPI specific */
1764 s->cdrom_changed = 0;
1765 s->packet_transfer_size = 0;
1766 s->elementary_transfer_size = 0;
1767 s->io_buffer_index = 0;
1768 s->cd_sector_size = 0;
1771 s->io_buffer_size = 0;
1772 s->req_nb_sectors = 0;
1774 ide_set_signature(s);
1775 /* init the transfer handler so that 0xffff is returned on data
1777 s->end_transfer_func = ide_dummy_transfer_stop;
1778 ide_dummy_transfer_stop(s);
1779 s->media_changed = 0;
1782 void ide_bus_reset(IDEBus *bus)
1786 ide_reset(&bus->ifs[0]);
1787 ide_reset(&bus->ifs[1]);
1790 /* pending async DMA */
1791 if (bus->dma->aiocb) {
1793 printf("aio_cancel\n");
1795 bdrv_aio_cancel(bus->dma->aiocb);
1796 bus->dma->aiocb = NULL;
1799 /* reset dma provider too */
1800 bus->dma->ops->reset(bus->dma);
1803 static bool ide_cd_is_tray_open(void *opaque)
1805 return ((IDEState *)opaque)->tray_open;
1808 static bool ide_cd_is_medium_locked(void *opaque)
1810 return ((IDEState *)opaque)->tray_locked;
1813 static const BlockDevOps ide_cd_block_ops = {
1814 .change_media_cb = ide_cd_change_cb,
1815 .eject_request_cb = ide_cd_eject_request_cb,
1816 .is_tray_open = ide_cd_is_tray_open,
1817 .is_medium_locked = ide_cd_is_medium_locked,
1820 int ide_init_drive(IDEState *s, BlockDriverState *bs, IDEDriveKind kind,
1821 const char *version, const char *serial)
1823 int cylinders, heads, secs;
1824 uint64_t nb_sectors;
1827 s->drive_kind = kind;
1829 bdrv_get_geometry(bs, &nb_sectors);
1830 bdrv_guess_geometry(bs, &cylinders, &heads, &secs);
1831 if (cylinders < 1 || cylinders > 16383) {
1832 error_report("cyls must be between 1 and 16383");
1835 if (heads < 1 || heads > 16) {
1836 error_report("heads must be between 1 and 16");
1839 if (secs < 1 || secs > 63) {
1840 error_report("secs must be between 1 and 63");
1843 s->cylinders = cylinders;
1846 s->nb_sectors = nb_sectors;
1847 /* The SMART values should be preserved across power cycles
1849 s->smart_enabled = 1;
1850 s->smart_autosave = 1;
1851 s->smart_errors = 0;
1852 s->smart_selftest_count = 0;
1853 if (kind == IDE_CD) {
1854 bdrv_set_dev_ops(bs, &ide_cd_block_ops, s);
1855 bdrv_set_buffer_alignment(bs, 2048);
1857 if (!bdrv_is_inserted(s->bs)) {
1858 error_report("Device needs media, but drive is empty");
1861 if (bdrv_is_read_only(bs)) {
1862 error_report("Can't use a read-only drive");
1867 strncpy(s->drive_serial_str, serial, sizeof(s->drive_serial_str));
1869 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str),
1870 "QM%05d", s->drive_serial);
1873 pstrcpy(s->version, sizeof(s->version), version);
1875 pstrcpy(s->version, sizeof(s->version), QEMU_VERSION);
1879 bdrv_iostatus_enable(bs);
1883 static void ide_init1(IDEBus *bus, int unit)
1885 static int drive_serial = 1;
1886 IDEState *s = &bus->ifs[unit];
1890 s->drive_serial = drive_serial++;
1891 /* we need at least 2k alignment for accessing CDROMs using O_DIRECT */
1892 s->io_buffer_total_len = IDE_DMA_BUF_SECTORS*512 + 4;
1893 s->io_buffer = qemu_memalign(2048, s->io_buffer_total_len);
1894 memset(s->io_buffer, 0, s->io_buffer_total_len);
1896 s->smart_selftest_data = qemu_blockalign(s->bs, 512);
1897 memset(s->smart_selftest_data, 0, 512);
1899 s->sector_write_timer = qemu_new_timer_ns(vm_clock,
1900 ide_sector_write_timer_cb, s);
1903 static void ide_nop_start(IDEDMA *dma, IDEState *s,
1904 BlockDriverCompletionFunc *cb)
1908 static int ide_nop(IDEDMA *dma)
1913 static int ide_nop_int(IDEDMA *dma, int x)
1918 static void ide_nop_restart(void *opaque, int x, RunState y)
1922 static const IDEDMAOps ide_dma_nop_ops = {
1923 .start_dma = ide_nop_start,
1924 .start_transfer = ide_nop,
1925 .prepare_buf = ide_nop_int,
1926 .rw_buf = ide_nop_int,
1927 .set_unit = ide_nop_int,
1928 .add_status = ide_nop_int,
1929 .set_inactive = ide_nop,
1930 .restart_cb = ide_nop_restart,
1934 static IDEDMA ide_dma_nop = {
1935 .ops = &ide_dma_nop_ops,
1939 void ide_init2(IDEBus *bus, qemu_irq irq)
1943 for(i = 0; i < 2; i++) {
1945 ide_reset(&bus->ifs[i]);
1948 bus->dma = &ide_dma_nop;
1951 /* TODO convert users to qdev and remove */
1952 void ide_init2_with_non_qdev_drives(IDEBus *bus, DriveInfo *hd0,
1953 DriveInfo *hd1, qemu_irq irq)
1958 for(i = 0; i < 2; i++) {
1959 dinfo = i == 0 ? hd0 : hd1;
1962 if (ide_init_drive(&bus->ifs[i], dinfo->bdrv,
1963 dinfo->media_cd ? IDE_CD : IDE_HD, NULL,
1964 *dinfo->serial ? dinfo->serial : NULL) < 0) {
1965 error_report("Can't set up IDE drive %s", dinfo->id);
1968 bdrv_attach_dev_nofail(dinfo->bdrv, &bus->ifs[i]);
1970 ide_reset(&bus->ifs[i]);
1974 bus->dma = &ide_dma_nop;
1977 static const MemoryRegionPortio ide_portio_list[] = {
1978 { 0, 8, 1, .read = ide_ioport_read, .write = ide_ioport_write },
1979 { 0, 2, 2, .read = ide_data_readw, .write = ide_data_writew },
1980 { 0, 4, 4, .read = ide_data_readl, .write = ide_data_writel },
1981 PORTIO_END_OF_LIST(),
1984 static const MemoryRegionPortio ide_portio2_list[] = {
1985 { 0, 1, 1, .read = ide_status_read, .write = ide_cmd_write },
1986 PORTIO_END_OF_LIST(),
1989 void ide_init_ioport(IDEBus *bus, ISADevice *dev, int iobase, int iobase2)
1991 /* ??? Assume only ISA and PCI configurations, and that the PCI-ISA
1992 bridge has been setup properly to always register with ISA. */
1993 isa_register_portio_list(dev, iobase, ide_portio_list, bus, "ide");
1996 isa_register_portio_list(dev, iobase2, ide_portio2_list, bus, "ide");
2000 static bool is_identify_set(void *opaque, int version_id)
2002 IDEState *s = opaque;
2004 return s->identify_set != 0;
2007 static EndTransferFunc* transfer_end_table[] = {
2011 ide_atapi_cmd_reply_end,
2013 ide_dummy_transfer_stop,
2016 static int transfer_end_table_idx(EndTransferFunc *fn)
2020 for (i = 0; i < ARRAY_SIZE(transfer_end_table); i++)
2021 if (transfer_end_table[i] == fn)
2027 static int ide_drive_post_load(void *opaque, int version_id)
2029 IDEState *s = opaque;
2031 if (version_id < 3) {
2032 if (s->sense_key == UNIT_ATTENTION &&
2033 s->asc == ASC_MEDIUM_MAY_HAVE_CHANGED) {
2034 s->cdrom_changed = 1;
2040 static int ide_drive_pio_post_load(void *opaque, int version_id)
2042 IDEState *s = opaque;
2044 if (s->end_transfer_fn_idx >= ARRAY_SIZE(transfer_end_table)) {
2047 s->end_transfer_func = transfer_end_table[s->end_transfer_fn_idx];
2048 s->data_ptr = s->io_buffer + s->cur_io_buffer_offset;
2049 s->data_end = s->data_ptr + s->cur_io_buffer_len;
2054 static void ide_drive_pio_pre_save(void *opaque)
2056 IDEState *s = opaque;
2059 s->cur_io_buffer_offset = s->data_ptr - s->io_buffer;
2060 s->cur_io_buffer_len = s->data_end - s->data_ptr;
2062 idx = transfer_end_table_idx(s->end_transfer_func);
2064 fprintf(stderr, "%s: invalid end_transfer_func for DRQ_STAT\n",
2066 s->end_transfer_fn_idx = 2;
2068 s->end_transfer_fn_idx = idx;
2072 static bool ide_drive_pio_state_needed(void *opaque)
2074 IDEState *s = opaque;
2076 return ((s->status & DRQ_STAT) != 0)
2077 || (s->bus->error_status & BM_STATUS_PIO_RETRY);
2080 static int ide_tray_state_post_load(void *opaque, int version_id)
2082 IDEState *s = opaque;
2084 bdrv_eject(s->bs, s->tray_open);
2085 bdrv_lock_medium(s->bs, s->tray_locked);
2089 static bool ide_tray_state_needed(void *opaque)
2091 IDEState *s = opaque;
2093 return s->tray_open || s->tray_locked;
2096 static bool ide_atapi_gesn_needed(void *opaque)
2098 IDEState *s = opaque;
2100 return s->events.new_media || s->events.eject_request;
2103 static bool ide_error_needed(void *opaque)
2105 IDEBus *bus = opaque;
2107 return (bus->error_status != 0);
2110 /* Fields for GET_EVENT_STATUS_NOTIFICATION ATAPI command */
2111 static const VMStateDescription vmstate_ide_atapi_gesn_state = {
2112 .name ="ide_drive/atapi/gesn_state",
2114 .minimum_version_id = 1,
2115 .minimum_version_id_old = 1,
2116 .fields = (VMStateField []) {
2117 VMSTATE_BOOL(events.new_media, IDEState),
2118 VMSTATE_BOOL(events.eject_request, IDEState),
2119 VMSTATE_END_OF_LIST()
2123 static const VMStateDescription vmstate_ide_tray_state = {
2124 .name = "ide_drive/tray_state",
2126 .minimum_version_id = 1,
2127 .minimum_version_id_old = 1,
2128 .post_load = ide_tray_state_post_load,
2129 .fields = (VMStateField[]) {
2130 VMSTATE_BOOL(tray_open, IDEState),
2131 VMSTATE_BOOL(tray_locked, IDEState),
2132 VMSTATE_END_OF_LIST()
2136 static const VMStateDescription vmstate_ide_drive_pio_state = {
2137 .name = "ide_drive/pio_state",
2139 .minimum_version_id = 1,
2140 .minimum_version_id_old = 1,
2141 .pre_save = ide_drive_pio_pre_save,
2142 .post_load = ide_drive_pio_post_load,
2143 .fields = (VMStateField []) {
2144 VMSTATE_INT32(req_nb_sectors, IDEState),
2145 VMSTATE_VARRAY_INT32(io_buffer, IDEState, io_buffer_total_len, 1,
2146 vmstate_info_uint8, uint8_t),
2147 VMSTATE_INT32(cur_io_buffer_offset, IDEState),
2148 VMSTATE_INT32(cur_io_buffer_len, IDEState),
2149 VMSTATE_UINT8(end_transfer_fn_idx, IDEState),
2150 VMSTATE_INT32(elementary_transfer_size, IDEState),
2151 VMSTATE_INT32(packet_transfer_size, IDEState),
2152 VMSTATE_END_OF_LIST()
2156 const VMStateDescription vmstate_ide_drive = {
2157 .name = "ide_drive",
2159 .minimum_version_id = 0,
2160 .minimum_version_id_old = 0,
2161 .post_load = ide_drive_post_load,
2162 .fields = (VMStateField []) {
2163 VMSTATE_INT32(mult_sectors, IDEState),
2164 VMSTATE_INT32(identify_set, IDEState),
2165 VMSTATE_BUFFER_TEST(identify_data, IDEState, is_identify_set),
2166 VMSTATE_UINT8(feature, IDEState),
2167 VMSTATE_UINT8(error, IDEState),
2168 VMSTATE_UINT32(nsector, IDEState),
2169 VMSTATE_UINT8(sector, IDEState),
2170 VMSTATE_UINT8(lcyl, IDEState),
2171 VMSTATE_UINT8(hcyl, IDEState),
2172 VMSTATE_UINT8(hob_feature, IDEState),
2173 VMSTATE_UINT8(hob_sector, IDEState),
2174 VMSTATE_UINT8(hob_nsector, IDEState),
2175 VMSTATE_UINT8(hob_lcyl, IDEState),
2176 VMSTATE_UINT8(hob_hcyl, IDEState),
2177 VMSTATE_UINT8(select, IDEState),
2178 VMSTATE_UINT8(status, IDEState),
2179 VMSTATE_UINT8(lba48, IDEState),
2180 VMSTATE_UINT8(sense_key, IDEState),
2181 VMSTATE_UINT8(asc, IDEState),
2182 VMSTATE_UINT8_V(cdrom_changed, IDEState, 3),
2183 VMSTATE_END_OF_LIST()
2185 .subsections = (VMStateSubsection []) {
2187 .vmsd = &vmstate_ide_drive_pio_state,
2188 .needed = ide_drive_pio_state_needed,
2190 .vmsd = &vmstate_ide_tray_state,
2191 .needed = ide_tray_state_needed,
2193 .vmsd = &vmstate_ide_atapi_gesn_state,
2194 .needed = ide_atapi_gesn_needed,
2201 static const VMStateDescription vmstate_ide_error_status = {
2202 .name ="ide_bus/error",
2204 .minimum_version_id = 1,
2205 .minimum_version_id_old = 1,
2206 .fields = (VMStateField []) {
2207 VMSTATE_INT32(error_status, IDEBus),
2208 VMSTATE_END_OF_LIST()
2212 const VMStateDescription vmstate_ide_bus = {
2215 .minimum_version_id = 1,
2216 .minimum_version_id_old = 1,
2217 .fields = (VMStateField []) {
2218 VMSTATE_UINT8(cmd, IDEBus),
2219 VMSTATE_UINT8(unit, IDEBus),
2220 VMSTATE_END_OF_LIST()
2222 .subsections = (VMStateSubsection []) {
2224 .vmsd = &vmstate_ide_error_status,
2225 .needed = ide_error_needed,
2232 void ide_drive_get(DriveInfo **hd, int max_bus)
2236 if (drive_get_max_bus(IF_IDE) >= max_bus) {
2237 fprintf(stderr, "qemu: too many IDE bus: %d\n", max_bus);
2241 for(i = 0; i < max_bus * MAX_IDE_DEVS; i++) {
2242 hd[i] = drive_get(IF_IDE, i / MAX_IDE_DEVS, i % MAX_IDE_DEVS);
projects / qemu.git / blob