2003-11-11 16:48:59 +03:00
|
|
|
/*
|
2008-01-14 06:05:55 +03:00
|
|
|
* QEMU IDE disk and CD/DVD-ROM Emulator
|
2007-09-17 01:08:06 +04:00
|
|
|
*
|
2003-11-11 16:48:59 +03:00
|
|
|
* Copyright (c) 2003 Fabrice Bellard
|
2007-04-30 04:51:09 +04:00
|
|
|
* Copyright (c) 2006 Openedhand Ltd.
|
2007-09-17 01:08:06 +04:00
|
|
|
*
|
2003-11-11 16:48:59 +03:00
|
|
|
* Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
|
|
* of this software and associated documentation files (the "Software"), to deal
|
|
|
|
* in the Software without restriction, including without limitation the rights
|
|
|
|
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
|
|
* copies of the Software, and to permit persons to whom the Software is
|
|
|
|
* furnished to do so, subject to the following conditions:
|
|
|
|
*
|
|
|
|
* The above copyright notice and this permission notice shall be included in
|
|
|
|
* all copies or substantial portions of the Software.
|
|
|
|
*
|
|
|
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
|
|
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
|
|
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
|
|
|
|
* THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
|
|
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
|
|
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
|
|
|
* THE SOFTWARE.
|
|
|
|
*/
|
2018-02-01 14:18:31 +03:00
|
|
|
|
2016-01-26 21:17:09 +03:00
|
|
|
#include "qemu/osdep.h"
|
2023-02-10 01:01:55 +03:00
|
|
|
#include "hw/irq.h"
|
2016-06-22 20:11:19 +03:00
|
|
|
#include "hw/isa/isa.h"
|
2019-08-12 08:23:45 +03:00
|
|
|
#include "migration/vmstate.h"
|
2012-12-17 21:20:00 +04:00
|
|
|
#include "qemu/error-report.h"
|
Include qemu/main-loop.h less
In my "build everything" tree, changing qemu/main-loop.h triggers a
recompile of some 5600 out of 6600 objects (not counting tests and
objects that don't depend on qemu/osdep.h). It includes block/aio.h,
which in turn includes qemu/event_notifier.h, qemu/notify.h,
qemu/processor.h, qemu/qsp.h, qemu/queue.h, qemu/thread-posix.h,
qemu/thread.h, qemu/timer.h, and a few more.
Include qemu/main-loop.h only where it's needed. Touching it now
recompiles only some 1700 objects. For block/aio.h and
qemu/event_notifier.h, these numbers drop from 5600 to 2800. For the
others, they shrink only slightly.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Message-Id: <20190812052359.30071-21-armbru@redhat.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>
2019-08-12 08:23:50 +03:00
|
|
|
#include "qemu/main-loop.h"
|
2012-12-17 21:20:00 +04:00
|
|
|
#include "qemu/timer.h"
|
2022-02-08 23:08:56 +03:00
|
|
|
#include "qemu/hw-version.h"
|
2022-02-26 21:07:23 +03:00
|
|
|
#include "qemu/memalign.h"
|
2012-12-17 21:20:04 +04:00
|
|
|
#include "sysemu/sysemu.h"
|
2017-10-17 19:44:09 +03:00
|
|
|
#include "sysemu/blockdev.h"
|
2012-12-17 21:20:04 +04:00
|
|
|
#include "sysemu/dma.h"
|
2013-02-05 20:06:20 +04:00
|
|
|
#include "hw/block/block.h"
|
2014-10-07 15:59:18 +04:00
|
|
|
#include "sysemu/block-backend.h"
|
2018-02-01 14:18:31 +03:00
|
|
|
#include "qapi/error.h"
|
2016-03-20 20:16:19 +03:00
|
|
|
#include "qemu/cutils.h"
|
2018-09-12 11:19:50 +03:00
|
|
|
#include "sysemu/replay.h"
|
2019-08-12 08:23:59 +03:00
|
|
|
#include "sysemu/runstate.h"
|
2024-02-25 20:08:39 +03:00
|
|
|
#include "ide-internal.h"
|
2017-09-18 22:01:25 +03:00
|
|
|
#include "trace.h"
|
2009-08-07 23:33:04 +04:00
|
|
|
|
2011-03-01 16:30:23 +03:00
|
|
|
/* These values were based on a Seagate ST3500418AS but have been modified
|
|
|
|
to make more sense in QEMU */
|
|
|
|
static const int smart_attributes[][12] = {
|
|
|
|
/* id, flags, hflags, val, wrst, raw (6 bytes), threshold */
|
|
|
|
/* raw read error rate*/
|
|
|
|
{ 0x01, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06},
|
|
|
|
/* spin up */
|
|
|
|
{ 0x03, 0x03, 0x00, 0x64, 0x64, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
|
|
|
|
/* start stop count */
|
|
|
|
{ 0x04, 0x02, 0x00, 0x64, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x14},
|
|
|
|
/* remapped sectors */
|
|
|
|
{ 0x05, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x24},
|
|
|
|
/* power on hours */
|
|
|
|
{ 0x09, 0x03, 0x00, 0x64, 0x64, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
|
|
|
|
/* power cycle count */
|
|
|
|
{ 0x0c, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
|
|
|
|
/* airflow-temperature-celsius */
|
|
|
|
{ 190, 0x03, 0x00, 0x45, 0x45, 0x1f, 0x00, 0x1f, 0x1f, 0x00, 0x00, 0x32},
|
2009-08-07 23:33:04 +04:00
|
|
|
};
|
|
|
|
|
2017-09-18 22:01:26 +03:00
|
|
|
const char *IDE_DMA_CMD_lookup[IDE_DMA__COUNT] = {
|
|
|
|
[IDE_DMA_READ] = "DMA READ",
|
|
|
|
[IDE_DMA_WRITE] = "DMA WRITE",
|
|
|
|
[IDE_DMA_TRIM] = "DMA TRIM",
|
|
|
|
[IDE_DMA_ATAPI] = "DMA ATAPI"
|
|
|
|
};
|
|
|
|
|
|
|
|
static const char *IDE_DMA_CMD_str(enum ide_dma_cmd enval)
|
|
|
|
{
|
2017-09-21 04:38:21 +03:00
|
|
|
if ((unsigned)enval < IDE_DMA__COUNT) {
|
2017-09-18 22:01:26 +03:00
|
|
|
return IDE_DMA_CMD_lookup[enval];
|
|
|
|
}
|
|
|
|
return "DMA UNKNOWN CMD";
|
|
|
|
}
|
|
|
|
|
2011-07-04 16:07:50 +04:00
|
|
|
static void ide_dummy_transfer_stop(IDEState *s);
|
2004-06-25 18:54:19 +04:00
|
|
|
|
2023-11-16 13:33:52 +03:00
|
|
|
const MemoryRegionPortio ide_portio_list[] = {
|
|
|
|
{ 0, 8, 1, .read = ide_ioport_read, .write = ide_ioport_write },
|
|
|
|
{ 0, 1, 2, .read = ide_data_readw, .write = ide_data_writew },
|
|
|
|
{ 0, 1, 4, .read = ide_data_readl, .write = ide_data_writel },
|
|
|
|
PORTIO_END_OF_LIST(),
|
|
|
|
};
|
|
|
|
|
|
|
|
const MemoryRegionPortio ide_portio2_list[] = {
|
|
|
|
{ 0, 1, 1, .read = ide_status_read, .write = ide_ctrl_write },
|
|
|
|
PORTIO_END_OF_LIST(),
|
|
|
|
};
|
|
|
|
|
2003-11-11 16:48:59 +03:00
|
|
|
static void padstr(char *str, const char *src, int len)
|
|
|
|
{
|
|
|
|
int i, v;
|
|
|
|
for(i = 0; i < len; i++) {
|
|
|
|
if (*src)
|
|
|
|
v = *src++;
|
|
|
|
else
|
|
|
|
v = ' ';
|
2007-12-17 06:15:52 +03:00
|
|
|
str[i^1] = v;
|
2003-11-11 16:48:59 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2004-04-01 03:37:16 +04:00
|
|
|
static void put_le16(uint16_t *p, unsigned int v)
|
|
|
|
{
|
2004-04-26 02:09:16 +04:00
|
|
|
*p = cpu_to_le16(v);
|
2004-04-01 03:37:16 +04:00
|
|
|
}
|
|
|
|
|
2014-09-05 07:42:17 +04:00
|
|
|
static void ide_identify_size(IDEState *s)
|
|
|
|
{
|
|
|
|
uint16_t *p = (uint16_t *)s->identify_data;
|
2021-08-24 13:43:44 +03:00
|
|
|
int64_t nb_sectors_lba28 = s->nb_sectors;
|
|
|
|
if (nb_sectors_lba28 >= 1 << 28) {
|
|
|
|
nb_sectors_lba28 = (1 << 28) - 1;
|
|
|
|
}
|
|
|
|
put_le16(p + 60, nb_sectors_lba28);
|
|
|
|
put_le16(p + 61, nb_sectors_lba28 >> 16);
|
2014-09-05 07:42:17 +04:00
|
|
|
put_le16(p + 100, s->nb_sectors);
|
|
|
|
put_le16(p + 101, s->nb_sectors >> 16);
|
|
|
|
put_le16(p + 102, s->nb_sectors >> 32);
|
|
|
|
put_le16(p + 103, s->nb_sectors >> 48);
|
|
|
|
}
|
|
|
|
|
2003-11-11 16:48:59 +03:00
|
|
|
static void ide_identify(IDEState *s)
|
|
|
|
{
|
|
|
|
uint16_t *p;
|
|
|
|
unsigned int oldsize;
|
2011-05-19 12:58:19 +04:00
|
|
|
IDEDevice *dev = s->unit ? s->bus->slave : s->bus->master;
|
2003-11-11 16:48:59 +03:00
|
|
|
|
2014-09-05 07:42:16 +04:00
|
|
|
p = (uint16_t *)s->identify_data;
|
2006-02-02 01:20:12 +03:00
|
|
|
if (s->identify_set) {
|
2014-09-05 07:42:16 +04:00
|
|
|
goto fill_buffer;
|
2006-02-02 01:20:12 +03:00
|
|
|
}
|
2014-09-05 07:42:16 +04:00
|
|
|
memset(p, 0, sizeof(s->identify_data));
|
2006-02-02 01:20:12 +03:00
|
|
|
|
2004-04-01 03:37:16 +04:00
|
|
|
put_le16(p + 0, 0x0040);
|
2007-09-17 01:08:06 +04:00
|
|
|
put_le16(p + 1, s->cylinders);
|
2004-04-01 03:37:16 +04:00
|
|
|
put_le16(p + 3, s->heads);
|
|
|
|
put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
|
|
|
|
put_le16(p + 5, 512); /* XXX: retired, remove ? */
|
2007-09-17 01:08:06 +04:00
|
|
|
put_le16(p + 6, s->sectors);
|
2009-01-07 20:32:33 +03:00
|
|
|
padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
|
2004-04-01 03:37:16 +04:00
|
|
|
put_le16(p + 20, 3); /* XXX: retired, remove ? */
|
|
|
|
put_le16(p + 21, 512); /* cache size in sectors */
|
|
|
|
put_le16(p + 22, 4); /* ecc bytes */
|
2010-01-14 16:44:12 +03:00
|
|
|
padstr((char *)(p + 23), s->version, 8); /* firmware version */
|
2012-03-13 00:05:09 +04:00
|
|
|
padstr((char *)(p + 27), s->drive_model_str, 40); /* model */
|
2007-09-17 12:09:54 +04:00
|
|
|
#if MAX_MULT_SECTORS > 1
|
2004-04-01 03:37:16 +04:00
|
|
|
put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
|
2003-11-11 16:48:59 +03:00
|
|
|
#endif
|
2004-04-01 03:37:16 +04:00
|
|
|
put_le16(p + 48, 1); /* dword I/O */
|
2006-02-02 01:20:12 +03:00
|
|
|
put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
|
2004-04-01 03:37:16 +04:00
|
|
|
put_le16(p + 51, 0x200); /* PIO transfer cycle */
|
|
|
|
put_le16(p + 52, 0x200); /* DMA transfer cycle */
|
2006-02-02 01:20:12 +03:00
|
|
|
put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
|
2004-04-01 03:37:16 +04:00
|
|
|
put_le16(p + 54, s->cylinders);
|
|
|
|
put_le16(p + 55, s->heads);
|
|
|
|
put_le16(p + 56, s->sectors);
|
2003-11-11 16:48:59 +03:00
|
|
|
oldsize = s->cylinders * s->heads * s->sectors;
|
2004-04-01 03:37:16 +04:00
|
|
|
put_le16(p + 57, oldsize);
|
|
|
|
put_le16(p + 58, oldsize >> 16);
|
2003-11-11 16:48:59 +03:00
|
|
|
if (s->mult_sectors)
|
2004-04-01 03:37:16 +04:00
|
|
|
put_le16(p + 59, 0x100 | s->mult_sectors);
|
2014-09-05 07:42:17 +04:00
|
|
|
/* *(p + 60) := nb_sectors -- see ide_identify_size */
|
|
|
|
/* *(p + 61) := nb_sectors >> 16 -- see ide_identify_size */
|
2008-07-18 20:49:42 +04:00
|
|
|
put_le16(p + 62, 0x07); /* single word dma0-2 supported */
|
2006-02-02 01:20:12 +03:00
|
|
|
put_le16(p + 63, 0x07); /* mdma0-2 supported */
|
2010-09-03 16:57:46 +04:00
|
|
|
put_le16(p + 64, 0x03); /* pio3-4 supported */
|
2006-02-02 01:20:12 +03:00
|
|
|
put_le16(p + 65, 120);
|
|
|
|
put_le16(p + 66, 120);
|
|
|
|
put_le16(p + 67, 120);
|
|
|
|
put_le16(p + 68, 120);
|
2011-05-19 12:58:19 +04:00
|
|
|
if (dev && dev->conf.discard_granularity) {
|
|
|
|
put_le16(p + 69, (1 << 14)); /* determinate TRIM behavior */
|
|
|
|
}
|
2010-12-14 03:34:37 +03:00
|
|
|
|
|
|
|
if (s->ncq_queues) {
|
|
|
|
put_le16(p + 75, s->ncq_queues - 1);
|
|
|
|
/* NCQ supported */
|
|
|
|
put_le16(p + 76, (1 << 8));
|
|
|
|
}
|
|
|
|
|
2006-02-02 01:20:12 +03:00
|
|
|
put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
|
|
|
|
put_le16(p + 81, 0x16); /* conforms to ata5 */
|
2010-10-04 17:29:41 +04:00
|
|
|
/* 14=NOP supported, 5=WCACHE supported, 0=SMART supported */
|
|
|
|
put_le16(p + 82, (1 << 14) | (1 << 5) | 1);
|
2006-04-26 01:24:22 +04:00
|
|
|
/* 13=flush_cache_ext,12=flush_cache,10=lba48 */
|
|
|
|
put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
|
2012-03-13 16:31:47 +04:00
|
|
|
/* 14=set to 1, 8=has WWN, 1=SMART self test, 0=SMART error logging */
|
|
|
|
if (s->wwn) {
|
|
|
|
put_le16(p + 84, (1 << 14) | (1 << 8) | 0);
|
|
|
|
} else {
|
|
|
|
put_le16(p + 84, (1 << 14) | 0);
|
|
|
|
}
|
2009-09-04 21:01:15 +04:00
|
|
|
/* 14 = NOP supported, 5=WCACHE enabled, 0=SMART feature set enabled */
|
2014-10-07 15:59:18 +04:00
|
|
|
if (blk_enable_write_cache(s->blk)) {
|
|
|
|
put_le16(p + 85, (1 << 14) | (1 << 5) | 1);
|
|
|
|
} else {
|
|
|
|
put_le16(p + 85, (1 << 14) | 1);
|
|
|
|
}
|
2006-04-26 01:24:22 +04:00
|
|
|
/* 13=flush_cache_ext,12=flush_cache,10=lba48 */
|
2012-03-13 17:44:22 +04:00
|
|
|
put_le16(p + 86, (1 << 13) | (1 <<12) | (1 << 10));
|
2012-03-13 16:31:47 +04:00
|
|
|
/* 14=set to 1, 8=has WWN, 1=SMART self test, 0=SMART error logging */
|
|
|
|
if (s->wwn) {
|
|
|
|
put_le16(p + 87, (1 << 14) | (1 << 8) | 0);
|
|
|
|
} else {
|
|
|
|
put_le16(p + 87, (1 << 14) | 0);
|
|
|
|
}
|
2006-02-02 01:20:12 +03:00
|
|
|
put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
|
|
|
|
put_le16(p + 93, 1 | (1 << 14) | 0x2000);
|
2014-09-05 07:42:17 +04:00
|
|
|
/* *(p + 100) := nb_sectors -- see ide_identify_size */
|
|
|
|
/* *(p + 101) := nb_sectors >> 16 -- see ide_identify_size */
|
|
|
|
/* *(p + 102) := nb_sectors >> 32 -- see ide_identify_size */
|
|
|
|
/* *(p + 103) := nb_sectors >> 48 -- see ide_identify_size */
|
2011-05-19 12:58:19 +04:00
|
|
|
|
2010-05-28 17:38:46 +04:00
|
|
|
if (dev && dev->conf.physical_block_size)
|
|
|
|
put_le16(p + 106, 0x6000 | get_physical_block_exp(&dev->conf));
|
2012-03-13 16:31:47 +04:00
|
|
|
if (s->wwn) {
|
|
|
|
/* LE 16-bit words 111-108 contain 64-bit World Wide Name */
|
|
|
|
put_le16(p + 108, s->wwn >> 48);
|
|
|
|
put_le16(p + 109, s->wwn >> 32);
|
|
|
|
put_le16(p + 110, s->wwn >> 16);
|
|
|
|
put_le16(p + 111, s->wwn);
|
|
|
|
}
|
2011-05-19 12:58:19 +04:00
|
|
|
if (dev && dev->conf.discard_granularity) {
|
|
|
|
put_le16(p + 169, 1); /* TRIM support */
|
|
|
|
}
|
2017-10-20 12:14:03 +03:00
|
|
|
if (dev) {
|
|
|
|
put_le16(p + 217, dev->rotation_rate); /* Nominal media rotation rate */
|
|
|
|
}
|
2006-02-02 01:20:12 +03:00
|
|
|
|
2014-09-05 07:42:17 +04:00
|
|
|
ide_identify_size(s);
|
2006-02-02 01:20:12 +03:00
|
|
|
s->identify_set = 1;
|
2014-09-05 07:42:16 +04:00
|
|
|
|
|
|
|
fill_buffer:
|
|
|
|
memcpy(s->io_buffer, p, sizeof(s->identify_data));
|
2003-11-11 16:48:59 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
static void ide_atapi_identify(IDEState *s)
|
|
|
|
{
|
|
|
|
uint16_t *p;
|
|
|
|
|
2014-09-05 07:42:16 +04:00
|
|
|
p = (uint16_t *)s->identify_data;
|
2006-02-02 01:20:12 +03:00
|
|
|
if (s->identify_set) {
|
2014-09-05 07:42:16 +04:00
|
|
|
goto fill_buffer;
|
2006-02-02 01:20:12 +03:00
|
|
|
}
|
2014-09-05 07:42:16 +04:00
|
|
|
memset(p, 0, sizeof(s->identify_data));
|
2006-02-02 01:20:12 +03:00
|
|
|
|
2003-11-11 16:48:59 +03:00
|
|
|
/* Removable CDROM, 50us response, 12 byte packets */
|
2004-04-01 03:37:16 +04:00
|
|
|
put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
|
2009-01-07 20:32:33 +03:00
|
|
|
padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
|
2004-04-01 03:37:16 +04:00
|
|
|
put_le16(p + 20, 3); /* buffer type */
|
|
|
|
put_le16(p + 21, 512); /* cache size in sectors */
|
|
|
|
put_le16(p + 22, 4); /* ecc bytes */
|
2010-01-14 16:44:12 +03:00
|
|
|
padstr((char *)(p + 23), s->version, 8); /* firmware version */
|
2012-03-13 00:05:09 +04:00
|
|
|
padstr((char *)(p + 27), s->drive_model_str, 40); /* model */
|
2004-04-01 03:37:16 +04:00
|
|
|
put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
|
2006-08-08 01:36:34 +04:00
|
|
|
#ifdef USE_DMA_CDROM
|
|
|
|
put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
|
|
|
|
put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
|
2008-07-18 20:49:42 +04:00
|
|
|
put_le16(p + 62, 7); /* single word dma0-2 supported */
|
2006-08-08 01:36:34 +04:00
|
|
|
put_le16(p + 63, 7); /* mdma0-2 supported */
|
|
|
|
#else
|
2004-04-01 03:37:16 +04:00
|
|
|
put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
|
|
|
|
put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
|
|
|
|
put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
|
2006-08-08 01:36:34 +04:00
|
|
|
#endif
|
2010-09-03 16:57:46 +04:00
|
|
|
put_le16(p + 64, 3); /* pio3-4 supported */
|
2004-04-01 03:37:16 +04:00
|
|
|
put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
|
|
|
|
put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
|
|
|
|
put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
|
|
|
|
put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
|
2006-02-02 01:20:12 +03:00
|
|
|
|
2004-04-01 03:37:16 +04:00
|
|
|
put_le16(p + 71, 30); /* in ns */
|
|
|
|
put_le16(p + 72, 30); /* in ns */
|
2003-11-11 16:48:59 +03:00
|
|
|
|
2010-12-14 18:23:38 +03:00
|
|
|
if (s->ncq_queues) {
|
|
|
|
put_le16(p + 75, s->ncq_queues - 1);
|
|
|
|
/* NCQ supported */
|
|
|
|
put_le16(p + 76, (1 << 8));
|
|
|
|
}
|
|
|
|
|
2004-04-01 03:37:16 +04:00
|
|
|
put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
|
2014-08-19 22:57:55 +04:00
|
|
|
if (s->wwn) {
|
|
|
|
put_le16(p + 84, (1 << 8)); /* supports WWN for words 108-111 */
|
|
|
|
put_le16(p + 87, (1 << 8)); /* WWN enabled */
|
|
|
|
}
|
|
|
|
|
2006-08-08 01:36:34 +04:00
|
|
|
#ifdef USE_DMA_CDROM
|
|
|
|
put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
|
|
|
|
#endif
|
2014-08-19 22:57:55 +04:00
|
|
|
|
|
|
|
if (s->wwn) {
|
|
|
|
/* LE 16-bit words 111-108 contain 64-bit World Wide Name */
|
|
|
|
put_le16(p + 108, s->wwn >> 48);
|
|
|
|
put_le16(p + 109, s->wwn >> 32);
|
|
|
|
put_le16(p + 110, s->wwn >> 16);
|
|
|
|
put_le16(p + 111, s->wwn);
|
|
|
|
}
|
|
|
|
|
2006-02-02 01:20:12 +03:00
|
|
|
s->identify_set = 1;
|
2014-09-05 07:42:16 +04:00
|
|
|
|
|
|
|
fill_buffer:
|
|
|
|
memcpy(s->io_buffer, p, sizeof(s->identify_data));
|
2003-11-11 16:48:59 +03:00
|
|
|
}
|
|
|
|
|
2014-09-05 07:42:17 +04:00
|
|
|
static void ide_cfata_identify_size(IDEState *s)
|
|
|
|
{
|
|
|
|
uint16_t *p = (uint16_t *)s->identify_data;
|
|
|
|
put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
|
|
|
|
put_le16(p + 8, s->nb_sectors); /* Sectors per card */
|
|
|
|
put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
|
|
|
|
put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
|
|
|
|
}
|
|
|
|
|
2007-04-30 04:51:09 +04:00
|
|
|
static void ide_cfata_identify(IDEState *s)
|
|
|
|
{
|
|
|
|
uint16_t *p;
|
|
|
|
uint32_t cur_sec;
|
|
|
|
|
2014-09-05 07:42:16 +04:00
|
|
|
p = (uint16_t *)s->identify_data;
|
|
|
|
if (s->identify_set) {
|
2007-04-30 04:51:09 +04:00
|
|
|
goto fill_buffer;
|
2014-09-05 07:42:16 +04:00
|
|
|
}
|
2007-04-30 04:51:09 +04:00
|
|
|
memset(p, 0, sizeof(s->identify_data));
|
|
|
|
|
|
|
|
cur_sec = s->cylinders * s->heads * s->sectors;
|
|
|
|
|
2023-03-15 07:32:29 +03:00
|
|
|
put_le16(p + 0, 0x848a); /* CF Storage Card signature */
|
|
|
|
put_le16(p + 1, s->cylinders); /* Default cylinders */
|
|
|
|
put_le16(p + 3, s->heads); /* Default heads */
|
|
|
|
put_le16(p + 6, s->sectors); /* Default sectors per track */
|
2014-09-05 07:42:17 +04:00
|
|
|
/* *(p + 7) := nb_sectors >> 16 -- see ide_cfata_identify_size */
|
|
|
|
/* *(p + 8) := nb_sectors -- see ide_cfata_identify_size */
|
2009-01-07 20:32:33 +03:00
|
|
|
padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
|
2023-03-15 07:32:29 +03:00
|
|
|
put_le16(p + 22, 0x0004); /* ECC bytes */
|
|
|
|
padstr((char *) (p + 23), s->version, 8); /* Firmware Revision */
|
2012-03-13 00:05:09 +04:00
|
|
|
padstr((char *) (p + 27), s->drive_model_str, 40);/* Model number */
|
2007-04-30 04:51:09 +04:00
|
|
|
#if MAX_MULT_SECTORS > 1
|
|
|
|
put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
|
|
|
|
#else
|
|
|
|
put_le16(p + 47, 0x0000);
|
|
|
|
#endif
|
2023-03-15 07:32:29 +03:00
|
|
|
put_le16(p + 49, 0x0f00); /* Capabilities */
|
|
|
|
put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
|
|
|
|
put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
|
|
|
|
put_le16(p + 53, 0x0003); /* Translation params valid */
|
|
|
|
put_le16(p + 54, s->cylinders); /* Current cylinders */
|
|
|
|
put_le16(p + 55, s->heads); /* Current heads */
|
|
|
|
put_le16(p + 56, s->sectors); /* Current sectors */
|
|
|
|
put_le16(p + 57, cur_sec); /* Current capacity */
|
|
|
|
put_le16(p + 58, cur_sec >> 16); /* Current capacity */
|
|
|
|
if (s->mult_sectors) /* Multiple sector setting */
|
2007-04-30 04:51:09 +04:00
|
|
|
put_le16(p + 59, 0x100 | s->mult_sectors);
|
2014-09-05 07:42:17 +04:00
|
|
|
/* *(p + 60) := nb_sectors -- see ide_cfata_identify_size */
|
|
|
|
/* *(p + 61) := nb_sectors >> 16 -- see ide_cfata_identify_size */
|
2023-03-15 07:32:29 +03:00
|
|
|
put_le16(p + 63, 0x0203); /* Multiword DMA capability */
|
|
|
|
put_le16(p + 64, 0x0001); /* Flow Control PIO support */
|
|
|
|
put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
|
|
|
|
put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
|
|
|
|
put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
|
|
|
|
put_le16(p + 82, 0x400c); /* Command Set supported */
|
|
|
|
put_le16(p + 83, 0x7068); /* Command Set supported */
|
|
|
|
put_le16(p + 84, 0x4000); /* Features supported */
|
|
|
|
put_le16(p + 85, 0x000c); /* Command Set enabled */
|
|
|
|
put_le16(p + 86, 0x7044); /* Command Set enabled */
|
|
|
|
put_le16(p + 87, 0x4000); /* Features enabled */
|
|
|
|
put_le16(p + 91, 0x4060); /* Current APM level */
|
|
|
|
put_le16(p + 129, 0x0002); /* Current features option */
|
|
|
|
put_le16(p + 130, 0x0005); /* Reassigned sectors */
|
|
|
|
put_le16(p + 131, 0x0001); /* Initial power mode */
|
|
|
|
put_le16(p + 132, 0x0000); /* User signature */
|
|
|
|
put_le16(p + 160, 0x8100); /* Power requirement */
|
|
|
|
put_le16(p + 161, 0x8001); /* CF command set */
|
2007-04-30 04:51:09 +04:00
|
|
|
|
2014-09-05 07:42:17 +04:00
|
|
|
ide_cfata_identify_size(s);
|
2007-04-30 04:51:09 +04:00
|
|
|
s->identify_set = 1;
|
|
|
|
|
|
|
|
fill_buffer:
|
|
|
|
memcpy(s->io_buffer, p, sizeof(s->identify_data));
|
|
|
|
}
|
|
|
|
|
2003-11-11 16:48:59 +03:00
|
|
|
static void ide_set_signature(IDEState *s)
|
|
|
|
{
|
2020-07-24 08:22:58 +03:00
|
|
|
s->select &= ~(ATA_DEV_HS); /* clear head */
|
2003-11-11 16:48:59 +03:00
|
|
|
/* put signature */
|
|
|
|
s->nsector = 1;
|
|
|
|
s->sector = 1;
|
2010-05-28 15:32:45 +04:00
|
|
|
if (s->drive_kind == IDE_CD) {
|
2003-11-11 16:48:59 +03:00
|
|
|
s->lcyl = 0x14;
|
|
|
|
s->hcyl = 0xeb;
|
2014-10-07 15:59:18 +04:00
|
|
|
} else if (s->blk) {
|
2003-11-11 16:48:59 +03:00
|
|
|
s->lcyl = 0;
|
|
|
|
s->hcyl = 0;
|
|
|
|
} else {
|
|
|
|
s->lcyl = 0xff;
|
|
|
|
s->hcyl = 0xff;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-12-08 15:10:33 +03:00
|
|
|
static bool ide_sect_range_ok(IDEState *s,
|
|
|
|
uint64_t sector, uint64_t nb_sectors)
|
|
|
|
{
|
|
|
|
uint64_t total_sectors;
|
|
|
|
|
|
|
|
blk_get_geometry(s->blk, &total_sectors);
|
|
|
|
if (sector > total_sectors || nb_sectors > total_sectors - sector) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2011-05-19 12:58:19 +04:00
|
|
|
typedef struct TrimAIOCB {
|
2014-10-07 15:59:14 +04:00
|
|
|
BlockAIOCB common;
|
2017-12-08 15:10:32 +03:00
|
|
|
IDEState *s;
|
2011-05-19 12:58:19 +04:00
|
|
|
QEMUBH *bh;
|
|
|
|
int ret;
|
2013-01-14 19:26:57 +04:00
|
|
|
QEMUIOVector *qiov;
|
2014-10-07 15:59:14 +04:00
|
|
|
BlockAIOCB *aiocb;
|
2013-01-14 19:26:57 +04:00
|
|
|
int i, j;
|
2011-05-19 12:58:19 +04:00
|
|
|
} TrimAIOCB;
|
|
|
|
|
2014-10-07 15:59:14 +04:00
|
|
|
static void trim_aio_cancel(BlockAIOCB *acb)
|
2011-05-19 12:58:19 +04:00
|
|
|
{
|
|
|
|
TrimAIOCB *iocb = container_of(acb, TrimAIOCB, common);
|
|
|
|
|
2014-09-11 09:41:26 +04:00
|
|
|
/* Exit the loop so ide_issue_trim_cb will not continue */
|
2013-01-14 19:26:57 +04:00
|
|
|
iocb->j = iocb->qiov->niov - 1;
|
|
|
|
iocb->i = (iocb->qiov->iov[iocb->j].iov_len / 8) - 1;
|
|
|
|
|
2014-09-11 09:41:26 +04:00
|
|
|
iocb->ret = -ECANCELED;
|
2013-01-14 19:26:57 +04:00
|
|
|
|
|
|
|
if (iocb->aiocb) {
|
2014-10-07 15:59:18 +04:00
|
|
|
blk_aio_cancel_async(iocb->aiocb);
|
2014-09-11 09:41:26 +04:00
|
|
|
iocb->aiocb = NULL;
|
2013-01-14 19:26:57 +04:00
|
|
|
}
|
2011-05-19 12:58:19 +04:00
|
|
|
}
|
|
|
|
|
2012-10-31 19:34:37 +04:00
|
|
|
static const AIOCBInfo trim_aiocb_info = {
|
2011-05-19 12:58:19 +04:00
|
|
|
.aiocb_size = sizeof(TrimAIOCB),
|
2014-09-11 09:41:26 +04:00
|
|
|
.cancel_async = trim_aio_cancel,
|
2011-05-19 12:58:19 +04:00
|
|
|
};
|
|
|
|
|
|
|
|
static void ide_trim_bh_cb(void *opaque)
|
|
|
|
{
|
|
|
|
TrimAIOCB *iocb = opaque;
|
ide: Increment BB in-flight counter for TRIM BH
When we still have an AIOCB registered for DMA operations, we try to
settle the respective operation by draining the BlockBackend associated
with the IDE device.
However, this assumes that every DMA operation is associated with an
increment of the BlockBackend’s in-flight counter (e.g. through some
ongoing I/O operation), so that draining the BB until its in-flight
counter reaches 0 will settle all DMA operations. That is not the case:
For TRIM, the guest can issue a zero-length operation that will not
result in any I/O operation forwarded to the BlockBackend, and also not
increment the in-flight counter in any other way. In such a case,
blk_drain() will be a no-op if no other operations are in flight.
It is clear that if blk_drain() is a no-op, the value of
s->bus->dma->aiocb will not change between checking it in the `if`
condition and asserting that it is NULL after blk_drain().
The particular problem is that ide_issue_trim() creates a BH
(ide_trim_bh_cb()) to settle the TRIM request: iocb->common.cb() is
ide_dma_cb(), which will either create a new request, or find the
transfer to be done and call ide_set_inactive(), which clears
s->bus->dma->aiocb. Therefore, the blk_drain() must wait for
ide_trim_bh_cb() to run, which currently it will not always do.
To fix this issue, we increment the BlockBackend's in-flight counter
when the TRIM operation begins (in ide_issue_trim(), when the
ide_trim_bh_cb() BH is created) and decrement it when ide_trim_bh_cb()
is done.
Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=2029980
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Hanna Reitz <hreitz@redhat.com>
Message-Id: <20220120142259.120189-1-hreitz@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
Tested-by: John Snow <jsnow@redhat.com>
2022-01-20 17:22:59 +03:00
|
|
|
BlockBackend *blk = iocb->s->blk;
|
2011-05-19 12:58:19 +04:00
|
|
|
|
2018-03-27 07:38:00 +03:00
|
|
|
iocb->common.cb(iocb->common.opaque, iocb->ret);
|
|
|
|
|
2011-05-19 12:58:19 +04:00
|
|
|
qemu_bh_delete(iocb->bh);
|
|
|
|
iocb->bh = NULL;
|
2014-09-11 09:41:28 +04:00
|
|
|
qemu_aio_unref(iocb);
|
ide: Increment BB in-flight counter for TRIM BH
When we still have an AIOCB registered for DMA operations, we try to
settle the respective operation by draining the BlockBackend associated
with the IDE device.
However, this assumes that every DMA operation is associated with an
increment of the BlockBackend’s in-flight counter (e.g. through some
ongoing I/O operation), so that draining the BB until its in-flight
counter reaches 0 will settle all DMA operations. That is not the case:
For TRIM, the guest can issue a zero-length operation that will not
result in any I/O operation forwarded to the BlockBackend, and also not
increment the in-flight counter in any other way. In such a case,
blk_drain() will be a no-op if no other operations are in flight.
It is clear that if blk_drain() is a no-op, the value of
s->bus->dma->aiocb will not change between checking it in the `if`
condition and asserting that it is NULL after blk_drain().
The particular problem is that ide_issue_trim() creates a BH
(ide_trim_bh_cb()) to settle the TRIM request: iocb->common.cb() is
ide_dma_cb(), which will either create a new request, or find the
transfer to be done and call ide_set_inactive(), which clears
s->bus->dma->aiocb. Therefore, the blk_drain() must wait for
ide_trim_bh_cb() to run, which currently it will not always do.
To fix this issue, we increment the BlockBackend's in-flight counter
when the TRIM operation begins (in ide_issue_trim(), when the
ide_trim_bh_cb() BH is created) and decrement it when ide_trim_bh_cb()
is done.
Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=2029980
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Hanna Reitz <hreitz@redhat.com>
Message-Id: <20220120142259.120189-1-hreitz@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
Tested-by: John Snow <jsnow@redhat.com>
2022-01-20 17:22:59 +03:00
|
|
|
|
|
|
|
/* Paired with an increment in ide_issue_trim() */
|
|
|
|
blk_dec_in_flight(blk);
|
2011-05-19 12:58:19 +04:00
|
|
|
}
|
|
|
|
|
2013-01-14 19:26:57 +04:00
|
|
|
static void ide_issue_trim_cb(void *opaque, int ret)
|
|
|
|
{
|
|
|
|
TrimAIOCB *iocb = opaque;
|
2017-12-08 15:10:32 +03:00
|
|
|
IDEState *s = iocb->s;
|
|
|
|
|
2019-09-23 15:17:32 +03:00
|
|
|
if (iocb->i >= 0) {
|
|
|
|
if (ret >= 0) {
|
|
|
|
block_acct_done(blk_get_stats(s->blk), &s->acct);
|
|
|
|
} else {
|
|
|
|
block_acct_failed(blk_get_stats(s->blk), &s->acct);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2013-01-14 19:26:57 +04:00
|
|
|
if (ret >= 0) {
|
|
|
|
while (iocb->j < iocb->qiov->niov) {
|
|
|
|
int j = iocb->j;
|
|
|
|
while (++iocb->i < iocb->qiov->iov[j].iov_len / 8) {
|
|
|
|
int i = iocb->i;
|
|
|
|
uint64_t *buffer = iocb->qiov->iov[j].iov_base;
|
|
|
|
|
|
|
|
/* 6-byte LBA + 2-byte range per entry */
|
|
|
|
uint64_t entry = le64_to_cpu(buffer[i]);
|
|
|
|
uint64_t sector = entry & 0x0000ffffffffffffULL;
|
|
|
|
uint16_t count = entry >> 48;
|
|
|
|
|
|
|
|
if (count == 0) {
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
2017-12-08 15:10:34 +03:00
|
|
|
if (!ide_sect_range_ok(s, sector, count)) {
|
2019-09-23 15:17:32 +03:00
|
|
|
block_acct_invalid(blk_get_stats(s->blk), BLOCK_ACCT_UNMAP);
|
2018-03-27 07:38:00 +03:00
|
|
|
iocb->ret = -EINVAL;
|
2017-12-08 15:10:34 +03:00
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
2019-09-23 15:17:32 +03:00
|
|
|
block_acct_start(blk_get_stats(s->blk), &s->acct,
|
|
|
|
count << BDRV_SECTOR_BITS, BLOCK_ACCT_UNMAP);
|
|
|
|
|
2013-01-14 19:26:57 +04:00
|
|
|
/* Got an entry! Submit and exit. */
|
2017-12-08 15:10:32 +03:00
|
|
|
iocb->aiocb = blk_aio_pdiscard(s->blk,
|
2016-07-16 02:22:54 +03:00
|
|
|
sector << BDRV_SECTOR_BITS,
|
|
|
|
count << BDRV_SECTOR_BITS,
|
|
|
|
ide_issue_trim_cb, opaque);
|
2013-01-14 19:26:57 +04:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
iocb->j++;
|
|
|
|
iocb->i = -1;
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
iocb->ret = ret;
|
|
|
|
}
|
|
|
|
|
2017-12-08 15:10:34 +03:00
|
|
|
done:
|
2013-01-14 19:26:57 +04:00
|
|
|
iocb->aiocb = NULL;
|
|
|
|
if (iocb->bh) {
|
2018-09-12 11:19:50 +03:00
|
|
|
replay_bh_schedule_event(iocb->bh);
|
2013-01-14 19:26:57 +04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-05-23 15:54:06 +03:00
|
|
|
BlockAIOCB *ide_issue_trim(
|
|
|
|
int64_t offset, QEMUIOVector *qiov,
|
|
|
|
BlockCompletionFunc *cb, void *cb_opaque, void *opaque)
|
2011-05-19 12:58:19 +04:00
|
|
|
{
|
2017-12-08 15:10:32 +03:00
|
|
|
IDEState *s = opaque;
|
2023-04-28 00:10:09 +03:00
|
|
|
IDEDevice *dev = s->unit ? s->bus->slave : s->bus->master;
|
2011-05-19 12:58:19 +04:00
|
|
|
TrimAIOCB *iocb;
|
|
|
|
|
ide: Increment BB in-flight counter for TRIM BH
When we still have an AIOCB registered for DMA operations, we try to
settle the respective operation by draining the BlockBackend associated
with the IDE device.
However, this assumes that every DMA operation is associated with an
increment of the BlockBackend’s in-flight counter (e.g. through some
ongoing I/O operation), so that draining the BB until its in-flight
counter reaches 0 will settle all DMA operations. That is not the case:
For TRIM, the guest can issue a zero-length operation that will not
result in any I/O operation forwarded to the BlockBackend, and also not
increment the in-flight counter in any other way. In such a case,
blk_drain() will be a no-op if no other operations are in flight.
It is clear that if blk_drain() is a no-op, the value of
s->bus->dma->aiocb will not change between checking it in the `if`
condition and asserting that it is NULL after blk_drain().
The particular problem is that ide_issue_trim() creates a BH
(ide_trim_bh_cb()) to settle the TRIM request: iocb->common.cb() is
ide_dma_cb(), which will either create a new request, or find the
transfer to be done and call ide_set_inactive(), which clears
s->bus->dma->aiocb. Therefore, the blk_drain() must wait for
ide_trim_bh_cb() to run, which currently it will not always do.
To fix this issue, we increment the BlockBackend's in-flight counter
when the TRIM operation begins (in ide_issue_trim(), when the
ide_trim_bh_cb() BH is created) and decrement it when ide_trim_bh_cb()
is done.
Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=2029980
Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Hanna Reitz <hreitz@redhat.com>
Message-Id: <20220120142259.120189-1-hreitz@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
Tested-by: John Snow <jsnow@redhat.com>
2022-01-20 17:22:59 +03:00
|
|
|
/* Paired with a decrement in ide_trim_bh_cb() */
|
|
|
|
blk_inc_in_flight(s->blk);
|
|
|
|
|
2017-12-08 15:10:32 +03:00
|
|
|
iocb = blk_aio_get(&trim_aiocb_info, s->blk, cb, cb_opaque);
|
|
|
|
iocb->s = s;
|
2023-04-28 00:10:09 +03:00
|
|
|
iocb->bh = qemu_bh_new_guarded(ide_trim_bh_cb, iocb,
|
|
|
|
&DEVICE(dev)->mem_reentrancy_guard);
|
2011-05-19 12:58:19 +04:00
|
|
|
iocb->ret = 0;
|
2013-01-14 19:26:57 +04:00
|
|
|
iocb->qiov = qiov;
|
|
|
|
iocb->i = -1;
|
|
|
|
iocb->j = 0;
|
|
|
|
ide_issue_trim_cb(iocb, 0);
|
2011-05-19 12:58:19 +04:00
|
|
|
return &iocb->common;
|
|
|
|
}
|
|
|
|
|
2015-09-17 21:17:05 +03:00
|
|
|
void ide_abort_command(IDEState *s)
|
2003-11-11 16:48:59 +03:00
|
|
|
{
|
|
|
|
s->status = READY_STAT | ERR_STAT;
|
|
|
|
s->error = ABRT_ERR;
|
hw/ide/core: set ERR_STAT in unsupported command completion
Currently, the first time sending an unsupported command
(e.g. READ LOG DMA EXT) will not have ERR_STAT set in the completion.
Sending the unsupported command again, will correctly have ERR_STAT set.
When ide_cmd_permitted() returns false, it calls ide_abort_command().
ide_abort_command() first calls ide_transfer_stop(), which will call
ide_transfer_halt() and ide_cmd_done(), after that ide_abort_command()
sets ERR_STAT in status.
ide_cmd_done() for AHCI will call ahci_write_fis_d2h() which writes the
current status in the FIS, and raises an IRQ. (The status here will not
have ERR_STAT set!).
Thus, we cannot call ide_transfer_stop() before setting ERR_STAT, as
ide_transfer_stop() will result in the FIS being written and an IRQ
being raised.
The reason why it works the second time, is that ERR_STAT will still
be set from the previous command, so when writing the FIS, the
completion will correctly have ERR_STAT set.
Set ERR_STAT before writing the FIS (calling cmd_done), so that we will
raise an error IRQ correctly when receiving an unsupported command.
Signed-off-by: Niklas Cassel <niklas.cassel@wdc.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-id: 20230609140844.202795-3-nks@flawful.org
Signed-off-by: John Snow <jsnow@redhat.com>
2023-06-09 17:08:38 +03:00
|
|
|
ide_transfer_stop(s);
|
2003-11-11 16:48:59 +03:00
|
|
|
}
|
|
|
|
|
2016-07-18 22:39:49 +03:00
|
|
|
static void ide_set_retry(IDEState *s)
|
|
|
|
{
|
|
|
|
s->bus->retry_unit = s->unit;
|
|
|
|
s->bus->retry_sector_num = ide_get_sector(s);
|
|
|
|
s->bus->retry_nsector = s->nsector;
|
|
|
|
}
|
|
|
|
|
|
|
|
static void ide_clear_retry(IDEState *s)
|
|
|
|
{
|
|
|
|
s->bus->retry_unit = -1;
|
|
|
|
s->bus->retry_sector_num = 0;
|
|
|
|
s->bus->retry_nsector = 0;
|
|
|
|
}
|
|
|
|
|
2003-11-11 16:48:59 +03:00
|
|
|
/* prepare data transfer and tell what to do after */
|
2018-06-06 22:09:55 +03:00
|
|
|
bool ide_transfer_start_norecurse(IDEState *s, uint8_t *buf, int size,
|
|
|
|
EndTransferFunc *end_transfer_func)
|
2003-11-11 16:48:59 +03:00
|
|
|
{
|
|
|
|
s->data_ptr = buf;
|
|
|
|
s->data_end = buf + size;
|
2016-07-18 22:39:50 +03:00
|
|
|
ide_set_retry(s);
|
2010-12-15 02:23:00 +03:00
|
|
|
if (!(s->status & ERR_STAT)) {
|
2007-08-20 01:46:53 +04:00
|
|
|
s->status |= DRQ_STAT;
|
2010-12-15 02:23:00 +03:00
|
|
|
}
|
2018-06-06 22:09:51 +03:00
|
|
|
if (!s->bus->dma->ops->pio_transfer) {
|
|
|
|
s->end_transfer_func = end_transfer_func;
|
2018-06-06 22:09:55 +03:00
|
|
|
return false;
|
2014-08-05 01:11:09 +04:00
|
|
|
}
|
2018-06-06 22:09:51 +03:00
|
|
|
s->bus->dma->ops->pio_transfer(s->bus->dma);
|
2018-06-06 22:09:55 +03:00
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
|
|
|
|
EndTransferFunc *end_transfer_func)
|
|
|
|
{
|
|
|
|
if (ide_transfer_start_norecurse(s, buf, size, end_transfer_func)) {
|
|
|
|
end_transfer_func(s);
|
|
|
|
}
|
2003-11-11 16:48:59 +03:00
|
|
|
}
|
|
|
|
|
2014-08-05 01:11:17 +04:00
|
|
|
static void ide_cmd_done(IDEState *s)
|
|
|
|
{
|
|
|
|
if (s->bus->dma->ops->cmd_done) {
|
|
|
|
s->bus->dma->ops->cmd_done(s->bus->dma);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-06-06 22:09:53 +03:00
|
|
|
static void ide_transfer_halt(IDEState *s)
|
2003-11-11 16:48:59 +03:00
|
|
|
{
|
2018-06-06 22:09:53 +03:00
|
|
|
s->end_transfer_func = ide_transfer_stop;
|
2003-11-11 16:48:59 +03:00
|
|
|
s->data_ptr = s->io_buffer;
|
|
|
|
s->data_end = s->io_buffer;
|
|
|
|
s->status &= ~DRQ_STAT;
|
2016-02-10 21:29:39 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
void ide_transfer_stop(IDEState *s)
|
|
|
|
{
|
2018-06-06 22:09:53 +03:00
|
|
|
ide_transfer_halt(s);
|
2018-06-06 22:09:52 +03:00
|
|
|
ide_cmd_done(s);
|
2016-02-10 21:29:39 +03:00
|
|
|
}
|
|
|
|
|
2009-08-20 17:22:18 +04:00
|
|
|
int64_t ide_get_sector(IDEState *s)
|
2003-11-11 16:48:59 +03:00
|
|
|
{
|
|
|
|
int64_t sector_num;
|
2020-07-24 08:22:58 +03:00
|
|
|
if (s->select & (ATA_DEV_LBA)) {
|
2020-07-24 08:22:57 +03:00
|
|
|
if (s->lba48) {
|
2018-12-14 01:37:37 +03:00
|
|
|
sector_num = ((int64_t)s->hob_hcyl << 40) |
|
|
|
|
((int64_t) s->hob_lcyl << 32) |
|
|
|
|
((int64_t) s->hob_sector << 24) |
|
|
|
|
((int64_t) s->hcyl << 16) |
|
|
|
|
((int64_t) s->lcyl << 8) | s->sector;
|
2020-07-24 08:22:57 +03:00
|
|
|
} else {
|
|
|
|
/* LBA28 */
|
2020-07-24 08:22:58 +03:00
|
|
|
sector_num = ((s->select & (ATA_DEV_LBA_MSB)) << 24) |
|
|
|
|
(s->hcyl << 16) | (s->lcyl << 8) | s->sector;
|
2018-12-14 01:37:37 +03:00
|
|
|
}
|
2003-11-11 16:48:59 +03:00
|
|
|
} else {
|
2020-07-24 08:22:57 +03:00
|
|
|
/* CHS */
|
2003-11-11 16:48:59 +03:00
|
|
|
sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
|
2020-07-24 08:22:58 +03:00
|
|
|
(s->select & (ATA_DEV_HS)) * s->sectors + (s->sector - 1);
|
2003-11-11 16:48:59 +03:00
|
|
|
}
|
2020-07-24 08:22:57 +03:00
|
|
|
|
2003-11-11 16:48:59 +03:00
|
|
|
return sector_num;
|
|
|
|
}
|
|
|
|
|
2009-08-20 17:22:18 +04:00
|
|
|
void ide_set_sector(IDEState *s, int64_t sector_num)
|
2003-11-11 16:48:59 +03:00
|
|
|
{
|
|
|
|
unsigned int cyl, r;
|
2020-07-24 08:22:58 +03:00
|
|
|
if (s->select & (ATA_DEV_LBA)) {
|
2020-07-24 08:22:57 +03:00
|
|
|
if (s->lba48) {
|
2018-12-14 01:37:37 +03:00
|
|
|
s->sector = sector_num;
|
|
|
|
s->lcyl = sector_num >> 8;
|
|
|
|
s->hcyl = sector_num >> 16;
|
|
|
|
s->hob_sector = sector_num >> 24;
|
|
|
|
s->hob_lcyl = sector_num >> 32;
|
|
|
|
s->hob_hcyl = sector_num >> 40;
|
2020-07-24 08:22:57 +03:00
|
|
|
} else {
|
|
|
|
/* LBA28 */
|
2020-07-24 08:22:58 +03:00
|
|
|
s->select = (s->select & ~(ATA_DEV_LBA_MSB)) |
|
|
|
|
((sector_num >> 24) & (ATA_DEV_LBA_MSB));
|
2020-07-24 08:22:57 +03:00
|
|
|
s->hcyl = (sector_num >> 16);
|
|
|
|
s->lcyl = (sector_num >> 8);
|
|
|
|
s->sector = (sector_num);
|
2018-12-14 01:37:37 +03:00
|
|
|
}
|
2003-11-11 16:48:59 +03:00
|
|
|
} else {
|
2020-07-24 08:22:57 +03:00
|
|
|
/* CHS */
|
2003-11-11 16:48:59 +03:00
|
|
|
cyl = sector_num / (s->heads * s->sectors);
|
|
|
|
r = sector_num % (s->heads * s->sectors);
|
|
|
|
s->hcyl = cyl >> 8;
|
|
|
|
s->lcyl = cyl;
|
2020-07-24 08:22:58 +03:00
|
|
|
s->select = (s->select & ~(ATA_DEV_HS)) |
|
|
|
|
((r / s->sectors) & (ATA_DEV_HS));
|
2003-11-11 16:48:59 +03:00
|
|
|
s->sector = (r % s->sectors) + 1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2008-10-01 05:13:37 +04:00
|
|
|
static void ide_rw_error(IDEState *s) {
|
|
|
|
ide_abort_command(s);
|
2023-02-09 13:33:47 +03:00
|
|
|
ide_bus_set_irq(s->bus);
|
2008-10-01 05:13:37 +04:00
|
|
|
}
|
|
|
|
|
2015-11-17 23:06:25 +03:00
|
|
|
static void ide_buffered_readv_cb(void *opaque, int ret)
|
|
|
|
{
|
|
|
|
IDEBufferedRequest *req = opaque;
|
|
|
|
if (!req->orphaned) {
|
|
|
|
if (!ret) {
|
2019-02-18 17:09:25 +03:00
|
|
|
assert(req->qiov.size == req->original_qiov->size);
|
|
|
|
qemu_iovec_from_buf(req->original_qiov, 0,
|
|
|
|
req->qiov.local_iov.iov_base,
|
2015-11-17 23:06:25 +03:00
|
|
|
req->original_qiov->size);
|
|
|
|
}
|
|
|
|
req->original_cb(req->original_opaque, ret);
|
|
|
|
}
|
|
|
|
QLIST_REMOVE(req, list);
|
2019-02-18 17:09:25 +03:00
|
|
|
qemu_vfree(qemu_iovec_buf(&req->qiov));
|
2015-11-17 23:06:25 +03:00
|
|
|
g_free(req);
|
|
|
|
}
|
|
|
|
|
|
|
|
#define MAX_BUFFERED_REQS 16
|
|
|
|
|
|
|
|
BlockAIOCB *ide_buffered_readv(IDEState *s, int64_t sector_num,
|
|
|
|
QEMUIOVector *iov, int nb_sectors,
|
|
|
|
BlockCompletionFunc *cb, void *opaque)
|
|
|
|
{
|
|
|
|
BlockAIOCB *aioreq;
|
|
|
|
IDEBufferedRequest *req;
|
|
|
|
int c = 0;
|
|
|
|
|
|
|
|
QLIST_FOREACH(req, &s->buffered_requests, list) {
|
|
|
|
c++;
|
|
|
|
}
|
|
|
|
if (c > MAX_BUFFERED_REQS) {
|
|
|
|
return blk_abort_aio_request(s->blk, cb, opaque, -EIO);
|
|
|
|
}
|
|
|
|
|
|
|
|
req = g_new0(IDEBufferedRequest, 1);
|
|
|
|
req->original_qiov = iov;
|
|
|
|
req->original_cb = cb;
|
|
|
|
req->original_opaque = opaque;
|
2019-02-18 17:09:25 +03:00
|
|
|
qemu_iovec_init_buf(&req->qiov, blk_blockalign(s->blk, iov->size),
|
|
|
|
iov->size);
|
2015-11-17 23:06:25 +03:00
|
|
|
|
2016-05-06 19:26:31 +03:00
|
|
|
aioreq = blk_aio_preadv(s->blk, sector_num << BDRV_SECTOR_BITS,
|
|
|
|
&req->qiov, 0, ide_buffered_readv_cb, req);
|
2015-11-17 23:06:25 +03:00
|
|
|
|
|
|
|
QLIST_INSERT_HEAD(&s->buffered_requests, req, list);
|
|
|
|
return aioreq;
|
|
|
|
}
|
|
|
|
|
2016-02-10 21:29:39 +03:00
|
|
|
/**
|
|
|
|
* Cancel all pending DMA requests.
|
|
|
|
* Any buffered DMA requests are instantly canceled,
|
|
|
|
* but any pending unbuffered DMA requests must be waited on.
|
|
|
|
*/
|
|
|
|
void ide_cancel_dma_sync(IDEState *s)
|
|
|
|
{
|
|
|
|
IDEBufferedRequest *req;
|
|
|
|
|
|
|
|
/* First invoke the callbacks of all buffered requests
|
|
|
|
* and flag those requests as orphaned. Ideally there
|
|
|
|
* are no unbuffered (Scatter Gather DMA Requests or
|
|
|
|
* write requests) pending and we can avoid to drain. */
|
|
|
|
QLIST_FOREACH(req, &s->buffered_requests, list) {
|
|
|
|
if (!req->orphaned) {
|
2017-09-18 22:01:25 +03:00
|
|
|
trace_ide_cancel_dma_sync_buffered(req->original_cb, req);
|
2016-02-10 21:29:39 +03:00
|
|
|
req->original_cb(req->original_opaque, -ECANCELED);
|
|
|
|
}
|
|
|
|
req->orphaned = true;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* We can't cancel Scatter Gather DMA in the middle of the
|
|
|
|
* operation or a partial (not full) DMA transfer would reach
|
2020-08-14 11:28:36 +03:00
|
|
|
* the storage so we wait for completion instead (we behave
|
2016-02-10 21:29:39 +03:00
|
|
|
* like if the DMA was completed by the time the guest trying
|
|
|
|
* to cancel dma with bmdma_cmd_writeb with BM_CMD_START not
|
|
|
|
* set).
|
|
|
|
*
|
|
|
|
* In the future we'll be able to safely cancel the I/O if the
|
|
|
|
* whole DMA operation will be submitted to disk with a single
|
|
|
|
* aio operation with preadv/pwritev.
|
|
|
|
*/
|
|
|
|
if (s->bus->dma->aiocb) {
|
2017-09-18 22:01:25 +03:00
|
|
|
trace_ide_cancel_dma_sync_remaining();
|
2016-02-10 21:29:39 +03:00
|
|
|
blk_drain(s->blk);
|
2016-02-10 21:29:39 +03:00
|
|
|
assert(s->bus->dma->aiocb == NULL);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-02-23 19:18:01 +03:00
|
|
|
static void ide_sector_read(IDEState *s);
|
|
|
|
|
2012-03-29 13:31:30 +04:00
|
|
|
static void ide_sector_read_cb(void *opaque, int ret)
|
|
|
|
{
|
|
|
|
IDEState *s = opaque;
|
|
|
|
int n;
|
|
|
|
|
|
|
|
s->pio_aiocb = NULL;
|
|
|
|
s->status &= ~BUSY_STAT;
|
|
|
|
|
|
|
|
if (ret != 0) {
|
2014-08-05 01:11:14 +04:00
|
|
|
if (ide_handle_rw_error(s, -ret, IDE_RETRY_PIO |
|
|
|
|
IDE_RETRY_READ)) {
|
2012-03-29 13:31:30 +04:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-10-28 18:33:15 +03:00
|
|
|
block_acct_done(blk_get_stats(s->blk), &s->acct);
|
|
|
|
|
2012-03-29 13:31:30 +04:00
|
|
|
n = s->nsector;
|
|
|
|
if (n > s->req_nb_sectors) {
|
|
|
|
n = s->req_nb_sectors;
|
|
|
|
}
|
|
|
|
|
|
|
|
ide_set_sector(s, ide_get_sector(s) + n);
|
|
|
|
s->nsector -= n;
|
2015-03-20 03:24:14 +03:00
|
|
|
/* Allow the guest to read the io_buffer */
|
|
|
|
ide_transfer_start(s, s->io_buffer, n * BDRV_SECTOR_SIZE, ide_sector_read);
|
2023-02-09 13:33:47 +03:00
|
|
|
ide_bus_set_irq(s->bus);
|
2012-03-29 13:31:30 +04:00
|
|
|
}
|
|
|
|
|
2015-02-23 19:18:01 +03:00
|
|
|
static void ide_sector_read(IDEState *s)
|
2003-11-11 16:48:59 +03:00
|
|
|
{
|
|
|
|
int64_t sector_num;
|
2012-03-29 13:31:30 +04:00
|
|
|
int n;
|
2003-11-11 16:48:59 +03:00
|
|
|
|
|
|
|
s->status = READY_STAT | SEEK_STAT;
|
2004-01-23 02:52:27 +03:00
|
|
|
s->error = 0; /* not needed by IDE spec, but needed by Windows */
|
2003-11-11 16:48:59 +03:00
|
|
|
sector_num = ide_get_sector(s);
|
|
|
|
n = s->nsector;
|
2012-03-29 13:31:30 +04:00
|
|
|
|
2003-11-11 16:48:59 +03:00
|
|
|
if (n == 0) {
|
|
|
|
ide_transfer_stop(s);
|
2012-03-29 13:31:30 +04:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
s->status |= BUSY_STAT;
|
|
|
|
|
|
|
|
if (n > s->req_nb_sectors) {
|
|
|
|
n = s->req_nb_sectors;
|
|
|
|
}
|
|
|
|
|
2017-09-18 22:01:25 +03:00
|
|
|
trace_ide_sector_read(sector_num, n);
|
2011-08-25 10:26:01 +04:00
|
|
|
|
2014-07-09 21:07:32 +04:00
|
|
|
if (!ide_sect_range_ok(s, sector_num, n)) {
|
|
|
|
ide_rw_error(s);
|
2015-10-28 18:33:15 +03:00
|
|
|
block_acct_invalid(blk_get_stats(s->blk), BLOCK_ACCT_READ);
|
2014-07-09 21:07:32 +04:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2019-02-18 17:09:24 +03:00
|
|
|
qemu_iovec_init_buf(&s->qiov, s->io_buffer, n * BDRV_SECTOR_SIZE);
|
2012-03-29 13:31:30 +04:00
|
|
|
|
2014-10-07 15:59:18 +04:00
|
|
|
block_acct_start(blk_get_stats(s->blk), &s->acct,
|
2014-09-05 17:46:18 +04:00
|
|
|
n * BDRV_SECTOR_SIZE, BLOCK_ACCT_READ);
|
2015-11-17 23:06:39 +03:00
|
|
|
s->pio_aiocb = ide_buffered_readv(s, sector_num, &s->qiov, n,
|
|
|
|
ide_sector_read_cb, s);
|
2003-11-11 16:48:59 +03:00
|
|
|
}
|
|
|
|
|
2015-09-17 21:17:04 +03:00
|
|
|
void dma_buf_commit(IDEState *s, uint32_t tx_bytes)
|
2009-01-22 19:59:28 +03:00
|
|
|
{
|
2014-10-02 02:55:47 +04:00
|
|
|
if (s->bus->dma->ops->commit_buf) {
|
|
|
|
s->bus->dma->ops->commit_buf(s->bus->dma, tx_bytes);
|
|
|
|
}
|
2015-09-17 21:17:04 +03:00
|
|
|
s->io_buffer_offset += tx_bytes;
|
2009-02-06 00:24:02 +03:00
|
|
|
qemu_sglist_destroy(&s->sg);
|
2009-01-22 19:59:28 +03:00
|
|
|
}
|
|
|
|
|
2014-08-05 01:11:12 +04:00
|
|
|
void ide_set_inactive(IDEState *s, bool more)
|
2010-11-26 18:31:37 +03:00
|
|
|
{
|
2010-12-15 02:23:00 +03:00
|
|
|
s->bus->dma->aiocb = NULL;
|
2016-07-18 22:39:49 +03:00
|
|
|
ide_clear_retry(s);
|
2014-08-05 01:11:07 +04:00
|
|
|
if (s->bus->dma->ops->set_inactive) {
|
2014-08-05 01:11:12 +04:00
|
|
|
s->bus->dma->ops->set_inactive(s->bus->dma, more);
|
2014-08-05 01:11:07 +04:00
|
|
|
}
|
2014-08-05 01:11:17 +04:00
|
|
|
ide_cmd_done(s);
|
2010-11-26 18:31:37 +03:00
|
|
|
}
|
|
|
|
|
2009-08-20 17:22:18 +04:00
|
|
|
void ide_dma_error(IDEState *s)
|
2008-10-01 05:13:37 +04:00
|
|
|
{
|
2014-10-02 02:55:47 +04:00
|
|
|
dma_buf_commit(s, 0);
|
2014-08-05 01:11:16 +04:00
|
|
|
ide_abort_command(s);
|
2014-08-05 01:11:12 +04:00
|
|
|
ide_set_inactive(s, false);
|
2023-02-09 13:33:47 +03:00
|
|
|
ide_bus_set_irq(s->bus);
|
2008-10-01 05:13:37 +04:00
|
|
|
}
|
|
|
|
|
2016-04-13 01:48:15 +03:00
|
|
|
int ide_handle_rw_error(IDEState *s, int error, int op)
|
2009-01-21 21:59:04 +03:00
|
|
|
{
|
2014-08-05 01:11:14 +04:00
|
|
|
bool is_read = (op & IDE_RETRY_READ) != 0;
|
2014-10-07 15:59:18 +04:00
|
|
|
BlockErrorAction action = blk_get_error_action(s->blk, is_read, error);
|
2009-01-21 21:59:04 +03:00
|
|
|
|
2014-06-18 10:43:30 +04:00
|
|
|
if (action == BLOCK_ERROR_ACTION_STOP) {
|
2015-02-23 19:17:57 +03:00
|
|
|
assert(s->bus->retry_unit == s->unit);
|
2011-05-26 17:00:34 +04:00
|
|
|
s->bus->error_status = op;
|
2014-06-18 10:43:30 +04:00
|
|
|
} else if (action == BLOCK_ERROR_ACTION_REPORT) {
|
2015-10-28 18:33:15 +03:00
|
|
|
block_acct_failed(blk_get_stats(s->blk), &s->acct);
|
2016-04-13 01:48:15 +03:00
|
|
|
if (IS_IDE_RETRY_DMA(op)) {
|
2009-01-21 21:59:04 +03:00
|
|
|
ide_dma_error(s);
|
2016-04-13 01:48:15 +03:00
|
|
|
} else if (IS_IDE_RETRY_ATAPI(op)) {
|
|
|
|
ide_atapi_io_error(s, -error);
|
2009-01-22 19:59:28 +03:00
|
|
|
} else {
|
2009-01-21 21:59:04 +03:00
|
|
|
ide_rw_error(s);
|
2009-01-22 19:59:28 +03:00
|
|
|
}
|
2009-01-21 21:59:04 +03:00
|
|
|
}
|
2014-10-07 15:59:18 +04:00
|
|
|
blk_error_action(s->blk, action, is_read, error);
|
2014-06-18 10:43:30 +04:00
|
|
|
return action != BLOCK_ERROR_ACTION_IGNORE;
|
2009-01-21 21:59:04 +03:00
|
|
|
}
|
|
|
|
|
2015-02-23 19:18:01 +03:00
|
|
|
static void ide_dma_cb(void *opaque, int ret)
|
2004-06-25 18:54:19 +04:00
|
|
|
{
|
2010-12-15 02:23:00 +03:00
|
|
|
IDEState *s = opaque;
|
2006-08-08 01:36:34 +04:00
|
|
|
int n;
|
|
|
|
int64_t sector_num;
|
2016-05-23 15:54:05 +03:00
|
|
|
uint64_t offset;
|
2012-11-20 20:27:43 +04:00
|
|
|
bool stay_active = false;
|
2019-12-23 20:51:16 +03:00
|
|
|
int32_t prep_size = 0;
|
2006-08-08 01:36:34 +04:00
|
|
|
|
2018-03-27 07:38:00 +03:00
|
|
|
if (ret == -EINVAL) {
|
|
|
|
ide_dma_error(s);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2008-10-01 05:13:37 +04:00
|
|
|
if (ret < 0) {
|
2016-04-12 23:47:52 +03:00
|
|
|
if (ide_handle_rw_error(s, -ret, ide_dma_cmd_to_retry(s->dma_cmd))) {
|
2016-07-29 00:34:19 +03:00
|
|
|
s->bus->dma->aiocb = NULL;
|
2016-07-19 09:47:46 +03:00
|
|
|
dma_buf_commit(s, 0);
|
2009-11-27 15:25:38 +03:00
|
|
|
return;
|
|
|
|
}
|
2008-10-01 05:13:37 +04:00
|
|
|
}
|
|
|
|
|
2019-12-23 20:51:16 +03:00
|
|
|
if (s->io_buffer_size > s->nsector * 512) {
|
|
|
|
/*
|
|
|
|
* The PRDs were longer than needed for this request.
|
|
|
|
* The Active bit must remain set after the request completes.
|
|
|
|
*/
|
2012-11-20 20:27:43 +04:00
|
|
|
n = s->nsector;
|
|
|
|
stay_active = true;
|
2019-12-23 20:51:16 +03:00
|
|
|
} else {
|
|
|
|
n = s->io_buffer_size >> 9;
|
2012-11-20 20:27:43 +04:00
|
|
|
}
|
|
|
|
|
2006-08-08 01:36:34 +04:00
|
|
|
sector_num = ide_get_sector(s);
|
|
|
|
if (n > 0) {
|
ide: add limit to .prepare_buf()
prepare_buf should not always grab as many descriptors
as it can, sometimes it should self-limit.
For example, an NCQ transfer of 1 sector with a PRDT that
describes 4GiB of data should not copy 4GiB of data, it
should just transfer that first 512 bytes.
PIO is not affected, because the dma_buf_rw dma helpers
already have a byte limit built-in to them, but DMA/NCQ
will exhaust the entire list regardless of requested size.
AHCI 1.3 specifies in section 6.1.6 Command List Underflow that
NCQ is not required to detect underflow conditions. Non-NCQ
pathways signal underflow by writing to the PRDBC field, which
will already occur by writing the actual transferred byte count
to the PRDBC, signaling the underflow.
Our NCQ pathways aren't required to detect underflow, but since our DMA
backend uses the size of the PRDT to determine the size of the transer,
if our PRDT is bigger than the transaction (the underflow condition) it
doesn't cost us anything to detect it and truncate the PRDT.
This is a recoverable error and is not signaled to the guest, in either
NCQ or normal DMA cases.
For BMDMA, the existing pathways should see no guest-visible difference,
but any bytes described in the overage will no longer be transferred
before indicating to the guest that there was an underflow.
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Message-id: 1435767578-32743-2-git-send-email-jsnow@redhat.com
2015-07-04 09:06:04 +03:00
|
|
|
assert(n * 512 == s->sg.size);
|
|
|
|
dma_buf_commit(s, s->sg.size);
|
2006-08-08 01:36:34 +04:00
|
|
|
sector_num += n;
|
|
|
|
ide_set_sector(s, sector_num);
|
|
|
|
s->nsector -= n;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* end of transfer ? */
|
|
|
|
if (s->nsector == 0) {
|
2004-06-25 18:54:19 +04:00
|
|
|
s->status = READY_STAT | SEEK_STAT;
|
2023-02-09 13:33:47 +03:00
|
|
|
ide_bus_set_irq(s->bus);
|
2010-12-20 15:45:48 +03:00
|
|
|
goto eot;
|
2004-06-25 18:54:19 +04:00
|
|
|
}
|
2006-08-08 01:36:34 +04:00
|
|
|
|
|
|
|
/* launch next transfer */
|
|
|
|
n = s->nsector;
|
2010-12-20 15:45:58 +03:00
|
|
|
s->io_buffer_index = 0;
|
2006-08-08 01:36:34 +04:00
|
|
|
s->io_buffer_size = n * 512;
|
2019-12-23 20:51:16 +03:00
|
|
|
prep_size = s->bus->dma->ops->prepare_buf(s->bus->dma, s->io_buffer_size);
|
|
|
|
/* prepare_buf() must succeed and respect the limit */
|
|
|
|
assert(prep_size >= 0 && prep_size <= n * 512);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Now prep_size stores the number of bytes in the sglist, and
|
|
|
|
* s->io_buffer_size stores the number of bytes described by the PRDs.
|
|
|
|
*/
|
|
|
|
|
|
|
|
if (prep_size < n * 512) {
|
|
|
|
/*
|
|
|
|
* The PRDs are too short for this request. Error condition!
|
|
|
|
* Reset the Active bit and don't raise the interrupt.
|
|
|
|
*/
|
2012-11-20 20:27:44 +04:00
|
|
|
s->status = READY_STAT | SEEK_STAT;
|
ide: Correct handling of malformed/short PRDTs
This impacts both BMDMA and AHCI HBA interfaces for IDE.
Currently, we confuse the difference between a PRDT having
"0 bytes" and a PRDT having "0 complete sectors."
When we receive an incomplete sector, inconsistent error checking
leads to an infinite loop wherein the call succeeds, but it
didn't give us enough bytes -- leading us to re-call the
DMA chain over and over again. This leads to, in the BMDMA case,
leaked memory for short PRDTs, and infinite loops and resource
usage in the AHCI case.
The .prepare_buf() callback is reworked to return the number of
bytes that it successfully prepared. 0 is a valid, non-error
answer that means the table was empty and described no bytes.
-1 indicates an error.
Our current implementation uses the io_buffer in IDEState to
ultimately describe the size of a prepared scatter-gather list.
Even though the AHCI PRDT/SGList can be as large as 256GiB, the
AHCI command header limits transactions to just 4GiB. ATA8-ACS3,
however, defines the largest transaction to be an LBA48 command
that transfers 65,536 sectors. With a 512 byte sector size, this
is just 32MiB.
Since our current state structures use the int type to describe
the size of the buffer, and this state is migrated as int32, we
are limited to describing 2GiB buffer sizes unless we change the
migration protocol.
For this reason, this patch begins to unify the assertions in the
IDE pathways that the scatter-gather list provided by either the
AHCI PRDT or the PCI BMDMA PRDs can only describe, at a maximum,
2GiB. This should be resilient enough unless we need a sector
size that exceeds 32KiB.
Further, the likelihood of any guest operating system actually
attempting to transfer this much data in a single operation is
very slim.
To this end, the IDEState variables have been updated to more
explicitly clarify our maximum supported size. Callers to the
prepare_buf callback have been reworked to understand the new
return code, and all versions of the prepare_buf callback have
been adjusted accordingly.
Lastly, the ahci_populate_sglist helper, relied upon by the
AHCI implementation of .prepare_buf() as well as the PCI
implementation of the callback have had overflow assertions
added to help make clear the reasonings behind the various
type changes.
[Added %d -> %"PRId64" fix John sent because off_pos changed from int to
int64_t.
--Stefan]
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 1414785819-26209-4-git-send-email-jsnow@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-10-31 23:03:39 +03:00
|
|
|
dma_buf_commit(s, 0);
|
2009-01-22 19:59:28 +03:00
|
|
|
goto eot;
|
2011-05-19 18:42:24 +04:00
|
|
|
}
|
2010-12-20 15:45:48 +03:00
|
|
|
|
2017-09-18 22:01:26 +03:00
|
|
|
trace_ide_dma_cb(s, sector_num, n, IDE_DMA_CMD_str(s->dma_cmd));
|
2010-12-20 15:45:48 +03:00
|
|
|
|
2014-08-13 11:23:31 +04:00
|
|
|
if ((s->dma_cmd == IDE_DMA_READ || s->dma_cmd == IDE_DMA_WRITE) &&
|
|
|
|
!ide_sect_range_ok(s, sector_num, n)) {
|
2014-07-09 21:07:32 +04:00
|
|
|
ide_dma_error(s);
|
2015-10-28 18:33:15 +03:00
|
|
|
block_acct_invalid(blk_get_stats(s->blk), s->acct.type);
|
2014-07-09 21:07:32 +04:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2016-05-23 15:54:05 +03:00
|
|
|
offset = sector_num << BDRV_SECTOR_BITS;
|
2011-05-19 12:58:09 +04:00
|
|
|
switch (s->dma_cmd) {
|
|
|
|
case IDE_DMA_READ:
|
2016-05-23 15:54:05 +03:00
|
|
|
s->bus->dma->aiocb = dma_blk_read(s->blk, &s->sg, offset,
|
2016-10-27 23:29:13 +03:00
|
|
|
BDRV_SECTOR_SIZE, ide_dma_cb, s);
|
2011-05-19 12:58:09 +04:00
|
|
|
break;
|
|
|
|
case IDE_DMA_WRITE:
|
2016-05-23 15:54:05 +03:00
|
|
|
s->bus->dma->aiocb = dma_blk_write(s->blk, &s->sg, offset,
|
2016-10-27 23:29:13 +03:00
|
|
|
BDRV_SECTOR_SIZE, ide_dma_cb, s);
|
2011-05-19 12:58:09 +04:00
|
|
|
break;
|
2011-05-19 12:58:19 +04:00
|
|
|
case IDE_DMA_TRIM:
|
2016-05-23 15:54:06 +03:00
|
|
|
s->bus->dma->aiocb = dma_blk_io(blk_get_aio_context(s->blk),
|
2016-10-27 23:29:13 +03:00
|
|
|
&s->sg, offset, BDRV_SECTOR_SIZE,
|
2017-12-08 15:10:32 +03:00
|
|
|
ide_issue_trim, s, ide_dma_cb, s,
|
2014-10-07 15:59:18 +04:00
|
|
|
DMA_DIRECTION_TO_DEVICE);
|
2011-05-19 12:58:19 +04:00
|
|
|
break;
|
2016-04-13 01:48:15 +03:00
|
|
|
default:
|
|
|
|
abort();
|
2010-12-20 15:45:48 +03:00
|
|
|
}
|
|
|
|
return;
|
|
|
|
|
|
|
|
eot:
|
2011-08-25 10:26:01 +04:00
|
|
|
if (s->dma_cmd == IDE_DMA_READ || s->dma_cmd == IDE_DMA_WRITE) {
|
2014-10-07 15:59:18 +04:00
|
|
|
block_acct_done(blk_get_stats(s->blk), &s->acct);
|
2011-08-25 10:26:01 +04:00
|
|
|
}
|
2014-08-05 01:11:12 +04:00
|
|
|
ide_set_inactive(s, stay_active);
|
2004-06-25 18:54:19 +04:00
|
|
|
}
|
|
|
|
|
2011-05-19 12:58:09 +04:00
|
|
|
static void ide_sector_start_dma(IDEState *s, enum ide_dma_cmd dma_cmd)
|
2004-06-25 18:54:19 +04:00
|
|
|
{
|
2016-09-29 21:46:15 +03:00
|
|
|
s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
|
2004-06-25 18:54:19 +04:00
|
|
|
s->io_buffer_size = 0;
|
2011-05-19 12:58:09 +04:00
|
|
|
s->dma_cmd = dma_cmd;
|
2011-08-25 10:26:01 +04:00
|
|
|
|
|
|
|
switch (dma_cmd) {
|
|
|
|
case IDE_DMA_READ:
|
2014-10-07 15:59:18 +04:00
|
|
|
block_acct_start(blk_get_stats(s->blk), &s->acct,
|
2014-09-05 17:46:18 +04:00
|
|
|
s->nsector * BDRV_SECTOR_SIZE, BLOCK_ACCT_READ);
|
2011-08-25 10:26:01 +04:00
|
|
|
break;
|
|
|
|
case IDE_DMA_WRITE:
|
2014-10-07 15:59:18 +04:00
|
|
|
block_acct_start(blk_get_stats(s->blk), &s->acct,
|
2014-09-05 17:46:18 +04:00
|
|
|
s->nsector * BDRV_SECTOR_SIZE, BLOCK_ACCT_WRITE);
|
2011-08-25 10:26:01 +04:00
|
|
|
break;
|
|
|
|
default:
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
2014-08-05 01:11:10 +04:00
|
|
|
ide_start_dma(s, ide_dma_cb);
|
|
|
|
}
|
|
|
|
|
2014-10-07 15:59:15 +04:00
|
|
|
void ide_start_dma(IDEState *s, BlockCompletionFunc *cb)
|
2014-08-05 01:11:10 +04:00
|
|
|
{
|
2015-02-23 19:18:00 +03:00
|
|
|
s->io_buffer_index = 0;
|
2016-07-18 22:39:49 +03:00
|
|
|
ide_set_retry(s);
|
2014-08-05 01:11:10 +04:00
|
|
|
if (s->bus->dma->ops->start_dma) {
|
|
|
|
s->bus->dma->ops->start_dma(s->bus->dma, s, cb);
|
|
|
|
}
|
2004-06-25 18:54:19 +04:00
|
|
|
}
|
|
|
|
|
2015-02-23 19:18:01 +03:00
|
|
|
static void ide_sector_write(IDEState *s);
|
|
|
|
|
2005-04-30 20:10:35 +04:00
|
|
|
static void ide_sector_write_timer_cb(void *opaque)
|
|
|
|
{
|
|
|
|
IDEState *s = opaque;
|
2023-02-09 13:33:47 +03:00
|
|
|
ide_bus_set_irq(s->bus);
|
2005-04-30 20:10:35 +04:00
|
|
|
}
|
|
|
|
|
2012-03-29 13:31:31 +04:00
|
|
|
static void ide_sector_write_cb(void *opaque, int ret)
|
2003-11-11 16:48:59 +03:00
|
|
|
{
|
2012-03-29 13:31:31 +04:00
|
|
|
IDEState *s = opaque;
|
|
|
|
int n;
|
2011-08-25 10:26:01 +04:00
|
|
|
|
2012-03-29 13:31:31 +04:00
|
|
|
s->pio_aiocb = NULL;
|
|
|
|
s->status &= ~BUSY_STAT;
|
|
|
|
|
2008-10-01 05:13:37 +04:00
|
|
|
if (ret != 0) {
|
2014-08-05 01:11:14 +04:00
|
|
|
if (ide_handle_rw_error(s, -ret, IDE_RETRY_PIO)) {
|
2009-01-21 21:59:04 +03:00
|
|
|
return;
|
2012-03-29 13:31:31 +04:00
|
|
|
}
|
2008-10-01 05:13:37 +04:00
|
|
|
}
|
|
|
|
|
2015-10-28 18:33:15 +03:00
|
|
|
block_acct_done(blk_get_stats(s->blk), &s->acct);
|
|
|
|
|
2012-03-29 13:31:31 +04:00
|
|
|
n = s->nsector;
|
|
|
|
if (n > s->req_nb_sectors) {
|
|
|
|
n = s->req_nb_sectors;
|
|
|
|
}
|
2003-11-11 16:48:59 +03:00
|
|
|
s->nsector -= n;
|
2014-10-31 23:03:37 +03:00
|
|
|
|
2015-03-20 03:24:13 +03:00
|
|
|
ide_set_sector(s, ide_get_sector(s) + n);
|
2003-11-11 16:48:59 +03:00
|
|
|
if (s->nsector == 0) {
|
2007-02-19 03:59:34 +03:00
|
|
|
/* no more sectors to write */
|
2003-11-11 16:48:59 +03:00
|
|
|
ide_transfer_stop(s);
|
|
|
|
} else {
|
2012-03-29 13:31:31 +04:00
|
|
|
int n1 = s->nsector;
|
|
|
|
if (n1 > s->req_nb_sectors) {
|
2003-11-11 16:48:59 +03:00
|
|
|
n1 = s->req_nb_sectors;
|
2012-03-29 13:31:31 +04:00
|
|
|
}
|
|
|
|
ide_transfer_start(s, s->io_buffer, n1 * BDRV_SECTOR_SIZE,
|
|
|
|
ide_sector_write);
|
2003-11-11 16:48:59 +03:00
|
|
|
}
|
2007-09-17 12:09:54 +04:00
|
|
|
|
2024-02-20 19:09:30 +03:00
|
|
|
if (s->win2k_install_hack && ((++s->irq_count % 16) == 0)) {
|
2007-11-08 19:38:17 +03:00
|
|
|
/* It seems there is a bug in the Windows 2000 installer HDD
|
|
|
|
IDE driver which fills the disk with empty logs when the
|
|
|
|
IDE write IRQ comes too early. This hack tries to correct
|
|
|
|
that at the expense of slower write performances. Use this
|
|
|
|
option _only_ to install Windows 2000. You must disable it
|
|
|
|
for normal use. */
|
2016-03-21 19:02:30 +03:00
|
|
|
timer_mod(s->sector_write_timer, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) +
|
|
|
|
(NANOSECONDS_PER_SECOND / 1000));
|
2010-03-27 09:20:53 +03:00
|
|
|
} else {
|
2023-02-09 13:33:47 +03:00
|
|
|
ide_bus_set_irq(s->bus);
|
2007-11-08 19:38:17 +03:00
|
|
|
}
|
2003-11-11 16:48:59 +03:00
|
|
|
}
|
|
|
|
|
2015-02-23 19:18:01 +03:00
|
|
|
static void ide_sector_write(IDEState *s)
|
2012-03-29 13:31:31 +04:00
|
|
|
{
|
|
|
|
int64_t sector_num;
|
|
|
|
int n;
|
|
|
|
|
|
|
|
s->status = READY_STAT | SEEK_STAT | BUSY_STAT;
|
|
|
|
sector_num = ide_get_sector(s);
|
2017-09-18 22:01:25 +03:00
|
|
|
|
2012-03-29 13:31:31 +04:00
|
|
|
n = s->nsector;
|
|
|
|
if (n > s->req_nb_sectors) {
|
|
|
|
n = s->req_nb_sectors;
|
|
|
|
}
|
|
|
|
|
2017-09-18 22:01:25 +03:00
|
|
|
trace_ide_sector_write(sector_num, n);
|
|
|
|
|
2014-07-09 21:07:32 +04:00
|
|
|
if (!ide_sect_range_ok(s, sector_num, n)) {
|
|
|
|
ide_rw_error(s);
|
2015-10-28 18:33:15 +03:00
|
|
|
block_acct_invalid(blk_get_stats(s->blk), BLOCK_ACCT_WRITE);
|
2014-07-09 21:07:32 +04:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2019-02-18 17:09:24 +03:00
|
|
|
qemu_iovec_init_buf(&s->qiov, s->io_buffer, n * BDRV_SECTOR_SIZE);
|
2012-03-29 13:31:31 +04:00
|
|
|
|
2014-10-07 15:59:18 +04:00
|
|
|
block_acct_start(blk_get_stats(s->blk), &s->acct,
|
2015-10-28 18:32:59 +03:00
|
|
|
n * BDRV_SECTOR_SIZE, BLOCK_ACCT_WRITE);
|
2016-05-06 19:26:31 +03:00
|
|
|
s->pio_aiocb = blk_aio_pwritev(s->blk, sector_num << BDRV_SECTOR_BITS,
|
|
|
|
&s->qiov, 0, ide_sector_write_cb, s);
|
2012-03-29 13:31:31 +04:00
|
|
|
}
|
|
|
|
|
2009-09-04 21:02:06 +04:00
|
|
|
static void ide_flush_cb(void *opaque, int ret)
|
|
|
|
{
|
|
|
|
IDEState *s = opaque;
|
|
|
|
|
2014-08-05 01:11:05 +04:00
|
|
|
s->pio_aiocb = NULL;
|
|
|
|
|
2010-10-18 19:13:05 +04:00
|
|
|
if (ret < 0) {
|
|
|
|
/* XXX: What sector number to set here? */
|
2014-08-05 01:11:14 +04:00
|
|
|
if (ide_handle_rw_error(s, -ret, IDE_RETRY_FLUSH)) {
|
2010-10-18 19:13:05 +04:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
2009-09-04 21:02:06 +04:00
|
|
|
|
2014-10-07 15:59:18 +04:00
|
|
|
if (s->blk) {
|
|
|
|
block_acct_done(blk_get_stats(s->blk), &s->acct);
|
2014-08-12 20:29:41 +04:00
|
|
|
}
|
2009-09-04 21:02:06 +04:00
|
|
|
s->status = READY_STAT | SEEK_STAT;
|
2014-08-05 01:11:17 +04:00
|
|
|
ide_cmd_done(s);
|
2023-02-09 13:33:47 +03:00
|
|
|
ide_bus_set_irq(s->bus);
|
2009-09-04 21:02:06 +04:00
|
|
|
}
|
|
|
|
|
2015-02-23 19:18:01 +03:00
|
|
|
static void ide_flush_cache(IDEState *s)
|
2010-10-18 19:10:49 +04:00
|
|
|
{
|
2014-10-07 15:59:18 +04:00
|
|
|
if (s->blk == NULL) {
|
2010-10-18 19:10:49 +04:00
|
|
|
ide_flush_cb(s, 0);
|
2010-10-27 15:04:15 +04:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2013-06-05 17:17:57 +04:00
|
|
|
s->status |= BUSY_STAT;
|
2016-07-18 22:39:50 +03:00
|
|
|
ide_set_retry(s);
|
2014-10-07 15:59:18 +04:00
|
|
|
block_acct_start(blk_get_stats(s->blk), &s->acct, 0, BLOCK_ACCT_FLUSH);
|
2018-02-16 19:50:15 +03:00
|
|
|
s->pio_aiocb = blk_aio_flush(s->blk, ide_flush_cb, s);
|
2010-10-18 19:10:49 +04:00
|
|
|
}
|
|
|
|
|
2007-04-30 04:51:09 +04:00
|
|
|
static void ide_cfata_metadata_inquiry(IDEState *s)
|
|
|
|
{
|
|
|
|
uint16_t *p;
|
|
|
|
uint32_t spd;
|
|
|
|
|
|
|
|
p = (uint16_t *) s->io_buffer;
|
|
|
|
memset(p, 0, 0x200);
|
|
|
|
spd = ((s->mdata_size - 1) >> 9) + 1;
|
|
|
|
|
2023-03-15 07:32:29 +03:00
|
|
|
put_le16(p + 0, 0x0001); /* Data format revision */
|
|
|
|
put_le16(p + 1, 0x0000); /* Media property: silicon */
|
|
|
|
put_le16(p + 2, s->media_changed); /* Media status */
|
|
|
|
put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
|
|
|
|
put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
|
|
|
|
put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
|
|
|
|
put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
|
2007-04-30 04:51:09 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
static void ide_cfata_metadata_read(IDEState *s)
|
|
|
|
{
|
|
|
|
uint16_t *p;
|
|
|
|
|
|
|
|
if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
|
|
|
|
s->status = ERR_STAT;
|
|
|
|
s->error = ABRT_ERR;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
p = (uint16_t *) s->io_buffer;
|
|
|
|
memset(p, 0, 0x200);
|
|
|
|
|
2023-03-15 07:32:29 +03:00
|
|
|
put_le16(p + 0, s->media_changed); /* Media status */
|
2007-04-30 04:51:09 +04:00
|
|
|
memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
|
|
|
|
MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
|
|
|
|
s->nsector << 9), 0x200 - 2));
|
|
|
|
}
|
|
|
|
|
|
|
|
static void ide_cfata_metadata_write(IDEState *s)
|
|
|
|
{
|
|
|
|
if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
|
|
|
|
s->status = ERR_STAT;
|
|
|
|
s->error = ABRT_ERR;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
s->media_changed = 0;
|
|
|
|
|
|
|
|
memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
|
|
|
|
s->io_buffer + 2,
|
|
|
|
MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
|
|
|
|
s->nsector << 9), 0x200 - 2));
|
|
|
|
}
|
|
|
|
|
2006-12-22 05:14:49 +03:00
|
|
|
/* called when the inserted state of the media has changed */
|
2017-01-24 16:21:41 +03:00
|
|
|
static void ide_cd_change_cb(void *opaque, bool load, Error **errp)
|
2006-12-22 05:14:49 +03:00
|
|
|
{
|
|
|
|
IDEState *s = opaque;
|
2007-12-17 04:35:20 +03:00
|
|
|
uint64_t nb_sectors;
|
2006-12-22 05:14:49 +03:00
|
|
|
|
2011-09-06 20:59:00 +04:00
|
|
|
s->tray_open = !load;
|
2014-10-07 15:59:18 +04:00
|
|
|
blk_get_geometry(s->blk, &nb_sectors);
|
2006-12-22 05:14:49 +03:00
|
|
|
s->nb_sectors = nb_sectors;
|
2008-11-11 23:57:30 +03:00
|
|
|
|
2011-04-18 15:45:46 +04:00
|
|
|
/*
|
|
|
|
* First indicate to the guest that a CD has been removed. That's
|
|
|
|
* done on the next command the guest sends us.
|
|
|
|
*
|
2011-09-13 16:41:56 +04:00
|
|
|
* Then we set UNIT_ATTENTION, by which the guest will
|
2011-04-18 15:45:46 +04:00
|
|
|
* detect a new CD in the drive. See ide_atapi_cmd() for details.
|
|
|
|
*/
|
2009-08-02 12:36:47 +04:00
|
|
|
s->cdrom_changed = 1;
|
2011-04-12 20:06:07 +04:00
|
|
|
s->events.new_media = true;
|
2011-10-25 14:53:39 +04:00
|
|
|
s->events.eject_request = false;
|
2023-02-09 13:33:47 +03:00
|
|
|
ide_bus_set_irq(s->bus);
|
2011-10-25 14:53:39 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
static void ide_cd_eject_request_cb(void *opaque, bool force)
|
|
|
|
{
|
|
|
|
IDEState *s = opaque;
|
|
|
|
|
|
|
|
s->events.eject_request = true;
|
|
|
|
if (force) {
|
|
|
|
s->tray_locked = false;
|
|
|
|
}
|
2023-02-09 13:33:47 +03:00
|
|
|
ide_bus_set_irq(s->bus);
|
2006-12-22 05:14:49 +03:00
|
|
|
}
|
|
|
|
|
2006-04-26 01:24:22 +04:00
|
|
|
static void ide_cmd_lba48_transform(IDEState *s, int lba48)
|
|
|
|
{
|
|
|
|
s->lba48 = lba48;
|
|
|
|
|
|
|
|
/* handle the 'magic' 0 nsector count conversion here. to avoid
|
|
|
|
* fiddling with the rest of the read logic, we just store the
|
|
|
|
* full sector count in ->nsector and ignore ->hob_nsector from now
|
|
|
|
*/
|
|
|
|
if (!s->lba48) {
|
2018-12-14 01:37:37 +03:00
|
|
|
if (!s->nsector)
|
|
|
|
s->nsector = 256;
|
2006-04-26 01:24:22 +04:00
|
|
|
} else {
|
2018-12-14 01:37:37 +03:00
|
|
|
if (!s->nsector && !s->hob_nsector)
|
|
|
|
s->nsector = 65536;
|
|
|
|
else {
|
|
|
|
int lo = s->nsector;
|
|
|
|
int hi = s->hob_nsector;
|
2006-04-26 01:24:22 +04:00
|
|
|
|
2018-12-14 01:37:37 +03:00
|
|
|
s->nsector = (hi << 8) | lo;
|
|
|
|
}
|
2006-04-26 01:24:22 +04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2009-08-20 17:22:17 +04:00
|
|
|
static void ide_clear_hob(IDEBus *bus)
|
2006-04-26 01:24:22 +04:00
|
|
|
{
|
|
|
|
/* any write clears HOB high bit of device control register */
|
2020-07-24 08:22:56 +03:00
|
|
|
bus->cmd &= ~(IDE_CTRL_HOB);
|
2006-04-26 01:24:22 +04:00
|
|
|
}
|
|
|
|
|
2017-09-18 22:01:25 +03:00
|
|
|
/* IOport [W]rite [R]egisters */
|
|
|
|
enum ATA_IOPORT_WR {
|
|
|
|
ATA_IOPORT_WR_DATA = 0,
|
|
|
|
ATA_IOPORT_WR_FEATURES = 1,
|
|
|
|
ATA_IOPORT_WR_SECTOR_COUNT = 2,
|
|
|
|
ATA_IOPORT_WR_SECTOR_NUMBER = 3,
|
|
|
|
ATA_IOPORT_WR_CYLINDER_LOW = 4,
|
|
|
|
ATA_IOPORT_WR_CYLINDER_HIGH = 5,
|
|
|
|
ATA_IOPORT_WR_DEVICE_HEAD = 6,
|
|
|
|
ATA_IOPORT_WR_COMMAND = 7,
|
|
|
|
ATA_IOPORT_WR_NUM_REGISTERS,
|
|
|
|
};
|
|
|
|
|
|
|
|
const char *ATA_IOPORT_WR_lookup[ATA_IOPORT_WR_NUM_REGISTERS] = {
|
|
|
|
[ATA_IOPORT_WR_DATA] = "Data",
|
|
|
|
[ATA_IOPORT_WR_FEATURES] = "Features",
|
|
|
|
[ATA_IOPORT_WR_SECTOR_COUNT] = "Sector Count",
|
|
|
|
[ATA_IOPORT_WR_SECTOR_NUMBER] = "Sector Number",
|
|
|
|
[ATA_IOPORT_WR_CYLINDER_LOW] = "Cylinder Low",
|
|
|
|
[ATA_IOPORT_WR_CYLINDER_HIGH] = "Cylinder High",
|
|
|
|
[ATA_IOPORT_WR_DEVICE_HEAD] = "Device/Head",
|
|
|
|
[ATA_IOPORT_WR_COMMAND] = "Command"
|
|
|
|
};
|
|
|
|
|
2009-08-20 17:22:18 +04:00
|
|
|
void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
|
2004-03-15 00:40:43 +03:00
|
|
|
{
|
2009-08-20 17:22:17 +04:00
|
|
|
IDEBus *bus = opaque;
|
2023-02-09 13:33:08 +03:00
|
|
|
IDEState *s = ide_bus_active_if(bus);
|
2017-09-18 22:01:25 +03:00
|
|
|
int reg_num = addr & 7;
|
2003-11-11 16:48:59 +03:00
|
|
|
|
2017-09-18 22:01:25 +03:00
|
|
|
trace_ide_ioport_write(addr, ATA_IOPORT_WR_lookup[reg_num], val, bus, s);
|
2008-08-22 02:40:00 +04:00
|
|
|
|
|
|
|
/* ignore writes to command block while busy with previous command */
|
2017-09-18 22:01:25 +03:00
|
|
|
if (reg_num != 7 && (s->status & (BUSY_STAT|DRQ_STAT))) {
|
2008-08-22 02:40:00 +04:00
|
|
|
return;
|
2017-09-18 22:01:25 +03:00
|
|
|
}
|
2008-08-22 02:40:00 +04:00
|
|
|
|
2020-07-24 08:22:56 +03:00
|
|
|
/* NOTE: Device0 and Device1 both receive incoming register writes.
|
|
|
|
* (They're on the same bus! They have to!) */
|
|
|
|
|
2017-09-18 22:01:25 +03:00
|
|
|
switch (reg_num) {
|
2003-11-11 16:48:59 +03:00
|
|
|
case 0:
|
|
|
|
break;
|
2017-09-18 22:01:25 +03:00
|
|
|
case ATA_IOPORT_WR_FEATURES:
|
|
|
|
ide_clear_hob(bus);
|
|
|
|
bus->ifs[0].hob_feature = bus->ifs[0].feature;
|
|
|
|
bus->ifs[1].hob_feature = bus->ifs[1].feature;
|
2009-08-20 17:22:17 +04:00
|
|
|
bus->ifs[0].feature = val;
|
|
|
|
bus->ifs[1].feature = val;
|
2003-11-11 16:48:59 +03:00
|
|
|
break;
|
2017-09-18 22:01:25 +03:00
|
|
|
case ATA_IOPORT_WR_SECTOR_COUNT:
|
2018-12-14 01:37:37 +03:00
|
|
|
ide_clear_hob(bus);
|
|
|
|
bus->ifs[0].hob_nsector = bus->ifs[0].nsector;
|
|
|
|
bus->ifs[1].hob_nsector = bus->ifs[1].nsector;
|
2009-08-20 17:22:17 +04:00
|
|
|
bus->ifs[0].nsector = val;
|
|
|
|
bus->ifs[1].nsector = val;
|
2003-11-11 16:48:59 +03:00
|
|
|
break;
|
2017-09-18 22:01:25 +03:00
|
|
|
case ATA_IOPORT_WR_SECTOR_NUMBER:
|
2018-12-14 01:37:37 +03:00
|
|
|
ide_clear_hob(bus);
|
|
|
|
bus->ifs[0].hob_sector = bus->ifs[0].sector;
|
|
|
|
bus->ifs[1].hob_sector = bus->ifs[1].sector;
|
2009-08-20 17:22:17 +04:00
|
|
|
bus->ifs[0].sector = val;
|
|
|
|
bus->ifs[1].sector = val;
|
2003-11-11 16:48:59 +03:00
|
|
|
break;
|
2017-09-18 22:01:25 +03:00
|
|
|
case ATA_IOPORT_WR_CYLINDER_LOW:
|
2018-12-14 01:37:37 +03:00
|
|
|
ide_clear_hob(bus);
|
|
|
|
bus->ifs[0].hob_lcyl = bus->ifs[0].lcyl;
|
|
|
|
bus->ifs[1].hob_lcyl = bus->ifs[1].lcyl;
|
2009-08-20 17:22:17 +04:00
|
|
|
bus->ifs[0].lcyl = val;
|
|
|
|
bus->ifs[1].lcyl = val;
|
2003-11-11 16:48:59 +03:00
|
|
|
break;
|
2017-09-18 22:01:25 +03:00
|
|
|
case ATA_IOPORT_WR_CYLINDER_HIGH:
|
2018-12-14 01:37:37 +03:00
|
|
|
ide_clear_hob(bus);
|
|
|
|
bus->ifs[0].hob_hcyl = bus->ifs[0].hcyl;
|
|
|
|
bus->ifs[1].hob_hcyl = bus->ifs[1].hcyl;
|
2009-08-20 17:22:17 +04:00
|
|
|
bus->ifs[0].hcyl = val;
|
|
|
|
bus->ifs[1].hcyl = val;
|
2003-11-11 16:48:59 +03:00
|
|
|
break;
|
2017-09-18 22:01:25 +03:00
|
|
|
case ATA_IOPORT_WR_DEVICE_HEAD:
|
2020-07-24 08:22:56 +03:00
|
|
|
ide_clear_hob(bus);
|
2020-07-24 08:22:58 +03:00
|
|
|
bus->ifs[0].select = val | (ATA_DEV_ALWAYS_ON);
|
|
|
|
bus->ifs[1].select = val | (ATA_DEV_ALWAYS_ON);
|
2003-11-11 16:48:59 +03:00
|
|
|
/* select drive */
|
2020-07-24 08:22:58 +03:00
|
|
|
bus->unit = (val & (ATA_DEV_SELECT)) ? 1 : 0;
|
2003-11-11 16:48:59 +03:00
|
|
|
break;
|
|
|
|
default:
|
2017-09-18 22:01:25 +03:00
|
|
|
case ATA_IOPORT_WR_COMMAND:
|
2020-07-24 08:22:56 +03:00
|
|
|
ide_clear_hob(bus);
|
2020-07-24 08:22:59 +03:00
|
|
|
qemu_irq_lower(bus->irq);
|
2023-02-09 13:26:20 +03:00
|
|
|
ide_bus_exec_cmd(bus, val);
|
2010-12-14 03:34:33 +03:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-02-10 21:29:39 +03:00
|
|
|
static void ide_reset(IDEState *s)
|
|
|
|
{
|
2017-09-18 22:01:25 +03:00
|
|
|
trace_ide_reset(s);
|
2016-02-10 21:29:39 +03:00
|
|
|
|
|
|
|
if (s->pio_aiocb) {
|
|
|
|
blk_aio_cancel(s->pio_aiocb);
|
|
|
|
s->pio_aiocb = NULL;
|
|
|
|
}
|
|
|
|
|
2022-07-07 06:11:40 +03:00
|
|
|
if (s->reset_reverts) {
|
|
|
|
s->reset_reverts = false;
|
|
|
|
s->heads = s->drive_heads;
|
|
|
|
s->sectors = s->drive_sectors;
|
|
|
|
}
|
2016-02-10 21:29:39 +03:00
|
|
|
if (s->drive_kind == IDE_CFATA)
|
|
|
|
s->mult_sectors = 0;
|
|
|
|
else
|
|
|
|
s->mult_sectors = MAX_MULT_SECTORS;
|
|
|
|
/* ide regs */
|
|
|
|
s->feature = 0;
|
|
|
|
s->error = 0;
|
|
|
|
s->nsector = 0;
|
|
|
|
s->sector = 0;
|
|
|
|
s->lcyl = 0;
|
|
|
|
s->hcyl = 0;
|
|
|
|
|
|
|
|
/* lba48 */
|
|
|
|
s->hob_feature = 0;
|
|
|
|
s->hob_sector = 0;
|
|
|
|
s->hob_nsector = 0;
|
|
|
|
s->hob_lcyl = 0;
|
|
|
|
s->hob_hcyl = 0;
|
|
|
|
|
2020-07-24 08:22:58 +03:00
|
|
|
s->select = (ATA_DEV_ALWAYS_ON);
|
2016-02-10 21:29:39 +03:00
|
|
|
s->status = READY_STAT | SEEK_STAT;
|
|
|
|
|
|
|
|
s->lba48 = 0;
|
|
|
|
|
|
|
|
/* ATAPI specific */
|
|
|
|
s->sense_key = 0;
|
|
|
|
s->asc = 0;
|
|
|
|
s->cdrom_changed = 0;
|
|
|
|
s->packet_transfer_size = 0;
|
|
|
|
s->elementary_transfer_size = 0;
|
|
|
|
s->io_buffer_index = 0;
|
|
|
|
s->cd_sector_size = 0;
|
|
|
|
s->atapi_dma = 0;
|
|
|
|
s->tray_locked = 0;
|
|
|
|
s->tray_open = 0;
|
|
|
|
/* ATA DMA state */
|
|
|
|
s->io_buffer_size = 0;
|
|
|
|
s->req_nb_sectors = 0;
|
|
|
|
|
|
|
|
ide_set_signature(s);
|
|
|
|
/* init the transfer handler so that 0xffff is returned on data
|
|
|
|
accesses */
|
|
|
|
s->end_transfer_func = ide_dummy_transfer_stop;
|
|
|
|
ide_dummy_transfer_stop(s);
|
|
|
|
s->media_changed = 0;
|
|
|
|
}
|
|
|
|
|
2013-06-18 12:25:58 +04:00
|
|
|
static bool cmd_nop(IDEState *s, uint8_t cmd)
|
|
|
|
{
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2016-02-10 21:29:39 +03:00
|
|
|
static bool cmd_device_reset(IDEState *s, uint8_t cmd)
|
|
|
|
{
|
|
|
|
/* Halt PIO (in the DRQ phase), then DMA */
|
2018-06-06 22:09:53 +03:00
|
|
|
ide_transfer_halt(s);
|
2016-02-10 21:29:39 +03:00
|
|
|
ide_cancel_dma_sync(s);
|
|
|
|
|
|
|
|
/* Reset any PIO commands, reset signature, etc */
|
|
|
|
ide_reset(s);
|
|
|
|
|
|
|
|
/* RESET: ATA8-ACS3 7.10.4 "Normal Outputs";
|
|
|
|
* ATA8-ACS3 Table 184 "Device Signatures for Normal Output" */
|
|
|
|
s->status = 0x00;
|
|
|
|
|
|
|
|
/* Do not overwrite status register */
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2013-06-18 12:25:56 +04:00
|
|
|
static bool cmd_data_set_management(IDEState *s, uint8_t cmd)
|
|
|
|
{
|
|
|
|
switch (s->feature) {
|
|
|
|
case DSM_TRIM:
|
2014-10-07 15:59:18 +04:00
|
|
|
if (s->blk) {
|
2013-06-18 12:25:56 +04:00
|
|
|
ide_sector_start_dma(s, IDE_DMA_TRIM);
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
ide_abort_command(s);
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2013-06-18 12:25:57 +04:00
|
|
|
static bool cmd_identify(IDEState *s, uint8_t cmd)
|
|
|
|
{
|
2014-10-07 15:59:18 +04:00
|
|
|
if (s->blk && s->drive_kind != IDE_CD) {
|
2013-06-18 12:25:57 +04:00
|
|
|
if (s->drive_kind != IDE_CFATA) {
|
|
|
|
ide_identify(s);
|
|
|
|
} else {
|
|
|
|
ide_cfata_identify(s);
|
|
|
|
}
|
|
|
|
s->status = READY_STAT | SEEK_STAT;
|
|
|
|
ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
|
2023-02-09 13:33:47 +03:00
|
|
|
ide_bus_set_irq(s->bus);
|
2013-06-18 12:25:57 +04:00
|
|
|
return false;
|
|
|
|
} else {
|
|
|
|
if (s->drive_kind == IDE_CD) {
|
|
|
|
ide_set_signature(s);
|
|
|
|
}
|
|
|
|
ide_abort_command(s);
|
|
|
|
}
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2013-06-18 12:25:59 +04:00
|
|
|
static bool cmd_verify(IDEState *s, uint8_t cmd)
|
|
|
|
{
|
|
|
|
bool lba48 = (cmd == WIN_VERIFY_EXT);
|
|
|
|
|
|
|
|
/* do sector number check ? */
|
|
|
|
ide_cmd_lba48_transform(s, lba48);
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2013-06-18 12:26:00 +04:00
|
|
|
static bool cmd_set_multiple_mode(IDEState *s, uint8_t cmd)
|
|
|
|
{
|
|
|
|
if (s->drive_kind == IDE_CFATA && s->nsector == 0) {
|
|
|
|
/* Disable Read and Write Multiple */
|
|
|
|
s->mult_sectors = 0;
|
|
|
|
} else if ((s->nsector & 0xff) != 0 &&
|
|
|
|
((s->nsector & 0xff) > MAX_MULT_SECTORS ||
|
|
|
|
(s->nsector & (s->nsector - 1)) != 0)) {
|
|
|
|
ide_abort_command(s);
|
|
|
|
} else {
|
|
|
|
s->mult_sectors = s->nsector & 0xff;
|
|
|
|
}
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
static bool cmd_read_multiple(IDEState *s, uint8_t cmd)
|
|
|
|
{
|
|
|
|
bool lba48 = (cmd == WIN_MULTREAD_EXT);
|
|
|
|
|
2014-10-07 15:59:18 +04:00
|
|
|
if (!s->blk || !s->mult_sectors) {
|
2013-06-18 12:26:00 +04:00
|
|
|
ide_abort_command(s);
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
ide_cmd_lba48_transform(s, lba48);
|
|
|
|
s->req_nb_sectors = s->mult_sectors;
|
|
|
|
ide_sector_read(s);
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
static bool cmd_write_multiple(IDEState *s, uint8_t cmd)
|
|
|
|
{
|
|
|
|
bool lba48 = (cmd == WIN_MULTWRITE_EXT);
|
|
|
|
int n;
|
|
|
|
|
2014-10-07 15:59:18 +04:00
|
|
|
if (!s->blk || !s->mult_sectors) {
|
2013-06-18 12:26:00 +04:00
|
|
|
ide_abort_command(s);
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
ide_cmd_lba48_transform(s, lba48);
|
|
|
|
|
|
|
|
s->req_nb_sectors = s->mult_sectors;
|
|
|
|
n = MIN(s->nsector, s->req_nb_sectors);
|
|
|
|
|
|
|
|
s->status = SEEK_STAT | READY_STAT;
|
|
|
|
ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
|
|
|
|
|
|
|
|
s->media_changed = 1;
|
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2013-06-18 12:26:01 +04:00
|
|
|
static bool cmd_read_pio(IDEState *s, uint8_t cmd)
|
|
|
|
{
|
|
|
|
bool lba48 = (cmd == WIN_READ_EXT);
|
|
|
|
|
|
|
|
if (s->drive_kind == IDE_CD) {
|
|
|
|
ide_set_signature(s); /* odd, but ATA4 8.27.5.2 requires it */
|
|
|
|
ide_abort_command(s);
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2014-10-07 15:59:18 +04:00
|
|
|
if (!s->blk) {
|
2013-06-18 12:26:01 +04:00
|
|
|
ide_abort_command(s);
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
ide_cmd_lba48_transform(s, lba48);
|
|
|
|
s->req_nb_sectors = 1;
|
|
|
|
ide_sector_read(s);
|
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
static bool cmd_write_pio(IDEState *s, uint8_t cmd)
|
|
|
|
{
|
|
|
|
bool lba48 = (cmd == WIN_WRITE_EXT);
|
|
|
|
|
2014-10-07 15:59:18 +04:00
|
|
|
if (!s->blk) {
|
2013-06-18 12:26:01 +04:00
|
|
|
ide_abort_command(s);
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
ide_cmd_lba48_transform(s, lba48);
|
|
|
|
|
|
|
|
s->req_nb_sectors = 1;
|
|
|
|
s->status = SEEK_STAT | READY_STAT;
|
|
|
|
ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
|
|
|
|
|
|
|
|
s->media_changed = 1;
|
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2013-06-18 12:26:02 +04:00
|
|
|
static bool cmd_read_dma(IDEState *s, uint8_t cmd)
|
|
|
|
{
|
|
|
|
bool lba48 = (cmd == WIN_READDMA_EXT);
|
|
|
|
|
2014-10-07 15:59:18 +04:00
|
|
|
if (!s->blk) {
|
2013-06-18 12:26:02 +04:00
|
|
|
ide_abort_command(s);
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
ide_cmd_lba48_transform(s, lba48);
|
|
|
|
ide_sector_start_dma(s, IDE_DMA_READ);
|
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
static bool cmd_write_dma(IDEState *s, uint8_t cmd)
|
|
|
|
{
|
|
|
|
bool lba48 = (cmd == WIN_WRITEDMA_EXT);
|
|
|
|
|
2014-10-07 15:59:18 +04:00
|
|
|
if (!s->blk) {
|
2013-06-18 12:26:02 +04:00
|
|
|
ide_abort_command(s);
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
ide_cmd_lba48_transform(s, lba48);
|
|
|
|
ide_sector_start_dma(s, IDE_DMA_WRITE);
|
|
|
|
|
|
|
|
s->media_changed = 1;
|
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2013-06-18 12:26:06 +04:00
|
|
|
static bool cmd_flush_cache(IDEState *s, uint8_t cmd)
|
|
|
|
{
|
|
|
|
ide_flush_cache(s);
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2013-06-18 12:26:07 +04:00
|
|
|
static bool cmd_seek(IDEState *s, uint8_t cmd)
|
|
|
|
{
|
|
|
|
/* XXX: Check that seek is within bounds */
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2013-06-18 12:26:03 +04:00
|
|
|
static bool cmd_read_native_max(IDEState *s, uint8_t cmd)
|
|
|
|
{
|
|
|
|
bool lba48 = (cmd == WIN_READ_NATIVE_MAX_EXT);
|
|
|
|
|
|
|
|
/* Refuse if no sectors are addressable (e.g. medium not inserted) */
|
|
|
|
if (s->nb_sectors == 0) {
|
|
|
|
ide_abort_command(s);
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
ide_cmd_lba48_transform(s, lba48);
|
|
|
|
ide_set_sector(s, s->nb_sectors - 1);
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2013-06-18 12:26:04 +04:00
|
|
|
static bool cmd_check_power_mode(IDEState *s, uint8_t cmd)
|
|
|
|
{
|
|
|
|
s->nsector = 0xff; /* device active or idle */
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2022-07-07 06:11:40 +03:00
|
|
|
/* INITIALIZE DEVICE PARAMETERS */
|
|
|
|
static bool cmd_specify(IDEState *s, uint8_t cmd)
|
|
|
|
{
|
|
|
|
if (s->blk && s->drive_kind != IDE_CD) {
|
|
|
|
s->heads = (s->select & (ATA_DEV_HS)) + 1;
|
|
|
|
s->sectors = s->nsector;
|
2023-02-09 13:33:47 +03:00
|
|
|
ide_bus_set_irq(s->bus);
|
2022-07-07 06:11:40 +03:00
|
|
|
} else {
|
|
|
|
ide_abort_command(s);
|
|
|
|
}
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2013-06-18 12:26:05 +04:00
|
|
|
static bool cmd_set_features(IDEState *s, uint8_t cmd)
|
|
|
|
{
|
|
|
|
uint16_t *identify_data;
|
|
|
|
|
2014-10-07 15:59:18 +04:00
|
|
|
if (!s->blk) {
|
2013-06-18 12:26:05 +04:00
|
|
|
ide_abort_command(s);
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* XXX: valid for CDROM ? */
|
|
|
|
switch (s->feature) {
|
2022-11-30 15:02:38 +03:00
|
|
|
case 0x01: /* 8-bit I/O enable (CompactFlash) */
|
|
|
|
case 0x81: /* 8-bit I/O disable (CompactFlash) */
|
|
|
|
if (s->drive_kind != IDE_CFATA) {
|
|
|
|
goto abort_cmd;
|
|
|
|
}
|
|
|
|
s->io8 = !(s->feature & 0x80);
|
|
|
|
return true;
|
2013-06-18 12:26:05 +04:00
|
|
|
case 0x02: /* write cache enable */
|
2014-10-07 15:59:18 +04:00
|
|
|
blk_set_enable_write_cache(s->blk, true);
|
2013-06-18 12:26:05 +04:00
|
|
|
identify_data = (uint16_t *)s->identify_data;
|
|
|
|
put_le16(identify_data + 85, (1 << 14) | (1 << 5) | 1);
|
|
|
|
return true;
|
|
|
|
case 0x82: /* write cache disable */
|
2014-10-07 15:59:18 +04:00
|
|
|
blk_set_enable_write_cache(s->blk, false);
|
2013-06-18 12:26:05 +04:00
|
|
|
identify_data = (uint16_t *)s->identify_data;
|
|
|
|
put_le16(identify_data + 85, (1 << 14) | 1);
|
|
|
|
ide_flush_cache(s);
|
|
|
|
return false;
|
|
|
|
case 0xcc: /* reverting to power-on defaults enable */
|
2022-07-07 06:11:40 +03:00
|
|
|
s->reset_reverts = true;
|
|
|
|
return true;
|
2013-06-18 12:26:05 +04:00
|
|
|
case 0x66: /* reverting to power-on defaults disable */
|
2022-07-07 06:11:40 +03:00
|
|
|
s->reset_reverts = false;
|
|
|
|
return true;
|
2013-06-18 12:26:05 +04:00
|
|
|
case 0xaa: /* read look-ahead enable */
|
|
|
|
case 0x55: /* read look-ahead disable */
|
|
|
|
case 0x05: /* set advanced power management mode */
|
|
|
|
case 0x85: /* disable advanced power management mode */
|
|
|
|
case 0x69: /* NOP */
|
|
|
|
case 0x67: /* NOP */
|
|
|
|
case 0x96: /* NOP */
|
|
|
|
case 0x9a: /* NOP */
|
|
|
|
case 0x42: /* enable Automatic Acoustic Mode */
|
|
|
|
case 0xc2: /* disable Automatic Acoustic Mode */
|
|
|
|
return true;
|
|
|
|
case 0x03: /* set transfer mode */
|
|
|
|
{
|
|
|
|
uint8_t val = s->nsector & 0x07;
|
|
|
|
identify_data = (uint16_t *)s->identify_data;
|
|
|
|
|
|
|
|
switch (s->nsector >> 3) {
|
|
|
|
case 0x00: /* pio default */
|
|
|
|
case 0x01: /* pio mode */
|
|
|
|
put_le16(identify_data + 62, 0x07);
|
|
|
|
put_le16(identify_data + 63, 0x07);
|
|
|
|
put_le16(identify_data + 88, 0x3f);
|
|
|
|
break;
|
2023-08-23 09:53:26 +03:00
|
|
|
case 0x02: /* single word dma mode */
|
2013-06-18 12:26:05 +04:00
|
|
|
put_le16(identify_data + 62, 0x07 | (1 << (val + 8)));
|
|
|
|
put_le16(identify_data + 63, 0x07);
|
|
|
|
put_le16(identify_data + 88, 0x3f);
|
|
|
|
break;
|
|
|
|
case 0x04: /* mdma mode */
|
|
|
|
put_le16(identify_data + 62, 0x07);
|
|
|
|
put_le16(identify_data + 63, 0x07 | (1 << (val + 8)));
|
|
|
|
put_le16(identify_data + 88, 0x3f);
|
|
|
|
break;
|
|
|
|
case 0x08: /* udma mode */
|
|
|
|
put_le16(identify_data + 62, 0x07);
|
|
|
|
put_le16(identify_data + 63, 0x07);
|
|
|
|
put_le16(identify_data + 88, 0x3f | (1 << (val + 8)));
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
goto abort_cmd;
|
|
|
|
}
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
abort_cmd:
|
|
|
|
ide_abort_command(s);
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2013-06-18 12:26:08 +04:00
|
|
|
|
|
|
|
/*** ATAPI commands ***/
|
|
|
|
|
|
|
|
static bool cmd_identify_packet(IDEState *s, uint8_t cmd)
|
|
|
|
{
|
|
|
|
ide_atapi_identify(s);
|
|
|
|
s->status = READY_STAT | SEEK_STAT;
|
|
|
|
ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
|
2023-02-09 13:33:47 +03:00
|
|
|
ide_bus_set_irq(s->bus);
|
2013-06-18 12:26:08 +04:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2022-07-07 06:11:36 +03:00
|
|
|
/* EXECUTE DEVICE DIAGNOSTIC */
|
2013-06-18 12:26:08 +04:00
|
|
|
static bool cmd_exec_dev_diagnostic(IDEState *s, uint8_t cmd)
|
|
|
|
{
|
2022-07-07 06:11:36 +03:00
|
|
|
/*
|
|
|
|
* Clear the device register per the ATA (v6) specification,
|
|
|
|
* because ide_set_signature does not clear LBA or drive bits.
|
|
|
|
*/
|
|
|
|
s->select = (ATA_DEV_ALWAYS_ON);
|
2013-06-18 12:26:08 +04:00
|
|
|
ide_set_signature(s);
|
|
|
|
|
|
|
|
if (s->drive_kind == IDE_CD) {
|
|
|
|
s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet
|
|
|
|
* devices to return a clear status register
|
|
|
|
* with READY_STAT *not* set. */
|
2013-12-25 18:17:43 +04:00
|
|
|
s->error = 0x01;
|
2013-06-18 12:26:08 +04:00
|
|
|
} else {
|
|
|
|
s->status = READY_STAT | SEEK_STAT;
|
|
|
|
/* The bits of the error register are not as usual for this command!
|
|
|
|
* They are part of the regular output (this is why ERR_STAT isn't set)
|
|
|
|
* Device 0 passed, Device 1 passed or not present. */
|
|
|
|
s->error = 0x01;
|
2023-02-09 13:33:47 +03:00
|
|
|
ide_bus_set_irq(s->bus);
|
2013-06-18 12:26:08 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
static bool cmd_packet(IDEState *s, uint8_t cmd)
|
|
|
|
{
|
|
|
|
/* overlapping commands not supported */
|
|
|
|
if (s->feature & 0x02) {
|
|
|
|
ide_abort_command(s);
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
s->status = READY_STAT | SEEK_STAT;
|
|
|
|
s->atapi_dma = s->feature & 1;
|
2016-04-13 01:48:15 +03:00
|
|
|
if (s->atapi_dma) {
|
|
|
|
s->dma_cmd = IDE_DMA_ATAPI;
|
|
|
|
}
|
2013-06-18 12:26:08 +04:00
|
|
|
s->nsector = 1;
|
|
|
|
ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
|
|
|
|
ide_atapi_cmd);
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2013-06-18 12:26:09 +04:00
|
|
|
|
|
|
|
/*** CF-ATA commands ***/
|
|
|
|
|
|
|
|
static bool cmd_cfa_req_ext_error_code(IDEState *s, uint8_t cmd)
|
|
|
|
{
|
|
|
|
s->error = 0x09; /* miscellaneous error */
|
|
|
|
s->status = READY_STAT | SEEK_STAT;
|
2023-02-09 13:33:47 +03:00
|
|
|
ide_bus_set_irq(s->bus);
|
2013-06-18 12:26:09 +04:00
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
static bool cmd_cfa_erase_sectors(IDEState *s, uint8_t cmd)
|
|
|
|
{
|
|
|
|
/* WIN_SECURITY_FREEZE_LOCK has the same ID as CFA_WEAR_LEVEL and is
|
|
|
|
* required for Windows 8 to work with AHCI */
|
|
|
|
|
|
|
|
if (cmd == CFA_WEAR_LEVEL) {
|
|
|
|
s->nsector = 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (cmd == CFA_ERASE_SECTORS) {
|
|
|
|
s->media_changed = 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
static bool cmd_cfa_translate_sector(IDEState *s, uint8_t cmd)
|
|
|
|
{
|
|
|
|
s->status = READY_STAT | SEEK_STAT;
|
|
|
|
|
|
|
|
memset(s->io_buffer, 0, 0x200);
|
|
|
|
s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
|
|
|
|
s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
|
|
|
|
s->io_buffer[0x02] = s->select; /* Head */
|
|
|
|
s->io_buffer[0x03] = s->sector; /* Sector */
|
|
|
|
s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
|
|
|
|
s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
|
|
|
|
s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
|
|
|
|
s->io_buffer[0x13] = 0x00; /* Erase flag */
|
|
|
|
s->io_buffer[0x18] = 0x00; /* Hot count */
|
|
|
|
s->io_buffer[0x19] = 0x00; /* Hot count */
|
|
|
|
s->io_buffer[0x1a] = 0x01; /* Hot count */
|
|
|
|
|
|
|
|
ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
|
2023-02-09 13:33:47 +03:00
|
|
|
ide_bus_set_irq(s->bus);
|
2013-06-18 12:26:09 +04:00
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
static bool cmd_cfa_access_metadata_storage(IDEState *s, uint8_t cmd)
|
|
|
|
{
|
|
|
|
switch (s->feature) {
|
|
|
|
case 0x02: /* Inquiry Metadata Storage */
|
|
|
|
ide_cfata_metadata_inquiry(s);
|
|
|
|
break;
|
|
|
|
case 0x03: /* Read Metadata Storage */
|
|
|
|
ide_cfata_metadata_read(s);
|
|
|
|
break;
|
|
|
|
case 0x04: /* Write Metadata Storage */
|
|
|
|
ide_cfata_metadata_write(s);
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
ide_abort_command(s);
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
|
|
|
|
s->status = 0x00; /* NOTE: READY is _not_ set */
|
2023-02-09 13:33:47 +03:00
|
|
|
ide_bus_set_irq(s->bus);
|
2013-06-18 12:26:09 +04:00
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
static bool cmd_ibm_sense_condition(IDEState *s, uint8_t cmd)
|
|
|
|
{
|
|
|
|
switch (s->feature) {
|
|
|
|
case 0x01: /* sense temperature in device */
|
|
|
|
s->nsector = 0x50; /* +20 C */
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
ide_abort_command(s);
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2013-06-18 12:26:10 +04:00
|
|
|
|
|
|
|
/*** SMART commands ***/
|
|
|
|
|
|
|
|
static bool cmd_smart(IDEState *s, uint8_t cmd)
|
|
|
|
{
|
|
|
|
int n;
|
|
|
|
|
|
|
|
if (s->hcyl != 0xc2 || s->lcyl != 0x4f) {
|
|
|
|
goto abort_cmd;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!s->smart_enabled && s->feature != SMART_ENABLE) {
|
|
|
|
goto abort_cmd;
|
|
|
|
}
|
|
|
|
|
|
|
|
switch (s->feature) {
|
|
|
|
case SMART_DISABLE:
|
|
|
|
s->smart_enabled = 0;
|
|
|
|
return true;
|
|
|
|
|
|
|
|
case SMART_ENABLE:
|
|
|
|
s->smart_enabled = 1;
|
|
|
|
return true;
|
|
|
|
|
|
|
|
case SMART_ATTR_AUTOSAVE:
|
|
|
|
switch (s->sector) {
|
|
|
|
case 0x00:
|
|
|
|
s->smart_autosave = 0;
|
|
|
|
break;
|
|
|
|
case 0xf1:
|
|
|
|
s->smart_autosave = 1;
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
goto abort_cmd;
|
|
|
|
}
|
|
|
|
return true;
|
|
|
|
|
|
|
|
case SMART_STATUS:
|
|
|
|
if (!s->smart_errors) {
|
|
|
|
s->hcyl = 0xc2;
|
|
|
|
s->lcyl = 0x4f;
|
|
|
|
} else {
|
|
|
|
s->hcyl = 0x2c;
|
|
|
|
s->lcyl = 0xf4;
|
|
|
|
}
|
|
|
|
return true;
|
|
|
|
|
|
|
|
case SMART_READ_THRESH:
|
|
|
|
memset(s->io_buffer, 0, 0x200);
|
|
|
|
s->io_buffer[0] = 0x01; /* smart struct version */
|
|
|
|
|
|
|
|
for (n = 0; n < ARRAY_SIZE(smart_attributes); n++) {
|
|
|
|
s->io_buffer[2 + 0 + (n * 12)] = smart_attributes[n][0];
|
|
|
|
s->io_buffer[2 + 1 + (n * 12)] = smart_attributes[n][11];
|
|
|
|
}
|
|
|
|
|
|
|
|
/* checksum */
|
|
|
|
for (n = 0; n < 511; n++) {
|
|
|
|
s->io_buffer[511] += s->io_buffer[n];
|
|
|
|
}
|
|
|
|
s->io_buffer[511] = 0x100 - s->io_buffer[511];
|
|
|
|
|
|
|
|
s->status = READY_STAT | SEEK_STAT;
|
|
|
|
ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
|
2023-02-09 13:33:47 +03:00
|
|
|
ide_bus_set_irq(s->bus);
|
2013-06-18 12:26:10 +04:00
|
|
|
return false;
|
|
|
|
|
|
|
|
case SMART_READ_DATA:
|
|
|
|
memset(s->io_buffer, 0, 0x200);
|
|
|
|
s->io_buffer[0] = 0x01; /* smart struct version */
|
|
|
|
|
|
|
|
for (n = 0; n < ARRAY_SIZE(smart_attributes); n++) {
|
|
|
|
int i;
|
|
|
|
for (i = 0; i < 11; i++) {
|
|
|
|
s->io_buffer[2 + i + (n * 12)] = smart_attributes[n][i];
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
s->io_buffer[362] = 0x02 | (s->smart_autosave ? 0x80 : 0x00);
|
|
|
|
if (s->smart_selftest_count == 0) {
|
|
|
|
s->io_buffer[363] = 0;
|
|
|
|
} else {
|
|
|
|
s->io_buffer[363] =
|
|
|
|
s->smart_selftest_data[3 +
|
|
|
|
(s->smart_selftest_count - 1) *
|
|
|
|
24];
|
|
|
|
}
|
|
|
|
s->io_buffer[364] = 0x20;
|
|
|
|
s->io_buffer[365] = 0x01;
|
|
|
|
/* offline data collection capacity: execute + self-test*/
|
|
|
|
s->io_buffer[367] = (1 << 4 | 1 << 3 | 1);
|
|
|
|
s->io_buffer[368] = 0x03; /* smart capability (1) */
|
|
|
|
s->io_buffer[369] = 0x00; /* smart capability (2) */
|
|
|
|
s->io_buffer[370] = 0x01; /* error logging supported */
|
|
|
|
s->io_buffer[372] = 0x02; /* minutes for poll short test */
|
|
|
|
s->io_buffer[373] = 0x36; /* minutes for poll ext test */
|
|
|
|
s->io_buffer[374] = 0x01; /* minutes for poll conveyance */
|
|
|
|
|
|
|
|
for (n = 0; n < 511; n++) {
|
|
|
|
s->io_buffer[511] += s->io_buffer[n];
|
|
|
|
}
|
|
|
|
s->io_buffer[511] = 0x100 - s->io_buffer[511];
|
|
|
|
|
|
|
|
s->status = READY_STAT | SEEK_STAT;
|
|
|
|
ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
|
2023-02-09 13:33:47 +03:00
|
|
|
ide_bus_set_irq(s->bus);
|
2013-06-18 12:26:10 +04:00
|
|
|
return false;
|
|
|
|
|
|
|
|
case SMART_READ_LOG:
|
|
|
|
switch (s->sector) {
|
|
|
|
case 0x01: /* summary smart error log */
|
|
|
|
memset(s->io_buffer, 0, 0x200);
|
|
|
|
s->io_buffer[0] = 0x01;
|
|
|
|
s->io_buffer[1] = 0x00; /* no error entries */
|
|
|
|
s->io_buffer[452] = s->smart_errors & 0xff;
|
|
|
|
s->io_buffer[453] = (s->smart_errors & 0xff00) >> 8;
|
|
|
|
|
|
|
|
for (n = 0; n < 511; n++) {
|
|
|
|
s->io_buffer[511] += s->io_buffer[n];
|
|
|
|
}
|
|
|
|
s->io_buffer[511] = 0x100 - s->io_buffer[511];
|
|
|
|
break;
|
|
|
|
case 0x06: /* smart self test log */
|
|
|
|
memset(s->io_buffer, 0, 0x200);
|
|
|
|
s->io_buffer[0] = 0x01;
|
|
|
|
if (s->smart_selftest_count == 0) {
|
|
|
|
s->io_buffer[508] = 0;
|
|
|
|
} else {
|
|
|
|
s->io_buffer[508] = s->smart_selftest_count;
|
|
|
|
for (n = 2; n < 506; n++) {
|
|
|
|
s->io_buffer[n] = s->smart_selftest_data[n];
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
for (n = 0; n < 511; n++) {
|
|
|
|
s->io_buffer[511] += s->io_buffer[n];
|
|
|
|
}
|
|
|
|
s->io_buffer[511] = 0x100 - s->io_buffer[511];
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
goto abort_cmd;
|
|
|
|
}
|
|
|
|
s->status = READY_STAT | SEEK_STAT;
|
|
|
|
ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
|
2023-02-09 13:33:47 +03:00
|
|
|
ide_bus_set_irq(s->bus);
|
2013-06-18 12:26:10 +04:00
|
|
|
return false;
|
|
|
|
|
|
|
|
case SMART_EXECUTE_OFFLINE:
|
|
|
|
switch (s->sector) {
|
|
|
|
case 0: /* off-line routine */
|
|
|
|
case 1: /* short self test */
|
|
|
|
case 2: /* extended self test */
|
|
|
|
s->smart_selftest_count++;
|
|
|
|
if (s->smart_selftest_count > 21) {
|
2014-04-13 00:59:50 +04:00
|
|
|
s->smart_selftest_count = 1;
|
2013-06-18 12:26:10 +04:00
|
|
|
}
|
|
|
|
n = 2 + (s->smart_selftest_count - 1) * 24;
|
|
|
|
s->smart_selftest_data[n] = s->sector;
|
|
|
|
s->smart_selftest_data[n + 1] = 0x00; /* OK and finished */
|
|
|
|
s->smart_selftest_data[n + 2] = 0x34; /* hour count lsb */
|
|
|
|
s->smart_selftest_data[n + 3] = 0x12; /* hour count msb */
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
goto abort_cmd;
|
|
|
|
}
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
abort_cmd:
|
|
|
|
ide_abort_command(s);
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2011-09-06 20:58:35 +04:00
|
|
|
#define HD_OK (1u << IDE_HD)
|
|
|
|
#define CD_OK (1u << IDE_CD)
|
|
|
|
#define CFA_OK (1u << IDE_CFATA)
|
|
|
|
#define HD_CFA_OK (HD_OK | CFA_OK)
|
|
|
|
#define ALL_OK (HD_OK | CD_OK | CFA_OK)
|
|
|
|
|
2013-06-18 12:25:55 +04:00
|
|
|
/* Set the Disk Seek Completed status bit during completion */
|
|
|
|
#define SET_DSC (1u << 8)
|
|
|
|
|
2011-09-06 20:58:35 +04:00
|
|
|
/* See ACS-2 T13/2015-D Table B.2 Command codes */
|
2013-06-18 12:25:55 +04:00
|
|
|
static const struct {
|
|
|
|
/* Returns true if the completion code should be run */
|
|
|
|
bool (*handler)(IDEState *s, uint8_t cmd);
|
|
|
|
int flags;
|
|
|
|
} ide_cmd_table[0x100] = {
|
2011-09-06 20:58:35 +04:00
|
|
|
/* NOP not implemented, mandatory for CD */
|
2013-06-18 12:26:09 +04:00
|
|
|
[CFA_REQ_EXT_ERROR_CODE] = { cmd_cfa_req_ext_error_code, CFA_OK },
|
ide: fix ATAPI command permissions
We're a little too lenient with what we'll let an ATAPI drive handle.
Clamp down on the IDE command execution table to remove CD_OK permissions
from commands that are not and have never been ATAPI commands.
For ATAPI command validity, please see:
- ATA4 Section 6.5 ("PACKET Command feature set")
- ATA8/ACS Section 4.3 ("The PACKET feature set")
- ACS3 Section 4.3 ("The PACKET feature set")
ACS3 has a historical command validity table in Table B.4
("Historical Command Assignments") that can be referenced to find when
a command was introduced, deprecated, obsoleted, etc.
The only reference for ATAPI command validity is by checking that
version's PACKET feature set section.
ATAPI was introduced by T13 into ATA4, all commands retired prior to ATA4
therefore are assumed to have never been ATAPI commands.
Mandatory commands, as listed in ATA8-ACS3, are:
- DEVICE RESET
- EXECUTE DEVICE DIAGNOSTIC
- IDENTIFY DEVICE
- IDENTIFY PACKET DEVICE
- NOP
- PACKET
- READ SECTOR(S)
- SET FEATURES
Optional commands as listed in ATA8-ACS3, are:
- FLUSH CACHE
- READ LOG DMA EXT
- READ LOG EXT
- WRITE LOG DMA EXT
- WRITE LOG EXT
All other commands are illegal to send to an ATAPI device and should
be rejected by the device.
CD_OK removal justifications:
0x06 WIN_DSM Defined in ACS2. Not valid for ATAPI.
0x21 WIN_READ_ONCE Retired in ATA5. Not ATAPI in ATA4.
0x94 WIN_STANDBYNOW2 Retired in ATA4. Did not coexist with ATAPI.
0x95 WIN_IDLEIMMEDIATE2 Retired in ATA4. Did not coexist with ATAPI.
0x96 WIN_STANDBY2 Retired in ATA4. Did not coexist with ATAPI.
0x97 WIN_SETIDLE2 Retired in ATA4. Did not coexist with ATAPI.
0x98 WIN_CHECKPOWERMODE2 Retired in ATA4. Did not coexist with ATAPI.
0x99 WIN_SLEEPNOW2 Retired in ATA4. Did not coexist with ATAPI.
0xE0 WIN_STANDBYNOW1 Not part of ATAPI in ATA4, ACS or ACS3.
0xE1 WIN_IDLEIMMDIATE Not part of ATAPI in ATA4, ACS or ACS3.
0xE2 WIN_STANDBY Not part of ATAPI in ATA4, ACS or ACS3.
0xE3 WIN_SETIDLE1 Not part of ATAPI in ATA4, ACS or ACS3.
0xE4 WIN_CHECKPOWERMODE1 Not part of ATAPI in ATA4, ACS or ACS3.
0xE5 WIN_SLEEPNOW1 Not part of ATAPI in ATA4, ACS or ACS3.
0xF8 WIN_READ_NATIVE_MAX Obsoleted in ACS3. Not ATAPI in ATA4 or ACS.
This patch fixes a divide by zero fault that can be caused by sending
the WIN_READ_NATIVE_MAX command to an ATAPI drive, which causes it to
attempt to use zeroed CHS values to perform sector arithmetic.
Reported-by: Qinghao Tang <luodalongde@gmail.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-id: 1441816082-21031-1-git-send-email-jsnow@redhat.com
CC: qemu-stable@nongnu.org
2015-09-17 21:17:05 +03:00
|
|
|
[WIN_DSM] = { cmd_data_set_management, HD_CFA_OK },
|
2013-06-18 12:26:08 +04:00
|
|
|
[WIN_DEVICE_RESET] = { cmd_device_reset, CD_OK },
|
2013-06-18 12:25:58 +04:00
|
|
|
[WIN_RECAL] = { cmd_nop, HD_CFA_OK | SET_DSC},
|
2013-06-18 12:26:01 +04:00
|
|
|
[WIN_READ] = { cmd_read_pio, ALL_OK },
|
ide: fix ATAPI command permissions
We're a little too lenient with what we'll let an ATAPI drive handle.
Clamp down on the IDE command execution table to remove CD_OK permissions
from commands that are not and have never been ATAPI commands.
For ATAPI command validity, please see:
- ATA4 Section 6.5 ("PACKET Command feature set")
- ATA8/ACS Section 4.3 ("The PACKET feature set")
- ACS3 Section 4.3 ("The PACKET feature set")
ACS3 has a historical command validity table in Table B.4
("Historical Command Assignments") that can be referenced to find when
a command was introduced, deprecated, obsoleted, etc.
The only reference for ATAPI command validity is by checking that
version's PACKET feature set section.
ATAPI was introduced by T13 into ATA4, all commands retired prior to ATA4
therefore are assumed to have never been ATAPI commands.
Mandatory commands, as listed in ATA8-ACS3, are:
- DEVICE RESET
- EXECUTE DEVICE DIAGNOSTIC
- IDENTIFY DEVICE
- IDENTIFY PACKET DEVICE
- NOP
- PACKET
- READ SECTOR(S)
- SET FEATURES
Optional commands as listed in ATA8-ACS3, are:
- FLUSH CACHE
- READ LOG DMA EXT
- READ LOG EXT
- WRITE LOG DMA EXT
- WRITE LOG EXT
All other commands are illegal to send to an ATAPI device and should
be rejected by the device.
CD_OK removal justifications:
0x06 WIN_DSM Defined in ACS2. Not valid for ATAPI.
0x21 WIN_READ_ONCE Retired in ATA5. Not ATAPI in ATA4.
0x94 WIN_STANDBYNOW2 Retired in ATA4. Did not coexist with ATAPI.
0x95 WIN_IDLEIMMEDIATE2 Retired in ATA4. Did not coexist with ATAPI.
0x96 WIN_STANDBY2 Retired in ATA4. Did not coexist with ATAPI.
0x97 WIN_SETIDLE2 Retired in ATA4. Did not coexist with ATAPI.
0x98 WIN_CHECKPOWERMODE2 Retired in ATA4. Did not coexist with ATAPI.
0x99 WIN_SLEEPNOW2 Retired in ATA4. Did not coexist with ATAPI.
0xE0 WIN_STANDBYNOW1 Not part of ATAPI in ATA4, ACS or ACS3.
0xE1 WIN_IDLEIMMDIATE Not part of ATAPI in ATA4, ACS or ACS3.
0xE2 WIN_STANDBY Not part of ATAPI in ATA4, ACS or ACS3.
0xE3 WIN_SETIDLE1 Not part of ATAPI in ATA4, ACS or ACS3.
0xE4 WIN_CHECKPOWERMODE1 Not part of ATAPI in ATA4, ACS or ACS3.
0xE5 WIN_SLEEPNOW1 Not part of ATAPI in ATA4, ACS or ACS3.
0xF8 WIN_READ_NATIVE_MAX Obsoleted in ACS3. Not ATAPI in ATA4 or ACS.
This patch fixes a divide by zero fault that can be caused by sending
the WIN_READ_NATIVE_MAX command to an ATAPI drive, which causes it to
attempt to use zeroed CHS values to perform sector arithmetic.
Reported-by: Qinghao Tang <luodalongde@gmail.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-id: 1441816082-21031-1-git-send-email-jsnow@redhat.com
CC: qemu-stable@nongnu.org
2015-09-17 21:17:05 +03:00
|
|
|
[WIN_READ_ONCE] = { cmd_read_pio, HD_CFA_OK },
|
2013-06-18 12:26:01 +04:00
|
|
|
[WIN_READ_EXT] = { cmd_read_pio, HD_CFA_OK },
|
2013-06-18 12:26:02 +04:00
|
|
|
[WIN_READDMA_EXT] = { cmd_read_dma, HD_CFA_OK },
|
2013-06-18 12:26:03 +04:00
|
|
|
[WIN_READ_NATIVE_MAX_EXT] = { cmd_read_native_max, HD_CFA_OK | SET_DSC },
|
2013-06-18 12:26:00 +04:00
|
|
|
[WIN_MULTREAD_EXT] = { cmd_read_multiple, HD_CFA_OK },
|
2013-06-18 12:26:01 +04:00
|
|
|
[WIN_WRITE] = { cmd_write_pio, HD_CFA_OK },
|
|
|
|
[WIN_WRITE_ONCE] = { cmd_write_pio, HD_CFA_OK },
|
|
|
|
[WIN_WRITE_EXT] = { cmd_write_pio, HD_CFA_OK },
|
2013-06-18 12:26:02 +04:00
|
|
|
[WIN_WRITEDMA_EXT] = { cmd_write_dma, HD_CFA_OK },
|
2013-06-18 12:26:01 +04:00
|
|
|
[CFA_WRITE_SECT_WO_ERASE] = { cmd_write_pio, CFA_OK },
|
2013-06-18 12:26:00 +04:00
|
|
|
[WIN_MULTWRITE_EXT] = { cmd_write_multiple, HD_CFA_OK },
|
2013-06-18 12:26:01 +04:00
|
|
|
[WIN_WRITE_VERIFY] = { cmd_write_pio, HD_CFA_OK },
|
2013-06-18 12:25:59 +04:00
|
|
|
[WIN_VERIFY] = { cmd_verify, HD_CFA_OK | SET_DSC },
|
|
|
|
[WIN_VERIFY_ONCE] = { cmd_verify, HD_CFA_OK | SET_DSC },
|
|
|
|
[WIN_VERIFY_EXT] = { cmd_verify, HD_CFA_OK | SET_DSC },
|
2013-06-18 12:26:07 +04:00
|
|
|
[WIN_SEEK] = { cmd_seek, HD_CFA_OK | SET_DSC },
|
2013-06-18 12:26:09 +04:00
|
|
|
[CFA_TRANSLATE_SECTOR] = { cmd_cfa_translate_sector, CFA_OK },
|
2013-06-18 12:26:08 +04:00
|
|
|
[WIN_DIAGNOSE] = { cmd_exec_dev_diagnostic, ALL_OK },
|
2022-07-07 06:11:40 +03:00
|
|
|
[WIN_SPECIFY] = { cmd_specify, HD_CFA_OK | SET_DSC },
|
ide: fix ATAPI command permissions
We're a little too lenient with what we'll let an ATAPI drive handle.
Clamp down on the IDE command execution table to remove CD_OK permissions
from commands that are not and have never been ATAPI commands.
For ATAPI command validity, please see:
- ATA4 Section 6.5 ("PACKET Command feature set")
- ATA8/ACS Section 4.3 ("The PACKET feature set")
- ACS3 Section 4.3 ("The PACKET feature set")
ACS3 has a historical command validity table in Table B.4
("Historical Command Assignments") that can be referenced to find when
a command was introduced, deprecated, obsoleted, etc.
The only reference for ATAPI command validity is by checking that
version's PACKET feature set section.
ATAPI was introduced by T13 into ATA4, all commands retired prior to ATA4
therefore are assumed to have never been ATAPI commands.
Mandatory commands, as listed in ATA8-ACS3, are:
- DEVICE RESET
- EXECUTE DEVICE DIAGNOSTIC
- IDENTIFY DEVICE
- IDENTIFY PACKET DEVICE
- NOP
- PACKET
- READ SECTOR(S)
- SET FEATURES
Optional commands as listed in ATA8-ACS3, are:
- FLUSH CACHE
- READ LOG DMA EXT
- READ LOG EXT
- WRITE LOG DMA EXT
- WRITE LOG EXT
All other commands are illegal to send to an ATAPI device and should
be rejected by the device.
CD_OK removal justifications:
0x06 WIN_DSM Defined in ACS2. Not valid for ATAPI.
0x21 WIN_READ_ONCE Retired in ATA5. Not ATAPI in ATA4.
0x94 WIN_STANDBYNOW2 Retired in ATA4. Did not coexist with ATAPI.
0x95 WIN_IDLEIMMEDIATE2 Retired in ATA4. Did not coexist with ATAPI.
0x96 WIN_STANDBY2 Retired in ATA4. Did not coexist with ATAPI.
0x97 WIN_SETIDLE2 Retired in ATA4. Did not coexist with ATAPI.
0x98 WIN_CHECKPOWERMODE2 Retired in ATA4. Did not coexist with ATAPI.
0x99 WIN_SLEEPNOW2 Retired in ATA4. Did not coexist with ATAPI.
0xE0 WIN_STANDBYNOW1 Not part of ATAPI in ATA4, ACS or ACS3.
0xE1 WIN_IDLEIMMDIATE Not part of ATAPI in ATA4, ACS or ACS3.
0xE2 WIN_STANDBY Not part of ATAPI in ATA4, ACS or ACS3.
0xE3 WIN_SETIDLE1 Not part of ATAPI in ATA4, ACS or ACS3.
0xE4 WIN_CHECKPOWERMODE1 Not part of ATAPI in ATA4, ACS or ACS3.
0xE5 WIN_SLEEPNOW1 Not part of ATAPI in ATA4, ACS or ACS3.
0xF8 WIN_READ_NATIVE_MAX Obsoleted in ACS3. Not ATAPI in ATA4 or ACS.
This patch fixes a divide by zero fault that can be caused by sending
the WIN_READ_NATIVE_MAX command to an ATAPI drive, which causes it to
attempt to use zeroed CHS values to perform sector arithmetic.
Reported-by: Qinghao Tang <luodalongde@gmail.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-id: 1441816082-21031-1-git-send-email-jsnow@redhat.com
CC: qemu-stable@nongnu.org
2015-09-17 21:17:05 +03:00
|
|
|
[WIN_STANDBYNOW2] = { cmd_nop, HD_CFA_OK },
|
|
|
|
[WIN_IDLEIMMEDIATE2] = { cmd_nop, HD_CFA_OK },
|
|
|
|
[WIN_STANDBY2] = { cmd_nop, HD_CFA_OK },
|
|
|
|
[WIN_SETIDLE2] = { cmd_nop, HD_CFA_OK },
|
|
|
|
[WIN_CHECKPOWERMODE2] = { cmd_check_power_mode, HD_CFA_OK | SET_DSC },
|
|
|
|
[WIN_SLEEPNOW2] = { cmd_nop, HD_CFA_OK },
|
2013-06-18 12:26:08 +04:00
|
|
|
[WIN_PACKETCMD] = { cmd_packet, CD_OK },
|
|
|
|
[WIN_PIDENTIFY] = { cmd_identify_packet, CD_OK },
|
2013-06-18 12:26:10 +04:00
|
|
|
[WIN_SMART] = { cmd_smart, HD_CFA_OK | SET_DSC },
|
2013-06-18 12:26:09 +04:00
|
|
|
[CFA_ACCESS_METADATA_STORAGE] = { cmd_cfa_access_metadata_storage, CFA_OK },
|
|
|
|
[CFA_ERASE_SECTORS] = { cmd_cfa_erase_sectors, CFA_OK | SET_DSC },
|
2013-06-18 12:26:00 +04:00
|
|
|
[WIN_MULTREAD] = { cmd_read_multiple, HD_CFA_OK },
|
|
|
|
[WIN_MULTWRITE] = { cmd_write_multiple, HD_CFA_OK },
|
|
|
|
[WIN_SETMULT] = { cmd_set_multiple_mode, HD_CFA_OK | SET_DSC },
|
2013-06-18 12:26:02 +04:00
|
|
|
[WIN_READDMA] = { cmd_read_dma, HD_CFA_OK },
|
|
|
|
[WIN_READDMA_ONCE] = { cmd_read_dma, HD_CFA_OK },
|
|
|
|
[WIN_WRITEDMA] = { cmd_write_dma, HD_CFA_OK },
|
|
|
|
[WIN_WRITEDMA_ONCE] = { cmd_write_dma, HD_CFA_OK },
|
2013-06-18 12:26:00 +04:00
|
|
|
[CFA_WRITE_MULTI_WO_ERASE] = { cmd_write_multiple, CFA_OK },
|
ide: fix ATAPI command permissions
We're a little too lenient with what we'll let an ATAPI drive handle.
Clamp down on the IDE command execution table to remove CD_OK permissions
from commands that are not and have never been ATAPI commands.
For ATAPI command validity, please see:
- ATA4 Section 6.5 ("PACKET Command feature set")
- ATA8/ACS Section 4.3 ("The PACKET feature set")
- ACS3 Section 4.3 ("The PACKET feature set")
ACS3 has a historical command validity table in Table B.4
("Historical Command Assignments") that can be referenced to find when
a command was introduced, deprecated, obsoleted, etc.
The only reference for ATAPI command validity is by checking that
version's PACKET feature set section.
ATAPI was introduced by T13 into ATA4, all commands retired prior to ATA4
therefore are assumed to have never been ATAPI commands.
Mandatory commands, as listed in ATA8-ACS3, are:
- DEVICE RESET
- EXECUTE DEVICE DIAGNOSTIC
- IDENTIFY DEVICE
- IDENTIFY PACKET DEVICE
- NOP
- PACKET
- READ SECTOR(S)
- SET FEATURES
Optional commands as listed in ATA8-ACS3, are:
- FLUSH CACHE
- READ LOG DMA EXT
- READ LOG EXT
- WRITE LOG DMA EXT
- WRITE LOG EXT
All other commands are illegal to send to an ATAPI device and should
be rejected by the device.
CD_OK removal justifications:
0x06 WIN_DSM Defined in ACS2. Not valid for ATAPI.
0x21 WIN_READ_ONCE Retired in ATA5. Not ATAPI in ATA4.
0x94 WIN_STANDBYNOW2 Retired in ATA4. Did not coexist with ATAPI.
0x95 WIN_IDLEIMMEDIATE2 Retired in ATA4. Did not coexist with ATAPI.
0x96 WIN_STANDBY2 Retired in ATA4. Did not coexist with ATAPI.
0x97 WIN_SETIDLE2 Retired in ATA4. Did not coexist with ATAPI.
0x98 WIN_CHECKPOWERMODE2 Retired in ATA4. Did not coexist with ATAPI.
0x99 WIN_SLEEPNOW2 Retired in ATA4. Did not coexist with ATAPI.
0xE0 WIN_STANDBYNOW1 Not part of ATAPI in ATA4, ACS or ACS3.
0xE1 WIN_IDLEIMMDIATE Not part of ATAPI in ATA4, ACS or ACS3.
0xE2 WIN_STANDBY Not part of ATAPI in ATA4, ACS or ACS3.
0xE3 WIN_SETIDLE1 Not part of ATAPI in ATA4, ACS or ACS3.
0xE4 WIN_CHECKPOWERMODE1 Not part of ATAPI in ATA4, ACS or ACS3.
0xE5 WIN_SLEEPNOW1 Not part of ATAPI in ATA4, ACS or ACS3.
0xF8 WIN_READ_NATIVE_MAX Obsoleted in ACS3. Not ATAPI in ATA4 or ACS.
This patch fixes a divide by zero fault that can be caused by sending
the WIN_READ_NATIVE_MAX command to an ATAPI drive, which causes it to
attempt to use zeroed CHS values to perform sector arithmetic.
Reported-by: Qinghao Tang <luodalongde@gmail.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-id: 1441816082-21031-1-git-send-email-jsnow@redhat.com
CC: qemu-stable@nongnu.org
2015-09-17 21:17:05 +03:00
|
|
|
[WIN_STANDBYNOW1] = { cmd_nop, HD_CFA_OK },
|
|
|
|
[WIN_IDLEIMMEDIATE] = { cmd_nop, HD_CFA_OK },
|
|
|
|
[WIN_STANDBY] = { cmd_nop, HD_CFA_OK },
|
|
|
|
[WIN_SETIDLE1] = { cmd_nop, HD_CFA_OK },
|
|
|
|
[WIN_CHECKPOWERMODE1] = { cmd_check_power_mode, HD_CFA_OK | SET_DSC },
|
|
|
|
[WIN_SLEEPNOW1] = { cmd_nop, HD_CFA_OK },
|
2013-06-18 12:26:06 +04:00
|
|
|
[WIN_FLUSH_CACHE] = { cmd_flush_cache, ALL_OK },
|
|
|
|
[WIN_FLUSH_CACHE_EXT] = { cmd_flush_cache, HD_CFA_OK },
|
2013-06-18 12:25:57 +04:00
|
|
|
[WIN_IDENTIFY] = { cmd_identify, ALL_OK },
|
2013-06-18 12:26:05 +04:00
|
|
|
[WIN_SETFEATURES] = { cmd_set_features, ALL_OK | SET_DSC },
|
2013-06-18 12:26:09 +04:00
|
|
|
[IBM_SENSE_CONDITION] = { cmd_ibm_sense_condition, CFA_OK | SET_DSC },
|
|
|
|
[CFA_WEAR_LEVEL] = { cmd_cfa_erase_sectors, HD_CFA_OK | SET_DSC },
|
ide: fix ATAPI command permissions
We're a little too lenient with what we'll let an ATAPI drive handle.
Clamp down on the IDE command execution table to remove CD_OK permissions
from commands that are not and have never been ATAPI commands.
For ATAPI command validity, please see:
- ATA4 Section 6.5 ("PACKET Command feature set")
- ATA8/ACS Section 4.3 ("The PACKET feature set")
- ACS3 Section 4.3 ("The PACKET feature set")
ACS3 has a historical command validity table in Table B.4
("Historical Command Assignments") that can be referenced to find when
a command was introduced, deprecated, obsoleted, etc.
The only reference for ATAPI command validity is by checking that
version's PACKET feature set section.
ATAPI was introduced by T13 into ATA4, all commands retired prior to ATA4
therefore are assumed to have never been ATAPI commands.
Mandatory commands, as listed in ATA8-ACS3, are:
- DEVICE RESET
- EXECUTE DEVICE DIAGNOSTIC
- IDENTIFY DEVICE
- IDENTIFY PACKET DEVICE
- NOP
- PACKET
- READ SECTOR(S)
- SET FEATURES
Optional commands as listed in ATA8-ACS3, are:
- FLUSH CACHE
- READ LOG DMA EXT
- READ LOG EXT
- WRITE LOG DMA EXT
- WRITE LOG EXT
All other commands are illegal to send to an ATAPI device and should
be rejected by the device.
CD_OK removal justifications:
0x06 WIN_DSM Defined in ACS2. Not valid for ATAPI.
0x21 WIN_READ_ONCE Retired in ATA5. Not ATAPI in ATA4.
0x94 WIN_STANDBYNOW2 Retired in ATA4. Did not coexist with ATAPI.
0x95 WIN_IDLEIMMEDIATE2 Retired in ATA4. Did not coexist with ATAPI.
0x96 WIN_STANDBY2 Retired in ATA4. Did not coexist with ATAPI.
0x97 WIN_SETIDLE2 Retired in ATA4. Did not coexist with ATAPI.
0x98 WIN_CHECKPOWERMODE2 Retired in ATA4. Did not coexist with ATAPI.
0x99 WIN_SLEEPNOW2 Retired in ATA4. Did not coexist with ATAPI.
0xE0 WIN_STANDBYNOW1 Not part of ATAPI in ATA4, ACS or ACS3.
0xE1 WIN_IDLEIMMDIATE Not part of ATAPI in ATA4, ACS or ACS3.
0xE2 WIN_STANDBY Not part of ATAPI in ATA4, ACS or ACS3.
0xE3 WIN_SETIDLE1 Not part of ATAPI in ATA4, ACS or ACS3.
0xE4 WIN_CHECKPOWERMODE1 Not part of ATAPI in ATA4, ACS or ACS3.
0xE5 WIN_SLEEPNOW1 Not part of ATAPI in ATA4, ACS or ACS3.
0xF8 WIN_READ_NATIVE_MAX Obsoleted in ACS3. Not ATAPI in ATA4 or ACS.
This patch fixes a divide by zero fault that can be caused by sending
the WIN_READ_NATIVE_MAX command to an ATAPI drive, which causes it to
attempt to use zeroed CHS values to perform sector arithmetic.
Reported-by: Qinghao Tang <luodalongde@gmail.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Message-id: 1441816082-21031-1-git-send-email-jsnow@redhat.com
CC: qemu-stable@nongnu.org
2015-09-17 21:17:05 +03:00
|
|
|
[WIN_READ_NATIVE_MAX] = { cmd_read_native_max, HD_CFA_OK | SET_DSC },
|
2011-09-06 20:58:35 +04:00
|
|
|
};
|
|
|
|
|
|
|
|
static bool ide_cmd_permitted(IDEState *s, uint32_t cmd)
|
|
|
|
{
|
|
|
|
return cmd < ARRAY_SIZE(ide_cmd_table)
|
2013-06-18 12:25:55 +04:00
|
|
|
&& (ide_cmd_table[cmd].flags & (1u << s->drive_kind));
|
2011-09-06 20:58:35 +04:00
|
|
|
}
|
2010-12-14 03:34:33 +03:00
|
|
|
|
2023-02-09 13:26:20 +03:00
|
|
|
void ide_bus_exec_cmd(IDEBus *bus, uint32_t val)
|
2010-12-14 03:34:33 +03:00
|
|
|
{
|
|
|
|
IDEState *s;
|
2013-06-18 12:26:11 +04:00
|
|
|
bool complete;
|
2010-12-14 03:34:33 +03:00
|
|
|
|
2023-02-09 13:33:08 +03:00
|
|
|
s = ide_bus_active_if(bus);
|
2023-02-09 13:26:20 +03:00
|
|
|
trace_ide_bus_exec_cmd(bus, s, val);
|
2017-09-18 22:01:25 +03:00
|
|
|
|
2011-11-29 12:52:39 +04:00
|
|
|
/* ignore commands to non existent slave */
|
2014-10-07 15:59:18 +04:00
|
|
|
if (s != bus->ifs && !s->blk) {
|
2010-12-14 03:34:34 +03:00
|
|
|
return;
|
2014-10-07 15:59:18 +04:00
|
|
|
}
|
2006-04-26 01:24:22 +04:00
|
|
|
|
2016-02-10 21:29:38 +03:00
|
|
|
/* Only RESET is allowed while BSY and/or DRQ are set,
|
|
|
|
* and only to ATAPI devices. */
|
|
|
|
if (s->status & (BUSY_STAT|DRQ_STAT)) {
|
|
|
|
if (val != WIN_DEVICE_RESET || s->drive_kind != IDE_CD) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
2008-08-22 02:40:00 +04:00
|
|
|
|
2011-09-06 20:58:35 +04:00
|
|
|
if (!ide_cmd_permitted(s, val)) {
|
2013-06-18 12:26:11 +04:00
|
|
|
ide_abort_command(s);
|
2023-02-09 13:33:47 +03:00
|
|
|
ide_bus_set_irq(s->bus);
|
2013-06-18 12:26:11 +04:00
|
|
|
return;
|
2011-09-06 20:58:35 +04:00
|
|
|
}
|
|
|
|
|
2013-06-18 12:26:11 +04:00
|
|
|
s->status = READY_STAT | BUSY_STAT;
|
|
|
|
s->error = 0;
|
2014-10-31 23:03:37 +03:00
|
|
|
s->io_buffer_offset = 0;
|
2013-06-18 12:25:55 +04:00
|
|
|
|
2013-06-18 12:26:11 +04:00
|
|
|
complete = ide_cmd_table[val].handler(s, val);
|
|
|
|
if (complete) {
|
|
|
|
s->status &= ~BUSY_STAT;
|
|
|
|
assert(!!s->error == !!(s->status & ERR_STAT));
|
2013-06-18 12:25:55 +04:00
|
|
|
|
2013-06-18 12:26:11 +04:00
|
|
|
if ((ide_cmd_table[val].flags & SET_DSC) && !s->error) {
|
|
|
|
s->status |= SEEK_STAT;
|
2013-06-18 12:25:55 +04:00
|
|
|
}
|
|
|
|
|
2014-08-05 01:11:17 +04:00
|
|
|
ide_cmd_done(s);
|
2023-02-09 13:33:47 +03:00
|
|
|
ide_bus_set_irq(s->bus);
|
2010-12-14 03:34:34 +03:00
|
|
|
}
|
2003-11-11 16:48:59 +03:00
|
|
|
}
|
|
|
|
|
2017-09-18 22:01:25 +03:00
|
|
|
/* IOport [R]ead [R]egisters */
|
|
|
|
enum ATA_IOPORT_RR {
|
|
|
|
ATA_IOPORT_RR_DATA = 0,
|
|
|
|
ATA_IOPORT_RR_ERROR = 1,
|
|
|
|
ATA_IOPORT_RR_SECTOR_COUNT = 2,
|
|
|
|
ATA_IOPORT_RR_SECTOR_NUMBER = 3,
|
|
|
|
ATA_IOPORT_RR_CYLINDER_LOW = 4,
|
|
|
|
ATA_IOPORT_RR_CYLINDER_HIGH = 5,
|
|
|
|
ATA_IOPORT_RR_DEVICE_HEAD = 6,
|
|
|
|
ATA_IOPORT_RR_STATUS = 7,
|
|
|
|
ATA_IOPORT_RR_NUM_REGISTERS,
|
|
|
|
};
|
|
|
|
|
|
|
|
const char *ATA_IOPORT_RR_lookup[ATA_IOPORT_RR_NUM_REGISTERS] = {
|
|
|
|
[ATA_IOPORT_RR_DATA] = "Data",
|
|
|
|
[ATA_IOPORT_RR_ERROR] = "Error",
|
|
|
|
[ATA_IOPORT_RR_SECTOR_COUNT] = "Sector Count",
|
|
|
|
[ATA_IOPORT_RR_SECTOR_NUMBER] = "Sector Number",
|
|
|
|
[ATA_IOPORT_RR_CYLINDER_LOW] = "Cylinder Low",
|
|
|
|
[ATA_IOPORT_RR_CYLINDER_HIGH] = "Cylinder High",
|
|
|
|
[ATA_IOPORT_RR_DEVICE_HEAD] = "Device/Head",
|
|
|
|
[ATA_IOPORT_RR_STATUS] = "Status"
|
|
|
|
};
|
|
|
|
|
2017-09-18 22:01:25 +03:00
|
|
|
uint32_t ide_ioport_read(void *opaque, uint32_t addr)
|
2003-11-11 16:48:59 +03:00
|
|
|
{
|
2009-08-20 17:22:17 +04:00
|
|
|
IDEBus *bus = opaque;
|
2023-02-09 13:33:08 +03:00
|
|
|
IDEState *s = ide_bus_active_if(bus);
|
2017-09-18 22:01:25 +03:00
|
|
|
uint32_t reg_num;
|
2006-04-26 01:24:22 +04:00
|
|
|
int ret, hob;
|
2003-11-11 16:48:59 +03:00
|
|
|
|
2017-09-18 22:01:25 +03:00
|
|
|
reg_num = addr & 7;
|
2020-07-24 08:22:56 +03:00
|
|
|
hob = bus->cmd & (IDE_CTRL_HOB);
|
2017-09-18 22:01:25 +03:00
|
|
|
switch (reg_num) {
|
2017-09-18 22:01:25 +03:00
|
|
|
case ATA_IOPORT_RR_DATA:
|
2022-05-21 02:52:00 +03:00
|
|
|
/*
|
|
|
|
* The pre-GRUB Solaris x86 bootloader relies upon inb
|
|
|
|
* consuming a word from the drive's sector buffer.
|
|
|
|
*/
|
|
|
|
ret = ide_data_readw(bus, addr) & 0xff;
|
2003-11-11 16:48:59 +03:00
|
|
|
break;
|
2017-09-18 22:01:25 +03:00
|
|
|
case ATA_IOPORT_RR_ERROR:
|
2014-10-07 15:59:18 +04:00
|
|
|
if ((!bus->ifs[0].blk && !bus->ifs[1].blk) ||
|
|
|
|
(s != bus->ifs && !s->blk)) {
|
2004-03-21 01:01:15 +03:00
|
|
|
ret = 0;
|
2014-10-07 15:59:18 +04:00
|
|
|
} else if (!hob) {
|
2004-03-21 01:01:15 +03:00
|
|
|
ret = s->error;
|
2014-10-07 15:59:18 +04:00
|
|
|
} else {
|
2018-12-14 01:37:37 +03:00
|
|
|
ret = s->hob_feature;
|
2014-10-07 15:59:18 +04:00
|
|
|
}
|
2003-11-11 16:48:59 +03:00
|
|
|
break;
|
2017-09-18 22:01:25 +03:00
|
|
|
case ATA_IOPORT_RR_SECTOR_COUNT:
|
2014-10-07 15:59:18 +04:00
|
|
|
if (!bus->ifs[0].blk && !bus->ifs[1].blk) {
|
2004-03-21 01:01:15 +03:00
|
|
|
ret = 0;
|
2014-10-07 15:59:18 +04:00
|
|
|
} else if (!hob) {
|
2004-03-21 01:01:15 +03:00
|
|
|
ret = s->nsector & 0xff;
|
2014-10-07 15:59:18 +04:00
|
|
|
} else {
|
2018-12-14 01:37:37 +03:00
|
|
|
ret = s->hob_nsector;
|
2014-10-07 15:59:18 +04:00
|
|
|
}
|
2003-11-11 16:48:59 +03:00
|
|
|
break;
|
2017-09-18 22:01:25 +03:00
|
|
|
case ATA_IOPORT_RR_SECTOR_NUMBER:
|
2014-10-07 15:59:18 +04:00
|
|
|
if (!bus->ifs[0].blk && !bus->ifs[1].blk) {
|
2004-03-21 01:01:15 +03:00
|
|
|
ret = 0;
|
2014-10-07 15:59:18 +04:00
|
|
|
} else if (!hob) {
|
2004-03-21 01:01:15 +03:00
|
|
|
ret = s->sector;
|
2014-10-07 15:59:18 +04:00
|
|
|
} else {
|
2018-12-14 01:37:37 +03:00
|
|
|
ret = s->hob_sector;
|
2014-10-07 15:59:18 +04:00
|
|
|
}
|
2003-11-11 16:48:59 +03:00
|
|
|
break;
|
2017-09-18 22:01:25 +03:00
|
|
|
case ATA_IOPORT_RR_CYLINDER_LOW:
|
2014-10-07 15:59:18 +04:00
|
|
|
if (!bus->ifs[0].blk && !bus->ifs[1].blk) {
|
2004-03-21 01:01:15 +03:00
|
|
|
ret = 0;
|
2014-10-07 15:59:18 +04:00
|
|
|
} else if (!hob) {
|
2004-03-21 01:01:15 +03:00
|
|
|
ret = s->lcyl;
|
2014-10-07 15:59:18 +04:00
|
|
|
} else {
|
2018-12-14 01:37:37 +03:00
|
|
|
ret = s->hob_lcyl;
|
2014-10-07 15:59:18 +04:00
|
|
|
}
|
2003-11-11 16:48:59 +03:00
|
|
|
break;
|
2017-09-18 22:01:25 +03:00
|
|
|
case ATA_IOPORT_RR_CYLINDER_HIGH:
|
2014-10-07 15:59:18 +04:00
|
|
|
if (!bus->ifs[0].blk && !bus->ifs[1].blk) {
|
2004-03-21 01:01:15 +03:00
|
|
|
ret = 0;
|
2014-10-07 15:59:18 +04:00
|
|
|
} else if (!hob) {
|
2004-03-21 01:01:15 +03:00
|
|
|
ret = s->hcyl;
|
2014-10-07 15:59:18 +04:00
|
|
|
} else {
|
2018-12-14 01:37:37 +03:00
|
|
|
ret = s->hob_hcyl;
|
2014-10-07 15:59:18 +04:00
|
|
|
}
|
2003-11-11 16:48:59 +03:00
|
|
|
break;
|
2017-09-18 22:01:25 +03:00
|
|
|
case ATA_IOPORT_RR_DEVICE_HEAD:
|
2014-10-07 15:59:18 +04:00
|
|
|
if (!bus->ifs[0].blk && !bus->ifs[1].blk) {
|
2004-03-21 01:01:15 +03:00
|
|
|
ret = 0;
|
2014-10-07 15:59:18 +04:00
|
|
|
} else {
|
2004-04-08 02:13:51 +04:00
|
|
|
ret = s->select;
|
2014-10-07 15:59:18 +04:00
|
|
|
}
|
2003-11-11 16:48:59 +03:00
|
|
|
break;
|
|
|
|
default:
|
2017-09-18 22:01:25 +03:00
|
|
|
case ATA_IOPORT_RR_STATUS:
|
2014-10-07 15:59:18 +04:00
|
|
|
if ((!bus->ifs[0].blk && !bus->ifs[1].blk) ||
|
|
|
|
(s != bus->ifs && !s->blk)) {
|
2004-03-21 01:01:15 +03:00
|
|
|
ret = 0;
|
2014-10-07 15:59:18 +04:00
|
|
|
} else {
|
2004-03-21 01:01:15 +03:00
|
|
|
ret = s->status;
|
2014-10-07 15:59:18 +04:00
|
|
|
}
|
2009-08-28 18:37:42 +04:00
|
|
|
qemu_irq_lower(bus->irq);
|
2003-11-11 16:48:59 +03:00
|
|
|
break;
|
|
|
|
}
|
2017-09-18 22:01:25 +03:00
|
|
|
|
2017-09-18 22:01:25 +03:00
|
|
|
trace_ide_ioport_read(addr, ATA_IOPORT_RR_lookup[reg_num], ret, bus, s);
|
2003-11-11 16:48:59 +03:00
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2009-08-20 17:22:18 +04:00
|
|
|
uint32_t ide_status_read(void *opaque, uint32_t addr)
|
2003-11-11 16:48:59 +03:00
|
|
|
{
|
2009-08-20 17:22:17 +04:00
|
|
|
IDEBus *bus = opaque;
|
2023-02-09 13:33:08 +03:00
|
|
|
IDEState *s = ide_bus_active_if(bus);
|
2003-11-11 16:48:59 +03:00
|
|
|
int ret;
|
2004-04-08 02:13:51 +04:00
|
|
|
|
2014-10-07 15:59:18 +04:00
|
|
|
if ((!bus->ifs[0].blk && !bus->ifs[1].blk) ||
|
|
|
|
(s != bus->ifs && !s->blk)) {
|
2004-04-08 02:13:51 +04:00
|
|
|
ret = 0;
|
2014-10-07 15:59:18 +04:00
|
|
|
} else {
|
2004-04-08 02:13:51 +04:00
|
|
|
ret = s->status;
|
2014-10-07 15:59:18 +04:00
|
|
|
}
|
2017-09-18 22:01:25 +03:00
|
|
|
|
|
|
|
trace_ide_status_read(addr, ret, bus, s);
|
2003-11-11 16:48:59 +03:00
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2020-07-24 08:23:00 +03:00
|
|
|
static void ide_perform_srst(IDEState *s)
|
|
|
|
{
|
|
|
|
s->status |= BUSY_STAT;
|
|
|
|
|
|
|
|
/* Halt PIO (Via register state); PIO BH remains scheduled. */
|
|
|
|
ide_transfer_halt(s);
|
|
|
|
|
|
|
|
/* Cancel DMA -- may drain block device and invoke callbacks */
|
|
|
|
ide_cancel_dma_sync(s);
|
|
|
|
|
|
|
|
/* Cancel PIO callback, reset registers/signature, etc */
|
|
|
|
ide_reset(s);
|
|
|
|
|
2020-10-20 23:02:40 +03:00
|
|
|
/* perform diagnostic */
|
|
|
|
cmd_exec_dev_diagnostic(s, WIN_DIAGNOSE);
|
2020-07-24 08:23:00 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
static void ide_bus_perform_srst(void *opaque)
|
|
|
|
{
|
|
|
|
IDEBus *bus = opaque;
|
|
|
|
IDEState *s;
|
|
|
|
int i;
|
|
|
|
|
|
|
|
for (i = 0; i < 2; i++) {
|
|
|
|
s = &bus->ifs[i];
|
|
|
|
ide_perform_srst(s);
|
|
|
|
}
|
2020-10-20 23:02:42 +03:00
|
|
|
|
|
|
|
bus->cmd &= ~IDE_CTRL_RESET;
|
2020-07-24 08:23:00 +03:00
|
|
|
}
|
|
|
|
|
2020-07-24 08:22:54 +03:00
|
|
|
void ide_ctrl_write(void *opaque, uint32_t addr, uint32_t val)
|
2003-11-11 16:48:59 +03:00
|
|
|
{
|
2009-08-20 17:22:17 +04:00
|
|
|
IDEBus *bus = opaque;
|
2003-11-11 16:48:59 +03:00
|
|
|
IDEState *s;
|
|
|
|
int i;
|
|
|
|
|
2020-07-24 08:22:54 +03:00
|
|
|
trace_ide_ctrl_write(addr, val, bus);
|
2017-09-18 22:01:25 +03:00
|
|
|
|
2020-07-24 08:23:00 +03:00
|
|
|
/* Device0 and Device1 each have their own control register,
|
|
|
|
* but QEMU models it as just one register in the controller. */
|
2020-10-20 23:02:41 +03:00
|
|
|
if (!(bus->cmd & IDE_CTRL_RESET) && (val & IDE_CTRL_RESET)) {
|
2020-07-24 08:23:00 +03:00
|
|
|
for (i = 0; i < 2; i++) {
|
2009-08-20 17:22:17 +04:00
|
|
|
s = &bus->ifs[i];
|
2020-07-24 08:23:00 +03:00
|
|
|
s->status |= BUSY_STAT;
|
2003-11-11 16:48:59 +03:00
|
|
|
}
|
2020-10-07 19:00:19 +03:00
|
|
|
replay_bh_schedule_oneshot_event(qemu_get_aio_context(),
|
|
|
|
ide_bus_perform_srst, bus);
|
2003-11-11 16:48:59 +03:00
|
|
|
}
|
|
|
|
|
2009-08-28 18:37:42 +04:00
|
|
|
bus->cmd = val;
|
2003-11-11 16:48:59 +03:00
|
|
|
}
|
|
|
|
|
2011-07-04 16:07:50 +04:00
|
|
|
/*
|
|
|
|
* Returns true if the running PIO transfer is a PIO out (i.e. data is
|
|
|
|
* transferred from the device to the guest), false if it's a PIO in
|
|
|
|
*/
|
|
|
|
static bool ide_is_pio_out(IDEState *s)
|
|
|
|
{
|
|
|
|
if (s->end_transfer_func == ide_sector_write ||
|
|
|
|
s->end_transfer_func == ide_atapi_cmd) {
|
|
|
|
return false;
|
|
|
|
} else if (s->end_transfer_func == ide_sector_read ||
|
|
|
|
s->end_transfer_func == ide_transfer_stop ||
|
|
|
|
s->end_transfer_func == ide_atapi_cmd_reply_end ||
|
|
|
|
s->end_transfer_func == ide_dummy_transfer_stop) {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
abort();
|
|
|
|
}
|
|
|
|
|
2009-08-20 17:22:18 +04:00
|
|
|
void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
|
2003-11-11 16:48:59 +03:00
|
|
|
{
|
2009-08-20 17:22:17 +04:00
|
|
|
IDEBus *bus = opaque;
|
2023-02-09 13:33:08 +03:00
|
|
|
IDEState *s = ide_bus_active_if(bus);
|
2003-11-11 16:48:59 +03:00
|
|
|
uint8_t *p;
|
|
|
|
|
2017-09-18 22:01:26 +03:00
|
|
|
trace_ide_data_writew(addr, val, bus, s);
|
|
|
|
|
2011-07-04 16:07:50 +04:00
|
|
|
/* PIO data access allowed only when DRQ bit is set. The result of a write
|
|
|
|
* during PIO out is indeterminate, just ignore it. */
|
|
|
|
if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) {
|
2008-08-22 02:40:00 +04:00
|
|
|
return;
|
2011-07-04 16:07:50 +04:00
|
|
|
}
|
2008-08-22 02:40:00 +04:00
|
|
|
|
2003-11-11 16:48:59 +03:00
|
|
|
p = s->data_ptr;
|
2022-11-30 15:02:38 +03:00
|
|
|
if (s->io8) {
|
|
|
|
if (p + 1 > s->data_end) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
*p++ = val;
|
|
|
|
} else {
|
|
|
|
if (p + 2 > s->data_end) {
|
|
|
|
return;
|
|
|
|
}
|
2015-07-27 06:42:53 +03:00
|
|
|
|
2022-11-30 15:02:38 +03:00
|
|
|
*(uint16_t *)p = le16_to_cpu(val);
|
|
|
|
p += 2;
|
|
|
|
}
|
2003-11-11 16:48:59 +03:00
|
|
|
s->data_ptr = p;
|
2015-07-27 06:42:53 +03:00
|
|
|
if (p >= s->data_end) {
|
|
|
|
s->status &= ~DRQ_STAT;
|
2003-11-11 16:48:59 +03:00
|
|
|
s->end_transfer_func(s);
|
2015-07-27 06:42:53 +03:00
|
|
|
}
|
2003-11-11 16:48:59 +03:00
|
|
|
}
|
|
|
|
|
2009-08-20 17:22:18 +04:00
|
|
|
uint32_t ide_data_readw(void *opaque, uint32_t addr)
|
2003-11-11 16:48:59 +03:00
|
|
|
{
|
2009-08-20 17:22:17 +04:00
|
|
|
IDEBus *bus = opaque;
|
2023-02-09 13:33:08 +03:00
|
|
|
IDEState *s = ide_bus_active_if(bus);
|
2003-11-11 16:48:59 +03:00
|
|
|
uint8_t *p;
|
|
|
|
int ret;
|
2008-08-22 02:40:00 +04:00
|
|
|
|
2011-07-04 16:07:50 +04:00
|
|
|
/* PIO data access allowed only when DRQ bit is set. The result of a read
|
|
|
|
* during PIO in is indeterminate, return 0 and don't move forward. */
|
|
|
|
if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) {
|
2008-08-22 02:40:00 +04:00
|
|
|
return 0;
|
2011-07-04 16:07:50 +04:00
|
|
|
}
|
2008-08-22 02:40:00 +04:00
|
|
|
|
2003-11-11 16:48:59 +03:00
|
|
|
p = s->data_ptr;
|
2022-11-30 15:02:38 +03:00
|
|
|
if (s->io8) {
|
|
|
|
if (p + 1 > s->data_end) {
|
|
|
|
return 0;
|
|
|
|
}
|
2015-07-27 06:42:53 +03:00
|
|
|
|
2022-11-30 15:02:38 +03:00
|
|
|
ret = *p++;
|
|
|
|
} else {
|
|
|
|
if (p + 2 > s->data_end) {
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
ret = cpu_to_le16(*(uint16_t *)p);
|
|
|
|
p += 2;
|
|
|
|
}
|
2003-11-11 16:48:59 +03:00
|
|
|
s->data_ptr = p;
|
2015-07-27 06:42:53 +03:00
|
|
|
if (p >= s->data_end) {
|
|
|
|
s->status &= ~DRQ_STAT;
|
2003-11-11 16:48:59 +03:00
|
|
|
s->end_transfer_func(s);
|
2015-07-27 06:42:53 +03:00
|
|
|
}
|
2017-09-18 22:01:26 +03:00
|
|
|
|
|
|
|
trace_ide_data_readw(addr, ret, bus, s);
|
2003-11-11 16:48:59 +03:00
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2009-08-20 17:22:18 +04:00
|
|
|
void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
|
2003-11-11 16:48:59 +03:00
|
|
|
{
|
2009-08-20 17:22:17 +04:00
|
|
|
IDEBus *bus = opaque;
|
2023-02-09 13:33:08 +03:00
|
|
|
IDEState *s = ide_bus_active_if(bus);
|
2003-11-11 16:48:59 +03:00
|
|
|
uint8_t *p;
|
|
|
|
|
2017-09-18 22:01:26 +03:00
|
|
|
trace_ide_data_writel(addr, val, bus, s);
|
|
|
|
|
2011-07-04 16:07:50 +04:00
|
|
|
/* PIO data access allowed only when DRQ bit is set. The result of a write
|
|
|
|
* during PIO out is indeterminate, just ignore it. */
|
|
|
|
if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) {
|
2008-08-22 02:40:00 +04:00
|
|
|
return;
|
2011-07-04 16:07:50 +04:00
|
|
|
}
|
2008-08-22 02:40:00 +04:00
|
|
|
|
2003-11-11 16:48:59 +03:00
|
|
|
p = s->data_ptr;
|
2015-07-27 06:42:53 +03:00
|
|
|
if (p + 4 > s->data_end) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2004-04-26 02:09:16 +04:00
|
|
|
*(uint32_t *)p = le32_to_cpu(val);
|
2003-11-11 16:48:59 +03:00
|
|
|
p += 4;
|
|
|
|
s->data_ptr = p;
|
2015-07-27 06:42:53 +03:00
|
|
|
if (p >= s->data_end) {
|
|
|
|
s->status &= ~DRQ_STAT;
|
2003-11-11 16:48:59 +03:00
|
|
|
s->end_transfer_func(s);
|
2015-07-27 06:42:53 +03:00
|
|
|
}
|
2003-11-11 16:48:59 +03:00
|
|
|
}
|
|
|
|
|
2009-08-20 17:22:18 +04:00
|
|
|
uint32_t ide_data_readl(void *opaque, uint32_t addr)
|
2003-11-11 16:48:59 +03:00
|
|
|
{
|
2009-08-20 17:22:17 +04:00
|
|
|
IDEBus *bus = opaque;
|
2023-02-09 13:33:08 +03:00
|
|
|
IDEState *s = ide_bus_active_if(bus);
|
2003-11-11 16:48:59 +03:00
|
|
|
uint8_t *p;
|
|
|
|
int ret;
|
2007-09-17 12:09:54 +04:00
|
|
|
|
2011-07-04 16:07:50 +04:00
|
|
|
/* PIO data access allowed only when DRQ bit is set. The result of a read
|
|
|
|
* during PIO in is indeterminate, return 0 and don't move forward. */
|
|
|
|
if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) {
|
2017-09-18 22:01:26 +03:00
|
|
|
ret = 0;
|
|
|
|
goto out;
|
2011-07-04 16:07:50 +04:00
|
|
|
}
|
2008-08-22 02:40:00 +04:00
|
|
|
|
2003-11-11 16:48:59 +03:00
|
|
|
p = s->data_ptr;
|
2015-07-27 06:42:53 +03:00
|
|
|
if (p + 4 > s->data_end) {
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2004-04-26 02:09:16 +04:00
|
|
|
ret = cpu_to_le32(*(uint32_t *)p);
|
2003-11-11 16:48:59 +03:00
|
|
|
p += 4;
|
|
|
|
s->data_ptr = p;
|
2015-07-27 06:42:53 +03:00
|
|
|
if (p >= s->data_end) {
|
|
|
|
s->status &= ~DRQ_STAT;
|
2003-11-11 16:48:59 +03:00
|
|
|
s->end_transfer_func(s);
|
2015-07-27 06:42:53 +03:00
|
|
|
}
|
2017-09-18 22:01:26 +03:00
|
|
|
|
|
|
|
out:
|
|
|
|
trace_ide_data_readl(addr, ret, bus, s);
|
2003-11-11 16:48:59 +03:00
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
2004-10-10 00:27:55 +04:00
|
|
|
static void ide_dummy_transfer_stop(IDEState *s)
|
|
|
|
{
|
|
|
|
s->data_ptr = s->io_buffer;
|
|
|
|
s->data_end = s->io_buffer;
|
|
|
|
s->io_buffer[0] = 0xff;
|
|
|
|
s->io_buffer[1] = 0xff;
|
|
|
|
s->io_buffer[2] = 0xff;
|
|
|
|
s->io_buffer[3] = 0xff;
|
|
|
|
}
|
|
|
|
|
2009-11-07 17:13:05 +03:00
|
|
|
void ide_bus_reset(IDEBus *bus)
|
|
|
|
{
|
hw/ide: reset: cancel async DMA operation before resetting state
If there is a pending DMA operation during ide_bus_reset(), the fact
that the IDEState is already reset before the operation is canceled
can be problematic. In particular, ide_dma_cb() might be called and
then use the reset IDEState which contains the signature after the
reset. When used to construct the IO operation this leads to
ide_get_sector() returning 0 and nsector being 1. This is particularly
bad, because a write command will thus destroy the first sector which
often contains a partition table or similar.
Traces showing the unsolicited write happening with IDEState
0x5595af6949d0 being used after reset:
> ahci_port_write ahci(0x5595af6923f0)[0]: port write [reg:PxSCTL] @ 0x2c: 0x00000300
> ahci_reset_port ahci(0x5595af6923f0)[0]: reset port
> ide_reset IDEstate 0x5595af6949d0
> ide_reset IDEstate 0x5595af694da8
> ide_bus_reset_aio aio_cancel
> dma_aio_cancel dbs=0x7f64600089a0
> dma_blk_cb dbs=0x7f64600089a0 ret=0
> dma_complete dbs=0x7f64600089a0 ret=0 cb=0x5595acd40b30
> ahci_populate_sglist ahci(0x5595af6923f0)[0]
> ahci_dma_prepare_buf ahci(0x5595af6923f0)[0]: prepare buf limit=512 prepared=512
> ide_dma_cb IDEState 0x5595af6949d0; sector_num=0 n=1 cmd=DMA WRITE
> dma_blk_io dbs=0x7f6420802010 bs=0x5595ae2c6c30 offset=0 to_dev=1
> dma_blk_cb dbs=0x7f6420802010 ret=0
> (gdb) p *qiov
> $11 = {iov = 0x7f647c76d840, niov = 1, {{nalloc = 1, local_iov = {iov_base = 0x0,
> iov_len = 512}}, {__pad = "\001\000\000\000\000\000\000\000\000\000\000",
> size = 512}}}
> (gdb) bt
> #0 blk_aio_pwritev (blk=0x5595ae2c6c30, offset=0, qiov=0x7f6420802070, flags=0,
> cb=0x5595ace6f0b0 <dma_blk_cb>, opaque=0x7f6420802010)
> at ../block/block-backend.c:1682
> #1 0x00005595ace6f185 in dma_blk_cb (opaque=0x7f6420802010, ret=<optimized out>)
> at ../softmmu/dma-helpers.c:179
> #2 0x00005595ace6f778 in dma_blk_io (ctx=0x5595ae0609f0,
> sg=sg@entry=0x5595af694d00, offset=offset@entry=0, align=align@entry=512,
> io_func=io_func@entry=0x5595ace6ee30 <dma_blk_write_io_func>,
> io_func_opaque=io_func_opaque@entry=0x5595ae2c6c30,
> cb=0x5595acd40b30 <ide_dma_cb>, opaque=0x5595af6949d0,
> dir=DMA_DIRECTION_TO_DEVICE) at ../softmmu/dma-helpers.c:244
> #3 0x00005595ace6f90a in dma_blk_write (blk=0x5595ae2c6c30,
> sg=sg@entry=0x5595af694d00, offset=offset@entry=0, align=align@entry=512,
> cb=cb@entry=0x5595acd40b30 <ide_dma_cb>, opaque=opaque@entry=0x5595af6949d0)
> at ../softmmu/dma-helpers.c:280
> #4 0x00005595acd40e18 in ide_dma_cb (opaque=0x5595af6949d0, ret=<optimized out>)
> at ../hw/ide/core.c:953
> #5 0x00005595ace6f319 in dma_complete (ret=0, dbs=0x7f64600089a0)
> at ../softmmu/dma-helpers.c:107
> #6 dma_blk_cb (opaque=0x7f64600089a0, ret=0) at ../softmmu/dma-helpers.c:127
> #7 0x00005595ad12227d in blk_aio_complete (acb=0x7f6460005b10)
> at ../block/block-backend.c:1527
> #8 blk_aio_complete (acb=0x7f6460005b10) at ../block/block-backend.c:1524
> #9 blk_aio_write_entry (opaque=0x7f6460005b10) at ../block/block-backend.c:1594
> #10 0x00005595ad258cfb in coroutine_trampoline (i0=<optimized out>,
> i1=<optimized out>) at ../util/coroutine-ucontext.c:177
Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Tested-by: simon.rowe@nutanix.com
Message-ID: <20230906130922.142845-1-f.ebner@proxmox.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
2023-09-06 16:09:21 +03:00
|
|
|
/* pending async DMA - needs the IDEState before it is reset */
|
2010-12-15 02:23:00 +03:00
|
|
|
if (bus->dma->aiocb) {
|
2017-09-18 22:01:26 +03:00
|
|
|
trace_ide_bus_reset_aio();
|
2014-10-07 15:59:18 +04:00
|
|
|
blk_aio_cancel(bus->dma->aiocb);
|
2010-12-15 02:23:00 +03:00
|
|
|
bus->dma->aiocb = NULL;
|
|
|
|
}
|
|
|
|
|
hw/ide: reset: cancel async DMA operation before resetting state
If there is a pending DMA operation during ide_bus_reset(), the fact
that the IDEState is already reset before the operation is canceled
can be problematic. In particular, ide_dma_cb() might be called and
then use the reset IDEState which contains the signature after the
reset. When used to construct the IO operation this leads to
ide_get_sector() returning 0 and nsector being 1. This is particularly
bad, because a write command will thus destroy the first sector which
often contains a partition table or similar.
Traces showing the unsolicited write happening with IDEState
0x5595af6949d0 being used after reset:
> ahci_port_write ahci(0x5595af6923f0)[0]: port write [reg:PxSCTL] @ 0x2c: 0x00000300
> ahci_reset_port ahci(0x5595af6923f0)[0]: reset port
> ide_reset IDEstate 0x5595af6949d0
> ide_reset IDEstate 0x5595af694da8
> ide_bus_reset_aio aio_cancel
> dma_aio_cancel dbs=0x7f64600089a0
> dma_blk_cb dbs=0x7f64600089a0 ret=0
> dma_complete dbs=0x7f64600089a0 ret=0 cb=0x5595acd40b30
> ahci_populate_sglist ahci(0x5595af6923f0)[0]
> ahci_dma_prepare_buf ahci(0x5595af6923f0)[0]: prepare buf limit=512 prepared=512
> ide_dma_cb IDEState 0x5595af6949d0; sector_num=0 n=1 cmd=DMA WRITE
> dma_blk_io dbs=0x7f6420802010 bs=0x5595ae2c6c30 offset=0 to_dev=1
> dma_blk_cb dbs=0x7f6420802010 ret=0
> (gdb) p *qiov
> $11 = {iov = 0x7f647c76d840, niov = 1, {{nalloc = 1, local_iov = {iov_base = 0x0,
> iov_len = 512}}, {__pad = "\001\000\000\000\000\000\000\000\000\000\000",
> size = 512}}}
> (gdb) bt
> #0 blk_aio_pwritev (blk=0x5595ae2c6c30, offset=0, qiov=0x7f6420802070, flags=0,
> cb=0x5595ace6f0b0 <dma_blk_cb>, opaque=0x7f6420802010)
> at ../block/block-backend.c:1682
> #1 0x00005595ace6f185 in dma_blk_cb (opaque=0x7f6420802010, ret=<optimized out>)
> at ../softmmu/dma-helpers.c:179
> #2 0x00005595ace6f778 in dma_blk_io (ctx=0x5595ae0609f0,
> sg=sg@entry=0x5595af694d00, offset=offset@entry=0, align=align@entry=512,
> io_func=io_func@entry=0x5595ace6ee30 <dma_blk_write_io_func>,
> io_func_opaque=io_func_opaque@entry=0x5595ae2c6c30,
> cb=0x5595acd40b30 <ide_dma_cb>, opaque=0x5595af6949d0,
> dir=DMA_DIRECTION_TO_DEVICE) at ../softmmu/dma-helpers.c:244
> #3 0x00005595ace6f90a in dma_blk_write (blk=0x5595ae2c6c30,
> sg=sg@entry=0x5595af694d00, offset=offset@entry=0, align=align@entry=512,
> cb=cb@entry=0x5595acd40b30 <ide_dma_cb>, opaque=opaque@entry=0x5595af6949d0)
> at ../softmmu/dma-helpers.c:280
> #4 0x00005595acd40e18 in ide_dma_cb (opaque=0x5595af6949d0, ret=<optimized out>)
> at ../hw/ide/core.c:953
> #5 0x00005595ace6f319 in dma_complete (ret=0, dbs=0x7f64600089a0)
> at ../softmmu/dma-helpers.c:107
> #6 dma_blk_cb (opaque=0x7f64600089a0, ret=0) at ../softmmu/dma-helpers.c:127
> #7 0x00005595ad12227d in blk_aio_complete (acb=0x7f6460005b10)
> at ../block/block-backend.c:1527
> #8 blk_aio_complete (acb=0x7f6460005b10) at ../block/block-backend.c:1524
> #9 blk_aio_write_entry (opaque=0x7f6460005b10) at ../block/block-backend.c:1594
> #10 0x00005595ad258cfb in coroutine_trampoline (i0=<optimized out>,
> i1=<optimized out>) at ../util/coroutine-ucontext.c:177
Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Tested-by: simon.rowe@nutanix.com
Message-ID: <20230906130922.142845-1-f.ebner@proxmox.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
2023-09-06 16:09:21 +03:00
|
|
|
bus->unit = 0;
|
|
|
|
bus->cmd = 0;
|
|
|
|
ide_reset(&bus->ifs[0]);
|
|
|
|
ide_reset(&bus->ifs[1]);
|
|
|
|
ide_clear_hob(bus);
|
|
|
|
|
2010-12-15 02:23:00 +03:00
|
|
|
/* reset dma provider too */
|
2014-08-05 01:11:06 +04:00
|
|
|
if (bus->dma->ops->reset) {
|
|
|
|
bus->dma->ops->reset(bus->dma);
|
|
|
|
}
|
2009-11-07 17:13:05 +03:00
|
|
|
}
|
|
|
|
|
2011-09-06 20:58:53 +04:00
|
|
|
static bool ide_cd_is_tray_open(void *opaque)
|
|
|
|
{
|
|
|
|
return ((IDEState *)opaque)->tray_open;
|
|
|
|
}
|
|
|
|
|
2011-09-06 20:58:46 +04:00
|
|
|
static bool ide_cd_is_medium_locked(void *opaque)
|
|
|
|
{
|
|
|
|
return ((IDEState *)opaque)->tray_locked;
|
|
|
|
}
|
|
|
|
|
2014-09-05 07:42:17 +04:00
|
|
|
static void ide_resize_cb(void *opaque)
|
|
|
|
{
|
|
|
|
IDEState *s = opaque;
|
|
|
|
uint64_t nb_sectors;
|
|
|
|
|
|
|
|
if (!s->identify_set) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2014-10-07 15:59:18 +04:00
|
|
|
blk_get_geometry(s->blk, &nb_sectors);
|
2014-09-05 07:42:17 +04:00
|
|
|
s->nb_sectors = nb_sectors;
|
|
|
|
|
|
|
|
/* Update the identify data buffer. */
|
|
|
|
if (s->drive_kind == IDE_CFATA) {
|
|
|
|
ide_cfata_identify_size(s);
|
|
|
|
} else {
|
|
|
|
/* IDE_CD uses a different set of callbacks entirely. */
|
|
|
|
assert(s->drive_kind != IDE_CD);
|
|
|
|
ide_identify_size(s);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2011-08-03 17:07:41 +04:00
|
|
|
static const BlockDevOps ide_cd_block_ops = {
|
2011-08-03 17:07:42 +04:00
|
|
|
.change_media_cb = ide_cd_change_cb,
|
2011-10-25 14:53:39 +04:00
|
|
|
.eject_request_cb = ide_cd_eject_request_cb,
|
2011-09-06 20:58:53 +04:00
|
|
|
.is_tray_open = ide_cd_is_tray_open,
|
2011-09-06 20:58:46 +04:00
|
|
|
.is_medium_locked = ide_cd_is_medium_locked,
|
2011-08-03 17:07:41 +04:00
|
|
|
};
|
|
|
|
|
2014-09-05 07:42:17 +04:00
|
|
|
static const BlockDevOps ide_hd_block_ops = {
|
|
|
|
.resize_cb = ide_resize_cb,
|
|
|
|
};
|
|
|
|
|
2024-02-20 19:05:20 +03:00
|
|
|
int ide_init_drive(IDEState *s, IDEDevice *dev, IDEDriveKind kind, Error **errp)
|
2009-09-15 23:23:30 +04:00
|
|
|
{
|
|
|
|
uint64_t nb_sectors;
|
|
|
|
|
2024-02-20 19:05:20 +03:00
|
|
|
s->blk = dev->conf.blk;
|
2011-05-16 17:04:52 +04:00
|
|
|
s->drive_kind = kind;
|
|
|
|
|
2024-02-20 19:05:20 +03:00
|
|
|
blk_get_geometry(s->blk, &nb_sectors);
|
2024-02-20 19:09:30 +03:00
|
|
|
s->win2k_install_hack = dev->win2k_install_hack;
|
2024-02-20 19:05:20 +03:00
|
|
|
s->cylinders = dev->conf.cyls;
|
|
|
|
s->heads = s->drive_heads = dev->conf.heads;
|
|
|
|
s->sectors = s->drive_sectors = dev->conf.secs;
|
|
|
|
s->chs_trans = dev->chs_trans;
|
2010-06-01 22:32:28 +04:00
|
|
|
s->nb_sectors = nb_sectors;
|
2024-02-20 19:05:20 +03:00
|
|
|
s->wwn = dev->wwn;
|
2010-06-01 22:32:28 +04:00
|
|
|
/* The SMART values should be preserved across power cycles
|
|
|
|
but they aren't. */
|
|
|
|
s->smart_enabled = 1;
|
|
|
|
s->smart_autosave = 1;
|
|
|
|
s->smart_errors = 0;
|
|
|
|
s->smart_selftest_count = 0;
|
2011-05-16 17:04:52 +04:00
|
|
|
if (kind == IDE_CD) {
|
2024-02-20 19:05:20 +03:00
|
|
|
blk_set_dev_ops(s->blk, &ide_cd_block_ops, s);
|
2010-06-28 21:10:36 +04:00
|
|
|
} else {
|
2014-10-07 15:59:18 +04:00
|
|
|
if (!blk_is_inserted(s->blk)) {
|
2017-09-18 17:05:13 +03:00
|
|
|
error_setg(errp, "Device needs media, but drive is empty");
|
2010-07-06 16:37:44 +04:00
|
|
|
return -1;
|
|
|
|
}
|
2024-02-20 19:05:20 +03:00
|
|
|
if (!blk_is_writable(s->blk)) {
|
2017-09-18 17:05:13 +03:00
|
|
|
error_setg(errp, "Can't use a read-only drive");
|
2010-06-28 21:10:36 +04:00
|
|
|
return -1;
|
|
|
|
}
|
2024-02-20 19:05:20 +03:00
|
|
|
blk_set_dev_ops(s->blk, &ide_hd_block_ops, s);
|
2009-09-15 23:23:30 +04:00
|
|
|
}
|
2024-02-20 19:05:20 +03:00
|
|
|
if (dev->serial) {
|
|
|
|
pstrcpy(s->drive_serial_str, sizeof(s->drive_serial_str), dev->serial);
|
2010-06-01 22:32:32 +04:00
|
|
|
} else {
|
2009-09-15 23:23:30 +04:00
|
|
|
snprintf(s->drive_serial_str, sizeof(s->drive_serial_str),
|
|
|
|
"QM%05d", s->drive_serial);
|
2010-06-01 22:32:28 +04:00
|
|
|
}
|
2024-02-20 19:05:20 +03:00
|
|
|
if (dev->model) {
|
|
|
|
pstrcpy(s->drive_model_str, sizeof(s->drive_model_str), dev->model);
|
2012-03-13 00:05:09 +04:00
|
|
|
} else {
|
|
|
|
switch (kind) {
|
|
|
|
case IDE_CD:
|
|
|
|
strcpy(s->drive_model_str, "QEMU DVD-ROM");
|
|
|
|
break;
|
|
|
|
case IDE_CFATA:
|
|
|
|
strcpy(s->drive_model_str, "QEMU MICRODRIVE");
|
|
|
|
break;
|
|
|
|
default:
|
|
|
|
strcpy(s->drive_model_str, "QEMU HARDDISK");
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2024-02-20 19:05:20 +03:00
|
|
|
if (dev->version) {
|
|
|
|
pstrcpy(s->version, sizeof(s->version), dev->version);
|
2010-01-14 16:44:12 +03:00
|
|
|
} else {
|
2015-10-30 22:36:08 +03:00
|
|
|
pstrcpy(s->version, sizeof(s->version), qemu_hw_version());
|
2010-01-14 16:44:12 +03:00
|
|
|
}
|
2010-12-15 02:23:00 +03:00
|
|
|
|
2009-09-15 23:23:30 +04:00
|
|
|
ide_reset(s);
|
2024-02-20 19:05:20 +03:00
|
|
|
blk_iostatus_enable(s->blk);
|
2010-06-28 21:07:51 +04:00
|
|
|
return 0;
|
2009-09-15 23:23:30 +04:00
|
|
|
}
|
|
|
|
|
2010-06-01 22:32:29 +04:00
|
|
|
static void ide_init1(IDEBus *bus, int unit)
|
2010-05-28 17:38:47 +04:00
|
|
|
{
|
|
|
|
static int drive_serial = 1;
|
|
|
|
IDEState *s = &bus->ifs[unit];
|
|
|
|
|
|
|
|
s->bus = bus;
|
|
|
|
s->unit = unit;
|
|
|
|
s->drive_serial = drive_serial++;
|
2010-09-13 01:44:00 +04:00
|
|
|
/* we need at least 2k alignment for accessing CDROMs using O_DIRECT */
|
2010-07-26 23:38:44 +04:00
|
|
|
s->io_buffer_total_len = IDE_DMA_BUF_SECTORS*512 + 4;
|
2011-07-04 16:43:58 +04:00
|
|
|
s->io_buffer = qemu_memalign(2048, s->io_buffer_total_len);
|
|
|
|
memset(s->io_buffer, 0, s->io_buffer_total_len);
|
|
|
|
|
2014-10-07 15:59:18 +04:00
|
|
|
s->smart_selftest_data = blk_blockalign(s->blk, 512);
|
2011-07-04 16:43:58 +04:00
|
|
|
memset(s->smart_selftest_data, 0, 512);
|
|
|
|
|
2013-08-21 19:03:08 +04:00
|
|
|
s->sector_write_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL,
|
2010-05-28 17:38:47 +04:00
|
|
|
ide_sector_write_timer_cb, s);
|
2010-06-01 22:32:29 +04:00
|
|
|
}
|
|
|
|
|
2020-05-12 22:49:17 +03:00
|
|
|
static int ide_nop_int(const IDEDMA *dma, bool is_write)
|
2010-12-15 02:23:00 +03:00
|
|
|
{
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2020-05-12 22:49:17 +03:00
|
|
|
static void ide_nop(const IDEDMA *dma)
|
2015-02-23 19:17:55 +03:00
|
|
|
{
|
|
|
|
}
|
|
|
|
|
2020-05-12 22:49:17 +03:00
|
|
|
static int32_t ide_nop_int32(const IDEDMA *dma, int32_t l)
|
ide: Correct handling of malformed/short PRDTs
This impacts both BMDMA and AHCI HBA interfaces for IDE.
Currently, we confuse the difference between a PRDT having
"0 bytes" and a PRDT having "0 complete sectors."
When we receive an incomplete sector, inconsistent error checking
leads to an infinite loop wherein the call succeeds, but it
didn't give us enough bytes -- leading us to re-call the
DMA chain over and over again. This leads to, in the BMDMA case,
leaked memory for short PRDTs, and infinite loops and resource
usage in the AHCI case.
The .prepare_buf() callback is reworked to return the number of
bytes that it successfully prepared. 0 is a valid, non-error
answer that means the table was empty and described no bytes.
-1 indicates an error.
Our current implementation uses the io_buffer in IDEState to
ultimately describe the size of a prepared scatter-gather list.
Even though the AHCI PRDT/SGList can be as large as 256GiB, the
AHCI command header limits transactions to just 4GiB. ATA8-ACS3,
however, defines the largest transaction to be an LBA48 command
that transfers 65,536 sectors. With a 512 byte sector size, this
is just 32MiB.
Since our current state structures use the int type to describe
the size of the buffer, and this state is migrated as int32, we
are limited to describing 2GiB buffer sizes unless we change the
migration protocol.
For this reason, this patch begins to unify the assertions in the
IDE pathways that the scatter-gather list provided by either the
AHCI PRDT or the PCI BMDMA PRDs can only describe, at a maximum,
2GiB. This should be resilient enough unless we need a sector
size that exceeds 32KiB.
Further, the likelihood of any guest operating system actually
attempting to transfer this much data in a single operation is
very slim.
To this end, the IDEState variables have been updated to more
explicitly clarify our maximum supported size. Callers to the
prepare_buf callback have been reworked to understand the new
return code, and all versions of the prepare_buf callback have
been adjusted accordingly.
Lastly, the ahci_populate_sglist helper, relied upon by the
AHCI implementation of .prepare_buf() as well as the PCI
implementation of the callback have had overflow assertions
added to help make clear the reasonings behind the various
type changes.
[Added %d -> %"PRId64" fix John sent because off_pos changed from int to
int64_t.
--Stefan]
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 1414785819-26209-4-git-send-email-jsnow@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-10-31 23:03:39 +03:00
|
|
|
{
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2010-12-15 02:23:00 +03:00
|
|
|
static const IDEDMAOps ide_dma_nop_ops = {
|
ide: Correct handling of malformed/short PRDTs
This impacts both BMDMA and AHCI HBA interfaces for IDE.
Currently, we confuse the difference between a PRDT having
"0 bytes" and a PRDT having "0 complete sectors."
When we receive an incomplete sector, inconsistent error checking
leads to an infinite loop wherein the call succeeds, but it
didn't give us enough bytes -- leading us to re-call the
DMA chain over and over again. This leads to, in the BMDMA case,
leaked memory for short PRDTs, and infinite loops and resource
usage in the AHCI case.
The .prepare_buf() callback is reworked to return the number of
bytes that it successfully prepared. 0 is a valid, non-error
answer that means the table was empty and described no bytes.
-1 indicates an error.
Our current implementation uses the io_buffer in IDEState to
ultimately describe the size of a prepared scatter-gather list.
Even though the AHCI PRDT/SGList can be as large as 256GiB, the
AHCI command header limits transactions to just 4GiB. ATA8-ACS3,
however, defines the largest transaction to be an LBA48 command
that transfers 65,536 sectors. With a 512 byte sector size, this
is just 32MiB.
Since our current state structures use the int type to describe
the size of the buffer, and this state is migrated as int32, we
are limited to describing 2GiB buffer sizes unless we change the
migration protocol.
For this reason, this patch begins to unify the assertions in the
IDE pathways that the scatter-gather list provided by either the
AHCI PRDT or the PCI BMDMA PRDs can only describe, at a maximum,
2GiB. This should be resilient enough unless we need a sector
size that exceeds 32KiB.
Further, the likelihood of any guest operating system actually
attempting to transfer this much data in a single operation is
very slim.
To this end, the IDEState variables have been updated to more
explicitly clarify our maximum supported size. Callers to the
prepare_buf callback have been reworked to understand the new
return code, and all versions of the prepare_buf callback have
been adjusted accordingly.
Lastly, the ahci_populate_sglist helper, relied upon by the
AHCI implementation of .prepare_buf() as well as the PCI
implementation of the callback have had overflow assertions
added to help make clear the reasonings behind the various
type changes.
[Added %d -> %"PRId64" fix John sent because off_pos changed from int to
int64_t.
--Stefan]
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 1414785819-26209-4-git-send-email-jsnow@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-10-31 23:03:39 +03:00
|
|
|
.prepare_buf = ide_nop_int32,
|
2015-02-23 19:17:55 +03:00
|
|
|
.restart_dma = ide_nop,
|
2010-12-15 02:23:00 +03:00
|
|
|
.rw_buf = ide_nop_int,
|
|
|
|
};
|
|
|
|
|
2015-02-23 19:17:55 +03:00
|
|
|
static void ide_restart_dma(IDEState *s, enum ide_dma_cmd dma_cmd)
|
|
|
|
{
|
2015-02-23 19:17:57 +03:00
|
|
|
s->unit = s->bus->retry_unit;
|
2015-02-23 19:17:58 +03:00
|
|
|
ide_set_sector(s, s->bus->retry_sector_num);
|
|
|
|
s->nsector = s->bus->retry_nsector;
|
2015-02-23 19:17:55 +03:00
|
|
|
s->bus->dma->ops->restart_dma(s->bus->dma);
|
|
|
|
s->io_buffer_size = 0;
|
|
|
|
s->dma_cmd = dma_cmd;
|
|
|
|
ide_start_dma(s, ide_dma_cb);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void ide_restart_bh(void *opaque)
|
|
|
|
{
|
|
|
|
IDEBus *bus = opaque;
|
|
|
|
IDEState *s;
|
|
|
|
bool is_read;
|
|
|
|
int error_status;
|
|
|
|
|
|
|
|
qemu_bh_delete(bus->bh);
|
|
|
|
bus->bh = NULL;
|
|
|
|
|
|
|
|
error_status = bus->error_status;
|
|
|
|
if (bus->error_status == 0) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2023-02-09 13:33:08 +03:00
|
|
|
s = ide_bus_active_if(bus);
|
2015-02-23 19:17:55 +03:00
|
|
|
is_read = (bus->error_status & IDE_RETRY_READ) != 0;
|
|
|
|
|
|
|
|
/* The error status must be cleared before resubmitting the request: The
|
|
|
|
* request may fail again, and this case can only be distinguished if the
|
|
|
|
* called function can set a new error status. */
|
|
|
|
bus->error_status = 0;
|
|
|
|
|
2015-07-04 09:06:04 +03:00
|
|
|
/* The HBA has generically asked to be kicked on retry */
|
|
|
|
if (error_status & IDE_RETRY_HBA) {
|
|
|
|
if (s->bus->dma->ops->restart) {
|
|
|
|
s->bus->dma->ops->restart(s->bus->dma);
|
|
|
|
}
|
2016-04-13 01:48:15 +03:00
|
|
|
} else if (IS_IDE_RETRY_DMA(error_status)) {
|
2015-02-23 19:17:55 +03:00
|
|
|
if (error_status & IDE_RETRY_TRIM) {
|
|
|
|
ide_restart_dma(s, IDE_DMA_TRIM);
|
|
|
|
} else {
|
|
|
|
ide_restart_dma(s, is_read ? IDE_DMA_READ : IDE_DMA_WRITE);
|
|
|
|
}
|
2016-04-13 01:48:15 +03:00
|
|
|
} else if (IS_IDE_RETRY_PIO(error_status)) {
|
2015-02-23 19:17:55 +03:00
|
|
|
if (is_read) {
|
|
|
|
ide_sector_read(s);
|
|
|
|
} else {
|
|
|
|
ide_sector_write(s);
|
|
|
|
}
|
|
|
|
} else if (error_status & IDE_RETRY_FLUSH) {
|
|
|
|
ide_flush_cache(s);
|
2016-04-13 01:48:15 +03:00
|
|
|
} else if (IS_IDE_RETRY_ATAPI(error_status)) {
|
|
|
|
assert(s->end_transfer_func == ide_atapi_cmd);
|
|
|
|
ide_atapi_dma_restart(s);
|
2015-02-23 19:17:55 +03:00
|
|
|
} else {
|
2016-04-13 01:48:15 +03:00
|
|
|
abort();
|
2015-02-23 19:17:55 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-01-11 18:20:20 +03:00
|
|
|
static void ide_restart_cb(void *opaque, bool running, RunState state)
|
2015-02-23 19:17:55 +03:00
|
|
|
{
|
|
|
|
IDEBus *bus = opaque;
|
|
|
|
|
|
|
|
if (!running)
|
|
|
|
return;
|
|
|
|
|
|
|
|
if (!bus->bh) {
|
|
|
|
bus->bh = qemu_bh_new(ide_restart_bh, bus);
|
|
|
|
qemu_bh_schedule(bus->bh);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2023-02-14 18:33:38 +03:00
|
|
|
void ide_bus_register_restart_cb(IDEBus *bus)
|
2015-02-23 19:17:52 +03:00
|
|
|
{
|
2015-02-23 19:17:55 +03:00
|
|
|
if (bus->dma->ops->restart_dma) {
|
2016-09-27 19:53:32 +03:00
|
|
|
bus->vmstate = qemu_add_vm_change_state_handler(ide_restart_cb, bus);
|
2015-02-23 19:17:55 +03:00
|
|
|
}
|
2015-02-23 19:17:52 +03:00
|
|
|
}
|
|
|
|
|
2010-12-15 02:23:00 +03:00
|
|
|
static IDEDMA ide_dma_nop = {
|
|
|
|
.ops = &ide_dma_nop_ops,
|
|
|
|
.aiocb = NULL,
|
|
|
|
};
|
|
|
|
|
2023-02-09 13:27:23 +03:00
|
|
|
void ide_bus_init_output_irq(IDEBus *bus, qemu_irq irq_out)
|
2010-06-01 22:32:29 +04:00
|
|
|
{
|
|
|
|
int i;
|
|
|
|
|
|
|
|
for(i = 0; i < 2; i++) {
|
|
|
|
ide_init1(bus, i);
|
|
|
|
ide_reset(&bus->ifs[i]);
|
2010-06-01 22:32:28 +04:00
|
|
|
}
|
2023-02-09 13:27:23 +03:00
|
|
|
bus->irq = irq_out;
|
2010-12-15 02:23:00 +03:00
|
|
|
bus->dma = &ide_dma_nop;
|
2010-05-28 17:38:47 +04:00
|
|
|
}
|
|
|
|
|
2023-02-09 13:33:47 +03:00
|
|
|
void ide_bus_set_irq(IDEBus *bus)
|
2023-02-10 01:01:55 +03:00
|
|
|
{
|
|
|
|
if (!(bus->cmd & IDE_CTRL_DISABLE_IRQ)) {
|
|
|
|
qemu_irq_raise(bus->irq);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-03-16 03:50:14 +03:00
|
|
|
void ide_exit(IDEState *s)
|
|
|
|
{
|
|
|
|
timer_free(s->sector_write_timer);
|
|
|
|
qemu_vfree(s->smart_selftest_data);
|
|
|
|
qemu_vfree(s->io_buffer);
|
|
|
|
}
|
|
|
|
|
2009-10-07 19:59:47 +04:00
|
|
|
static bool is_identify_set(void *opaque, int version_id)
|
2007-05-24 22:50:09 +04:00
|
|
|
{
|
2009-10-07 19:59:47 +04:00
|
|
|
IDEState *s = opaque;
|
|
|
|
|
|
|
|
return s->identify_set != 0;
|
|
|
|
}
|
|
|
|
|
2010-07-26 23:38:44 +04:00
|
|
|
static EndTransferFunc* transfer_end_table[] = {
|
|
|
|
ide_sector_read,
|
|
|
|
ide_sector_write,
|
|
|
|
ide_transfer_stop,
|
|
|
|
ide_atapi_cmd_reply_end,
|
|
|
|
ide_atapi_cmd,
|
|
|
|
ide_dummy_transfer_stop,
|
|
|
|
};
|
|
|
|
|
|
|
|
static int transfer_end_table_idx(EndTransferFunc *fn)
|
|
|
|
{
|
|
|
|
int i;
|
|
|
|
|
|
|
|
for (i = 0; i < ARRAY_SIZE(transfer_end_table); i++)
|
|
|
|
if (transfer_end_table[i] == fn)
|
|
|
|
return i;
|
|
|
|
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
2009-10-07 19:59:47 +04:00
|
|
|
static int ide_drive_post_load(void *opaque, int version_id)
|
2007-05-24 22:50:09 +04:00
|
|
|
{
|
2009-10-07 19:59:47 +04:00
|
|
|
IDEState *s = opaque;
|
|
|
|
|
2014-11-18 00:20:39 +03:00
|
|
|
if (s->blk && s->identify_set) {
|
2014-10-07 15:59:18 +04:00
|
|
|
blk_set_enable_write_cache(s->blk, !!(s->identify_data[85] & (1 << 5)));
|
2012-06-06 02:04:54 +04:00
|
|
|
}
|
2009-10-07 19:59:47 +04:00
|
|
|
return 0;
|
2007-05-24 22:50:09 +04:00
|
|
|
}
|
|
|
|
|
2010-07-26 23:38:44 +04:00
|
|
|
static int ide_drive_pio_post_load(void *opaque, int version_id)
|
|
|
|
{
|
|
|
|
IDEState *s = opaque;
|
|
|
|
|
2011-10-26 13:52:47 +04:00
|
|
|
if (s->end_transfer_fn_idx >= ARRAY_SIZE(transfer_end_table)) {
|
2010-07-26 23:38:44 +04:00
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
s->end_transfer_func = transfer_end_table[s->end_transfer_fn_idx];
|
|
|
|
s->data_ptr = s->io_buffer + s->cur_io_buffer_offset;
|
|
|
|
s->data_end = s->data_ptr + s->cur_io_buffer_len;
|
2014-12-09 21:15:08 +03:00
|
|
|
s->atapi_dma = s->feature & 1; /* as per cmd_packet */
|
2010-07-26 23:38:44 +04:00
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2017-09-25 14:29:12 +03:00
|
|
|
static int ide_drive_pio_pre_save(void *opaque)
|
2010-07-26 23:38:44 +04:00
|
|
|
{
|
|
|
|
IDEState *s = opaque;
|
|
|
|
int idx;
|
|
|
|
|
|
|
|
s->cur_io_buffer_offset = s->data_ptr - s->io_buffer;
|
|
|
|
s->cur_io_buffer_len = s->data_end - s->data_ptr;
|
|
|
|
|
|
|
|
idx = transfer_end_table_idx(s->end_transfer_func);
|
|
|
|
if (idx == -1) {
|
|
|
|
fprintf(stderr, "%s: invalid end_transfer_func for DRQ_STAT\n",
|
|
|
|
__func__);
|
|
|
|
s->end_transfer_fn_idx = 2;
|
|
|
|
} else {
|
|
|
|
s->end_transfer_fn_idx = idx;
|
|
|
|
}
|
2017-09-25 14:29:12 +03:00
|
|
|
|
|
|
|
return 0;
|
2010-07-26 23:38:44 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
static bool ide_drive_pio_state_needed(void *opaque)
|
|
|
|
{
|
|
|
|
IDEState *s = opaque;
|
|
|
|
|
2011-06-09 16:12:57 +04:00
|
|
|
return ((s->status & DRQ_STAT) != 0)
|
2014-08-05 01:11:14 +04:00
|
|
|
|| (s->bus->error_status & IDE_RETRY_PIO);
|
2010-07-26 23:38:44 +04:00
|
|
|
}
|
|
|
|
|
2011-09-06 20:58:50 +04:00
|
|
|
static bool ide_tray_state_needed(void *opaque)
|
|
|
|
{
|
|
|
|
IDEState *s = opaque;
|
|
|
|
|
|
|
|
return s->tray_open || s->tray_locked;
|
|
|
|
}
|
|
|
|
|
2011-04-12 20:06:07 +04:00
|
|
|
static bool ide_atapi_gesn_needed(void *opaque)
|
|
|
|
{
|
|
|
|
IDEState *s = opaque;
|
|
|
|
|
|
|
|
return s->events.new_media || s->events.eject_request;
|
|
|
|
}
|
|
|
|
|
2011-05-26 17:00:34 +04:00
|
|
|
static bool ide_error_needed(void *opaque)
|
|
|
|
{
|
|
|
|
IDEBus *bus = opaque;
|
|
|
|
|
|
|
|
return (bus->error_status != 0);
|
|
|
|
}
|
|
|
|
|
2011-04-12 20:06:07 +04:00
|
|
|
/* Fields for GET_EVENT_STATUS_NOTIFICATION ATAPI command */
|
2011-08-03 17:08:04 +04:00
|
|
|
static const VMStateDescription vmstate_ide_atapi_gesn_state = {
|
2011-04-12 20:06:07 +04:00
|
|
|
.name ="ide_drive/atapi/gesn_state",
|
|
|
|
.version_id = 1,
|
|
|
|
.minimum_version_id = 1,
|
2014-09-23 16:09:54 +04:00
|
|
|
.needed = ide_atapi_gesn_needed,
|
2023-12-21 06:16:13 +03:00
|
|
|
.fields = (const VMStateField[]) {
|
2011-04-12 20:06:07 +04:00
|
|
|
VMSTATE_BOOL(events.new_media, IDEState),
|
|
|
|
VMSTATE_BOOL(events.eject_request, IDEState),
|
2011-06-09 16:15:18 +04:00
|
|
|
VMSTATE_END_OF_LIST()
|
2011-04-12 20:06:07 +04:00
|
|
|
}
|
|
|
|
};
|
|
|
|
|
2011-09-06 20:58:50 +04:00
|
|
|
static const VMStateDescription vmstate_ide_tray_state = {
|
|
|
|
.name = "ide_drive/tray_state",
|
|
|
|
.version_id = 1,
|
|
|
|
.minimum_version_id = 1,
|
2014-09-23 16:09:54 +04:00
|
|
|
.needed = ide_tray_state_needed,
|
2023-12-21 06:16:13 +03:00
|
|
|
.fields = (const VMStateField[]) {
|
2011-09-06 20:58:50 +04:00
|
|
|
VMSTATE_BOOL(tray_open, IDEState),
|
|
|
|
VMSTATE_BOOL(tray_locked, IDEState),
|
|
|
|
VMSTATE_END_OF_LIST()
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
2011-08-03 17:08:04 +04:00
|
|
|
static const VMStateDescription vmstate_ide_drive_pio_state = {
|
2010-07-26 23:38:44 +04:00
|
|
|
.name = "ide_drive/pio_state",
|
|
|
|
.version_id = 1,
|
|
|
|
.minimum_version_id = 1,
|
|
|
|
.pre_save = ide_drive_pio_pre_save,
|
|
|
|
.post_load = ide_drive_pio_post_load,
|
2014-09-23 16:09:54 +04:00
|
|
|
.needed = ide_drive_pio_state_needed,
|
2023-12-21 06:16:13 +03:00
|
|
|
.fields = (const VMStateField[]) {
|
2010-07-26 23:38:44 +04:00
|
|
|
VMSTATE_INT32(req_nb_sectors, IDEState),
|
|
|
|
VMSTATE_VARRAY_INT32(io_buffer, IDEState, io_buffer_total_len, 1,
|
2018-12-14 01:37:37 +03:00
|
|
|
vmstate_info_uint8, uint8_t),
|
2010-07-26 23:38:44 +04:00
|
|
|
VMSTATE_INT32(cur_io_buffer_offset, IDEState),
|
|
|
|
VMSTATE_INT32(cur_io_buffer_len, IDEState),
|
|
|
|
VMSTATE_UINT8(end_transfer_fn_idx, IDEState),
|
|
|
|
VMSTATE_INT32(elementary_transfer_size, IDEState),
|
|
|
|
VMSTATE_INT32(packet_transfer_size, IDEState),
|
|
|
|
VMSTATE_END_OF_LIST()
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
2009-10-07 19:59:47 +04:00
|
|
|
const VMStateDescription vmstate_ide_drive = {
|
|
|
|
.name = "ide_drive",
|
2010-07-26 23:38:41 +04:00
|
|
|
.version_id = 3,
|
2009-10-07 19:59:47 +04:00
|
|
|
.minimum_version_id = 0,
|
|
|
|
.post_load = ide_drive_post_load,
|
2023-12-21 06:16:13 +03:00
|
|
|
.fields = (const VMStateField[]) {
|
2009-10-07 19:59:47 +04:00
|
|
|
VMSTATE_INT32(mult_sectors, IDEState),
|
|
|
|
VMSTATE_INT32(identify_set, IDEState),
|
|
|
|
VMSTATE_BUFFER_TEST(identify_data, IDEState, is_identify_set),
|
|
|
|
VMSTATE_UINT8(feature, IDEState),
|
|
|
|
VMSTATE_UINT8(error, IDEState),
|
|
|
|
VMSTATE_UINT32(nsector, IDEState),
|
|
|
|
VMSTATE_UINT8(sector, IDEState),
|
|
|
|
VMSTATE_UINT8(lcyl, IDEState),
|
|
|
|
VMSTATE_UINT8(hcyl, IDEState),
|
|
|
|
VMSTATE_UINT8(hob_feature, IDEState),
|
|
|
|
VMSTATE_UINT8(hob_sector, IDEState),
|
|
|
|
VMSTATE_UINT8(hob_nsector, IDEState),
|
|
|
|
VMSTATE_UINT8(hob_lcyl, IDEState),
|
|
|
|
VMSTATE_UINT8(hob_hcyl, IDEState),
|
|
|
|
VMSTATE_UINT8(select, IDEState),
|
|
|
|
VMSTATE_UINT8(status, IDEState),
|
|
|
|
VMSTATE_UINT8(lba48, IDEState),
|
|
|
|
VMSTATE_UINT8(sense_key, IDEState),
|
|
|
|
VMSTATE_UINT8(asc, IDEState),
|
|
|
|
VMSTATE_UINT8_V(cdrom_changed, IDEState, 3),
|
|
|
|
VMSTATE_END_OF_LIST()
|
2010-07-26 23:38:44 +04:00
|
|
|
},
|
2023-12-21 06:16:13 +03:00
|
|
|
.subsections = (const VMStateDescription * const []) {
|
2014-09-23 16:09:54 +04:00
|
|
|
&vmstate_ide_drive_pio_state,
|
|
|
|
&vmstate_ide_tray_state,
|
|
|
|
&vmstate_ide_atapi_gesn_state,
|
|
|
|
NULL
|
2009-10-07 19:59:47 +04:00
|
|
|
}
|
|
|
|
};
|
|
|
|
|
2011-08-03 17:08:04 +04:00
|
|
|
static const VMStateDescription vmstate_ide_error_status = {
|
2011-05-26 17:00:34 +04:00
|
|
|
.name ="ide_bus/error",
|
2015-02-23 19:17:59 +03:00
|
|
|
.version_id = 2,
|
2011-05-26 17:00:34 +04:00
|
|
|
.minimum_version_id = 1,
|
2014-09-23 16:09:54 +04:00
|
|
|
.needed = ide_error_needed,
|
2023-12-21 06:16:13 +03:00
|
|
|
.fields = (const VMStateField[]) {
|
2011-05-26 17:00:34 +04:00
|
|
|
VMSTATE_INT32(error_status, IDEBus),
|
2015-02-23 19:17:59 +03:00
|
|
|
VMSTATE_INT64_V(retry_sector_num, IDEBus, 2),
|
|
|
|
VMSTATE_UINT32_V(retry_nsector, IDEBus, 2),
|
|
|
|
VMSTATE_UINT8_V(retry_unit, IDEBus, 2),
|
2011-05-26 17:00:34 +04:00
|
|
|
VMSTATE_END_OF_LIST()
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
2009-10-07 19:24:31 +04:00
|
|
|
const VMStateDescription vmstate_ide_bus = {
|
|
|
|
.name = "ide_bus",
|
|
|
|
.version_id = 1,
|
|
|
|
.minimum_version_id = 1,
|
2023-12-21 06:16:13 +03:00
|
|
|
.fields = (const VMStateField[]) {
|
2009-10-07 19:24:31 +04:00
|
|
|
VMSTATE_UINT8(cmd, IDEBus),
|
|
|
|
VMSTATE_UINT8(unit, IDEBus),
|
|
|
|
VMSTATE_END_OF_LIST()
|
2011-05-26 17:00:34 +04:00
|
|
|
},
|
2023-12-21 06:16:13 +03:00
|
|
|
.subsections = (const VMStateDescription * const []) {
|
2014-09-23 16:09:54 +04:00
|
|
|
&vmstate_ide_error_status,
|
|
|
|
NULL
|
2009-10-07 19:24:31 +04:00
|
|
|
}
|
|
|
|
};
|
2011-04-03 15:32:46 +04:00
|
|
|
|
2014-10-01 22:19:27 +04:00
|
|
|
void ide_drive_get(DriveInfo **hd, int n)
|
2011-04-03 15:32:46 +04:00
|
|
|
{
|
|
|
|
int i;
|
|
|
|
|
2014-10-01 22:19:27 +04:00
|
|
|
for (i = 0; i < n; i++) {
|
|
|
|
hd[i] = drive_get_by_index(IF_IDE, i);
|
2011-04-03 15:32:46 +04:00
|
|
|
}
|
|
|
|
}
|