VirtualBox

source: vbox/trunk/src/VBox/Devices/Storage/ATAController.cpp@ 25963

Last change on this file since 25963 was 25900, checked in by vboxsync, 15 years ago

Same goes for the write handler and the duplicate ATAController code.

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 202.2 KB
Line 
1/* $Id: ATAController.cpp 25900 2010-01-18 15:39:35Z vboxsync $ */
2/** @file
3 * DevATA, DevAHCI - Shared ATA/ATAPI controller code (disk and cdrom).
4 *
5 * @todo Actually share this code?
6 */
7
8/*
9 * Copyright (C) 2006-2009 Sun Microsystems, Inc.
10 *
11 * This file is part of VirtualBox Open Source Edition (OSE), as
12 * available from http://www.virtualbox.org. This file is free software;
13 * you can redistribute it and/or modify it under the terms of the GNU
14 * General Public License (GPL) as published by the Free Software
15 * Foundation, in version 2 as it comes in the "COPYING" file of the
16 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
17 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
18 *
19 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa
20 * Clara, CA 95054 USA or visit http://www.sun.com if you need
21 * additional information or have any questions.
22 */
23
24/*******************************************************************************
25* Header Files *
26*******************************************************************************/
27#define LOG_GROUP LOG_GROUP_DEV_IDE
28#include <VBox/pdmdev.h>
29#include <iprt/assert.h>
30#include <iprt/string.h>
31#ifdef IN_RING3
32# include <iprt/uuid.h>
33# include <iprt/semaphore.h>
34# include <iprt/thread.h>
35# include <iprt/time.h>
36# include <iprt/alloc.h>
37#endif /* IN_RING3 */
38#include <iprt/critsect.h>
39#include <iprt/asm.h>
40#include <VBox/stam.h>
41#include <VBox/mm.h>
42#include <VBox/pgm.h>
43
44#include <VBox/scsi.h>
45
46#include "ATAController.h"
47#include "PIIX3ATABmDma.h"
48#include "ide.h"
49
50/**
51 * The SSM saved state version.
52 */
53#define ATA_CTL_SAVED_STATE_VERSION 3
54#define ATA_CTL_SAVED_STATE_VERSION_WITHOUT_FULL_SENSE 1
55#define ATA_CTL_SAVED_STATE_VERSION_WITHOUT_EVENT_STATUS 2
56
57#ifndef VBOX_DEVICE_STRUCT_TESTCASE
58
59DECLINLINE(void) ataSetStatusValue(AHCIATADevState *s, uint8_t stat)
60{
61 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
62
63 /* Freeze status register contents while processing RESET. */
64 if (!pCtl->fReset)
65 {
66 s->uATARegStatus = stat;
67 Log2(("%s: LUN#%d status %#04x\n", __FUNCTION__, s->iLUN, s->uATARegStatus));
68 }
69}
70
71
72DECLINLINE(void) ataSetStatus(AHCIATADevState *s, uint8_t stat)
73{
74 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
75
76 /* Freeze status register contents while processing RESET. */
77 if (!pCtl->fReset)
78 {
79 s->uATARegStatus |= stat;
80 Log2(("%s: LUN#%d status %#04x\n", __FUNCTION__, s->iLUN, s->uATARegStatus));
81 }
82}
83
84
85DECLINLINE(void) ataUnsetStatus(AHCIATADevState *s, uint8_t stat)
86{
87 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
88
89 /* Freeze status register contents while processing RESET. */
90 if (!pCtl->fReset)
91 {
92 s->uATARegStatus &= ~stat;
93 Log2(("%s: LUN#%d status %#04x\n", __FUNCTION__, s->iLUN, s->uATARegStatus));
94 }
95}
96
97#ifdef IN_RING3
98
99typedef void (*PBeginTransferFunc)(AHCIATADevState *);
100typedef bool (*PSourceSinkFunc)(AHCIATADevState *);
101
102static void ataReadWriteSectorsBT(AHCIATADevState *);
103static void ataPacketBT(AHCIATADevState *);
104static void atapiCmdBT(AHCIATADevState *);
105static void atapiPassthroughCmdBT(AHCIATADevState *);
106
107static bool ataIdentifySS(AHCIATADevState *);
108static bool ataFlushSS(AHCIATADevState *);
109static bool ataReadSectorsSS(AHCIATADevState *);
110static bool ataWriteSectorsSS(AHCIATADevState *);
111static bool ataExecuteDeviceDiagnosticSS(AHCIATADevState *);
112static bool ataPacketSS(AHCIATADevState *);
113static bool atapiGetConfigurationSS(AHCIATADevState *);
114static bool atapiGetEventStatusNotificationSS(AHCIATADevState *);
115static bool atapiIdentifySS(AHCIATADevState *);
116static bool atapiInquirySS(AHCIATADevState *);
117static bool atapiMechanismStatusSS(AHCIATADevState *);
118static bool atapiModeSenseErrorRecoverySS(AHCIATADevState *);
119static bool atapiModeSenseCDStatusSS(AHCIATADevState *);
120static bool atapiReadSS(AHCIATADevState *);
121static bool atapiReadCapacitySS(AHCIATADevState *);
122static bool atapiReadDiscInformationSS(AHCIATADevState *);
123static bool atapiReadTOCNormalSS(AHCIATADevState *);
124static bool atapiReadTOCMultiSS(AHCIATADevState *);
125static bool atapiReadTOCRawSS(AHCIATADevState *);
126static bool atapiReadTrackInformationSS(AHCIATADevState *);
127static bool atapiRequestSenseSS(AHCIATADevState *);
128static bool atapiPassthroughSS(AHCIATADevState *);
129
130/**
131 * Begin of transfer function indexes for g_apfnBeginTransFuncs.
132 */
133typedef enum ATAFNBT
134{
135 ATAFN_BT_NULL = 0,
136 ATAFN_BT_READ_WRITE_SECTORS,
137 ATAFN_BT_PACKET,
138 ATAFN_BT_ATAPI_CMD,
139 ATAFN_BT_ATAPI_PASSTHROUGH_CMD,
140 ATAFN_BT_MAX
141} ATAFNBT;
142
143/**
144 * Array of end transfer functions, the index is ATAFNET.
145 * Make sure ATAFNET and this array match!
146 */
147static const PBeginTransferFunc g_apfnBeginTransFuncs[ATAFN_BT_MAX] =
148{
149 NULL,
150 ataReadWriteSectorsBT,
151 ataPacketBT,
152 atapiCmdBT,
153 atapiPassthroughCmdBT,
154};
155
156/**
157 * Source/sink function indexes for g_apfnSourceSinkFuncs.
158 */
159typedef enum ATAFNSS
160{
161 ATAFN_SS_NULL = 0,
162 ATAFN_SS_IDENTIFY,
163 ATAFN_SS_FLUSH,
164 ATAFN_SS_READ_SECTORS,
165 ATAFN_SS_WRITE_SECTORS,
166 ATAFN_SS_EXECUTE_DEVICE_DIAGNOSTIC,
167 ATAFN_SS_PACKET,
168 ATAFN_SS_ATAPI_GET_CONFIGURATION,
169 ATAFN_SS_ATAPI_GET_EVENT_STATUS_NOTIFICATION,
170 ATAFN_SS_ATAPI_IDENTIFY,
171 ATAFN_SS_ATAPI_INQUIRY,
172 ATAFN_SS_ATAPI_MECHANISM_STATUS,
173 ATAFN_SS_ATAPI_MODE_SENSE_ERROR_RECOVERY,
174 ATAFN_SS_ATAPI_MODE_SENSE_CD_STATUS,
175 ATAFN_SS_ATAPI_READ,
176 ATAFN_SS_ATAPI_READ_CAPACITY,
177 ATAFN_SS_ATAPI_READ_DISC_INFORMATION,
178 ATAFN_SS_ATAPI_READ_TOC_NORMAL,
179 ATAFN_SS_ATAPI_READ_TOC_MULTI,
180 ATAFN_SS_ATAPI_READ_TOC_RAW,
181 ATAFN_SS_ATAPI_READ_TRACK_INFORMATION,
182 ATAFN_SS_ATAPI_REQUEST_SENSE,
183 ATAFN_SS_ATAPI_PASSTHROUGH,
184 ATAFN_SS_MAX
185} ATAFNSS;
186
187/**
188 * Array of source/sink functions, the index is ATAFNSS.
189 * Make sure ATAFNSS and this array match!
190 */
191static const PSourceSinkFunc g_apfnSourceSinkFuncs[ATAFN_SS_MAX] =
192{
193 NULL,
194 ataIdentifySS,
195 ataFlushSS,
196 ataReadSectorsSS,
197 ataWriteSectorsSS,
198 ataExecuteDeviceDiagnosticSS,
199 ataPacketSS,
200 atapiGetConfigurationSS,
201 atapiGetEventStatusNotificationSS,
202 atapiIdentifySS,
203 atapiInquirySS,
204 atapiMechanismStatusSS,
205 atapiModeSenseErrorRecoverySS,
206 atapiModeSenseCDStatusSS,
207 atapiReadSS,
208 atapiReadCapacitySS,
209 atapiReadDiscInformationSS,
210 atapiReadTOCNormalSS,
211 atapiReadTOCMultiSS,
212 atapiReadTOCRawSS,
213 atapiReadTrackInformationSS,
214 atapiRequestSenseSS,
215 atapiPassthroughSS
216};
217
218
219static const AHCIATARequest ataDMARequest = { AHCIATA_AIO_DMA, };
220static const AHCIATARequest ataPIORequest = { AHCIATA_AIO_PIO, };
221static const AHCIATARequest ataResetARequest = { AHCIATA_AIO_RESET_ASSERTED, };
222static const AHCIATARequest ataResetCRequest = { AHCIATA_AIO_RESET_CLEARED, };
223
224
225static void ataAsyncIOClearRequests(PAHCIATACONTROLLER pCtl)
226{
227 int rc;
228
229 rc = RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT);
230 AssertRC(rc);
231 pCtl->AsyncIOReqHead = 0;
232 pCtl->AsyncIOReqTail = 0;
233 rc = RTSemMutexRelease(pCtl->AsyncIORequestMutex);
234 AssertRC(rc);
235}
236
237
238static void ataAsyncIOPutRequest(PAHCIATACONTROLLER pCtl, const AHCIATARequest *pReq)
239{
240 int rc;
241
242 rc = RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT);
243 AssertRC(rc);
244 Assert((pCtl->AsyncIOReqHead + 1) % RT_ELEMENTS(pCtl->aAsyncIORequests) != pCtl->AsyncIOReqTail);
245 memcpy(&pCtl->aAsyncIORequests[pCtl->AsyncIOReqHead], pReq, sizeof(*pReq));
246 pCtl->AsyncIOReqHead++;
247 pCtl->AsyncIOReqHead %= RT_ELEMENTS(pCtl->aAsyncIORequests);
248 rc = RTSemMutexRelease(pCtl->AsyncIORequestMutex);
249 AssertRC(rc);
250 rc = PDMR3CritSectScheduleExitEvent(&pCtl->lock, pCtl->AsyncIOSem);
251 if (RT_FAILURE(rc))
252 {
253 rc = RTSemEventSignal(pCtl->AsyncIOSem);
254 AssertRC(rc);
255 }
256}
257
258
259static const AHCIATARequest *ataAsyncIOGetCurrentRequest(PAHCIATACONTROLLER pCtl)
260{
261 int rc;
262 const AHCIATARequest *pReq;
263
264 rc = RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT);
265 AssertRC(rc);
266 if (pCtl->AsyncIOReqHead != pCtl->AsyncIOReqTail)
267 pReq = &pCtl->aAsyncIORequests[pCtl->AsyncIOReqTail];
268 else
269 pReq = NULL;
270 rc = RTSemMutexRelease(pCtl->AsyncIORequestMutex);
271 AssertRC(rc);
272 return pReq;
273}
274
275
276/**
277 * Remove the request with the given type, as it's finished. The request
278 * is not removed blindly, as this could mean a RESET request that is not
279 * yet processed (but has cleared the request queue) is lost.
280 *
281 * @param pCtl Controller for which to remove the request.
282 * @param ReqType Type of the request to remove.
283 */
284static void ataAsyncIORemoveCurrentRequest(PAHCIATACONTROLLER pCtl, AHCIATAAIO ReqType)
285{
286 int rc;
287
288 rc = RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT);
289 AssertRC(rc);
290 if (pCtl->AsyncIOReqHead != pCtl->AsyncIOReqTail && pCtl->aAsyncIORequests[pCtl->AsyncIOReqTail].ReqType == ReqType)
291 {
292 pCtl->AsyncIOReqTail++;
293 pCtl->AsyncIOReqTail %= RT_ELEMENTS(pCtl->aAsyncIORequests);
294 }
295 rc = RTSemMutexRelease(pCtl->AsyncIORequestMutex);
296 AssertRC(rc);
297}
298
299
300/**
301 * Dump the request queue for a particular controller. First dump the queue
302 * contents, then the already processed entries, as long as they haven't been
303 * overwritten.
304 *
305 * @param pCtl Controller for which to dump the queue.
306 */
307static void ataAsyncIODumpRequests(PAHCIATACONTROLLER pCtl)
308{
309 int rc;
310 uint8_t curr;
311
312 rc = RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT);
313 AssertRC(rc);
314 LogRel(("ATA: Ctl: request queue dump (topmost is current):\n"));
315 curr = pCtl->AsyncIOReqTail;
316 do
317 {
318 if (curr == pCtl->AsyncIOReqHead)
319 LogRel(("ATA: Ctl: processed requests (topmost is oldest):\n"));
320 switch (pCtl->aAsyncIORequests[curr].ReqType)
321 {
322 case AHCIATA_AIO_NEW:
323 LogRel(("new transfer request, iIf=%d iBeginTransfer=%d iSourceSink=%d cbTotalTransfer=%d uTxDir=%d\n", pCtl->aAsyncIORequests[curr].u.t.iIf, pCtl->aAsyncIORequests[curr].u.t.iBeginTransfer, pCtl->aAsyncIORequests[curr].u.t.iSourceSink, pCtl->aAsyncIORequests[curr].u.t.cbTotalTransfer, pCtl->aAsyncIORequests[curr].u.t.uTxDir));
324 break;
325 case AHCIATA_AIO_DMA:
326 LogRel(("dma transfer finished\n"));
327 break;
328 case AHCIATA_AIO_PIO:
329 LogRel(("pio transfer finished\n"));
330 break;
331 case AHCIATA_AIO_RESET_ASSERTED:
332 LogRel(("reset asserted request\n"));
333 break;
334 case AHCIATA_AIO_RESET_CLEARED:
335 LogRel(("reset cleared request\n"));
336 break;
337 case AHCIATA_AIO_ABORT:
338 LogRel(("abort request, iIf=%d fResetDrive=%d\n", pCtl->aAsyncIORequests[curr].u.a.iIf, pCtl->aAsyncIORequests[curr].u.a.fResetDrive));
339 break;
340 default:
341 LogRel(("unknown request %d\n", pCtl->aAsyncIORequests[curr].ReqType));
342 }
343 curr = (curr + 1) % RT_ELEMENTS(pCtl->aAsyncIORequests);
344 } while (curr != pCtl->AsyncIOReqTail);
345 rc = RTSemMutexRelease(pCtl->AsyncIORequestMutex);
346 AssertRC(rc);
347}
348
349
350/**
351 * Checks whether the request queue for a particular controller is empty
352 * or whether a particular controller is idle.
353 *
354 * @param pCtl Controller for which to check the queue.
355 * @param fStrict If set then the controller is checked to be idle.
356 */
357static bool ataAsyncIOIsIdle(PAHCIATACONTROLLER pCtl, bool fStrict)
358{
359 int rc;
360 bool fIdle;
361
362 rc = RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT);
363 AssertRC(rc);
364 fIdle = pCtl->fRedoIdle;
365 if (!fIdle)
366 fIdle = (pCtl->AsyncIOReqHead == pCtl->AsyncIOReqTail);
367 if (fStrict)
368 fIdle &= (pCtl->uAsyncIOState == AHCIATA_AIO_NEW);
369 rc = RTSemMutexRelease(pCtl->AsyncIORequestMutex);
370 AssertRC(rc);
371 return fIdle;
372}
373
374
375/**
376 * Send a transfer request to the async I/O thread.
377 *
378 * @param s Pointer to the ATA device state data.
379 * @param cbTotalTransfer Data transfer size.
380 * @param uTxDir Data transfer direction.
381 * @param iBeginTransfer Index of BeginTransfer callback.
382 * @param iSourceSink Index of SourceSink callback.
383 * @param fChainedTransfer Whether this is a transfer that is part of the previous command/transfer.
384 */
385static void ataStartTransfer(AHCIATADevState *s, uint32_t cbTotalTransfer, uint8_t uTxDir, ATAFNBT iBeginTransfer, ATAFNSS iSourceSink, bool fChainedTransfer)
386{
387 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
388 AHCIATARequest Req;
389
390 Assert(PDMCritSectIsOwner(&pCtl->lock));
391
392 /* Do not issue new requests while the RESET line is asserted. */
393 if (pCtl->fReset)
394 {
395 Log2(("%s: Ctl: suppressed new request as RESET is active\n", __FUNCTION__));
396 return;
397 }
398
399 /* If the controller is already doing something else right now, ignore
400 * the command that is being submitted. Some broken guests issue commands
401 * twice (e.g. the Linux kernel that comes with Acronis True Image 8). */
402 if (!fChainedTransfer && !ataAsyncIOIsIdle(pCtl, true))
403 {
404 Log(("%s: Ctl: ignored command %#04x, controller state %d\n", __FUNCTION__, s->uATARegCommand, pCtl->uAsyncIOState));
405 LogRel(("IDE: guest issued command %#04x while controller busy\n", s->uATARegCommand));
406 return;
407 }
408
409 Req.ReqType = AHCIATA_AIO_NEW;
410 if (fChainedTransfer)
411 Req.u.t.iIf = pCtl->iAIOIf;
412 else
413 Req.u.t.iIf = pCtl->iSelectedIf;
414 Req.u.t.cbTotalTransfer = cbTotalTransfer;
415 Req.u.t.uTxDir = uTxDir;
416 Req.u.t.iBeginTransfer = iBeginTransfer;
417 Req.u.t.iSourceSink = iSourceSink;
418 ataSetStatusValue(s, ATA_STAT_BUSY);
419 pCtl->fChainedTransfer = fChainedTransfer;
420
421 /*
422 * Kick the worker thread into action.
423 */
424 Log2(("%s: Ctl: message to async I/O thread, new request\n", __FUNCTION__));
425 ataAsyncIOPutRequest(pCtl, &Req);
426}
427
428
429/**
430 * Send an abort command request to the async I/O thread.
431 *
432 * @param s Pointer to the ATA device state data.
433 * @param fResetDrive Whether to reset the drive or just abort a command.
434 */
435static void ataAbortCurrentCommand(AHCIATADevState *s, bool fResetDrive)
436{
437 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
438 AHCIATARequest Req;
439
440 Assert(PDMCritSectIsOwner(&pCtl->lock));
441
442 /* Do not issue new requests while the RESET line is asserted. */
443 if (pCtl->fReset)
444 {
445 Log2(("%s: Ctl: suppressed aborting command as RESET is active\n", __FUNCTION__));
446 return;
447 }
448
449 Req.ReqType = AHCIATA_AIO_ABORT;
450 Req.u.a.iIf = pCtl->iSelectedIf;
451 Req.u.a.fResetDrive = fResetDrive;
452 ataSetStatus(s, ATA_STAT_BUSY);
453 Log2(("%s: Ctl: message to async I/O thread, abort command on LUN#%d\n", __FUNCTION__, s->iLUN));
454 ataAsyncIOPutRequest(pCtl, &Req);
455}
456
457
458static void ataSetIRQ(AHCIATADevState *s)
459{
460 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
461 PPDMDEVINS pDevIns = ATADEVSTATE_2_DEVINS(s);
462
463 if (!(s->uATARegDevCtl & ATA_DEVCTL_DISABLE_IRQ))
464 {
465 Log2(("%s: LUN#%d asserting IRQ\n", __FUNCTION__, s->iLUN));
466 /* The BMDMA unit unconditionally sets BM_STATUS_INT if the interrupt
467 * line is asserted. It monitors the line for a rising edge. */
468 if (!s->fIrqPending)
469 pCtl->BmDma.u8Status |= BM_STATUS_INT;
470 /* Only actually set the IRQ line if updating the currently selected drive. */
471 if (s == &pCtl->aIfs[pCtl->iSelectedIf])
472 PDMDevHlpISASetIrqNoWait(pDevIns, pCtl->irq, 1);
473 }
474 s->fIrqPending = true;
475}
476
477#endif /* IN_RING3 */
478
479static void ataUnsetIRQ(AHCIATADevState *s)
480{
481 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
482 PPDMDEVINS pDevIns = ATADEVSTATE_2_DEVINS(s);
483
484 if (!(s->uATARegDevCtl & ATA_DEVCTL_DISABLE_IRQ))
485 {
486 Log2(("%s: LUN#%d deasserting IRQ\n", __FUNCTION__, s->iLUN));
487 /* Only actually unset the IRQ line if updating the currently selected drive. */
488 if (s == &pCtl->aIfs[pCtl->iSelectedIf])
489 PDMDevHlpISASetIrqNoWait(pDevIns, pCtl->irq, 0);
490 }
491 s->fIrqPending = false;
492}
493
494#ifdef IN_RING3
495
496static void ataPIOTransferStart(AHCIATADevState *s, uint32_t start, uint32_t size)
497{
498 Log2(("%s: LUN#%d start %d size %d\n", __FUNCTION__, s->iLUN, start, size));
499 s->iIOBufferPIODataStart = start;
500 s->iIOBufferPIODataEnd = start + size;
501 ataSetStatus(s, ATA_STAT_DRQ);
502}
503
504
505static void ataPIOTransferStop(AHCIATADevState *s)
506{
507 Log2(("%s: LUN#%d\n", __FUNCTION__, s->iLUN));
508 if (s->fATAPITransfer)
509 {
510 s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
511 Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
512 ataSetIRQ(s);
513 s->fATAPITransfer = false;
514 }
515 s->cbTotalTransfer = 0;
516 s->cbElementaryTransfer = 0;
517 s->iIOBufferPIODataStart = 0;
518 s->iIOBufferPIODataEnd = 0;
519 s->iBeginTransfer = ATAFN_BT_NULL;
520 s->iSourceSink = ATAFN_SS_NULL;
521}
522
523
524static void ataPIOTransferLimitATAPI(AHCIATADevState *s)
525{
526 uint32_t cbLimit, cbTransfer;
527
528 cbLimit = s->uATARegLCyl | (s->uATARegHCyl << 8);
529 /* Use maximum transfer size if the guest requested 0. Avoids a hang. */
530 if (cbLimit == 0)
531 cbLimit = 0xfffe;
532 Log2(("%s: byte count limit=%d\n", __FUNCTION__, cbLimit));
533 if (cbLimit == 0xffff)
534 cbLimit--;
535 cbTransfer = RT_MIN(s->cbTotalTransfer, s->iIOBufferEnd - s->iIOBufferCur);
536 if (cbTransfer > cbLimit)
537 {
538 /* Byte count limit for clipping must be even in this case */
539 if (cbLimit & 1)
540 cbLimit--;
541 cbTransfer = cbLimit;
542 }
543 s->uATARegLCyl = cbTransfer;
544 s->uATARegHCyl = cbTransfer >> 8;
545 s->cbElementaryTransfer = cbTransfer;
546}
547
548
549static uint32_t ataGetNSectors(AHCIATADevState *s)
550{
551 /* 0 means either 256 (LBA28) or 65536 (LBA48) sectors. */
552 if (s->fLBA48)
553 {
554 if (!s->uATARegNSector && !s->uATARegNSectorHOB)
555 return 65536;
556 else
557 return s->uATARegNSectorHOB << 8 | s->uATARegNSector;
558 }
559 else
560 {
561 if (!s->uATARegNSector)
562 return 256;
563 else
564 return s->uATARegNSector;
565 }
566}
567
568
569static void ataPadString(uint8_t *pbDst, const char *pbSrc, uint32_t cbSize)
570{
571 for (uint32_t i = 0; i < cbSize; i++)
572 {
573 if (*pbSrc)
574 pbDst[i ^ 1] = *pbSrc++;
575 else
576 pbDst[i ^ 1] = ' ';
577 }
578}
579
580
581static void ataSCSIPadStr(uint8_t *pbDst, const char *pbSrc, uint32_t cbSize)
582{
583 for (uint32_t i = 0; i < cbSize; i++)
584 {
585 if (*pbSrc)
586 pbDst[i] = *pbSrc++;
587 else
588 pbDst[i] = ' ';
589 }
590}
591
592
593DECLINLINE(void) ataH2BE_U16(uint8_t *pbBuf, uint16_t val)
594{
595 pbBuf[0] = val >> 8;
596 pbBuf[1] = val;
597}
598
599
600DECLINLINE(void) ataH2BE_U24(uint8_t *pbBuf, uint32_t val)
601{
602 pbBuf[0] = val >> 16;
603 pbBuf[1] = val >> 8;
604 pbBuf[2] = val;
605}
606
607
608DECLINLINE(void) ataH2BE_U32(uint8_t *pbBuf, uint32_t val)
609{
610 pbBuf[0] = val >> 24;
611 pbBuf[1] = val >> 16;
612 pbBuf[2] = val >> 8;
613 pbBuf[3] = val;
614}
615
616
617DECLINLINE(uint16_t) ataBE2H_U16(const uint8_t *pbBuf)
618{
619 return (pbBuf[0] << 8) | pbBuf[1];
620}
621
622
623DECLINLINE(uint32_t) ataBE2H_U24(const uint8_t *pbBuf)
624{
625 return (pbBuf[0] << 16) | (pbBuf[1] << 8) | pbBuf[2];
626}
627
628
629DECLINLINE(uint32_t) ataBE2H_U32(const uint8_t *pbBuf)
630{
631 return (pbBuf[0] << 24) | (pbBuf[1] << 16) | (pbBuf[2] << 8) | pbBuf[3];
632}
633
634
635DECLINLINE(void) ataLBA2MSF(uint8_t *pbBuf, uint32_t iATAPILBA)
636{
637 iATAPILBA += 150;
638 pbBuf[0] = (iATAPILBA / 75) / 60;
639 pbBuf[1] = (iATAPILBA / 75) % 60;
640 pbBuf[2] = iATAPILBA % 75;
641}
642
643
644DECLINLINE(uint32_t) ataMSF2LBA(const uint8_t *pbBuf)
645{
646 return (pbBuf[0] * 60 + pbBuf[1]) * 75 + pbBuf[2];
647}
648
649
650static void ataCmdOK(AHCIATADevState *s, uint8_t status)
651{
652 s->uATARegError = 0; /* Not needed by ATA spec, but cannot hurt. */
653 ataSetStatusValue(s, ATA_STAT_READY | status);
654}
655
656
657static void ataCmdError(AHCIATADevState *s, uint8_t uErrorCode)
658{
659 Log(("%s: code=%#x\n", __FUNCTION__, uErrorCode));
660 s->uATARegError = uErrorCode;
661 ataSetStatusValue(s, ATA_STAT_READY | ATA_STAT_ERR);
662 s->cbTotalTransfer = 0;
663 s->cbElementaryTransfer = 0;
664 s->iIOBufferCur = 0;
665 s->iIOBufferEnd = 0;
666 s->uTxDir = PDMBLOCKTXDIR_NONE;
667 s->iBeginTransfer = ATAFN_BT_NULL;
668 s->iSourceSink = ATAFN_SS_NULL;
669}
670
671
672static bool ataIdentifySS(AHCIATADevState *s)
673{
674 uint16_t *p;
675 char aSerial[20];
676 int rc;
677 RTUUID Uuid;
678
679 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
680 Assert(s->cbElementaryTransfer == 512);
681 rc = s->pDrvBlock ? s->pDrvBlock->pfnGetUuid(s->pDrvBlock, &Uuid) : RTUuidClear(&Uuid);
682 if (RT_FAILURE(rc) || RTUuidIsNull(&Uuid))
683 {
684 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
685 /* Generate a predictable serial for drives which don't have a UUID. */
686 RTStrPrintf(aSerial, sizeof(aSerial), "VB%x-%04x%04x",
687 s->iLUN + ATADEVSTATE_2_DEVINS(s)->iInstance * 32,
688 pCtl->IOPortBase1, pCtl->IOPortBase2);
689 }
690 else
691 RTStrPrintf(aSerial, sizeof(aSerial), "VB%08x-%08x", Uuid.au32[0], Uuid.au32[3]);
692
693 p = (uint16_t *)s->CTXALLSUFF(pbIOBuffer);
694 memset(p, 0, 512);
695 p[0] = RT_H2LE_U16(0x0040);
696 p[1] = RT_H2LE_U16(RT_MIN(s->PCHSGeometry.cCylinders, 16383));
697 p[3] = RT_H2LE_U16(s->PCHSGeometry.cHeads);
698 /* Block size; obsolete, but required for the BIOS. */
699 p[5] = RT_H2LE_U16(512);
700 p[6] = RT_H2LE_U16(s->PCHSGeometry.cSectors);
701 ataPadString((uint8_t *)(p + 10), aSerial, 20); /* serial number */
702 p[20] = RT_H2LE_U16(3); /* XXX: retired, cache type */
703 p[21] = RT_H2LE_U16(512); /* XXX: retired, cache size in sectors */
704 p[22] = RT_H2LE_U16(0); /* ECC bytes per sector */
705 ataPadString((uint8_t *)(p + 23), "1.0", 8); /* firmware version */
706 ataPadString((uint8_t *)(p + 27), "VBOX HARDDISK", 40); /* model */
707#if ATA_MAX_MULT_SECTORS > 1
708 p[47] = RT_H2LE_U16(0x8000 | ATA_MAX_MULT_SECTORS);
709#endif
710 p[48] = RT_H2LE_U16(1); /* dword I/O, used by the BIOS */
711 p[49] = RT_H2LE_U16(1 << 11 | 1 << 9 | 1 << 8); /* DMA and LBA supported */
712 p[50] = RT_H2LE_U16(1 << 14); /* No drive specific standby timer minimum */
713 p[51] = RT_H2LE_U16(240); /* PIO transfer cycle */
714 p[52] = RT_H2LE_U16(240); /* DMA transfer cycle */
715 p[53] = RT_H2LE_U16(1 | 1 << 1 | 1 << 2); /* words 54-58,64-70,88 valid */
716 p[54] = RT_H2LE_U16(RT_MIN(s->PCHSGeometry.cCylinders, 16383));
717 p[55] = RT_H2LE_U16(s->PCHSGeometry.cHeads);
718 p[56] = RT_H2LE_U16(s->PCHSGeometry.cSectors);
719 p[57] = RT_H2LE_U16( RT_MIN(s->PCHSGeometry.cCylinders, 16383)
720 * s->PCHSGeometry.cHeads
721 * s->PCHSGeometry.cSectors);
722 p[58] = RT_H2LE_U16( RT_MIN(s->PCHSGeometry.cCylinders, 16383)
723 * s->PCHSGeometry.cHeads
724 * s->PCHSGeometry.cSectors >> 16);
725 if (s->cMultSectors)
726 p[59] = RT_H2LE_U16(0x100 | s->cMultSectors);
727 if (s->cTotalSectors <= (1 << 28) - 1)
728 {
729 p[60] = RT_H2LE_U16(s->cTotalSectors);
730 p[61] = RT_H2LE_U16(s->cTotalSectors >> 16);
731 }
732 else
733 {
734 /* Report maximum number of sectors possible with LBA28 */
735 p[60] = RT_H2LE_U16(((1 << 28) - 1) & 0xffff);
736 p[61] = RT_H2LE_U16(((1 << 28) - 1) >> 16);
737 }
738 p[63] = RT_H2LE_U16(ATA_TRANSFER_ID(ATA_MODE_MDMA, ATA_MDMA_MODE_MAX, s->uATATransferMode)); /* MDMA modes supported / mode enabled */
739 p[64] = RT_H2LE_U16(ATA_PIO_MODE_MAX > 2 ? (1 << (ATA_PIO_MODE_MAX - 2)) - 1 : 0); /* PIO modes beyond PIO2 supported */
740 p[65] = RT_H2LE_U16(120); /* minimum DMA multiword tx cycle time */
741 p[66] = RT_H2LE_U16(120); /* recommended DMA multiword tx cycle time */
742 p[67] = RT_H2LE_U16(120); /* minimum PIO cycle time without flow control */
743 p[68] = RT_H2LE_U16(120); /* minimum PIO cycle time with IORDY flow control */
744 p[80] = RT_H2LE_U16(0x7e); /* support everything up to ATA/ATAPI-6 */
745 p[81] = RT_H2LE_U16(0x22); /* conforms to ATA/ATAPI-6 */
746 p[82] = RT_H2LE_U16(1 << 3 | 1 << 5 | 1 << 6); /* supports power management, write cache and look-ahead */
747 if (s->cTotalSectors <= (1 << 28) - 1)
748 p[83] = RT_H2LE_U16(1 << 14 | 1 << 12); /* supports FLUSH CACHE */
749 else
750 p[83] = RT_H2LE_U16(1 << 14 | 1 << 10 | 1 << 12 | 1 << 13); /* supports LBA48, FLUSH CACHE and FLUSH CACHE EXT */
751 p[84] = RT_H2LE_U16(1 << 14);
752 p[85] = RT_H2LE_U16(1 << 3 | 1 << 5 | 1 << 6); /* enabled power management, write cache and look-ahead */
753 if (s->cTotalSectors <= (1 << 28) - 1)
754 p[86] = RT_H2LE_U16(1 << 12); /* enabled FLUSH CACHE */
755 else
756 p[86] = RT_H2LE_U16(1 << 10 | 1 << 12 | 1 << 13); /* enabled LBA48, FLUSH CACHE and FLUSH CACHE EXT */
757 p[87] = RT_H2LE_U16(1 << 14);
758 p[88] = RT_H2LE_U16(ATA_TRANSFER_ID(ATA_MODE_UDMA, ATA_UDMA_MODE_MAX, s->uATATransferMode)); /* UDMA modes supported / mode enabled */
759 p[93] = RT_H2LE_U16((1 | 1 << 1) << ((s->iLUN & 1) == 0 ? 0 : 8) | 1 << 13 | 1 << 14);
760 if (s->cTotalSectors > (1 << 28) - 1)
761 {
762 p[100] = RT_H2LE_U16(s->cTotalSectors);
763 p[101] = RT_H2LE_U16(s->cTotalSectors >> 16);
764 p[102] = RT_H2LE_U16(s->cTotalSectors >> 32);
765 p[103] = RT_H2LE_U16(s->cTotalSectors >> 48);
766 }
767 s->iSourceSink = ATAFN_SS_NULL;
768 ataCmdOK(s, ATA_STAT_SEEK);
769 return false;
770}
771
772
773static bool ataFlushSS(AHCIATADevState *s)
774{
775 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
776 int rc;
777
778 Assert(s->uTxDir == PDMBLOCKTXDIR_NONE);
779 Assert(!s->cbElementaryTransfer);
780
781 PDMCritSectLeave(&pCtl->lock);
782
783 STAM_PROFILE_START(&s->StatFlushes, f);
784 rc = s->pDrvBlock->pfnFlush(s->pDrvBlock);
785 AssertRC(rc);
786 STAM_PROFILE_STOP(&s->StatFlushes, f);
787
788 STAM_PROFILE_START(&pCtl->StatLockWait, a);
789 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
790 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
791 ataCmdOK(s, 0);
792 return false;
793}
794
795
796static bool atapiIdentifySS(AHCIATADevState *s)
797{
798 uint16_t *p;
799 char aSerial[20];
800 RTUUID Uuid;
801 int rc;
802
803 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
804 Assert(s->cbElementaryTransfer == 512);
805 rc = s->pDrvBlock ? s->pDrvBlock->pfnGetUuid(s->pDrvBlock, &Uuid) : RTUuidClear(&Uuid);
806 if (RT_FAILURE(rc) || RTUuidIsNull(&Uuid))
807 {
808 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
809 /* Generate a predictable serial for drives which don't have a UUID. */
810 RTStrPrintf(aSerial, sizeof(aSerial), "VB%x-%04x%04x",
811 s->iLUN + ATADEVSTATE_2_DEVINS(s)->iInstance * 32,
812 pCtl->IOPortBase1, pCtl->IOPortBase2);
813 }
814 else
815 RTStrPrintf(aSerial, sizeof(aSerial), "VB%08x-%08x", Uuid.au32[0], Uuid.au32[3]);
816
817 p = (uint16_t *)s->CTXALLSUFF(pbIOBuffer);
818 memset(p, 0, 512);
819 /* Removable CDROM, 50us response, 12 byte packets */
820 p[0] = RT_H2LE_U16(2 << 14 | 5 << 8 | 1 << 7 | 2 << 5 | 0 << 0);
821 ataPadString((uint8_t *)(p + 10), aSerial, 20); /* serial number */
822 p[20] = RT_H2LE_U16(3); /* XXX: retired, cache type */
823 p[21] = RT_H2LE_U16(512); /* XXX: retired, cache size in sectors */
824 ataPadString((uint8_t *)(p + 23), "1.0", 8); /* firmware version */
825 ataPadString((uint8_t *)(p + 27), "VBOX CD-ROM", 40); /* model */
826 p[49] = RT_H2LE_U16(1 << 11 | 1 << 9 | 1 << 8); /* DMA and LBA supported */
827 p[50] = RT_H2LE_U16(1 << 14); /* No drive specific standby timer minimum */
828 p[51] = RT_H2LE_U16(240); /* PIO transfer cycle */
829 p[52] = RT_H2LE_U16(240); /* DMA transfer cycle */
830 p[53] = RT_H2LE_U16(1 << 1 | 1 << 2); /* words 64-70,88 are valid */
831 p[63] = RT_H2LE_U16(ATA_TRANSFER_ID(ATA_MODE_MDMA, ATA_MDMA_MODE_MAX, s->uATATransferMode)); /* MDMA modes supported / mode enabled */
832 p[64] = RT_H2LE_U16(ATA_PIO_MODE_MAX > 2 ? (1 << (ATA_PIO_MODE_MAX - 2)) - 1 : 0); /* PIO modes beyond PIO2 supported */
833 p[65] = RT_H2LE_U16(120); /* minimum DMA multiword tx cycle time */
834 p[66] = RT_H2LE_U16(120); /* recommended DMA multiword tx cycle time */
835 p[67] = RT_H2LE_U16(120); /* minimum PIO cycle time without flow control */
836 p[68] = RT_H2LE_U16(120); /* minimum PIO cycle time with IORDY flow control */
837 p[73] = RT_H2LE_U16(0x003e); /* ATAPI CDROM major */
838 p[74] = RT_H2LE_U16(9); /* ATAPI CDROM minor */
839 p[75] = RT_H2LE_U16(1); /* queue depth 1 */
840 p[80] = RT_H2LE_U16(0x7e); /* support everything up to ATA/ATAPI-6 */
841 p[81] = RT_H2LE_U16(0x22); /* conforms to ATA/ATAPI-6 */
842 p[82] = RT_H2LE_U16(1 << 4 | 1 << 9); /* supports packet command set and DEVICE RESET */
843 p[83] = RT_H2LE_U16(1 << 14);
844 p[84] = RT_H2LE_U16(1 << 14);
845 p[85] = RT_H2LE_U16(1 << 4 | 1 << 9); /* enabled packet command set and DEVICE RESET */
846 p[86] = RT_H2LE_U16(0);
847 p[87] = RT_H2LE_U16(1 << 14);
848 p[88] = RT_H2LE_U16(ATA_TRANSFER_ID(ATA_MODE_UDMA, ATA_UDMA_MODE_MAX, s->uATATransferMode)); /* UDMA modes supported / mode enabled */
849 p[93] = RT_H2LE_U16((1 | 1 << 1) << ((s->iLUN & 1) == 0 ? 0 : 8) | 1 << 13 | 1 << 14);
850 s->iSourceSink = ATAFN_SS_NULL;
851 ataCmdOK(s, ATA_STAT_SEEK);
852 return false;
853}
854
855
856static void ataSetSignature(AHCIATADevState *s)
857{
858 s->uATARegSelect &= 0xf0; /* clear head */
859 /* put signature */
860 s->uATARegNSector = 1;
861 s->uATARegSector = 1;
862 if (s->fATAPI)
863 {
864 s->uATARegLCyl = 0x14;
865 s->uATARegHCyl = 0xeb;
866 }
867 else if (s->pDrvBlock)
868 {
869 s->uATARegLCyl = 0;
870 s->uATARegHCyl = 0;
871 }
872 else
873 {
874 s->uATARegLCyl = 0xff;
875 s->uATARegHCyl = 0xff;
876 }
877}
878
879
880static uint64_t ataGetSector(AHCIATADevState *s)
881{
882 uint64_t iLBA;
883 if (s->uATARegSelect & 0x40)
884 {
885 /* any LBA variant */
886 if (s->fLBA48)
887 {
888 /* LBA48 */
889 iLBA = ((uint64_t)s->uATARegHCylHOB << 40) |
890 ((uint64_t)s->uATARegLCylHOB << 32) |
891 ((uint64_t)s->uATARegSectorHOB << 24) |
892 ((uint64_t)s->uATARegHCyl << 16) |
893 ((uint64_t)s->uATARegLCyl << 8) |
894 s->uATARegSector;
895 }
896 else
897 {
898 /* LBA */
899 iLBA = ((s->uATARegSelect & 0x0f) << 24) | (s->uATARegHCyl << 16) |
900 (s->uATARegLCyl << 8) | s->uATARegSector;
901 }
902 }
903 else
904 {
905 /* CHS */
906 iLBA = ((s->uATARegHCyl << 8) | s->uATARegLCyl) * s->PCHSGeometry.cHeads * s->PCHSGeometry.cSectors +
907 (s->uATARegSelect & 0x0f) * s->PCHSGeometry.cSectors +
908 (s->uATARegSector - 1);
909 }
910 return iLBA;
911}
912
913static void ataSetSector(AHCIATADevState *s, uint64_t iLBA)
914{
915 uint32_t cyl, r;
916 if (s->uATARegSelect & 0x40)
917 {
918 /* any LBA variant */
919 if (s->fLBA48)
920 {
921 /* LBA48 */
922 s->uATARegHCylHOB = iLBA >> 40;
923 s->uATARegLCylHOB = iLBA >> 32;
924 s->uATARegSectorHOB = iLBA >> 24;
925 s->uATARegHCyl = iLBA >> 16;
926 s->uATARegLCyl = iLBA >> 8;
927 s->uATARegSector = iLBA;
928 }
929 else
930 {
931 /* LBA */
932 s->uATARegSelect = (s->uATARegSelect & 0xf0) | (iLBA >> 24);
933 s->uATARegHCyl = (iLBA >> 16);
934 s->uATARegLCyl = (iLBA >> 8);
935 s->uATARegSector = (iLBA);
936 }
937 }
938 else
939 {
940 /* CHS */
941 cyl = iLBA / (s->PCHSGeometry.cHeads * s->PCHSGeometry.cSectors);
942 r = iLBA % (s->PCHSGeometry.cHeads * s->PCHSGeometry.cSectors);
943 s->uATARegHCyl = cyl >> 8;
944 s->uATARegLCyl = cyl;
945 s->uATARegSelect = (s->uATARegSelect & 0xf0) | ((r / s->PCHSGeometry.cSectors) & 0x0f);
946 s->uATARegSector = (r % s->PCHSGeometry.cSectors) + 1;
947 }
948}
949
950
951static int ataReadSectors(AHCIATADevState *s, uint64_t u64Sector, void *pvBuf, uint32_t cSectors)
952{
953 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
954 int rc;
955
956 PDMCritSectLeave(&pCtl->lock);
957
958 STAM_PROFILE_ADV_START(&s->StatReads, r);
959 s->pLed->Asserted.s.fReading = s->pLed->Actual.s.fReading = 1;
960 rc = s->pDrvBlock->pfnRead(s->pDrvBlock, u64Sector * 512, pvBuf, cSectors * 512);
961 s->pLed->Actual.s.fReading = 0;
962 STAM_PROFILE_ADV_STOP(&s->StatReads, r);
963
964 STAM_REL_COUNTER_ADD(s->pStatBytesRead, cSectors * 512);
965
966 STAM_PROFILE_START(&pCtl->StatLockWait, a);
967 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
968 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
969 return rc;
970}
971
972
973static int ataWriteSectors(AHCIATADevState *s, uint64_t u64Sector, const void *pvBuf, uint32_t cSectors)
974{
975 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
976 int rc;
977
978 PDMCritSectLeave(&pCtl->lock);
979
980 STAM_PROFILE_ADV_START(&s->StatWrites, w);
981 s->pLed->Asserted.s.fWriting = s->pLed->Actual.s.fWriting = 1;
982 rc = s->pDrvBlock->pfnWrite(s->pDrvBlock, u64Sector * 512, pvBuf, cSectors * 512);
983 s->pLed->Actual.s.fWriting = 0;
984 STAM_PROFILE_ADV_STOP(&s->StatWrites, w);
985
986 STAM_REL_COUNTER_ADD(s->pStatBytesWritten, cSectors * 512);
987
988 STAM_PROFILE_START(&pCtl->StatLockWait, a);
989 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
990 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
991 return rc;
992}
993
994
995static void ataReadWriteSectorsBT(AHCIATADevState *s)
996{
997 uint32_t cSectors;
998
999 cSectors = s->cbTotalTransfer / 512;
1000 if (cSectors > s->cSectorsPerIRQ)
1001 s->cbElementaryTransfer = s->cSectorsPerIRQ * 512;
1002 else
1003 s->cbElementaryTransfer = cSectors * 512;
1004 if (s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE)
1005 ataCmdOK(s, 0);
1006}
1007
1008
1009static void ataWarningDiskFull(PPDMDEVINS pDevIns)
1010{
1011 int rc;
1012 LogRel(("ATA: Host disk full\n"));
1013 rc = PDMDevHlpVMSetRuntimeError(pDevIns, 0 /*fFlags*/, "DevATA_DISKFULL",
1014 N_("Host system reported disk full. VM execution is suspended. You can resume after freeing some space"));
1015 AssertRC(rc);
1016}
1017
1018
1019static void ataWarningFileTooBig(PPDMDEVINS pDevIns)
1020{
1021 int rc;
1022 LogRel(("ATA: File too big\n"));
1023 rc = PDMDevHlpVMSetRuntimeError(pDevIns, 0 /*fFlags*/, "DevATA_FILETOOBIG",
1024 N_("Host system reported that the file size limit of the host file system has been exceeded. VM execution is suspended. You need to move your virtual hard disk to a filesystem which allows bigger files"));
1025 AssertRC(rc);
1026}
1027
1028
1029static void ataWarningISCSI(PPDMDEVINS pDevIns)
1030{
1031 int rc;
1032 LogRel(("ATA: iSCSI target unavailable\n"));
1033 rc = PDMDevHlpVMSetRuntimeError(pDevIns, 0 /*fFlags*/, "DevATA_ISCSIDOWN",
1034 N_("The iSCSI target has stopped responding. VM execution is suspended. You can resume when it is available again"));
1035 AssertRC(rc);
1036}
1037
1038
1039static bool ataReadSectorsSS(AHCIATADevState *s)
1040{
1041 int rc;
1042 uint32_t cSectors;
1043 uint64_t iLBA;
1044
1045 cSectors = s->cbElementaryTransfer / 512;
1046 Assert(cSectors);
1047 iLBA = ataGetSector(s);
1048 Log(("%s: %d sectors at LBA %d\n", __FUNCTION__, cSectors, iLBA));
1049 rc = ataReadSectors(s, iLBA, s->CTXALLSUFF(pbIOBuffer), cSectors);
1050 if (RT_SUCCESS(rc))
1051 {
1052 ataSetSector(s, iLBA + cSectors);
1053 if (s->cbElementaryTransfer == s->cbTotalTransfer)
1054 s->iSourceSink = ATAFN_SS_NULL;
1055 ataCmdOK(s, ATA_STAT_SEEK);
1056 }
1057 else
1058 {
1059 if (rc == VERR_DISK_FULL)
1060 {
1061 ataWarningDiskFull(ATADEVSTATE_2_DEVINS(s));
1062 return true;
1063 }
1064 if (rc == VERR_FILE_TOO_BIG)
1065 {
1066 ataWarningFileTooBig(ATADEVSTATE_2_DEVINS(s));
1067 return true;
1068 }
1069 if (rc == VERR_BROKEN_PIPE || rc == VERR_NET_CONNECTION_REFUSED)
1070 {
1071 /* iSCSI connection abort (first error) or failure to reestablish
1072 * connection (second error). Pause VM. On resume we'll retry. */
1073 ataWarningISCSI(ATADEVSTATE_2_DEVINS(s));
1074 return true;
1075 }
1076 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
1077 LogRel(("AHCI ATA: LUN#%d: disk read error (rc=%Rrc iSector=%#RX64 cSectors=%#RX32)\n",
1078 s->iLUN, rc, iLBA, cSectors));
1079 ataCmdError(s, ID_ERR);
1080 }
1081 /** @todo implement redo for iSCSI */
1082 return false;
1083}
1084
1085
1086static bool ataWriteSectorsSS(AHCIATADevState *s)
1087{
1088 int rc;
1089 uint32_t cSectors;
1090 uint64_t iLBA;
1091
1092 cSectors = s->cbElementaryTransfer / 512;
1093 Assert(cSectors);
1094 iLBA = ataGetSector(s);
1095 Log(("%s: %d sectors at LBA %d\n", __FUNCTION__, cSectors, iLBA));
1096 rc = ataWriteSectors(s, iLBA, s->CTXALLSUFF(pbIOBuffer), cSectors);
1097 if (RT_SUCCESS(rc))
1098 {
1099 ataSetSector(s, iLBA + cSectors);
1100 if (!s->cbTotalTransfer)
1101 s->iSourceSink = ATAFN_SS_NULL;
1102 ataCmdOK(s, ATA_STAT_SEEK);
1103 }
1104 else
1105 {
1106 if (rc == VERR_DISK_FULL)
1107 {
1108 ataWarningDiskFull(ATADEVSTATE_2_DEVINS(s));
1109 return true;
1110 }
1111 if (rc == VERR_FILE_TOO_BIG)
1112 {
1113 ataWarningFileTooBig(ATADEVSTATE_2_DEVINS(s));
1114 return true;
1115 }
1116 if (rc == VERR_BROKEN_PIPE || rc == VERR_NET_CONNECTION_REFUSED)
1117 {
1118 /* iSCSI connection abort (first error) or failure to reestablish
1119 * connection (second error). Pause VM. On resume we'll retry. */
1120 ataWarningISCSI(ATADEVSTATE_2_DEVINS(s));
1121 return true;
1122 }
1123 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
1124 LogRel(("AHCI ATA: LUN#%d: disk write error (rc=%Rrc iSector=%#RX64 cSectors=%#RX32)\n",
1125 s->iLUN, rc, iLBA, cSectors));
1126 ataCmdError(s, ID_ERR);
1127 }
1128 /** @todo implement redo for iSCSI */
1129 return false;
1130}
1131
1132
1133static void atapiCmdOK(AHCIATADevState *s)
1134{
1135 s->uATARegError = 0;
1136 ataSetStatusValue(s, ATA_STAT_READY);
1137 s->uATARegNSector = (s->uATARegNSector & ~7)
1138 | ((s->uTxDir != PDMBLOCKTXDIR_TO_DEVICE) ? ATAPI_INT_REASON_IO : 0)
1139 | (!s->cbTotalTransfer ? ATAPI_INT_REASON_CD : 0);
1140 Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
1141 memset(s->abATAPISense, '\0', sizeof(s->abATAPISense));
1142 s->abATAPISense[0] = 0x70 | (1 << 7);
1143 s->abATAPISense[7] = 10;
1144}
1145
1146
1147static void atapiCmdError(AHCIATADevState *s, const uint8_t *pabATAPISense, size_t cbATAPISense)
1148{
1149 Log(("%s: sense=%#x (%s) asc=%#x ascq=%#x (%s)\n", __FUNCTION__, pabATAPISense[2] & 0x0f, SCSISenseText(pabATAPISense[2] & 0x0f),
1150 pabATAPISense[12], pabATAPISense[13], SCSISenseExtText(pabATAPISense[12], pabATAPISense[13])));
1151 s->uATARegError = pabATAPISense[2] << 4;
1152 ataSetStatusValue(s, ATA_STAT_READY | ATA_STAT_ERR);
1153 s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1154 Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
1155 memset(s->abATAPISense, '\0', sizeof(s->abATAPISense));
1156 memcpy(s->abATAPISense, pabATAPISense, RT_MIN(cbATAPISense, sizeof(s->abATAPISense)));
1157 s->cbTotalTransfer = 0;
1158 s->cbElementaryTransfer = 0;
1159 s->iIOBufferCur = 0;
1160 s->iIOBufferEnd = 0;
1161 s->uTxDir = PDMBLOCKTXDIR_NONE;
1162 s->iBeginTransfer = ATAFN_BT_NULL;
1163 s->iSourceSink = ATAFN_SS_NULL;
1164}
1165
1166
1167/** @todo deprecated function - doesn't provide enough info. Replace by direct
1168 * calls to atapiCmdError() with full data. */
1169static void atapiCmdErrorSimple(AHCIATADevState *s, uint8_t uATAPISenseKey, uint8_t uATAPIASC)
1170{
1171 uint8_t abATAPISense[ATAPI_SENSE_SIZE];
1172 memset(abATAPISense, '\0', sizeof(abATAPISense));
1173 abATAPISense[0] = 0x70 | (1 << 7);
1174 abATAPISense[2] = uATAPISenseKey & 0x0f;
1175 abATAPISense[7] = 10;
1176 abATAPISense[12] = uATAPIASC;
1177 atapiCmdError(s, abATAPISense, sizeof(abATAPISense));
1178}
1179
1180
1181static void atapiCmdBT(AHCIATADevState *s)
1182{
1183 s->fATAPITransfer = true;
1184 s->cbElementaryTransfer = s->cbTotalTransfer;
1185 if (s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE)
1186 atapiCmdOK(s);
1187}
1188
1189
1190static void atapiPassthroughCmdBT(AHCIATADevState *s)
1191{
1192 /* @todo implement an algorithm for correctly determining the read and
1193 * write sector size without sending additional commands to the drive.
1194 * This should be doable by saving processing the configuration requests
1195 * and replies. */
1196#if 0
1197 if (s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE)
1198 {
1199 uint8_t cmd = s->aATAPICmd[0];
1200 if (cmd == SCSI_WRITE_10 || cmd == SCSI_WRITE_12 || cmd == SCSI_WRITE_AND_VERIFY_10)
1201 {
1202 uint8_t aModeSenseCmd[10];
1203 uint8_t aModeSenseResult[16];
1204 uint8_t uDummySense;
1205 uint32_t cbTransfer;
1206 int rc;
1207
1208 cbTransfer = sizeof(aModeSenseResult);
1209 aModeSenseCmd[0] = SCSI_MODE_SENSE_10;
1210 aModeSenseCmd[1] = 0x08; /* disable block descriptor = 1 */
1211 aModeSenseCmd[2] = (SCSI_PAGECONTROL_CURRENT << 6) | SCSI_MODEPAGE_WRITE_PARAMETER;
1212 aModeSenseCmd[3] = 0; /* subpage code */
1213 aModeSenseCmd[4] = 0; /* reserved */
1214 aModeSenseCmd[5] = 0; /* reserved */
1215 aModeSenseCmd[6] = 0; /* reserved */
1216 aModeSenseCmd[7] = cbTransfer >> 8;
1217 aModeSenseCmd[8] = cbTransfer & 0xff;
1218 aModeSenseCmd[9] = 0; /* control */
1219 rc = s->pDrvBlock->pfnSendCmd(s->pDrvBlock, aModeSenseCmd, PDMBLOCKTXDIR_FROM_DEVICE, aModeSenseResult, &cbTransfer, &uDummySense, 500);
1220 if (RT_FAILURE(rc))
1221 {
1222 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_NONE);
1223 return;
1224 }
1225 /* Select sector size based on the current data block type. */
1226 switch (aModeSenseResult[12] & 0x0f)
1227 {
1228 case 0:
1229 s->cbATAPISector = 2352;
1230 break;
1231 case 1:
1232 s->cbATAPISector = 2368;
1233 break;
1234 case 2:
1235 case 3:
1236 s->cbATAPISector = 2448;
1237 break;
1238 case 8:
1239 case 10:
1240 s->cbATAPISector = 2048;
1241 break;
1242 case 9:
1243 s->cbATAPISector = 2336;
1244 break;
1245 case 11:
1246 s->cbATAPISector = 2056;
1247 break;
1248 case 12:
1249 s->cbATAPISector = 2324;
1250 break;
1251 case 13:
1252 s->cbATAPISector = 2332;
1253 break;
1254 default:
1255 s->cbATAPISector = 0;
1256 }
1257 Log2(("%s: sector size %d\n", __FUNCTION__, s->cbATAPISector));
1258 s->cbTotalTransfer *= s->cbATAPISector;
1259 if (s->cbTotalTransfer == 0)
1260 s->uTxDir = PDMBLOCKTXDIR_NONE;
1261 }
1262 }
1263#endif
1264 atapiCmdBT(s);
1265}
1266
1267
1268static bool atapiReadSS(AHCIATADevState *s)
1269{
1270 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1271 int rc = VINF_SUCCESS;
1272 uint32_t cbTransfer, cSectors;
1273
1274 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1275 cbTransfer = RT_MIN(s->cbTotalTransfer, s->cbIOBuffer);
1276 cSectors = cbTransfer / s->cbATAPISector;
1277 Assert(cSectors * s->cbATAPISector <= cbTransfer);
1278 Log(("%s: %d sectors at LBA %d\n", __FUNCTION__, cSectors, s->iATAPILBA));
1279
1280 PDMCritSectLeave(&pCtl->lock);
1281
1282 STAM_PROFILE_ADV_START(&s->StatReads, r);
1283 s->pLed->Asserted.s.fReading = s->pLed->Actual.s.fReading = 1;
1284 switch (s->cbATAPISector)
1285 {
1286 case 2048:
1287 rc = s->pDrvBlock->pfnRead(s->pDrvBlock, (uint64_t)s->iATAPILBA * s->cbATAPISector, s->CTXALLSUFF(pbIOBuffer), s->cbATAPISector * cSectors);
1288 break;
1289 case 2352:
1290 {
1291 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1292
1293 for (uint32_t i = s->iATAPILBA; i < s->iATAPILBA + cSectors; i++)
1294 {
1295 /* sync bytes */
1296 *pbBuf++ = 0x00;
1297 memset(pbBuf, 0xff, 11);
1298 pbBuf += 11;
1299 /* MSF */
1300 ataLBA2MSF(pbBuf, i);
1301 pbBuf += 3;
1302 *pbBuf++ = 0x01; /* mode 1 data */
1303 /* data */
1304 rc = s->pDrvBlock->pfnRead(s->pDrvBlock, (uint64_t)i * 2048, pbBuf, 2048);
1305 if (RT_FAILURE(rc))
1306 break;
1307 pbBuf += 2048;
1308 /* ECC */
1309 memset(pbBuf, 0, 288);
1310 pbBuf += 288;
1311 }
1312 }
1313 break;
1314 default:
1315 break;
1316 }
1317 STAM_PROFILE_ADV_STOP(&s->StatReads, r);
1318
1319 STAM_PROFILE_START(&pCtl->StatLockWait, a);
1320 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
1321 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
1322
1323 if (RT_SUCCESS(rc))
1324 {
1325 s->pLed->Actual.s.fReading = 0;
1326 STAM_REL_COUNTER_ADD(s->pStatBytesRead, s->cbATAPISector * cSectors);
1327
1328 /* The initial buffer end value has been set up based on the total
1329 * transfer size. But the I/O buffer size limits what can actually be
1330 * done in one transfer, so set the actual value of the buffer end. */
1331 s->cbElementaryTransfer = cbTransfer;
1332 if (cbTransfer >= s->cbTotalTransfer)
1333 s->iSourceSink = ATAFN_SS_NULL;
1334 atapiCmdOK(s);
1335 s->iATAPILBA += cSectors;
1336 }
1337 else
1338 {
1339 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
1340 LogRel(("AHCI ATA: LUN#%d: CD-ROM read error, %d sectors at LBA %d\n", s->iLUN, cSectors, s->iATAPILBA));
1341 atapiCmdErrorSimple(s, SCSI_SENSE_MEDIUM_ERROR, SCSI_ASC_READ_ERROR);
1342 }
1343 return false;
1344}
1345
1346
1347static bool atapiPassthroughSS(AHCIATADevState *s)
1348{
1349 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1350 int rc = VINF_SUCCESS;
1351 uint8_t abATAPISense[ATAPI_SENSE_SIZE];
1352 uint32_t cbTransfer;
1353 PSTAMPROFILEADV pProf = NULL;
1354
1355 cbTransfer = s->cbElementaryTransfer;
1356
1357 if (s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE)
1358 Log3(("ATAPI PT data write (%d): %.*Rhxs\n", cbTransfer, cbTransfer, s->CTXALLSUFF(pbIOBuffer)));
1359
1360 /* Simple heuristics: if there is at least one sector of data
1361 * to transfer, it's worth updating the LEDs. */
1362 if (cbTransfer >= 2048)
1363 {
1364 if (s->uTxDir != PDMBLOCKTXDIR_TO_DEVICE)
1365 {
1366 s->pLed->Asserted.s.fReading = s->pLed->Actual.s.fReading = 1;
1367 pProf = &s->StatReads;
1368 }
1369 else
1370 {
1371 s->pLed->Asserted.s.fWriting = s->pLed->Actual.s.fWriting = 1;
1372 pProf = &s->StatWrites;
1373 }
1374 }
1375
1376 PDMCritSectLeave(&pCtl->lock);
1377
1378 memset(abATAPISense, '\0', sizeof(abATAPISense));
1379 if (pProf) { STAM_PROFILE_ADV_START(pProf, b); }
1380 if (cbTransfer > 100 * _1K)
1381 {
1382 /* Linux accepts commands with up to 100KB of data, but expects
1383 * us to handle commands with up to 128KB of data. The usual
1384 * imbalance of powers. */
1385 uint8_t aATAPICmd[ATAPI_PACKET_SIZE];
1386 uint32_t iATAPILBA, cSectors, cReqSectors, cbCurrTX;
1387 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1388
1389 switch (s->aATAPICmd[0])
1390 {
1391 case SCSI_READ_10:
1392 case SCSI_WRITE_10:
1393 case SCSI_WRITE_AND_VERIFY_10:
1394 iATAPILBA = ataBE2H_U32(s->aATAPICmd + 2);
1395 cSectors = ataBE2H_U16(s->aATAPICmd + 7);
1396 break;
1397 case SCSI_READ_12:
1398 case SCSI_WRITE_12:
1399 iATAPILBA = ataBE2H_U32(s->aATAPICmd + 2);
1400 cSectors = ataBE2H_U32(s->aATAPICmd + 6);
1401 break;
1402 case SCSI_READ_CD:
1403 iATAPILBA = ataBE2H_U32(s->aATAPICmd + 2);
1404 cSectors = ataBE2H_U24(s->aATAPICmd + 6) / s->cbATAPISector;
1405 break;
1406 case SCSI_READ_CD_MSF:
1407 iATAPILBA = ataMSF2LBA(s->aATAPICmd + 3);
1408 cSectors = ataMSF2LBA(s->aATAPICmd + 6) - iATAPILBA;
1409 break;
1410 default:
1411 AssertMsgFailed(("Don't know how to split command %#04x\n", s->aATAPICmd[0]));
1412 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
1413 LogRel(("AHCI ATA: LUN#%d: CD-ROM passthrough split error\n", s->iLUN));
1414 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_ILLEGAL_OPCODE);
1415 {
1416 STAM_PROFILE_START(&pCtl->StatLockWait, a);
1417 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
1418 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
1419 }
1420 return false;
1421 }
1422 memcpy(aATAPICmd, s->aATAPICmd, ATAPI_PACKET_SIZE);
1423 cReqSectors = 0;
1424 for (uint32_t i = cSectors; i > 0; i -= cReqSectors)
1425 {
1426 if (i * s->cbATAPISector > 100 * _1K)
1427 cReqSectors = (100 * _1K) / s->cbATAPISector;
1428 else
1429 cReqSectors = i;
1430 cbCurrTX = s->cbATAPISector * cReqSectors;
1431 switch (s->aATAPICmd[0])
1432 {
1433 case SCSI_READ_10:
1434 case SCSI_WRITE_10:
1435 case SCSI_WRITE_AND_VERIFY_10:
1436 ataH2BE_U32(aATAPICmd + 2, iATAPILBA);
1437 ataH2BE_U16(aATAPICmd + 7, cReqSectors);
1438 break;
1439 case SCSI_READ_12:
1440 case SCSI_WRITE_12:
1441 ataH2BE_U32(aATAPICmd + 2, iATAPILBA);
1442 ataH2BE_U32(aATAPICmd + 6, cReqSectors);
1443 break;
1444 case SCSI_READ_CD:
1445 ataH2BE_U32(s->aATAPICmd + 2, iATAPILBA);
1446 ataH2BE_U24(s->aATAPICmd + 6, cbCurrTX);
1447 break;
1448 case SCSI_READ_CD_MSF:
1449 ataLBA2MSF(aATAPICmd + 3, iATAPILBA);
1450 ataLBA2MSF(aATAPICmd + 6, iATAPILBA + cReqSectors);
1451 break;
1452 }
1453 rc = s->pDrvBlock->pfnSendCmd(s->pDrvBlock, aATAPICmd, (PDMBLOCKTXDIR)s->uTxDir, pbBuf, &cbCurrTX, abATAPISense, sizeof(abATAPISense), 30000 /**< @todo timeout */);
1454 if (rc != VINF_SUCCESS)
1455 break;
1456 iATAPILBA += cReqSectors;
1457 pbBuf += s->cbATAPISector * cReqSectors;
1458 }
1459 }
1460 else
1461 rc = s->pDrvBlock->pfnSendCmd(s->pDrvBlock, s->aATAPICmd, (PDMBLOCKTXDIR)s->uTxDir, s->CTXALLSUFF(pbIOBuffer), &cbTransfer, abATAPISense, sizeof(abATAPISense), 30000 /**< @todo timeout */);
1462 if (pProf) { STAM_PROFILE_ADV_STOP(pProf, b); }
1463
1464 STAM_PROFILE_START(&pCtl->StatLockWait, a);
1465 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
1466 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
1467
1468 /* Update the LEDs and the read/write statistics. */
1469 if (cbTransfer >= 2048)
1470 {
1471 if (s->uTxDir != PDMBLOCKTXDIR_TO_DEVICE)
1472 {
1473 s->pLed->Actual.s.fReading = 0;
1474 STAM_REL_COUNTER_ADD(s->pStatBytesRead, cbTransfer);
1475 }
1476 else
1477 {
1478 s->pLed->Actual.s.fWriting = 0;
1479 STAM_REL_COUNTER_ADD(s->pStatBytesWritten, cbTransfer);
1480 }
1481 }
1482
1483 if (RT_SUCCESS(rc))
1484 {
1485 if (s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE)
1486 {
1487 Assert(cbTransfer <= s->cbTotalTransfer);
1488 /* Reply with the same amount of data as the real drive. */
1489 s->cbTotalTransfer = cbTransfer;
1490 /* The initial buffer end value has been set up based on the total
1491 * transfer size. But the I/O buffer size limits what can actually be
1492 * done in one transfer, so set the actual value of the buffer end. */
1493 s->cbElementaryTransfer = cbTransfer;
1494 if (s->aATAPICmd[0] == SCSI_INQUIRY)
1495 {
1496 /* Make sure that the real drive cannot be identified.
1497 * Motivation: changing the VM configuration should be as
1498 * invisible as possible to the guest. */
1499 Log3(("ATAPI PT inquiry data before (%d): %.*Rhxs\n", cbTransfer, cbTransfer, s->CTXALLSUFF(pbIOBuffer)));
1500 ataSCSIPadStr(s->CTXALLSUFF(pbIOBuffer) + 8, "VBOX", 8);
1501 ataSCSIPadStr(s->CTXALLSUFF(pbIOBuffer) + 16, "CD-ROM", 16);
1502 ataSCSIPadStr(s->CTXALLSUFF(pbIOBuffer) + 32, "1.0", 4);
1503 }
1504 if (cbTransfer)
1505 Log3(("ATAPI PT data read (%d): %.*Rhxs\n", cbTransfer, cbTransfer, s->CTXALLSUFF(pbIOBuffer)));
1506 }
1507 s->iSourceSink = ATAFN_SS_NULL;
1508 atapiCmdOK(s);
1509 }
1510 else
1511 {
1512 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
1513 {
1514 uint8_t u8Cmd = s->aATAPICmd[0];
1515 do
1516 {
1517 /* don't log superflous errors */
1518 if ( rc == VERR_DEV_IO_ERROR
1519 && ( u8Cmd == SCSI_TEST_UNIT_READY
1520 || u8Cmd == SCSI_READ_CAPACITY
1521 || u8Cmd == SCSI_READ_TOC_PMA_ATIP))
1522 break;
1523 LogRel(("AHCI ATA: LUN#%d: CD-ROM passthrough command (%#04x) error %d %Rrc\n", s->iLUN, u8Cmd, abATAPISense[0] & 0x0f, rc));
1524 } while (0);
1525 }
1526 atapiCmdError(s, abATAPISense, sizeof(abATAPISense));
1527 }
1528 return false;
1529}
1530
1531
1532static bool atapiReadSectors(AHCIATADevState *s, uint32_t iATAPILBA, uint32_t cSectors, uint32_t cbSector)
1533{
1534 Assert(cSectors > 0);
1535 s->iATAPILBA = iATAPILBA;
1536 s->cbATAPISector = cbSector;
1537 ataStartTransfer(s, cSectors * cbSector, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ, true);
1538 return false;
1539}
1540
1541
1542static bool atapiReadCapacitySS(AHCIATADevState *s)
1543{
1544 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1545
1546 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1547 Assert(s->cbElementaryTransfer <= 8);
1548 ataH2BE_U32(pbBuf, s->cTotalSectors - 1);
1549 ataH2BE_U32(pbBuf + 4, 2048);
1550 s->iSourceSink = ATAFN_SS_NULL;
1551 atapiCmdOK(s);
1552 return false;
1553}
1554
1555
1556static bool atapiReadDiscInformationSS(AHCIATADevState *s)
1557{
1558 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1559
1560 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1561 Assert(s->cbElementaryTransfer <= 34);
1562 memset(pbBuf, '\0', 34);
1563 ataH2BE_U16(pbBuf, 32);
1564 pbBuf[2] = (0 << 4) | (3 << 2) | (2 << 0); /* not erasable, complete session, complete disc */
1565 pbBuf[3] = 1; /* number of first track */
1566 pbBuf[4] = 1; /* number of sessions (LSB) */
1567 pbBuf[5] = 1; /* first track number in last session (LSB) */
1568 pbBuf[6] = 1; /* last track number in last session (LSB) */
1569 pbBuf[7] = (0 << 7) | (0 << 6) | (1 << 5) | (0 << 2) | (0 << 0); /* disc id not valid, disc bar code not valid, unrestricted use, not dirty, not RW medium */
1570 pbBuf[8] = 0; /* disc type = CD-ROM */
1571 pbBuf[9] = 0; /* number of sessions (MSB) */
1572 pbBuf[10] = 0; /* number of sessions (MSB) */
1573 pbBuf[11] = 0; /* number of sessions (MSB) */
1574 ataH2BE_U32(pbBuf + 16, 0x00ffffff); /* last session lead-in start time is not available */
1575 ataH2BE_U32(pbBuf + 20, 0x00ffffff); /* last possible start time for lead-out is not available */
1576 s->iSourceSink = ATAFN_SS_NULL;
1577 atapiCmdOK(s);
1578 return false;
1579}
1580
1581
1582static bool atapiReadTrackInformationSS(AHCIATADevState *s)
1583{
1584 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1585
1586 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1587 Assert(s->cbElementaryTransfer <= 36);
1588 /* Accept address/number type of 1 only, and only track 1 exists. */
1589 if ((s->aATAPICmd[1] & 0x03) != 1 || ataBE2H_U32(&s->aATAPICmd[2]) != 1)
1590 {
1591 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
1592 return false;
1593 }
1594 memset(pbBuf, '\0', 36);
1595 ataH2BE_U16(pbBuf, 34);
1596 pbBuf[2] = 1; /* track number (LSB) */
1597 pbBuf[3] = 1; /* session number (LSB) */
1598 pbBuf[5] = (0 << 5) | (0 << 4) | (4 << 0); /* not damaged, primary copy, data track */
1599 pbBuf[6] = (0 << 7) | (0 << 6) | (0 << 5) | (0 << 6) | (1 << 0); /* not reserved track, not blank, not packet writing, not fixed packet, data mode 1 */
1600 pbBuf[7] = (0 << 1) | (0 << 0); /* last recorded address not valid, next recordable address not valid */
1601 ataH2BE_U32(pbBuf + 8, 0); /* track start address is 0 */
1602 ataH2BE_U32(pbBuf + 24, s->cTotalSectors); /* track size */
1603 pbBuf[32] = 0; /* track number (MSB) */
1604 pbBuf[33] = 0; /* session number (MSB) */
1605 s->iSourceSink = ATAFN_SS_NULL;
1606 atapiCmdOK(s);
1607 return false;
1608}
1609
1610
1611static bool atapiGetConfigurationSS(AHCIATADevState *s)
1612{
1613 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1614 uint16_t u16Sfn = ataBE2H_U16(&s->aATAPICmd[2]);
1615
1616 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1617 Assert(s->cbElementaryTransfer <= 32);
1618 /* Accept valid request types only, and only starting feature 0. */
1619 if ((s->aATAPICmd[1] & 0x03) == 3 || u16Sfn != 0)
1620 {
1621 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
1622 return false;
1623 }
1624 memset(pbBuf, '\0', 32);
1625 ataH2BE_U32(pbBuf, 16);
1626 /** @todo implement switching between CD-ROM and DVD-ROM profile (the only
1627 * way to differentiate them right now is based on the image size). Also
1628 * implement signalling "no current profile" if no medium is loaded. */
1629 ataH2BE_U16(pbBuf + 6, 0x08); /* current profile: read-only CD */
1630
1631 ataH2BE_U16(pbBuf + 8, 0); /* feature 0: list of profiles supported */
1632 pbBuf[10] = (0 << 2) | (1 << 1) | (1 || 0); /* version 0, persistent, current */
1633 pbBuf[11] = 8; /* additional bytes for profiles */
1634 /* The MMC-3 spec says that DVD-ROM read capability should be reported
1635 * before CD-ROM read capability. */
1636 ataH2BE_U16(pbBuf + 12, 0x10); /* profile: read-only DVD */
1637 pbBuf[14] = (0 << 0); /* NOT current profile */
1638 ataH2BE_U16(pbBuf + 16, 0x08); /* profile: read only CD */
1639 pbBuf[18] = (1 << 0); /* current profile */
1640 /* Other profiles we might want to add in the future: 0x40 (BD-ROM) and 0x50 (HDDVD-ROM) */
1641 s->iSourceSink = ATAFN_SS_NULL;
1642 atapiCmdOK(s);
1643 return false;
1644}
1645
1646
1647static bool atapiGetEventStatusNotificationSS(AHCIATADevState *s)
1648{
1649 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
1650
1651 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1652 Assert(s->cbElementaryTransfer <= 8);
1653
1654 if (!(s->aATAPICmd[1] & 1))
1655 {
1656 /* no asynchronous operation supported */
1657 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
1658 return false;
1659 }
1660
1661 uint32_t OldStatus, NewStatus;
1662 do
1663 {
1664 OldStatus = ASMAtomicReadU32(&s->MediaEventStatus);
1665 NewStatus = ATA_EVENT_STATUS_UNCHANGED;
1666 switch (OldStatus)
1667 {
1668 case ATA_EVENT_STATUS_MEDIA_NEW:
1669 /* mount */
1670 ataH2BE_U16(pbBuf + 0, 6);
1671 pbBuf[2] = 0x04;
1672 pbBuf[3] = 0x5e;
1673 pbBuf[4] = 0x02;
1674 pbBuf[5] = 0x02;
1675 pbBuf[6] = 0x00;
1676 pbBuf[7] = 0x00;
1677 break;
1678
1679 case ATA_EVENT_STATUS_MEDIA_CHANGED:
1680 case ATA_EVENT_STATUS_MEDIA_REMOVED:
1681 /* umount */
1682 ataH2BE_U16(pbBuf + 0, 6);
1683 pbBuf[2] = 0x04;
1684 pbBuf[3] = 0x5e;
1685 pbBuf[4] = 0x03;
1686 pbBuf[5] = 0x00;
1687 pbBuf[6] = 0x00;
1688 pbBuf[7] = 0x00;
1689 if (OldStatus == ATA_EVENT_STATUS_MEDIA_CHANGED)
1690 NewStatus = ATA_EVENT_STATUS_MEDIA_NEW;
1691 break;
1692
1693 case ATA_EVENT_STATUS_UNCHANGED:
1694 default:
1695 ataH2BE_U16(pbBuf + 0, 6);
1696 pbBuf[2] = 0x01;
1697 pbBuf[3] = 0x5e;
1698 pbBuf[4] = 0x00;
1699 pbBuf[5] = 0x00;
1700 pbBuf[6] = 0x00;
1701 pbBuf[7] = 0x00;
1702 break;
1703 }
1704 } while (!ASMAtomicCmpXchgU32(&s->MediaEventStatus, NewStatus, OldStatus));
1705
1706 s->iSourceSink = ATAFN_SS_NULL;
1707 atapiCmdOK(s);
1708 return false;
1709}
1710
1711
1712static bool atapiInquirySS(AHCIATADevState *s)
1713{
1714 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1715
1716 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1717 Assert(s->cbElementaryTransfer <= 36);
1718 pbBuf[0] = 0x05; /* CD-ROM */
1719 pbBuf[1] = 0x80; /* removable */
1720#if 1/*ndef VBOX*/ /** @todo implement MESN + AENC. (async notification on removal and stuff.) */
1721 pbBuf[2] = 0x00; /* ISO */
1722 pbBuf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1723#else
1724 pbBuf[2] = 0x00; /* ISO */
1725 pbBuf[3] = 0x91; /* format 1, MESN=1, AENC=9 ??? */
1726#endif
1727 pbBuf[4] = 31; /* additional length */
1728 pbBuf[5] = 0; /* reserved */
1729 pbBuf[6] = 0; /* reserved */
1730 pbBuf[7] = 0; /* reserved */
1731 ataSCSIPadStr(pbBuf + 8, "VBOX", 8);
1732 ataSCSIPadStr(pbBuf + 16, "CD-ROM", 16);
1733 ataSCSIPadStr(pbBuf + 32, "1.0", 4);
1734 s->iSourceSink = ATAFN_SS_NULL;
1735 atapiCmdOK(s);
1736 return false;
1737}
1738
1739
1740static bool atapiModeSenseErrorRecoverySS(AHCIATADevState *s)
1741{
1742 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1743
1744 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1745 Assert(s->cbElementaryTransfer <= 16);
1746 ataH2BE_U16(&pbBuf[0], 16 + 6);
1747 pbBuf[2] = 0x70;
1748 pbBuf[3] = 0;
1749 pbBuf[4] = 0;
1750 pbBuf[5] = 0;
1751 pbBuf[6] = 0;
1752 pbBuf[7] = 0;
1753
1754 pbBuf[8] = 0x01;
1755 pbBuf[9] = 0x06;
1756 pbBuf[10] = 0x00;
1757 pbBuf[11] = 0x05;
1758 pbBuf[12] = 0x00;
1759 pbBuf[13] = 0x00;
1760 pbBuf[14] = 0x00;
1761 pbBuf[15] = 0x00;
1762 s->iSourceSink = ATAFN_SS_NULL;
1763 atapiCmdOK(s);
1764 return false;
1765}
1766
1767
1768static bool atapiModeSenseCDStatusSS(AHCIATADevState *s)
1769{
1770 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1771
1772 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1773 Assert(s->cbElementaryTransfer <= 40);
1774 ataH2BE_U16(&pbBuf[0], 38);
1775 pbBuf[2] = 0x70;
1776 pbBuf[3] = 0;
1777 pbBuf[4] = 0;
1778 pbBuf[5] = 0;
1779 pbBuf[6] = 0;
1780 pbBuf[7] = 0;
1781
1782 pbBuf[8] = 0x2a;
1783 pbBuf[9] = 30; /* page length */
1784 pbBuf[10] = 0x08; /* DVD-ROM read support */
1785 pbBuf[11] = 0x00; /* no write support */
1786 /* The following claims we support audio play. This is obviously false,
1787 * but the Linux generic CDROM support makes many features depend on this
1788 * capability. If it's not set, this causes many things to be disabled. */
1789 pbBuf[12] = 0x71; /* multisession support, mode 2 form 1/2 support, audio play */
1790 pbBuf[13] = 0x00; /* no subchannel reads supported */
1791 pbBuf[14] = (1 << 0) | (1 << 3) | (1 << 5); /* lock supported, eject supported, tray type loading mechanism */
1792 if (s->pDrvMount->pfnIsLocked(s->pDrvMount))
1793 pbBuf[14] |= 1 << 1; /* report lock state */
1794 pbBuf[15] = 0; /* no subchannel reads supported, no separate audio volume control, no changer etc. */
1795 ataH2BE_U16(&pbBuf[16], 5632); /* (obsolete) claim 32x speed support */
1796 ataH2BE_U16(&pbBuf[18], 2); /* number of audio volume levels */
1797 ataH2BE_U16(&pbBuf[20], s->cbIOBuffer / _1K); /* buffer size supported in Kbyte */
1798 ataH2BE_U16(&pbBuf[22], 5632); /* (obsolete) current read speed 32x */
1799 pbBuf[24] = 0; /* reserved */
1800 pbBuf[25] = 0; /* reserved for digital audio (see idx 15) */
1801 ataH2BE_U16(&pbBuf[26], 0); /* (obsolete) maximum write speed */
1802 ataH2BE_U16(&pbBuf[28], 0); /* (obsolete) current write speed */
1803 ataH2BE_U16(&pbBuf[30], 0); /* copy management revision supported 0=no CSS */
1804 pbBuf[32] = 0; /* reserved */
1805 pbBuf[33] = 0; /* reserved */
1806 pbBuf[34] = 0; /* reserved */
1807 pbBuf[35] = 1; /* rotation control CAV */
1808 ataH2BE_U16(&pbBuf[36], 0); /* current write speed */
1809 ataH2BE_U16(&pbBuf[38], 0); /* number of write speed performance descriptors */
1810 s->iSourceSink = ATAFN_SS_NULL;
1811 atapiCmdOK(s);
1812 return false;
1813}
1814
1815
1816static bool atapiRequestSenseSS(AHCIATADevState *s)
1817{
1818 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1819
1820 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1821 memset(pbBuf, '\0', s->cbElementaryTransfer);
1822 memcpy(pbBuf, s->abATAPISense, RT_MIN(s->cbElementaryTransfer, sizeof(s->abATAPISense)));
1823 s->iSourceSink = ATAFN_SS_NULL;
1824 atapiCmdOK(s);
1825 return false;
1826}
1827
1828
1829static bool atapiMechanismStatusSS(AHCIATADevState *s)
1830{
1831 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1832
1833 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1834 Assert(s->cbElementaryTransfer <= 8);
1835 ataH2BE_U16(pbBuf, 0);
1836 /* no current LBA */
1837 pbBuf[2] = 0;
1838 pbBuf[3] = 0;
1839 pbBuf[4] = 0;
1840 pbBuf[5] = 1;
1841 ataH2BE_U16(pbBuf + 6, 0);
1842 s->iSourceSink = ATAFN_SS_NULL;
1843 atapiCmdOK(s);
1844 return false;
1845}
1846
1847
1848static bool atapiReadTOCNormalSS(AHCIATADevState *s)
1849{
1850 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer), *q, iStartTrack;
1851 bool fMSF;
1852 uint32_t cbSize;
1853
1854 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1855 fMSF = (s->aATAPICmd[1] >> 1) & 1;
1856 iStartTrack = s->aATAPICmd[6];
1857 if (iStartTrack > 1 && iStartTrack != 0xaa)
1858 {
1859 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
1860 return false;
1861 }
1862 q = pbBuf + 2;
1863 *q++ = 1; /* first session */
1864 *q++ = 1; /* last session */
1865 if (iStartTrack <= 1)
1866 {
1867 *q++ = 0; /* reserved */
1868 *q++ = 0x14; /* ADR, control */
1869 *q++ = 1; /* track number */
1870 *q++ = 0; /* reserved */
1871 if (fMSF)
1872 {
1873 *q++ = 0; /* reserved */
1874 ataLBA2MSF(q, 0);
1875 q += 3;
1876 }
1877 else
1878 {
1879 /* sector 0 */
1880 ataH2BE_U32(q, 0);
1881 q += 4;
1882 }
1883 }
1884 /* lead out track */
1885 *q++ = 0; /* reserved */
1886 *q++ = 0x14; /* ADR, control */
1887 *q++ = 0xaa; /* track number */
1888 *q++ = 0; /* reserved */
1889 if (fMSF)
1890 {
1891 *q++ = 0; /* reserved */
1892 ataLBA2MSF(q, s->cTotalSectors);
1893 q += 3;
1894 }
1895 else
1896 {
1897 ataH2BE_U32(q, s->cTotalSectors);
1898 q += 4;
1899 }
1900 cbSize = q - pbBuf;
1901 ataH2BE_U16(pbBuf, cbSize - 2);
1902 if (cbSize < s->cbTotalTransfer)
1903 s->cbTotalTransfer = cbSize;
1904 s->iSourceSink = ATAFN_SS_NULL;
1905 atapiCmdOK(s);
1906 return false;
1907}
1908
1909
1910static bool atapiReadTOCMultiSS(AHCIATADevState *s)
1911{
1912 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1913 bool fMSF;
1914
1915 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1916 Assert(s->cbElementaryTransfer <= 12);
1917 fMSF = (s->aATAPICmd[1] >> 1) & 1;
1918 /* multi session: only a single session defined */
1919/** @todo double-check this stuff against what a real drive says for a CD-ROM (not a CD-R) with only a single data session. Maybe solve the problem with "cdrdao read-toc" not being able to figure out whether numbers are in BCD or hex. */
1920 memset(pbBuf, 0, 12);
1921 pbBuf[1] = 0x0a;
1922 pbBuf[2] = 0x01;
1923 pbBuf[3] = 0x01;
1924 pbBuf[5] = 0x14; /* ADR, control */
1925 pbBuf[6] = 1; /* first track in last complete session */
1926 if (fMSF)
1927 {
1928 pbBuf[8] = 0; /* reserved */
1929 ataLBA2MSF(&pbBuf[9], 0);
1930 }
1931 else
1932 {
1933 /* sector 0 */
1934 ataH2BE_U32(pbBuf + 8, 0);
1935 }
1936 s->iSourceSink = ATAFN_SS_NULL;
1937 atapiCmdOK(s);
1938 return false;
1939}
1940
1941
1942static bool atapiReadTOCRawSS(AHCIATADevState *s)
1943{
1944 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer), *q, iStartTrack;
1945 bool fMSF;
1946 uint32_t cbSize;
1947
1948 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1949 fMSF = (s->aATAPICmd[1] >> 1) & 1;
1950 iStartTrack = s->aATAPICmd[6];
1951
1952 q = pbBuf + 2;
1953 *q++ = 1; /* first session */
1954 *q++ = 1; /* last session */
1955
1956 *q++ = 1; /* session number */
1957 *q++ = 0x14; /* data track */
1958 *q++ = 0; /* track number */
1959 *q++ = 0xa0; /* first track in program area */
1960 *q++ = 0; /* min */
1961 *q++ = 0; /* sec */
1962 *q++ = 0; /* frame */
1963 *q++ = 0;
1964 *q++ = 1; /* first track */
1965 *q++ = 0x00; /* disk type CD-DA or CD data */
1966 *q++ = 0;
1967
1968 *q++ = 1; /* session number */
1969 *q++ = 0x14; /* data track */
1970 *q++ = 0; /* track number */
1971 *q++ = 0xa1; /* last track in program area */
1972 *q++ = 0; /* min */
1973 *q++ = 0; /* sec */
1974 *q++ = 0; /* frame */
1975 *q++ = 0;
1976 *q++ = 1; /* last track */
1977 *q++ = 0;
1978 *q++ = 0;
1979
1980 *q++ = 1; /* session number */
1981 *q++ = 0x14; /* data track */
1982 *q++ = 0; /* track number */
1983 *q++ = 0xa2; /* lead-out */
1984 *q++ = 0; /* min */
1985 *q++ = 0; /* sec */
1986 *q++ = 0; /* frame */
1987 if (fMSF)
1988 {
1989 *q++ = 0; /* reserved */
1990 ataLBA2MSF(q, s->cTotalSectors);
1991 q += 3;
1992 }
1993 else
1994 {
1995 ataH2BE_U32(q, s->cTotalSectors);
1996 q += 4;
1997 }
1998
1999 *q++ = 1; /* session number */
2000 *q++ = 0x14; /* ADR, control */
2001 *q++ = 0; /* track number */
2002 *q++ = 1; /* point */
2003 *q++ = 0; /* min */
2004 *q++ = 0; /* sec */
2005 *q++ = 0; /* frame */
2006 if (fMSF)
2007 {
2008 *q++ = 0; /* reserved */
2009 ataLBA2MSF(q, 0);
2010 q += 3;
2011 }
2012 else
2013 {
2014 /* sector 0 */
2015 ataH2BE_U32(q, 0);
2016 q += 4;
2017 }
2018
2019 cbSize = q - pbBuf;
2020 ataH2BE_U16(pbBuf, cbSize - 2);
2021 if (cbSize < s->cbTotalTransfer)
2022 s->cbTotalTransfer = cbSize;
2023 s->iSourceSink = ATAFN_SS_NULL;
2024 atapiCmdOK(s);
2025 return false;
2026}
2027
2028
2029static void atapiParseCmdVirtualATAPI(AHCIATADevState *s)
2030{
2031 const uint8_t *pbPacket;
2032 uint8_t *pbBuf;
2033 uint32_t cbMax;
2034
2035 pbPacket = s->aATAPICmd;
2036 pbBuf = s->CTXALLSUFF(pbIOBuffer);
2037 switch (pbPacket[0])
2038 {
2039 case SCSI_TEST_UNIT_READY:
2040 if (s->cNotifiedMediaChange > 0)
2041 {
2042 if (s->cNotifiedMediaChange-- > 2)
2043 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2044 else
2045 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2046 }
2047 else if (s->pDrvMount->pfnIsMounted(s->pDrvMount))
2048 atapiCmdOK(s);
2049 else
2050 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2051 break;
2052 case SCSI_GET_EVENT_STATUS_NOTIFICATION:
2053 cbMax = ataBE2H_U16(pbPacket + 7);
2054 ataStartTransfer(s, RT_MIN(cbMax, 8), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_GET_EVENT_STATUS_NOTIFICATION, true);
2055 break;
2056 case SCSI_MODE_SENSE_10:
2057 {
2058 uint8_t uPageControl, uPageCode;
2059 cbMax = ataBE2H_U16(pbPacket + 7);
2060 uPageControl = pbPacket[2] >> 6;
2061 uPageCode = pbPacket[2] & 0x3f;
2062 switch (uPageControl)
2063 {
2064 case SCSI_PAGECONTROL_CURRENT:
2065 switch (uPageCode)
2066 {
2067 case SCSI_MODEPAGE_ERROR_RECOVERY:
2068 ataStartTransfer(s, RT_MIN(cbMax, 16), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_MODE_SENSE_ERROR_RECOVERY, true);
2069 break;
2070 case SCSI_MODEPAGE_CD_STATUS:
2071 ataStartTransfer(s, RT_MIN(cbMax, 40), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_MODE_SENSE_CD_STATUS, true);
2072 break;
2073 default:
2074 goto error_cmd;
2075 }
2076 break;
2077 case SCSI_PAGECONTROL_CHANGEABLE:
2078 goto error_cmd;
2079 case SCSI_PAGECONTROL_DEFAULT:
2080 goto error_cmd;
2081 default:
2082 case SCSI_PAGECONTROL_SAVED:
2083 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
2084 break;
2085 }
2086 }
2087 break;
2088 case SCSI_REQUEST_SENSE:
2089 cbMax = pbPacket[4];
2090 ataStartTransfer(s, RT_MIN(cbMax, 18), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_REQUEST_SENSE, true);
2091 break;
2092 case SCSI_PREVENT_ALLOW_MEDIUM_REMOVAL:
2093 if (s->pDrvMount->pfnIsMounted(s->pDrvMount))
2094 {
2095 if (pbPacket[4] & 1)
2096 s->pDrvMount->pfnLock(s->pDrvMount);
2097 else
2098 s->pDrvMount->pfnUnlock(s->pDrvMount);
2099 atapiCmdOK(s);
2100 }
2101 else
2102 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2103 break;
2104 case SCSI_READ_10:
2105 case SCSI_READ_12:
2106 {
2107 uint32_t cSectors, iATAPILBA;
2108
2109 if (s->cNotifiedMediaChange > 0)
2110 {
2111 s->cNotifiedMediaChange-- ;
2112 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2113 break;
2114 }
2115 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
2116 {
2117 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2118 break;
2119 }
2120 if (pbPacket[0] == SCSI_READ_10)
2121 cSectors = ataBE2H_U16(pbPacket + 7);
2122 else
2123 cSectors = ataBE2H_U32(pbPacket + 6);
2124 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2125 if (cSectors == 0)
2126 {
2127 atapiCmdOK(s);
2128 break;
2129 }
2130 if ((uint64_t)iATAPILBA + cSectors > s->cTotalSectors)
2131 {
2132 /* Rate limited logging, one log line per second. For
2133 * guests that insist on reading from places outside the
2134 * valid area this often generates too many release log
2135 * entries otherwise. */
2136 static uint64_t uLastLogTS = 0;
2137 if (RTTimeMilliTS() >= uLastLogTS + 1000)
2138 {
2139 LogRel(("AHCI ATA: LUN#%d: CD-ROM block number %Ld invalid (READ)\n", s->iLUN, (uint64_t)iATAPILBA + cSectors));
2140 uLastLogTS = RTTimeMilliTS();
2141 }
2142 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_LOGICAL_BLOCK_OOR);
2143 break;
2144 }
2145 atapiReadSectors(s, iATAPILBA, cSectors, 2048);
2146 }
2147 break;
2148 case SCSI_READ_CD:
2149 {
2150 uint32_t cSectors, iATAPILBA;
2151
2152 if (s->cNotifiedMediaChange > 0)
2153 {
2154 s->cNotifiedMediaChange-- ;
2155 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2156 break;
2157 }
2158 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
2159 {
2160 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2161 break;
2162 }
2163 cSectors = (pbPacket[6] << 16) | (pbPacket[7] << 8) | pbPacket[8];
2164 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2165 if (cSectors == 0)
2166 {
2167 atapiCmdOK(s);
2168 break;
2169 }
2170 if ((uint64_t)iATAPILBA + cSectors > s->cTotalSectors)
2171 {
2172 /* Rate limited logging, one log line per second. For
2173 * guests that insist on reading from places outside the
2174 * valid area this often generates too many release log
2175 * entries otherwise. */
2176 static uint64_t uLastLogTS = 0;
2177 if (RTTimeMilliTS() >= uLastLogTS + 1000)
2178 {
2179 LogRel(("AHCI ATA: LUN#%d: CD-ROM block number %Ld invalid (READ CD)\n", s->iLUN, (uint64_t)iATAPILBA + cSectors));
2180 uLastLogTS = RTTimeMilliTS();
2181 }
2182 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_LOGICAL_BLOCK_OOR);
2183 break;
2184 }
2185 switch (pbPacket[9] & 0xf8)
2186 {
2187 case 0x00:
2188 /* nothing */
2189 atapiCmdOK(s);
2190 break;
2191 case 0x10:
2192 /* normal read */
2193 atapiReadSectors(s, iATAPILBA, cSectors, 2048);
2194 break;
2195 case 0xf8:
2196 /* read all data */
2197 atapiReadSectors(s, iATAPILBA, cSectors, 2352);
2198 break;
2199 default:
2200 LogRel(("AHCI ATA: LUN#%d: CD-ROM sector format not supported\n", s->iLUN));
2201 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2202 break;
2203 }
2204 }
2205 break;
2206 case SCSI_SEEK_10:
2207 {
2208 uint32_t iATAPILBA;
2209 if (s->cNotifiedMediaChange > 0)
2210 {
2211 s->cNotifiedMediaChange-- ;
2212 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2213 break;
2214 }
2215 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
2216 {
2217 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2218 break;
2219 }
2220 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2221 if (iATAPILBA > s->cTotalSectors)
2222 {
2223 /* Rate limited logging, one log line per second. For
2224 * guests that insist on seeking to places outside the
2225 * valid area this often generates too many release log
2226 * entries otherwise. */
2227 static uint64_t uLastLogTS = 0;
2228 if (RTTimeMilliTS() >= uLastLogTS + 1000)
2229 {
2230 LogRel(("AHCI ATA: LUN#%d: CD-ROM block number %Ld invalid (SEEK)\n", s->iLUN, (uint64_t)iATAPILBA));
2231 uLastLogTS = RTTimeMilliTS();
2232 }
2233 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_LOGICAL_BLOCK_OOR);
2234 break;
2235 }
2236 atapiCmdOK(s);
2237 ataSetStatus(s, ATA_STAT_SEEK); /* Linux expects this. */
2238 }
2239 break;
2240 case SCSI_START_STOP_UNIT:
2241 {
2242 int rc = VINF_SUCCESS;
2243 switch (pbPacket[4] & 3)
2244 {
2245 case 0: /* 00 - Stop motor */
2246 case 1: /* 01 - Start motor */
2247 break;
2248 case 2: /* 10 - Eject media */
2249 /* This must be done from EMT. */
2250 {
2251 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
2252 PPDMDEVINS pDevIns = ATADEVSTATE_2_DEVINS(s);
2253
2254 PDMCritSectLeave(&pCtl->lock);
2255 rc = VMR3ReqCallWait(PDMDevHlpGetVM(pDevIns), VMCPUID_ANY,
2256 (PFNRT)s->pDrvMount->pfnUnmount, 2, s->pDrvMount, false);
2257 AssertReleaseRC(rc);
2258 {
2259 STAM_PROFILE_START(&pCtl->StatLockWait, a);
2260 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
2261 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
2262 }
2263 }
2264 break;
2265 case 3: /* 11 - Load media */
2266 /** @todo rc = s->pDrvMount->pfnLoadMedia(s->pDrvMount) */
2267 break;
2268 }
2269 if (RT_SUCCESS(rc))
2270 atapiCmdOK(s);
2271 else
2272 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIA_LOAD_OR_EJECT_FAILED);
2273 }
2274 break;
2275 case SCSI_MECHANISM_STATUS:
2276 {
2277 cbMax = ataBE2H_U16(pbPacket + 8);
2278 ataStartTransfer(s, RT_MIN(cbMax, 8), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_MECHANISM_STATUS, true);
2279 }
2280 break;
2281 case SCSI_READ_TOC_PMA_ATIP:
2282 {
2283 uint8_t format;
2284
2285 if (s->cNotifiedMediaChange > 0)
2286 {
2287 s->cNotifiedMediaChange-- ;
2288 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2289 break;
2290 }
2291 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
2292 {
2293 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2294 break;
2295 }
2296 cbMax = ataBE2H_U16(pbPacket + 7);
2297 /* SCSI MMC-3 spec says format is at offset 2 (lower 4 bits),
2298 * but Linux kernel uses offset 9 (topmost 2 bits). Hope that
2299 * the other field is clear... */
2300 format = (pbPacket[2] & 0xf) | (pbPacket[9] >> 6);
2301 switch (format)
2302 {
2303 case 0:
2304 ataStartTransfer(s, cbMax, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_TOC_NORMAL, true);
2305 break;
2306 case 1:
2307 ataStartTransfer(s, RT_MIN(cbMax, 12), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_TOC_MULTI, true);
2308 break;
2309 case 2:
2310 ataStartTransfer(s, cbMax, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_TOC_RAW, true);
2311 break;
2312 default:
2313 error_cmd:
2314 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2315 break;
2316 }
2317 }
2318 break;
2319 case SCSI_READ_CAPACITY:
2320 if (s->cNotifiedMediaChange > 0)
2321 {
2322 s->cNotifiedMediaChange-- ;
2323 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2324 break;
2325 }
2326 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
2327 {
2328 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2329 break;
2330 }
2331 ataStartTransfer(s, 8, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_CAPACITY, true);
2332 break;
2333 case SCSI_READ_DISC_INFORMATION:
2334 if (s->cNotifiedMediaChange > 0)
2335 {
2336 s->cNotifiedMediaChange-- ;
2337 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2338 break;
2339 }
2340 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
2341 {
2342 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2343 break;
2344 }
2345 cbMax = ataBE2H_U16(pbPacket + 7);
2346 ataStartTransfer(s, RT_MIN(cbMax, 34), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_DISC_INFORMATION, true);
2347 break;
2348 case SCSI_READ_TRACK_INFORMATION:
2349 if (s->cNotifiedMediaChange > 0)
2350 {
2351 s->cNotifiedMediaChange-- ;
2352 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2353 break;
2354 }
2355 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
2356 {
2357 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2358 break;
2359 }
2360 cbMax = ataBE2H_U16(pbPacket + 7);
2361 ataStartTransfer(s, RT_MIN(cbMax, 36), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_TRACK_INFORMATION, true);
2362 break;
2363 case SCSI_GET_CONFIGURATION:
2364 /* No media change stuff here, it can confuse Linux guests. */
2365 cbMax = ataBE2H_U16(pbPacket + 7);
2366 ataStartTransfer(s, RT_MIN(cbMax, 32), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_GET_CONFIGURATION, true);
2367 break;
2368 case SCSI_INQUIRY:
2369 cbMax = ataBE2H_U16(pbPacket + 3);
2370 ataStartTransfer(s, RT_MIN(cbMax, 36), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_INQUIRY, true);
2371 break;
2372 default:
2373 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_ILLEGAL_OPCODE);
2374 break;
2375 }
2376}
2377
2378
2379/*
2380 * Parse ATAPI commands, passing them directly to the CD/DVD drive.
2381 */
2382static void atapiParseCmdPassthrough(AHCIATADevState *s)
2383{
2384 const uint8_t *pbPacket;
2385 uint8_t *pbBuf;
2386 uint32_t cSectors, iATAPILBA;
2387 uint32_t cbTransfer = 0;
2388 PDMBLOCKTXDIR uTxDir = PDMBLOCKTXDIR_NONE;
2389
2390 pbPacket = s->aATAPICmd;
2391 pbBuf = s->CTXALLSUFF(pbIOBuffer);
2392 switch (pbPacket[0])
2393 {
2394 case SCSI_BLANK:
2395 goto sendcmd;
2396 case SCSI_CLOSE_TRACK_SESSION:
2397 goto sendcmd;
2398 case SCSI_ERASE_10:
2399 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2400 cbTransfer = ataBE2H_U16(pbPacket + 7);
2401 Log2(("ATAPI PT: lba %d\n", iATAPILBA));
2402 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2403 goto sendcmd;
2404 case SCSI_FORMAT_UNIT:
2405 cbTransfer = s->uATARegLCyl | (s->uATARegHCyl << 8); /* use ATAPI transfer length */
2406 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2407 goto sendcmd;
2408 case SCSI_GET_CONFIGURATION:
2409 cbTransfer = ataBE2H_U16(pbPacket + 7);
2410 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2411 goto sendcmd;
2412 case SCSI_GET_EVENT_STATUS_NOTIFICATION:
2413 cbTransfer = ataBE2H_U16(pbPacket + 7);
2414 if (ASMAtomicReadU32(&s->MediaEventStatus) != ATA_EVENT_STATUS_UNCHANGED)
2415 {
2416 ataStartTransfer(s, RT_MIN(cbTransfer, 8), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_GET_EVENT_STATUS_NOTIFICATION, true);
2417 break;
2418 }
2419 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2420 goto sendcmd;
2421 case SCSI_GET_PERFORMANCE:
2422 cbTransfer = s->uATARegLCyl | (s->uATARegHCyl << 8); /* use ATAPI transfer length */
2423 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2424 goto sendcmd;
2425 case SCSI_INQUIRY:
2426 cbTransfer = ataBE2H_U16(pbPacket + 3);
2427 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2428 goto sendcmd;
2429 case SCSI_LOAD_UNLOAD_MEDIUM:
2430 goto sendcmd;
2431 case SCSI_MECHANISM_STATUS:
2432 cbTransfer = ataBE2H_U16(pbPacket + 8);
2433 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2434 goto sendcmd;
2435 case SCSI_MODE_SELECT_10:
2436 cbTransfer = ataBE2H_U16(pbPacket + 7);
2437 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2438 goto sendcmd;
2439 case SCSI_MODE_SENSE_10:
2440 cbTransfer = ataBE2H_U16(pbPacket + 7);
2441 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2442 goto sendcmd;
2443 case SCSI_PAUSE_RESUME:
2444 goto sendcmd;
2445 case SCSI_PLAY_AUDIO_10:
2446 goto sendcmd;
2447 case SCSI_PLAY_AUDIO_12:
2448 goto sendcmd;
2449 case SCSI_PLAY_AUDIO_MSF:
2450 goto sendcmd;
2451 case SCSI_PREVENT_ALLOW_MEDIUM_REMOVAL:
2452 /** @todo do not forget to unlock when a VM is shut down */
2453 goto sendcmd;
2454 case SCSI_READ_10:
2455 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2456 cSectors = ataBE2H_U16(pbPacket + 7);
2457 Log2(("ATAPI PT: lba %d sectors %d\n", iATAPILBA, cSectors));
2458 s->cbATAPISector = 2048; /**< @todo this size is not always correct */
2459 cbTransfer = cSectors * s->cbATAPISector;
2460 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2461 goto sendcmd;
2462 case SCSI_READ_12:
2463 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2464 cSectors = ataBE2H_U32(pbPacket + 6);
2465 Log2(("ATAPI PT: lba %d sectors %d\n", iATAPILBA, cSectors));
2466 s->cbATAPISector = 2048; /**< @todo this size is not always correct */
2467 cbTransfer = cSectors * s->cbATAPISector;
2468 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2469 goto sendcmd;
2470 case SCSI_READ_BUFFER:
2471 cbTransfer = ataBE2H_U24(pbPacket + 6);
2472 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2473 goto sendcmd;
2474 case SCSI_READ_BUFFER_CAPACITY:
2475 cbTransfer = ataBE2H_U16(pbPacket + 7);
2476 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2477 goto sendcmd;
2478 case SCSI_READ_CAPACITY:
2479 cbTransfer = 8;
2480 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2481 goto sendcmd;
2482 case SCSI_READ_CD:
2483 s->cbATAPISector = 2048; /**< @todo this size is not always correct */
2484 cbTransfer = ataBE2H_U24(pbPacket + 6) / s->cbATAPISector * s->cbATAPISector;
2485 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2486 goto sendcmd;
2487 case SCSI_READ_CD_MSF:
2488 cSectors = ataMSF2LBA(pbPacket + 6) - ataMSF2LBA(pbPacket + 3);
2489 if (cSectors > 32)
2490 cSectors = 32; /* Limit transfer size to 64~74K. Safety first. In any case this can only harm software doing CDDA extraction. */
2491 s->cbATAPISector = 2048; /**< @todo this size is not always correct */
2492 cbTransfer = cSectors * s->cbATAPISector;
2493 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2494 goto sendcmd;
2495 case SCSI_READ_DISC_INFORMATION:
2496 cbTransfer = ataBE2H_U16(pbPacket + 7);
2497 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2498 goto sendcmd;
2499 case SCSI_READ_DVD_STRUCTURE:
2500 cbTransfer = ataBE2H_U16(pbPacket + 8);
2501 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2502 goto sendcmd;
2503 case SCSI_READ_FORMAT_CAPACITIES:
2504 cbTransfer = ataBE2H_U16(pbPacket + 7);
2505 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2506 goto sendcmd;
2507 case SCSI_READ_SUBCHANNEL:
2508 cbTransfer = ataBE2H_U16(pbPacket + 7);
2509 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2510 goto sendcmd;
2511 case SCSI_READ_TOC_PMA_ATIP:
2512 cbTransfer = ataBE2H_U16(pbPacket + 7);
2513 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2514 goto sendcmd;
2515 case SCSI_READ_TRACK_INFORMATION:
2516 cbTransfer = ataBE2H_U16(pbPacket + 7);
2517 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2518 goto sendcmd;
2519 case SCSI_REPAIR_TRACK:
2520 goto sendcmd;
2521 case SCSI_REPORT_KEY:
2522 cbTransfer = ataBE2H_U16(pbPacket + 8);
2523 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2524 goto sendcmd;
2525 case SCSI_REQUEST_SENSE:
2526 cbTransfer = pbPacket[4];
2527 if ((s->abATAPISense[2] & 0x0f) != SCSI_SENSE_NONE)
2528 {
2529 ataStartTransfer(s, RT_MIN(cbTransfer, 18), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_REQUEST_SENSE, true);
2530 break;
2531 }
2532 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2533 goto sendcmd;
2534 case SCSI_RESERVE_TRACK:
2535 goto sendcmd;
2536 case SCSI_SCAN:
2537 goto sendcmd;
2538 case SCSI_SEEK_10:
2539 goto sendcmd;
2540 case SCSI_SEND_CUE_SHEET:
2541 cbTransfer = ataBE2H_U24(pbPacket + 6);
2542 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2543 goto sendcmd;
2544 case SCSI_SEND_DVD_STRUCTURE:
2545 cbTransfer = ataBE2H_U16(pbPacket + 8);
2546 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2547 goto sendcmd;
2548 case SCSI_SEND_EVENT:
2549 cbTransfer = ataBE2H_U16(pbPacket + 8);
2550 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2551 goto sendcmd;
2552 case SCSI_SEND_KEY:
2553 cbTransfer = ataBE2H_U16(pbPacket + 8);
2554 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2555 goto sendcmd;
2556 case SCSI_SEND_OPC_INFORMATION:
2557 cbTransfer = ataBE2H_U16(pbPacket + 7);
2558 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2559 goto sendcmd;
2560 case SCSI_SET_CD_SPEED:
2561 goto sendcmd;
2562 case SCSI_SET_READ_AHEAD:
2563 goto sendcmd;
2564 case SCSI_SET_STREAMING:
2565 cbTransfer = ataBE2H_U16(pbPacket + 9);
2566 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2567 goto sendcmd;
2568 case SCSI_START_STOP_UNIT:
2569 goto sendcmd;
2570 case SCSI_STOP_PLAY_SCAN:
2571 goto sendcmd;
2572 case SCSI_SYNCHRONIZE_CACHE:
2573 goto sendcmd;
2574 case SCSI_TEST_UNIT_READY:
2575 goto sendcmd;
2576 case SCSI_VERIFY_10:
2577 goto sendcmd;
2578 case SCSI_WRITE_10:
2579 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2580 cSectors = ataBE2H_U16(pbPacket + 7);
2581 Log2(("ATAPI PT: lba %d sectors %d\n", iATAPILBA, cSectors));
2582#if 0
2583 /* The sector size is determined by the async I/O thread. */
2584 s->cbATAPISector = 0;
2585 /* Preliminary, will be corrected once the sector size is known. */
2586 cbTransfer = cSectors;
2587#else
2588 s->cbATAPISector = 2048; /**< @todo this size is not always correct */
2589 cbTransfer = cSectors * s->cbATAPISector;
2590#endif
2591 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2592 goto sendcmd;
2593 case SCSI_WRITE_12:
2594 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2595 cSectors = ataBE2H_U32(pbPacket + 6);
2596 Log2(("ATAPI PT: lba %d sectors %d\n", iATAPILBA, cSectors));
2597#if 0
2598 /* The sector size is determined by the async I/O thread. */
2599 s->cbATAPISector = 0;
2600 /* Preliminary, will be corrected once the sector size is known. */
2601 cbTransfer = cSectors;
2602#else
2603 s->cbATAPISector = 2048; /**< @todo this size is not always correct */
2604 cbTransfer = cSectors * s->cbATAPISector;
2605#endif
2606 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2607 goto sendcmd;
2608 case SCSI_WRITE_AND_VERIFY_10:
2609 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2610 cSectors = ataBE2H_U16(pbPacket + 7);
2611 Log2(("ATAPI PT: lba %d sectors %d\n", iATAPILBA, cSectors));
2612 /* The sector size is determined by the async I/O thread. */
2613 s->cbATAPISector = 0;
2614 /* Preliminary, will be corrected once the sector size is known. */
2615 cbTransfer = cSectors;
2616 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2617 goto sendcmd;
2618 case SCSI_WRITE_BUFFER:
2619 switch (pbPacket[1] & 0x1f)
2620 {
2621 case 0x04: /* download microcode */
2622 case 0x05: /* download microcode and save */
2623 case 0x06: /* download microcode with offsets */
2624 case 0x07: /* download microcode with offsets and save */
2625 case 0x0e: /* download microcode with offsets and defer activation */
2626 case 0x0f: /* activate deferred microcode */
2627 LogRel(("AHCI ATA: LUN#%d: CD-ROM passthrough command attempted to update firmware, blocked\n", s->iLUN));
2628 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2629 break;
2630 default:
2631 cbTransfer = ataBE2H_U16(pbPacket + 6);
2632 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2633 goto sendcmd;
2634 }
2635 break;
2636 case SCSI_REPORT_LUNS: /* Not part of MMC-3, but used by Windows. */
2637 cbTransfer = ataBE2H_U32(pbPacket + 6);
2638 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2639 goto sendcmd;
2640 case SCSI_REZERO_UNIT:
2641 /* Obsolete command used by cdrecord. What else would one expect?
2642 * This command is not sent to the drive, it is handled internally,
2643 * as the Linux kernel doesn't like it (message "scsi: unknown
2644 * opcode 0x01" in syslog) and replies with a sense code of 0,
2645 * which sends cdrecord to an endless loop. */
2646 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_ILLEGAL_OPCODE);
2647 break;
2648 default:
2649 LogRel(("AHCI ATA: LUN#%d: passthrough unimplemented for command %#x\n", s->iLUN, pbPacket[0]));
2650 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_ILLEGAL_OPCODE);
2651 break;
2652 sendcmd:
2653 /* Send a command to the drive, passing data in/out as required. */
2654 Log2(("ATAPI PT: max size %d\n", cbTransfer));
2655 Assert(cbTransfer <= s->cbIOBuffer);
2656 if (cbTransfer == 0)
2657 uTxDir = PDMBLOCKTXDIR_NONE;
2658 ataStartTransfer(s, cbTransfer, uTxDir, ATAFN_BT_ATAPI_PASSTHROUGH_CMD, ATAFN_SS_ATAPI_PASSTHROUGH, true);
2659 }
2660}
2661
2662
2663static void atapiParseCmd(AHCIATADevState *s)
2664{
2665 const uint8_t *pbPacket;
2666
2667 pbPacket = s->aATAPICmd;
2668#ifdef DEBUG
2669 Log(("%s: LUN#%d DMA=%d CMD=%#04x \"%s\"\n", __FUNCTION__, s->iLUN, s->fDMA, pbPacket[0], SCSICmdText(pbPacket[0])));
2670#else /* !DEBUG */
2671 Log(("%s: LUN#%d DMA=%d CMD=%#04x\n", __FUNCTION__, s->iLUN, s->fDMA, pbPacket[0]));
2672#endif /* !DEBUG */
2673 Log2(("%s: limit=%#x packet: %.*Rhxs\n", __FUNCTION__, s->uATARegLCyl | (s->uATARegHCyl << 8), ATAPI_PACKET_SIZE, pbPacket));
2674
2675 if (s->fATAPIPassthrough)
2676 atapiParseCmdPassthrough(s);
2677 else
2678 atapiParseCmdVirtualATAPI(s);
2679}
2680
2681
2682static bool ataPacketSS(AHCIATADevState *s)
2683{
2684 s->fDMA = !!(s->uATARegFeature & 1);
2685 memcpy(s->aATAPICmd, s->CTXALLSUFF(pbIOBuffer), ATAPI_PACKET_SIZE);
2686 s->uTxDir = PDMBLOCKTXDIR_NONE;
2687 s->cbTotalTransfer = 0;
2688 s->cbElementaryTransfer = 0;
2689 atapiParseCmd(s);
2690 return false;
2691}
2692
2693#if 0
2694
2695/**
2696 * SCSI_GET_EVENT_STATUS_NOTIFICATION should return "medium removed" event
2697 * from now on, regardless if there was a medium inserted or not.
2698 */
2699static void ataMediumRemoved(AHCIATADevState *s)
2700{
2701 ASMAtomicWriteU32(&s->MediaEventStatus, ATA_EVENT_STATUS_MEDIA_REMOVED);
2702}
2703
2704
2705/**
2706 * SCSI_GET_EVENT_STATUS_NOTIFICATION should return "medium inserted". If
2707 * there was already a medium inserted, don't forget to send the "medium
2708 * removed" event first.
2709 */
2710static void ataMediumInserted(AHCIATADevState *s)
2711{
2712 uint32_t OldStatus, NewStatus;
2713 do
2714 {
2715 OldStatus = ASMAtomicReadU32(&s->MediaEventStatus);
2716 switch (OldStatus)
2717 {
2718 case ATA_EVENT_STATUS_MEDIA_CHANGED:
2719 case ATA_EVENT_STATUS_MEDIA_REMOVED:
2720 /* no change, we will send "medium removed" + "medium inserted" */
2721 NewStatus = ATA_EVENT_STATUS_MEDIA_CHANGED;
2722 break;
2723 default:
2724 NewStatus = ATA_EVENT_STATUS_MEDIA_NEW;
2725 break;
2726 }
2727 } while (!ASMAtomicCmpXchgU32(&s->MediaEventStatus, NewStatus, OldStatus));
2728}
2729
2730
2731/**
2732 * Called when a media is mounted.
2733 *
2734 * @param pInterface Pointer to the interface structure containing the called function pointer.
2735 */
2736static DECLCALLBACK(void) ataMountNotify(PPDMIMOUNTNOTIFY pInterface)
2737{
2738 AHCIATADevState *pIf = PDMIMOUNTNOTIFY_2_ATASTATE(pInterface);
2739 Log(("%s: changing LUN#%d\n", __FUNCTION__, pIf->iLUN));
2740
2741 /* Ignore the call if we're called while being attached. */
2742 if (!pIf->pDrvBlock)
2743 return;
2744
2745 LogRel(("ATA: LUN#%d: CD/DVD, total number of sectors %Ld, passthrough unchanged\n", pIf->iLUN, pIf->cTotalSectors));
2746
2747 if (pIf->fATAPI)
2748 pIf->cTotalSectors = pIf->pDrvBlock->pfnGetSize(pIf->pDrvBlock) / 2048;
2749 else
2750 pIf->cTotalSectors = pIf->pDrvBlock->pfnGetSize(pIf->pDrvBlock) / 512;
2751
2752 /* Report media changed in TEST UNIT and other (probably incorrect) places. */
2753 if (pIf->cNotifiedMediaChange < 2)
2754 pIf->cNotifiedMediaChange = 2;
2755 ataMediumInserted(pIf);
2756}
2757
2758/**
2759 * Called when a media is unmounted
2760 * @param pInterface Pointer to the interface structure containing the called function pointer.
2761 */
2762static DECLCALLBACK(void) ataUnmountNotify(PPDMIMOUNTNOTIFY pInterface)
2763{
2764 AHCIATADevState *pIf = PDMIMOUNTNOTIFY_2_ATASTATE(pInterface);
2765 Log(("%s:\n", __FUNCTION__));
2766 pIf->cTotalSectors = 0;
2767
2768 /*
2769 * Whatever I do, XP will not use the GET MEDIA STATUS nor the EVENT stuff.
2770 * However, it will respond to TEST UNIT with a 0x6 0x28 (media changed) sense code.
2771 * So, we'll give it 4 TEST UNIT command to catch up, two which the media is not
2772 * present and 2 in which it is changed.
2773 */
2774 pIf->cNotifiedMediaChange = 4;
2775 ataMediumRemoved(pIf);
2776}
2777#endif
2778
2779static void ataPacketBT(AHCIATADevState *s)
2780{
2781 s->cbElementaryTransfer = s->cbTotalTransfer;
2782 s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_CD;
2783 Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
2784 ataSetStatusValue(s, ATA_STAT_READY);
2785}
2786
2787
2788static void ataResetDevice(AHCIATADevState *s)
2789{
2790 s->cMultSectors = ATA_MAX_MULT_SECTORS;
2791 s->cNotifiedMediaChange = 0;
2792 ASMAtomicWriteU32(&s->MediaEventStatus, ATA_EVENT_STATUS_UNCHANGED);
2793 ataUnsetIRQ(s);
2794
2795 s->uATARegSelect = 0x20;
2796 ataSetStatusValue(s, ATA_STAT_READY);
2797 ataSetSignature(s);
2798 s->cbTotalTransfer = 0;
2799 s->cbElementaryTransfer = 0;
2800 s->iIOBufferPIODataStart = 0;
2801 s->iIOBufferPIODataEnd = 0;
2802 s->iBeginTransfer = ATAFN_BT_NULL;
2803 s->iSourceSink = ATAFN_SS_NULL;
2804 s->fATAPITransfer = false;
2805 s->uATATransferMode = ATA_MODE_UDMA | 2; /* AHCI supports only up to UDMA2 */
2806
2807 s->uATARegFeature = 0;
2808}
2809
2810
2811static bool ataExecuteDeviceDiagnosticSS(AHCIATADevState *s)
2812{
2813 ataSetSignature(s);
2814 if (s->fATAPI)
2815 ataSetStatusValue(s, 0); /* NOTE: READY is _not_ set */
2816 else
2817 ataSetStatusValue(s, ATA_STAT_READY);
2818 s->uATARegError = 0x01;
2819 return false;
2820}
2821
2822
2823static void ataParseCmd(AHCIATADevState *s, uint8_t cmd)
2824{
2825#ifdef DEBUG
2826 Log(("%s: LUN#%d CMD=%#04x \"%s\"\n", __FUNCTION__, s->iLUN, cmd, ATACmdText(cmd)));
2827#else /* !DEBUG */
2828 Log(("%s: LUN#%d CMD=%#04x\n", __FUNCTION__, s->iLUN, cmd));
2829#endif /* !DEBUG */
2830 s->fLBA48 = false;
2831 s->fDMA = false;
2832 if (cmd == ATA_IDLE_IMMEDIATE)
2833 {
2834 /* Detect Linux timeout recovery, first tries IDLE IMMEDIATE (which
2835 * would overwrite the failing command unfortunately), then RESET. */
2836 int32_t uCmdWait = -1;
2837 uint64_t uNow = RTTimeNanoTS();
2838 if (s->u64CmdTS)
2839 uCmdWait = (uNow - s->u64CmdTS) / 1000;
2840 LogRel(("AHCI ATA: LUN#%d: IDLE IMMEDIATE, CmdIf=%#04x (%d usec ago)\n",
2841 s->iLUN, s->uATARegCommand, uCmdWait));
2842 }
2843 s->uATARegCommand = cmd;
2844 switch (cmd)
2845 {
2846 case ATA_IDENTIFY_DEVICE:
2847 if (s->pDrvBlock && !s->fATAPI)
2848 ataStartTransfer(s, 512, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_NULL, ATAFN_SS_IDENTIFY, false);
2849 else
2850 {
2851 if (s->fATAPI)
2852 ataSetSignature(s);
2853 ataCmdError(s, ABRT_ERR);
2854 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
2855 }
2856 break;
2857 case ATA_INITIALIZE_DEVICE_PARAMETERS:
2858 case ATA_RECALIBRATE:
2859 ataCmdOK(s, ATA_STAT_SEEK);
2860 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
2861 break;
2862 case ATA_SET_MULTIPLE_MODE:
2863 if ( s->uATARegNSector != 0
2864 && ( s->uATARegNSector > ATA_MAX_MULT_SECTORS
2865 || (s->uATARegNSector & (s->uATARegNSector - 1)) != 0))
2866 {
2867 ataCmdError(s, ABRT_ERR);
2868 }
2869 else
2870 {
2871 Log2(("%s: set multi sector count to %d\n", __FUNCTION__, s->uATARegNSector));
2872 s->cMultSectors = s->uATARegNSector;
2873 ataCmdOK(s, 0);
2874 }
2875 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
2876 break;
2877 case ATA_READ_VERIFY_SECTORS_EXT:
2878 s->fLBA48 = true;
2879 case ATA_READ_VERIFY_SECTORS:
2880 case ATA_READ_VERIFY_SECTORS_WITHOUT_RETRIES:
2881 /* do sector number check ? */
2882 ataCmdOK(s, 0);
2883 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
2884 break;
2885 case ATA_READ_SECTORS_EXT:
2886 s->fLBA48 = true;
2887 case ATA_READ_SECTORS:
2888 case ATA_READ_SECTORS_WITHOUT_RETRIES:
2889 if (!s->pDrvBlock)
2890 goto abort_cmd;
2891 s->cSectorsPerIRQ = 1;
2892 ataStartTransfer(s, ataGetNSectors(s) * 512, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_READ_SECTORS, false);
2893 break;
2894 case ATA_WRITE_SECTORS_EXT:
2895 s->fLBA48 = true;
2896 case ATA_WRITE_SECTORS:
2897 case ATA_WRITE_SECTORS_WITHOUT_RETRIES:
2898 s->cSectorsPerIRQ = 1;
2899 ataStartTransfer(s, ataGetNSectors(s) * 512, PDMBLOCKTXDIR_TO_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_WRITE_SECTORS, false);
2900 break;
2901 case ATA_READ_MULTIPLE_EXT:
2902 s->fLBA48 = true;
2903 case ATA_READ_MULTIPLE:
2904 if (!s->cMultSectors)
2905 goto abort_cmd;
2906 s->cSectorsPerIRQ = s->cMultSectors;
2907 ataStartTransfer(s, ataGetNSectors(s) * 512, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_READ_SECTORS, false);
2908 break;
2909 case ATA_WRITE_MULTIPLE_EXT:
2910 s->fLBA48 = true;
2911 case ATA_WRITE_MULTIPLE:
2912 if (!s->cMultSectors)
2913 goto abort_cmd;
2914 s->cSectorsPerIRQ = s->cMultSectors;
2915 ataStartTransfer(s, ataGetNSectors(s) * 512, PDMBLOCKTXDIR_TO_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_WRITE_SECTORS, false);
2916 break;
2917 case ATA_READ_DMA_EXT:
2918 s->fLBA48 = true;
2919 case ATA_READ_DMA:
2920 case ATA_READ_DMA_WITHOUT_RETRIES:
2921 if (!s->pDrvBlock)
2922 goto abort_cmd;
2923 s->cSectorsPerIRQ = ATA_MAX_MULT_SECTORS;
2924 s->fDMA = true;
2925 ataStartTransfer(s, ataGetNSectors(s) * 512, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_READ_SECTORS, false);
2926 break;
2927 case ATA_WRITE_DMA_EXT:
2928 s->fLBA48 = true;
2929 case ATA_WRITE_DMA:
2930 case ATA_WRITE_DMA_WITHOUT_RETRIES:
2931 if (!s->pDrvBlock)
2932 goto abort_cmd;
2933 s->cSectorsPerIRQ = ATA_MAX_MULT_SECTORS;
2934 s->fDMA = true;
2935 ataStartTransfer(s, ataGetNSectors(s) * 512, PDMBLOCKTXDIR_TO_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_WRITE_SECTORS, false);
2936 break;
2937 case ATA_READ_NATIVE_MAX_ADDRESS_EXT:
2938 s->fLBA48 = true;
2939 ataSetSector(s, s->cTotalSectors - 1);
2940 ataCmdOK(s, 0);
2941 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
2942 break;
2943 case ATA_READ_NATIVE_MAX_ADDRESS:
2944 ataSetSector(s, RT_MIN(s->cTotalSectors, 1 << 28) - 1);
2945 ataCmdOK(s, 0);
2946 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
2947 break;
2948 case ATA_CHECK_POWER_MODE:
2949 s->uATARegNSector = 0xff; /* drive active or idle */
2950 ataCmdOK(s, 0);
2951 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
2952 break;
2953 case ATA_SET_FEATURES:
2954 Log2(("%s: feature=%#x\n", __FUNCTION__, s->uATARegFeature));
2955 if (!s->pDrvBlock)
2956 goto abort_cmd;
2957 switch (s->uATARegFeature)
2958 {
2959 case 0x02: /* write cache enable */
2960 Log2(("%s: write cache enable\n", __FUNCTION__));
2961 ataCmdOK(s, ATA_STAT_SEEK);
2962 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
2963 break;
2964 case 0xaa: /* read look-ahead enable */
2965 Log2(("%s: read look-ahead enable\n", __FUNCTION__));
2966 ataCmdOK(s, ATA_STAT_SEEK);
2967 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
2968 break;
2969 case 0x55: /* read look-ahead disable */
2970 Log2(("%s: read look-ahead disable\n", __FUNCTION__));
2971 ataCmdOK(s, ATA_STAT_SEEK);
2972 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
2973 break;
2974 case 0xcc: /* reverting to power-on defaults enable */
2975 Log2(("%s: revert to power-on defaults enable\n", __FUNCTION__));
2976 ataCmdOK(s, ATA_STAT_SEEK);
2977 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
2978 break;
2979 case 0x66: /* reverting to power-on defaults disable */
2980 Log2(("%s: revert to power-on defaults disable\n", __FUNCTION__));
2981 ataCmdOK(s, ATA_STAT_SEEK);
2982 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
2983 break;
2984 case 0x82: /* write cache disable */
2985 Log2(("%s: write cache disable\n", __FUNCTION__));
2986 /* As per the ATA/ATAPI-6 specs, a write cache disable
2987 * command MUST flush the write buffers to disc. */
2988 ataStartTransfer(s, 0, PDMBLOCKTXDIR_NONE, ATAFN_BT_NULL, ATAFN_SS_FLUSH, false);
2989 break;
2990 case 0x03: { /* set transfer mode */
2991 Log2(("%s: transfer mode %#04x\n", __FUNCTION__, s->uATARegNSector));
2992 switch (s->uATARegNSector & 0xf8)
2993 {
2994 case 0x00: /* PIO default */
2995 case 0x08: /* PIO mode */
2996 break;
2997 case ATA_MODE_MDMA: /* MDMA mode */
2998 s->uATATransferMode = (s->uATARegNSector & 0xf8) | RT_MIN(s->uATARegNSector & 0x07, ATA_MDMA_MODE_MAX);
2999 break;
3000 case ATA_MODE_UDMA: /* UDMA mode */
3001 s->uATATransferMode = (s->uATARegNSector & 0xf8) | RT_MIN(s->uATARegNSector & 0x07, ATA_UDMA_MODE_MAX);
3002 break;
3003 default:
3004 goto abort_cmd;
3005 }
3006 ataCmdOK(s, ATA_STAT_SEEK);
3007 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3008 break;
3009 }
3010 default:
3011 goto abort_cmd;
3012 }
3013 /*
3014 * OS/2 workarond:
3015 * The OS/2 IDE driver from MCP2 appears to rely on the feature register being
3016 * reset here. According to the specification, this is a driver bug as the register
3017 * contents are undefined after the call. This means we can just as well reset it.
3018 */
3019 s->uATARegFeature = 0;
3020 break;
3021 case ATA_FLUSH_CACHE_EXT:
3022 case ATA_FLUSH_CACHE:
3023 if (!s->pDrvBlock || s->fATAPI)
3024 goto abort_cmd;
3025 ataStartTransfer(s, 0, PDMBLOCKTXDIR_NONE, ATAFN_BT_NULL, ATAFN_SS_FLUSH, false);
3026 break;
3027 case ATA_STANDBY_IMMEDIATE:
3028 ataCmdOK(s, 0);
3029 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3030 break;
3031 case ATA_IDLE_IMMEDIATE:
3032 LogRel(("AHCI ATA: LUN#%d: aborting current command\n", s->iLUN));
3033 ataAbortCurrentCommand(s, false);
3034 break;
3035 /* ATAPI commands */
3036 case ATA_IDENTIFY_PACKET_DEVICE:
3037 if (s->fATAPI)
3038 ataStartTransfer(s, 512, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_NULL, ATAFN_SS_ATAPI_IDENTIFY, false);
3039 else
3040 {
3041 ataCmdError(s, ABRT_ERR);
3042 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3043 }
3044 break;
3045 case ATA_EXECUTE_DEVICE_DIAGNOSTIC:
3046 ataStartTransfer(s, 0, PDMBLOCKTXDIR_NONE, ATAFN_BT_NULL, ATAFN_SS_EXECUTE_DEVICE_DIAGNOSTIC, false);
3047 break;
3048 case ATA_DEVICE_RESET:
3049 if (!s->fATAPI)
3050 goto abort_cmd;
3051 LogRel(("AHCI ATA: LUN#%d: performing device RESET\n", s->iLUN));
3052 ataAbortCurrentCommand(s, true);
3053 break;
3054 case ATA_PACKET:
3055 if (!s->fATAPI)
3056 goto abort_cmd;
3057 /* overlapping commands not supported */
3058 if (s->uATARegFeature & 0x02)
3059 goto abort_cmd;
3060 ataStartTransfer(s, ATAPI_PACKET_SIZE, PDMBLOCKTXDIR_TO_DEVICE, ATAFN_BT_PACKET, ATAFN_SS_PACKET, false);
3061 break;
3062 default:
3063 abort_cmd:
3064 ataCmdError(s, ABRT_ERR);
3065 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3066 break;
3067 }
3068}
3069
3070
3071/**
3072 * Waits for a particular async I/O thread to complete whatever it
3073 * is doing at the moment.
3074 *
3075 * @returns true on success.
3076 * @returns false when the thread is still processing.
3077 * @param pThis Pointer to the controller data.
3078 * @param cMillies How long to wait (total).
3079 */
3080static bool ataWaitForAsyncIOIsIdle(PAHCIATACONTROLLER pCtl, RTMSINTERVAL cMillies)
3081{
3082 uint64_t u64Start;
3083 bool fRc;
3084
3085 /* Hope for the simple way out... */
3086 if (ataAsyncIOIsIdle(pCtl, false /*fStrict*/))
3087 return true;
3088
3089 /*
3090 * Have to wait. Do the setup while owning the mutex to avoid races.
3091 */
3092 RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT);
3093
3094 RTThreadUserReset(pCtl->AsyncIOThread);
3095 ASMAtomicWriteBool(&pCtl->fSignalIdle, true);
3096
3097 RTSemMutexRelease(pCtl->AsyncIORequestMutex);
3098
3099 u64Start = RTTimeMilliTS();
3100 for (;;)
3101 {
3102 fRc = ataAsyncIOIsIdle(pCtl, false /*fStrict*/);
3103 if (fRc)
3104 break;
3105
3106 if (RTTimeMilliTS() - u64Start >= cMillies)
3107 break;
3108
3109 int rc = RTThreadUserWait(pCtl->AsyncIOThread, 100 /*ms*/);
3110 AssertMsg( ( RT_SUCCESS(rc)
3111 && ataAsyncIOIsIdle(pCtl, false /*fStrict*/))
3112 || rc == VERR_TIMEOUT,
3113 ("rc=%Rrc irq=%u\n", rc, pCtl->irq));
3114 }
3115
3116 ASMAtomicWriteBool(&pCtl->fSignalIdle, false);
3117 return fRc;
3118}
3119
3120#endif /* IN_RING3 */
3121
3122static int ataIOPortWriteU8(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t val)
3123{
3124 Log2(("%s: write addr=%#x val=%#04x\n", __FUNCTION__, addr, val));
3125 addr &= 7;
3126 switch (addr)
3127 {
3128 case 0:
3129 break;
3130 case 1: /* feature register */
3131 /* NOTE: data is written to the two drives */
3132 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3133 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3134 pCtl->aIfs[0].uATARegFeatureHOB = pCtl->aIfs[0].uATARegFeature;
3135 pCtl->aIfs[1].uATARegFeatureHOB = pCtl->aIfs[1].uATARegFeature;
3136 pCtl->aIfs[0].uATARegFeature = val;
3137 pCtl->aIfs[1].uATARegFeature = val;
3138 break;
3139 case 2: /* sector count */
3140 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3141 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3142 pCtl->aIfs[0].uATARegNSectorHOB = pCtl->aIfs[0].uATARegNSector;
3143 pCtl->aIfs[1].uATARegNSectorHOB = pCtl->aIfs[1].uATARegNSector;
3144 pCtl->aIfs[0].uATARegNSector = val;
3145 pCtl->aIfs[1].uATARegNSector = val;
3146 break;
3147 case 3: /* sector number */
3148 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3149 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3150 pCtl->aIfs[0].uATARegSectorHOB = pCtl->aIfs[0].uATARegSector;
3151 pCtl->aIfs[1].uATARegSectorHOB = pCtl->aIfs[1].uATARegSector;
3152 pCtl->aIfs[0].uATARegSector = val;
3153 pCtl->aIfs[1].uATARegSector = val;
3154 break;
3155 case 4: /* cylinder low */
3156 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3157 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3158 pCtl->aIfs[0].uATARegLCylHOB = pCtl->aIfs[0].uATARegLCyl;
3159 pCtl->aIfs[1].uATARegLCylHOB = pCtl->aIfs[1].uATARegLCyl;
3160 pCtl->aIfs[0].uATARegLCyl = val;
3161 pCtl->aIfs[1].uATARegLCyl = val;
3162 break;
3163 case 5: /* cylinder high */
3164 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3165 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3166 pCtl->aIfs[0].uATARegHCylHOB = pCtl->aIfs[0].uATARegHCyl;
3167 pCtl->aIfs[1].uATARegHCylHOB = pCtl->aIfs[1].uATARegHCyl;
3168 pCtl->aIfs[0].uATARegHCyl = val;
3169 pCtl->aIfs[1].uATARegHCyl = val;
3170 break;
3171 case 6: /* drive/head */
3172 pCtl->aIfs[0].uATARegSelect = (val & ~0x10) | 0xa0;
3173 pCtl->aIfs[1].uATARegSelect = (val | 0x10) | 0xa0;
3174 if (((val >> 4) & 1) != pCtl->iSelectedIf)
3175 {
3176 PPDMDEVINS pDevIns = CONTROLLER_2_DEVINS(pCtl);
3177
3178 /* select another drive */
3179 pCtl->iSelectedIf = (val >> 4) & 1;
3180 /* The IRQ line is multiplexed between the two drives, so
3181 * update the state when switching to another drive. Only need
3182 * to update interrupt line if it is enabled and there is a
3183 * state change. */
3184 if ( !(pCtl->aIfs[pCtl->iSelectedIf].uATARegDevCtl & ATA_DEVCTL_DISABLE_IRQ)
3185 && ( pCtl->aIfs[pCtl->iSelectedIf].fIrqPending
3186 != pCtl->aIfs[pCtl->iSelectedIf ^ 1].fIrqPending))
3187 {
3188 if (pCtl->aIfs[pCtl->iSelectedIf].fIrqPending)
3189 {
3190 Log2(("%s: LUN#%d asserting IRQ (drive select change)\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf].iLUN));
3191 /* The BMDMA unit unconditionally sets BM_STATUS_INT if
3192 * the interrupt line is asserted. It monitors the line
3193 * for a rising edge. */
3194 pCtl->BmDma.u8Status |= BM_STATUS_INT;
3195 if (pCtl->irq == 16)
3196 PDMDevHlpPCISetIrqNoWait(pDevIns, 0, 1);
3197 else
3198 PDMDevHlpISASetIrqNoWait(pDevIns, pCtl->irq, 1);
3199 }
3200 else
3201 {
3202 Log2(("%s: LUN#%d deasserting IRQ (drive select change)\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf].iLUN));
3203 if (pCtl->irq == 16)
3204 PDMDevHlpPCISetIrqNoWait(pDevIns, 0, 0);
3205 else
3206 PDMDevHlpISASetIrqNoWait(pDevIns, pCtl->irq, 0);
3207 }
3208 }
3209 }
3210 break;
3211 default:
3212 case 7: /* command */
3213 /* ignore commands to non existant slave */
3214 if (pCtl->iSelectedIf && !pCtl->aIfs[pCtl->iSelectedIf].pDrvBlock)
3215 break;
3216#ifndef IN_RING3
3217 /* Don't do anything complicated in GC */
3218 return VINF_IOM_HC_IOPORT_WRITE;
3219#else /* IN_RING3 */
3220 ataParseCmd(&pCtl->aIfs[pCtl->iSelectedIf], val);
3221#endif /* !IN_RING3 */
3222 }
3223 return VINF_SUCCESS;
3224}
3225
3226
3227static int ataIOPortReadU8(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t *pu32)
3228{
3229 AHCIATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
3230 uint32_t val;
3231 bool fHOB;
3232
3233 fHOB = !!(s->uATARegDevCtl & (1 << 7));
3234 switch (addr & 7)
3235 {
3236 case 0: /* data register */
3237 val = 0xff;
3238 break;
3239 case 1: /* error register */
3240 /* The ATA specification is very terse when it comes to specifying
3241 * the precise effects of reading back the error/feature register.
3242 * The error register (read-only) shares the register number with
3243 * the feature register (write-only), so it seems that it's not
3244 * necessary to support the usual HOB readback here. */
3245 if (!s->pDrvBlock)
3246 val = 0;
3247 else
3248 val = s->uATARegError;
3249 break;
3250 case 2: /* sector count */
3251 if (!s->pDrvBlock)
3252 val = 0;
3253 else if (fHOB)
3254 val = s->uATARegNSectorHOB;
3255 else
3256 val = s->uATARegNSector;
3257 break;
3258 case 3: /* sector number */
3259 if (!s->pDrvBlock)
3260 val = 0;
3261 else if (fHOB)
3262 val = s->uATARegSectorHOB;
3263 else
3264 val = s->uATARegSector;
3265 break;
3266 case 4: /* cylinder low */
3267 if (!s->pDrvBlock)
3268 val = 0;
3269 else if (fHOB)
3270 val = s->uATARegLCylHOB;
3271 else
3272 val = s->uATARegLCyl;
3273 break;
3274 case 5: /* cylinder high */
3275 if (!s->pDrvBlock)
3276 val = 0;
3277 else if (fHOB)
3278 val = s->uATARegHCylHOB;
3279 else
3280 val = s->uATARegHCyl;
3281 break;
3282 case 6: /* drive/head */
3283 /* This register must always work as long as there is at least
3284 * one drive attached to the controller. It is common between
3285 * both drives anyway (completely identical content). */
3286 if (!pCtl->aIfs[0].pDrvBlock && !pCtl->aIfs[1].pDrvBlock)
3287 val = 0;
3288 else
3289 val = s->uATARegSelect;
3290 break;
3291 default:
3292 case 7: /* primary status */
3293 {
3294 /* Counter for number of busy status seen in GC in a row. */
3295 static unsigned cBusy = 0;
3296
3297 if (!s->pDrvBlock)
3298 val = 0;
3299 else
3300 val = s->uATARegStatus;
3301
3302 /* Give the async I/O thread an opportunity to make progress,
3303 * don't let it starve by guests polling frequently. EMT has a
3304 * lower priority than the async I/O thread, but sometimes the
3305 * host OS doesn't care. With some guests we are only allowed to
3306 * be busy for about 5 milliseconds in some situations. Note that
3307 * this is no guarantee for any other VBox thread getting
3308 * scheduled, so this just lowers the CPU load a bit when drives
3309 * are busy. It cannot help with timing problems. */
3310 if (val & ATA_STAT_BUSY)
3311 {
3312#ifdef IN_RING3
3313 cBusy = 0;
3314 PDMCritSectLeave(&pCtl->lock);
3315
3316 RTThreadYield();
3317
3318 {
3319 STAM_PROFILE_START(&pCtl->StatLockWait, a);
3320 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
3321 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
3322 }
3323
3324 val = s->uATARegStatus;
3325#else /* !IN_RING3 */
3326 /* Cannot yield CPU in guest context. And switching to host
3327 * context for each and every busy status is too costly,
3328 * especially on SMP systems where we don't gain much by
3329 * yielding the CPU to someone else. */
3330 if (++cBusy >= 20)
3331 {
3332 cBusy = 0;
3333 return VINF_IOM_HC_IOPORT_READ;
3334 }
3335#endif /* !IN_RING3 */
3336 }
3337 else
3338 cBusy = 0;
3339 ataUnsetIRQ(s);
3340 break;
3341 }
3342 }
3343 Log2(("%s: addr=%#x val=%#04x\n", __FUNCTION__, addr, val));
3344 *pu32 = val;
3345 return VINF_SUCCESS;
3346}
3347
3348
3349static uint32_t ataStatusRead(PAHCIATACONTROLLER pCtl, uint32_t addr)
3350{
3351 AHCIATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
3352 uint32_t val;
3353
3354 if ((!pCtl->aIfs[0].pDrvBlock && !pCtl->aIfs[1].pDrvBlock) ||
3355 (pCtl->iSelectedIf == 1 && !s->pDrvBlock))
3356 val = 0;
3357 else
3358 val = s->uATARegStatus;
3359 Log2(("%s: addr=%#x val=%#04x\n", __FUNCTION__, addr, val));
3360 return val;
3361}
3362
3363static int ataControlWrite(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t val)
3364{
3365#ifndef IN_RING3
3366 if ((val ^ pCtl->aIfs[0].uATARegDevCtl) & ATA_DEVCTL_RESET)
3367 return VINF_IOM_HC_IOPORT_WRITE; /* The RESET stuff is too complicated for GC. */
3368#endif /* !IN_RING3 */
3369
3370 Log2(("%s: addr=%#x val=%#04x\n", __FUNCTION__, addr, val));
3371 /* RESET is common for both drives attached to a controller. */
3372 if (!(pCtl->aIfs[0].uATARegDevCtl & ATA_DEVCTL_RESET) &&
3373 (val & ATA_DEVCTL_RESET))
3374 {
3375#ifdef IN_RING3
3376 /* Software RESET low to high */
3377 int32_t uCmdWait0 = -1, uCmdWait1 = -1;
3378 uint64_t uNow = RTTimeNanoTS();
3379 if (pCtl->aIfs[0].u64CmdTS)
3380 uCmdWait0 = (uNow - pCtl->aIfs[0].u64CmdTS) / 1000;
3381 if (pCtl->aIfs[1].u64CmdTS)
3382 uCmdWait1 = (uNow - pCtl->aIfs[1].u64CmdTS) / 1000;
3383 LogRel(("ATA: Ctl: RESET, DevSel=%d AIOIf=%d CmdIf0=%#04x (%d usec ago) CmdIf1=%#04x (%d usec ago)\n",
3384 pCtl->iSelectedIf, pCtl->iAIOIf,
3385 pCtl->aIfs[0].uATARegCommand, uCmdWait0,
3386 pCtl->aIfs[1].uATARegCommand, uCmdWait1));
3387 pCtl->fReset = true;
3388 /* Everything must be done after the reset flag is set, otherwise
3389 * there are unavoidable races with the currently executing request
3390 * (which might just finish in the mean time). */
3391 pCtl->fChainedTransfer = false;
3392 for (uint32_t i = 0; i < RT_ELEMENTS(pCtl->aIfs); i++)
3393 {
3394 ataResetDevice(&pCtl->aIfs[i]);
3395 /* The following cannot be done using ataSetStatusValue() since the
3396 * reset flag is already set, which suppresses all status changes. */
3397 pCtl->aIfs[i].uATARegStatus = ATA_STAT_BUSY | ATA_STAT_SEEK;
3398 Log2(("%s: LUN#%d status %#04x\n", __FUNCTION__, pCtl->aIfs[i].iLUN, pCtl->aIfs[i].uATARegStatus));
3399 pCtl->aIfs[i].uATARegError = 0x01;
3400 }
3401 ataAsyncIOClearRequests(pCtl);
3402 Log2(("%s: Ctl: message to async I/O thread, resetA\n", __FUNCTION__));
3403 if (val & ATA_DEVCTL_HOB)
3404 {
3405 val &= ~ATA_DEVCTL_HOB;
3406 Log2(("%s: ignored setting HOB\n", __FUNCTION__));
3407 }
3408 ataAsyncIOPutRequest(pCtl, &ataResetARequest);
3409#else /* !IN_RING3 */
3410 AssertMsgFailed(("RESET handling is too complicated for GC\n"));
3411#endif /* IN_RING3 */
3412 }
3413 else if ((pCtl->aIfs[0].uATARegDevCtl & ATA_DEVCTL_RESET) &&
3414 !(val & ATA_DEVCTL_RESET))
3415 {
3416#ifdef IN_RING3
3417 /* Software RESET high to low */
3418 Log(("%s: deasserting RESET\n", __FUNCTION__));
3419 Log2(("%s: Ctl: message to async I/O thread, resetC\n", __FUNCTION__));
3420 if (val & ATA_DEVCTL_HOB)
3421 {
3422 val &= ~ATA_DEVCTL_HOB;
3423 Log2(("%s: ignored setting HOB\n", __FUNCTION__));
3424 }
3425 ataAsyncIOPutRequest(pCtl, &ataResetCRequest);
3426#else /* !IN_RING3 */
3427 AssertMsgFailed(("RESET handling is too complicated for GC\n"));
3428#endif /* IN_RING3 */
3429 }
3430
3431 /* Change of interrupt disable flag. Update interrupt line if interrupt
3432 * is pending on the current interface. */
3433 if ((val ^ pCtl->aIfs[0].uATARegDevCtl) & ATA_DEVCTL_DISABLE_IRQ
3434 && pCtl->aIfs[pCtl->iSelectedIf].fIrqPending)
3435 {
3436 if (!(val & ATA_DEVCTL_DISABLE_IRQ))
3437 {
3438 Log2(("%s: LUN#%d asserting IRQ (interrupt disable change)\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf].iLUN));
3439 /* The BMDMA unit unconditionally sets BM_STATUS_INT if the
3440 * interrupt line is asserted. It monitors the line for a rising
3441 * edge. */
3442 pCtl->BmDma.u8Status |= BM_STATUS_INT;
3443 if (pCtl->irq == 16)
3444 PDMDevHlpPCISetIrqNoWait(CONTROLLER_2_DEVINS(pCtl), 0, 1);
3445 else
3446 PDMDevHlpISASetIrqNoWait(CONTROLLER_2_DEVINS(pCtl), pCtl->irq, 1);
3447 }
3448 else
3449 {
3450 Log2(("%s: LUN#%d deasserting IRQ (interrupt disable change)\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf].iLUN));
3451 if (pCtl->irq == 16)
3452 PDMDevHlpPCISetIrqNoWait(CONTROLLER_2_DEVINS(pCtl), 0, 0);
3453 else
3454 PDMDevHlpISASetIrqNoWait(CONTROLLER_2_DEVINS(pCtl), pCtl->irq, 0);
3455 }
3456 }
3457
3458 if (val & ATA_DEVCTL_HOB)
3459 Log2(("%s: set HOB\n", __FUNCTION__));
3460
3461 pCtl->aIfs[0].uATARegDevCtl = val;
3462 pCtl->aIfs[1].uATARegDevCtl = val;
3463
3464 return VINF_SUCCESS;
3465}
3466
3467#ifdef IN_RING3
3468
3469static void ataPIOTransfer(PAHCIATACONTROLLER pCtl)
3470{
3471 AHCIATADevState *s;
3472
3473 s = &pCtl->aIfs[pCtl->iAIOIf];
3474 Log3(("%s: if=%p\n", __FUNCTION__, s));
3475
3476 if (s->cbTotalTransfer && s->iIOBufferCur > s->iIOBufferEnd)
3477 {
3478 LogRel(("AHCI ATA: LUN#%d: %s data in the middle of a PIO transfer - VERY SLOW\n", s->iLUN, s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE ? "loading" : "storing"));
3479 /* Any guest OS that triggers this case has a pathetic ATA driver.
3480 * In a real system it would block the CPU via IORDY, here we do it
3481 * very similarly by not continuing with the current instruction
3482 * until the transfer to/from the storage medium is completed. */
3483 if (s->iSourceSink != ATAFN_SS_NULL)
3484 {
3485 bool fRedo;
3486 uint8_t status = s->uATARegStatus;
3487 ataSetStatusValue(s, ATA_STAT_BUSY);
3488 Log2(("%s: calling source/sink function\n", __FUNCTION__));
3489 fRedo = g_apfnSourceSinkFuncs[s->iSourceSink](s);
3490 pCtl->fRedo = fRedo;
3491 if (RT_UNLIKELY(fRedo))
3492 return;
3493 ataSetStatusValue(s, status);
3494 s->iIOBufferCur = 0;
3495 s->iIOBufferEnd = s->cbElementaryTransfer;
3496 }
3497 }
3498 if (s->cbTotalTransfer)
3499 {
3500 if (s->fATAPITransfer)
3501 ataPIOTransferLimitATAPI(s);
3502
3503 if (s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE && s->cbElementaryTransfer > s->cbTotalTransfer)
3504 s->cbElementaryTransfer = s->cbTotalTransfer;
3505
3506 Log2(("%s: %s tx_size=%d elem_tx_size=%d index=%d end=%d\n",
3507 __FUNCTION__, s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE ? "T2I" : "I2T",
3508 s->cbTotalTransfer, s->cbElementaryTransfer,
3509 s->iIOBufferCur, s->iIOBufferEnd));
3510 ataPIOTransferStart(s, s->iIOBufferCur, s->cbElementaryTransfer);
3511 s->cbTotalTransfer -= s->cbElementaryTransfer;
3512 s->iIOBufferCur += s->cbElementaryTransfer;
3513
3514 if (s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE && s->cbElementaryTransfer > s->cbTotalTransfer)
3515 s->cbElementaryTransfer = s->cbTotalTransfer;
3516 }
3517 else
3518 ataPIOTransferStop(s);
3519}
3520
3521
3522DECLINLINE(void) ataPIOTransferFinish(PAHCIATACONTROLLER pCtl, AHCIATADevState *s)
3523{
3524 /* Do not interfere with RESET processing if the PIO transfer finishes
3525 * while the RESET line is asserted. */
3526 if (pCtl->fReset)
3527 {
3528 Log2(("%s: Ctl: suppressed continuing PIO transfer as RESET is active\n", __FUNCTION__));
3529 return;
3530 }
3531
3532 if ( s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE
3533 || ( s->iSourceSink != ATAFN_SS_NULL
3534 && s->iIOBufferCur >= s->iIOBufferEnd))
3535 {
3536 /* Need to continue the transfer in the async I/O thread. This is
3537 * the case for write operations or generally for not yet finished
3538 * transfers (some data might need to be read). */
3539 ataUnsetStatus(s, ATA_STAT_READY | ATA_STAT_DRQ);
3540 ataSetStatus(s, ATA_STAT_BUSY);
3541
3542 Log2(("%s: Ctl: message to async I/O thread, continuing PIO transfer\n", __FUNCTION__));
3543 ataAsyncIOPutRequest(pCtl, &ataPIORequest);
3544 }
3545 else
3546 {
3547 /* Either everything finished (though some data might still be pending)
3548 * or some data is pending before the next read is due. */
3549
3550 /* Continue a previously started transfer. */
3551 ataUnsetStatus(s, ATA_STAT_DRQ);
3552 ataSetStatus(s, ATA_STAT_READY);
3553
3554 if (s->cbTotalTransfer)
3555 {
3556 /* There is more to transfer, happens usually for large ATAPI
3557 * reads - the protocol limits the chunk size to 65534 bytes. */
3558 ataPIOTransfer(pCtl);
3559 ataSetIRQ(s);
3560 }
3561 else
3562 {
3563 Log2(("%s: Ctl: skipping message to async I/O thread, ending PIO transfer\n", __FUNCTION__));
3564 /* Finish PIO transfer. */
3565 ataPIOTransfer(pCtl);
3566 Assert(!pCtl->fRedo);
3567 }
3568 }
3569}
3570
3571#endif /* IN_RING3 */
3572
3573static int ataDataWrite(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t cbSize, const uint8_t *pbBuf)
3574{
3575 AHCIATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
3576 uint8_t *p;
3577
3578 if (s->iIOBufferPIODataStart < s->iIOBufferPIODataEnd)
3579 {
3580 Assert(s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE);
3581 p = s->CTX_SUFF(pbIOBuffer) + s->iIOBufferPIODataStart;
3582#ifndef IN_RING3
3583 /* All but the last transfer unit is simple enough for GC, but
3584 * sending a request to the async IO thread is too complicated. */
3585 if (s->iIOBufferPIODataStart + cbSize < s->iIOBufferPIODataEnd)
3586 {
3587 memcpy(p, pbBuf, cbSize);
3588 s->iIOBufferPIODataStart += cbSize;
3589 }
3590 else
3591 return VINF_IOM_HC_IOPORT_WRITE;
3592#else /* IN_RING3 */
3593 memcpy(p, pbBuf, cbSize);
3594 s->iIOBufferPIODataStart += cbSize;
3595 if (s->iIOBufferPIODataStart >= s->iIOBufferPIODataEnd)
3596 ataPIOTransferFinish(pCtl, s);
3597#endif /* !IN_RING3 */
3598 }
3599 else
3600 Log2(("%s: DUMMY data\n", __FUNCTION__));
3601 Log3(("%s: addr=%#x val=%.*Rhxs\n", __FUNCTION__, addr, cbSize, pbBuf));
3602 return VINF_SUCCESS;
3603}
3604
3605static int ataDataRead(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t cbSize, uint8_t *pbBuf)
3606{
3607 AHCIATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
3608 uint8_t *p;
3609
3610 if (s->iIOBufferPIODataStart < s->iIOBufferPIODataEnd)
3611 {
3612 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
3613 p = s->CTX_SUFF(pbIOBuffer) + s->iIOBufferPIODataStart;
3614#ifndef IN_RING3
3615 /* All but the last transfer unit is simple enough for GC, but
3616 * sending a request to the async IO thread is too complicated. */
3617 if (s->iIOBufferPIODataStart + cbSize < s->iIOBufferPIODataEnd)
3618 {
3619 memcpy(pbBuf, p, cbSize);
3620 s->iIOBufferPIODataStart += cbSize;
3621 }
3622 else
3623 return VINF_IOM_HC_IOPORT_READ;
3624#else /* IN_RING3 */
3625 memcpy(pbBuf, p, cbSize);
3626 s->iIOBufferPIODataStart += cbSize;
3627 if (s->iIOBufferPIODataStart >= s->iIOBufferPIODataEnd)
3628 ataPIOTransferFinish(pCtl, s);
3629#endif /* !IN_RING3 */
3630 }
3631 else
3632 {
3633 Log2(("%s: DUMMY data\n", __FUNCTION__));
3634 memset(pbBuf, '\xff', cbSize);
3635 }
3636 Log3(("%s: addr=%#x val=%.*Rhxs\n", __FUNCTION__, addr, cbSize, pbBuf));
3637 return VINF_SUCCESS;
3638}
3639
3640#ifdef IN_RING3
3641
3642static void ataDMATransferStop(AHCIATADevState *s)
3643{
3644 s->cbTotalTransfer = 0;
3645 s->cbElementaryTransfer = 0;
3646 s->iBeginTransfer = ATAFN_BT_NULL;
3647 s->iSourceSink = ATAFN_SS_NULL;
3648}
3649
3650
3651/**
3652 * Perform the entire DMA transfer in one go (unless a source/sink operation
3653 * has to be redone or a RESET comes in between). Unlike the PIO counterpart
3654 * this function cannot handle empty transfers.
3655 *
3656 * @param pCtl Controller for which to perform the transfer.
3657 */
3658static void ataDMATransfer(PAHCIATACONTROLLER pCtl)
3659{
3660 PPDMDEVINS pDevIns = CONTROLLER_2_DEVINS(pCtl);
3661 AHCIATADevState *s = &pCtl->aIfs[pCtl->iAIOIf];
3662 bool fRedo;
3663 RTGCPHYS32 pDesc;
3664 uint32_t cbTotalTransfer, cbElementaryTransfer;
3665 uint32_t iIOBufferCur, iIOBufferEnd;
3666 uint32_t dmalen;
3667 PDMBLOCKTXDIR uTxDir;
3668 bool fLastDesc = false;
3669
3670 Assert(sizeof(BMDMADesc) == 8);
3671
3672 fRedo = pCtl->fRedo;
3673 if (RT_LIKELY(!fRedo))
3674 Assert(s->cbTotalTransfer);
3675 uTxDir = (PDMBLOCKTXDIR)s->uTxDir;
3676 cbTotalTransfer = s->cbTotalTransfer;
3677 cbElementaryTransfer = s->cbElementaryTransfer;
3678 iIOBufferCur = s->iIOBufferCur;
3679 iIOBufferEnd = s->iIOBufferEnd;
3680
3681 /* The DMA loop is designed to hold the lock only when absolutely
3682 * necessary. This avoids long freezes should the guest access the
3683 * ATA registers etc. for some reason. */
3684 PDMCritSectLeave(&pCtl->lock);
3685
3686 Log2(("%s: %s tx_size=%d elem_tx_size=%d index=%d end=%d\n",
3687 __FUNCTION__, uTxDir == PDMBLOCKTXDIR_FROM_DEVICE ? "T2I" : "I2T",
3688 cbTotalTransfer, cbElementaryTransfer,
3689 iIOBufferCur, iIOBufferEnd));
3690 for (pDesc = pCtl->pFirstDMADesc; pDesc <= pCtl->pLastDMADesc; pDesc += sizeof(BMDMADesc))
3691 {
3692 BMDMADesc DMADesc;
3693 RTGCPHYS32 pBuffer;
3694 uint32_t cbBuffer;
3695
3696 if (RT_UNLIKELY(fRedo))
3697 {
3698 pBuffer = pCtl->pRedoDMABuffer;
3699 cbBuffer = pCtl->cbRedoDMABuffer;
3700 fLastDesc = pCtl->fRedoDMALastDesc;
3701 }
3702 else
3703 {
3704 PDMDevHlpPhysRead(pDevIns, pDesc, &DMADesc, sizeof(BMDMADesc));
3705 pBuffer = RT_LE2H_U32(DMADesc.pBuffer);
3706 cbBuffer = RT_LE2H_U32(DMADesc.cbBuffer);
3707 fLastDesc = !!(cbBuffer & 0x80000000);
3708 cbBuffer &= 0xfffe;
3709 if (cbBuffer == 0)
3710 cbBuffer = 0x10000;
3711 if (cbBuffer > cbTotalTransfer)
3712 cbBuffer = cbTotalTransfer;
3713 }
3714
3715 while (RT_UNLIKELY(fRedo) || (cbBuffer && cbTotalTransfer))
3716 {
3717 if (RT_LIKELY(!fRedo))
3718 {
3719 dmalen = RT_MIN(cbBuffer, iIOBufferEnd - iIOBufferCur);
3720 Log2(("%s: DMA desc %#010x: addr=%#010x size=%#010x\n", __FUNCTION__,
3721 pDesc, pBuffer, cbBuffer));
3722 if (uTxDir == PDMBLOCKTXDIR_FROM_DEVICE)
3723 PDMDevHlpPhysWrite(pDevIns, pBuffer, s->CTX_SUFF(pbIOBuffer) + iIOBufferCur, dmalen);
3724 else
3725 PDMDevHlpPhysRead(pDevIns, pBuffer, s->CTX_SUFF(pbIOBuffer) + iIOBufferCur, dmalen);
3726 iIOBufferCur += dmalen;
3727 cbTotalTransfer -= dmalen;
3728 cbBuffer -= dmalen;
3729 pBuffer += dmalen;
3730 }
3731 if ( iIOBufferCur == iIOBufferEnd
3732 && (uTxDir == PDMBLOCKTXDIR_TO_DEVICE || cbTotalTransfer))
3733 {
3734 if (uTxDir == PDMBLOCKTXDIR_FROM_DEVICE && cbElementaryTransfer > cbTotalTransfer)
3735 cbElementaryTransfer = cbTotalTransfer;
3736
3737 {
3738 STAM_PROFILE_START(&pCtl->StatLockWait, a);
3739 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
3740 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
3741 }
3742
3743 /* The RESET handler could have cleared the DMA transfer
3744 * state (since we didn't hold the lock until just now
3745 * the guest can continue in parallel). If so, the state
3746 * is already set up so the loop is exited immediately. */
3747 if (s->iSourceSink != ATAFN_SS_NULL)
3748 {
3749 s->iIOBufferCur = iIOBufferCur;
3750 s->iIOBufferEnd = iIOBufferEnd;
3751 s->cbElementaryTransfer = cbElementaryTransfer;
3752 s->cbTotalTransfer = cbTotalTransfer;
3753 Log2(("%s: calling source/sink function\n", __FUNCTION__));
3754 fRedo = g_apfnSourceSinkFuncs[s->iSourceSink](s);
3755 if (RT_UNLIKELY(fRedo))
3756 {
3757 pCtl->pFirstDMADesc = pDesc;
3758 pCtl->pRedoDMABuffer = pBuffer;
3759 pCtl->cbRedoDMABuffer = cbBuffer;
3760 pCtl->fRedoDMALastDesc = fLastDesc;
3761 }
3762 else
3763 {
3764 cbTotalTransfer = s->cbTotalTransfer;
3765 cbElementaryTransfer = s->cbElementaryTransfer;
3766
3767 if (uTxDir == PDMBLOCKTXDIR_TO_DEVICE && cbElementaryTransfer > cbTotalTransfer)
3768 cbElementaryTransfer = cbTotalTransfer;
3769 iIOBufferCur = 0;
3770 iIOBufferEnd = cbElementaryTransfer;
3771 }
3772 pCtl->fRedo = fRedo;
3773 }
3774 else
3775 {
3776 /* This forces the loop to exit immediately. */
3777 pDesc = pCtl->pLastDMADesc + 1;
3778 }
3779
3780 PDMCritSectLeave(&pCtl->lock);
3781 if (RT_UNLIKELY(fRedo))
3782 break;
3783 }
3784 }
3785
3786 if (RT_UNLIKELY(fRedo))
3787 break;
3788
3789 /* end of transfer */
3790 if (!cbTotalTransfer || fLastDesc)
3791 break;
3792
3793 {
3794 STAM_PROFILE_START(&pCtl->StatLockWait, a);
3795 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
3796 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
3797 }
3798
3799 if (!(pCtl->BmDma.u8Cmd & BM_CMD_START) || pCtl->fReset)
3800 {
3801 LogRel(("ATA: Ctl: ABORT DMA%s\n", pCtl->fReset ? " due to RESET" : ""));
3802 if (!pCtl->fReset)
3803 ataDMATransferStop(s);
3804 /* This forces the loop to exit immediately. */
3805 pDesc = pCtl->pLastDMADesc + 1;
3806 }
3807
3808 PDMCritSectLeave(&pCtl->lock);
3809 }
3810
3811 {
3812 STAM_PROFILE_START(&pCtl->StatLockWait, a);
3813 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
3814 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
3815 }
3816
3817 if (RT_UNLIKELY(fRedo))
3818 return;
3819
3820 if (fLastDesc)
3821 pCtl->BmDma.u8Status &= ~BM_STATUS_DMAING;
3822 s->cbTotalTransfer = cbTotalTransfer;
3823 s->cbElementaryTransfer = cbElementaryTransfer;
3824 s->iIOBufferCur = iIOBufferCur;
3825 s->iIOBufferEnd = iIOBufferEnd;
3826}
3827
3828
3829/**
3830 * Suspend I/O operations on a controller. Also suspends EMT, because it's
3831 * waiting for I/O to make progress. The next attempt to perform an I/O
3832 * operation will be made when EMT is resumed up again (as the resume
3833 * callback below restarts I/O).
3834 *
3835 * @param pCtl Controller for which to suspend I/O.
3836 */
3837static void ataSuspendRedo(PAHCIATACONTROLLER pCtl)
3838{
3839 PPDMDEVINS pDevIns = CONTROLLER_2_DEVINS(pCtl);
3840 int rc;
3841
3842 pCtl->fRedoIdle = true;
3843 rc = VMR3ReqCallWait(PDMDevHlpGetVM(pDevIns), VMCPUID_ANY,
3844 (PFNRT)PDMDevHlpVMSuspend, 1, pDevIns);
3845 AssertReleaseRC(rc);
3846}
3847
3848
3849/**
3850 * Signal ataWaitForAsyncIOIsIdle that we're idle (if we actually are).
3851 *
3852 * @param pCtl The controller.
3853 */
3854static void ataAsyncSignalIdle(PAHCIATACONTROLLER pCtl)
3855{
3856 /*
3857 * Take the mutex here and recheck the idle indicator as there might be
3858 * interesting races, like in the ataReset code.
3859 */
3860 int rc = RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT); AssertRC(rc);
3861
3862 if ( pCtl->fSignalIdle
3863 && ataAsyncIOIsIdle(pCtl, false /*fStrict*/))
3864 {
3865 PDMDevHlpAsyncNotificationCompleted(pCtl->pDevInsR3);
3866 RTThreadUserSignal(pCtl->AsyncIOThread);
3867 }
3868
3869 rc = RTSemMutexRelease(pCtl->AsyncIORequestMutex); AssertRC(rc);
3870}
3871
3872
3873/** Asynch I/O thread for an interface. Once upon a time this was readable
3874 * code with several loops and a different semaphore for each purpose. But
3875 * then came the "how can one save the state in the middle of a PIO transfer"
3876 * question. The solution was to use an ASM, which is what's there now. */
3877static DECLCALLBACK(int) ataAsyncIOLoop(RTTHREAD ThreadSelf, void *pvUser)
3878{
3879 const AHCIATARequest *pReq;
3880 uint64_t u64TS = 0; /* shut up gcc */
3881 uint64_t uWait;
3882 int rc = VINF_SUCCESS;
3883 PAHCIATACONTROLLER pCtl = (PAHCIATACONTROLLER)pvUser;
3884 AHCIATADevState *s;
3885
3886 pReq = NULL;
3887 pCtl->fChainedTransfer = false;
3888 while (!pCtl->fShutdown)
3889 {
3890 /* Keep this thread from doing anything as long as EMT is suspended. */
3891 while (pCtl->fRedoIdle)
3892 {
3893 if (pCtl->fSignalIdle)
3894 ataAsyncSignalIdle(pCtl);
3895 rc = RTSemEventWait(pCtl->SuspendIOSem, RT_INDEFINITE_WAIT);
3896 if (RT_FAILURE(rc) || pCtl->fShutdown)
3897 break;
3898
3899 pCtl->fRedoIdle = false;
3900 }
3901
3902 /* Wait for work. */
3903 if (pReq == NULL)
3904 {
3905 if (pCtl->fSignalIdle)
3906 ataAsyncSignalIdle(pCtl);
3907 rc = RTSemEventWait(pCtl->AsyncIOSem, RT_INDEFINITE_WAIT);
3908 if (RT_FAILURE(rc) || pCtl->fShutdown)
3909 break;
3910
3911 pReq = ataAsyncIOGetCurrentRequest(pCtl);
3912 }
3913
3914 if (pReq == NULL)
3915 continue;
3916
3917 AHCIATAAIO ReqType = pReq->ReqType;
3918
3919 Log2(("%s: Ctl: state=%d, req=%d\n", __FUNCTION__, pCtl->uAsyncIOState, ReqType));
3920 if (pCtl->uAsyncIOState != ReqType)
3921 {
3922 /* The new state is not the state that was expected by the normal
3923 * state changes. This is either a RESET/ABORT or there's something
3924 * really strange going on. */
3925 if ( (pCtl->uAsyncIOState == AHCIATA_AIO_PIO || pCtl->uAsyncIOState == AHCIATA_AIO_DMA)
3926 && (ReqType == AHCIATA_AIO_PIO || ReqType == AHCIATA_AIO_DMA))
3927 {
3928 /* Incorrect sequence of PIO/DMA states. Dump request queue. */
3929 ataAsyncIODumpRequests(pCtl);
3930 }
3931 AssertReleaseMsg(ReqType == AHCIATA_AIO_RESET_ASSERTED || ReqType == AHCIATA_AIO_RESET_CLEARED || ReqType == AHCIATA_AIO_ABORT || pCtl->uAsyncIOState == ReqType, ("I/O state inconsistent: state=%d request=%d\n", pCtl->uAsyncIOState, ReqType));
3932 }
3933
3934 /* Do our work. */
3935 {
3936 STAM_PROFILE_START(&pCtl->StatLockWait, a);
3937 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
3938 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
3939 }
3940
3941 if (pCtl->uAsyncIOState == AHCIATA_AIO_NEW && !pCtl->fChainedTransfer)
3942 {
3943 u64TS = RTTimeNanoTS();
3944#if defined(DEBUG) || defined(VBOX_WITH_STATISTICS)
3945 STAM_PROFILE_ADV_START(&pCtl->StatAsyncTime, a);
3946#endif /* DEBUG || VBOX_WITH_STATISTICS */
3947 }
3948
3949 switch (ReqType)
3950 {
3951 case AHCIATA_AIO_NEW:
3952
3953 pCtl->iAIOIf = pReq->u.t.iIf;
3954 s = &pCtl->aIfs[pCtl->iAIOIf];
3955 s->cbTotalTransfer = pReq->u.t.cbTotalTransfer;
3956 s->uTxDir = pReq->u.t.uTxDir;
3957 s->iBeginTransfer = pReq->u.t.iBeginTransfer;
3958 s->iSourceSink = pReq->u.t.iSourceSink;
3959 s->iIOBufferEnd = 0;
3960 s->u64CmdTS = u64TS;
3961
3962 if (s->fATAPI)
3963 {
3964 if (pCtl->fChainedTransfer)
3965 {
3966 /* Only count the actual transfers, not the PIO
3967 * transfer of the ATAPI command bytes. */
3968 if (s->fDMA)
3969 STAM_REL_COUNTER_INC(&s->StatATAPIDMA);
3970 else
3971 STAM_REL_COUNTER_INC(&s->StatATAPIPIO);
3972 }
3973 }
3974 else
3975 {
3976 if (s->fDMA)
3977 STAM_REL_COUNTER_INC(&s->StatATADMA);
3978 else
3979 STAM_REL_COUNTER_INC(&s->StatATAPIO);
3980 }
3981
3982 pCtl->fChainedTransfer = false;
3983
3984 if (s->iBeginTransfer != ATAFN_BT_NULL)
3985 {
3986 Log2(("%s: Ctl: calling begin transfer function\n", __FUNCTION__));
3987 g_apfnBeginTransFuncs[s->iBeginTransfer](s);
3988 s->iBeginTransfer = ATAFN_BT_NULL;
3989 if (s->uTxDir != PDMBLOCKTXDIR_FROM_DEVICE)
3990 s->iIOBufferEnd = s->cbElementaryTransfer;
3991 }
3992 else
3993 {
3994 s->cbElementaryTransfer = s->cbTotalTransfer;
3995 s->iIOBufferEnd = s->cbTotalTransfer;
3996 }
3997 s->iIOBufferCur = 0;
3998
3999 if (s->uTxDir != PDMBLOCKTXDIR_TO_DEVICE)
4000 {
4001 if (s->iSourceSink != ATAFN_SS_NULL)
4002 {
4003 bool fRedo;
4004 Log2(("%s: Ctl: calling source/sink function\n", __FUNCTION__));
4005 fRedo = g_apfnSourceSinkFuncs[s->iSourceSink](s);
4006 pCtl->fRedo = fRedo;
4007 if (RT_UNLIKELY(fRedo))
4008 {
4009 /* Operation failed at the initial transfer, restart
4010 * everything from scratch by resending the current
4011 * request. Occurs very rarely, not worth optimizing. */
4012 LogRel(("%s: Ctl: redo entire operation\n", __FUNCTION__));
4013 ataAsyncIOPutRequest(pCtl, pReq);
4014 ataSuspendRedo(pCtl);
4015 break;
4016 }
4017 }
4018 else
4019 ataCmdOK(s, 0);
4020 s->iIOBufferEnd = s->cbElementaryTransfer;
4021
4022 }
4023
4024 /* Do not go into the transfer phase if RESET is asserted.
4025 * The CritSect is released while waiting for the host OS
4026 * to finish the I/O, thus RESET is possible here. Most
4027 * important: do not change uAsyncIOState. */
4028 if (pCtl->fReset)
4029 break;
4030
4031 if (s->fDMA)
4032 {
4033 if (s->cbTotalTransfer)
4034 {
4035 ataSetStatus(s, ATA_STAT_DRQ);
4036
4037 pCtl->uAsyncIOState = AHCIATA_AIO_DMA;
4038 /* If BMDMA is already started, do the transfer now. */
4039 if (pCtl->BmDma.u8Cmd & BM_CMD_START)
4040 {
4041 Log2(("%s: Ctl: message to async I/O thread, continuing DMA transfer immediately\n", __FUNCTION__));
4042 ataAsyncIOPutRequest(pCtl, &ataDMARequest);
4043 }
4044 }
4045 else
4046 {
4047 Assert(s->uTxDir == PDMBLOCKTXDIR_NONE); /* Any transfer which has an initial transfer size of 0 must be marked as such. */
4048 /* Finish DMA transfer. */
4049 ataDMATransferStop(s);
4050 ataSetIRQ(s);
4051 pCtl->uAsyncIOState = AHCIATA_AIO_NEW;
4052 }
4053 }
4054 else
4055 {
4056 if (s->cbTotalTransfer)
4057 {
4058 ataPIOTransfer(pCtl);
4059 Assert(!pCtl->fRedo);
4060 if (s->fATAPITransfer || s->uTxDir != PDMBLOCKTXDIR_TO_DEVICE)
4061 ataSetIRQ(s);
4062
4063 if (s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE || s->iSourceSink != ATAFN_SS_NULL)
4064 {
4065 /* Write operations and not yet finished transfers
4066 * must be completed in the async I/O thread. */
4067 pCtl->uAsyncIOState = AHCIATA_AIO_PIO;
4068 }
4069 else
4070 {
4071 /* Finished read operation can be handled inline
4072 * in the end of PIO transfer handling code. Linux
4073 * depends on this, as it waits only briefly for
4074 * devices to become ready after incoming data
4075 * transfer. Cannot find anything in the ATA spec
4076 * that backs this assumption, but as all kernels
4077 * are affected (though most of the time it does
4078 * not cause any harm) this must work. */
4079 pCtl->uAsyncIOState = AHCIATA_AIO_NEW;
4080 }
4081 }
4082 else
4083 {
4084 Assert(s->uTxDir == PDMBLOCKTXDIR_NONE); /* Any transfer which has an initial transfer size of 0 must be marked as such. */
4085 /* Finish PIO transfer. */
4086 ataPIOTransfer(pCtl);
4087 Assert(!pCtl->fRedo);
4088 if (!s->fATAPITransfer)
4089 ataSetIRQ(s);
4090 pCtl->uAsyncIOState = AHCIATA_AIO_NEW;
4091 }
4092 }
4093 break;
4094
4095 case AHCIATA_AIO_DMA:
4096 {
4097 BMDMAState *bm = &pCtl->BmDma;
4098 s = &pCtl->aIfs[pCtl->iAIOIf]; /* Do not remove or there's an instant crash after loading the saved state */
4099 ATAFNSS iOriginalSourceSink = (ATAFNSS)s->iSourceSink; /* Used by the hack below, but gets reset by then. */
4100
4101 if (s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE)
4102 AssertRelease(bm->u8Cmd & BM_CMD_WRITE);
4103 else
4104 AssertRelease(!(bm->u8Cmd & BM_CMD_WRITE));
4105
4106 if (RT_LIKELY(!pCtl->fRedo))
4107 {
4108 /* The specs say that the descriptor table must not cross a
4109 * 4K boundary. */
4110 pCtl->pFirstDMADesc = bm->pvAddr;
4111 pCtl->pLastDMADesc = RT_ALIGN_32(bm->pvAddr + 1, _4K) - sizeof(BMDMADesc);
4112 }
4113 ataDMATransfer(pCtl);
4114
4115 if (RT_UNLIKELY(pCtl->fRedo))
4116 {
4117 LogRel(("ATA: Ctl: redo DMA operation\n"));
4118 ataAsyncIOPutRequest(pCtl, &ataDMARequest);
4119 ataSuspendRedo(pCtl);
4120 break;
4121 }
4122
4123 /* The infamous delay IRQ hack. */
4124 if ( iOriginalSourceSink == ATAFN_SS_WRITE_SECTORS
4125 && s->cbTotalTransfer == 0
4126 && pCtl->DelayIRQMillies)
4127 {
4128 /* Delay IRQ for writing. Required to get the Win2K
4129 * installation work reliably (otherwise it crashes,
4130 * usually during component install). So far no better
4131 * solution has been found. */
4132 Log(("%s: delay IRQ hack\n", __FUNCTION__));
4133 PDMCritSectLeave(&pCtl->lock);
4134 RTThreadSleep(pCtl->DelayIRQMillies);
4135 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
4136 }
4137
4138 ataUnsetStatus(s, ATA_STAT_DRQ);
4139 Assert(!pCtl->fChainedTransfer);
4140 Assert(s->iSourceSink == ATAFN_SS_NULL);
4141 if (s->fATAPITransfer)
4142 {
4143 s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
4144 Log2(("%s: Ctl: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
4145 s->fATAPITransfer = false;
4146 }
4147 ataSetIRQ(s);
4148 pCtl->uAsyncIOState = AHCIATA_AIO_NEW;
4149 break;
4150 }
4151
4152 case AHCIATA_AIO_PIO:
4153 s = &pCtl->aIfs[pCtl->iAIOIf]; /* Do not remove or there's an instant crash after loading the saved state */
4154
4155 if (s->iSourceSink != ATAFN_SS_NULL)
4156 {
4157 bool fRedo;
4158 Log2(("%s: Ctl: calling source/sink function\n", __FUNCTION__));
4159 fRedo = g_apfnSourceSinkFuncs[s->iSourceSink](s);
4160 pCtl->fRedo = fRedo;
4161 if (RT_UNLIKELY(fRedo))
4162 {
4163 LogRel(("ATA: Ctl#%d: redo PIO operation\n"));
4164 ataAsyncIOPutRequest(pCtl, &ataPIORequest);
4165 ataSuspendRedo(pCtl);
4166 break;
4167 }
4168 s->iIOBufferCur = 0;
4169 s->iIOBufferEnd = s->cbElementaryTransfer;
4170 }
4171 else
4172 {
4173 /* Continue a previously started transfer. */
4174 ataUnsetStatus(s, ATA_STAT_BUSY);
4175 ataSetStatus(s, ATA_STAT_READY);
4176 }
4177
4178 /* It is possible that the drives on this controller get RESET
4179 * during the above call to the source/sink function. If that's
4180 * the case, don't restart the transfer and don't finish it the
4181 * usual way. RESET handling took care of all that already.
4182 * Most important: do not change uAsyncIOState. */
4183 if (pCtl->fReset)
4184 break;
4185
4186 if (s->cbTotalTransfer)
4187 {
4188 ataPIOTransfer(pCtl);
4189 ataSetIRQ(s);
4190
4191 if (s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE || s->iSourceSink != ATAFN_SS_NULL)
4192 {
4193 /* Write operations and not yet finished transfers
4194 * must be completed in the async I/O thread. */
4195 pCtl->uAsyncIOState = AHCIATA_AIO_PIO;
4196 }
4197 else
4198 {
4199 /* Finished read operation can be handled inline
4200 * in the end of PIO transfer handling code. Linux
4201 * depends on this, as it waits only briefly for
4202 * devices to become ready after incoming data
4203 * transfer. Cannot find anything in the ATA spec
4204 * that backs this assumption, but as all kernels
4205 * are affected (though most of the time it does
4206 * not cause any harm) this must work. */
4207 pCtl->uAsyncIOState = AHCIATA_AIO_NEW;
4208 }
4209 }
4210 else
4211 {
4212 /* Finish PIO transfer. */
4213 ataPIOTransfer(pCtl);
4214 if ( !pCtl->fChainedTransfer
4215 && !s->fATAPITransfer
4216 && s->uTxDir != PDMBLOCKTXDIR_FROM_DEVICE)
4217 {
4218 ataSetIRQ(s);
4219 }
4220 pCtl->uAsyncIOState = AHCIATA_AIO_NEW;
4221 }
4222 break;
4223
4224 case AHCIATA_AIO_RESET_ASSERTED:
4225 pCtl->uAsyncIOState = AHCIATA_AIO_RESET_CLEARED;
4226 ataPIOTransferStop(&pCtl->aIfs[0]);
4227 ataPIOTransferStop(&pCtl->aIfs[1]);
4228 /* Do not change the DMA registers, they are not affected by the
4229 * ATA controller reset logic. It should be sufficient to issue a
4230 * new command, which is now possible as the state is cleared. */
4231 break;
4232
4233 case AHCIATA_AIO_RESET_CLEARED:
4234 pCtl->uAsyncIOState = AHCIATA_AIO_NEW;
4235 pCtl->fReset = false;
4236 LogRel(("ATA: Ctl: finished processing RESET\n"));
4237 for (uint32_t i = 0; i < RT_ELEMENTS(pCtl->aIfs); i++)
4238 {
4239 if (pCtl->aIfs[i].fATAPI)
4240 ataSetStatusValue(&pCtl->aIfs[i], 0); /* NOTE: READY is _not_ set */
4241 else
4242 ataSetStatusValue(&pCtl->aIfs[i], ATA_STAT_READY | ATA_STAT_SEEK);
4243 ataSetSignature(&pCtl->aIfs[i]);
4244 }
4245 break;
4246
4247 case AHCIATA_AIO_ABORT:
4248 /* Abort the current command only if it operates on the same interface. */
4249 if (pCtl->iAIOIf == pReq->u.a.iIf)
4250 {
4251 s = &pCtl->aIfs[pCtl->iAIOIf];
4252
4253 pCtl->uAsyncIOState = AHCIATA_AIO_NEW;
4254 /* Do not change the DMA registers, they are not affected by the
4255 * ATA controller reset logic. It should be sufficient to issue a
4256 * new command, which is now possible as the state is cleared. */
4257 if (pReq->u.a.fResetDrive)
4258 {
4259 ataResetDevice(s);
4260 ataExecuteDeviceDiagnosticSS(s);
4261 }
4262 else
4263 {
4264 ataPIOTransferStop(s);
4265 ataUnsetStatus(s, ATA_STAT_BUSY | ATA_STAT_DRQ | ATA_STAT_SEEK | ATA_STAT_ERR);
4266 ataSetStatus(s, ATA_STAT_READY);
4267 ataSetIRQ(s);
4268 }
4269 }
4270 break;
4271
4272 default:
4273 AssertMsgFailed(("Undefined async I/O state %d\n", pCtl->uAsyncIOState));
4274 }
4275
4276 ataAsyncIORemoveCurrentRequest(pCtl, ReqType);
4277 pReq = ataAsyncIOGetCurrentRequest(pCtl);
4278
4279 if (pCtl->uAsyncIOState == AHCIATA_AIO_NEW && !pCtl->fChainedTransfer)
4280 {
4281#if defined(DEBUG) || defined(VBOX_WITH_STATISTICS)
4282 STAM_PROFILE_ADV_STOP(&pCtl->StatAsyncTime, a);
4283#endif /* DEBUG || VBOX_WITH_STATISTICS */
4284
4285 u64TS = RTTimeNanoTS() - u64TS;
4286 uWait = u64TS / 1000;
4287 Log(("%s: Ctl: LUN#%d finished I/O transaction in %d microseconds\n", __FUNCTION__, pCtl->aIfs[pCtl->iAIOIf].iLUN, (uint32_t)(uWait)));
4288 /* Mark command as finished. */
4289 pCtl->aIfs[pCtl->iAIOIf].u64CmdTS = 0;
4290
4291 /*
4292 * Release logging of command execution times depends on the
4293 * command type. ATAPI commands often take longer (due to CD/DVD
4294 * spin up time etc.) so the threshold is different.
4295 */
4296 if (pCtl->aIfs[pCtl->iAIOIf].uATARegCommand != ATA_PACKET)
4297 {
4298 if (uWait > 8 * 1000 * 1000)
4299 {
4300 /*
4301 * Command took longer than 8 seconds. This is close
4302 * enough or over the guest's command timeout, so place
4303 * an entry in the release log to allow tracking such
4304 * timing errors (which are often caused by the host).
4305 */
4306 LogRel(("AHCI ATA: execution time for ATA command %#04x was %d seconds\n", pCtl->aIfs[pCtl->iAIOIf].uATARegCommand, uWait / (1000 * 1000)));
4307 }
4308 }
4309 else
4310 {
4311 if (uWait > 20 * 1000 * 1000)
4312 {
4313 /*
4314 * Command took longer than 20 seconds. This is close
4315 * enough or over the guest's command timeout, so place
4316 * an entry in the release log to allow tracking such
4317 * timing errors (which are often caused by the host).
4318 */
4319 LogRel(("AHCI ATA: execution time for ATAPI command %#04x was %d seconds\n", pCtl->aIfs[pCtl->iAIOIf].aATAPICmd[0], uWait / (1000 * 1000)));
4320 }
4321 }
4322
4323#if defined(DEBUG) || defined(VBOX_WITH_STATISTICS)
4324 if (uWait < pCtl->StatAsyncMinWait || !pCtl->StatAsyncMinWait)
4325 pCtl->StatAsyncMinWait = uWait;
4326 if (uWait > pCtl->StatAsyncMaxWait)
4327 pCtl->StatAsyncMaxWait = uWait;
4328
4329 STAM_COUNTER_ADD(&pCtl->StatAsyncTimeUS, uWait);
4330 STAM_COUNTER_INC(&pCtl->StatAsyncOps);
4331#endif /* DEBUG || VBOX_WITH_STATISTICS */
4332 }
4333
4334 PDMCritSectLeave(&pCtl->lock);
4335 }
4336
4337 /* Signal the ultimate idleness. */
4338 if (pCtl->fSignalIdle)
4339 PDMDevHlpAsyncNotificationCompleted(pCtl->pDevInsR3);
4340 RTThreadUserSignal(ThreadSelf);
4341
4342 /* Do not destroy request mutex yet, still needed for proper shutdown. */
4343 pCtl->fShutdown = false;
4344
4345 Log2(("%s: Ctl: return %Rrc\n", __FUNCTION__, rc));
4346 return rc;
4347}
4348
4349#endif /* IN_RING3 */
4350
4351static uint32_t ataBMDMACmdReadB(PAHCIATACONTROLLER pCtl, uint32_t addr)
4352{
4353 uint32_t val = pCtl->BmDma.u8Cmd;
4354 Log2(("%s: addr=%#06x val=%#04x\n", __FUNCTION__, addr, val));
4355 return val;
4356}
4357
4358
4359static void ataBMDMACmdWriteB(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t val)
4360{
4361 Log2(("%s: addr=%#06x val=%#04x\n", __FUNCTION__, addr, val));
4362 if (!(val & BM_CMD_START))
4363 {
4364 pCtl->BmDma.u8Status &= ~BM_STATUS_DMAING;
4365 pCtl->BmDma.u8Cmd = val & (BM_CMD_START | BM_CMD_WRITE);
4366 }
4367 else
4368 {
4369#ifdef IN_RING3
4370 /* Check whether the guest OS wants to change DMA direction in
4371 * mid-flight. Not allowed, according to the AHCI specs. */
4372 Assert(!(pCtl->BmDma.u8Status & BM_STATUS_DMAING) || !((val ^ pCtl->BmDma.u8Cmd) & 0x04));
4373 pCtl->BmDma.u8Status |= BM_STATUS_DMAING;
4374 pCtl->BmDma.u8Cmd = val & (BM_CMD_START | BM_CMD_WRITE);
4375
4376 /* Do not continue DMA transfers while the RESET line is asserted. */
4377 if (pCtl->fReset)
4378 {
4379 Log2(("%s: Ctl: suppressed continuing DMA transfer as RESET is active\n", __FUNCTION__));
4380 return;
4381 }
4382
4383 /* Do not start DMA transfers if there's a PIO transfer going on. */
4384 if (!pCtl->aIfs[pCtl->iSelectedIf].fDMA)
4385 return;
4386
4387 if (pCtl->aIfs[pCtl->iAIOIf].uATARegStatus & ATA_STAT_DRQ)
4388 {
4389 Log2(("%s: Ctl: message to async I/O thread, continuing DMA transfer\n", __FUNCTION__));
4390 ataAsyncIOPutRequest(pCtl, &ataDMARequest);
4391 }
4392#else /* !IN_RING3 */
4393 AssertMsgFailed(("DMA START handling is too complicated for GC\n"));
4394#endif /* IN_RING3 */
4395 }
4396}
4397
4398static uint32_t ataBMDMAStatusReadB(PAHCIATACONTROLLER pCtl, uint32_t addr)
4399{
4400 uint32_t val = pCtl->BmDma.u8Status;
4401 Log2(("%s: addr=%#06x val=%#04x\n", __FUNCTION__, addr, val));
4402 return val;
4403}
4404
4405static void ataBMDMAStatusWriteB(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t val)
4406{
4407 Log2(("%s: addr=%#06x val=%#04x\n", __FUNCTION__, addr, val));
4408 pCtl->BmDma.u8Status = (val & (BM_STATUS_D0DMA | BM_STATUS_D1DMA))
4409 | (pCtl->BmDma.u8Status & BM_STATUS_DMAING)
4410 | (pCtl->BmDma.u8Status & ~val & (BM_STATUS_ERROR | BM_STATUS_INT));
4411}
4412
4413static uint32_t ataBMDMAAddrReadL(PAHCIATACONTROLLER pCtl, uint32_t addr)
4414{
4415 uint32_t val = (uint32_t)pCtl->BmDma.pvAddr;
4416 Log2(("%s: addr=%#06x val=%#010x\n", __FUNCTION__, addr, val));
4417 return val;
4418}
4419
4420static void ataBMDMAAddrWriteL(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t val)
4421{
4422 Log2(("%s: addr=%#06x val=%#010x\n", __FUNCTION__, addr, val));
4423 pCtl->BmDma.pvAddr = val & ~3;
4424}
4425
4426static void ataBMDMAAddrWriteLowWord(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t val)
4427{
4428 Log2(("%s: addr=%#06x val=%#010x\n", __FUNCTION__, addr, val));
4429 pCtl->BmDma.pvAddr = (pCtl->BmDma.pvAddr & 0xFFFF0000) | RT_LOWORD(val & ~3);
4430
4431}
4432
4433static void ataBMDMAAddrWriteHighWord(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t val)
4434{
4435 Log2(("%s: addr=%#06x val=%#010x\n", __FUNCTION__, addr, val));
4436 pCtl->BmDma.pvAddr = (RT_LOWORD(val) << 16) | RT_LOWORD(pCtl->BmDma.pvAddr);
4437}
4438
4439#define VAL(port, size) ( ((port) & 7) | ((size) << 3) )
4440
4441/**
4442 * Port I/O Handler for bus master DMA IN operations.
4443 * @see FNIOMIOPORTIN for details.
4444 */
4445int ataControllerBMDMAIOPortRead(PAHCIATACONTROLLER pCtl, RTIOPORT Port, uint32_t *pu32, unsigned cb)
4446{
4447 int rc;
4448
4449 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_HC_IOPORT_READ);
4450 if (rc != VINF_SUCCESS)
4451 return rc;
4452 switch (VAL(Port, cb))
4453 {
4454 case VAL(0, 1): *pu32 = ataBMDMACmdReadB(pCtl, Port); break;
4455 case VAL(0, 2): *pu32 = ataBMDMACmdReadB(pCtl, Port); break;
4456 case VAL(2, 1): *pu32 = ataBMDMAStatusReadB(pCtl, Port); break;
4457 case VAL(2, 2): *pu32 = ataBMDMAStatusReadB(pCtl, Port); break;
4458 case VAL(4, 4): *pu32 = ataBMDMAAddrReadL(pCtl, Port); break;
4459 default:
4460 AssertMsgFailed(("%s: Unsupported read from port %x size=%d\n", __FUNCTION__, Port, cb));
4461 PDMCritSectLeave(&pCtl->lock);
4462 return VERR_IOM_IOPORT_UNUSED;
4463 }
4464 PDMCritSectLeave(&pCtl->lock);
4465 return rc;
4466}
4467
4468/**
4469 * Port I/O Handler for bus master DMA OUT operations.
4470 * @see FNIOMIOPORTOUT for details.
4471 */
4472int ataControllerBMDMAIOPortWrite(PAHCIATACONTROLLER pCtl, RTIOPORT Port, uint32_t u32, unsigned cb)
4473{
4474 int rc;
4475
4476 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_HC_IOPORT_WRITE);
4477 if (rc != VINF_SUCCESS)
4478 return rc;
4479 switch (VAL(Port, cb))
4480 {
4481 case VAL(0, 1):
4482#ifndef IN_RING3
4483 if (u32 & BM_CMD_START)
4484 {
4485 rc = VINF_IOM_HC_IOPORT_WRITE;
4486 break;
4487 }
4488#endif /* !IN_RING3 */
4489 ataBMDMACmdWriteB(pCtl, Port, u32);
4490 break;
4491 case VAL(2, 1): ataBMDMAStatusWriteB(pCtl, Port, u32); break;
4492 case VAL(4, 4): ataBMDMAAddrWriteL(pCtl, Port, u32); break;
4493 case VAL(4, 2): ataBMDMAAddrWriteLowWord(pCtl, Port, u32); break;
4494 case VAL(6, 2): ataBMDMAAddrWriteHighWord(pCtl, Port, u32); break;
4495 default: AssertMsgFailed(("%s: Unsupported write to port %x size=%d val=%x\n", __FUNCTION__, Port, cb, u32)); break;
4496 }
4497 PDMCritSectLeave(&pCtl->lock);
4498 return rc;
4499}
4500
4501#undef VAL
4502
4503
4504#ifdef IN_RING3
4505#if 0
4506
4507/**
4508 * Callback function for mapping an PCI I/O region.
4509 *
4510 * @return VBox status code.
4511 * @param pPciDev Pointer to PCI device. Use pPciDev->pDevIns to get the device instance.
4512 * @param iRegion The region number.
4513 * @param GCPhysAddress Physical address of the region. If iType is PCI_ADDRESS_SPACE_IO, this is an
4514 * I/O port, else it's a physical address.
4515 * This address is *NOT* relative to pci_mem_base like earlier!
4516 * @param enmType One of the PCI_ADDRESS_SPACE_* values.
4517 */
4518static DECLCALLBACK(int) ataBMDMAIORangeMap(PPCIDEVICE pPciDev, /*unsigned*/ int iRegion, RTGCPHYS GCPhysAddress, uint32_t cb, PCIADDRESSSPACE enmType)
4519{
4520 PCIATAState *pThis = PCIDEV_2_PCIATASTATE(pPciDev);
4521 int rc = VINF_SUCCESS;
4522 Assert(enmType == PCI_ADDRESS_SPACE_IO);
4523 Assert(iRegion == 4);
4524 AssertMsg(RT_ALIGN(GCPhysAddress, 8) == GCPhysAddress, ("Expected 8 byte alignment. GCPhysAddress=%#x\n", GCPhysAddress));
4525
4526 /* Register the port range. */
4527 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
4528 {
4529 int rc2 = PDMDevHlpIOPortRegister(pPciDev->pDevIns, (RTIOPORT)GCPhysAddress + i * 8, 8,
4530 (RTHCPTR)i, ataBMDMAIOPortWrite, ataBMDMAIOPortRead, NULL, NULL, "ATA Bus Master DMA");
4531 AssertRC(rc2);
4532 if (rc2 < rc)
4533 rc = rc2;
4534
4535 if (pThis->fGCEnabled)
4536 {
4537 rc2 = PDMDevHlpIOPortRegisterGC(pPciDev->pDevIns, (RTIOPORT)GCPhysAddress + i * 8, 8,
4538 (RTGCPTR)i, "ataBMDMAIOPortWrite", "ataBMDMAIOPortRead", NULL, NULL, "ATA Bus Master DMA");
4539 AssertRC(rc2);
4540 if (rc2 < rc)
4541 rc = rc2;
4542 }
4543 if (pThis->fR0Enabled)
4544 {
4545 rc2 = PDMDevHlpIOPortRegisterR0(pPciDev->pDevIns, (RTIOPORT)GCPhysAddress + i * 8, 8,
4546 (RTR0PTR)i, "ataBMDMAIOPortWrite", "ataBMDMAIOPortRead", NULL, NULL, "ATA Bus Master DMA");
4547 AssertRC(rc2);
4548 if (rc2 < rc)
4549 rc = rc2;
4550 }
4551 }
4552 return rc;
4553}
4554#endif
4555
4556/**
4557 * Reset the controller to an intial state.
4558 *
4559 * @returns VBox status.
4560 * @param pDevIns The device instance data.
4561 */
4562void ataControllerReset(PAHCIATACONTROLLER pCtl)
4563{
4564 pCtl->iSelectedIf = 0;
4565 pCtl->iAIOIf = 0;
4566 pCtl->BmDma.u8Cmd = 0;
4567 /* Report that both drives present on the bus are in DMA mode. This
4568 * pretends that there is a BIOS that has set it up. Normal reset
4569 * default is 0x00. */
4570 pCtl->BmDma.u8Status = (pCtl->aIfs[0].pDrvBase != NULL ? BM_STATUS_D0DMA : 0)
4571 | (pCtl->aIfs[1].pDrvBase != NULL ? BM_STATUS_D1DMA : 0);
4572 pCtl->BmDma.pvAddr = 0;
4573
4574 pCtl->fReset = true;
4575 pCtl->fRedo = false;
4576 pCtl->fRedoIdle = false;
4577 ataAsyncIOClearRequests(pCtl);
4578 Log2(("%s: Ctl: message to async I/O thread, reset controller\n", __FUNCTION__));
4579 ataAsyncIOPutRequest(pCtl, &ataResetARequest);
4580 ataAsyncIOPutRequest(pCtl, &ataResetCRequest);
4581 if (!ataWaitForAsyncIOIsIdle(pCtl, 30000))
4582 AssertReleaseMsgFailed(("Async I/O thread busy after reset\n"));
4583
4584 for (uint32_t i = 0; i < RT_ELEMENTS(pCtl->aIfs); i++)
4585 ataResetDevice(&pCtl->aIfs[i]);
4586}
4587
4588#if 0
4589/* -=-=-=-=-=- AHCIATADevState::IBase -=-=-=-=-=- */
4590
4591/**
4592 * Queries an interface to the driver.
4593 *
4594 * @returns Pointer to interface.
4595 * @returns NULL if the interface was not supported by the device.
4596 * @param pInterface Pointer to AHCIATADevState::IBase.
4597 * @param enmInterface The requested interface identification.
4598 */
4599static DECLCALLBACK(void *) ataQueryInterface(PPDMIBASE pInterface, PDMINTERFACE enmInterface)
4600{
4601 AHCIATADevState *pIf = PDMIBASE_2_ATASTATE(pInterface);
4602 switch (enmInterface)
4603 {
4604 case PDMINTERFACE_BASE:
4605 return &pIf->IBase;
4606 case PDMINTERFACE_BLOCK_PORT:
4607 return &pIf->IPort;
4608 case PDMINTERFACE_MOUNT_NOTIFY:
4609 return &pIf->IMountNotify;
4610 default:
4611 return NULL;
4612 }
4613}
4614#endif
4615#endif /* IN_RING3 */
4616
4617
4618/* -=-=-=-=-=- Wrappers -=-=-=-=-=- */
4619
4620/**
4621 * Port I/O Handler for primary port range OUT operations.
4622 * @see FNIOMIOPORTOUT for details.
4623 */
4624int ataControllerIOPortWrite1(PAHCIATACONTROLLER pCtl, RTIOPORT Port, uint32_t u32, unsigned cb)
4625{
4626 int rc = VINF_SUCCESS;
4627
4628 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_HC_IOPORT_WRITE);
4629 if (rc != VINF_SUCCESS)
4630 return rc;
4631 if (cb == 1)
4632 rc = ataIOPortWriteU8(pCtl, Port, u32);
4633 else if (Port == pCtl->IOPortBase1)
4634 {
4635 Assert(cb == 2 || cb == 4);
4636 rc = ataDataWrite(pCtl, Port, cb, (const uint8_t *)&u32);
4637 }
4638 else
4639 AssertMsgFailed(("ataIOPortWrite1: unsupported write to port %x val=%x size=%d\n", Port, u32, cb));
4640 PDMCritSectLeave(&pCtl->lock);
4641 return rc;
4642}
4643
4644
4645/**
4646 * Port I/O Handler for primary port range IN operations.
4647 * @see FNIOMIOPORTIN for details.
4648 */
4649int ataControllerIOPortRead1(PAHCIATACONTROLLER pCtl, RTIOPORT Port, uint32_t *pu32, unsigned cb)
4650{
4651 int rc = VINF_SUCCESS;
4652
4653 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_HC_IOPORT_READ);
4654 if (rc != VINF_SUCCESS)
4655 return rc;
4656 if (cb == 1)
4657 {
4658 rc = ataIOPortReadU8(pCtl, Port, pu32);
4659 }
4660 else if (Port == pCtl->IOPortBase1)
4661 {
4662 Assert(cb == 2 || cb == 4);
4663 rc = ataDataRead(pCtl, Port, cb, (uint8_t *)pu32);
4664 if (cb == 2)
4665 *pu32 &= 0xffff;
4666 }
4667 else
4668 {
4669 AssertMsgFailed(("ataIOPortRead1: unsupported read from port %x size=%d\n", Port, cb));
4670 rc = VERR_IOM_IOPORT_UNUSED;
4671 }
4672 PDMCritSectLeave(&pCtl->lock);
4673 return rc;
4674}
4675
4676#ifndef IN_RING0 /** @todo do this in ring-0 as well. */
4677/**
4678 * Port I/O Handler for primary port range IN string operations.
4679 * @see FNIOMIOPORTINSTRING for details.
4680 */
4681int ataControllerIOPortReadStr1(PAHCIATACONTROLLER pCtl, RTIOPORT Port, RTGCPTR *pGCPtrDst, PRTGCUINTREG pcTransfer, unsigned cb)
4682{
4683 int rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_HC_IOPORT_READ);
4684 if (rc != VINF_SUCCESS)
4685 return rc;
4686 if (Port == pCtl->IOPortBase1)
4687 {
4688 uint32_t cTransAvailable, cTransfer = *pcTransfer, cbTransfer;
4689 RTGCPTR GCDst = *pGCPtrDst;
4690 AHCIATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
4691 Assert(cb == 2 || cb == 4);
4692
4693 cTransAvailable = (s->iIOBufferPIODataEnd - s->iIOBufferPIODataStart) / cb;
4694#ifndef IN_RING3
4695 /* Deal with the unlikely case where no data (or not enough for the read length operation) is available; go back to ring 3. */
4696 if (!cTransAvailable)
4697 {
4698 PDMCritSectLeave(&pCtl->lock);
4699 return VINF_IOM_HC_IOPORT_READ;
4700 }
4701 /* The last transfer unit cannot be handled in GC, as it involves thread communication. */
4702 cTransAvailable--;
4703#endif /* !IN_RING3 */
4704 /* Do not handle the dummy transfer stuff here, leave it to the single-word transfers.
4705 * They are not performance-critical and generally shouldn't occur at all. */
4706 if (cTransAvailable > cTransfer)
4707 cTransAvailable = cTransfer;
4708 cbTransfer = cTransAvailable * cb;
4709
4710 PPDMDEVINS pDevIns = pCtl->CTX_SUFF(pDevIns);
4711 rc = PGMPhysSimpleDirtyWriteGCPtr(PDMDevHlpGetVMCPU(pDevIns), GCDst, s->CTX_SUFF(pbIOBuffer) + s->iIOBufferPIODataStart, cbTransfer);
4712 Assert(rc == VINF_SUCCESS);
4713
4714 if (cbTransfer)
4715 Log3(("%s: addr=%#x val=%.*Rhxs\n", __FUNCTION__, Port, cbTransfer, s->CTX_SUFF(pbIOBuffer) + s->iIOBufferPIODataStart));
4716 s->iIOBufferPIODataStart += cbTransfer;
4717 *pGCPtrDst = (RTGCPTR)((RTGCUINTPTR)GCDst + cbTransfer);
4718 *pcTransfer = cTransfer - cTransAvailable;
4719#ifdef IN_RING3
4720 if (s->iIOBufferPIODataStart >= s->iIOBufferPIODataEnd)
4721 ataPIOTransferFinish(pCtl, s);
4722#endif /* IN_RING3 */
4723 }
4724 PDMCritSectLeave(&pCtl->lock);
4725 return rc;
4726}
4727
4728
4729/**
4730 * Port I/O Handler for primary port range OUT string operations.
4731 * @see FNIOMIOPORTOUTSTRING for details.
4732 */
4733int ataControllerIOPortWriteStr1(PAHCIATACONTROLLER pCtl, RTIOPORT Port, RTGCPTR *pGCPtrSrc, PRTGCUINTREG pcTransfer, unsigned cb)
4734{
4735 int rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_HC_IOPORT_WRITE);
4736 if (rc != VINF_SUCCESS)
4737 return rc;
4738 if (Port == pCtl->IOPortBase1)
4739 {
4740 uint32_t cTransAvailable, cTransfer = *pcTransfer, cbTransfer;
4741 RTGCPTR GCSrc = *pGCPtrSrc;
4742 AHCIATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
4743 Assert(cb == 2 || cb == 4);
4744
4745 cTransAvailable = (s->iIOBufferPIODataEnd - s->iIOBufferPIODataStart) / cb;
4746#ifndef IN_RING3
4747 /* Deal with the unlikely case where no data (or not enough for the read length operation) is available; go back to ring 3. */
4748 if (!cTransAvailable)
4749 {
4750 PDMCritSectLeave(&pCtl->lock);
4751 return VINF_IOM_HC_IOPORT_WRITE;
4752 }
4753 /* The last transfer unit cannot be handled in GC, as it involves thread communication. */
4754 cTransAvailable--;
4755#endif /* !IN_RING3 */
4756 /* Do not handle the dummy transfer stuff here, leave it to the single-word transfers.
4757 * They are not performance-critical and generally shouldn't occur at all. */
4758 if (cTransAvailable > cTransfer)
4759 cTransAvailable = cTransfer;
4760 cbTransfer = cTransAvailable * cb;
4761
4762 PPDMDEVINS pDevIns = pCtl->CTX_SUFF(pDevIns);
4763 rc = PGMPhysSimpleReadGCPtr(PDMDevHlpGetVMCPU(pDevIns), s->CTX_SUFF(pbIOBuffer) + s->iIOBufferPIODataStart, GCSrc, cbTransfer);
4764 Assert(rc == VINF_SUCCESS);
4765
4766 if (cbTransfer)
4767 Log3(("%s: addr=%#x val=%.*Rhxs\n", __FUNCTION__, Port, cbTransfer, s->CTX_SUFF(pbIOBuffer) + s->iIOBufferPIODataStart));
4768 s->iIOBufferPIODataStart += cbTransfer;
4769 *pGCPtrSrc = (RTGCPTR)((RTGCUINTPTR)GCSrc + cbTransfer);
4770 *pcTransfer = cTransfer - cTransAvailable;
4771#ifdef IN_RING3
4772 if (s->iIOBufferPIODataStart >= s->iIOBufferPIODataEnd)
4773 ataPIOTransferFinish(pCtl, s);
4774#endif /* IN_RING3 */
4775 }
4776 PDMCritSectLeave(&pCtl->lock);
4777 return rc;
4778}
4779#endif /* !IN_RING0 */
4780
4781/**
4782 * Port I/O Handler for secondary port range OUT operations.
4783 * @see FNIOMIOPORTOUT for details.
4784 */
4785int ataControllerIOPortWrite2(PAHCIATACONTROLLER pCtl, RTIOPORT Port, uint32_t u32, unsigned cb)
4786{
4787 int rc;
4788
4789 if (cb != 1)
4790 return VINF_SUCCESS;
4791 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_HC_IOPORT_WRITE);
4792 if (rc != VINF_SUCCESS)
4793 return rc;
4794 rc = ataControlWrite(pCtl, Port, u32);
4795 PDMCritSectLeave(&pCtl->lock);
4796 return rc;
4797}
4798
4799
4800/**
4801 * Port I/O Handler for secondary port range IN operations.
4802 * @see FNIOMIOPORTIN for details.
4803 */
4804int ataControllerIOPortRead2(PAHCIATACONTROLLER pCtl, RTIOPORT Port, uint32_t *pu32, unsigned cb)
4805{
4806 int rc;
4807
4808 if (cb != 1)
4809 return VERR_IOM_IOPORT_UNUSED;
4810
4811 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_HC_IOPORT_READ);
4812 if (rc != VINF_SUCCESS)
4813 return rc;
4814 *pu32 = ataStatusRead(pCtl, Port);
4815 PDMCritSectLeave(&pCtl->lock);
4816 return VINF_SUCCESS;
4817}
4818
4819#ifdef IN_RING3
4820
4821/**
4822 * Waits for all async I/O threads to complete whatever they
4823 * are doing at the moment.
4824 *
4825 * @returns true on success.
4826 * @returns false when one or more threads is still processing.
4827 * @param pThis Pointer to the instance data.
4828 * @param cMillies How long to wait (total).
4829 */
4830static bool ataWaitForAllAsyncIOIsIdle(PAHCIATACONTROLLER pCtl, RTMSINTERVAL cMillies)
4831{
4832 uint64_t u64Start;
4833 PPDMDEVINS pDevIns = pCtl->CTXALLSUFF(pDevIns);
4834 bool fAllIdle = false;
4835
4836 /*
4837 * Wait for any pending async operation to finish
4838 */
4839 u64Start = RTTimeMilliTS();
4840 for (;;)
4841 {
4842 /* Check all async I/O threads. */
4843 fAllIdle = true;
4844
4845 fAllIdle &= ataAsyncIOIsIdle(pCtl, false);
4846 if (!fAllIdle)
4847 break;
4848
4849 if ( fAllIdle
4850 || RTTimeMilliTS() - u64Start >= cMillies)
4851 break;
4852
4853 /* Sleep for a bit. */
4854 RTThreadSleep(100);
4855 }
4856
4857 if (!fAllIdle)
4858 LogRel(("ATA: Ctl is still executing, DevSel=%d AIOIf=%d CmdIf0=%#04x CmdIf1=%#04x\n",
4859 pCtl->iSelectedIf, pCtl->iAIOIf,
4860 pCtl->aIfs[0].uATARegCommand, pCtl->aIfs[1].uATARegCommand));
4861
4862 return fAllIdle;
4863}
4864
4865
4866DECLINLINE(void) ataRelocBuffer(PPDMDEVINS pDevIns, AHCIATADevState *s)
4867{
4868 if (s->pbIOBufferR3)
4869 s->pbIOBufferRC = MMHyperR3ToRC(PDMDevHlpGetVM(pDevIns), s->pbIOBufferR3);
4870}
4871
4872
4873/**
4874 * @copydoc FNPDMDEVRELOCATE
4875 */
4876void ataControllerRelocate(PAHCIATACONTROLLER pCtl, RTGCINTPTR offDelta)
4877{
4878 PPDMDEVINS pDevIns = pCtl->CTXALLSUFF(pDevIns);
4879
4880 pCtl->pDevInsRC += offDelta;
4881 pCtl->aIfs[0].pDevInsRC += offDelta;
4882 pCtl->aIfs[0].pControllerRC += offDelta;
4883 ataRelocBuffer(pDevIns, &pCtl->aIfs[0]);
4884 pCtl->aIfs[1].pDevInsRC += offDelta;
4885 pCtl->aIfs[1].pControllerRC += offDelta;
4886 ataRelocBuffer(pDevIns, &pCtl->aIfs[1]);
4887}
4888
4889
4890/**
4891 * Destroy a controller instance.
4892 *
4893 * Most VM resources are freed by the VM. This callback is provided so that any non-VM
4894 * resources can be freed correctly.
4895 *
4896 * @param pCtl The controller instance.
4897 */
4898int ataControllerDestroy(PAHCIATACONTROLLER pCtl)
4899{
4900 int rc;
4901
4902 Log(("%s:\n", __FUNCTION__));
4903
4904 /*
4905 * Terminate the async helper thread and wait for it to finish up.
4906 */
4907 if (pCtl->AsyncIOThread != NIL_RTTHREAD)
4908 {
4909 ASMAtomicWriteU32(&pCtl->fShutdown, true);
4910 rc = RTSemEventSignal(pCtl->AsyncIOSem);
4911 AssertRC(rc);
4912
4913 rc = RTThreadWait(pCtl->AsyncIOThread, 30000 /* 30 s*/, NULL);
4914 if (RT_SUCCESS(rc))
4915 pCtl->AsyncIOThread = NIL_RTTHREAD;
4916 else
4917 LogRel(("PIIX3 ATA Dtor: Ctl/irq=%u is still executing, DevSel=%d AIOIf=%d CmdIf0=%#04x CmdIf1=%#04x rc=%Rrc\n",
4918 pCtl->irq, pCtl->iSelectedIf, pCtl->iAIOIf,
4919 pCtl->aIfs[0].uATARegCommand, pCtl->aIfs[1].uATARegCommand, rc));
4920 }
4921
4922 /*
4923 * Now the request mutexes are no longer needed. Free resources.
4924 */
4925 if (pCtl->AsyncIORequestMutex != NIL_RTSEMMUTEX)
4926 {
4927 RTSemMutexDestroy(pCtl->AsyncIORequestMutex);
4928 pCtl->AsyncIORequestMutex = NIL_RTSEMMUTEX;
4929 }
4930 if (pCtl->AsyncIOSem != NIL_RTSEMEVENT)
4931 {
4932 RTSemEventDestroy(pCtl->AsyncIOSem);
4933 pCtl->AsyncIOSem = NIL_RTSEMEVENT;
4934 }
4935 if (pCtl->SuspendIOSem != NIL_RTSEMEVENT)
4936 {
4937 RTSemEventDestroy(pCtl->SuspendIOSem);
4938 pCtl->SuspendIOSem = NIL_RTSEMEVENT;
4939 }
4940
4941 /* try one final time */
4942 if (pCtl->AsyncIOThread != NIL_RTTHREAD)
4943 {
4944 rc = RTThreadWait(pCtl->AsyncIOThread, 1 /*ms*/, NULL);
4945 if (RT_SUCCESS(rc))
4946 {
4947 pCtl->AsyncIOThread = NIL_RTTHREAD;
4948 LogRel(("AHCI ATA Dtor: Ctl/irq=%u actually completed.\n", pCtl->irq));
4949 }
4950 }
4951
4952 return VINF_SUCCESS;
4953}
4954
4955#if 0
4956/**
4957 * Detach notification.
4958 *
4959 * The DVD drive has been unplugged.
4960 *
4961 * @param pDevIns The device instance.
4962 * @param iLUN The logical unit which is being detached.
4963 */
4964static DECLCALLBACK(void) ataDetach(PPDMDEVINS pDevIns, unsigned iLUN)
4965{
4966 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
4967 PAHCIATACONTROLLER pCtl;
4968 AHCIATADevState *pIf;
4969 unsigned iController;
4970 unsigned iInterface;
4971
4972 /*
4973 * Locate the controller and stuff.
4974 */
4975 iController = iLUN / RT_ELEMENTS(pThis->aCts[0].aIfs);
4976 AssertReleaseMsg(iController < RT_ELEMENTS(pThis->aCts), ("iController=%d iLUN=%d\n", iController, iLUN));
4977 pCtl = &pThis->aCts[iController];
4978
4979 iInterface = iLUN % RT_ELEMENTS(pThis->aCts[0].aIfs);
4980 pIf = &pCtl->aIfs[iInterface];
4981
4982 /*
4983 * Zero some important members.
4984 */
4985 pIf->pDrvBase = NULL;
4986 pIf->pDrvBlock = NULL;
4987 pIf->pDrvBlockBios = NULL;
4988 pIf->pDrvMount = NULL;
4989
4990 /*
4991 * Just in case there was a medium inserted. Only required when attached to a physical drive
4992 * in passthrough mode as in virtual ATAPI mode we've got an unmount notification.
4993 */
4994 if (pIf->fATAPIPassthrough)
4995 ataMediumRemoved(pIf);
4996
4997}
4998#endif
4999
5000/**
5001 * Configure a LUN.
5002 *
5003 * @returns VBox status code.
5004 * @param pDevIns The device instance.
5005 * @param pIf The ATA unit state.
5006 */
5007static int ataConfigLun(PPDMDEVINS pDevIns, AHCIATADevState *pIf)
5008{
5009 int rc;
5010 PDMBLOCKTYPE enmType;
5011
5012 /*
5013 * Query Block, Bios and Mount interfaces.
5014 */
5015 pIf->pDrvBlock = (PDMIBLOCK *)pIf->pDrvBase->pfnQueryInterface(pIf->pDrvBase, PDMINTERFACE_BLOCK);
5016 if (!pIf->pDrvBlock)
5017 {
5018 AssertMsgFailed(("Configuration error: LUN#%d hasn't a block interface!\n", pIf->iLUN));
5019 return VERR_PDM_MISSING_INTERFACE;
5020 }
5021
5022 /** @todo implement the BIOS invisible code path. */
5023 pIf->pDrvBlockBios = (PDMIBLOCKBIOS *)pIf->pDrvBase->pfnQueryInterface(pIf->pDrvBase, PDMINTERFACE_BLOCK_BIOS);
5024 if (!pIf->pDrvBlockBios)
5025 {
5026 AssertMsgFailed(("Configuration error: LUN#%d hasn't a block BIOS interface!\n", pIf->iLUN));
5027 return VERR_PDM_MISSING_INTERFACE;
5028 }
5029 pIf->pDrvMount = (PDMIMOUNT *)pIf->pDrvBase->pfnQueryInterface(pIf->pDrvBase, PDMINTERFACE_MOUNT);
5030
5031 /*
5032 * Validate type.
5033 */
5034 enmType = pIf->pDrvBlock->pfnGetType(pIf->pDrvBlock);
5035 if ( enmType != PDMBLOCKTYPE_CDROM
5036 && enmType != PDMBLOCKTYPE_DVD
5037 && enmType != PDMBLOCKTYPE_HARD_DISK)
5038 {
5039 AssertMsgFailed(("Configuration error: LUN#%d isn't a disk or cd/dvd-rom. enmType=%d\n", pIf->iLUN, enmType));
5040 return VERR_PDM_UNSUPPORTED_BLOCK_TYPE;
5041 }
5042 if ( ( enmType == PDMBLOCKTYPE_DVD
5043 || enmType == PDMBLOCKTYPE_CDROM)
5044 && !pIf->pDrvMount)
5045 {
5046 AssertMsgFailed(("Internal error: cdrom without a mountable interface, WTF???!\n"));
5047 return VERR_INTERNAL_ERROR;
5048 }
5049 pIf->fATAPI = enmType == PDMBLOCKTYPE_DVD || enmType == PDMBLOCKTYPE_CDROM;
5050 pIf->fATAPIPassthrough = pIf->fATAPI ? (pIf->pDrvBlock->pfnSendCmd != NULL) : false;
5051
5052 /*
5053 * Allocate I/O buffer.
5054 */
5055 PVM pVM = PDMDevHlpGetVM(pDevIns);
5056 if (pIf->cbIOBuffer)
5057 {
5058 /* Buffer is (probably) already allocated. Validate the fields,
5059 * because memory corruption can also overwrite pIf->cbIOBuffer. */
5060 if (pIf->fATAPI)
5061 AssertRelease(pIf->cbIOBuffer == _128K);
5062 else
5063 AssertRelease(pIf->cbIOBuffer == ATA_MAX_MULT_SECTORS * 512);
5064 Assert(pIf->pbIOBufferR3);
5065 Assert(pIf->pbIOBufferR0 == MMHyperR3ToR0(pVM, pIf->pbIOBufferR3));
5066 Assert(pIf->pbIOBufferRC == MMHyperR3ToRC(pVM, pIf->pbIOBufferR3));
5067 }
5068 else
5069 {
5070 if (pIf->fATAPI)
5071 pIf->cbIOBuffer = _128K;
5072 else
5073 pIf->cbIOBuffer = ATA_MAX_MULT_SECTORS * 512;
5074 Assert(!pIf->pbIOBufferR3);
5075 rc = MMR3HyperAllocOnceNoRel(pVM, pIf->cbIOBuffer, 0, MM_TAG_PDM_DEVICE_USER, (void **)&pIf->pbIOBufferR3);
5076 if (RT_FAILURE(rc))
5077 return VERR_NO_MEMORY;
5078 pIf->pbIOBufferR0 = MMHyperR3ToR0(pVM, pIf->pbIOBufferR3);
5079 pIf->pbIOBufferRC = MMHyperR3ToRC(pVM, pIf->pbIOBufferR3);
5080 }
5081
5082 /*
5083 * Init geometry (only for non-CD/DVD media).
5084 */
5085 if (pIf->fATAPI)
5086 {
5087 pIf->cTotalSectors = pIf->pDrvBlock->pfnGetSize(pIf->pDrvBlock) / 2048;
5088 pIf->PCHSGeometry.cCylinders = 0; /* dummy */
5089 pIf->PCHSGeometry.cHeads = 0; /* dummy */
5090 pIf->PCHSGeometry.cSectors = 0; /* dummy */
5091 LogRel(("ATA: LUN#%d: CD/DVD, total number of sectors %Ld, passthrough %s\n", pIf->iLUN, pIf->cTotalSectors, (pIf->fATAPIPassthrough ? "enabled" : "disabled")));
5092 }
5093 else
5094 {
5095 pIf->cTotalSectors = pIf->pDrvBlock->pfnGetSize(pIf->pDrvBlock) / 512;
5096 rc = pIf->pDrvBlockBios->pfnGetPCHSGeometry(pIf->pDrvBlockBios,
5097 &pIf->PCHSGeometry);
5098 if (rc == VERR_PDM_MEDIA_NOT_MOUNTED)
5099 {
5100 pIf->PCHSGeometry.cCylinders = 0;
5101 pIf->PCHSGeometry.cHeads = 16; /*??*/
5102 pIf->PCHSGeometry.cSectors = 63; /*??*/
5103 }
5104 else if (rc == VERR_PDM_GEOMETRY_NOT_SET)
5105 {
5106 pIf->PCHSGeometry.cCylinders = 0; /* autodetect marker */
5107 rc = VINF_SUCCESS;
5108 }
5109 AssertRC(rc);
5110
5111 if ( pIf->PCHSGeometry.cCylinders == 0
5112 || pIf->PCHSGeometry.cHeads == 0
5113 || pIf->PCHSGeometry.cSectors == 0
5114 )
5115 {
5116 uint64_t cCylinders = pIf->cTotalSectors / (16 * 63);
5117 pIf->PCHSGeometry.cCylinders = RT_MAX(RT_MIN(cCylinders, 16383), 1);
5118 pIf->PCHSGeometry.cHeads = 16;
5119 pIf->PCHSGeometry.cSectors = 63;
5120 /* Set the disk geometry information. */
5121 rc = pIf->pDrvBlockBios->pfnSetPCHSGeometry(pIf->pDrvBlockBios,
5122 &pIf->PCHSGeometry);
5123 }
5124 LogRel(("AHCI ATA: LUN#%d: disk, PCHS=%u/%u/%u, total number of sectors %Ld\n", pIf->iLUN, pIf->PCHSGeometry.cCylinders, pIf->PCHSGeometry.cHeads, pIf->PCHSGeometry.cSectors, pIf->cTotalSectors));
5125 }
5126 return VINF_SUCCESS;
5127}
5128
5129#if 0
5130/**
5131 * Attach command.
5132 *
5133 * This is called when we change block driver for the DVD drive.
5134 *
5135 * @returns VBox status code.
5136 * @param pDevIns The device instance.
5137 * @param iLUN The logical unit which is being detached.
5138 */
5139static DECLCALLBACK(int) ataAttach(PPDMDEVINS pDevIns, unsigned iLUN)
5140{
5141 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
5142 PAHCIATACONTROLLER pCtl;
5143 AHCIATADevState *pIf;
5144 int rc;
5145 unsigned iController;
5146 unsigned iInterface;
5147
5148 /*
5149 * Locate the controller and stuff.
5150 */
5151 iController = iLUN / RT_ELEMENTS(pThis->aCts[0].aIfs);
5152 AssertReleaseMsg(iController < RT_ELEMENTS(pThis->aCts), ("iController=%d iLUN=%d\n", iController, iLUN));
5153 pCtl = &pThis->aCts[iController];
5154
5155 iInterface = iLUN % RT_ELEMENTS(pThis->aCts[0].aIfs);
5156 pIf = &pCtl->aIfs[iInterface];
5157
5158 /* the usual paranoia */
5159 AssertRelease(!pIf->pDrvBase);
5160 AssertRelease(!pIf->pDrvBlock);
5161 Assert(ATADEVSTATE_2_CONTROLLER(pIf) == pCtl);
5162 Assert(pIf->iLUN == iLUN);
5163
5164 /*
5165 * Try attach the block device and get the interfaces,
5166 * required as well as optional.
5167 */
5168 rc = PDMDevHlpDriverAttach(pDevIns, pIf->iLUN, &pIf->IBase, &pIf->pDrvBase, NULL);
5169 if (RT_SUCCESS(rc))
5170 {
5171 rc = ataConfigLun(pDevIns, pIf);
5172 /*
5173 * In case there is a new medium inserted. In virtual ATAPI mode we get an mount
5174 * notification.
5175 */
5176 if (pIf->fATAPIPassthrough)
5177 ataMediumInserted(pIf);
5178 }
5179 else
5180 AssertMsgFailed(("Failed to attach LUN#%d. rc=%Rrc\n", pIf->iLUN, rc));
5181
5182 if (RT_FAILURE(rc))
5183 {
5184 pIf->pDrvBase = NULL;
5185 pIf->pDrvBlock = NULL;
5186 }
5187 return rc;
5188}
5189#endif
5190
5191
5192/**
5193 * Resume notification.
5194 *
5195 * @returns VBox status.
5196 * @param pDevIns The device instance data.
5197 */
5198void ataControllerResume(PAHCIATACONTROLLER pCtl)
5199{
5200 int rc;
5201
5202 Log(("%s:\n", __FUNCTION__));
5203 if (pCtl->fRedo && pCtl->fRedoIdle)
5204 {
5205 rc = RTSemEventSignal(pCtl->SuspendIOSem);
5206 AssertRC(rc);
5207 }
5208
5209 return;
5210}
5211
5212
5213/**
5214 * Tests if the controller is idle, leaving the PDM notifications on if busy.
5215 *
5216 * @returns true if idle, false if idle.
5217 * @param pCtl the controller instance.
5218 */
5219bool ataControllerIsIdle(PAHCIATACONTROLLER pCtl)
5220{
5221 ASMAtomicWriteBool(&pCtl->fSignalIdle, true);
5222 if (ataAsyncIOIsIdle(pCtl, false /*fStrict*/))
5223 {
5224 ASMAtomicWriteBool(&pCtl->fSignalIdle, false);
5225 return true;
5226 }
5227 return false;
5228}
5229
5230/**
5231 * Saves a state of the ATA device.
5232 *
5233 * @returns VBox status code.
5234 * @param pCtl Controller instance.
5235 * @param pSSM The handle to save the state to.
5236 */
5237int ataControllerSaveExec(PAHCIATACONTROLLER pCtl, PSSMHANDLE pSSM)
5238{
5239 SSMR3PutU32(pSSM, ATA_CTL_SAVED_STATE_VERSION);
5240 SSMR3PutU8(pSSM, pCtl->iSelectedIf);
5241 SSMR3PutU8(pSSM, pCtl->iAIOIf);
5242 SSMR3PutU8(pSSM, pCtl->uAsyncIOState);
5243 SSMR3PutBool(pSSM, pCtl->fChainedTransfer);
5244 SSMR3PutBool(pSSM, pCtl->fReset);
5245 SSMR3PutBool(pSSM, pCtl->fRedo);
5246 SSMR3PutBool(pSSM, pCtl->fRedoIdle);
5247 SSMR3PutBool(pSSM, pCtl->fRedoDMALastDesc);
5248 SSMR3PutMem(pSSM, &pCtl->BmDma, sizeof(pCtl->BmDma));
5249 SSMR3PutGCPhys32(pSSM, pCtl->pFirstDMADesc);
5250 SSMR3PutGCPhys32(pSSM, pCtl->pLastDMADesc);
5251 SSMR3PutGCPhys32(pSSM, pCtl->pRedoDMABuffer);
5252 SSMR3PutU32(pSSM, pCtl->cbRedoDMABuffer);
5253
5254 for (uint32_t j = 0; j < RT_ELEMENTS(pCtl->aIfs); j++)
5255 {
5256 SSMR3PutBool(pSSM, pCtl->aIfs[j].fLBA48);
5257 SSMR3PutBool(pSSM, pCtl->aIfs[j].fATAPI);
5258 SSMR3PutBool(pSSM, pCtl->aIfs[j].fIrqPending);
5259 SSMR3PutU8(pSSM, pCtl->aIfs[j].cMultSectors);
5260 SSMR3PutU32(pSSM, pCtl->aIfs[j].PCHSGeometry.cCylinders);
5261 SSMR3PutU32(pSSM, pCtl->aIfs[j].PCHSGeometry.cHeads);
5262 SSMR3PutU32(pSSM, pCtl->aIfs[j].PCHSGeometry.cSectors);
5263 SSMR3PutU32(pSSM, pCtl->aIfs[j].cSectorsPerIRQ);
5264 SSMR3PutU64(pSSM, pCtl->aIfs[j].cTotalSectors);
5265 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegFeature);
5266 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegFeatureHOB);
5267 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegError);
5268 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegNSector);
5269 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegNSectorHOB);
5270 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegSector);
5271 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegSectorHOB);
5272 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegLCyl);
5273 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegLCylHOB);
5274 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegHCyl);
5275 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegHCylHOB);
5276 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegSelect);
5277 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegStatus);
5278 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegCommand);
5279 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegDevCtl);
5280 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATATransferMode);
5281 SSMR3PutU8(pSSM, pCtl->aIfs[j].uTxDir);
5282 SSMR3PutU8(pSSM, pCtl->aIfs[j].iBeginTransfer);
5283 SSMR3PutU8(pSSM, pCtl->aIfs[j].iSourceSink);
5284 SSMR3PutBool(pSSM, pCtl->aIfs[j].fDMA);
5285 SSMR3PutBool(pSSM, pCtl->aIfs[j].fATAPITransfer);
5286 SSMR3PutU32(pSSM, pCtl->aIfs[j].cbTotalTransfer);
5287 SSMR3PutU32(pSSM, pCtl->aIfs[j].cbElementaryTransfer);
5288 SSMR3PutU32(pSSM, pCtl->aIfs[j].iIOBufferCur);
5289 SSMR3PutU32(pSSM, pCtl->aIfs[j].iIOBufferEnd);
5290 SSMR3PutU32(pSSM, pCtl->aIfs[j].iIOBufferPIODataStart);
5291 SSMR3PutU32(pSSM, pCtl->aIfs[j].iIOBufferPIODataEnd);
5292 SSMR3PutU32(pSSM, pCtl->aIfs[j].iATAPILBA);
5293 SSMR3PutU32(pSSM, pCtl->aIfs[j].cbATAPISector);
5294 SSMR3PutMem(pSSM, &pCtl->aIfs[j].aATAPICmd, sizeof(pCtl->aIfs[j].aATAPICmd));
5295 SSMR3PutMem(pSSM, &pCtl->aIfs[j].abATAPISense, sizeof(pCtl->aIfs[j].abATAPISense));
5296 SSMR3PutU8(pSSM, pCtl->aIfs[j].cNotifiedMediaChange);
5297 SSMR3PutU32(pSSM, pCtl->aIfs[j].MediaEventStatus);
5298 SSMR3PutMem(pSSM, pCtl->aIfs[j].pLed, sizeof(PDMLED));
5299 SSMR3PutU32(pSSM, pCtl->aIfs[j].cbIOBuffer);
5300 if (pCtl->aIfs[j].cbIOBuffer)
5301 SSMR3PutMem(pSSM, pCtl->aIfs[j].CTX_SUFF(pbIOBuffer), pCtl->aIfs[j].cbIOBuffer);
5302 else
5303 Assert(pCtl->aIfs[j].CTX_SUFF(pbIOBuffer) == NULL);
5304 }
5305
5306 return SSMR3PutU32(pSSM, ~0); /* sanity/terminator */
5307}
5308
5309
5310/**
5311 * Loads a saved ATA device state.
5312 *
5313 * @returns VBox status code.
5314 * @param pDevIns The device instance.
5315 * @param pSSM The handle to the saved state.
5316 */
5317int ataControllerLoadExec(PAHCIATACONTROLLER pCtl, PSSMHANDLE pSSM)
5318{
5319 int rc;
5320 uint32_t u32Version;
5321 uint32_t u32;
5322
5323 /* Test for correct version. */
5324 rc = SSMR3GetU32(pSSM, &u32Version);
5325 AssertRCReturn(rc, rc);
5326
5327 if ( u32Version != ATA_CTL_SAVED_STATE_VERSION
5328 && u32Version != ATA_CTL_SAVED_STATE_VERSION_WITHOUT_FULL_SENSE
5329 && u32Version != ATA_CTL_SAVED_STATE_VERSION_WITHOUT_EVENT_STATUS)
5330 {
5331 AssertMsgFailed(("u32Version=%d\n", u32Version));
5332 return VERR_SSM_UNSUPPORTED_DATA_UNIT_VERSION;
5333 }
5334
5335 /* integrity check */
5336 if (!ataAsyncIOIsIdle(pCtl, false))
5337 {
5338 AssertMsgFailed(("Async I/O for controller is active\n"));
5339 return VERR_SSM_DATA_UNIT_FORMAT_CHANGED;
5340 }
5341
5342 SSMR3GetU8(pSSM, &pCtl->iSelectedIf);
5343 SSMR3GetU8(pSSM, &pCtl->iAIOIf);
5344 SSMR3GetU8(pSSM, &pCtl->uAsyncIOState);
5345 SSMR3GetBool(pSSM, &pCtl->fChainedTransfer);
5346 SSMR3GetBool(pSSM, (bool *)&pCtl->fReset);
5347 SSMR3GetBool(pSSM, (bool *)&pCtl->fRedo);
5348 SSMR3GetBool(pSSM, (bool *)&pCtl->fRedoIdle);
5349 SSMR3GetBool(pSSM, (bool *)&pCtl->fRedoDMALastDesc);
5350 SSMR3GetMem(pSSM, &pCtl->BmDma, sizeof(pCtl->BmDma));
5351 SSMR3GetGCPhys32(pSSM, &pCtl->pFirstDMADesc);
5352 SSMR3GetGCPhys32(pSSM, &pCtl->pLastDMADesc);
5353 SSMR3GetGCPhys32(pSSM, &pCtl->pRedoDMABuffer);
5354 SSMR3GetU32(pSSM, &pCtl->cbRedoDMABuffer);
5355
5356 for (uint32_t j = 0; j < RT_ELEMENTS(pCtl->aIfs); j++)
5357 {
5358 SSMR3GetBool(pSSM, &pCtl->aIfs[j].fLBA48);
5359 SSMR3GetBool(pSSM, &pCtl->aIfs[j].fATAPI);
5360 SSMR3GetBool(pSSM, &pCtl->aIfs[j].fIrqPending);
5361 SSMR3GetU8(pSSM, &pCtl->aIfs[j].cMultSectors);
5362 SSMR3GetU32(pSSM, &pCtl->aIfs[j].PCHSGeometry.cCylinders);
5363 SSMR3GetU32(pSSM, &pCtl->aIfs[j].PCHSGeometry.cHeads);
5364 SSMR3GetU32(pSSM, &pCtl->aIfs[j].PCHSGeometry.cSectors);
5365 SSMR3GetU32(pSSM, &pCtl->aIfs[j].cSectorsPerIRQ);
5366 SSMR3GetU64(pSSM, &pCtl->aIfs[j].cTotalSectors);
5367 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegFeature);
5368 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegFeatureHOB);
5369 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegError);
5370 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegNSector);
5371 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegNSectorHOB);
5372 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegSector);
5373 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegSectorHOB);
5374 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegLCyl);
5375 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegLCylHOB);
5376 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegHCyl);
5377 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegHCylHOB);
5378 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegSelect);
5379 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegStatus);
5380 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegCommand);
5381 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegDevCtl);
5382 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATATransferMode);
5383 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uTxDir);
5384 SSMR3GetU8(pSSM, &pCtl->aIfs[j].iBeginTransfer);
5385 SSMR3GetU8(pSSM, &pCtl->aIfs[j].iSourceSink);
5386 SSMR3GetBool(pSSM, &pCtl->aIfs[j].fDMA);
5387 SSMR3GetBool(pSSM, &pCtl->aIfs[j].fATAPITransfer);
5388 SSMR3GetU32(pSSM, &pCtl->aIfs[j].cbTotalTransfer);
5389 SSMR3GetU32(pSSM, &pCtl->aIfs[j].cbElementaryTransfer);
5390 SSMR3GetU32(pSSM, &pCtl->aIfs[j].iIOBufferCur);
5391 SSMR3GetU32(pSSM, &pCtl->aIfs[j].iIOBufferEnd);
5392 SSMR3GetU32(pSSM, &pCtl->aIfs[j].iIOBufferPIODataStart);
5393 SSMR3GetU32(pSSM, &pCtl->aIfs[j].iIOBufferPIODataEnd);
5394 SSMR3GetU32(pSSM, &pCtl->aIfs[j].iATAPILBA);
5395 SSMR3GetU32(pSSM, &pCtl->aIfs[j].cbATAPISector);
5396 SSMR3GetMem(pSSM, &pCtl->aIfs[j].aATAPICmd, sizeof(pCtl->aIfs[j].aATAPICmd));
5397 if (u32Version > ATA_CTL_SAVED_STATE_VERSION_WITHOUT_FULL_SENSE)
5398 {
5399 SSMR3GetMem(pSSM, &pCtl->aIfs[j].abATAPISense, sizeof(pCtl->aIfs[j].abATAPISense));
5400 }
5401 else
5402 {
5403 uint8_t uATAPISenseKey, uATAPIASC;
5404 memset(pCtl->aIfs[j].abATAPISense, '\0', sizeof(pCtl->aIfs[j].abATAPISense));
5405 pCtl->aIfs[j].abATAPISense[0] = 0x70 | (1 << 7);
5406 pCtl->aIfs[j].abATAPISense[7] = 10;
5407 SSMR3GetU8(pSSM, &uATAPISenseKey);
5408 SSMR3GetU8(pSSM, &uATAPIASC);
5409 pCtl->aIfs[j].abATAPISense[2] = uATAPISenseKey & 0x0f;
5410 pCtl->aIfs[j].abATAPISense[12] = uATAPIASC;
5411 }
5412 /** @todo triple-check this hack after passthrough is working */
5413 SSMR3GetU8(pSSM, &pCtl->aIfs[j].cNotifiedMediaChange);
5414 if (u32Version > ATA_CTL_SAVED_STATE_VERSION_WITHOUT_EVENT_STATUS)
5415 SSMR3GetU32(pSSM, (uint32_t*)&pCtl->aIfs[j].MediaEventStatus);
5416 else
5417 pCtl->aIfs[j].MediaEventStatus = ATA_EVENT_STATUS_UNCHANGED;
5418
5419 PDMLED Led;
5420 SSMR3GetMem(pSSM, &Led, sizeof(PDMLED));
5421 SSMR3GetU32(pSSM, &pCtl->aIfs[j].cbIOBuffer);
5422 if (pCtl->aIfs[j].cbIOBuffer)
5423 {
5424 if (pCtl->aIfs[j].CTX_SUFF(pbIOBuffer))
5425 SSMR3GetMem(pSSM, pCtl->aIfs[j].CTX_SUFF(pbIOBuffer), pCtl->aIfs[j].cbIOBuffer);
5426 else
5427 {
5428 LogRel(("ATA: No buffer for %d\n", j));
5429 if (SSMR3HandleGetAfter(pSSM) != SSMAFTER_DEBUG_IT)
5430 return SSMR3SetCfgError(pSSM, RT_SRC_POS, N_("No buffer for %d"), j);
5431
5432 /* skip the buffer if we're loading for the debugger / animator. */
5433 uint8_t u8Ignored;
5434 size_t cbLeft = pCtl->aIfs[j].cbIOBuffer;
5435 while (cbLeft-- > 0)
5436 SSMR3GetU8(pSSM, &u8Ignored);
5437 }
5438 }
5439 else
5440 Assert(pCtl->aIfs[j].CTX_SUFF(pbIOBuffer) == NULL);
5441 }
5442
5443 rc = SSMR3GetU32(pSSM, &u32);
5444 if (RT_FAILURE(rc))
5445 return rc;
5446 if (u32 != ~0U)
5447 {
5448 AssertMsgFailed(("u32=%#x expected ~0\n", u32));
5449 rc = VERR_SSM_DATA_UNIT_FORMAT_CHANGED;
5450 return rc;
5451 }
5452
5453 return VINF_SUCCESS;
5454}
5455
5456DECLCALLBACK(int) ataControllerInit(PPDMDEVINS pDevIns, PAHCIATACONTROLLER pCtl, PPDMIBASE pDrvBaseMaster, PPDMIBASE pDrvBaseSlave,
5457 uint32_t *pcbSSMState, const char *szName, PPDMLED pLed,
5458 PSTAMCOUNTER pStatBytesRead, PSTAMCOUNTER pStatBytesWritten)
5459{
5460 int rc;
5461
5462 AssertMsg(pcbSSMState, ("pcbSSMState is invalid\n"));
5463
5464 pCtl->pDevInsR3 = pDevIns;
5465 pCtl->pDevInsR0 = PDMDEVINS_2_R0PTR(pDevIns);
5466 pCtl->pDevInsRC = PDMDEVINS_2_RCPTR(pDevIns);
5467 pCtl->AsyncIOSem = NIL_RTSEMEVENT;
5468 pCtl->SuspendIOSem = NIL_RTSEMEVENT;
5469 pCtl->AsyncIORequestMutex = NIL_RTSEMMUTEX;
5470 pCtl->AsyncIOThread = NIL_RTTHREAD;
5471
5472 for (uint32_t j = 0; j < RT_ELEMENTS(pCtl->aIfs); j++)
5473 {
5474 pCtl->aIfs[j].iLUN = j;
5475 pCtl->aIfs[j].pDevInsR3 = pDevIns;
5476 pCtl->aIfs[j].pDevInsR0 = PDMDEVINS_2_R0PTR(pDevIns);
5477 pCtl->aIfs[j].pDevInsRC = PDMDEVINS_2_RCPTR(pDevIns);
5478 pCtl->aIfs[j].pControllerR3 = pCtl;
5479 pCtl->aIfs[j].pControllerR0 = MMHyperR3ToR0(PDMDevHlpGetVM(pDevIns), pCtl);
5480 pCtl->aIfs[j].pControllerRC = MMHyperR3ToRC(PDMDevHlpGetVM(pDevIns), pCtl);
5481 pCtl->aIfs[j].pLed = pLed;
5482 pCtl->aIfs[j].pStatBytesRead = pStatBytesRead;
5483 pCtl->aIfs[j].pStatBytesWritten = pStatBytesWritten;
5484 }
5485
5486 /* Initialize per-controller critical section */
5487 rc = PDMDevHlpCritSectInit(pDevIns, &pCtl->lock, RT_SRC_POS, "%s", szName);
5488 if (RT_FAILURE(rc))
5489 return PDMDEV_SET_ERROR(pDevIns, rc, N_("AHCI ATA: cannot initialize critical section"));
5490
5491 /*
5492 * Attach the units.
5493 */
5494 uint32_t cbTotalBuffer = 0;
5495
5496 /*
5497 * Start the worker thread.
5498 */
5499 pCtl->uAsyncIOState = AHCIATA_AIO_NEW;
5500 rc = RTSemEventCreate(&pCtl->AsyncIOSem);
5501 AssertRCReturn(rc, rc);
5502 rc = RTSemEventCreate(&pCtl->SuspendIOSem);
5503 AssertRCReturn(rc, rc);
5504 rc = RTSemMutexCreate(&pCtl->AsyncIORequestMutex);
5505 AssertRCReturn(rc, rc);
5506 ataAsyncIOClearRequests(pCtl);
5507 rc = RTThreadCreateF(&pCtl->AsyncIOThread, ataAsyncIOLoop, (void *)pCtl, 128*1024,
5508 RTTHREADTYPE_IO, RTTHREADFLAGS_WAITABLE, "AHCI-ATA-%u", pCtl->irq);
5509 AssertRCReturn(rc, rc);
5510 Assert(pCtl->AsyncIOThread != NIL_RTTHREAD && pCtl->AsyncIOSem != NIL_RTSEMEVENT && pCtl->SuspendIOSem != NIL_RTSEMEVENT && pCtl->AsyncIORequestMutex != NIL_RTSEMMUTEX);
5511 Log(("%s: controller AIO thread id %#x; sem %p susp_sem %p mutex %p\n", __FUNCTION__, pCtl->AsyncIOThread, pCtl->AsyncIOSem, pCtl->SuspendIOSem, pCtl->AsyncIORequestMutex));
5512
5513 for (uint32_t j = 0; j < RT_ELEMENTS(pCtl->aIfs); j++)
5514 {
5515 /*
5516 * Try attach the block device and get the interfaces,
5517 * required as well as optional.
5518 */
5519 AHCIATADevState *pIf = &pCtl->aIfs[j];
5520
5521 pIf->pDrvBase = (j == 0) ? pDrvBaseMaster : pDrvBaseSlave;
5522
5523#if 0
5524 rc = PDMDevHlpDriverAttach(pDevIns, pIf->iLUN, &pIf->IBase, &pIf->pDrvBase, s_apszDescs[j]);
5525 if (RT_SUCCESS(rc))
5526#endif
5527 if (pIf->pDrvBase)
5528 rc = ataConfigLun(pDevIns, pIf);
5529 else
5530 {
5531 pIf->pDrvBase = NULL;
5532 pIf->pDrvBlock = NULL;
5533 pIf->cbIOBuffer = 0;
5534 pIf->pbIOBufferR3 = NULL;
5535 pIf->pbIOBufferR0 = NIL_RTR0PTR;
5536 pIf->pbIOBufferRC = NIL_RTRCPTR;
5537 LogRel(("AHCI ATA: LUN#%d: no unit\n", pIf->iLUN));
5538 }
5539 cbTotalBuffer += pIf->cbIOBuffer;
5540 }
5541
5542 *pcbSSMState = cbTotalBuffer;
5543
5544 /*
5545 * Initialize the device state.
5546 */
5547 ataControllerReset(pCtl);
5548
5549 return VINF_SUCCESS;
5550}
5551#endif /* IN_RING3 */
5552#endif /* !VBOX_DEVICE_STRUCT_TESTCASE */
5553
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette