VirtualBox

source: vbox/trunk/src/VBox/Devices/Storage/ATAController.cpp@ 37538

Last change on this file since 37538 was 37466, checked in by vboxsync, 14 years ago

VMM,Devices: Automatically use a per-device lock instead of the giant IOM lock. With exception of the PIC, APIC, IOAPIC and PCI buses which are all using the PDM crit sect, there should be no calls between devices. So, this change should be relatively safe.

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 207.1 KB
Line 
1/* $Id: ATAController.cpp 37466 2011-06-15 12:44:16Z vboxsync $ */
2/** @file
3 * DevATA, DevAHCI - Shared ATA/ATAPI controller code (disk and cdrom).
4 *
5 * @todo Actually share this code?
6 */
7
8/*
9 * Copyright (C) 2006-2011 Oracle Corporation
10 *
11 * This file is part of VirtualBox Open Source Edition (OSE), as
12 * available from http://www.virtualbox.org. This file is free software;
13 * you can redistribute it and/or modify it under the terms of the GNU
14 * General Public License (GPL) as published by the Free Software
15 * Foundation, in version 2 as it comes in the "COPYING" file of the
16 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
17 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
18 */
19
20/*******************************************************************************
21* Header Files *
22*******************************************************************************/
23#define LOG_GROUP LOG_GROUP_DEV_IDE
24#include <VBox/vmm/pdmdev.h>
25#include <iprt/assert.h>
26#include <iprt/string.h>
27#ifdef IN_RING3
28# include <iprt/uuid.h>
29# include <iprt/semaphore.h>
30# include <iprt/thread.h>
31# include <iprt/time.h>
32# include <iprt/alloc.h>
33#endif /* IN_RING3 */
34#include <iprt/critsect.h>
35#include <iprt/asm.h>
36#include <VBox/vmm/stam.h>
37#include <VBox/vmm/mm.h>
38#include <VBox/vmm/pgm.h>
39
40#include <VBox/scsi.h>
41
42#include "ATAController.h"
43#include "PIIX3ATABmDma.h"
44#include "ide.h"
45
46/**
47 * The SSM saved state version.
48 */
49#define ATA_CTL_SAVED_STATE_VERSION 3
50#define ATA_CTL_SAVED_STATE_VERSION_WITHOUT_FULL_SENSE 1
51#define ATA_CTL_SAVED_STATE_VERSION_WITHOUT_EVENT_STATUS 2
52
53#ifndef VBOX_DEVICE_STRUCT_TESTCASE
54
55DECLINLINE(void) ataSetStatusValue(AHCIATADevState *s, uint8_t stat)
56{
57 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
58
59 /* Freeze status register contents while processing RESET. */
60 if (!pCtl->fReset)
61 {
62 s->uATARegStatus = stat;
63 Log2(("%s: LUN#%d status %#04x\n", __FUNCTION__, s->iLUN, s->uATARegStatus));
64 }
65}
66
67
68DECLINLINE(void) ataSetStatus(AHCIATADevState *s, uint8_t stat)
69{
70 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
71
72 /* Freeze status register contents while processing RESET. */
73 if (!pCtl->fReset)
74 {
75 s->uATARegStatus |= stat;
76 Log2(("%s: LUN#%d status %#04x\n", __FUNCTION__, s->iLUN, s->uATARegStatus));
77 }
78}
79
80
81DECLINLINE(void) ataUnsetStatus(AHCIATADevState *s, uint8_t stat)
82{
83 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
84
85 /* Freeze status register contents while processing RESET. */
86 if (!pCtl->fReset)
87 {
88 s->uATARegStatus &= ~stat;
89 Log2(("%s: LUN#%d status %#04x\n", __FUNCTION__, s->iLUN, s->uATARegStatus));
90 }
91}
92
93#ifdef IN_RING3
94
95typedef void (*PBeginTransferFunc)(AHCIATADevState *);
96typedef bool (*PSourceSinkFunc)(AHCIATADevState *);
97
98static void ataReadWriteSectorsBT(AHCIATADevState *);
99static void ataPacketBT(AHCIATADevState *);
100static void atapiCmdBT(AHCIATADevState *);
101static void atapiPassthroughCmdBT(AHCIATADevState *);
102
103static bool ataIdentifySS(AHCIATADevState *);
104static bool ataFlushSS(AHCIATADevState *);
105static bool ataReadSectorsSS(AHCIATADevState *);
106static bool ataWriteSectorsSS(AHCIATADevState *);
107static bool ataExecuteDeviceDiagnosticSS(AHCIATADevState *);
108static bool ataPacketSS(AHCIATADevState *);
109static bool atapiGetConfigurationSS(AHCIATADevState *);
110static bool atapiGetEventStatusNotificationSS(AHCIATADevState *);
111static bool atapiIdentifySS(AHCIATADevState *);
112static bool atapiInquirySS(AHCIATADevState *);
113static bool atapiMechanismStatusSS(AHCIATADevState *);
114static bool atapiModeSenseErrorRecoverySS(AHCIATADevState *);
115static bool atapiModeSenseCDStatusSS(AHCIATADevState *);
116static bool atapiReadSS(AHCIATADevState *);
117static bool atapiReadCapacitySS(AHCIATADevState *);
118static bool atapiReadDiscInformationSS(AHCIATADevState *);
119static bool atapiReadTOCNormalSS(AHCIATADevState *);
120static bool atapiReadTOCMultiSS(AHCIATADevState *);
121static bool atapiReadTOCRawSS(AHCIATADevState *);
122static bool atapiReadTrackInformationSS(AHCIATADevState *);
123static bool atapiRequestSenseSS(AHCIATADevState *);
124static bool atapiPassthroughSS(AHCIATADevState *);
125
126/**
127 * Begin of transfer function indexes for g_apfnBeginTransFuncs.
128 */
129typedef enum ATAFNBT
130{
131 ATAFN_BT_NULL = 0,
132 ATAFN_BT_READ_WRITE_SECTORS,
133 ATAFN_BT_PACKET,
134 ATAFN_BT_ATAPI_CMD,
135 ATAFN_BT_ATAPI_PASSTHROUGH_CMD,
136 ATAFN_BT_MAX
137} ATAFNBT;
138
139/**
140 * Array of end transfer functions, the index is ATAFNET.
141 * Make sure ATAFNET and this array match!
142 */
143static const PBeginTransferFunc g_apfnBeginTransFuncs[ATAFN_BT_MAX] =
144{
145 NULL,
146 ataReadWriteSectorsBT,
147 ataPacketBT,
148 atapiCmdBT,
149 atapiPassthroughCmdBT,
150};
151
152/**
153 * Source/sink function indexes for g_apfnSourceSinkFuncs.
154 */
155typedef enum ATAFNSS
156{
157 ATAFN_SS_NULL = 0,
158 ATAFN_SS_IDENTIFY,
159 ATAFN_SS_FLUSH,
160 ATAFN_SS_READ_SECTORS,
161 ATAFN_SS_WRITE_SECTORS,
162 ATAFN_SS_EXECUTE_DEVICE_DIAGNOSTIC,
163 ATAFN_SS_PACKET,
164 ATAFN_SS_ATAPI_GET_CONFIGURATION,
165 ATAFN_SS_ATAPI_GET_EVENT_STATUS_NOTIFICATION,
166 ATAFN_SS_ATAPI_IDENTIFY,
167 ATAFN_SS_ATAPI_INQUIRY,
168 ATAFN_SS_ATAPI_MECHANISM_STATUS,
169 ATAFN_SS_ATAPI_MODE_SENSE_ERROR_RECOVERY,
170 ATAFN_SS_ATAPI_MODE_SENSE_CD_STATUS,
171 ATAFN_SS_ATAPI_READ,
172 ATAFN_SS_ATAPI_READ_CAPACITY,
173 ATAFN_SS_ATAPI_READ_DISC_INFORMATION,
174 ATAFN_SS_ATAPI_READ_TOC_NORMAL,
175 ATAFN_SS_ATAPI_READ_TOC_MULTI,
176 ATAFN_SS_ATAPI_READ_TOC_RAW,
177 ATAFN_SS_ATAPI_READ_TRACK_INFORMATION,
178 ATAFN_SS_ATAPI_REQUEST_SENSE,
179 ATAFN_SS_ATAPI_PASSTHROUGH,
180 ATAFN_SS_MAX
181} ATAFNSS;
182
183/**
184 * Array of source/sink functions, the index is ATAFNSS.
185 * Make sure ATAFNSS and this array match!
186 */
187static const PSourceSinkFunc g_apfnSourceSinkFuncs[ATAFN_SS_MAX] =
188{
189 NULL,
190 ataIdentifySS,
191 ataFlushSS,
192 ataReadSectorsSS,
193 ataWriteSectorsSS,
194 ataExecuteDeviceDiagnosticSS,
195 ataPacketSS,
196 atapiGetConfigurationSS,
197 atapiGetEventStatusNotificationSS,
198 atapiIdentifySS,
199 atapiInquirySS,
200 atapiMechanismStatusSS,
201 atapiModeSenseErrorRecoverySS,
202 atapiModeSenseCDStatusSS,
203 atapiReadSS,
204 atapiReadCapacitySS,
205 atapiReadDiscInformationSS,
206 atapiReadTOCNormalSS,
207 atapiReadTOCMultiSS,
208 atapiReadTOCRawSS,
209 atapiReadTrackInformationSS,
210 atapiRequestSenseSS,
211 atapiPassthroughSS
212};
213
214
215static const AHCIATARequest ataDMARequest = { AHCIATA_AIO_DMA, };
216static const AHCIATARequest ataPIORequest = { AHCIATA_AIO_PIO, };
217static const AHCIATARequest ataResetARequest = { AHCIATA_AIO_RESET_ASSERTED, };
218static const AHCIATARequest ataResetCRequest = { AHCIATA_AIO_RESET_CLEARED, };
219
220
221static void ataAsyncIOClearRequests(PAHCIATACONTROLLER pCtl)
222{
223 int rc;
224
225 rc = RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT);
226 AssertRC(rc);
227 pCtl->AsyncIOReqHead = 0;
228 pCtl->AsyncIOReqTail = 0;
229 rc = RTSemMutexRelease(pCtl->AsyncIORequestMutex);
230 AssertRC(rc);
231}
232
233
234static void ataAsyncIOPutRequest(PAHCIATACONTROLLER pCtl, const AHCIATARequest *pReq)
235{
236 int rc;
237
238 rc = RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT);
239 AssertRC(rc);
240 Assert((pCtl->AsyncIOReqHead + 1) % RT_ELEMENTS(pCtl->aAsyncIORequests) != pCtl->AsyncIOReqTail);
241 memcpy(&pCtl->aAsyncIORequests[pCtl->AsyncIOReqHead], pReq, sizeof(*pReq));
242 pCtl->AsyncIOReqHead++;
243 pCtl->AsyncIOReqHead %= RT_ELEMENTS(pCtl->aAsyncIORequests);
244 rc = RTSemMutexRelease(pCtl->AsyncIORequestMutex);
245 AssertRC(rc);
246 rc = PDMR3CritSectScheduleExitEvent(&pCtl->lock, pCtl->AsyncIOSem);
247 if (RT_FAILURE(rc))
248 {
249 rc = RTSemEventSignal(pCtl->AsyncIOSem);
250 AssertRC(rc);
251 }
252}
253
254
255static const AHCIATARequest *ataAsyncIOGetCurrentRequest(PAHCIATACONTROLLER pCtl)
256{
257 int rc;
258 const AHCIATARequest *pReq;
259
260 rc = RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT);
261 AssertRC(rc);
262 if (pCtl->AsyncIOReqHead != pCtl->AsyncIOReqTail)
263 pReq = &pCtl->aAsyncIORequests[pCtl->AsyncIOReqTail];
264 else
265 pReq = NULL;
266 rc = RTSemMutexRelease(pCtl->AsyncIORequestMutex);
267 AssertRC(rc);
268 return pReq;
269}
270
271
272/**
273 * Remove the request with the given type, as it's finished. The request
274 * is not removed blindly, as this could mean a RESET request that is not
275 * yet processed (but has cleared the request queue) is lost.
276 *
277 * @param pCtl Controller for which to remove the request.
278 * @param ReqType Type of the request to remove.
279 */
280static void ataAsyncIORemoveCurrentRequest(PAHCIATACONTROLLER pCtl, AHCIATAAIO ReqType)
281{
282 int rc;
283
284 rc = RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT);
285 AssertRC(rc);
286 if (pCtl->AsyncIOReqHead != pCtl->AsyncIOReqTail && pCtl->aAsyncIORequests[pCtl->AsyncIOReqTail].ReqType == ReqType)
287 {
288 pCtl->AsyncIOReqTail++;
289 pCtl->AsyncIOReqTail %= RT_ELEMENTS(pCtl->aAsyncIORequests);
290 }
291 rc = RTSemMutexRelease(pCtl->AsyncIORequestMutex);
292 AssertRC(rc);
293}
294
295
296/**
297 * Dump the request queue for a particular controller. First dump the queue
298 * contents, then the already processed entries, as long as they haven't been
299 * overwritten.
300 *
301 * @param pCtl Controller for which to dump the queue.
302 */
303static void ataAsyncIODumpRequests(PAHCIATACONTROLLER pCtl)
304{
305 int rc;
306 uint8_t curr;
307
308 rc = RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT);
309 AssertRC(rc);
310 LogRel(("AHCI ATA: Ctl: request queue dump (topmost is current):\n"));
311 curr = pCtl->AsyncIOReqTail;
312 do
313 {
314 if (curr == pCtl->AsyncIOReqHead)
315 LogRel(("AHCI ATA: Ctl: processed requests (topmost is oldest):\n"));
316 switch (pCtl->aAsyncIORequests[curr].ReqType)
317 {
318 case AHCIATA_AIO_NEW:
319 LogRel(("new transfer request, iIf=%d iBeginTransfer=%d iSourceSink=%d cbTotalTransfer=%d uTxDir=%d\n", pCtl->aAsyncIORequests[curr].u.t.iIf, pCtl->aAsyncIORequests[curr].u.t.iBeginTransfer, pCtl->aAsyncIORequests[curr].u.t.iSourceSink, pCtl->aAsyncIORequests[curr].u.t.cbTotalTransfer, pCtl->aAsyncIORequests[curr].u.t.uTxDir));
320 break;
321 case AHCIATA_AIO_DMA:
322 LogRel(("dma transfer finished\n"));
323 break;
324 case AHCIATA_AIO_PIO:
325 LogRel(("pio transfer finished\n"));
326 break;
327 case AHCIATA_AIO_RESET_ASSERTED:
328 LogRel(("reset asserted request\n"));
329 break;
330 case AHCIATA_AIO_RESET_CLEARED:
331 LogRel(("reset cleared request\n"));
332 break;
333 case AHCIATA_AIO_ABORT:
334 LogRel(("abort request, iIf=%d fResetDrive=%d\n", pCtl->aAsyncIORequests[curr].u.a.iIf, pCtl->aAsyncIORequests[curr].u.a.fResetDrive));
335 break;
336 default:
337 LogRel(("unknown request %d\n", pCtl->aAsyncIORequests[curr].ReqType));
338 }
339 curr = (curr + 1) % RT_ELEMENTS(pCtl->aAsyncIORequests);
340 } while (curr != pCtl->AsyncIOReqTail);
341 rc = RTSemMutexRelease(pCtl->AsyncIORequestMutex);
342 AssertRC(rc);
343}
344
345
346/**
347 * Checks whether the request queue for a particular controller is empty
348 * or whether a particular controller is idle.
349 *
350 * @param pCtl Controller for which to check the queue.
351 * @param fStrict If set then the controller is checked to be idle.
352 */
353static bool ataAsyncIOIsIdle(PAHCIATACONTROLLER pCtl, bool fStrict)
354{
355 int rc;
356 bool fIdle;
357
358 if (pCtl->AsyncIORequestMutex == NIL_RTSEMMUTEX)
359 return true;
360
361 rc = RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT);
362 AssertRC(rc);
363 fIdle = pCtl->fRedoIdle;
364 if (!fIdle)
365 fIdle = (pCtl->AsyncIOReqHead == pCtl->AsyncIOReqTail);
366 if (fStrict)
367 fIdle &= (pCtl->uAsyncIOState == AHCIATA_AIO_NEW);
368 rc = RTSemMutexRelease(pCtl->AsyncIORequestMutex);
369 AssertRC(rc);
370 return fIdle;
371}
372
373
374/**
375 * Send a transfer request to the async I/O thread.
376 *
377 * @param s Pointer to the ATA device state data.
378 * @param cbTotalTransfer Data transfer size.
379 * @param uTxDir Data transfer direction.
380 * @param iBeginTransfer Index of BeginTransfer callback.
381 * @param iSourceSink Index of SourceSink callback.
382 * @param fChainedTransfer Whether this is a transfer that is part of the previous command/transfer.
383 */
384static void ataStartTransfer(AHCIATADevState *s, uint32_t cbTotalTransfer, uint8_t uTxDir, ATAFNBT iBeginTransfer, ATAFNSS iSourceSink, bool fChainedTransfer)
385{
386 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
387 AHCIATARequest Req;
388
389 Assert(PDMCritSectIsOwner(&pCtl->lock));
390
391 /* Do not issue new requests while the RESET line is asserted. */
392 if (pCtl->fReset)
393 {
394 Log2(("%s: Ctl: suppressed new request as RESET is active\n", __FUNCTION__));
395 return;
396 }
397
398 /* If the controller is already doing something else right now, ignore
399 * the command that is being submitted. Some broken guests issue commands
400 * twice (e.g. the Linux kernel that comes with Acronis True Image 8). */
401 if (!fChainedTransfer && !ataAsyncIOIsIdle(pCtl, true))
402 {
403 Log(("%s: Ctl: ignored command %#04x, controller state %d\n", __FUNCTION__, s->uATARegCommand, pCtl->uAsyncIOState));
404 LogRel(("IDE: guest issued command %#04x while controller busy\n", s->uATARegCommand));
405 return;
406 }
407
408 Req.ReqType = AHCIATA_AIO_NEW;
409 if (fChainedTransfer)
410 Req.u.t.iIf = pCtl->iAIOIf;
411 else
412 Req.u.t.iIf = pCtl->iSelectedIf;
413 Req.u.t.cbTotalTransfer = cbTotalTransfer;
414 Req.u.t.uTxDir = uTxDir;
415 Req.u.t.iBeginTransfer = iBeginTransfer;
416 Req.u.t.iSourceSink = iSourceSink;
417 ataSetStatusValue(s, ATA_STAT_BUSY);
418 pCtl->fChainedTransfer = fChainedTransfer;
419
420 /*
421 * Kick the worker thread into action.
422 */
423 Log2(("%s: Ctl: message to async I/O thread, new request\n", __FUNCTION__));
424 ataAsyncIOPutRequest(pCtl, &Req);
425}
426
427
428/**
429 * Send an abort command request to the async I/O thread.
430 *
431 * @param s Pointer to the ATA device state data.
432 * @param fResetDrive Whether to reset the drive or just abort a command.
433 */
434static void ataAbortCurrentCommand(AHCIATADevState *s, bool fResetDrive)
435{
436 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
437 AHCIATARequest Req;
438
439 Assert(PDMCritSectIsOwner(&pCtl->lock));
440
441 /* Do not issue new requests while the RESET line is asserted. */
442 if (pCtl->fReset)
443 {
444 Log2(("%s: Ctl: suppressed aborting command as RESET is active\n", __FUNCTION__));
445 return;
446 }
447
448 Req.ReqType = AHCIATA_AIO_ABORT;
449 Req.u.a.iIf = pCtl->iSelectedIf;
450 Req.u.a.fResetDrive = fResetDrive;
451 ataSetStatus(s, ATA_STAT_BUSY);
452 Log2(("%s: Ctl: message to async I/O thread, abort command on LUN#%d\n", __FUNCTION__, s->iLUN));
453 ataAsyncIOPutRequest(pCtl, &Req);
454}
455
456
457static void ataSetIRQ(AHCIATADevState *s)
458{
459 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
460 PPDMDEVINS pDevIns = ATADEVSTATE_2_DEVINS(s);
461
462 if (!(s->uATARegDevCtl & ATA_DEVCTL_DISABLE_IRQ))
463 {
464 Log2(("%s: LUN#%d asserting IRQ\n", __FUNCTION__, s->iLUN));
465 /* The BMDMA unit unconditionally sets BM_STATUS_INT if the interrupt
466 * line is asserted. It monitors the line for a rising edge. */
467 if (!s->fIrqPending)
468 pCtl->BmDma.u8Status |= BM_STATUS_INT;
469 /* Only actually set the IRQ line if updating the currently selected drive. */
470 if (s == &pCtl->aIfs[pCtl->iSelectedIf])
471 PDMDevHlpISASetIrq(pDevIns, pCtl->irq, 1);
472 }
473 s->fIrqPending = true;
474}
475
476#endif /* IN_RING3 */
477
478static void ataUnsetIRQ(AHCIATADevState *s)
479{
480 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
481 PPDMDEVINS pDevIns = ATADEVSTATE_2_DEVINS(s);
482
483 if (!(s->uATARegDevCtl & ATA_DEVCTL_DISABLE_IRQ))
484 {
485 Log2(("%s: LUN#%d deasserting IRQ\n", __FUNCTION__, s->iLUN));
486 /* Only actually unset the IRQ line if updating the currently selected drive. */
487 if (s == &pCtl->aIfs[pCtl->iSelectedIf])
488 PDMDevHlpISASetIrq(pDevIns, pCtl->irq, 0);
489 }
490 s->fIrqPending = false;
491}
492
493#ifdef IN_RING3
494
495static void ataPIOTransferStart(AHCIATADevState *s, uint32_t start, uint32_t size)
496{
497 Log2(("%s: LUN#%d start %d size %d\n", __FUNCTION__, s->iLUN, start, size));
498 s->iIOBufferPIODataStart = start;
499 s->iIOBufferPIODataEnd = start + size;
500 ataSetStatus(s, ATA_STAT_DRQ);
501}
502
503
504static void ataPIOTransferStop(AHCIATADevState *s)
505{
506 Log2(("%s: LUN#%d\n", __FUNCTION__, s->iLUN));
507 if (s->fATAPITransfer)
508 {
509 s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
510 Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
511 ataSetIRQ(s);
512 s->fATAPITransfer = false;
513 }
514 s->cbTotalTransfer = 0;
515 s->cbElementaryTransfer = 0;
516 s->iIOBufferPIODataStart = 0;
517 s->iIOBufferPIODataEnd = 0;
518 s->iBeginTransfer = ATAFN_BT_NULL;
519 s->iSourceSink = ATAFN_SS_NULL;
520}
521
522
523static void ataPIOTransferLimitATAPI(AHCIATADevState *s)
524{
525 uint32_t cbLimit, cbTransfer;
526
527 cbLimit = s->uATARegLCyl | (s->uATARegHCyl << 8);
528 /* Use maximum transfer size if the guest requested 0. Avoids a hang. */
529 if (cbLimit == 0)
530 cbLimit = 0xfffe;
531 Log2(("%s: byte count limit=%d\n", __FUNCTION__, cbLimit));
532 if (cbLimit == 0xffff)
533 cbLimit--;
534 cbTransfer = RT_MIN(s->cbTotalTransfer, s->iIOBufferEnd - s->iIOBufferCur);
535 if (cbTransfer > cbLimit)
536 {
537 /* Byte count limit for clipping must be even in this case */
538 if (cbLimit & 1)
539 cbLimit--;
540 cbTransfer = cbLimit;
541 }
542 s->uATARegLCyl = cbTransfer;
543 s->uATARegHCyl = cbTransfer >> 8;
544 s->cbElementaryTransfer = cbTransfer;
545}
546
547
548static uint32_t ataGetNSectors(AHCIATADevState *s)
549{
550 /* 0 means either 256 (LBA28) or 65536 (LBA48) sectors. */
551 if (s->fLBA48)
552 {
553 if (!s->uATARegNSector && !s->uATARegNSectorHOB)
554 return 65536;
555 else
556 return s->uATARegNSectorHOB << 8 | s->uATARegNSector;
557 }
558 else
559 {
560 if (!s->uATARegNSector)
561 return 256;
562 else
563 return s->uATARegNSector;
564 }
565}
566
567
568static void ataPadString(uint8_t *pbDst, const char *pbSrc, uint32_t cbSize)
569{
570 for (uint32_t i = 0; i < cbSize; i++)
571 {
572 if (*pbSrc)
573 pbDst[i ^ 1] = *pbSrc++;
574 else
575 pbDst[i ^ 1] = ' ';
576 }
577}
578
579
580static void ataSCSIPadStr(uint8_t *pbDst, const char *pbSrc, uint32_t cbSize)
581{
582 for (uint32_t i = 0; i < cbSize; i++)
583 {
584 if (*pbSrc)
585 pbDst[i] = *pbSrc++;
586 else
587 pbDst[i] = ' ';
588 }
589}
590
591
592DECLINLINE(void) ataH2BE_U16(uint8_t *pbBuf, uint16_t val)
593{
594 pbBuf[0] = val >> 8;
595 pbBuf[1] = val;
596}
597
598
599DECLINLINE(void) ataH2BE_U24(uint8_t *pbBuf, uint32_t val)
600{
601 pbBuf[0] = val >> 16;
602 pbBuf[1] = val >> 8;
603 pbBuf[2] = val;
604}
605
606
607DECLINLINE(void) ataH2BE_U32(uint8_t *pbBuf, uint32_t val)
608{
609 pbBuf[0] = val >> 24;
610 pbBuf[1] = val >> 16;
611 pbBuf[2] = val >> 8;
612 pbBuf[3] = val;
613}
614
615
616DECLINLINE(uint16_t) ataBE2H_U16(const uint8_t *pbBuf)
617{
618 return (pbBuf[0] << 8) | pbBuf[1];
619}
620
621
622DECLINLINE(uint32_t) ataBE2H_U24(const uint8_t *pbBuf)
623{
624 return (pbBuf[0] << 16) | (pbBuf[1] << 8) | pbBuf[2];
625}
626
627
628DECLINLINE(uint32_t) ataBE2H_U32(const uint8_t *pbBuf)
629{
630 return (pbBuf[0] << 24) | (pbBuf[1] << 16) | (pbBuf[2] << 8) | pbBuf[3];
631}
632
633
634DECLINLINE(void) ataLBA2MSF(uint8_t *pbBuf, uint32_t iATAPILBA)
635{
636 iATAPILBA += 150;
637 pbBuf[0] = (iATAPILBA / 75) / 60;
638 pbBuf[1] = (iATAPILBA / 75) % 60;
639 pbBuf[2] = iATAPILBA % 75;
640}
641
642
643DECLINLINE(uint32_t) ataMSF2LBA(const uint8_t *pbBuf)
644{
645 return (pbBuf[0] * 60 + pbBuf[1]) * 75 + pbBuf[2];
646}
647
648static uint32_t ataChecksum(void *ptr, size_t count)
649{
650 uint8_t u8Sum = 0xa5;
651 uint8_t *p = (uint8_t*)ptr;
652 size_t i;
653
654 for (i = 0; i < count; i++)
655 {
656 u8Sum += *p++;
657 }
658
659 return (uint8_t)-(int32_t)u8Sum;
660}
661
662static void ataCmdOK(AHCIATADevState *s, uint8_t status)
663{
664 s->uATARegError = 0; /* Not needed by ATA spec, but cannot hurt. */
665 ataSetStatusValue(s, ATA_STAT_READY | status);
666}
667
668
669static void ataCmdError(AHCIATADevState *s, uint8_t uErrorCode)
670{
671 Log(("%s: code=%#x\n", __FUNCTION__, uErrorCode));
672 s->uATARegError = uErrorCode;
673 ataSetStatusValue(s, ATA_STAT_READY | ATA_STAT_ERR);
674 s->cbTotalTransfer = 0;
675 s->cbElementaryTransfer = 0;
676 s->iIOBufferCur = 0;
677 s->iIOBufferEnd = 0;
678 s->uTxDir = PDMBLOCKTXDIR_NONE;
679 s->iBeginTransfer = ATAFN_BT_NULL;
680 s->iSourceSink = ATAFN_SS_NULL;
681}
682
683
684static bool ataIdentifySS(AHCIATADevState *s)
685{
686 uint16_t *p;
687
688 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
689 Assert(s->cbElementaryTransfer == 512);
690
691 p = (uint16_t *)s->CTXALLSUFF(pbIOBuffer);
692 memset(p, 0, 512);
693 p[0] = RT_H2LE_U16(0x0040);
694 p[1] = RT_H2LE_U16(RT_MIN(s->PCHSGeometry.cCylinders, 16383));
695 p[3] = RT_H2LE_U16(s->PCHSGeometry.cHeads);
696 /* Block size; obsolete, but required for the BIOS. */
697 p[5] = RT_H2LE_U16(512);
698 p[6] = RT_H2LE_U16(s->PCHSGeometry.cSectors);
699 ataPadString((uint8_t *)(p + 10), s->pszSerialNumber, ATA_SERIAL_NUMBER_LENGTH); /* serial number */
700 p[20] = RT_H2LE_U16(3); /* XXX: retired, cache type */
701 p[21] = RT_H2LE_U16(512); /* XXX: retired, cache size in sectors */
702 p[22] = RT_H2LE_U16(0); /* ECC bytes per sector */
703 ataPadString((uint8_t *)(p + 23), s->pszFirmwareRevision, ATA_FIRMWARE_REVISION_LENGTH); /* firmware version */
704 ataPadString((uint8_t *)(p + 27), s->pszModelNumber, ATA_MODEL_NUMBER_LENGTH); /* model */
705#if ATA_MAX_MULT_SECTORS > 1
706 p[47] = RT_H2LE_U16(0x8000 | ATA_MAX_MULT_SECTORS);
707#endif
708 p[48] = RT_H2LE_U16(1); /* dword I/O, used by the BIOS */
709 p[49] = RT_H2LE_U16(1 << 11 | 1 << 9 | 1 << 8); /* DMA and LBA supported */
710 p[50] = RT_H2LE_U16(1 << 14); /* No drive specific standby timer minimum */
711 p[51] = RT_H2LE_U16(240); /* PIO transfer cycle */
712 p[52] = RT_H2LE_U16(240); /* DMA transfer cycle */
713 p[53] = RT_H2LE_U16(1 | 1 << 1 | 1 << 2); /* words 54-58,64-70,88 valid */
714 p[54] = RT_H2LE_U16(RT_MIN(s->PCHSGeometry.cCylinders, 16383));
715 p[55] = RT_H2LE_U16(s->PCHSGeometry.cHeads);
716 p[56] = RT_H2LE_U16(s->PCHSGeometry.cSectors);
717 p[57] = RT_H2LE_U16( RT_MIN(s->PCHSGeometry.cCylinders, 16383)
718 * s->PCHSGeometry.cHeads
719 * s->PCHSGeometry.cSectors);
720 p[58] = RT_H2LE_U16( RT_MIN(s->PCHSGeometry.cCylinders, 16383)
721 * s->PCHSGeometry.cHeads
722 * s->PCHSGeometry.cSectors >> 16);
723 if (s->cMultSectors)
724 p[59] = RT_H2LE_U16(0x100 | s->cMultSectors);
725 if (s->cTotalSectors <= (1 << 28) - 1)
726 {
727 p[60] = RT_H2LE_U16(s->cTotalSectors);
728 p[61] = RT_H2LE_U16(s->cTotalSectors >> 16);
729 }
730 else
731 {
732 /* Report maximum number of sectors possible with LBA28 */
733 p[60] = RT_H2LE_U16(((1 << 28) - 1) & 0xffff);
734 p[61] = RT_H2LE_U16(((1 << 28) - 1) >> 16);
735 }
736 p[63] = RT_H2LE_U16(ATA_TRANSFER_ID(ATA_MODE_MDMA, ATA_MDMA_MODE_MAX, s->uATATransferMode)); /* MDMA modes supported / mode enabled */
737 p[64] = RT_H2LE_U16(ATA_PIO_MODE_MAX > 2 ? (1 << (ATA_PIO_MODE_MAX - 2)) - 1 : 0); /* PIO modes beyond PIO2 supported */
738 p[65] = RT_H2LE_U16(120); /* minimum DMA multiword tx cycle time */
739 p[66] = RT_H2LE_U16(120); /* recommended DMA multiword tx cycle time */
740 p[67] = RT_H2LE_U16(120); /* minimum PIO cycle time without flow control */
741 p[68] = RT_H2LE_U16(120); /* minimum PIO cycle time with IORDY flow control */
742 p[80] = RT_H2LE_U16(0x7e); /* support everything up to ATA/ATAPI-6 */
743 p[81] = RT_H2LE_U16(0x22); /* conforms to ATA/ATAPI-6 */
744 p[82] = RT_H2LE_U16(1 << 3 | 1 << 5 | 1 << 6); /* supports power management, write cache and look-ahead */
745 if (s->cTotalSectors <= (1 << 28) - 1)
746 p[83] = RT_H2LE_U16(1 << 14 | 1 << 12); /* supports FLUSH CACHE */
747 else
748 p[83] = RT_H2LE_U16(1 << 14 | 1 << 10 | 1 << 12 | 1 << 13); /* supports LBA48, FLUSH CACHE and FLUSH CACHE EXT */
749 p[84] = RT_H2LE_U16(1 << 14);
750 p[85] = RT_H2LE_U16(1 << 3 | 1 << 5 | 1 << 6); /* enabled power management, write cache and look-ahead */
751 if (s->cTotalSectors <= (1 << 28) - 1)
752 p[86] = RT_H2LE_U16(1 << 12); /* enabled FLUSH CACHE */
753 else
754 p[86] = RT_H2LE_U16(1 << 10 | 1 << 12 | 1 << 13); /* enabled LBA48, FLUSH CACHE and FLUSH CACHE EXT */
755 p[87] = RT_H2LE_U16(1 << 14);
756 p[88] = RT_H2LE_U16(ATA_TRANSFER_ID(ATA_MODE_UDMA, ATA_UDMA_MODE_MAX, s->uATATransferMode)); /* UDMA modes supported / mode enabled */
757 p[93] = RT_H2LE_U16((1 | 1 << 1) << ((s->iLUN & 1) == 0 ? 0 : 8) | 1 << 13 | 1 << 14);
758 if (s->cTotalSectors > (1 << 28) - 1)
759 {
760 p[100] = RT_H2LE_U16(s->cTotalSectors);
761 p[101] = RT_H2LE_U16(s->cTotalSectors >> 16);
762 p[102] = RT_H2LE_U16(s->cTotalSectors >> 32);
763 p[103] = RT_H2LE_U16(s->cTotalSectors >> 48);
764 }
765 if (s->fNonRotational)
766 p[217] = RT_H2LE_U16(1); /* Non-rotational medium */
767 uint32_t uCsum = ataChecksum(p, 510);
768 p[255] = RT_H2LE_U16(0xa5 | (uCsum << 8)); /* Integrity word */
769
770 s->iSourceSink = ATAFN_SS_NULL;
771 ataCmdOK(s, ATA_STAT_SEEK);
772 return false;
773}
774
775
776static bool ataFlushSS(AHCIATADevState *s)
777{
778 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
779 int rc;
780
781 Assert(s->uTxDir == PDMBLOCKTXDIR_NONE);
782 Assert(!s->cbElementaryTransfer);
783
784 PDMCritSectLeave(&pCtl->lock);
785
786 STAM_PROFILE_START(&s->StatFlushes, f);
787 rc = s->pDrvBlock->pfnFlush(s->pDrvBlock);
788 AssertRC(rc);
789 STAM_PROFILE_STOP(&s->StatFlushes, f);
790
791 STAM_PROFILE_START(&pCtl->StatLockWait, a);
792 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
793 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
794 ataCmdOK(s, 0);
795 return false;
796}
797
798
799static bool atapiIdentifySS(AHCIATADevState *s)
800{
801 uint16_t *p;
802
803 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
804 Assert(s->cbElementaryTransfer == 512);
805
806 p = (uint16_t *)s->CTXALLSUFF(pbIOBuffer);
807 memset(p, 0, 512);
808 /* Removable CDROM, 50us response, 12 byte packets */
809 p[0] = RT_H2LE_U16(2 << 14 | 5 << 8 | 1 << 7 | 2 << 5 | 0 << 0);
810 ataPadString((uint8_t *)(p + 10), s->pszSerialNumber, ATA_SERIAL_NUMBER_LENGTH); /* serial number */
811 p[20] = RT_H2LE_U16(3); /* XXX: retired, cache type */
812 p[21] = RT_H2LE_U16(512); /* XXX: retired, cache size in sectors */
813 ataPadString((uint8_t *)(p + 23), s->pszFirmwareRevision, ATA_FIRMWARE_REVISION_LENGTH); /* firmware version */
814 ataPadString((uint8_t *)(p + 27), s->pszModelNumber, ATA_MODEL_NUMBER_LENGTH); /* model */
815 p[49] = RT_H2LE_U16(1 << 11 | 1 << 9 | 1 << 8); /* DMA and LBA supported */
816 p[50] = RT_H2LE_U16(1 << 14); /* No drive specific standby timer minimum */
817 p[51] = RT_H2LE_U16(240); /* PIO transfer cycle */
818 p[52] = RT_H2LE_U16(240); /* DMA transfer cycle */
819 p[53] = RT_H2LE_U16(1 << 1 | 1 << 2); /* words 64-70,88 are valid */
820 p[63] = RT_H2LE_U16(ATA_TRANSFER_ID(ATA_MODE_MDMA, ATA_MDMA_MODE_MAX, s->uATATransferMode)); /* MDMA modes supported / mode enabled */
821 p[64] = RT_H2LE_U16(ATA_PIO_MODE_MAX > 2 ? (1 << (ATA_PIO_MODE_MAX - 2)) - 1 : 0); /* PIO modes beyond PIO2 supported */
822 p[65] = RT_H2LE_U16(120); /* minimum DMA multiword tx cycle time */
823 p[66] = RT_H2LE_U16(120); /* recommended DMA multiword tx cycle time */
824 p[67] = RT_H2LE_U16(120); /* minimum PIO cycle time without flow control */
825 p[68] = RT_H2LE_U16(120); /* minimum PIO cycle time with IORDY flow control */
826 p[73] = RT_H2LE_U16(0x003e); /* ATAPI CDROM major */
827 p[74] = RT_H2LE_U16(9); /* ATAPI CDROM minor */
828 p[75] = RT_H2LE_U16(1); /* queue depth 1 */
829 p[80] = RT_H2LE_U16(0x7e); /* support everything up to ATA/ATAPI-6 */
830 p[81] = RT_H2LE_U16(0x22); /* conforms to ATA/ATAPI-6 */
831 p[82] = RT_H2LE_U16(1 << 4 | 1 << 9); /* supports packet command set and DEVICE RESET */
832 p[83] = RT_H2LE_U16(1 << 14);
833 p[84] = RT_H2LE_U16(1 << 14);
834 p[85] = RT_H2LE_U16(1 << 4 | 1 << 9); /* enabled packet command set and DEVICE RESET */
835 p[86] = RT_H2LE_U16(0);
836 p[87] = RT_H2LE_U16(1 << 14);
837 p[88] = RT_H2LE_U16(ATA_TRANSFER_ID(ATA_MODE_UDMA, ATA_UDMA_MODE_MAX, s->uATATransferMode)); /* UDMA modes supported / mode enabled */
838 p[93] = RT_H2LE_U16((1 | 1 << 1) << ((s->iLUN & 1) == 0 ? 0 : 8) | 1 << 13 | 1 << 14);
839 uint32_t uCsum = ataChecksum(p, 510);
840 p[255] = RT_H2LE_U16(0xa5 | (uCsum << 8)); /* Integrity word */
841 s->iSourceSink = ATAFN_SS_NULL;
842 ataCmdOK(s, ATA_STAT_SEEK);
843 return false;
844}
845
846
847static void ataSetSignature(AHCIATADevState *s)
848{
849 s->uATARegSelect &= 0xf0; /* clear head */
850 /* put signature */
851 s->uATARegNSector = 1;
852 s->uATARegSector = 1;
853 if (s->fATAPI)
854 {
855 s->uATARegLCyl = 0x14;
856 s->uATARegHCyl = 0xeb;
857 }
858 else if (s->pDrvBlock)
859 {
860 s->uATARegLCyl = 0;
861 s->uATARegHCyl = 0;
862 }
863 else
864 {
865 s->uATARegLCyl = 0xff;
866 s->uATARegHCyl = 0xff;
867 }
868}
869
870
871static uint64_t ataGetSector(AHCIATADevState *s)
872{
873 uint64_t iLBA;
874 if (s->uATARegSelect & 0x40)
875 {
876 /* any LBA variant */
877 if (s->fLBA48)
878 {
879 /* LBA48 */
880 iLBA = ((uint64_t)s->uATARegHCylHOB << 40) |
881 ((uint64_t)s->uATARegLCylHOB << 32) |
882 ((uint64_t)s->uATARegSectorHOB << 24) |
883 ((uint64_t)s->uATARegHCyl << 16) |
884 ((uint64_t)s->uATARegLCyl << 8) |
885 s->uATARegSector;
886 }
887 else
888 {
889 /* LBA */
890 iLBA = ((s->uATARegSelect & 0x0f) << 24) | (s->uATARegHCyl << 16) |
891 (s->uATARegLCyl << 8) | s->uATARegSector;
892 }
893 }
894 else
895 {
896 /* CHS */
897 iLBA = ((s->uATARegHCyl << 8) | s->uATARegLCyl) * s->PCHSGeometry.cHeads * s->PCHSGeometry.cSectors +
898 (s->uATARegSelect & 0x0f) * s->PCHSGeometry.cSectors +
899 (s->uATARegSector - 1);
900 }
901 return iLBA;
902}
903
904static void ataSetSector(AHCIATADevState *s, uint64_t iLBA)
905{
906 uint32_t cyl, r;
907 if (s->uATARegSelect & 0x40)
908 {
909 /* any LBA variant */
910 if (s->fLBA48)
911 {
912 /* LBA48 */
913 s->uATARegHCylHOB = iLBA >> 40;
914 s->uATARegLCylHOB = iLBA >> 32;
915 s->uATARegSectorHOB = iLBA >> 24;
916 s->uATARegHCyl = iLBA >> 16;
917 s->uATARegLCyl = iLBA >> 8;
918 s->uATARegSector = iLBA;
919 }
920 else
921 {
922 /* LBA */
923 s->uATARegSelect = (s->uATARegSelect & 0xf0) | (iLBA >> 24);
924 s->uATARegHCyl = (iLBA >> 16);
925 s->uATARegLCyl = (iLBA >> 8);
926 s->uATARegSector = (iLBA);
927 }
928 }
929 else
930 {
931 /* CHS */
932 cyl = iLBA / (s->PCHSGeometry.cHeads * s->PCHSGeometry.cSectors);
933 r = iLBA % (s->PCHSGeometry.cHeads * s->PCHSGeometry.cSectors);
934 s->uATARegHCyl = cyl >> 8;
935 s->uATARegLCyl = cyl;
936 s->uATARegSelect = (s->uATARegSelect & 0xf0) | ((r / s->PCHSGeometry.cSectors) & 0x0f);
937 s->uATARegSector = (r % s->PCHSGeometry.cSectors) + 1;
938 }
939}
940
941
942static void ataWarningDiskFull(PPDMDEVINS pDevIns)
943{
944 int rc;
945 LogRel(("AHCI ATA: Host disk full\n"));
946 rc = PDMDevHlpVMSetRuntimeError(pDevIns, VMSETRTERR_FLAGS_SUSPEND | VMSETRTERR_FLAGS_NO_WAIT, "DevATA_DISKFULL",
947 N_("Host system reported disk full. VM execution is suspended. You can resume after freeing some space"));
948 AssertRC(rc);
949}
950
951static void ataWarningFileTooBig(PPDMDEVINS pDevIns)
952{
953 int rc;
954 LogRel(("AHCI ATA: File too big\n"));
955 rc = PDMDevHlpVMSetRuntimeError(pDevIns, VMSETRTERR_FLAGS_SUSPEND | VMSETRTERR_FLAGS_NO_WAIT, "DevATA_FILETOOBIG",
956 N_("Host system reported that the file size limit of the host file system has been exceeded. VM execution is suspended. You need to move your virtual hard disk to a filesystem which allows bigger files"));
957 AssertRC(rc);
958}
959
960static void ataWarningISCSI(PPDMDEVINS pDevIns)
961{
962 int rc;
963 LogRel(("AHCI ATA: iSCSI target unavailable\n"));
964 rc = PDMDevHlpVMSetRuntimeError(pDevIns, VMSETRTERR_FLAGS_SUSPEND | VMSETRTERR_FLAGS_NO_WAIT, "DevATA_ISCSIDOWN",
965 N_("The iSCSI target has stopped responding. VM execution is suspended. You can resume when it is available again"));
966 AssertRC(rc);
967}
968
969static bool ataIsRedoSetWarning(AHCIATADevState *s, int rc)
970{
971 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
972 Assert(!PDMCritSectIsOwner(&pCtl->lock));
973 if (rc == VERR_DISK_FULL)
974 {
975 pCtl->fRedoIdle = true;
976 ataWarningDiskFull(ATADEVSTATE_2_DEVINS(s));
977 return true;
978 }
979 if (rc == VERR_FILE_TOO_BIG)
980 {
981 pCtl->fRedoIdle = true;
982 ataWarningFileTooBig(ATADEVSTATE_2_DEVINS(s));
983 return true;
984 }
985 if (rc == VERR_BROKEN_PIPE || rc == VERR_NET_CONNECTION_REFUSED)
986 {
987 pCtl->fRedoIdle = true;
988 /* iSCSI connection abort (first error) or failure to reestablish
989 * connection (second error). Pause VM. On resume we'll retry. */
990 ataWarningISCSI(ATADEVSTATE_2_DEVINS(s));
991 return true;
992 }
993 return false;
994}
995
996
997static int ataReadSectors(AHCIATADevState *s, uint64_t u64Sector, void *pvBuf,
998 uint32_t cSectors, bool *pfRedo)
999{
1000 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1001 int rc;
1002
1003 PDMCritSectLeave(&pCtl->lock);
1004
1005 STAM_PROFILE_ADV_START(&s->StatReads, r);
1006 s->pLed->Asserted.s.fReading = s->pLed->Actual.s.fReading = 1;
1007 rc = s->pDrvBlock->pfnRead(s->pDrvBlock, u64Sector * 512, pvBuf, cSectors * 512);
1008 s->pLed->Actual.s.fReading = 0;
1009 STAM_PROFILE_ADV_STOP(&s->StatReads, r);
1010
1011 STAM_REL_COUNTER_ADD(s->pStatBytesRead, cSectors * 512);
1012
1013 if (RT_SUCCESS(rc))
1014 *pfRedo = false;
1015 else
1016 *pfRedo = ataIsRedoSetWarning(s, rc);
1017
1018 STAM_PROFILE_START(&pCtl->StatLockWait, a);
1019 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
1020 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
1021 return rc;
1022}
1023
1024
1025static int ataWriteSectors(AHCIATADevState *s, uint64_t u64Sector,
1026 const void *pvBuf, uint32_t cSectors, bool *pfRedo)
1027{
1028 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1029 int rc;
1030
1031 PDMCritSectLeave(&pCtl->lock);
1032
1033 STAM_PROFILE_ADV_START(&s->StatWrites, w);
1034 s->pLed->Asserted.s.fWriting = s->pLed->Actual.s.fWriting = 1;
1035 rc = s->pDrvBlock->pfnWrite(s->pDrvBlock, u64Sector * 512, pvBuf, cSectors * 512);
1036 s->pLed->Actual.s.fWriting = 0;
1037 STAM_PROFILE_ADV_STOP(&s->StatWrites, w);
1038
1039 STAM_REL_COUNTER_ADD(s->pStatBytesWritten, cSectors * 512);
1040
1041 if (RT_SUCCESS(rc))
1042 *pfRedo = false;
1043 else
1044 *pfRedo = ataIsRedoSetWarning(s, rc);
1045
1046 STAM_PROFILE_START(&pCtl->StatLockWait, a);
1047 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
1048 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
1049 return rc;
1050}
1051
1052
1053static void ataReadWriteSectorsBT(AHCIATADevState *s)
1054{
1055 uint32_t cSectors;
1056
1057 cSectors = s->cbTotalTransfer / 512;
1058 if (cSectors > s->cSectorsPerIRQ)
1059 s->cbElementaryTransfer = s->cSectorsPerIRQ * 512;
1060 else
1061 s->cbElementaryTransfer = cSectors * 512;
1062 if (s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE)
1063 ataCmdOK(s, 0);
1064}
1065
1066
1067static bool ataReadSectorsSS(AHCIATADevState *s)
1068{
1069 int rc;
1070 uint32_t cSectors;
1071 uint64_t iLBA;
1072 bool fRedo;
1073
1074 cSectors = s->cbElementaryTransfer / 512;
1075 Assert(cSectors);
1076 iLBA = ataGetSector(s);
1077 Log(("%s: %d sectors at LBA %d\n", __FUNCTION__, cSectors, iLBA));
1078 rc = ataReadSectors(s, iLBA, s->CTXALLSUFF(pbIOBuffer), cSectors, &fRedo);
1079 if (RT_SUCCESS(rc))
1080 {
1081 ataSetSector(s, iLBA + cSectors);
1082 if (s->cbElementaryTransfer == s->cbTotalTransfer)
1083 s->iSourceSink = ATAFN_SS_NULL;
1084 ataCmdOK(s, ATA_STAT_SEEK);
1085 }
1086 else
1087 {
1088 if (fRedo)
1089 return true;
1090 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
1091 LogRel(("AHCI ATA: LUN#%d: disk read error (rc=%Rrc iSector=%#RX64 cSectors=%#RX32)\n",
1092 s->iLUN, rc, iLBA, cSectors));
1093 ataCmdError(s, ID_ERR);
1094 }
1095 return false;
1096}
1097
1098
1099static bool ataWriteSectorsSS(AHCIATADevState *s)
1100{
1101 int rc;
1102 uint32_t cSectors;
1103 uint64_t iLBA;
1104 bool fRedo;
1105
1106 cSectors = s->cbElementaryTransfer / 512;
1107 Assert(cSectors);
1108 iLBA = ataGetSector(s);
1109 Log(("%s: %d sectors at LBA %d\n", __FUNCTION__, cSectors, iLBA));
1110 rc = ataWriteSectors(s, iLBA, s->CTXALLSUFF(pbIOBuffer), cSectors, &fRedo);
1111 if (RT_SUCCESS(rc))
1112 {
1113 ataSetSector(s, iLBA + cSectors);
1114 if (!s->cbTotalTransfer)
1115 s->iSourceSink = ATAFN_SS_NULL;
1116 ataCmdOK(s, ATA_STAT_SEEK);
1117 }
1118 else
1119 {
1120 if (fRedo)
1121 return true;
1122 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
1123 LogRel(("AHCI ATA: LUN#%d: disk write error (rc=%Rrc iSector=%#RX64 cSectors=%#RX32)\n",
1124 s->iLUN, rc, iLBA, cSectors));
1125 ataCmdError(s, ID_ERR);
1126 }
1127 return false;
1128}
1129
1130
1131static void atapiCmdOK(AHCIATADevState *s)
1132{
1133 s->uATARegError = 0;
1134 ataSetStatusValue(s, ATA_STAT_READY);
1135 s->uATARegNSector = (s->uATARegNSector & ~7)
1136 | ((s->uTxDir != PDMBLOCKTXDIR_TO_DEVICE) ? ATAPI_INT_REASON_IO : 0)
1137 | (!s->cbTotalTransfer ? ATAPI_INT_REASON_CD : 0);
1138 Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
1139 memset(s->abATAPISense, '\0', sizeof(s->abATAPISense));
1140 s->abATAPISense[0] = 0x70 | (1 << 7);
1141 s->abATAPISense[7] = 10;
1142}
1143
1144
1145static void atapiCmdError(AHCIATADevState *s, const uint8_t *pabATAPISense, size_t cbATAPISense)
1146{
1147 Log(("%s: sense=%#x (%s) asc=%#x ascq=%#x (%s)\n", __FUNCTION__, pabATAPISense[2] & 0x0f, SCSISenseText(pabATAPISense[2] & 0x0f),
1148 pabATAPISense[12], pabATAPISense[13], SCSISenseExtText(pabATAPISense[12], pabATAPISense[13])));
1149 s->uATARegError = pabATAPISense[2] << 4;
1150 ataSetStatusValue(s, ATA_STAT_READY | ATA_STAT_ERR);
1151 s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1152 Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
1153 memset(s->abATAPISense, '\0', sizeof(s->abATAPISense));
1154 memcpy(s->abATAPISense, pabATAPISense, RT_MIN(cbATAPISense, sizeof(s->abATAPISense)));
1155 s->cbTotalTransfer = 0;
1156 s->cbElementaryTransfer = 0;
1157 s->iIOBufferCur = 0;
1158 s->iIOBufferEnd = 0;
1159 s->uTxDir = PDMBLOCKTXDIR_NONE;
1160 s->iBeginTransfer = ATAFN_BT_NULL;
1161 s->iSourceSink = ATAFN_SS_NULL;
1162}
1163
1164
1165/** @todo deprecated function - doesn't provide enough info. Replace by direct
1166 * calls to atapiCmdError() with full data. */
1167static void atapiCmdErrorSimple(AHCIATADevState *s, uint8_t uATAPISenseKey, uint8_t uATAPIASC)
1168{
1169 uint8_t abATAPISense[ATAPI_SENSE_SIZE];
1170 memset(abATAPISense, '\0', sizeof(abATAPISense));
1171 abATAPISense[0] = 0x70 | (1 << 7);
1172 abATAPISense[2] = uATAPISenseKey & 0x0f;
1173 abATAPISense[7] = 10;
1174 abATAPISense[12] = uATAPIASC;
1175 atapiCmdError(s, abATAPISense, sizeof(abATAPISense));
1176}
1177
1178
1179static void atapiCmdBT(AHCIATADevState *s)
1180{
1181 s->fATAPITransfer = true;
1182 s->cbElementaryTransfer = s->cbTotalTransfer;
1183 if (s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE)
1184 atapiCmdOK(s);
1185}
1186
1187
1188static void atapiPassthroughCmdBT(AHCIATADevState *s)
1189{
1190 /* @todo implement an algorithm for correctly determining the read and
1191 * write sector size without sending additional commands to the drive.
1192 * This should be doable by saving processing the configuration requests
1193 * and replies. */
1194#if 0
1195 if (s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE)
1196 {
1197 uint8_t cmd = s->aATAPICmd[0];
1198 if (cmd == SCSI_WRITE_10 || cmd == SCSI_WRITE_12 || cmd == SCSI_WRITE_AND_VERIFY_10)
1199 {
1200 uint8_t aModeSenseCmd[10];
1201 uint8_t aModeSenseResult[16];
1202 uint8_t uDummySense;
1203 uint32_t cbTransfer;
1204 int rc;
1205
1206 cbTransfer = sizeof(aModeSenseResult);
1207 aModeSenseCmd[0] = SCSI_MODE_SENSE_10;
1208 aModeSenseCmd[1] = 0x08; /* disable block descriptor = 1 */
1209 aModeSenseCmd[2] = (SCSI_PAGECONTROL_CURRENT << 6) | SCSI_MODEPAGE_WRITE_PARAMETER;
1210 aModeSenseCmd[3] = 0; /* subpage code */
1211 aModeSenseCmd[4] = 0; /* reserved */
1212 aModeSenseCmd[5] = 0; /* reserved */
1213 aModeSenseCmd[6] = 0; /* reserved */
1214 aModeSenseCmd[7] = cbTransfer >> 8;
1215 aModeSenseCmd[8] = cbTransfer & 0xff;
1216 aModeSenseCmd[9] = 0; /* control */
1217 rc = s->pDrvBlock->pfnSendCmd(s->pDrvBlock, aModeSenseCmd, PDMBLOCKTXDIR_FROM_DEVICE, aModeSenseResult, &cbTransfer, &uDummySense, 500);
1218 if (RT_FAILURE(rc))
1219 {
1220 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_NONE);
1221 return;
1222 }
1223 /* Select sector size based on the current data block type. */
1224 switch (aModeSenseResult[12] & 0x0f)
1225 {
1226 case 0:
1227 s->cbATAPISector = 2352;
1228 break;
1229 case 1:
1230 s->cbATAPISector = 2368;
1231 break;
1232 case 2:
1233 case 3:
1234 s->cbATAPISector = 2448;
1235 break;
1236 case 8:
1237 case 10:
1238 s->cbATAPISector = 2048;
1239 break;
1240 case 9:
1241 s->cbATAPISector = 2336;
1242 break;
1243 case 11:
1244 s->cbATAPISector = 2056;
1245 break;
1246 case 12:
1247 s->cbATAPISector = 2324;
1248 break;
1249 case 13:
1250 s->cbATAPISector = 2332;
1251 break;
1252 default:
1253 s->cbATAPISector = 0;
1254 }
1255 Log2(("%s: sector size %d\n", __FUNCTION__, s->cbATAPISector));
1256 s->cbTotalTransfer *= s->cbATAPISector;
1257 if (s->cbTotalTransfer == 0)
1258 s->uTxDir = PDMBLOCKTXDIR_NONE;
1259 }
1260 }
1261#endif
1262 atapiCmdBT(s);
1263}
1264
1265
1266static bool atapiReadSS(AHCIATADevState *s)
1267{
1268 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1269 int rc = VINF_SUCCESS;
1270 uint32_t cbTransfer, cSectors;
1271
1272 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1273 cbTransfer = RT_MIN(s->cbTotalTransfer, s->cbIOBuffer);
1274 cSectors = cbTransfer / s->cbATAPISector;
1275 Assert(cSectors * s->cbATAPISector <= cbTransfer);
1276 Log(("%s: %d sectors at LBA %d\n", __FUNCTION__, cSectors, s->iATAPILBA));
1277
1278 PDMCritSectLeave(&pCtl->lock);
1279
1280 STAM_PROFILE_ADV_START(&s->StatReads, r);
1281 s->pLed->Asserted.s.fReading = s->pLed->Actual.s.fReading = 1;
1282 switch (s->cbATAPISector)
1283 {
1284 case 2048:
1285 rc = s->pDrvBlock->pfnRead(s->pDrvBlock, (uint64_t)s->iATAPILBA * s->cbATAPISector, s->CTXALLSUFF(pbIOBuffer), s->cbATAPISector * cSectors);
1286 break;
1287 case 2352:
1288 {
1289 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1290
1291 for (uint32_t i = s->iATAPILBA; i < s->iATAPILBA + cSectors; i++)
1292 {
1293 /* sync bytes */
1294 *pbBuf++ = 0x00;
1295 memset(pbBuf, 0xff, 11);
1296 pbBuf += 11;
1297 /* MSF */
1298 ataLBA2MSF(pbBuf, i);
1299 pbBuf += 3;
1300 *pbBuf++ = 0x01; /* mode 1 data */
1301 /* data */
1302 rc = s->pDrvBlock->pfnRead(s->pDrvBlock, (uint64_t)i * 2048, pbBuf, 2048);
1303 if (RT_FAILURE(rc))
1304 break;
1305 pbBuf += 2048;
1306 /* ECC */
1307 memset(pbBuf, 0, 288);
1308 pbBuf += 288;
1309 }
1310 }
1311 break;
1312 default:
1313 break;
1314 }
1315 STAM_PROFILE_ADV_STOP(&s->StatReads, r);
1316
1317 STAM_PROFILE_START(&pCtl->StatLockWait, a);
1318 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
1319 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
1320
1321 if (RT_SUCCESS(rc))
1322 {
1323 s->pLed->Actual.s.fReading = 0;
1324 STAM_REL_COUNTER_ADD(s->pStatBytesRead, s->cbATAPISector * cSectors);
1325
1326 /* The initial buffer end value has been set up based on the total
1327 * transfer size. But the I/O buffer size limits what can actually be
1328 * done in one transfer, so set the actual value of the buffer end. */
1329 s->cbElementaryTransfer = cbTransfer;
1330 if (cbTransfer >= s->cbTotalTransfer)
1331 s->iSourceSink = ATAFN_SS_NULL;
1332 atapiCmdOK(s);
1333 s->iATAPILBA += cSectors;
1334 }
1335 else
1336 {
1337 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
1338 LogRel(("AHCI ATA: LUN#%d: CD-ROM read error, %d sectors at LBA %d\n", s->iLUN, cSectors, s->iATAPILBA));
1339 atapiCmdErrorSimple(s, SCSI_SENSE_MEDIUM_ERROR, SCSI_ASC_READ_ERROR);
1340 }
1341 return false;
1342}
1343
1344
1345static bool atapiPassthroughSS(AHCIATADevState *s)
1346{
1347 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1348 int rc = VINF_SUCCESS;
1349 uint8_t abATAPISense[ATAPI_SENSE_SIZE];
1350 uint32_t cbTransfer;
1351 PSTAMPROFILEADV pProf = NULL;
1352
1353 cbTransfer = s->cbElementaryTransfer;
1354
1355 if (s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE)
1356 Log3(("ATAPI PT data write (%d): %.*Rhxs\n", cbTransfer, cbTransfer, s->CTXALLSUFF(pbIOBuffer)));
1357
1358 /* Simple heuristics: if there is at least one sector of data
1359 * to transfer, it's worth updating the LEDs. */
1360 if (cbTransfer >= 2048)
1361 {
1362 if (s->uTxDir != PDMBLOCKTXDIR_TO_DEVICE)
1363 {
1364 s->pLed->Asserted.s.fReading = s->pLed->Actual.s.fReading = 1;
1365 pProf = &s->StatReads;
1366 }
1367 else
1368 {
1369 s->pLed->Asserted.s.fWriting = s->pLed->Actual.s.fWriting = 1;
1370 pProf = &s->StatWrites;
1371 }
1372 }
1373
1374 PDMCritSectLeave(&pCtl->lock);
1375
1376 memset(abATAPISense, '\0', sizeof(abATAPISense));
1377 if (pProf) { STAM_PROFILE_ADV_START(pProf, b); }
1378 if (cbTransfer > 100 * _1K)
1379 {
1380 /* Linux accepts commands with up to 100KB of data, but expects
1381 * us to handle commands with up to 128KB of data. The usual
1382 * imbalance of powers. */
1383 uint8_t aATAPICmd[ATAPI_PACKET_SIZE];
1384 uint32_t iATAPILBA, cSectors, cReqSectors, cbCurrTX;
1385 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1386
1387 switch (s->aATAPICmd[0])
1388 {
1389 case SCSI_READ_10:
1390 case SCSI_WRITE_10:
1391 case SCSI_WRITE_AND_VERIFY_10:
1392 iATAPILBA = ataBE2H_U32(s->aATAPICmd + 2);
1393 cSectors = ataBE2H_U16(s->aATAPICmd + 7);
1394 break;
1395 case SCSI_READ_12:
1396 case SCSI_WRITE_12:
1397 iATAPILBA = ataBE2H_U32(s->aATAPICmd + 2);
1398 cSectors = ataBE2H_U32(s->aATAPICmd + 6);
1399 break;
1400 case SCSI_READ_CD:
1401 iATAPILBA = ataBE2H_U32(s->aATAPICmd + 2);
1402 cSectors = ataBE2H_U24(s->aATAPICmd + 6) / s->cbATAPISector;
1403 break;
1404 case SCSI_READ_CD_MSF:
1405 iATAPILBA = ataMSF2LBA(s->aATAPICmd + 3);
1406 cSectors = ataMSF2LBA(s->aATAPICmd + 6) - iATAPILBA;
1407 break;
1408 default:
1409 AssertMsgFailed(("Don't know how to split command %#04x\n", s->aATAPICmd[0]));
1410 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
1411 LogRel(("AHCI ATA: LUN#%d: CD-ROM passthrough split error\n", s->iLUN));
1412 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_ILLEGAL_OPCODE);
1413 {
1414 STAM_PROFILE_START(&pCtl->StatLockWait, a);
1415 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
1416 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
1417 }
1418 return false;
1419 }
1420 memcpy(aATAPICmd, s->aATAPICmd, ATAPI_PACKET_SIZE);
1421 cReqSectors = 0;
1422 for (uint32_t i = cSectors; i > 0; i -= cReqSectors)
1423 {
1424 if (i * s->cbATAPISector > 100 * _1K)
1425 cReqSectors = (100 * _1K) / s->cbATAPISector;
1426 else
1427 cReqSectors = i;
1428 cbCurrTX = s->cbATAPISector * cReqSectors;
1429 switch (s->aATAPICmd[0])
1430 {
1431 case SCSI_READ_10:
1432 case SCSI_WRITE_10:
1433 case SCSI_WRITE_AND_VERIFY_10:
1434 ataH2BE_U32(aATAPICmd + 2, iATAPILBA);
1435 ataH2BE_U16(aATAPICmd + 7, cReqSectors);
1436 break;
1437 case SCSI_READ_12:
1438 case SCSI_WRITE_12:
1439 ataH2BE_U32(aATAPICmd + 2, iATAPILBA);
1440 ataH2BE_U32(aATAPICmd + 6, cReqSectors);
1441 break;
1442 case SCSI_READ_CD:
1443 ataH2BE_U32(s->aATAPICmd + 2, iATAPILBA);
1444 ataH2BE_U24(s->aATAPICmd + 6, cbCurrTX);
1445 break;
1446 case SCSI_READ_CD_MSF:
1447 ataLBA2MSF(aATAPICmd + 3, iATAPILBA);
1448 ataLBA2MSF(aATAPICmd + 6, iATAPILBA + cReqSectors);
1449 break;
1450 }
1451 rc = s->pDrvBlock->pfnSendCmd(s->pDrvBlock, aATAPICmd, (PDMBLOCKTXDIR)s->uTxDir, pbBuf, &cbCurrTX, abATAPISense, sizeof(abATAPISense), 30000 /**< @todo timeout */);
1452 if (rc != VINF_SUCCESS)
1453 break;
1454 iATAPILBA += cReqSectors;
1455 pbBuf += s->cbATAPISector * cReqSectors;
1456 }
1457 }
1458 else
1459 rc = s->pDrvBlock->pfnSendCmd(s->pDrvBlock, s->aATAPICmd, (PDMBLOCKTXDIR)s->uTxDir, s->CTXALLSUFF(pbIOBuffer), &cbTransfer, abATAPISense, sizeof(abATAPISense), 30000 /**< @todo timeout */);
1460 if (pProf) { STAM_PROFILE_ADV_STOP(pProf, b); }
1461
1462 STAM_PROFILE_START(&pCtl->StatLockWait, a);
1463 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
1464 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
1465
1466 /* Update the LEDs and the read/write statistics. */
1467 if (cbTransfer >= 2048)
1468 {
1469 if (s->uTxDir != PDMBLOCKTXDIR_TO_DEVICE)
1470 {
1471 s->pLed->Actual.s.fReading = 0;
1472 STAM_REL_COUNTER_ADD(s->pStatBytesRead, cbTransfer);
1473 }
1474 else
1475 {
1476 s->pLed->Actual.s.fWriting = 0;
1477 STAM_REL_COUNTER_ADD(s->pStatBytesWritten, cbTransfer);
1478 }
1479 }
1480
1481 if (RT_SUCCESS(rc))
1482 {
1483 if (s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE)
1484 {
1485 Assert(cbTransfer <= s->cbTotalTransfer);
1486 /* Reply with the same amount of data as the real drive. */
1487 s->cbTotalTransfer = cbTransfer;
1488 /* The initial buffer end value has been set up based on the total
1489 * transfer size. But the I/O buffer size limits what can actually be
1490 * done in one transfer, so set the actual value of the buffer end. */
1491 s->cbElementaryTransfer = cbTransfer;
1492 if (s->aATAPICmd[0] == SCSI_INQUIRY)
1493 {
1494 /* Make sure that the real drive cannot be identified.
1495 * Motivation: changing the VM configuration should be as
1496 * invisible as possible to the guest. */
1497 Log3(("ATAPI PT inquiry data before (%d): %.*Rhxs\n", cbTransfer, cbTransfer, s->CTXALLSUFF(pbIOBuffer)));
1498 ataSCSIPadStr(s->CTXALLSUFF(pbIOBuffer) + 8, "VBOX", 8);
1499 ataSCSIPadStr(s->CTXALLSUFF(pbIOBuffer) + 16, "CD-ROM", 16);
1500 ataSCSIPadStr(s->CTXALLSUFF(pbIOBuffer) + 32, "1.0", 4);
1501 }
1502 if (cbTransfer)
1503 Log3(("ATAPI PT data read (%d): %.*Rhxs\n", cbTransfer, cbTransfer, s->CTXALLSUFF(pbIOBuffer)));
1504 }
1505 s->iSourceSink = ATAFN_SS_NULL;
1506 atapiCmdOK(s);
1507 }
1508 else
1509 {
1510 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
1511 {
1512 uint8_t u8Cmd = s->aATAPICmd[0];
1513 do
1514 {
1515 /* don't log superfluous errors */
1516 if ( rc == VERR_DEV_IO_ERROR
1517 && ( u8Cmd == SCSI_TEST_UNIT_READY
1518 || u8Cmd == SCSI_READ_CAPACITY
1519 || u8Cmd == SCSI_READ_TOC_PMA_ATIP))
1520 break;
1521 LogRel(("AHCI ATA: LUN#%d: CD-ROM passthrough command (%#04x) error %d %Rrc\n", s->iLUN, u8Cmd, abATAPISense[0] & 0x0f, rc));
1522 } while (0);
1523 }
1524 atapiCmdError(s, abATAPISense, sizeof(abATAPISense));
1525 }
1526 return false;
1527}
1528
1529
1530static bool atapiReadSectors(AHCIATADevState *s, uint32_t iATAPILBA, uint32_t cSectors, uint32_t cbSector)
1531{
1532 Assert(cSectors > 0);
1533 s->iATAPILBA = iATAPILBA;
1534 s->cbATAPISector = cbSector;
1535 ataStartTransfer(s, cSectors * cbSector, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ, true);
1536 return false;
1537}
1538
1539
1540static bool atapiReadCapacitySS(AHCIATADevState *s)
1541{
1542 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1543
1544 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1545 Assert(s->cbElementaryTransfer <= 8);
1546 ataH2BE_U32(pbBuf, s->cTotalSectors - 1);
1547 ataH2BE_U32(pbBuf + 4, 2048);
1548 s->iSourceSink = ATAFN_SS_NULL;
1549 atapiCmdOK(s);
1550 return false;
1551}
1552
1553
1554static bool atapiReadDiscInformationSS(AHCIATADevState *s)
1555{
1556 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1557
1558 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1559 Assert(s->cbElementaryTransfer <= 34);
1560 memset(pbBuf, '\0', 34);
1561 ataH2BE_U16(pbBuf, 32);
1562 pbBuf[2] = (0 << 4) | (3 << 2) | (2 << 0); /* not erasable, complete session, complete disc */
1563 pbBuf[3] = 1; /* number of first track */
1564 pbBuf[4] = 1; /* number of sessions (LSB) */
1565 pbBuf[5] = 1; /* first track number in last session (LSB) */
1566 pbBuf[6] = 1; /* last track number in last session (LSB) */
1567 pbBuf[7] = (0 << 7) | (0 << 6) | (1 << 5) | (0 << 2) | (0 << 0); /* disc id not valid, disc bar code not valid, unrestricted use, not dirty, not RW medium */
1568 pbBuf[8] = 0; /* disc type = CD-ROM */
1569 pbBuf[9] = 0; /* number of sessions (MSB) */
1570 pbBuf[10] = 0; /* number of sessions (MSB) */
1571 pbBuf[11] = 0; /* number of sessions (MSB) */
1572 ataH2BE_U32(pbBuf + 16, 0x00ffffff); /* last session lead-in start time is not available */
1573 ataH2BE_U32(pbBuf + 20, 0x00ffffff); /* last possible start time for lead-out is not available */
1574 s->iSourceSink = ATAFN_SS_NULL;
1575 atapiCmdOK(s);
1576 return false;
1577}
1578
1579
1580static bool atapiReadTrackInformationSS(AHCIATADevState *s)
1581{
1582 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1583
1584 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1585 Assert(s->cbElementaryTransfer <= 36);
1586 /* Accept address/number type of 1 only, and only track 1 exists. */
1587 if ((s->aATAPICmd[1] & 0x03) != 1 || ataBE2H_U32(&s->aATAPICmd[2]) != 1)
1588 {
1589 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
1590 return false;
1591 }
1592 memset(pbBuf, '\0', 36);
1593 ataH2BE_U16(pbBuf, 34);
1594 pbBuf[2] = 1; /* track number (LSB) */
1595 pbBuf[3] = 1; /* session number (LSB) */
1596 pbBuf[5] = (0 << 5) | (0 << 4) | (4 << 0); /* not damaged, primary copy, data track */
1597 pbBuf[6] = (0 << 7) | (0 << 6) | (0 << 5) | (0 << 6) | (1 << 0); /* not reserved track, not blank, not packet writing, not fixed packet, data mode 1 */
1598 pbBuf[7] = (0 << 1) | (0 << 0); /* last recorded address not valid, next recordable address not valid */
1599 ataH2BE_U32(pbBuf + 8, 0); /* track start address is 0 */
1600 ataH2BE_U32(pbBuf + 24, s->cTotalSectors); /* track size */
1601 pbBuf[32] = 0; /* track number (MSB) */
1602 pbBuf[33] = 0; /* session number (MSB) */
1603 s->iSourceSink = ATAFN_SS_NULL;
1604 atapiCmdOK(s);
1605 return false;
1606}
1607
1608static size_t atapiGetConfigurationFillFeatureListProfiles(AHCIATADevState *s, uint8_t *pbBuf, size_t cbBuf)
1609{
1610 if (cbBuf < 3*4)
1611 return 0;
1612
1613 ataH2BE_U16(pbBuf, 0x0); /* feature 0: list of profiles supported */
1614 pbBuf[2] = (0 << 2) | (1 << 1) | (1 || 0); /* version 0, persistent, current */
1615 pbBuf[3] = 8; /* additional bytes for profiles */
1616 /* The MMC-3 spec says that DVD-ROM read capability should be reported
1617 * before CD-ROM read capability. */
1618 ataH2BE_U16(pbBuf + 4, 0x10); /* profile: read-only DVD */
1619 pbBuf[6] = (0 << 0); /* NOT current profile */
1620 ataH2BE_U16(pbBuf + 8, 0x08); /* profile: read only CD */
1621 pbBuf[10] = (1 << 0); /* current profile */
1622
1623 return 3*4; /* Header + 2 profiles entries */
1624}
1625
1626static size_t atapiGetConfigurationFillFeatureCore(AHCIATADevState *s, uint8_t *pbBuf, size_t cbBuf)
1627{
1628 if (cbBuf < 12)
1629 return 0;
1630
1631 ataH2BE_U16(pbBuf, 0x1); /* feature 0001h: Core Feature */
1632 pbBuf[2] = (0x2 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
1633 pbBuf[3] = 8; /* Additional length */
1634 ataH2BE_U16(pbBuf + 4, 0x00000002); /* Physical interface ATAPI. */
1635 pbBuf[8] = RT_BIT(0); /* DBE */
1636 /* Rest is reserved. */
1637
1638 return 12;
1639}
1640
1641static size_t atapiGetConfigurationFillFeatureMorphing(AHCIATADevState *s, uint8_t *pbBuf, size_t cbBuf)
1642{
1643 if (cbBuf < 8)
1644 return 0;
1645
1646 ataH2BE_U16(pbBuf, 0x2); /* feature 0002h: Morphing Feature */
1647 pbBuf[2] = (0x1 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
1648 pbBuf[3] = 4; /* Additional length */
1649 pbBuf[4] = RT_BIT(1) | 0x0; /* OCEvent | !ASYNC */
1650 /* Rest is reserved. */
1651
1652 return 8;
1653}
1654
1655static size_t atapiGetConfigurationFillFeatureRemovableMedium(AHCIATADevState *s, uint8_t *pbBuf, size_t cbBuf)
1656{
1657 if (cbBuf < 8)
1658 return 0;
1659
1660 ataH2BE_U16(pbBuf, 0x3); /* feature 0003h: Removable Medium Feature */
1661 pbBuf[2] = (0x2 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
1662 pbBuf[3] = 4; /* Additional length */
1663 /* Tray type loading | Load | Eject | !Pvnt Jmpr | !DBML | Lock */
1664 pbBuf[4] = (0x2 << 5) | RT_BIT(4) | RT_BIT(3) | (0x0 << 2) | (0x0 << 1) | RT_BIT(0);
1665 /* Rest is reserved. */
1666
1667 return 8;
1668}
1669
1670static size_t atapiGetConfigurationFillFeatureRandomReadable(AHCIATADevState *s, uint8_t *pbBuf, size_t cbBuf)
1671{
1672 if (cbBuf < 12)
1673 return 0;
1674
1675 ataH2BE_U16(pbBuf, 0x10); /* feature 0010h: Random Readable Feature */
1676 pbBuf[2] = (0x0 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
1677 pbBuf[3] = 8; /* Additional length */
1678 ataH2BE_U32(pbBuf + 4, 2048); /* Logical block size. */
1679 ataH2BE_U16(pbBuf + 8, 0x10); /* Blocking (0x10 for DVD, CD is not defined). */
1680 pbBuf[10] = 0; /* PP not present */
1681 /* Rest is reserved. */
1682
1683 return 12;
1684}
1685
1686static size_t atapiGetConfigurationFillFeatureCDRead(AHCIATADevState *s, uint8_t *pbBuf, size_t cbBuf)
1687{
1688 if (cbBuf < 8)
1689 return 0;
1690
1691 ataH2BE_U16(pbBuf, 0x1e); /* feature 001Eh: CD Read Feature */
1692 pbBuf[2] = (0x2 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
1693 pbBuf[3] = 0; /* Additional length */
1694 pbBuf[4] = (0x0 << 7) | (0x0 << 1) | 0x0; /* !DAP | !C2-Flags | !CD-Text. */
1695 /* Rest is reserved. */
1696
1697 return 8;
1698}
1699
1700static size_t atapiGetConfigurationFillFeaturePowerManagement(AHCIATADevState *s, uint8_t *pbBuf, size_t cbBuf)
1701{
1702 if (cbBuf < 4)
1703 return 0;
1704
1705 ataH2BE_U16(pbBuf, 0x100); /* feature 0100h: Power Management Feature */
1706 pbBuf[2] = (0x0 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
1707 pbBuf[3] = 0; /* Additional length */
1708
1709 return 4;
1710}
1711
1712static size_t atapiGetConfigurationFillFeatureTimeout(AHCIATADevState *s, uint8_t *pbBuf, size_t cbBuf)
1713{
1714 if (cbBuf < 8)
1715 return 0;
1716
1717 ataH2BE_U16(pbBuf, 0x105); /* feature 0105h: Timeout Feature */
1718 pbBuf[2] = (0x0 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
1719 pbBuf[3] = 4; /* Additional length */
1720 pbBuf[4] = 0x0; /* !Group3 */
1721
1722 return 8;
1723}
1724
1725static bool atapiGetConfigurationSS(AHCIATADevState *s)
1726{
1727 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1728 size_t cbBuf = s->cbIOBuffer;
1729 size_t cbCopied = 0;
1730 uint16_t u16Sfn = ataBE2H_U16(&s->aATAPICmd[2]);
1731
1732 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1733 Assert(s->cbElementaryTransfer <= 80);
1734 /* Accept valid request types only, and only starting feature 0. */
1735 if ((s->aATAPICmd[1] & 0x03) == 3 || u16Sfn != 0)
1736 {
1737 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
1738 return false;
1739 }
1740 memset(pbBuf, '\0', cbBuf);
1741 /** @todo implement switching between CD-ROM and DVD-ROM profile (the only
1742 * way to differentiate them right now is based on the image size). */
1743 if (s->cTotalSectors)
1744 ataH2BE_U16(pbBuf + 6, 0x08); /* current profile: read-only CD */
1745 else
1746 ataH2BE_U16(pbBuf + 6, 0x00); /* current profile: none -> no media */
1747 cbBuf -= 8;
1748 pbBuf += 8;
1749
1750 cbCopied = atapiGetConfigurationFillFeatureListProfiles(s, pbBuf, cbBuf);
1751 cbBuf -= cbCopied;
1752 pbBuf += cbCopied;
1753
1754 cbCopied = atapiGetConfigurationFillFeatureCore(s, pbBuf, cbBuf);
1755 cbBuf -= cbCopied;
1756 pbBuf += cbCopied;
1757
1758 cbCopied = atapiGetConfigurationFillFeatureMorphing(s, pbBuf, cbBuf);
1759 cbBuf -= cbCopied;
1760 pbBuf += cbCopied;
1761
1762 cbCopied = atapiGetConfigurationFillFeatureRemovableMedium(s, pbBuf, cbBuf);
1763 cbBuf -= cbCopied;
1764 pbBuf += cbCopied;
1765
1766 cbCopied = atapiGetConfigurationFillFeatureRandomReadable(s, pbBuf, cbBuf);
1767 cbBuf -= cbCopied;
1768 pbBuf += cbCopied;
1769
1770 cbCopied = atapiGetConfigurationFillFeatureCDRead(s, pbBuf, cbBuf);
1771 cbBuf -= cbCopied;
1772 pbBuf += cbCopied;
1773
1774 cbCopied = atapiGetConfigurationFillFeaturePowerManagement(s, pbBuf, cbBuf);
1775 cbBuf -= cbCopied;
1776 pbBuf += cbCopied;
1777
1778 cbCopied = atapiGetConfigurationFillFeatureTimeout(s, pbBuf, cbBuf);
1779 cbBuf -= cbCopied;
1780 pbBuf += cbCopied;
1781
1782 /* Set data length now. */
1783 ataH2BE_U32(s->CTX_SUFF(pbIOBuffer), s->cbIOBuffer - cbBuf);
1784
1785 /* Other profiles we might want to add in the future: 0x40 (BD-ROM) and 0x50 (HDDVD-ROM) */
1786 s->iSourceSink = ATAFN_SS_NULL;
1787 atapiCmdOK(s);
1788 return false;
1789}
1790
1791
1792static bool atapiGetEventStatusNotificationSS(AHCIATADevState *s)
1793{
1794 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
1795
1796 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1797 Assert(s->cbElementaryTransfer <= 8);
1798
1799 if (!(s->aATAPICmd[1] & 1))
1800 {
1801 /* no asynchronous operation supported */
1802 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
1803 return false;
1804 }
1805
1806 uint32_t OldStatus, NewStatus;
1807 do
1808 {
1809 OldStatus = ASMAtomicReadU32(&s->MediaEventStatus);
1810 NewStatus = ATA_EVENT_STATUS_UNCHANGED;
1811 switch (OldStatus)
1812 {
1813 case ATA_EVENT_STATUS_MEDIA_NEW:
1814 /* mount */
1815 ataH2BE_U16(pbBuf + 0, 6);
1816 pbBuf[2] = 0x04; /* media */
1817 pbBuf[3] = 0x5e; /* supported = busy|media|external|power|operational */
1818 pbBuf[4] = 0x02; /* new medium */
1819 pbBuf[5] = 0x02; /* medium present / door closed */
1820 pbBuf[6] = 0x00;
1821 pbBuf[7] = 0x00;
1822 break;
1823
1824 case ATA_EVENT_STATUS_MEDIA_CHANGED:
1825 case ATA_EVENT_STATUS_MEDIA_REMOVED:
1826 /* umount */
1827 ataH2BE_U16(pbBuf + 0, 6);
1828 pbBuf[2] = 0x04; /* media */
1829 pbBuf[3] = 0x5e; /* supported = busy|media|external|power|operational */
1830 pbBuf[4] = 0x03; /* media removal */
1831 pbBuf[5] = 0x00; /* medium absent / door closed */
1832 pbBuf[6] = 0x00;
1833 pbBuf[7] = 0x00;
1834 if (OldStatus == ATA_EVENT_STATUS_MEDIA_CHANGED)
1835 NewStatus = ATA_EVENT_STATUS_MEDIA_NEW;
1836 break;
1837
1838 case ATA_EVENT_STATUS_MEDIA_EJECT_REQUESTED: /* currently unused */
1839 ataH2BE_U16(pbBuf + 0, 6);
1840 pbBuf[2] = 0x04; /* media */
1841 pbBuf[3] = 0x5e; /* supported = busy|media|external|power|operational */
1842 pbBuf[4] = 0x01; /* eject requested (eject button pressed) */
1843 pbBuf[5] = 0x02; /* medium present / door closed */
1844 pbBuf[6] = 0x00;
1845 pbBuf[7] = 0x00;
1846 break;
1847
1848 case ATA_EVENT_STATUS_UNCHANGED:
1849 default:
1850 ataH2BE_U16(pbBuf + 0, 6);
1851 pbBuf[2] = 0x01; /* operational change request / notification */
1852 pbBuf[3] = 0x5e; /* supported = busy|media|external|power|operational */
1853 pbBuf[4] = 0x00;
1854 pbBuf[5] = 0x00;
1855 pbBuf[6] = 0x00;
1856 pbBuf[7] = 0x00;
1857 break;
1858 }
1859 } while (!ASMAtomicCmpXchgU32(&s->MediaEventStatus, NewStatus, OldStatus));
1860
1861 s->iSourceSink = ATAFN_SS_NULL;
1862 atapiCmdOK(s);
1863 return false;
1864}
1865
1866
1867static bool atapiInquirySS(AHCIATADevState *s)
1868{
1869 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1870
1871 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1872 Assert(s->cbElementaryTransfer <= 36);
1873 pbBuf[0] = 0x05; /* CD-ROM */
1874 pbBuf[1] = 0x80; /* removable */
1875#if 1/*ndef VBOX*/ /** @todo implement MESN + AENC. (async notification on removal and stuff.) */
1876 pbBuf[2] = 0x00; /* ISO */
1877 pbBuf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1878#else
1879 pbBuf[2] = 0x00; /* ISO */
1880 pbBuf[3] = 0x91; /* format 1, MESN=1, AENC=9 ??? */
1881#endif
1882 pbBuf[4] = 31; /* additional length */
1883 pbBuf[5] = 0; /* reserved */
1884 pbBuf[6] = 0; /* reserved */
1885 pbBuf[7] = 0; /* reserved */
1886 ataSCSIPadStr(pbBuf + 8, s->pszInquiryVendorId, 8);
1887 ataSCSIPadStr(pbBuf + 16, s->pszInquiryProductId, 16);
1888 ataSCSIPadStr(pbBuf + 32, s->pszInquiryRevision, 4);
1889 s->iSourceSink = ATAFN_SS_NULL;
1890 atapiCmdOK(s);
1891 return false;
1892}
1893
1894
1895static bool atapiModeSenseErrorRecoverySS(AHCIATADevState *s)
1896{
1897 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1898
1899 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1900 Assert(s->cbElementaryTransfer <= 16);
1901 ataH2BE_U16(&pbBuf[0], 16 + 6);
1902 pbBuf[2] = 0x70;
1903 pbBuf[3] = 0;
1904 pbBuf[4] = 0;
1905 pbBuf[5] = 0;
1906 pbBuf[6] = 0;
1907 pbBuf[7] = 0;
1908
1909 pbBuf[8] = 0x01;
1910 pbBuf[9] = 0x06;
1911 pbBuf[10] = 0x00;
1912 pbBuf[11] = 0x05;
1913 pbBuf[12] = 0x00;
1914 pbBuf[13] = 0x00;
1915 pbBuf[14] = 0x00;
1916 pbBuf[15] = 0x00;
1917 s->iSourceSink = ATAFN_SS_NULL;
1918 atapiCmdOK(s);
1919 return false;
1920}
1921
1922
1923static bool atapiModeSenseCDStatusSS(AHCIATADevState *s)
1924{
1925 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1926
1927 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1928 Assert(s->cbElementaryTransfer <= 40);
1929 ataH2BE_U16(&pbBuf[0], 38);
1930 pbBuf[2] = 0x70;
1931 pbBuf[3] = 0;
1932 pbBuf[4] = 0;
1933 pbBuf[5] = 0;
1934 pbBuf[6] = 0;
1935 pbBuf[7] = 0;
1936
1937 pbBuf[8] = 0x2a;
1938 pbBuf[9] = 30; /* page length */
1939 pbBuf[10] = 0x08; /* DVD-ROM read support */
1940 pbBuf[11] = 0x00; /* no write support */
1941 /* The following claims we support audio play. This is obviously false,
1942 * but the Linux generic CDROM support makes many features depend on this
1943 * capability. If it's not set, this causes many things to be disabled. */
1944 pbBuf[12] = 0x71; /* multisession support, mode 2 form 1/2 support, audio play */
1945 pbBuf[13] = 0x00; /* no subchannel reads supported */
1946 pbBuf[14] = (1 << 0) | (1 << 3) | (1 << 5); /* lock supported, eject supported, tray type loading mechanism */
1947 if (s->pDrvMount->pfnIsLocked(s->pDrvMount))
1948 pbBuf[14] |= 1 << 1; /* report lock state */
1949 pbBuf[15] = 0; /* no subchannel reads supported, no separate audio volume control, no changer etc. */
1950 ataH2BE_U16(&pbBuf[16], 5632); /* (obsolete) claim 32x speed support */
1951 ataH2BE_U16(&pbBuf[18], 2); /* number of audio volume levels */
1952 ataH2BE_U16(&pbBuf[20], s->cbIOBuffer / _1K); /* buffer size supported in Kbyte */
1953 ataH2BE_U16(&pbBuf[22], 5632); /* (obsolete) current read speed 32x */
1954 pbBuf[24] = 0; /* reserved */
1955 pbBuf[25] = 0; /* reserved for digital audio (see idx 15) */
1956 ataH2BE_U16(&pbBuf[26], 0); /* (obsolete) maximum write speed */
1957 ataH2BE_U16(&pbBuf[28], 0); /* (obsolete) current write speed */
1958 ataH2BE_U16(&pbBuf[30], 0); /* copy management revision supported 0=no CSS */
1959 pbBuf[32] = 0; /* reserved */
1960 pbBuf[33] = 0; /* reserved */
1961 pbBuf[34] = 0; /* reserved */
1962 pbBuf[35] = 1; /* rotation control CAV */
1963 ataH2BE_U16(&pbBuf[36], 0); /* current write speed */
1964 ataH2BE_U16(&pbBuf[38], 0); /* number of write speed performance descriptors */
1965 s->iSourceSink = ATAFN_SS_NULL;
1966 atapiCmdOK(s);
1967 return false;
1968}
1969
1970
1971static bool atapiRequestSenseSS(AHCIATADevState *s)
1972{
1973 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1974
1975 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1976 memset(pbBuf, '\0', s->cbElementaryTransfer);
1977 memcpy(pbBuf, s->abATAPISense, RT_MIN(s->cbElementaryTransfer, sizeof(s->abATAPISense)));
1978 s->iSourceSink = ATAFN_SS_NULL;
1979 atapiCmdOK(s);
1980 return false;
1981}
1982
1983
1984static bool atapiMechanismStatusSS(AHCIATADevState *s)
1985{
1986 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1987
1988 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1989 Assert(s->cbElementaryTransfer <= 8);
1990 ataH2BE_U16(pbBuf, 0);
1991 /* no current LBA */
1992 pbBuf[2] = 0;
1993 pbBuf[3] = 0;
1994 pbBuf[4] = 0;
1995 pbBuf[5] = 1;
1996 ataH2BE_U16(pbBuf + 6, 0);
1997 s->iSourceSink = ATAFN_SS_NULL;
1998 atapiCmdOK(s);
1999 return false;
2000}
2001
2002
2003static bool atapiReadTOCNormalSS(AHCIATADevState *s)
2004{
2005 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer), *q, iStartTrack;
2006 bool fMSF;
2007 uint32_t cbSize;
2008
2009 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
2010 fMSF = (s->aATAPICmd[1] >> 1) & 1;
2011 iStartTrack = s->aATAPICmd[6];
2012 if (iStartTrack > 1 && iStartTrack != 0xaa)
2013 {
2014 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2015 return false;
2016 }
2017 q = pbBuf + 2;
2018 *q++ = 1; /* first session */
2019 *q++ = 1; /* last session */
2020 if (iStartTrack <= 1)
2021 {
2022 *q++ = 0; /* reserved */
2023 *q++ = 0x14; /* ADR, control */
2024 *q++ = 1; /* track number */
2025 *q++ = 0; /* reserved */
2026 if (fMSF)
2027 {
2028 *q++ = 0; /* reserved */
2029 ataLBA2MSF(q, 0);
2030 q += 3;
2031 }
2032 else
2033 {
2034 /* sector 0 */
2035 ataH2BE_U32(q, 0);
2036 q += 4;
2037 }
2038 }
2039 /* lead out track */
2040 *q++ = 0; /* reserved */
2041 *q++ = 0x14; /* ADR, control */
2042 *q++ = 0xaa; /* track number */
2043 *q++ = 0; /* reserved */
2044 if (fMSF)
2045 {
2046 *q++ = 0; /* reserved */
2047 ataLBA2MSF(q, s->cTotalSectors);
2048 q += 3;
2049 }
2050 else
2051 {
2052 ataH2BE_U32(q, s->cTotalSectors);
2053 q += 4;
2054 }
2055 cbSize = q - pbBuf;
2056 ataH2BE_U16(pbBuf, cbSize - 2);
2057 if (cbSize < s->cbTotalTransfer)
2058 s->cbTotalTransfer = cbSize;
2059 s->iSourceSink = ATAFN_SS_NULL;
2060 atapiCmdOK(s);
2061 return false;
2062}
2063
2064
2065static bool atapiReadTOCMultiSS(AHCIATADevState *s)
2066{
2067 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
2068 bool fMSF;
2069
2070 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
2071 Assert(s->cbElementaryTransfer <= 12);
2072 fMSF = (s->aATAPICmd[1] >> 1) & 1;
2073 /* multi session: only a single session defined */
2074/** @todo double-check this stuff against what a real drive says for a CD-ROM (not a CD-R) with only a single data session. Maybe solve the problem with "cdrdao read-toc" not being able to figure out whether numbers are in BCD or hex. */
2075 memset(pbBuf, 0, 12);
2076 pbBuf[1] = 0x0a;
2077 pbBuf[2] = 0x01;
2078 pbBuf[3] = 0x01;
2079 pbBuf[5] = 0x14; /* ADR, control */
2080 pbBuf[6] = 1; /* first track in last complete session */
2081 if (fMSF)
2082 {
2083 pbBuf[8] = 0; /* reserved */
2084 ataLBA2MSF(&pbBuf[9], 0);
2085 }
2086 else
2087 {
2088 /* sector 0 */
2089 ataH2BE_U32(pbBuf + 8, 0);
2090 }
2091 s->iSourceSink = ATAFN_SS_NULL;
2092 atapiCmdOK(s);
2093 return false;
2094}
2095
2096
2097static bool atapiReadTOCRawSS(AHCIATADevState *s)
2098{
2099 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer), *q, iStartTrack;
2100 bool fMSF;
2101 uint32_t cbSize;
2102
2103 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
2104 fMSF = (s->aATAPICmd[1] >> 1) & 1;
2105 iStartTrack = s->aATAPICmd[6];
2106
2107 q = pbBuf + 2;
2108 *q++ = 1; /* first session */
2109 *q++ = 1; /* last session */
2110
2111 *q++ = 1; /* session number */
2112 *q++ = 0x14; /* data track */
2113 *q++ = 0; /* track number */
2114 *q++ = 0xa0; /* first track in program area */
2115 *q++ = 0; /* min */
2116 *q++ = 0; /* sec */
2117 *q++ = 0; /* frame */
2118 *q++ = 0;
2119 *q++ = 1; /* first track */
2120 *q++ = 0x00; /* disk type CD-DA or CD data */
2121 *q++ = 0;
2122
2123 *q++ = 1; /* session number */
2124 *q++ = 0x14; /* data track */
2125 *q++ = 0; /* track number */
2126 *q++ = 0xa1; /* last track in program area */
2127 *q++ = 0; /* min */
2128 *q++ = 0; /* sec */
2129 *q++ = 0; /* frame */
2130 *q++ = 0;
2131 *q++ = 1; /* last track */
2132 *q++ = 0;
2133 *q++ = 0;
2134
2135 *q++ = 1; /* session number */
2136 *q++ = 0x14; /* data track */
2137 *q++ = 0; /* track number */
2138 *q++ = 0xa2; /* lead-out */
2139 *q++ = 0; /* min */
2140 *q++ = 0; /* sec */
2141 *q++ = 0; /* frame */
2142 if (fMSF)
2143 {
2144 *q++ = 0; /* reserved */
2145 ataLBA2MSF(q, s->cTotalSectors);
2146 q += 3;
2147 }
2148 else
2149 {
2150 ataH2BE_U32(q, s->cTotalSectors);
2151 q += 4;
2152 }
2153
2154 *q++ = 1; /* session number */
2155 *q++ = 0x14; /* ADR, control */
2156 *q++ = 0; /* track number */
2157 *q++ = 1; /* point */
2158 *q++ = 0; /* min */
2159 *q++ = 0; /* sec */
2160 *q++ = 0; /* frame */
2161 if (fMSF)
2162 {
2163 *q++ = 0; /* reserved */
2164 ataLBA2MSF(q, 0);
2165 q += 3;
2166 }
2167 else
2168 {
2169 /* sector 0 */
2170 ataH2BE_U32(q, 0);
2171 q += 4;
2172 }
2173
2174 cbSize = q - pbBuf;
2175 ataH2BE_U16(pbBuf, cbSize - 2);
2176 if (cbSize < s->cbTotalTransfer)
2177 s->cbTotalTransfer = cbSize;
2178 s->iSourceSink = ATAFN_SS_NULL;
2179 atapiCmdOK(s);
2180 return false;
2181}
2182
2183
2184static void atapiParseCmdVirtualATAPI(AHCIATADevState *s)
2185{
2186 const uint8_t *pbPacket;
2187 uint8_t *pbBuf;
2188 uint32_t cbMax;
2189
2190 pbPacket = s->aATAPICmd;
2191 pbBuf = s->CTXALLSUFF(pbIOBuffer);
2192 switch (pbPacket[0])
2193 {
2194 case SCSI_TEST_UNIT_READY:
2195 if (s->cNotifiedMediaChange > 0)
2196 {
2197 if (s->cNotifiedMediaChange-- > 2)
2198 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2199 else
2200 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2201 }
2202 else if (s->pDrvMount->pfnIsMounted(s->pDrvMount))
2203 atapiCmdOK(s);
2204 else
2205 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2206 break;
2207 case SCSI_GET_EVENT_STATUS_NOTIFICATION:
2208 cbMax = ataBE2H_U16(pbPacket + 7);
2209 ataStartTransfer(s, RT_MIN(cbMax, 8), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_GET_EVENT_STATUS_NOTIFICATION, true);
2210 break;
2211 case SCSI_MODE_SENSE_10:
2212 {
2213 uint8_t uPageControl, uPageCode;
2214 cbMax = ataBE2H_U16(pbPacket + 7);
2215 uPageControl = pbPacket[2] >> 6;
2216 uPageCode = pbPacket[2] & 0x3f;
2217 switch (uPageControl)
2218 {
2219 case SCSI_PAGECONTROL_CURRENT:
2220 switch (uPageCode)
2221 {
2222 case SCSI_MODEPAGE_ERROR_RECOVERY:
2223 ataStartTransfer(s, RT_MIN(cbMax, 16), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_MODE_SENSE_ERROR_RECOVERY, true);
2224 break;
2225 case SCSI_MODEPAGE_CD_STATUS:
2226 ataStartTransfer(s, RT_MIN(cbMax, 40), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_MODE_SENSE_CD_STATUS, true);
2227 break;
2228 default:
2229 goto error_cmd;
2230 }
2231 break;
2232 case SCSI_PAGECONTROL_CHANGEABLE:
2233 goto error_cmd;
2234 case SCSI_PAGECONTROL_DEFAULT:
2235 goto error_cmd;
2236 default:
2237 case SCSI_PAGECONTROL_SAVED:
2238 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
2239 break;
2240 }
2241 }
2242 break;
2243 case SCSI_REQUEST_SENSE:
2244 cbMax = pbPacket[4];
2245 ataStartTransfer(s, RT_MIN(cbMax, 18), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_REQUEST_SENSE, true);
2246 break;
2247 case SCSI_PREVENT_ALLOW_MEDIUM_REMOVAL:
2248 if (s->pDrvMount->pfnIsMounted(s->pDrvMount))
2249 {
2250 if (pbPacket[4] & 1)
2251 s->pDrvMount->pfnLock(s->pDrvMount);
2252 else
2253 s->pDrvMount->pfnUnlock(s->pDrvMount);
2254 atapiCmdOK(s);
2255 }
2256 else
2257 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2258 break;
2259 case SCSI_READ_10:
2260 case SCSI_READ_12:
2261 {
2262 uint32_t cSectors, iATAPILBA;
2263
2264 if (s->cNotifiedMediaChange > 0)
2265 {
2266 s->cNotifiedMediaChange-- ;
2267 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2268 break;
2269 }
2270 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
2271 {
2272 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2273 break;
2274 }
2275 if (pbPacket[0] == SCSI_READ_10)
2276 cSectors = ataBE2H_U16(pbPacket + 7);
2277 else
2278 cSectors = ataBE2H_U32(pbPacket + 6);
2279 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2280 if (cSectors == 0)
2281 {
2282 atapiCmdOK(s);
2283 break;
2284 }
2285 if ((uint64_t)iATAPILBA + cSectors > s->cTotalSectors)
2286 {
2287 /* Rate limited logging, one log line per second. For
2288 * guests that insist on reading from places outside the
2289 * valid area this often generates too many release log
2290 * entries otherwise. */
2291 static uint64_t uLastLogTS = 0;
2292 if (RTTimeMilliTS() >= uLastLogTS + 1000)
2293 {
2294 LogRel(("AHCI ATA: LUN#%d: CD-ROM block number %Ld invalid (READ)\n", s->iLUN, (uint64_t)iATAPILBA + cSectors));
2295 uLastLogTS = RTTimeMilliTS();
2296 }
2297 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_LOGICAL_BLOCK_OOR);
2298 break;
2299 }
2300 atapiReadSectors(s, iATAPILBA, cSectors, 2048);
2301 }
2302 break;
2303 case SCSI_READ_CD:
2304 {
2305 uint32_t cSectors, iATAPILBA;
2306
2307 if (s->cNotifiedMediaChange > 0)
2308 {
2309 s->cNotifiedMediaChange-- ;
2310 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2311 break;
2312 }
2313 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
2314 {
2315 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2316 break;
2317 }
2318 cSectors = (pbPacket[6] << 16) | (pbPacket[7] << 8) | pbPacket[8];
2319 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2320 if (cSectors == 0)
2321 {
2322 atapiCmdOK(s);
2323 break;
2324 }
2325 if ((uint64_t)iATAPILBA + cSectors > s->cTotalSectors)
2326 {
2327 /* Rate limited logging, one log line per second. For
2328 * guests that insist on reading from places outside the
2329 * valid area this often generates too many release log
2330 * entries otherwise. */
2331 static uint64_t uLastLogTS = 0;
2332 if (RTTimeMilliTS() >= uLastLogTS + 1000)
2333 {
2334 LogRel(("AHCI ATA: LUN#%d: CD-ROM block number %Ld invalid (READ CD)\n", s->iLUN, (uint64_t)iATAPILBA + cSectors));
2335 uLastLogTS = RTTimeMilliTS();
2336 }
2337 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_LOGICAL_BLOCK_OOR);
2338 break;
2339 }
2340 switch (pbPacket[9] & 0xf8)
2341 {
2342 case 0x00:
2343 /* nothing */
2344 atapiCmdOK(s);
2345 break;
2346 case 0x10:
2347 /* normal read */
2348 atapiReadSectors(s, iATAPILBA, cSectors, 2048);
2349 break;
2350 case 0xf8:
2351 /* read all data */
2352 atapiReadSectors(s, iATAPILBA, cSectors, 2352);
2353 break;
2354 default:
2355 LogRel(("AHCI ATA: LUN#%d: CD-ROM sector format not supported\n", s->iLUN));
2356 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2357 break;
2358 }
2359 }
2360 break;
2361 case SCSI_SEEK_10:
2362 {
2363 uint32_t iATAPILBA;
2364 if (s->cNotifiedMediaChange > 0)
2365 {
2366 s->cNotifiedMediaChange-- ;
2367 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2368 break;
2369 }
2370 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
2371 {
2372 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2373 break;
2374 }
2375 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2376 if (iATAPILBA > s->cTotalSectors)
2377 {
2378 /* Rate limited logging, one log line per second. For
2379 * guests that insist on seeking to places outside the
2380 * valid area this often generates too many release log
2381 * entries otherwise. */
2382 static uint64_t uLastLogTS = 0;
2383 if (RTTimeMilliTS() >= uLastLogTS + 1000)
2384 {
2385 LogRel(("AHCI ATA: LUN#%d: CD-ROM block number %Ld invalid (SEEK)\n", s->iLUN, (uint64_t)iATAPILBA));
2386 uLastLogTS = RTTimeMilliTS();
2387 }
2388 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_LOGICAL_BLOCK_OOR);
2389 break;
2390 }
2391 atapiCmdOK(s);
2392 ataSetStatus(s, ATA_STAT_SEEK); /* Linux expects this. */
2393 }
2394 break;
2395 case SCSI_START_STOP_UNIT:
2396 {
2397 int rc = VINF_SUCCESS;
2398 switch (pbPacket[4] & 3)
2399 {
2400 case 0: /* 00 - Stop motor */
2401 case 1: /* 01 - Start motor */
2402 break;
2403 case 2: /* 10 - Eject media */
2404 /* This must be done from EMT. */
2405 {
2406 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
2407 PPDMDEVINS pDevIns = ATADEVSTATE_2_DEVINS(s);
2408
2409 PDMCritSectLeave(&pCtl->lock);
2410 rc = VMR3ReqCallWait(PDMDevHlpGetVM(pDevIns), VMCPUID_ANY,
2411 (PFNRT)s->pDrvMount->pfnUnmount, 3, s->pDrvMount,
2412 false /*=fForce*/, true /*=fEeject*/);
2413 Assert(RT_SUCCESS(rc) || (rc == VERR_PDM_MEDIA_LOCKED) || (rc = VERR_PDM_MEDIA_NOT_MOUNTED));
2414 {
2415 STAM_PROFILE_START(&pCtl->StatLockWait, a);
2416 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
2417 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
2418 }
2419 }
2420 break;
2421 case 3: /* 11 - Load media */
2422 /** @todo rc = s->pDrvMount->pfnLoadMedia(s->pDrvMount) */
2423 break;
2424 }
2425 if (RT_SUCCESS(rc))
2426 atapiCmdOK(s);
2427 else
2428 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIA_LOAD_OR_EJECT_FAILED);
2429 }
2430 break;
2431 case SCSI_MECHANISM_STATUS:
2432 {
2433 cbMax = ataBE2H_U16(pbPacket + 8);
2434 ataStartTransfer(s, RT_MIN(cbMax, 8), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_MECHANISM_STATUS, true);
2435 }
2436 break;
2437 case SCSI_READ_TOC_PMA_ATIP:
2438 {
2439 uint8_t format;
2440
2441 if (s->cNotifiedMediaChange > 0)
2442 {
2443 s->cNotifiedMediaChange-- ;
2444 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2445 break;
2446 }
2447 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
2448 {
2449 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2450 break;
2451 }
2452 cbMax = ataBE2H_U16(pbPacket + 7);
2453 /* SCSI MMC-3 spec says format is at offset 2 (lower 4 bits),
2454 * but Linux kernel uses offset 9 (topmost 2 bits). Hope that
2455 * the other field is clear... */
2456 format = (pbPacket[2] & 0xf) | (pbPacket[9] >> 6);
2457 switch (format)
2458 {
2459 case 0:
2460 ataStartTransfer(s, cbMax, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_TOC_NORMAL, true);
2461 break;
2462 case 1:
2463 ataStartTransfer(s, RT_MIN(cbMax, 12), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_TOC_MULTI, true);
2464 break;
2465 case 2:
2466 ataStartTransfer(s, cbMax, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_TOC_RAW, true);
2467 break;
2468 default:
2469 error_cmd:
2470 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2471 break;
2472 }
2473 }
2474 break;
2475 case SCSI_READ_CAPACITY:
2476 if (s->cNotifiedMediaChange > 0)
2477 {
2478 s->cNotifiedMediaChange-- ;
2479 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2480 break;
2481 }
2482 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
2483 {
2484 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2485 break;
2486 }
2487 ataStartTransfer(s, 8, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_CAPACITY, true);
2488 break;
2489 case SCSI_READ_DISC_INFORMATION:
2490 if (s->cNotifiedMediaChange > 0)
2491 {
2492 s->cNotifiedMediaChange-- ;
2493 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2494 break;
2495 }
2496 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
2497 {
2498 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2499 break;
2500 }
2501 cbMax = ataBE2H_U16(pbPacket + 7);
2502 ataStartTransfer(s, RT_MIN(cbMax, 34), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_DISC_INFORMATION, true);
2503 break;
2504 case SCSI_READ_TRACK_INFORMATION:
2505 if (s->cNotifiedMediaChange > 0)
2506 {
2507 s->cNotifiedMediaChange-- ;
2508 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2509 break;
2510 }
2511 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
2512 {
2513 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2514 break;
2515 }
2516 cbMax = ataBE2H_U16(pbPacket + 7);
2517 ataStartTransfer(s, RT_MIN(cbMax, 36), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_TRACK_INFORMATION, true);
2518 break;
2519 case SCSI_GET_CONFIGURATION:
2520 /* No media change stuff here, it can confuse Linux guests. */
2521 cbMax = ataBE2H_U16(pbPacket + 7);
2522 ataStartTransfer(s, RT_MIN(cbMax, 80), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_GET_CONFIGURATION, true);
2523 break;
2524 case SCSI_INQUIRY:
2525 cbMax = ataBE2H_U16(pbPacket + 3);
2526 ataStartTransfer(s, RT_MIN(cbMax, 36), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_INQUIRY, true);
2527 break;
2528 default:
2529 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_ILLEGAL_OPCODE);
2530 break;
2531 }
2532}
2533
2534
2535/*
2536 * Parse ATAPI commands, passing them directly to the CD/DVD drive.
2537 */
2538static void atapiParseCmdPassthrough(AHCIATADevState *s)
2539{
2540 const uint8_t *pbPacket;
2541 uint8_t *pbBuf;
2542 uint32_t cSectors, iATAPILBA;
2543 uint32_t cbTransfer = 0;
2544 PDMBLOCKTXDIR uTxDir = PDMBLOCKTXDIR_NONE;
2545
2546 pbPacket = s->aATAPICmd;
2547 pbBuf = s->CTXALLSUFF(pbIOBuffer);
2548 switch (pbPacket[0])
2549 {
2550 case SCSI_BLANK:
2551 goto sendcmd;
2552 case SCSI_CLOSE_TRACK_SESSION:
2553 goto sendcmd;
2554 case SCSI_ERASE_10:
2555 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2556 cbTransfer = ataBE2H_U16(pbPacket + 7);
2557 Log2(("ATAPI PT: lba %d\n", iATAPILBA));
2558 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2559 goto sendcmd;
2560 case SCSI_FORMAT_UNIT:
2561 cbTransfer = s->uATARegLCyl | (s->uATARegHCyl << 8); /* use ATAPI transfer length */
2562 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2563 goto sendcmd;
2564 case SCSI_GET_CONFIGURATION:
2565 cbTransfer = ataBE2H_U16(pbPacket + 7);
2566 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2567 goto sendcmd;
2568 case SCSI_GET_EVENT_STATUS_NOTIFICATION:
2569 cbTransfer = ataBE2H_U16(pbPacket + 7);
2570 if (ASMAtomicReadU32(&s->MediaEventStatus) != ATA_EVENT_STATUS_UNCHANGED)
2571 {
2572 ataStartTransfer(s, RT_MIN(cbTransfer, 8), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_GET_EVENT_STATUS_NOTIFICATION, true);
2573 break;
2574 }
2575 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2576 goto sendcmd;
2577 case SCSI_GET_PERFORMANCE:
2578 cbTransfer = s->uATARegLCyl | (s->uATARegHCyl << 8); /* use ATAPI transfer length */
2579 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2580 goto sendcmd;
2581 case SCSI_INQUIRY:
2582 cbTransfer = ataBE2H_U16(pbPacket + 3);
2583 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2584 goto sendcmd;
2585 case SCSI_LOAD_UNLOAD_MEDIUM:
2586 goto sendcmd;
2587 case SCSI_MECHANISM_STATUS:
2588 cbTransfer = ataBE2H_U16(pbPacket + 8);
2589 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2590 goto sendcmd;
2591 case SCSI_MODE_SELECT_10:
2592 cbTransfer = ataBE2H_U16(pbPacket + 7);
2593 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2594 goto sendcmd;
2595 case SCSI_MODE_SENSE_10:
2596 cbTransfer = ataBE2H_U16(pbPacket + 7);
2597 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2598 goto sendcmd;
2599 case SCSI_PAUSE_RESUME:
2600 goto sendcmd;
2601 case SCSI_PLAY_AUDIO_10:
2602 goto sendcmd;
2603 case SCSI_PLAY_AUDIO_12:
2604 goto sendcmd;
2605 case SCSI_PLAY_AUDIO_MSF:
2606 goto sendcmd;
2607 case SCSI_PREVENT_ALLOW_MEDIUM_REMOVAL:
2608 /** @todo do not forget to unlock when a VM is shut down */
2609 goto sendcmd;
2610 case SCSI_READ_10:
2611 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2612 cSectors = ataBE2H_U16(pbPacket + 7);
2613 Log2(("ATAPI PT: lba %d sectors %d\n", iATAPILBA, cSectors));
2614 s->cbATAPISector = 2048; /**< @todo this size is not always correct */
2615 cbTransfer = cSectors * s->cbATAPISector;
2616 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2617 goto sendcmd;
2618 case SCSI_READ_12:
2619 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2620 cSectors = ataBE2H_U32(pbPacket + 6);
2621 Log2(("ATAPI PT: lba %d sectors %d\n", iATAPILBA, cSectors));
2622 s->cbATAPISector = 2048; /**< @todo this size is not always correct */
2623 cbTransfer = cSectors * s->cbATAPISector;
2624 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2625 goto sendcmd;
2626 case SCSI_READ_BUFFER:
2627 cbTransfer = ataBE2H_U24(pbPacket + 6);
2628 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2629 goto sendcmd;
2630 case SCSI_READ_BUFFER_CAPACITY:
2631 cbTransfer = ataBE2H_U16(pbPacket + 7);
2632 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2633 goto sendcmd;
2634 case SCSI_READ_CAPACITY:
2635 cbTransfer = 8;
2636 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2637 goto sendcmd;
2638 case SCSI_READ_CD:
2639 s->cbATAPISector = 2048; /**< @todo this size is not always correct */
2640 cbTransfer = ataBE2H_U24(pbPacket + 6) / s->cbATAPISector * s->cbATAPISector;
2641 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2642 goto sendcmd;
2643 case SCSI_READ_CD_MSF:
2644 cSectors = ataMSF2LBA(pbPacket + 6) - ataMSF2LBA(pbPacket + 3);
2645 if (cSectors > 32)
2646 cSectors = 32; /* Limit transfer size to 64~74K. Safety first. In any case this can only harm software doing CDDA extraction. */
2647 s->cbATAPISector = 2048; /**< @todo this size is not always correct */
2648 cbTransfer = cSectors * s->cbATAPISector;
2649 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2650 goto sendcmd;
2651 case SCSI_READ_DISC_INFORMATION:
2652 cbTransfer = ataBE2H_U16(pbPacket + 7);
2653 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2654 goto sendcmd;
2655 case SCSI_READ_DVD_STRUCTURE:
2656 cbTransfer = ataBE2H_U16(pbPacket + 8);
2657 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2658 goto sendcmd;
2659 case SCSI_READ_FORMAT_CAPACITIES:
2660 cbTransfer = ataBE2H_U16(pbPacket + 7);
2661 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2662 goto sendcmd;
2663 case SCSI_READ_SUBCHANNEL:
2664 cbTransfer = ataBE2H_U16(pbPacket + 7);
2665 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2666 goto sendcmd;
2667 case SCSI_READ_TOC_PMA_ATIP:
2668 cbTransfer = ataBE2H_U16(pbPacket + 7);
2669 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2670 goto sendcmd;
2671 case SCSI_READ_TRACK_INFORMATION:
2672 cbTransfer = ataBE2H_U16(pbPacket + 7);
2673 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2674 goto sendcmd;
2675 case SCSI_REPAIR_TRACK:
2676 goto sendcmd;
2677 case SCSI_REPORT_KEY:
2678 cbTransfer = ataBE2H_U16(pbPacket + 8);
2679 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2680 goto sendcmd;
2681 case SCSI_REQUEST_SENSE:
2682 cbTransfer = pbPacket[4];
2683 if ((s->abATAPISense[2] & 0x0f) != SCSI_SENSE_NONE)
2684 {
2685 ataStartTransfer(s, RT_MIN(cbTransfer, 18), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_REQUEST_SENSE, true);
2686 break;
2687 }
2688 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2689 goto sendcmd;
2690 case SCSI_RESERVE_TRACK:
2691 goto sendcmd;
2692 case SCSI_SCAN:
2693 goto sendcmd;
2694 case SCSI_SEEK_10:
2695 goto sendcmd;
2696 case SCSI_SEND_CUE_SHEET:
2697 cbTransfer = ataBE2H_U24(pbPacket + 6);
2698 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2699 goto sendcmd;
2700 case SCSI_SEND_DVD_STRUCTURE:
2701 cbTransfer = ataBE2H_U16(pbPacket + 8);
2702 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2703 goto sendcmd;
2704 case SCSI_SEND_EVENT:
2705 cbTransfer = ataBE2H_U16(pbPacket + 8);
2706 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2707 goto sendcmd;
2708 case SCSI_SEND_KEY:
2709 cbTransfer = ataBE2H_U16(pbPacket + 8);
2710 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2711 goto sendcmd;
2712 case SCSI_SEND_OPC_INFORMATION:
2713 cbTransfer = ataBE2H_U16(pbPacket + 7);
2714 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2715 goto sendcmd;
2716 case SCSI_SET_CD_SPEED:
2717 goto sendcmd;
2718 case SCSI_SET_READ_AHEAD:
2719 goto sendcmd;
2720 case SCSI_SET_STREAMING:
2721 cbTransfer = ataBE2H_U16(pbPacket + 9);
2722 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2723 goto sendcmd;
2724 case SCSI_START_STOP_UNIT:
2725 goto sendcmd;
2726 case SCSI_STOP_PLAY_SCAN:
2727 goto sendcmd;
2728 case SCSI_SYNCHRONIZE_CACHE:
2729 goto sendcmd;
2730 case SCSI_TEST_UNIT_READY:
2731 goto sendcmd;
2732 case SCSI_VERIFY_10:
2733 goto sendcmd;
2734 case SCSI_WRITE_10:
2735 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2736 cSectors = ataBE2H_U16(pbPacket + 7);
2737 Log2(("ATAPI PT: lba %d sectors %d\n", iATAPILBA, cSectors));
2738#if 0
2739 /* The sector size is determined by the async I/O thread. */
2740 s->cbATAPISector = 0;
2741 /* Preliminary, will be corrected once the sector size is known. */
2742 cbTransfer = cSectors;
2743#else
2744 s->cbATAPISector = 2048; /**< @todo this size is not always correct */
2745 cbTransfer = cSectors * s->cbATAPISector;
2746#endif
2747 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2748 goto sendcmd;
2749 case SCSI_WRITE_12:
2750 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2751 cSectors = ataBE2H_U32(pbPacket + 6);
2752 Log2(("ATAPI PT: lba %d sectors %d\n", iATAPILBA, cSectors));
2753#if 0
2754 /* The sector size is determined by the async I/O thread. */
2755 s->cbATAPISector = 0;
2756 /* Preliminary, will be corrected once the sector size is known. */
2757 cbTransfer = cSectors;
2758#else
2759 s->cbATAPISector = 2048; /**< @todo this size is not always correct */
2760 cbTransfer = cSectors * s->cbATAPISector;
2761#endif
2762 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2763 goto sendcmd;
2764 case SCSI_WRITE_AND_VERIFY_10:
2765 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2766 cSectors = ataBE2H_U16(pbPacket + 7);
2767 Log2(("ATAPI PT: lba %d sectors %d\n", iATAPILBA, cSectors));
2768 /* The sector size is determined by the async I/O thread. */
2769 s->cbATAPISector = 0;
2770 /* Preliminary, will be corrected once the sector size is known. */
2771 cbTransfer = cSectors;
2772 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2773 goto sendcmd;
2774 case SCSI_WRITE_BUFFER:
2775 switch (pbPacket[1] & 0x1f)
2776 {
2777 case 0x04: /* download microcode */
2778 case 0x05: /* download microcode and save */
2779 case 0x06: /* download microcode with offsets */
2780 case 0x07: /* download microcode with offsets and save */
2781 case 0x0e: /* download microcode with offsets and defer activation */
2782 case 0x0f: /* activate deferred microcode */
2783 LogRel(("AHCI ATA: LUN#%d: CD-ROM passthrough command attempted to update firmware, blocked\n", s->iLUN));
2784 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2785 break;
2786 default:
2787 cbTransfer = ataBE2H_U16(pbPacket + 6);
2788 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2789 goto sendcmd;
2790 }
2791 break;
2792 case SCSI_REPORT_LUNS: /* Not part of MMC-3, but used by Windows. */
2793 cbTransfer = ataBE2H_U32(pbPacket + 6);
2794 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2795 goto sendcmd;
2796 case SCSI_REZERO_UNIT:
2797 /* Obsolete command used by cdrecord. What else would one expect?
2798 * This command is not sent to the drive, it is handled internally,
2799 * as the Linux kernel doesn't like it (message "scsi: unknown
2800 * opcode 0x01" in syslog) and replies with a sense code of 0,
2801 * which sends cdrecord to an endless loop. */
2802 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_ILLEGAL_OPCODE);
2803 break;
2804 default:
2805 LogRel(("AHCI ATA: LUN#%d: passthrough unimplemented for command %#x\n", s->iLUN, pbPacket[0]));
2806 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_ILLEGAL_OPCODE);
2807 break;
2808 sendcmd:
2809 /* Send a command to the drive, passing data in/out as required. */
2810 Log2(("ATAPI PT: max size %d\n", cbTransfer));
2811 Assert(cbTransfer <= s->cbIOBuffer);
2812 if (cbTransfer == 0)
2813 uTxDir = PDMBLOCKTXDIR_NONE;
2814 ataStartTransfer(s, cbTransfer, uTxDir, ATAFN_BT_ATAPI_PASSTHROUGH_CMD, ATAFN_SS_ATAPI_PASSTHROUGH, true);
2815 }
2816}
2817
2818
2819static void atapiParseCmd(AHCIATADevState *s)
2820{
2821 const uint8_t *pbPacket;
2822
2823 pbPacket = s->aATAPICmd;
2824#ifdef DEBUG
2825 Log(("%s: LUN#%d DMA=%d CMD=%#04x \"%s\"\n", __FUNCTION__, s->iLUN, s->fDMA, pbPacket[0], SCSICmdText(pbPacket[0])));
2826#else /* !DEBUG */
2827 Log(("%s: LUN#%d DMA=%d CMD=%#04x\n", __FUNCTION__, s->iLUN, s->fDMA, pbPacket[0]));
2828#endif /* !DEBUG */
2829 Log2(("%s: limit=%#x packet: %.*Rhxs\n", __FUNCTION__, s->uATARegLCyl | (s->uATARegHCyl << 8), ATAPI_PACKET_SIZE, pbPacket));
2830
2831 if (s->fATAPIPassthrough)
2832 atapiParseCmdPassthrough(s);
2833 else
2834 atapiParseCmdVirtualATAPI(s);
2835}
2836
2837
2838static bool ataPacketSS(AHCIATADevState *s)
2839{
2840 s->fDMA = !!(s->uATARegFeature & 1);
2841 memcpy(s->aATAPICmd, s->CTXALLSUFF(pbIOBuffer), ATAPI_PACKET_SIZE);
2842 s->uTxDir = PDMBLOCKTXDIR_NONE;
2843 s->cbTotalTransfer = 0;
2844 s->cbElementaryTransfer = 0;
2845 atapiParseCmd(s);
2846 return false;
2847}
2848
2849#if 0
2850
2851/**
2852 * SCSI_GET_EVENT_STATUS_NOTIFICATION should return "medium removed" event
2853 * from now on, regardless if there was a medium inserted or not.
2854 */
2855static void ataMediumRemoved(AHCIATADevState *s)
2856{
2857 ASMAtomicWriteU32(&s->MediaEventStatus, ATA_EVENT_STATUS_MEDIA_REMOVED);
2858}
2859
2860
2861/**
2862 * SCSI_GET_EVENT_STATUS_NOTIFICATION should return "medium inserted". If
2863 * there was already a medium inserted, don't forget to send the "medium
2864 * removed" event first.
2865 */
2866static void ataMediumInserted(AHCIATADevState *s)
2867{
2868 uint32_t OldStatus, NewStatus;
2869 do
2870 {
2871 OldStatus = ASMAtomicReadU32(&s->MediaEventStatus);
2872 switch (OldStatus)
2873 {
2874 case ATA_EVENT_STATUS_MEDIA_CHANGED:
2875 case ATA_EVENT_STATUS_MEDIA_REMOVED:
2876 /* no change, we will send "medium removed" + "medium inserted" */
2877 NewStatus = ATA_EVENT_STATUS_MEDIA_CHANGED;
2878 break;
2879 default:
2880 NewStatus = ATA_EVENT_STATUS_MEDIA_NEW;
2881 break;
2882 }
2883 } while (!ASMAtomicCmpXchgU32(&s->MediaEventStatus, NewStatus, OldStatus));
2884}
2885
2886
2887/**
2888 * Called when a media is mounted.
2889 *
2890 * @param pInterface Pointer to the interface structure containing the called function pointer.
2891 */
2892static DECLCALLBACK(void) ataMountNotify(PPDMIMOUNTNOTIFY pInterface)
2893{
2894 AHCIATADevState *pIf = PDMIMOUNTNOTIFY_2_ATASTATE(pInterface);
2895 Log(("%s: changing LUN#%d\n", __FUNCTION__, pIf->iLUN));
2896
2897 /* Ignore the call if we're called while being attached. */
2898 if (!pIf->pDrvBlock)
2899 return;
2900
2901 LogRel(("AHCI ATA: LUN#%d: CD/DVD, total number of sectors %Ld, passthrough unchanged\n", pIf->iLUN, pIf->cTotalSectors));
2902
2903 if (pIf->fATAPI)
2904 pIf->cTotalSectors = pIf->pDrvBlock->pfnGetSize(pIf->pDrvBlock) / 2048;
2905 else
2906 pIf->cTotalSectors = pIf->pDrvBlock->pfnGetSize(pIf->pDrvBlock) / 512;
2907
2908 /* Report media changed in TEST UNIT and other (probably incorrect) places. */
2909 if (pIf->cNotifiedMediaChange < 2)
2910 pIf->cNotifiedMediaChange = 2;
2911 ataMediumInserted(pIf);
2912}
2913
2914/**
2915 * Called when a media is unmounted
2916 * @param pInterface Pointer to the interface structure containing the called function pointer.
2917 */
2918static DECLCALLBACK(void) ataUnmountNotify(PPDMIMOUNTNOTIFY pInterface)
2919{
2920 AHCIATADevState *pIf = PDMIMOUNTNOTIFY_2_ATASTATE(pInterface);
2921 Log(("%s:\n", __FUNCTION__));
2922 pIf->cTotalSectors = 0;
2923
2924 /*
2925 * Whatever I do, XP will not use the GET MEDIA STATUS nor the EVENT stuff.
2926 * However, it will respond to TEST UNIT with a 0x6 0x28 (media changed) sense code.
2927 * So, we'll give it 4 TEST UNIT command to catch up, two which the media is not
2928 * present and 2 in which it is changed.
2929 */
2930 pIf->cNotifiedMediaChange = 4;
2931 ataMediumRemoved(pIf);
2932}
2933#endif
2934
2935static void ataPacketBT(AHCIATADevState *s)
2936{
2937 s->cbElementaryTransfer = s->cbTotalTransfer;
2938 s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_CD;
2939 Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
2940 ataSetStatusValue(s, ATA_STAT_READY);
2941}
2942
2943
2944static void ataResetDevice(AHCIATADevState *s)
2945{
2946 s->cMultSectors = ATA_MAX_MULT_SECTORS;
2947 s->cNotifiedMediaChange = 0;
2948 ASMAtomicWriteU32(&s->MediaEventStatus, ATA_EVENT_STATUS_UNCHANGED);
2949 ataUnsetIRQ(s);
2950
2951 s->uATARegSelect = 0x20;
2952 ataSetStatusValue(s, ATA_STAT_READY);
2953 ataSetSignature(s);
2954 s->cbTotalTransfer = 0;
2955 s->cbElementaryTransfer = 0;
2956 s->iIOBufferPIODataStart = 0;
2957 s->iIOBufferPIODataEnd = 0;
2958 s->iBeginTransfer = ATAFN_BT_NULL;
2959 s->iSourceSink = ATAFN_SS_NULL;
2960 s->fATAPITransfer = false;
2961 s->uATATransferMode = ATA_MODE_UDMA | 2; /* AHCI supports only up to UDMA2 */
2962
2963 s->uATARegFeature = 0;
2964}
2965
2966
2967static bool ataExecuteDeviceDiagnosticSS(AHCIATADevState *s)
2968{
2969 ataSetSignature(s);
2970 if (s->fATAPI)
2971 ataSetStatusValue(s, 0); /* NOTE: READY is _not_ set */
2972 else
2973 ataSetStatusValue(s, ATA_STAT_READY);
2974 s->uATARegError = 0x01;
2975 return false;
2976}
2977
2978
2979static void ataParseCmd(AHCIATADevState *s, uint8_t cmd)
2980{
2981#ifdef DEBUG
2982 Log(("%s: LUN#%d CMD=%#04x \"%s\"\n", __FUNCTION__, s->iLUN, cmd, ATACmdText(cmd)));
2983#else /* !DEBUG */
2984 Log(("%s: LUN#%d CMD=%#04x\n", __FUNCTION__, s->iLUN, cmd));
2985#endif /* !DEBUG */
2986 s->fLBA48 = false;
2987 s->fDMA = false;
2988 if (cmd == ATA_IDLE_IMMEDIATE)
2989 {
2990 /* Detect Linux timeout recovery, first tries IDLE IMMEDIATE (which
2991 * would overwrite the failing command unfortunately), then RESET. */
2992 int32_t uCmdWait = -1;
2993 uint64_t uNow = RTTimeNanoTS();
2994 if (s->u64CmdTS)
2995 uCmdWait = (uNow - s->u64CmdTS) / 1000;
2996 LogRel(("AHCI ATA: LUN#%d: IDLE IMMEDIATE, CmdIf=%#04x (%d usec ago)\n",
2997 s->iLUN, s->uATARegCommand, uCmdWait));
2998 }
2999 s->uATARegCommand = cmd;
3000 switch (cmd)
3001 {
3002 case ATA_IDENTIFY_DEVICE:
3003 if (s->pDrvBlock && !s->fATAPI)
3004 ataStartTransfer(s, 512, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_NULL, ATAFN_SS_IDENTIFY, false);
3005 else
3006 {
3007 if (s->fATAPI)
3008 ataSetSignature(s);
3009 ataCmdError(s, ABRT_ERR);
3010 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3011 }
3012 break;
3013 case ATA_INITIALIZE_DEVICE_PARAMETERS:
3014 case ATA_RECALIBRATE:
3015 ataCmdOK(s, ATA_STAT_SEEK);
3016 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3017 break;
3018 case ATA_SET_MULTIPLE_MODE:
3019 if ( s->uATARegNSector != 0
3020 && ( s->uATARegNSector > ATA_MAX_MULT_SECTORS
3021 || (s->uATARegNSector & (s->uATARegNSector - 1)) != 0))
3022 {
3023 ataCmdError(s, ABRT_ERR);
3024 }
3025 else
3026 {
3027 Log2(("%s: set multi sector count to %d\n", __FUNCTION__, s->uATARegNSector));
3028 s->cMultSectors = s->uATARegNSector;
3029 ataCmdOK(s, 0);
3030 }
3031 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3032 break;
3033 case ATA_READ_VERIFY_SECTORS_EXT:
3034 s->fLBA48 = true;
3035 case ATA_READ_VERIFY_SECTORS:
3036 case ATA_READ_VERIFY_SECTORS_WITHOUT_RETRIES:
3037 /* do sector number check ? */
3038 ataCmdOK(s, 0);
3039 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3040 break;
3041 case ATA_READ_SECTORS_EXT:
3042 s->fLBA48 = true;
3043 case ATA_READ_SECTORS:
3044 case ATA_READ_SECTORS_WITHOUT_RETRIES:
3045 if (!s->pDrvBlock || s->fATAPI)
3046 goto abort_cmd;
3047 s->cSectorsPerIRQ = 1;
3048 ataStartTransfer(s, ataGetNSectors(s) * 512, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_READ_SECTORS, false);
3049 break;
3050 case ATA_WRITE_SECTORS_EXT:
3051 s->fLBA48 = true;
3052 case ATA_WRITE_SECTORS:
3053 case ATA_WRITE_SECTORS_WITHOUT_RETRIES:
3054 if (!s->pDrvBlock || s->fATAPI)
3055 goto abort_cmd;
3056 s->cSectorsPerIRQ = 1;
3057 ataStartTransfer(s, ataGetNSectors(s) * 512, PDMBLOCKTXDIR_TO_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_WRITE_SECTORS, false);
3058 break;
3059 case ATA_READ_MULTIPLE_EXT:
3060 s->fLBA48 = true;
3061 case ATA_READ_MULTIPLE:
3062 if (!s->pDrvBlock || !s->cMultSectors || s->fATAPI)
3063 goto abort_cmd;
3064 s->cSectorsPerIRQ = s->cMultSectors;
3065 ataStartTransfer(s, ataGetNSectors(s) * 512, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_READ_SECTORS, false);
3066 break;
3067 case ATA_WRITE_MULTIPLE_EXT:
3068 s->fLBA48 = true;
3069 case ATA_WRITE_MULTIPLE:
3070 if (!s->pDrvBlock || !s->cMultSectors || s->fATAPI)
3071 goto abort_cmd;
3072 s->cSectorsPerIRQ = s->cMultSectors;
3073 ataStartTransfer(s, ataGetNSectors(s) * 512, PDMBLOCKTXDIR_TO_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_WRITE_SECTORS, false);
3074 break;
3075 case ATA_READ_DMA_EXT:
3076 s->fLBA48 = true;
3077 case ATA_READ_DMA:
3078 case ATA_READ_DMA_WITHOUT_RETRIES:
3079 if (!s->pDrvBlock || s->fATAPI)
3080 goto abort_cmd;
3081 s->cSectorsPerIRQ = ATA_MAX_MULT_SECTORS;
3082 s->fDMA = true;
3083 ataStartTransfer(s, ataGetNSectors(s) * 512, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_READ_SECTORS, false);
3084 break;
3085 case ATA_WRITE_DMA_EXT:
3086 s->fLBA48 = true;
3087 case ATA_WRITE_DMA:
3088 case ATA_WRITE_DMA_WITHOUT_RETRIES:
3089 if (!s->pDrvBlock || s->fATAPI)
3090 goto abort_cmd;
3091 s->cSectorsPerIRQ = ATA_MAX_MULT_SECTORS;
3092 s->fDMA = true;
3093 ataStartTransfer(s, ataGetNSectors(s) * 512, PDMBLOCKTXDIR_TO_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_WRITE_SECTORS, false);
3094 break;
3095 case ATA_READ_NATIVE_MAX_ADDRESS_EXT:
3096 s->fLBA48 = true;
3097 ataSetSector(s, s->cTotalSectors - 1);
3098 ataCmdOK(s, 0);
3099 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3100 break;
3101 case ATA_READ_NATIVE_MAX_ADDRESS:
3102 ataSetSector(s, RT_MIN(s->cTotalSectors, 1 << 28) - 1);
3103 ataCmdOK(s, 0);
3104 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3105 break;
3106 case ATA_CHECK_POWER_MODE:
3107 s->uATARegNSector = 0xff; /* drive active or idle */
3108 ataCmdOK(s, 0);
3109 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3110 break;
3111 case ATA_SET_FEATURES:
3112 Log2(("%s: feature=%#x\n", __FUNCTION__, s->uATARegFeature));
3113 if (!s->pDrvBlock)
3114 goto abort_cmd;
3115 switch (s->uATARegFeature)
3116 {
3117 case 0x02: /* write cache enable */
3118 Log2(("%s: write cache enable\n", __FUNCTION__));
3119 ataCmdOK(s, ATA_STAT_SEEK);
3120 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3121 break;
3122 case 0xaa: /* read look-ahead enable */
3123 Log2(("%s: read look-ahead enable\n", __FUNCTION__));
3124 ataCmdOK(s, ATA_STAT_SEEK);
3125 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3126 break;
3127 case 0x55: /* read look-ahead disable */
3128 Log2(("%s: read look-ahead disable\n", __FUNCTION__));
3129 ataCmdOK(s, ATA_STAT_SEEK);
3130 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3131 break;
3132 case 0xcc: /* reverting to power-on defaults enable */
3133 Log2(("%s: revert to power-on defaults enable\n", __FUNCTION__));
3134 ataCmdOK(s, ATA_STAT_SEEK);
3135 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3136 break;
3137 case 0x66: /* reverting to power-on defaults disable */
3138 Log2(("%s: revert to power-on defaults disable\n", __FUNCTION__));
3139 ataCmdOK(s, ATA_STAT_SEEK);
3140 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3141 break;
3142 case 0x82: /* write cache disable */
3143 Log2(("%s: write cache disable\n", __FUNCTION__));
3144 /* As per the ATA/ATAPI-6 specs, a write cache disable
3145 * command MUST flush the write buffers to disc. */
3146 ataStartTransfer(s, 0, PDMBLOCKTXDIR_NONE, ATAFN_BT_NULL, ATAFN_SS_FLUSH, false);
3147 break;
3148 case 0x03: { /* set transfer mode */
3149 Log2(("%s: transfer mode %#04x\n", __FUNCTION__, s->uATARegNSector));
3150 switch (s->uATARegNSector & 0xf8)
3151 {
3152 case 0x00: /* PIO default */
3153 case 0x08: /* PIO mode */
3154 break;
3155 case ATA_MODE_MDMA: /* MDMA mode */
3156 s->uATATransferMode = (s->uATARegNSector & 0xf8) | RT_MIN(s->uATARegNSector & 0x07, ATA_MDMA_MODE_MAX);
3157 break;
3158 case ATA_MODE_UDMA: /* UDMA mode */
3159 s->uATATransferMode = (s->uATARegNSector & 0xf8) | RT_MIN(s->uATARegNSector & 0x07, ATA_UDMA_MODE_MAX);
3160 break;
3161 default:
3162 goto abort_cmd;
3163 }
3164 ataCmdOK(s, ATA_STAT_SEEK);
3165 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3166 break;
3167 }
3168 default:
3169 goto abort_cmd;
3170 }
3171 /*
3172 * OS/2 workarond:
3173 * The OS/2 IDE driver from MCP2 appears to rely on the feature register being
3174 * reset here. According to the specification, this is a driver bug as the register
3175 * contents are undefined after the call. This means we can just as well reset it.
3176 */
3177 s->uATARegFeature = 0;
3178 break;
3179 case ATA_FLUSH_CACHE_EXT:
3180 case ATA_FLUSH_CACHE:
3181 if (!s->pDrvBlock || s->fATAPI)
3182 goto abort_cmd;
3183 ataStartTransfer(s, 0, PDMBLOCKTXDIR_NONE, ATAFN_BT_NULL, ATAFN_SS_FLUSH, false);
3184 break;
3185 case ATA_STANDBY_IMMEDIATE:
3186 ataCmdOK(s, 0);
3187 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3188 break;
3189 case ATA_IDLE_IMMEDIATE:
3190 LogRel(("AHCI ATA: LUN#%d: aborting current command\n", s->iLUN));
3191 ataAbortCurrentCommand(s, false);
3192 break;
3193 /* ATAPI commands */
3194 case ATA_IDENTIFY_PACKET_DEVICE:
3195 if (s->fATAPI)
3196 ataStartTransfer(s, 512, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_NULL, ATAFN_SS_ATAPI_IDENTIFY, false);
3197 else
3198 {
3199 ataCmdError(s, ABRT_ERR);
3200 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3201 }
3202 break;
3203 case ATA_EXECUTE_DEVICE_DIAGNOSTIC:
3204 ataStartTransfer(s, 0, PDMBLOCKTXDIR_NONE, ATAFN_BT_NULL, ATAFN_SS_EXECUTE_DEVICE_DIAGNOSTIC, false);
3205 break;
3206 case ATA_DEVICE_RESET:
3207 if (!s->fATAPI)
3208 goto abort_cmd;
3209 LogRel(("AHCI ATA: LUN#%d: performing device RESET\n", s->iLUN));
3210 ataAbortCurrentCommand(s, true);
3211 break;
3212 case ATA_PACKET:
3213 if (!s->fATAPI)
3214 goto abort_cmd;
3215 /* overlapping commands not supported */
3216 if (s->uATARegFeature & 0x02)
3217 goto abort_cmd;
3218 ataStartTransfer(s, ATAPI_PACKET_SIZE, PDMBLOCKTXDIR_TO_DEVICE, ATAFN_BT_PACKET, ATAFN_SS_PACKET, false);
3219 break;
3220 default:
3221 abort_cmd:
3222 ataCmdError(s, ABRT_ERR);
3223 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3224 break;
3225 }
3226}
3227
3228
3229/**
3230 * Waits for a particular async I/O thread to complete whatever it
3231 * is doing at the moment.
3232 *
3233 * @returns true on success.
3234 * @returns false when the thread is still processing.
3235 * @param pThis Pointer to the controller data.
3236 * @param cMillies How long to wait (total).
3237 */
3238static bool ataWaitForAsyncIOIsIdle(PAHCIATACONTROLLER pCtl, RTMSINTERVAL cMillies)
3239{
3240 uint64_t u64Start;
3241 bool fRc;
3242
3243 /* Hope for the simple way out... */
3244 if (ataAsyncIOIsIdle(pCtl, false /*fStrict*/))
3245 return true;
3246
3247 /*
3248 * Have to wait. Do the setup while owning the mutex to avoid races.
3249 */
3250 RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT);
3251
3252 RTThreadUserReset(pCtl->AsyncIOThread);
3253 ASMAtomicWriteBool(&pCtl->fSignalIdle, true);
3254
3255 RTSemMutexRelease(pCtl->AsyncIORequestMutex);
3256
3257 u64Start = RTTimeMilliTS();
3258 for (;;)
3259 {
3260 fRc = ataAsyncIOIsIdle(pCtl, false /*fStrict*/);
3261 if (fRc)
3262 break;
3263
3264 if (RTTimeMilliTS() - u64Start >= cMillies)
3265 break;
3266
3267 int rc = RTThreadUserWait(pCtl->AsyncIOThread, 100 /*ms*/);
3268 AssertMsg( ( RT_SUCCESS(rc)
3269 && ataAsyncIOIsIdle(pCtl, false /*fStrict*/))
3270 || rc == VERR_TIMEOUT,
3271 ("rc=%Rrc irq=%u\n", rc, pCtl->irq));
3272 }
3273
3274 ASMAtomicWriteBool(&pCtl->fSignalIdle, false);
3275 return fRc;
3276}
3277
3278#endif /* IN_RING3 */
3279
3280static int ataIOPortWriteU8(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t val)
3281{
3282 Log2(("%s: write addr=%#x val=%#04x\n", __FUNCTION__, addr, val));
3283 addr &= 7;
3284 switch (addr)
3285 {
3286 case 0:
3287 break;
3288 case 1: /* feature register */
3289 /* NOTE: data is written to the two drives */
3290 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3291 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3292 pCtl->aIfs[0].uATARegFeatureHOB = pCtl->aIfs[0].uATARegFeature;
3293 pCtl->aIfs[1].uATARegFeatureHOB = pCtl->aIfs[1].uATARegFeature;
3294 pCtl->aIfs[0].uATARegFeature = val;
3295 pCtl->aIfs[1].uATARegFeature = val;
3296 break;
3297 case 2: /* sector count */
3298 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3299 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3300 pCtl->aIfs[0].uATARegNSectorHOB = pCtl->aIfs[0].uATARegNSector;
3301 pCtl->aIfs[1].uATARegNSectorHOB = pCtl->aIfs[1].uATARegNSector;
3302 pCtl->aIfs[0].uATARegNSector = val;
3303 pCtl->aIfs[1].uATARegNSector = val;
3304 break;
3305 case 3: /* sector number */
3306 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3307 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3308 pCtl->aIfs[0].uATARegSectorHOB = pCtl->aIfs[0].uATARegSector;
3309 pCtl->aIfs[1].uATARegSectorHOB = pCtl->aIfs[1].uATARegSector;
3310 pCtl->aIfs[0].uATARegSector = val;
3311 pCtl->aIfs[1].uATARegSector = val;
3312 break;
3313 case 4: /* cylinder low */
3314 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3315 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3316 pCtl->aIfs[0].uATARegLCylHOB = pCtl->aIfs[0].uATARegLCyl;
3317 pCtl->aIfs[1].uATARegLCylHOB = pCtl->aIfs[1].uATARegLCyl;
3318 pCtl->aIfs[0].uATARegLCyl = val;
3319 pCtl->aIfs[1].uATARegLCyl = val;
3320 break;
3321 case 5: /* cylinder high */
3322 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3323 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3324 pCtl->aIfs[0].uATARegHCylHOB = pCtl->aIfs[0].uATARegHCyl;
3325 pCtl->aIfs[1].uATARegHCylHOB = pCtl->aIfs[1].uATARegHCyl;
3326 pCtl->aIfs[0].uATARegHCyl = val;
3327 pCtl->aIfs[1].uATARegHCyl = val;
3328 break;
3329 case 6: /* drive/head */
3330 pCtl->aIfs[0].uATARegSelect = (val & ~0x10) | 0xa0;
3331 pCtl->aIfs[1].uATARegSelect = (val | 0x10) | 0xa0;
3332 if (((val >> 4) & 1) != pCtl->iSelectedIf)
3333 {
3334 PPDMDEVINS pDevIns = CONTROLLER_2_DEVINS(pCtl);
3335
3336 /* select another drive */
3337 pCtl->iSelectedIf = (val >> 4) & 1;
3338 /* The IRQ line is multiplexed between the two drives, so
3339 * update the state when switching to another drive. Only need
3340 * to update interrupt line if it is enabled and there is a
3341 * state change. */
3342 if ( !(pCtl->aIfs[pCtl->iSelectedIf].uATARegDevCtl & ATA_DEVCTL_DISABLE_IRQ)
3343 && ( pCtl->aIfs[pCtl->iSelectedIf].fIrqPending
3344 != pCtl->aIfs[pCtl->iSelectedIf ^ 1].fIrqPending))
3345 {
3346 if (pCtl->aIfs[pCtl->iSelectedIf].fIrqPending)
3347 {
3348 Log2(("%s: LUN#%d asserting IRQ (drive select change)\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf].iLUN));
3349 /* The BMDMA unit unconditionally sets BM_STATUS_INT if
3350 * the interrupt line is asserted. It monitors the line
3351 * for a rising edge. */
3352 pCtl->BmDma.u8Status |= BM_STATUS_INT;
3353 if (pCtl->irq == 16)
3354 PDMDevHlpPCISetIrq(pDevIns, 0, 1);
3355 else
3356 PDMDevHlpISASetIrq(pDevIns, pCtl->irq, 1);
3357 }
3358 else
3359 {
3360 Log2(("%s: LUN#%d deasserting IRQ (drive select change)\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf].iLUN));
3361 if (pCtl->irq == 16)
3362 PDMDevHlpPCISetIrq(pDevIns, 0, 0);
3363 else
3364 PDMDevHlpISASetIrq(pDevIns, pCtl->irq, 0);
3365 }
3366 }
3367 }
3368 break;
3369 default:
3370 case 7: /* command */
3371 /* ignore commands to non existant slave */
3372 if (pCtl->iSelectedIf && !pCtl->aIfs[pCtl->iSelectedIf].pDrvBlock)
3373 break;
3374#ifndef IN_RING3
3375 /* Don't do anything complicated in GC */
3376 return VINF_IOM_HC_IOPORT_WRITE;
3377#else /* IN_RING3 */
3378 ataParseCmd(&pCtl->aIfs[pCtl->iSelectedIf], val);
3379#endif /* !IN_RING3 */
3380 }
3381 return VINF_SUCCESS;
3382}
3383
3384
3385static int ataIOPortReadU8(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t *pu32)
3386{
3387 AHCIATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
3388 uint32_t val;
3389 bool fHOB;
3390
3391 fHOB = !!(s->uATARegDevCtl & (1 << 7));
3392 switch (addr & 7)
3393 {
3394 case 0: /* data register */
3395 val = 0xff;
3396 break;
3397 case 1: /* error register */
3398 /* The ATA specification is very terse when it comes to specifying
3399 * the precise effects of reading back the error/feature register.
3400 * The error register (read-only) shares the register number with
3401 * the feature register (write-only), so it seems that it's not
3402 * necessary to support the usual HOB readback here. */
3403 if (!s->pDrvBlock)
3404 val = 0;
3405 else
3406 val = s->uATARegError;
3407 break;
3408 case 2: /* sector count */
3409 if (!s->pDrvBlock)
3410 val = 0;
3411 else if (fHOB)
3412 val = s->uATARegNSectorHOB;
3413 else
3414 val = s->uATARegNSector;
3415 break;
3416 case 3: /* sector number */
3417 if (!s->pDrvBlock)
3418 val = 0;
3419 else if (fHOB)
3420 val = s->uATARegSectorHOB;
3421 else
3422 val = s->uATARegSector;
3423 break;
3424 case 4: /* cylinder low */
3425 if (!s->pDrvBlock)
3426 val = 0;
3427 else if (fHOB)
3428 val = s->uATARegLCylHOB;
3429 else
3430 val = s->uATARegLCyl;
3431 break;
3432 case 5: /* cylinder high */
3433 if (!s->pDrvBlock)
3434 val = 0;
3435 else if (fHOB)
3436 val = s->uATARegHCylHOB;
3437 else
3438 val = s->uATARegHCyl;
3439 break;
3440 case 6: /* drive/head */
3441 /* This register must always work as long as there is at least
3442 * one drive attached to the controller. It is common between
3443 * both drives anyway (completely identical content). */
3444 if (!pCtl->aIfs[0].pDrvBlock && !pCtl->aIfs[1].pDrvBlock)
3445 val = 0;
3446 else
3447 val = s->uATARegSelect;
3448 break;
3449 default:
3450 case 7: /* primary status */
3451 {
3452 /* Counter for number of busy status seen in GC in a row. */
3453 static unsigned cBusy = 0;
3454
3455 if (!s->pDrvBlock)
3456 val = 0;
3457 else
3458 val = s->uATARegStatus;
3459
3460 /* Give the async I/O thread an opportunity to make progress,
3461 * don't let it starve by guests polling frequently. EMT has a
3462 * lower priority than the async I/O thread, but sometimes the
3463 * host OS doesn't care. With some guests we are only allowed to
3464 * be busy for about 5 milliseconds in some situations. Note that
3465 * this is no guarantee for any other VBox thread getting
3466 * scheduled, so this just lowers the CPU load a bit when drives
3467 * are busy. It cannot help with timing problems. */
3468 if (val & ATA_STAT_BUSY)
3469 {
3470#ifdef IN_RING3
3471 cBusy = 0;
3472 PDMCritSectLeave(&pCtl->lock);
3473
3474 RTThreadYield();
3475
3476 {
3477 STAM_PROFILE_START(&pCtl->StatLockWait, a);
3478 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
3479 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
3480 }
3481
3482 val = s->uATARegStatus;
3483#else /* !IN_RING3 */
3484 /* Cannot yield CPU in guest context. And switching to host
3485 * context for each and every busy status is too costly,
3486 * especially on SMP systems where we don't gain much by
3487 * yielding the CPU to someone else. */
3488 if (++cBusy >= 20)
3489 {
3490 cBusy = 0;
3491 return VINF_IOM_HC_IOPORT_READ;
3492 }
3493#endif /* !IN_RING3 */
3494 }
3495 else
3496 cBusy = 0;
3497 ataUnsetIRQ(s);
3498 break;
3499 }
3500 }
3501 Log2(("%s: addr=%#x val=%#04x\n", __FUNCTION__, addr, val));
3502 *pu32 = val;
3503 return VINF_SUCCESS;
3504}
3505
3506
3507static uint32_t ataStatusRead(PAHCIATACONTROLLER pCtl, uint32_t addr)
3508{
3509 AHCIATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
3510 uint32_t val;
3511
3512 if ((!pCtl->aIfs[0].pDrvBlock && !pCtl->aIfs[1].pDrvBlock) ||
3513 (pCtl->iSelectedIf == 1 && !s->pDrvBlock))
3514 val = 0;
3515 else
3516 val = s->uATARegStatus;
3517 Log2(("%s: addr=%#x val=%#04x\n", __FUNCTION__, addr, val));
3518 return val;
3519}
3520
3521static int ataControlWrite(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t val)
3522{
3523#ifndef IN_RING3
3524 if ((val ^ pCtl->aIfs[0].uATARegDevCtl) & ATA_DEVCTL_RESET)
3525 return VINF_IOM_HC_IOPORT_WRITE; /* The RESET stuff is too complicated for GC. */
3526#endif /* !IN_RING3 */
3527
3528 Log2(("%s: addr=%#x val=%#04x\n", __FUNCTION__, addr, val));
3529 /* RESET is common for both drives attached to a controller. */
3530 if (!(pCtl->aIfs[0].uATARegDevCtl & ATA_DEVCTL_RESET) &&
3531 (val & ATA_DEVCTL_RESET))
3532 {
3533#ifdef IN_RING3
3534 /* Software RESET low to high */
3535 int32_t uCmdWait0 = -1, uCmdWait1 = -1;
3536 uint64_t uNow = RTTimeNanoTS();
3537 if (pCtl->aIfs[0].u64CmdTS)
3538 uCmdWait0 = (uNow - pCtl->aIfs[0].u64CmdTS) / 1000;
3539 if (pCtl->aIfs[1].u64CmdTS)
3540 uCmdWait1 = (uNow - pCtl->aIfs[1].u64CmdTS) / 1000;
3541 LogRel(("AHCI ATA: Ctl: RESET, DevSel=%d AIOIf=%d CmdIf0=%#04x (%d usec ago) CmdIf1=%#04x (%d usec ago)\n",
3542 pCtl->iSelectedIf, pCtl->iAIOIf,
3543 pCtl->aIfs[0].uATARegCommand, uCmdWait0,
3544 pCtl->aIfs[1].uATARegCommand, uCmdWait1));
3545 pCtl->fReset = true;
3546 /* Everything must be done after the reset flag is set, otherwise
3547 * there are unavoidable races with the currently executing request
3548 * (which might just finish in the mean time). */
3549 pCtl->fChainedTransfer = false;
3550 for (uint32_t i = 0; i < RT_ELEMENTS(pCtl->aIfs); i++)
3551 {
3552 ataResetDevice(&pCtl->aIfs[i]);
3553 /* The following cannot be done using ataSetStatusValue() since the
3554 * reset flag is already set, which suppresses all status changes. */
3555 pCtl->aIfs[i].uATARegStatus = ATA_STAT_BUSY | ATA_STAT_SEEK;
3556 Log2(("%s: LUN#%d status %#04x\n", __FUNCTION__, pCtl->aIfs[i].iLUN, pCtl->aIfs[i].uATARegStatus));
3557 pCtl->aIfs[i].uATARegError = 0x01;
3558 }
3559 ataAsyncIOClearRequests(pCtl);
3560 Log2(("%s: Ctl: message to async I/O thread, resetA\n", __FUNCTION__));
3561 if (val & ATA_DEVCTL_HOB)
3562 {
3563 val &= ~ATA_DEVCTL_HOB;
3564 Log2(("%s: ignored setting HOB\n", __FUNCTION__));
3565 }
3566 ataAsyncIOPutRequest(pCtl, &ataResetARequest);
3567#else /* !IN_RING3 */
3568 AssertMsgFailed(("RESET handling is too complicated for GC\n"));
3569#endif /* IN_RING3 */
3570 }
3571 else if ((pCtl->aIfs[0].uATARegDevCtl & ATA_DEVCTL_RESET) &&
3572 !(val & ATA_DEVCTL_RESET))
3573 {
3574#ifdef IN_RING3
3575 /* Software RESET high to low */
3576 Log(("%s: deasserting RESET\n", __FUNCTION__));
3577 Log2(("%s: Ctl: message to async I/O thread, resetC\n", __FUNCTION__));
3578 if (val & ATA_DEVCTL_HOB)
3579 {
3580 val &= ~ATA_DEVCTL_HOB;
3581 Log2(("%s: ignored setting HOB\n", __FUNCTION__));
3582 }
3583 ataAsyncIOPutRequest(pCtl, &ataResetCRequest);
3584#else /* !IN_RING3 */
3585 AssertMsgFailed(("RESET handling is too complicated for GC\n"));
3586#endif /* IN_RING3 */
3587 }
3588
3589 /* Change of interrupt disable flag. Update interrupt line if interrupt
3590 * is pending on the current interface. */
3591 if ((val ^ pCtl->aIfs[0].uATARegDevCtl) & ATA_DEVCTL_DISABLE_IRQ
3592 && pCtl->aIfs[pCtl->iSelectedIf].fIrqPending)
3593 {
3594 if (!(val & ATA_DEVCTL_DISABLE_IRQ))
3595 {
3596 Log2(("%s: LUN#%d asserting IRQ (interrupt disable change)\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf].iLUN));
3597 /* The BMDMA unit unconditionally sets BM_STATUS_INT if the
3598 * interrupt line is asserted. It monitors the line for a rising
3599 * edge. */
3600 pCtl->BmDma.u8Status |= BM_STATUS_INT;
3601 if (pCtl->irq == 16)
3602 PDMDevHlpPCISetIrq(CONTROLLER_2_DEVINS(pCtl), 0, 1);
3603 else
3604 PDMDevHlpISASetIrq(CONTROLLER_2_DEVINS(pCtl), pCtl->irq, 1);
3605 }
3606 else
3607 {
3608 Log2(("%s: LUN#%d deasserting IRQ (interrupt disable change)\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf].iLUN));
3609 if (pCtl->irq == 16)
3610 PDMDevHlpPCISetIrq(CONTROLLER_2_DEVINS(pCtl), 0, 0);
3611 else
3612 PDMDevHlpISASetIrq(CONTROLLER_2_DEVINS(pCtl), pCtl->irq, 0);
3613 }
3614 }
3615
3616 if (val & ATA_DEVCTL_HOB)
3617 Log2(("%s: set HOB\n", __FUNCTION__));
3618
3619 pCtl->aIfs[0].uATARegDevCtl = val;
3620 pCtl->aIfs[1].uATARegDevCtl = val;
3621
3622 return VINF_SUCCESS;
3623}
3624
3625#ifdef IN_RING3
3626
3627static void ataPIOTransfer(PAHCIATACONTROLLER pCtl)
3628{
3629 AHCIATADevState *s;
3630
3631 s = &pCtl->aIfs[pCtl->iAIOIf];
3632 Log3(("%s: if=%p\n", __FUNCTION__, s));
3633
3634 if (s->cbTotalTransfer && s->iIOBufferCur > s->iIOBufferEnd)
3635 {
3636 LogRel(("AHCI ATA: LUN#%d: %s data in the middle of a PIO transfer - VERY SLOW\n", s->iLUN, s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE ? "loading" : "storing"));
3637 /* Any guest OS that triggers this case has a pathetic ATA driver.
3638 * In a real system it would block the CPU via IORDY, here we do it
3639 * very similarly by not continuing with the current instruction
3640 * until the transfer to/from the storage medium is completed. */
3641 if (s->iSourceSink != ATAFN_SS_NULL)
3642 {
3643 bool fRedo;
3644 uint8_t status = s->uATARegStatus;
3645 ataSetStatusValue(s, ATA_STAT_BUSY);
3646 Log2(("%s: calling source/sink function\n", __FUNCTION__));
3647 fRedo = g_apfnSourceSinkFuncs[s->iSourceSink](s);
3648 pCtl->fRedo = fRedo;
3649 if (RT_UNLIKELY(fRedo))
3650 return;
3651 ataSetStatusValue(s, status);
3652 s->iIOBufferCur = 0;
3653 s->iIOBufferEnd = s->cbElementaryTransfer;
3654 }
3655 }
3656 if (s->cbTotalTransfer)
3657 {
3658 if (s->fATAPITransfer)
3659 ataPIOTransferLimitATAPI(s);
3660
3661 if (s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE && s->cbElementaryTransfer > s->cbTotalTransfer)
3662 s->cbElementaryTransfer = s->cbTotalTransfer;
3663
3664 Log2(("%s: %s tx_size=%d elem_tx_size=%d index=%d end=%d\n",
3665 __FUNCTION__, s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE ? "T2I" : "I2T",
3666 s->cbTotalTransfer, s->cbElementaryTransfer,
3667 s->iIOBufferCur, s->iIOBufferEnd));
3668 ataPIOTransferStart(s, s->iIOBufferCur, s->cbElementaryTransfer);
3669 s->cbTotalTransfer -= s->cbElementaryTransfer;
3670 s->iIOBufferCur += s->cbElementaryTransfer;
3671
3672 if (s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE && s->cbElementaryTransfer > s->cbTotalTransfer)
3673 s->cbElementaryTransfer = s->cbTotalTransfer;
3674 }
3675 else
3676 ataPIOTransferStop(s);
3677}
3678
3679
3680DECLINLINE(void) ataPIOTransferFinish(PAHCIATACONTROLLER pCtl, AHCIATADevState *s)
3681{
3682 /* Do not interfere with RESET processing if the PIO transfer finishes
3683 * while the RESET line is asserted. */
3684 if (pCtl->fReset)
3685 {
3686 Log2(("%s: Ctl: suppressed continuing PIO transfer as RESET is active\n", __FUNCTION__));
3687 return;
3688 }
3689
3690 if ( s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE
3691 || ( s->iSourceSink != ATAFN_SS_NULL
3692 && s->iIOBufferCur >= s->iIOBufferEnd))
3693 {
3694 /* Need to continue the transfer in the async I/O thread. This is
3695 * the case for write operations or generally for not yet finished
3696 * transfers (some data might need to be read). */
3697 ataUnsetStatus(s, ATA_STAT_READY | ATA_STAT_DRQ);
3698 ataSetStatus(s, ATA_STAT_BUSY);
3699
3700 Log2(("%s: Ctl: message to async I/O thread, continuing PIO transfer\n", __FUNCTION__));
3701 ataAsyncIOPutRequest(pCtl, &ataPIORequest);
3702 }
3703 else
3704 {
3705 /* Either everything finished (though some data might still be pending)
3706 * or some data is pending before the next read is due. */
3707
3708 /* Continue a previously started transfer. */
3709 ataUnsetStatus(s, ATA_STAT_DRQ);
3710 ataSetStatus(s, ATA_STAT_READY);
3711
3712 if (s->cbTotalTransfer)
3713 {
3714 /* There is more to transfer, happens usually for large ATAPI
3715 * reads - the protocol limits the chunk size to 65534 bytes. */
3716 ataPIOTransfer(pCtl);
3717 ataSetIRQ(s);
3718 }
3719 else
3720 {
3721 Log2(("%s: Ctl: skipping message to async I/O thread, ending PIO transfer\n", __FUNCTION__));
3722 /* Finish PIO transfer. */
3723 ataPIOTransfer(pCtl);
3724 Assert(!pCtl->fRedo);
3725 }
3726 }
3727}
3728
3729#endif /* IN_RING3 */
3730
3731static int ataDataWrite(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t cbSize, const uint8_t *pbBuf)
3732{
3733 AHCIATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
3734 uint8_t *p;
3735
3736 if (s->iIOBufferPIODataStart < s->iIOBufferPIODataEnd)
3737 {
3738 Assert(s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE);
3739 p = s->CTX_SUFF(pbIOBuffer) + s->iIOBufferPIODataStart;
3740#ifndef IN_RING3
3741 /* All but the last transfer unit is simple enough for GC, but
3742 * sending a request to the async IO thread is too complicated. */
3743 if (s->iIOBufferPIODataStart + cbSize < s->iIOBufferPIODataEnd)
3744 {
3745 memcpy(p, pbBuf, cbSize);
3746 s->iIOBufferPIODataStart += cbSize;
3747 }
3748 else
3749 return VINF_IOM_HC_IOPORT_WRITE;
3750#else /* IN_RING3 */
3751 memcpy(p, pbBuf, cbSize);
3752 s->iIOBufferPIODataStart += cbSize;
3753 if (s->iIOBufferPIODataStart >= s->iIOBufferPIODataEnd)
3754 ataPIOTransferFinish(pCtl, s);
3755#endif /* !IN_RING3 */
3756 }
3757 else
3758 Log2(("%s: DUMMY data\n", __FUNCTION__));
3759 Log3(("%s: addr=%#x val=%.*Rhxs\n", __FUNCTION__, addr, cbSize, pbBuf));
3760 return VINF_SUCCESS;
3761}
3762
3763static int ataDataRead(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t cbSize, uint8_t *pbBuf)
3764{
3765 AHCIATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
3766 uint8_t *p;
3767
3768 if (s->iIOBufferPIODataStart < s->iIOBufferPIODataEnd)
3769 {
3770 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
3771 p = s->CTX_SUFF(pbIOBuffer) + s->iIOBufferPIODataStart;
3772#ifndef IN_RING3
3773 /* All but the last transfer unit is simple enough for GC, but
3774 * sending a request to the async IO thread is too complicated. */
3775 if (s->iIOBufferPIODataStart + cbSize < s->iIOBufferPIODataEnd)
3776 {
3777 memcpy(pbBuf, p, cbSize);
3778 s->iIOBufferPIODataStart += cbSize;
3779 }
3780 else
3781 return VINF_IOM_HC_IOPORT_READ;
3782#else /* IN_RING3 */
3783 memcpy(pbBuf, p, cbSize);
3784 s->iIOBufferPIODataStart += cbSize;
3785 if (s->iIOBufferPIODataStart >= s->iIOBufferPIODataEnd)
3786 ataPIOTransferFinish(pCtl, s);
3787#endif /* !IN_RING3 */
3788 }
3789 else
3790 {
3791 Log2(("%s: DUMMY data\n", __FUNCTION__));
3792 memset(pbBuf, '\xff', cbSize);
3793 }
3794 Log3(("%s: addr=%#x val=%.*Rhxs\n", __FUNCTION__, addr, cbSize, pbBuf));
3795 return VINF_SUCCESS;
3796}
3797
3798#ifdef IN_RING3
3799
3800static void ataDMATransferStop(AHCIATADevState *s)
3801{
3802 s->cbTotalTransfer = 0;
3803 s->cbElementaryTransfer = 0;
3804 s->iBeginTransfer = ATAFN_BT_NULL;
3805 s->iSourceSink = ATAFN_SS_NULL;
3806}
3807
3808
3809/**
3810 * Perform the entire DMA transfer in one go (unless a source/sink operation
3811 * has to be redone or a RESET comes in between). Unlike the PIO counterpart
3812 * this function cannot handle empty transfers.
3813 *
3814 * @param pCtl Controller for which to perform the transfer.
3815 */
3816static void ataDMATransfer(PAHCIATACONTROLLER pCtl)
3817{
3818 PPDMDEVINS pDevIns = CONTROLLER_2_DEVINS(pCtl);
3819 AHCIATADevState *s = &pCtl->aIfs[pCtl->iAIOIf];
3820 bool fRedo;
3821 RTGCPHYS32 pDesc;
3822 uint32_t cbTotalTransfer, cbElementaryTransfer;
3823 uint32_t iIOBufferCur, iIOBufferEnd;
3824 uint32_t dmalen;
3825 PDMBLOCKTXDIR uTxDir;
3826 bool fLastDesc = false;
3827
3828 Assert(sizeof(BMDMADesc) == 8);
3829
3830 fRedo = pCtl->fRedo;
3831 if (RT_LIKELY(!fRedo))
3832 Assert(s->cbTotalTransfer);
3833 uTxDir = (PDMBLOCKTXDIR)s->uTxDir;
3834 cbTotalTransfer = s->cbTotalTransfer;
3835 cbElementaryTransfer = s->cbElementaryTransfer;
3836 iIOBufferCur = s->iIOBufferCur;
3837 iIOBufferEnd = s->iIOBufferEnd;
3838
3839 /* The DMA loop is designed to hold the lock only when absolutely
3840 * necessary. This avoids long freezes should the guest access the
3841 * ATA registers etc. for some reason. */
3842 PDMCritSectLeave(&pCtl->lock);
3843
3844 Log2(("%s: %s tx_size=%d elem_tx_size=%d index=%d end=%d\n",
3845 __FUNCTION__, uTxDir == PDMBLOCKTXDIR_FROM_DEVICE ? "T2I" : "I2T",
3846 cbTotalTransfer, cbElementaryTransfer,
3847 iIOBufferCur, iIOBufferEnd));
3848 for (pDesc = pCtl->pFirstDMADesc; pDesc <= pCtl->pLastDMADesc; pDesc += sizeof(BMDMADesc))
3849 {
3850 BMDMADesc DMADesc;
3851 RTGCPHYS32 pBuffer;
3852 uint32_t cbBuffer;
3853
3854 if (RT_UNLIKELY(fRedo))
3855 {
3856 pBuffer = pCtl->pRedoDMABuffer;
3857 cbBuffer = pCtl->cbRedoDMABuffer;
3858 fLastDesc = pCtl->fRedoDMALastDesc;
3859 }
3860 else
3861 {
3862 PDMDevHlpPhysRead(pDevIns, pDesc, &DMADesc, sizeof(BMDMADesc));
3863 pBuffer = RT_LE2H_U32(DMADesc.pBuffer);
3864 cbBuffer = RT_LE2H_U32(DMADesc.cbBuffer);
3865 fLastDesc = !!(cbBuffer & 0x80000000);
3866 cbBuffer &= 0xfffe;
3867 if (cbBuffer == 0)
3868 cbBuffer = 0x10000;
3869 if (cbBuffer > cbTotalTransfer)
3870 cbBuffer = cbTotalTransfer;
3871 }
3872
3873 while (RT_UNLIKELY(fRedo) || (cbBuffer && cbTotalTransfer))
3874 {
3875 if (RT_LIKELY(!fRedo))
3876 {
3877 dmalen = RT_MIN(cbBuffer, iIOBufferEnd - iIOBufferCur);
3878 Log2(("%s: DMA desc %#010x: addr=%#010x size=%#010x\n", __FUNCTION__,
3879 pDesc, pBuffer, cbBuffer));
3880 if (uTxDir == PDMBLOCKTXDIR_FROM_DEVICE)
3881 PDMDevHlpPhysWrite(pDevIns, pBuffer, s->CTX_SUFF(pbIOBuffer) + iIOBufferCur, dmalen);
3882 else
3883 PDMDevHlpPhysRead(pDevIns, pBuffer, s->CTX_SUFF(pbIOBuffer) + iIOBufferCur, dmalen);
3884 iIOBufferCur += dmalen;
3885 cbTotalTransfer -= dmalen;
3886 cbBuffer -= dmalen;
3887 pBuffer += dmalen;
3888 }
3889 if ( iIOBufferCur == iIOBufferEnd
3890 && (uTxDir == PDMBLOCKTXDIR_TO_DEVICE || cbTotalTransfer))
3891 {
3892 if (uTxDir == PDMBLOCKTXDIR_FROM_DEVICE && cbElementaryTransfer > cbTotalTransfer)
3893 cbElementaryTransfer = cbTotalTransfer;
3894
3895 {
3896 STAM_PROFILE_START(&pCtl->StatLockWait, a);
3897 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
3898 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
3899 }
3900
3901 /* The RESET handler could have cleared the DMA transfer
3902 * state (since we didn't hold the lock until just now
3903 * the guest can continue in parallel). If so, the state
3904 * is already set up so the loop is exited immediately. */
3905 if (s->iSourceSink != ATAFN_SS_NULL)
3906 {
3907 s->iIOBufferCur = iIOBufferCur;
3908 s->iIOBufferEnd = iIOBufferEnd;
3909 s->cbElementaryTransfer = cbElementaryTransfer;
3910 s->cbTotalTransfer = cbTotalTransfer;
3911 Log2(("%s: calling source/sink function\n", __FUNCTION__));
3912 fRedo = g_apfnSourceSinkFuncs[s->iSourceSink](s);
3913 if (RT_UNLIKELY(fRedo))
3914 {
3915 pCtl->pFirstDMADesc = pDesc;
3916 pCtl->pRedoDMABuffer = pBuffer;
3917 pCtl->cbRedoDMABuffer = cbBuffer;
3918 pCtl->fRedoDMALastDesc = fLastDesc;
3919 }
3920 else
3921 {
3922 cbTotalTransfer = s->cbTotalTransfer;
3923 cbElementaryTransfer = s->cbElementaryTransfer;
3924
3925 if (uTxDir == PDMBLOCKTXDIR_TO_DEVICE && cbElementaryTransfer > cbTotalTransfer)
3926 cbElementaryTransfer = cbTotalTransfer;
3927 iIOBufferCur = 0;
3928 iIOBufferEnd = cbElementaryTransfer;
3929 }
3930 pCtl->fRedo = fRedo;
3931 }
3932 else
3933 {
3934 /* This forces the loop to exit immediately. */
3935 pDesc = pCtl->pLastDMADesc + 1;
3936 }
3937
3938 PDMCritSectLeave(&pCtl->lock);
3939 if (RT_UNLIKELY(fRedo))
3940 break;
3941 }
3942 }
3943
3944 if (RT_UNLIKELY(fRedo))
3945 break;
3946
3947 /* end of transfer */
3948 if (!cbTotalTransfer || fLastDesc)
3949 break;
3950
3951 {
3952 STAM_PROFILE_START(&pCtl->StatLockWait, a);
3953 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
3954 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
3955 }
3956
3957 if (!(pCtl->BmDma.u8Cmd & BM_CMD_START) || pCtl->fReset)
3958 {
3959 LogRel(("AHCI ATA: Ctl: ABORT DMA%s\n", pCtl->fReset ? " due to RESET" : ""));
3960 if (!pCtl->fReset)
3961 ataDMATransferStop(s);
3962 /* This forces the loop to exit immediately. */
3963 pDesc = pCtl->pLastDMADesc + 1;
3964 }
3965
3966 PDMCritSectLeave(&pCtl->lock);
3967 }
3968
3969 {
3970 STAM_PROFILE_START(&pCtl->StatLockWait, a);
3971 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
3972 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
3973 }
3974
3975 if (RT_UNLIKELY(fRedo))
3976 return;
3977
3978 if (fLastDesc)
3979 pCtl->BmDma.u8Status &= ~BM_STATUS_DMAING;
3980 s->cbTotalTransfer = cbTotalTransfer;
3981 s->cbElementaryTransfer = cbElementaryTransfer;
3982 s->iIOBufferCur = iIOBufferCur;
3983 s->iIOBufferEnd = iIOBufferEnd;
3984}
3985
3986
3987/**
3988 * Signal ataWaitForAsyncIOIsIdle that we're idle (if we actually are).
3989 *
3990 * @param pCtl The controller.
3991 */
3992static void ataAsyncSignalIdle(PAHCIATACONTROLLER pCtl)
3993{
3994 /*
3995 * Take the mutex here and recheck the idle indicator as there might be
3996 * interesting races, like in the ataReset code.
3997 */
3998 int rc = RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT); AssertRC(rc);
3999
4000 if ( pCtl->fSignalIdle
4001 && ataAsyncIOIsIdle(pCtl, false /*fStrict*/))
4002 {
4003 PDMDevHlpAsyncNotificationCompleted(pCtl->pDevInsR3);
4004 RTThreadUserSignal(pCtl->AsyncIOThread);
4005 }
4006
4007 rc = RTSemMutexRelease(pCtl->AsyncIORequestMutex); AssertRC(rc);
4008}
4009
4010
4011/** Async I/O thread for an interface. Once upon a time this was readable
4012 * code with several loops and a different semaphore for each purpose. But
4013 * then came the "how can one save the state in the middle of a PIO transfer"
4014 * question. The solution was to use an ASM, which is what's there now. */
4015static DECLCALLBACK(int) ataAsyncIOLoop(RTTHREAD ThreadSelf, void *pvUser)
4016{
4017 const AHCIATARequest *pReq;
4018 uint64_t u64TS = 0; /* shut up gcc */
4019 uint64_t uWait;
4020 int rc = VINF_SUCCESS;
4021 PAHCIATACONTROLLER pCtl = (PAHCIATACONTROLLER)pvUser;
4022 AHCIATADevState *s;
4023
4024 pReq = NULL;
4025 pCtl->fChainedTransfer = false;
4026 while (!pCtl->fShutdown)
4027 {
4028 /* Keep this thread from doing anything as long as EMT is suspended. */
4029 while (pCtl->fRedoIdle)
4030 {
4031 if (pCtl->fSignalIdle)
4032 ataAsyncSignalIdle(pCtl);
4033 rc = RTSemEventWait(pCtl->SuspendIOSem, RT_INDEFINITE_WAIT);
4034 if (RT_FAILURE(rc) || pCtl->fShutdown)
4035 break;
4036
4037 pCtl->fRedoIdle = false;
4038 }
4039
4040 /* Wait for work. */
4041 if (pReq == NULL)
4042 {
4043 if (pCtl->fSignalIdle)
4044 ataAsyncSignalIdle(pCtl);
4045 rc = RTSemEventWait(pCtl->AsyncIOSem, RT_INDEFINITE_WAIT);
4046 if (RT_FAILURE(rc) || pCtl->fShutdown)
4047 break;
4048
4049 pReq = ataAsyncIOGetCurrentRequest(pCtl);
4050 }
4051
4052 if (pReq == NULL)
4053 continue;
4054
4055 AHCIATAAIO ReqType = pReq->ReqType;
4056
4057 Log2(("%s: Ctl: state=%d, req=%d\n", __FUNCTION__, pCtl->uAsyncIOState, ReqType));
4058 if (pCtl->uAsyncIOState != ReqType)
4059 {
4060 /* The new state is not the state that was expected by the normal
4061 * state changes. This is either a RESET/ABORT or there's something
4062 * really strange going on. */
4063 if ( (pCtl->uAsyncIOState == AHCIATA_AIO_PIO || pCtl->uAsyncIOState == AHCIATA_AIO_DMA)
4064 && (ReqType == AHCIATA_AIO_PIO || ReqType == AHCIATA_AIO_DMA))
4065 {
4066 /* Incorrect sequence of PIO/DMA states. Dump request queue. */
4067 ataAsyncIODumpRequests(pCtl);
4068 }
4069 AssertReleaseMsg(ReqType == AHCIATA_AIO_RESET_ASSERTED || ReqType == AHCIATA_AIO_RESET_CLEARED || ReqType == AHCIATA_AIO_ABORT || pCtl->uAsyncIOState == ReqType, ("I/O state inconsistent: state=%d request=%d\n", pCtl->uAsyncIOState, ReqType));
4070 }
4071
4072 /* Do our work. */
4073 {
4074 STAM_PROFILE_START(&pCtl->StatLockWait, a);
4075 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
4076 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
4077 }
4078
4079 if (pCtl->uAsyncIOState == AHCIATA_AIO_NEW && !pCtl->fChainedTransfer)
4080 {
4081 u64TS = RTTimeNanoTS();
4082#if defined(DEBUG) || defined(VBOX_WITH_STATISTICS)
4083 STAM_PROFILE_ADV_START(&pCtl->StatAsyncTime, a);
4084#endif /* DEBUG || VBOX_WITH_STATISTICS */
4085 }
4086
4087 switch (ReqType)
4088 {
4089 case AHCIATA_AIO_NEW:
4090
4091 pCtl->iAIOIf = pReq->u.t.iIf;
4092 s = &pCtl->aIfs[pCtl->iAIOIf];
4093 s->cbTotalTransfer = pReq->u.t.cbTotalTransfer;
4094 s->uTxDir = pReq->u.t.uTxDir;
4095 s->iBeginTransfer = pReq->u.t.iBeginTransfer;
4096 s->iSourceSink = pReq->u.t.iSourceSink;
4097 s->iIOBufferEnd = 0;
4098 s->u64CmdTS = u64TS;
4099
4100 if (s->fATAPI)
4101 {
4102 if (pCtl->fChainedTransfer)
4103 {
4104 /* Only count the actual transfers, not the PIO
4105 * transfer of the ATAPI command bytes. */
4106 if (s->fDMA)
4107 STAM_REL_COUNTER_INC(&s->StatATAPIDMA);
4108 else
4109 STAM_REL_COUNTER_INC(&s->StatATAPIPIO);
4110 }
4111 }
4112 else
4113 {
4114 if (s->fDMA)
4115 STAM_REL_COUNTER_INC(&s->StatATADMA);
4116 else
4117 STAM_REL_COUNTER_INC(&s->StatATAPIO);
4118 }
4119
4120 pCtl->fChainedTransfer = false;
4121
4122 if (s->iBeginTransfer != ATAFN_BT_NULL)
4123 {
4124 Log2(("%s: Ctl: calling begin transfer function\n", __FUNCTION__));
4125 g_apfnBeginTransFuncs[s->iBeginTransfer](s);
4126 s->iBeginTransfer = ATAFN_BT_NULL;
4127 if (s->uTxDir != PDMBLOCKTXDIR_FROM_DEVICE)
4128 s->iIOBufferEnd = s->cbElementaryTransfer;
4129 }
4130 else
4131 {
4132 s->cbElementaryTransfer = s->cbTotalTransfer;
4133 s->iIOBufferEnd = s->cbTotalTransfer;
4134 }
4135 s->iIOBufferCur = 0;
4136
4137 if (s->uTxDir != PDMBLOCKTXDIR_TO_DEVICE)
4138 {
4139 if (s->iSourceSink != ATAFN_SS_NULL)
4140 {
4141 bool fRedo;
4142 Log2(("%s: Ctl: calling source/sink function\n", __FUNCTION__));
4143 fRedo = g_apfnSourceSinkFuncs[s->iSourceSink](s);
4144 pCtl->fRedo = fRedo;
4145 if (RT_UNLIKELY(fRedo))
4146 {
4147 /* Operation failed at the initial transfer, restart
4148 * everything from scratch by resending the current
4149 * request. Occurs very rarely, not worth optimizing. */
4150 LogRel(("%s: Ctl: redo entire operation\n", __FUNCTION__));
4151 ataAsyncIOPutRequest(pCtl, pReq);
4152 break;
4153 }
4154 }
4155 else
4156 ataCmdOK(s, 0);
4157 s->iIOBufferEnd = s->cbElementaryTransfer;
4158
4159 }
4160
4161 /* Do not go into the transfer phase if RESET is asserted.
4162 * The CritSect is released while waiting for the host OS
4163 * to finish the I/O, thus RESET is possible here. Most
4164 * important: do not change uAsyncIOState. */
4165 if (pCtl->fReset)
4166 break;
4167
4168 if (s->fDMA)
4169 {
4170 if (s->cbTotalTransfer)
4171 {
4172 ataSetStatus(s, ATA_STAT_DRQ);
4173
4174 pCtl->uAsyncIOState = AHCIATA_AIO_DMA;
4175 /* If BMDMA is already started, do the transfer now. */
4176 if (pCtl->BmDma.u8Cmd & BM_CMD_START)
4177 {
4178 Log2(("%s: Ctl: message to async I/O thread, continuing DMA transfer immediately\n", __FUNCTION__));
4179 ataAsyncIOPutRequest(pCtl, &ataDMARequest);
4180 }
4181 }
4182 else
4183 {
4184 Assert(s->uTxDir == PDMBLOCKTXDIR_NONE); /* Any transfer which has an initial transfer size of 0 must be marked as such. */
4185 /* Finish DMA transfer. */
4186 ataDMATransferStop(s);
4187 ataSetIRQ(s);
4188 pCtl->uAsyncIOState = AHCIATA_AIO_NEW;
4189 }
4190 }
4191 else
4192 {
4193 if (s->cbTotalTransfer)
4194 {
4195 ataPIOTransfer(pCtl);
4196 Assert(!pCtl->fRedo);
4197 if (s->fATAPITransfer || s->uTxDir != PDMBLOCKTXDIR_TO_DEVICE)
4198 ataSetIRQ(s);
4199
4200 if (s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE || s->iSourceSink != ATAFN_SS_NULL)
4201 {
4202 /* Write operations and not yet finished transfers
4203 * must be completed in the async I/O thread. */
4204 pCtl->uAsyncIOState = AHCIATA_AIO_PIO;
4205 }
4206 else
4207 {
4208 /* Finished read operation can be handled inline
4209 * in the end of PIO transfer handling code. Linux
4210 * depends on this, as it waits only briefly for
4211 * devices to become ready after incoming data
4212 * transfer. Cannot find anything in the ATA spec
4213 * that backs this assumption, but as all kernels
4214 * are affected (though most of the time it does
4215 * not cause any harm) this must work. */
4216 pCtl->uAsyncIOState = AHCIATA_AIO_NEW;
4217 }
4218 }
4219 else
4220 {
4221 Assert(s->uTxDir == PDMBLOCKTXDIR_NONE); /* Any transfer which has an initial transfer size of 0 must be marked as such. */
4222 /* Finish PIO transfer. */
4223 ataPIOTransfer(pCtl);
4224 Assert(!pCtl->fRedo);
4225 if (!s->fATAPITransfer)
4226 ataSetIRQ(s);
4227 pCtl->uAsyncIOState = AHCIATA_AIO_NEW;
4228 }
4229 }
4230 break;
4231
4232 case AHCIATA_AIO_DMA:
4233 {
4234 BMDMAState *bm = &pCtl->BmDma;
4235 s = &pCtl->aIfs[pCtl->iAIOIf]; /* Do not remove or there's an instant crash after loading the saved state */
4236 ATAFNSS iOriginalSourceSink = (ATAFNSS)s->iSourceSink; /* Used by the hack below, but gets reset by then. */
4237
4238 if (s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE)
4239 AssertRelease(bm->u8Cmd & BM_CMD_WRITE);
4240 else
4241 AssertRelease(!(bm->u8Cmd & BM_CMD_WRITE));
4242
4243 if (RT_LIKELY(!pCtl->fRedo))
4244 {
4245 /* The specs say that the descriptor table must not cross a
4246 * 4K boundary. */
4247 pCtl->pFirstDMADesc = bm->pvAddr;
4248 pCtl->pLastDMADesc = RT_ALIGN_32(bm->pvAddr + 1, _4K) - sizeof(BMDMADesc);
4249 }
4250 ataDMATransfer(pCtl);
4251
4252 if (RT_UNLIKELY(pCtl->fRedo))
4253 {
4254 LogRel(("AHCI ATA: Ctl: redo DMA operation\n"));
4255 ataAsyncIOPutRequest(pCtl, &ataDMARequest);
4256 break;
4257 }
4258
4259 /* The infamous delay IRQ hack. */
4260 if ( iOriginalSourceSink == ATAFN_SS_WRITE_SECTORS
4261 && s->cbTotalTransfer == 0
4262 && pCtl->DelayIRQMillies)
4263 {
4264 /* Delay IRQ for writing. Required to get the Win2K
4265 * installation work reliably (otherwise it crashes,
4266 * usually during component install). So far no better
4267 * solution has been found. */
4268 Log(("%s: delay IRQ hack\n", __FUNCTION__));
4269 PDMCritSectLeave(&pCtl->lock);
4270 RTThreadSleep(pCtl->DelayIRQMillies);
4271 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
4272 }
4273
4274 ataUnsetStatus(s, ATA_STAT_DRQ);
4275 Assert(!pCtl->fChainedTransfer);
4276 Assert(s->iSourceSink == ATAFN_SS_NULL);
4277 if (s->fATAPITransfer)
4278 {
4279 s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
4280 Log2(("%s: Ctl: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
4281 s->fATAPITransfer = false;
4282 }
4283 ataSetIRQ(s);
4284 pCtl->uAsyncIOState = AHCIATA_AIO_NEW;
4285 break;
4286 }
4287
4288 case AHCIATA_AIO_PIO:
4289 s = &pCtl->aIfs[pCtl->iAIOIf]; /* Do not remove or there's an instant crash after loading the saved state */
4290
4291 if (s->iSourceSink != ATAFN_SS_NULL)
4292 {
4293 bool fRedo;
4294 Log2(("%s: Ctl: calling source/sink function\n", __FUNCTION__));
4295 fRedo = g_apfnSourceSinkFuncs[s->iSourceSink](s);
4296 pCtl->fRedo = fRedo;
4297 if (RT_UNLIKELY(fRedo))
4298 {
4299 LogRel(("AHCI ATA: Ctl: redo PIO operation\n"));
4300 ataAsyncIOPutRequest(pCtl, &ataPIORequest);
4301 break;
4302 }
4303 s->iIOBufferCur = 0;
4304 s->iIOBufferEnd = s->cbElementaryTransfer;
4305 }
4306 else
4307 {
4308 /* Continue a previously started transfer. */
4309 ataUnsetStatus(s, ATA_STAT_BUSY);
4310 ataSetStatus(s, ATA_STAT_READY);
4311 }
4312
4313 /* It is possible that the drives on this controller get RESET
4314 * during the above call to the source/sink function. If that's
4315 * the case, don't restart the transfer and don't finish it the
4316 * usual way. RESET handling took care of all that already.
4317 * Most important: do not change uAsyncIOState. */
4318 if (pCtl->fReset)
4319 break;
4320
4321 if (s->cbTotalTransfer)
4322 {
4323 ataPIOTransfer(pCtl);
4324 ataSetIRQ(s);
4325
4326 if (s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE || s->iSourceSink != ATAFN_SS_NULL)
4327 {
4328 /* Write operations and not yet finished transfers
4329 * must be completed in the async I/O thread. */
4330 pCtl->uAsyncIOState = AHCIATA_AIO_PIO;
4331 }
4332 else
4333 {
4334 /* Finished read operation can be handled inline
4335 * in the end of PIO transfer handling code. Linux
4336 * depends on this, as it waits only briefly for
4337 * devices to become ready after incoming data
4338 * transfer. Cannot find anything in the ATA spec
4339 * that backs this assumption, but as all kernels
4340 * are affected (though most of the time it does
4341 * not cause any harm) this must work. */
4342 pCtl->uAsyncIOState = AHCIATA_AIO_NEW;
4343 }
4344 }
4345 else
4346 {
4347 /* Finish PIO transfer. */
4348 ataPIOTransfer(pCtl);
4349 if ( !pCtl->fChainedTransfer
4350 && !s->fATAPITransfer
4351 && s->uTxDir != PDMBLOCKTXDIR_FROM_DEVICE)
4352 {
4353 ataSetIRQ(s);
4354 }
4355 pCtl->uAsyncIOState = AHCIATA_AIO_NEW;
4356 }
4357 break;
4358
4359 case AHCIATA_AIO_RESET_ASSERTED:
4360 pCtl->uAsyncIOState = AHCIATA_AIO_RESET_CLEARED;
4361 ataPIOTransferStop(&pCtl->aIfs[0]);
4362 ataPIOTransferStop(&pCtl->aIfs[1]);
4363 /* Do not change the DMA registers, they are not affected by the
4364 * ATA controller reset logic. It should be sufficient to issue a
4365 * new command, which is now possible as the state is cleared. */
4366 break;
4367
4368 case AHCIATA_AIO_RESET_CLEARED:
4369 pCtl->uAsyncIOState = AHCIATA_AIO_NEW;
4370 pCtl->fReset = false;
4371 LogRel(("AHCI ATA: Ctl: finished processing RESET\n"));
4372 for (uint32_t i = 0; i < RT_ELEMENTS(pCtl->aIfs); i++)
4373 {
4374 if (pCtl->aIfs[i].fATAPI)
4375 ataSetStatusValue(&pCtl->aIfs[i], 0); /* NOTE: READY is _not_ set */
4376 else
4377 ataSetStatusValue(&pCtl->aIfs[i], ATA_STAT_READY | ATA_STAT_SEEK);
4378 ataSetSignature(&pCtl->aIfs[i]);
4379 }
4380 break;
4381
4382 case AHCIATA_AIO_ABORT:
4383 /* Abort the current command no matter what. There cannot be
4384 * any command activity on the other drive otherwise using
4385 * one thread per controller wouldn't work at all. */
4386 s = &pCtl->aIfs[pReq->u.a.iIf];
4387
4388 pCtl->uAsyncIOState = AHCIATA_AIO_NEW;
4389 /* Do not change the DMA registers, they are not affected by the
4390 * ATA controller reset logic. It should be sufficient to issue a
4391 * new command, which is now possible as the state is cleared. */
4392 if (pReq->u.a.fResetDrive)
4393 {
4394 ataResetDevice(s);
4395 ataExecuteDeviceDiagnosticSS(s);
4396 }
4397 else
4398 {
4399 ataPIOTransferStop(s);
4400 ataUnsetStatus(s, ATA_STAT_BUSY | ATA_STAT_DRQ | ATA_STAT_SEEK | ATA_STAT_ERR);
4401 ataSetStatus(s, ATA_STAT_READY);
4402 ataSetIRQ(s);
4403 }
4404 break;
4405
4406 default:
4407 AssertMsgFailed(("Undefined async I/O state %d\n", pCtl->uAsyncIOState));
4408 }
4409
4410 ataAsyncIORemoveCurrentRequest(pCtl, ReqType);
4411 pReq = ataAsyncIOGetCurrentRequest(pCtl);
4412
4413 if (pCtl->uAsyncIOState == AHCIATA_AIO_NEW && !pCtl->fChainedTransfer)
4414 {
4415#if defined(DEBUG) || defined(VBOX_WITH_STATISTICS)
4416 STAM_PROFILE_ADV_STOP(&pCtl->StatAsyncTime, a);
4417#endif /* DEBUG || VBOX_WITH_STATISTICS */
4418
4419 u64TS = RTTimeNanoTS() - u64TS;
4420 uWait = u64TS / 1000;
4421 Log(("%s: Ctl: LUN#%d finished I/O transaction in %d microseconds\n", __FUNCTION__, pCtl->aIfs[pCtl->iAIOIf].iLUN, (uint32_t)(uWait)));
4422 /* Mark command as finished. */
4423 pCtl->aIfs[pCtl->iAIOIf].u64CmdTS = 0;
4424
4425 /*
4426 * Release logging of command execution times depends on the
4427 * command type. ATAPI commands often take longer (due to CD/DVD
4428 * spin up time etc.) so the threshold is different.
4429 */
4430 if (pCtl->aIfs[pCtl->iAIOIf].uATARegCommand != ATA_PACKET)
4431 {
4432 if (uWait > 8 * 1000 * 1000)
4433 {
4434 /*
4435 * Command took longer than 8 seconds. This is close
4436 * enough or over the guest's command timeout, so place
4437 * an entry in the release log to allow tracking such
4438 * timing errors (which are often caused by the host).
4439 */
4440 LogRel(("AHCI ATA: execution time for ATA command %#04x was %d seconds\n", pCtl->aIfs[pCtl->iAIOIf].uATARegCommand, uWait / (1000 * 1000)));
4441 }
4442 }
4443 else
4444 {
4445 if (uWait > 20 * 1000 * 1000)
4446 {
4447 /*
4448 * Command took longer than 20 seconds. This is close
4449 * enough or over the guest's command timeout, so place
4450 * an entry in the release log to allow tracking such
4451 * timing errors (which are often caused by the host).
4452 */
4453 LogRel(("AHCI ATA: execution time for ATAPI command %#04x was %d seconds\n", pCtl->aIfs[pCtl->iAIOIf].aATAPICmd[0], uWait / (1000 * 1000)));
4454 }
4455 }
4456
4457#if defined(DEBUG) || defined(VBOX_WITH_STATISTICS)
4458 if (uWait < pCtl->StatAsyncMinWait || !pCtl->StatAsyncMinWait)
4459 pCtl->StatAsyncMinWait = uWait;
4460 if (uWait > pCtl->StatAsyncMaxWait)
4461 pCtl->StatAsyncMaxWait = uWait;
4462
4463 STAM_COUNTER_ADD(&pCtl->StatAsyncTimeUS, uWait);
4464 STAM_COUNTER_INC(&pCtl->StatAsyncOps);
4465#endif /* DEBUG || VBOX_WITH_STATISTICS */
4466 }
4467
4468 PDMCritSectLeave(&pCtl->lock);
4469 }
4470
4471 /* Signal the ultimate idleness. */
4472 if (pCtl->fSignalIdle)
4473 PDMDevHlpAsyncNotificationCompleted(pCtl->pDevInsR3);
4474 RTThreadUserSignal(ThreadSelf);
4475
4476 /* Do not destroy request mutex yet, still needed for proper shutdown. */
4477 pCtl->fShutdown = false;
4478
4479 Log2(("%s: Ctl: return %Rrc\n", __FUNCTION__, rc));
4480 return rc;
4481}
4482
4483#endif /* IN_RING3 */
4484
4485static uint32_t ataBMDMACmdReadB(PAHCIATACONTROLLER pCtl, uint32_t addr)
4486{
4487 uint32_t val = pCtl->BmDma.u8Cmd;
4488 Log2(("%s: addr=%#06x val=%#04x\n", __FUNCTION__, addr, val));
4489 return val;
4490}
4491
4492
4493static void ataBMDMACmdWriteB(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t val)
4494{
4495 Log2(("%s: addr=%#06x val=%#04x\n", __FUNCTION__, addr, val));
4496 if (!(val & BM_CMD_START))
4497 {
4498 pCtl->BmDma.u8Status &= ~BM_STATUS_DMAING;
4499 pCtl->BmDma.u8Cmd = val & (BM_CMD_START | BM_CMD_WRITE);
4500 }
4501 else
4502 {
4503#ifdef IN_RING3
4504 /* Check whether the guest OS wants to change DMA direction in
4505 * mid-flight. Not allowed, according to the AHCI specs. */
4506 Assert(!(pCtl->BmDma.u8Status & BM_STATUS_DMAING) || !((val ^ pCtl->BmDma.u8Cmd) & 0x04));
4507 pCtl->BmDma.u8Status |= BM_STATUS_DMAING;
4508 pCtl->BmDma.u8Cmd = val & (BM_CMD_START | BM_CMD_WRITE);
4509
4510 /* Do not continue DMA transfers while the RESET line is asserted. */
4511 if (pCtl->fReset)
4512 {
4513 Log2(("%s: Ctl: suppressed continuing DMA transfer as RESET is active\n", __FUNCTION__));
4514 return;
4515 }
4516
4517 /* Do not start DMA transfers if there's a PIO transfer going on. */
4518 if (!pCtl->aIfs[pCtl->iSelectedIf].fDMA)
4519 return;
4520
4521 if (pCtl->aIfs[pCtl->iAIOIf].uATARegStatus & ATA_STAT_DRQ)
4522 {
4523 Log2(("%s: Ctl: message to async I/O thread, continuing DMA transfer\n", __FUNCTION__));
4524 ataAsyncIOPutRequest(pCtl, &ataDMARequest);
4525 }
4526#else /* !IN_RING3 */
4527 AssertMsgFailed(("DMA START handling is too complicated for GC\n"));
4528#endif /* IN_RING3 */
4529 }
4530}
4531
4532static uint32_t ataBMDMAStatusReadB(PAHCIATACONTROLLER pCtl, uint32_t addr)
4533{
4534 uint32_t val = pCtl->BmDma.u8Status;
4535 Log2(("%s: addr=%#06x val=%#04x\n", __FUNCTION__, addr, val));
4536 return val;
4537}
4538
4539static void ataBMDMAStatusWriteB(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t val)
4540{
4541 Log2(("%s: addr=%#06x val=%#04x\n", __FUNCTION__, addr, val));
4542 pCtl->BmDma.u8Status = (val & (BM_STATUS_D0DMA | BM_STATUS_D1DMA))
4543 | (pCtl->BmDma.u8Status & BM_STATUS_DMAING)
4544 | (pCtl->BmDma.u8Status & ~val & (BM_STATUS_ERROR | BM_STATUS_INT));
4545}
4546
4547static uint32_t ataBMDMAAddrReadL(PAHCIATACONTROLLER pCtl, uint32_t addr)
4548{
4549 uint32_t val = (uint32_t)pCtl->BmDma.pvAddr;
4550 Log2(("%s: addr=%#06x val=%#010x\n", __FUNCTION__, addr, val));
4551 return val;
4552}
4553
4554static void ataBMDMAAddrWriteL(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t val)
4555{
4556 Log2(("%s: addr=%#06x val=%#010x\n", __FUNCTION__, addr, val));
4557 pCtl->BmDma.pvAddr = val & ~3;
4558}
4559
4560static void ataBMDMAAddrWriteLowWord(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t val)
4561{
4562 Log2(("%s: addr=%#06x val=%#010x\n", __FUNCTION__, addr, val));
4563 pCtl->BmDma.pvAddr = (pCtl->BmDma.pvAddr & 0xFFFF0000) | RT_LOWORD(val & ~3);
4564
4565}
4566
4567static void ataBMDMAAddrWriteHighWord(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t val)
4568{
4569 Log2(("%s: addr=%#06x val=%#010x\n", __FUNCTION__, addr, val));
4570 pCtl->BmDma.pvAddr = (RT_LOWORD(val) << 16) | RT_LOWORD(pCtl->BmDma.pvAddr);
4571}
4572
4573#define VAL(port, size) ( ((port) & 7) | ((size) << 3) )
4574
4575/**
4576 * Port I/O Handler for bus master DMA IN operations.
4577 * @see FNIOMIOPORTIN for details.
4578 */
4579int ataControllerBMDMAIOPortRead(PAHCIATACONTROLLER pCtl, RTIOPORT Port, uint32_t *pu32, unsigned cb)
4580{
4581 int rc;
4582
4583 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_HC_IOPORT_READ);
4584 if (rc != VINF_SUCCESS)
4585 return rc;
4586 switch (VAL(Port, cb))
4587 {
4588 case VAL(0, 1): *pu32 = ataBMDMACmdReadB(pCtl, Port); break;
4589 case VAL(0, 2): *pu32 = ataBMDMACmdReadB(pCtl, Port); break;
4590 case VAL(2, 1): *pu32 = ataBMDMAStatusReadB(pCtl, Port); break;
4591 case VAL(2, 2): *pu32 = ataBMDMAStatusReadB(pCtl, Port); break;
4592 case VAL(4, 4): *pu32 = ataBMDMAAddrReadL(pCtl, Port); break;
4593 default:
4594 AssertMsgFailed(("%s: Unsupported read from port %x size=%d\n", __FUNCTION__, Port, cb));
4595 PDMCritSectLeave(&pCtl->lock);
4596 return VERR_IOM_IOPORT_UNUSED;
4597 }
4598 PDMCritSectLeave(&pCtl->lock);
4599 return rc;
4600}
4601
4602/**
4603 * Port I/O Handler for bus master DMA OUT operations.
4604 * @see FNIOMIOPORTOUT for details.
4605 */
4606int ataControllerBMDMAIOPortWrite(PAHCIATACONTROLLER pCtl, RTIOPORT Port, uint32_t u32, unsigned cb)
4607{
4608 int rc;
4609
4610 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_HC_IOPORT_WRITE);
4611 if (rc != VINF_SUCCESS)
4612 return rc;
4613 switch (VAL(Port, cb))
4614 {
4615 case VAL(0, 1):
4616#ifndef IN_RING3
4617 if (u32 & BM_CMD_START)
4618 {
4619 rc = VINF_IOM_HC_IOPORT_WRITE;
4620 break;
4621 }
4622#endif /* !IN_RING3 */
4623 ataBMDMACmdWriteB(pCtl, Port, u32);
4624 break;
4625 case VAL(2, 1): ataBMDMAStatusWriteB(pCtl, Port, u32); break;
4626 case VAL(4, 4): ataBMDMAAddrWriteL(pCtl, Port, u32); break;
4627 case VAL(4, 2): ataBMDMAAddrWriteLowWord(pCtl, Port, u32); break;
4628 case VAL(6, 2): ataBMDMAAddrWriteHighWord(pCtl, Port, u32); break;
4629 default: AssertMsgFailed(("%s: Unsupported write to port %x size=%d val=%x\n", __FUNCTION__, Port, cb, u32)); break;
4630 }
4631 PDMCritSectLeave(&pCtl->lock);
4632 return rc;
4633}
4634
4635#undef VAL
4636
4637
4638#ifdef IN_RING3
4639#if 0
4640
4641/**
4642 * Callback function for mapping an PCI I/O region.
4643 *
4644 * @return VBox status code.
4645 * @param pPciDev Pointer to PCI device. Use pPciDev->pDevIns to get the device instance.
4646 * @param iRegion The region number.
4647 * @param GCPhysAddress Physical address of the region. If iType is PCI_ADDRESS_SPACE_IO, this is an
4648 * I/O port, else it's a physical address.
4649 * This address is *NOT* relative to pci_mem_base like earlier!
4650 * @param enmType One of the PCI_ADDRESS_SPACE_* values.
4651 */
4652static DECLCALLBACK(int) ataBMDMAIORangeMap(PPCIDEVICE pPciDev, /*unsigned*/ int iRegion, RTGCPHYS GCPhysAddress, uint32_t cb, PCIADDRESSSPACE enmType)
4653{
4654 PCIATAState *pThis = PCIDEV_2_PCIATASTATE(pPciDev);
4655 int rc = VINF_SUCCESS;
4656 Assert(enmType == PCI_ADDRESS_SPACE_IO);
4657 Assert(iRegion == 4);
4658 AssertMsg(RT_ALIGN(GCPhysAddress, 8) == GCPhysAddress, ("Expected 8 byte alignment. GCPhysAddress=%#x\n", GCPhysAddress));
4659
4660 /* Register the port range. */
4661 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
4662 {
4663 int rc2 = PDMDevHlpIOPortRegister(pPciDev->pDevIns, (RTIOPORT)GCPhysAddress + i * 8, 8,
4664 (RTHCPTR)i, ataBMDMAIOPortWrite, ataBMDMAIOPortRead, NULL, NULL, "ATA Bus Master DMA");
4665 AssertRC(rc2);
4666 if (rc2 < rc)
4667 rc = rc2;
4668
4669 if (pThis->fGCEnabled)
4670 {
4671 rc2 = PDMDevHlpIOPortRegisterGC(pPciDev->pDevIns, (RTIOPORT)GCPhysAddress + i * 8, 8,
4672 (RTGCPTR)i, "ataBMDMAIOPortWrite", "ataBMDMAIOPortRead", NULL, NULL, "ATA Bus Master DMA");
4673 AssertRC(rc2);
4674 if (rc2 < rc)
4675 rc = rc2;
4676 }
4677 if (pThis->fR0Enabled)
4678 {
4679 rc2 = PDMDevHlpIOPortRegisterR0(pPciDev->pDevIns, (RTIOPORT)GCPhysAddress + i * 8, 8,
4680 (RTR0PTR)i, "ataBMDMAIOPortWrite", "ataBMDMAIOPortRead", NULL, NULL, "ATA Bus Master DMA");
4681 AssertRC(rc2);
4682 if (rc2 < rc)
4683 rc = rc2;
4684 }
4685 }
4686 return rc;
4687}
4688#endif
4689
4690/**
4691 * Reset the controller to an initial state.
4692 *
4693 * @returns VBox status.
4694 * @param pDevIns The device instance data.
4695 */
4696void ataControllerReset(PAHCIATACONTROLLER pCtl)
4697{
4698 pCtl->iSelectedIf = 0;
4699 pCtl->iAIOIf = 0;
4700 pCtl->BmDma.u8Cmd = 0;
4701 /* Report that both drives present on the bus are in DMA mode. This
4702 * pretends that there is a BIOS that has set it up. Normal reset
4703 * default is 0x00. */
4704 pCtl->BmDma.u8Status = (pCtl->aIfs[0].pDrvBase != NULL ? BM_STATUS_D0DMA : 0)
4705 | (pCtl->aIfs[1].pDrvBase != NULL ? BM_STATUS_D1DMA : 0);
4706 pCtl->BmDma.pvAddr = 0;
4707
4708 pCtl->fReset = true;
4709 pCtl->fRedo = false;
4710 pCtl->fRedoIdle = false;
4711 ataAsyncIOClearRequests(pCtl);
4712 Log2(("%s: Ctl: message to async I/O thread, reset controller\n", __FUNCTION__));
4713 ataAsyncIOPutRequest(pCtl, &ataResetARequest);
4714 ataAsyncIOPutRequest(pCtl, &ataResetCRequest);
4715 if (!ataWaitForAsyncIOIsIdle(pCtl, 30000))
4716 AssertReleaseMsgFailed(("Async I/O thread busy after reset\n"));
4717
4718 for (uint32_t i = 0; i < RT_ELEMENTS(pCtl->aIfs); i++)
4719 ataResetDevice(&pCtl->aIfs[i]);
4720}
4721
4722#if 0
4723/* -=-=-=-=-=- AHCIATADevState::IBase -=-=-=-=-=- */
4724
4725/**
4726 * @interface_method_impl{PDMIBASE,pfnQueryInterface}
4727 */
4728static DECLCALLBACK(void *) ataQueryInterface(PPDMIBASE pInterface, const char *pszIID)
4729{
4730 ATADevState *pIf = PDMIBASE_2_ATASTATE(pInterface);
4731 PDMIBASE_RETURN_INTERFACE(pszIID, PDMIBASE, &pIf->IBase);
4732 PDMIBASE_RETURN_INTERFACE(pszIID, PDMIBLOCKPORT, &pIf->IPort);
4733 PDMIBASE_RETURN_INTERFACE(pszIID, PDMIMOUNTNOTIFY, &pIf->IMountNotify);
4734 return NULL;
4735}
4736#endif
4737#endif /* IN_RING3 */
4738
4739
4740/* -=-=-=-=-=- Wrappers -=-=-=-=-=- */
4741
4742/**
4743 * Port I/O Handler for primary port range OUT operations.
4744 * @see FNIOMIOPORTOUT for details.
4745 */
4746int ataControllerIOPortWrite1(PAHCIATACONTROLLER pCtl, RTIOPORT Port, uint32_t u32, unsigned cb)
4747{
4748 int rc = VINF_SUCCESS;
4749
4750 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_HC_IOPORT_WRITE);
4751 if (rc != VINF_SUCCESS)
4752 return rc;
4753 if (cb == 1)
4754 rc = ataIOPortWriteU8(pCtl, Port, u32);
4755 else if (Port == pCtl->IOPortBase1)
4756 {
4757 Assert(cb == 2 || cb == 4);
4758 rc = ataDataWrite(pCtl, Port, cb, (const uint8_t *)&u32);
4759 }
4760 else
4761 AssertMsgFailed(("ataIOPortWrite1: unsupported write to port %x val=%x size=%d\n", Port, u32, cb));
4762 PDMCritSectLeave(&pCtl->lock);
4763 return rc;
4764}
4765
4766
4767/**
4768 * Port I/O Handler for primary port range IN operations.
4769 * @see FNIOMIOPORTIN for details.
4770 */
4771int ataControllerIOPortRead1(PAHCIATACONTROLLER pCtl, RTIOPORT Port, uint32_t *pu32, unsigned cb)
4772{
4773 int rc = VINF_SUCCESS;
4774
4775 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_HC_IOPORT_READ);
4776 if (rc != VINF_SUCCESS)
4777 return rc;
4778 if (cb == 1)
4779 {
4780 rc = ataIOPortReadU8(pCtl, Port, pu32);
4781 }
4782 else if (Port == pCtl->IOPortBase1)
4783 {
4784 Assert(cb == 2 || cb == 4);
4785 rc = ataDataRead(pCtl, Port, cb, (uint8_t *)pu32);
4786 if (cb == 2)
4787 *pu32 &= 0xffff;
4788 }
4789 else
4790 {
4791 AssertMsgFailed(("ataIOPortRead1: unsupported read from port %x size=%d\n", Port, cb));
4792 rc = VERR_IOM_IOPORT_UNUSED;
4793 }
4794 PDMCritSectLeave(&pCtl->lock);
4795 return rc;
4796}
4797
4798#ifndef IN_RING0 /** @todo do this in ring-0 as well. */
4799/**
4800 * Port I/O Handler for primary port range IN string operations.
4801 * @see FNIOMIOPORTINSTRING for details.
4802 */
4803int ataControllerIOPortReadStr1(PAHCIATACONTROLLER pCtl, RTIOPORT Port, RTGCPTR *pGCPtrDst, PRTGCUINTREG pcTransfer, unsigned cb)
4804{
4805 int rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_HC_IOPORT_READ);
4806 if (rc != VINF_SUCCESS)
4807 return rc;
4808 if (Port == pCtl->IOPortBase1)
4809 {
4810 uint32_t cTransAvailable, cTransfer = *pcTransfer, cbTransfer;
4811 RTGCPTR GCDst = *pGCPtrDst;
4812 AHCIATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
4813 Assert(cb == 2 || cb == 4);
4814
4815 cTransAvailable = (s->iIOBufferPIODataEnd - s->iIOBufferPIODataStart) / cb;
4816#ifndef IN_RING3
4817 /* Deal with the unlikely case where no data (or not enough for the read length operation) is available; go back to ring 3. */
4818 if (!cTransAvailable)
4819 {
4820 PDMCritSectLeave(&pCtl->lock);
4821 return VINF_IOM_HC_IOPORT_READ;
4822 }
4823 /* The last transfer unit cannot be handled in GC, as it involves thread communication. */
4824 cTransAvailable--;
4825#endif /* !IN_RING3 */
4826 /* Do not handle the dummy transfer stuff here, leave it to the single-word transfers.
4827 * They are not performance-critical and generally shouldn't occur at all. */
4828 if (cTransAvailable > cTransfer)
4829 cTransAvailable = cTransfer;
4830 cbTransfer = cTransAvailable * cb;
4831
4832 PPDMDEVINS pDevIns = pCtl->CTX_SUFF(pDevIns);
4833 rc = PGMPhysSimpleDirtyWriteGCPtr(PDMDevHlpGetVMCPU(pDevIns), GCDst, s->CTX_SUFF(pbIOBuffer) + s->iIOBufferPIODataStart, cbTransfer);
4834#ifndef IN_RING3
4835 /* Paranoia. */
4836 if (RT_FAILURE(rc))
4837 {
4838 PDMCritSectLeave(&pCtl->lock);
4839 AssertFailed();
4840 return VINF_IOM_HC_IOPORT_READ;
4841 }
4842#else
4843 Assert(rc == VINF_SUCCESS);
4844#endif
4845
4846 if (cbTransfer)
4847 Log3(("%s: addr=%#x val=%.*Rhxs\n", __FUNCTION__, Port, cbTransfer, s->CTX_SUFF(pbIOBuffer) + s->iIOBufferPIODataStart));
4848 s->iIOBufferPIODataStart += cbTransfer;
4849 *pGCPtrDst = (RTGCPTR)((RTGCUINTPTR)GCDst + cbTransfer);
4850 *pcTransfer = cTransfer - cTransAvailable;
4851#ifdef IN_RING3
4852 if (s->iIOBufferPIODataStart >= s->iIOBufferPIODataEnd)
4853 ataPIOTransferFinish(pCtl, s);
4854#endif /* IN_RING3 */
4855 }
4856 PDMCritSectLeave(&pCtl->lock);
4857 return rc;
4858}
4859
4860
4861/**
4862 * Port I/O Handler for primary port range OUT string operations.
4863 * @see FNIOMIOPORTOUTSTRING for details.
4864 */
4865int ataControllerIOPortWriteStr1(PAHCIATACONTROLLER pCtl, RTIOPORT Port, RTGCPTR *pGCPtrSrc, PRTGCUINTREG pcTransfer, unsigned cb)
4866{
4867 int rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_HC_IOPORT_WRITE);
4868 if (rc != VINF_SUCCESS)
4869 return rc;
4870 if (Port == pCtl->IOPortBase1)
4871 {
4872 uint32_t cTransAvailable, cTransfer = *pcTransfer, cbTransfer;
4873 RTGCPTR GCSrc = *pGCPtrSrc;
4874 AHCIATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
4875 Assert(cb == 2 || cb == 4);
4876
4877 cTransAvailable = (s->iIOBufferPIODataEnd - s->iIOBufferPIODataStart) / cb;
4878#ifndef IN_RING3
4879 /* Deal with the unlikely case where no data (or not enough for the read length operation) is available; go back to ring 3. */
4880 if (!cTransAvailable)
4881 {
4882 PDMCritSectLeave(&pCtl->lock);
4883 return VINF_IOM_HC_IOPORT_WRITE;
4884 }
4885 /* The last transfer unit cannot be handled in GC, as it involves thread communication. */
4886 cTransAvailable--;
4887#endif /* !IN_RING3 */
4888 /* Do not handle the dummy transfer stuff here, leave it to the single-word transfers.
4889 * They are not performance-critical and generally shouldn't occur at all. */
4890 if (cTransAvailable > cTransfer)
4891 cTransAvailable = cTransfer;
4892 cbTransfer = cTransAvailable * cb;
4893
4894 PPDMDEVINS pDevIns = pCtl->CTX_SUFF(pDevIns);
4895 rc = PGMPhysSimpleReadGCPtr(PDMDevHlpGetVMCPU(pDevIns), s->CTX_SUFF(pbIOBuffer) + s->iIOBufferPIODataStart, GCSrc, cbTransfer);
4896#ifndef IN_RING3
4897 /* Paranoia. */
4898 if (RT_FAILURE(rc))
4899 {
4900 PDMCritSectLeave(&pCtl->lock);
4901 AssertFailed();
4902 return VINF_IOM_HC_IOPORT_WRITE;
4903 }
4904#else
4905 Assert(rc == VINF_SUCCESS);
4906#endif
4907
4908 if (cbTransfer)
4909 Log3(("%s: addr=%#x val=%.*Rhxs\n", __FUNCTION__, Port, cbTransfer, s->CTX_SUFF(pbIOBuffer) + s->iIOBufferPIODataStart));
4910 s->iIOBufferPIODataStart += cbTransfer;
4911 *pGCPtrSrc = (RTGCPTR)((RTGCUINTPTR)GCSrc + cbTransfer);
4912 *pcTransfer = cTransfer - cTransAvailable;
4913#ifdef IN_RING3
4914 if (s->iIOBufferPIODataStart >= s->iIOBufferPIODataEnd)
4915 ataPIOTransferFinish(pCtl, s);
4916#endif /* IN_RING3 */
4917 }
4918 PDMCritSectLeave(&pCtl->lock);
4919 return rc;
4920}
4921#endif /* !IN_RING0 */
4922
4923/**
4924 * Port I/O Handler for secondary port range OUT operations.
4925 * @see FNIOMIOPORTOUT for details.
4926 */
4927int ataControllerIOPortWrite2(PAHCIATACONTROLLER pCtl, RTIOPORT Port, uint32_t u32, unsigned cb)
4928{
4929 int rc;
4930
4931 if (cb != 1)
4932 return VINF_SUCCESS;
4933 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_HC_IOPORT_WRITE);
4934 if (rc != VINF_SUCCESS)
4935 return rc;
4936 rc = ataControlWrite(pCtl, Port, u32);
4937 PDMCritSectLeave(&pCtl->lock);
4938 return rc;
4939}
4940
4941
4942/**
4943 * Port I/O Handler for secondary port range IN operations.
4944 * @see FNIOMIOPORTIN for details.
4945 */
4946int ataControllerIOPortRead2(PAHCIATACONTROLLER pCtl, RTIOPORT Port, uint32_t *pu32, unsigned cb)
4947{
4948 int rc;
4949
4950 if (cb != 1)
4951 return VERR_IOM_IOPORT_UNUSED;
4952
4953 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_HC_IOPORT_READ);
4954 if (rc != VINF_SUCCESS)
4955 return rc;
4956 *pu32 = ataStatusRead(pCtl, Port);
4957 PDMCritSectLeave(&pCtl->lock);
4958 return VINF_SUCCESS;
4959}
4960
4961#ifdef IN_RING3
4962
4963/**
4964 * Waits for all async I/O threads to complete whatever they
4965 * are doing at the moment.
4966 *
4967 * @returns true on success.
4968 * @returns false when one or more threads is still processing.
4969 * @param pThis Pointer to the instance data.
4970 * @param cMillies How long to wait (total).
4971 */
4972static bool ataWaitForAllAsyncIOIsIdle(PAHCIATACONTROLLER pCtl, RTMSINTERVAL cMillies)
4973{
4974 uint64_t u64Start;
4975 PPDMDEVINS pDevIns = pCtl->CTXALLSUFF(pDevIns);
4976 bool fAllIdle = false;
4977
4978 /*
4979 * Wait for any pending async operation to finish
4980 */
4981 u64Start = RTTimeMilliTS();
4982 for (;;)
4983 {
4984 /* Check all async I/O threads. */
4985 fAllIdle = true;
4986
4987 fAllIdle &= ataAsyncIOIsIdle(pCtl, false);
4988 if (!fAllIdle)
4989 break;
4990
4991 if ( fAllIdle
4992 || RTTimeMilliTS() - u64Start >= cMillies)
4993 break;
4994
4995 /* Sleep for a bit. */
4996 RTThreadSleep(100);
4997 }
4998
4999 if (!fAllIdle)
5000 LogRel(("AHCI ATA: Ctl is still executing, DevSel=%d AIOIf=%d CmdIf0=%#04x CmdIf1=%#04x\n",
5001 pCtl->iSelectedIf, pCtl->iAIOIf,
5002 pCtl->aIfs[0].uATARegCommand, pCtl->aIfs[1].uATARegCommand));
5003
5004 return fAllIdle;
5005}
5006
5007
5008DECLINLINE(void) ataRelocBuffer(PPDMDEVINS pDevIns, AHCIATADevState *s)
5009{
5010 if (s->pbIOBufferR3)
5011 s->pbIOBufferRC = MMHyperR3ToRC(PDMDevHlpGetVM(pDevIns), s->pbIOBufferR3);
5012}
5013
5014
5015/**
5016 * @copydoc FNPDMDEVRELOCATE
5017 */
5018void ataControllerRelocate(PAHCIATACONTROLLER pCtl, RTGCINTPTR offDelta)
5019{
5020 PPDMDEVINS pDevIns = pCtl->CTXALLSUFF(pDevIns);
5021
5022 pCtl->pDevInsRC += offDelta;
5023 pCtl->aIfs[0].pDevInsRC += offDelta;
5024 pCtl->aIfs[0].pControllerRC += offDelta;
5025 ataRelocBuffer(pDevIns, &pCtl->aIfs[0]);
5026 pCtl->aIfs[1].pDevInsRC += offDelta;
5027 pCtl->aIfs[1].pControllerRC += offDelta;
5028 ataRelocBuffer(pDevIns, &pCtl->aIfs[1]);
5029}
5030
5031
5032/**
5033 * Destroy a controller instance.
5034 *
5035 * Most VM resources are freed by the VM. This callback is provided so that any non-VM
5036 * resources can be freed correctly.
5037 *
5038 * @param pCtl The controller instance.
5039 */
5040int ataControllerDestroy(PAHCIATACONTROLLER pCtl)
5041{
5042 int rc;
5043
5044 Log(("%s:\n", __FUNCTION__));
5045
5046 /*
5047 * Terminate the async helper thread and wait for it to finish up.
5048 */
5049 if (pCtl->AsyncIOThread != NIL_RTTHREAD)
5050 {
5051 ASMAtomicWriteU32(&pCtl->fShutdown, true);
5052 rc = RTSemEventSignal(pCtl->AsyncIOSem);
5053 AssertRC(rc);
5054 rc = RTSemEventSignal(pCtl->SuspendIOSem);
5055 AssertRC(rc);
5056
5057 rc = RTThreadWait(pCtl->AsyncIOThread, 30000 /* 30 s*/, NULL);
5058 if (RT_SUCCESS(rc))
5059 pCtl->AsyncIOThread = NIL_RTTHREAD;
5060 else
5061 LogRel(("PIIX3 ATA Dtor: Ctl/irq=%u is still executing, DevSel=%d AIOIf=%d CmdIf0=%#04x CmdIf1=%#04x rc=%Rrc\n",
5062 pCtl->irq, pCtl->iSelectedIf, pCtl->iAIOIf,
5063 pCtl->aIfs[0].uATARegCommand, pCtl->aIfs[1].uATARegCommand, rc));
5064 }
5065
5066 /*
5067 * Now the request mutexes are no longer needed. Free resources.
5068 */
5069 if (pCtl->AsyncIORequestMutex != NIL_RTSEMMUTEX)
5070 {
5071 RTSemMutexDestroy(pCtl->AsyncIORequestMutex);
5072 pCtl->AsyncIORequestMutex = NIL_RTSEMMUTEX;
5073 }
5074 if (pCtl->AsyncIOSem != NIL_RTSEMEVENT)
5075 {
5076 RTSemEventDestroy(pCtl->AsyncIOSem);
5077 pCtl->AsyncIOSem = NIL_RTSEMEVENT;
5078 }
5079 if (pCtl->SuspendIOSem != NIL_RTSEMEVENT)
5080 {
5081 RTSemEventDestroy(pCtl->SuspendIOSem);
5082 pCtl->SuspendIOSem = NIL_RTSEMEVENT;
5083 }
5084
5085 /* try one final time */
5086 if (pCtl->AsyncIOThread != NIL_RTTHREAD)
5087 {
5088 rc = RTThreadWait(pCtl->AsyncIOThread, 1 /*ms*/, NULL);
5089 if (RT_SUCCESS(rc))
5090 {
5091 pCtl->AsyncIOThread = NIL_RTTHREAD;
5092 LogRel(("AHCI ATA Dtor: Ctl/irq=%u actually completed.\n", pCtl->irq));
5093 }
5094 }
5095
5096 return VINF_SUCCESS;
5097}
5098
5099/**
5100 * Detach notification.
5101 *
5102 * The DVD drive has been unplugged.
5103 *
5104 * @param pDevIns The device instance.
5105 * @param fMaster True if the master is detached
5106 * false for the slave
5107 */
5108void ataControllerDetach(PAHCIATACONTROLLER pCtl, bool fMaster)
5109{
5110 AHCIATADevState *pIf;
5111
5112 /*
5113 * Locate the controller and stuff.
5114 */
5115 pIf = &pCtl->aIfs[fMaster ? 0 : 1];
5116
5117 /*
5118 * Zero some important members.
5119 */
5120 pIf->pDrvBase = NULL;
5121 pIf->pDrvBlock = NULL;
5122 pIf->pDrvBlockBios = NULL;
5123 pIf->pDrvMount = NULL;
5124}
5125
5126/**
5127 * Configure a LUN.
5128 *
5129 * @returns VBox status code.
5130 * @param pDevIns The device instance.
5131 * @param pIf The ATA unit state.
5132 */
5133static int ataConfigLun(PPDMDEVINS pDevIns, AHCIATADevState *pIf)
5134{
5135 int rc;
5136 PDMBLOCKTYPE enmType;
5137
5138 /*
5139 * Query Block, Bios and Mount interfaces.
5140 */
5141 pIf->pDrvBlock = PDMIBASE_QUERY_INTERFACE(pIf->pDrvBase, PDMIBLOCK);
5142 if (!pIf->pDrvBlock)
5143 {
5144 AssertMsgFailed(("Configuration error: LUN#%d hasn't a block interface!\n", pIf->iLUN));
5145 return VERR_PDM_MISSING_INTERFACE;
5146 }
5147
5148 /** @todo implement the BIOS invisible code path. */
5149 pIf->pDrvBlockBios = PDMIBASE_QUERY_INTERFACE(pIf->pDrvBase, PDMIBLOCKBIOS);
5150 if (!pIf->pDrvBlockBios)
5151 {
5152 AssertMsgFailed(("Configuration error: LUN#%d hasn't a block BIOS interface!\n", pIf->iLUN));
5153 return VERR_PDM_MISSING_INTERFACE;
5154 }
5155 pIf->pDrvMount = PDMIBASE_QUERY_INTERFACE(pIf->pDrvBase, PDMIMOUNT);
5156
5157 /*
5158 * Validate type.
5159 */
5160 enmType = pIf->pDrvBlock->pfnGetType(pIf->pDrvBlock);
5161 if ( enmType != PDMBLOCKTYPE_CDROM
5162 && enmType != PDMBLOCKTYPE_DVD
5163 && enmType != PDMBLOCKTYPE_HARD_DISK)
5164 {
5165 AssertMsgFailed(("Configuration error: LUN#%d isn't a disk or cd/dvd-rom. enmType=%d\n", pIf->iLUN, enmType));
5166 return VERR_PDM_UNSUPPORTED_BLOCK_TYPE;
5167 }
5168 if ( ( enmType == PDMBLOCKTYPE_DVD
5169 || enmType == PDMBLOCKTYPE_CDROM)
5170 && !pIf->pDrvMount)
5171 {
5172 AssertMsgFailed(("Internal error: cdrom without a mountable interface, WTF???!\n"));
5173 return VERR_INTERNAL_ERROR;
5174 }
5175 pIf->fATAPI = enmType == PDMBLOCKTYPE_DVD || enmType == PDMBLOCKTYPE_CDROM;
5176 pIf->fATAPIPassthrough = pIf->fATAPI ? (pIf->pDrvBlock->pfnSendCmd != NULL) : false;
5177
5178 /*
5179 * Allocate I/O buffer.
5180 */
5181 PVM pVM = PDMDevHlpGetVM(pDevIns);
5182 if (pIf->cbIOBuffer)
5183 {
5184 /* Buffer is (probably) already allocated. Validate the fields,
5185 * because memory corruption can also overwrite pIf->cbIOBuffer. */
5186 if (pIf->fATAPI)
5187 AssertRelease(pIf->cbIOBuffer == _128K);
5188 else
5189 AssertRelease(pIf->cbIOBuffer == ATA_MAX_MULT_SECTORS * 512);
5190 Assert(pIf->pbIOBufferR3);
5191 Assert(pIf->pbIOBufferR0 == MMHyperR3ToR0(pVM, pIf->pbIOBufferR3));
5192 Assert(pIf->pbIOBufferRC == MMHyperR3ToRC(pVM, pIf->pbIOBufferR3));
5193 }
5194 else
5195 {
5196 if (pIf->fATAPI)
5197 pIf->cbIOBuffer = _128K;
5198 else
5199 pIf->cbIOBuffer = ATA_MAX_MULT_SECTORS * 512;
5200 Assert(!pIf->pbIOBufferR3);
5201 rc = MMR3HyperAllocOnceNoRel(pVM, pIf->cbIOBuffer, 0, MM_TAG_PDM_DEVICE_USER, (void **)&pIf->pbIOBufferR3);
5202 if (RT_FAILURE(rc))
5203 return VERR_NO_MEMORY;
5204 pIf->pbIOBufferR0 = MMHyperR3ToR0(pVM, pIf->pbIOBufferR3);
5205 pIf->pbIOBufferRC = MMHyperR3ToRC(pVM, pIf->pbIOBufferR3);
5206 }
5207
5208 /*
5209 * Init geometry (only for non-CD/DVD media).
5210 */
5211 if (pIf->fATAPI)
5212 {
5213 pIf->cTotalSectors = pIf->pDrvBlock->pfnGetSize(pIf->pDrvBlock) / 2048;
5214 pIf->PCHSGeometry.cCylinders = 0; /* dummy */
5215 pIf->PCHSGeometry.cHeads = 0; /* dummy */
5216 pIf->PCHSGeometry.cSectors = 0; /* dummy */
5217 LogRel(("AHCI ATA: LUN#%d: CD/DVD, total number of sectors %Ld, passthrough %s\n", pIf->iLUN, pIf->cTotalSectors, (pIf->fATAPIPassthrough ? "enabled" : "disabled")));
5218 }
5219 else
5220 {
5221 pIf->cTotalSectors = pIf->pDrvBlock->pfnGetSize(pIf->pDrvBlock) / 512;
5222 rc = pIf->pDrvBlockBios->pfnGetPCHSGeometry(pIf->pDrvBlockBios,
5223 &pIf->PCHSGeometry);
5224 if (rc == VERR_PDM_MEDIA_NOT_MOUNTED)
5225 {
5226 pIf->PCHSGeometry.cCylinders = 0;
5227 pIf->PCHSGeometry.cHeads = 16; /*??*/
5228 pIf->PCHSGeometry.cSectors = 63; /*??*/
5229 }
5230 else if (rc == VERR_PDM_GEOMETRY_NOT_SET)
5231 {
5232 pIf->PCHSGeometry.cCylinders = 0; /* autodetect marker */
5233 rc = VINF_SUCCESS;
5234 }
5235 AssertRC(rc);
5236
5237 if ( pIf->PCHSGeometry.cCylinders == 0
5238 || pIf->PCHSGeometry.cHeads == 0
5239 || pIf->PCHSGeometry.cSectors == 0
5240 )
5241 {
5242 uint64_t cCylinders = pIf->cTotalSectors / (16 * 63);
5243 pIf->PCHSGeometry.cCylinders = RT_MAX(RT_MIN(cCylinders, 16383), 1);
5244 pIf->PCHSGeometry.cHeads = 16;
5245 pIf->PCHSGeometry.cSectors = 63;
5246 /* Set the disk geometry information. */
5247 rc = pIf->pDrvBlockBios->pfnSetPCHSGeometry(pIf->pDrvBlockBios,
5248 &pIf->PCHSGeometry);
5249 }
5250 LogRel(("AHCI ATA: LUN#%d: disk, PCHS=%u/%u/%u, total number of sectors %Ld\n", pIf->iLUN, pIf->PCHSGeometry.cCylinders, pIf->PCHSGeometry.cHeads, pIf->PCHSGeometry.cSectors, pIf->cTotalSectors));
5251 }
5252 return VINF_SUCCESS;
5253}
5254
5255/**
5256 * Attach command.
5257 *
5258 * This is called when we change block driver for the DVD drive.
5259 *
5260 * @returns VBox status code.
5261 * @param pDevIns The device instance.
5262 * @param iLUN The logical unit which is being detached.
5263 */
5264int ataControllerAttach(PAHCIATACONTROLLER pCtl, PPDMIBASE pDrvBase, bool fMaster)
5265{
5266 AHCIATADevState *pIf;
5267 int rc = VINF_SUCCESS;
5268
5269 /*
5270 * Locate the controller and stuff.
5271 */
5272 pIf = &pCtl->aIfs[fMaster ? 0 : 1];
5273
5274 /* the usual paranoia */
5275 AssertRelease(!pIf->pDrvBase);
5276 AssertRelease(!pIf->pDrvBlock);
5277 Assert(ATADEVSTATE_2_CONTROLLER(pIf) == pCtl);
5278
5279 /*
5280 * Try attach the block device and get the interfaces,
5281 * required as well as optional.
5282 */
5283
5284 pIf->pDrvBase = pDrvBase;
5285 if (pDrvBase)
5286 {
5287 rc = ataConfigLun(pCtl->pDevInsR3, pIf);
5288 AssertRC(rc);
5289
5290 if (RT_FAILURE(rc))
5291 {
5292 pIf->pDrvBase = NULL;
5293 pIf->pDrvBlock = NULL;
5294 }
5295 }
5296
5297 return rc;
5298}
5299
5300
5301/**
5302 * Resume notification.
5303 *
5304 * @returns VBox status.
5305 * @param pDevIns The device instance data.
5306 */
5307void ataControllerResume(PAHCIATACONTROLLER pCtl)
5308{
5309 int rc;
5310
5311 Log(("%s:\n", __FUNCTION__));
5312 if (pCtl->fRedo && pCtl->fRedoIdle)
5313 {
5314 rc = RTSemEventSignal(pCtl->SuspendIOSem);
5315 AssertRC(rc);
5316 }
5317
5318 return;
5319}
5320
5321
5322/**
5323 * Tests if the controller is idle, leaving the PDM notifications on if busy.
5324 *
5325 * @returns true if idle, false if idle.
5326 * @param pCtl the controller instance.
5327 */
5328bool ataControllerIsIdle(PAHCIATACONTROLLER pCtl)
5329{
5330 ASMAtomicWriteBool(&pCtl->fSignalIdle, true);
5331 if (ataAsyncIOIsIdle(pCtl, false /*fStrict*/))
5332 {
5333 ASMAtomicWriteBool(&pCtl->fSignalIdle, false);
5334 return true;
5335 }
5336 return false;
5337}
5338
5339/**
5340 * Saves a state of the ATA device.
5341 *
5342 * @returns VBox status code.
5343 * @param pCtl Controller instance.
5344 * @param pSSM The handle to save the state to.
5345 */
5346int ataControllerSaveExec(PAHCIATACONTROLLER pCtl, PSSMHANDLE pSSM)
5347{
5348 SSMR3PutU32(pSSM, ATA_CTL_SAVED_STATE_VERSION);
5349 SSMR3PutU8(pSSM, pCtl->iSelectedIf);
5350 SSMR3PutU8(pSSM, pCtl->iAIOIf);
5351 SSMR3PutU8(pSSM, pCtl->uAsyncIOState);
5352 SSMR3PutBool(pSSM, pCtl->fChainedTransfer);
5353 SSMR3PutBool(pSSM, pCtl->fReset);
5354 SSMR3PutBool(pSSM, pCtl->fRedo);
5355 SSMR3PutBool(pSSM, pCtl->fRedoIdle);
5356 SSMR3PutBool(pSSM, pCtl->fRedoDMALastDesc);
5357 SSMR3PutMem(pSSM, &pCtl->BmDma, sizeof(pCtl->BmDma));
5358 SSMR3PutGCPhys32(pSSM, pCtl->pFirstDMADesc);
5359 SSMR3PutGCPhys32(pSSM, pCtl->pLastDMADesc);
5360 SSMR3PutGCPhys32(pSSM, pCtl->pRedoDMABuffer);
5361 SSMR3PutU32(pSSM, pCtl->cbRedoDMABuffer);
5362
5363 for (uint32_t j = 0; j < RT_ELEMENTS(pCtl->aIfs); j++)
5364 {
5365 SSMR3PutBool(pSSM, pCtl->aIfs[j].fLBA48);
5366 SSMR3PutBool(pSSM, pCtl->aIfs[j].fATAPI);
5367 SSMR3PutBool(pSSM, pCtl->aIfs[j].fIrqPending);
5368 SSMR3PutU8(pSSM, pCtl->aIfs[j].cMultSectors);
5369 SSMR3PutU32(pSSM, pCtl->aIfs[j].PCHSGeometry.cCylinders);
5370 SSMR3PutU32(pSSM, pCtl->aIfs[j].PCHSGeometry.cHeads);
5371 SSMR3PutU32(pSSM, pCtl->aIfs[j].PCHSGeometry.cSectors);
5372 SSMR3PutU32(pSSM, pCtl->aIfs[j].cSectorsPerIRQ);
5373 SSMR3PutU64(pSSM, pCtl->aIfs[j].cTotalSectors);
5374 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegFeature);
5375 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegFeatureHOB);
5376 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegError);
5377 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegNSector);
5378 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegNSectorHOB);
5379 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegSector);
5380 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegSectorHOB);
5381 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegLCyl);
5382 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegLCylHOB);
5383 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegHCyl);
5384 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegHCylHOB);
5385 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegSelect);
5386 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegStatus);
5387 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegCommand);
5388 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegDevCtl);
5389 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATATransferMode);
5390 SSMR3PutU8(pSSM, pCtl->aIfs[j].uTxDir);
5391 SSMR3PutU8(pSSM, pCtl->aIfs[j].iBeginTransfer);
5392 SSMR3PutU8(pSSM, pCtl->aIfs[j].iSourceSink);
5393 SSMR3PutBool(pSSM, pCtl->aIfs[j].fDMA);
5394 SSMR3PutBool(pSSM, pCtl->aIfs[j].fATAPITransfer);
5395 SSMR3PutU32(pSSM, pCtl->aIfs[j].cbTotalTransfer);
5396 SSMR3PutU32(pSSM, pCtl->aIfs[j].cbElementaryTransfer);
5397 SSMR3PutU32(pSSM, pCtl->aIfs[j].iIOBufferCur);
5398 SSMR3PutU32(pSSM, pCtl->aIfs[j].iIOBufferEnd);
5399 SSMR3PutU32(pSSM, pCtl->aIfs[j].iIOBufferPIODataStart);
5400 SSMR3PutU32(pSSM, pCtl->aIfs[j].iIOBufferPIODataEnd);
5401 SSMR3PutU32(pSSM, pCtl->aIfs[j].iATAPILBA);
5402 SSMR3PutU32(pSSM, pCtl->aIfs[j].cbATAPISector);
5403 SSMR3PutMem(pSSM, &pCtl->aIfs[j].aATAPICmd, sizeof(pCtl->aIfs[j].aATAPICmd));
5404 SSMR3PutMem(pSSM, &pCtl->aIfs[j].abATAPISense, sizeof(pCtl->aIfs[j].abATAPISense));
5405 SSMR3PutU8(pSSM, pCtl->aIfs[j].cNotifiedMediaChange);
5406 SSMR3PutU32(pSSM, pCtl->aIfs[j].MediaEventStatus);
5407
5408 PDMLED Led;
5409 memset(&Led, 0, sizeof(PDMLED));
5410 SSMR3PutMem(pSSM, &Led, sizeof(PDMLED));
5411 SSMR3PutU32(pSSM, pCtl->aIfs[j].cbIOBuffer);
5412 if (pCtl->aIfs[j].cbIOBuffer)
5413 SSMR3PutMem(pSSM, pCtl->aIfs[j].CTX_SUFF(pbIOBuffer), pCtl->aIfs[j].cbIOBuffer);
5414 else
5415 Assert(pCtl->aIfs[j].CTX_SUFF(pbIOBuffer) == NULL);
5416 }
5417
5418 return SSMR3PutU32(pSSM, ~0); /* sanity/terminator */
5419}
5420
5421
5422/**
5423 * Loads a saved ATA device state.
5424 *
5425 * @returns VBox status code.
5426 * @param pDevIns The device instance.
5427 * @param pSSM The handle to the saved state.
5428 */
5429int ataControllerLoadExec(PAHCIATACONTROLLER pCtl, PSSMHANDLE pSSM)
5430{
5431 int rc;
5432 uint32_t u32Version;
5433 uint32_t u32;
5434
5435 /* Test for correct version. */
5436 rc = SSMR3GetU32(pSSM, &u32Version);
5437 AssertRCReturn(rc, rc);
5438
5439 if ( u32Version != ATA_CTL_SAVED_STATE_VERSION
5440 && u32Version != ATA_CTL_SAVED_STATE_VERSION_WITHOUT_FULL_SENSE
5441 && u32Version != ATA_CTL_SAVED_STATE_VERSION_WITHOUT_EVENT_STATUS)
5442 {
5443 AssertMsgFailed(("u32Version=%d\n", u32Version));
5444 return VERR_SSM_UNSUPPORTED_DATA_UNIT_VERSION;
5445 }
5446
5447 /* integrity check */
5448 if (!ataAsyncIOIsIdle(pCtl, false))
5449 {
5450 AssertMsgFailed(("Async I/O for controller is active\n"));
5451 return VERR_SSM_DATA_UNIT_FORMAT_CHANGED;
5452 }
5453
5454 SSMR3GetU8(pSSM, &pCtl->iSelectedIf);
5455 SSMR3GetU8(pSSM, &pCtl->iAIOIf);
5456 SSMR3GetU8(pSSM, &pCtl->uAsyncIOState);
5457 SSMR3GetBool(pSSM, &pCtl->fChainedTransfer);
5458 SSMR3GetBool(pSSM, (bool *)&pCtl->fReset);
5459 SSMR3GetBool(pSSM, (bool *)&pCtl->fRedo);
5460 SSMR3GetBool(pSSM, (bool *)&pCtl->fRedoIdle);
5461 SSMR3GetBool(pSSM, (bool *)&pCtl->fRedoDMALastDesc);
5462 SSMR3GetMem(pSSM, &pCtl->BmDma, sizeof(pCtl->BmDma));
5463 SSMR3GetGCPhys32(pSSM, &pCtl->pFirstDMADesc);
5464 SSMR3GetGCPhys32(pSSM, &pCtl->pLastDMADesc);
5465 SSMR3GetGCPhys32(pSSM, &pCtl->pRedoDMABuffer);
5466 SSMR3GetU32(pSSM, &pCtl->cbRedoDMABuffer);
5467
5468 for (uint32_t j = 0; j < RT_ELEMENTS(pCtl->aIfs); j++)
5469 {
5470 SSMR3GetBool(pSSM, &pCtl->aIfs[j].fLBA48);
5471 SSMR3GetBool(pSSM, &pCtl->aIfs[j].fATAPI);
5472 SSMR3GetBool(pSSM, &pCtl->aIfs[j].fIrqPending);
5473 SSMR3GetU8(pSSM, &pCtl->aIfs[j].cMultSectors);
5474 SSMR3GetU32(pSSM, &pCtl->aIfs[j].PCHSGeometry.cCylinders);
5475 SSMR3GetU32(pSSM, &pCtl->aIfs[j].PCHSGeometry.cHeads);
5476 SSMR3GetU32(pSSM, &pCtl->aIfs[j].PCHSGeometry.cSectors);
5477 SSMR3GetU32(pSSM, &pCtl->aIfs[j].cSectorsPerIRQ);
5478 SSMR3GetU64(pSSM, &pCtl->aIfs[j].cTotalSectors);
5479 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegFeature);
5480 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegFeatureHOB);
5481 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegError);
5482 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegNSector);
5483 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegNSectorHOB);
5484 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegSector);
5485 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegSectorHOB);
5486 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegLCyl);
5487 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegLCylHOB);
5488 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegHCyl);
5489 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegHCylHOB);
5490 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegSelect);
5491 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegStatus);
5492 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegCommand);
5493 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegDevCtl);
5494 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATATransferMode);
5495 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uTxDir);
5496 SSMR3GetU8(pSSM, &pCtl->aIfs[j].iBeginTransfer);
5497 SSMR3GetU8(pSSM, &pCtl->aIfs[j].iSourceSink);
5498 SSMR3GetBool(pSSM, &pCtl->aIfs[j].fDMA);
5499 SSMR3GetBool(pSSM, &pCtl->aIfs[j].fATAPITransfer);
5500 SSMR3GetU32(pSSM, &pCtl->aIfs[j].cbTotalTransfer);
5501 SSMR3GetU32(pSSM, &pCtl->aIfs[j].cbElementaryTransfer);
5502 SSMR3GetU32(pSSM, &pCtl->aIfs[j].iIOBufferCur);
5503 SSMR3GetU32(pSSM, &pCtl->aIfs[j].iIOBufferEnd);
5504 SSMR3GetU32(pSSM, &pCtl->aIfs[j].iIOBufferPIODataStart);
5505 SSMR3GetU32(pSSM, &pCtl->aIfs[j].iIOBufferPIODataEnd);
5506 SSMR3GetU32(pSSM, &pCtl->aIfs[j].iATAPILBA);
5507 SSMR3GetU32(pSSM, &pCtl->aIfs[j].cbATAPISector);
5508 SSMR3GetMem(pSSM, &pCtl->aIfs[j].aATAPICmd, sizeof(pCtl->aIfs[j].aATAPICmd));
5509 if (u32Version > ATA_CTL_SAVED_STATE_VERSION_WITHOUT_FULL_SENSE)
5510 {
5511 SSMR3GetMem(pSSM, &pCtl->aIfs[j].abATAPISense, sizeof(pCtl->aIfs[j].abATAPISense));
5512 }
5513 else
5514 {
5515 uint8_t uATAPISenseKey, uATAPIASC;
5516 memset(pCtl->aIfs[j].abATAPISense, '\0', sizeof(pCtl->aIfs[j].abATAPISense));
5517 pCtl->aIfs[j].abATAPISense[0] = 0x70 | (1 << 7);
5518 pCtl->aIfs[j].abATAPISense[7] = 10;
5519 SSMR3GetU8(pSSM, &uATAPISenseKey);
5520 SSMR3GetU8(pSSM, &uATAPIASC);
5521 pCtl->aIfs[j].abATAPISense[2] = uATAPISenseKey & 0x0f;
5522 pCtl->aIfs[j].abATAPISense[12] = uATAPIASC;
5523 }
5524 /** @todo triple-check this hack after passthrough is working */
5525 SSMR3GetU8(pSSM, &pCtl->aIfs[j].cNotifiedMediaChange);
5526 if (u32Version > ATA_CTL_SAVED_STATE_VERSION_WITHOUT_EVENT_STATUS)
5527 SSMR3GetU32(pSSM, (uint32_t*)&pCtl->aIfs[j].MediaEventStatus);
5528 else
5529 pCtl->aIfs[j].MediaEventStatus = ATA_EVENT_STATUS_UNCHANGED;
5530
5531 PDMLED Led;
5532 SSMR3GetMem(pSSM, &Led, sizeof(PDMLED));
5533 SSMR3GetU32(pSSM, &pCtl->aIfs[j].cbIOBuffer);
5534 if (pCtl->aIfs[j].cbIOBuffer)
5535 {
5536 if (pCtl->aIfs[j].CTX_SUFF(pbIOBuffer))
5537 SSMR3GetMem(pSSM, pCtl->aIfs[j].CTX_SUFF(pbIOBuffer), pCtl->aIfs[j].cbIOBuffer);
5538 else
5539 {
5540 LogRel(("AHCI ATA: No buffer for %d\n", j));
5541 if (SSMR3HandleGetAfter(pSSM) != SSMAFTER_DEBUG_IT)
5542 return SSMR3SetCfgError(pSSM, RT_SRC_POS, N_("No buffer for %d"), j);
5543
5544 /* skip the buffer if we're loading for the debugger / animator. */
5545 uint8_t u8Ignored;
5546 size_t cbLeft = pCtl->aIfs[j].cbIOBuffer;
5547 while (cbLeft-- > 0)
5548 SSMR3GetU8(pSSM, &u8Ignored);
5549 }
5550 }
5551 else
5552 Assert(pCtl->aIfs[j].CTX_SUFF(pbIOBuffer) == NULL);
5553 }
5554
5555 rc = SSMR3GetU32(pSSM, &u32);
5556 if (RT_FAILURE(rc))
5557 return rc;
5558 if (u32 != ~0U)
5559 {
5560 AssertMsgFailed(("u32=%#x expected ~0\n", u32));
5561 rc = VERR_SSM_DATA_UNIT_FORMAT_CHANGED;
5562 return rc;
5563 }
5564
5565 return VINF_SUCCESS;
5566}
5567
5568int ataControllerInit(PPDMDEVINS pDevIns, PAHCIATACONTROLLER pCtl,
5569 unsigned iLUNMaster, PPDMIBASE pDrvBaseMaster, PPDMLED pLedMaster,
5570 PSTAMCOUNTER pStatBytesReadMaster, PSTAMCOUNTER pStatBytesWrittenMaster,
5571 const char *pszSerialNumberMaster, const char *pszFirmwareRevisionMaster,
5572 const char *pszModelNumberMaster, const char *pszInquiryVendorIdMaster,
5573 const char *pszInquiryProductIdMaster, const char *pszInquiryRevisionMaster,
5574 bool fNonRotationalMaster,
5575 unsigned iLUNSlave, PPDMIBASE pDrvBaseSlave, PPDMLED pLedSlave,
5576 PSTAMCOUNTER pStatBytesReadSlave, PSTAMCOUNTER pStatBytesWrittenSlave,
5577 const char *pszSerialNumberSlave, const char *pszFirmwareRevisionSlave,
5578 const char *pszModelNumberSlave, const char *pszInquiryVendorIdSlave,
5579 const char *pszInquiryProductIdSlave, const char *pszInquiryRevisionSlave,
5580 bool fNonRotationalSlave,
5581 uint32_t *pcbSSMState, const char *szName)
5582{
5583 int rc;
5584
5585 AssertMsg(pcbSSMState, ("pcbSSMState is invalid\n"));
5586
5587 pCtl->pDevInsR3 = pDevIns;
5588 pCtl->pDevInsR0 = PDMDEVINS_2_R0PTR(pDevIns);
5589 pCtl->pDevInsRC = PDMDEVINS_2_RCPTR(pDevIns);
5590 pCtl->AsyncIOSem = NIL_RTSEMEVENT;
5591 pCtl->SuspendIOSem = NIL_RTSEMEVENT;
5592 pCtl->AsyncIORequestMutex = NIL_RTSEMMUTEX;
5593 pCtl->AsyncIOThread = NIL_RTTHREAD;
5594
5595 for (uint32_t j = 0; j < RT_ELEMENTS(pCtl->aIfs); j++)
5596 {
5597 pCtl->aIfs[j].iLUN = j == 0 ? iLUNMaster : iLUNSlave;
5598 pCtl->aIfs[j].pDevInsR3 = pDevIns;
5599 pCtl->aIfs[j].pDevInsR0 = PDMDEVINS_2_R0PTR(pDevIns);
5600 pCtl->aIfs[j].pDevInsRC = PDMDEVINS_2_RCPTR(pDevIns);
5601 pCtl->aIfs[j].pControllerR3 = pCtl;
5602 pCtl->aIfs[j].pControllerR0 = MMHyperR3ToR0(PDMDevHlpGetVM(pDevIns), pCtl);
5603 pCtl->aIfs[j].pControllerRC = MMHyperR3ToRC(PDMDevHlpGetVM(pDevIns), pCtl);
5604 pCtl->aIfs[j].pLed = j == 0 ? pLedMaster : pLedSlave;
5605 pCtl->aIfs[j].pStatBytesRead = j == 0 ? pStatBytesReadMaster : pStatBytesReadSlave;
5606 pCtl->aIfs[j].pStatBytesWritten = j == 0 ? pStatBytesWrittenMaster : pStatBytesWrittenSlave;
5607 pCtl->aIfs[j].pszSerialNumber = j == 0 ? pszSerialNumberMaster : pszSerialNumberSlave;
5608 pCtl->aIfs[j].pszFirmwareRevision = j == 0 ? pszFirmwareRevisionMaster : pszFirmwareRevisionSlave;
5609 pCtl->aIfs[j].pszModelNumber = j == 0 ? pszModelNumberMaster : pszModelNumberSlave;
5610 pCtl->aIfs[j].pszInquiryVendorId = j == 0 ? pszInquiryVendorIdMaster : pszInquiryVendorIdSlave;
5611 pCtl->aIfs[j].pszInquiryProductId = j == 0 ? pszInquiryProductIdMaster : pszInquiryProductIdSlave;
5612 pCtl->aIfs[j].pszInquiryRevision = j == 0 ? pszInquiryRevisionMaster : pszInquiryRevisionSlave;
5613 pCtl->aIfs[j].fNonRotational = j == 0 ? fNonRotationalMaster : fNonRotationalSlave;
5614 }
5615
5616 /* Initialize per-controller critical section */
5617 rc = PDMDevHlpCritSectInit(pDevIns, &pCtl->lock, RT_SRC_POS, "%s", szName);
5618 if (RT_FAILURE(rc))
5619 return PDMDEV_SET_ERROR(pDevIns, rc, N_("AHCI ATA: cannot initialize critical section"));
5620
5621 /*
5622 * Attach the units.
5623 */
5624 uint32_t cbTotalBuffer = 0;
5625
5626 /*
5627 * Start the worker thread.
5628 */
5629 pCtl->uAsyncIOState = AHCIATA_AIO_NEW;
5630 rc = RTSemEventCreate(&pCtl->AsyncIOSem);
5631 AssertRCReturn(rc, rc);
5632 rc = RTSemEventCreate(&pCtl->SuspendIOSem);
5633 AssertRCReturn(rc, rc);
5634 rc = RTSemMutexCreate(&pCtl->AsyncIORequestMutex);
5635 AssertRCReturn(rc, rc);
5636 ataAsyncIOClearRequests(pCtl);
5637 rc = RTThreadCreateF(&pCtl->AsyncIOThread, ataAsyncIOLoop, (void *)pCtl, 128*1024,
5638 RTTHREADTYPE_IO, RTTHREADFLAGS_WAITABLE, "AHCI-ATA-%u", pCtl->irq);
5639 AssertRCReturn(rc, rc);
5640 Assert(pCtl->AsyncIOThread != NIL_RTTHREAD && pCtl->AsyncIOSem != NIL_RTSEMEVENT && pCtl->SuspendIOSem != NIL_RTSEMEVENT && pCtl->AsyncIORequestMutex != NIL_RTSEMMUTEX);
5641 Log(("%s: controller AIO thread id %#x; sem %p susp_sem %p mutex %p\n", __FUNCTION__, pCtl->AsyncIOThread, pCtl->AsyncIOSem, pCtl->SuspendIOSem, pCtl->AsyncIORequestMutex));
5642
5643 for (uint32_t j = 0; j < RT_ELEMENTS(pCtl->aIfs); j++)
5644 {
5645 /*
5646 * Try attach the block device and get the interfaces,
5647 * required as well as optional.
5648 */
5649 AHCIATADevState *pIf = &pCtl->aIfs[j];
5650
5651 pIf->pDrvBase = (j == 0) ? pDrvBaseMaster : pDrvBaseSlave;
5652
5653#if 0
5654 rc = PDMDevHlpDriverAttach(pDevIns, pIf->iLUN, &pIf->IBase, &pIf->pDrvBase, s_apszDescs[j]);
5655 if (RT_SUCCESS(rc))
5656#endif
5657 if (pIf->pDrvBase)
5658 rc = ataConfigLun(pDevIns, pIf);
5659 else
5660 {
5661 pIf->pDrvBase = NULL;
5662 pIf->pDrvBlock = NULL;
5663 pIf->cbIOBuffer = 0;
5664 pIf->pbIOBufferR3 = NULL;
5665 pIf->pbIOBufferR0 = NIL_RTR0PTR;
5666 pIf->pbIOBufferRC = NIL_RTRCPTR;
5667 LogRel(("AHCI ATA: LUN#%d: no unit\n", pIf->iLUN));
5668 }
5669 cbTotalBuffer += pIf->cbIOBuffer;
5670 }
5671
5672 *pcbSSMState = cbTotalBuffer;
5673
5674 /*
5675 * Initialize the device state.
5676 */
5677 ataControllerReset(pCtl);
5678
5679 return VINF_SUCCESS;
5680}
5681#endif /* IN_RING3 */
5682#endif /* !VBOX_DEVICE_STRUCT_TESTCASE */
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette