VirtualBox

source: vbox/trunk/src/VBox/Devices/Storage/ATAController.cpp@ 38867

Last change on this file since 38867 was 38838, checked in by vboxsync, 13 years ago

VMM,++: Try fix the async reset, suspend and power-off problems in PDM wrt conflicting VMM requests. Split them into priority requests and normal requests. The priority requests can safely be processed when PDM is doing async state change waits, the normal ones cannot. (The problem I bumped into was a unmap-chunk request from PGM being processed during PDMR3Reset, causing a recursive VMMR3EmtRendezvous deadlock.)

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 207.6 KB
Line 
1/* $Id: ATAController.cpp 38838 2011-09-23 11:21:55Z vboxsync $ */
2/** @file
3 * DevATA, DevAHCI - Shared ATA/ATAPI controller code (disk and cdrom).
4 *
5 * @todo Actually share this code?
6 */
7
8/*
9 * Copyright (C) 2006-2011 Oracle Corporation
10 *
11 * This file is part of VirtualBox Open Source Edition (OSE), as
12 * available from http://www.virtualbox.org. This file is free software;
13 * you can redistribute it and/or modify it under the terms of the GNU
14 * General Public License (GPL) as published by the Free Software
15 * Foundation, in version 2 as it comes in the "COPYING" file of the
16 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
17 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
18 */
19
20/*******************************************************************************
21* Header Files *
22*******************************************************************************/
23#define LOG_GROUP LOG_GROUP_DEV_IDE
24#include <VBox/vmm/pdmdev.h>
25#include <iprt/assert.h>
26#include <iprt/string.h>
27#ifdef IN_RING3
28# include <iprt/uuid.h>
29# include <iprt/semaphore.h>
30# include <iprt/thread.h>
31# include <iprt/time.h>
32# include <iprt/alloc.h>
33#endif /* IN_RING3 */
34#include <iprt/critsect.h>
35#include <iprt/asm.h>
36#include <VBox/vmm/stam.h>
37#include <VBox/vmm/mm.h>
38#include <VBox/vmm/pgm.h>
39
40#include <VBox/scsi.h>
41
42#include "ATAController.h"
43#include "PIIX3ATABmDma.h"
44#include "ide.h"
45
46/**
47 * The SSM saved state version.
48 */
49#define ATA_CTL_SAVED_STATE_VERSION 3
50#define ATA_CTL_SAVED_STATE_VERSION_WITHOUT_FULL_SENSE 1
51#define ATA_CTL_SAVED_STATE_VERSION_WITHOUT_EVENT_STATUS 2
52
53#ifndef VBOX_DEVICE_STRUCT_TESTCASE
54
55DECLINLINE(void) ataSetStatusValue(AHCIATADevState *s, uint8_t stat)
56{
57 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
58
59 /* Freeze status register contents while processing RESET. */
60 if (!pCtl->fReset)
61 {
62 s->uATARegStatus = stat;
63 Log2(("%s: LUN#%d status %#04x\n", __FUNCTION__, s->iLUN, s->uATARegStatus));
64 }
65}
66
67
68DECLINLINE(void) ataSetStatus(AHCIATADevState *s, uint8_t stat)
69{
70 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
71
72 /* Freeze status register contents while processing RESET. */
73 if (!pCtl->fReset)
74 {
75 s->uATARegStatus |= stat;
76 Log2(("%s: LUN#%d status %#04x\n", __FUNCTION__, s->iLUN, s->uATARegStatus));
77 }
78}
79
80
81DECLINLINE(void) ataUnsetStatus(AHCIATADevState *s, uint8_t stat)
82{
83 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
84
85 /* Freeze status register contents while processing RESET. */
86 if (!pCtl->fReset)
87 {
88 s->uATARegStatus &= ~stat;
89 Log2(("%s: LUN#%d status %#04x\n", __FUNCTION__, s->iLUN, s->uATARegStatus));
90 }
91}
92
93#ifdef IN_RING3
94
95typedef void (*PBeginTransferFunc)(AHCIATADevState *);
96typedef bool (*PSourceSinkFunc)(AHCIATADevState *);
97
98static void ataReadWriteSectorsBT(AHCIATADevState *);
99static void ataPacketBT(AHCIATADevState *);
100static void atapiCmdBT(AHCIATADevState *);
101static void atapiPassthroughCmdBT(AHCIATADevState *);
102
103static bool ataIdentifySS(AHCIATADevState *);
104static bool ataFlushSS(AHCIATADevState *);
105static bool ataReadSectorsSS(AHCIATADevState *);
106static bool ataWriteSectorsSS(AHCIATADevState *);
107static bool ataExecuteDeviceDiagnosticSS(AHCIATADevState *);
108static bool ataPacketSS(AHCIATADevState *);
109static bool atapiGetConfigurationSS(AHCIATADevState *);
110static bool atapiGetEventStatusNotificationSS(AHCIATADevState *);
111static bool atapiIdentifySS(AHCIATADevState *);
112static bool atapiInquirySS(AHCIATADevState *);
113static bool atapiMechanismStatusSS(AHCIATADevState *);
114static bool atapiModeSenseErrorRecoverySS(AHCIATADevState *);
115static bool atapiModeSenseCDStatusSS(AHCIATADevState *);
116static bool atapiReadSS(AHCIATADevState *);
117static bool atapiReadCapacitySS(AHCIATADevState *);
118static bool atapiReadDiscInformationSS(AHCIATADevState *);
119static bool atapiReadTOCNormalSS(AHCIATADevState *);
120static bool atapiReadTOCMultiSS(AHCIATADevState *);
121static bool atapiReadTOCRawSS(AHCIATADevState *);
122static bool atapiReadTrackInformationSS(AHCIATADevState *);
123static bool atapiRequestSenseSS(AHCIATADevState *);
124static bool atapiPassthroughSS(AHCIATADevState *);
125
126/**
127 * Begin of transfer function indexes for g_apfnBeginTransFuncs.
128 */
129typedef enum ATAFNBT
130{
131 ATAFN_BT_NULL = 0,
132 ATAFN_BT_READ_WRITE_SECTORS,
133 ATAFN_BT_PACKET,
134 ATAFN_BT_ATAPI_CMD,
135 ATAFN_BT_ATAPI_PASSTHROUGH_CMD,
136 ATAFN_BT_MAX
137} ATAFNBT;
138
139/**
140 * Array of end transfer functions, the index is ATAFNET.
141 * Make sure ATAFNET and this array match!
142 */
143static const PBeginTransferFunc g_apfnBeginTransFuncs[ATAFN_BT_MAX] =
144{
145 NULL,
146 ataReadWriteSectorsBT,
147 ataPacketBT,
148 atapiCmdBT,
149 atapiPassthroughCmdBT,
150};
151
152/**
153 * Source/sink function indexes for g_apfnSourceSinkFuncs.
154 */
155typedef enum ATAFNSS
156{
157 ATAFN_SS_NULL = 0,
158 ATAFN_SS_IDENTIFY,
159 ATAFN_SS_FLUSH,
160 ATAFN_SS_READ_SECTORS,
161 ATAFN_SS_WRITE_SECTORS,
162 ATAFN_SS_EXECUTE_DEVICE_DIAGNOSTIC,
163 ATAFN_SS_PACKET,
164 ATAFN_SS_ATAPI_GET_CONFIGURATION,
165 ATAFN_SS_ATAPI_GET_EVENT_STATUS_NOTIFICATION,
166 ATAFN_SS_ATAPI_IDENTIFY,
167 ATAFN_SS_ATAPI_INQUIRY,
168 ATAFN_SS_ATAPI_MECHANISM_STATUS,
169 ATAFN_SS_ATAPI_MODE_SENSE_ERROR_RECOVERY,
170 ATAFN_SS_ATAPI_MODE_SENSE_CD_STATUS,
171 ATAFN_SS_ATAPI_READ,
172 ATAFN_SS_ATAPI_READ_CAPACITY,
173 ATAFN_SS_ATAPI_READ_DISC_INFORMATION,
174 ATAFN_SS_ATAPI_READ_TOC_NORMAL,
175 ATAFN_SS_ATAPI_READ_TOC_MULTI,
176 ATAFN_SS_ATAPI_READ_TOC_RAW,
177 ATAFN_SS_ATAPI_READ_TRACK_INFORMATION,
178 ATAFN_SS_ATAPI_REQUEST_SENSE,
179 ATAFN_SS_ATAPI_PASSTHROUGH,
180 ATAFN_SS_MAX
181} ATAFNSS;
182
183/**
184 * Array of source/sink functions, the index is ATAFNSS.
185 * Make sure ATAFNSS and this array match!
186 */
187static const PSourceSinkFunc g_apfnSourceSinkFuncs[ATAFN_SS_MAX] =
188{
189 NULL,
190 ataIdentifySS,
191 ataFlushSS,
192 ataReadSectorsSS,
193 ataWriteSectorsSS,
194 ataExecuteDeviceDiagnosticSS,
195 ataPacketSS,
196 atapiGetConfigurationSS,
197 atapiGetEventStatusNotificationSS,
198 atapiIdentifySS,
199 atapiInquirySS,
200 atapiMechanismStatusSS,
201 atapiModeSenseErrorRecoverySS,
202 atapiModeSenseCDStatusSS,
203 atapiReadSS,
204 atapiReadCapacitySS,
205 atapiReadDiscInformationSS,
206 atapiReadTOCNormalSS,
207 atapiReadTOCMultiSS,
208 atapiReadTOCRawSS,
209 atapiReadTrackInformationSS,
210 atapiRequestSenseSS,
211 atapiPassthroughSS
212};
213
214
215static const AHCIATARequest ataDMARequest = { AHCIATA_AIO_DMA, };
216static const AHCIATARequest ataPIORequest = { AHCIATA_AIO_PIO, };
217static const AHCIATARequest ataResetARequest = { AHCIATA_AIO_RESET_ASSERTED, };
218static const AHCIATARequest ataResetCRequest = { AHCIATA_AIO_RESET_CLEARED, };
219
220
221static void ataAsyncIOClearRequests(PAHCIATACONTROLLER pCtl)
222{
223 int rc;
224
225 rc = RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT);
226 AssertRC(rc);
227 pCtl->AsyncIOReqHead = 0;
228 pCtl->AsyncIOReqTail = 0;
229 rc = RTSemMutexRelease(pCtl->AsyncIORequestMutex);
230 AssertRC(rc);
231}
232
233
234static void ataAsyncIOPutRequest(PAHCIATACONTROLLER pCtl, const AHCIATARequest *pReq)
235{
236 int rc;
237
238 rc = RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT);
239 AssertRC(rc);
240 Assert((pCtl->AsyncIOReqHead + 1) % RT_ELEMENTS(pCtl->aAsyncIORequests) != pCtl->AsyncIOReqTail);
241 memcpy(&pCtl->aAsyncIORequests[pCtl->AsyncIOReqHead], pReq, sizeof(*pReq));
242 pCtl->AsyncIOReqHead++;
243 pCtl->AsyncIOReqHead %= RT_ELEMENTS(pCtl->aAsyncIORequests);
244 rc = RTSemMutexRelease(pCtl->AsyncIORequestMutex);
245 AssertRC(rc);
246 rc = PDMR3CritSectScheduleExitEvent(&pCtl->lock, pCtl->AsyncIOSem);
247 if (RT_FAILURE(rc))
248 {
249 rc = RTSemEventSignal(pCtl->AsyncIOSem);
250 AssertRC(rc);
251 }
252}
253
254
255static const AHCIATARequest *ataAsyncIOGetCurrentRequest(PAHCIATACONTROLLER pCtl)
256{
257 int rc;
258 const AHCIATARequest *pReq;
259
260 rc = RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT);
261 AssertRC(rc);
262 if (pCtl->AsyncIOReqHead != pCtl->AsyncIOReqTail)
263 pReq = &pCtl->aAsyncIORequests[pCtl->AsyncIOReqTail];
264 else
265 pReq = NULL;
266 rc = RTSemMutexRelease(pCtl->AsyncIORequestMutex);
267 AssertRC(rc);
268 return pReq;
269}
270
271
272/**
273 * Remove the request with the given type, as it's finished. The request
274 * is not removed blindly, as this could mean a RESET request that is not
275 * yet processed (but has cleared the request queue) is lost.
276 *
277 * @param pCtl Controller for which to remove the request.
278 * @param ReqType Type of the request to remove.
279 */
280static void ataAsyncIORemoveCurrentRequest(PAHCIATACONTROLLER pCtl, AHCIATAAIO ReqType)
281{
282 int rc;
283
284 rc = RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT);
285 AssertRC(rc);
286 if (pCtl->AsyncIOReqHead != pCtl->AsyncIOReqTail && pCtl->aAsyncIORequests[pCtl->AsyncIOReqTail].ReqType == ReqType)
287 {
288 pCtl->AsyncIOReqTail++;
289 pCtl->AsyncIOReqTail %= RT_ELEMENTS(pCtl->aAsyncIORequests);
290 }
291 rc = RTSemMutexRelease(pCtl->AsyncIORequestMutex);
292 AssertRC(rc);
293}
294
295
296/**
297 * Dump the request queue for a particular controller. First dump the queue
298 * contents, then the already processed entries, as long as they haven't been
299 * overwritten.
300 *
301 * @param pCtl Controller for which to dump the queue.
302 */
303static void ataAsyncIODumpRequests(PAHCIATACONTROLLER pCtl)
304{
305 int rc;
306 uint8_t curr;
307
308 rc = RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT);
309 AssertRC(rc);
310 LogRel(("AHCI ATA: Ctl: request queue dump (topmost is current):\n"));
311 curr = pCtl->AsyncIOReqTail;
312 do
313 {
314 if (curr == pCtl->AsyncIOReqHead)
315 LogRel(("AHCI ATA: Ctl: processed requests (topmost is oldest):\n"));
316 switch (pCtl->aAsyncIORequests[curr].ReqType)
317 {
318 case AHCIATA_AIO_NEW:
319 LogRel(("new transfer request, iIf=%d iBeginTransfer=%d iSourceSink=%d cbTotalTransfer=%d uTxDir=%d\n", pCtl->aAsyncIORequests[curr].u.t.iIf, pCtl->aAsyncIORequests[curr].u.t.iBeginTransfer, pCtl->aAsyncIORequests[curr].u.t.iSourceSink, pCtl->aAsyncIORequests[curr].u.t.cbTotalTransfer, pCtl->aAsyncIORequests[curr].u.t.uTxDir));
320 break;
321 case AHCIATA_AIO_DMA:
322 LogRel(("dma transfer finished\n"));
323 break;
324 case AHCIATA_AIO_PIO:
325 LogRel(("pio transfer finished\n"));
326 break;
327 case AHCIATA_AIO_RESET_ASSERTED:
328 LogRel(("reset asserted request\n"));
329 break;
330 case AHCIATA_AIO_RESET_CLEARED:
331 LogRel(("reset cleared request\n"));
332 break;
333 case AHCIATA_AIO_ABORT:
334 LogRel(("abort request, iIf=%d fResetDrive=%d\n", pCtl->aAsyncIORequests[curr].u.a.iIf, pCtl->aAsyncIORequests[curr].u.a.fResetDrive));
335 break;
336 default:
337 LogRel(("unknown request %d\n", pCtl->aAsyncIORequests[curr].ReqType));
338 }
339 curr = (curr + 1) % RT_ELEMENTS(pCtl->aAsyncIORequests);
340 } while (curr != pCtl->AsyncIOReqTail);
341 rc = RTSemMutexRelease(pCtl->AsyncIORequestMutex);
342 AssertRC(rc);
343}
344
345
346/**
347 * Checks whether the request queue for a particular controller is empty
348 * or whether a particular controller is idle.
349 *
350 * @param pCtl Controller for which to check the queue.
351 * @param fStrict If set then the controller is checked to be idle.
352 */
353static bool ataAsyncIOIsIdle(PAHCIATACONTROLLER pCtl, bool fStrict)
354{
355 int rc;
356 bool fIdle;
357
358 if (pCtl->AsyncIORequestMutex == NIL_RTSEMMUTEX)
359 return true;
360
361 rc = RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT);
362 AssertRC(rc);
363 fIdle = pCtl->fRedoIdle;
364 if (!fIdle)
365 fIdle = (pCtl->AsyncIOReqHead == pCtl->AsyncIOReqTail);
366 if (fStrict)
367 fIdle &= (pCtl->uAsyncIOState == AHCIATA_AIO_NEW);
368 rc = RTSemMutexRelease(pCtl->AsyncIORequestMutex);
369 AssertRC(rc);
370 return fIdle;
371}
372
373
374/**
375 * Send a transfer request to the async I/O thread.
376 *
377 * @param s Pointer to the ATA device state data.
378 * @param cbTotalTransfer Data transfer size.
379 * @param uTxDir Data transfer direction.
380 * @param iBeginTransfer Index of BeginTransfer callback.
381 * @param iSourceSink Index of SourceSink callback.
382 * @param fChainedTransfer Whether this is a transfer that is part of the previous command/transfer.
383 */
384static void ataStartTransfer(AHCIATADevState *s, uint32_t cbTotalTransfer, uint8_t uTxDir, ATAFNBT iBeginTransfer, ATAFNSS iSourceSink, bool fChainedTransfer)
385{
386 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
387 AHCIATARequest Req;
388
389 Assert(PDMCritSectIsOwner(&pCtl->lock));
390
391 /* Do not issue new requests while the RESET line is asserted. */
392 if (pCtl->fReset)
393 {
394 Log2(("%s: Ctl: suppressed new request as RESET is active\n", __FUNCTION__));
395 return;
396 }
397
398 /* If the controller is already doing something else right now, ignore
399 * the command that is being submitted. Some broken guests issue commands
400 * twice (e.g. the Linux kernel that comes with Acronis True Image 8). */
401 if (!fChainedTransfer && !ataAsyncIOIsIdle(pCtl, true))
402 {
403 Log(("%s: Ctl: ignored command %#04x, controller state %d\n", __FUNCTION__, s->uATARegCommand, pCtl->uAsyncIOState));
404 LogRel(("IDE: guest issued command %#04x while controller busy\n", s->uATARegCommand));
405 return;
406 }
407
408 Req.ReqType = AHCIATA_AIO_NEW;
409 if (fChainedTransfer)
410 Req.u.t.iIf = pCtl->iAIOIf;
411 else
412 Req.u.t.iIf = pCtl->iSelectedIf;
413 Req.u.t.cbTotalTransfer = cbTotalTransfer;
414 Req.u.t.uTxDir = uTxDir;
415 Req.u.t.iBeginTransfer = iBeginTransfer;
416 Req.u.t.iSourceSink = iSourceSink;
417 ataSetStatusValue(s, ATA_STAT_BUSY);
418 pCtl->fChainedTransfer = fChainedTransfer;
419
420 /*
421 * Kick the worker thread into action.
422 */
423 Log2(("%s: Ctl: message to async I/O thread, new request\n", __FUNCTION__));
424 ataAsyncIOPutRequest(pCtl, &Req);
425}
426
427
428/**
429 * Send an abort command request to the async I/O thread.
430 *
431 * @param s Pointer to the ATA device state data.
432 * @param fResetDrive Whether to reset the drive or just abort a command.
433 */
434static void ataAbortCurrentCommand(AHCIATADevState *s, bool fResetDrive)
435{
436 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
437 AHCIATARequest Req;
438
439 Assert(PDMCritSectIsOwner(&pCtl->lock));
440
441 /* Do not issue new requests while the RESET line is asserted. */
442 if (pCtl->fReset)
443 {
444 Log2(("%s: Ctl: suppressed aborting command as RESET is active\n", __FUNCTION__));
445 return;
446 }
447
448 Req.ReqType = AHCIATA_AIO_ABORT;
449 Req.u.a.iIf = pCtl->iSelectedIf;
450 Req.u.a.fResetDrive = fResetDrive;
451 ataSetStatus(s, ATA_STAT_BUSY);
452 Log2(("%s: Ctl: message to async I/O thread, abort command on LUN#%d\n", __FUNCTION__, s->iLUN));
453 ataAsyncIOPutRequest(pCtl, &Req);
454}
455
456
457static void ataSetIRQ(AHCIATADevState *s)
458{
459 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
460 PPDMDEVINS pDevIns = ATADEVSTATE_2_DEVINS(s);
461
462 if (!(s->uATARegDevCtl & ATA_DEVCTL_DISABLE_IRQ))
463 {
464 Log2(("%s: LUN#%d asserting IRQ\n", __FUNCTION__, s->iLUN));
465 /* The BMDMA unit unconditionally sets BM_STATUS_INT if the interrupt
466 * line is asserted. It monitors the line for a rising edge. */
467 if (!s->fIrqPending)
468 pCtl->BmDma.u8Status |= BM_STATUS_INT;
469 /* Only actually set the IRQ line if updating the currently selected drive. */
470 if (s == &pCtl->aIfs[pCtl->iSelectedIf])
471 PDMDevHlpISASetIrq(pDevIns, pCtl->irq, 1);
472 }
473 s->fIrqPending = true;
474}
475
476#endif /* IN_RING3 */
477
478static void ataUnsetIRQ(AHCIATADevState *s)
479{
480 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
481 PPDMDEVINS pDevIns = ATADEVSTATE_2_DEVINS(s);
482
483 if (!(s->uATARegDevCtl & ATA_DEVCTL_DISABLE_IRQ))
484 {
485 Log2(("%s: LUN#%d deasserting IRQ\n", __FUNCTION__, s->iLUN));
486 /* Only actually unset the IRQ line if updating the currently selected drive. */
487 if (s == &pCtl->aIfs[pCtl->iSelectedIf])
488 PDMDevHlpISASetIrq(pDevIns, pCtl->irq, 0);
489 }
490 s->fIrqPending = false;
491}
492
493#ifdef IN_RING3
494
495static void ataPIOTransferStart(AHCIATADevState *s, uint32_t start, uint32_t size)
496{
497 Log2(("%s: LUN#%d start %d size %d\n", __FUNCTION__, s->iLUN, start, size));
498 s->iIOBufferPIODataStart = start;
499 s->iIOBufferPIODataEnd = start + size;
500 ataSetStatus(s, ATA_STAT_DRQ);
501}
502
503
504static void ataPIOTransferStop(AHCIATADevState *s)
505{
506 Log2(("%s: LUN#%d\n", __FUNCTION__, s->iLUN));
507 if (s->fATAPITransfer)
508 {
509 s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
510 Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
511 ataSetIRQ(s);
512 s->fATAPITransfer = false;
513 }
514 s->cbTotalTransfer = 0;
515 s->cbElementaryTransfer = 0;
516 s->iIOBufferPIODataStart = 0;
517 s->iIOBufferPIODataEnd = 0;
518 s->iBeginTransfer = ATAFN_BT_NULL;
519 s->iSourceSink = ATAFN_SS_NULL;
520}
521
522
523static void ataPIOTransferLimitATAPI(AHCIATADevState *s)
524{
525 uint32_t cbLimit, cbTransfer;
526
527 cbLimit = s->uATARegLCyl | (s->uATARegHCyl << 8);
528 /* Use maximum transfer size if the guest requested 0. Avoids a hang. */
529 if (cbLimit == 0)
530 cbLimit = 0xfffe;
531 Log2(("%s: byte count limit=%d\n", __FUNCTION__, cbLimit));
532 if (cbLimit == 0xffff)
533 cbLimit--;
534 cbTransfer = RT_MIN(s->cbTotalTransfer, s->iIOBufferEnd - s->iIOBufferCur);
535 if (cbTransfer > cbLimit)
536 {
537 /* Byte count limit for clipping must be even in this case */
538 if (cbLimit & 1)
539 cbLimit--;
540 cbTransfer = cbLimit;
541 }
542 s->uATARegLCyl = cbTransfer;
543 s->uATARegHCyl = cbTransfer >> 8;
544 s->cbElementaryTransfer = cbTransfer;
545}
546
547
548static uint32_t ataGetNSectors(AHCIATADevState *s)
549{
550 /* 0 means either 256 (LBA28) or 65536 (LBA48) sectors. */
551 if (s->fLBA48)
552 {
553 if (!s->uATARegNSector && !s->uATARegNSectorHOB)
554 return 65536;
555 else
556 return s->uATARegNSectorHOB << 8 | s->uATARegNSector;
557 }
558 else
559 {
560 if (!s->uATARegNSector)
561 return 256;
562 else
563 return s->uATARegNSector;
564 }
565}
566
567
568static void ataPadString(uint8_t *pbDst, const char *pbSrc, uint32_t cbSize)
569{
570 for (uint32_t i = 0; i < cbSize; i++)
571 {
572 if (*pbSrc)
573 pbDst[i ^ 1] = *pbSrc++;
574 else
575 pbDst[i ^ 1] = ' ';
576 }
577}
578
579
580static void ataSCSIPadStr(uint8_t *pbDst, const char *pbSrc, uint32_t cbSize)
581{
582 for (uint32_t i = 0; i < cbSize; i++)
583 {
584 if (*pbSrc)
585 pbDst[i] = *pbSrc++;
586 else
587 pbDst[i] = ' ';
588 }
589}
590
591
592DECLINLINE(void) ataH2BE_U16(uint8_t *pbBuf, uint16_t val)
593{
594 pbBuf[0] = val >> 8;
595 pbBuf[1] = val;
596}
597
598
599DECLINLINE(void) ataH2BE_U24(uint8_t *pbBuf, uint32_t val)
600{
601 pbBuf[0] = val >> 16;
602 pbBuf[1] = val >> 8;
603 pbBuf[2] = val;
604}
605
606
607DECLINLINE(void) ataH2BE_U32(uint8_t *pbBuf, uint32_t val)
608{
609 pbBuf[0] = val >> 24;
610 pbBuf[1] = val >> 16;
611 pbBuf[2] = val >> 8;
612 pbBuf[3] = val;
613}
614
615
616DECLINLINE(uint16_t) ataBE2H_U16(const uint8_t *pbBuf)
617{
618 return (pbBuf[0] << 8) | pbBuf[1];
619}
620
621
622DECLINLINE(uint32_t) ataBE2H_U24(const uint8_t *pbBuf)
623{
624 return (pbBuf[0] << 16) | (pbBuf[1] << 8) | pbBuf[2];
625}
626
627
628DECLINLINE(uint32_t) ataBE2H_U32(const uint8_t *pbBuf)
629{
630 return (pbBuf[0] << 24) | (pbBuf[1] << 16) | (pbBuf[2] << 8) | pbBuf[3];
631}
632
633
634DECLINLINE(void) ataLBA2MSF(uint8_t *pbBuf, uint32_t iATAPILBA)
635{
636 iATAPILBA += 150;
637 pbBuf[0] = (iATAPILBA / 75) / 60;
638 pbBuf[1] = (iATAPILBA / 75) % 60;
639 pbBuf[2] = iATAPILBA % 75;
640}
641
642
643DECLINLINE(uint32_t) ataMSF2LBA(const uint8_t *pbBuf)
644{
645 return (pbBuf[0] * 60 + pbBuf[1]) * 75 + pbBuf[2];
646}
647
648static uint32_t ataChecksum(void *ptr, size_t count)
649{
650 uint8_t u8Sum = 0xa5;
651 uint8_t *p = (uint8_t*)ptr;
652 size_t i;
653
654 for (i = 0; i < count; i++)
655 {
656 u8Sum += *p++;
657 }
658
659 return (uint8_t)-(int32_t)u8Sum;
660}
661
662static void ataCmdOK(AHCIATADevState *s, uint8_t status)
663{
664 s->uATARegError = 0; /* Not needed by ATA spec, but cannot hurt. */
665 ataSetStatusValue(s, ATA_STAT_READY | status);
666}
667
668
669static void ataCmdError(AHCIATADevState *s, uint8_t uErrorCode)
670{
671 Log(("%s: code=%#x\n", __FUNCTION__, uErrorCode));
672 s->uATARegError = uErrorCode;
673 ataSetStatusValue(s, ATA_STAT_READY | ATA_STAT_ERR);
674 s->cbTotalTransfer = 0;
675 s->cbElementaryTransfer = 0;
676 s->iIOBufferCur = 0;
677 s->iIOBufferEnd = 0;
678 s->uTxDir = PDMBLOCKTXDIR_NONE;
679 s->iBeginTransfer = ATAFN_BT_NULL;
680 s->iSourceSink = ATAFN_SS_NULL;
681}
682
683
684static bool ataIdentifySS(AHCIATADevState *s)
685{
686 uint16_t *p;
687
688 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
689 Assert(s->cbElementaryTransfer == 512);
690
691 p = (uint16_t *)s->CTXALLSUFF(pbIOBuffer);
692 memset(p, 0, 512);
693 p[0] = RT_H2LE_U16(0x0040);
694 p[1] = RT_H2LE_U16(RT_MIN(s->PCHSGeometry.cCylinders, 16383));
695 p[3] = RT_H2LE_U16(s->PCHSGeometry.cHeads);
696 /* Block size; obsolete, but required for the BIOS. */
697 p[5] = RT_H2LE_U16(512);
698 p[6] = RT_H2LE_U16(s->PCHSGeometry.cSectors);
699 ataPadString((uint8_t *)(p + 10), s->pszSerialNumber, ATA_SERIAL_NUMBER_LENGTH); /* serial number */
700 p[20] = RT_H2LE_U16(3); /* XXX: retired, cache type */
701 p[21] = RT_H2LE_U16(512); /* XXX: retired, cache size in sectors */
702 p[22] = RT_H2LE_U16(0); /* ECC bytes per sector */
703 ataPadString((uint8_t *)(p + 23), s->pszFirmwareRevision, ATA_FIRMWARE_REVISION_LENGTH); /* firmware version */
704 ataPadString((uint8_t *)(p + 27), s->pszModelNumber, ATA_MODEL_NUMBER_LENGTH); /* model */
705#if ATA_MAX_MULT_SECTORS > 1
706 p[47] = RT_H2LE_U16(0x8000 | ATA_MAX_MULT_SECTORS);
707#endif
708 p[48] = RT_H2LE_U16(1); /* dword I/O, used by the BIOS */
709 p[49] = RT_H2LE_U16(1 << 11 | 1 << 9 | 1 << 8); /* DMA and LBA supported */
710 p[50] = RT_H2LE_U16(1 << 14); /* No drive specific standby timer minimum */
711 p[51] = RT_H2LE_U16(240); /* PIO transfer cycle */
712 p[52] = RT_H2LE_U16(240); /* DMA transfer cycle */
713 p[53] = RT_H2LE_U16(1 | 1 << 1 | 1 << 2); /* words 54-58,64-70,88 valid */
714 p[54] = RT_H2LE_U16(RT_MIN(s->PCHSGeometry.cCylinders, 16383));
715 p[55] = RT_H2LE_U16(s->PCHSGeometry.cHeads);
716 p[56] = RT_H2LE_U16(s->PCHSGeometry.cSectors);
717 p[57] = RT_H2LE_U16( RT_MIN(s->PCHSGeometry.cCylinders, 16383)
718 * s->PCHSGeometry.cHeads
719 * s->PCHSGeometry.cSectors);
720 p[58] = RT_H2LE_U16( RT_MIN(s->PCHSGeometry.cCylinders, 16383)
721 * s->PCHSGeometry.cHeads
722 * s->PCHSGeometry.cSectors >> 16);
723 if (s->cMultSectors)
724 p[59] = RT_H2LE_U16(0x100 | s->cMultSectors);
725 if (s->cTotalSectors <= (1 << 28) - 1)
726 {
727 p[60] = RT_H2LE_U16(s->cTotalSectors);
728 p[61] = RT_H2LE_U16(s->cTotalSectors >> 16);
729 }
730 else
731 {
732 /* Report maximum number of sectors possible with LBA28 */
733 p[60] = RT_H2LE_U16(((1 << 28) - 1) & 0xffff);
734 p[61] = RT_H2LE_U16(((1 << 28) - 1) >> 16);
735 }
736 p[63] = RT_H2LE_U16(ATA_TRANSFER_ID(ATA_MODE_MDMA, ATA_MDMA_MODE_MAX, s->uATATransferMode)); /* MDMA modes supported / mode enabled */
737 p[64] = RT_H2LE_U16(ATA_PIO_MODE_MAX > 2 ? (1 << (ATA_PIO_MODE_MAX - 2)) - 1 : 0); /* PIO modes beyond PIO2 supported */
738 p[65] = RT_H2LE_U16(120); /* minimum DMA multiword tx cycle time */
739 p[66] = RT_H2LE_U16(120); /* recommended DMA multiword tx cycle time */
740 p[67] = RT_H2LE_U16(120); /* minimum PIO cycle time without flow control */
741 p[68] = RT_H2LE_U16(120); /* minimum PIO cycle time with IORDY flow control */
742 p[80] = RT_H2LE_U16(0x7e); /* support everything up to ATA/ATAPI-6 */
743 p[81] = RT_H2LE_U16(0x22); /* conforms to ATA/ATAPI-6 */
744 p[82] = RT_H2LE_U16(1 << 3 | 1 << 5 | 1 << 6); /* supports power management, write cache and look-ahead */
745 if (s->cTotalSectors <= (1 << 28) - 1)
746 p[83] = RT_H2LE_U16(1 << 14 | 1 << 12); /* supports FLUSH CACHE */
747 else
748 p[83] = RT_H2LE_U16(1 << 14 | 1 << 10 | 1 << 12 | 1 << 13); /* supports LBA48, FLUSH CACHE and FLUSH CACHE EXT */
749 p[84] = RT_H2LE_U16(1 << 14);
750 p[85] = RT_H2LE_U16(1 << 3 | 1 << 5 | 1 << 6); /* enabled power management, write cache and look-ahead */
751 if (s->cTotalSectors <= (1 << 28) - 1)
752 p[86] = RT_H2LE_U16(1 << 12); /* enabled FLUSH CACHE */
753 else
754 p[86] = RT_H2LE_U16(1 << 10 | 1 << 12 | 1 << 13); /* enabled LBA48, FLUSH CACHE and FLUSH CACHE EXT */
755 p[87] = RT_H2LE_U16(1 << 14);
756 p[88] = RT_H2LE_U16(ATA_TRANSFER_ID(ATA_MODE_UDMA, ATA_UDMA_MODE_MAX, s->uATATransferMode)); /* UDMA modes supported / mode enabled */
757 p[93] = RT_H2LE_U16((1 | 1 << 1) << ((s->iLUN & 1) == 0 ? 0 : 8) | 1 << 13 | 1 << 14);
758 if (s->cTotalSectors > (1 << 28) - 1)
759 {
760 p[100] = RT_H2LE_U16(s->cTotalSectors);
761 p[101] = RT_H2LE_U16(s->cTotalSectors >> 16);
762 p[102] = RT_H2LE_U16(s->cTotalSectors >> 32);
763 p[103] = RT_H2LE_U16(s->cTotalSectors >> 48);
764 }
765 if (s->fNonRotational)
766 p[217] = RT_H2LE_U16(1); /* Non-rotational medium */
767 uint32_t uCsum = ataChecksum(p, 510);
768 p[255] = RT_H2LE_U16(0xa5 | (uCsum << 8)); /* Integrity word */
769
770 s->iSourceSink = ATAFN_SS_NULL;
771 ataCmdOK(s, ATA_STAT_SEEK);
772 return false;
773}
774
775
776static bool ataFlushSS(AHCIATADevState *s)
777{
778 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
779 int rc;
780
781 Assert(s->uTxDir == PDMBLOCKTXDIR_NONE);
782 Assert(!s->cbElementaryTransfer);
783
784 PDMCritSectLeave(&pCtl->lock);
785
786 STAM_PROFILE_START(&s->StatFlushes, f);
787 rc = s->pDrvBlock->pfnFlush(s->pDrvBlock);
788 AssertRC(rc);
789 STAM_PROFILE_STOP(&s->StatFlushes, f);
790
791 STAM_PROFILE_START(&pCtl->StatLockWait, a);
792 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
793 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
794 ataCmdOK(s, 0);
795 return false;
796}
797
798
799static bool atapiIdentifySS(AHCIATADevState *s)
800{
801 uint16_t *p;
802
803 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
804 Assert(s->cbElementaryTransfer == 512);
805
806 p = (uint16_t *)s->CTXALLSUFF(pbIOBuffer);
807 memset(p, 0, 512);
808 /* Removable CDROM, 50us response, 12 byte packets */
809 p[0] = RT_H2LE_U16(2 << 14 | 5 << 8 | 1 << 7 | 2 << 5 | 0 << 0);
810 ataPadString((uint8_t *)(p + 10), s->pszSerialNumber, ATA_SERIAL_NUMBER_LENGTH); /* serial number */
811 p[20] = RT_H2LE_U16(3); /* XXX: retired, cache type */
812 p[21] = RT_H2LE_U16(512); /* XXX: retired, cache size in sectors */
813 ataPadString((uint8_t *)(p + 23), s->pszFirmwareRevision, ATA_FIRMWARE_REVISION_LENGTH); /* firmware version */
814 ataPadString((uint8_t *)(p + 27), s->pszModelNumber, ATA_MODEL_NUMBER_LENGTH); /* model */
815 p[49] = RT_H2LE_U16(1 << 11 | 1 << 9 | 1 << 8); /* DMA and LBA supported */
816 p[50] = RT_H2LE_U16(1 << 14); /* No drive specific standby timer minimum */
817 p[51] = RT_H2LE_U16(240); /* PIO transfer cycle */
818 p[52] = RT_H2LE_U16(240); /* DMA transfer cycle */
819 p[53] = RT_H2LE_U16(1 << 1 | 1 << 2); /* words 64-70,88 are valid */
820 p[63] = RT_H2LE_U16(ATA_TRANSFER_ID(ATA_MODE_MDMA, ATA_MDMA_MODE_MAX, s->uATATransferMode)); /* MDMA modes supported / mode enabled */
821 p[64] = RT_H2LE_U16(ATA_PIO_MODE_MAX > 2 ? (1 << (ATA_PIO_MODE_MAX - 2)) - 1 : 0); /* PIO modes beyond PIO2 supported */
822 p[65] = RT_H2LE_U16(120); /* minimum DMA multiword tx cycle time */
823 p[66] = RT_H2LE_U16(120); /* recommended DMA multiword tx cycle time */
824 p[67] = RT_H2LE_U16(120); /* minimum PIO cycle time without flow control */
825 p[68] = RT_H2LE_U16(120); /* minimum PIO cycle time with IORDY flow control */
826 p[73] = RT_H2LE_U16(0x003e); /* ATAPI CDROM major */
827 p[74] = RT_H2LE_U16(9); /* ATAPI CDROM minor */
828 p[75] = RT_H2LE_U16(1); /* queue depth 1 */
829 p[80] = RT_H2LE_U16(0x7e); /* support everything up to ATA/ATAPI-6 */
830 p[81] = RT_H2LE_U16(0x22); /* conforms to ATA/ATAPI-6 */
831 p[82] = RT_H2LE_U16(1 << 4 | 1 << 9); /* supports packet command set and DEVICE RESET */
832 p[83] = RT_H2LE_U16(1 << 14);
833 p[84] = RT_H2LE_U16(1 << 14);
834 p[85] = RT_H2LE_U16(1 << 4 | 1 << 9); /* enabled packet command set and DEVICE RESET */
835 p[86] = RT_H2LE_U16(0);
836 p[87] = RT_H2LE_U16(1 << 14);
837 p[88] = RT_H2LE_U16(ATA_TRANSFER_ID(ATA_MODE_UDMA, ATA_UDMA_MODE_MAX, s->uATATransferMode)); /* UDMA modes supported / mode enabled */
838 p[93] = RT_H2LE_U16((1 | 1 << 1) << ((s->iLUN & 1) == 0 ? 0 : 8) | 1 << 13 | 1 << 14);
839 uint32_t uCsum = ataChecksum(p, 510);
840 p[255] = RT_H2LE_U16(0xa5 | (uCsum << 8)); /* Integrity word */
841 s->iSourceSink = ATAFN_SS_NULL;
842 ataCmdOK(s, ATA_STAT_SEEK);
843 return false;
844}
845
846
847static void ataSetSignature(AHCIATADevState *s)
848{
849 s->uATARegSelect &= 0xf0; /* clear head */
850 /* put signature */
851 s->uATARegNSector = 1;
852 s->uATARegSector = 1;
853 if (s->fATAPI)
854 {
855 s->uATARegLCyl = 0x14;
856 s->uATARegHCyl = 0xeb;
857 }
858 else if (s->pDrvBlock)
859 {
860 s->uATARegLCyl = 0;
861 s->uATARegHCyl = 0;
862 }
863 else
864 {
865 s->uATARegLCyl = 0xff;
866 s->uATARegHCyl = 0xff;
867 }
868}
869
870
871static uint64_t ataGetSector(AHCIATADevState *s)
872{
873 uint64_t iLBA;
874 if (s->uATARegSelect & 0x40)
875 {
876 /* any LBA variant */
877 if (s->fLBA48)
878 {
879 /* LBA48 */
880 iLBA = ((uint64_t)s->uATARegHCylHOB << 40) |
881 ((uint64_t)s->uATARegLCylHOB << 32) |
882 ((uint64_t)s->uATARegSectorHOB << 24) |
883 ((uint64_t)s->uATARegHCyl << 16) |
884 ((uint64_t)s->uATARegLCyl << 8) |
885 s->uATARegSector;
886 }
887 else
888 {
889 /* LBA */
890 iLBA = ((s->uATARegSelect & 0x0f) << 24) | (s->uATARegHCyl << 16) |
891 (s->uATARegLCyl << 8) | s->uATARegSector;
892 }
893 }
894 else
895 {
896 /* CHS */
897 iLBA = ((s->uATARegHCyl << 8) | s->uATARegLCyl) * s->PCHSGeometry.cHeads * s->PCHSGeometry.cSectors +
898 (s->uATARegSelect & 0x0f) * s->PCHSGeometry.cSectors +
899 (s->uATARegSector - 1);
900 }
901 return iLBA;
902}
903
904static void ataSetSector(AHCIATADevState *s, uint64_t iLBA)
905{
906 uint32_t cyl, r;
907 if (s->uATARegSelect & 0x40)
908 {
909 /* any LBA variant */
910 if (s->fLBA48)
911 {
912 /* LBA48 */
913 s->uATARegHCylHOB = iLBA >> 40;
914 s->uATARegLCylHOB = iLBA >> 32;
915 s->uATARegSectorHOB = iLBA >> 24;
916 s->uATARegHCyl = iLBA >> 16;
917 s->uATARegLCyl = iLBA >> 8;
918 s->uATARegSector = iLBA;
919 }
920 else
921 {
922 /* LBA */
923 s->uATARegSelect = (s->uATARegSelect & 0xf0) | (iLBA >> 24);
924 s->uATARegHCyl = (iLBA >> 16);
925 s->uATARegLCyl = (iLBA >> 8);
926 s->uATARegSector = (iLBA);
927 }
928 }
929 else
930 {
931 /* CHS */
932 cyl = iLBA / (s->PCHSGeometry.cHeads * s->PCHSGeometry.cSectors);
933 r = iLBA % (s->PCHSGeometry.cHeads * s->PCHSGeometry.cSectors);
934 s->uATARegHCyl = cyl >> 8;
935 s->uATARegLCyl = cyl;
936 s->uATARegSelect = (s->uATARegSelect & 0xf0) | ((r / s->PCHSGeometry.cSectors) & 0x0f);
937 s->uATARegSector = (r % s->PCHSGeometry.cSectors) + 1;
938 }
939}
940
941
942static void ataWarningDiskFull(PPDMDEVINS pDevIns)
943{
944 int rc;
945 LogRel(("AHCI ATA: Host disk full\n"));
946 rc = PDMDevHlpVMSetRuntimeError(pDevIns, VMSETRTERR_FLAGS_SUSPEND | VMSETRTERR_FLAGS_NO_WAIT, "DevATA_DISKFULL",
947 N_("Host system reported disk full. VM execution is suspended. You can resume after freeing some space"));
948 AssertRC(rc);
949}
950
951static void ataWarningFileTooBig(PPDMDEVINS pDevIns)
952{
953 int rc;
954 LogRel(("AHCI ATA: File too big\n"));
955 rc = PDMDevHlpVMSetRuntimeError(pDevIns, VMSETRTERR_FLAGS_SUSPEND | VMSETRTERR_FLAGS_NO_WAIT, "DevATA_FILETOOBIG",
956 N_("Host system reported that the file size limit of the host file system has been exceeded. VM execution is suspended. You need to move your virtual hard disk to a filesystem which allows bigger files"));
957 AssertRC(rc);
958}
959
960static void ataWarningISCSI(PPDMDEVINS pDevIns)
961{
962 int rc;
963 LogRel(("AHCI ATA: iSCSI target unavailable\n"));
964 rc = PDMDevHlpVMSetRuntimeError(pDevIns, VMSETRTERR_FLAGS_SUSPEND | VMSETRTERR_FLAGS_NO_WAIT, "DevATA_ISCSIDOWN",
965 N_("The iSCSI target has stopped responding. VM execution is suspended. You can resume when it is available again"));
966 AssertRC(rc);
967}
968
969static bool ataIsRedoSetWarning(AHCIATADevState *s, int rc)
970{
971 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
972 Assert(!PDMCritSectIsOwner(&pCtl->lock));
973 if (rc == VERR_DISK_FULL)
974 {
975 pCtl->fRedoIdle = true;
976 ataWarningDiskFull(ATADEVSTATE_2_DEVINS(s));
977 return true;
978 }
979 if (rc == VERR_FILE_TOO_BIG)
980 {
981 pCtl->fRedoIdle = true;
982 ataWarningFileTooBig(ATADEVSTATE_2_DEVINS(s));
983 return true;
984 }
985 if (rc == VERR_BROKEN_PIPE || rc == VERR_NET_CONNECTION_REFUSED)
986 {
987 pCtl->fRedoIdle = true;
988 /* iSCSI connection abort (first error) or failure to reestablish
989 * connection (second error). Pause VM. On resume we'll retry. */
990 ataWarningISCSI(ATADEVSTATE_2_DEVINS(s));
991 return true;
992 }
993 return false;
994}
995
996
997static int ataReadSectors(AHCIATADevState *s, uint64_t u64Sector, void *pvBuf,
998 uint32_t cSectors, bool *pfRedo)
999{
1000 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1001 int rc;
1002
1003 PDMCritSectLeave(&pCtl->lock);
1004
1005 STAM_PROFILE_ADV_START(&s->StatReads, r);
1006 s->pLed->Asserted.s.fReading = s->pLed->Actual.s.fReading = 1;
1007 rc = s->pDrvBlock->pfnRead(s->pDrvBlock, u64Sector * 512, pvBuf, cSectors * 512);
1008 s->pLed->Actual.s.fReading = 0;
1009 STAM_PROFILE_ADV_STOP(&s->StatReads, r);
1010
1011 STAM_REL_COUNTER_ADD(s->pStatBytesRead, cSectors * 512);
1012
1013 if (RT_SUCCESS(rc))
1014 *pfRedo = false;
1015 else
1016 *pfRedo = ataIsRedoSetWarning(s, rc);
1017
1018 STAM_PROFILE_START(&pCtl->StatLockWait, a);
1019 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
1020 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
1021 return rc;
1022}
1023
1024
1025static int ataWriteSectors(AHCIATADevState *s, uint64_t u64Sector,
1026 const void *pvBuf, uint32_t cSectors, bool *pfRedo)
1027{
1028 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1029 int rc;
1030
1031 PDMCritSectLeave(&pCtl->lock);
1032
1033 STAM_PROFILE_ADV_START(&s->StatWrites, w);
1034 s->pLed->Asserted.s.fWriting = s->pLed->Actual.s.fWriting = 1;
1035 rc = s->pDrvBlock->pfnWrite(s->pDrvBlock, u64Sector * 512, pvBuf, cSectors * 512);
1036 s->pLed->Actual.s.fWriting = 0;
1037 STAM_PROFILE_ADV_STOP(&s->StatWrites, w);
1038
1039 STAM_REL_COUNTER_ADD(s->pStatBytesWritten, cSectors * 512);
1040
1041 if (RT_SUCCESS(rc))
1042 *pfRedo = false;
1043 else
1044 *pfRedo = ataIsRedoSetWarning(s, rc);
1045
1046 STAM_PROFILE_START(&pCtl->StatLockWait, a);
1047 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
1048 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
1049 return rc;
1050}
1051
1052
1053static void ataReadWriteSectorsBT(AHCIATADevState *s)
1054{
1055 uint32_t cSectors;
1056
1057 cSectors = s->cbTotalTransfer / 512;
1058 if (cSectors > s->cSectorsPerIRQ)
1059 s->cbElementaryTransfer = s->cSectorsPerIRQ * 512;
1060 else
1061 s->cbElementaryTransfer = cSectors * 512;
1062 if (s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE)
1063 ataCmdOK(s, 0);
1064}
1065
1066
1067static bool ataReadSectorsSS(AHCIATADevState *s)
1068{
1069 int rc;
1070 uint32_t cSectors;
1071 uint64_t iLBA;
1072 bool fRedo;
1073
1074 cSectors = s->cbElementaryTransfer / 512;
1075 Assert(cSectors);
1076 iLBA = ataGetSector(s);
1077 Log(("%s: %d sectors at LBA %d\n", __FUNCTION__, cSectors, iLBA));
1078 rc = ataReadSectors(s, iLBA, s->CTXALLSUFF(pbIOBuffer), cSectors, &fRedo);
1079 if (RT_SUCCESS(rc))
1080 {
1081 ataSetSector(s, iLBA + cSectors);
1082 if (s->cbElementaryTransfer == s->cbTotalTransfer)
1083 s->iSourceSink = ATAFN_SS_NULL;
1084 ataCmdOK(s, ATA_STAT_SEEK);
1085 }
1086 else
1087 {
1088 if (fRedo)
1089 return true;
1090 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
1091 LogRel(("AHCI ATA: LUN#%d: disk read error (rc=%Rrc iSector=%#RX64 cSectors=%#RX32)\n",
1092 s->iLUN, rc, iLBA, cSectors));
1093 ataCmdError(s, ID_ERR);
1094 }
1095 return false;
1096}
1097
1098
1099static bool ataWriteSectorsSS(AHCIATADevState *s)
1100{
1101 int rc;
1102 uint32_t cSectors;
1103 uint64_t iLBA;
1104 bool fRedo;
1105
1106 cSectors = s->cbElementaryTransfer / 512;
1107 Assert(cSectors);
1108 iLBA = ataGetSector(s);
1109 Log(("%s: %d sectors at LBA %d\n", __FUNCTION__, cSectors, iLBA));
1110 rc = ataWriteSectors(s, iLBA, s->CTXALLSUFF(pbIOBuffer), cSectors, &fRedo);
1111 if (RT_SUCCESS(rc))
1112 {
1113 ataSetSector(s, iLBA + cSectors);
1114 if (!s->cbTotalTransfer)
1115 s->iSourceSink = ATAFN_SS_NULL;
1116 ataCmdOK(s, ATA_STAT_SEEK);
1117 }
1118 else
1119 {
1120 if (fRedo)
1121 return true;
1122 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
1123 LogRel(("AHCI ATA: LUN#%d: disk write error (rc=%Rrc iSector=%#RX64 cSectors=%#RX32)\n",
1124 s->iLUN, rc, iLBA, cSectors));
1125 ataCmdError(s, ID_ERR);
1126 }
1127 return false;
1128}
1129
1130
1131static void atapiCmdOK(AHCIATADevState *s)
1132{
1133 s->uATARegError = 0;
1134 ataSetStatusValue(s, ATA_STAT_READY);
1135 s->uATARegNSector = (s->uATARegNSector & ~7)
1136 | ((s->uTxDir != PDMBLOCKTXDIR_TO_DEVICE) ? ATAPI_INT_REASON_IO : 0)
1137 | (!s->cbTotalTransfer ? ATAPI_INT_REASON_CD : 0);
1138 Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
1139 memset(s->abATAPISense, '\0', sizeof(s->abATAPISense));
1140 s->abATAPISense[0] = 0x70 | (1 << 7);
1141 s->abATAPISense[7] = 10;
1142}
1143
1144
1145static void atapiCmdError(AHCIATADevState *s, const uint8_t *pabATAPISense, size_t cbATAPISense)
1146{
1147 Log(("%s: sense=%#x (%s) asc=%#x ascq=%#x (%s)\n", __FUNCTION__, pabATAPISense[2] & 0x0f, SCSISenseText(pabATAPISense[2] & 0x0f),
1148 pabATAPISense[12], pabATAPISense[13], SCSISenseExtText(pabATAPISense[12], pabATAPISense[13])));
1149 s->uATARegError = pabATAPISense[2] << 4;
1150 ataSetStatusValue(s, ATA_STAT_READY | ATA_STAT_ERR);
1151 s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1152 Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
1153 memset(s->abATAPISense, '\0', sizeof(s->abATAPISense));
1154 memcpy(s->abATAPISense, pabATAPISense, RT_MIN(cbATAPISense, sizeof(s->abATAPISense)));
1155 s->cbTotalTransfer = 0;
1156 s->cbElementaryTransfer = 0;
1157 s->iIOBufferCur = 0;
1158 s->iIOBufferEnd = 0;
1159 s->uTxDir = PDMBLOCKTXDIR_NONE;
1160 s->iBeginTransfer = ATAFN_BT_NULL;
1161 s->iSourceSink = ATAFN_SS_NULL;
1162}
1163
1164
1165/** @todo deprecated function - doesn't provide enough info. Replace by direct
1166 * calls to atapiCmdError() with full data. */
1167static void atapiCmdErrorSimple(AHCIATADevState *s, uint8_t uATAPISenseKey, uint8_t uATAPIASC)
1168{
1169 uint8_t abATAPISense[ATAPI_SENSE_SIZE];
1170 memset(abATAPISense, '\0', sizeof(abATAPISense));
1171 abATAPISense[0] = 0x70 | (1 << 7);
1172 abATAPISense[2] = uATAPISenseKey & 0x0f;
1173 abATAPISense[7] = 10;
1174 abATAPISense[12] = uATAPIASC;
1175 atapiCmdError(s, abATAPISense, sizeof(abATAPISense));
1176}
1177
1178
1179static void atapiCmdBT(AHCIATADevState *s)
1180{
1181 s->fATAPITransfer = true;
1182 s->cbElementaryTransfer = s->cbTotalTransfer;
1183 if (s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE)
1184 atapiCmdOK(s);
1185}
1186
1187
1188static void atapiPassthroughCmdBT(AHCIATADevState *s)
1189{
1190 /* @todo implement an algorithm for correctly determining the read and
1191 * write sector size without sending additional commands to the drive.
1192 * This should be doable by saving processing the configuration requests
1193 * and replies. */
1194#if 0
1195 if (s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE)
1196 {
1197 uint8_t cmd = s->aATAPICmd[0];
1198 if (cmd == SCSI_WRITE_10 || cmd == SCSI_WRITE_12 || cmd == SCSI_WRITE_AND_VERIFY_10)
1199 {
1200 uint8_t aModeSenseCmd[10];
1201 uint8_t aModeSenseResult[16];
1202 uint8_t uDummySense;
1203 uint32_t cbTransfer;
1204 int rc;
1205
1206 cbTransfer = sizeof(aModeSenseResult);
1207 aModeSenseCmd[0] = SCSI_MODE_SENSE_10;
1208 aModeSenseCmd[1] = 0x08; /* disable block descriptor = 1 */
1209 aModeSenseCmd[2] = (SCSI_PAGECONTROL_CURRENT << 6) | SCSI_MODEPAGE_WRITE_PARAMETER;
1210 aModeSenseCmd[3] = 0; /* subpage code */
1211 aModeSenseCmd[4] = 0; /* reserved */
1212 aModeSenseCmd[5] = 0; /* reserved */
1213 aModeSenseCmd[6] = 0; /* reserved */
1214 aModeSenseCmd[7] = cbTransfer >> 8;
1215 aModeSenseCmd[8] = cbTransfer & 0xff;
1216 aModeSenseCmd[9] = 0; /* control */
1217 rc = s->pDrvBlock->pfnSendCmd(s->pDrvBlock, aModeSenseCmd, PDMBLOCKTXDIR_FROM_DEVICE, aModeSenseResult, &cbTransfer, &uDummySense, 500);
1218 if (RT_FAILURE(rc))
1219 {
1220 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_NONE);
1221 return;
1222 }
1223 /* Select sector size based on the current data block type. */
1224 switch (aModeSenseResult[12] & 0x0f)
1225 {
1226 case 0:
1227 s->cbATAPISector = 2352;
1228 break;
1229 case 1:
1230 s->cbATAPISector = 2368;
1231 break;
1232 case 2:
1233 case 3:
1234 s->cbATAPISector = 2448;
1235 break;
1236 case 8:
1237 case 10:
1238 s->cbATAPISector = 2048;
1239 break;
1240 case 9:
1241 s->cbATAPISector = 2336;
1242 break;
1243 case 11:
1244 s->cbATAPISector = 2056;
1245 break;
1246 case 12:
1247 s->cbATAPISector = 2324;
1248 break;
1249 case 13:
1250 s->cbATAPISector = 2332;
1251 break;
1252 default:
1253 s->cbATAPISector = 0;
1254 }
1255 Log2(("%s: sector size %d\n", __FUNCTION__, s->cbATAPISector));
1256 s->cbTotalTransfer *= s->cbATAPISector;
1257 if (s->cbTotalTransfer == 0)
1258 s->uTxDir = PDMBLOCKTXDIR_NONE;
1259 }
1260 }
1261#endif
1262 atapiCmdBT(s);
1263}
1264
1265
1266static bool atapiReadSS(AHCIATADevState *s)
1267{
1268 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1269 int rc = VINF_SUCCESS;
1270 uint32_t cbTransfer, cSectors;
1271
1272 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1273 cbTransfer = RT_MIN(s->cbTotalTransfer, s->cbIOBuffer);
1274 cSectors = cbTransfer / s->cbATAPISector;
1275 Assert(cSectors * s->cbATAPISector <= cbTransfer);
1276 Log(("%s: %d sectors at LBA %d\n", __FUNCTION__, cSectors, s->iATAPILBA));
1277
1278 PDMCritSectLeave(&pCtl->lock);
1279
1280 STAM_PROFILE_ADV_START(&s->StatReads, r);
1281 s->pLed->Asserted.s.fReading = s->pLed->Actual.s.fReading = 1;
1282 switch (s->cbATAPISector)
1283 {
1284 case 2048:
1285 rc = s->pDrvBlock->pfnRead(s->pDrvBlock, (uint64_t)s->iATAPILBA * s->cbATAPISector, s->CTXALLSUFF(pbIOBuffer), s->cbATAPISector * cSectors);
1286 break;
1287 case 2352:
1288 {
1289 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1290
1291 for (uint32_t i = s->iATAPILBA; i < s->iATAPILBA + cSectors; i++)
1292 {
1293 /* sync bytes */
1294 *pbBuf++ = 0x00;
1295 memset(pbBuf, 0xff, 11);
1296 pbBuf += 11;
1297 /* MSF */
1298 ataLBA2MSF(pbBuf, i);
1299 pbBuf += 3;
1300 *pbBuf++ = 0x01; /* mode 1 data */
1301 /* data */
1302 rc = s->pDrvBlock->pfnRead(s->pDrvBlock, (uint64_t)i * 2048, pbBuf, 2048);
1303 if (RT_FAILURE(rc))
1304 break;
1305 pbBuf += 2048;
1306 /* ECC */
1307 memset(pbBuf, 0, 288);
1308 pbBuf += 288;
1309 }
1310 }
1311 break;
1312 default:
1313 break;
1314 }
1315 STAM_PROFILE_ADV_STOP(&s->StatReads, r);
1316
1317 STAM_PROFILE_START(&pCtl->StatLockWait, a);
1318 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
1319 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
1320
1321 if (RT_SUCCESS(rc))
1322 {
1323 s->pLed->Actual.s.fReading = 0;
1324 STAM_REL_COUNTER_ADD(s->pStatBytesRead, s->cbATAPISector * cSectors);
1325
1326 /* The initial buffer end value has been set up based on the total
1327 * transfer size. But the I/O buffer size limits what can actually be
1328 * done in one transfer, so set the actual value of the buffer end. */
1329 s->cbElementaryTransfer = cbTransfer;
1330 if (cbTransfer >= s->cbTotalTransfer)
1331 s->iSourceSink = ATAFN_SS_NULL;
1332 atapiCmdOK(s);
1333 s->iATAPILBA += cSectors;
1334 }
1335 else
1336 {
1337 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
1338 LogRel(("AHCI ATA: LUN#%d: CD-ROM read error, %d sectors at LBA %d\n", s->iLUN, cSectors, s->iATAPILBA));
1339 atapiCmdErrorSimple(s, SCSI_SENSE_MEDIUM_ERROR, SCSI_ASC_READ_ERROR);
1340 }
1341 return false;
1342}
1343
1344
1345static bool atapiPassthroughSS(AHCIATADevState *s)
1346{
1347 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1348 int rc = VINF_SUCCESS;
1349 uint8_t abATAPISense[ATAPI_SENSE_SIZE];
1350 uint32_t cbTransfer;
1351 PSTAMPROFILEADV pProf = NULL;
1352
1353 cbTransfer = s->cbElementaryTransfer;
1354
1355 if (s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE)
1356 Log3(("ATAPI PT data write (%d): %.*Rhxs\n", cbTransfer, cbTransfer, s->CTXALLSUFF(pbIOBuffer)));
1357
1358 /* Simple heuristics: if there is at least one sector of data
1359 * to transfer, it's worth updating the LEDs. */
1360 if (cbTransfer >= 2048)
1361 {
1362 if (s->uTxDir != PDMBLOCKTXDIR_TO_DEVICE)
1363 {
1364 s->pLed->Asserted.s.fReading = s->pLed->Actual.s.fReading = 1;
1365 pProf = &s->StatReads;
1366 }
1367 else
1368 {
1369 s->pLed->Asserted.s.fWriting = s->pLed->Actual.s.fWriting = 1;
1370 pProf = &s->StatWrites;
1371 }
1372 }
1373
1374 PDMCritSectLeave(&pCtl->lock);
1375
1376 memset(abATAPISense, '\0', sizeof(abATAPISense));
1377 if (pProf) { STAM_PROFILE_ADV_START(pProf, b); }
1378 if (cbTransfer > 100 * _1K)
1379 {
1380 /* Linux accepts commands with up to 100KB of data, but expects
1381 * us to handle commands with up to 128KB of data. The usual
1382 * imbalance of powers. */
1383 uint8_t aATAPICmd[ATAPI_PACKET_SIZE];
1384 uint32_t iATAPILBA, cSectors, cReqSectors, cbCurrTX;
1385 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1386
1387 switch (s->aATAPICmd[0])
1388 {
1389 case SCSI_READ_10:
1390 case SCSI_WRITE_10:
1391 case SCSI_WRITE_AND_VERIFY_10:
1392 iATAPILBA = ataBE2H_U32(s->aATAPICmd + 2);
1393 cSectors = ataBE2H_U16(s->aATAPICmd + 7);
1394 break;
1395 case SCSI_READ_12:
1396 case SCSI_WRITE_12:
1397 iATAPILBA = ataBE2H_U32(s->aATAPICmd + 2);
1398 cSectors = ataBE2H_U32(s->aATAPICmd + 6);
1399 break;
1400 case SCSI_READ_CD:
1401 iATAPILBA = ataBE2H_U32(s->aATAPICmd + 2);
1402 cSectors = ataBE2H_U24(s->aATAPICmd + 6) / s->cbATAPISector;
1403 break;
1404 case SCSI_READ_CD_MSF:
1405 iATAPILBA = ataMSF2LBA(s->aATAPICmd + 3);
1406 cSectors = ataMSF2LBA(s->aATAPICmd + 6) - iATAPILBA;
1407 break;
1408 default:
1409 AssertMsgFailed(("Don't know how to split command %#04x\n", s->aATAPICmd[0]));
1410 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
1411 LogRel(("AHCI ATA: LUN#%d: CD-ROM passthrough split error\n", s->iLUN));
1412 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_ILLEGAL_OPCODE);
1413 {
1414 STAM_PROFILE_START(&pCtl->StatLockWait, a);
1415 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
1416 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
1417 }
1418 return false;
1419 }
1420 memcpy(aATAPICmd, s->aATAPICmd, ATAPI_PACKET_SIZE);
1421 cReqSectors = 0;
1422 for (uint32_t i = cSectors; i > 0; i -= cReqSectors)
1423 {
1424 if (i * s->cbATAPISector > 100 * _1K)
1425 cReqSectors = (100 * _1K) / s->cbATAPISector;
1426 else
1427 cReqSectors = i;
1428 cbCurrTX = s->cbATAPISector * cReqSectors;
1429 switch (s->aATAPICmd[0])
1430 {
1431 case SCSI_READ_10:
1432 case SCSI_WRITE_10:
1433 case SCSI_WRITE_AND_VERIFY_10:
1434 ataH2BE_U32(aATAPICmd + 2, iATAPILBA);
1435 ataH2BE_U16(aATAPICmd + 7, cReqSectors);
1436 break;
1437 case SCSI_READ_12:
1438 case SCSI_WRITE_12:
1439 ataH2BE_U32(aATAPICmd + 2, iATAPILBA);
1440 ataH2BE_U32(aATAPICmd + 6, cReqSectors);
1441 break;
1442 case SCSI_READ_CD:
1443 ataH2BE_U32(s->aATAPICmd + 2, iATAPILBA);
1444 ataH2BE_U24(s->aATAPICmd + 6, cbCurrTX);
1445 break;
1446 case SCSI_READ_CD_MSF:
1447 ataLBA2MSF(aATAPICmd + 3, iATAPILBA);
1448 ataLBA2MSF(aATAPICmd + 6, iATAPILBA + cReqSectors);
1449 break;
1450 }
1451 rc = s->pDrvBlock->pfnSendCmd(s->pDrvBlock, aATAPICmd, (PDMBLOCKTXDIR)s->uTxDir, pbBuf, &cbCurrTX, abATAPISense, sizeof(abATAPISense), 30000 /**< @todo timeout */);
1452 if (rc != VINF_SUCCESS)
1453 break;
1454 iATAPILBA += cReqSectors;
1455 pbBuf += s->cbATAPISector * cReqSectors;
1456 }
1457 }
1458 else
1459 rc = s->pDrvBlock->pfnSendCmd(s->pDrvBlock, s->aATAPICmd, (PDMBLOCKTXDIR)s->uTxDir, s->CTXALLSUFF(pbIOBuffer), &cbTransfer, abATAPISense, sizeof(abATAPISense), 30000 /**< @todo timeout */);
1460 if (pProf) { STAM_PROFILE_ADV_STOP(pProf, b); }
1461
1462 STAM_PROFILE_START(&pCtl->StatLockWait, a);
1463 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
1464 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
1465
1466 /* Update the LEDs and the read/write statistics. */
1467 if (cbTransfer >= 2048)
1468 {
1469 if (s->uTxDir != PDMBLOCKTXDIR_TO_DEVICE)
1470 {
1471 s->pLed->Actual.s.fReading = 0;
1472 STAM_REL_COUNTER_ADD(s->pStatBytesRead, cbTransfer);
1473 }
1474 else
1475 {
1476 s->pLed->Actual.s.fWriting = 0;
1477 STAM_REL_COUNTER_ADD(s->pStatBytesWritten, cbTransfer);
1478 }
1479 }
1480
1481 if (RT_SUCCESS(rc))
1482 {
1483 if (s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE)
1484 {
1485 Assert(cbTransfer <= s->cbTotalTransfer);
1486 /* Reply with the same amount of data as the real drive. */
1487 s->cbTotalTransfer = cbTransfer;
1488 /* The initial buffer end value has been set up based on the total
1489 * transfer size. But the I/O buffer size limits what can actually be
1490 * done in one transfer, so set the actual value of the buffer end. */
1491 s->cbElementaryTransfer = cbTransfer;
1492 if (s->aATAPICmd[0] == SCSI_INQUIRY)
1493 {
1494 /* Make sure that the real drive cannot be identified.
1495 * Motivation: changing the VM configuration should be as
1496 * invisible as possible to the guest. */
1497 Log3(("ATAPI PT inquiry data before (%d): %.*Rhxs\n", cbTransfer, cbTransfer, s->CTXALLSUFF(pbIOBuffer)));
1498 ataSCSIPadStr(s->CTXALLSUFF(pbIOBuffer) + 8, "VBOX", 8);
1499 ataSCSIPadStr(s->CTXALLSUFF(pbIOBuffer) + 16, "CD-ROM", 16);
1500 ataSCSIPadStr(s->CTXALLSUFF(pbIOBuffer) + 32, "1.0", 4);
1501 }
1502 if (cbTransfer)
1503 Log3(("ATAPI PT data read (%d): %.*Rhxs\n", cbTransfer, cbTransfer, s->CTXALLSUFF(pbIOBuffer)));
1504 }
1505 s->iSourceSink = ATAFN_SS_NULL;
1506 atapiCmdOK(s);
1507 }
1508 else
1509 {
1510 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
1511 {
1512 uint8_t u8Cmd = s->aATAPICmd[0];
1513 do
1514 {
1515 /* don't log superfluous errors */
1516 if ( rc == VERR_DEV_IO_ERROR
1517 && ( u8Cmd == SCSI_TEST_UNIT_READY
1518 || u8Cmd == SCSI_READ_CAPACITY
1519 || u8Cmd == SCSI_READ_TOC_PMA_ATIP))
1520 break;
1521 LogRel(("AHCI ATA: LUN#%d: CD-ROM passthrough command (%#04x) error %d %Rrc\n", s->iLUN, u8Cmd, abATAPISense[0] & 0x0f, rc));
1522 } while (0);
1523 }
1524 atapiCmdError(s, abATAPISense, sizeof(abATAPISense));
1525 }
1526 return false;
1527}
1528
1529
1530static bool atapiReadSectors(AHCIATADevState *s, uint32_t iATAPILBA, uint32_t cSectors, uint32_t cbSector)
1531{
1532 Assert(cSectors > 0);
1533 s->iATAPILBA = iATAPILBA;
1534 s->cbATAPISector = cbSector;
1535 ataStartTransfer(s, cSectors * cbSector, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ, true);
1536 return false;
1537}
1538
1539
1540static bool atapiReadCapacitySS(AHCIATADevState *s)
1541{
1542 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1543
1544 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1545 Assert(s->cbElementaryTransfer <= 8);
1546 ataH2BE_U32(pbBuf, s->cTotalSectors - 1);
1547 ataH2BE_U32(pbBuf + 4, 2048);
1548 s->iSourceSink = ATAFN_SS_NULL;
1549 atapiCmdOK(s);
1550 return false;
1551}
1552
1553
1554static bool atapiReadDiscInformationSS(AHCIATADevState *s)
1555{
1556 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1557
1558 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1559 Assert(s->cbElementaryTransfer <= 34);
1560 memset(pbBuf, '\0', 34);
1561 ataH2BE_U16(pbBuf, 32);
1562 pbBuf[2] = (0 << 4) | (3 << 2) | (2 << 0); /* not erasable, complete session, complete disc */
1563 pbBuf[3] = 1; /* number of first track */
1564 pbBuf[4] = 1; /* number of sessions (LSB) */
1565 pbBuf[5] = 1; /* first track number in last session (LSB) */
1566 pbBuf[6] = 1; /* last track number in last session (LSB) */
1567 pbBuf[7] = (0 << 7) | (0 << 6) | (1 << 5) | (0 << 2) | (0 << 0); /* disc id not valid, disc bar code not valid, unrestricted use, not dirty, not RW medium */
1568 pbBuf[8] = 0; /* disc type = CD-ROM */
1569 pbBuf[9] = 0; /* number of sessions (MSB) */
1570 pbBuf[10] = 0; /* number of sessions (MSB) */
1571 pbBuf[11] = 0; /* number of sessions (MSB) */
1572 ataH2BE_U32(pbBuf + 16, 0x00ffffff); /* last session lead-in start time is not available */
1573 ataH2BE_U32(pbBuf + 20, 0x00ffffff); /* last possible start time for lead-out is not available */
1574 s->iSourceSink = ATAFN_SS_NULL;
1575 atapiCmdOK(s);
1576 return false;
1577}
1578
1579
1580static bool atapiReadTrackInformationSS(AHCIATADevState *s)
1581{
1582 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1583
1584 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1585 Assert(s->cbElementaryTransfer <= 36);
1586 /* Accept address/number type of 1 only, and only track 1 exists. */
1587 if ((s->aATAPICmd[1] & 0x03) != 1 || ataBE2H_U32(&s->aATAPICmd[2]) != 1)
1588 {
1589 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
1590 return false;
1591 }
1592 memset(pbBuf, '\0', 36);
1593 ataH2BE_U16(pbBuf, 34);
1594 pbBuf[2] = 1; /* track number (LSB) */
1595 pbBuf[3] = 1; /* session number (LSB) */
1596 pbBuf[5] = (0 << 5) | (0 << 4) | (4 << 0); /* not damaged, primary copy, data track */
1597 pbBuf[6] = (0 << 7) | (0 << 6) | (0 << 5) | (0 << 6) | (1 << 0); /* not reserved track, not blank, not packet writing, not fixed packet, data mode 1 */
1598 pbBuf[7] = (0 << 1) | (0 << 0); /* last recorded address not valid, next recordable address not valid */
1599 ataH2BE_U32(pbBuf + 8, 0); /* track start address is 0 */
1600 ataH2BE_U32(pbBuf + 24, s->cTotalSectors); /* track size */
1601 pbBuf[32] = 0; /* track number (MSB) */
1602 pbBuf[33] = 0; /* session number (MSB) */
1603 s->iSourceSink = ATAFN_SS_NULL;
1604 atapiCmdOK(s);
1605 return false;
1606}
1607
1608static size_t atapiGetConfigurationFillFeatureListProfiles(AHCIATADevState *s, uint8_t *pbBuf, size_t cbBuf)
1609{
1610 if (cbBuf < 3*4)
1611 return 0;
1612
1613 ataH2BE_U16(pbBuf, 0x0); /* feature 0: list of profiles supported */
1614 pbBuf[2] = (0 << 2) | (1 << 1) | (1 || 0); /* version 0, persistent, current */
1615 pbBuf[3] = 8; /* additional bytes for profiles */
1616 /* The MMC-3 spec says that DVD-ROM read capability should be reported
1617 * before CD-ROM read capability. */
1618 ataH2BE_U16(pbBuf + 4, 0x10); /* profile: read-only DVD */
1619 pbBuf[6] = (0 << 0); /* NOT current profile */
1620 ataH2BE_U16(pbBuf + 8, 0x08); /* profile: read only CD */
1621 pbBuf[10] = (1 << 0); /* current profile */
1622
1623 return 3*4; /* Header + 2 profiles entries */
1624}
1625
1626static size_t atapiGetConfigurationFillFeatureCore(AHCIATADevState *s, uint8_t *pbBuf, size_t cbBuf)
1627{
1628 if (cbBuf < 12)
1629 return 0;
1630
1631 ataH2BE_U16(pbBuf, 0x1); /* feature 0001h: Core Feature */
1632 pbBuf[2] = (0x2 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
1633 pbBuf[3] = 8; /* Additional length */
1634 ataH2BE_U16(pbBuf + 4, 0x00000002); /* Physical interface ATAPI. */
1635 pbBuf[8] = RT_BIT(0); /* DBE */
1636 /* Rest is reserved. */
1637
1638 return 12;
1639}
1640
1641static size_t atapiGetConfigurationFillFeatureMorphing(AHCIATADevState *s, uint8_t *pbBuf, size_t cbBuf)
1642{
1643 if (cbBuf < 8)
1644 return 0;
1645
1646 ataH2BE_U16(pbBuf, 0x2); /* feature 0002h: Morphing Feature */
1647 pbBuf[2] = (0x1 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
1648 pbBuf[3] = 4; /* Additional length */
1649 pbBuf[4] = RT_BIT(1) | 0x0; /* OCEvent | !ASYNC */
1650 /* Rest is reserved. */
1651
1652 return 8;
1653}
1654
1655static size_t atapiGetConfigurationFillFeatureRemovableMedium(AHCIATADevState *s, uint8_t *pbBuf, size_t cbBuf)
1656{
1657 if (cbBuf < 8)
1658 return 0;
1659
1660 ataH2BE_U16(pbBuf, 0x3); /* feature 0003h: Removable Medium Feature */
1661 pbBuf[2] = (0x2 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
1662 pbBuf[3] = 4; /* Additional length */
1663 /* Tray type loading | Load | Eject | !Pvnt Jmpr | !DBML | Lock */
1664 pbBuf[4] = (0x2 << 5) | RT_BIT(4) | RT_BIT(3) | (0x0 << 2) | (0x0 << 1) | RT_BIT(0);
1665 /* Rest is reserved. */
1666
1667 return 8;
1668}
1669
1670static size_t atapiGetConfigurationFillFeatureRandomReadable(AHCIATADevState *s, uint8_t *pbBuf, size_t cbBuf)
1671{
1672 if (cbBuf < 12)
1673 return 0;
1674
1675 ataH2BE_U16(pbBuf, 0x10); /* feature 0010h: Random Readable Feature */
1676 pbBuf[2] = (0x0 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
1677 pbBuf[3] = 8; /* Additional length */
1678 ataH2BE_U32(pbBuf + 4, 2048); /* Logical block size. */
1679 ataH2BE_U16(pbBuf + 8, 0x10); /* Blocking (0x10 for DVD, CD is not defined). */
1680 pbBuf[10] = 0; /* PP not present */
1681 /* Rest is reserved. */
1682
1683 return 12;
1684}
1685
1686static size_t atapiGetConfigurationFillFeatureCDRead(AHCIATADevState *s, uint8_t *pbBuf, size_t cbBuf)
1687{
1688 if (cbBuf < 8)
1689 return 0;
1690
1691 ataH2BE_U16(pbBuf, 0x1e); /* feature 001Eh: CD Read Feature */
1692 pbBuf[2] = (0x2 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
1693 pbBuf[3] = 0; /* Additional length */
1694 pbBuf[4] = (0x0 << 7) | (0x0 << 1) | 0x0; /* !DAP | !C2-Flags | !CD-Text. */
1695 /* Rest is reserved. */
1696
1697 return 8;
1698}
1699
1700static size_t atapiGetConfigurationFillFeaturePowerManagement(AHCIATADevState *s, uint8_t *pbBuf, size_t cbBuf)
1701{
1702 if (cbBuf < 4)
1703 return 0;
1704
1705 ataH2BE_U16(pbBuf, 0x100); /* feature 0100h: Power Management Feature */
1706 pbBuf[2] = (0x0 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
1707 pbBuf[3] = 0; /* Additional length */
1708
1709 return 4;
1710}
1711
1712static size_t atapiGetConfigurationFillFeatureTimeout(AHCIATADevState *s, uint8_t *pbBuf, size_t cbBuf)
1713{
1714 if (cbBuf < 8)
1715 return 0;
1716
1717 ataH2BE_U16(pbBuf, 0x105); /* feature 0105h: Timeout Feature */
1718 pbBuf[2] = (0x0 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
1719 pbBuf[3] = 4; /* Additional length */
1720 pbBuf[4] = 0x0; /* !Group3 */
1721
1722 return 8;
1723}
1724
1725static bool atapiGetConfigurationSS(AHCIATADevState *s)
1726{
1727 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1728 size_t cbBuf = s->cbIOBuffer;
1729 size_t cbCopied = 0;
1730 uint16_t u16Sfn = ataBE2H_U16(&s->aATAPICmd[2]);
1731
1732 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1733 Assert(s->cbElementaryTransfer <= 80);
1734 /* Accept valid request types only, and only starting feature 0. */
1735 if ((s->aATAPICmd[1] & 0x03) == 3 || u16Sfn != 0)
1736 {
1737 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
1738 return false;
1739 }
1740 memset(pbBuf, '\0', cbBuf);
1741 /** @todo implement switching between CD-ROM and DVD-ROM profile (the only
1742 * way to differentiate them right now is based on the image size). */
1743 if (s->cTotalSectors)
1744 ataH2BE_U16(pbBuf + 6, 0x08); /* current profile: read-only CD */
1745 else
1746 ataH2BE_U16(pbBuf + 6, 0x00); /* current profile: none -> no media */
1747 cbBuf -= 8;
1748 pbBuf += 8;
1749
1750 cbCopied = atapiGetConfigurationFillFeatureListProfiles(s, pbBuf, cbBuf);
1751 cbBuf -= cbCopied;
1752 pbBuf += cbCopied;
1753
1754 cbCopied = atapiGetConfigurationFillFeatureCore(s, pbBuf, cbBuf);
1755 cbBuf -= cbCopied;
1756 pbBuf += cbCopied;
1757
1758 cbCopied = atapiGetConfigurationFillFeatureMorphing(s, pbBuf, cbBuf);
1759 cbBuf -= cbCopied;
1760 pbBuf += cbCopied;
1761
1762 cbCopied = atapiGetConfigurationFillFeatureRemovableMedium(s, pbBuf, cbBuf);
1763 cbBuf -= cbCopied;
1764 pbBuf += cbCopied;
1765
1766 cbCopied = atapiGetConfigurationFillFeatureRandomReadable(s, pbBuf, cbBuf);
1767 cbBuf -= cbCopied;
1768 pbBuf += cbCopied;
1769
1770 cbCopied = atapiGetConfigurationFillFeatureCDRead(s, pbBuf, cbBuf);
1771 cbBuf -= cbCopied;
1772 pbBuf += cbCopied;
1773
1774 cbCopied = atapiGetConfigurationFillFeaturePowerManagement(s, pbBuf, cbBuf);
1775 cbBuf -= cbCopied;
1776 pbBuf += cbCopied;
1777
1778 cbCopied = atapiGetConfigurationFillFeatureTimeout(s, pbBuf, cbBuf);
1779 cbBuf -= cbCopied;
1780 pbBuf += cbCopied;
1781
1782 /* Set data length now. */
1783 ataH2BE_U32(s->CTX_SUFF(pbIOBuffer), s->cbIOBuffer - cbBuf);
1784
1785 /* Other profiles we might want to add in the future: 0x40 (BD-ROM) and 0x50 (HDDVD-ROM) */
1786 s->iSourceSink = ATAFN_SS_NULL;
1787 atapiCmdOK(s);
1788 return false;
1789}
1790
1791
1792static bool atapiGetEventStatusNotificationSS(AHCIATADevState *s)
1793{
1794 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
1795
1796 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1797 Assert(s->cbElementaryTransfer <= 8);
1798
1799 if (!(s->aATAPICmd[1] & 1))
1800 {
1801 /* no asynchronous operation supported */
1802 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
1803 return false;
1804 }
1805
1806 uint32_t OldStatus, NewStatus;
1807 do
1808 {
1809 OldStatus = ASMAtomicReadU32(&s->MediaEventStatus);
1810 NewStatus = ATA_EVENT_STATUS_UNCHANGED;
1811 switch (OldStatus)
1812 {
1813 case ATA_EVENT_STATUS_MEDIA_NEW:
1814 /* mount */
1815 ataH2BE_U16(pbBuf + 0, 6);
1816 pbBuf[2] = 0x04; /* media */
1817 pbBuf[3] = 0x5e; /* supported = busy|media|external|power|operational */
1818 pbBuf[4] = 0x02; /* new medium */
1819 pbBuf[5] = 0x02; /* medium present / door closed */
1820 pbBuf[6] = 0x00;
1821 pbBuf[7] = 0x00;
1822 break;
1823
1824 case ATA_EVENT_STATUS_MEDIA_CHANGED:
1825 case ATA_EVENT_STATUS_MEDIA_REMOVED:
1826 /* umount */
1827 ataH2BE_U16(pbBuf + 0, 6);
1828 pbBuf[2] = 0x04; /* media */
1829 pbBuf[3] = 0x5e; /* supported = busy|media|external|power|operational */
1830 pbBuf[4] = 0x03; /* media removal */
1831 pbBuf[5] = 0x00; /* medium absent / door closed */
1832 pbBuf[6] = 0x00;
1833 pbBuf[7] = 0x00;
1834 if (OldStatus == ATA_EVENT_STATUS_MEDIA_CHANGED)
1835 NewStatus = ATA_EVENT_STATUS_MEDIA_NEW;
1836 break;
1837
1838 case ATA_EVENT_STATUS_MEDIA_EJECT_REQUESTED: /* currently unused */
1839 ataH2BE_U16(pbBuf + 0, 6);
1840 pbBuf[2] = 0x04; /* media */
1841 pbBuf[3] = 0x5e; /* supported = busy|media|external|power|operational */
1842 pbBuf[4] = 0x01; /* eject requested (eject button pressed) */
1843 pbBuf[5] = 0x02; /* medium present / door closed */
1844 pbBuf[6] = 0x00;
1845 pbBuf[7] = 0x00;
1846 break;
1847
1848 case ATA_EVENT_STATUS_UNCHANGED:
1849 default:
1850 ataH2BE_U16(pbBuf + 0, 6);
1851 pbBuf[2] = 0x01; /* operational change request / notification */
1852 pbBuf[3] = 0x5e; /* supported = busy|media|external|power|operational */
1853 pbBuf[4] = 0x00;
1854 pbBuf[5] = 0x00;
1855 pbBuf[6] = 0x00;
1856 pbBuf[7] = 0x00;
1857 break;
1858 }
1859 } while (!ASMAtomicCmpXchgU32(&s->MediaEventStatus, NewStatus, OldStatus));
1860
1861 s->iSourceSink = ATAFN_SS_NULL;
1862 atapiCmdOK(s);
1863 return false;
1864}
1865
1866
1867static bool atapiInquirySS(AHCIATADevState *s)
1868{
1869 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1870
1871 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1872 Assert(s->cbElementaryTransfer <= 36);
1873 pbBuf[0] = 0x05; /* CD-ROM */
1874 pbBuf[1] = 0x80; /* removable */
1875#if 1/*ndef VBOX*/ /** @todo implement MESN + AENC. (async notification on removal and stuff.) */
1876 pbBuf[2] = 0x00; /* ISO */
1877 pbBuf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1878#else
1879 pbBuf[2] = 0x00; /* ISO */
1880 pbBuf[3] = 0x91; /* format 1, MESN=1, AENC=9 ??? */
1881#endif
1882 pbBuf[4] = 31; /* additional length */
1883 pbBuf[5] = 0; /* reserved */
1884 pbBuf[6] = 0; /* reserved */
1885 pbBuf[7] = 0; /* reserved */
1886 ataSCSIPadStr(pbBuf + 8, s->pszInquiryVendorId, 8);
1887 ataSCSIPadStr(pbBuf + 16, s->pszInquiryProductId, 16);
1888 ataSCSIPadStr(pbBuf + 32, s->pszInquiryRevision, 4);
1889 s->iSourceSink = ATAFN_SS_NULL;
1890 atapiCmdOK(s);
1891 return false;
1892}
1893
1894
1895static bool atapiModeSenseErrorRecoverySS(AHCIATADevState *s)
1896{
1897 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1898
1899 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1900 Assert(s->cbElementaryTransfer <= 16);
1901 ataH2BE_U16(&pbBuf[0], 16 + 6);
1902 pbBuf[2] = 0x70;
1903 pbBuf[3] = 0;
1904 pbBuf[4] = 0;
1905 pbBuf[5] = 0;
1906 pbBuf[6] = 0;
1907 pbBuf[7] = 0;
1908
1909 pbBuf[8] = 0x01;
1910 pbBuf[9] = 0x06;
1911 pbBuf[10] = 0x00;
1912 pbBuf[11] = 0x05;
1913 pbBuf[12] = 0x00;
1914 pbBuf[13] = 0x00;
1915 pbBuf[14] = 0x00;
1916 pbBuf[15] = 0x00;
1917 s->iSourceSink = ATAFN_SS_NULL;
1918 atapiCmdOK(s);
1919 return false;
1920}
1921
1922
1923static bool atapiModeSenseCDStatusSS(AHCIATADevState *s)
1924{
1925 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1926
1927 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1928 Assert(s->cbElementaryTransfer <= 40);
1929 ataH2BE_U16(&pbBuf[0], 38);
1930 pbBuf[2] = 0x70;
1931 pbBuf[3] = 0;
1932 pbBuf[4] = 0;
1933 pbBuf[5] = 0;
1934 pbBuf[6] = 0;
1935 pbBuf[7] = 0;
1936
1937 pbBuf[8] = 0x2a;
1938 pbBuf[9] = 30; /* page length */
1939 pbBuf[10] = 0x08; /* DVD-ROM read support */
1940 pbBuf[11] = 0x00; /* no write support */
1941 /* The following claims we support audio play. This is obviously false,
1942 * but the Linux generic CDROM support makes many features depend on this
1943 * capability. If it's not set, this causes many things to be disabled. */
1944 pbBuf[12] = 0x71; /* multisession support, mode 2 form 1/2 support, audio play */
1945 pbBuf[13] = 0x00; /* no subchannel reads supported */
1946 pbBuf[14] = (1 << 0) | (1 << 3) | (1 << 5); /* lock supported, eject supported, tray type loading mechanism */
1947 if (s->pDrvMount->pfnIsLocked(s->pDrvMount))
1948 pbBuf[14] |= 1 << 1; /* report lock state */
1949 pbBuf[15] = 0; /* no subchannel reads supported, no separate audio volume control, no changer etc. */
1950 ataH2BE_U16(&pbBuf[16], 5632); /* (obsolete) claim 32x speed support */
1951 ataH2BE_U16(&pbBuf[18], 2); /* number of audio volume levels */
1952 ataH2BE_U16(&pbBuf[20], s->cbIOBuffer / _1K); /* buffer size supported in Kbyte */
1953 ataH2BE_U16(&pbBuf[22], 5632); /* (obsolete) current read speed 32x */
1954 pbBuf[24] = 0; /* reserved */
1955 pbBuf[25] = 0; /* reserved for digital audio (see idx 15) */
1956 ataH2BE_U16(&pbBuf[26], 0); /* (obsolete) maximum write speed */
1957 ataH2BE_U16(&pbBuf[28], 0); /* (obsolete) current write speed */
1958 ataH2BE_U16(&pbBuf[30], 0); /* copy management revision supported 0=no CSS */
1959 pbBuf[32] = 0; /* reserved */
1960 pbBuf[33] = 0; /* reserved */
1961 pbBuf[34] = 0; /* reserved */
1962 pbBuf[35] = 1; /* rotation control CAV */
1963 ataH2BE_U16(&pbBuf[36], 0); /* current write speed */
1964 ataH2BE_U16(&pbBuf[38], 0); /* number of write speed performance descriptors */
1965 s->iSourceSink = ATAFN_SS_NULL;
1966 atapiCmdOK(s);
1967 return false;
1968}
1969
1970
1971static bool atapiRequestSenseSS(AHCIATADevState *s)
1972{
1973 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1974
1975 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1976 memset(pbBuf, '\0', s->cbElementaryTransfer);
1977 memcpy(pbBuf, s->abATAPISense, RT_MIN(s->cbElementaryTransfer, sizeof(s->abATAPISense)));
1978 s->iSourceSink = ATAFN_SS_NULL;
1979 atapiCmdOK(s);
1980 return false;
1981}
1982
1983
1984static bool atapiMechanismStatusSS(AHCIATADevState *s)
1985{
1986 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1987
1988 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1989 Assert(s->cbElementaryTransfer <= 8);
1990 ataH2BE_U16(pbBuf, 0);
1991 /* no current LBA */
1992 pbBuf[2] = 0;
1993 pbBuf[3] = 0;
1994 pbBuf[4] = 0;
1995 pbBuf[5] = 1;
1996 ataH2BE_U16(pbBuf + 6, 0);
1997 s->iSourceSink = ATAFN_SS_NULL;
1998 atapiCmdOK(s);
1999 return false;
2000}
2001
2002
2003static bool atapiReadTOCNormalSS(AHCIATADevState *s)
2004{
2005 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer), *q, iStartTrack;
2006 bool fMSF;
2007 uint32_t cbSize;
2008
2009 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
2010 fMSF = (s->aATAPICmd[1] >> 1) & 1;
2011 iStartTrack = s->aATAPICmd[6];
2012 if (iStartTrack > 1 && iStartTrack != 0xaa)
2013 {
2014 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2015 return false;
2016 }
2017 q = pbBuf + 2;
2018 *q++ = 1; /* first session */
2019 *q++ = 1; /* last session */
2020 if (iStartTrack <= 1)
2021 {
2022 *q++ = 0; /* reserved */
2023 *q++ = 0x14; /* ADR, control */
2024 *q++ = 1; /* track number */
2025 *q++ = 0; /* reserved */
2026 if (fMSF)
2027 {
2028 *q++ = 0; /* reserved */
2029 ataLBA2MSF(q, 0);
2030 q += 3;
2031 }
2032 else
2033 {
2034 /* sector 0 */
2035 ataH2BE_U32(q, 0);
2036 q += 4;
2037 }
2038 }
2039 /* lead out track */
2040 *q++ = 0; /* reserved */
2041 *q++ = 0x14; /* ADR, control */
2042 *q++ = 0xaa; /* track number */
2043 *q++ = 0; /* reserved */
2044 if (fMSF)
2045 {
2046 *q++ = 0; /* reserved */
2047 ataLBA2MSF(q, s->cTotalSectors);
2048 q += 3;
2049 }
2050 else
2051 {
2052 ataH2BE_U32(q, s->cTotalSectors);
2053 q += 4;
2054 }
2055 cbSize = q - pbBuf;
2056 ataH2BE_U16(pbBuf, cbSize - 2);
2057 if (cbSize < s->cbTotalTransfer)
2058 s->cbTotalTransfer = cbSize;
2059 s->iSourceSink = ATAFN_SS_NULL;
2060 atapiCmdOK(s);
2061 return false;
2062}
2063
2064
2065static bool atapiReadTOCMultiSS(AHCIATADevState *s)
2066{
2067 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
2068 bool fMSF;
2069
2070 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
2071 Assert(s->cbElementaryTransfer <= 12);
2072 fMSF = (s->aATAPICmd[1] >> 1) & 1;
2073 /* multi session: only a single session defined */
2074/** @todo double-check this stuff against what a real drive says for a CD-ROM (not a CD-R) with only a single data session. Maybe solve the problem with "cdrdao read-toc" not being able to figure out whether numbers are in BCD or hex. */
2075 memset(pbBuf, 0, 12);
2076 pbBuf[1] = 0x0a;
2077 pbBuf[2] = 0x01;
2078 pbBuf[3] = 0x01;
2079 pbBuf[5] = 0x14; /* ADR, control */
2080 pbBuf[6] = 1; /* first track in last complete session */
2081 if (fMSF)
2082 {
2083 pbBuf[8] = 0; /* reserved */
2084 ataLBA2MSF(&pbBuf[9], 0);
2085 }
2086 else
2087 {
2088 /* sector 0 */
2089 ataH2BE_U32(pbBuf + 8, 0);
2090 }
2091 s->iSourceSink = ATAFN_SS_NULL;
2092 atapiCmdOK(s);
2093 return false;
2094}
2095
2096
2097static bool atapiReadTOCRawSS(AHCIATADevState *s)
2098{
2099 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer), *q, iStartTrack;
2100 bool fMSF;
2101 uint32_t cbSize;
2102
2103 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
2104 fMSF = (s->aATAPICmd[1] >> 1) & 1;
2105 iStartTrack = s->aATAPICmd[6];
2106
2107 q = pbBuf + 2;
2108 *q++ = 1; /* first session */
2109 *q++ = 1; /* last session */
2110
2111 *q++ = 1; /* session number */
2112 *q++ = 0x14; /* data track */
2113 *q++ = 0; /* track number */
2114 *q++ = 0xa0; /* first track in program area */
2115 *q++ = 0; /* min */
2116 *q++ = 0; /* sec */
2117 *q++ = 0; /* frame */
2118 *q++ = 0;
2119 *q++ = 1; /* first track */
2120 *q++ = 0x00; /* disk type CD-DA or CD data */
2121 *q++ = 0;
2122
2123 *q++ = 1; /* session number */
2124 *q++ = 0x14; /* data track */
2125 *q++ = 0; /* track number */
2126 *q++ = 0xa1; /* last track in program area */
2127 *q++ = 0; /* min */
2128 *q++ = 0; /* sec */
2129 *q++ = 0; /* frame */
2130 *q++ = 0;
2131 *q++ = 1; /* last track */
2132 *q++ = 0;
2133 *q++ = 0;
2134
2135 *q++ = 1; /* session number */
2136 *q++ = 0x14; /* data track */
2137 *q++ = 0; /* track number */
2138 *q++ = 0xa2; /* lead-out */
2139 *q++ = 0; /* min */
2140 *q++ = 0; /* sec */
2141 *q++ = 0; /* frame */
2142 if (fMSF)
2143 {
2144 *q++ = 0; /* reserved */
2145 ataLBA2MSF(q, s->cTotalSectors);
2146 q += 3;
2147 }
2148 else
2149 {
2150 ataH2BE_U32(q, s->cTotalSectors);
2151 q += 4;
2152 }
2153
2154 *q++ = 1; /* session number */
2155 *q++ = 0x14; /* ADR, control */
2156 *q++ = 0; /* track number */
2157 *q++ = 1; /* point */
2158 *q++ = 0; /* min */
2159 *q++ = 0; /* sec */
2160 *q++ = 0; /* frame */
2161 if (fMSF)
2162 {
2163 *q++ = 0; /* reserved */
2164 ataLBA2MSF(q, 0);
2165 q += 3;
2166 }
2167 else
2168 {
2169 /* sector 0 */
2170 ataH2BE_U32(q, 0);
2171 q += 4;
2172 }
2173
2174 cbSize = q - pbBuf;
2175 ataH2BE_U16(pbBuf, cbSize - 2);
2176 if (cbSize < s->cbTotalTransfer)
2177 s->cbTotalTransfer = cbSize;
2178 s->iSourceSink = ATAFN_SS_NULL;
2179 atapiCmdOK(s);
2180 return false;
2181}
2182
2183
2184static void atapiParseCmdVirtualATAPI(AHCIATADevState *s)
2185{
2186 const uint8_t *pbPacket;
2187 uint8_t *pbBuf;
2188 uint32_t cbMax;
2189
2190 pbPacket = s->aATAPICmd;
2191 pbBuf = s->CTXALLSUFF(pbIOBuffer);
2192 switch (pbPacket[0])
2193 {
2194 case SCSI_TEST_UNIT_READY:
2195 if (s->cNotifiedMediaChange > 0)
2196 {
2197 if (s->cNotifiedMediaChange-- > 2)
2198 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2199 else
2200 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2201 }
2202 else if (s->pDrvMount->pfnIsMounted(s->pDrvMount))
2203 atapiCmdOK(s);
2204 else
2205 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2206 break;
2207 case SCSI_GET_EVENT_STATUS_NOTIFICATION:
2208 cbMax = ataBE2H_U16(pbPacket + 7);
2209 ataStartTransfer(s, RT_MIN(cbMax, 8), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_GET_EVENT_STATUS_NOTIFICATION, true);
2210 break;
2211 case SCSI_MODE_SENSE_10:
2212 {
2213 uint8_t uPageControl, uPageCode;
2214 cbMax = ataBE2H_U16(pbPacket + 7);
2215 uPageControl = pbPacket[2] >> 6;
2216 uPageCode = pbPacket[2] & 0x3f;
2217 switch (uPageControl)
2218 {
2219 case SCSI_PAGECONTROL_CURRENT:
2220 switch (uPageCode)
2221 {
2222 case SCSI_MODEPAGE_ERROR_RECOVERY:
2223 ataStartTransfer(s, RT_MIN(cbMax, 16), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_MODE_SENSE_ERROR_RECOVERY, true);
2224 break;
2225 case SCSI_MODEPAGE_CD_STATUS:
2226 ataStartTransfer(s, RT_MIN(cbMax, 40), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_MODE_SENSE_CD_STATUS, true);
2227 break;
2228 default:
2229 goto error_cmd;
2230 }
2231 break;
2232 case SCSI_PAGECONTROL_CHANGEABLE:
2233 goto error_cmd;
2234 case SCSI_PAGECONTROL_DEFAULT:
2235 goto error_cmd;
2236 default:
2237 case SCSI_PAGECONTROL_SAVED:
2238 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
2239 break;
2240 }
2241 }
2242 break;
2243 case SCSI_REQUEST_SENSE:
2244 cbMax = pbPacket[4];
2245 ataStartTransfer(s, RT_MIN(cbMax, 18), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_REQUEST_SENSE, true);
2246 break;
2247 case SCSI_PREVENT_ALLOW_MEDIUM_REMOVAL:
2248 if (s->pDrvMount->pfnIsMounted(s->pDrvMount))
2249 {
2250 if (pbPacket[4] & 1)
2251 s->pDrvMount->pfnLock(s->pDrvMount);
2252 else
2253 s->pDrvMount->pfnUnlock(s->pDrvMount);
2254 atapiCmdOK(s);
2255 }
2256 else
2257 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2258 break;
2259 case SCSI_READ_10:
2260 case SCSI_READ_12:
2261 {
2262 uint32_t cSectors, iATAPILBA;
2263
2264 if (s->cNotifiedMediaChange > 0)
2265 {
2266 s->cNotifiedMediaChange-- ;
2267 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2268 break;
2269 }
2270 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
2271 {
2272 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2273 break;
2274 }
2275 if (pbPacket[0] == SCSI_READ_10)
2276 cSectors = ataBE2H_U16(pbPacket + 7);
2277 else
2278 cSectors = ataBE2H_U32(pbPacket + 6);
2279 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2280 if (cSectors == 0)
2281 {
2282 atapiCmdOK(s);
2283 break;
2284 }
2285 if ((uint64_t)iATAPILBA + cSectors > s->cTotalSectors)
2286 {
2287 /* Rate limited logging, one log line per second. For
2288 * guests that insist on reading from places outside the
2289 * valid area this often generates too many release log
2290 * entries otherwise. */
2291 static uint64_t uLastLogTS = 0;
2292 if (RTTimeMilliTS() >= uLastLogTS + 1000)
2293 {
2294 LogRel(("AHCI ATA: LUN#%d: CD-ROM block number %Ld invalid (READ)\n", s->iLUN, (uint64_t)iATAPILBA + cSectors));
2295 uLastLogTS = RTTimeMilliTS();
2296 }
2297 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_LOGICAL_BLOCK_OOR);
2298 break;
2299 }
2300 atapiReadSectors(s, iATAPILBA, cSectors, 2048);
2301 }
2302 break;
2303 case SCSI_READ_CD:
2304 {
2305 uint32_t cSectors, iATAPILBA;
2306
2307 if (s->cNotifiedMediaChange > 0)
2308 {
2309 s->cNotifiedMediaChange-- ;
2310 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2311 break;
2312 }
2313 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
2314 {
2315 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2316 break;
2317 }
2318 cSectors = (pbPacket[6] << 16) | (pbPacket[7] << 8) | pbPacket[8];
2319 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2320 if (cSectors == 0)
2321 {
2322 atapiCmdOK(s);
2323 break;
2324 }
2325 if ((uint64_t)iATAPILBA + cSectors > s->cTotalSectors)
2326 {
2327 /* Rate limited logging, one log line per second. For
2328 * guests that insist on reading from places outside the
2329 * valid area this often generates too many release log
2330 * entries otherwise. */
2331 static uint64_t uLastLogTS = 0;
2332 if (RTTimeMilliTS() >= uLastLogTS + 1000)
2333 {
2334 LogRel(("AHCI ATA: LUN#%d: CD-ROM block number %Ld invalid (READ CD)\n", s->iLUN, (uint64_t)iATAPILBA + cSectors));
2335 uLastLogTS = RTTimeMilliTS();
2336 }
2337 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_LOGICAL_BLOCK_OOR);
2338 break;
2339 }
2340 switch (pbPacket[9] & 0xf8)
2341 {
2342 case 0x00:
2343 /* nothing */
2344 atapiCmdOK(s);
2345 break;
2346 case 0x10:
2347 /* normal read */
2348 atapiReadSectors(s, iATAPILBA, cSectors, 2048);
2349 break;
2350 case 0xf8:
2351 /* read all data */
2352 atapiReadSectors(s, iATAPILBA, cSectors, 2352);
2353 break;
2354 default:
2355 LogRel(("AHCI ATA: LUN#%d: CD-ROM sector format not supported\n", s->iLUN));
2356 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2357 break;
2358 }
2359 }
2360 break;
2361 case SCSI_SEEK_10:
2362 {
2363 uint32_t iATAPILBA;
2364 if (s->cNotifiedMediaChange > 0)
2365 {
2366 s->cNotifiedMediaChange-- ;
2367 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2368 break;
2369 }
2370 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
2371 {
2372 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2373 break;
2374 }
2375 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2376 if (iATAPILBA > s->cTotalSectors)
2377 {
2378 /* Rate limited logging, one log line per second. For
2379 * guests that insist on seeking to places outside the
2380 * valid area this often generates too many release log
2381 * entries otherwise. */
2382 static uint64_t uLastLogTS = 0;
2383 if (RTTimeMilliTS() >= uLastLogTS + 1000)
2384 {
2385 LogRel(("AHCI ATA: LUN#%d: CD-ROM block number %Ld invalid (SEEK)\n", s->iLUN, (uint64_t)iATAPILBA));
2386 uLastLogTS = RTTimeMilliTS();
2387 }
2388 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_LOGICAL_BLOCK_OOR);
2389 break;
2390 }
2391 atapiCmdOK(s);
2392 ataSetStatus(s, ATA_STAT_SEEK); /* Linux expects this. */
2393 }
2394 break;
2395 case SCSI_START_STOP_UNIT:
2396 {
2397 int rc = VINF_SUCCESS;
2398 switch (pbPacket[4] & 3)
2399 {
2400 case 0: /* 00 - Stop motor */
2401 case 1: /* 01 - Start motor */
2402 break;
2403 case 2: /* 10 - Eject media */
2404 {
2405 /* This must be done from EMT. */
2406 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
2407 PPDMDEVINS pDevIns = ATADEVSTATE_2_DEVINS(s);
2408
2409 PDMCritSectLeave(&pCtl->lock);
2410 rc = VMR3ReqPriorityCallWait(PDMDevHlpGetVM(pDevIns), VMCPUID_ANY,
2411 (PFNRT)s->pDrvMount->pfnUnmount, 3, s->pDrvMount,
2412 false /*=fForce*/, true /*=fEeject*/);
2413 Assert(RT_SUCCESS(rc) || (rc == VERR_PDM_MEDIA_LOCKED) || (rc = VERR_PDM_MEDIA_NOT_MOUNTED));
2414 if (RT_SUCCESS(rc) && pCtl->pMediaNotify)
2415 {
2416 rc = VMR3ReqCallNoWait(PDMDevHlpGetVM(pDevIns), VMCPUID_ANY,
2417 (PFNRT)pCtl->pMediaNotify->pfnEjected, 2,
2418 pCtl->pMediaNotify, s->iLUN);
2419 AssertRC(rc);
2420 }
2421 {
2422 STAM_PROFILE_START(&pCtl->StatLockWait, a);
2423 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
2424 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
2425 }
2426 break;
2427 }
2428 case 3: /* 11 - Load media */
2429 /** @todo rc = s->pDrvMount->pfnLoadMedia(s->pDrvMount) */
2430 break;
2431 }
2432 if (RT_SUCCESS(rc))
2433 atapiCmdOK(s);
2434 else
2435 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIA_LOAD_OR_EJECT_FAILED);
2436 }
2437 break;
2438 case SCSI_MECHANISM_STATUS:
2439 {
2440 cbMax = ataBE2H_U16(pbPacket + 8);
2441 ataStartTransfer(s, RT_MIN(cbMax, 8), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_MECHANISM_STATUS, true);
2442 }
2443 break;
2444 case SCSI_READ_TOC_PMA_ATIP:
2445 {
2446 uint8_t format;
2447
2448 if (s->cNotifiedMediaChange > 0)
2449 {
2450 s->cNotifiedMediaChange-- ;
2451 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2452 break;
2453 }
2454 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
2455 {
2456 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2457 break;
2458 }
2459 cbMax = ataBE2H_U16(pbPacket + 7);
2460 /* SCSI MMC-3 spec says format is at offset 2 (lower 4 bits),
2461 * but Linux kernel uses offset 9 (topmost 2 bits). Hope that
2462 * the other field is clear... */
2463 format = (pbPacket[2] & 0xf) | (pbPacket[9] >> 6);
2464 switch (format)
2465 {
2466 case 0:
2467 ataStartTransfer(s, cbMax, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_TOC_NORMAL, true);
2468 break;
2469 case 1:
2470 ataStartTransfer(s, RT_MIN(cbMax, 12), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_TOC_MULTI, true);
2471 break;
2472 case 2:
2473 ataStartTransfer(s, cbMax, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_TOC_RAW, true);
2474 break;
2475 default:
2476 error_cmd:
2477 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2478 break;
2479 }
2480 }
2481 break;
2482 case SCSI_READ_CAPACITY:
2483 if (s->cNotifiedMediaChange > 0)
2484 {
2485 s->cNotifiedMediaChange-- ;
2486 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2487 break;
2488 }
2489 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
2490 {
2491 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2492 break;
2493 }
2494 ataStartTransfer(s, 8, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_CAPACITY, true);
2495 break;
2496 case SCSI_READ_DISC_INFORMATION:
2497 if (s->cNotifiedMediaChange > 0)
2498 {
2499 s->cNotifiedMediaChange-- ;
2500 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2501 break;
2502 }
2503 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
2504 {
2505 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2506 break;
2507 }
2508 cbMax = ataBE2H_U16(pbPacket + 7);
2509 ataStartTransfer(s, RT_MIN(cbMax, 34), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_DISC_INFORMATION, true);
2510 break;
2511 case SCSI_READ_TRACK_INFORMATION:
2512 if (s->cNotifiedMediaChange > 0)
2513 {
2514 s->cNotifiedMediaChange-- ;
2515 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2516 break;
2517 }
2518 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
2519 {
2520 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2521 break;
2522 }
2523 cbMax = ataBE2H_U16(pbPacket + 7);
2524 ataStartTransfer(s, RT_MIN(cbMax, 36), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_TRACK_INFORMATION, true);
2525 break;
2526 case SCSI_GET_CONFIGURATION:
2527 /* No media change stuff here, it can confuse Linux guests. */
2528 cbMax = ataBE2H_U16(pbPacket + 7);
2529 ataStartTransfer(s, RT_MIN(cbMax, 80), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_GET_CONFIGURATION, true);
2530 break;
2531 case SCSI_INQUIRY:
2532 cbMax = ataBE2H_U16(pbPacket + 3);
2533 ataStartTransfer(s, RT_MIN(cbMax, 36), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_INQUIRY, true);
2534 break;
2535 default:
2536 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_ILLEGAL_OPCODE);
2537 break;
2538 }
2539}
2540
2541
2542/*
2543 * Parse ATAPI commands, passing them directly to the CD/DVD drive.
2544 */
2545static void atapiParseCmdPassthrough(AHCIATADevState *s)
2546{
2547 const uint8_t *pbPacket;
2548 uint8_t *pbBuf;
2549 uint32_t cSectors, iATAPILBA;
2550 uint32_t cbTransfer = 0;
2551 PDMBLOCKTXDIR uTxDir = PDMBLOCKTXDIR_NONE;
2552
2553 pbPacket = s->aATAPICmd;
2554 pbBuf = s->CTXALLSUFF(pbIOBuffer);
2555 switch (pbPacket[0])
2556 {
2557 case SCSI_BLANK:
2558 goto sendcmd;
2559 case SCSI_CLOSE_TRACK_SESSION:
2560 goto sendcmd;
2561 case SCSI_ERASE_10:
2562 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2563 cbTransfer = ataBE2H_U16(pbPacket + 7);
2564 Log2(("ATAPI PT: lba %d\n", iATAPILBA));
2565 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2566 goto sendcmd;
2567 case SCSI_FORMAT_UNIT:
2568 cbTransfer = s->uATARegLCyl | (s->uATARegHCyl << 8); /* use ATAPI transfer length */
2569 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2570 goto sendcmd;
2571 case SCSI_GET_CONFIGURATION:
2572 cbTransfer = ataBE2H_U16(pbPacket + 7);
2573 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2574 goto sendcmd;
2575 case SCSI_GET_EVENT_STATUS_NOTIFICATION:
2576 cbTransfer = ataBE2H_U16(pbPacket + 7);
2577 if (ASMAtomicReadU32(&s->MediaEventStatus) != ATA_EVENT_STATUS_UNCHANGED)
2578 {
2579 ataStartTransfer(s, RT_MIN(cbTransfer, 8), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_GET_EVENT_STATUS_NOTIFICATION, true);
2580 break;
2581 }
2582 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2583 goto sendcmd;
2584 case SCSI_GET_PERFORMANCE:
2585 cbTransfer = s->uATARegLCyl | (s->uATARegHCyl << 8); /* use ATAPI transfer length */
2586 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2587 goto sendcmd;
2588 case SCSI_INQUIRY:
2589 cbTransfer = ataBE2H_U16(pbPacket + 3);
2590 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2591 goto sendcmd;
2592 case SCSI_LOAD_UNLOAD_MEDIUM:
2593 goto sendcmd;
2594 case SCSI_MECHANISM_STATUS:
2595 cbTransfer = ataBE2H_U16(pbPacket + 8);
2596 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2597 goto sendcmd;
2598 case SCSI_MODE_SELECT_10:
2599 cbTransfer = ataBE2H_U16(pbPacket + 7);
2600 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2601 goto sendcmd;
2602 case SCSI_MODE_SENSE_10:
2603 cbTransfer = ataBE2H_U16(pbPacket + 7);
2604 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2605 goto sendcmd;
2606 case SCSI_PAUSE_RESUME:
2607 goto sendcmd;
2608 case SCSI_PLAY_AUDIO_10:
2609 goto sendcmd;
2610 case SCSI_PLAY_AUDIO_12:
2611 goto sendcmd;
2612 case SCSI_PLAY_AUDIO_MSF:
2613 goto sendcmd;
2614 case SCSI_PREVENT_ALLOW_MEDIUM_REMOVAL:
2615 /** @todo do not forget to unlock when a VM is shut down */
2616 goto sendcmd;
2617 case SCSI_READ_10:
2618 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2619 cSectors = ataBE2H_U16(pbPacket + 7);
2620 Log2(("ATAPI PT: lba %d sectors %d\n", iATAPILBA, cSectors));
2621 s->cbATAPISector = 2048; /**< @todo this size is not always correct */
2622 cbTransfer = cSectors * s->cbATAPISector;
2623 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2624 goto sendcmd;
2625 case SCSI_READ_12:
2626 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2627 cSectors = ataBE2H_U32(pbPacket + 6);
2628 Log2(("ATAPI PT: lba %d sectors %d\n", iATAPILBA, cSectors));
2629 s->cbATAPISector = 2048; /**< @todo this size is not always correct */
2630 cbTransfer = cSectors * s->cbATAPISector;
2631 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2632 goto sendcmd;
2633 case SCSI_READ_BUFFER:
2634 cbTransfer = ataBE2H_U24(pbPacket + 6);
2635 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2636 goto sendcmd;
2637 case SCSI_READ_BUFFER_CAPACITY:
2638 cbTransfer = ataBE2H_U16(pbPacket + 7);
2639 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2640 goto sendcmd;
2641 case SCSI_READ_CAPACITY:
2642 cbTransfer = 8;
2643 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2644 goto sendcmd;
2645 case SCSI_READ_CD:
2646 s->cbATAPISector = 2048; /**< @todo this size is not always correct */
2647 cbTransfer = ataBE2H_U24(pbPacket + 6) / s->cbATAPISector * s->cbATAPISector;
2648 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2649 goto sendcmd;
2650 case SCSI_READ_CD_MSF:
2651 cSectors = ataMSF2LBA(pbPacket + 6) - ataMSF2LBA(pbPacket + 3);
2652 if (cSectors > 32)
2653 cSectors = 32; /* Limit transfer size to 64~74K. Safety first. In any case this can only harm software doing CDDA extraction. */
2654 s->cbATAPISector = 2048; /**< @todo this size is not always correct */
2655 cbTransfer = cSectors * s->cbATAPISector;
2656 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2657 goto sendcmd;
2658 case SCSI_READ_DISC_INFORMATION:
2659 cbTransfer = ataBE2H_U16(pbPacket + 7);
2660 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2661 goto sendcmd;
2662 case SCSI_READ_DVD_STRUCTURE:
2663 cbTransfer = ataBE2H_U16(pbPacket + 8);
2664 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2665 goto sendcmd;
2666 case SCSI_READ_FORMAT_CAPACITIES:
2667 cbTransfer = ataBE2H_U16(pbPacket + 7);
2668 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2669 goto sendcmd;
2670 case SCSI_READ_SUBCHANNEL:
2671 cbTransfer = ataBE2H_U16(pbPacket + 7);
2672 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2673 goto sendcmd;
2674 case SCSI_READ_TOC_PMA_ATIP:
2675 cbTransfer = ataBE2H_U16(pbPacket + 7);
2676 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2677 goto sendcmd;
2678 case SCSI_READ_TRACK_INFORMATION:
2679 cbTransfer = ataBE2H_U16(pbPacket + 7);
2680 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2681 goto sendcmd;
2682 case SCSI_REPAIR_TRACK:
2683 goto sendcmd;
2684 case SCSI_REPORT_KEY:
2685 cbTransfer = ataBE2H_U16(pbPacket + 8);
2686 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2687 goto sendcmd;
2688 case SCSI_REQUEST_SENSE:
2689 cbTransfer = pbPacket[4];
2690 if ((s->abATAPISense[2] & 0x0f) != SCSI_SENSE_NONE)
2691 {
2692 ataStartTransfer(s, RT_MIN(cbTransfer, 18), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_REQUEST_SENSE, true);
2693 break;
2694 }
2695 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2696 goto sendcmd;
2697 case SCSI_RESERVE_TRACK:
2698 goto sendcmd;
2699 case SCSI_SCAN:
2700 goto sendcmd;
2701 case SCSI_SEEK_10:
2702 goto sendcmd;
2703 case SCSI_SEND_CUE_SHEET:
2704 cbTransfer = ataBE2H_U24(pbPacket + 6);
2705 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2706 goto sendcmd;
2707 case SCSI_SEND_DVD_STRUCTURE:
2708 cbTransfer = ataBE2H_U16(pbPacket + 8);
2709 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2710 goto sendcmd;
2711 case SCSI_SEND_EVENT:
2712 cbTransfer = ataBE2H_U16(pbPacket + 8);
2713 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2714 goto sendcmd;
2715 case SCSI_SEND_KEY:
2716 cbTransfer = ataBE2H_U16(pbPacket + 8);
2717 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2718 goto sendcmd;
2719 case SCSI_SEND_OPC_INFORMATION:
2720 cbTransfer = ataBE2H_U16(pbPacket + 7);
2721 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2722 goto sendcmd;
2723 case SCSI_SET_CD_SPEED:
2724 goto sendcmd;
2725 case SCSI_SET_READ_AHEAD:
2726 goto sendcmd;
2727 case SCSI_SET_STREAMING:
2728 cbTransfer = ataBE2H_U16(pbPacket + 9);
2729 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2730 goto sendcmd;
2731 case SCSI_START_STOP_UNIT:
2732 goto sendcmd;
2733 case SCSI_STOP_PLAY_SCAN:
2734 goto sendcmd;
2735 case SCSI_SYNCHRONIZE_CACHE:
2736 goto sendcmd;
2737 case SCSI_TEST_UNIT_READY:
2738 goto sendcmd;
2739 case SCSI_VERIFY_10:
2740 goto sendcmd;
2741 case SCSI_WRITE_10:
2742 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2743 cSectors = ataBE2H_U16(pbPacket + 7);
2744 Log2(("ATAPI PT: lba %d sectors %d\n", iATAPILBA, cSectors));
2745#if 0
2746 /* The sector size is determined by the async I/O thread. */
2747 s->cbATAPISector = 0;
2748 /* Preliminary, will be corrected once the sector size is known. */
2749 cbTransfer = cSectors;
2750#else
2751 s->cbATAPISector = 2048; /**< @todo this size is not always correct */
2752 cbTransfer = cSectors * s->cbATAPISector;
2753#endif
2754 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2755 goto sendcmd;
2756 case SCSI_WRITE_12:
2757 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2758 cSectors = ataBE2H_U32(pbPacket + 6);
2759 Log2(("ATAPI PT: lba %d sectors %d\n", iATAPILBA, cSectors));
2760#if 0
2761 /* The sector size is determined by the async I/O thread. */
2762 s->cbATAPISector = 0;
2763 /* Preliminary, will be corrected once the sector size is known. */
2764 cbTransfer = cSectors;
2765#else
2766 s->cbATAPISector = 2048; /**< @todo this size is not always correct */
2767 cbTransfer = cSectors * s->cbATAPISector;
2768#endif
2769 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2770 goto sendcmd;
2771 case SCSI_WRITE_AND_VERIFY_10:
2772 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2773 cSectors = ataBE2H_U16(pbPacket + 7);
2774 Log2(("ATAPI PT: lba %d sectors %d\n", iATAPILBA, cSectors));
2775 /* The sector size is determined by the async I/O thread. */
2776 s->cbATAPISector = 0;
2777 /* Preliminary, will be corrected once the sector size is known. */
2778 cbTransfer = cSectors;
2779 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2780 goto sendcmd;
2781 case SCSI_WRITE_BUFFER:
2782 switch (pbPacket[1] & 0x1f)
2783 {
2784 case 0x04: /* download microcode */
2785 case 0x05: /* download microcode and save */
2786 case 0x06: /* download microcode with offsets */
2787 case 0x07: /* download microcode with offsets and save */
2788 case 0x0e: /* download microcode with offsets and defer activation */
2789 case 0x0f: /* activate deferred microcode */
2790 LogRel(("AHCI ATA: LUN#%d: CD-ROM passthrough command attempted to update firmware, blocked\n", s->iLUN));
2791 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2792 break;
2793 default:
2794 cbTransfer = ataBE2H_U16(pbPacket + 6);
2795 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2796 goto sendcmd;
2797 }
2798 break;
2799 case SCSI_REPORT_LUNS: /* Not part of MMC-3, but used by Windows. */
2800 cbTransfer = ataBE2H_U32(pbPacket + 6);
2801 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2802 goto sendcmd;
2803 case SCSI_REZERO_UNIT:
2804 /* Obsolete command used by cdrecord. What else would one expect?
2805 * This command is not sent to the drive, it is handled internally,
2806 * as the Linux kernel doesn't like it (message "scsi: unknown
2807 * opcode 0x01" in syslog) and replies with a sense code of 0,
2808 * which sends cdrecord to an endless loop. */
2809 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_ILLEGAL_OPCODE);
2810 break;
2811 default:
2812 LogRel(("AHCI ATA: LUN#%d: passthrough unimplemented for command %#x\n", s->iLUN, pbPacket[0]));
2813 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_ILLEGAL_OPCODE);
2814 break;
2815 sendcmd:
2816 /* Send a command to the drive, passing data in/out as required. */
2817 Log2(("ATAPI PT: max size %d\n", cbTransfer));
2818 Assert(cbTransfer <= s->cbIOBuffer);
2819 if (cbTransfer == 0)
2820 uTxDir = PDMBLOCKTXDIR_NONE;
2821 ataStartTransfer(s, cbTransfer, uTxDir, ATAFN_BT_ATAPI_PASSTHROUGH_CMD, ATAFN_SS_ATAPI_PASSTHROUGH, true);
2822 }
2823}
2824
2825
2826static void atapiParseCmd(AHCIATADevState *s)
2827{
2828 const uint8_t *pbPacket;
2829
2830 pbPacket = s->aATAPICmd;
2831#ifdef DEBUG
2832 Log(("%s: LUN#%d DMA=%d CMD=%#04x \"%s\"\n", __FUNCTION__, s->iLUN, s->fDMA, pbPacket[0], SCSICmdText(pbPacket[0])));
2833#else /* !DEBUG */
2834 Log(("%s: LUN#%d DMA=%d CMD=%#04x\n", __FUNCTION__, s->iLUN, s->fDMA, pbPacket[0]));
2835#endif /* !DEBUG */
2836 Log2(("%s: limit=%#x packet: %.*Rhxs\n", __FUNCTION__, s->uATARegLCyl | (s->uATARegHCyl << 8), ATAPI_PACKET_SIZE, pbPacket));
2837
2838 if (s->fATAPIPassthrough)
2839 atapiParseCmdPassthrough(s);
2840 else
2841 atapiParseCmdVirtualATAPI(s);
2842}
2843
2844
2845static bool ataPacketSS(AHCIATADevState *s)
2846{
2847 s->fDMA = !!(s->uATARegFeature & 1);
2848 memcpy(s->aATAPICmd, s->CTXALLSUFF(pbIOBuffer), ATAPI_PACKET_SIZE);
2849 s->uTxDir = PDMBLOCKTXDIR_NONE;
2850 s->cbTotalTransfer = 0;
2851 s->cbElementaryTransfer = 0;
2852 atapiParseCmd(s);
2853 return false;
2854}
2855
2856#if 0
2857
2858/**
2859 * SCSI_GET_EVENT_STATUS_NOTIFICATION should return "medium removed" event
2860 * from now on, regardless if there was a medium inserted or not.
2861 */
2862static void ataMediumRemoved(AHCIATADevState *s)
2863{
2864 ASMAtomicWriteU32(&s->MediaEventStatus, ATA_EVENT_STATUS_MEDIA_REMOVED);
2865}
2866
2867
2868/**
2869 * SCSI_GET_EVENT_STATUS_NOTIFICATION should return "medium inserted". If
2870 * there was already a medium inserted, don't forget to send the "medium
2871 * removed" event first.
2872 */
2873static void ataMediumInserted(AHCIATADevState *s)
2874{
2875 uint32_t OldStatus, NewStatus;
2876 do
2877 {
2878 OldStatus = ASMAtomicReadU32(&s->MediaEventStatus);
2879 switch (OldStatus)
2880 {
2881 case ATA_EVENT_STATUS_MEDIA_CHANGED:
2882 case ATA_EVENT_STATUS_MEDIA_REMOVED:
2883 /* no change, we will send "medium removed" + "medium inserted" */
2884 NewStatus = ATA_EVENT_STATUS_MEDIA_CHANGED;
2885 break;
2886 default:
2887 NewStatus = ATA_EVENT_STATUS_MEDIA_NEW;
2888 break;
2889 }
2890 } while (!ASMAtomicCmpXchgU32(&s->MediaEventStatus, NewStatus, OldStatus));
2891}
2892
2893
2894/**
2895 * Called when a media is mounted.
2896 *
2897 * @param pInterface Pointer to the interface structure containing the called function pointer.
2898 */
2899static DECLCALLBACK(void) ataMountNotify(PPDMIMOUNTNOTIFY pInterface)
2900{
2901 AHCIATADevState *pIf = PDMIMOUNTNOTIFY_2_ATASTATE(pInterface);
2902 Log(("%s: changing LUN#%d\n", __FUNCTION__, pIf->iLUN));
2903
2904 /* Ignore the call if we're called while being attached. */
2905 if (!pIf->pDrvBlock)
2906 return;
2907
2908 LogRel(("AHCI ATA: LUN#%d: CD/DVD, total number of sectors %Ld, passthrough unchanged\n", pIf->iLUN, pIf->cTotalSectors));
2909
2910 if (pIf->fATAPI)
2911 pIf->cTotalSectors = pIf->pDrvBlock->pfnGetSize(pIf->pDrvBlock) / 2048;
2912 else
2913 pIf->cTotalSectors = pIf->pDrvBlock->pfnGetSize(pIf->pDrvBlock) / 512;
2914
2915 /* Report media changed in TEST UNIT and other (probably incorrect) places. */
2916 if (pIf->cNotifiedMediaChange < 2)
2917 pIf->cNotifiedMediaChange = 2;
2918 ataMediumInserted(pIf);
2919}
2920
2921/**
2922 * Called when a media is unmounted
2923 * @param pInterface Pointer to the interface structure containing the called function pointer.
2924 */
2925static DECLCALLBACK(void) ataUnmountNotify(PPDMIMOUNTNOTIFY pInterface)
2926{
2927 AHCIATADevState *pIf = PDMIMOUNTNOTIFY_2_ATASTATE(pInterface);
2928 Log(("%s:\n", __FUNCTION__));
2929 pIf->cTotalSectors = 0;
2930
2931 /*
2932 * Whatever I do, XP will not use the GET MEDIA STATUS nor the EVENT stuff.
2933 * However, it will respond to TEST UNIT with a 0x6 0x28 (media changed) sense code.
2934 * So, we'll give it 4 TEST UNIT command to catch up, two which the media is not
2935 * present and 2 in which it is changed.
2936 */
2937 pIf->cNotifiedMediaChange = 4;
2938 ataMediumRemoved(pIf);
2939}
2940#endif
2941
2942static void ataPacketBT(AHCIATADevState *s)
2943{
2944 s->cbElementaryTransfer = s->cbTotalTransfer;
2945 s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_CD;
2946 Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
2947 ataSetStatusValue(s, ATA_STAT_READY);
2948}
2949
2950
2951static void ataResetDevice(AHCIATADevState *s)
2952{
2953 s->cMultSectors = ATA_MAX_MULT_SECTORS;
2954 s->cNotifiedMediaChange = 0;
2955 ASMAtomicWriteU32(&s->MediaEventStatus, ATA_EVENT_STATUS_UNCHANGED);
2956 ataUnsetIRQ(s);
2957
2958 s->uATARegSelect = 0x20;
2959 ataSetStatusValue(s, ATA_STAT_READY);
2960 ataSetSignature(s);
2961 s->cbTotalTransfer = 0;
2962 s->cbElementaryTransfer = 0;
2963 s->iIOBufferPIODataStart = 0;
2964 s->iIOBufferPIODataEnd = 0;
2965 s->iBeginTransfer = ATAFN_BT_NULL;
2966 s->iSourceSink = ATAFN_SS_NULL;
2967 s->fATAPITransfer = false;
2968 s->uATATransferMode = ATA_MODE_UDMA | 2; /* AHCI supports only up to UDMA2 */
2969
2970 s->uATARegFeature = 0;
2971}
2972
2973
2974static bool ataExecuteDeviceDiagnosticSS(AHCIATADevState *s)
2975{
2976 ataSetSignature(s);
2977 if (s->fATAPI)
2978 ataSetStatusValue(s, 0); /* NOTE: READY is _not_ set */
2979 else
2980 ataSetStatusValue(s, ATA_STAT_READY);
2981 s->uATARegError = 0x01;
2982 return false;
2983}
2984
2985
2986static void ataParseCmd(AHCIATADevState *s, uint8_t cmd)
2987{
2988#ifdef DEBUG
2989 Log(("%s: LUN#%d CMD=%#04x \"%s\"\n", __FUNCTION__, s->iLUN, cmd, ATACmdText(cmd)));
2990#else /* !DEBUG */
2991 Log(("%s: LUN#%d CMD=%#04x\n", __FUNCTION__, s->iLUN, cmd));
2992#endif /* !DEBUG */
2993 s->fLBA48 = false;
2994 s->fDMA = false;
2995 if (cmd == ATA_IDLE_IMMEDIATE)
2996 {
2997 /* Detect Linux timeout recovery, first tries IDLE IMMEDIATE (which
2998 * would overwrite the failing command unfortunately), then RESET. */
2999 int32_t uCmdWait = -1;
3000 uint64_t uNow = RTTimeNanoTS();
3001 if (s->u64CmdTS)
3002 uCmdWait = (uNow - s->u64CmdTS) / 1000;
3003 LogRel(("AHCI ATA: LUN#%d: IDLE IMMEDIATE, CmdIf=%#04x (%d usec ago)\n",
3004 s->iLUN, s->uATARegCommand, uCmdWait));
3005 }
3006 s->uATARegCommand = cmd;
3007 switch (cmd)
3008 {
3009 case ATA_IDENTIFY_DEVICE:
3010 if (s->pDrvBlock && !s->fATAPI)
3011 ataStartTransfer(s, 512, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_NULL, ATAFN_SS_IDENTIFY, false);
3012 else
3013 {
3014 if (s->fATAPI)
3015 ataSetSignature(s);
3016 ataCmdError(s, ABRT_ERR);
3017 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3018 }
3019 break;
3020 case ATA_INITIALIZE_DEVICE_PARAMETERS:
3021 case ATA_RECALIBRATE:
3022 ataCmdOK(s, ATA_STAT_SEEK);
3023 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3024 break;
3025 case ATA_SET_MULTIPLE_MODE:
3026 if ( s->uATARegNSector != 0
3027 && ( s->uATARegNSector > ATA_MAX_MULT_SECTORS
3028 || (s->uATARegNSector & (s->uATARegNSector - 1)) != 0))
3029 {
3030 ataCmdError(s, ABRT_ERR);
3031 }
3032 else
3033 {
3034 Log2(("%s: set multi sector count to %d\n", __FUNCTION__, s->uATARegNSector));
3035 s->cMultSectors = s->uATARegNSector;
3036 ataCmdOK(s, 0);
3037 }
3038 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3039 break;
3040 case ATA_READ_VERIFY_SECTORS_EXT:
3041 s->fLBA48 = true;
3042 case ATA_READ_VERIFY_SECTORS:
3043 case ATA_READ_VERIFY_SECTORS_WITHOUT_RETRIES:
3044 /* do sector number check ? */
3045 ataCmdOK(s, 0);
3046 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3047 break;
3048 case ATA_READ_SECTORS_EXT:
3049 s->fLBA48 = true;
3050 case ATA_READ_SECTORS:
3051 case ATA_READ_SECTORS_WITHOUT_RETRIES:
3052 if (!s->pDrvBlock || s->fATAPI)
3053 goto abort_cmd;
3054 s->cSectorsPerIRQ = 1;
3055 ataStartTransfer(s, ataGetNSectors(s) * 512, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_READ_SECTORS, false);
3056 break;
3057 case ATA_WRITE_SECTORS_EXT:
3058 s->fLBA48 = true;
3059 case ATA_WRITE_SECTORS:
3060 case ATA_WRITE_SECTORS_WITHOUT_RETRIES:
3061 if (!s->pDrvBlock || s->fATAPI)
3062 goto abort_cmd;
3063 s->cSectorsPerIRQ = 1;
3064 ataStartTransfer(s, ataGetNSectors(s) * 512, PDMBLOCKTXDIR_TO_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_WRITE_SECTORS, false);
3065 break;
3066 case ATA_READ_MULTIPLE_EXT:
3067 s->fLBA48 = true;
3068 case ATA_READ_MULTIPLE:
3069 if (!s->pDrvBlock || !s->cMultSectors || s->fATAPI)
3070 goto abort_cmd;
3071 s->cSectorsPerIRQ = s->cMultSectors;
3072 ataStartTransfer(s, ataGetNSectors(s) * 512, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_READ_SECTORS, false);
3073 break;
3074 case ATA_WRITE_MULTIPLE_EXT:
3075 s->fLBA48 = true;
3076 case ATA_WRITE_MULTIPLE:
3077 if (!s->pDrvBlock || !s->cMultSectors || s->fATAPI)
3078 goto abort_cmd;
3079 s->cSectorsPerIRQ = s->cMultSectors;
3080 ataStartTransfer(s, ataGetNSectors(s) * 512, PDMBLOCKTXDIR_TO_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_WRITE_SECTORS, false);
3081 break;
3082 case ATA_READ_DMA_EXT:
3083 s->fLBA48 = true;
3084 case ATA_READ_DMA:
3085 case ATA_READ_DMA_WITHOUT_RETRIES:
3086 if (!s->pDrvBlock || s->fATAPI)
3087 goto abort_cmd;
3088 s->cSectorsPerIRQ = ATA_MAX_MULT_SECTORS;
3089 s->fDMA = true;
3090 ataStartTransfer(s, ataGetNSectors(s) * 512, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_READ_SECTORS, false);
3091 break;
3092 case ATA_WRITE_DMA_EXT:
3093 s->fLBA48 = true;
3094 case ATA_WRITE_DMA:
3095 case ATA_WRITE_DMA_WITHOUT_RETRIES:
3096 if (!s->pDrvBlock || s->fATAPI)
3097 goto abort_cmd;
3098 s->cSectorsPerIRQ = ATA_MAX_MULT_SECTORS;
3099 s->fDMA = true;
3100 ataStartTransfer(s, ataGetNSectors(s) * 512, PDMBLOCKTXDIR_TO_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_WRITE_SECTORS, false);
3101 break;
3102 case ATA_READ_NATIVE_MAX_ADDRESS_EXT:
3103 s->fLBA48 = true;
3104 ataSetSector(s, s->cTotalSectors - 1);
3105 ataCmdOK(s, 0);
3106 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3107 break;
3108 case ATA_READ_NATIVE_MAX_ADDRESS:
3109 ataSetSector(s, RT_MIN(s->cTotalSectors, 1 << 28) - 1);
3110 ataCmdOK(s, 0);
3111 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3112 break;
3113 case ATA_CHECK_POWER_MODE:
3114 s->uATARegNSector = 0xff; /* drive active or idle */
3115 ataCmdOK(s, 0);
3116 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3117 break;
3118 case ATA_SET_FEATURES:
3119 Log2(("%s: feature=%#x\n", __FUNCTION__, s->uATARegFeature));
3120 if (!s->pDrvBlock)
3121 goto abort_cmd;
3122 switch (s->uATARegFeature)
3123 {
3124 case 0x02: /* write cache enable */
3125 Log2(("%s: write cache enable\n", __FUNCTION__));
3126 ataCmdOK(s, ATA_STAT_SEEK);
3127 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3128 break;
3129 case 0xaa: /* read look-ahead enable */
3130 Log2(("%s: read look-ahead enable\n", __FUNCTION__));
3131 ataCmdOK(s, ATA_STAT_SEEK);
3132 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3133 break;
3134 case 0x55: /* read look-ahead disable */
3135 Log2(("%s: read look-ahead disable\n", __FUNCTION__));
3136 ataCmdOK(s, ATA_STAT_SEEK);
3137 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3138 break;
3139 case 0xcc: /* reverting to power-on defaults enable */
3140 Log2(("%s: revert to power-on defaults enable\n", __FUNCTION__));
3141 ataCmdOK(s, ATA_STAT_SEEK);
3142 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3143 break;
3144 case 0x66: /* reverting to power-on defaults disable */
3145 Log2(("%s: revert to power-on defaults disable\n", __FUNCTION__));
3146 ataCmdOK(s, ATA_STAT_SEEK);
3147 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3148 break;
3149 case 0x82: /* write cache disable */
3150 Log2(("%s: write cache disable\n", __FUNCTION__));
3151 /* As per the ATA/ATAPI-6 specs, a write cache disable
3152 * command MUST flush the write buffers to disc. */
3153 ataStartTransfer(s, 0, PDMBLOCKTXDIR_NONE, ATAFN_BT_NULL, ATAFN_SS_FLUSH, false);
3154 break;
3155 case 0x03: { /* set transfer mode */
3156 Log2(("%s: transfer mode %#04x\n", __FUNCTION__, s->uATARegNSector));
3157 switch (s->uATARegNSector & 0xf8)
3158 {
3159 case 0x00: /* PIO default */
3160 case 0x08: /* PIO mode */
3161 break;
3162 case ATA_MODE_MDMA: /* MDMA mode */
3163 s->uATATransferMode = (s->uATARegNSector & 0xf8) | RT_MIN(s->uATARegNSector & 0x07, ATA_MDMA_MODE_MAX);
3164 break;
3165 case ATA_MODE_UDMA: /* UDMA mode */
3166 s->uATATransferMode = (s->uATARegNSector & 0xf8) | RT_MIN(s->uATARegNSector & 0x07, ATA_UDMA_MODE_MAX);
3167 break;
3168 default:
3169 goto abort_cmd;
3170 }
3171 ataCmdOK(s, ATA_STAT_SEEK);
3172 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3173 break;
3174 }
3175 default:
3176 goto abort_cmd;
3177 }
3178 /*
3179 * OS/2 workarond:
3180 * The OS/2 IDE driver from MCP2 appears to rely on the feature register being
3181 * reset here. According to the specification, this is a driver bug as the register
3182 * contents are undefined after the call. This means we can just as well reset it.
3183 */
3184 s->uATARegFeature = 0;
3185 break;
3186 case ATA_FLUSH_CACHE_EXT:
3187 case ATA_FLUSH_CACHE:
3188 if (!s->pDrvBlock || s->fATAPI)
3189 goto abort_cmd;
3190 ataStartTransfer(s, 0, PDMBLOCKTXDIR_NONE, ATAFN_BT_NULL, ATAFN_SS_FLUSH, false);
3191 break;
3192 case ATA_STANDBY_IMMEDIATE:
3193 ataCmdOK(s, 0);
3194 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3195 break;
3196 case ATA_IDLE_IMMEDIATE:
3197 LogRel(("AHCI ATA: LUN#%d: aborting current command\n", s->iLUN));
3198 ataAbortCurrentCommand(s, false);
3199 break;
3200 /* ATAPI commands */
3201 case ATA_IDENTIFY_PACKET_DEVICE:
3202 if (s->fATAPI)
3203 ataStartTransfer(s, 512, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_NULL, ATAFN_SS_ATAPI_IDENTIFY, false);
3204 else
3205 {
3206 ataCmdError(s, ABRT_ERR);
3207 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3208 }
3209 break;
3210 case ATA_EXECUTE_DEVICE_DIAGNOSTIC:
3211 ataStartTransfer(s, 0, PDMBLOCKTXDIR_NONE, ATAFN_BT_NULL, ATAFN_SS_EXECUTE_DEVICE_DIAGNOSTIC, false);
3212 break;
3213 case ATA_DEVICE_RESET:
3214 if (!s->fATAPI)
3215 goto abort_cmd;
3216 LogRel(("AHCI ATA: LUN#%d: performing device RESET\n", s->iLUN));
3217 ataAbortCurrentCommand(s, true);
3218 break;
3219 case ATA_PACKET:
3220 if (!s->fATAPI)
3221 goto abort_cmd;
3222 /* overlapping commands not supported */
3223 if (s->uATARegFeature & 0x02)
3224 goto abort_cmd;
3225 ataStartTransfer(s, ATAPI_PACKET_SIZE, PDMBLOCKTXDIR_TO_DEVICE, ATAFN_BT_PACKET, ATAFN_SS_PACKET, false);
3226 break;
3227 default:
3228 abort_cmd:
3229 ataCmdError(s, ABRT_ERR);
3230 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3231 break;
3232 }
3233}
3234
3235
3236/**
3237 * Waits for a particular async I/O thread to complete whatever it
3238 * is doing at the moment.
3239 *
3240 * @returns true on success.
3241 * @returns false when the thread is still processing.
3242 * @param pThis Pointer to the controller data.
3243 * @param cMillies How long to wait (total).
3244 */
3245static bool ataWaitForAsyncIOIsIdle(PAHCIATACONTROLLER pCtl, RTMSINTERVAL cMillies)
3246{
3247 uint64_t u64Start;
3248 bool fRc;
3249
3250 /* Hope for the simple way out... */
3251 if (ataAsyncIOIsIdle(pCtl, false /*fStrict*/))
3252 return true;
3253
3254 /*
3255 * Have to wait. Do the setup while owning the mutex to avoid races.
3256 */
3257 RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT);
3258
3259 RTThreadUserReset(pCtl->AsyncIOThread);
3260 ASMAtomicWriteBool(&pCtl->fSignalIdle, true);
3261
3262 RTSemMutexRelease(pCtl->AsyncIORequestMutex);
3263
3264 u64Start = RTTimeMilliTS();
3265 for (;;)
3266 {
3267 fRc = ataAsyncIOIsIdle(pCtl, false /*fStrict*/);
3268 if (fRc)
3269 break;
3270
3271 if (RTTimeMilliTS() - u64Start >= cMillies)
3272 break;
3273
3274 int rc = RTThreadUserWait(pCtl->AsyncIOThread, 100 /*ms*/);
3275 AssertMsg( ( RT_SUCCESS(rc)
3276 && ataAsyncIOIsIdle(pCtl, false /*fStrict*/))
3277 || rc == VERR_TIMEOUT,
3278 ("rc=%Rrc irq=%u\n", rc, pCtl->irq));
3279 }
3280
3281 ASMAtomicWriteBool(&pCtl->fSignalIdle, false);
3282 return fRc;
3283}
3284
3285#endif /* IN_RING3 */
3286
3287static int ataIOPortWriteU8(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t val)
3288{
3289 Log2(("%s: write addr=%#x val=%#04x\n", __FUNCTION__, addr, val));
3290 addr &= 7;
3291 switch (addr)
3292 {
3293 case 0:
3294 break;
3295 case 1: /* feature register */
3296 /* NOTE: data is written to the two drives */
3297 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3298 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3299 pCtl->aIfs[0].uATARegFeatureHOB = pCtl->aIfs[0].uATARegFeature;
3300 pCtl->aIfs[1].uATARegFeatureHOB = pCtl->aIfs[1].uATARegFeature;
3301 pCtl->aIfs[0].uATARegFeature = val;
3302 pCtl->aIfs[1].uATARegFeature = val;
3303 break;
3304 case 2: /* sector count */
3305 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3306 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3307 pCtl->aIfs[0].uATARegNSectorHOB = pCtl->aIfs[0].uATARegNSector;
3308 pCtl->aIfs[1].uATARegNSectorHOB = pCtl->aIfs[1].uATARegNSector;
3309 pCtl->aIfs[0].uATARegNSector = val;
3310 pCtl->aIfs[1].uATARegNSector = val;
3311 break;
3312 case 3: /* sector number */
3313 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3314 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3315 pCtl->aIfs[0].uATARegSectorHOB = pCtl->aIfs[0].uATARegSector;
3316 pCtl->aIfs[1].uATARegSectorHOB = pCtl->aIfs[1].uATARegSector;
3317 pCtl->aIfs[0].uATARegSector = val;
3318 pCtl->aIfs[1].uATARegSector = val;
3319 break;
3320 case 4: /* cylinder low */
3321 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3322 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3323 pCtl->aIfs[0].uATARegLCylHOB = pCtl->aIfs[0].uATARegLCyl;
3324 pCtl->aIfs[1].uATARegLCylHOB = pCtl->aIfs[1].uATARegLCyl;
3325 pCtl->aIfs[0].uATARegLCyl = val;
3326 pCtl->aIfs[1].uATARegLCyl = val;
3327 break;
3328 case 5: /* cylinder high */
3329 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3330 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3331 pCtl->aIfs[0].uATARegHCylHOB = pCtl->aIfs[0].uATARegHCyl;
3332 pCtl->aIfs[1].uATARegHCylHOB = pCtl->aIfs[1].uATARegHCyl;
3333 pCtl->aIfs[0].uATARegHCyl = val;
3334 pCtl->aIfs[1].uATARegHCyl = val;
3335 break;
3336 case 6: /* drive/head */
3337 pCtl->aIfs[0].uATARegSelect = (val & ~0x10) | 0xa0;
3338 pCtl->aIfs[1].uATARegSelect = (val | 0x10) | 0xa0;
3339 if (((val >> 4) & 1) != pCtl->iSelectedIf)
3340 {
3341 PPDMDEVINS pDevIns = CONTROLLER_2_DEVINS(pCtl);
3342
3343 /* select another drive */
3344 pCtl->iSelectedIf = (val >> 4) & 1;
3345 /* The IRQ line is multiplexed between the two drives, so
3346 * update the state when switching to another drive. Only need
3347 * to update interrupt line if it is enabled and there is a
3348 * state change. */
3349 if ( !(pCtl->aIfs[pCtl->iSelectedIf].uATARegDevCtl & ATA_DEVCTL_DISABLE_IRQ)
3350 && ( pCtl->aIfs[pCtl->iSelectedIf].fIrqPending
3351 != pCtl->aIfs[pCtl->iSelectedIf ^ 1].fIrqPending))
3352 {
3353 if (pCtl->aIfs[pCtl->iSelectedIf].fIrqPending)
3354 {
3355 Log2(("%s: LUN#%d asserting IRQ (drive select change)\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf].iLUN));
3356 /* The BMDMA unit unconditionally sets BM_STATUS_INT if
3357 * the interrupt line is asserted. It monitors the line
3358 * for a rising edge. */
3359 pCtl->BmDma.u8Status |= BM_STATUS_INT;
3360 if (pCtl->irq == 16)
3361 PDMDevHlpPCISetIrq(pDevIns, 0, 1);
3362 else
3363 PDMDevHlpISASetIrq(pDevIns, pCtl->irq, 1);
3364 }
3365 else
3366 {
3367 Log2(("%s: LUN#%d deasserting IRQ (drive select change)\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf].iLUN));
3368 if (pCtl->irq == 16)
3369 PDMDevHlpPCISetIrq(pDevIns, 0, 0);
3370 else
3371 PDMDevHlpISASetIrq(pDevIns, pCtl->irq, 0);
3372 }
3373 }
3374 }
3375 break;
3376 default:
3377 case 7: /* command */
3378 /* ignore commands to non existant slave */
3379 if (pCtl->iSelectedIf && !pCtl->aIfs[pCtl->iSelectedIf].pDrvBlock)
3380 break;
3381#ifndef IN_RING3
3382 /* Don't do anything complicated in GC */
3383 return VINF_IOM_HC_IOPORT_WRITE;
3384#else /* IN_RING3 */
3385 ataParseCmd(&pCtl->aIfs[pCtl->iSelectedIf], val);
3386#endif /* !IN_RING3 */
3387 }
3388 return VINF_SUCCESS;
3389}
3390
3391
3392static int ataIOPortReadU8(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t *pu32)
3393{
3394 AHCIATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
3395 uint32_t val;
3396 bool fHOB;
3397
3398 fHOB = !!(s->uATARegDevCtl & (1 << 7));
3399 switch (addr & 7)
3400 {
3401 case 0: /* data register */
3402 val = 0xff;
3403 break;
3404 case 1: /* error register */
3405 /* The ATA specification is very terse when it comes to specifying
3406 * the precise effects of reading back the error/feature register.
3407 * The error register (read-only) shares the register number with
3408 * the feature register (write-only), so it seems that it's not
3409 * necessary to support the usual HOB readback here. */
3410 if (!s->pDrvBlock)
3411 val = 0;
3412 else
3413 val = s->uATARegError;
3414 break;
3415 case 2: /* sector count */
3416 if (!s->pDrvBlock)
3417 val = 0;
3418 else if (fHOB)
3419 val = s->uATARegNSectorHOB;
3420 else
3421 val = s->uATARegNSector;
3422 break;
3423 case 3: /* sector number */
3424 if (!s->pDrvBlock)
3425 val = 0;
3426 else if (fHOB)
3427 val = s->uATARegSectorHOB;
3428 else
3429 val = s->uATARegSector;
3430 break;
3431 case 4: /* cylinder low */
3432 if (!s->pDrvBlock)
3433 val = 0;
3434 else if (fHOB)
3435 val = s->uATARegLCylHOB;
3436 else
3437 val = s->uATARegLCyl;
3438 break;
3439 case 5: /* cylinder high */
3440 if (!s->pDrvBlock)
3441 val = 0;
3442 else if (fHOB)
3443 val = s->uATARegHCylHOB;
3444 else
3445 val = s->uATARegHCyl;
3446 break;
3447 case 6: /* drive/head */
3448 /* This register must always work as long as there is at least
3449 * one drive attached to the controller. It is common between
3450 * both drives anyway (completely identical content). */
3451 if (!pCtl->aIfs[0].pDrvBlock && !pCtl->aIfs[1].pDrvBlock)
3452 val = 0;
3453 else
3454 val = s->uATARegSelect;
3455 break;
3456 default:
3457 case 7: /* primary status */
3458 {
3459 /* Counter for number of busy status seen in GC in a row. */
3460 static unsigned cBusy = 0;
3461
3462 if (!s->pDrvBlock)
3463 val = 0;
3464 else
3465 val = s->uATARegStatus;
3466
3467 /* Give the async I/O thread an opportunity to make progress,
3468 * don't let it starve by guests polling frequently. EMT has a
3469 * lower priority than the async I/O thread, but sometimes the
3470 * host OS doesn't care. With some guests we are only allowed to
3471 * be busy for about 5 milliseconds in some situations. Note that
3472 * this is no guarantee for any other VBox thread getting
3473 * scheduled, so this just lowers the CPU load a bit when drives
3474 * are busy. It cannot help with timing problems. */
3475 if (val & ATA_STAT_BUSY)
3476 {
3477#ifdef IN_RING3
3478 cBusy = 0;
3479 PDMCritSectLeave(&pCtl->lock);
3480
3481 RTThreadYield();
3482
3483 {
3484 STAM_PROFILE_START(&pCtl->StatLockWait, a);
3485 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
3486 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
3487 }
3488
3489 val = s->uATARegStatus;
3490#else /* !IN_RING3 */
3491 /* Cannot yield CPU in guest context. And switching to host
3492 * context for each and every busy status is too costly,
3493 * especially on SMP systems where we don't gain much by
3494 * yielding the CPU to someone else. */
3495 if (++cBusy >= 20)
3496 {
3497 cBusy = 0;
3498 return VINF_IOM_HC_IOPORT_READ;
3499 }
3500#endif /* !IN_RING3 */
3501 }
3502 else
3503 cBusy = 0;
3504 ataUnsetIRQ(s);
3505 break;
3506 }
3507 }
3508 Log2(("%s: addr=%#x val=%#04x\n", __FUNCTION__, addr, val));
3509 *pu32 = val;
3510 return VINF_SUCCESS;
3511}
3512
3513
3514static uint32_t ataStatusRead(PAHCIATACONTROLLER pCtl, uint32_t addr)
3515{
3516 AHCIATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
3517 uint32_t val;
3518
3519 if ((!pCtl->aIfs[0].pDrvBlock && !pCtl->aIfs[1].pDrvBlock) ||
3520 (pCtl->iSelectedIf == 1 && !s->pDrvBlock))
3521 val = 0;
3522 else
3523 val = s->uATARegStatus;
3524 Log2(("%s: addr=%#x val=%#04x\n", __FUNCTION__, addr, val));
3525 return val;
3526}
3527
3528static int ataControlWrite(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t val)
3529{
3530#ifndef IN_RING3
3531 if ((val ^ pCtl->aIfs[0].uATARegDevCtl) & ATA_DEVCTL_RESET)
3532 return VINF_IOM_HC_IOPORT_WRITE; /* The RESET stuff is too complicated for GC. */
3533#endif /* !IN_RING3 */
3534
3535 Log2(("%s: addr=%#x val=%#04x\n", __FUNCTION__, addr, val));
3536 /* RESET is common for both drives attached to a controller. */
3537 if (!(pCtl->aIfs[0].uATARegDevCtl & ATA_DEVCTL_RESET) &&
3538 (val & ATA_DEVCTL_RESET))
3539 {
3540#ifdef IN_RING3
3541 /* Software RESET low to high */
3542 int32_t uCmdWait0 = -1, uCmdWait1 = -1;
3543 uint64_t uNow = RTTimeNanoTS();
3544 if (pCtl->aIfs[0].u64CmdTS)
3545 uCmdWait0 = (uNow - pCtl->aIfs[0].u64CmdTS) / 1000;
3546 if (pCtl->aIfs[1].u64CmdTS)
3547 uCmdWait1 = (uNow - pCtl->aIfs[1].u64CmdTS) / 1000;
3548 LogRel(("AHCI ATA: Ctl: RESET, DevSel=%d AIOIf=%d CmdIf0=%#04x (%d usec ago) CmdIf1=%#04x (%d usec ago)\n",
3549 pCtl->iSelectedIf, pCtl->iAIOIf,
3550 pCtl->aIfs[0].uATARegCommand, uCmdWait0,
3551 pCtl->aIfs[1].uATARegCommand, uCmdWait1));
3552 pCtl->fReset = true;
3553 /* Everything must be done after the reset flag is set, otherwise
3554 * there are unavoidable races with the currently executing request
3555 * (which might just finish in the mean time). */
3556 pCtl->fChainedTransfer = false;
3557 for (uint32_t i = 0; i < RT_ELEMENTS(pCtl->aIfs); i++)
3558 {
3559 ataResetDevice(&pCtl->aIfs[i]);
3560 /* The following cannot be done using ataSetStatusValue() since the
3561 * reset flag is already set, which suppresses all status changes. */
3562 pCtl->aIfs[i].uATARegStatus = ATA_STAT_BUSY | ATA_STAT_SEEK;
3563 Log2(("%s: LUN#%d status %#04x\n", __FUNCTION__, pCtl->aIfs[i].iLUN, pCtl->aIfs[i].uATARegStatus));
3564 pCtl->aIfs[i].uATARegError = 0x01;
3565 }
3566 ataAsyncIOClearRequests(pCtl);
3567 Log2(("%s: Ctl: message to async I/O thread, resetA\n", __FUNCTION__));
3568 if (val & ATA_DEVCTL_HOB)
3569 {
3570 val &= ~ATA_DEVCTL_HOB;
3571 Log2(("%s: ignored setting HOB\n", __FUNCTION__));
3572 }
3573 ataAsyncIOPutRequest(pCtl, &ataResetARequest);
3574#else /* !IN_RING3 */
3575 AssertMsgFailed(("RESET handling is too complicated for GC\n"));
3576#endif /* IN_RING3 */
3577 }
3578 else if ((pCtl->aIfs[0].uATARegDevCtl & ATA_DEVCTL_RESET) &&
3579 !(val & ATA_DEVCTL_RESET))
3580 {
3581#ifdef IN_RING3
3582 /* Software RESET high to low */
3583 Log(("%s: deasserting RESET\n", __FUNCTION__));
3584 Log2(("%s: Ctl: message to async I/O thread, resetC\n", __FUNCTION__));
3585 if (val & ATA_DEVCTL_HOB)
3586 {
3587 val &= ~ATA_DEVCTL_HOB;
3588 Log2(("%s: ignored setting HOB\n", __FUNCTION__));
3589 }
3590 ataAsyncIOPutRequest(pCtl, &ataResetCRequest);
3591#else /* !IN_RING3 */
3592 AssertMsgFailed(("RESET handling is too complicated for GC\n"));
3593#endif /* IN_RING3 */
3594 }
3595
3596 /* Change of interrupt disable flag. Update interrupt line if interrupt
3597 * is pending on the current interface. */
3598 if ((val ^ pCtl->aIfs[0].uATARegDevCtl) & ATA_DEVCTL_DISABLE_IRQ
3599 && pCtl->aIfs[pCtl->iSelectedIf].fIrqPending)
3600 {
3601 if (!(val & ATA_DEVCTL_DISABLE_IRQ))
3602 {
3603 Log2(("%s: LUN#%d asserting IRQ (interrupt disable change)\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf].iLUN));
3604 /* The BMDMA unit unconditionally sets BM_STATUS_INT if the
3605 * interrupt line is asserted. It monitors the line for a rising
3606 * edge. */
3607 pCtl->BmDma.u8Status |= BM_STATUS_INT;
3608 if (pCtl->irq == 16)
3609 PDMDevHlpPCISetIrq(CONTROLLER_2_DEVINS(pCtl), 0, 1);
3610 else
3611 PDMDevHlpISASetIrq(CONTROLLER_2_DEVINS(pCtl), pCtl->irq, 1);
3612 }
3613 else
3614 {
3615 Log2(("%s: LUN#%d deasserting IRQ (interrupt disable change)\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf].iLUN));
3616 if (pCtl->irq == 16)
3617 PDMDevHlpPCISetIrq(CONTROLLER_2_DEVINS(pCtl), 0, 0);
3618 else
3619 PDMDevHlpISASetIrq(CONTROLLER_2_DEVINS(pCtl), pCtl->irq, 0);
3620 }
3621 }
3622
3623 if (val & ATA_DEVCTL_HOB)
3624 Log2(("%s: set HOB\n", __FUNCTION__));
3625
3626 pCtl->aIfs[0].uATARegDevCtl = val;
3627 pCtl->aIfs[1].uATARegDevCtl = val;
3628
3629 return VINF_SUCCESS;
3630}
3631
3632#ifdef IN_RING3
3633
3634static void ataPIOTransfer(PAHCIATACONTROLLER pCtl)
3635{
3636 AHCIATADevState *s;
3637
3638 s = &pCtl->aIfs[pCtl->iAIOIf];
3639 Log3(("%s: if=%p\n", __FUNCTION__, s));
3640
3641 if (s->cbTotalTransfer && s->iIOBufferCur > s->iIOBufferEnd)
3642 {
3643 LogRel(("AHCI ATA: LUN#%d: %s data in the middle of a PIO transfer - VERY SLOW\n", s->iLUN, s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE ? "loading" : "storing"));
3644 /* Any guest OS that triggers this case has a pathetic ATA driver.
3645 * In a real system it would block the CPU via IORDY, here we do it
3646 * very similarly by not continuing with the current instruction
3647 * until the transfer to/from the storage medium is completed. */
3648 if (s->iSourceSink != ATAFN_SS_NULL)
3649 {
3650 bool fRedo;
3651 uint8_t status = s->uATARegStatus;
3652 ataSetStatusValue(s, ATA_STAT_BUSY);
3653 Log2(("%s: calling source/sink function\n", __FUNCTION__));
3654 fRedo = g_apfnSourceSinkFuncs[s->iSourceSink](s);
3655 pCtl->fRedo = fRedo;
3656 if (RT_UNLIKELY(fRedo))
3657 return;
3658 ataSetStatusValue(s, status);
3659 s->iIOBufferCur = 0;
3660 s->iIOBufferEnd = s->cbElementaryTransfer;
3661 }
3662 }
3663 if (s->cbTotalTransfer)
3664 {
3665 if (s->fATAPITransfer)
3666 ataPIOTransferLimitATAPI(s);
3667
3668 if (s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE && s->cbElementaryTransfer > s->cbTotalTransfer)
3669 s->cbElementaryTransfer = s->cbTotalTransfer;
3670
3671 Log2(("%s: %s tx_size=%d elem_tx_size=%d index=%d end=%d\n",
3672 __FUNCTION__, s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE ? "T2I" : "I2T",
3673 s->cbTotalTransfer, s->cbElementaryTransfer,
3674 s->iIOBufferCur, s->iIOBufferEnd));
3675 ataPIOTransferStart(s, s->iIOBufferCur, s->cbElementaryTransfer);
3676 s->cbTotalTransfer -= s->cbElementaryTransfer;
3677 s->iIOBufferCur += s->cbElementaryTransfer;
3678
3679 if (s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE && s->cbElementaryTransfer > s->cbTotalTransfer)
3680 s->cbElementaryTransfer = s->cbTotalTransfer;
3681 }
3682 else
3683 ataPIOTransferStop(s);
3684}
3685
3686
3687DECLINLINE(void) ataPIOTransferFinish(PAHCIATACONTROLLER pCtl, AHCIATADevState *s)
3688{
3689 /* Do not interfere with RESET processing if the PIO transfer finishes
3690 * while the RESET line is asserted. */
3691 if (pCtl->fReset)
3692 {
3693 Log2(("%s: Ctl: suppressed continuing PIO transfer as RESET is active\n", __FUNCTION__));
3694 return;
3695 }
3696
3697 if ( s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE
3698 || ( s->iSourceSink != ATAFN_SS_NULL
3699 && s->iIOBufferCur >= s->iIOBufferEnd))
3700 {
3701 /* Need to continue the transfer in the async I/O thread. This is
3702 * the case for write operations or generally for not yet finished
3703 * transfers (some data might need to be read). */
3704 ataUnsetStatus(s, ATA_STAT_READY | ATA_STAT_DRQ);
3705 ataSetStatus(s, ATA_STAT_BUSY);
3706
3707 Log2(("%s: Ctl: message to async I/O thread, continuing PIO transfer\n", __FUNCTION__));
3708 ataAsyncIOPutRequest(pCtl, &ataPIORequest);
3709 }
3710 else
3711 {
3712 /* Either everything finished (though some data might still be pending)
3713 * or some data is pending before the next read is due. */
3714
3715 /* Continue a previously started transfer. */
3716 ataUnsetStatus(s, ATA_STAT_DRQ);
3717 ataSetStatus(s, ATA_STAT_READY);
3718
3719 if (s->cbTotalTransfer)
3720 {
3721 /* There is more to transfer, happens usually for large ATAPI
3722 * reads - the protocol limits the chunk size to 65534 bytes. */
3723 ataPIOTransfer(pCtl);
3724 ataSetIRQ(s);
3725 }
3726 else
3727 {
3728 Log2(("%s: Ctl: skipping message to async I/O thread, ending PIO transfer\n", __FUNCTION__));
3729 /* Finish PIO transfer. */
3730 ataPIOTransfer(pCtl);
3731 Assert(!pCtl->fRedo);
3732 }
3733 }
3734}
3735
3736#endif /* IN_RING3 */
3737
3738static int ataDataWrite(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t cbSize, const uint8_t *pbBuf)
3739{
3740 AHCIATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
3741 uint8_t *p;
3742
3743 if (s->iIOBufferPIODataStart < s->iIOBufferPIODataEnd)
3744 {
3745 Assert(s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE);
3746 p = s->CTX_SUFF(pbIOBuffer) + s->iIOBufferPIODataStart;
3747#ifndef IN_RING3
3748 /* All but the last transfer unit is simple enough for GC, but
3749 * sending a request to the async IO thread is too complicated. */
3750 if (s->iIOBufferPIODataStart + cbSize < s->iIOBufferPIODataEnd)
3751 {
3752 memcpy(p, pbBuf, cbSize);
3753 s->iIOBufferPIODataStart += cbSize;
3754 }
3755 else
3756 return VINF_IOM_HC_IOPORT_WRITE;
3757#else /* IN_RING3 */
3758 memcpy(p, pbBuf, cbSize);
3759 s->iIOBufferPIODataStart += cbSize;
3760 if (s->iIOBufferPIODataStart >= s->iIOBufferPIODataEnd)
3761 ataPIOTransferFinish(pCtl, s);
3762#endif /* !IN_RING3 */
3763 }
3764 else
3765 Log2(("%s: DUMMY data\n", __FUNCTION__));
3766 Log3(("%s: addr=%#x val=%.*Rhxs\n", __FUNCTION__, addr, cbSize, pbBuf));
3767 return VINF_SUCCESS;
3768}
3769
3770static int ataDataRead(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t cbSize, uint8_t *pbBuf)
3771{
3772 AHCIATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
3773 uint8_t *p;
3774
3775 if (s->iIOBufferPIODataStart < s->iIOBufferPIODataEnd)
3776 {
3777 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
3778 p = s->CTX_SUFF(pbIOBuffer) + s->iIOBufferPIODataStart;
3779#ifndef IN_RING3
3780 /* All but the last transfer unit is simple enough for GC, but
3781 * sending a request to the async IO thread is too complicated. */
3782 if (s->iIOBufferPIODataStart + cbSize < s->iIOBufferPIODataEnd)
3783 {
3784 memcpy(pbBuf, p, cbSize);
3785 s->iIOBufferPIODataStart += cbSize;
3786 }
3787 else
3788 return VINF_IOM_HC_IOPORT_READ;
3789#else /* IN_RING3 */
3790 memcpy(pbBuf, p, cbSize);
3791 s->iIOBufferPIODataStart += cbSize;
3792 if (s->iIOBufferPIODataStart >= s->iIOBufferPIODataEnd)
3793 ataPIOTransferFinish(pCtl, s);
3794#endif /* !IN_RING3 */
3795 }
3796 else
3797 {
3798 Log2(("%s: DUMMY data\n", __FUNCTION__));
3799 memset(pbBuf, '\xff', cbSize);
3800 }
3801 Log3(("%s: addr=%#x val=%.*Rhxs\n", __FUNCTION__, addr, cbSize, pbBuf));
3802 return VINF_SUCCESS;
3803}
3804
3805#ifdef IN_RING3
3806
3807static void ataDMATransferStop(AHCIATADevState *s)
3808{
3809 s->cbTotalTransfer = 0;
3810 s->cbElementaryTransfer = 0;
3811 s->iBeginTransfer = ATAFN_BT_NULL;
3812 s->iSourceSink = ATAFN_SS_NULL;
3813}
3814
3815
3816/**
3817 * Perform the entire DMA transfer in one go (unless a source/sink operation
3818 * has to be redone or a RESET comes in between). Unlike the PIO counterpart
3819 * this function cannot handle empty transfers.
3820 *
3821 * @param pCtl Controller for which to perform the transfer.
3822 */
3823static void ataDMATransfer(PAHCIATACONTROLLER pCtl)
3824{
3825 PPDMDEVINS pDevIns = CONTROLLER_2_DEVINS(pCtl);
3826 AHCIATADevState *s = &pCtl->aIfs[pCtl->iAIOIf];
3827 bool fRedo;
3828 RTGCPHYS32 pDesc;
3829 uint32_t cbTotalTransfer, cbElementaryTransfer;
3830 uint32_t iIOBufferCur, iIOBufferEnd;
3831 uint32_t dmalen;
3832 PDMBLOCKTXDIR uTxDir;
3833 bool fLastDesc = false;
3834
3835 Assert(sizeof(BMDMADesc) == 8);
3836
3837 fRedo = pCtl->fRedo;
3838 if (RT_LIKELY(!fRedo))
3839 Assert(s->cbTotalTransfer);
3840 uTxDir = (PDMBLOCKTXDIR)s->uTxDir;
3841 cbTotalTransfer = s->cbTotalTransfer;
3842 cbElementaryTransfer = s->cbElementaryTransfer;
3843 iIOBufferCur = s->iIOBufferCur;
3844 iIOBufferEnd = s->iIOBufferEnd;
3845
3846 /* The DMA loop is designed to hold the lock only when absolutely
3847 * necessary. This avoids long freezes should the guest access the
3848 * ATA registers etc. for some reason. */
3849 PDMCritSectLeave(&pCtl->lock);
3850
3851 Log2(("%s: %s tx_size=%d elem_tx_size=%d index=%d end=%d\n",
3852 __FUNCTION__, uTxDir == PDMBLOCKTXDIR_FROM_DEVICE ? "T2I" : "I2T",
3853 cbTotalTransfer, cbElementaryTransfer,
3854 iIOBufferCur, iIOBufferEnd));
3855 for (pDesc = pCtl->pFirstDMADesc; pDesc <= pCtl->pLastDMADesc; pDesc += sizeof(BMDMADesc))
3856 {
3857 BMDMADesc DMADesc;
3858 RTGCPHYS32 pBuffer;
3859 uint32_t cbBuffer;
3860
3861 if (RT_UNLIKELY(fRedo))
3862 {
3863 pBuffer = pCtl->pRedoDMABuffer;
3864 cbBuffer = pCtl->cbRedoDMABuffer;
3865 fLastDesc = pCtl->fRedoDMALastDesc;
3866 }
3867 else
3868 {
3869 PDMDevHlpPhysRead(pDevIns, pDesc, &DMADesc, sizeof(BMDMADesc));
3870 pBuffer = RT_LE2H_U32(DMADesc.pBuffer);
3871 cbBuffer = RT_LE2H_U32(DMADesc.cbBuffer);
3872 fLastDesc = !!(cbBuffer & 0x80000000);
3873 cbBuffer &= 0xfffe;
3874 if (cbBuffer == 0)
3875 cbBuffer = 0x10000;
3876 if (cbBuffer > cbTotalTransfer)
3877 cbBuffer = cbTotalTransfer;
3878 }
3879
3880 while (RT_UNLIKELY(fRedo) || (cbBuffer && cbTotalTransfer))
3881 {
3882 if (RT_LIKELY(!fRedo))
3883 {
3884 dmalen = RT_MIN(cbBuffer, iIOBufferEnd - iIOBufferCur);
3885 Log2(("%s: DMA desc %#010x: addr=%#010x size=%#010x\n", __FUNCTION__,
3886 pDesc, pBuffer, cbBuffer));
3887 if (uTxDir == PDMBLOCKTXDIR_FROM_DEVICE)
3888 PDMDevHlpPhysWrite(pDevIns, pBuffer, s->CTX_SUFF(pbIOBuffer) + iIOBufferCur, dmalen);
3889 else
3890 PDMDevHlpPhysRead(pDevIns, pBuffer, s->CTX_SUFF(pbIOBuffer) + iIOBufferCur, dmalen);
3891 iIOBufferCur += dmalen;
3892 cbTotalTransfer -= dmalen;
3893 cbBuffer -= dmalen;
3894 pBuffer += dmalen;
3895 }
3896 if ( iIOBufferCur == iIOBufferEnd
3897 && (uTxDir == PDMBLOCKTXDIR_TO_DEVICE || cbTotalTransfer))
3898 {
3899 if (uTxDir == PDMBLOCKTXDIR_FROM_DEVICE && cbElementaryTransfer > cbTotalTransfer)
3900 cbElementaryTransfer = cbTotalTransfer;
3901
3902 {
3903 STAM_PROFILE_START(&pCtl->StatLockWait, a);
3904 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
3905 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
3906 }
3907
3908 /* The RESET handler could have cleared the DMA transfer
3909 * state (since we didn't hold the lock until just now
3910 * the guest can continue in parallel). If so, the state
3911 * is already set up so the loop is exited immediately. */
3912 if (s->iSourceSink != ATAFN_SS_NULL)
3913 {
3914 s->iIOBufferCur = iIOBufferCur;
3915 s->iIOBufferEnd = iIOBufferEnd;
3916 s->cbElementaryTransfer = cbElementaryTransfer;
3917 s->cbTotalTransfer = cbTotalTransfer;
3918 Log2(("%s: calling source/sink function\n", __FUNCTION__));
3919 fRedo = g_apfnSourceSinkFuncs[s->iSourceSink](s);
3920 if (RT_UNLIKELY(fRedo))
3921 {
3922 pCtl->pFirstDMADesc = pDesc;
3923 pCtl->pRedoDMABuffer = pBuffer;
3924 pCtl->cbRedoDMABuffer = cbBuffer;
3925 pCtl->fRedoDMALastDesc = fLastDesc;
3926 }
3927 else
3928 {
3929 cbTotalTransfer = s->cbTotalTransfer;
3930 cbElementaryTransfer = s->cbElementaryTransfer;
3931
3932 if (uTxDir == PDMBLOCKTXDIR_TO_DEVICE && cbElementaryTransfer > cbTotalTransfer)
3933 cbElementaryTransfer = cbTotalTransfer;
3934 iIOBufferCur = 0;
3935 iIOBufferEnd = cbElementaryTransfer;
3936 }
3937 pCtl->fRedo = fRedo;
3938 }
3939 else
3940 {
3941 /* This forces the loop to exit immediately. */
3942 pDesc = pCtl->pLastDMADesc + 1;
3943 }
3944
3945 PDMCritSectLeave(&pCtl->lock);
3946 if (RT_UNLIKELY(fRedo))
3947 break;
3948 }
3949 }
3950
3951 if (RT_UNLIKELY(fRedo))
3952 break;
3953
3954 /* end of transfer */
3955 if (!cbTotalTransfer || fLastDesc)
3956 break;
3957
3958 {
3959 STAM_PROFILE_START(&pCtl->StatLockWait, a);
3960 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
3961 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
3962 }
3963
3964 if (!(pCtl->BmDma.u8Cmd & BM_CMD_START) || pCtl->fReset)
3965 {
3966 LogRel(("AHCI ATA: Ctl: ABORT DMA%s\n", pCtl->fReset ? " due to RESET" : ""));
3967 if (!pCtl->fReset)
3968 ataDMATransferStop(s);
3969 /* This forces the loop to exit immediately. */
3970 pDesc = pCtl->pLastDMADesc + 1;
3971 }
3972
3973 PDMCritSectLeave(&pCtl->lock);
3974 }
3975
3976 {
3977 STAM_PROFILE_START(&pCtl->StatLockWait, a);
3978 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
3979 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
3980 }
3981
3982 if (RT_UNLIKELY(fRedo))
3983 return;
3984
3985 if (fLastDesc)
3986 pCtl->BmDma.u8Status &= ~BM_STATUS_DMAING;
3987 s->cbTotalTransfer = cbTotalTransfer;
3988 s->cbElementaryTransfer = cbElementaryTransfer;
3989 s->iIOBufferCur = iIOBufferCur;
3990 s->iIOBufferEnd = iIOBufferEnd;
3991}
3992
3993
3994/**
3995 * Signal ataWaitForAsyncIOIsIdle that we're idle (if we actually are).
3996 *
3997 * @param pCtl The controller.
3998 */
3999static void ataAsyncSignalIdle(PAHCIATACONTROLLER pCtl)
4000{
4001 /*
4002 * Take the mutex here and recheck the idle indicator as there might be
4003 * interesting races, like in the ataReset code.
4004 */
4005 int rc = RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT); AssertRC(rc);
4006
4007 if ( pCtl->fSignalIdle
4008 && ataAsyncIOIsIdle(pCtl, false /*fStrict*/))
4009 {
4010 PDMDevHlpAsyncNotificationCompleted(pCtl->pDevInsR3);
4011 RTThreadUserSignal(pCtl->AsyncIOThread);
4012 }
4013
4014 rc = RTSemMutexRelease(pCtl->AsyncIORequestMutex); AssertRC(rc);
4015}
4016
4017
4018/** Async I/O thread for an interface. Once upon a time this was readable
4019 * code with several loops and a different semaphore for each purpose. But
4020 * then came the "how can one save the state in the middle of a PIO transfer"
4021 * question. The solution was to use an ASM, which is what's there now. */
4022static DECLCALLBACK(int) ataAsyncIOLoop(RTTHREAD ThreadSelf, void *pvUser)
4023{
4024 const AHCIATARequest *pReq;
4025 uint64_t u64TS = 0; /* shut up gcc */
4026 uint64_t uWait;
4027 int rc = VINF_SUCCESS;
4028 PAHCIATACONTROLLER pCtl = (PAHCIATACONTROLLER)pvUser;
4029 AHCIATADevState *s;
4030
4031 pReq = NULL;
4032 pCtl->fChainedTransfer = false;
4033 while (!pCtl->fShutdown)
4034 {
4035 /* Keep this thread from doing anything as long as EMT is suspended. */
4036 while (pCtl->fRedoIdle)
4037 {
4038 if (pCtl->fSignalIdle)
4039 ataAsyncSignalIdle(pCtl);
4040 rc = RTSemEventWait(pCtl->SuspendIOSem, RT_INDEFINITE_WAIT);
4041 if (RT_FAILURE(rc) || pCtl->fShutdown)
4042 break;
4043
4044 pCtl->fRedoIdle = false;
4045 }
4046
4047 /* Wait for work. */
4048 if (pReq == NULL)
4049 {
4050 if (pCtl->fSignalIdle)
4051 ataAsyncSignalIdle(pCtl);
4052 rc = RTSemEventWait(pCtl->AsyncIOSem, RT_INDEFINITE_WAIT);
4053 if (RT_FAILURE(rc) || pCtl->fShutdown)
4054 break;
4055
4056 pReq = ataAsyncIOGetCurrentRequest(pCtl);
4057 }
4058
4059 if (pReq == NULL)
4060 continue;
4061
4062 AHCIATAAIO ReqType = pReq->ReqType;
4063
4064 Log2(("%s: Ctl: state=%d, req=%d\n", __FUNCTION__, pCtl->uAsyncIOState, ReqType));
4065 if (pCtl->uAsyncIOState != ReqType)
4066 {
4067 /* The new state is not the state that was expected by the normal
4068 * state changes. This is either a RESET/ABORT or there's something
4069 * really strange going on. */
4070 if ( (pCtl->uAsyncIOState == AHCIATA_AIO_PIO || pCtl->uAsyncIOState == AHCIATA_AIO_DMA)
4071 && (ReqType == AHCIATA_AIO_PIO || ReqType == AHCIATA_AIO_DMA))
4072 {
4073 /* Incorrect sequence of PIO/DMA states. Dump request queue. */
4074 ataAsyncIODumpRequests(pCtl);
4075 }
4076 AssertReleaseMsg(ReqType == AHCIATA_AIO_RESET_ASSERTED || ReqType == AHCIATA_AIO_RESET_CLEARED || ReqType == AHCIATA_AIO_ABORT || pCtl->uAsyncIOState == ReqType, ("I/O state inconsistent: state=%d request=%d\n", pCtl->uAsyncIOState, ReqType));
4077 }
4078
4079 /* Do our work. */
4080 {
4081 STAM_PROFILE_START(&pCtl->StatLockWait, a);
4082 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
4083 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
4084 }
4085
4086 if (pCtl->uAsyncIOState == AHCIATA_AIO_NEW && !pCtl->fChainedTransfer)
4087 {
4088 u64TS = RTTimeNanoTS();
4089#if defined(DEBUG) || defined(VBOX_WITH_STATISTICS)
4090 STAM_PROFILE_ADV_START(&pCtl->StatAsyncTime, a);
4091#endif /* DEBUG || VBOX_WITH_STATISTICS */
4092 }
4093
4094 switch (ReqType)
4095 {
4096 case AHCIATA_AIO_NEW:
4097
4098 pCtl->iAIOIf = pReq->u.t.iIf;
4099 s = &pCtl->aIfs[pCtl->iAIOIf];
4100 s->cbTotalTransfer = pReq->u.t.cbTotalTransfer;
4101 s->uTxDir = pReq->u.t.uTxDir;
4102 s->iBeginTransfer = pReq->u.t.iBeginTransfer;
4103 s->iSourceSink = pReq->u.t.iSourceSink;
4104 s->iIOBufferEnd = 0;
4105 s->u64CmdTS = u64TS;
4106
4107 if (s->fATAPI)
4108 {
4109 if (pCtl->fChainedTransfer)
4110 {
4111 /* Only count the actual transfers, not the PIO
4112 * transfer of the ATAPI command bytes. */
4113 if (s->fDMA)
4114 STAM_REL_COUNTER_INC(&s->StatATAPIDMA);
4115 else
4116 STAM_REL_COUNTER_INC(&s->StatATAPIPIO);
4117 }
4118 }
4119 else
4120 {
4121 if (s->fDMA)
4122 STAM_REL_COUNTER_INC(&s->StatATADMA);
4123 else
4124 STAM_REL_COUNTER_INC(&s->StatATAPIO);
4125 }
4126
4127 pCtl->fChainedTransfer = false;
4128
4129 if (s->iBeginTransfer != ATAFN_BT_NULL)
4130 {
4131 Log2(("%s: Ctl: calling begin transfer function\n", __FUNCTION__));
4132 g_apfnBeginTransFuncs[s->iBeginTransfer](s);
4133 s->iBeginTransfer = ATAFN_BT_NULL;
4134 if (s->uTxDir != PDMBLOCKTXDIR_FROM_DEVICE)
4135 s->iIOBufferEnd = s->cbElementaryTransfer;
4136 }
4137 else
4138 {
4139 s->cbElementaryTransfer = s->cbTotalTransfer;
4140 s->iIOBufferEnd = s->cbTotalTransfer;
4141 }
4142 s->iIOBufferCur = 0;
4143
4144 if (s->uTxDir != PDMBLOCKTXDIR_TO_DEVICE)
4145 {
4146 if (s->iSourceSink != ATAFN_SS_NULL)
4147 {
4148 bool fRedo;
4149 Log2(("%s: Ctl: calling source/sink function\n", __FUNCTION__));
4150 fRedo = g_apfnSourceSinkFuncs[s->iSourceSink](s);
4151 pCtl->fRedo = fRedo;
4152 if (RT_UNLIKELY(fRedo))
4153 {
4154 /* Operation failed at the initial transfer, restart
4155 * everything from scratch by resending the current
4156 * request. Occurs very rarely, not worth optimizing. */
4157 LogRel(("%s: Ctl: redo entire operation\n", __FUNCTION__));
4158 ataAsyncIOPutRequest(pCtl, pReq);
4159 break;
4160 }
4161 }
4162 else
4163 ataCmdOK(s, 0);
4164 s->iIOBufferEnd = s->cbElementaryTransfer;
4165
4166 }
4167
4168 /* Do not go into the transfer phase if RESET is asserted.
4169 * The CritSect is released while waiting for the host OS
4170 * to finish the I/O, thus RESET is possible here. Most
4171 * important: do not change uAsyncIOState. */
4172 if (pCtl->fReset)
4173 break;
4174
4175 if (s->fDMA)
4176 {
4177 if (s->cbTotalTransfer)
4178 {
4179 ataSetStatus(s, ATA_STAT_DRQ);
4180
4181 pCtl->uAsyncIOState = AHCIATA_AIO_DMA;
4182 /* If BMDMA is already started, do the transfer now. */
4183 if (pCtl->BmDma.u8Cmd & BM_CMD_START)
4184 {
4185 Log2(("%s: Ctl: message to async I/O thread, continuing DMA transfer immediately\n", __FUNCTION__));
4186 ataAsyncIOPutRequest(pCtl, &ataDMARequest);
4187 }
4188 }
4189 else
4190 {
4191 Assert(s->uTxDir == PDMBLOCKTXDIR_NONE); /* Any transfer which has an initial transfer size of 0 must be marked as such. */
4192 /* Finish DMA transfer. */
4193 ataDMATransferStop(s);
4194 ataSetIRQ(s);
4195 pCtl->uAsyncIOState = AHCIATA_AIO_NEW;
4196 }
4197 }
4198 else
4199 {
4200 if (s->cbTotalTransfer)
4201 {
4202 ataPIOTransfer(pCtl);
4203 Assert(!pCtl->fRedo);
4204 if (s->fATAPITransfer || s->uTxDir != PDMBLOCKTXDIR_TO_DEVICE)
4205 ataSetIRQ(s);
4206
4207 if (s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE || s->iSourceSink != ATAFN_SS_NULL)
4208 {
4209 /* Write operations and not yet finished transfers
4210 * must be completed in the async I/O thread. */
4211 pCtl->uAsyncIOState = AHCIATA_AIO_PIO;
4212 }
4213 else
4214 {
4215 /* Finished read operation can be handled inline
4216 * in the end of PIO transfer handling code. Linux
4217 * depends on this, as it waits only briefly for
4218 * devices to become ready after incoming data
4219 * transfer. Cannot find anything in the ATA spec
4220 * that backs this assumption, but as all kernels
4221 * are affected (though most of the time it does
4222 * not cause any harm) this must work. */
4223 pCtl->uAsyncIOState = AHCIATA_AIO_NEW;
4224 }
4225 }
4226 else
4227 {
4228 Assert(s->uTxDir == PDMBLOCKTXDIR_NONE); /* Any transfer which has an initial transfer size of 0 must be marked as such. */
4229 /* Finish PIO transfer. */
4230 ataPIOTransfer(pCtl);
4231 Assert(!pCtl->fRedo);
4232 if (!s->fATAPITransfer)
4233 ataSetIRQ(s);
4234 pCtl->uAsyncIOState = AHCIATA_AIO_NEW;
4235 }
4236 }
4237 break;
4238
4239 case AHCIATA_AIO_DMA:
4240 {
4241 BMDMAState *bm = &pCtl->BmDma;
4242 s = &pCtl->aIfs[pCtl->iAIOIf]; /* Do not remove or there's an instant crash after loading the saved state */
4243 ATAFNSS iOriginalSourceSink = (ATAFNSS)s->iSourceSink; /* Used by the hack below, but gets reset by then. */
4244
4245 if (s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE)
4246 AssertRelease(bm->u8Cmd & BM_CMD_WRITE);
4247 else
4248 AssertRelease(!(bm->u8Cmd & BM_CMD_WRITE));
4249
4250 if (RT_LIKELY(!pCtl->fRedo))
4251 {
4252 /* The specs say that the descriptor table must not cross a
4253 * 4K boundary. */
4254 pCtl->pFirstDMADesc = bm->pvAddr;
4255 pCtl->pLastDMADesc = RT_ALIGN_32(bm->pvAddr + 1, _4K) - sizeof(BMDMADesc);
4256 }
4257 ataDMATransfer(pCtl);
4258
4259 if (RT_UNLIKELY(pCtl->fRedo))
4260 {
4261 LogRel(("AHCI ATA: Ctl: redo DMA operation\n"));
4262 ataAsyncIOPutRequest(pCtl, &ataDMARequest);
4263 break;
4264 }
4265
4266 /* The infamous delay IRQ hack. */
4267 if ( iOriginalSourceSink == ATAFN_SS_WRITE_SECTORS
4268 && s->cbTotalTransfer == 0
4269 && pCtl->DelayIRQMillies)
4270 {
4271 /* Delay IRQ for writing. Required to get the Win2K
4272 * installation work reliably (otherwise it crashes,
4273 * usually during component install). So far no better
4274 * solution has been found. */
4275 Log(("%s: delay IRQ hack\n", __FUNCTION__));
4276 PDMCritSectLeave(&pCtl->lock);
4277 RTThreadSleep(pCtl->DelayIRQMillies);
4278 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
4279 }
4280
4281 ataUnsetStatus(s, ATA_STAT_DRQ);
4282 Assert(!pCtl->fChainedTransfer);
4283 Assert(s->iSourceSink == ATAFN_SS_NULL);
4284 if (s->fATAPITransfer)
4285 {
4286 s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
4287 Log2(("%s: Ctl: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
4288 s->fATAPITransfer = false;
4289 }
4290 ataSetIRQ(s);
4291 pCtl->uAsyncIOState = AHCIATA_AIO_NEW;
4292 break;
4293 }
4294
4295 case AHCIATA_AIO_PIO:
4296 s = &pCtl->aIfs[pCtl->iAIOIf]; /* Do not remove or there's an instant crash after loading the saved state */
4297
4298 if (s->iSourceSink != ATAFN_SS_NULL)
4299 {
4300 bool fRedo;
4301 Log2(("%s: Ctl: calling source/sink function\n", __FUNCTION__));
4302 fRedo = g_apfnSourceSinkFuncs[s->iSourceSink](s);
4303 pCtl->fRedo = fRedo;
4304 if (RT_UNLIKELY(fRedo))
4305 {
4306 LogRel(("AHCI ATA: Ctl: redo PIO operation\n"));
4307 ataAsyncIOPutRequest(pCtl, &ataPIORequest);
4308 break;
4309 }
4310 s->iIOBufferCur = 0;
4311 s->iIOBufferEnd = s->cbElementaryTransfer;
4312 }
4313 else
4314 {
4315 /* Continue a previously started transfer. */
4316 ataUnsetStatus(s, ATA_STAT_BUSY);
4317 ataSetStatus(s, ATA_STAT_READY);
4318 }
4319
4320 /* It is possible that the drives on this controller get RESET
4321 * during the above call to the source/sink function. If that's
4322 * the case, don't restart the transfer and don't finish it the
4323 * usual way. RESET handling took care of all that already.
4324 * Most important: do not change uAsyncIOState. */
4325 if (pCtl->fReset)
4326 break;
4327
4328 if (s->cbTotalTransfer)
4329 {
4330 ataPIOTransfer(pCtl);
4331 ataSetIRQ(s);
4332
4333 if (s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE || s->iSourceSink != ATAFN_SS_NULL)
4334 {
4335 /* Write operations and not yet finished transfers
4336 * must be completed in the async I/O thread. */
4337 pCtl->uAsyncIOState = AHCIATA_AIO_PIO;
4338 }
4339 else
4340 {
4341 /* Finished read operation can be handled inline
4342 * in the end of PIO transfer handling code. Linux
4343 * depends on this, as it waits only briefly for
4344 * devices to become ready after incoming data
4345 * transfer. Cannot find anything in the ATA spec
4346 * that backs this assumption, but as all kernels
4347 * are affected (though most of the time it does
4348 * not cause any harm) this must work. */
4349 pCtl->uAsyncIOState = AHCIATA_AIO_NEW;
4350 }
4351 }
4352 else
4353 {
4354 /* Finish PIO transfer. */
4355 ataPIOTransfer(pCtl);
4356 if ( !pCtl->fChainedTransfer
4357 && !s->fATAPITransfer
4358 && s->uTxDir != PDMBLOCKTXDIR_FROM_DEVICE)
4359 {
4360 ataSetIRQ(s);
4361 }
4362 pCtl->uAsyncIOState = AHCIATA_AIO_NEW;
4363 }
4364 break;
4365
4366 case AHCIATA_AIO_RESET_ASSERTED:
4367 pCtl->uAsyncIOState = AHCIATA_AIO_RESET_CLEARED;
4368 ataPIOTransferStop(&pCtl->aIfs[0]);
4369 ataPIOTransferStop(&pCtl->aIfs[1]);
4370 /* Do not change the DMA registers, they are not affected by the
4371 * ATA controller reset logic. It should be sufficient to issue a
4372 * new command, which is now possible as the state is cleared. */
4373 break;
4374
4375 case AHCIATA_AIO_RESET_CLEARED:
4376 pCtl->uAsyncIOState = AHCIATA_AIO_NEW;
4377 pCtl->fReset = false;
4378 LogRel(("AHCI ATA: Ctl: finished processing RESET\n"));
4379 for (uint32_t i = 0; i < RT_ELEMENTS(pCtl->aIfs); i++)
4380 {
4381 if (pCtl->aIfs[i].fATAPI)
4382 ataSetStatusValue(&pCtl->aIfs[i], 0); /* NOTE: READY is _not_ set */
4383 else
4384 ataSetStatusValue(&pCtl->aIfs[i], ATA_STAT_READY | ATA_STAT_SEEK);
4385 ataSetSignature(&pCtl->aIfs[i]);
4386 }
4387 break;
4388
4389 case AHCIATA_AIO_ABORT:
4390 /* Abort the current command no matter what. There cannot be
4391 * any command activity on the other drive otherwise using
4392 * one thread per controller wouldn't work at all. */
4393 s = &pCtl->aIfs[pReq->u.a.iIf];
4394
4395 pCtl->uAsyncIOState = AHCIATA_AIO_NEW;
4396 /* Do not change the DMA registers, they are not affected by the
4397 * ATA controller reset logic. It should be sufficient to issue a
4398 * new command, which is now possible as the state is cleared. */
4399 if (pReq->u.a.fResetDrive)
4400 {
4401 ataResetDevice(s);
4402 ataExecuteDeviceDiagnosticSS(s);
4403 }
4404 else
4405 {
4406 ataPIOTransferStop(s);
4407 ataUnsetStatus(s, ATA_STAT_BUSY | ATA_STAT_DRQ | ATA_STAT_SEEK | ATA_STAT_ERR);
4408 ataSetStatus(s, ATA_STAT_READY);
4409 ataSetIRQ(s);
4410 }
4411 break;
4412
4413 default:
4414 AssertMsgFailed(("Undefined async I/O state %d\n", pCtl->uAsyncIOState));
4415 }
4416
4417 ataAsyncIORemoveCurrentRequest(pCtl, ReqType);
4418 pReq = ataAsyncIOGetCurrentRequest(pCtl);
4419
4420 if (pCtl->uAsyncIOState == AHCIATA_AIO_NEW && !pCtl->fChainedTransfer)
4421 {
4422#if defined(DEBUG) || defined(VBOX_WITH_STATISTICS)
4423 STAM_PROFILE_ADV_STOP(&pCtl->StatAsyncTime, a);
4424#endif /* DEBUG || VBOX_WITH_STATISTICS */
4425
4426 u64TS = RTTimeNanoTS() - u64TS;
4427 uWait = u64TS / 1000;
4428 Log(("%s: Ctl: LUN#%d finished I/O transaction in %d microseconds\n", __FUNCTION__, pCtl->aIfs[pCtl->iAIOIf].iLUN, (uint32_t)(uWait)));
4429 /* Mark command as finished. */
4430 pCtl->aIfs[pCtl->iAIOIf].u64CmdTS = 0;
4431
4432 /*
4433 * Release logging of command execution times depends on the
4434 * command type. ATAPI commands often take longer (due to CD/DVD
4435 * spin up time etc.) so the threshold is different.
4436 */
4437 if (pCtl->aIfs[pCtl->iAIOIf].uATARegCommand != ATA_PACKET)
4438 {
4439 if (uWait > 8 * 1000 * 1000)
4440 {
4441 /*
4442 * Command took longer than 8 seconds. This is close
4443 * enough or over the guest's command timeout, so place
4444 * an entry in the release log to allow tracking such
4445 * timing errors (which are often caused by the host).
4446 */
4447 LogRel(("AHCI ATA: execution time for ATA command %#04x was %d seconds\n", pCtl->aIfs[pCtl->iAIOIf].uATARegCommand, uWait / (1000 * 1000)));
4448 }
4449 }
4450 else
4451 {
4452 if (uWait > 20 * 1000 * 1000)
4453 {
4454 /*
4455 * Command took longer than 20 seconds. This is close
4456 * enough or over the guest's command timeout, so place
4457 * an entry in the release log to allow tracking such
4458 * timing errors (which are often caused by the host).
4459 */
4460 LogRel(("AHCI ATA: execution time for ATAPI command %#04x was %d seconds\n", pCtl->aIfs[pCtl->iAIOIf].aATAPICmd[0], uWait / (1000 * 1000)));
4461 }
4462 }
4463
4464#if defined(DEBUG) || defined(VBOX_WITH_STATISTICS)
4465 if (uWait < pCtl->StatAsyncMinWait || !pCtl->StatAsyncMinWait)
4466 pCtl->StatAsyncMinWait = uWait;
4467 if (uWait > pCtl->StatAsyncMaxWait)
4468 pCtl->StatAsyncMaxWait = uWait;
4469
4470 STAM_COUNTER_ADD(&pCtl->StatAsyncTimeUS, uWait);
4471 STAM_COUNTER_INC(&pCtl->StatAsyncOps);
4472#endif /* DEBUG || VBOX_WITH_STATISTICS */
4473 }
4474
4475 PDMCritSectLeave(&pCtl->lock);
4476 }
4477
4478 /* Signal the ultimate idleness. */
4479 if (pCtl->fSignalIdle)
4480 PDMDevHlpAsyncNotificationCompleted(pCtl->pDevInsR3);
4481 RTThreadUserSignal(ThreadSelf);
4482
4483 /* Do not destroy request mutex yet, still needed for proper shutdown. */
4484 pCtl->fShutdown = false;
4485
4486 Log2(("%s: Ctl: return %Rrc\n", __FUNCTION__, rc));
4487 return rc;
4488}
4489
4490#endif /* IN_RING3 */
4491
4492static uint32_t ataBMDMACmdReadB(PAHCIATACONTROLLER pCtl, uint32_t addr)
4493{
4494 uint32_t val = pCtl->BmDma.u8Cmd;
4495 Log2(("%s: addr=%#06x val=%#04x\n", __FUNCTION__, addr, val));
4496 return val;
4497}
4498
4499
4500static void ataBMDMACmdWriteB(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t val)
4501{
4502 Log2(("%s: addr=%#06x val=%#04x\n", __FUNCTION__, addr, val));
4503 if (!(val & BM_CMD_START))
4504 {
4505 pCtl->BmDma.u8Status &= ~BM_STATUS_DMAING;
4506 pCtl->BmDma.u8Cmd = val & (BM_CMD_START | BM_CMD_WRITE);
4507 }
4508 else
4509 {
4510#ifdef IN_RING3
4511 /* Check whether the guest OS wants to change DMA direction in
4512 * mid-flight. Not allowed, according to the AHCI specs. */
4513 Assert(!(pCtl->BmDma.u8Status & BM_STATUS_DMAING) || !((val ^ pCtl->BmDma.u8Cmd) & 0x04));
4514 pCtl->BmDma.u8Status |= BM_STATUS_DMAING;
4515 pCtl->BmDma.u8Cmd = val & (BM_CMD_START | BM_CMD_WRITE);
4516
4517 /* Do not continue DMA transfers while the RESET line is asserted. */
4518 if (pCtl->fReset)
4519 {
4520 Log2(("%s: Ctl: suppressed continuing DMA transfer as RESET is active\n", __FUNCTION__));
4521 return;
4522 }
4523
4524 /* Do not start DMA transfers if there's a PIO transfer going on. */
4525 if (!pCtl->aIfs[pCtl->iSelectedIf].fDMA)
4526 return;
4527
4528 if (pCtl->aIfs[pCtl->iAIOIf].uATARegStatus & ATA_STAT_DRQ)
4529 {
4530 Log2(("%s: Ctl: message to async I/O thread, continuing DMA transfer\n", __FUNCTION__));
4531 ataAsyncIOPutRequest(pCtl, &ataDMARequest);
4532 }
4533#else /* !IN_RING3 */
4534 AssertMsgFailed(("DMA START handling is too complicated for GC\n"));
4535#endif /* IN_RING3 */
4536 }
4537}
4538
4539static uint32_t ataBMDMAStatusReadB(PAHCIATACONTROLLER pCtl, uint32_t addr)
4540{
4541 uint32_t val = pCtl->BmDma.u8Status;
4542 Log2(("%s: addr=%#06x val=%#04x\n", __FUNCTION__, addr, val));
4543 return val;
4544}
4545
4546static void ataBMDMAStatusWriteB(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t val)
4547{
4548 Log2(("%s: addr=%#06x val=%#04x\n", __FUNCTION__, addr, val));
4549 pCtl->BmDma.u8Status = (val & (BM_STATUS_D0DMA | BM_STATUS_D1DMA))
4550 | (pCtl->BmDma.u8Status & BM_STATUS_DMAING)
4551 | (pCtl->BmDma.u8Status & ~val & (BM_STATUS_ERROR | BM_STATUS_INT));
4552}
4553
4554static uint32_t ataBMDMAAddrReadL(PAHCIATACONTROLLER pCtl, uint32_t addr)
4555{
4556 uint32_t val = (uint32_t)pCtl->BmDma.pvAddr;
4557 Log2(("%s: addr=%#06x val=%#010x\n", __FUNCTION__, addr, val));
4558 return val;
4559}
4560
4561static void ataBMDMAAddrWriteL(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t val)
4562{
4563 Log2(("%s: addr=%#06x val=%#010x\n", __FUNCTION__, addr, val));
4564 pCtl->BmDma.pvAddr = val & ~3;
4565}
4566
4567static void ataBMDMAAddrWriteLowWord(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t val)
4568{
4569 Log2(("%s: addr=%#06x val=%#010x\n", __FUNCTION__, addr, val));
4570 pCtl->BmDma.pvAddr = (pCtl->BmDma.pvAddr & 0xFFFF0000) | RT_LOWORD(val & ~3);
4571
4572}
4573
4574static void ataBMDMAAddrWriteHighWord(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t val)
4575{
4576 Log2(("%s: addr=%#06x val=%#010x\n", __FUNCTION__, addr, val));
4577 pCtl->BmDma.pvAddr = (RT_LOWORD(val) << 16) | RT_LOWORD(pCtl->BmDma.pvAddr);
4578}
4579
4580#define VAL(port, size) ( ((port) & 7) | ((size) << 3) )
4581
4582/**
4583 * Port I/O Handler for bus master DMA IN operations.
4584 * @see FNIOMIOPORTIN for details.
4585 */
4586int ataControllerBMDMAIOPortRead(PAHCIATACONTROLLER pCtl, RTIOPORT Port, uint32_t *pu32, unsigned cb)
4587{
4588 int rc;
4589
4590 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_HC_IOPORT_READ);
4591 if (rc != VINF_SUCCESS)
4592 return rc;
4593 switch (VAL(Port, cb))
4594 {
4595 case VAL(0, 1): *pu32 = ataBMDMACmdReadB(pCtl, Port); break;
4596 case VAL(0, 2): *pu32 = ataBMDMACmdReadB(pCtl, Port); break;
4597 case VAL(2, 1): *pu32 = ataBMDMAStatusReadB(pCtl, Port); break;
4598 case VAL(2, 2): *pu32 = ataBMDMAStatusReadB(pCtl, Port); break;
4599 case VAL(4, 4): *pu32 = ataBMDMAAddrReadL(pCtl, Port); break;
4600 default:
4601 AssertMsgFailed(("%s: Unsupported read from port %x size=%d\n", __FUNCTION__, Port, cb));
4602 PDMCritSectLeave(&pCtl->lock);
4603 return VERR_IOM_IOPORT_UNUSED;
4604 }
4605 PDMCritSectLeave(&pCtl->lock);
4606 return rc;
4607}
4608
4609/**
4610 * Port I/O Handler for bus master DMA OUT operations.
4611 * @see FNIOMIOPORTOUT for details.
4612 */
4613int ataControllerBMDMAIOPortWrite(PAHCIATACONTROLLER pCtl, RTIOPORT Port, uint32_t u32, unsigned cb)
4614{
4615 int rc;
4616
4617 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_HC_IOPORT_WRITE);
4618 if (rc != VINF_SUCCESS)
4619 return rc;
4620 switch (VAL(Port, cb))
4621 {
4622 case VAL(0, 1):
4623#ifndef IN_RING3
4624 if (u32 & BM_CMD_START)
4625 {
4626 rc = VINF_IOM_HC_IOPORT_WRITE;
4627 break;
4628 }
4629#endif /* !IN_RING3 */
4630 ataBMDMACmdWriteB(pCtl, Port, u32);
4631 break;
4632 case VAL(2, 1): ataBMDMAStatusWriteB(pCtl, Port, u32); break;
4633 case VAL(4, 4): ataBMDMAAddrWriteL(pCtl, Port, u32); break;
4634 case VAL(4, 2): ataBMDMAAddrWriteLowWord(pCtl, Port, u32); break;
4635 case VAL(6, 2): ataBMDMAAddrWriteHighWord(pCtl, Port, u32); break;
4636 default: AssertMsgFailed(("%s: Unsupported write to port %x size=%d val=%x\n", __FUNCTION__, Port, cb, u32)); break;
4637 }
4638 PDMCritSectLeave(&pCtl->lock);
4639 return rc;
4640}
4641
4642#undef VAL
4643
4644
4645#ifdef IN_RING3
4646#if 0
4647
4648/**
4649 * Callback function for mapping an PCI I/O region.
4650 *
4651 * @return VBox status code.
4652 * @param pPciDev Pointer to PCI device. Use pPciDev->pDevIns to get the device instance.
4653 * @param iRegion The region number.
4654 * @param GCPhysAddress Physical address of the region. If iType is PCI_ADDRESS_SPACE_IO, this is an
4655 * I/O port, else it's a physical address.
4656 * This address is *NOT* relative to pci_mem_base like earlier!
4657 * @param enmType One of the PCI_ADDRESS_SPACE_* values.
4658 */
4659static DECLCALLBACK(int) ataBMDMAIORangeMap(PPCIDEVICE pPciDev, /*unsigned*/ int iRegion, RTGCPHYS GCPhysAddress, uint32_t cb, PCIADDRESSSPACE enmType)
4660{
4661 PCIATAState *pThis = PCIDEV_2_PCIATASTATE(pPciDev);
4662 int rc = VINF_SUCCESS;
4663 Assert(enmType == PCI_ADDRESS_SPACE_IO);
4664 Assert(iRegion == 4);
4665 AssertMsg(RT_ALIGN(GCPhysAddress, 8) == GCPhysAddress, ("Expected 8 byte alignment. GCPhysAddress=%#x\n", GCPhysAddress));
4666
4667 /* Register the port range. */
4668 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
4669 {
4670 int rc2 = PDMDevHlpIOPortRegister(pPciDev->pDevIns, (RTIOPORT)GCPhysAddress + i * 8, 8,
4671 (RTHCPTR)i, ataBMDMAIOPortWrite, ataBMDMAIOPortRead, NULL, NULL, "ATA Bus Master DMA");
4672 AssertRC(rc2);
4673 if (rc2 < rc)
4674 rc = rc2;
4675
4676 if (pThis->fGCEnabled)
4677 {
4678 rc2 = PDMDevHlpIOPortRegisterGC(pPciDev->pDevIns, (RTIOPORT)GCPhysAddress + i * 8, 8,
4679 (RTGCPTR)i, "ataBMDMAIOPortWrite", "ataBMDMAIOPortRead", NULL, NULL, "ATA Bus Master DMA");
4680 AssertRC(rc2);
4681 if (rc2 < rc)
4682 rc = rc2;
4683 }
4684 if (pThis->fR0Enabled)
4685 {
4686 rc2 = PDMDevHlpIOPortRegisterR0(pPciDev->pDevIns, (RTIOPORT)GCPhysAddress + i * 8, 8,
4687 (RTR0PTR)i, "ataBMDMAIOPortWrite", "ataBMDMAIOPortRead", NULL, NULL, "ATA Bus Master DMA");
4688 AssertRC(rc2);
4689 if (rc2 < rc)
4690 rc = rc2;
4691 }
4692 }
4693 return rc;
4694}
4695#endif
4696
4697/**
4698 * Reset the controller to an initial state.
4699 *
4700 * @returns VBox status.
4701 * @param pDevIns The device instance data.
4702 */
4703void ataControllerReset(PAHCIATACONTROLLER pCtl)
4704{
4705 pCtl->iSelectedIf = 0;
4706 pCtl->iAIOIf = 0;
4707 pCtl->BmDma.u8Cmd = 0;
4708 /* Report that both drives present on the bus are in DMA mode. This
4709 * pretends that there is a BIOS that has set it up. Normal reset
4710 * default is 0x00. */
4711 pCtl->BmDma.u8Status = (pCtl->aIfs[0].pDrvBase != NULL ? BM_STATUS_D0DMA : 0)
4712 | (pCtl->aIfs[1].pDrvBase != NULL ? BM_STATUS_D1DMA : 0);
4713 pCtl->BmDma.pvAddr = 0;
4714
4715 pCtl->fReset = true;
4716 pCtl->fRedo = false;
4717 pCtl->fRedoIdle = false;
4718 ataAsyncIOClearRequests(pCtl);
4719 Log2(("%s: Ctl: message to async I/O thread, reset controller\n", __FUNCTION__));
4720 ataAsyncIOPutRequest(pCtl, &ataResetARequest);
4721 ataAsyncIOPutRequest(pCtl, &ataResetCRequest);
4722 if (!ataWaitForAsyncIOIsIdle(pCtl, 30000))
4723 AssertReleaseMsgFailed(("Async I/O thread busy after reset\n"));
4724
4725 for (uint32_t i = 0; i < RT_ELEMENTS(pCtl->aIfs); i++)
4726 ataResetDevice(&pCtl->aIfs[i]);
4727}
4728
4729#if 0
4730/* -=-=-=-=-=- AHCIATADevState::IBase -=-=-=-=-=- */
4731
4732/**
4733 * @interface_method_impl{PDMIBASE,pfnQueryInterface}
4734 */
4735static DECLCALLBACK(void *) ataQueryInterface(PPDMIBASE pInterface, const char *pszIID)
4736{
4737 ATADevState *pIf = PDMIBASE_2_ATASTATE(pInterface);
4738 PDMIBASE_RETURN_INTERFACE(pszIID, PDMIBASE, &pIf->IBase);
4739 PDMIBASE_RETURN_INTERFACE(pszIID, PDMIBLOCKPORT, &pIf->IPort);
4740 PDMIBASE_RETURN_INTERFACE(pszIID, PDMIMOUNTNOTIFY, &pIf->IMountNotify);
4741 return NULL;
4742}
4743#endif
4744#endif /* IN_RING3 */
4745
4746
4747/* -=-=-=-=-=- Wrappers -=-=-=-=-=- */
4748
4749/**
4750 * Port I/O Handler for primary port range OUT operations.
4751 * @see FNIOMIOPORTOUT for details.
4752 */
4753int ataControllerIOPortWrite1(PAHCIATACONTROLLER pCtl, RTIOPORT Port, uint32_t u32, unsigned cb)
4754{
4755 int rc = VINF_SUCCESS;
4756
4757 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_HC_IOPORT_WRITE);
4758 if (rc != VINF_SUCCESS)
4759 return rc;
4760 if (cb == 1)
4761 rc = ataIOPortWriteU8(pCtl, Port, u32);
4762 else if (Port == pCtl->IOPortBase1)
4763 {
4764 Assert(cb == 2 || cb == 4);
4765 rc = ataDataWrite(pCtl, Port, cb, (const uint8_t *)&u32);
4766 }
4767 else
4768 AssertMsgFailed(("ataIOPortWrite1: unsupported write to port %x val=%x size=%d\n", Port, u32, cb));
4769 PDMCritSectLeave(&pCtl->lock);
4770 return rc;
4771}
4772
4773
4774/**
4775 * Port I/O Handler for primary port range IN operations.
4776 * @see FNIOMIOPORTIN for details.
4777 */
4778int ataControllerIOPortRead1(PAHCIATACONTROLLER pCtl, RTIOPORT Port, uint32_t *pu32, unsigned cb)
4779{
4780 int rc = VINF_SUCCESS;
4781
4782 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_HC_IOPORT_READ);
4783 if (rc != VINF_SUCCESS)
4784 return rc;
4785 if (cb == 1)
4786 {
4787 rc = ataIOPortReadU8(pCtl, Port, pu32);
4788 }
4789 else if (Port == pCtl->IOPortBase1)
4790 {
4791 Assert(cb == 2 || cb == 4);
4792 rc = ataDataRead(pCtl, Port, cb, (uint8_t *)pu32);
4793 if (cb == 2)
4794 *pu32 &= 0xffff;
4795 }
4796 else
4797 {
4798 AssertMsgFailed(("ataIOPortRead1: unsupported read from port %x size=%d\n", Port, cb));
4799 rc = VERR_IOM_IOPORT_UNUSED;
4800 }
4801 PDMCritSectLeave(&pCtl->lock);
4802 return rc;
4803}
4804
4805#ifndef IN_RING0 /** @todo do this in ring-0 as well. */
4806/**
4807 * Port I/O Handler for primary port range IN string operations.
4808 * @see FNIOMIOPORTINSTRING for details.
4809 */
4810int ataControllerIOPortReadStr1(PAHCIATACONTROLLER pCtl, RTIOPORT Port, RTGCPTR *pGCPtrDst, PRTGCUINTREG pcTransfer, unsigned cb)
4811{
4812 int rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_HC_IOPORT_READ);
4813 if (rc != VINF_SUCCESS)
4814 return rc;
4815 if (Port == pCtl->IOPortBase1)
4816 {
4817 uint32_t cTransAvailable, cTransfer = *pcTransfer, cbTransfer;
4818 RTGCPTR GCDst = *pGCPtrDst;
4819 AHCIATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
4820 Assert(cb == 2 || cb == 4);
4821
4822 cTransAvailable = (s->iIOBufferPIODataEnd - s->iIOBufferPIODataStart) / cb;
4823#ifndef IN_RING3
4824 /* Deal with the unlikely case where no data (or not enough for the read length operation) is available; go back to ring 3. */
4825 if (!cTransAvailable)
4826 {
4827 PDMCritSectLeave(&pCtl->lock);
4828 return VINF_IOM_HC_IOPORT_READ;
4829 }
4830 /* The last transfer unit cannot be handled in GC, as it involves thread communication. */
4831 cTransAvailable--;
4832#endif /* !IN_RING3 */
4833 /* Do not handle the dummy transfer stuff here, leave it to the single-word transfers.
4834 * They are not performance-critical and generally shouldn't occur at all. */
4835 if (cTransAvailable > cTransfer)
4836 cTransAvailable = cTransfer;
4837 cbTransfer = cTransAvailable * cb;
4838
4839 PPDMDEVINS pDevIns = pCtl->CTX_SUFF(pDevIns);
4840 rc = PGMPhysSimpleDirtyWriteGCPtr(PDMDevHlpGetVMCPU(pDevIns), GCDst, s->CTX_SUFF(pbIOBuffer) + s->iIOBufferPIODataStart, cbTransfer);
4841#ifndef IN_RING3
4842 /* Paranoia. */
4843 if (RT_FAILURE(rc))
4844 {
4845 PDMCritSectLeave(&pCtl->lock);
4846 AssertFailed();
4847 return VINF_IOM_HC_IOPORT_READ;
4848 }
4849#else
4850 Assert(rc == VINF_SUCCESS);
4851#endif
4852
4853 if (cbTransfer)
4854 Log3(("%s: addr=%#x val=%.*Rhxs\n", __FUNCTION__, Port, cbTransfer, s->CTX_SUFF(pbIOBuffer) + s->iIOBufferPIODataStart));
4855 s->iIOBufferPIODataStart += cbTransfer;
4856 *pGCPtrDst = (RTGCPTR)((RTGCUINTPTR)GCDst + cbTransfer);
4857 *pcTransfer = cTransfer - cTransAvailable;
4858#ifdef IN_RING3
4859 if (s->iIOBufferPIODataStart >= s->iIOBufferPIODataEnd)
4860 ataPIOTransferFinish(pCtl, s);
4861#endif /* IN_RING3 */
4862 }
4863 PDMCritSectLeave(&pCtl->lock);
4864 return rc;
4865}
4866
4867
4868/**
4869 * Port I/O Handler for primary port range OUT string operations.
4870 * @see FNIOMIOPORTOUTSTRING for details.
4871 */
4872int ataControllerIOPortWriteStr1(PAHCIATACONTROLLER pCtl, RTIOPORT Port, RTGCPTR *pGCPtrSrc, PRTGCUINTREG pcTransfer, unsigned cb)
4873{
4874 int rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_HC_IOPORT_WRITE);
4875 if (rc != VINF_SUCCESS)
4876 return rc;
4877 if (Port == pCtl->IOPortBase1)
4878 {
4879 uint32_t cTransAvailable, cTransfer = *pcTransfer, cbTransfer;
4880 RTGCPTR GCSrc = *pGCPtrSrc;
4881 AHCIATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
4882 Assert(cb == 2 || cb == 4);
4883
4884 cTransAvailable = (s->iIOBufferPIODataEnd - s->iIOBufferPIODataStart) / cb;
4885#ifndef IN_RING3
4886 /* Deal with the unlikely case where no data (or not enough for the read length operation) is available; go back to ring 3. */
4887 if (!cTransAvailable)
4888 {
4889 PDMCritSectLeave(&pCtl->lock);
4890 return VINF_IOM_HC_IOPORT_WRITE;
4891 }
4892 /* The last transfer unit cannot be handled in GC, as it involves thread communication. */
4893 cTransAvailable--;
4894#endif /* !IN_RING3 */
4895 /* Do not handle the dummy transfer stuff here, leave it to the single-word transfers.
4896 * They are not performance-critical and generally shouldn't occur at all. */
4897 if (cTransAvailable > cTransfer)
4898 cTransAvailable = cTransfer;
4899 cbTransfer = cTransAvailable * cb;
4900
4901 PPDMDEVINS pDevIns = pCtl->CTX_SUFF(pDevIns);
4902 rc = PGMPhysSimpleReadGCPtr(PDMDevHlpGetVMCPU(pDevIns), s->CTX_SUFF(pbIOBuffer) + s->iIOBufferPIODataStart, GCSrc, cbTransfer);
4903#ifndef IN_RING3
4904 /* Paranoia. */
4905 if (RT_FAILURE(rc))
4906 {
4907 PDMCritSectLeave(&pCtl->lock);
4908 AssertFailed();
4909 return VINF_IOM_HC_IOPORT_WRITE;
4910 }
4911#else
4912 Assert(rc == VINF_SUCCESS);
4913#endif
4914
4915 if (cbTransfer)
4916 Log3(("%s: addr=%#x val=%.*Rhxs\n", __FUNCTION__, Port, cbTransfer, s->CTX_SUFF(pbIOBuffer) + s->iIOBufferPIODataStart));
4917 s->iIOBufferPIODataStart += cbTransfer;
4918 *pGCPtrSrc = (RTGCPTR)((RTGCUINTPTR)GCSrc + cbTransfer);
4919 *pcTransfer = cTransfer - cTransAvailable;
4920#ifdef IN_RING3
4921 if (s->iIOBufferPIODataStart >= s->iIOBufferPIODataEnd)
4922 ataPIOTransferFinish(pCtl, s);
4923#endif /* IN_RING3 */
4924 }
4925 PDMCritSectLeave(&pCtl->lock);
4926 return rc;
4927}
4928#endif /* !IN_RING0 */
4929
4930/**
4931 * Port I/O Handler for secondary port range OUT operations.
4932 * @see FNIOMIOPORTOUT for details.
4933 */
4934int ataControllerIOPortWrite2(PAHCIATACONTROLLER pCtl, RTIOPORT Port, uint32_t u32, unsigned cb)
4935{
4936 int rc;
4937
4938 if (cb != 1)
4939 return VINF_SUCCESS;
4940 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_HC_IOPORT_WRITE);
4941 if (rc != VINF_SUCCESS)
4942 return rc;
4943 rc = ataControlWrite(pCtl, Port, u32);
4944 PDMCritSectLeave(&pCtl->lock);
4945 return rc;
4946}
4947
4948
4949/**
4950 * Port I/O Handler for secondary port range IN operations.
4951 * @see FNIOMIOPORTIN for details.
4952 */
4953int ataControllerIOPortRead2(PAHCIATACONTROLLER pCtl, RTIOPORT Port, uint32_t *pu32, unsigned cb)
4954{
4955 int rc;
4956
4957 if (cb != 1)
4958 return VERR_IOM_IOPORT_UNUSED;
4959
4960 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_HC_IOPORT_READ);
4961 if (rc != VINF_SUCCESS)
4962 return rc;
4963 *pu32 = ataStatusRead(pCtl, Port);
4964 PDMCritSectLeave(&pCtl->lock);
4965 return VINF_SUCCESS;
4966}
4967
4968#ifdef IN_RING3
4969
4970/**
4971 * Waits for all async I/O threads to complete whatever they
4972 * are doing at the moment.
4973 *
4974 * @returns true on success.
4975 * @returns false when one or more threads is still processing.
4976 * @param pThis Pointer to the instance data.
4977 * @param cMillies How long to wait (total).
4978 */
4979static bool ataWaitForAllAsyncIOIsIdle(PAHCIATACONTROLLER pCtl, RTMSINTERVAL cMillies)
4980{
4981 uint64_t u64Start;
4982 PPDMDEVINS pDevIns = pCtl->CTXALLSUFF(pDevIns);
4983 bool fAllIdle = false;
4984
4985 /*
4986 * Wait for any pending async operation to finish
4987 */
4988 u64Start = RTTimeMilliTS();
4989 for (;;)
4990 {
4991 /* Check all async I/O threads. */
4992 fAllIdle = true;
4993
4994 fAllIdle &= ataAsyncIOIsIdle(pCtl, false);
4995 if (!fAllIdle)
4996 break;
4997
4998 if ( fAllIdle
4999 || RTTimeMilliTS() - u64Start >= cMillies)
5000 break;
5001
5002 /* Sleep for a bit. */
5003 RTThreadSleep(100);
5004 }
5005
5006 if (!fAllIdle)
5007 LogRel(("AHCI ATA: Ctl is still executing, DevSel=%d AIOIf=%d CmdIf0=%#04x CmdIf1=%#04x\n",
5008 pCtl->iSelectedIf, pCtl->iAIOIf,
5009 pCtl->aIfs[0].uATARegCommand, pCtl->aIfs[1].uATARegCommand));
5010
5011 return fAllIdle;
5012}
5013
5014
5015DECLINLINE(void) ataRelocBuffer(PPDMDEVINS pDevIns, AHCIATADevState *s)
5016{
5017 if (s->pbIOBufferR3)
5018 s->pbIOBufferRC = MMHyperR3ToRC(PDMDevHlpGetVM(pDevIns), s->pbIOBufferR3);
5019}
5020
5021
5022/**
5023 * @copydoc FNPDMDEVRELOCATE
5024 */
5025void ataControllerRelocate(PAHCIATACONTROLLER pCtl, RTGCINTPTR offDelta)
5026{
5027 PPDMDEVINS pDevIns = pCtl->CTXALLSUFF(pDevIns);
5028
5029 pCtl->pDevInsRC += offDelta;
5030 pCtl->aIfs[0].pDevInsRC += offDelta;
5031 pCtl->aIfs[0].pControllerRC += offDelta;
5032 ataRelocBuffer(pDevIns, &pCtl->aIfs[0]);
5033 pCtl->aIfs[1].pDevInsRC += offDelta;
5034 pCtl->aIfs[1].pControllerRC += offDelta;
5035 ataRelocBuffer(pDevIns, &pCtl->aIfs[1]);
5036}
5037
5038
5039/**
5040 * Destroy a controller instance.
5041 *
5042 * Most VM resources are freed by the VM. This callback is provided so that any non-VM
5043 * resources can be freed correctly.
5044 *
5045 * @param pCtl The controller instance.
5046 */
5047int ataControllerDestroy(PAHCIATACONTROLLER pCtl)
5048{
5049 int rc;
5050
5051 Log(("%s:\n", __FUNCTION__));
5052
5053 /*
5054 * Terminate the async helper thread and wait for it to finish up.
5055 */
5056 if (pCtl->AsyncIOThread != NIL_RTTHREAD)
5057 {
5058 ASMAtomicWriteU32(&pCtl->fShutdown, true);
5059 rc = RTSemEventSignal(pCtl->AsyncIOSem);
5060 AssertRC(rc);
5061 rc = RTSemEventSignal(pCtl->SuspendIOSem);
5062 AssertRC(rc);
5063
5064 rc = RTThreadWait(pCtl->AsyncIOThread, 30000 /* 30 s*/, NULL);
5065 if (RT_SUCCESS(rc))
5066 pCtl->AsyncIOThread = NIL_RTTHREAD;
5067 else
5068 LogRel(("PIIX3 ATA Dtor: Ctl/irq=%u is still executing, DevSel=%d AIOIf=%d CmdIf0=%#04x CmdIf1=%#04x rc=%Rrc\n",
5069 pCtl->irq, pCtl->iSelectedIf, pCtl->iAIOIf,
5070 pCtl->aIfs[0].uATARegCommand, pCtl->aIfs[1].uATARegCommand, rc));
5071 }
5072
5073 /*
5074 * Now the request mutexes are no longer needed. Free resources.
5075 */
5076 if (pCtl->AsyncIORequestMutex != NIL_RTSEMMUTEX)
5077 {
5078 RTSemMutexDestroy(pCtl->AsyncIORequestMutex);
5079 pCtl->AsyncIORequestMutex = NIL_RTSEMMUTEX;
5080 }
5081 if (pCtl->AsyncIOSem != NIL_RTSEMEVENT)
5082 {
5083 RTSemEventDestroy(pCtl->AsyncIOSem);
5084 pCtl->AsyncIOSem = NIL_RTSEMEVENT;
5085 }
5086 if (pCtl->SuspendIOSem != NIL_RTSEMEVENT)
5087 {
5088 RTSemEventDestroy(pCtl->SuspendIOSem);
5089 pCtl->SuspendIOSem = NIL_RTSEMEVENT;
5090 }
5091
5092 /* try one final time */
5093 if (pCtl->AsyncIOThread != NIL_RTTHREAD)
5094 {
5095 rc = RTThreadWait(pCtl->AsyncIOThread, 1 /*ms*/, NULL);
5096 if (RT_SUCCESS(rc))
5097 {
5098 pCtl->AsyncIOThread = NIL_RTTHREAD;
5099 LogRel(("AHCI ATA Dtor: Ctl/irq=%u actually completed.\n", pCtl->irq));
5100 }
5101 }
5102
5103 return VINF_SUCCESS;
5104}
5105
5106/**
5107 * Detach notification.
5108 *
5109 * The DVD drive has been unplugged.
5110 *
5111 * @param pDevIns The device instance.
5112 * @param fMaster True if the master is detached
5113 * false for the slave
5114 */
5115void ataControllerDetach(PAHCIATACONTROLLER pCtl, bool fMaster)
5116{
5117 AHCIATADevState *pIf;
5118
5119 /*
5120 * Locate the controller and stuff.
5121 */
5122 pIf = &pCtl->aIfs[fMaster ? 0 : 1];
5123
5124 /*
5125 * Zero some important members.
5126 */
5127 pIf->pDrvBase = NULL;
5128 pIf->pDrvBlock = NULL;
5129 pIf->pDrvBlockBios = NULL;
5130 pIf->pDrvMount = NULL;
5131}
5132
5133/**
5134 * Configure a LUN.
5135 *
5136 * @returns VBox status code.
5137 * @param pDevIns The device instance.
5138 * @param pIf The ATA unit state.
5139 */
5140static int ataConfigLun(PPDMDEVINS pDevIns, AHCIATADevState *pIf)
5141{
5142 int rc;
5143 PDMBLOCKTYPE enmType;
5144
5145 /*
5146 * Query Block, Bios and Mount interfaces.
5147 */
5148 pIf->pDrvBlock = PDMIBASE_QUERY_INTERFACE(pIf->pDrvBase, PDMIBLOCK);
5149 if (!pIf->pDrvBlock)
5150 {
5151 AssertMsgFailed(("Configuration error: LUN#%d hasn't a block interface!\n", pIf->iLUN));
5152 return VERR_PDM_MISSING_INTERFACE;
5153 }
5154
5155 /** @todo implement the BIOS invisible code path. */
5156 pIf->pDrvBlockBios = PDMIBASE_QUERY_INTERFACE(pIf->pDrvBase, PDMIBLOCKBIOS);
5157 if (!pIf->pDrvBlockBios)
5158 {
5159 AssertMsgFailed(("Configuration error: LUN#%d hasn't a block BIOS interface!\n", pIf->iLUN));
5160 return VERR_PDM_MISSING_INTERFACE;
5161 }
5162 pIf->pDrvMount = PDMIBASE_QUERY_INTERFACE(pIf->pDrvBase, PDMIMOUNT);
5163
5164 /*
5165 * Validate type.
5166 */
5167 enmType = pIf->pDrvBlock->pfnGetType(pIf->pDrvBlock);
5168 if ( enmType != PDMBLOCKTYPE_CDROM
5169 && enmType != PDMBLOCKTYPE_DVD
5170 && enmType != PDMBLOCKTYPE_HARD_DISK)
5171 {
5172 AssertMsgFailed(("Configuration error: LUN#%d isn't a disk or cd/dvd-rom. enmType=%d\n", pIf->iLUN, enmType));
5173 return VERR_PDM_UNSUPPORTED_BLOCK_TYPE;
5174 }
5175 if ( ( enmType == PDMBLOCKTYPE_DVD
5176 || enmType == PDMBLOCKTYPE_CDROM)
5177 && !pIf->pDrvMount)
5178 {
5179 AssertMsgFailed(("Internal error: cdrom without a mountable interface, WTF???!\n"));
5180 return VERR_INTERNAL_ERROR;
5181 }
5182 pIf->fATAPI = enmType == PDMBLOCKTYPE_DVD || enmType == PDMBLOCKTYPE_CDROM;
5183 pIf->fATAPIPassthrough = pIf->fATAPI ? (pIf->pDrvBlock->pfnSendCmd != NULL) : false;
5184
5185 /*
5186 * Allocate I/O buffer.
5187 */
5188 PVM pVM = PDMDevHlpGetVM(pDevIns);
5189 if (pIf->cbIOBuffer)
5190 {
5191 /* Buffer is (probably) already allocated. Validate the fields,
5192 * because memory corruption can also overwrite pIf->cbIOBuffer. */
5193 if (pIf->fATAPI)
5194 AssertRelease(pIf->cbIOBuffer == _128K);
5195 else
5196 AssertRelease(pIf->cbIOBuffer == ATA_MAX_MULT_SECTORS * 512);
5197 Assert(pIf->pbIOBufferR3);
5198 Assert(pIf->pbIOBufferR0 == MMHyperR3ToR0(pVM, pIf->pbIOBufferR3));
5199 Assert(pIf->pbIOBufferRC == MMHyperR3ToRC(pVM, pIf->pbIOBufferR3));
5200 }
5201 else
5202 {
5203 if (pIf->fATAPI)
5204 pIf->cbIOBuffer = _128K;
5205 else
5206 pIf->cbIOBuffer = ATA_MAX_MULT_SECTORS * 512;
5207 Assert(!pIf->pbIOBufferR3);
5208 rc = MMR3HyperAllocOnceNoRel(pVM, pIf->cbIOBuffer, 0, MM_TAG_PDM_DEVICE_USER, (void **)&pIf->pbIOBufferR3);
5209 if (RT_FAILURE(rc))
5210 return VERR_NO_MEMORY;
5211 pIf->pbIOBufferR0 = MMHyperR3ToR0(pVM, pIf->pbIOBufferR3);
5212 pIf->pbIOBufferRC = MMHyperR3ToRC(pVM, pIf->pbIOBufferR3);
5213 }
5214
5215 /*
5216 * Init geometry (only for non-CD/DVD media).
5217 */
5218 if (pIf->fATAPI)
5219 {
5220 pIf->cTotalSectors = pIf->pDrvBlock->pfnGetSize(pIf->pDrvBlock) / 2048;
5221 pIf->PCHSGeometry.cCylinders = 0; /* dummy */
5222 pIf->PCHSGeometry.cHeads = 0; /* dummy */
5223 pIf->PCHSGeometry.cSectors = 0; /* dummy */
5224 LogRel(("AHCI ATA: LUN#%d: CD/DVD, total number of sectors %Ld, passthrough %s\n", pIf->iLUN, pIf->cTotalSectors, (pIf->fATAPIPassthrough ? "enabled" : "disabled")));
5225 }
5226 else
5227 {
5228 pIf->cTotalSectors = pIf->pDrvBlock->pfnGetSize(pIf->pDrvBlock) / 512;
5229 rc = pIf->pDrvBlockBios->pfnGetPCHSGeometry(pIf->pDrvBlockBios,
5230 &pIf->PCHSGeometry);
5231 if (rc == VERR_PDM_MEDIA_NOT_MOUNTED)
5232 {
5233 pIf->PCHSGeometry.cCylinders = 0;
5234 pIf->PCHSGeometry.cHeads = 16; /*??*/
5235 pIf->PCHSGeometry.cSectors = 63; /*??*/
5236 }
5237 else if (rc == VERR_PDM_GEOMETRY_NOT_SET)
5238 {
5239 pIf->PCHSGeometry.cCylinders = 0; /* autodetect marker */
5240 rc = VINF_SUCCESS;
5241 }
5242 AssertRC(rc);
5243
5244 if ( pIf->PCHSGeometry.cCylinders == 0
5245 || pIf->PCHSGeometry.cHeads == 0
5246 || pIf->PCHSGeometry.cSectors == 0
5247 )
5248 {
5249 uint64_t cCylinders = pIf->cTotalSectors / (16 * 63);
5250 pIf->PCHSGeometry.cCylinders = RT_MAX(RT_MIN(cCylinders, 16383), 1);
5251 pIf->PCHSGeometry.cHeads = 16;
5252 pIf->PCHSGeometry.cSectors = 63;
5253 /* Set the disk geometry information. */
5254 rc = pIf->pDrvBlockBios->pfnSetPCHSGeometry(pIf->pDrvBlockBios,
5255 &pIf->PCHSGeometry);
5256 }
5257 LogRel(("AHCI ATA: LUN#%d: disk, PCHS=%u/%u/%u, total number of sectors %Ld\n", pIf->iLUN, pIf->PCHSGeometry.cCylinders, pIf->PCHSGeometry.cHeads, pIf->PCHSGeometry.cSectors, pIf->cTotalSectors));
5258 }
5259 return VINF_SUCCESS;
5260}
5261
5262/**
5263 * Attach command.
5264 *
5265 * This is called when we change block driver for the DVD drive.
5266 *
5267 * @returns VBox status code.
5268 * @param pDevIns The device instance.
5269 * @param iLUN The logical unit which is being detached.
5270 */
5271int ataControllerAttach(PAHCIATACONTROLLER pCtl, PPDMIBASE pDrvBase, bool fMaster)
5272{
5273 AHCIATADevState *pIf;
5274 int rc = VINF_SUCCESS;
5275
5276 /*
5277 * Locate the controller and stuff.
5278 */
5279 pIf = &pCtl->aIfs[fMaster ? 0 : 1];
5280
5281 /* the usual paranoia */
5282 AssertRelease(!pIf->pDrvBase);
5283 AssertRelease(!pIf->pDrvBlock);
5284 Assert(ATADEVSTATE_2_CONTROLLER(pIf) == pCtl);
5285
5286 /*
5287 * Try attach the block device and get the interfaces,
5288 * required as well as optional.
5289 */
5290
5291 pIf->pDrvBase = pDrvBase;
5292 if (pDrvBase)
5293 {
5294 rc = ataConfigLun(pCtl->pDevInsR3, pIf);
5295 AssertRC(rc);
5296
5297 if (RT_FAILURE(rc))
5298 {
5299 pIf->pDrvBase = NULL;
5300 pIf->pDrvBlock = NULL;
5301 }
5302 }
5303
5304 return rc;
5305}
5306
5307
5308/**
5309 * Resume notification.
5310 *
5311 * @returns VBox status.
5312 * @param pDevIns The device instance data.
5313 */
5314void ataControllerResume(PAHCIATACONTROLLER pCtl)
5315{
5316 int rc;
5317
5318 Log(("%s:\n", __FUNCTION__));
5319 if (pCtl->fRedo && pCtl->fRedoIdle)
5320 {
5321 rc = RTSemEventSignal(pCtl->SuspendIOSem);
5322 AssertRC(rc);
5323 }
5324
5325 return;
5326}
5327
5328
5329/**
5330 * Tests if the controller is idle, leaving the PDM notifications on if busy.
5331 *
5332 * @returns true if idle, false if idle.
5333 * @param pCtl the controller instance.
5334 */
5335bool ataControllerIsIdle(PAHCIATACONTROLLER pCtl)
5336{
5337 ASMAtomicWriteBool(&pCtl->fSignalIdle, true);
5338 if (ataAsyncIOIsIdle(pCtl, false /*fStrict*/))
5339 {
5340 ASMAtomicWriteBool(&pCtl->fSignalIdle, false);
5341 return true;
5342 }
5343 return false;
5344}
5345
5346/**
5347 * Saves a state of the ATA device.
5348 *
5349 * @returns VBox status code.
5350 * @param pCtl Controller instance.
5351 * @param pSSM The handle to save the state to.
5352 */
5353int ataControllerSaveExec(PAHCIATACONTROLLER pCtl, PSSMHANDLE pSSM)
5354{
5355 SSMR3PutU32(pSSM, ATA_CTL_SAVED_STATE_VERSION);
5356 SSMR3PutU8(pSSM, pCtl->iSelectedIf);
5357 SSMR3PutU8(pSSM, pCtl->iAIOIf);
5358 SSMR3PutU8(pSSM, pCtl->uAsyncIOState);
5359 SSMR3PutBool(pSSM, pCtl->fChainedTransfer);
5360 SSMR3PutBool(pSSM, pCtl->fReset);
5361 SSMR3PutBool(pSSM, pCtl->fRedo);
5362 SSMR3PutBool(pSSM, pCtl->fRedoIdle);
5363 SSMR3PutBool(pSSM, pCtl->fRedoDMALastDesc);
5364 SSMR3PutMem(pSSM, &pCtl->BmDma, sizeof(pCtl->BmDma));
5365 SSMR3PutGCPhys32(pSSM, pCtl->pFirstDMADesc);
5366 SSMR3PutGCPhys32(pSSM, pCtl->pLastDMADesc);
5367 SSMR3PutGCPhys32(pSSM, pCtl->pRedoDMABuffer);
5368 SSMR3PutU32(pSSM, pCtl->cbRedoDMABuffer);
5369
5370 for (uint32_t j = 0; j < RT_ELEMENTS(pCtl->aIfs); j++)
5371 {
5372 SSMR3PutBool(pSSM, pCtl->aIfs[j].fLBA48);
5373 SSMR3PutBool(pSSM, pCtl->aIfs[j].fATAPI);
5374 SSMR3PutBool(pSSM, pCtl->aIfs[j].fIrqPending);
5375 SSMR3PutU8(pSSM, pCtl->aIfs[j].cMultSectors);
5376 SSMR3PutU32(pSSM, pCtl->aIfs[j].PCHSGeometry.cCylinders);
5377 SSMR3PutU32(pSSM, pCtl->aIfs[j].PCHSGeometry.cHeads);
5378 SSMR3PutU32(pSSM, pCtl->aIfs[j].PCHSGeometry.cSectors);
5379 SSMR3PutU32(pSSM, pCtl->aIfs[j].cSectorsPerIRQ);
5380 SSMR3PutU64(pSSM, pCtl->aIfs[j].cTotalSectors);
5381 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegFeature);
5382 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegFeatureHOB);
5383 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegError);
5384 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegNSector);
5385 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegNSectorHOB);
5386 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegSector);
5387 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegSectorHOB);
5388 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegLCyl);
5389 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegLCylHOB);
5390 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegHCyl);
5391 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegHCylHOB);
5392 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegSelect);
5393 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegStatus);
5394 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegCommand);
5395 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegDevCtl);
5396 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATATransferMode);
5397 SSMR3PutU8(pSSM, pCtl->aIfs[j].uTxDir);
5398 SSMR3PutU8(pSSM, pCtl->aIfs[j].iBeginTransfer);
5399 SSMR3PutU8(pSSM, pCtl->aIfs[j].iSourceSink);
5400 SSMR3PutBool(pSSM, pCtl->aIfs[j].fDMA);
5401 SSMR3PutBool(pSSM, pCtl->aIfs[j].fATAPITransfer);
5402 SSMR3PutU32(pSSM, pCtl->aIfs[j].cbTotalTransfer);
5403 SSMR3PutU32(pSSM, pCtl->aIfs[j].cbElementaryTransfer);
5404 SSMR3PutU32(pSSM, pCtl->aIfs[j].iIOBufferCur);
5405 SSMR3PutU32(pSSM, pCtl->aIfs[j].iIOBufferEnd);
5406 SSMR3PutU32(pSSM, pCtl->aIfs[j].iIOBufferPIODataStart);
5407 SSMR3PutU32(pSSM, pCtl->aIfs[j].iIOBufferPIODataEnd);
5408 SSMR3PutU32(pSSM, pCtl->aIfs[j].iATAPILBA);
5409 SSMR3PutU32(pSSM, pCtl->aIfs[j].cbATAPISector);
5410 SSMR3PutMem(pSSM, &pCtl->aIfs[j].aATAPICmd, sizeof(pCtl->aIfs[j].aATAPICmd));
5411 SSMR3PutMem(pSSM, &pCtl->aIfs[j].abATAPISense, sizeof(pCtl->aIfs[j].abATAPISense));
5412 SSMR3PutU8(pSSM, pCtl->aIfs[j].cNotifiedMediaChange);
5413 SSMR3PutU32(pSSM, pCtl->aIfs[j].MediaEventStatus);
5414
5415 PDMLED Led;
5416 memset(&Led, 0, sizeof(PDMLED));
5417 SSMR3PutMem(pSSM, &Led, sizeof(PDMLED));
5418 SSMR3PutU32(pSSM, pCtl->aIfs[j].cbIOBuffer);
5419 if (pCtl->aIfs[j].cbIOBuffer)
5420 SSMR3PutMem(pSSM, pCtl->aIfs[j].CTX_SUFF(pbIOBuffer), pCtl->aIfs[j].cbIOBuffer);
5421 else
5422 Assert(pCtl->aIfs[j].CTX_SUFF(pbIOBuffer) == NULL);
5423 }
5424
5425 return SSMR3PutU32(pSSM, ~0); /* sanity/terminator */
5426}
5427
5428
5429/**
5430 * Loads a saved ATA device state.
5431 *
5432 * @returns VBox status code.
5433 * @param pDevIns The device instance.
5434 * @param pSSM The handle to the saved state.
5435 */
5436int ataControllerLoadExec(PAHCIATACONTROLLER pCtl, PSSMHANDLE pSSM)
5437{
5438 int rc;
5439 uint32_t u32Version;
5440 uint32_t u32;
5441
5442 /* Test for correct version. */
5443 rc = SSMR3GetU32(pSSM, &u32Version);
5444 AssertRCReturn(rc, rc);
5445
5446 if ( u32Version != ATA_CTL_SAVED_STATE_VERSION
5447 && u32Version != ATA_CTL_SAVED_STATE_VERSION_WITHOUT_FULL_SENSE
5448 && u32Version != ATA_CTL_SAVED_STATE_VERSION_WITHOUT_EVENT_STATUS)
5449 {
5450 AssertMsgFailed(("u32Version=%d\n", u32Version));
5451 return VERR_SSM_UNSUPPORTED_DATA_UNIT_VERSION;
5452 }
5453
5454 /* integrity check */
5455 if (!ataAsyncIOIsIdle(pCtl, false))
5456 {
5457 AssertMsgFailed(("Async I/O for controller is active\n"));
5458 return VERR_SSM_DATA_UNIT_FORMAT_CHANGED;
5459 }
5460
5461 SSMR3GetU8(pSSM, &pCtl->iSelectedIf);
5462 SSMR3GetU8(pSSM, &pCtl->iAIOIf);
5463 SSMR3GetU8(pSSM, &pCtl->uAsyncIOState);
5464 SSMR3GetBool(pSSM, &pCtl->fChainedTransfer);
5465 SSMR3GetBool(pSSM, (bool *)&pCtl->fReset);
5466 SSMR3GetBool(pSSM, (bool *)&pCtl->fRedo);
5467 SSMR3GetBool(pSSM, (bool *)&pCtl->fRedoIdle);
5468 SSMR3GetBool(pSSM, (bool *)&pCtl->fRedoDMALastDesc);
5469 SSMR3GetMem(pSSM, &pCtl->BmDma, sizeof(pCtl->BmDma));
5470 SSMR3GetGCPhys32(pSSM, &pCtl->pFirstDMADesc);
5471 SSMR3GetGCPhys32(pSSM, &pCtl->pLastDMADesc);
5472 SSMR3GetGCPhys32(pSSM, &pCtl->pRedoDMABuffer);
5473 SSMR3GetU32(pSSM, &pCtl->cbRedoDMABuffer);
5474
5475 for (uint32_t j = 0; j < RT_ELEMENTS(pCtl->aIfs); j++)
5476 {
5477 SSMR3GetBool(pSSM, &pCtl->aIfs[j].fLBA48);
5478 SSMR3GetBool(pSSM, &pCtl->aIfs[j].fATAPI);
5479 SSMR3GetBool(pSSM, &pCtl->aIfs[j].fIrqPending);
5480 SSMR3GetU8(pSSM, &pCtl->aIfs[j].cMultSectors);
5481 SSMR3GetU32(pSSM, &pCtl->aIfs[j].PCHSGeometry.cCylinders);
5482 SSMR3GetU32(pSSM, &pCtl->aIfs[j].PCHSGeometry.cHeads);
5483 SSMR3GetU32(pSSM, &pCtl->aIfs[j].PCHSGeometry.cSectors);
5484 SSMR3GetU32(pSSM, &pCtl->aIfs[j].cSectorsPerIRQ);
5485 SSMR3GetU64(pSSM, &pCtl->aIfs[j].cTotalSectors);
5486 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegFeature);
5487 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegFeatureHOB);
5488 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegError);
5489 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegNSector);
5490 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegNSectorHOB);
5491 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegSector);
5492 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegSectorHOB);
5493 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegLCyl);
5494 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegLCylHOB);
5495 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegHCyl);
5496 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegHCylHOB);
5497 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegSelect);
5498 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegStatus);
5499 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegCommand);
5500 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegDevCtl);
5501 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATATransferMode);
5502 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uTxDir);
5503 SSMR3GetU8(pSSM, &pCtl->aIfs[j].iBeginTransfer);
5504 SSMR3GetU8(pSSM, &pCtl->aIfs[j].iSourceSink);
5505 SSMR3GetBool(pSSM, &pCtl->aIfs[j].fDMA);
5506 SSMR3GetBool(pSSM, &pCtl->aIfs[j].fATAPITransfer);
5507 SSMR3GetU32(pSSM, &pCtl->aIfs[j].cbTotalTransfer);
5508 SSMR3GetU32(pSSM, &pCtl->aIfs[j].cbElementaryTransfer);
5509 SSMR3GetU32(pSSM, &pCtl->aIfs[j].iIOBufferCur);
5510 SSMR3GetU32(pSSM, &pCtl->aIfs[j].iIOBufferEnd);
5511 SSMR3GetU32(pSSM, &pCtl->aIfs[j].iIOBufferPIODataStart);
5512 SSMR3GetU32(pSSM, &pCtl->aIfs[j].iIOBufferPIODataEnd);
5513 SSMR3GetU32(pSSM, &pCtl->aIfs[j].iATAPILBA);
5514 SSMR3GetU32(pSSM, &pCtl->aIfs[j].cbATAPISector);
5515 SSMR3GetMem(pSSM, &pCtl->aIfs[j].aATAPICmd, sizeof(pCtl->aIfs[j].aATAPICmd));
5516 if (u32Version > ATA_CTL_SAVED_STATE_VERSION_WITHOUT_FULL_SENSE)
5517 {
5518 SSMR3GetMem(pSSM, &pCtl->aIfs[j].abATAPISense, sizeof(pCtl->aIfs[j].abATAPISense));
5519 }
5520 else
5521 {
5522 uint8_t uATAPISenseKey, uATAPIASC;
5523 memset(pCtl->aIfs[j].abATAPISense, '\0', sizeof(pCtl->aIfs[j].abATAPISense));
5524 pCtl->aIfs[j].abATAPISense[0] = 0x70 | (1 << 7);
5525 pCtl->aIfs[j].abATAPISense[7] = 10;
5526 SSMR3GetU8(pSSM, &uATAPISenseKey);
5527 SSMR3GetU8(pSSM, &uATAPIASC);
5528 pCtl->aIfs[j].abATAPISense[2] = uATAPISenseKey & 0x0f;
5529 pCtl->aIfs[j].abATAPISense[12] = uATAPIASC;
5530 }
5531 /** @todo triple-check this hack after passthrough is working */
5532 SSMR3GetU8(pSSM, &pCtl->aIfs[j].cNotifiedMediaChange);
5533 if (u32Version > ATA_CTL_SAVED_STATE_VERSION_WITHOUT_EVENT_STATUS)
5534 SSMR3GetU32(pSSM, (uint32_t*)&pCtl->aIfs[j].MediaEventStatus);
5535 else
5536 pCtl->aIfs[j].MediaEventStatus = ATA_EVENT_STATUS_UNCHANGED;
5537
5538 PDMLED Led;
5539 SSMR3GetMem(pSSM, &Led, sizeof(PDMLED));
5540 SSMR3GetU32(pSSM, &pCtl->aIfs[j].cbIOBuffer);
5541 if (pCtl->aIfs[j].cbIOBuffer)
5542 {
5543 if (pCtl->aIfs[j].CTX_SUFF(pbIOBuffer))
5544 SSMR3GetMem(pSSM, pCtl->aIfs[j].CTX_SUFF(pbIOBuffer), pCtl->aIfs[j].cbIOBuffer);
5545 else
5546 {
5547 LogRel(("AHCI ATA: No buffer for %d\n", j));
5548 if (SSMR3HandleGetAfter(pSSM) != SSMAFTER_DEBUG_IT)
5549 return SSMR3SetCfgError(pSSM, RT_SRC_POS, N_("No buffer for %d"), j);
5550
5551 /* skip the buffer if we're loading for the debugger / animator. */
5552 uint8_t u8Ignored;
5553 size_t cbLeft = pCtl->aIfs[j].cbIOBuffer;
5554 while (cbLeft-- > 0)
5555 SSMR3GetU8(pSSM, &u8Ignored);
5556 }
5557 }
5558 else
5559 Assert(pCtl->aIfs[j].CTX_SUFF(pbIOBuffer) == NULL);
5560 }
5561
5562 rc = SSMR3GetU32(pSSM, &u32);
5563 if (RT_FAILURE(rc))
5564 return rc;
5565 if (u32 != ~0U)
5566 {
5567 AssertMsgFailed(("u32=%#x expected ~0\n", u32));
5568 rc = VERR_SSM_DATA_UNIT_FORMAT_CHANGED;
5569 return rc;
5570 }
5571
5572 return VINF_SUCCESS;
5573}
5574
5575int ataControllerInit(PPDMDEVINS pDevIns, PAHCIATACONTROLLER pCtl,
5576 PPDMIMEDIANOTIFY pMediaNotify,
5577 unsigned iLUNMaster, PPDMIBASE pDrvBaseMaster, PPDMLED pLedMaster,
5578 PSTAMCOUNTER pStatBytesReadMaster, PSTAMCOUNTER pStatBytesWrittenMaster,
5579 const char *pszSerialNumberMaster, const char *pszFirmwareRevisionMaster,
5580 const char *pszModelNumberMaster, const char *pszInquiryVendorIdMaster,
5581 const char *pszInquiryProductIdMaster, const char *pszInquiryRevisionMaster,
5582 bool fNonRotationalMaster,
5583 unsigned iLUNSlave, PPDMIBASE pDrvBaseSlave, PPDMLED pLedSlave,
5584 PSTAMCOUNTER pStatBytesReadSlave, PSTAMCOUNTER pStatBytesWrittenSlave,
5585 const char *pszSerialNumberSlave, const char *pszFirmwareRevisionSlave,
5586 const char *pszModelNumberSlave, const char *pszInquiryVendorIdSlave,
5587 const char *pszInquiryProductIdSlave, const char *pszInquiryRevisionSlave,
5588 bool fNonRotationalSlave,
5589 uint32_t *pcbSSMState, const char *szName)
5590{
5591 int rc;
5592
5593 AssertMsg(pcbSSMState, ("pcbSSMState is invalid\n"));
5594
5595 pCtl->pDevInsR3 = pDevIns;
5596 pCtl->pDevInsR0 = PDMDEVINS_2_R0PTR(pDevIns);
5597 pCtl->pDevInsRC = PDMDEVINS_2_RCPTR(pDevIns);
5598 pCtl->pMediaNotify = pMediaNotify;
5599 pCtl->AsyncIOSem = NIL_RTSEMEVENT;
5600 pCtl->SuspendIOSem = NIL_RTSEMEVENT;
5601 pCtl->AsyncIORequestMutex = NIL_RTSEMMUTEX;
5602 pCtl->AsyncIOThread = NIL_RTTHREAD;
5603
5604 for (uint32_t j = 0; j < RT_ELEMENTS(pCtl->aIfs); j++)
5605 {
5606 pCtl->aIfs[j].iLUN = j == 0 ? iLUNMaster : iLUNSlave;
5607 pCtl->aIfs[j].pDevInsR3 = pDevIns;
5608 pCtl->aIfs[j].pDevInsR0 = PDMDEVINS_2_R0PTR(pDevIns);
5609 pCtl->aIfs[j].pDevInsRC = PDMDEVINS_2_RCPTR(pDevIns);
5610 pCtl->aIfs[j].pControllerR3 = pCtl;
5611 pCtl->aIfs[j].pControllerR0 = MMHyperR3ToR0(PDMDevHlpGetVM(pDevIns), pCtl);
5612 pCtl->aIfs[j].pControllerRC = MMHyperR3ToRC(PDMDevHlpGetVM(pDevIns), pCtl);
5613 pCtl->aIfs[j].pLed = j == 0 ? pLedMaster : pLedSlave;
5614 pCtl->aIfs[j].pStatBytesRead = j == 0 ? pStatBytesReadMaster : pStatBytesReadSlave;
5615 pCtl->aIfs[j].pStatBytesWritten = j == 0 ? pStatBytesWrittenMaster : pStatBytesWrittenSlave;
5616 pCtl->aIfs[j].pszSerialNumber = j == 0 ? pszSerialNumberMaster : pszSerialNumberSlave;
5617 pCtl->aIfs[j].pszFirmwareRevision = j == 0 ? pszFirmwareRevisionMaster : pszFirmwareRevisionSlave;
5618 pCtl->aIfs[j].pszModelNumber = j == 0 ? pszModelNumberMaster : pszModelNumberSlave;
5619 pCtl->aIfs[j].pszInquiryVendorId = j == 0 ? pszInquiryVendorIdMaster : pszInquiryVendorIdSlave;
5620 pCtl->aIfs[j].pszInquiryProductId = j == 0 ? pszInquiryProductIdMaster : pszInquiryProductIdSlave;
5621 pCtl->aIfs[j].pszInquiryRevision = j == 0 ? pszInquiryRevisionMaster : pszInquiryRevisionSlave;
5622 pCtl->aIfs[j].fNonRotational = j == 0 ? fNonRotationalMaster : fNonRotationalSlave;
5623 }
5624
5625 /* Initialize per-controller critical section */
5626 rc = PDMDevHlpCritSectInit(pDevIns, &pCtl->lock, RT_SRC_POS, "%s", szName);
5627 if (RT_FAILURE(rc))
5628 return PDMDEV_SET_ERROR(pDevIns, rc, N_("AHCI ATA: cannot initialize critical section"));
5629
5630 /*
5631 * Attach the units.
5632 */
5633 uint32_t cbTotalBuffer = 0;
5634
5635 /*
5636 * Start the worker thread.
5637 */
5638 pCtl->uAsyncIOState = AHCIATA_AIO_NEW;
5639 rc = RTSemEventCreate(&pCtl->AsyncIOSem);
5640 AssertRCReturn(rc, rc);
5641 rc = RTSemEventCreate(&pCtl->SuspendIOSem);
5642 AssertRCReturn(rc, rc);
5643 rc = RTSemMutexCreate(&pCtl->AsyncIORequestMutex);
5644 AssertRCReturn(rc, rc);
5645 ataAsyncIOClearRequests(pCtl);
5646 rc = RTThreadCreateF(&pCtl->AsyncIOThread, ataAsyncIOLoop, (void *)pCtl, 128*1024,
5647 RTTHREADTYPE_IO, RTTHREADFLAGS_WAITABLE, "AHCI-ATA-%u", pCtl->irq);
5648 AssertRCReturn(rc, rc);
5649 Assert(pCtl->AsyncIOThread != NIL_RTTHREAD && pCtl->AsyncIOSem != NIL_RTSEMEVENT && pCtl->SuspendIOSem != NIL_RTSEMEVENT && pCtl->AsyncIORequestMutex != NIL_RTSEMMUTEX);
5650 Log(("%s: controller AIO thread id %#x; sem %p susp_sem %p mutex %p\n", __FUNCTION__, pCtl->AsyncIOThread, pCtl->AsyncIOSem, pCtl->SuspendIOSem, pCtl->AsyncIORequestMutex));
5651
5652 for (uint32_t j = 0; j < RT_ELEMENTS(pCtl->aIfs); j++)
5653 {
5654 /*
5655 * Try attach the block device and get the interfaces,
5656 * required as well as optional.
5657 */
5658 AHCIATADevState *pIf = &pCtl->aIfs[j];
5659
5660 pIf->pDrvBase = (j == 0) ? pDrvBaseMaster : pDrvBaseSlave;
5661
5662#if 0
5663 rc = PDMDevHlpDriverAttach(pDevIns, pIf->iLUN, &pIf->IBase, &pIf->pDrvBase, s_apszDescs[j]);
5664 if (RT_SUCCESS(rc))
5665#endif
5666 if (pIf->pDrvBase)
5667 rc = ataConfigLun(pDevIns, pIf);
5668 else
5669 {
5670 pIf->pDrvBase = NULL;
5671 pIf->pDrvBlock = NULL;
5672 pIf->cbIOBuffer = 0;
5673 pIf->pbIOBufferR3 = NULL;
5674 pIf->pbIOBufferR0 = NIL_RTR0PTR;
5675 pIf->pbIOBufferRC = NIL_RTRCPTR;
5676 LogRel(("AHCI ATA: LUN#%d: no unit\n", pIf->iLUN));
5677 }
5678 cbTotalBuffer += pIf->cbIOBuffer;
5679 }
5680
5681 *pcbSSMState = cbTotalBuffer;
5682
5683 /*
5684 * Initialize the device state.
5685 */
5686 ataControllerReset(pCtl);
5687
5688 return VINF_SUCCESS;
5689}
5690#endif /* IN_RING3 */
5691#endif /* !VBOX_DEVICE_STRUCT_TESTCASE */
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette