VirtualBox

source: vbox/trunk/src/VBox/Devices/Storage/ATAController.cpp@ 40999

Last change on this file since 40999 was 40999, checked in by vboxsync, 13 years ago

ATAController: two warnings, fix like in DevATA (perhaps not optimal)

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 210.5 KB
Line 
1/* $Id: ATAController.cpp 40999 2012-04-20 07:01:49Z vboxsync $ */
2/** @file
3 * DevATA, DevAHCI - Shared ATA/ATAPI controller code (disk and cdrom).
4 *
5 * @todo Actually share this code?
6 */
7
8/*
9 * Copyright (C) 2006-2011 Oracle Corporation
10 *
11 * This file is part of VirtualBox Open Source Edition (OSE), as
12 * available from http://www.virtualbox.org. This file is free software;
13 * you can redistribute it and/or modify it under the terms of the GNU
14 * General Public License (GPL) as published by the Free Software
15 * Foundation, in version 2 as it comes in the "COPYING" file of the
16 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
17 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
18 */
19
20/*******************************************************************************
21* Header Files *
22*******************************************************************************/
23#define LOG_GROUP LOG_GROUP_DEV_IDE
24#include <VBox/vmm/pdmdev.h>
25#include <iprt/assert.h>
26#include <iprt/string.h>
27#ifdef IN_RING3
28# include <iprt/uuid.h>
29# include <iprt/semaphore.h>
30# include <iprt/thread.h>
31# include <iprt/time.h>
32# include <iprt/alloc.h>
33#endif /* IN_RING3 */
34#include <iprt/critsect.h>
35#include <iprt/asm.h>
36#include <VBox/vmm/stam.h>
37#include <VBox/vmm/mm.h>
38#include <VBox/vmm/pgm.h>
39
40#include <VBox/scsi.h>
41
42#include "ATAController.h"
43#include "PIIX3ATABmDma.h"
44#include "ide.h"
45
46/**
47 * The SSM saved state version.
48 */
49#define ATA_CTL_SAVED_STATE_VERSION 3
50#define ATA_CTL_SAVED_STATE_VERSION_WITHOUT_FULL_SENSE 1
51#define ATA_CTL_SAVED_STATE_VERSION_WITHOUT_EVENT_STATUS 2
52
53#ifndef VBOX_DEVICE_STRUCT_TESTCASE
54
55DECLINLINE(void) ataSetStatusValue(AHCIATADevState *s, uint8_t stat)
56{
57 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
58
59 /* Freeze status register contents while processing RESET. */
60 if (!pCtl->fReset)
61 {
62 s->uATARegStatus = stat;
63 Log2(("%s: LUN#%d status %#04x\n", __FUNCTION__, s->iLUN, s->uATARegStatus));
64 }
65}
66
67
68DECLINLINE(void) ataSetStatus(AHCIATADevState *s, uint8_t stat)
69{
70 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
71
72 /* Freeze status register contents while processing RESET. */
73 if (!pCtl->fReset)
74 {
75 s->uATARegStatus |= stat;
76 Log2(("%s: LUN#%d status %#04x\n", __FUNCTION__, s->iLUN, s->uATARegStatus));
77 }
78}
79
80
81DECLINLINE(void) ataUnsetStatus(AHCIATADevState *s, uint8_t stat)
82{
83 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
84
85 /* Freeze status register contents while processing RESET. */
86 if (!pCtl->fReset)
87 {
88 s->uATARegStatus &= ~stat;
89 Log2(("%s: LUN#%d status %#04x\n", __FUNCTION__, s->iLUN, s->uATARegStatus));
90 }
91}
92
93#ifdef IN_RING3
94
95typedef void (*PBeginTransferFunc)(AHCIATADevState *);
96typedef bool (*PSourceSinkFunc)(AHCIATADevState *);
97
98static void ataReadWriteSectorsBT(AHCIATADevState *);
99static void ataPacketBT(AHCIATADevState *);
100static void atapiCmdBT(AHCIATADevState *);
101static void atapiPassthroughCmdBT(AHCIATADevState *);
102
103static bool ataIdentifySS(AHCIATADevState *);
104static bool ataFlushSS(AHCIATADevState *);
105static bool ataReadSectorsSS(AHCIATADevState *);
106static bool ataWriteSectorsSS(AHCIATADevState *);
107static bool ataExecuteDeviceDiagnosticSS(AHCIATADevState *);
108static bool ataTrimSS(AHCIATADevState *);
109static bool ataPacketSS(AHCIATADevState *);
110static bool atapiGetConfigurationSS(AHCIATADevState *);
111static bool atapiGetEventStatusNotificationSS(AHCIATADevState *);
112static bool atapiIdentifySS(AHCIATADevState *);
113static bool atapiInquirySS(AHCIATADevState *);
114static bool atapiMechanismStatusSS(AHCIATADevState *);
115static bool atapiModeSenseErrorRecoverySS(AHCIATADevState *);
116static bool atapiModeSenseCDStatusSS(AHCIATADevState *);
117static bool atapiReadSS(AHCIATADevState *);
118static bool atapiReadCapacitySS(AHCIATADevState *);
119static bool atapiReadDiscInformationSS(AHCIATADevState *);
120static bool atapiReadTOCNormalSS(AHCIATADevState *);
121static bool atapiReadTOCMultiSS(AHCIATADevState *);
122static bool atapiReadTOCRawSS(AHCIATADevState *);
123static bool atapiReadTrackInformationSS(AHCIATADevState *);
124static bool atapiRequestSenseSS(AHCIATADevState *);
125static bool atapiPassthroughSS(AHCIATADevState *);
126
127/**
128 * Begin of transfer function indexes for g_apfnBeginTransFuncs.
129 */
130typedef enum ATAFNBT
131{
132 ATAFN_BT_NULL = 0,
133 ATAFN_BT_READ_WRITE_SECTORS,
134 ATAFN_BT_PACKET,
135 ATAFN_BT_ATAPI_CMD,
136 ATAFN_BT_ATAPI_PASSTHROUGH_CMD,
137 ATAFN_BT_MAX
138} ATAFNBT;
139
140/**
141 * Array of end transfer functions, the index is ATAFNET.
142 * Make sure ATAFNET and this array match!
143 */
144static const PBeginTransferFunc g_apfnBeginTransFuncs[ATAFN_BT_MAX] =
145{
146 NULL,
147 ataReadWriteSectorsBT,
148 ataPacketBT,
149 atapiCmdBT,
150 atapiPassthroughCmdBT,
151};
152
153/**
154 * Source/sink function indexes for g_apfnSourceSinkFuncs.
155 */
156typedef enum ATAFNSS
157{
158 ATAFN_SS_NULL = 0,
159 ATAFN_SS_IDENTIFY,
160 ATAFN_SS_FLUSH,
161 ATAFN_SS_READ_SECTORS,
162 ATAFN_SS_WRITE_SECTORS,
163 ATAFN_SS_EXECUTE_DEVICE_DIAGNOSTIC,
164 ATAFN_SS_TRIM,
165 ATAFN_SS_PACKET,
166 ATAFN_SS_ATAPI_GET_CONFIGURATION,
167 ATAFN_SS_ATAPI_GET_EVENT_STATUS_NOTIFICATION,
168 ATAFN_SS_ATAPI_IDENTIFY,
169 ATAFN_SS_ATAPI_INQUIRY,
170 ATAFN_SS_ATAPI_MECHANISM_STATUS,
171 ATAFN_SS_ATAPI_MODE_SENSE_ERROR_RECOVERY,
172 ATAFN_SS_ATAPI_MODE_SENSE_CD_STATUS,
173 ATAFN_SS_ATAPI_READ,
174 ATAFN_SS_ATAPI_READ_CAPACITY,
175 ATAFN_SS_ATAPI_READ_DISC_INFORMATION,
176 ATAFN_SS_ATAPI_READ_TOC_NORMAL,
177 ATAFN_SS_ATAPI_READ_TOC_MULTI,
178 ATAFN_SS_ATAPI_READ_TOC_RAW,
179 ATAFN_SS_ATAPI_READ_TRACK_INFORMATION,
180 ATAFN_SS_ATAPI_REQUEST_SENSE,
181 ATAFN_SS_ATAPI_PASSTHROUGH,
182 ATAFN_SS_MAX
183} ATAFNSS;
184
185/**
186 * Array of source/sink functions, the index is ATAFNSS.
187 * Make sure ATAFNSS and this array match!
188 */
189static const PSourceSinkFunc g_apfnSourceSinkFuncs[ATAFN_SS_MAX] =
190{
191 NULL,
192 ataIdentifySS,
193 ataFlushSS,
194 ataReadSectorsSS,
195 ataWriteSectorsSS,
196 ataExecuteDeviceDiagnosticSS,
197 ataTrimSS,
198 ataPacketSS,
199 atapiGetConfigurationSS,
200 atapiGetEventStatusNotificationSS,
201 atapiIdentifySS,
202 atapiInquirySS,
203 atapiMechanismStatusSS,
204 atapiModeSenseErrorRecoverySS,
205 atapiModeSenseCDStatusSS,
206 atapiReadSS,
207 atapiReadCapacitySS,
208 atapiReadDiscInformationSS,
209 atapiReadTOCNormalSS,
210 atapiReadTOCMultiSS,
211 atapiReadTOCRawSS,
212 atapiReadTrackInformationSS,
213 atapiRequestSenseSS,
214 atapiPassthroughSS
215};
216
217
218static const AHCIATARequest ataDMARequest = { AHCIATA_AIO_DMA, };
219static const AHCIATARequest ataPIORequest = { AHCIATA_AIO_PIO, };
220static const AHCIATARequest ataResetARequest = { AHCIATA_AIO_RESET_ASSERTED, };
221static const AHCIATARequest ataResetCRequest = { AHCIATA_AIO_RESET_CLEARED, };
222
223
224static void ataAsyncIOClearRequests(PAHCIATACONTROLLER pCtl)
225{
226 int rc;
227
228 rc = RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT);
229 AssertRC(rc);
230 pCtl->AsyncIOReqHead = 0;
231 pCtl->AsyncIOReqTail = 0;
232 rc = RTSemMutexRelease(pCtl->AsyncIORequestMutex);
233 AssertRC(rc);
234}
235
236
237static void ataAsyncIOPutRequest(PAHCIATACONTROLLER pCtl, const AHCIATARequest *pReq)
238{
239 int rc;
240
241 rc = RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT);
242 AssertRC(rc);
243 Assert((pCtl->AsyncIOReqHead + 1) % RT_ELEMENTS(pCtl->aAsyncIORequests) != pCtl->AsyncIOReqTail);
244 memcpy(&pCtl->aAsyncIORequests[pCtl->AsyncIOReqHead], pReq, sizeof(*pReq));
245 pCtl->AsyncIOReqHead++;
246 pCtl->AsyncIOReqHead %= RT_ELEMENTS(pCtl->aAsyncIORequests);
247 rc = RTSemMutexRelease(pCtl->AsyncIORequestMutex);
248 AssertRC(rc);
249 rc = PDMR3CritSectScheduleExitEvent(&pCtl->lock, pCtl->AsyncIOSem);
250 if (RT_FAILURE(rc))
251 {
252 rc = RTSemEventSignal(pCtl->AsyncIOSem);
253 AssertRC(rc);
254 }
255}
256
257
258static const AHCIATARequest *ataAsyncIOGetCurrentRequest(PAHCIATACONTROLLER pCtl)
259{
260 int rc;
261 const AHCIATARequest *pReq;
262
263 rc = RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT);
264 AssertRC(rc);
265 if (pCtl->AsyncIOReqHead != pCtl->AsyncIOReqTail)
266 pReq = &pCtl->aAsyncIORequests[pCtl->AsyncIOReqTail];
267 else
268 pReq = NULL;
269 rc = RTSemMutexRelease(pCtl->AsyncIORequestMutex);
270 AssertRC(rc);
271 return pReq;
272}
273
274
275/**
276 * Remove the request with the given type, as it's finished. The request
277 * is not removed blindly, as this could mean a RESET request that is not
278 * yet processed (but has cleared the request queue) is lost.
279 *
280 * @param pCtl Controller for which to remove the request.
281 * @param ReqType Type of the request to remove.
282 */
283static void ataAsyncIORemoveCurrentRequest(PAHCIATACONTROLLER pCtl, AHCIATAAIO ReqType)
284{
285 int rc;
286
287 rc = RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT);
288 AssertRC(rc);
289 if (pCtl->AsyncIOReqHead != pCtl->AsyncIOReqTail && pCtl->aAsyncIORequests[pCtl->AsyncIOReqTail].ReqType == ReqType)
290 {
291 pCtl->AsyncIOReqTail++;
292 pCtl->AsyncIOReqTail %= RT_ELEMENTS(pCtl->aAsyncIORequests);
293 }
294 rc = RTSemMutexRelease(pCtl->AsyncIORequestMutex);
295 AssertRC(rc);
296}
297
298
299/**
300 * Dump the request queue for a particular controller. First dump the queue
301 * contents, then the already processed entries, as long as they haven't been
302 * overwritten.
303 *
304 * @param pCtl Controller for which to dump the queue.
305 */
306static void ataAsyncIODumpRequests(PAHCIATACONTROLLER pCtl)
307{
308 int rc;
309 uint8_t curr;
310
311 rc = RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT);
312 AssertRC(rc);
313 LogRel(("AHCI ATA: Ctl: request queue dump (topmost is current):\n"));
314 curr = pCtl->AsyncIOReqTail;
315 do
316 {
317 if (curr == pCtl->AsyncIOReqHead)
318 LogRel(("AHCI ATA: Ctl: processed requests (topmost is oldest):\n"));
319 switch (pCtl->aAsyncIORequests[curr].ReqType)
320 {
321 case AHCIATA_AIO_NEW:
322 LogRel(("new transfer request, iIf=%d iBeginTransfer=%d iSourceSink=%d cbTotalTransfer=%d uTxDir=%d\n", pCtl->aAsyncIORequests[curr].u.t.iIf, pCtl->aAsyncIORequests[curr].u.t.iBeginTransfer, pCtl->aAsyncIORequests[curr].u.t.iSourceSink, pCtl->aAsyncIORequests[curr].u.t.cbTotalTransfer, pCtl->aAsyncIORequests[curr].u.t.uTxDir));
323 break;
324 case AHCIATA_AIO_DMA:
325 LogRel(("dma transfer finished\n"));
326 break;
327 case AHCIATA_AIO_PIO:
328 LogRel(("pio transfer finished\n"));
329 break;
330 case AHCIATA_AIO_RESET_ASSERTED:
331 LogRel(("reset asserted request\n"));
332 break;
333 case AHCIATA_AIO_RESET_CLEARED:
334 LogRel(("reset cleared request\n"));
335 break;
336 case AHCIATA_AIO_ABORT:
337 LogRel(("abort request, iIf=%d fResetDrive=%d\n", pCtl->aAsyncIORequests[curr].u.a.iIf, pCtl->aAsyncIORequests[curr].u.a.fResetDrive));
338 break;
339 default:
340 LogRel(("unknown request %d\n", pCtl->aAsyncIORequests[curr].ReqType));
341 }
342 curr = (curr + 1) % RT_ELEMENTS(pCtl->aAsyncIORequests);
343 } while (curr != pCtl->AsyncIOReqTail);
344 rc = RTSemMutexRelease(pCtl->AsyncIORequestMutex);
345 AssertRC(rc);
346}
347
348
349/**
350 * Checks whether the request queue for a particular controller is empty
351 * or whether a particular controller is idle.
352 *
353 * @param pCtl Controller for which to check the queue.
354 * @param fStrict If set then the controller is checked to be idle.
355 */
356static bool ataAsyncIOIsIdle(PAHCIATACONTROLLER pCtl, bool fStrict)
357{
358 int rc;
359 bool fIdle;
360
361 if (pCtl->AsyncIORequestMutex == NIL_RTSEMMUTEX)
362 return true;
363
364 rc = RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT);
365 AssertRC(rc);
366 fIdle = pCtl->fRedoIdle;
367 if (!fIdle)
368 fIdle = (pCtl->AsyncIOReqHead == pCtl->AsyncIOReqTail);
369 if (fStrict)
370 fIdle &= (pCtl->uAsyncIOState == AHCIATA_AIO_NEW);
371 rc = RTSemMutexRelease(pCtl->AsyncIORequestMutex);
372 AssertRC(rc);
373 return fIdle;
374}
375
376
377/**
378 * Send a transfer request to the async I/O thread.
379 *
380 * @param s Pointer to the ATA device state data.
381 * @param cbTotalTransfer Data transfer size.
382 * @param uTxDir Data transfer direction.
383 * @param iBeginTransfer Index of BeginTransfer callback.
384 * @param iSourceSink Index of SourceSink callback.
385 * @param fChainedTransfer Whether this is a transfer that is part of the previous command/transfer.
386 */
387static void ataStartTransfer(AHCIATADevState *s, uint32_t cbTotalTransfer, uint8_t uTxDir, ATAFNBT iBeginTransfer, ATAFNSS iSourceSink, bool fChainedTransfer)
388{
389 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
390 AHCIATARequest Req;
391
392 Assert(PDMCritSectIsOwner(&pCtl->lock));
393
394 /* Do not issue new requests while the RESET line is asserted. */
395 if (pCtl->fReset)
396 {
397 Log2(("%s: Ctl: suppressed new request as RESET is active\n", __FUNCTION__));
398 return;
399 }
400
401 /* If the controller is already doing something else right now, ignore
402 * the command that is being submitted. Some broken guests issue commands
403 * twice (e.g. the Linux kernel that comes with Acronis True Image 8). */
404 if (!fChainedTransfer && !ataAsyncIOIsIdle(pCtl, true))
405 {
406 Log(("%s: Ctl: ignored command %#04x, controller state %d\n", __FUNCTION__, s->uATARegCommand, pCtl->uAsyncIOState));
407 LogRel(("IDE: guest issued command %#04x while controller busy\n", s->uATARegCommand));
408 return;
409 }
410
411 Req.ReqType = AHCIATA_AIO_NEW;
412 if (fChainedTransfer)
413 Req.u.t.iIf = pCtl->iAIOIf;
414 else
415 Req.u.t.iIf = pCtl->iSelectedIf;
416 Req.u.t.cbTotalTransfer = cbTotalTransfer;
417 Req.u.t.uTxDir = uTxDir;
418 Req.u.t.iBeginTransfer = iBeginTransfer;
419 Req.u.t.iSourceSink = iSourceSink;
420 ataSetStatusValue(s, ATA_STAT_BUSY);
421 pCtl->fChainedTransfer = fChainedTransfer;
422
423 /*
424 * Kick the worker thread into action.
425 */
426 Log2(("%s: Ctl: message to async I/O thread, new request\n", __FUNCTION__));
427 ataAsyncIOPutRequest(pCtl, &Req);
428}
429
430
431/**
432 * Send an abort command request to the async I/O thread.
433 *
434 * @param s Pointer to the ATA device state data.
435 * @param fResetDrive Whether to reset the drive or just abort a command.
436 */
437static void ataAbortCurrentCommand(AHCIATADevState *s, bool fResetDrive)
438{
439 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
440 AHCIATARequest Req;
441
442 Assert(PDMCritSectIsOwner(&pCtl->lock));
443
444 /* Do not issue new requests while the RESET line is asserted. */
445 if (pCtl->fReset)
446 {
447 Log2(("%s: Ctl: suppressed aborting command as RESET is active\n", __FUNCTION__));
448 return;
449 }
450
451 Req.ReqType = AHCIATA_AIO_ABORT;
452 Req.u.a.iIf = pCtl->iSelectedIf;
453 Req.u.a.fResetDrive = fResetDrive;
454 ataSetStatus(s, ATA_STAT_BUSY);
455 Log2(("%s: Ctl: message to async I/O thread, abort command on LUN#%d\n", __FUNCTION__, s->iLUN));
456 ataAsyncIOPutRequest(pCtl, &Req);
457}
458
459
460static void ataSetIRQ(AHCIATADevState *s)
461{
462 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
463 PPDMDEVINS pDevIns = ATADEVSTATE_2_DEVINS(s);
464
465 if (!(s->uATARegDevCtl & ATA_DEVCTL_DISABLE_IRQ))
466 {
467 Log2(("%s: LUN#%d asserting IRQ\n", __FUNCTION__, s->iLUN));
468 /* The BMDMA unit unconditionally sets BM_STATUS_INT if the interrupt
469 * line is asserted. It monitors the line for a rising edge. */
470 if (!s->fIrqPending)
471 pCtl->BmDma.u8Status |= BM_STATUS_INT;
472 /* Only actually set the IRQ line if updating the currently selected drive. */
473 if (s == &pCtl->aIfs[pCtl->iSelectedIf])
474 PDMDevHlpISASetIrq(pDevIns, pCtl->irq, 1);
475 }
476 s->fIrqPending = true;
477}
478
479#endif /* IN_RING3 */
480
481static void ataUnsetIRQ(AHCIATADevState *s)
482{
483 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
484 PPDMDEVINS pDevIns = ATADEVSTATE_2_DEVINS(s);
485
486 if (!(s->uATARegDevCtl & ATA_DEVCTL_DISABLE_IRQ))
487 {
488 Log2(("%s: LUN#%d deasserting IRQ\n", __FUNCTION__, s->iLUN));
489 /* Only actually unset the IRQ line if updating the currently selected drive. */
490 if (s == &pCtl->aIfs[pCtl->iSelectedIf])
491 PDMDevHlpISASetIrq(pDevIns, pCtl->irq, 0);
492 }
493 s->fIrqPending = false;
494}
495
496#ifdef IN_RING3
497
498static void ataPIOTransferStart(AHCIATADevState *s, uint32_t start, uint32_t size)
499{
500 Log2(("%s: LUN#%d start %d size %d\n", __FUNCTION__, s->iLUN, start, size));
501 s->iIOBufferPIODataStart = start;
502 s->iIOBufferPIODataEnd = start + size;
503 ataSetStatus(s, ATA_STAT_DRQ);
504}
505
506
507static void ataPIOTransferStop(AHCIATADevState *s)
508{
509 Log2(("%s: LUN#%d\n", __FUNCTION__, s->iLUN));
510 if (s->fATAPITransfer)
511 {
512 s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
513 Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
514 ataSetIRQ(s);
515 s->fATAPITransfer = false;
516 }
517 s->cbTotalTransfer = 0;
518 s->cbElementaryTransfer = 0;
519 s->iIOBufferPIODataStart = 0;
520 s->iIOBufferPIODataEnd = 0;
521 s->iBeginTransfer = ATAFN_BT_NULL;
522 s->iSourceSink = ATAFN_SS_NULL;
523}
524
525
526static void ataPIOTransferLimitATAPI(AHCIATADevState *s)
527{
528 uint32_t cbLimit, cbTransfer;
529
530 cbLimit = s->uATARegLCyl | (s->uATARegHCyl << 8);
531 /* Use maximum transfer size if the guest requested 0. Avoids a hang. */
532 if (cbLimit == 0)
533 cbLimit = 0xfffe;
534 Log2(("%s: byte count limit=%d\n", __FUNCTION__, cbLimit));
535 if (cbLimit == 0xffff)
536 cbLimit--;
537 cbTransfer = RT_MIN(s->cbTotalTransfer, s->iIOBufferEnd - s->iIOBufferCur);
538 if (cbTransfer > cbLimit)
539 {
540 /* Byte count limit for clipping must be even in this case */
541 if (cbLimit & 1)
542 cbLimit--;
543 cbTransfer = cbLimit;
544 }
545 s->uATARegLCyl = cbTransfer;
546 s->uATARegHCyl = cbTransfer >> 8;
547 s->cbElementaryTransfer = cbTransfer;
548}
549
550
551static uint32_t ataGetNSectors(AHCIATADevState *s)
552{
553 /* 0 means either 256 (LBA28) or 65536 (LBA48) sectors. */
554 if (s->fLBA48)
555 {
556 if (!s->uATARegNSector && !s->uATARegNSectorHOB)
557 return 65536;
558 else
559 return s->uATARegNSectorHOB << 8 | s->uATARegNSector;
560 }
561 else
562 {
563 if (!s->uATARegNSector)
564 return 256;
565 else
566 return s->uATARegNSector;
567 }
568}
569
570
571static void ataPadString(uint8_t *pbDst, const char *pbSrc, uint32_t cbSize)
572{
573 for (uint32_t i = 0; i < cbSize; i++)
574 {
575 if (*pbSrc)
576 pbDst[i ^ 1] = *pbSrc++;
577 else
578 pbDst[i ^ 1] = ' ';
579 }
580}
581
582
583static void ataSCSIPadStr(uint8_t *pbDst, const char *pbSrc, uint32_t cbSize)
584{
585 for (uint32_t i = 0; i < cbSize; i++)
586 {
587 if (*pbSrc)
588 pbDst[i] = *pbSrc++;
589 else
590 pbDst[i] = ' ';
591 }
592}
593
594
595DECLINLINE(void) ataH2BE_U16(uint8_t *pbBuf, uint16_t val)
596{
597 pbBuf[0] = val >> 8;
598 pbBuf[1] = val;
599}
600
601
602DECLINLINE(void) ataH2BE_U24(uint8_t *pbBuf, uint32_t val)
603{
604 pbBuf[0] = val >> 16;
605 pbBuf[1] = val >> 8;
606 pbBuf[2] = val;
607}
608
609
610DECLINLINE(void) ataH2BE_U32(uint8_t *pbBuf, uint32_t val)
611{
612 pbBuf[0] = val >> 24;
613 pbBuf[1] = val >> 16;
614 pbBuf[2] = val >> 8;
615 pbBuf[3] = val;
616}
617
618
619DECLINLINE(uint16_t) ataBE2H_U16(const uint8_t *pbBuf)
620{
621 return (pbBuf[0] << 8) | pbBuf[1];
622}
623
624
625DECLINLINE(uint32_t) ataBE2H_U24(const uint8_t *pbBuf)
626{
627 return (pbBuf[0] << 16) | (pbBuf[1] << 8) | pbBuf[2];
628}
629
630
631DECLINLINE(uint32_t) ataBE2H_U32(const uint8_t *pbBuf)
632{
633 return (pbBuf[0] << 24) | (pbBuf[1] << 16) | (pbBuf[2] << 8) | pbBuf[3];
634}
635
636
637DECLINLINE(void) ataLBA2MSF(uint8_t *pbBuf, uint32_t iATAPILBA)
638{
639 iATAPILBA += 150;
640 pbBuf[0] = (iATAPILBA / 75) / 60;
641 pbBuf[1] = (iATAPILBA / 75) % 60;
642 pbBuf[2] = iATAPILBA % 75;
643}
644
645
646DECLINLINE(uint32_t) ataMSF2LBA(const uint8_t *pbBuf)
647{
648 return (pbBuf[0] * 60 + pbBuf[1]) * 75 + pbBuf[2];
649}
650
651static uint32_t ataChecksum(void *ptr, size_t count)
652{
653 uint8_t u8Sum = 0xa5;
654 uint8_t *p = (uint8_t*)ptr;
655 size_t i;
656
657 for (i = 0; i < count; i++)
658 {
659 u8Sum += *p++;
660 }
661
662 return (uint8_t)-(int32_t)u8Sum;
663}
664
665static void ataCmdOK(AHCIATADevState *s, uint8_t status)
666{
667 s->uATARegError = 0; /* Not needed by ATA spec, but cannot hurt. */
668 ataSetStatusValue(s, ATA_STAT_READY | status);
669}
670
671
672static void ataCmdError(AHCIATADevState *s, uint8_t uErrorCode)
673{
674 Log(("%s: code=%#x\n", __FUNCTION__, uErrorCode));
675 s->uATARegError = uErrorCode;
676 ataSetStatusValue(s, ATA_STAT_READY | ATA_STAT_ERR);
677 s->cbTotalTransfer = 0;
678 s->cbElementaryTransfer = 0;
679 s->iIOBufferCur = 0;
680 s->iIOBufferEnd = 0;
681 s->uTxDir = PDMBLOCKTXDIR_NONE;
682 s->iBeginTransfer = ATAFN_BT_NULL;
683 s->iSourceSink = ATAFN_SS_NULL;
684}
685
686
687static bool ataIdentifySS(AHCIATADevState *s)
688{
689 uint16_t *p;
690
691 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
692 Assert(s->cbElementaryTransfer == 512);
693
694 p = (uint16_t *)s->CTXALLSUFF(pbIOBuffer);
695 memset(p, 0, 512);
696 p[0] = RT_H2LE_U16(0x0040);
697 p[1] = RT_H2LE_U16(RT_MIN(s->PCHSGeometry.cCylinders, 16383));
698 p[3] = RT_H2LE_U16(s->PCHSGeometry.cHeads);
699 /* Block size; obsolete, but required for the BIOS. */
700 p[5] = RT_H2LE_U16(512);
701 p[6] = RT_H2LE_U16(s->PCHSGeometry.cSectors);
702 ataPadString((uint8_t *)(p + 10), s->pszSerialNumber, ATA_SERIAL_NUMBER_LENGTH); /* serial number */
703 p[20] = RT_H2LE_U16(3); /* XXX: retired, cache type */
704 p[21] = RT_H2LE_U16(512); /* XXX: retired, cache size in sectors */
705 p[22] = RT_H2LE_U16(0); /* ECC bytes per sector */
706 ataPadString((uint8_t *)(p + 23), s->pszFirmwareRevision, ATA_FIRMWARE_REVISION_LENGTH); /* firmware version */
707 ataPadString((uint8_t *)(p + 27), s->pszModelNumber, ATA_MODEL_NUMBER_LENGTH); /* model */
708#if ATA_MAX_MULT_SECTORS > 1
709 p[47] = RT_H2LE_U16(0x8000 | ATA_MAX_MULT_SECTORS);
710#endif
711 p[48] = RT_H2LE_U16(1); /* dword I/O, used by the BIOS */
712 p[49] = RT_H2LE_U16(1 << 11 | 1 << 9 | 1 << 8); /* DMA and LBA supported */
713 p[50] = RT_H2LE_U16(1 << 14); /* No drive specific standby timer minimum */
714 p[51] = RT_H2LE_U16(240); /* PIO transfer cycle */
715 p[52] = RT_H2LE_U16(240); /* DMA transfer cycle */
716 p[53] = RT_H2LE_U16(1 | 1 << 1 | 1 << 2); /* words 54-58,64-70,88 valid */
717 p[54] = RT_H2LE_U16(RT_MIN(s->PCHSGeometry.cCylinders, 16383));
718 p[55] = RT_H2LE_U16(s->PCHSGeometry.cHeads);
719 p[56] = RT_H2LE_U16(s->PCHSGeometry.cSectors);
720 p[57] = RT_H2LE_U16( RT_MIN(s->PCHSGeometry.cCylinders, 16383)
721 * s->PCHSGeometry.cHeads
722 * s->PCHSGeometry.cSectors);
723 p[58] = RT_H2LE_U16( RT_MIN(s->PCHSGeometry.cCylinders, 16383)
724 * s->PCHSGeometry.cHeads
725 * s->PCHSGeometry.cSectors >> 16);
726 if (s->cMultSectors)
727 p[59] = RT_H2LE_U16(0x100 | s->cMultSectors);
728 if (s->cTotalSectors <= (1 << 28) - 1)
729 {
730 p[60] = RT_H2LE_U16(s->cTotalSectors);
731 p[61] = RT_H2LE_U16(s->cTotalSectors >> 16);
732 }
733 else
734 {
735 /* Report maximum number of sectors possible with LBA28 */
736 p[60] = RT_H2LE_U16(((1 << 28) - 1) & 0xffff);
737 p[61] = RT_H2LE_U16(((1 << 28) - 1) >> 16);
738 }
739 p[63] = RT_H2LE_U16(ATA_TRANSFER_ID(ATA_MODE_MDMA, ATA_MDMA_MODE_MAX, s->uATATransferMode)); /* MDMA modes supported / mode enabled */
740 p[64] = RT_H2LE_U16(ATA_PIO_MODE_MAX > 2 ? (1 << (ATA_PIO_MODE_MAX - 2)) - 1 : 0); /* PIO modes beyond PIO2 supported */
741 p[65] = RT_H2LE_U16(120); /* minimum DMA multiword tx cycle time */
742 p[66] = RT_H2LE_U16(120); /* recommended DMA multiword tx cycle time */
743 p[67] = RT_H2LE_U16(120); /* minimum PIO cycle time without flow control */
744 p[68] = RT_H2LE_U16(120); /* minimum PIO cycle time with IORDY flow control */
745 if (s->pDrvBlock->pfnDiscard)
746 {
747 p[80] = RT_H2LE_U16(0x1f0); /* support everything up to ATA/ATAPI-8 ACS */
748 p[81] = RT_H2LE_U16(0x28); /* conforms to ATA/ATAPI-8 ACS */
749 }
750 else
751 {
752 p[80] = RT_H2LE_U16(0x7e); /* support everything up to ATA/ATAPI-6 */
753 p[81] = RT_H2LE_U16(0x22); /* conforms to ATA/ATAPI-6 */
754 }
755 p[82] = RT_H2LE_U16(1 << 3 | 1 << 5 | 1 << 6); /* supports power management, write cache and look-ahead */
756 if (s->cTotalSectors <= (1 << 28) - 1)
757 p[83] = RT_H2LE_U16(1 << 14 | 1 << 12); /* supports FLUSH CACHE */
758 else
759 p[83] = RT_H2LE_U16(1 << 14 | 1 << 10 | 1 << 12 | 1 << 13); /* supports LBA48, FLUSH CACHE and FLUSH CACHE EXT */
760 p[84] = RT_H2LE_U16(1 << 14);
761 p[85] = RT_H2LE_U16(1 << 3 | 1 << 5 | 1 << 6); /* enabled power management, write cache and look-ahead */
762 if (s->cTotalSectors <= (1 << 28) - 1)
763 p[86] = RT_H2LE_U16(1 << 12); /* enabled FLUSH CACHE */
764 else
765 p[86] = RT_H2LE_U16(1 << 10 | 1 << 12 | 1 << 13); /* enabled LBA48, FLUSH CACHE and FLUSH CACHE EXT */
766 p[87] = RT_H2LE_U16(1 << 14);
767 p[88] = RT_H2LE_U16(ATA_TRANSFER_ID(ATA_MODE_UDMA, ATA_UDMA_MODE_MAX, s->uATATransferMode)); /* UDMA modes supported / mode enabled */
768 p[93] = RT_H2LE_U16((1 | 1 << 1) << ((s->iLUN & 1) == 0 ? 0 : 8) | 1 << 13 | 1 << 14);
769 if (s->cTotalSectors > (1 << 28) - 1)
770 {
771 p[100] = RT_H2LE_U16(s->cTotalSectors);
772 p[101] = RT_H2LE_U16(s->cTotalSectors >> 16);
773 p[102] = RT_H2LE_U16(s->cTotalSectors >> 32);
774 p[103] = RT_H2LE_U16(s->cTotalSectors >> 48);
775 }
776 if (s->pDrvBlock->pfnDiscard) /** @todo: Set bit 14 in word 69 too? (Deterministic read after TRIM). */
777 p[169] = RT_H2LE_U16(1); /* DATA SET MANAGEMENT command supported. */
778 if (s->fNonRotational)
779 p[217] = RT_H2LE_U16(1); /* Non-rotational medium */
780 uint32_t uCsum = ataChecksum(p, 510);
781 p[255] = RT_H2LE_U16(0xa5 | (uCsum << 8)); /* Integrity word */
782
783 s->iSourceSink = ATAFN_SS_NULL;
784 ataCmdOK(s, ATA_STAT_SEEK);
785 return false;
786}
787
788
789static bool ataFlushSS(AHCIATADevState *s)
790{
791 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
792 int rc;
793
794 Assert(s->uTxDir == PDMBLOCKTXDIR_NONE);
795 Assert(!s->cbElementaryTransfer);
796
797 PDMCritSectLeave(&pCtl->lock);
798
799 STAM_PROFILE_START(&s->StatFlushes, f);
800 rc = s->pDrvBlock->pfnFlush(s->pDrvBlock);
801 AssertRC(rc);
802 STAM_PROFILE_STOP(&s->StatFlushes, f);
803
804 STAM_PROFILE_START(&pCtl->StatLockWait, a);
805 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
806 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
807 ataCmdOK(s, 0);
808 return false;
809}
810
811
812static bool atapiIdentifySS(AHCIATADevState *s)
813{
814 uint16_t *p;
815
816 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
817 Assert(s->cbElementaryTransfer == 512);
818
819 p = (uint16_t *)s->CTXALLSUFF(pbIOBuffer);
820 memset(p, 0, 512);
821 /* Removable CDROM, 50us response, 12 byte packets */
822 p[0] = RT_H2LE_U16(2 << 14 | 5 << 8 | 1 << 7 | 2 << 5 | 0 << 0);
823 ataPadString((uint8_t *)(p + 10), s->pszSerialNumber, ATA_SERIAL_NUMBER_LENGTH); /* serial number */
824 p[20] = RT_H2LE_U16(3); /* XXX: retired, cache type */
825 p[21] = RT_H2LE_U16(512); /* XXX: retired, cache size in sectors */
826 ataPadString((uint8_t *)(p + 23), s->pszFirmwareRevision, ATA_FIRMWARE_REVISION_LENGTH); /* firmware version */
827 ataPadString((uint8_t *)(p + 27), s->pszModelNumber, ATA_MODEL_NUMBER_LENGTH); /* model */
828 p[49] = RT_H2LE_U16(1 << 11 | 1 << 9 | 1 << 8); /* DMA and LBA supported */
829 p[50] = RT_H2LE_U16(1 << 14); /* No drive specific standby timer minimum */
830 p[51] = RT_H2LE_U16(240); /* PIO transfer cycle */
831 p[52] = RT_H2LE_U16(240); /* DMA transfer cycle */
832 p[53] = RT_H2LE_U16(1 << 1 | 1 << 2); /* words 64-70,88 are valid */
833 p[63] = RT_H2LE_U16(ATA_TRANSFER_ID(ATA_MODE_MDMA, ATA_MDMA_MODE_MAX, s->uATATransferMode)); /* MDMA modes supported / mode enabled */
834 p[64] = RT_H2LE_U16(ATA_PIO_MODE_MAX > 2 ? (1 << (ATA_PIO_MODE_MAX - 2)) - 1 : 0); /* PIO modes beyond PIO2 supported */
835 p[65] = RT_H2LE_U16(120); /* minimum DMA multiword tx cycle time */
836 p[66] = RT_H2LE_U16(120); /* recommended DMA multiword tx cycle time */
837 p[67] = RT_H2LE_U16(120); /* minimum PIO cycle time without flow control */
838 p[68] = RT_H2LE_U16(120); /* minimum PIO cycle time with IORDY flow control */
839 p[73] = RT_H2LE_U16(0x003e); /* ATAPI CDROM major */
840 p[74] = RT_H2LE_U16(9); /* ATAPI CDROM minor */
841 p[75] = RT_H2LE_U16(1); /* queue depth 1 */
842 p[80] = RT_H2LE_U16(0x7e); /* support everything up to ATA/ATAPI-6 */
843 p[81] = RT_H2LE_U16(0x22); /* conforms to ATA/ATAPI-6 */
844 p[82] = RT_H2LE_U16(1 << 4 | 1 << 9); /* supports packet command set and DEVICE RESET */
845 p[83] = RT_H2LE_U16(1 << 14);
846 p[84] = RT_H2LE_U16(1 << 14);
847 p[85] = RT_H2LE_U16(1 << 4 | 1 << 9); /* enabled packet command set and DEVICE RESET */
848 p[86] = RT_H2LE_U16(0);
849 p[87] = RT_H2LE_U16(1 << 14);
850 p[88] = RT_H2LE_U16(ATA_TRANSFER_ID(ATA_MODE_UDMA, ATA_UDMA_MODE_MAX, s->uATATransferMode)); /* UDMA modes supported / mode enabled */
851 p[93] = RT_H2LE_U16((1 | 1 << 1) << ((s->iLUN & 1) == 0 ? 0 : 8) | 1 << 13 | 1 << 14);
852 uint32_t uCsum = ataChecksum(p, 510);
853 p[255] = RT_H2LE_U16(0xa5 | (uCsum << 8)); /* Integrity word */
854 s->iSourceSink = ATAFN_SS_NULL;
855 ataCmdOK(s, ATA_STAT_SEEK);
856 return false;
857}
858
859
860static void ataSetSignature(AHCIATADevState *s)
861{
862 s->uATARegSelect &= 0xf0; /* clear head */
863 /* put signature */
864 s->uATARegNSector = 1;
865 s->uATARegSector = 1;
866 if (s->fATAPI)
867 {
868 s->uATARegLCyl = 0x14;
869 s->uATARegHCyl = 0xeb;
870 }
871 else if (s->pDrvBlock)
872 {
873 s->uATARegLCyl = 0;
874 s->uATARegHCyl = 0;
875 }
876 else
877 {
878 s->uATARegLCyl = 0xff;
879 s->uATARegHCyl = 0xff;
880 }
881}
882
883
884static uint64_t ataGetSector(AHCIATADevState *s)
885{
886 uint64_t iLBA;
887 if (s->uATARegSelect & 0x40)
888 {
889 /* any LBA variant */
890 if (s->fLBA48)
891 {
892 /* LBA48 */
893 iLBA = ((uint64_t)s->uATARegHCylHOB << 40) |
894 ((uint64_t)s->uATARegLCylHOB << 32) |
895 ((uint64_t)s->uATARegSectorHOB << 24) |
896 ((uint64_t)s->uATARegHCyl << 16) |
897 ((uint64_t)s->uATARegLCyl << 8) |
898 s->uATARegSector;
899 }
900 else
901 {
902 /* LBA */
903 iLBA = ((s->uATARegSelect & 0x0f) << 24) | (s->uATARegHCyl << 16) |
904 (s->uATARegLCyl << 8) | s->uATARegSector;
905 }
906 }
907 else
908 {
909 /* CHS */
910 iLBA = ((s->uATARegHCyl << 8) | s->uATARegLCyl) * s->PCHSGeometry.cHeads * s->PCHSGeometry.cSectors +
911 (s->uATARegSelect & 0x0f) * s->PCHSGeometry.cSectors +
912 (s->uATARegSector - 1);
913 }
914 return iLBA;
915}
916
917static void ataSetSector(AHCIATADevState *s, uint64_t iLBA)
918{
919 uint32_t cyl, r;
920 if (s->uATARegSelect & 0x40)
921 {
922 /* any LBA variant */
923 if (s->fLBA48)
924 {
925 /* LBA48 */
926 s->uATARegHCylHOB = iLBA >> 40;
927 s->uATARegLCylHOB = iLBA >> 32;
928 s->uATARegSectorHOB = iLBA >> 24;
929 s->uATARegHCyl = iLBA >> 16;
930 s->uATARegLCyl = iLBA >> 8;
931 s->uATARegSector = iLBA;
932 }
933 else
934 {
935 /* LBA */
936 s->uATARegSelect = (s->uATARegSelect & 0xf0) | (iLBA >> 24);
937 s->uATARegHCyl = (iLBA >> 16);
938 s->uATARegLCyl = (iLBA >> 8);
939 s->uATARegSector = (iLBA);
940 }
941 }
942 else
943 {
944 /* CHS */
945 cyl = iLBA / (s->PCHSGeometry.cHeads * s->PCHSGeometry.cSectors);
946 r = iLBA % (s->PCHSGeometry.cHeads * s->PCHSGeometry.cSectors);
947 s->uATARegHCyl = cyl >> 8;
948 s->uATARegLCyl = cyl;
949 s->uATARegSelect = (s->uATARegSelect & 0xf0) | ((r / s->PCHSGeometry.cSectors) & 0x0f);
950 s->uATARegSector = (r % s->PCHSGeometry.cSectors) + 1;
951 }
952}
953
954
955static void ataWarningDiskFull(PPDMDEVINS pDevIns)
956{
957 int rc;
958 LogRel(("AHCI ATA: Host disk full\n"));
959 rc = PDMDevHlpVMSetRuntimeError(pDevIns, VMSETRTERR_FLAGS_SUSPEND | VMSETRTERR_FLAGS_NO_WAIT, "DevATA_DISKFULL",
960 N_("Host system reported disk full. VM execution is suspended. You can resume after freeing some space"));
961 AssertRC(rc);
962}
963
964static void ataWarningFileTooBig(PPDMDEVINS pDevIns)
965{
966 int rc;
967 LogRel(("AHCI ATA: File too big\n"));
968 rc = PDMDevHlpVMSetRuntimeError(pDevIns, VMSETRTERR_FLAGS_SUSPEND | VMSETRTERR_FLAGS_NO_WAIT, "DevATA_FILETOOBIG",
969 N_("Host system reported that the file size limit of the host file system has been exceeded. VM execution is suspended. You need to move your virtual hard disk to a filesystem which allows bigger files"));
970 AssertRC(rc);
971}
972
973static void ataWarningISCSI(PPDMDEVINS pDevIns)
974{
975 int rc;
976 LogRel(("AHCI ATA: iSCSI target unavailable\n"));
977 rc = PDMDevHlpVMSetRuntimeError(pDevIns, VMSETRTERR_FLAGS_SUSPEND | VMSETRTERR_FLAGS_NO_WAIT, "DevATA_ISCSIDOWN",
978 N_("The iSCSI target has stopped responding. VM execution is suspended. You can resume when it is available again"));
979 AssertRC(rc);
980}
981
982static bool ataIsRedoSetWarning(AHCIATADevState *s, int rc)
983{
984 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
985 Assert(!PDMCritSectIsOwner(&pCtl->lock));
986 if (rc == VERR_DISK_FULL)
987 {
988 pCtl->fRedoIdle = true;
989 ataWarningDiskFull(ATADEVSTATE_2_DEVINS(s));
990 return true;
991 }
992 if (rc == VERR_FILE_TOO_BIG)
993 {
994 pCtl->fRedoIdle = true;
995 ataWarningFileTooBig(ATADEVSTATE_2_DEVINS(s));
996 return true;
997 }
998 if (rc == VERR_BROKEN_PIPE || rc == VERR_NET_CONNECTION_REFUSED)
999 {
1000 pCtl->fRedoIdle = true;
1001 /* iSCSI connection abort (first error) or failure to reestablish
1002 * connection (second error). Pause VM. On resume we'll retry. */
1003 ataWarningISCSI(ATADEVSTATE_2_DEVINS(s));
1004 return true;
1005 }
1006 return false;
1007}
1008
1009
1010static int ataReadSectors(AHCIATADevState *s, uint64_t u64Sector, void *pvBuf,
1011 uint32_t cSectors, bool *pfRedo)
1012{
1013 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1014 int rc;
1015
1016 PDMCritSectLeave(&pCtl->lock);
1017
1018 STAM_PROFILE_ADV_START(&s->StatReads, r);
1019 s->pLed->Asserted.s.fReading = s->pLed->Actual.s.fReading = 1;
1020 rc = s->pDrvBlock->pfnRead(s->pDrvBlock, u64Sector * 512, pvBuf, cSectors * 512);
1021 s->pLed->Actual.s.fReading = 0;
1022 STAM_PROFILE_ADV_STOP(&s->StatReads, r);
1023
1024 STAM_REL_COUNTER_ADD(s->pStatBytesRead, cSectors * 512);
1025
1026 if (RT_SUCCESS(rc))
1027 *pfRedo = false;
1028 else
1029 *pfRedo = ataIsRedoSetWarning(s, rc);
1030
1031 STAM_PROFILE_START(&pCtl->StatLockWait, a);
1032 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
1033 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
1034 return rc;
1035}
1036
1037
1038static int ataWriteSectors(AHCIATADevState *s, uint64_t u64Sector,
1039 const void *pvBuf, uint32_t cSectors, bool *pfRedo)
1040{
1041 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1042 int rc;
1043
1044 PDMCritSectLeave(&pCtl->lock);
1045
1046 STAM_PROFILE_ADV_START(&s->StatWrites, w);
1047 s->pLed->Asserted.s.fWriting = s->pLed->Actual.s.fWriting = 1;
1048 rc = s->pDrvBlock->pfnWrite(s->pDrvBlock, u64Sector * 512, pvBuf, cSectors * 512);
1049 s->pLed->Actual.s.fWriting = 0;
1050 STAM_PROFILE_ADV_STOP(&s->StatWrites, w);
1051
1052 STAM_REL_COUNTER_ADD(s->pStatBytesWritten, cSectors * 512);
1053
1054 if (RT_SUCCESS(rc))
1055 *pfRedo = false;
1056 else
1057 *pfRedo = ataIsRedoSetWarning(s, rc);
1058
1059 STAM_PROFILE_START(&pCtl->StatLockWait, a);
1060 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
1061 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
1062 return rc;
1063}
1064
1065
1066static void ataReadWriteSectorsBT(AHCIATADevState *s)
1067{
1068 uint32_t cSectors;
1069
1070 cSectors = s->cbTotalTransfer / 512;
1071 if (cSectors > s->cSectorsPerIRQ)
1072 s->cbElementaryTransfer = s->cSectorsPerIRQ * 512;
1073 else
1074 s->cbElementaryTransfer = cSectors * 512;
1075 if (s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE)
1076 ataCmdOK(s, 0);
1077}
1078
1079
1080static bool ataReadSectorsSS(AHCIATADevState *s)
1081{
1082 int rc;
1083 uint32_t cSectors;
1084 uint64_t iLBA;
1085 bool fRedo;
1086
1087 cSectors = s->cbElementaryTransfer / 512;
1088 Assert(cSectors);
1089 iLBA = ataGetSector(s);
1090 Log(("%s: %d sectors at LBA %d\n", __FUNCTION__, cSectors, iLBA));
1091 rc = ataReadSectors(s, iLBA, s->CTXALLSUFF(pbIOBuffer), cSectors, &fRedo);
1092 if (RT_SUCCESS(rc))
1093 {
1094 ataSetSector(s, iLBA + cSectors);
1095 if (s->cbElementaryTransfer == s->cbTotalTransfer)
1096 s->iSourceSink = ATAFN_SS_NULL;
1097 ataCmdOK(s, ATA_STAT_SEEK);
1098 }
1099 else
1100 {
1101 if (fRedo)
1102 return true;
1103 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
1104 LogRel(("AHCI ATA: LUN#%d: disk read error (rc=%Rrc iSector=%#RX64 cSectors=%#RX32)\n",
1105 s->iLUN, rc, iLBA, cSectors));
1106 ataCmdError(s, ID_ERR);
1107 }
1108 return false;
1109}
1110
1111
1112static bool ataWriteSectorsSS(AHCIATADevState *s)
1113{
1114 int rc;
1115 uint32_t cSectors;
1116 uint64_t iLBA;
1117 bool fRedo;
1118
1119 cSectors = s->cbElementaryTransfer / 512;
1120 Assert(cSectors);
1121 iLBA = ataGetSector(s);
1122 Log(("%s: %d sectors at LBA %d\n", __FUNCTION__, cSectors, iLBA));
1123 rc = ataWriteSectors(s, iLBA, s->CTXALLSUFF(pbIOBuffer), cSectors, &fRedo);
1124 if (RT_SUCCESS(rc))
1125 {
1126 ataSetSector(s, iLBA + cSectors);
1127 if (!s->cbTotalTransfer)
1128 s->iSourceSink = ATAFN_SS_NULL;
1129 ataCmdOK(s, ATA_STAT_SEEK);
1130 }
1131 else
1132 {
1133 if (fRedo)
1134 return true;
1135 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
1136 LogRel(("AHCI ATA: LUN#%d: disk write error (rc=%Rrc iSector=%#RX64 cSectors=%#RX32)\n",
1137 s->iLUN, rc, iLBA, cSectors));
1138 ataCmdError(s, ID_ERR);
1139 }
1140 return false;
1141}
1142
1143
1144static void atapiCmdOK(AHCIATADevState *s)
1145{
1146 s->uATARegError = 0;
1147 ataSetStatusValue(s, ATA_STAT_READY);
1148 s->uATARegNSector = (s->uATARegNSector & ~7)
1149 | ((s->uTxDir != PDMBLOCKTXDIR_TO_DEVICE) ? ATAPI_INT_REASON_IO : 0)
1150 | (!s->cbTotalTransfer ? ATAPI_INT_REASON_CD : 0);
1151 Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
1152 memset(s->abATAPISense, '\0', sizeof(s->abATAPISense));
1153 s->abATAPISense[0] = 0x70 | (1 << 7);
1154 s->abATAPISense[7] = 10;
1155}
1156
1157
1158static void atapiCmdError(AHCIATADevState *s, const uint8_t *pabATAPISense, size_t cbATAPISense)
1159{
1160 Log(("%s: sense=%#x (%s) asc=%#x ascq=%#x (%s)\n", __FUNCTION__, pabATAPISense[2] & 0x0f, SCSISenseText(pabATAPISense[2] & 0x0f),
1161 pabATAPISense[12], pabATAPISense[13], SCSISenseExtText(pabATAPISense[12], pabATAPISense[13])));
1162 s->uATARegError = pabATAPISense[2] << 4;
1163 ataSetStatusValue(s, ATA_STAT_READY | ATA_STAT_ERR);
1164 s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1165 Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
1166 memset(s->abATAPISense, '\0', sizeof(s->abATAPISense));
1167 memcpy(s->abATAPISense, pabATAPISense, RT_MIN(cbATAPISense, sizeof(s->abATAPISense)));
1168 s->cbTotalTransfer = 0;
1169 s->cbElementaryTransfer = 0;
1170 s->iIOBufferCur = 0;
1171 s->iIOBufferEnd = 0;
1172 s->uTxDir = PDMBLOCKTXDIR_NONE;
1173 s->iBeginTransfer = ATAFN_BT_NULL;
1174 s->iSourceSink = ATAFN_SS_NULL;
1175}
1176
1177
1178/** @todo deprecated function - doesn't provide enough info. Replace by direct
1179 * calls to atapiCmdError() with full data. */
1180static void atapiCmdErrorSimple(AHCIATADevState *s, uint8_t uATAPISenseKey, uint8_t uATAPIASC)
1181{
1182 uint8_t abATAPISense[ATAPI_SENSE_SIZE];
1183 memset(abATAPISense, '\0', sizeof(abATAPISense));
1184 abATAPISense[0] = 0x70 | (1 << 7);
1185 abATAPISense[2] = uATAPISenseKey & 0x0f;
1186 abATAPISense[7] = 10;
1187 abATAPISense[12] = uATAPIASC;
1188 atapiCmdError(s, abATAPISense, sizeof(abATAPISense));
1189}
1190
1191
1192static void atapiCmdBT(AHCIATADevState *s)
1193{
1194 s->fATAPITransfer = true;
1195 s->cbElementaryTransfer = s->cbTotalTransfer;
1196 if (s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE)
1197 atapiCmdOK(s);
1198}
1199
1200
1201static void atapiPassthroughCmdBT(AHCIATADevState *s)
1202{
1203 /* @todo implement an algorithm for correctly determining the read and
1204 * write sector size without sending additional commands to the drive.
1205 * This should be doable by saving processing the configuration requests
1206 * and replies. */
1207#if 0
1208 if (s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE)
1209 {
1210 uint8_t cmd = s->aATAPICmd[0];
1211 if (cmd == SCSI_WRITE_10 || cmd == SCSI_WRITE_12 || cmd == SCSI_WRITE_AND_VERIFY_10)
1212 {
1213 uint8_t aModeSenseCmd[10];
1214 uint8_t aModeSenseResult[16];
1215 uint8_t uDummySense;
1216 uint32_t cbTransfer;
1217 int rc;
1218
1219 cbTransfer = sizeof(aModeSenseResult);
1220 aModeSenseCmd[0] = SCSI_MODE_SENSE_10;
1221 aModeSenseCmd[1] = 0x08; /* disable block descriptor = 1 */
1222 aModeSenseCmd[2] = (SCSI_PAGECONTROL_CURRENT << 6) | SCSI_MODEPAGE_WRITE_PARAMETER;
1223 aModeSenseCmd[3] = 0; /* subpage code */
1224 aModeSenseCmd[4] = 0; /* reserved */
1225 aModeSenseCmd[5] = 0; /* reserved */
1226 aModeSenseCmd[6] = 0; /* reserved */
1227 aModeSenseCmd[7] = cbTransfer >> 8;
1228 aModeSenseCmd[8] = cbTransfer & 0xff;
1229 aModeSenseCmd[9] = 0; /* control */
1230 rc = s->pDrvBlock->pfnSendCmd(s->pDrvBlock, aModeSenseCmd, PDMBLOCKTXDIR_FROM_DEVICE, aModeSenseResult, &cbTransfer, &uDummySense, 500);
1231 if (RT_FAILURE(rc))
1232 {
1233 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_NONE);
1234 return;
1235 }
1236 /* Select sector size based on the current data block type. */
1237 switch (aModeSenseResult[12] & 0x0f)
1238 {
1239 case 0:
1240 s->cbATAPISector = 2352;
1241 break;
1242 case 1:
1243 s->cbATAPISector = 2368;
1244 break;
1245 case 2:
1246 case 3:
1247 s->cbATAPISector = 2448;
1248 break;
1249 case 8:
1250 case 10:
1251 s->cbATAPISector = 2048;
1252 break;
1253 case 9:
1254 s->cbATAPISector = 2336;
1255 break;
1256 case 11:
1257 s->cbATAPISector = 2056;
1258 break;
1259 case 12:
1260 s->cbATAPISector = 2324;
1261 break;
1262 case 13:
1263 s->cbATAPISector = 2332;
1264 break;
1265 default:
1266 s->cbATAPISector = 0;
1267 }
1268 Log2(("%s: sector size %d\n", __FUNCTION__, s->cbATAPISector));
1269 s->cbTotalTransfer *= s->cbATAPISector;
1270 if (s->cbTotalTransfer == 0)
1271 s->uTxDir = PDMBLOCKTXDIR_NONE;
1272 }
1273 }
1274#endif
1275 atapiCmdBT(s);
1276}
1277
1278
1279static bool atapiReadSS(AHCIATADevState *s)
1280{
1281 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1282 int rc = VINF_SUCCESS;
1283 uint32_t cbTransfer, cSectors;
1284
1285 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1286 cbTransfer = RT_MIN(s->cbTotalTransfer, s->cbIOBuffer);
1287 cSectors = cbTransfer / s->cbATAPISector;
1288 Assert(cSectors * s->cbATAPISector <= cbTransfer);
1289 Log(("%s: %d sectors at LBA %d\n", __FUNCTION__, cSectors, s->iATAPILBA));
1290
1291 PDMCritSectLeave(&pCtl->lock);
1292
1293 STAM_PROFILE_ADV_START(&s->StatReads, r);
1294 s->pLed->Asserted.s.fReading = s->pLed->Actual.s.fReading = 1;
1295 switch (s->cbATAPISector)
1296 {
1297 case 2048:
1298 rc = s->pDrvBlock->pfnRead(s->pDrvBlock, (uint64_t)s->iATAPILBA * s->cbATAPISector, s->CTXALLSUFF(pbIOBuffer), s->cbATAPISector * cSectors);
1299 break;
1300 case 2352:
1301 {
1302 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1303
1304 for (uint32_t i = s->iATAPILBA; i < s->iATAPILBA + cSectors; i++)
1305 {
1306 /* sync bytes */
1307 *pbBuf++ = 0x00;
1308 memset(pbBuf, 0xff, 11);
1309 pbBuf += 11;
1310 /* MSF */
1311 ataLBA2MSF(pbBuf, i);
1312 pbBuf += 3;
1313 *pbBuf++ = 0x01; /* mode 1 data */
1314 /* data */
1315 rc = s->pDrvBlock->pfnRead(s->pDrvBlock, (uint64_t)i * 2048, pbBuf, 2048);
1316 if (RT_FAILURE(rc))
1317 break;
1318 pbBuf += 2048;
1319 /* ECC */
1320 memset(pbBuf, 0, 288);
1321 pbBuf += 288;
1322 }
1323 }
1324 break;
1325 default:
1326 break;
1327 }
1328 STAM_PROFILE_ADV_STOP(&s->StatReads, r);
1329
1330 STAM_PROFILE_START(&pCtl->StatLockWait, a);
1331 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
1332 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
1333
1334 if (RT_SUCCESS(rc))
1335 {
1336 s->pLed->Actual.s.fReading = 0;
1337 STAM_REL_COUNTER_ADD(s->pStatBytesRead, s->cbATAPISector * cSectors);
1338
1339 /* The initial buffer end value has been set up based on the total
1340 * transfer size. But the I/O buffer size limits what can actually be
1341 * done in one transfer, so set the actual value of the buffer end. */
1342 s->cbElementaryTransfer = cbTransfer;
1343 if (cbTransfer >= s->cbTotalTransfer)
1344 s->iSourceSink = ATAFN_SS_NULL;
1345 atapiCmdOK(s);
1346 s->iATAPILBA += cSectors;
1347 }
1348 else
1349 {
1350 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
1351 LogRel(("AHCI ATA: LUN#%d: CD-ROM read error, %d sectors at LBA %d\n", s->iLUN, cSectors, s->iATAPILBA));
1352 atapiCmdErrorSimple(s, SCSI_SENSE_MEDIUM_ERROR, SCSI_ASC_READ_ERROR);
1353 }
1354 return false;
1355}
1356
1357
1358static bool atapiPassthroughSS(AHCIATADevState *s)
1359{
1360 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1361 int rc = VINF_SUCCESS;
1362 uint8_t abATAPISense[ATAPI_SENSE_SIZE];
1363 uint32_t cbTransfer;
1364 PSTAMPROFILEADV pProf = NULL;
1365
1366 cbTransfer = s->cbElementaryTransfer;
1367
1368 if (s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE)
1369 Log3(("ATAPI PT data write (%d): %.*Rhxs\n", cbTransfer, cbTransfer, s->CTXALLSUFF(pbIOBuffer)));
1370
1371 /* Simple heuristics: if there is at least one sector of data
1372 * to transfer, it's worth updating the LEDs. */
1373 if (cbTransfer >= 2048)
1374 {
1375 if (s->uTxDir != PDMBLOCKTXDIR_TO_DEVICE)
1376 {
1377 s->pLed->Asserted.s.fReading = s->pLed->Actual.s.fReading = 1;
1378 pProf = &s->StatReads;
1379 }
1380 else
1381 {
1382 s->pLed->Asserted.s.fWriting = s->pLed->Actual.s.fWriting = 1;
1383 pProf = &s->StatWrites;
1384 }
1385 }
1386
1387 PDMCritSectLeave(&pCtl->lock);
1388
1389 memset(abATAPISense, '\0', sizeof(abATAPISense));
1390 if (pProf) { STAM_PROFILE_ADV_START(pProf, b); }
1391 if (cbTransfer > 100 * _1K)
1392 {
1393 /* Linux accepts commands with up to 100KB of data, but expects
1394 * us to handle commands with up to 128KB of data. The usual
1395 * imbalance of powers. */
1396 uint8_t aATAPICmd[ATAPI_PACKET_SIZE];
1397 uint32_t iATAPILBA, cSectors, cReqSectors, cbCurrTX;
1398 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1399
1400 switch (s->aATAPICmd[0])
1401 {
1402 case SCSI_READ_10:
1403 case SCSI_WRITE_10:
1404 case SCSI_WRITE_AND_VERIFY_10:
1405 iATAPILBA = ataBE2H_U32(s->aATAPICmd + 2);
1406 cSectors = ataBE2H_U16(s->aATAPICmd + 7);
1407 break;
1408 case SCSI_READ_12:
1409 case SCSI_WRITE_12:
1410 iATAPILBA = ataBE2H_U32(s->aATAPICmd + 2);
1411 cSectors = ataBE2H_U32(s->aATAPICmd + 6);
1412 break;
1413 case SCSI_READ_CD:
1414 iATAPILBA = ataBE2H_U32(s->aATAPICmd + 2);
1415 cSectors = ataBE2H_U24(s->aATAPICmd + 6) / s->cbATAPISector;
1416 break;
1417 case SCSI_READ_CD_MSF:
1418 iATAPILBA = ataMSF2LBA(s->aATAPICmd + 3);
1419 cSectors = ataMSF2LBA(s->aATAPICmd + 6) - iATAPILBA;
1420 break;
1421 default:
1422 AssertMsgFailed(("Don't know how to split command %#04x\n", s->aATAPICmd[0]));
1423 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
1424 LogRel(("AHCI ATA: LUN#%d: CD-ROM passthrough split error\n", s->iLUN));
1425 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_ILLEGAL_OPCODE);
1426 {
1427 STAM_PROFILE_START(&pCtl->StatLockWait, a);
1428 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
1429 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
1430 }
1431 return false;
1432 }
1433 memcpy(aATAPICmd, s->aATAPICmd, ATAPI_PACKET_SIZE);
1434 cReqSectors = 0;
1435 for (uint32_t i = cSectors; i > 0; i -= cReqSectors)
1436 {
1437 if (i * s->cbATAPISector > 100 * _1K)
1438 cReqSectors = (100 * _1K) / s->cbATAPISector;
1439 else
1440 cReqSectors = i;
1441 cbCurrTX = s->cbATAPISector * cReqSectors;
1442 switch (s->aATAPICmd[0])
1443 {
1444 case SCSI_READ_10:
1445 case SCSI_WRITE_10:
1446 case SCSI_WRITE_AND_VERIFY_10:
1447 ataH2BE_U32(aATAPICmd + 2, iATAPILBA);
1448 ataH2BE_U16(aATAPICmd + 7, cReqSectors);
1449 break;
1450 case SCSI_READ_12:
1451 case SCSI_WRITE_12:
1452 ataH2BE_U32(aATAPICmd + 2, iATAPILBA);
1453 ataH2BE_U32(aATAPICmd + 6, cReqSectors);
1454 break;
1455 case SCSI_READ_CD:
1456 ataH2BE_U32(s->aATAPICmd + 2, iATAPILBA);
1457 ataH2BE_U24(s->aATAPICmd + 6, cbCurrTX);
1458 break;
1459 case SCSI_READ_CD_MSF:
1460 ataLBA2MSF(aATAPICmd + 3, iATAPILBA);
1461 ataLBA2MSF(aATAPICmd + 6, iATAPILBA + cReqSectors);
1462 break;
1463 }
1464 rc = s->pDrvBlock->pfnSendCmd(s->pDrvBlock, aATAPICmd, (PDMBLOCKTXDIR)s->uTxDir, pbBuf, &cbCurrTX, abATAPISense, sizeof(abATAPISense), 30000 /**< @todo timeout */);
1465 if (rc != VINF_SUCCESS)
1466 break;
1467 iATAPILBA += cReqSectors;
1468 pbBuf += s->cbATAPISector * cReqSectors;
1469 }
1470 }
1471 else
1472 rc = s->pDrvBlock->pfnSendCmd(s->pDrvBlock, s->aATAPICmd, (PDMBLOCKTXDIR)s->uTxDir, s->CTXALLSUFF(pbIOBuffer), &cbTransfer, abATAPISense, sizeof(abATAPISense), 30000 /**< @todo timeout */);
1473 if (pProf) { STAM_PROFILE_ADV_STOP(pProf, b); }
1474
1475 STAM_PROFILE_START(&pCtl->StatLockWait, a);
1476 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
1477 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
1478
1479 /* Update the LEDs and the read/write statistics. */
1480 if (cbTransfer >= 2048)
1481 {
1482 if (s->uTxDir != PDMBLOCKTXDIR_TO_DEVICE)
1483 {
1484 s->pLed->Actual.s.fReading = 0;
1485 STAM_REL_COUNTER_ADD(s->pStatBytesRead, cbTransfer);
1486 }
1487 else
1488 {
1489 s->pLed->Actual.s.fWriting = 0;
1490 STAM_REL_COUNTER_ADD(s->pStatBytesWritten, cbTransfer);
1491 }
1492 }
1493
1494 if (RT_SUCCESS(rc))
1495 {
1496 if (s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE)
1497 {
1498 Assert(cbTransfer <= s->cbTotalTransfer);
1499 /* Reply with the same amount of data as the real drive. */
1500 s->cbTotalTransfer = cbTransfer;
1501 /* The initial buffer end value has been set up based on the total
1502 * transfer size. But the I/O buffer size limits what can actually be
1503 * done in one transfer, so set the actual value of the buffer end. */
1504 s->cbElementaryTransfer = cbTransfer;
1505 if (s->aATAPICmd[0] == SCSI_INQUIRY)
1506 {
1507 /* Make sure that the real drive cannot be identified.
1508 * Motivation: changing the VM configuration should be as
1509 * invisible as possible to the guest. */
1510 Log3(("ATAPI PT inquiry data before (%d): %.*Rhxs\n", cbTransfer, cbTransfer, s->CTXALLSUFF(pbIOBuffer)));
1511 ataSCSIPadStr(s->CTXALLSUFF(pbIOBuffer) + 8, "VBOX", 8);
1512 ataSCSIPadStr(s->CTXALLSUFF(pbIOBuffer) + 16, "CD-ROM", 16);
1513 ataSCSIPadStr(s->CTXALLSUFF(pbIOBuffer) + 32, "1.0", 4);
1514 }
1515 if (cbTransfer)
1516 Log3(("ATAPI PT data read (%d): %.*Rhxs\n", cbTransfer, cbTransfer, s->CTXALLSUFF(pbIOBuffer)));
1517 }
1518 s->iSourceSink = ATAFN_SS_NULL;
1519 atapiCmdOK(s);
1520 }
1521 else
1522 {
1523 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
1524 {
1525 uint8_t u8Cmd = s->aATAPICmd[0];
1526 do
1527 {
1528 /* don't log superfluous errors */
1529 if ( rc == VERR_DEV_IO_ERROR
1530 && ( u8Cmd == SCSI_TEST_UNIT_READY
1531 || u8Cmd == SCSI_READ_CAPACITY
1532 || u8Cmd == SCSI_READ_TOC_PMA_ATIP))
1533 break;
1534 LogRel(("AHCI ATA: LUN#%d: CD-ROM passthrough command (%#04x) error %d %Rrc\n", s->iLUN, u8Cmd, abATAPISense[0] & 0x0f, rc));
1535 } while (0);
1536 }
1537 atapiCmdError(s, abATAPISense, sizeof(abATAPISense));
1538 }
1539 return false;
1540}
1541
1542
1543static bool atapiReadSectors(AHCIATADevState *s, uint32_t iATAPILBA, uint32_t cSectors, uint32_t cbSector)
1544{
1545 Assert(cSectors > 0);
1546 s->iATAPILBA = iATAPILBA;
1547 s->cbATAPISector = cbSector;
1548 ataStartTransfer(s, cSectors * cbSector, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ, true);
1549 return false;
1550}
1551
1552
1553static bool atapiReadCapacitySS(AHCIATADevState *s)
1554{
1555 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1556
1557 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1558 Assert(s->cbElementaryTransfer <= 8);
1559 ataH2BE_U32(pbBuf, s->cTotalSectors - 1);
1560 ataH2BE_U32(pbBuf + 4, 2048);
1561 s->iSourceSink = ATAFN_SS_NULL;
1562 atapiCmdOK(s);
1563 return false;
1564}
1565
1566
1567static bool atapiReadDiscInformationSS(AHCIATADevState *s)
1568{
1569 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1570
1571 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1572 Assert(s->cbElementaryTransfer <= 34);
1573 memset(pbBuf, '\0', 34);
1574 ataH2BE_U16(pbBuf, 32);
1575 pbBuf[2] = (0 << 4) | (3 << 2) | (2 << 0); /* not erasable, complete session, complete disc */
1576 pbBuf[3] = 1; /* number of first track */
1577 pbBuf[4] = 1; /* number of sessions (LSB) */
1578 pbBuf[5] = 1; /* first track number in last session (LSB) */
1579 pbBuf[6] = 1; /* last track number in last session (LSB) */
1580 pbBuf[7] = (0 << 7) | (0 << 6) | (1 << 5) | (0 << 2) | (0 << 0); /* disc id not valid, disc bar code not valid, unrestricted use, not dirty, not RW medium */
1581 pbBuf[8] = 0; /* disc type = CD-ROM */
1582 pbBuf[9] = 0; /* number of sessions (MSB) */
1583 pbBuf[10] = 0; /* number of sessions (MSB) */
1584 pbBuf[11] = 0; /* number of sessions (MSB) */
1585 ataH2BE_U32(pbBuf + 16, 0x00ffffff); /* last session lead-in start time is not available */
1586 ataH2BE_U32(pbBuf + 20, 0x00ffffff); /* last possible start time for lead-out is not available */
1587 s->iSourceSink = ATAFN_SS_NULL;
1588 atapiCmdOK(s);
1589 return false;
1590}
1591
1592
1593static bool atapiReadTrackInformationSS(AHCIATADevState *s)
1594{
1595 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1596
1597 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1598 Assert(s->cbElementaryTransfer <= 36);
1599 /* Accept address/number type of 1 only, and only track 1 exists. */
1600 if ((s->aATAPICmd[1] & 0x03) != 1 || ataBE2H_U32(&s->aATAPICmd[2]) != 1)
1601 {
1602 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
1603 return false;
1604 }
1605 memset(pbBuf, '\0', 36);
1606 ataH2BE_U16(pbBuf, 34);
1607 pbBuf[2] = 1; /* track number (LSB) */
1608 pbBuf[3] = 1; /* session number (LSB) */
1609 pbBuf[5] = (0 << 5) | (0 << 4) | (4 << 0); /* not damaged, primary copy, data track */
1610 pbBuf[6] = (0 << 7) | (0 << 6) | (0 << 5) | (0 << 6) | (1 << 0); /* not reserved track, not blank, not packet writing, not fixed packet, data mode 1 */
1611 pbBuf[7] = (0 << 1) | (0 << 0); /* last recorded address not valid, next recordable address not valid */
1612 ataH2BE_U32(pbBuf + 8, 0); /* track start address is 0 */
1613 ataH2BE_U32(pbBuf + 24, s->cTotalSectors); /* track size */
1614 pbBuf[32] = 0; /* track number (MSB) */
1615 pbBuf[33] = 0; /* session number (MSB) */
1616 s->iSourceSink = ATAFN_SS_NULL;
1617 atapiCmdOK(s);
1618 return false;
1619}
1620
1621static size_t atapiGetConfigurationFillFeatureListProfiles(AHCIATADevState *s, uint8_t *pbBuf, size_t cbBuf)
1622{
1623 if (cbBuf < 3*4)
1624 return 0;
1625
1626 ataH2BE_U16(pbBuf, 0x0); /* feature 0: list of profiles supported */
1627 pbBuf[2] = (0 << 2) | (1 << 1) | (1 || 0); /* version 0, persistent, current */
1628 pbBuf[3] = 8; /* additional bytes for profiles */
1629 /* The MMC-3 spec says that DVD-ROM read capability should be reported
1630 * before CD-ROM read capability. */
1631 ataH2BE_U16(pbBuf + 4, 0x10); /* profile: read-only DVD */
1632 pbBuf[6] = (0 << 0); /* NOT current profile */
1633 ataH2BE_U16(pbBuf + 8, 0x08); /* profile: read only CD */
1634 pbBuf[10] = (1 << 0); /* current profile */
1635
1636 return 3*4; /* Header + 2 profiles entries */
1637}
1638
1639static size_t atapiGetConfigurationFillFeatureCore(AHCIATADevState *s, uint8_t *pbBuf, size_t cbBuf)
1640{
1641 if (cbBuf < 12)
1642 return 0;
1643
1644 ataH2BE_U16(pbBuf, 0x1); /* feature 0001h: Core Feature */
1645 pbBuf[2] = (0x2 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
1646 pbBuf[3] = 8; /* Additional length */
1647 ataH2BE_U16(pbBuf + 4, 0x00000002); /* Physical interface ATAPI. */
1648 pbBuf[8] = RT_BIT(0); /* DBE */
1649 /* Rest is reserved. */
1650
1651 return 12;
1652}
1653
1654static size_t atapiGetConfigurationFillFeatureMorphing(AHCIATADevState *s, uint8_t *pbBuf, size_t cbBuf)
1655{
1656 if (cbBuf < 8)
1657 return 0;
1658
1659 ataH2BE_U16(pbBuf, 0x2); /* feature 0002h: Morphing Feature */
1660 pbBuf[2] = (0x1 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
1661 pbBuf[3] = 4; /* Additional length */
1662 pbBuf[4] = RT_BIT(1) | 0x0; /* OCEvent | !ASYNC */
1663 /* Rest is reserved. */
1664
1665 return 8;
1666}
1667
1668static size_t atapiGetConfigurationFillFeatureRemovableMedium(AHCIATADevState *s, uint8_t *pbBuf, size_t cbBuf)
1669{
1670 if (cbBuf < 8)
1671 return 0;
1672
1673 ataH2BE_U16(pbBuf, 0x3); /* feature 0003h: Removable Medium Feature */
1674 pbBuf[2] = (0x2 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
1675 pbBuf[3] = 4; /* Additional length */
1676 /* Tray type loading | Load | Eject | !Pvnt Jmpr | !DBML | Lock */
1677 pbBuf[4] = (0x2 << 5) | RT_BIT(4) | RT_BIT(3) | (0x0 << 2) | (0x0 << 1) | RT_BIT(0);
1678 /* Rest is reserved. */
1679
1680 return 8;
1681}
1682
1683static size_t atapiGetConfigurationFillFeatureRandomReadable(AHCIATADevState *s, uint8_t *pbBuf, size_t cbBuf)
1684{
1685 if (cbBuf < 12)
1686 return 0;
1687
1688 ataH2BE_U16(pbBuf, 0x10); /* feature 0010h: Random Readable Feature */
1689 pbBuf[2] = (0x0 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
1690 pbBuf[3] = 8; /* Additional length */
1691 ataH2BE_U32(pbBuf + 4, 2048); /* Logical block size. */
1692 ataH2BE_U16(pbBuf + 8, 0x10); /* Blocking (0x10 for DVD, CD is not defined). */
1693 pbBuf[10] = 0; /* PP not present */
1694 /* Rest is reserved. */
1695
1696 return 12;
1697}
1698
1699static size_t atapiGetConfigurationFillFeatureCDRead(AHCIATADevState *s, uint8_t *pbBuf, size_t cbBuf)
1700{
1701 if (cbBuf < 8)
1702 return 0;
1703
1704 ataH2BE_U16(pbBuf, 0x1e); /* feature 001Eh: CD Read Feature */
1705 pbBuf[2] = (0x2 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
1706 pbBuf[3] = 0; /* Additional length */
1707 pbBuf[4] = (0x0 << 7) | (0x0 << 1) | 0x0; /* !DAP | !C2-Flags | !CD-Text. */
1708 /* Rest is reserved. */
1709
1710 return 8;
1711}
1712
1713static size_t atapiGetConfigurationFillFeaturePowerManagement(AHCIATADevState *s, uint8_t *pbBuf, size_t cbBuf)
1714{
1715 if (cbBuf < 4)
1716 return 0;
1717
1718 ataH2BE_U16(pbBuf, 0x100); /* feature 0100h: Power Management Feature */
1719 pbBuf[2] = (0x0 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
1720 pbBuf[3] = 0; /* Additional length */
1721
1722 return 4;
1723}
1724
1725static size_t atapiGetConfigurationFillFeatureTimeout(AHCIATADevState *s, uint8_t *pbBuf, size_t cbBuf)
1726{
1727 if (cbBuf < 8)
1728 return 0;
1729
1730 ataH2BE_U16(pbBuf, 0x105); /* feature 0105h: Timeout Feature */
1731 pbBuf[2] = (0x0 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
1732 pbBuf[3] = 4; /* Additional length */
1733 pbBuf[4] = 0x0; /* !Group3 */
1734
1735 return 8;
1736}
1737
1738static bool atapiGetConfigurationSS(AHCIATADevState *s)
1739{
1740 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1741 size_t cbBuf = s->cbIOBuffer;
1742 size_t cbCopied = 0;
1743 uint16_t u16Sfn = ataBE2H_U16(&s->aATAPICmd[2]);
1744
1745 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1746 Assert(s->cbElementaryTransfer <= 80);
1747 /* Accept valid request types only, and only starting feature 0. */
1748 if ((s->aATAPICmd[1] & 0x03) == 3 || u16Sfn != 0)
1749 {
1750 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
1751 return false;
1752 }
1753 memset(pbBuf, '\0', cbBuf);
1754 /** @todo implement switching between CD-ROM and DVD-ROM profile (the only
1755 * way to differentiate them right now is based on the image size). */
1756 if (s->cTotalSectors)
1757 ataH2BE_U16(pbBuf + 6, 0x08); /* current profile: read-only CD */
1758 else
1759 ataH2BE_U16(pbBuf + 6, 0x00); /* current profile: none -> no media */
1760 cbBuf -= 8;
1761 pbBuf += 8;
1762
1763 cbCopied = atapiGetConfigurationFillFeatureListProfiles(s, pbBuf, cbBuf);
1764 cbBuf -= cbCopied;
1765 pbBuf += cbCopied;
1766
1767 cbCopied = atapiGetConfigurationFillFeatureCore(s, pbBuf, cbBuf);
1768 cbBuf -= cbCopied;
1769 pbBuf += cbCopied;
1770
1771 cbCopied = atapiGetConfigurationFillFeatureMorphing(s, pbBuf, cbBuf);
1772 cbBuf -= cbCopied;
1773 pbBuf += cbCopied;
1774
1775 cbCopied = atapiGetConfigurationFillFeatureRemovableMedium(s, pbBuf, cbBuf);
1776 cbBuf -= cbCopied;
1777 pbBuf += cbCopied;
1778
1779 cbCopied = atapiGetConfigurationFillFeatureRandomReadable(s, pbBuf, cbBuf);
1780 cbBuf -= cbCopied;
1781 pbBuf += cbCopied;
1782
1783 cbCopied = atapiGetConfigurationFillFeatureCDRead(s, pbBuf, cbBuf);
1784 cbBuf -= cbCopied;
1785 pbBuf += cbCopied;
1786
1787 cbCopied = atapiGetConfigurationFillFeaturePowerManagement(s, pbBuf, cbBuf);
1788 cbBuf -= cbCopied;
1789 pbBuf += cbCopied;
1790
1791 cbCopied = atapiGetConfigurationFillFeatureTimeout(s, pbBuf, cbBuf);
1792 cbBuf -= cbCopied;
1793 pbBuf += cbCopied;
1794
1795 /* Set data length now. */
1796 ataH2BE_U32(s->CTX_SUFF(pbIOBuffer), s->cbIOBuffer - cbBuf);
1797
1798 /* Other profiles we might want to add in the future: 0x40 (BD-ROM) and 0x50 (HDDVD-ROM) */
1799 s->iSourceSink = ATAFN_SS_NULL;
1800 atapiCmdOK(s);
1801 return false;
1802}
1803
1804
1805static bool atapiGetEventStatusNotificationSS(AHCIATADevState *s)
1806{
1807 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
1808
1809 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1810 Assert(s->cbElementaryTransfer <= 8);
1811
1812 if (!(s->aATAPICmd[1] & 1))
1813 {
1814 /* no asynchronous operation supported */
1815 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
1816 return false;
1817 }
1818
1819 uint32_t OldStatus, NewStatus;
1820 do
1821 {
1822 OldStatus = ASMAtomicReadU32(&s->MediaEventStatus);
1823 NewStatus = ATA_EVENT_STATUS_UNCHANGED;
1824 switch (OldStatus)
1825 {
1826 case ATA_EVENT_STATUS_MEDIA_NEW:
1827 /* mount */
1828 ataH2BE_U16(pbBuf + 0, 6);
1829 pbBuf[2] = 0x04; /* media */
1830 pbBuf[3] = 0x5e; /* supported = busy|media|external|power|operational */
1831 pbBuf[4] = 0x02; /* new medium */
1832 pbBuf[5] = 0x02; /* medium present / door closed */
1833 pbBuf[6] = 0x00;
1834 pbBuf[7] = 0x00;
1835 break;
1836
1837 case ATA_EVENT_STATUS_MEDIA_CHANGED:
1838 case ATA_EVENT_STATUS_MEDIA_REMOVED:
1839 /* umount */
1840 ataH2BE_U16(pbBuf + 0, 6);
1841 pbBuf[2] = 0x04; /* media */
1842 pbBuf[3] = 0x5e; /* supported = busy|media|external|power|operational */
1843 pbBuf[4] = 0x03; /* media removal */
1844 pbBuf[5] = 0x00; /* medium absent / door closed */
1845 pbBuf[6] = 0x00;
1846 pbBuf[7] = 0x00;
1847 if (OldStatus == ATA_EVENT_STATUS_MEDIA_CHANGED)
1848 NewStatus = ATA_EVENT_STATUS_MEDIA_NEW;
1849 break;
1850
1851 case ATA_EVENT_STATUS_MEDIA_EJECT_REQUESTED: /* currently unused */
1852 ataH2BE_U16(pbBuf + 0, 6);
1853 pbBuf[2] = 0x04; /* media */
1854 pbBuf[3] = 0x5e; /* supported = busy|media|external|power|operational */
1855 pbBuf[4] = 0x01; /* eject requested (eject button pressed) */
1856 pbBuf[5] = 0x02; /* medium present / door closed */
1857 pbBuf[6] = 0x00;
1858 pbBuf[7] = 0x00;
1859 break;
1860
1861 case ATA_EVENT_STATUS_UNCHANGED:
1862 default:
1863 ataH2BE_U16(pbBuf + 0, 6);
1864 pbBuf[2] = 0x01; /* operational change request / notification */
1865 pbBuf[3] = 0x5e; /* supported = busy|media|external|power|operational */
1866 pbBuf[4] = 0x00;
1867 pbBuf[5] = 0x00;
1868 pbBuf[6] = 0x00;
1869 pbBuf[7] = 0x00;
1870 break;
1871 }
1872 } while (!ASMAtomicCmpXchgU32(&s->MediaEventStatus, NewStatus, OldStatus));
1873
1874 s->iSourceSink = ATAFN_SS_NULL;
1875 atapiCmdOK(s);
1876 return false;
1877}
1878
1879
1880static bool atapiInquirySS(AHCIATADevState *s)
1881{
1882 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1883
1884 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1885 Assert(s->cbElementaryTransfer <= 36);
1886 pbBuf[0] = 0x05; /* CD-ROM */
1887 pbBuf[1] = 0x80; /* removable */
1888#if 1/*ndef VBOX*/ /** @todo implement MESN + AENC. (async notification on removal and stuff.) */
1889 pbBuf[2] = 0x00; /* ISO */
1890 pbBuf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1891#else
1892 pbBuf[2] = 0x00; /* ISO */
1893 pbBuf[3] = 0x91; /* format 1, MESN=1, AENC=9 ??? */
1894#endif
1895 pbBuf[4] = 31; /* additional length */
1896 pbBuf[5] = 0; /* reserved */
1897 pbBuf[6] = 0; /* reserved */
1898 pbBuf[7] = 0; /* reserved */
1899 ataSCSIPadStr(pbBuf + 8, s->pszInquiryVendorId, 8);
1900 ataSCSIPadStr(pbBuf + 16, s->pszInquiryProductId, 16);
1901 ataSCSIPadStr(pbBuf + 32, s->pszInquiryRevision, 4);
1902 s->iSourceSink = ATAFN_SS_NULL;
1903 atapiCmdOK(s);
1904 return false;
1905}
1906
1907
1908static bool atapiModeSenseErrorRecoverySS(AHCIATADevState *s)
1909{
1910 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1911
1912 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1913 Assert(s->cbElementaryTransfer <= 16);
1914 ataH2BE_U16(&pbBuf[0], 16 + 6);
1915 pbBuf[2] = 0x70;
1916 pbBuf[3] = 0;
1917 pbBuf[4] = 0;
1918 pbBuf[5] = 0;
1919 pbBuf[6] = 0;
1920 pbBuf[7] = 0;
1921
1922 pbBuf[8] = 0x01;
1923 pbBuf[9] = 0x06;
1924 pbBuf[10] = 0x00;
1925 pbBuf[11] = 0x05;
1926 pbBuf[12] = 0x00;
1927 pbBuf[13] = 0x00;
1928 pbBuf[14] = 0x00;
1929 pbBuf[15] = 0x00;
1930 s->iSourceSink = ATAFN_SS_NULL;
1931 atapiCmdOK(s);
1932 return false;
1933}
1934
1935
1936static bool atapiModeSenseCDStatusSS(AHCIATADevState *s)
1937{
1938 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1939
1940 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1941 Assert(s->cbElementaryTransfer <= 40);
1942 ataH2BE_U16(&pbBuf[0], 38);
1943 pbBuf[2] = 0x70;
1944 pbBuf[3] = 0;
1945 pbBuf[4] = 0;
1946 pbBuf[5] = 0;
1947 pbBuf[6] = 0;
1948 pbBuf[7] = 0;
1949
1950 pbBuf[8] = 0x2a;
1951 pbBuf[9] = 30; /* page length */
1952 pbBuf[10] = 0x08; /* DVD-ROM read support */
1953 pbBuf[11] = 0x00; /* no write support */
1954 /* The following claims we support audio play. This is obviously false,
1955 * but the Linux generic CDROM support makes many features depend on this
1956 * capability. If it's not set, this causes many things to be disabled. */
1957 pbBuf[12] = 0x71; /* multisession support, mode 2 form 1/2 support, audio play */
1958 pbBuf[13] = 0x00; /* no subchannel reads supported */
1959 pbBuf[14] = (1 << 0) | (1 << 3) | (1 << 5); /* lock supported, eject supported, tray type loading mechanism */
1960 if (s->pDrvMount->pfnIsLocked(s->pDrvMount))
1961 pbBuf[14] |= 1 << 1; /* report lock state */
1962 pbBuf[15] = 0; /* no subchannel reads supported, no separate audio volume control, no changer etc. */
1963 ataH2BE_U16(&pbBuf[16], 5632); /* (obsolete) claim 32x speed support */
1964 ataH2BE_U16(&pbBuf[18], 2); /* number of audio volume levels */
1965 ataH2BE_U16(&pbBuf[20], s->cbIOBuffer / _1K); /* buffer size supported in Kbyte */
1966 ataH2BE_U16(&pbBuf[22], 5632); /* (obsolete) current read speed 32x */
1967 pbBuf[24] = 0; /* reserved */
1968 pbBuf[25] = 0; /* reserved for digital audio (see idx 15) */
1969 ataH2BE_U16(&pbBuf[26], 0); /* (obsolete) maximum write speed */
1970 ataH2BE_U16(&pbBuf[28], 0); /* (obsolete) current write speed */
1971 ataH2BE_U16(&pbBuf[30], 0); /* copy management revision supported 0=no CSS */
1972 pbBuf[32] = 0; /* reserved */
1973 pbBuf[33] = 0; /* reserved */
1974 pbBuf[34] = 0; /* reserved */
1975 pbBuf[35] = 1; /* rotation control CAV */
1976 ataH2BE_U16(&pbBuf[36], 0); /* current write speed */
1977 ataH2BE_U16(&pbBuf[38], 0); /* number of write speed performance descriptors */
1978 s->iSourceSink = ATAFN_SS_NULL;
1979 atapiCmdOK(s);
1980 return false;
1981}
1982
1983
1984static bool atapiRequestSenseSS(AHCIATADevState *s)
1985{
1986 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
1987
1988 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1989 memset(pbBuf, '\0', s->cbElementaryTransfer);
1990 memcpy(pbBuf, s->abATAPISense, RT_MIN(s->cbElementaryTransfer, sizeof(s->abATAPISense)));
1991 s->iSourceSink = ATAFN_SS_NULL;
1992 atapiCmdOK(s);
1993 return false;
1994}
1995
1996
1997static bool atapiMechanismStatusSS(AHCIATADevState *s)
1998{
1999 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
2000
2001 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
2002 Assert(s->cbElementaryTransfer <= 8);
2003 ataH2BE_U16(pbBuf, 0);
2004 /* no current LBA */
2005 pbBuf[2] = 0;
2006 pbBuf[3] = 0;
2007 pbBuf[4] = 0;
2008 pbBuf[5] = 1;
2009 ataH2BE_U16(pbBuf + 6, 0);
2010 s->iSourceSink = ATAFN_SS_NULL;
2011 atapiCmdOK(s);
2012 return false;
2013}
2014
2015
2016static bool atapiReadTOCNormalSS(AHCIATADevState *s)
2017{
2018 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer), *q, iStartTrack;
2019 bool fMSF;
2020 uint32_t cbSize;
2021
2022 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
2023 fMSF = (s->aATAPICmd[1] >> 1) & 1;
2024 iStartTrack = s->aATAPICmd[6];
2025 if (iStartTrack > 1 && iStartTrack != 0xaa)
2026 {
2027 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2028 return false;
2029 }
2030 q = pbBuf + 2;
2031 *q++ = 1; /* first session */
2032 *q++ = 1; /* last session */
2033 if (iStartTrack <= 1)
2034 {
2035 *q++ = 0; /* reserved */
2036 *q++ = 0x14; /* ADR, control */
2037 *q++ = 1; /* track number */
2038 *q++ = 0; /* reserved */
2039 if (fMSF)
2040 {
2041 *q++ = 0; /* reserved */
2042 ataLBA2MSF(q, 0);
2043 q += 3;
2044 }
2045 else
2046 {
2047 /* sector 0 */
2048 ataH2BE_U32(q, 0);
2049 q += 4;
2050 }
2051 }
2052 /* lead out track */
2053 *q++ = 0; /* reserved */
2054 *q++ = 0x14; /* ADR, control */
2055 *q++ = 0xaa; /* track number */
2056 *q++ = 0; /* reserved */
2057 if (fMSF)
2058 {
2059 *q++ = 0; /* reserved */
2060 ataLBA2MSF(q, s->cTotalSectors);
2061 q += 3;
2062 }
2063 else
2064 {
2065 ataH2BE_U32(q, s->cTotalSectors);
2066 q += 4;
2067 }
2068 cbSize = q - pbBuf;
2069 ataH2BE_U16(pbBuf, cbSize - 2);
2070 if (cbSize < s->cbTotalTransfer)
2071 s->cbTotalTransfer = cbSize;
2072 s->iSourceSink = ATAFN_SS_NULL;
2073 atapiCmdOK(s);
2074 return false;
2075}
2076
2077
2078static bool atapiReadTOCMultiSS(AHCIATADevState *s)
2079{
2080 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer);
2081 bool fMSF;
2082
2083 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
2084 Assert(s->cbElementaryTransfer <= 12);
2085 fMSF = (s->aATAPICmd[1] >> 1) & 1;
2086 /* multi session: only a single session defined */
2087/** @todo double-check this stuff against what a real drive says for a CD-ROM (not a CD-R) with only a single data session. Maybe solve the problem with "cdrdao read-toc" not being able to figure out whether numbers are in BCD or hex. */
2088 memset(pbBuf, 0, 12);
2089 pbBuf[1] = 0x0a;
2090 pbBuf[2] = 0x01;
2091 pbBuf[3] = 0x01;
2092 pbBuf[5] = 0x14; /* ADR, control */
2093 pbBuf[6] = 1; /* first track in last complete session */
2094 if (fMSF)
2095 {
2096 pbBuf[8] = 0; /* reserved */
2097 ataLBA2MSF(&pbBuf[9], 0);
2098 }
2099 else
2100 {
2101 /* sector 0 */
2102 ataH2BE_U32(pbBuf + 8, 0);
2103 }
2104 s->iSourceSink = ATAFN_SS_NULL;
2105 atapiCmdOK(s);
2106 return false;
2107}
2108
2109
2110static bool atapiReadTOCRawSS(AHCIATADevState *s)
2111{
2112 uint8_t *pbBuf = s->CTXALLSUFF(pbIOBuffer), *q, iStartTrack;
2113 bool fMSF;
2114 uint32_t cbSize;
2115
2116 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
2117 fMSF = (s->aATAPICmd[1] >> 1) & 1;
2118 iStartTrack = s->aATAPICmd[6];
2119
2120 q = pbBuf + 2;
2121 *q++ = 1; /* first session */
2122 *q++ = 1; /* last session */
2123
2124 *q++ = 1; /* session number */
2125 *q++ = 0x14; /* data track */
2126 *q++ = 0; /* track number */
2127 *q++ = 0xa0; /* first track in program area */
2128 *q++ = 0; /* min */
2129 *q++ = 0; /* sec */
2130 *q++ = 0; /* frame */
2131 *q++ = 0;
2132 *q++ = 1; /* first track */
2133 *q++ = 0x00; /* disk type CD-DA or CD data */
2134 *q++ = 0;
2135
2136 *q++ = 1; /* session number */
2137 *q++ = 0x14; /* data track */
2138 *q++ = 0; /* track number */
2139 *q++ = 0xa1; /* last track in program area */
2140 *q++ = 0; /* min */
2141 *q++ = 0; /* sec */
2142 *q++ = 0; /* frame */
2143 *q++ = 0;
2144 *q++ = 1; /* last track */
2145 *q++ = 0;
2146 *q++ = 0;
2147
2148 *q++ = 1; /* session number */
2149 *q++ = 0x14; /* data track */
2150 *q++ = 0; /* track number */
2151 *q++ = 0xa2; /* lead-out */
2152 *q++ = 0; /* min */
2153 *q++ = 0; /* sec */
2154 *q++ = 0; /* frame */
2155 if (fMSF)
2156 {
2157 *q++ = 0; /* reserved */
2158 ataLBA2MSF(q, s->cTotalSectors);
2159 q += 3;
2160 }
2161 else
2162 {
2163 ataH2BE_U32(q, s->cTotalSectors);
2164 q += 4;
2165 }
2166
2167 *q++ = 1; /* session number */
2168 *q++ = 0x14; /* ADR, control */
2169 *q++ = 0; /* track number */
2170 *q++ = 1; /* point */
2171 *q++ = 0; /* min */
2172 *q++ = 0; /* sec */
2173 *q++ = 0; /* frame */
2174 if (fMSF)
2175 {
2176 *q++ = 0; /* reserved */
2177 ataLBA2MSF(q, 0);
2178 q += 3;
2179 }
2180 else
2181 {
2182 /* sector 0 */
2183 ataH2BE_U32(q, 0);
2184 q += 4;
2185 }
2186
2187 cbSize = q - pbBuf;
2188 ataH2BE_U16(pbBuf, cbSize - 2);
2189 if (cbSize < s->cbTotalTransfer)
2190 s->cbTotalTransfer = cbSize;
2191 s->iSourceSink = ATAFN_SS_NULL;
2192 atapiCmdOK(s);
2193 return false;
2194}
2195
2196
2197static void atapiParseCmdVirtualATAPI(AHCIATADevState *s)
2198{
2199 const uint8_t *pbPacket;
2200 uint8_t *pbBuf;
2201 uint32_t cbMax;
2202
2203 pbPacket = s->aATAPICmd;
2204 pbBuf = s->CTXALLSUFF(pbIOBuffer);
2205 switch (pbPacket[0])
2206 {
2207 case SCSI_TEST_UNIT_READY:
2208 if (s->cNotifiedMediaChange > 0)
2209 {
2210 if (s->cNotifiedMediaChange-- > 2)
2211 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2212 else
2213 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2214 }
2215 else if (s->pDrvMount->pfnIsMounted(s->pDrvMount))
2216 atapiCmdOK(s);
2217 else
2218 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2219 break;
2220 case SCSI_GET_EVENT_STATUS_NOTIFICATION:
2221 cbMax = ataBE2H_U16(pbPacket + 7);
2222 ataStartTransfer(s, RT_MIN(cbMax, 8), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_GET_EVENT_STATUS_NOTIFICATION, true);
2223 break;
2224 case SCSI_MODE_SENSE_10:
2225 {
2226 uint8_t uPageControl, uPageCode;
2227 cbMax = ataBE2H_U16(pbPacket + 7);
2228 uPageControl = pbPacket[2] >> 6;
2229 uPageCode = pbPacket[2] & 0x3f;
2230 switch (uPageControl)
2231 {
2232 case SCSI_PAGECONTROL_CURRENT:
2233 switch (uPageCode)
2234 {
2235 case SCSI_MODEPAGE_ERROR_RECOVERY:
2236 ataStartTransfer(s, RT_MIN(cbMax, 16), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_MODE_SENSE_ERROR_RECOVERY, true);
2237 break;
2238 case SCSI_MODEPAGE_CD_STATUS:
2239 ataStartTransfer(s, RT_MIN(cbMax, 40), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_MODE_SENSE_CD_STATUS, true);
2240 break;
2241 default:
2242 goto error_cmd;
2243 }
2244 break;
2245 case SCSI_PAGECONTROL_CHANGEABLE:
2246 goto error_cmd;
2247 case SCSI_PAGECONTROL_DEFAULT:
2248 goto error_cmd;
2249 default:
2250 case SCSI_PAGECONTROL_SAVED:
2251 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
2252 break;
2253 }
2254 }
2255 break;
2256 case SCSI_REQUEST_SENSE:
2257 cbMax = pbPacket[4];
2258 ataStartTransfer(s, RT_MIN(cbMax, 18), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_REQUEST_SENSE, true);
2259 break;
2260 case SCSI_PREVENT_ALLOW_MEDIUM_REMOVAL:
2261 if (s->pDrvMount->pfnIsMounted(s->pDrvMount))
2262 {
2263 if (pbPacket[4] & 1)
2264 s->pDrvMount->pfnLock(s->pDrvMount);
2265 else
2266 s->pDrvMount->pfnUnlock(s->pDrvMount);
2267 atapiCmdOK(s);
2268 }
2269 else
2270 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2271 break;
2272 case SCSI_READ_10:
2273 case SCSI_READ_12:
2274 {
2275 uint32_t cSectors, iATAPILBA;
2276
2277 if (s->cNotifiedMediaChange > 0)
2278 {
2279 s->cNotifiedMediaChange-- ;
2280 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2281 break;
2282 }
2283 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
2284 {
2285 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2286 break;
2287 }
2288 if (pbPacket[0] == SCSI_READ_10)
2289 cSectors = ataBE2H_U16(pbPacket + 7);
2290 else
2291 cSectors = ataBE2H_U32(pbPacket + 6);
2292 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2293 if (cSectors == 0)
2294 {
2295 atapiCmdOK(s);
2296 break;
2297 }
2298 if ((uint64_t)iATAPILBA + cSectors > s->cTotalSectors)
2299 {
2300 /* Rate limited logging, one log line per second. For
2301 * guests that insist on reading from places outside the
2302 * valid area this often generates too many release log
2303 * entries otherwise. */
2304 static uint64_t uLastLogTS = 0;
2305 if (RTTimeMilliTS() >= uLastLogTS + 1000)
2306 {
2307 LogRel(("AHCI ATA: LUN#%d: CD-ROM block number %Ld invalid (READ)\n", s->iLUN, (uint64_t)iATAPILBA + cSectors));
2308 uLastLogTS = RTTimeMilliTS();
2309 }
2310 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_LOGICAL_BLOCK_OOR);
2311 break;
2312 }
2313 atapiReadSectors(s, iATAPILBA, cSectors, 2048);
2314 }
2315 break;
2316 case SCSI_READ_CD:
2317 {
2318 uint32_t cSectors, iATAPILBA;
2319
2320 if (s->cNotifiedMediaChange > 0)
2321 {
2322 s->cNotifiedMediaChange-- ;
2323 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2324 break;
2325 }
2326 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
2327 {
2328 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2329 break;
2330 }
2331 cSectors = (pbPacket[6] << 16) | (pbPacket[7] << 8) | pbPacket[8];
2332 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2333 if (cSectors == 0)
2334 {
2335 atapiCmdOK(s);
2336 break;
2337 }
2338 if ((uint64_t)iATAPILBA + cSectors > s->cTotalSectors)
2339 {
2340 /* Rate limited logging, one log line per second. For
2341 * guests that insist on reading from places outside the
2342 * valid area this often generates too many release log
2343 * entries otherwise. */
2344 static uint64_t uLastLogTS = 0;
2345 if (RTTimeMilliTS() >= uLastLogTS + 1000)
2346 {
2347 LogRel(("AHCI ATA: LUN#%d: CD-ROM block number %Ld invalid (READ CD)\n", s->iLUN, (uint64_t)iATAPILBA + cSectors));
2348 uLastLogTS = RTTimeMilliTS();
2349 }
2350 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_LOGICAL_BLOCK_OOR);
2351 break;
2352 }
2353 switch (pbPacket[9] & 0xf8)
2354 {
2355 case 0x00:
2356 /* nothing */
2357 atapiCmdOK(s);
2358 break;
2359 case 0x10:
2360 /* normal read */
2361 atapiReadSectors(s, iATAPILBA, cSectors, 2048);
2362 break;
2363 case 0xf8:
2364 /* read all data */
2365 atapiReadSectors(s, iATAPILBA, cSectors, 2352);
2366 break;
2367 default:
2368 LogRel(("AHCI ATA: LUN#%d: CD-ROM sector format not supported\n", s->iLUN));
2369 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2370 break;
2371 }
2372 }
2373 break;
2374 case SCSI_SEEK_10:
2375 {
2376 uint32_t iATAPILBA;
2377 if (s->cNotifiedMediaChange > 0)
2378 {
2379 s->cNotifiedMediaChange-- ;
2380 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2381 break;
2382 }
2383 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
2384 {
2385 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2386 break;
2387 }
2388 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2389 if (iATAPILBA > s->cTotalSectors)
2390 {
2391 /* Rate limited logging, one log line per second. For
2392 * guests that insist on seeking to places outside the
2393 * valid area this often generates too many release log
2394 * entries otherwise. */
2395 static uint64_t uLastLogTS = 0;
2396 if (RTTimeMilliTS() >= uLastLogTS + 1000)
2397 {
2398 LogRel(("AHCI ATA: LUN#%d: CD-ROM block number %Ld invalid (SEEK)\n", s->iLUN, (uint64_t)iATAPILBA));
2399 uLastLogTS = RTTimeMilliTS();
2400 }
2401 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_LOGICAL_BLOCK_OOR);
2402 break;
2403 }
2404 atapiCmdOK(s);
2405 ataSetStatus(s, ATA_STAT_SEEK); /* Linux expects this. */
2406 }
2407 break;
2408 case SCSI_START_STOP_UNIT:
2409 {
2410 int rc = VINF_SUCCESS;
2411 switch (pbPacket[4] & 3)
2412 {
2413 case 0: /* 00 - Stop motor */
2414 case 1: /* 01 - Start motor */
2415 break;
2416 case 2: /* 10 - Eject media */
2417 {
2418 /* This must be done from EMT. */
2419 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
2420 PPDMDEVINS pDevIns = ATADEVSTATE_2_DEVINS(s);
2421
2422 PDMCritSectLeave(&pCtl->lock);
2423 rc = VMR3ReqPriorityCallWait(PDMDevHlpGetVM(pDevIns), VMCPUID_ANY,
2424 (PFNRT)s->pDrvMount->pfnUnmount, 3, s->pDrvMount,
2425 false /*=fForce*/, true /*=fEeject*/);
2426 Assert(RT_SUCCESS(rc) || (rc == VERR_PDM_MEDIA_LOCKED) || (rc = VERR_PDM_MEDIA_NOT_MOUNTED));
2427 if (RT_SUCCESS(rc) && pCtl->pMediaNotify)
2428 {
2429 rc = VMR3ReqCallNoWait(PDMDevHlpGetVM(pDevIns), VMCPUID_ANY,
2430 (PFNRT)pCtl->pMediaNotify->pfnEjected, 2,
2431 pCtl->pMediaNotify, s->iLUN);
2432 AssertRC(rc);
2433 }
2434 {
2435 STAM_PROFILE_START(&pCtl->StatLockWait, a);
2436 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
2437 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
2438 }
2439 break;
2440 }
2441 case 3: /* 11 - Load media */
2442 /** @todo rc = s->pDrvMount->pfnLoadMedia(s->pDrvMount) */
2443 break;
2444 }
2445 if (RT_SUCCESS(rc))
2446 atapiCmdOK(s);
2447 else
2448 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIA_LOAD_OR_EJECT_FAILED);
2449 }
2450 break;
2451 case SCSI_MECHANISM_STATUS:
2452 {
2453 cbMax = ataBE2H_U16(pbPacket + 8);
2454 ataStartTransfer(s, RT_MIN(cbMax, 8), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_MECHANISM_STATUS, true);
2455 }
2456 break;
2457 case SCSI_READ_TOC_PMA_ATIP:
2458 {
2459 uint8_t format;
2460
2461 if (s->cNotifiedMediaChange > 0)
2462 {
2463 s->cNotifiedMediaChange-- ;
2464 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2465 break;
2466 }
2467 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
2468 {
2469 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2470 break;
2471 }
2472 cbMax = ataBE2H_U16(pbPacket + 7);
2473 /* SCSI MMC-3 spec says format is at offset 2 (lower 4 bits),
2474 * but Linux kernel uses offset 9 (topmost 2 bits). Hope that
2475 * the other field is clear... */
2476 format = (pbPacket[2] & 0xf) | (pbPacket[9] >> 6);
2477 switch (format)
2478 {
2479 case 0:
2480 ataStartTransfer(s, cbMax, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_TOC_NORMAL, true);
2481 break;
2482 case 1:
2483 ataStartTransfer(s, RT_MIN(cbMax, 12), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_TOC_MULTI, true);
2484 break;
2485 case 2:
2486 ataStartTransfer(s, cbMax, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_TOC_RAW, true);
2487 break;
2488 default:
2489 error_cmd:
2490 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2491 break;
2492 }
2493 }
2494 break;
2495 case SCSI_READ_CAPACITY:
2496 if (s->cNotifiedMediaChange > 0)
2497 {
2498 s->cNotifiedMediaChange-- ;
2499 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2500 break;
2501 }
2502 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
2503 {
2504 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2505 break;
2506 }
2507 ataStartTransfer(s, 8, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_CAPACITY, true);
2508 break;
2509 case SCSI_READ_DISC_INFORMATION:
2510 if (s->cNotifiedMediaChange > 0)
2511 {
2512 s->cNotifiedMediaChange-- ;
2513 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2514 break;
2515 }
2516 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
2517 {
2518 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2519 break;
2520 }
2521 cbMax = ataBE2H_U16(pbPacket + 7);
2522 ataStartTransfer(s, RT_MIN(cbMax, 34), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_DISC_INFORMATION, true);
2523 break;
2524 case SCSI_READ_TRACK_INFORMATION:
2525 if (s->cNotifiedMediaChange > 0)
2526 {
2527 s->cNotifiedMediaChange-- ;
2528 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2529 break;
2530 }
2531 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
2532 {
2533 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2534 break;
2535 }
2536 cbMax = ataBE2H_U16(pbPacket + 7);
2537 ataStartTransfer(s, RT_MIN(cbMax, 36), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_TRACK_INFORMATION, true);
2538 break;
2539 case SCSI_GET_CONFIGURATION:
2540 /* No media change stuff here, it can confuse Linux guests. */
2541 cbMax = ataBE2H_U16(pbPacket + 7);
2542 ataStartTransfer(s, RT_MIN(cbMax, 80), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_GET_CONFIGURATION, true);
2543 break;
2544 case SCSI_INQUIRY:
2545 cbMax = ataBE2H_U16(pbPacket + 3);
2546 ataStartTransfer(s, RT_MIN(cbMax, 36), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_INQUIRY, true);
2547 break;
2548 default:
2549 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_ILLEGAL_OPCODE);
2550 break;
2551 }
2552}
2553
2554
2555/*
2556 * Parse ATAPI commands, passing them directly to the CD/DVD drive.
2557 */
2558static void atapiParseCmdPassthrough(AHCIATADevState *s)
2559{
2560 const uint8_t *pbPacket;
2561 uint8_t *pbBuf;
2562 uint32_t cSectors, iATAPILBA;
2563 uint32_t cbTransfer = 0;
2564 PDMBLOCKTXDIR uTxDir = PDMBLOCKTXDIR_NONE;
2565
2566 pbPacket = s->aATAPICmd;
2567 pbBuf = s->CTXALLSUFF(pbIOBuffer);
2568 switch (pbPacket[0])
2569 {
2570 case SCSI_BLANK:
2571 goto sendcmd;
2572 case SCSI_CLOSE_TRACK_SESSION:
2573 goto sendcmd;
2574 case SCSI_ERASE_10:
2575 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2576 cbTransfer = ataBE2H_U16(pbPacket + 7);
2577 Log2(("ATAPI PT: lba %d\n", iATAPILBA));
2578 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2579 goto sendcmd;
2580 case SCSI_FORMAT_UNIT:
2581 cbTransfer = s->uATARegLCyl | (s->uATARegHCyl << 8); /* use ATAPI transfer length */
2582 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2583 goto sendcmd;
2584 case SCSI_GET_CONFIGURATION:
2585 cbTransfer = ataBE2H_U16(pbPacket + 7);
2586 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2587 goto sendcmd;
2588 case SCSI_GET_EVENT_STATUS_NOTIFICATION:
2589 cbTransfer = ataBE2H_U16(pbPacket + 7);
2590 if (ASMAtomicReadU32(&s->MediaEventStatus) != ATA_EVENT_STATUS_UNCHANGED)
2591 {
2592 ataStartTransfer(s, RT_MIN(cbTransfer, 8), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_GET_EVENT_STATUS_NOTIFICATION, true);
2593 break;
2594 }
2595 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2596 goto sendcmd;
2597 case SCSI_GET_PERFORMANCE:
2598 cbTransfer = s->uATARegLCyl | (s->uATARegHCyl << 8); /* use ATAPI transfer length */
2599 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2600 goto sendcmd;
2601 case SCSI_INQUIRY:
2602 cbTransfer = ataBE2H_U16(pbPacket + 3);
2603 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2604 goto sendcmd;
2605 case SCSI_LOAD_UNLOAD_MEDIUM:
2606 goto sendcmd;
2607 case SCSI_MECHANISM_STATUS:
2608 cbTransfer = ataBE2H_U16(pbPacket + 8);
2609 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2610 goto sendcmd;
2611 case SCSI_MODE_SELECT_10:
2612 cbTransfer = ataBE2H_U16(pbPacket + 7);
2613 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2614 goto sendcmd;
2615 case SCSI_MODE_SENSE_10:
2616 cbTransfer = ataBE2H_U16(pbPacket + 7);
2617 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2618 goto sendcmd;
2619 case SCSI_PAUSE_RESUME:
2620 goto sendcmd;
2621 case SCSI_PLAY_AUDIO_10:
2622 goto sendcmd;
2623 case SCSI_PLAY_AUDIO_12:
2624 goto sendcmd;
2625 case SCSI_PLAY_AUDIO_MSF:
2626 goto sendcmd;
2627 case SCSI_PREVENT_ALLOW_MEDIUM_REMOVAL:
2628 /** @todo do not forget to unlock when a VM is shut down */
2629 goto sendcmd;
2630 case SCSI_READ_10:
2631 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2632 cSectors = ataBE2H_U16(pbPacket + 7);
2633 Log2(("ATAPI PT: lba %d sectors %d\n", iATAPILBA, cSectors));
2634 s->cbATAPISector = 2048; /**< @todo this size is not always correct */
2635 cbTransfer = cSectors * s->cbATAPISector;
2636 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2637 goto sendcmd;
2638 case SCSI_READ_12:
2639 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2640 cSectors = ataBE2H_U32(pbPacket + 6);
2641 Log2(("ATAPI PT: lba %d sectors %d\n", iATAPILBA, cSectors));
2642 s->cbATAPISector = 2048; /**< @todo this size is not always correct */
2643 cbTransfer = cSectors * s->cbATAPISector;
2644 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2645 goto sendcmd;
2646 case SCSI_READ_BUFFER:
2647 cbTransfer = ataBE2H_U24(pbPacket + 6);
2648 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2649 goto sendcmd;
2650 case SCSI_READ_BUFFER_CAPACITY:
2651 cbTransfer = ataBE2H_U16(pbPacket + 7);
2652 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2653 goto sendcmd;
2654 case SCSI_READ_CAPACITY:
2655 cbTransfer = 8;
2656 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2657 goto sendcmd;
2658 case SCSI_READ_CD:
2659 s->cbATAPISector = 2048; /**< @todo this size is not always correct */
2660 cbTransfer = ataBE2H_U24(pbPacket + 6) / s->cbATAPISector * s->cbATAPISector;
2661 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2662 goto sendcmd;
2663 case SCSI_READ_CD_MSF:
2664 cSectors = ataMSF2LBA(pbPacket + 6) - ataMSF2LBA(pbPacket + 3);
2665 if (cSectors > 32)
2666 cSectors = 32; /* Limit transfer size to 64~74K. Safety first. In any case this can only harm software doing CDDA extraction. */
2667 s->cbATAPISector = 2048; /**< @todo this size is not always correct */
2668 cbTransfer = cSectors * s->cbATAPISector;
2669 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2670 goto sendcmd;
2671 case SCSI_READ_DISC_INFORMATION:
2672 cbTransfer = ataBE2H_U16(pbPacket + 7);
2673 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2674 goto sendcmd;
2675 case SCSI_READ_DVD_STRUCTURE:
2676 cbTransfer = ataBE2H_U16(pbPacket + 8);
2677 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2678 goto sendcmd;
2679 case SCSI_READ_FORMAT_CAPACITIES:
2680 cbTransfer = ataBE2H_U16(pbPacket + 7);
2681 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2682 goto sendcmd;
2683 case SCSI_READ_SUBCHANNEL:
2684 cbTransfer = ataBE2H_U16(pbPacket + 7);
2685 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2686 goto sendcmd;
2687 case SCSI_READ_TOC_PMA_ATIP:
2688 cbTransfer = ataBE2H_U16(pbPacket + 7);
2689 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2690 goto sendcmd;
2691 case SCSI_READ_TRACK_INFORMATION:
2692 cbTransfer = ataBE2H_U16(pbPacket + 7);
2693 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2694 goto sendcmd;
2695 case SCSI_REPAIR_TRACK:
2696 goto sendcmd;
2697 case SCSI_REPORT_KEY:
2698 cbTransfer = ataBE2H_U16(pbPacket + 8);
2699 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2700 goto sendcmd;
2701 case SCSI_REQUEST_SENSE:
2702 cbTransfer = pbPacket[4];
2703 if ((s->abATAPISense[2] & 0x0f) != SCSI_SENSE_NONE)
2704 {
2705 ataStartTransfer(s, RT_MIN(cbTransfer, 18), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_REQUEST_SENSE, true);
2706 break;
2707 }
2708 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2709 goto sendcmd;
2710 case SCSI_RESERVE_TRACK:
2711 goto sendcmd;
2712 case SCSI_SCAN:
2713 goto sendcmd;
2714 case SCSI_SEEK_10:
2715 goto sendcmd;
2716 case SCSI_SEND_CUE_SHEET:
2717 cbTransfer = ataBE2H_U24(pbPacket + 6);
2718 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2719 goto sendcmd;
2720 case SCSI_SEND_DVD_STRUCTURE:
2721 cbTransfer = ataBE2H_U16(pbPacket + 8);
2722 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2723 goto sendcmd;
2724 case SCSI_SEND_EVENT:
2725 cbTransfer = ataBE2H_U16(pbPacket + 8);
2726 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2727 goto sendcmd;
2728 case SCSI_SEND_KEY:
2729 cbTransfer = ataBE2H_U16(pbPacket + 8);
2730 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2731 goto sendcmd;
2732 case SCSI_SEND_OPC_INFORMATION:
2733 cbTransfer = ataBE2H_U16(pbPacket + 7);
2734 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2735 goto sendcmd;
2736 case SCSI_SET_CD_SPEED:
2737 goto sendcmd;
2738 case SCSI_SET_READ_AHEAD:
2739 goto sendcmd;
2740 case SCSI_SET_STREAMING:
2741 cbTransfer = ataBE2H_U16(pbPacket + 9);
2742 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2743 goto sendcmd;
2744 case SCSI_START_STOP_UNIT:
2745 goto sendcmd;
2746 case SCSI_STOP_PLAY_SCAN:
2747 goto sendcmd;
2748 case SCSI_SYNCHRONIZE_CACHE:
2749 goto sendcmd;
2750 case SCSI_TEST_UNIT_READY:
2751 goto sendcmd;
2752 case SCSI_VERIFY_10:
2753 goto sendcmd;
2754 case SCSI_WRITE_10:
2755 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2756 cSectors = ataBE2H_U16(pbPacket + 7);
2757 Log2(("ATAPI PT: lba %d sectors %d\n", iATAPILBA, cSectors));
2758#if 0
2759 /* The sector size is determined by the async I/O thread. */
2760 s->cbATAPISector = 0;
2761 /* Preliminary, will be corrected once the sector size is known. */
2762 cbTransfer = cSectors;
2763#else
2764 s->cbATAPISector = 2048; /**< @todo this size is not always correct */
2765 cbTransfer = cSectors * s->cbATAPISector;
2766#endif
2767 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2768 goto sendcmd;
2769 case SCSI_WRITE_12:
2770 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2771 cSectors = ataBE2H_U32(pbPacket + 6);
2772 Log2(("ATAPI PT: lba %d sectors %d\n", iATAPILBA, cSectors));
2773#if 0
2774 /* The sector size is determined by the async I/O thread. */
2775 s->cbATAPISector = 0;
2776 /* Preliminary, will be corrected once the sector size is known. */
2777 cbTransfer = cSectors;
2778#else
2779 s->cbATAPISector = 2048; /**< @todo this size is not always correct */
2780 cbTransfer = cSectors * s->cbATAPISector;
2781#endif
2782 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2783 goto sendcmd;
2784 case SCSI_WRITE_AND_VERIFY_10:
2785 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2786 cSectors = ataBE2H_U16(pbPacket + 7);
2787 Log2(("ATAPI PT: lba %d sectors %d\n", iATAPILBA, cSectors));
2788 /* The sector size is determined by the async I/O thread. */
2789 s->cbATAPISector = 0;
2790 /* Preliminary, will be corrected once the sector size is known. */
2791 cbTransfer = cSectors;
2792 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2793 goto sendcmd;
2794 case SCSI_WRITE_BUFFER:
2795 switch (pbPacket[1] & 0x1f)
2796 {
2797 case 0x04: /* download microcode */
2798 case 0x05: /* download microcode and save */
2799 case 0x06: /* download microcode with offsets */
2800 case 0x07: /* download microcode with offsets and save */
2801 case 0x0e: /* download microcode with offsets and defer activation */
2802 case 0x0f: /* activate deferred microcode */
2803 LogRel(("AHCI ATA: LUN#%d: CD-ROM passthrough command attempted to update firmware, blocked\n", s->iLUN));
2804 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2805 break;
2806 default:
2807 cbTransfer = ataBE2H_U16(pbPacket + 6);
2808 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
2809 goto sendcmd;
2810 }
2811 break;
2812 case SCSI_REPORT_LUNS: /* Not part of MMC-3, but used by Windows. */
2813 cbTransfer = ataBE2H_U32(pbPacket + 6);
2814 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
2815 goto sendcmd;
2816 case SCSI_REZERO_UNIT:
2817 /* Obsolete command used by cdrecord. What else would one expect?
2818 * This command is not sent to the drive, it is handled internally,
2819 * as the Linux kernel doesn't like it (message "scsi: unknown
2820 * opcode 0x01" in syslog) and replies with a sense code of 0,
2821 * which sends cdrecord to an endless loop. */
2822 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_ILLEGAL_OPCODE);
2823 break;
2824 default:
2825 LogRel(("AHCI ATA: LUN#%d: passthrough unimplemented for command %#x\n", s->iLUN, pbPacket[0]));
2826 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_ILLEGAL_OPCODE);
2827 break;
2828 sendcmd:
2829 /* Send a command to the drive, passing data in/out as required. */
2830 Log2(("ATAPI PT: max size %d\n", cbTransfer));
2831 Assert(cbTransfer <= s->cbIOBuffer);
2832 if (cbTransfer == 0)
2833 uTxDir = PDMBLOCKTXDIR_NONE;
2834 ataStartTransfer(s, cbTransfer, uTxDir, ATAFN_BT_ATAPI_PASSTHROUGH_CMD, ATAFN_SS_ATAPI_PASSTHROUGH, true);
2835 }
2836}
2837
2838
2839static void atapiParseCmd(AHCIATADevState *s)
2840{
2841 const uint8_t *pbPacket;
2842
2843 pbPacket = s->aATAPICmd;
2844#ifdef DEBUG
2845 Log(("%s: LUN#%d DMA=%d CMD=%#04x \"%s\"\n", __FUNCTION__, s->iLUN, s->fDMA, pbPacket[0], SCSICmdText(pbPacket[0])));
2846#else /* !DEBUG */
2847 Log(("%s: LUN#%d DMA=%d CMD=%#04x\n", __FUNCTION__, s->iLUN, s->fDMA, pbPacket[0]));
2848#endif /* !DEBUG */
2849 Log2(("%s: limit=%#x packet: %.*Rhxs\n", __FUNCTION__, s->uATARegLCyl | (s->uATARegHCyl << 8), ATAPI_PACKET_SIZE, pbPacket));
2850
2851 if (s->fATAPIPassthrough)
2852 atapiParseCmdPassthrough(s);
2853 else
2854 atapiParseCmdVirtualATAPI(s);
2855}
2856
2857
2858static bool ataPacketSS(AHCIATADevState *s)
2859{
2860 s->fDMA = !!(s->uATARegFeature & 1);
2861 memcpy(s->aATAPICmd, s->CTXALLSUFF(pbIOBuffer), ATAPI_PACKET_SIZE);
2862 s->uTxDir = PDMBLOCKTXDIR_NONE;
2863 s->cbTotalTransfer = 0;
2864 s->cbElementaryTransfer = 0;
2865 atapiParseCmd(s);
2866 return false;
2867}
2868
2869#if 0
2870
2871/**
2872 * SCSI_GET_EVENT_STATUS_NOTIFICATION should return "medium removed" event
2873 * from now on, regardless if there was a medium inserted or not.
2874 */
2875static void ataMediumRemoved(AHCIATADevState *s)
2876{
2877 ASMAtomicWriteU32(&s->MediaEventStatus, ATA_EVENT_STATUS_MEDIA_REMOVED);
2878}
2879
2880
2881/**
2882 * SCSI_GET_EVENT_STATUS_NOTIFICATION should return "medium inserted". If
2883 * there was already a medium inserted, don't forget to send the "medium
2884 * removed" event first.
2885 */
2886static void ataMediumInserted(AHCIATADevState *s)
2887{
2888 uint32_t OldStatus, NewStatus;
2889 do
2890 {
2891 OldStatus = ASMAtomicReadU32(&s->MediaEventStatus);
2892 switch (OldStatus)
2893 {
2894 case ATA_EVENT_STATUS_MEDIA_CHANGED:
2895 case ATA_EVENT_STATUS_MEDIA_REMOVED:
2896 /* no change, we will send "medium removed" + "medium inserted" */
2897 NewStatus = ATA_EVENT_STATUS_MEDIA_CHANGED;
2898 break;
2899 default:
2900 NewStatus = ATA_EVENT_STATUS_MEDIA_NEW;
2901 break;
2902 }
2903 } while (!ASMAtomicCmpXchgU32(&s->MediaEventStatus, NewStatus, OldStatus));
2904}
2905
2906
2907/**
2908 * Called when a media is mounted.
2909 *
2910 * @param pInterface Pointer to the interface structure containing the called function pointer.
2911 */
2912static DECLCALLBACK(void) ataMountNotify(PPDMIMOUNTNOTIFY pInterface)
2913{
2914 AHCIATADevState *pIf = PDMIMOUNTNOTIFY_2_ATASTATE(pInterface);
2915 Log(("%s: changing LUN#%d\n", __FUNCTION__, pIf->iLUN));
2916
2917 /* Ignore the call if we're called while being attached. */
2918 if (!pIf->pDrvBlock)
2919 return;
2920
2921 LogRel(("AHCI ATA: LUN#%d: CD/DVD, total number of sectors %Ld, passthrough unchanged\n", pIf->iLUN, pIf->cTotalSectors));
2922
2923 if (pIf->fATAPI)
2924 pIf->cTotalSectors = pIf->pDrvBlock->pfnGetSize(pIf->pDrvBlock) / 2048;
2925 else
2926 pIf->cTotalSectors = pIf->pDrvBlock->pfnGetSize(pIf->pDrvBlock) / 512;
2927
2928 /* Report media changed in TEST UNIT and other (probably incorrect) places. */
2929 if (pIf->cNotifiedMediaChange < 2)
2930 pIf->cNotifiedMediaChange = 2;
2931 ataMediumInserted(pIf);
2932}
2933
2934/**
2935 * Called when a media is unmounted
2936 * @param pInterface Pointer to the interface structure containing the called function pointer.
2937 */
2938static DECLCALLBACK(void) ataUnmountNotify(PPDMIMOUNTNOTIFY pInterface)
2939{
2940 AHCIATADevState *pIf = PDMIMOUNTNOTIFY_2_ATASTATE(pInterface);
2941 Log(("%s:\n", __FUNCTION__));
2942 pIf->cTotalSectors = 0;
2943
2944 /*
2945 * Whatever I do, XP will not use the GET MEDIA STATUS nor the EVENT stuff.
2946 * However, it will respond to TEST UNIT with a 0x6 0x28 (media changed) sense code.
2947 * So, we'll give it 4 TEST UNIT command to catch up, two which the media is not
2948 * present and 2 in which it is changed.
2949 */
2950 pIf->cNotifiedMediaChange = 4;
2951 ataMediumRemoved(pIf);
2952}
2953#endif
2954
2955static void ataPacketBT(AHCIATADevState *s)
2956{
2957 s->cbElementaryTransfer = s->cbTotalTransfer;
2958 s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_CD;
2959 Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
2960 ataSetStatusValue(s, ATA_STAT_READY);
2961}
2962
2963
2964static void ataResetDevice(AHCIATADevState *s)
2965{
2966 s->cMultSectors = ATA_MAX_MULT_SECTORS;
2967 s->cNotifiedMediaChange = 0;
2968 ASMAtomicWriteU32(&s->MediaEventStatus, ATA_EVENT_STATUS_UNCHANGED);
2969 ataUnsetIRQ(s);
2970
2971 s->uATARegSelect = 0x20;
2972 ataSetStatusValue(s, ATA_STAT_READY);
2973 ataSetSignature(s);
2974 s->cbTotalTransfer = 0;
2975 s->cbElementaryTransfer = 0;
2976 s->iIOBufferPIODataStart = 0;
2977 s->iIOBufferPIODataEnd = 0;
2978 s->iBeginTransfer = ATAFN_BT_NULL;
2979 s->iSourceSink = ATAFN_SS_NULL;
2980 s->fATAPITransfer = false;
2981 s->uATATransferMode = ATA_MODE_UDMA | 2; /* AHCI supports only up to UDMA2 */
2982
2983 s->uATARegFeature = 0;
2984}
2985
2986
2987static bool ataExecuteDeviceDiagnosticSS(AHCIATADevState *s)
2988{
2989 ataSetSignature(s);
2990 if (s->fATAPI)
2991 ataSetStatusValue(s, 0); /* NOTE: READY is _not_ set */
2992 else
2993 ataSetStatusValue(s, ATA_STAT_READY);
2994 s->uATARegError = 0x01;
2995 return false;
2996}
2997
2998
2999static int ataTrimSectors(AHCIATADevState *s, uint64_t u64Sector, uint32_t cSectors,
3000 bool *pfRedo)
3001{
3002 RTRANGE TrimRange;
3003 PAHCIATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
3004 int rc;
3005
3006 PDMCritSectLeave(&pCtl->lock);
3007
3008 TrimRange.offStart = u64Sector * 512;
3009 TrimRange.cbRange = cSectors * 512;
3010
3011 s->pLed->Asserted.s.fWriting = s->pLed->Actual.s.fWriting = 1;
3012 rc = s->pDrvBlock->pfnDiscard(s->pDrvBlock, &TrimRange, 1);
3013 s->pLed->Actual.s.fWriting = 0;
3014
3015 if (RT_SUCCESS(rc))
3016 *pfRedo = false;
3017 else
3018 *pfRedo = ataIsRedoSetWarning(s, rc);
3019
3020 STAM_PROFILE_START(&pCtl->StatLockWait, a);
3021 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
3022 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
3023 return rc;
3024}
3025
3026
3027static bool ataTrimSS(AHCIATADevState *s)
3028{
3029 int rc = VERR_GENERAL_FAILURE;
3030 uint32_t cRangesMax;
3031 uint64_t *pu64Range = (uint64_t *)s->CTX_SUFF(pbIOBuffer);
3032 bool fRedo = false;
3033
3034 cRangesMax = s->cbElementaryTransfer / sizeof(uint64_t);
3035 Assert(cRangesMax);
3036
3037 while (cRangesMax-- > 0)
3038 {
3039 if (ATA_RANGE_LENGTH_GET(*pu64Range) == 0)
3040 break;
3041
3042 rc = ataTrimSectors(s, *pu64Range & ATA_RANGE_LBA_MASK,
3043 ATA_RANGE_LENGTH_GET(*pu64Range), &fRedo);
3044 if (RT_FAILURE(rc))
3045 break;
3046
3047 pu64Range++;
3048 }
3049
3050 if (RT_SUCCESS(rc))
3051 {
3052 s->iSourceSink = ATAFN_SS_NULL;
3053 ataCmdOK(s, ATA_STAT_SEEK);
3054 }
3055 else
3056 {
3057 if (fRedo)
3058 return fRedo;
3059 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
3060 LogRel(("PIIX3 ATA: LUN#%d: disk trim error (rc=%Rrc iSector=%#RX64 cSectors=%#RX32)\n",
3061 s->iLUN, rc, *pu64Range & ATA_RANGE_LBA_MASK, ATA_RANGE_LENGTH_GET(*pu64Range)));
3062
3063 /*
3064 * Check if we got interrupted. We don't need to set status variables
3065 * because the request was aborted.
3066 */
3067 if (rc != VERR_INTERRUPTED)
3068 ataCmdError(s, ID_ERR);
3069 }
3070
3071 return false;
3072}
3073
3074
3075static void ataParseCmd(AHCIATADevState *s, uint8_t cmd)
3076{
3077#ifdef DEBUG
3078 Log(("%s: LUN#%d CMD=%#04x \"%s\"\n", __FUNCTION__, s->iLUN, cmd, ATACmdText(cmd)));
3079#else /* !DEBUG */
3080 Log(("%s: LUN#%d CMD=%#04x\n", __FUNCTION__, s->iLUN, cmd));
3081#endif /* !DEBUG */
3082 s->fLBA48 = false;
3083 s->fDMA = false;
3084 if (cmd == ATA_IDLE_IMMEDIATE)
3085 {
3086 /* Detect Linux timeout recovery, first tries IDLE IMMEDIATE (which
3087 * would overwrite the failing command unfortunately), then RESET. */
3088 int32_t uCmdWait = -1;
3089 uint64_t uNow = RTTimeNanoTS();
3090 if (s->u64CmdTS)
3091 uCmdWait = (uNow - s->u64CmdTS) / 1000;
3092 LogRel(("AHCI ATA: LUN#%d: IDLE IMMEDIATE, CmdIf=%#04x (%d usec ago)\n",
3093 s->iLUN, s->uATARegCommand, uCmdWait));
3094 }
3095 s->uATARegCommand = cmd;
3096 switch (cmd)
3097 {
3098 case ATA_IDENTIFY_DEVICE:
3099 if (s->pDrvBlock && !s->fATAPI)
3100 ataStartTransfer(s, 512, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_NULL, ATAFN_SS_IDENTIFY, false);
3101 else
3102 {
3103 if (s->fATAPI)
3104 ataSetSignature(s);
3105 ataCmdError(s, ABRT_ERR);
3106 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3107 }
3108 break;
3109 case ATA_INITIALIZE_DEVICE_PARAMETERS:
3110 case ATA_RECALIBRATE:
3111 ataCmdOK(s, ATA_STAT_SEEK);
3112 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3113 break;
3114 case ATA_SET_MULTIPLE_MODE:
3115 if ( s->uATARegNSector != 0
3116 && ( s->uATARegNSector > ATA_MAX_MULT_SECTORS
3117 || (s->uATARegNSector & (s->uATARegNSector - 1)) != 0))
3118 {
3119 ataCmdError(s, ABRT_ERR);
3120 }
3121 else
3122 {
3123 Log2(("%s: set multi sector count to %d\n", __FUNCTION__, s->uATARegNSector));
3124 s->cMultSectors = s->uATARegNSector;
3125 ataCmdOK(s, 0);
3126 }
3127 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3128 break;
3129 case ATA_READ_VERIFY_SECTORS_EXT:
3130 s->fLBA48 = true;
3131 case ATA_READ_VERIFY_SECTORS:
3132 case ATA_READ_VERIFY_SECTORS_WITHOUT_RETRIES:
3133 /* do sector number check ? */
3134 ataCmdOK(s, 0);
3135 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3136 break;
3137 case ATA_READ_SECTORS_EXT:
3138 s->fLBA48 = true;
3139 case ATA_READ_SECTORS:
3140 case ATA_READ_SECTORS_WITHOUT_RETRIES:
3141 if (!s->pDrvBlock || s->fATAPI)
3142 goto abort_cmd;
3143 s->cSectorsPerIRQ = 1;
3144 ataStartTransfer(s, ataGetNSectors(s) * 512, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_READ_SECTORS, false);
3145 break;
3146 case ATA_WRITE_SECTORS_EXT:
3147 s->fLBA48 = true;
3148 case ATA_WRITE_SECTORS:
3149 case ATA_WRITE_SECTORS_WITHOUT_RETRIES:
3150 if (!s->pDrvBlock || s->fATAPI)
3151 goto abort_cmd;
3152 s->cSectorsPerIRQ = 1;
3153 ataStartTransfer(s, ataGetNSectors(s) * 512, PDMBLOCKTXDIR_TO_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_WRITE_SECTORS, false);
3154 break;
3155 case ATA_READ_MULTIPLE_EXT:
3156 s->fLBA48 = true;
3157 case ATA_READ_MULTIPLE:
3158 if (!s->pDrvBlock || !s->cMultSectors || s->fATAPI)
3159 goto abort_cmd;
3160 s->cSectorsPerIRQ = s->cMultSectors;
3161 ataStartTransfer(s, ataGetNSectors(s) * 512, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_READ_SECTORS, false);
3162 break;
3163 case ATA_WRITE_MULTIPLE_EXT:
3164 s->fLBA48 = true;
3165 case ATA_WRITE_MULTIPLE:
3166 if (!s->pDrvBlock || !s->cMultSectors || s->fATAPI)
3167 goto abort_cmd;
3168 s->cSectorsPerIRQ = s->cMultSectors;
3169 ataStartTransfer(s, ataGetNSectors(s) * 512, PDMBLOCKTXDIR_TO_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_WRITE_SECTORS, false);
3170 break;
3171 case ATA_READ_DMA_EXT:
3172 s->fLBA48 = true;
3173 case ATA_READ_DMA:
3174 case ATA_READ_DMA_WITHOUT_RETRIES:
3175 if (!s->pDrvBlock || s->fATAPI)
3176 goto abort_cmd;
3177 s->cSectorsPerIRQ = ATA_MAX_MULT_SECTORS;
3178 s->fDMA = true;
3179 ataStartTransfer(s, ataGetNSectors(s) * 512, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_READ_SECTORS, false);
3180 break;
3181 case ATA_WRITE_DMA_EXT:
3182 s->fLBA48 = true;
3183 case ATA_WRITE_DMA:
3184 case ATA_WRITE_DMA_WITHOUT_RETRIES:
3185 if (!s->pDrvBlock || s->fATAPI)
3186 goto abort_cmd;
3187 s->cSectorsPerIRQ = ATA_MAX_MULT_SECTORS;
3188 s->fDMA = true;
3189 ataStartTransfer(s, ataGetNSectors(s) * 512, PDMBLOCKTXDIR_TO_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_WRITE_SECTORS, false);
3190 break;
3191 case ATA_READ_NATIVE_MAX_ADDRESS_EXT:
3192 s->fLBA48 = true;
3193 ataSetSector(s, s->cTotalSectors - 1);
3194 ataCmdOK(s, 0);
3195 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3196 break;
3197 case ATA_READ_NATIVE_MAX_ADDRESS:
3198 ataSetSector(s, RT_MIN(s->cTotalSectors, 1 << 28) - 1);
3199 ataCmdOK(s, 0);
3200 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3201 break;
3202 case ATA_CHECK_POWER_MODE:
3203 s->uATARegNSector = 0xff; /* drive active or idle */
3204 ataCmdOK(s, 0);
3205 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3206 break;
3207 case ATA_SET_FEATURES:
3208 Log2(("%s: feature=%#x\n", __FUNCTION__, s->uATARegFeature));
3209 if (!s->pDrvBlock)
3210 goto abort_cmd;
3211 switch (s->uATARegFeature)
3212 {
3213 case 0x02: /* write cache enable */
3214 Log2(("%s: write cache enable\n", __FUNCTION__));
3215 ataCmdOK(s, ATA_STAT_SEEK);
3216 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3217 break;
3218 case 0xaa: /* read look-ahead enable */
3219 Log2(("%s: read look-ahead enable\n", __FUNCTION__));
3220 ataCmdOK(s, ATA_STAT_SEEK);
3221 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3222 break;
3223 case 0x55: /* read look-ahead disable */
3224 Log2(("%s: read look-ahead disable\n", __FUNCTION__));
3225 ataCmdOK(s, ATA_STAT_SEEK);
3226 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3227 break;
3228 case 0xcc: /* reverting to power-on defaults enable */
3229 Log2(("%s: revert to power-on defaults enable\n", __FUNCTION__));
3230 ataCmdOK(s, ATA_STAT_SEEK);
3231 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3232 break;
3233 case 0x66: /* reverting to power-on defaults disable */
3234 Log2(("%s: revert to power-on defaults disable\n", __FUNCTION__));
3235 ataCmdOK(s, ATA_STAT_SEEK);
3236 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3237 break;
3238 case 0x82: /* write cache disable */
3239 Log2(("%s: write cache disable\n", __FUNCTION__));
3240 /* As per the ATA/ATAPI-6 specs, a write cache disable
3241 * command MUST flush the write buffers to disc. */
3242 ataStartTransfer(s, 0, PDMBLOCKTXDIR_NONE, ATAFN_BT_NULL, ATAFN_SS_FLUSH, false);
3243 break;
3244 case 0x03: { /* set transfer mode */
3245 Log2(("%s: transfer mode %#04x\n", __FUNCTION__, s->uATARegNSector));
3246 switch (s->uATARegNSector & 0xf8)
3247 {
3248 case 0x00: /* PIO default */
3249 case 0x08: /* PIO mode */
3250 break;
3251 case ATA_MODE_MDMA: /* MDMA mode */
3252 s->uATATransferMode = (s->uATARegNSector & 0xf8) | RT_MIN(s->uATARegNSector & 0x07, ATA_MDMA_MODE_MAX);
3253 break;
3254 case ATA_MODE_UDMA: /* UDMA mode */
3255 s->uATATransferMode = (s->uATARegNSector & 0xf8) | RT_MIN(s->uATARegNSector & 0x07, ATA_UDMA_MODE_MAX);
3256 break;
3257 default:
3258 goto abort_cmd;
3259 }
3260 ataCmdOK(s, ATA_STAT_SEEK);
3261 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3262 break;
3263 }
3264 default:
3265 goto abort_cmd;
3266 }
3267 /*
3268 * OS/2 workarond:
3269 * The OS/2 IDE driver from MCP2 appears to rely on the feature register being
3270 * reset here. According to the specification, this is a driver bug as the register
3271 * contents are undefined after the call. This means we can just as well reset it.
3272 */
3273 s->uATARegFeature = 0;
3274 break;
3275 case ATA_FLUSH_CACHE_EXT:
3276 case ATA_FLUSH_CACHE:
3277 if (!s->pDrvBlock || s->fATAPI)
3278 goto abort_cmd;
3279 ataStartTransfer(s, 0, PDMBLOCKTXDIR_NONE, ATAFN_BT_NULL, ATAFN_SS_FLUSH, false);
3280 break;
3281 case ATA_STANDBY_IMMEDIATE:
3282 ataCmdOK(s, 0);
3283 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3284 break;
3285 case ATA_IDLE_IMMEDIATE:
3286 LogRel(("AHCI ATA: LUN#%d: aborting current command\n", s->iLUN));
3287 ataAbortCurrentCommand(s, false);
3288 break;
3289 /* ATAPI commands */
3290 case ATA_IDENTIFY_PACKET_DEVICE:
3291 if (s->fATAPI)
3292 ataStartTransfer(s, 512, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_NULL, ATAFN_SS_ATAPI_IDENTIFY, false);
3293 else
3294 {
3295 ataCmdError(s, ABRT_ERR);
3296 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3297 }
3298 break;
3299 case ATA_EXECUTE_DEVICE_DIAGNOSTIC:
3300 ataStartTransfer(s, 0, PDMBLOCKTXDIR_NONE, ATAFN_BT_NULL, ATAFN_SS_EXECUTE_DEVICE_DIAGNOSTIC, false);
3301 break;
3302 case ATA_DEVICE_RESET:
3303 if (!s->fATAPI)
3304 goto abort_cmd;
3305 LogRel(("AHCI ATA: LUN#%d: performing device RESET\n", s->iLUN));
3306 ataAbortCurrentCommand(s, true);
3307 break;
3308 case ATA_PACKET:
3309 if (!s->fATAPI)
3310 goto abort_cmd;
3311 /* overlapping commands not supported */
3312 if (s->uATARegFeature & 0x02)
3313 goto abort_cmd;
3314 ataStartTransfer(s, ATAPI_PACKET_SIZE, PDMBLOCKTXDIR_TO_DEVICE, ATAFN_BT_PACKET, ATAFN_SS_PACKET, false);
3315 break;
3316 case ATA_DATA_SET_MANAGEMENT:
3317 if (!s->pDrvBlock || !s->pDrvBlock->pfnDiscard)
3318 goto abort_cmd;
3319 if ( !(s->uATARegFeature & UINT8_C(0x01))
3320 || (s->uATARegFeature & ~UINT8_C(0x01)))
3321 goto abort_cmd;
3322 s->fDMA = true;
3323 ataStartTransfer(s, (s->uATARegNSectorHOB << 8 | s->uATARegNSector) * 512, PDMBLOCKTXDIR_TO_DEVICE, ATAFN_BT_NULL, ATAFN_SS_TRIM, false);
3324 break;
3325 default:
3326 abort_cmd:
3327 ataCmdError(s, ABRT_ERR);
3328 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3329 break;
3330 }
3331}
3332
3333
3334/**
3335 * Waits for a particular async I/O thread to complete whatever it
3336 * is doing at the moment.
3337 *
3338 * @returns true on success.
3339 * @returns false when the thread is still processing.
3340 * @param pThis Pointer to the controller data.
3341 * @param cMillies How long to wait (total).
3342 */
3343static bool ataWaitForAsyncIOIsIdle(PAHCIATACONTROLLER pCtl, RTMSINTERVAL cMillies)
3344{
3345 uint64_t u64Start;
3346 bool fRc;
3347
3348 /* Hope for the simple way out... */
3349 if (ataAsyncIOIsIdle(pCtl, false /*fStrict*/))
3350 return true;
3351
3352 /*
3353 * Have to wait. Do the setup while owning the mutex to avoid races.
3354 */
3355 RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT);
3356
3357 RTThreadUserReset(pCtl->AsyncIOThread);
3358 ASMAtomicWriteBool(&pCtl->fSignalIdle, true);
3359
3360 RTSemMutexRelease(pCtl->AsyncIORequestMutex);
3361
3362 u64Start = RTTimeMilliTS();
3363 for (;;)
3364 {
3365 fRc = ataAsyncIOIsIdle(pCtl, false /*fStrict*/);
3366 if (fRc)
3367 break;
3368
3369 if (RTTimeMilliTS() - u64Start >= cMillies)
3370 break;
3371
3372 int rc = RTThreadUserWait(pCtl->AsyncIOThread, 100 /*ms*/);
3373 AssertMsg( ( RT_SUCCESS(rc)
3374 && ataAsyncIOIsIdle(pCtl, false /*fStrict*/))
3375 || rc == VERR_TIMEOUT,
3376 ("rc=%Rrc irq=%u\n", rc, pCtl->irq));
3377 }
3378
3379 ASMAtomicWriteBool(&pCtl->fSignalIdle, false);
3380 return fRc;
3381}
3382
3383#endif /* IN_RING3 */
3384
3385static int ataIOPortWriteU8(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t val)
3386{
3387 Log2(("%s: write addr=%#x val=%#04x\n", __FUNCTION__, addr, val));
3388 addr &= 7;
3389 switch (addr)
3390 {
3391 case 0:
3392 break;
3393 case 1: /* feature register */
3394 /* NOTE: data is written to the two drives */
3395 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3396 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3397 pCtl->aIfs[0].uATARegFeatureHOB = pCtl->aIfs[0].uATARegFeature;
3398 pCtl->aIfs[1].uATARegFeatureHOB = pCtl->aIfs[1].uATARegFeature;
3399 pCtl->aIfs[0].uATARegFeature = val;
3400 pCtl->aIfs[1].uATARegFeature = val;
3401 break;
3402 case 2: /* sector count */
3403 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3404 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3405 pCtl->aIfs[0].uATARegNSectorHOB = pCtl->aIfs[0].uATARegNSector;
3406 pCtl->aIfs[1].uATARegNSectorHOB = pCtl->aIfs[1].uATARegNSector;
3407 pCtl->aIfs[0].uATARegNSector = val;
3408 pCtl->aIfs[1].uATARegNSector = val;
3409 break;
3410 case 3: /* sector number */
3411 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3412 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3413 pCtl->aIfs[0].uATARegSectorHOB = pCtl->aIfs[0].uATARegSector;
3414 pCtl->aIfs[1].uATARegSectorHOB = pCtl->aIfs[1].uATARegSector;
3415 pCtl->aIfs[0].uATARegSector = val;
3416 pCtl->aIfs[1].uATARegSector = val;
3417 break;
3418 case 4: /* cylinder low */
3419 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3420 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3421 pCtl->aIfs[0].uATARegLCylHOB = pCtl->aIfs[0].uATARegLCyl;
3422 pCtl->aIfs[1].uATARegLCylHOB = pCtl->aIfs[1].uATARegLCyl;
3423 pCtl->aIfs[0].uATARegLCyl = val;
3424 pCtl->aIfs[1].uATARegLCyl = val;
3425 break;
3426 case 5: /* cylinder high */
3427 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3428 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3429 pCtl->aIfs[0].uATARegHCylHOB = pCtl->aIfs[0].uATARegHCyl;
3430 pCtl->aIfs[1].uATARegHCylHOB = pCtl->aIfs[1].uATARegHCyl;
3431 pCtl->aIfs[0].uATARegHCyl = val;
3432 pCtl->aIfs[1].uATARegHCyl = val;
3433 break;
3434 case 6: /* drive/head */
3435 pCtl->aIfs[0].uATARegSelect = (val & ~0x10) | 0xa0;
3436 pCtl->aIfs[1].uATARegSelect = (val | 0x10) | 0xa0;
3437 if (((val >> 4) & 1) != pCtl->iSelectedIf)
3438 {
3439 PPDMDEVINS pDevIns = CONTROLLER_2_DEVINS(pCtl);
3440
3441 /* select another drive */
3442 pCtl->iSelectedIf = (val >> 4) & 1;
3443 /* The IRQ line is multiplexed between the two drives, so
3444 * update the state when switching to another drive. Only need
3445 * to update interrupt line if it is enabled and there is a
3446 * state change. */
3447 if ( !(pCtl->aIfs[pCtl->iSelectedIf].uATARegDevCtl & ATA_DEVCTL_DISABLE_IRQ)
3448 && ( pCtl->aIfs[pCtl->iSelectedIf].fIrqPending
3449 != pCtl->aIfs[pCtl->iSelectedIf ^ 1].fIrqPending))
3450 {
3451 if (pCtl->aIfs[pCtl->iSelectedIf].fIrqPending)
3452 {
3453 Log2(("%s: LUN#%d asserting IRQ (drive select change)\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf].iLUN));
3454 /* The BMDMA unit unconditionally sets BM_STATUS_INT if
3455 * the interrupt line is asserted. It monitors the line
3456 * for a rising edge. */
3457 pCtl->BmDma.u8Status |= BM_STATUS_INT;
3458 if (pCtl->irq == 16)
3459 PDMDevHlpPCISetIrq(pDevIns, 0, 1);
3460 else
3461 PDMDevHlpISASetIrq(pDevIns, pCtl->irq, 1);
3462 }
3463 else
3464 {
3465 Log2(("%s: LUN#%d deasserting IRQ (drive select change)\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf].iLUN));
3466 if (pCtl->irq == 16)
3467 PDMDevHlpPCISetIrq(pDevIns, 0, 0);
3468 else
3469 PDMDevHlpISASetIrq(pDevIns, pCtl->irq, 0);
3470 }
3471 }
3472 }
3473 break;
3474 default:
3475 case 7: /* command */
3476 /* ignore commands to non existant slave */
3477 if (pCtl->iSelectedIf && !pCtl->aIfs[pCtl->iSelectedIf].pDrvBlock)
3478 break;
3479#ifndef IN_RING3
3480 /* Don't do anything complicated in GC */
3481 return VINF_IOM_R3_IOPORT_WRITE;
3482#else /* IN_RING3 */
3483 ataParseCmd(&pCtl->aIfs[pCtl->iSelectedIf], val);
3484#endif /* !IN_RING3 */
3485 }
3486 return VINF_SUCCESS;
3487}
3488
3489
3490static int ataIOPortReadU8(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t *pu32)
3491{
3492 AHCIATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
3493 uint32_t val;
3494 bool fHOB;
3495
3496 fHOB = !!(s->uATARegDevCtl & (1 << 7));
3497 switch (addr & 7)
3498 {
3499 case 0: /* data register */
3500 val = 0xff;
3501 break;
3502 case 1: /* error register */
3503 /* The ATA specification is very terse when it comes to specifying
3504 * the precise effects of reading back the error/feature register.
3505 * The error register (read-only) shares the register number with
3506 * the feature register (write-only), so it seems that it's not
3507 * necessary to support the usual HOB readback here. */
3508 if (!s->pDrvBlock)
3509 val = 0;
3510 else
3511 val = s->uATARegError;
3512 break;
3513 case 2: /* sector count */
3514 if (!s->pDrvBlock)
3515 val = 0;
3516 else if (fHOB)
3517 val = s->uATARegNSectorHOB;
3518 else
3519 val = s->uATARegNSector;
3520 break;
3521 case 3: /* sector number */
3522 if (!s->pDrvBlock)
3523 val = 0;
3524 else if (fHOB)
3525 val = s->uATARegSectorHOB;
3526 else
3527 val = s->uATARegSector;
3528 break;
3529 case 4: /* cylinder low */
3530 if (!s->pDrvBlock)
3531 val = 0;
3532 else if (fHOB)
3533 val = s->uATARegLCylHOB;
3534 else
3535 val = s->uATARegLCyl;
3536 break;
3537 case 5: /* cylinder high */
3538 if (!s->pDrvBlock)
3539 val = 0;
3540 else if (fHOB)
3541 val = s->uATARegHCylHOB;
3542 else
3543 val = s->uATARegHCyl;
3544 break;
3545 case 6: /* drive/head */
3546 /* This register must always work as long as there is at least
3547 * one drive attached to the controller. It is common between
3548 * both drives anyway (completely identical content). */
3549 if (!pCtl->aIfs[0].pDrvBlock && !pCtl->aIfs[1].pDrvBlock)
3550 val = 0;
3551 else
3552 val = s->uATARegSelect;
3553 break;
3554 default:
3555 case 7: /* primary status */
3556 {
3557 /* Counter for number of busy status seen in GC in a row. */
3558 static unsigned cBusy = 0;
3559
3560 if (!s->pDrvBlock)
3561 val = 0;
3562 else
3563 val = s->uATARegStatus;
3564
3565 /* Give the async I/O thread an opportunity to make progress,
3566 * don't let it starve by guests polling frequently. EMT has a
3567 * lower priority than the async I/O thread, but sometimes the
3568 * host OS doesn't care. With some guests we are only allowed to
3569 * be busy for about 5 milliseconds in some situations. Note that
3570 * this is no guarantee for any other VBox thread getting
3571 * scheduled, so this just lowers the CPU load a bit when drives
3572 * are busy. It cannot help with timing problems. */
3573 if (val & ATA_STAT_BUSY)
3574 {
3575#ifdef IN_RING3
3576 cBusy = 0;
3577 PDMCritSectLeave(&pCtl->lock);
3578
3579 RTThreadYield();
3580
3581 {
3582 STAM_PROFILE_START(&pCtl->StatLockWait, a);
3583 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
3584 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
3585 }
3586
3587 val = s->uATARegStatus;
3588#else /* !IN_RING3 */
3589 /* Cannot yield CPU in guest context. And switching to host
3590 * context for each and every busy status is too costly,
3591 * especially on SMP systems where we don't gain much by
3592 * yielding the CPU to someone else. */
3593 if (++cBusy >= 20)
3594 {
3595 cBusy = 0;
3596 return VINF_IOM_R3_IOPORT_READ;
3597 }
3598#endif /* !IN_RING3 */
3599 }
3600 else
3601 cBusy = 0;
3602 ataUnsetIRQ(s);
3603 break;
3604 }
3605 }
3606 Log2(("%s: addr=%#x val=%#04x\n", __FUNCTION__, addr, val));
3607 *pu32 = val;
3608 return VINF_SUCCESS;
3609}
3610
3611
3612static uint32_t ataStatusRead(PAHCIATACONTROLLER pCtl, uint32_t addr)
3613{
3614 AHCIATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
3615 uint32_t val;
3616
3617 if ((!pCtl->aIfs[0].pDrvBlock && !pCtl->aIfs[1].pDrvBlock) ||
3618 (pCtl->iSelectedIf == 1 && !s->pDrvBlock))
3619 val = 0;
3620 else
3621 val = s->uATARegStatus;
3622 Log2(("%s: addr=%#x val=%#04x\n", __FUNCTION__, addr, val));
3623 return val;
3624}
3625
3626static int ataControlWrite(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t val)
3627{
3628#ifndef IN_RING3
3629 if ((val ^ pCtl->aIfs[0].uATARegDevCtl) & ATA_DEVCTL_RESET)
3630 return VINF_IOM_R3_IOPORT_WRITE; /* The RESET stuff is too complicated for GC. */
3631#endif /* !IN_RING3 */
3632
3633 Log2(("%s: addr=%#x val=%#04x\n", __FUNCTION__, addr, val));
3634 /* RESET is common for both drives attached to a controller. */
3635 if (!(pCtl->aIfs[0].uATARegDevCtl & ATA_DEVCTL_RESET) &&
3636 (val & ATA_DEVCTL_RESET))
3637 {
3638#ifdef IN_RING3
3639 /* Software RESET low to high */
3640 int32_t uCmdWait0 = -1, uCmdWait1 = -1;
3641 uint64_t uNow = RTTimeNanoTS();
3642 if (pCtl->aIfs[0].u64CmdTS)
3643 uCmdWait0 = (uNow - pCtl->aIfs[0].u64CmdTS) / 1000;
3644 if (pCtl->aIfs[1].u64CmdTS)
3645 uCmdWait1 = (uNow - pCtl->aIfs[1].u64CmdTS) / 1000;
3646 LogRel(("AHCI ATA: Ctl: RESET, DevSel=%d AIOIf=%d CmdIf0=%#04x (%d usec ago) CmdIf1=%#04x (%d usec ago)\n",
3647 pCtl->iSelectedIf, pCtl->iAIOIf,
3648 pCtl->aIfs[0].uATARegCommand, uCmdWait0,
3649 pCtl->aIfs[1].uATARegCommand, uCmdWait1));
3650 pCtl->fReset = true;
3651 /* Everything must be done after the reset flag is set, otherwise
3652 * there are unavoidable races with the currently executing request
3653 * (which might just finish in the mean time). */
3654 pCtl->fChainedTransfer = false;
3655 for (uint32_t i = 0; i < RT_ELEMENTS(pCtl->aIfs); i++)
3656 {
3657 ataResetDevice(&pCtl->aIfs[i]);
3658 /* The following cannot be done using ataSetStatusValue() since the
3659 * reset flag is already set, which suppresses all status changes. */
3660 pCtl->aIfs[i].uATARegStatus = ATA_STAT_BUSY | ATA_STAT_SEEK;
3661 Log2(("%s: LUN#%d status %#04x\n", __FUNCTION__, pCtl->aIfs[i].iLUN, pCtl->aIfs[i].uATARegStatus));
3662 pCtl->aIfs[i].uATARegError = 0x01;
3663 }
3664 ataAsyncIOClearRequests(pCtl);
3665 Log2(("%s: Ctl: message to async I/O thread, resetA\n", __FUNCTION__));
3666 if (val & ATA_DEVCTL_HOB)
3667 {
3668 val &= ~ATA_DEVCTL_HOB;
3669 Log2(("%s: ignored setting HOB\n", __FUNCTION__));
3670 }
3671 ataAsyncIOPutRequest(pCtl, &ataResetARequest);
3672#else /* !IN_RING3 */
3673 AssertMsgFailed(("RESET handling is too complicated for GC\n"));
3674#endif /* IN_RING3 */
3675 }
3676 else if ((pCtl->aIfs[0].uATARegDevCtl & ATA_DEVCTL_RESET) &&
3677 !(val & ATA_DEVCTL_RESET))
3678 {
3679#ifdef IN_RING3
3680 /* Software RESET high to low */
3681 Log(("%s: deasserting RESET\n", __FUNCTION__));
3682 Log2(("%s: Ctl: message to async I/O thread, resetC\n", __FUNCTION__));
3683 if (val & ATA_DEVCTL_HOB)
3684 {
3685 val &= ~ATA_DEVCTL_HOB;
3686 Log2(("%s: ignored setting HOB\n", __FUNCTION__));
3687 }
3688 ataAsyncIOPutRequest(pCtl, &ataResetCRequest);
3689#else /* !IN_RING3 */
3690 AssertMsgFailed(("RESET handling is too complicated for GC\n"));
3691#endif /* IN_RING3 */
3692 }
3693
3694 /* Change of interrupt disable flag. Update interrupt line if interrupt
3695 * is pending on the current interface. */
3696 if ((val ^ pCtl->aIfs[0].uATARegDevCtl) & ATA_DEVCTL_DISABLE_IRQ
3697 && pCtl->aIfs[pCtl->iSelectedIf].fIrqPending)
3698 {
3699 if (!(val & ATA_DEVCTL_DISABLE_IRQ))
3700 {
3701 Log2(("%s: LUN#%d asserting IRQ (interrupt disable change)\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf].iLUN));
3702 /* The BMDMA unit unconditionally sets BM_STATUS_INT if the
3703 * interrupt line is asserted. It monitors the line for a rising
3704 * edge. */
3705 pCtl->BmDma.u8Status |= BM_STATUS_INT;
3706 if (pCtl->irq == 16)
3707 PDMDevHlpPCISetIrq(CONTROLLER_2_DEVINS(pCtl), 0, 1);
3708 else
3709 PDMDevHlpISASetIrq(CONTROLLER_2_DEVINS(pCtl), pCtl->irq, 1);
3710 }
3711 else
3712 {
3713 Log2(("%s: LUN#%d deasserting IRQ (interrupt disable change)\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf].iLUN));
3714 if (pCtl->irq == 16)
3715 PDMDevHlpPCISetIrq(CONTROLLER_2_DEVINS(pCtl), 0, 0);
3716 else
3717 PDMDevHlpISASetIrq(CONTROLLER_2_DEVINS(pCtl), pCtl->irq, 0);
3718 }
3719 }
3720
3721 if (val & ATA_DEVCTL_HOB)
3722 Log2(("%s: set HOB\n", __FUNCTION__));
3723
3724 pCtl->aIfs[0].uATARegDevCtl = val;
3725 pCtl->aIfs[1].uATARegDevCtl = val;
3726
3727 return VINF_SUCCESS;
3728}
3729
3730#ifdef IN_RING3
3731
3732static void ataPIOTransfer(PAHCIATACONTROLLER pCtl)
3733{
3734 AHCIATADevState *s;
3735
3736 s = &pCtl->aIfs[pCtl->iAIOIf];
3737 Log3(("%s: if=%p\n", __FUNCTION__, s));
3738
3739 if (s->cbTotalTransfer && s->iIOBufferCur > s->iIOBufferEnd)
3740 {
3741 LogRel(("AHCI ATA: LUN#%d: %s data in the middle of a PIO transfer - VERY SLOW\n", s->iLUN, s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE ? "loading" : "storing"));
3742 /* Any guest OS that triggers this case has a pathetic ATA driver.
3743 * In a real system it would block the CPU via IORDY, here we do it
3744 * very similarly by not continuing with the current instruction
3745 * until the transfer to/from the storage medium is completed. */
3746 if (s->iSourceSink != ATAFN_SS_NULL)
3747 {
3748 bool fRedo;
3749 uint8_t status = s->uATARegStatus;
3750 ataSetStatusValue(s, ATA_STAT_BUSY);
3751 Log2(("%s: calling source/sink function\n", __FUNCTION__));
3752 fRedo = g_apfnSourceSinkFuncs[s->iSourceSink](s);
3753 pCtl->fRedo = fRedo;
3754 if (RT_UNLIKELY(fRedo))
3755 return;
3756 ataSetStatusValue(s, status);
3757 s->iIOBufferCur = 0;
3758 s->iIOBufferEnd = s->cbElementaryTransfer;
3759 }
3760 }
3761 if (s->cbTotalTransfer)
3762 {
3763 if (s->fATAPITransfer)
3764 ataPIOTransferLimitATAPI(s);
3765
3766 if (s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE && s->cbElementaryTransfer > s->cbTotalTransfer)
3767 s->cbElementaryTransfer = s->cbTotalTransfer;
3768
3769 Log2(("%s: %s tx_size=%d elem_tx_size=%d index=%d end=%d\n",
3770 __FUNCTION__, s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE ? "T2I" : "I2T",
3771 s->cbTotalTransfer, s->cbElementaryTransfer,
3772 s->iIOBufferCur, s->iIOBufferEnd));
3773 ataPIOTransferStart(s, s->iIOBufferCur, s->cbElementaryTransfer);
3774 s->cbTotalTransfer -= s->cbElementaryTransfer;
3775 s->iIOBufferCur += s->cbElementaryTransfer;
3776
3777 if (s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE && s->cbElementaryTransfer > s->cbTotalTransfer)
3778 s->cbElementaryTransfer = s->cbTotalTransfer;
3779 }
3780 else
3781 ataPIOTransferStop(s);
3782}
3783
3784
3785DECLINLINE(void) ataPIOTransferFinish(PAHCIATACONTROLLER pCtl, AHCIATADevState *s)
3786{
3787 /* Do not interfere with RESET processing if the PIO transfer finishes
3788 * while the RESET line is asserted. */
3789 if (pCtl->fReset)
3790 {
3791 Log2(("%s: Ctl: suppressed continuing PIO transfer as RESET is active\n", __FUNCTION__));
3792 return;
3793 }
3794
3795 if ( s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE
3796 || ( s->iSourceSink != ATAFN_SS_NULL
3797 && s->iIOBufferCur >= s->iIOBufferEnd))
3798 {
3799 /* Need to continue the transfer in the async I/O thread. This is
3800 * the case for write operations or generally for not yet finished
3801 * transfers (some data might need to be read). */
3802 ataUnsetStatus(s, ATA_STAT_READY | ATA_STAT_DRQ);
3803 ataSetStatus(s, ATA_STAT_BUSY);
3804
3805 Log2(("%s: Ctl: message to async I/O thread, continuing PIO transfer\n", __FUNCTION__));
3806 ataAsyncIOPutRequest(pCtl, &ataPIORequest);
3807 }
3808 else
3809 {
3810 /* Either everything finished (though some data might still be pending)
3811 * or some data is pending before the next read is due. */
3812
3813 /* Continue a previously started transfer. */
3814 ataUnsetStatus(s, ATA_STAT_DRQ);
3815 ataSetStatus(s, ATA_STAT_READY);
3816
3817 if (s->cbTotalTransfer)
3818 {
3819 /* There is more to transfer, happens usually for large ATAPI
3820 * reads - the protocol limits the chunk size to 65534 bytes. */
3821 ataPIOTransfer(pCtl);
3822 ataSetIRQ(s);
3823 }
3824 else
3825 {
3826 Log2(("%s: Ctl: skipping message to async I/O thread, ending PIO transfer\n", __FUNCTION__));
3827 /* Finish PIO transfer. */
3828 ataPIOTransfer(pCtl);
3829 Assert(!pCtl->fRedo);
3830 }
3831 }
3832}
3833
3834#endif /* IN_RING3 */
3835
3836static int ataDataWrite(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t cbSize, const uint8_t *pbBuf)
3837{
3838 AHCIATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
3839 uint8_t *p;
3840
3841 if (s->iIOBufferPIODataStart < s->iIOBufferPIODataEnd)
3842 {
3843 Assert(s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE);
3844 p = s->CTX_SUFF(pbIOBuffer) + s->iIOBufferPIODataStart;
3845#ifndef IN_RING3
3846 /* All but the last transfer unit is simple enough for GC, but
3847 * sending a request to the async IO thread is too complicated. */
3848 if (s->iIOBufferPIODataStart + cbSize < s->iIOBufferPIODataEnd)
3849 {
3850 memcpy(p, pbBuf, cbSize);
3851 s->iIOBufferPIODataStart += cbSize;
3852 }
3853 else
3854 return VINF_IOM_R3_IOPORT_WRITE;
3855#else /* IN_RING3 */
3856 memcpy(p, pbBuf, cbSize);
3857 s->iIOBufferPIODataStart += cbSize;
3858 if (s->iIOBufferPIODataStart >= s->iIOBufferPIODataEnd)
3859 ataPIOTransferFinish(pCtl, s);
3860#endif /* !IN_RING3 */
3861 }
3862 else
3863 Log2(("%s: DUMMY data\n", __FUNCTION__));
3864 Log3(("%s: addr=%#x val=%.*Rhxs\n", __FUNCTION__, addr, cbSize, pbBuf));
3865 return VINF_SUCCESS;
3866}
3867
3868static int ataDataRead(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t cbSize, uint8_t *pbBuf)
3869{
3870 AHCIATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
3871 uint8_t *p;
3872
3873 if (s->iIOBufferPIODataStart < s->iIOBufferPIODataEnd)
3874 {
3875 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
3876 p = s->CTX_SUFF(pbIOBuffer) + s->iIOBufferPIODataStart;
3877#ifndef IN_RING3
3878 /* All but the last transfer unit is simple enough for GC, but
3879 * sending a request to the async IO thread is too complicated. */
3880 if (s->iIOBufferPIODataStart + cbSize < s->iIOBufferPIODataEnd)
3881 {
3882 memcpy(pbBuf, p, cbSize);
3883 s->iIOBufferPIODataStart += cbSize;
3884 }
3885 else
3886 return VINF_IOM_R3_IOPORT_READ;
3887#else /* IN_RING3 */
3888 memcpy(pbBuf, p, cbSize);
3889 s->iIOBufferPIODataStart += cbSize;
3890 if (s->iIOBufferPIODataStart >= s->iIOBufferPIODataEnd)
3891 ataPIOTransferFinish(pCtl, s);
3892#endif /* !IN_RING3 */
3893 }
3894 else
3895 {
3896 Log2(("%s: DUMMY data\n", __FUNCTION__));
3897 memset(pbBuf, '\xff', cbSize);
3898 }
3899 Log3(("%s: addr=%#x val=%.*Rhxs\n", __FUNCTION__, addr, cbSize, pbBuf));
3900 return VINF_SUCCESS;
3901}
3902
3903#ifdef IN_RING3
3904
3905static void ataDMATransferStop(AHCIATADevState *s)
3906{
3907 s->cbTotalTransfer = 0;
3908 s->cbElementaryTransfer = 0;
3909 s->iBeginTransfer = ATAFN_BT_NULL;
3910 s->iSourceSink = ATAFN_SS_NULL;
3911}
3912
3913
3914/**
3915 * Perform the entire DMA transfer in one go (unless a source/sink operation
3916 * has to be redone or a RESET comes in between). Unlike the PIO counterpart
3917 * this function cannot handle empty transfers.
3918 *
3919 * @param pCtl Controller for which to perform the transfer.
3920 */
3921static void ataDMATransfer(PAHCIATACONTROLLER pCtl)
3922{
3923 PPDMDEVINS pDevIns = CONTROLLER_2_DEVINS(pCtl);
3924 AHCIATADevState *s = &pCtl->aIfs[pCtl->iAIOIf];
3925 bool fRedo;
3926 RTGCPHYS32 pDesc;
3927 uint32_t cbTotalTransfer, cbElementaryTransfer;
3928 uint32_t iIOBufferCur, iIOBufferEnd;
3929 uint32_t dmalen;
3930 PDMBLOCKTXDIR uTxDir;
3931 bool fLastDesc = false;
3932
3933 Assert(sizeof(BMDMADesc) == 8);
3934
3935 fRedo = pCtl->fRedo;
3936 if (RT_LIKELY(!fRedo))
3937 Assert(s->cbTotalTransfer);
3938 uTxDir = (PDMBLOCKTXDIR)s->uTxDir;
3939 cbTotalTransfer = s->cbTotalTransfer;
3940 cbElementaryTransfer = s->cbElementaryTransfer;
3941 iIOBufferCur = s->iIOBufferCur;
3942 iIOBufferEnd = s->iIOBufferEnd;
3943
3944 /* The DMA loop is designed to hold the lock only when absolutely
3945 * necessary. This avoids long freezes should the guest access the
3946 * ATA registers etc. for some reason. */
3947 PDMCritSectLeave(&pCtl->lock);
3948
3949 Log2(("%s: %s tx_size=%d elem_tx_size=%d index=%d end=%d\n",
3950 __FUNCTION__, uTxDir == PDMBLOCKTXDIR_FROM_DEVICE ? "T2I" : "I2T",
3951 cbTotalTransfer, cbElementaryTransfer,
3952 iIOBufferCur, iIOBufferEnd));
3953 for (pDesc = pCtl->pFirstDMADesc; pDesc <= pCtl->pLastDMADesc; pDesc += sizeof(BMDMADesc))
3954 {
3955 BMDMADesc DMADesc;
3956 RTGCPHYS32 pBuffer;
3957 uint32_t cbBuffer;
3958
3959 if (RT_UNLIKELY(fRedo))
3960 {
3961 pBuffer = pCtl->pRedoDMABuffer;
3962 cbBuffer = pCtl->cbRedoDMABuffer;
3963 fLastDesc = pCtl->fRedoDMALastDesc;
3964 }
3965 else
3966 {
3967 PDMDevHlpPhysRead(pDevIns, pDesc, &DMADesc, sizeof(BMDMADesc));
3968 pBuffer = RT_LE2H_U32(DMADesc.pBuffer);
3969 cbBuffer = RT_LE2H_U32(DMADesc.cbBuffer);
3970 fLastDesc = !!(cbBuffer & 0x80000000);
3971 cbBuffer &= 0xfffe;
3972 if (cbBuffer == 0)
3973 cbBuffer = 0x10000;
3974 if (cbBuffer > cbTotalTransfer)
3975 cbBuffer = cbTotalTransfer;
3976 }
3977
3978 while (RT_UNLIKELY(fRedo) || (cbBuffer && cbTotalTransfer))
3979 {
3980 if (RT_LIKELY(!fRedo))
3981 {
3982 dmalen = RT_MIN(cbBuffer, iIOBufferEnd - iIOBufferCur);
3983 Log2(("%s: DMA desc %#010x: addr=%#010x size=%#010x\n", __FUNCTION__,
3984 pDesc, pBuffer, cbBuffer));
3985 if (uTxDir == PDMBLOCKTXDIR_FROM_DEVICE)
3986 PDMDevHlpPhysWrite(pDevIns, pBuffer, s->CTX_SUFF(pbIOBuffer) + iIOBufferCur, dmalen);
3987 else
3988 PDMDevHlpPhysRead(pDevIns, pBuffer, s->CTX_SUFF(pbIOBuffer) + iIOBufferCur, dmalen);
3989 iIOBufferCur += dmalen;
3990 cbTotalTransfer -= dmalen;
3991 cbBuffer -= dmalen;
3992 pBuffer += dmalen;
3993 }
3994 if ( iIOBufferCur == iIOBufferEnd
3995 && (uTxDir == PDMBLOCKTXDIR_TO_DEVICE || cbTotalTransfer))
3996 {
3997 if (uTxDir == PDMBLOCKTXDIR_FROM_DEVICE && cbElementaryTransfer > cbTotalTransfer)
3998 cbElementaryTransfer = cbTotalTransfer;
3999
4000 {
4001 STAM_PROFILE_START(&pCtl->StatLockWait, a);
4002 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
4003 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
4004 }
4005
4006 /* The RESET handler could have cleared the DMA transfer
4007 * state (since we didn't hold the lock until just now
4008 * the guest can continue in parallel). If so, the state
4009 * is already set up so the loop is exited immediately. */
4010 if (s->iSourceSink != ATAFN_SS_NULL)
4011 {
4012 s->iIOBufferCur = iIOBufferCur;
4013 s->iIOBufferEnd = iIOBufferEnd;
4014 s->cbElementaryTransfer = cbElementaryTransfer;
4015 s->cbTotalTransfer = cbTotalTransfer;
4016 Log2(("%s: calling source/sink function\n", __FUNCTION__));
4017 fRedo = g_apfnSourceSinkFuncs[s->iSourceSink](s);
4018 if (RT_UNLIKELY(fRedo))
4019 {
4020 pCtl->pFirstDMADesc = pDesc;
4021 pCtl->pRedoDMABuffer = pBuffer;
4022 pCtl->cbRedoDMABuffer = cbBuffer;
4023 pCtl->fRedoDMALastDesc = fLastDesc;
4024 }
4025 else
4026 {
4027 cbTotalTransfer = s->cbTotalTransfer;
4028 cbElementaryTransfer = s->cbElementaryTransfer;
4029
4030 if (uTxDir == PDMBLOCKTXDIR_TO_DEVICE && cbElementaryTransfer > cbTotalTransfer)
4031 cbElementaryTransfer = cbTotalTransfer;
4032 iIOBufferCur = 0;
4033 iIOBufferEnd = cbElementaryTransfer;
4034 }
4035 pCtl->fRedo = fRedo;
4036 }
4037 else
4038 {
4039 /* This forces the loop to exit immediately. */
4040 pDesc = pCtl->pLastDMADesc + 1;
4041 }
4042
4043 PDMCritSectLeave(&pCtl->lock);
4044 if (RT_UNLIKELY(fRedo))
4045 break;
4046 }
4047 }
4048
4049 if (RT_UNLIKELY(fRedo))
4050 break;
4051
4052 /* end of transfer */
4053 if (!cbTotalTransfer || fLastDesc)
4054 break;
4055
4056 {
4057 STAM_PROFILE_START(&pCtl->StatLockWait, a);
4058 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
4059 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
4060 }
4061
4062 if (!(pCtl->BmDma.u8Cmd & BM_CMD_START) || pCtl->fReset)
4063 {
4064 LogRel(("AHCI ATA: Ctl: ABORT DMA%s\n", pCtl->fReset ? " due to RESET" : ""));
4065 if (!pCtl->fReset)
4066 ataDMATransferStop(s);
4067 /* This forces the loop to exit immediately. */
4068 pDesc = pCtl->pLastDMADesc + 1;
4069 }
4070
4071 PDMCritSectLeave(&pCtl->lock);
4072 }
4073
4074 {
4075 STAM_PROFILE_START(&pCtl->StatLockWait, a);
4076 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
4077 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
4078 }
4079
4080 if (RT_UNLIKELY(fRedo))
4081 return;
4082
4083 if (fLastDesc)
4084 pCtl->BmDma.u8Status &= ~BM_STATUS_DMAING;
4085 s->cbTotalTransfer = cbTotalTransfer;
4086 s->cbElementaryTransfer = cbElementaryTransfer;
4087 s->iIOBufferCur = iIOBufferCur;
4088 s->iIOBufferEnd = iIOBufferEnd;
4089}
4090
4091
4092/**
4093 * Signal ataWaitForAsyncIOIsIdle that we're idle (if we actually are).
4094 *
4095 * @param pCtl The controller.
4096 */
4097static void ataAsyncSignalIdle(PAHCIATACONTROLLER pCtl)
4098{
4099 /*
4100 * Take the mutex here and recheck the idle indicator as there might be
4101 * interesting races, like in the ataReset code.
4102 */
4103 int rc = RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT); AssertRC(rc);
4104
4105 if ( pCtl->fSignalIdle
4106 && ataAsyncIOIsIdle(pCtl, false /*fStrict*/))
4107 {
4108 PDMDevHlpAsyncNotificationCompleted(pCtl->pDevInsR3);
4109 RTThreadUserSignal(pCtl->AsyncIOThread);
4110 }
4111
4112 rc = RTSemMutexRelease(pCtl->AsyncIORequestMutex); AssertRC(rc);
4113}
4114
4115
4116/** Async I/O thread for an interface. Once upon a time this was readable
4117 * code with several loops and a different semaphore for each purpose. But
4118 * then came the "how can one save the state in the middle of a PIO transfer"
4119 * question. The solution was to use an ASM, which is what's there now. */
4120static DECLCALLBACK(int) ataAsyncIOLoop(RTTHREAD ThreadSelf, void *pvUser)
4121{
4122 const AHCIATARequest *pReq;
4123 uint64_t u64TS = 0; /* shut up gcc */
4124 uint64_t uWait;
4125 int rc = VINF_SUCCESS;
4126 PAHCIATACONTROLLER pCtl = (PAHCIATACONTROLLER)pvUser;
4127 AHCIATADevState *s;
4128
4129 pReq = NULL;
4130 pCtl->fChainedTransfer = false;
4131 while (!pCtl->fShutdown)
4132 {
4133 /* Keep this thread from doing anything as long as EMT is suspended. */
4134 while (pCtl->fRedoIdle)
4135 {
4136 if (pCtl->fSignalIdle)
4137 ataAsyncSignalIdle(pCtl);
4138 rc = RTSemEventWait(pCtl->SuspendIOSem, RT_INDEFINITE_WAIT);
4139 if (RT_FAILURE(rc) || pCtl->fShutdown)
4140 break;
4141
4142 pCtl->fRedoIdle = false;
4143 }
4144
4145 /* Wait for work. */
4146 if (pReq == NULL)
4147 {
4148 if (pCtl->fSignalIdle)
4149 ataAsyncSignalIdle(pCtl);
4150 rc = RTSemEventWait(pCtl->AsyncIOSem, RT_INDEFINITE_WAIT);
4151 if (RT_FAILURE(rc) || pCtl->fShutdown)
4152 break;
4153
4154 pReq = ataAsyncIOGetCurrentRequest(pCtl);
4155 }
4156
4157 if (pReq == NULL)
4158 continue;
4159
4160 AHCIATAAIO ReqType = pReq->ReqType;
4161
4162 Log2(("%s: Ctl: state=%d, req=%d\n", __FUNCTION__, pCtl->uAsyncIOState, ReqType));
4163 if (pCtl->uAsyncIOState != ReqType)
4164 {
4165 /* The new state is not the state that was expected by the normal
4166 * state changes. This is either a RESET/ABORT or there's something
4167 * really strange going on. */
4168 if ( (pCtl->uAsyncIOState == AHCIATA_AIO_PIO || pCtl->uAsyncIOState == AHCIATA_AIO_DMA)
4169 && (ReqType == AHCIATA_AIO_PIO || ReqType == AHCIATA_AIO_DMA))
4170 {
4171 /* Incorrect sequence of PIO/DMA states. Dump request queue. */
4172 ataAsyncIODumpRequests(pCtl);
4173 }
4174 AssertReleaseMsg(ReqType == AHCIATA_AIO_RESET_ASSERTED || ReqType == AHCIATA_AIO_RESET_CLEARED || ReqType == AHCIATA_AIO_ABORT || pCtl->uAsyncIOState == ReqType, ("I/O state inconsistent: state=%d request=%d\n", pCtl->uAsyncIOState, ReqType));
4175 }
4176
4177 /* Do our work. */
4178 {
4179 STAM_PROFILE_START(&pCtl->StatLockWait, a);
4180 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
4181 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
4182 }
4183
4184 if (pCtl->uAsyncIOState == AHCIATA_AIO_NEW && !pCtl->fChainedTransfer)
4185 {
4186 u64TS = RTTimeNanoTS();
4187#if defined(DEBUG) || defined(VBOX_WITH_STATISTICS)
4188 STAM_PROFILE_ADV_START(&pCtl->StatAsyncTime, a);
4189#endif /* DEBUG || VBOX_WITH_STATISTICS */
4190 }
4191
4192 switch (ReqType)
4193 {
4194 case AHCIATA_AIO_NEW:
4195
4196 pCtl->iAIOIf = pReq->u.t.iIf;
4197 s = &pCtl->aIfs[pCtl->iAIOIf];
4198 s->cbTotalTransfer = pReq->u.t.cbTotalTransfer;
4199 s->uTxDir = pReq->u.t.uTxDir;
4200 s->iBeginTransfer = pReq->u.t.iBeginTransfer;
4201 s->iSourceSink = pReq->u.t.iSourceSink;
4202 s->iIOBufferEnd = 0;
4203 s->u64CmdTS = u64TS;
4204
4205 if (s->fATAPI)
4206 {
4207 if (pCtl->fChainedTransfer)
4208 {
4209 /* Only count the actual transfers, not the PIO
4210 * transfer of the ATAPI command bytes. */
4211 if (s->fDMA)
4212 STAM_REL_COUNTER_INC(&s->StatATAPIDMA);
4213 else
4214 STAM_REL_COUNTER_INC(&s->StatATAPIPIO);
4215 }
4216 }
4217 else
4218 {
4219 if (s->fDMA)
4220 STAM_REL_COUNTER_INC(&s->StatATADMA);
4221 else
4222 STAM_REL_COUNTER_INC(&s->StatATAPIO);
4223 }
4224
4225 pCtl->fChainedTransfer = false;
4226
4227 if (s->iBeginTransfer != ATAFN_BT_NULL)
4228 {
4229 Log2(("%s: Ctl: calling begin transfer function\n", __FUNCTION__));
4230 g_apfnBeginTransFuncs[s->iBeginTransfer](s);
4231 s->iBeginTransfer = ATAFN_BT_NULL;
4232 if (s->uTxDir != PDMBLOCKTXDIR_FROM_DEVICE)
4233 s->iIOBufferEnd = s->cbElementaryTransfer;
4234 }
4235 else
4236 {
4237 s->cbElementaryTransfer = s->cbTotalTransfer;
4238 s->iIOBufferEnd = s->cbTotalTransfer;
4239 }
4240 s->iIOBufferCur = 0;
4241
4242 if (s->uTxDir != PDMBLOCKTXDIR_TO_DEVICE)
4243 {
4244 if (s->iSourceSink != ATAFN_SS_NULL)
4245 {
4246 bool fRedo;
4247 Log2(("%s: Ctl: calling source/sink function\n", __FUNCTION__));
4248 fRedo = g_apfnSourceSinkFuncs[s->iSourceSink](s);
4249 pCtl->fRedo = fRedo;
4250 if (RT_UNLIKELY(fRedo))
4251 {
4252 /* Operation failed at the initial transfer, restart
4253 * everything from scratch by resending the current
4254 * request. Occurs very rarely, not worth optimizing. */
4255 LogRel(("%s: Ctl: redo entire operation\n", __FUNCTION__));
4256 ataAsyncIOPutRequest(pCtl, pReq);
4257 break;
4258 }
4259 }
4260 else
4261 ataCmdOK(s, 0);
4262 s->iIOBufferEnd = s->cbElementaryTransfer;
4263
4264 }
4265
4266 /* Do not go into the transfer phase if RESET is asserted.
4267 * The CritSect is released while waiting for the host OS
4268 * to finish the I/O, thus RESET is possible here. Most
4269 * important: do not change uAsyncIOState. */
4270 if (pCtl->fReset)
4271 break;
4272
4273 if (s->fDMA)
4274 {
4275 if (s->cbTotalTransfer)
4276 {
4277 ataSetStatus(s, ATA_STAT_DRQ);
4278
4279 pCtl->uAsyncIOState = AHCIATA_AIO_DMA;
4280 /* If BMDMA is already started, do the transfer now. */
4281 if (pCtl->BmDma.u8Cmd & BM_CMD_START)
4282 {
4283 Log2(("%s: Ctl: message to async I/O thread, continuing DMA transfer immediately\n", __FUNCTION__));
4284 ataAsyncIOPutRequest(pCtl, &ataDMARequest);
4285 }
4286 }
4287 else
4288 {
4289 Assert(s->uTxDir == PDMBLOCKTXDIR_NONE); /* Any transfer which has an initial transfer size of 0 must be marked as such. */
4290 /* Finish DMA transfer. */
4291 ataDMATransferStop(s);
4292 ataSetIRQ(s);
4293 pCtl->uAsyncIOState = AHCIATA_AIO_NEW;
4294 }
4295 }
4296 else
4297 {
4298 if (s->cbTotalTransfer)
4299 {
4300 ataPIOTransfer(pCtl);
4301 Assert(!pCtl->fRedo);
4302 if (s->fATAPITransfer || s->uTxDir != PDMBLOCKTXDIR_TO_DEVICE)
4303 ataSetIRQ(s);
4304
4305 if (s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE || s->iSourceSink != ATAFN_SS_NULL)
4306 {
4307 /* Write operations and not yet finished transfers
4308 * must be completed in the async I/O thread. */
4309 pCtl->uAsyncIOState = AHCIATA_AIO_PIO;
4310 }
4311 else
4312 {
4313 /* Finished read operation can be handled inline
4314 * in the end of PIO transfer handling code. Linux
4315 * depends on this, as it waits only briefly for
4316 * devices to become ready after incoming data
4317 * transfer. Cannot find anything in the ATA spec
4318 * that backs this assumption, but as all kernels
4319 * are affected (though most of the time it does
4320 * not cause any harm) this must work. */
4321 pCtl->uAsyncIOState = AHCIATA_AIO_NEW;
4322 }
4323 }
4324 else
4325 {
4326 Assert(s->uTxDir == PDMBLOCKTXDIR_NONE); /* Any transfer which has an initial transfer size of 0 must be marked as such. */
4327 /* Finish PIO transfer. */
4328 ataPIOTransfer(pCtl);
4329 Assert(!pCtl->fRedo);
4330 if (!s->fATAPITransfer)
4331 ataSetIRQ(s);
4332 pCtl->uAsyncIOState = AHCIATA_AIO_NEW;
4333 }
4334 }
4335 break;
4336
4337 case AHCIATA_AIO_DMA:
4338 {
4339 BMDMAState *bm = &pCtl->BmDma;
4340 s = &pCtl->aIfs[pCtl->iAIOIf]; /* Do not remove or there's an instant crash after loading the saved state */
4341 ATAFNSS iOriginalSourceSink = (ATAFNSS)s->iSourceSink; /* Used by the hack below, but gets reset by then. */
4342
4343 if (s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE)
4344 AssertRelease(bm->u8Cmd & BM_CMD_WRITE);
4345 else
4346 AssertRelease(!(bm->u8Cmd & BM_CMD_WRITE));
4347
4348 if (RT_LIKELY(!pCtl->fRedo))
4349 {
4350 /* The specs say that the descriptor table must not cross a
4351 * 4K boundary. */
4352 pCtl->pFirstDMADesc = bm->pvAddr;
4353 pCtl->pLastDMADesc = RT_ALIGN_32(bm->pvAddr + 1, _4K) - sizeof(BMDMADesc);
4354 }
4355 ataDMATransfer(pCtl);
4356
4357 if (RT_UNLIKELY(pCtl->fRedo))
4358 {
4359 LogRel(("AHCI ATA: Ctl: redo DMA operation\n"));
4360 ataAsyncIOPutRequest(pCtl, &ataDMARequest);
4361 break;
4362 }
4363
4364 /* The infamous delay IRQ hack. */
4365 if ( iOriginalSourceSink == ATAFN_SS_WRITE_SECTORS
4366 && s->cbTotalTransfer == 0
4367 && pCtl->DelayIRQMillies)
4368 {
4369 /* Delay IRQ for writing. Required to get the Win2K
4370 * installation work reliably (otherwise it crashes,
4371 * usually during component install). So far no better
4372 * solution has been found. */
4373 Log(("%s: delay IRQ hack\n", __FUNCTION__));
4374 PDMCritSectLeave(&pCtl->lock);
4375 RTThreadSleep(pCtl->DelayIRQMillies);
4376 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
4377 }
4378
4379 ataUnsetStatus(s, ATA_STAT_DRQ);
4380 Assert(!pCtl->fChainedTransfer);
4381 Assert(s->iSourceSink == ATAFN_SS_NULL);
4382 if (s->fATAPITransfer)
4383 {
4384 s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
4385 Log2(("%s: Ctl: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
4386 s->fATAPITransfer = false;
4387 }
4388 ataSetIRQ(s);
4389 pCtl->uAsyncIOState = AHCIATA_AIO_NEW;
4390 break;
4391 }
4392
4393 case AHCIATA_AIO_PIO:
4394 s = &pCtl->aIfs[pCtl->iAIOIf]; /* Do not remove or there's an instant crash after loading the saved state */
4395
4396 if (s->iSourceSink != ATAFN_SS_NULL)
4397 {
4398 bool fRedo;
4399 Log2(("%s: Ctl: calling source/sink function\n", __FUNCTION__));
4400 fRedo = g_apfnSourceSinkFuncs[s->iSourceSink](s);
4401 pCtl->fRedo = fRedo;
4402 if (RT_UNLIKELY(fRedo))
4403 {
4404 LogRel(("AHCI ATA: Ctl: redo PIO operation\n"));
4405 ataAsyncIOPutRequest(pCtl, &ataPIORequest);
4406 break;
4407 }
4408 s->iIOBufferCur = 0;
4409 s->iIOBufferEnd = s->cbElementaryTransfer;
4410 }
4411 else
4412 {
4413 /* Continue a previously started transfer. */
4414 ataUnsetStatus(s, ATA_STAT_BUSY);
4415 ataSetStatus(s, ATA_STAT_READY);
4416 }
4417
4418 /* It is possible that the drives on this controller get RESET
4419 * during the above call to the source/sink function. If that's
4420 * the case, don't restart the transfer and don't finish it the
4421 * usual way. RESET handling took care of all that already.
4422 * Most important: do not change uAsyncIOState. */
4423 if (pCtl->fReset)
4424 break;
4425
4426 if (s->cbTotalTransfer)
4427 {
4428 ataPIOTransfer(pCtl);
4429 ataSetIRQ(s);
4430
4431 if (s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE || s->iSourceSink != ATAFN_SS_NULL)
4432 {
4433 /* Write operations and not yet finished transfers
4434 * must be completed in the async I/O thread. */
4435 pCtl->uAsyncIOState = AHCIATA_AIO_PIO;
4436 }
4437 else
4438 {
4439 /* Finished read operation can be handled inline
4440 * in the end of PIO transfer handling code. Linux
4441 * depends on this, as it waits only briefly for
4442 * devices to become ready after incoming data
4443 * transfer. Cannot find anything in the ATA spec
4444 * that backs this assumption, but as all kernels
4445 * are affected (though most of the time it does
4446 * not cause any harm) this must work. */
4447 pCtl->uAsyncIOState = AHCIATA_AIO_NEW;
4448 }
4449 }
4450 else
4451 {
4452 /* Finish PIO transfer. */
4453 ataPIOTransfer(pCtl);
4454 if ( !pCtl->fChainedTransfer
4455 && !s->fATAPITransfer
4456 && s->uTxDir != PDMBLOCKTXDIR_FROM_DEVICE)
4457 {
4458 ataSetIRQ(s);
4459 }
4460 pCtl->uAsyncIOState = AHCIATA_AIO_NEW;
4461 }
4462 break;
4463
4464 case AHCIATA_AIO_RESET_ASSERTED:
4465 pCtl->uAsyncIOState = AHCIATA_AIO_RESET_CLEARED;
4466 ataPIOTransferStop(&pCtl->aIfs[0]);
4467 ataPIOTransferStop(&pCtl->aIfs[1]);
4468 /* Do not change the DMA registers, they are not affected by the
4469 * ATA controller reset logic. It should be sufficient to issue a
4470 * new command, which is now possible as the state is cleared. */
4471 break;
4472
4473 case AHCIATA_AIO_RESET_CLEARED:
4474 pCtl->uAsyncIOState = AHCIATA_AIO_NEW;
4475 pCtl->fReset = false;
4476 LogRel(("AHCI ATA: Ctl: finished processing RESET\n"));
4477 for (uint32_t i = 0; i < RT_ELEMENTS(pCtl->aIfs); i++)
4478 {
4479 if (pCtl->aIfs[i].fATAPI)
4480 ataSetStatusValue(&pCtl->aIfs[i], 0); /* NOTE: READY is _not_ set */
4481 else
4482 ataSetStatusValue(&pCtl->aIfs[i], ATA_STAT_READY | ATA_STAT_SEEK);
4483 ataSetSignature(&pCtl->aIfs[i]);
4484 }
4485 break;
4486
4487 case AHCIATA_AIO_ABORT:
4488 /* Abort the current command no matter what. There cannot be
4489 * any command activity on the other drive otherwise using
4490 * one thread per controller wouldn't work at all. */
4491 s = &pCtl->aIfs[pReq->u.a.iIf];
4492
4493 pCtl->uAsyncIOState = AHCIATA_AIO_NEW;
4494 /* Do not change the DMA registers, they are not affected by the
4495 * ATA controller reset logic. It should be sufficient to issue a
4496 * new command, which is now possible as the state is cleared. */
4497 if (pReq->u.a.fResetDrive)
4498 {
4499 ataResetDevice(s);
4500 ataExecuteDeviceDiagnosticSS(s);
4501 }
4502 else
4503 {
4504 ataPIOTransferStop(s);
4505 ataUnsetStatus(s, ATA_STAT_BUSY | ATA_STAT_DRQ | ATA_STAT_SEEK | ATA_STAT_ERR);
4506 ataSetStatus(s, ATA_STAT_READY);
4507 ataSetIRQ(s);
4508 }
4509 break;
4510
4511 default:
4512 AssertMsgFailed(("Undefined async I/O state %d\n", pCtl->uAsyncIOState));
4513 }
4514
4515 ataAsyncIORemoveCurrentRequest(pCtl, ReqType);
4516 pReq = ataAsyncIOGetCurrentRequest(pCtl);
4517
4518 if (pCtl->uAsyncIOState == AHCIATA_AIO_NEW && !pCtl->fChainedTransfer)
4519 {
4520#if defined(DEBUG) || defined(VBOX_WITH_STATISTICS)
4521 STAM_PROFILE_ADV_STOP(&pCtl->StatAsyncTime, a);
4522#endif /* DEBUG || VBOX_WITH_STATISTICS */
4523
4524 u64TS = RTTimeNanoTS() - u64TS;
4525 uWait = u64TS / 1000;
4526 Log(("%s: Ctl: LUN#%d finished I/O transaction in %d microseconds\n", __FUNCTION__, pCtl->aIfs[pCtl->iAIOIf].iLUN, (uint32_t)(uWait)));
4527 /* Mark command as finished. */
4528 pCtl->aIfs[pCtl->iAIOIf].u64CmdTS = 0;
4529
4530 /*
4531 * Release logging of command execution times depends on the
4532 * command type. ATAPI commands often take longer (due to CD/DVD
4533 * spin up time etc.) so the threshold is different.
4534 */
4535 if (pCtl->aIfs[pCtl->iAIOIf].uATARegCommand != ATA_PACKET)
4536 {
4537 if (uWait > 8 * 1000 * 1000)
4538 {
4539 /*
4540 * Command took longer than 8 seconds. This is close
4541 * enough or over the guest's command timeout, so place
4542 * an entry in the release log to allow tracking such
4543 * timing errors (which are often caused by the host).
4544 */
4545 LogRel(("AHCI ATA: execution time for ATA command %#04x was %d seconds\n", pCtl->aIfs[pCtl->iAIOIf].uATARegCommand, uWait / (1000 * 1000)));
4546 }
4547 }
4548 else
4549 {
4550 if (uWait > 20 * 1000 * 1000)
4551 {
4552 /*
4553 * Command took longer than 20 seconds. This is close
4554 * enough or over the guest's command timeout, so place
4555 * an entry in the release log to allow tracking such
4556 * timing errors (which are often caused by the host).
4557 */
4558 LogRel(("AHCI ATA: execution time for ATAPI command %#04x was %d seconds\n", pCtl->aIfs[pCtl->iAIOIf].aATAPICmd[0], uWait / (1000 * 1000)));
4559 }
4560 }
4561
4562#if defined(DEBUG) || defined(VBOX_WITH_STATISTICS)
4563 if (uWait < pCtl->StatAsyncMinWait || !pCtl->StatAsyncMinWait)
4564 pCtl->StatAsyncMinWait = uWait;
4565 if (uWait > pCtl->StatAsyncMaxWait)
4566 pCtl->StatAsyncMaxWait = uWait;
4567
4568 STAM_COUNTER_ADD(&pCtl->StatAsyncTimeUS, uWait);
4569 STAM_COUNTER_INC(&pCtl->StatAsyncOps);
4570#endif /* DEBUG || VBOX_WITH_STATISTICS */
4571 }
4572
4573 PDMCritSectLeave(&pCtl->lock);
4574 }
4575
4576 /* Signal the ultimate idleness. */
4577 if (pCtl->fSignalIdle)
4578 PDMDevHlpAsyncNotificationCompleted(pCtl->pDevInsR3);
4579 RTThreadUserSignal(ThreadSelf);
4580
4581 /* Do not destroy request mutex yet, still needed for proper shutdown. */
4582 pCtl->fShutdown = false;
4583
4584 Log2(("%s: Ctl: return %Rrc\n", __FUNCTION__, rc));
4585 return rc;
4586}
4587
4588#endif /* IN_RING3 */
4589
4590static uint32_t ataBMDMACmdReadB(PAHCIATACONTROLLER pCtl, uint32_t addr)
4591{
4592 uint32_t val = pCtl->BmDma.u8Cmd;
4593 Log2(("%s: addr=%#06x val=%#04x\n", __FUNCTION__, addr, val));
4594 return val;
4595}
4596
4597
4598static void ataBMDMACmdWriteB(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t val)
4599{
4600 Log2(("%s: addr=%#06x val=%#04x\n", __FUNCTION__, addr, val));
4601 if (!(val & BM_CMD_START))
4602 {
4603 pCtl->BmDma.u8Status &= ~BM_STATUS_DMAING;
4604 pCtl->BmDma.u8Cmd = val & (BM_CMD_START | BM_CMD_WRITE);
4605 }
4606 else
4607 {
4608#ifdef IN_RING3
4609 /* Check whether the guest OS wants to change DMA direction in
4610 * mid-flight. Not allowed, according to the AHCI specs. */
4611 Assert(!(pCtl->BmDma.u8Status & BM_STATUS_DMAING) || !((val ^ pCtl->BmDma.u8Cmd) & 0x04));
4612 pCtl->BmDma.u8Status |= BM_STATUS_DMAING;
4613 pCtl->BmDma.u8Cmd = val & (BM_CMD_START | BM_CMD_WRITE);
4614
4615 /* Do not continue DMA transfers while the RESET line is asserted. */
4616 if (pCtl->fReset)
4617 {
4618 Log2(("%s: Ctl: suppressed continuing DMA transfer as RESET is active\n", __FUNCTION__));
4619 return;
4620 }
4621
4622 /* Do not start DMA transfers if there's a PIO transfer going on. */
4623 if (!pCtl->aIfs[pCtl->iSelectedIf].fDMA)
4624 return;
4625
4626 if (pCtl->aIfs[pCtl->iAIOIf].uATARegStatus & ATA_STAT_DRQ)
4627 {
4628 Log2(("%s: Ctl: message to async I/O thread, continuing DMA transfer\n", __FUNCTION__));
4629 ataAsyncIOPutRequest(pCtl, &ataDMARequest);
4630 }
4631#else /* !IN_RING3 */
4632 AssertMsgFailed(("DMA START handling is too complicated for GC\n"));
4633#endif /* IN_RING3 */
4634 }
4635}
4636
4637static uint32_t ataBMDMAStatusReadB(PAHCIATACONTROLLER pCtl, uint32_t addr)
4638{
4639 uint32_t val = pCtl->BmDma.u8Status;
4640 Log2(("%s: addr=%#06x val=%#04x\n", __FUNCTION__, addr, val));
4641 return val;
4642}
4643
4644static void ataBMDMAStatusWriteB(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t val)
4645{
4646 Log2(("%s: addr=%#06x val=%#04x\n", __FUNCTION__, addr, val));
4647 pCtl->BmDma.u8Status = (val & (BM_STATUS_D0DMA | BM_STATUS_D1DMA))
4648 | (pCtl->BmDma.u8Status & BM_STATUS_DMAING)
4649 | (pCtl->BmDma.u8Status & ~val & (BM_STATUS_ERROR | BM_STATUS_INT));
4650}
4651
4652static uint32_t ataBMDMAAddrReadL(PAHCIATACONTROLLER pCtl, uint32_t addr)
4653{
4654 uint32_t val = (uint32_t)pCtl->BmDma.pvAddr;
4655 Log2(("%s: addr=%#06x val=%#010x\n", __FUNCTION__, addr, val));
4656 return val;
4657}
4658
4659static void ataBMDMAAddrWriteL(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t val)
4660{
4661 Log2(("%s: addr=%#06x val=%#010x\n", __FUNCTION__, addr, val));
4662 pCtl->BmDma.pvAddr = val & ~3;
4663}
4664
4665static void ataBMDMAAddrWriteLowWord(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t val)
4666{
4667 Log2(("%s: addr=%#06x val=%#010x\n", __FUNCTION__, addr, val));
4668 pCtl->BmDma.pvAddr = (pCtl->BmDma.pvAddr & 0xFFFF0000) | RT_LOWORD(val & ~3);
4669
4670}
4671
4672static void ataBMDMAAddrWriteHighWord(PAHCIATACONTROLLER pCtl, uint32_t addr, uint32_t val)
4673{
4674 Log2(("%s: addr=%#06x val=%#010x\n", __FUNCTION__, addr, val));
4675 pCtl->BmDma.pvAddr = (RT_LOWORD(val) << 16) | RT_LOWORD(pCtl->BmDma.pvAddr);
4676}
4677
4678#define VAL(port, size) ( ((port) & 7) | ((size) << 3) )
4679
4680/**
4681 * Port I/O Handler for bus master DMA IN operations.
4682 * @see FNIOMIOPORTIN for details.
4683 */
4684int ataControllerBMDMAIOPortRead(PAHCIATACONTROLLER pCtl, RTIOPORT Port, uint32_t *pu32, unsigned cb)
4685{
4686 int rc;
4687
4688 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_READ);
4689 if (rc != VINF_SUCCESS)
4690 return rc;
4691 switch (VAL(Port, cb))
4692 {
4693 case VAL(0, 1): *pu32 = ataBMDMACmdReadB(pCtl, Port); break;
4694 case VAL(0, 2): *pu32 = ataBMDMACmdReadB(pCtl, Port); break;
4695 case VAL(2, 1): *pu32 = ataBMDMAStatusReadB(pCtl, Port); break;
4696 case VAL(2, 2): *pu32 = ataBMDMAStatusReadB(pCtl, Port); break;
4697 case VAL(4, 4): *pu32 = ataBMDMAAddrReadL(pCtl, Port); break;
4698 default:
4699 AssertMsgFailed(("%s: Unsupported read from port %x size=%d\n", __FUNCTION__, Port, cb));
4700 PDMCritSectLeave(&pCtl->lock);
4701 return VERR_IOM_IOPORT_UNUSED;
4702 }
4703 PDMCritSectLeave(&pCtl->lock);
4704 return rc;
4705}
4706
4707/**
4708 * Port I/O Handler for bus master DMA OUT operations.
4709 * @see FNIOMIOPORTOUT for details.
4710 */
4711int ataControllerBMDMAIOPortWrite(PAHCIATACONTROLLER pCtl, RTIOPORT Port, uint32_t u32, unsigned cb)
4712{
4713 int rc;
4714
4715 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_WRITE);
4716 if (rc != VINF_SUCCESS)
4717 return rc;
4718 switch (VAL(Port, cb))
4719 {
4720 case VAL(0, 1):
4721#ifndef IN_RING3
4722 if (u32 & BM_CMD_START)
4723 {
4724 rc = VINF_IOM_R3_IOPORT_WRITE;
4725 break;
4726 }
4727#endif /* !IN_RING3 */
4728 ataBMDMACmdWriteB(pCtl, Port, u32);
4729 break;
4730 case VAL(2, 1): ataBMDMAStatusWriteB(pCtl, Port, u32); break;
4731 case VAL(4, 4): ataBMDMAAddrWriteL(pCtl, Port, u32); break;
4732 case VAL(4, 2): ataBMDMAAddrWriteLowWord(pCtl, Port, u32); break;
4733 case VAL(6, 2): ataBMDMAAddrWriteHighWord(pCtl, Port, u32); break;
4734 default: AssertMsgFailed(("%s: Unsupported write to port %x size=%d val=%x\n", __FUNCTION__, Port, cb, u32)); break;
4735 }
4736 PDMCritSectLeave(&pCtl->lock);
4737 return rc;
4738}
4739
4740#undef VAL
4741
4742
4743#ifdef IN_RING3
4744#if 0
4745
4746/**
4747 * Callback function for mapping an PCI I/O region.
4748 *
4749 * @return VBox status code.
4750 * @param pPciDev Pointer to PCI device. Use pPciDev->pDevIns to get the device instance.
4751 * @param iRegion The region number.
4752 * @param GCPhysAddress Physical address of the region. If iType is PCI_ADDRESS_SPACE_IO, this is an
4753 * I/O port, else it's a physical address.
4754 * This address is *NOT* relative to pci_mem_base like earlier!
4755 * @param enmType One of the PCI_ADDRESS_SPACE_* values.
4756 */
4757static DECLCALLBACK(int) ataBMDMAIORangeMap(PPCIDEVICE pPciDev, /*unsigned*/ int iRegion, RTGCPHYS GCPhysAddress, uint32_t cb, PCIADDRESSSPACE enmType)
4758{
4759 PCIATAState *pThis = PCIDEV_2_PCIATASTATE(pPciDev);
4760 int rc = VINF_SUCCESS;
4761 Assert(enmType == PCI_ADDRESS_SPACE_IO);
4762 Assert(iRegion == 4);
4763 AssertMsg(RT_ALIGN(GCPhysAddress, 8) == GCPhysAddress, ("Expected 8 byte alignment. GCPhysAddress=%#x\n", GCPhysAddress));
4764
4765 /* Register the port range. */
4766 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
4767 {
4768 int rc2 = PDMDevHlpIOPortRegister(pPciDev->pDevIns, (RTIOPORT)GCPhysAddress + i * 8, 8,
4769 (RTHCPTR)i, ataBMDMAIOPortWrite, ataBMDMAIOPortRead, NULL, NULL, "ATA Bus Master DMA");
4770 AssertRC(rc2);
4771 if (rc2 < rc)
4772 rc = rc2;
4773
4774 if (pThis->fGCEnabled)
4775 {
4776 rc2 = PDMDevHlpIOPortRegisterGC(pPciDev->pDevIns, (RTIOPORT)GCPhysAddress + i * 8, 8,
4777 (RTGCPTR)i, "ataBMDMAIOPortWrite", "ataBMDMAIOPortRead", NULL, NULL, "ATA Bus Master DMA");
4778 AssertRC(rc2);
4779 if (rc2 < rc)
4780 rc = rc2;
4781 }
4782 if (pThis->fR0Enabled)
4783 {
4784 rc2 = PDMDevHlpIOPortRegisterR0(pPciDev->pDevIns, (RTIOPORT)GCPhysAddress + i * 8, 8,
4785 (RTR0PTR)i, "ataBMDMAIOPortWrite", "ataBMDMAIOPortRead", NULL, NULL, "ATA Bus Master DMA");
4786 AssertRC(rc2);
4787 if (rc2 < rc)
4788 rc = rc2;
4789 }
4790 }
4791 return rc;
4792}
4793#endif
4794
4795/**
4796 * Reset the controller to an initial state.
4797 *
4798 * @returns VBox status.
4799 * @param pDevIns The device instance data.
4800 */
4801void ataControllerReset(PAHCIATACONTROLLER pCtl)
4802{
4803 pCtl->iSelectedIf = 0;
4804 pCtl->iAIOIf = 0;
4805 pCtl->BmDma.u8Cmd = 0;
4806 /* Report that both drives present on the bus are in DMA mode. This
4807 * pretends that there is a BIOS that has set it up. Normal reset
4808 * default is 0x00. */
4809 pCtl->BmDma.u8Status = (pCtl->aIfs[0].pDrvBase != NULL ? BM_STATUS_D0DMA : 0)
4810 | (pCtl->aIfs[1].pDrvBase != NULL ? BM_STATUS_D1DMA : 0);
4811 pCtl->BmDma.pvAddr = 0;
4812
4813 pCtl->fReset = true;
4814 pCtl->fRedo = false;
4815 pCtl->fRedoIdle = false;
4816 ataAsyncIOClearRequests(pCtl);
4817 Log2(("%s: Ctl: message to async I/O thread, reset controller\n", __FUNCTION__));
4818 ataAsyncIOPutRequest(pCtl, &ataResetARequest);
4819 ataAsyncIOPutRequest(pCtl, &ataResetCRequest);
4820 if (!ataWaitForAsyncIOIsIdle(pCtl, 30000))
4821 AssertReleaseMsgFailed(("Async I/O thread busy after reset\n"));
4822
4823 for (uint32_t i = 0; i < RT_ELEMENTS(pCtl->aIfs); i++)
4824 ataResetDevice(&pCtl->aIfs[i]);
4825}
4826
4827#if 0
4828/* -=-=-=-=-=- AHCIATADevState::IBase -=-=-=-=-=- */
4829
4830/**
4831 * @interface_method_impl{PDMIBASE,pfnQueryInterface}
4832 */
4833static DECLCALLBACK(void *) ataQueryInterface(PPDMIBASE pInterface, const char *pszIID)
4834{
4835 ATADevState *pIf = PDMIBASE_2_ATASTATE(pInterface);
4836 PDMIBASE_RETURN_INTERFACE(pszIID, PDMIBASE, &pIf->IBase);
4837 PDMIBASE_RETURN_INTERFACE(pszIID, PDMIBLOCKPORT, &pIf->IPort);
4838 PDMIBASE_RETURN_INTERFACE(pszIID, PDMIMOUNTNOTIFY, &pIf->IMountNotify);
4839 return NULL;
4840}
4841#endif
4842#endif /* IN_RING3 */
4843
4844
4845/* -=-=-=-=-=- Wrappers -=-=-=-=-=- */
4846
4847/**
4848 * Port I/O Handler for primary port range OUT operations.
4849 * @see FNIOMIOPORTOUT for details.
4850 */
4851int ataControllerIOPortWrite1(PAHCIATACONTROLLER pCtl, RTIOPORT Port, uint32_t u32, unsigned cb)
4852{
4853 int rc = VINF_SUCCESS;
4854
4855 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_WRITE);
4856 if (rc != VINF_SUCCESS)
4857 return rc;
4858 if (cb == 1)
4859 rc = ataIOPortWriteU8(pCtl, Port, u32);
4860 else if (Port == pCtl->IOPortBase1)
4861 {
4862 Assert(cb == 2 || cb == 4);
4863 rc = ataDataWrite(pCtl, Port, cb, (const uint8_t *)&u32);
4864 }
4865 else
4866 AssertMsgFailed(("ataIOPortWrite1: unsupported write to port %x val=%x size=%d\n", Port, u32, cb));
4867 PDMCritSectLeave(&pCtl->lock);
4868 return rc;
4869}
4870
4871
4872/**
4873 * Port I/O Handler for primary port range IN operations.
4874 * @see FNIOMIOPORTIN for details.
4875 */
4876int ataControllerIOPortRead1(PAHCIATACONTROLLER pCtl, RTIOPORT Port, uint32_t *pu32, unsigned cb)
4877{
4878 int rc = VINF_SUCCESS;
4879
4880 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_READ);
4881 if (rc != VINF_SUCCESS)
4882 return rc;
4883 if (cb == 1)
4884 {
4885 rc = ataIOPortReadU8(pCtl, Port, pu32);
4886 }
4887 else if (Port == pCtl->IOPortBase1)
4888 {
4889 Assert(cb == 2 || cb == 4);
4890 rc = ataDataRead(pCtl, Port, cb, (uint8_t *)pu32);
4891 if (cb == 2)
4892 *pu32 &= 0xffff;
4893 }
4894 else
4895 {
4896 AssertMsgFailed(("ataIOPortRead1: unsupported read from port %x size=%d\n", Port, cb));
4897 rc = VERR_IOM_IOPORT_UNUSED;
4898 }
4899 PDMCritSectLeave(&pCtl->lock);
4900 return rc;
4901}
4902
4903#ifndef IN_RING0 /** @todo do this in ring-0 as well. */
4904/**
4905 * Port I/O Handler for primary port range IN string operations.
4906 * @see FNIOMIOPORTINSTRING for details.
4907 */
4908int ataControllerIOPortReadStr1(PAHCIATACONTROLLER pCtl, RTIOPORT Port, RTGCPTR *pGCPtrDst, PRTGCUINTREG pcTransfer, unsigned cb)
4909{
4910 int rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_READ);
4911 if (rc != VINF_SUCCESS)
4912 return rc;
4913 if (Port == pCtl->IOPortBase1)
4914 {
4915 uint32_t cTransAvailable, cTransfer = *pcTransfer, cbTransfer;
4916 RTGCPTR GCDst = *pGCPtrDst;
4917 AHCIATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
4918 Assert(cb == 2 || cb == 4);
4919
4920 cTransAvailable = (s->iIOBufferPIODataEnd - s->iIOBufferPIODataStart) / cb;
4921#ifndef IN_RING3
4922 /* Deal with the unlikely case where no data (or not enough for the read length operation) is available; go back to ring 3. */
4923 if (!cTransAvailable)
4924 {
4925 PDMCritSectLeave(&pCtl->lock);
4926 return VINF_IOM_R3_IOPORT_READ;
4927 }
4928 /* The last transfer unit cannot be handled in GC, as it involves thread communication. */
4929 cTransAvailable--;
4930#endif /* !IN_RING3 */
4931 /* Do not handle the dummy transfer stuff here, leave it to the single-word transfers.
4932 * They are not performance-critical and generally shouldn't occur at all. */
4933 if (cTransAvailable > cTransfer)
4934 cTransAvailable = cTransfer;
4935 cbTransfer = cTransAvailable * cb;
4936
4937 PPDMDEVINS pDevIns = pCtl->CTX_SUFF(pDevIns);
4938 rc = PGMPhysSimpleDirtyWriteGCPtr(PDMDevHlpGetVMCPU(pDevIns), GCDst, s->CTX_SUFF(pbIOBuffer) + s->iIOBufferPIODataStart, cbTransfer);
4939#ifndef IN_RING3
4940 /* Paranoia. */
4941 if (RT_FAILURE(rc))
4942 {
4943 PDMCritSectLeave(&pCtl->lock);
4944 AssertFailed();
4945 return VINF_IOM_R3_IOPORT_READ;
4946 }
4947#else
4948 Assert(rc == VINF_SUCCESS);
4949#endif
4950
4951 if (cbTransfer)
4952 Log3(("%s: addr=%#x val=%.*Rhxs\n", __FUNCTION__, Port, cbTransfer, s->CTX_SUFF(pbIOBuffer) + s->iIOBufferPIODataStart));
4953 s->iIOBufferPIODataStart += cbTransfer;
4954 *pGCPtrDst = (RTGCPTR)((RTGCUINTPTR)GCDst + cbTransfer);
4955 *pcTransfer = cTransfer - cTransAvailable;
4956#ifdef IN_RING3
4957 if (s->iIOBufferPIODataStart >= s->iIOBufferPIODataEnd)
4958 ataPIOTransferFinish(pCtl, s);
4959#endif /* IN_RING3 */
4960 }
4961 PDMCritSectLeave(&pCtl->lock);
4962 return rc;
4963}
4964
4965
4966/**
4967 * Port I/O Handler for primary port range OUT string operations.
4968 * @see FNIOMIOPORTOUTSTRING for details.
4969 */
4970int ataControllerIOPortWriteStr1(PAHCIATACONTROLLER pCtl, RTIOPORT Port, RTGCPTR *pGCPtrSrc, PRTGCUINTREG pcTransfer, unsigned cb)
4971{
4972 int rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_WRITE);
4973 if (rc != VINF_SUCCESS)
4974 return rc;
4975 if (Port == pCtl->IOPortBase1)
4976 {
4977 uint32_t cTransAvailable, cTransfer = *pcTransfer, cbTransfer;
4978 RTGCPTR GCSrc = *pGCPtrSrc;
4979 AHCIATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
4980 Assert(cb == 2 || cb == 4);
4981
4982 cTransAvailable = (s->iIOBufferPIODataEnd - s->iIOBufferPIODataStart) / cb;
4983#ifndef IN_RING3
4984 /* Deal with the unlikely case where no data (or not enough for the read length operation) is available; go back to ring 3. */
4985 if (!cTransAvailable)
4986 {
4987 PDMCritSectLeave(&pCtl->lock);
4988 return VINF_IOM_R3_IOPORT_WRITE;
4989 }
4990 /* The last transfer unit cannot be handled in GC, as it involves thread communication. */
4991 cTransAvailable--;
4992#endif /* !IN_RING3 */
4993 /* Do not handle the dummy transfer stuff here, leave it to the single-word transfers.
4994 * They are not performance-critical and generally shouldn't occur at all. */
4995 if (cTransAvailable > cTransfer)
4996 cTransAvailable = cTransfer;
4997 cbTransfer = cTransAvailable * cb;
4998
4999 PPDMDEVINS pDevIns = pCtl->CTX_SUFF(pDevIns);
5000 rc = PGMPhysSimpleReadGCPtr(PDMDevHlpGetVMCPU(pDevIns), s->CTX_SUFF(pbIOBuffer) + s->iIOBufferPIODataStart, GCSrc, cbTransfer);
5001#ifndef IN_RING3
5002 /* Paranoia. */
5003 if (RT_FAILURE(rc))
5004 {
5005 PDMCritSectLeave(&pCtl->lock);
5006 AssertFailed();
5007 return VINF_IOM_R3_IOPORT_WRITE;
5008 }
5009#else
5010 Assert(rc == VINF_SUCCESS);
5011#endif
5012
5013 if (cbTransfer)
5014 Log3(("%s: addr=%#x val=%.*Rhxs\n", __FUNCTION__, Port, cbTransfer, s->CTX_SUFF(pbIOBuffer) + s->iIOBufferPIODataStart));
5015 s->iIOBufferPIODataStart += cbTransfer;
5016 *pGCPtrSrc = (RTGCPTR)((RTGCUINTPTR)GCSrc + cbTransfer);
5017 *pcTransfer = cTransfer - cTransAvailable;
5018#ifdef IN_RING3
5019 if (s->iIOBufferPIODataStart >= s->iIOBufferPIODataEnd)
5020 ataPIOTransferFinish(pCtl, s);
5021#endif /* IN_RING3 */
5022 }
5023 PDMCritSectLeave(&pCtl->lock);
5024 return rc;
5025}
5026#endif /* !IN_RING0 */
5027
5028/**
5029 * Port I/O Handler for secondary port range OUT operations.
5030 * @see FNIOMIOPORTOUT for details.
5031 */
5032int ataControllerIOPortWrite2(PAHCIATACONTROLLER pCtl, RTIOPORT Port, uint32_t u32, unsigned cb)
5033{
5034 int rc;
5035
5036 if (cb != 1)
5037 return VINF_SUCCESS;
5038 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_WRITE);
5039 if (rc != VINF_SUCCESS)
5040 return rc;
5041 rc = ataControlWrite(pCtl, Port, u32);
5042 PDMCritSectLeave(&pCtl->lock);
5043 return rc;
5044}
5045
5046
5047/**
5048 * Port I/O Handler for secondary port range IN operations.
5049 * @see FNIOMIOPORTIN for details.
5050 */
5051int ataControllerIOPortRead2(PAHCIATACONTROLLER pCtl, RTIOPORT Port, uint32_t *pu32, unsigned cb)
5052{
5053 int rc;
5054
5055 if (cb != 1)
5056 return VERR_IOM_IOPORT_UNUSED;
5057
5058 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_READ);
5059 if (rc != VINF_SUCCESS)
5060 return rc;
5061 *pu32 = ataStatusRead(pCtl, Port);
5062 PDMCritSectLeave(&pCtl->lock);
5063 return VINF_SUCCESS;
5064}
5065
5066#ifdef IN_RING3
5067
5068/**
5069 * Waits for all async I/O threads to complete whatever they
5070 * are doing at the moment.
5071 *
5072 * @returns true on success.
5073 * @returns false when one or more threads is still processing.
5074 * @param pThis Pointer to the instance data.
5075 * @param cMillies How long to wait (total).
5076 */
5077static bool ataWaitForAllAsyncIOIsIdle(PAHCIATACONTROLLER pCtl, RTMSINTERVAL cMillies)
5078{
5079 uint64_t u64Start;
5080 PPDMDEVINS pDevIns = pCtl->CTXALLSUFF(pDevIns);
5081 bool fAllIdle = false;
5082
5083 /*
5084 * Wait for any pending async operation to finish
5085 */
5086 u64Start = RTTimeMilliTS();
5087 for (;;)
5088 {
5089 /* Check all async I/O threads. */
5090 fAllIdle = true;
5091
5092 fAllIdle &= ataAsyncIOIsIdle(pCtl, false);
5093 if (!fAllIdle)
5094 break;
5095
5096 if ( fAllIdle
5097 || RTTimeMilliTS() - u64Start >= cMillies)
5098 break;
5099
5100 /* Sleep for a bit. */
5101 RTThreadSleep(100);
5102 }
5103
5104 if (!fAllIdle)
5105 LogRel(("AHCI ATA: Ctl is still executing, DevSel=%d AIOIf=%d CmdIf0=%#04x CmdIf1=%#04x\n",
5106 pCtl->iSelectedIf, pCtl->iAIOIf,
5107 pCtl->aIfs[0].uATARegCommand, pCtl->aIfs[1].uATARegCommand));
5108
5109 return fAllIdle;
5110}
5111
5112
5113DECLINLINE(void) ataRelocBuffer(PPDMDEVINS pDevIns, AHCIATADevState *s)
5114{
5115 if (s->pbIOBufferR3)
5116 s->pbIOBufferRC = MMHyperR3ToRC(PDMDevHlpGetVM(pDevIns), s->pbIOBufferR3);
5117}
5118
5119
5120/**
5121 * @copydoc FNPDMDEVRELOCATE
5122 */
5123void ataControllerRelocate(PAHCIATACONTROLLER pCtl, RTGCINTPTR offDelta)
5124{
5125 PPDMDEVINS pDevIns = pCtl->CTXALLSUFF(pDevIns);
5126
5127 pCtl->pDevInsRC += offDelta;
5128 pCtl->aIfs[0].pDevInsRC += offDelta;
5129 pCtl->aIfs[0].pControllerRC += offDelta;
5130 ataRelocBuffer(pDevIns, &pCtl->aIfs[0]);
5131 pCtl->aIfs[1].pDevInsRC += offDelta;
5132 pCtl->aIfs[1].pControllerRC += offDelta;
5133 ataRelocBuffer(pDevIns, &pCtl->aIfs[1]);
5134}
5135
5136
5137/**
5138 * Destroy a controller instance.
5139 *
5140 * Most VM resources are freed by the VM. This callback is provided so that any non-VM
5141 * resources can be freed correctly.
5142 *
5143 * @param pCtl The controller instance.
5144 */
5145int ataControllerDestroy(PAHCIATACONTROLLER pCtl)
5146{
5147 int rc;
5148
5149 Log(("%s:\n", __FUNCTION__));
5150
5151 /*
5152 * Terminate the async helper thread and wait for it to finish up.
5153 */
5154 if (pCtl->AsyncIOThread != NIL_RTTHREAD)
5155 {
5156 ASMAtomicWriteU32(&pCtl->fShutdown, true);
5157 rc = RTSemEventSignal(pCtl->AsyncIOSem);
5158 AssertRC(rc);
5159 rc = RTSemEventSignal(pCtl->SuspendIOSem);
5160 AssertRC(rc);
5161
5162 rc = RTThreadWait(pCtl->AsyncIOThread, 30000 /* 30 s*/, NULL);
5163 if (RT_SUCCESS(rc))
5164 pCtl->AsyncIOThread = NIL_RTTHREAD;
5165 else
5166 LogRel(("PIIX3 ATA Dtor: Ctl/irq=%u is still executing, DevSel=%d AIOIf=%d CmdIf0=%#04x CmdIf1=%#04x rc=%Rrc\n",
5167 pCtl->irq, pCtl->iSelectedIf, pCtl->iAIOIf,
5168 pCtl->aIfs[0].uATARegCommand, pCtl->aIfs[1].uATARegCommand, rc));
5169 }
5170
5171 /*
5172 * Now the request mutexes are no longer needed. Free resources.
5173 */
5174 if (pCtl->AsyncIORequestMutex != NIL_RTSEMMUTEX)
5175 {
5176 RTSemMutexDestroy(pCtl->AsyncIORequestMutex);
5177 pCtl->AsyncIORequestMutex = NIL_RTSEMMUTEX;
5178 }
5179 if (pCtl->AsyncIOSem != NIL_RTSEMEVENT)
5180 {
5181 RTSemEventDestroy(pCtl->AsyncIOSem);
5182 pCtl->AsyncIOSem = NIL_RTSEMEVENT;
5183 }
5184 if (pCtl->SuspendIOSem != NIL_RTSEMEVENT)
5185 {
5186 RTSemEventDestroy(pCtl->SuspendIOSem);
5187 pCtl->SuspendIOSem = NIL_RTSEMEVENT;
5188 }
5189
5190 /* try one final time */
5191 if (pCtl->AsyncIOThread != NIL_RTTHREAD)
5192 {
5193 rc = RTThreadWait(pCtl->AsyncIOThread, 1 /*ms*/, NULL);
5194 if (RT_SUCCESS(rc))
5195 {
5196 pCtl->AsyncIOThread = NIL_RTTHREAD;
5197 LogRel(("AHCI ATA Dtor: Ctl/irq=%u actually completed.\n", pCtl->irq));
5198 }
5199 }
5200
5201 return VINF_SUCCESS;
5202}
5203
5204/**
5205 * Detach notification.
5206 *
5207 * The DVD drive has been unplugged.
5208 *
5209 * @param pDevIns The device instance.
5210 * @param fMaster True if the master is detached
5211 * false for the slave
5212 */
5213void ataControllerDetach(PAHCIATACONTROLLER pCtl, bool fMaster)
5214{
5215 AHCIATADevState *pIf;
5216
5217 /*
5218 * Locate the controller and stuff.
5219 */
5220 pIf = &pCtl->aIfs[fMaster ? 0 : 1];
5221
5222 /*
5223 * Zero some important members.
5224 */
5225 pIf->pDrvBase = NULL;
5226 pIf->pDrvBlock = NULL;
5227 pIf->pDrvBlockBios = NULL;
5228 pIf->pDrvMount = NULL;
5229}
5230
5231/**
5232 * Configure a LUN.
5233 *
5234 * @returns VBox status code.
5235 * @param pDevIns The device instance.
5236 * @param pIf The ATA unit state.
5237 */
5238static int ataConfigLun(PPDMDEVINS pDevIns, AHCIATADevState *pIf)
5239{
5240 int rc;
5241 PDMBLOCKTYPE enmType;
5242
5243 /*
5244 * Query Block, Bios and Mount interfaces.
5245 */
5246 pIf->pDrvBlock = PDMIBASE_QUERY_INTERFACE(pIf->pDrvBase, PDMIBLOCK);
5247 if (!pIf->pDrvBlock)
5248 {
5249 AssertMsgFailed(("Configuration error: LUN#%d hasn't a block interface!\n", pIf->iLUN));
5250 return VERR_PDM_MISSING_INTERFACE;
5251 }
5252
5253 /** @todo implement the BIOS invisible code path. */
5254 pIf->pDrvBlockBios = PDMIBASE_QUERY_INTERFACE(pIf->pDrvBase, PDMIBLOCKBIOS);
5255 if (!pIf->pDrvBlockBios)
5256 {
5257 AssertMsgFailed(("Configuration error: LUN#%d hasn't a block BIOS interface!\n", pIf->iLUN));
5258 return VERR_PDM_MISSING_INTERFACE;
5259 }
5260 pIf->pDrvMount = PDMIBASE_QUERY_INTERFACE(pIf->pDrvBase, PDMIMOUNT);
5261
5262 /*
5263 * Validate type.
5264 */
5265 enmType = pIf->pDrvBlock->pfnGetType(pIf->pDrvBlock);
5266 if ( enmType != PDMBLOCKTYPE_CDROM
5267 && enmType != PDMBLOCKTYPE_DVD
5268 && enmType != PDMBLOCKTYPE_HARD_DISK)
5269 {
5270 AssertMsgFailed(("Configuration error: LUN#%d isn't a disk or cd/dvd-rom. enmType=%d\n", pIf->iLUN, enmType));
5271 return VERR_PDM_UNSUPPORTED_BLOCK_TYPE;
5272 }
5273 if ( ( enmType == PDMBLOCKTYPE_DVD
5274 || enmType == PDMBLOCKTYPE_CDROM)
5275 && !pIf->pDrvMount)
5276 {
5277 AssertMsgFailed(("Internal error: cdrom without a mountable interface, WTF???!\n"));
5278 return VERR_INTERNAL_ERROR;
5279 }
5280 pIf->fATAPI = enmType == PDMBLOCKTYPE_DVD || enmType == PDMBLOCKTYPE_CDROM;
5281 pIf->fATAPIPassthrough = pIf->fATAPI ? (pIf->pDrvBlock->pfnSendCmd != NULL) : false;
5282
5283 /*
5284 * Allocate I/O buffer.
5285 */
5286 PVM pVM = PDMDevHlpGetVM(pDevIns);
5287 if (pIf->cbIOBuffer)
5288 {
5289 /* Buffer is (probably) already allocated. Validate the fields,
5290 * because memory corruption can also overwrite pIf->cbIOBuffer. */
5291 if (pIf->fATAPI)
5292 AssertRelease(pIf->cbIOBuffer == _128K);
5293 else
5294 AssertRelease(pIf->cbIOBuffer == ATA_MAX_MULT_SECTORS * 512);
5295 Assert(pIf->pbIOBufferR3);
5296 Assert(pIf->pbIOBufferR0 == MMHyperR3ToR0(pVM, pIf->pbIOBufferR3));
5297 Assert(pIf->pbIOBufferRC == MMHyperR3ToRC(pVM, pIf->pbIOBufferR3));
5298 }
5299 else
5300 {
5301 if (pIf->fATAPI)
5302 pIf->cbIOBuffer = _128K;
5303 else
5304 pIf->cbIOBuffer = ATA_MAX_MULT_SECTORS * 512;
5305 Assert(!pIf->pbIOBufferR3);
5306 rc = MMR3HyperAllocOnceNoRel(pVM, pIf->cbIOBuffer, 0, MM_TAG_PDM_DEVICE_USER, (void **)&pIf->pbIOBufferR3);
5307 if (RT_FAILURE(rc))
5308 return VERR_NO_MEMORY;
5309 pIf->pbIOBufferR0 = MMHyperR3ToR0(pVM, pIf->pbIOBufferR3);
5310 pIf->pbIOBufferRC = MMHyperR3ToRC(pVM, pIf->pbIOBufferR3);
5311 }
5312
5313 /*
5314 * Init geometry (only for non-CD/DVD media).
5315 */
5316 if (pIf->fATAPI)
5317 {
5318 pIf->cTotalSectors = pIf->pDrvBlock->pfnGetSize(pIf->pDrvBlock) / 2048;
5319 pIf->PCHSGeometry.cCylinders = 0; /* dummy */
5320 pIf->PCHSGeometry.cHeads = 0; /* dummy */
5321 pIf->PCHSGeometry.cSectors = 0; /* dummy */
5322 LogRel(("AHCI ATA: LUN#%d: CD/DVD, total number of sectors %Ld, passthrough %s\n", pIf->iLUN, pIf->cTotalSectors, (pIf->fATAPIPassthrough ? "enabled" : "disabled")));
5323 }
5324 else
5325 {
5326 pIf->cTotalSectors = pIf->pDrvBlock->pfnGetSize(pIf->pDrvBlock) / 512;
5327 rc = pIf->pDrvBlockBios->pfnGetPCHSGeometry(pIf->pDrvBlockBios,
5328 &pIf->PCHSGeometry);
5329 if (rc == VERR_PDM_MEDIA_NOT_MOUNTED)
5330 {
5331 pIf->PCHSGeometry.cCylinders = 0;
5332 pIf->PCHSGeometry.cHeads = 16; /*??*/
5333 pIf->PCHSGeometry.cSectors = 63; /*??*/
5334 }
5335 else if (rc == VERR_PDM_GEOMETRY_NOT_SET)
5336 {
5337 pIf->PCHSGeometry.cCylinders = 0; /* autodetect marker */
5338 rc = VINF_SUCCESS;
5339 }
5340 AssertRC(rc);
5341
5342 if ( pIf->PCHSGeometry.cCylinders == 0
5343 || pIf->PCHSGeometry.cHeads == 0
5344 || pIf->PCHSGeometry.cSectors == 0
5345 )
5346 {
5347 uint64_t cCylinders = pIf->cTotalSectors / (16 * 63);
5348 pIf->PCHSGeometry.cCylinders = RT_MAX(RT_MIN(cCylinders, 16383), 1);
5349 pIf->PCHSGeometry.cHeads = 16;
5350 pIf->PCHSGeometry.cSectors = 63;
5351 /* Set the disk geometry information. */
5352 rc = pIf->pDrvBlockBios->pfnSetPCHSGeometry(pIf->pDrvBlockBios,
5353 &pIf->PCHSGeometry);
5354 }
5355 LogRel(("AHCI ATA: LUN#%d: disk, PCHS=%u/%u/%u, total number of sectors %Ld\n", pIf->iLUN, pIf->PCHSGeometry.cCylinders, pIf->PCHSGeometry.cHeads, pIf->PCHSGeometry.cSectors, pIf->cTotalSectors));
5356 }
5357 return VINF_SUCCESS;
5358}
5359
5360/**
5361 * Attach command.
5362 *
5363 * This is called when we change block driver for the DVD drive.
5364 *
5365 * @returns VBox status code.
5366 * @param pDevIns The device instance.
5367 * @param iLUN The logical unit which is being detached.
5368 */
5369int ataControllerAttach(PAHCIATACONTROLLER pCtl, PPDMIBASE pDrvBase, bool fMaster)
5370{
5371 AHCIATADevState *pIf;
5372 int rc = VINF_SUCCESS;
5373
5374 /*
5375 * Locate the controller and stuff.
5376 */
5377 pIf = &pCtl->aIfs[fMaster ? 0 : 1];
5378
5379 /* the usual paranoia */
5380 AssertRelease(!pIf->pDrvBase);
5381 AssertRelease(!pIf->pDrvBlock);
5382 Assert(ATADEVSTATE_2_CONTROLLER(pIf) == pCtl);
5383
5384 /*
5385 * Try attach the block device and get the interfaces,
5386 * required as well as optional.
5387 */
5388
5389 pIf->pDrvBase = pDrvBase;
5390 if (pDrvBase)
5391 {
5392 rc = ataConfigLun(pCtl->pDevInsR3, pIf);
5393 AssertRC(rc);
5394
5395 if (RT_FAILURE(rc))
5396 {
5397 pIf->pDrvBase = NULL;
5398 pIf->pDrvBlock = NULL;
5399 }
5400 }
5401
5402 return rc;
5403}
5404
5405
5406/**
5407 * Resume notification.
5408 *
5409 * @returns VBox status.
5410 * @param pDevIns The device instance data.
5411 */
5412void ataControllerResume(PAHCIATACONTROLLER pCtl)
5413{
5414 int rc;
5415
5416 Log(("%s:\n", __FUNCTION__));
5417 if (pCtl->fRedo && pCtl->fRedoIdle)
5418 {
5419 rc = RTSemEventSignal(pCtl->SuspendIOSem);
5420 AssertRC(rc);
5421 }
5422
5423 return;
5424}
5425
5426
5427/**
5428 * Tests if the controller is idle, leaving the PDM notifications on if busy.
5429 *
5430 * @returns true if idle, false if idle.
5431 * @param pCtl the controller instance.
5432 */
5433bool ataControllerIsIdle(PAHCIATACONTROLLER pCtl)
5434{
5435 ASMAtomicWriteBool(&pCtl->fSignalIdle, true);
5436 if (ataAsyncIOIsIdle(pCtl, false /*fStrict*/))
5437 {
5438 ASMAtomicWriteBool(&pCtl->fSignalIdle, false);
5439 return true;
5440 }
5441 return false;
5442}
5443
5444/**
5445 * Saves a state of the ATA device.
5446 *
5447 * @returns VBox status code.
5448 * @param pCtl Controller instance.
5449 * @param pSSM The handle to save the state to.
5450 */
5451int ataControllerSaveExec(PAHCIATACONTROLLER pCtl, PSSMHANDLE pSSM)
5452{
5453 SSMR3PutU32(pSSM, ATA_CTL_SAVED_STATE_VERSION);
5454 SSMR3PutU8(pSSM, pCtl->iSelectedIf);
5455 SSMR3PutU8(pSSM, pCtl->iAIOIf);
5456 SSMR3PutU8(pSSM, pCtl->uAsyncIOState);
5457 SSMR3PutBool(pSSM, pCtl->fChainedTransfer);
5458 SSMR3PutBool(pSSM, pCtl->fReset);
5459 SSMR3PutBool(pSSM, pCtl->fRedo);
5460 SSMR3PutBool(pSSM, pCtl->fRedoIdle);
5461 SSMR3PutBool(pSSM, pCtl->fRedoDMALastDesc);
5462 SSMR3PutMem(pSSM, &pCtl->BmDma, sizeof(pCtl->BmDma));
5463 SSMR3PutGCPhys32(pSSM, pCtl->pFirstDMADesc);
5464 SSMR3PutGCPhys32(pSSM, pCtl->pLastDMADesc);
5465 SSMR3PutGCPhys32(pSSM, pCtl->pRedoDMABuffer);
5466 SSMR3PutU32(pSSM, pCtl->cbRedoDMABuffer);
5467
5468 for (uint32_t j = 0; j < RT_ELEMENTS(pCtl->aIfs); j++)
5469 {
5470 SSMR3PutBool(pSSM, pCtl->aIfs[j].fLBA48);
5471 SSMR3PutBool(pSSM, pCtl->aIfs[j].fATAPI);
5472 SSMR3PutBool(pSSM, pCtl->aIfs[j].fIrqPending);
5473 SSMR3PutU8(pSSM, pCtl->aIfs[j].cMultSectors);
5474 SSMR3PutU32(pSSM, pCtl->aIfs[j].PCHSGeometry.cCylinders);
5475 SSMR3PutU32(pSSM, pCtl->aIfs[j].PCHSGeometry.cHeads);
5476 SSMR3PutU32(pSSM, pCtl->aIfs[j].PCHSGeometry.cSectors);
5477 SSMR3PutU32(pSSM, pCtl->aIfs[j].cSectorsPerIRQ);
5478 SSMR3PutU64(pSSM, pCtl->aIfs[j].cTotalSectors);
5479 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegFeature);
5480 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegFeatureHOB);
5481 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegError);
5482 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegNSector);
5483 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegNSectorHOB);
5484 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegSector);
5485 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegSectorHOB);
5486 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegLCyl);
5487 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegLCylHOB);
5488 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegHCyl);
5489 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegHCylHOB);
5490 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegSelect);
5491 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegStatus);
5492 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegCommand);
5493 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATARegDevCtl);
5494 SSMR3PutU8(pSSM, pCtl->aIfs[j].uATATransferMode);
5495 SSMR3PutU8(pSSM, pCtl->aIfs[j].uTxDir);
5496 SSMR3PutU8(pSSM, pCtl->aIfs[j].iBeginTransfer);
5497 SSMR3PutU8(pSSM, pCtl->aIfs[j].iSourceSink);
5498 SSMR3PutBool(pSSM, pCtl->aIfs[j].fDMA);
5499 SSMR3PutBool(pSSM, pCtl->aIfs[j].fATAPITransfer);
5500 SSMR3PutU32(pSSM, pCtl->aIfs[j].cbTotalTransfer);
5501 SSMR3PutU32(pSSM, pCtl->aIfs[j].cbElementaryTransfer);
5502 SSMR3PutU32(pSSM, pCtl->aIfs[j].iIOBufferCur);
5503 SSMR3PutU32(pSSM, pCtl->aIfs[j].iIOBufferEnd);
5504 SSMR3PutU32(pSSM, pCtl->aIfs[j].iIOBufferPIODataStart);
5505 SSMR3PutU32(pSSM, pCtl->aIfs[j].iIOBufferPIODataEnd);
5506 SSMR3PutU32(pSSM, pCtl->aIfs[j].iATAPILBA);
5507 SSMR3PutU32(pSSM, pCtl->aIfs[j].cbATAPISector);
5508 SSMR3PutMem(pSSM, &pCtl->aIfs[j].aATAPICmd, sizeof(pCtl->aIfs[j].aATAPICmd));
5509 SSMR3PutMem(pSSM, &pCtl->aIfs[j].abATAPISense, sizeof(pCtl->aIfs[j].abATAPISense));
5510 SSMR3PutU8(pSSM, pCtl->aIfs[j].cNotifiedMediaChange);
5511 SSMR3PutU32(pSSM, pCtl->aIfs[j].MediaEventStatus);
5512
5513 PDMLED Led;
5514 memset(&Led, 0, sizeof(PDMLED));
5515 SSMR3PutMem(pSSM, &Led, sizeof(PDMLED));
5516 SSMR3PutU32(pSSM, pCtl->aIfs[j].cbIOBuffer);
5517 if (pCtl->aIfs[j].cbIOBuffer)
5518 SSMR3PutMem(pSSM, pCtl->aIfs[j].CTX_SUFF(pbIOBuffer), pCtl->aIfs[j].cbIOBuffer);
5519 else
5520 Assert(pCtl->aIfs[j].CTX_SUFF(pbIOBuffer) == NULL);
5521 }
5522
5523 return SSMR3PutU32(pSSM, ~0); /* sanity/terminator */
5524}
5525
5526
5527/**
5528 * Loads a saved ATA device state.
5529 *
5530 * @returns VBox status code.
5531 * @param pDevIns The device instance.
5532 * @param pSSM The handle to the saved state.
5533 */
5534int ataControllerLoadExec(PAHCIATACONTROLLER pCtl, PSSMHANDLE pSSM)
5535{
5536 int rc;
5537 uint32_t u32Version;
5538 uint32_t u32;
5539
5540 /* Test for correct version. */
5541 rc = SSMR3GetU32(pSSM, &u32Version);
5542 AssertRCReturn(rc, rc);
5543
5544 if ( u32Version != ATA_CTL_SAVED_STATE_VERSION
5545 && u32Version != ATA_CTL_SAVED_STATE_VERSION_WITHOUT_FULL_SENSE
5546 && u32Version != ATA_CTL_SAVED_STATE_VERSION_WITHOUT_EVENT_STATUS)
5547 {
5548 AssertMsgFailed(("u32Version=%d\n", u32Version));
5549 return VERR_SSM_UNSUPPORTED_DATA_UNIT_VERSION;
5550 }
5551
5552 /* integrity check */
5553 if (!ataAsyncIOIsIdle(pCtl, false))
5554 {
5555 AssertMsgFailed(("Async I/O for controller is active\n"));
5556 return VERR_SSM_DATA_UNIT_FORMAT_CHANGED;
5557 }
5558
5559 SSMR3GetU8(pSSM, &pCtl->iSelectedIf);
5560 SSMR3GetU8(pSSM, &pCtl->iAIOIf);
5561 SSMR3GetU8(pSSM, &pCtl->uAsyncIOState);
5562 SSMR3GetBool(pSSM, &pCtl->fChainedTransfer);
5563 SSMR3GetBool(pSSM, (bool *)&pCtl->fReset);
5564 SSMR3GetBool(pSSM, (bool *)&pCtl->fRedo);
5565 SSMR3GetBool(pSSM, (bool *)&pCtl->fRedoIdle);
5566 SSMR3GetBool(pSSM, (bool *)&pCtl->fRedoDMALastDesc);
5567 SSMR3GetMem(pSSM, &pCtl->BmDma, sizeof(pCtl->BmDma));
5568 SSMR3GetGCPhys32(pSSM, &pCtl->pFirstDMADesc);
5569 SSMR3GetGCPhys32(pSSM, &pCtl->pLastDMADesc);
5570 SSMR3GetGCPhys32(pSSM, &pCtl->pRedoDMABuffer);
5571 SSMR3GetU32(pSSM, &pCtl->cbRedoDMABuffer);
5572
5573 for (uint32_t j = 0; j < RT_ELEMENTS(pCtl->aIfs); j++)
5574 {
5575 SSMR3GetBool(pSSM, &pCtl->aIfs[j].fLBA48);
5576 SSMR3GetBool(pSSM, &pCtl->aIfs[j].fATAPI);
5577 SSMR3GetBool(pSSM, &pCtl->aIfs[j].fIrqPending);
5578 SSMR3GetU8(pSSM, &pCtl->aIfs[j].cMultSectors);
5579 SSMR3GetU32(pSSM, &pCtl->aIfs[j].PCHSGeometry.cCylinders);
5580 SSMR3GetU32(pSSM, &pCtl->aIfs[j].PCHSGeometry.cHeads);
5581 SSMR3GetU32(pSSM, &pCtl->aIfs[j].PCHSGeometry.cSectors);
5582 SSMR3GetU32(pSSM, &pCtl->aIfs[j].cSectorsPerIRQ);
5583 SSMR3GetU64(pSSM, &pCtl->aIfs[j].cTotalSectors);
5584 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegFeature);
5585 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegFeatureHOB);
5586 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegError);
5587 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegNSector);
5588 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegNSectorHOB);
5589 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegSector);
5590 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegSectorHOB);
5591 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegLCyl);
5592 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegLCylHOB);
5593 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegHCyl);
5594 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegHCylHOB);
5595 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegSelect);
5596 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegStatus);
5597 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegCommand);
5598 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATARegDevCtl);
5599 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uATATransferMode);
5600 SSMR3GetU8(pSSM, &pCtl->aIfs[j].uTxDir);
5601 SSMR3GetU8(pSSM, &pCtl->aIfs[j].iBeginTransfer);
5602 SSMR3GetU8(pSSM, &pCtl->aIfs[j].iSourceSink);
5603 SSMR3GetBool(pSSM, &pCtl->aIfs[j].fDMA);
5604 SSMR3GetBool(pSSM, &pCtl->aIfs[j].fATAPITransfer);
5605 SSMR3GetU32(pSSM, &pCtl->aIfs[j].cbTotalTransfer);
5606 SSMR3GetU32(pSSM, &pCtl->aIfs[j].cbElementaryTransfer);
5607 SSMR3GetU32(pSSM, &pCtl->aIfs[j].iIOBufferCur);
5608 SSMR3GetU32(pSSM, &pCtl->aIfs[j].iIOBufferEnd);
5609 SSMR3GetU32(pSSM, &pCtl->aIfs[j].iIOBufferPIODataStart);
5610 SSMR3GetU32(pSSM, &pCtl->aIfs[j].iIOBufferPIODataEnd);
5611 SSMR3GetU32(pSSM, &pCtl->aIfs[j].iATAPILBA);
5612 SSMR3GetU32(pSSM, &pCtl->aIfs[j].cbATAPISector);
5613 SSMR3GetMem(pSSM, &pCtl->aIfs[j].aATAPICmd, sizeof(pCtl->aIfs[j].aATAPICmd));
5614 if (u32Version > ATA_CTL_SAVED_STATE_VERSION_WITHOUT_FULL_SENSE)
5615 {
5616 SSMR3GetMem(pSSM, &pCtl->aIfs[j].abATAPISense, sizeof(pCtl->aIfs[j].abATAPISense));
5617 }
5618 else
5619 {
5620 uint8_t uATAPISenseKey, uATAPIASC;
5621 memset(pCtl->aIfs[j].abATAPISense, '\0', sizeof(pCtl->aIfs[j].abATAPISense));
5622 pCtl->aIfs[j].abATAPISense[0] = 0x70 | (1 << 7);
5623 pCtl->aIfs[j].abATAPISense[7] = 10;
5624 SSMR3GetU8(pSSM, &uATAPISenseKey);
5625 SSMR3GetU8(pSSM, &uATAPIASC);
5626 pCtl->aIfs[j].abATAPISense[2] = uATAPISenseKey & 0x0f;
5627 pCtl->aIfs[j].abATAPISense[12] = uATAPIASC;
5628 }
5629 /** @todo triple-check this hack after passthrough is working */
5630 SSMR3GetU8(pSSM, &pCtl->aIfs[j].cNotifiedMediaChange);
5631 if (u32Version > ATA_CTL_SAVED_STATE_VERSION_WITHOUT_EVENT_STATUS)
5632 SSMR3GetU32(pSSM, (uint32_t*)&pCtl->aIfs[j].MediaEventStatus);
5633 else
5634 pCtl->aIfs[j].MediaEventStatus = ATA_EVENT_STATUS_UNCHANGED;
5635
5636 PDMLED Led;
5637 SSMR3GetMem(pSSM, &Led, sizeof(PDMLED));
5638 SSMR3GetU32(pSSM, &pCtl->aIfs[j].cbIOBuffer);
5639 if (pCtl->aIfs[j].cbIOBuffer)
5640 {
5641 if (pCtl->aIfs[j].CTX_SUFF(pbIOBuffer))
5642 SSMR3GetMem(pSSM, pCtl->aIfs[j].CTX_SUFF(pbIOBuffer), pCtl->aIfs[j].cbIOBuffer);
5643 else
5644 {
5645 LogRel(("AHCI ATA: No buffer for %d\n", j));
5646 if (SSMR3HandleGetAfter(pSSM) != SSMAFTER_DEBUG_IT)
5647 return SSMR3SetCfgError(pSSM, RT_SRC_POS, N_("No buffer for %d"), j);
5648
5649 /* skip the buffer if we're loading for the debugger / animator. */
5650 uint8_t u8Ignored;
5651 size_t cbLeft = pCtl->aIfs[j].cbIOBuffer;
5652 while (cbLeft-- > 0)
5653 SSMR3GetU8(pSSM, &u8Ignored);
5654 }
5655 }
5656 else
5657 Assert(pCtl->aIfs[j].CTX_SUFF(pbIOBuffer) == NULL);
5658 }
5659
5660 rc = SSMR3GetU32(pSSM, &u32);
5661 if (RT_FAILURE(rc))
5662 return rc;
5663 if (u32 != ~0U)
5664 {
5665 AssertMsgFailed(("u32=%#x expected ~0\n", u32));
5666 rc = VERR_SSM_DATA_UNIT_FORMAT_CHANGED;
5667 return rc;
5668 }
5669
5670 return VINF_SUCCESS;
5671}
5672
5673int ataControllerInit(PPDMDEVINS pDevIns, PAHCIATACONTROLLER pCtl,
5674 PPDMIMEDIANOTIFY pMediaNotify,
5675 unsigned iLUNMaster, PPDMIBASE pDrvBaseMaster, PPDMLED pLedMaster,
5676 PSTAMCOUNTER pStatBytesReadMaster, PSTAMCOUNTER pStatBytesWrittenMaster,
5677 const char *pszSerialNumberMaster, const char *pszFirmwareRevisionMaster,
5678 const char *pszModelNumberMaster, const char *pszInquiryVendorIdMaster,
5679 const char *pszInquiryProductIdMaster, const char *pszInquiryRevisionMaster,
5680 bool fNonRotationalMaster,
5681 unsigned iLUNSlave, PPDMIBASE pDrvBaseSlave, PPDMLED pLedSlave,
5682 PSTAMCOUNTER pStatBytesReadSlave, PSTAMCOUNTER pStatBytesWrittenSlave,
5683 const char *pszSerialNumberSlave, const char *pszFirmwareRevisionSlave,
5684 const char *pszModelNumberSlave, const char *pszInquiryVendorIdSlave,
5685 const char *pszInquiryProductIdSlave, const char *pszInquiryRevisionSlave,
5686 bool fNonRotationalSlave,
5687 uint32_t *pcbSSMState, const char *szName)
5688{
5689 int rc;
5690
5691 AssertMsg(pcbSSMState, ("pcbSSMState is invalid\n"));
5692
5693 pCtl->pDevInsR3 = pDevIns;
5694 pCtl->pDevInsR0 = PDMDEVINS_2_R0PTR(pDevIns);
5695 pCtl->pDevInsRC = PDMDEVINS_2_RCPTR(pDevIns);
5696 pCtl->pMediaNotify = pMediaNotify;
5697 pCtl->AsyncIOSem = NIL_RTSEMEVENT;
5698 pCtl->SuspendIOSem = NIL_RTSEMEVENT;
5699 pCtl->AsyncIORequestMutex = NIL_RTSEMMUTEX;
5700 pCtl->AsyncIOThread = NIL_RTTHREAD;
5701
5702 for (uint32_t j = 0; j < RT_ELEMENTS(pCtl->aIfs); j++)
5703 {
5704 pCtl->aIfs[j].iLUN = j == 0 ? iLUNMaster : iLUNSlave;
5705 pCtl->aIfs[j].pDevInsR3 = pDevIns;
5706 pCtl->aIfs[j].pDevInsR0 = PDMDEVINS_2_R0PTR(pDevIns);
5707 pCtl->aIfs[j].pDevInsRC = PDMDEVINS_2_RCPTR(pDevIns);
5708 pCtl->aIfs[j].pControllerR3 = pCtl;
5709 pCtl->aIfs[j].pControllerR0 = MMHyperR3ToR0(PDMDevHlpGetVM(pDevIns), pCtl);
5710 pCtl->aIfs[j].pControllerRC = MMHyperR3ToRC(PDMDevHlpGetVM(pDevIns), pCtl);
5711 pCtl->aIfs[j].pLed = j == 0 ? pLedMaster : pLedSlave;
5712 pCtl->aIfs[j].pStatBytesRead = j == 0 ? pStatBytesReadMaster : pStatBytesReadSlave;
5713 pCtl->aIfs[j].pStatBytesWritten = j == 0 ? pStatBytesWrittenMaster : pStatBytesWrittenSlave;
5714 pCtl->aIfs[j].pszSerialNumber = j == 0 ? pszSerialNumberMaster : pszSerialNumberSlave;
5715 pCtl->aIfs[j].pszFirmwareRevision = j == 0 ? pszFirmwareRevisionMaster : pszFirmwareRevisionSlave;
5716 pCtl->aIfs[j].pszModelNumber = j == 0 ? pszModelNumberMaster : pszModelNumberSlave;
5717 pCtl->aIfs[j].pszInquiryVendorId = j == 0 ? pszInquiryVendorIdMaster : pszInquiryVendorIdSlave;
5718 pCtl->aIfs[j].pszInquiryProductId = j == 0 ? pszInquiryProductIdMaster : pszInquiryProductIdSlave;
5719 pCtl->aIfs[j].pszInquiryRevision = j == 0 ? pszInquiryRevisionMaster : pszInquiryRevisionSlave;
5720 pCtl->aIfs[j].fNonRotational = j == 0 ? fNonRotationalMaster : fNonRotationalSlave;
5721 }
5722
5723 /* Initialize per-controller critical section */
5724 rc = PDMDevHlpCritSectInit(pDevIns, &pCtl->lock, RT_SRC_POS, "%s", szName);
5725 if (RT_FAILURE(rc))
5726 return PDMDEV_SET_ERROR(pDevIns, rc, N_("AHCI ATA: cannot initialize critical section"));
5727
5728 /*
5729 * Attach the units.
5730 */
5731 uint32_t cbTotalBuffer = 0;
5732
5733 /*
5734 * Start the worker thread.
5735 */
5736 pCtl->uAsyncIOState = AHCIATA_AIO_NEW;
5737 rc = RTSemEventCreate(&pCtl->AsyncIOSem);
5738 AssertRCReturn(rc, rc);
5739 rc = RTSemEventCreate(&pCtl->SuspendIOSem);
5740 AssertRCReturn(rc, rc);
5741 rc = RTSemMutexCreate(&pCtl->AsyncIORequestMutex);
5742 AssertRCReturn(rc, rc);
5743 ataAsyncIOClearRequests(pCtl);
5744 rc = RTThreadCreateF(&pCtl->AsyncIOThread, ataAsyncIOLoop, (void *)pCtl, 128*1024,
5745 RTTHREADTYPE_IO, RTTHREADFLAGS_WAITABLE, "AHCI-ATA-%u", pCtl->irq);
5746 AssertRCReturn(rc, rc);
5747 Assert(pCtl->AsyncIOThread != NIL_RTTHREAD && pCtl->AsyncIOSem != NIL_RTSEMEVENT && pCtl->SuspendIOSem != NIL_RTSEMEVENT && pCtl->AsyncIORequestMutex != NIL_RTSEMMUTEX);
5748 Log(("%s: controller AIO thread id %#x; sem %p susp_sem %p mutex %p\n", __FUNCTION__, pCtl->AsyncIOThread, pCtl->AsyncIOSem, pCtl->SuspendIOSem, pCtl->AsyncIORequestMutex));
5749
5750 for (uint32_t j = 0; j < RT_ELEMENTS(pCtl->aIfs); j++)
5751 {
5752 /*
5753 * Try attach the block device and get the interfaces,
5754 * required as well as optional.
5755 */
5756 AHCIATADevState *pIf = &pCtl->aIfs[j];
5757
5758 pIf->pDrvBase = (j == 0) ? pDrvBaseMaster : pDrvBaseSlave;
5759
5760#if 0
5761 rc = PDMDevHlpDriverAttach(pDevIns, pIf->iLUN, &pIf->IBase, &pIf->pDrvBase, s_apszDescs[j]);
5762 if (RT_SUCCESS(rc))
5763#endif
5764 if (pIf->pDrvBase)
5765 rc = ataConfigLun(pDevIns, pIf);
5766 else
5767 {
5768 pIf->pDrvBase = NULL;
5769 pIf->pDrvBlock = NULL;
5770 pIf->cbIOBuffer = 0;
5771 pIf->pbIOBufferR3 = NULL;
5772 pIf->pbIOBufferR0 = NIL_RTR0PTR;
5773 pIf->pbIOBufferRC = NIL_RTRCPTR;
5774 LogRel(("AHCI ATA: LUN#%d: no unit\n", pIf->iLUN));
5775 }
5776 cbTotalBuffer += pIf->cbIOBuffer;
5777 }
5778
5779 *pcbSSMState = cbTotalBuffer;
5780
5781 /*
5782 * Initialize the device state.
5783 */
5784 ataControllerReset(pCtl);
5785
5786 return VINF_SUCCESS;
5787}
5788#endif /* IN_RING3 */
5789#endif /* !VBOX_DEVICE_STRUCT_TESTCASE */
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette