VirtualBox

source: vbox/trunk/src/VBox/Devices/Storage/DevATA.cpp@ 62538

Last change on this file since 62538 was 62506, checked in by vboxsync, 8 years ago

(C) 2016

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 299.1 KB
Line 
1/* $Id: DevATA.cpp 62506 2016-07-22 19:09:44Z vboxsync $ */
2/** @file
3 * VBox storage devices: ATA/ATAPI controller device (disk and cdrom).
4 */
5
6/*
7 * Copyright (C) 2006-2016 Oracle Corporation
8 *
9 * This file is part of VirtualBox Open Source Edition (OSE), as
10 * available from http://www.virtualbox.org. This file is free software;
11 * you can redistribute it and/or modify it under the terms of the GNU
12 * General Public License (GPL) as published by the Free Software
13 * Foundation, in version 2 as it comes in the "COPYING" file of the
14 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
15 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
16 */
17
18
19/*********************************************************************************************************************************
20* Defined Constants And Macros *
21*********************************************************************************************************************************/
22/** Temporary instrumentation for tracking down potential virtual disk
23 * write performance issues. */
24#undef VBOX_INSTRUMENT_DMA_WRITES
25
26/** @name The SSM saved state versions.
27 * @{
28 */
29/** The current saved state version. */
30#define ATA_SAVED_STATE_VERSION 20
31/** The saved state version used by VirtualBox 3.0.
32 * This lacks the config part and has the type at the and. */
33#define ATA_SAVED_STATE_VERSION_VBOX_30 19
34#define ATA_SAVED_STATE_VERSION_WITH_BOOL_TYPE 18
35#define ATA_SAVED_STATE_VERSION_WITHOUT_FULL_SENSE 16
36#define ATA_SAVED_STATE_VERSION_WITHOUT_EVENT_STATUS 17
37/** @} */
38
39
40/*********************************************************************************************************************************
41* Header Files *
42*********************************************************************************************************************************/
43#define LOG_GROUP LOG_GROUP_DEV_IDE
44#include <VBox/vmm/pdmdev.h>
45#include <VBox/vmm/pdmstorageifs.h>
46#include <iprt/assert.h>
47#include <iprt/string.h>
48#ifdef IN_RING3
49# include <iprt/uuid.h>
50# include <iprt/semaphore.h>
51# include <iprt/thread.h>
52# include <iprt/time.h>
53# include <iprt/alloc.h>
54#endif /* IN_RING3 */
55#include <iprt/critsect.h>
56#include <iprt/asm.h>
57#include <VBox/vmm/stam.h>
58#include <VBox/vmm/mm.h>
59#include <VBox/vmm/pgm.h>
60
61#include <VBox/sup.h>
62#include <VBox/scsi.h>
63
64#include "PIIX3ATABmDma.h"
65#include "ide.h"
66#include "ATAPIPassthrough.h"
67#include "VBoxDD.h"
68
69
70/*********************************************************************************************************************************
71* Defined Constants And Macros *
72*********************************************************************************************************************************/
73/**
74 * Maximum number of sectors to transfer in a READ/WRITE MULTIPLE request.
75 * Set to 1 to disable multi-sector read support. According to the ATA
76 * specification this must be a power of 2 and it must fit in an 8 bit
77 * value. Thus the only valid values are 1, 2, 4, 8, 16, 32, 64 and 128.
78 */
79#define ATA_MAX_MULT_SECTORS 128
80
81/**
82 * Fastest PIO mode supported by the drive.
83 */
84#define ATA_PIO_MODE_MAX 4
85/**
86 * Fastest MDMA mode supported by the drive.
87 */
88#define ATA_MDMA_MODE_MAX 2
89/**
90 * Fastest UDMA mode supported by the drive.
91 */
92#define ATA_UDMA_MODE_MAX 6
93
94/** ATAPI sense info size. */
95#define ATAPI_SENSE_SIZE 64
96
97/** The maximum number of release log entries per device. */
98#define MAX_LOG_REL_ERRORS 1024
99
100/* MediaEventStatus */
101#define ATA_EVENT_STATUS_UNCHANGED 0 /**< medium event status not changed */
102#define ATA_EVENT_STATUS_MEDIA_NEW 1 /**< new medium inserted */
103#define ATA_EVENT_STATUS_MEDIA_REMOVED 2 /**< medium removed */
104#define ATA_EVENT_STATUS_MEDIA_CHANGED 3 /**< medium was removed + new medium was inserted */
105#define ATA_EVENT_STATUS_MEDIA_EJECT_REQUESTED 4 /**< medium eject requested (eject button pressed) */
106
107/* Media track type */
108#define ATA_MEDIA_TYPE_UNKNOWN 0 /**< unknown CD type */
109#define ATA_MEDIA_NO_DISC 0x70 /**< Door closed, no medium */
110
111
112/*********************************************************************************************************************************
113* Structures and Typedefs *
114*********************************************************************************************************************************/
115/**
116 * The state of an ATA device.
117 *
118 * @implements PDMIBASE
119 * @implements PDMIBLOCKPORT
120 * @implements PDMIMOUNTNOTIFY
121 */
122typedef struct ATADevState
123{
124 /** Flag indicating whether the current command uses LBA48 mode. */
125 bool fLBA48;
126 /** Flag indicating whether this drive implements the ATAPI command set. */
127 bool fATAPI;
128 /** Set if this interface has asserted the IRQ. */
129 bool fIrqPending;
130 /** Currently configured number of sectors in a multi-sector transfer. */
131 uint8_t cMultSectors;
132 /** PCHS disk geometry. */
133 PDMMEDIAGEOMETRY PCHSGeometry;
134 /** Total number of sectors on this disk. */
135 uint64_t cTotalSectors;
136 /** Sector size of the medium. */
137 uint32_t cbSector;
138 /** Number of sectors to transfer per IRQ. */
139 uint32_t cSectorsPerIRQ;
140
141 /** ATA/ATAPI register 1: feature (write-only). */
142 uint8_t uATARegFeature;
143 /** ATA/ATAPI register 1: feature, high order byte. */
144 uint8_t uATARegFeatureHOB;
145 /** ATA/ATAPI register 1: error (read-only). */
146 uint8_t uATARegError;
147 /** ATA/ATAPI register 2: sector count (read/write). */
148 uint8_t uATARegNSector;
149 /** ATA/ATAPI register 2: sector count, high order byte. */
150 uint8_t uATARegNSectorHOB;
151 /** ATA/ATAPI register 3: sector (read/write). */
152 uint8_t uATARegSector;
153 /** ATA/ATAPI register 3: sector, high order byte. */
154 uint8_t uATARegSectorHOB;
155 /** ATA/ATAPI register 4: cylinder low (read/write). */
156 uint8_t uATARegLCyl;
157 /** ATA/ATAPI register 4: cylinder low, high order byte. */
158 uint8_t uATARegLCylHOB;
159 /** ATA/ATAPI register 5: cylinder high (read/write). */
160 uint8_t uATARegHCyl;
161 /** ATA/ATAPI register 5: cylinder high, high order byte. */
162 uint8_t uATARegHCylHOB;
163 /** ATA/ATAPI register 6: select drive/head (read/write). */
164 uint8_t uATARegSelect;
165 /** ATA/ATAPI register 7: status (read-only). */
166 uint8_t uATARegStatus;
167 /** ATA/ATAPI register 7: command (write-only). */
168 uint8_t uATARegCommand;
169 /** ATA/ATAPI drive control register (write-only). */
170 uint8_t uATARegDevCtl;
171
172 /** Currently active transfer mode (MDMA/UDMA) and speed. */
173 uint8_t uATATransferMode;
174 /** Current transfer direction. */
175 uint8_t uTxDir;
176 /** Index of callback for begin transfer. */
177 uint8_t iBeginTransfer;
178 /** Index of callback for source/sink of data. */
179 uint8_t iSourceSink;
180 /** Flag indicating whether the current command transfers data in DMA mode. */
181 bool fDMA;
182 /** Set to indicate that ATAPI transfer semantics must be used. */
183 bool fATAPITransfer;
184
185 /** Total ATA/ATAPI transfer size, shared PIO/DMA. */
186 uint32_t cbTotalTransfer;
187 /** Elementary ATA/ATAPI transfer size, shared PIO/DMA. */
188 uint32_t cbElementaryTransfer;
189 /** Maximum ATAPI elementary transfer size, PIO only. */
190 uint32_t cbPIOTransferLimit;
191 /** ATAPI passthrough transfer size, shared PIO/DMA */
192 uint32_t cbAtapiPassthroughTransfer;
193 /** Current read/write buffer position, shared PIO/DMA. */
194 uint32_t iIOBufferCur;
195 /** First element beyond end of valid buffer content, shared PIO/DMA. */
196 uint32_t iIOBufferEnd;
197 /** Align the following fields correctly. */
198 uint32_t Alignment0;
199
200 /** ATA/ATAPI current PIO read/write transfer position. Not shared with DMA for safety reasons. */
201 uint32_t iIOBufferPIODataStart;
202 /** ATA/ATAPI current PIO read/write transfer end. Not shared with DMA for safety reasons. */
203 uint32_t iIOBufferPIODataEnd;
204
205 /** ATAPI current LBA position. */
206 uint32_t iATAPILBA;
207 /** ATAPI current sector size. */
208 uint32_t cbATAPISector;
209 /** ATAPI current command. */
210 uint8_t aATAPICmd[ATAPI_PACKET_SIZE];
211 /** ATAPI sense data. */
212 uint8_t abATAPISense[ATAPI_SENSE_SIZE];
213 /** HACK: Countdown till we report a newly unmounted drive as mounted. */
214 uint8_t cNotifiedMediaChange;
215 /** The same for GET_EVENT_STATUS for mechanism */
216 volatile uint32_t MediaEventStatus;
217
218 /** Media type if known. */
219 volatile uint32_t MediaTrackType;
220
221 /** The status LED state for this drive. */
222 PDMLED Led;
223
224 /** Size of I/O buffer. */
225 uint32_t cbIOBuffer;
226 /** Pointer to the I/O buffer. */
227 R3PTRTYPE(uint8_t *) pbIOBufferR3;
228 /** Pointer to the I/O buffer. */
229 R0PTRTYPE(uint8_t *) pbIOBufferR0;
230 /** Pointer to the I/O buffer. */
231 RCPTRTYPE(uint8_t *) pbIOBufferRC;
232
233 RTRCPTR Aligmnent1; /**< Align the statistics at an 8-byte boundary. */
234
235 /*
236 * No data that is part of the saved state after this point!!!!!
237 */
238
239 /* Release statistics: number of ATA DMA commands. */
240 STAMCOUNTER StatATADMA;
241 /* Release statistics: number of ATA PIO commands. */
242 STAMCOUNTER StatATAPIO;
243 /* Release statistics: number of ATAPI PIO commands. */
244 STAMCOUNTER StatATAPIDMA;
245 /* Release statistics: number of ATAPI PIO commands. */
246 STAMCOUNTER StatATAPIPIO;
247#ifdef VBOX_INSTRUMENT_DMA_WRITES
248 /* Release statistics: number of DMA sector writes and the time spent. */
249 STAMPROFILEADV StatInstrVDWrites;
250#endif
251
252 /** Statistics: number of read operations and the time spent reading. */
253 STAMPROFILEADV StatReads;
254 /** Statistics: number of bytes read. */
255 STAMCOUNTER StatBytesRead;
256 /** Statistics: number of write operations and the time spent writing. */
257 STAMPROFILEADV StatWrites;
258 /** Statistics: number of bytes written. */
259 STAMCOUNTER StatBytesWritten;
260 /** Statistics: number of flush operations and the time spend flushing. */
261 STAMPROFILE StatFlushes;
262
263 /** Mark the drive as having a non-rotational medium (i.e. as a SSD). */
264 bool fNonRotational;
265 /** Enable passing through commands directly to the ATAPI drive. */
266 bool fATAPIPassthrough;
267 /** Flag whether to overwrite inquiry data in passthrough mode. */
268 bool fOverwriteInquiry;
269 /** Number of errors we've reported to the release log.
270 * This is to prevent flooding caused by something going horribly wrong.
271 * this value against MAX_LOG_REL_ERRORS in places likely to cause floods
272 * like the ones we currently seeing on the linux smoke tests (2006-11-10). */
273 uint32_t cErrors;
274 /** Timestamp of last started command. 0 if no command pending. */
275 uint64_t u64CmdTS;
276
277 /** Pointer to the attached driver's base interface. */
278 R3PTRTYPE(PPDMIBASE) pDrvBase;
279 /** Pointer to the attached driver's block interface. */
280 R3PTRTYPE(PPDMIMEDIA) pDrvMedia;
281 /** Pointer to the attached driver's mount interface.
282 * This is NULL if the driver isn't a removable unit. */
283 R3PTRTYPE(PPDMIMOUNT) pDrvMount;
284 /** The base interface. */
285 PDMIBASE IBase;
286 /** The block port interface. */
287 PDMIMEDIAPORT IPort;
288 /** The mount notify interface. */
289 PDMIMOUNTNOTIFY IMountNotify;
290 /** The LUN #. */
291 RTUINT iLUN;
292#if HC_ARCH_BITS == 64
293 RTUINT Alignment2; /**< Align pDevInsR3 correctly. */
294#endif
295 /** Pointer to device instance. */
296 PPDMDEVINSR3 pDevInsR3;
297 /** Pointer to controller instance. */
298 R3PTRTYPE(struct ATACONTROLLER *) pControllerR3;
299 /** Pointer to device instance. */
300 PPDMDEVINSR0 pDevInsR0;
301 /** Pointer to controller instance. */
302 R0PTRTYPE(struct ATACONTROLLER *) pControllerR0;
303 /** Pointer to device instance. */
304 PPDMDEVINSRC pDevInsRC;
305 /** Pointer to controller instance. */
306 RCPTRTYPE(struct ATACONTROLLER *) pControllerRC;
307
308 /** The serial number to use for IDENTIFY DEVICE commands. */
309 char szSerialNumber[ATA_SERIAL_NUMBER_LENGTH+1];
310 /** The firmware revision to use for IDENTIFY DEVICE commands. */
311 char szFirmwareRevision[ATA_FIRMWARE_REVISION_LENGTH+1];
312 /** The model number to use for IDENTIFY DEVICE commands. */
313 char szModelNumber[ATA_MODEL_NUMBER_LENGTH+1];
314 /** The vendor identification string for SCSI INQUIRY commands. */
315 char szInquiryVendorId[ATAPI_INQUIRY_VENDOR_ID_LENGTH+1];
316 /** The product identification string for SCSI INQUIRY commands. */
317 char szInquiryProductId[ATAPI_INQUIRY_PRODUCT_ID_LENGTH+1];
318 /** The revision string for SCSI INQUIRY commands. */
319 char szInquiryRevision[ATAPI_INQUIRY_REVISION_LENGTH+1];
320 /** The current tracklist of the loaded medium if passthrough is used. */
321 R3PTRTYPE(PTRACKLIST) pTrackList;
322
323 uint8_t abAlignment4[HC_ARCH_BITS == 64 ? 7 : 3];
324} ATADevState;
325AssertCompileMemberAlignment(ATADevState, cTotalSectors, 8);
326AssertCompileMemberAlignment(ATADevState, StatATADMA, 8);
327AssertCompileMemberAlignment(ATADevState, u64CmdTS, 8);
328AssertCompileMemberAlignment(ATADevState, pDevInsR3, 8);
329AssertCompileMemberAlignment(ATADevState, szSerialNumber, 8);
330AssertCompileSizeAlignment(ATADevState, 8);
331
332
333typedef struct ATATransferRequest
334{
335 uint8_t iIf;
336 uint8_t iBeginTransfer;
337 uint8_t iSourceSink;
338 uint32_t cbTotalTransfer;
339 uint8_t uTxDir;
340} ATATransferRequest;
341
342
343typedef struct ATAAbortRequest
344{
345 uint8_t iIf;
346 bool fResetDrive;
347} ATAAbortRequest;
348
349
350typedef enum
351{
352 /** Begin a new transfer. */
353 ATA_AIO_NEW = 0,
354 /** Continue a DMA transfer. */
355 ATA_AIO_DMA,
356 /** Continue a PIO transfer. */
357 ATA_AIO_PIO,
358 /** Reset the drives on current controller, stop all transfer activity. */
359 ATA_AIO_RESET_ASSERTED,
360 /** Reset the drives on current controller, resume operation. */
361 ATA_AIO_RESET_CLEARED,
362 /** Abort the current transfer of a particular drive. */
363 ATA_AIO_ABORT
364} ATAAIO;
365
366
367typedef struct ATARequest
368{
369 ATAAIO ReqType;
370 union
371 {
372 ATATransferRequest t;
373 ATAAbortRequest a;
374 } u;
375} ATARequest;
376
377
378typedef struct ATACONTROLLER
379{
380 /** The base of the first I/O Port range. */
381 RTIOPORT IOPortBase1;
382 /** The base of the second I/O Port range. (0 if none) */
383 RTIOPORT IOPortBase2;
384 /** The assigned IRQ. */
385 RTUINT irq;
386 /** Access critical section */
387 PDMCRITSECT lock;
388
389 /** Selected drive. */
390 uint8_t iSelectedIf;
391 /** The interface on which to handle async I/O. */
392 uint8_t iAIOIf;
393 /** The state of the async I/O thread. */
394 uint8_t uAsyncIOState;
395 /** Flag indicating whether the next transfer is part of the current command. */
396 bool fChainedTransfer;
397 /** Set when the reset processing is currently active on this controller. */
398 bool fReset;
399 /** Flag whether the current transfer needs to be redone. */
400 bool fRedo;
401 /** Flag whether the redo suspend has been finished. */
402 bool fRedoIdle;
403 /** Flag whether the DMA operation to be redone is the final transfer. */
404 bool fRedoDMALastDesc;
405 /** The BusMaster DMA state. */
406 BMDMAState BmDma;
407 /** Pointer to first DMA descriptor. */
408 RTGCPHYS32 pFirstDMADesc;
409 /** Pointer to last DMA descriptor. */
410 RTGCPHYS32 pLastDMADesc;
411 /** Pointer to current DMA buffer (for redo operations). */
412 RTGCPHYS32 pRedoDMABuffer;
413 /** Size of current DMA buffer (for redo operations). */
414 uint32_t cbRedoDMABuffer;
415
416 /** The ATA/ATAPI interfaces of this controller. */
417 ATADevState aIfs[2];
418
419 /** Pointer to device instance. */
420 PPDMDEVINSR3 pDevInsR3;
421 /** Pointer to device instance. */
422 PPDMDEVINSR0 pDevInsR0;
423 /** Pointer to device instance. */
424 PPDMDEVINSRC pDevInsRC;
425
426 /** Set when the destroying the device instance and the thread must exit. */
427 uint32_t volatile fShutdown;
428 /** The async I/O thread handle. NIL_RTTHREAD if no thread. */
429 RTTHREAD AsyncIOThread;
430 /** The event semaphore the thread is waiting on for requests. */
431 SUPSEMEVENT hAsyncIOSem;
432 /** The support driver session handle. */
433 PSUPDRVSESSION pSupDrvSession;
434 /** The request queue for the AIO thread. One element is always unused. */
435 ATARequest aAsyncIORequests[4];
436 /** The position at which to insert a new request for the AIO thread. */
437 volatile uint8_t AsyncIOReqHead;
438 /** The position at which to get a new request for the AIO thread. */
439 volatile uint8_t AsyncIOReqTail;
440 /** Whether to call PDMDevHlpAsyncNotificationCompleted when idle. */
441 bool volatile fSignalIdle;
442 uint8_t Alignment3[1]; /**< Explicit padding of the 1 byte gap. */
443 /** Magic delay before triggering interrupts in DMA mode. */
444 uint32_t DelayIRQMillies;
445 /** The event semaphore the thread is waiting on during suspended I/O. */
446 RTSEMEVENT SuspendIOSem;
447 /** The lock protecting the request queue. */
448 PDMCRITSECT AsyncIORequestLock;
449#if 0 /*HC_ARCH_BITS == 32*/
450 uint32_t Alignment0;
451#endif
452
453 /** Timestamp we started the reset. */
454 uint64_t u64ResetTime;
455
456 /* Statistics */
457 STAMCOUNTER StatAsyncOps;
458 uint64_t StatAsyncMinWait;
459 uint64_t StatAsyncMaxWait;
460 STAMCOUNTER StatAsyncTimeUS;
461 STAMPROFILEADV StatAsyncTime;
462 STAMPROFILE StatLockWait;
463} ATACONTROLLER, *PATACONTROLLER;
464AssertCompileMemberAlignment(ATACONTROLLER, lock, 8);
465AssertCompileMemberAlignment(ATACONTROLLER, aIfs, 8);
466AssertCompileMemberAlignment(ATACONTROLLER, u64ResetTime, 8);
467AssertCompileMemberAlignment(ATACONTROLLER, StatAsyncOps, 8);
468AssertCompileMemberAlignment(ATACONTROLLER, AsyncIORequestLock, 8);
469AssertCompileSizeAlignment(ATACONTROLLER, 8);
470
471typedef enum CHIPSET
472{
473 /** PIIX3 chipset, must be 0 for saved state compatibility */
474 CHIPSET_PIIX3 = 0,
475 /** PIIX4 chipset, must be 1 for saved state compatibility */
476 CHIPSET_PIIX4 = 1,
477 /** ICH6 chipset */
478 CHIPSET_ICH6 = 2
479} CHIPSET;
480
481/**
482 * The state of the ATA PCI device.
483 *
484 * @extends PCIDEVICE
485 * @implements PDMILEDPORTS
486 */
487typedef struct PCIATAState
488{
489 PCIDEVICE dev;
490 /** The controllers. */
491 ATACONTROLLER aCts[2];
492 /** Pointer to device instance. */
493 PPDMDEVINSR3 pDevIns;
494 /** Status LUN: Base interface. */
495 PDMIBASE IBase;
496 /** Status LUN: Leds interface. */
497 PDMILEDPORTS ILeds;
498 /** Status LUN: Partner of ILeds. */
499 R3PTRTYPE(PPDMILEDCONNECTORS) pLedsConnector;
500 /** Status LUN: Media Notify. */
501 R3PTRTYPE(PPDMIMEDIANOTIFY) pMediaNotify;
502 /** Flag whether RC is enabled. */
503 bool fRCEnabled;
504 /** Flag whether R0 is enabled. */
505 bool fR0Enabled;
506 /** Flag indicating chipset being emulated. */
507 uint8_t u8Type;
508 bool Alignment0[HC_ARCH_BITS == 64 ? 5 : 1 ]; /**< Align the struct size. */
509} PCIATAState;
510
511#define PDMIBASE_2_PCIATASTATE(pInterface) ( (PCIATAState *)((uintptr_t)(pInterface) - RT_OFFSETOF(PCIATAState, IBase)) )
512#define PDMILEDPORTS_2_PCIATASTATE(pInterface) ( (PCIATAState *)((uintptr_t)(pInterface) - RT_OFFSETOF(PCIATAState, ILeds)) )
513#define PDMIMEDIAPORT_2_ATASTATE(pInterface) ( (ATADevState *)((uintptr_t)(pInterface) - RT_OFFSETOF(ATADevState, IPort)) )
514#define PDMIMOUNT_2_ATASTATE(pInterface) ( (ATADevState *)((uintptr_t)(pInterface) - RT_OFFSETOF(ATADevState, IMount)) )
515#define PDMIMOUNTNOTIFY_2_ATASTATE(pInterface) ( (ATADevState *)((uintptr_t)(pInterface) - RT_OFFSETOF(ATADevState, IMountNotify)) )
516#define PCIDEV_2_PCIATASTATE(pPciDev) ( (PCIATAState *)(pPciDev) )
517
518#define ATACONTROLLER_IDX(pController) ( (pController) - PDMINS_2_DATA(CONTROLLER_2_DEVINS(pController), PCIATAState *)->aCts )
519
520#define ATADEVSTATE_2_CONTROLLER(pIf) ( (pIf)->CTX_SUFF(pController) )
521#define ATADEVSTATE_2_DEVINS(pIf) ( (pIf)->CTX_SUFF(pDevIns) )
522#define CONTROLLER_2_DEVINS(pController) ( (pController)->CTX_SUFF(pDevIns) )
523#define PDMIBASE_2_ATASTATE(pInterface) ( (ATADevState *)((uintptr_t)(pInterface) - RT_OFFSETOF(ATADevState, IBase)) )
524#define PDMIMEDIAPORT_2_ATASTATE(pInterface) ( (ATADevState *)((uintptr_t)(pInterface) - RT_OFFSETOF(ATADevState, IPort)) )
525
526#ifndef VBOX_DEVICE_STRUCT_TESTCASE
527
528
529/*********************************************************************************************************************************
530* Internal Functions *
531*********************************************************************************************************************************/
532RT_C_DECLS_BEGIN
533
534PDMBOTHCBDECL(int) ataIOPortWrite1Data(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t u32, unsigned cb);
535PDMBOTHCBDECL(int) ataIOPortRead1Data(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t *u32, unsigned cb);
536PDMBOTHCBDECL(int) ataIOPortWriteStr1Data(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint8_t const *pbSrc,
537 uint32_t *pcTransfers, unsigned cb);
538PDMBOTHCBDECL(int) ataIOPortReadStr1Data(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint8_t *pbDst,
539 uint32_t *pcTransfers, unsigned cb);
540PDMBOTHCBDECL(int) ataIOPortWrite1Other(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t u32, unsigned cb);
541PDMBOTHCBDECL(int) ataIOPortRead1Other(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t *u32, unsigned cb);
542PDMBOTHCBDECL(int) ataIOPortWrite2(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t u32, unsigned cb);
543PDMBOTHCBDECL(int) ataIOPortRead2(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t *u32, unsigned cb);
544PDMBOTHCBDECL(int) ataBMDMAIOPortWrite(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t u32, unsigned cb);
545PDMBOTHCBDECL(int) ataBMDMAIOPortRead(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t *pu32, unsigned cb);
546RT_C_DECLS_END
547
548
549
550DECLINLINE(void) ataSetStatusValue(ATADevState *s, uint8_t stat)
551{
552 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
553
554 /* Freeze status register contents while processing RESET. */
555 if (!pCtl->fReset)
556 {
557 s->uATARegStatus = stat;
558 Log2(("%s: LUN#%d status %#04x\n", __FUNCTION__, s->iLUN, s->uATARegStatus));
559 }
560}
561
562
563DECLINLINE(void) ataSetStatus(ATADevState *s, uint8_t stat)
564{
565 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
566
567 /* Freeze status register contents while processing RESET. */
568 if (!pCtl->fReset)
569 {
570 s->uATARegStatus |= stat;
571 Log2(("%s: LUN#%d status %#04x\n", __FUNCTION__, s->iLUN, s->uATARegStatus));
572 }
573}
574
575
576DECLINLINE(void) ataUnsetStatus(ATADevState *s, uint8_t stat)
577{
578 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
579
580 /* Freeze status register contents while processing RESET. */
581 if (!pCtl->fReset)
582 {
583 s->uATARegStatus &= ~stat;
584 Log2(("%s: LUN#%d status %#04x\n", __FUNCTION__, s->iLUN, s->uATARegStatus));
585 }
586}
587
588#if defined(IN_RING3) || defined(IN_RING0)
589
590# ifdef IN_RING3
591typedef void (*PBeginTransferFunc)(ATADevState *);
592typedef bool (*PSourceSinkFunc)(ATADevState *);
593
594static void ataR3ReadWriteSectorsBT(ATADevState *);
595static void ataR3PacketBT(ATADevState *);
596static void atapiR3CmdBT(ATADevState *);
597static void atapiR3PassthroughCmdBT(ATADevState *);
598
599static bool ataR3IdentifySS(ATADevState *);
600static bool ataR3FlushSS(ATADevState *);
601static bool ataR3ReadSectorsSS(ATADevState *);
602static bool ataR3WriteSectorsSS(ATADevState *);
603static bool ataR3ExecuteDeviceDiagnosticSS(ATADevState *);
604static bool ataR3TrimSS(ATADevState *);
605static bool ataR3PacketSS(ATADevState *);
606static bool atapiR3GetConfigurationSS(ATADevState *);
607static bool atapiR3GetEventStatusNotificationSS(ATADevState *);
608static bool atapiR3IdentifySS(ATADevState *);
609static bool atapiR3InquirySS(ATADevState *);
610static bool atapiR3MechanismStatusSS(ATADevState *);
611static bool atapiR3ModeSenseErrorRecoverySS(ATADevState *);
612static bool atapiR3ModeSenseCDStatusSS(ATADevState *);
613static bool atapiR3ReadSS(ATADevState *);
614static bool atapiR3ReadCapacitySS(ATADevState *);
615static bool atapiR3ReadDiscInformationSS(ATADevState *);
616static bool atapiR3ReadTOCNormalSS(ATADevState *);
617static bool atapiR3ReadTOCMultiSS(ATADevState *);
618static bool atapiR3ReadTOCRawSS(ATADevState *);
619static bool atapiR3ReadTrackInformationSS(ATADevState *);
620static bool atapiR3RequestSenseSS(ATADevState *);
621static bool atapiR3PassthroughSS(ATADevState *);
622static bool atapiR3ReadDVDStructureSS(ATADevState *);
623# endif /* IN_RING3 */
624
625/**
626 * Begin of transfer function indexes for g_apfnBeginTransFuncs.
627 */
628typedef enum ATAFNBT
629{
630 ATAFN_BT_NULL = 0,
631 ATAFN_BT_READ_WRITE_SECTORS,
632 ATAFN_BT_PACKET,
633 ATAFN_BT_ATAPI_CMD,
634 ATAFN_BT_ATAPI_PASSTHROUGH_CMD,
635 ATAFN_BT_MAX
636} ATAFNBT;
637
638# ifdef IN_RING3
639/**
640 * Array of end transfer functions, the index is ATAFNET.
641 * Make sure ATAFNET and this array match!
642 */
643static const PBeginTransferFunc g_apfnBeginTransFuncs[ATAFN_BT_MAX] =
644{
645 NULL,
646 ataR3ReadWriteSectorsBT,
647 ataR3PacketBT,
648 atapiR3CmdBT,
649 atapiR3PassthroughCmdBT,
650};
651# endif /* IN_RING3 */
652
653/**
654 * Source/sink function indexes for g_apfnSourceSinkFuncs.
655 */
656typedef enum ATAFNSS
657{
658 ATAFN_SS_NULL = 0,
659 ATAFN_SS_IDENTIFY,
660 ATAFN_SS_FLUSH,
661 ATAFN_SS_READ_SECTORS,
662 ATAFN_SS_WRITE_SECTORS,
663 ATAFN_SS_EXECUTE_DEVICE_DIAGNOSTIC,
664 ATAFN_SS_TRIM,
665 ATAFN_SS_PACKET,
666 ATAFN_SS_ATAPI_GET_CONFIGURATION,
667 ATAFN_SS_ATAPI_GET_EVENT_STATUS_NOTIFICATION,
668 ATAFN_SS_ATAPI_IDENTIFY,
669 ATAFN_SS_ATAPI_INQUIRY,
670 ATAFN_SS_ATAPI_MECHANISM_STATUS,
671 ATAFN_SS_ATAPI_MODE_SENSE_ERROR_RECOVERY,
672 ATAFN_SS_ATAPI_MODE_SENSE_CD_STATUS,
673 ATAFN_SS_ATAPI_READ,
674 ATAFN_SS_ATAPI_READ_CAPACITY,
675 ATAFN_SS_ATAPI_READ_DISC_INFORMATION,
676 ATAFN_SS_ATAPI_READ_TOC_NORMAL,
677 ATAFN_SS_ATAPI_READ_TOC_MULTI,
678 ATAFN_SS_ATAPI_READ_TOC_RAW,
679 ATAFN_SS_ATAPI_READ_TRACK_INFORMATION,
680 ATAFN_SS_ATAPI_REQUEST_SENSE,
681 ATAFN_SS_ATAPI_PASSTHROUGH,
682 ATAFN_SS_ATAPI_READ_DVD_STRUCTURE,
683 ATAFN_SS_MAX
684} ATAFNSS;
685
686# ifdef IN_RING3
687/**
688 * Array of source/sink functions, the index is ATAFNSS.
689 * Make sure ATAFNSS and this array match!
690 */
691static const PSourceSinkFunc g_apfnSourceSinkFuncs[ATAFN_SS_MAX] =
692{
693 NULL,
694 ataR3IdentifySS,
695 ataR3FlushSS,
696 ataR3ReadSectorsSS,
697 ataR3WriteSectorsSS,
698 ataR3ExecuteDeviceDiagnosticSS,
699 ataR3TrimSS,
700 ataR3PacketSS,
701 atapiR3GetConfigurationSS,
702 atapiR3GetEventStatusNotificationSS,
703 atapiR3IdentifySS,
704 atapiR3InquirySS,
705 atapiR3MechanismStatusSS,
706 atapiR3ModeSenseErrorRecoverySS,
707 atapiR3ModeSenseCDStatusSS,
708 atapiR3ReadSS,
709 atapiR3ReadCapacitySS,
710 atapiR3ReadDiscInformationSS,
711 atapiR3ReadTOCNormalSS,
712 atapiR3ReadTOCMultiSS,
713 atapiR3ReadTOCRawSS,
714 atapiR3ReadTrackInformationSS,
715 atapiR3RequestSenseSS,
716 atapiR3PassthroughSS,
717 atapiR3ReadDVDStructureSS
718};
719# endif /* IN_RING3 */
720
721
722static const ATARequest g_ataDMARequest = { ATA_AIO_DMA, { { 0, 0, 0, 0, 0 } } };
723static const ATARequest g_ataPIORequest = { ATA_AIO_PIO, { { 0, 0, 0, 0, 0 } } };
724static const ATARequest g_ataResetARequest = { ATA_AIO_RESET_ASSERTED, { { 0, 0, 0, 0, 0 } } };
725static const ATARequest g_ataResetCRequest = { ATA_AIO_RESET_CLEARED, { { 0, 0, 0, 0, 0 } } };
726
727# ifdef IN_RING3
728static void ataR3AsyncIOClearRequests(PATACONTROLLER pCtl)
729{
730 int rc = PDMCritSectEnter(&pCtl->AsyncIORequestLock, VINF_SUCCESS);
731 AssertRC(rc);
732
733 pCtl->AsyncIOReqHead = 0;
734 pCtl->AsyncIOReqTail = 0;
735
736 rc = PDMCritSectLeave(&pCtl->AsyncIORequestLock);
737 AssertRC(rc);
738}
739# endif /* IN_RING3 */
740
741static void ataHCAsyncIOPutRequest(PATACONTROLLER pCtl, const ATARequest *pReq)
742{
743 int rc = PDMCritSectEnter(&pCtl->AsyncIORequestLock, VINF_SUCCESS);
744 AssertRC(rc);
745
746 Assert((pCtl->AsyncIOReqHead + 1) % RT_ELEMENTS(pCtl->aAsyncIORequests) != pCtl->AsyncIOReqTail);
747 memcpy(&pCtl->aAsyncIORequests[pCtl->AsyncIOReqHead], pReq, sizeof(*pReq));
748 pCtl->AsyncIOReqHead++;
749 pCtl->AsyncIOReqHead %= RT_ELEMENTS(pCtl->aAsyncIORequests);
750
751 rc = PDMCritSectLeave(&pCtl->AsyncIORequestLock);
752 AssertRC(rc);
753
754 rc = PDMHCCritSectScheduleExitEvent(&pCtl->lock, pCtl->hAsyncIOSem);
755 if (RT_FAILURE(rc))
756 {
757 rc = SUPSemEventSignal(pCtl->pSupDrvSession, pCtl->hAsyncIOSem);
758 AssertRC(rc);
759 }
760}
761
762# ifdef IN_RING3
763
764static const ATARequest *ataR3AsyncIOGetCurrentRequest(PATACONTROLLER pCtl)
765{
766 const ATARequest *pReq;
767
768 int rc = PDMCritSectEnter(&pCtl->AsyncIORequestLock, VINF_SUCCESS);
769 AssertRC(rc);
770
771 if (pCtl->AsyncIOReqHead != pCtl->AsyncIOReqTail)
772 pReq = &pCtl->aAsyncIORequests[pCtl->AsyncIOReqTail];
773 else
774 pReq = NULL;
775
776 rc = PDMCritSectLeave(&pCtl->AsyncIORequestLock);
777 AssertRC(rc);
778 return pReq;
779}
780
781
782/**
783 * Remove the request with the given type, as it's finished. The request
784 * is not removed blindly, as this could mean a RESET request that is not
785 * yet processed (but has cleared the request queue) is lost.
786 *
787 * @param pCtl Controller for which to remove the request.
788 * @param ReqType Type of the request to remove.
789 */
790static void ataR3AsyncIORemoveCurrentRequest(PATACONTROLLER pCtl, ATAAIO ReqType)
791{
792 int rc = PDMCritSectEnter(&pCtl->AsyncIORequestLock, VINF_SUCCESS);
793 AssertRC(rc);
794
795 if (pCtl->AsyncIOReqHead != pCtl->AsyncIOReqTail && pCtl->aAsyncIORequests[pCtl->AsyncIOReqTail].ReqType == ReqType)
796 {
797 pCtl->AsyncIOReqTail++;
798 pCtl->AsyncIOReqTail %= RT_ELEMENTS(pCtl->aAsyncIORequests);
799 }
800
801 rc = PDMCritSectLeave(&pCtl->AsyncIORequestLock);
802 AssertRC(rc);
803}
804
805
806/**
807 * Dump the request queue for a particular controller. First dump the queue
808 * contents, then the already processed entries, as long as they haven't been
809 * overwritten.
810 *
811 * @param pCtl Controller for which to dump the queue.
812 */
813static void ataR3AsyncIODumpRequests(PATACONTROLLER pCtl)
814{
815 int rc = PDMCritSectEnter(&pCtl->AsyncIORequestLock, VINF_SUCCESS);
816 AssertRC(rc);
817
818 LogRel(("PIIX3 ATA: Ctl#%d: request queue dump (topmost is current):\n", ATACONTROLLER_IDX(pCtl)));
819 uint8_t curr = pCtl->AsyncIOReqTail;
820 do
821 {
822 if (curr == pCtl->AsyncIOReqHead)
823 LogRel(("PIIX3 ATA: Ctl#%d: processed requests (topmost is oldest):\n", ATACONTROLLER_IDX(pCtl)));
824 switch (pCtl->aAsyncIORequests[curr].ReqType)
825 {
826 case ATA_AIO_NEW:
827 LogRel(("new transfer request, iIf=%d iBeginTransfer=%d iSourceSink=%d cbTotalTransfer=%d uTxDir=%d\n", pCtl->aAsyncIORequests[curr].u.t.iIf, pCtl->aAsyncIORequests[curr].u.t.iBeginTransfer, pCtl->aAsyncIORequests[curr].u.t.iSourceSink, pCtl->aAsyncIORequests[curr].u.t.cbTotalTransfer, pCtl->aAsyncIORequests[curr].u.t.uTxDir));
828 break;
829 case ATA_AIO_DMA:
830 LogRel(("dma transfer continuation\n"));
831 break;
832 case ATA_AIO_PIO:
833 LogRel(("pio transfer continuation\n"));
834 break;
835 case ATA_AIO_RESET_ASSERTED:
836 LogRel(("reset asserted request\n"));
837 break;
838 case ATA_AIO_RESET_CLEARED:
839 LogRel(("reset cleared request\n"));
840 break;
841 case ATA_AIO_ABORT:
842 LogRel(("abort request, iIf=%d fResetDrive=%d\n", pCtl->aAsyncIORequests[curr].u.a.iIf, pCtl->aAsyncIORequests[curr].u.a.fResetDrive));
843 break;
844 default:
845 LogRel(("unknown request %d\n", pCtl->aAsyncIORequests[curr].ReqType));
846 }
847 curr = (curr + 1) % RT_ELEMENTS(pCtl->aAsyncIORequests);
848 } while (curr != pCtl->AsyncIOReqTail);
849
850 rc = PDMCritSectLeave(&pCtl->AsyncIORequestLock);
851 AssertRC(rc);
852}
853
854
855/**
856 * Checks whether the request queue for a particular controller is empty
857 * or whether a particular controller is idle.
858 *
859 * @param pCtl Controller for which to check the queue.
860 * @param fStrict If set then the controller is checked to be idle.
861 */
862static bool ataR3AsyncIOIsIdle(PATACONTROLLER pCtl, bool fStrict)
863{
864 int rc = PDMCritSectEnter(&pCtl->AsyncIORequestLock, VINF_SUCCESS);
865 AssertRC(rc);
866
867 bool fIdle = pCtl->fRedoIdle;
868 if (!fIdle)
869 fIdle = (pCtl->AsyncIOReqHead == pCtl->AsyncIOReqTail);
870 if (fStrict)
871 fIdle &= (pCtl->uAsyncIOState == ATA_AIO_NEW);
872
873 rc = PDMCritSectLeave(&pCtl->AsyncIORequestLock);
874 AssertRC(rc);
875 return fIdle;
876}
877
878
879/**
880 * Send a transfer request to the async I/O thread.
881 *
882 * @param s Pointer to the ATA device state data.
883 * @param cbTotalTransfer Data transfer size.
884 * @param uTxDir Data transfer direction.
885 * @param iBeginTransfer Index of BeginTransfer callback.
886 * @param iSourceSink Index of SourceSink callback.
887 * @param fChainedTransfer Whether this is a transfer that is part of the previous command/transfer.
888 */
889static void ataR3StartTransfer(ATADevState *s, uint32_t cbTotalTransfer, uint8_t uTxDir, ATAFNBT iBeginTransfer,
890 ATAFNSS iSourceSink, bool fChainedTransfer)
891{
892 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
893 ATARequest Req;
894
895 Assert(PDMCritSectIsOwner(&pCtl->lock));
896
897 /* Do not issue new requests while the RESET line is asserted. */
898 if (pCtl->fReset)
899 {
900 Log2(("%s: Ctl#%d: suppressed new request as RESET is active\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
901 return;
902 }
903
904 /* If the controller is already doing something else right now, ignore
905 * the command that is being submitted. Some broken guests issue commands
906 * twice (e.g. the Linux kernel that comes with Acronis True Image 8). */
907 if (!fChainedTransfer && !ataR3AsyncIOIsIdle(pCtl, true /*fStrict*/))
908 {
909 Log(("%s: Ctl#%d: ignored command %#04x, controller state %d\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl), s->uATARegCommand, pCtl->uAsyncIOState));
910 LogRel(("PIIX3 IDE: guest issued command %#04x while controller busy\n", s->uATARegCommand));
911 return;
912 }
913
914 Req.ReqType = ATA_AIO_NEW;
915 if (fChainedTransfer)
916 Req.u.t.iIf = pCtl->iAIOIf;
917 else
918 Req.u.t.iIf = pCtl->iSelectedIf;
919 Req.u.t.cbTotalTransfer = cbTotalTransfer;
920 Req.u.t.uTxDir = uTxDir;
921 Req.u.t.iBeginTransfer = iBeginTransfer;
922 Req.u.t.iSourceSink = iSourceSink;
923 ataSetStatusValue(s, ATA_STAT_BUSY);
924 pCtl->fChainedTransfer = fChainedTransfer;
925
926 /*
927 * Kick the worker thread into action.
928 */
929 Log2(("%s: Ctl#%d: message to async I/O thread, new request\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
930 ataHCAsyncIOPutRequest(pCtl, &Req);
931}
932
933
934/**
935 * Send an abort command request to the async I/O thread.
936 *
937 * @param s Pointer to the ATA device state data.
938 * @param fResetDrive Whether to reset the drive or just abort a command.
939 */
940static void ataR3AbortCurrentCommand(ATADevState *s, bool fResetDrive)
941{
942 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
943 ATARequest Req;
944
945 Assert(PDMCritSectIsOwner(&pCtl->lock));
946
947 /* Do not issue new requests while the RESET line is asserted. */
948 if (pCtl->fReset)
949 {
950 Log2(("%s: Ctl#%d: suppressed aborting command as RESET is active\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
951 return;
952 }
953
954 Req.ReqType = ATA_AIO_ABORT;
955 Req.u.a.iIf = pCtl->iSelectedIf;
956 Req.u.a.fResetDrive = fResetDrive;
957 ataSetStatus(s, ATA_STAT_BUSY);
958 Log2(("%s: Ctl#%d: message to async I/O thread, abort command on LUN#%d\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl), s->iLUN));
959 ataHCAsyncIOPutRequest(pCtl, &Req);
960}
961# endif /* IN_RING3 */
962
963static void ataHCSetIRQ(ATADevState *s)
964{
965 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
966 PPDMDEVINS pDevIns = ATADEVSTATE_2_DEVINS(s);
967
968 if (!(s->uATARegDevCtl & ATA_DEVCTL_DISABLE_IRQ))
969 {
970 Log2(("%s: LUN#%d asserting IRQ\n", __FUNCTION__, s->iLUN));
971 /* The BMDMA unit unconditionally sets BM_STATUS_INT if the interrupt
972 * line is asserted. It monitors the line for a rising edge. */
973 if (!s->fIrqPending)
974 pCtl->BmDma.u8Status |= BM_STATUS_INT;
975 /* Only actually set the IRQ line if updating the currently selected drive. */
976 if (s == &pCtl->aIfs[pCtl->iSelectedIf])
977 {
978 /** @todo experiment with adaptive IRQ delivery: for reads it is
979 * better to wait for IRQ delivery, as it reduces latency. */
980 if (pCtl->irq == 16)
981 PDMDevHlpPCISetIrq(pDevIns, 0, 1);
982 else
983 PDMDevHlpISASetIrq(pDevIns, pCtl->irq, 1);
984 }
985 }
986 s->fIrqPending = true;
987}
988
989#endif /* IN_RING0 || IN_RING3 */
990
991static void ataUnsetIRQ(ATADevState *s)
992{
993 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
994 PPDMDEVINS pDevIns = ATADEVSTATE_2_DEVINS(s);
995
996 if (!(s->uATARegDevCtl & ATA_DEVCTL_DISABLE_IRQ))
997 {
998 Log2(("%s: LUN#%d deasserting IRQ\n", __FUNCTION__, s->iLUN));
999 /* Only actually unset the IRQ line if updating the currently selected drive. */
1000 if (s == &pCtl->aIfs[pCtl->iSelectedIf])
1001 {
1002 if (pCtl->irq == 16)
1003 PDMDevHlpPCISetIrq(pDevIns, 0, 0);
1004 else
1005 PDMDevHlpISASetIrq(pDevIns, pCtl->irq, 0);
1006 }
1007 }
1008 s->fIrqPending = false;
1009}
1010
1011#if defined(IN_RING0) || defined(IN_RING3)
1012
1013static void ataHCPIOTransferStart(ATADevState *s, uint32_t start, uint32_t size)
1014{
1015 Log2(("%s: LUN#%d start %d size %d\n", __FUNCTION__, s->iLUN, start, size));
1016 s->iIOBufferPIODataStart = start;
1017 s->iIOBufferPIODataEnd = start + size;
1018 ataSetStatus(s, ATA_STAT_DRQ | ATA_STAT_SEEK);
1019 ataUnsetStatus(s, ATA_STAT_BUSY);
1020}
1021
1022
1023static void ataHCPIOTransferStop(ATADevState *s)
1024{
1025 Log2(("%s: LUN#%d\n", __FUNCTION__, s->iLUN));
1026 if (s->fATAPITransfer)
1027 {
1028 s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1029 Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
1030 ataHCSetIRQ(s);
1031 s->fATAPITransfer = false;
1032 }
1033 s->cbTotalTransfer = 0;
1034 s->cbElementaryTransfer = 0;
1035 s->iIOBufferPIODataStart = 0;
1036 s->iIOBufferPIODataEnd = 0;
1037 s->iBeginTransfer = ATAFN_BT_NULL;
1038 s->iSourceSink = ATAFN_SS_NULL;
1039}
1040
1041
1042static void ataHCPIOTransferLimitATAPI(ATADevState *s)
1043{
1044 uint32_t cbLimit, cbTransfer;
1045
1046 cbLimit = s->cbPIOTransferLimit;
1047 /* Use maximum transfer size if the guest requested 0. Avoids a hang. */
1048 if (cbLimit == 0)
1049 cbLimit = 0xfffe;
1050 Log2(("%s: byte count limit=%d\n", __FUNCTION__, cbLimit));
1051 if (cbLimit == 0xffff)
1052 cbLimit--;
1053 cbTransfer = RT_MIN(s->cbTotalTransfer, s->iIOBufferEnd - s->iIOBufferCur);
1054 if (cbTransfer > cbLimit)
1055 {
1056 /* Byte count limit for clipping must be even in this case */
1057 if (cbLimit & 1)
1058 cbLimit--;
1059 cbTransfer = cbLimit;
1060 }
1061 s->uATARegLCyl = cbTransfer;
1062 s->uATARegHCyl = cbTransfer >> 8;
1063 s->cbElementaryTransfer = cbTransfer;
1064}
1065
1066# ifdef IN_RING3
1067
1068static uint32_t ataR3GetNSectors(ATADevState *s)
1069{
1070 /* 0 means either 256 (LBA28) or 65536 (LBA48) sectors. */
1071 if (s->fLBA48)
1072 {
1073 if (!s->uATARegNSector && !s->uATARegNSectorHOB)
1074 return 65536;
1075 else
1076 return s->uATARegNSectorHOB << 8 | s->uATARegNSector;
1077 }
1078 else
1079 {
1080 if (!s->uATARegNSector)
1081 return 256;
1082 else
1083 return s->uATARegNSector;
1084 }
1085}
1086
1087
1088static void ataR3PadString(uint8_t *pbDst, const char *pbSrc, uint32_t cbSize)
1089{
1090 for (uint32_t i = 0; i < cbSize; i++)
1091 {
1092 if (*pbSrc)
1093 pbDst[i ^ 1] = *pbSrc++;
1094 else
1095 pbDst[i ^ 1] = ' ';
1096 }
1097}
1098
1099
1100static void ataR3SCSIPadStr(uint8_t *pbDst, const char *pbSrc, uint32_t cbSize)
1101{
1102 for (uint32_t i = 0; i < cbSize; i++)
1103 {
1104 if (*pbSrc)
1105 pbDst[i] = *pbSrc++;
1106 else
1107 pbDst[i] = ' ';
1108 }
1109}
1110
1111
1112DECLINLINE(void) ataH2BE_U16(uint8_t *pbBuf, uint16_t val)
1113{
1114 pbBuf[0] = val >> 8;
1115 pbBuf[1] = val;
1116}
1117
1118
1119DECLINLINE(void) ataH2BE_U24(uint8_t *pbBuf, uint32_t val)
1120{
1121 pbBuf[0] = val >> 16;
1122 pbBuf[1] = val >> 8;
1123 pbBuf[2] = val;
1124}
1125
1126
1127DECLINLINE(void) ataH2BE_U32(uint8_t *pbBuf, uint32_t val)
1128{
1129 pbBuf[0] = val >> 24;
1130 pbBuf[1] = val >> 16;
1131 pbBuf[2] = val >> 8;
1132 pbBuf[3] = val;
1133}
1134
1135
1136DECLINLINE(uint16_t) ataBE2H_U16(const uint8_t *pbBuf)
1137{
1138 return (pbBuf[0] << 8) | pbBuf[1];
1139}
1140
1141
1142DECLINLINE(uint32_t) ataBE2H_U24(const uint8_t *pbBuf)
1143{
1144 return (pbBuf[0] << 16) | (pbBuf[1] << 8) | pbBuf[2];
1145}
1146
1147
1148DECLINLINE(uint32_t) ataBE2H_U32(const uint8_t *pbBuf)
1149{
1150 return (pbBuf[0] << 24) | (pbBuf[1] << 16) | (pbBuf[2] << 8) | pbBuf[3];
1151}
1152
1153
1154DECLINLINE(void) ataLBA2MSF(uint8_t *pbBuf, uint32_t iATAPILBA)
1155{
1156 iATAPILBA += 150;
1157 pbBuf[0] = (iATAPILBA / 75) / 60;
1158 pbBuf[1] = (iATAPILBA / 75) % 60;
1159 pbBuf[2] = iATAPILBA % 75;
1160}
1161
1162
1163DECLINLINE(uint32_t) ataMSF2LBA(const uint8_t *pbBuf)
1164{
1165 return (pbBuf[0] * 60 + pbBuf[1]) * 75 + pbBuf[2];
1166}
1167
1168/**
1169 * Compares two MSF values.
1170 *
1171 * @returns 1 if the first value is greater than the second value.
1172 * 0 if both are equal
1173 * -1 if the first value is smaller than the second value.
1174 */
1175DECLINLINE(int) atapiCmpMSF(const uint8_t *pbMSF1, const uint8_t *pbMSF2)
1176{
1177 int iRes = 0;
1178
1179 for (unsigned i = 0; i < 3; i++)
1180 {
1181 if (pbMSF1[i] < pbMSF2[i])
1182 {
1183 iRes = -1;
1184 break;
1185 }
1186 else if (pbMSF1[i] > pbMSF2[i])
1187 {
1188 iRes = 1;
1189 break;
1190 }
1191 }
1192
1193 return iRes;
1194}
1195
1196static void ataR3CmdOK(ATADevState *s, uint8_t status)
1197{
1198 s->uATARegError = 0; /* Not needed by ATA spec, but cannot hurt. */
1199 ataSetStatusValue(s, ATA_STAT_READY | status);
1200}
1201
1202
1203static void ataR3CmdError(ATADevState *s, uint8_t uErrorCode)
1204{
1205 Log(("%s: code=%#x\n", __FUNCTION__, uErrorCode));
1206 Assert(uErrorCode);
1207 s->uATARegError = uErrorCode;
1208 ataSetStatusValue(s, ATA_STAT_READY | ATA_STAT_ERR);
1209 s->cbTotalTransfer = 0;
1210 s->cbElementaryTransfer = 0;
1211 s->iIOBufferCur = 0;
1212 s->iIOBufferEnd = 0;
1213 s->uTxDir = PDMMEDIATXDIR_NONE;
1214 s->iBeginTransfer = ATAFN_BT_NULL;
1215 s->iSourceSink = ATAFN_SS_NULL;
1216}
1217
1218static uint32_t ataR3Checksum(void* ptr, size_t count)
1219{
1220 uint8_t u8Sum = 0xa5, *p = (uint8_t*)ptr;
1221 size_t i;
1222
1223 for (i = 0; i < count; i++)
1224 {
1225 u8Sum += *p++;
1226 }
1227
1228 return (uint8_t)-(int32_t)u8Sum;
1229}
1230
1231static bool ataR3IdentifySS(ATADevState *s)
1232{
1233 uint16_t *p;
1234
1235 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
1236 Assert(s->cbElementaryTransfer == 512);
1237
1238 p = (uint16_t *)s->CTX_SUFF(pbIOBuffer);
1239 memset(p, 0, 512);
1240 p[0] = RT_H2LE_U16(0x0040);
1241 p[1] = RT_H2LE_U16(RT_MIN(s->PCHSGeometry.cCylinders, 16383));
1242 p[3] = RT_H2LE_U16(s->PCHSGeometry.cHeads);
1243 /* Block size; obsolete, but required for the BIOS. */
1244 p[5] = RT_H2LE_U16(s->cbSector);
1245 p[6] = RT_H2LE_U16(s->PCHSGeometry.cSectors);
1246 ataR3PadString((uint8_t *)(p + 10), s->szSerialNumber, ATA_SERIAL_NUMBER_LENGTH); /* serial number */
1247 p[20] = RT_H2LE_U16(3); /* XXX: retired, cache type */
1248 p[21] = RT_H2LE_U16(512); /* XXX: retired, cache size in sectors */
1249 p[22] = RT_H2LE_U16(0); /* ECC bytes per sector */
1250 ataR3PadString((uint8_t *)(p + 23), s->szFirmwareRevision, ATA_FIRMWARE_REVISION_LENGTH); /* firmware version */
1251 ataR3PadString((uint8_t *)(p + 27), s->szModelNumber, ATA_MODEL_NUMBER_LENGTH); /* model */
1252# if ATA_MAX_MULT_SECTORS > 1
1253 p[47] = RT_H2LE_U16(0x8000 | ATA_MAX_MULT_SECTORS);
1254# endif
1255 p[48] = RT_H2LE_U16(1); /* dword I/O, used by the BIOS */
1256 p[49] = RT_H2LE_U16(1 << 11 | 1 << 9 | 1 << 8); /* DMA and LBA supported */
1257 p[50] = RT_H2LE_U16(1 << 14); /* No drive specific standby timer minimum */
1258 p[51] = RT_H2LE_U16(240); /* PIO transfer cycle */
1259 p[52] = RT_H2LE_U16(240); /* DMA transfer cycle */
1260 p[53] = RT_H2LE_U16(1 | 1 << 1 | 1 << 2); /* words 54-58,64-70,88 valid */
1261 p[54] = RT_H2LE_U16(RT_MIN(s->PCHSGeometry.cCylinders, 16383));
1262 p[55] = RT_H2LE_U16(s->PCHSGeometry.cHeads);
1263 p[56] = RT_H2LE_U16(s->PCHSGeometry.cSectors);
1264 p[57] = RT_H2LE_U16( RT_MIN(s->PCHSGeometry.cCylinders, 16383)
1265 * s->PCHSGeometry.cHeads
1266 * s->PCHSGeometry.cSectors);
1267 p[58] = RT_H2LE_U16( RT_MIN(s->PCHSGeometry.cCylinders, 16383)
1268 * s->PCHSGeometry.cHeads
1269 * s->PCHSGeometry.cSectors >> 16);
1270 if (s->cMultSectors)
1271 p[59] = RT_H2LE_U16(0x100 | s->cMultSectors);
1272 if (s->cTotalSectors <= (1 << 28) - 1)
1273 {
1274 p[60] = RT_H2LE_U16(s->cTotalSectors);
1275 p[61] = RT_H2LE_U16(s->cTotalSectors >> 16);
1276 }
1277 else
1278 {
1279 /* Report maximum number of sectors possible with LBA28 */
1280 p[60] = RT_H2LE_U16(((1 << 28) - 1) & 0xffff);
1281 p[61] = RT_H2LE_U16(((1 << 28) - 1) >> 16);
1282 }
1283 p[63] = RT_H2LE_U16(ATA_TRANSFER_ID(ATA_MODE_MDMA, ATA_MDMA_MODE_MAX, s->uATATransferMode)); /* MDMA modes supported / mode enabled */
1284 p[64] = RT_H2LE_U16(ATA_PIO_MODE_MAX > 2 ? (1 << (ATA_PIO_MODE_MAX - 2)) - 1 : 0); /* PIO modes beyond PIO2 supported */
1285 p[65] = RT_H2LE_U16(120); /* minimum DMA multiword tx cycle time */
1286 p[66] = RT_H2LE_U16(120); /* recommended DMA multiword tx cycle time */
1287 p[67] = RT_H2LE_U16(120); /* minimum PIO cycle time without flow control */
1288 p[68] = RT_H2LE_U16(120); /* minimum PIO cycle time with IORDY flow control */
1289 if ( s->pDrvMedia->pfnDiscard
1290 || s->cbSector != 512
1291 || s->fNonRotational)
1292 {
1293 p[80] = RT_H2LE_U16(0x1f0); /* support everything up to ATA/ATAPI-8 ACS */
1294 p[81] = RT_H2LE_U16(0x28); /* conforms to ATA/ATAPI-8 ACS */
1295 }
1296 else
1297 {
1298 p[80] = RT_H2LE_U16(0x7e); /* support everything up to ATA/ATAPI-6 */
1299 p[81] = RT_H2LE_U16(0x22); /* conforms to ATA/ATAPI-6 */
1300 }
1301 p[82] = RT_H2LE_U16(1 << 3 | 1 << 5 | 1 << 6); /* supports power management, write cache and look-ahead */
1302 if (s->cTotalSectors <= (1 << 28) - 1)
1303 p[83] = RT_H2LE_U16(1 << 14 | 1 << 12); /* supports FLUSH CACHE */
1304 else
1305 p[83] = RT_H2LE_U16(1 << 14 | 1 << 10 | 1 << 12 | 1 << 13); /* supports LBA48, FLUSH CACHE and FLUSH CACHE EXT */
1306 p[84] = RT_H2LE_U16(1 << 14);
1307 p[85] = RT_H2LE_U16(1 << 3 | 1 << 5 | 1 << 6); /* enabled power management, write cache and look-ahead */
1308 if (s->cTotalSectors <= (1 << 28) - 1)
1309 p[86] = RT_H2LE_U16(1 << 12); /* enabled FLUSH CACHE */
1310 else
1311 p[86] = RT_H2LE_U16(1 << 10 | 1 << 12 | 1 << 13); /* enabled LBA48, FLUSH CACHE and FLUSH CACHE EXT */
1312 p[87] = RT_H2LE_U16(1 << 14);
1313 p[88] = RT_H2LE_U16(ATA_TRANSFER_ID(ATA_MODE_UDMA, ATA_UDMA_MODE_MAX, s->uATATransferMode)); /* UDMA modes supported / mode enabled */
1314 p[93] = RT_H2LE_U16((1 | 1 << 1) << ((s->iLUN & 1) == 0 ? 0 : 8) | 1 << 13 | 1 << 14);
1315 if (s->cTotalSectors > (1 << 28) - 1)
1316 {
1317 p[100] = RT_H2LE_U16(s->cTotalSectors);
1318 p[101] = RT_H2LE_U16(s->cTotalSectors >> 16);
1319 p[102] = RT_H2LE_U16(s->cTotalSectors >> 32);
1320 p[103] = RT_H2LE_U16(s->cTotalSectors >> 48);
1321 }
1322
1323 if (s->cbSector != 512)
1324 {
1325 uint32_t cSectorSizeInWords = s->cbSector / sizeof(uint16_t);
1326 /* Enable reporting of logical sector size. */
1327 p[106] |= RT_H2LE_U16(RT_BIT(12) | RT_BIT(14));
1328 p[117] = RT_H2LE_U16(cSectorSizeInWords);
1329 p[118] = RT_H2LE_U16(cSectorSizeInWords >> 16);
1330 }
1331
1332 if (s->pDrvMedia->pfnDiscard) /** @todo: Set bit 14 in word 69 too? (Deterministic read after TRIM). */
1333 p[169] = RT_H2LE_U16(1); /* DATA SET MANAGEMENT command supported. */
1334 if (s->fNonRotational)
1335 p[217] = RT_H2LE_U16(1); /* Non-rotational medium */
1336 uint32_t uCsum = ataR3Checksum(p, 510);
1337 p[255] = RT_H2LE_U16(0xa5 | (uCsum << 8)); /* Integrity word */
1338 s->iSourceSink = ATAFN_SS_NULL;
1339 ataR3CmdOK(s, ATA_STAT_SEEK);
1340 return false;
1341}
1342
1343
1344static bool ataR3FlushSS(ATADevState *s)
1345{
1346 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1347 int rc;
1348
1349 Assert(s->uTxDir == PDMMEDIATXDIR_NONE);
1350 Assert(!s->cbElementaryTransfer);
1351
1352 PDMCritSectLeave(&pCtl->lock);
1353
1354 STAM_PROFILE_START(&s->StatFlushes, f);
1355 rc = s->pDrvMedia->pfnFlush(s->pDrvMedia);
1356 AssertRC(rc);
1357 STAM_PROFILE_STOP(&s->StatFlushes, f);
1358
1359 STAM_PROFILE_START(&pCtl->StatLockWait, a);
1360 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
1361 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
1362 ataR3CmdOK(s, 0);
1363 return false;
1364}
1365
1366static bool atapiR3IdentifySS(ATADevState *s)
1367{
1368 uint16_t *p;
1369
1370 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
1371 Assert(s->cbElementaryTransfer == 512);
1372
1373 p = (uint16_t *)s->CTX_SUFF(pbIOBuffer);
1374 memset(p, 0, 512);
1375 /* Removable CDROM, 3ms response, 12 byte packets */
1376 p[0] = RT_H2LE_U16(2 << 14 | 5 << 8 | 1 << 7 | 0 << 5 | 0 << 0);
1377 ataR3PadString((uint8_t *)(p + 10), s->szSerialNumber, ATA_SERIAL_NUMBER_LENGTH); /* serial number */
1378 p[20] = RT_H2LE_U16(3); /* XXX: retired, cache type */
1379 p[21] = RT_H2LE_U16(512); /* XXX: retired, cache size in sectors */
1380 ataR3PadString((uint8_t *)(p + 23), s->szFirmwareRevision, ATA_FIRMWARE_REVISION_LENGTH); /* firmware version */
1381 ataR3PadString((uint8_t *)(p + 27), s->szModelNumber, ATA_MODEL_NUMBER_LENGTH); /* model */
1382 p[49] = RT_H2LE_U16(1 << 11 | 1 << 9 | 1 << 8); /* DMA and LBA supported */
1383 p[50] = RT_H2LE_U16(1 << 14); /* No drive specific standby timer minimum */
1384 p[51] = RT_H2LE_U16(240); /* PIO transfer cycle */
1385 p[52] = RT_H2LE_U16(240); /* DMA transfer cycle */
1386 p[53] = RT_H2LE_U16(1 << 1 | 1 << 2); /* words 64-70,88 are valid */
1387 p[63] = RT_H2LE_U16(ATA_TRANSFER_ID(ATA_MODE_MDMA, ATA_MDMA_MODE_MAX, s->uATATransferMode)); /* MDMA modes supported / mode enabled */
1388 p[64] = RT_H2LE_U16(ATA_PIO_MODE_MAX > 2 ? (1 << (ATA_PIO_MODE_MAX - 2)) - 1 : 0); /* PIO modes beyond PIO2 supported */
1389 p[65] = RT_H2LE_U16(120); /* minimum DMA multiword tx cycle time */
1390 p[66] = RT_H2LE_U16(120); /* recommended DMA multiword tx cycle time */
1391 p[67] = RT_H2LE_U16(120); /* minimum PIO cycle time without flow control */
1392 p[68] = RT_H2LE_U16(120); /* minimum PIO cycle time with IORDY flow control */
1393 p[73] = RT_H2LE_U16(0x003e); /* ATAPI CDROM major */
1394 p[74] = RT_H2LE_U16(9); /* ATAPI CDROM minor */
1395 p[75] = RT_H2LE_U16(1); /* queue depth 1 */
1396 p[80] = RT_H2LE_U16(0x7e); /* support everything up to ATA/ATAPI-6 */
1397 p[81] = RT_H2LE_U16(0x22); /* conforms to ATA/ATAPI-6 */
1398 p[82] = RT_H2LE_U16(1 << 4 | 1 << 9); /* supports packet command set and DEVICE RESET */
1399 p[83] = RT_H2LE_U16(1 << 14);
1400 p[84] = RT_H2LE_U16(1 << 14);
1401 p[85] = RT_H2LE_U16(1 << 4 | 1 << 9); /* enabled packet command set and DEVICE RESET */
1402 p[86] = RT_H2LE_U16(0);
1403 p[87] = RT_H2LE_U16(1 << 14);
1404 p[88] = RT_H2LE_U16(ATA_TRANSFER_ID(ATA_MODE_UDMA, ATA_UDMA_MODE_MAX, s->uATATransferMode)); /* UDMA modes supported / mode enabled */
1405 p[93] = RT_H2LE_U16((1 | 1 << 1) << ((s->iLUN & 1) == 0 ? 0 : 8) | 1 << 13 | 1 << 14);
1406 /* According to ATAPI-5 spec:
1407 *
1408 * The use of this word is optional.
1409 * If bits 7:0 of this word contain the signature A5h, bits 15:8
1410 * contain the data
1411 * structure checksum.
1412 * The data structure checksum is the twos complement of the sum of
1413 * all bytes in words 0 through 254 and the byte consisting of
1414 * bits 7:0 in word 255.
1415 * Each byte shall be added with unsigned arithmetic,
1416 * and overflow shall be ignored.
1417 * The sum of all 512 bytes is zero when the checksum is correct.
1418 */
1419 uint32_t uCsum = ataR3Checksum(p, 510);
1420 p[255] = RT_H2LE_U16(0xa5 | (uCsum << 8)); /* Integrity word */
1421
1422 s->iSourceSink = ATAFN_SS_NULL;
1423 ataR3CmdOK(s, ATA_STAT_SEEK);
1424 return false;
1425}
1426
1427
1428static void ataR3SetSignature(ATADevState *s)
1429{
1430 s->uATARegSelect &= 0xf0; /* clear head */
1431 /* put signature */
1432 s->uATARegNSector = 1;
1433 s->uATARegSector = 1;
1434 if (s->fATAPI)
1435 {
1436 s->uATARegLCyl = 0x14;
1437 s->uATARegHCyl = 0xeb;
1438 }
1439 else if (s->pDrvMedia)
1440 {
1441 s->uATARegLCyl = 0;
1442 s->uATARegHCyl = 0;
1443 }
1444 else
1445 {
1446 s->uATARegLCyl = 0xff;
1447 s->uATARegHCyl = 0xff;
1448 }
1449}
1450
1451
1452static uint64_t ataR3GetSector(ATADevState *s)
1453{
1454 uint64_t iLBA;
1455 if (s->uATARegSelect & 0x40)
1456 {
1457 /* any LBA variant */
1458 if (s->fLBA48)
1459 {
1460 /* LBA48 */
1461 iLBA = ((uint64_t)s->uATARegHCylHOB << 40) |
1462 ((uint64_t)s->uATARegLCylHOB << 32) |
1463 ((uint64_t)s->uATARegSectorHOB << 24) |
1464 ((uint64_t)s->uATARegHCyl << 16) |
1465 ((uint64_t)s->uATARegLCyl << 8) |
1466 s->uATARegSector;
1467 }
1468 else
1469 {
1470 /* LBA */
1471 iLBA = ((s->uATARegSelect & 0x0f) << 24) | (s->uATARegHCyl << 16) |
1472 (s->uATARegLCyl << 8) | s->uATARegSector;
1473 }
1474 }
1475 else
1476 {
1477 /* CHS */
1478 iLBA = ((s->uATARegHCyl << 8) | s->uATARegLCyl) * s->PCHSGeometry.cHeads * s->PCHSGeometry.cSectors +
1479 (s->uATARegSelect & 0x0f) * s->PCHSGeometry.cSectors +
1480 (s->uATARegSector - 1);
1481 }
1482 return iLBA;
1483}
1484
1485static void ataR3SetSector(ATADevState *s, uint64_t iLBA)
1486{
1487 uint32_t cyl, r;
1488 if (s->uATARegSelect & 0x40)
1489 {
1490 /* any LBA variant */
1491 if (s->fLBA48)
1492 {
1493 /* LBA48 */
1494 s->uATARegHCylHOB = iLBA >> 40;
1495 s->uATARegLCylHOB = iLBA >> 32;
1496 s->uATARegSectorHOB = iLBA >> 24;
1497 s->uATARegHCyl = iLBA >> 16;
1498 s->uATARegLCyl = iLBA >> 8;
1499 s->uATARegSector = iLBA;
1500 }
1501 else
1502 {
1503 /* LBA */
1504 s->uATARegSelect = (s->uATARegSelect & 0xf0) | (iLBA >> 24);
1505 s->uATARegHCyl = (iLBA >> 16);
1506 s->uATARegLCyl = (iLBA >> 8);
1507 s->uATARegSector = (iLBA);
1508 }
1509 }
1510 else
1511 {
1512 /* CHS */
1513 cyl = iLBA / (s->PCHSGeometry.cHeads * s->PCHSGeometry.cSectors);
1514 r = iLBA % (s->PCHSGeometry.cHeads * s->PCHSGeometry.cSectors);
1515 s->uATARegHCyl = cyl >> 8;
1516 s->uATARegLCyl = cyl;
1517 s->uATARegSelect = (s->uATARegSelect & 0xf0) | ((r / s->PCHSGeometry.cSectors) & 0x0f);
1518 s->uATARegSector = (r % s->PCHSGeometry.cSectors) + 1;
1519 }
1520}
1521
1522
1523static void ataR3WarningDiskFull(PPDMDEVINS pDevIns)
1524{
1525 int rc;
1526 LogRel(("PIIX3 ATA: Host disk full\n"));
1527 rc = PDMDevHlpVMSetRuntimeError(pDevIns, VMSETRTERR_FLAGS_SUSPEND | VMSETRTERR_FLAGS_NO_WAIT, "DevATA_DISKFULL",
1528 N_("Host system reported disk full. VM execution is suspended. You can resume after freeing some space"));
1529 AssertRC(rc);
1530}
1531
1532static void ataR3WarningFileTooBig(PPDMDEVINS pDevIns)
1533{
1534 int rc;
1535 LogRel(("PIIX3 ATA: File too big\n"));
1536 rc = PDMDevHlpVMSetRuntimeError(pDevIns, VMSETRTERR_FLAGS_SUSPEND | VMSETRTERR_FLAGS_NO_WAIT, "DevATA_FILETOOBIG",
1537 N_("Host system reported that the file size limit of the host file system has been exceeded. VM execution is suspended. You need to move your virtual hard disk to a filesystem which allows bigger files"));
1538 AssertRC(rc);
1539}
1540
1541static void ataR3WarningISCSI(PPDMDEVINS pDevIns)
1542{
1543 int rc;
1544 LogRel(("PIIX3 ATA: iSCSI target unavailable\n"));
1545 rc = PDMDevHlpVMSetRuntimeError(pDevIns, VMSETRTERR_FLAGS_SUSPEND | VMSETRTERR_FLAGS_NO_WAIT, "DevATA_ISCSIDOWN",
1546 N_("The iSCSI target has stopped responding. VM execution is suspended. You can resume when it is available again"));
1547 AssertRC(rc);
1548}
1549
1550static bool ataR3IsRedoSetWarning(ATADevState *s, int rc)
1551{
1552 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1553 Assert(!PDMCritSectIsOwner(&pCtl->lock));
1554 if (rc == VERR_DISK_FULL)
1555 {
1556 pCtl->fRedoIdle = true;
1557 ataR3WarningDiskFull(ATADEVSTATE_2_DEVINS(s));
1558 return true;
1559 }
1560 if (rc == VERR_FILE_TOO_BIG)
1561 {
1562 pCtl->fRedoIdle = true;
1563 ataR3WarningFileTooBig(ATADEVSTATE_2_DEVINS(s));
1564 return true;
1565 }
1566 if (rc == VERR_BROKEN_PIPE || rc == VERR_NET_CONNECTION_REFUSED)
1567 {
1568 pCtl->fRedoIdle = true;
1569 /* iSCSI connection abort (first error) or failure to reestablish
1570 * connection (second error). Pause VM. On resume we'll retry. */
1571 ataR3WarningISCSI(ATADEVSTATE_2_DEVINS(s));
1572 return true;
1573 }
1574 if (rc == VERR_VD_DEK_MISSING)
1575 {
1576 /* Error message already set. */
1577 pCtl->fRedoIdle = true;
1578 return true;
1579 }
1580
1581 return false;
1582}
1583
1584
1585static int ataR3ReadSectors(ATADevState *s, uint64_t u64Sector, void *pvBuf,
1586 uint32_t cSectors, bool *pfRedo)
1587{
1588 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1589 int rc;
1590
1591 PDMCritSectLeave(&pCtl->lock);
1592
1593 STAM_PROFILE_ADV_START(&s->StatReads, r);
1594 s->Led.Asserted.s.fReading = s->Led.Actual.s.fReading = 1;
1595 rc = s->pDrvMedia->pfnRead(s->pDrvMedia, u64Sector * s->cbSector, pvBuf, cSectors * s->cbSector);
1596 s->Led.Actual.s.fReading = 0;
1597 STAM_PROFILE_ADV_STOP(&s->StatReads, r);
1598 Log4(("ataR3ReadSectors: rc=%Rrc cSectors=%#x u64Sector=%llu\n%.*Rhxd\n",
1599 rc, cSectors, u64Sector, cSectors * s->cbSector, pvBuf));
1600
1601 STAM_REL_COUNTER_ADD(&s->StatBytesRead, cSectors * s->cbSector);
1602
1603 if (RT_SUCCESS(rc))
1604 *pfRedo = false;
1605 else
1606 *pfRedo = ataR3IsRedoSetWarning(s, rc);
1607
1608 STAM_PROFILE_START(&pCtl->StatLockWait, a);
1609 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
1610 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
1611 return rc;
1612}
1613
1614
1615static int ataR3WriteSectors(ATADevState *s, uint64_t u64Sector,
1616 const void *pvBuf, uint32_t cSectors, bool *pfRedo)
1617{
1618 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1619 int rc;
1620
1621 PDMCritSectLeave(&pCtl->lock);
1622
1623 STAM_PROFILE_ADV_START(&s->StatWrites, w);
1624 s->Led.Asserted.s.fWriting = s->Led.Actual.s.fWriting = 1;
1625# ifdef VBOX_INSTRUMENT_DMA_WRITES
1626 if (s->fDMA)
1627 STAM_PROFILE_ADV_START(&s->StatInstrVDWrites, vw);
1628# endif
1629 rc = s->pDrvMedia->pfnWrite(s->pDrvMedia, u64Sector * s->cbSector, pvBuf, cSectors * s->cbSector);
1630# ifdef VBOX_INSTRUMENT_DMA_WRITES
1631 if (s->fDMA)
1632 STAM_PROFILE_ADV_STOP(&s->StatInstrVDWrites, vw);
1633# endif
1634 s->Led.Actual.s.fWriting = 0;
1635 STAM_PROFILE_ADV_STOP(&s->StatWrites, w);
1636 Log4(("ataR3WriteSectors: rc=%Rrc cSectors=%#x u64Sector=%llu\n%.*Rhxd\n",
1637 rc, cSectors, u64Sector, cSectors * s->cbSector, pvBuf));
1638
1639 STAM_REL_COUNTER_ADD(&s->StatBytesWritten, cSectors * s->cbSector);
1640
1641 if (RT_SUCCESS(rc))
1642 *pfRedo = false;
1643 else
1644 *pfRedo = ataR3IsRedoSetWarning(s, rc);
1645
1646 STAM_PROFILE_START(&pCtl->StatLockWait, a);
1647 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
1648 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
1649 return rc;
1650}
1651
1652
1653static void ataR3ReadWriteSectorsBT(ATADevState *s)
1654{
1655 uint32_t cSectors;
1656
1657 cSectors = s->cbTotalTransfer / s->cbSector;
1658 if (cSectors > s->cSectorsPerIRQ)
1659 s->cbElementaryTransfer = s->cSectorsPerIRQ * s->cbSector;
1660 else
1661 s->cbElementaryTransfer = cSectors * s->cbSector;
1662 if (s->uTxDir == PDMMEDIATXDIR_TO_DEVICE)
1663 ataR3CmdOK(s, 0);
1664}
1665
1666
1667static bool ataR3ReadSectorsSS(ATADevState *s)
1668{
1669 int rc;
1670 uint32_t cSectors;
1671 uint64_t iLBA;
1672 bool fRedo;
1673
1674 cSectors = s->cbElementaryTransfer / s->cbSector;
1675 Assert(cSectors);
1676 iLBA = ataR3GetSector(s);
1677 Log(("%s: %d sectors at LBA %d\n", __FUNCTION__, cSectors, iLBA));
1678 rc = ataR3ReadSectors(s, iLBA, s->CTX_SUFF(pbIOBuffer), cSectors, &fRedo);
1679 if (RT_SUCCESS(rc))
1680 {
1681 ataR3SetSector(s, iLBA + cSectors);
1682 if (s->cbElementaryTransfer == s->cbTotalTransfer)
1683 s->iSourceSink = ATAFN_SS_NULL;
1684 ataR3CmdOK(s, ATA_STAT_SEEK);
1685 }
1686 else
1687 {
1688 if (fRedo)
1689 return fRedo;
1690 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
1691 LogRel(("PIIX3 ATA: LUN#%d: disk read error (rc=%Rrc iSector=%#RX64 cSectors=%#RX32)\n",
1692 s->iLUN, rc, iLBA, cSectors));
1693
1694 /*
1695 * Check if we got interrupted. We don't need to set status variables
1696 * because the request was aborted.
1697 */
1698 if (rc != VERR_INTERRUPTED)
1699 ataR3CmdError(s, ID_ERR);
1700 }
1701 return false;
1702}
1703
1704
1705static bool ataR3WriteSectorsSS(ATADevState *s)
1706{
1707 int rc;
1708 uint32_t cSectors;
1709 uint64_t iLBA;
1710 bool fRedo;
1711
1712 cSectors = s->cbElementaryTransfer / s->cbSector;
1713 Assert(cSectors);
1714 iLBA = ataR3GetSector(s);
1715 Log(("%s: %d sectors at LBA %d\n", __FUNCTION__, cSectors, iLBA));
1716 rc = ataR3WriteSectors(s, iLBA, s->CTX_SUFF(pbIOBuffer), cSectors, &fRedo);
1717 if (RT_SUCCESS(rc))
1718 {
1719 ataR3SetSector(s, iLBA + cSectors);
1720 if (!s->cbTotalTransfer)
1721 s->iSourceSink = ATAFN_SS_NULL;
1722 ataR3CmdOK(s, ATA_STAT_SEEK);
1723 }
1724 else
1725 {
1726 if (fRedo)
1727 return fRedo;
1728 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
1729 LogRel(("PIIX3 ATA: LUN#%d: disk write error (rc=%Rrc iSector=%#RX64 cSectors=%#RX32)\n",
1730 s->iLUN, rc, iLBA, cSectors));
1731
1732 /*
1733 * Check if we got interrupted. We don't need to set status variables
1734 * because the request was aborted.
1735 */
1736 if (rc != VERR_INTERRUPTED)
1737 ataR3CmdError(s, ID_ERR);
1738 }
1739 return false;
1740}
1741
1742
1743static void atapiR3CmdOK(ATADevState *s)
1744{
1745 s->uATARegError = 0;
1746 ataSetStatusValue(s, ATA_STAT_READY);
1747 s->uATARegNSector = (s->uATARegNSector & ~7)
1748 | ((s->uTxDir != PDMMEDIATXDIR_TO_DEVICE) ? ATAPI_INT_REASON_IO : 0)
1749 | (!s->cbTotalTransfer ? ATAPI_INT_REASON_CD : 0);
1750 Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
1751
1752 memset(s->abATAPISense, '\0', sizeof(s->abATAPISense));
1753 s->abATAPISense[0] = 0x70 | (1 << 7);
1754 s->abATAPISense[7] = 10;
1755}
1756
1757
1758static void atapiR3CmdError(ATADevState *s, const uint8_t *pabATAPISense, size_t cbATAPISense)
1759{
1760 Log(("%s: sense=%#x (%s) asc=%#x ascq=%#x (%s)\n", __FUNCTION__, pabATAPISense[2] & 0x0f, SCSISenseText(pabATAPISense[2] & 0x0f),
1761 pabATAPISense[12], pabATAPISense[13], SCSISenseExtText(pabATAPISense[12], pabATAPISense[13])));
1762 s->uATARegError = pabATAPISense[2] << 4;
1763 ataSetStatusValue(s, ATA_STAT_READY | ATA_STAT_ERR);
1764 s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1765 Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
1766 memset(s->abATAPISense, '\0', sizeof(s->abATAPISense));
1767 memcpy(s->abATAPISense, pabATAPISense, RT_MIN(cbATAPISense, sizeof(s->abATAPISense)));
1768 s->cbTotalTransfer = 0;
1769 s->cbElementaryTransfer = 0;
1770 s->cbAtapiPassthroughTransfer = 0;
1771 s->iIOBufferCur = 0;
1772 s->iIOBufferEnd = 0;
1773 s->uTxDir = PDMMEDIATXDIR_NONE;
1774 s->iBeginTransfer = ATAFN_BT_NULL;
1775 s->iSourceSink = ATAFN_SS_NULL;
1776}
1777
1778
1779/** @todo deprecated function - doesn't provide enough info. Replace by direct
1780 * calls to atapiR3CmdError() with full data. */
1781static void atapiR3CmdErrorSimple(ATADevState *s, uint8_t uATAPISenseKey, uint8_t uATAPIASC)
1782{
1783 uint8_t abATAPISense[ATAPI_SENSE_SIZE];
1784 memset(abATAPISense, '\0', sizeof(abATAPISense));
1785 abATAPISense[0] = 0x70 | (1 << 7);
1786 abATAPISense[2] = uATAPISenseKey & 0x0f;
1787 abATAPISense[7] = 10;
1788 abATAPISense[12] = uATAPIASC;
1789 atapiR3CmdError(s, abATAPISense, sizeof(abATAPISense));
1790}
1791
1792
1793static void atapiR3CmdBT(ATADevState *s)
1794{
1795 s->fATAPITransfer = true;
1796 s->cbElementaryTransfer = s->cbTotalTransfer;
1797 s->cbAtapiPassthroughTransfer = s->cbTotalTransfer;
1798 s->cbPIOTransferLimit = s->uATARegLCyl | (s->uATARegHCyl << 8);
1799 if (s->uTxDir == PDMMEDIATXDIR_TO_DEVICE)
1800 atapiR3CmdOK(s);
1801}
1802
1803
1804static void atapiR3PassthroughCmdBT(ATADevState *s)
1805{
1806 /** @todo implement an algorithm for correctly determining the read and
1807 * write sector size without sending additional commands to the drive.
1808 * This should be doable by saving processing the configuration requests
1809 * and replies. */
1810# if 0
1811 if (s->uTxDir == PDMMEDIATXDIR_TO_DEVICE)
1812 {
1813 uint8_t cmd = s->aATAPICmd[0];
1814 if (cmd == SCSI_WRITE_10 || cmd == SCSI_WRITE_12 || cmd == SCSI_WRITE_AND_VERIFY_10)
1815 {
1816 uint8_t aModeSenseCmd[10];
1817 uint8_t aModeSenseResult[16];
1818 uint8_t uDummySense;
1819 uint32_t cbTransfer;
1820 int rc;
1821
1822 cbTransfer = sizeof(aModeSenseResult);
1823 aModeSenseCmd[0] = SCSI_MODE_SENSE_10;
1824 aModeSenseCmd[1] = 0x08; /* disable block descriptor = 1 */
1825 aModeSenseCmd[2] = (SCSI_PAGECONTROL_CURRENT << 6) | SCSI_MODEPAGE_WRITE_PARAMETER;
1826 aModeSenseCmd[3] = 0; /* subpage code */
1827 aModeSenseCmd[4] = 0; /* reserved */
1828 aModeSenseCmd[5] = 0; /* reserved */
1829 aModeSenseCmd[6] = 0; /* reserved */
1830 aModeSenseCmd[7] = cbTransfer >> 8;
1831 aModeSenseCmd[8] = cbTransfer & 0xff;
1832 aModeSenseCmd[9] = 0; /* control */
1833 rc = s->pDrvMedia->pfnSendCmd(s->pDrvMedia, aModeSenseCmd, PDMMEDIATXDIR_FROM_DEVICE, aModeSenseResult, &cbTransfer, &uDummySense, 500);
1834 if (RT_FAILURE(rc))
1835 {
1836 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_NONE);
1837 return;
1838 }
1839 /* Select sector size based on the current data block type. */
1840 switch (aModeSenseResult[12] & 0x0f)
1841 {
1842 case 0:
1843 s->cbATAPISector = 2352;
1844 break;
1845 case 1:
1846 s->cbATAPISector = 2368;
1847 break;
1848 case 2:
1849 case 3:
1850 s->cbATAPISector = 2448;
1851 break;
1852 case 8:
1853 case 10:
1854 s->cbATAPISector = 2048;
1855 break;
1856 case 9:
1857 s->cbATAPISector = 2336;
1858 break;
1859 case 11:
1860 s->cbATAPISector = 2056;
1861 break;
1862 case 12:
1863 s->cbATAPISector = 2324;
1864 break;
1865 case 13:
1866 s->cbATAPISector = 2332;
1867 break;
1868 default:
1869 s->cbATAPISector = 0;
1870 }
1871 Log2(("%s: sector size %d\n", __FUNCTION__, s->cbATAPISector));
1872 s->cbTotalTransfer *= s->cbATAPISector;
1873 if (s->cbTotalTransfer == 0)
1874 s->uTxDir = PDMMEDIATXDIR_NONE;
1875 }
1876 }
1877# endif
1878 atapiR3CmdBT(s);
1879}
1880
1881static bool atapiR3ReadSS(ATADevState *s)
1882{
1883 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1884 int rc = VINF_SUCCESS;
1885 uint32_t cbTransfer, cSectors;
1886
1887 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
1888 cbTransfer = RT_MIN(s->cbTotalTransfer, s->cbIOBuffer);
1889 cSectors = cbTransfer / s->cbATAPISector;
1890 Assert(cSectors * s->cbATAPISector <= cbTransfer);
1891 Log(("%s: %d sectors at LBA %d\n", __FUNCTION__, cSectors, s->iATAPILBA));
1892
1893 PDMCritSectLeave(&pCtl->lock);
1894
1895 STAM_PROFILE_ADV_START(&s->StatReads, r);
1896 s->Led.Asserted.s.fReading = s->Led.Actual.s.fReading = 1;
1897 switch (s->cbATAPISector)
1898 {
1899 case 2048:
1900 rc = s->pDrvMedia->pfnRead(s->pDrvMedia, (uint64_t)s->iATAPILBA * s->cbATAPISector, s->CTX_SUFF(pbIOBuffer), s->cbATAPISector * cSectors);
1901 break;
1902 case 2352:
1903 {
1904 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
1905
1906 for (uint32_t i = s->iATAPILBA; i < s->iATAPILBA + cSectors; i++)
1907 {
1908 /* Sync bytes, see 4.2.3.8 CD Main Channel Block Formats */
1909 *pbBuf++ = 0x00;
1910 memset(pbBuf, 0xff, 10);
1911 pbBuf += 10;
1912 *pbBuf++ = 0x00;
1913 /* MSF */
1914 ataLBA2MSF(pbBuf, i);
1915 pbBuf += 3;
1916 *pbBuf++ = 0x01; /* mode 1 data */
1917 /* data */
1918 rc = s->pDrvMedia->pfnRead(s->pDrvMedia, (uint64_t)i * 2048, pbBuf, 2048);
1919 if (RT_FAILURE(rc))
1920 break;
1921 pbBuf += 2048;
1922 /**
1923 * @todo: maybe compute ECC and parity, layout is:
1924 * 2072 4 EDC
1925 * 2076 172 P parity symbols
1926 * 2248 104 Q parity symbols
1927 */
1928 memset(pbBuf, 0, 280);
1929 pbBuf += 280;
1930 }
1931 break;
1932 }
1933 default:
1934 break;
1935 }
1936 s->Led.Actual.s.fReading = 0;
1937 STAM_PROFILE_ADV_STOP(&s->StatReads, r);
1938
1939 STAM_PROFILE_START(&pCtl->StatLockWait, a);
1940 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
1941 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
1942
1943 if (RT_SUCCESS(rc))
1944 {
1945 STAM_REL_COUNTER_ADD(&s->StatBytesRead, s->cbATAPISector * cSectors);
1946
1947 /* The initial buffer end value has been set up based on the total
1948 * transfer size. But the I/O buffer size limits what can actually be
1949 * done in one transfer, so set the actual value of the buffer end. */
1950 s->cbElementaryTransfer = cbTransfer;
1951 if (cbTransfer >= s->cbTotalTransfer)
1952 s->iSourceSink = ATAFN_SS_NULL;
1953 atapiR3CmdOK(s);
1954 s->iATAPILBA += cSectors;
1955 }
1956 else
1957 {
1958 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
1959 LogRel(("PIIX3 ATA: LUN#%d: CD-ROM read error, %d sectors at LBA %d\n", s->iLUN, cSectors, s->iATAPILBA));
1960
1961 /*
1962 * Check if we got interrupted. We don't need to set status variables
1963 * because the request was aborted.
1964 */
1965 if (rc != VERR_INTERRUPTED)
1966 atapiR3CmdErrorSimple(s, SCSI_SENSE_MEDIUM_ERROR, SCSI_ASC_READ_ERROR);
1967 }
1968 return false;
1969}
1970
1971/**
1972 * Sets the given media track type.
1973 */
1974static uint32_t ataR3MediumTypeSet(ATADevState *s, uint32_t MediaTrackType)
1975{
1976 return ASMAtomicXchgU32(&s->MediaTrackType, MediaTrackType);
1977}
1978
1979static bool atapiR3PassthroughSS(ATADevState *s)
1980{
1981 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1982 int rc = VINF_SUCCESS;
1983 uint8_t abATAPISense[ATAPI_SENSE_SIZE];
1984 uint32_t cbTransfer;
1985 PSTAMPROFILEADV pProf = NULL;
1986
1987 cbTransfer = RT_MIN(s->cbAtapiPassthroughTransfer, s->cbIOBuffer);
1988
1989 if (s->uTxDir == PDMMEDIATXDIR_TO_DEVICE)
1990 Log3(("ATAPI PT data write (%d): %.*Rhxs\n", cbTransfer, cbTransfer, s->CTX_SUFF(pbIOBuffer)));
1991
1992 /* Simple heuristics: if there is at least one sector of data
1993 * to transfer, it's worth updating the LEDs. */
1994 if (cbTransfer >= 2048)
1995 {
1996 if (s->uTxDir != PDMMEDIATXDIR_TO_DEVICE)
1997 {
1998 s->Led.Asserted.s.fReading = s->Led.Actual.s.fReading = 1;
1999 pProf = &s->StatReads;
2000 }
2001 else
2002 {
2003 s->Led.Asserted.s.fWriting = s->Led.Actual.s.fWriting = 1;
2004 pProf = &s->StatWrites;
2005 }
2006 }
2007
2008 PDMCritSectLeave(&pCtl->lock);
2009
2010# if defined(LOG_ENABLED)
2011 char szBuf[1024];
2012
2013 memset(szBuf, 0, sizeof(szBuf));
2014
2015 switch (s->aATAPICmd[0])
2016 {
2017 case SCSI_MODE_SELECT_10:
2018 {
2019 size_t cbBlkDescLength = ataBE2H_U16(&s->CTX_SUFF(pbIOBuffer)[6]);
2020
2021 SCSILogModePage(szBuf, sizeof(szBuf) - 1,
2022 s->CTX_SUFF(pbIOBuffer) + 8 + cbBlkDescLength,
2023 cbTransfer - 8 - cbBlkDescLength);
2024 break;
2025 }
2026 case SCSI_SEND_CUE_SHEET:
2027 {
2028 SCSILogCueSheet(szBuf, sizeof(szBuf) - 1,
2029 s->CTX_SUFF(pbIOBuffer), cbTransfer);
2030 break;
2031 }
2032 default:
2033 break;
2034 }
2035
2036 Log2(("%s\n", szBuf));
2037# endif
2038
2039 if (pProf) { STAM_PROFILE_ADV_START(pProf, b); }
2040 if ( cbTransfer > SCSI_MAX_BUFFER_SIZE
2041 || s->cbElementaryTransfer > s->cbIOBuffer)
2042 {
2043 /* Linux accepts commands with up to 100KB of data, but expects
2044 * us to handle commands with up to 128KB of data. The usual
2045 * imbalance of powers. */
2046 uint8_t aATAPICmd[ATAPI_PACKET_SIZE];
2047 uint32_t iATAPILBA, cSectors, cReqSectors, cbCurrTX;
2048 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2049 uint32_t cSectorsMax; /**< Maximum amount of sectors to read without exceeding the I/O buffer. */
2050
2051 Assert(s->cbATAPISector);
2052 cSectorsMax = cbTransfer / s->cbATAPISector;
2053 Assert(cSectorsMax * s->cbATAPISector <= s->cbIOBuffer);
2054
2055 switch (s->aATAPICmd[0])
2056 {
2057 case SCSI_READ_10:
2058 case SCSI_WRITE_10:
2059 case SCSI_WRITE_AND_VERIFY_10:
2060 iATAPILBA = ataBE2H_U32(s->aATAPICmd + 2);
2061 cSectors = ataBE2H_U16(s->aATAPICmd + 7);
2062 break;
2063 case SCSI_READ_12:
2064 case SCSI_WRITE_12:
2065 iATAPILBA = ataBE2H_U32(s->aATAPICmd + 2);
2066 cSectors = ataBE2H_U32(s->aATAPICmd + 6);
2067 break;
2068 case SCSI_READ_CD:
2069 iATAPILBA = ataBE2H_U32(s->aATAPICmd + 2);
2070 cSectors = ataBE2H_U24(s->aATAPICmd + 6);
2071 break;
2072 case SCSI_READ_CD_MSF:
2073 iATAPILBA = ataMSF2LBA(s->aATAPICmd + 3);
2074 cSectors = ataMSF2LBA(s->aATAPICmd + 6) - iATAPILBA;
2075 break;
2076 default:
2077 AssertMsgFailed(("Don't know how to split command %#04x\n", s->aATAPICmd[0]));
2078 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
2079 LogRel(("PIIX3 ATA: LUN#%d: CD-ROM passthrough split error\n", s->iLUN));
2080 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_ILLEGAL_OPCODE);
2081 {
2082 STAM_PROFILE_START(&pCtl->StatLockWait, a);
2083 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
2084 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
2085 }
2086 return false;
2087 }
2088 cSectorsMax = RT_MIN(cSectorsMax, cSectors);
2089 memcpy(aATAPICmd, s->aATAPICmd, ATAPI_PACKET_SIZE);
2090 cReqSectors = 0;
2091 for (uint32_t i = cSectorsMax; i > 0; i -= cReqSectors)
2092 {
2093 if (i * s->cbATAPISector > SCSI_MAX_BUFFER_SIZE)
2094 cReqSectors = SCSI_MAX_BUFFER_SIZE / s->cbATAPISector;
2095 else
2096 cReqSectors = i;
2097 cbCurrTX = s->cbATAPISector * cReqSectors;
2098 switch (s->aATAPICmd[0])
2099 {
2100 case SCSI_READ_10:
2101 case SCSI_WRITE_10:
2102 case SCSI_WRITE_AND_VERIFY_10:
2103 ataH2BE_U32(aATAPICmd + 2, iATAPILBA);
2104 ataH2BE_U16(aATAPICmd + 7, cReqSectors);
2105 break;
2106 case SCSI_READ_12:
2107 case SCSI_WRITE_12:
2108 ataH2BE_U32(aATAPICmd + 2, iATAPILBA);
2109 ataH2BE_U32(aATAPICmd + 6, cReqSectors);
2110 break;
2111 case SCSI_READ_CD:
2112 ataH2BE_U32(aATAPICmd + 2, iATAPILBA);
2113 ataH2BE_U24(aATAPICmd + 6, cReqSectors);
2114 break;
2115 case SCSI_READ_CD_MSF:
2116 ataLBA2MSF(aATAPICmd + 3, iATAPILBA);
2117 ataLBA2MSF(aATAPICmd + 6, iATAPILBA + cReqSectors);
2118 break;
2119 }
2120 rc = s->pDrvMedia->pfnSendCmd(s->pDrvMedia, aATAPICmd, (PDMMEDIATXDIR)s->uTxDir, pbBuf, &cbCurrTX, abATAPISense, sizeof(abATAPISense), 30000 /**< @todo timeout */);
2121 if (rc != VINF_SUCCESS)
2122 break;
2123 iATAPILBA += cReqSectors;
2124 pbBuf += s->cbATAPISector * cReqSectors;
2125 }
2126
2127 if (RT_SUCCESS(rc))
2128 {
2129 /* Adjust ATAPI command for the next call. */
2130 switch (s->aATAPICmd[0])
2131 {
2132 case SCSI_READ_10:
2133 case SCSI_WRITE_10:
2134 case SCSI_WRITE_AND_VERIFY_10:
2135 ataH2BE_U32(s->aATAPICmd + 2, iATAPILBA);
2136 ataH2BE_U16(s->aATAPICmd + 7, cSectors - cSectorsMax);
2137 break;
2138 case SCSI_READ_12:
2139 case SCSI_WRITE_12:
2140 ataH2BE_U32(s->aATAPICmd + 2, iATAPILBA);
2141 ataH2BE_U32(s->aATAPICmd + 6, cSectors - cSectorsMax);
2142 break;
2143 case SCSI_READ_CD:
2144 ataH2BE_U32(s->aATAPICmd + 2, iATAPILBA);
2145 ataH2BE_U24(s->aATAPICmd + 6, cSectors - cSectorsMax);
2146 break;
2147 case SCSI_READ_CD_MSF:
2148 ataLBA2MSF(s->aATAPICmd + 3, iATAPILBA);
2149 ataLBA2MSF(s->aATAPICmd + 6, iATAPILBA + cSectors - cSectorsMax);
2150 break;
2151 default:
2152 AssertMsgFailed(("Don't know how to split command %#04x\n", s->aATAPICmd[0]));
2153 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
2154 LogRel(("PIIX3 ATA: LUN#%d: CD-ROM passthrough split error\n", s->iLUN));
2155 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_ILLEGAL_OPCODE);
2156 return false;
2157 }
2158 }
2159 }
2160 else
2161 rc = s->pDrvMedia->pfnSendCmd(s->pDrvMedia, s->aATAPICmd, (PDMMEDIATXDIR)s->uTxDir, s->CTX_SUFF(pbIOBuffer), &cbTransfer, abATAPISense, sizeof(abATAPISense), 30000 /**< @todo timeout */);
2162 if (pProf) { STAM_PROFILE_ADV_STOP(pProf, b); }
2163
2164 STAM_PROFILE_START(&pCtl->StatLockWait, a);
2165 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
2166 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
2167
2168 /* Update the LEDs and the read/write statistics. */
2169 if (cbTransfer >= 2048)
2170 {
2171 if (s->uTxDir != PDMMEDIATXDIR_TO_DEVICE)
2172 {
2173 s->Led.Actual.s.fReading = 0;
2174 STAM_REL_COUNTER_ADD(&s->StatBytesRead, cbTransfer);
2175 }
2176 else
2177 {
2178 s->Led.Actual.s.fWriting = 0;
2179 STAM_REL_COUNTER_ADD(&s->StatBytesWritten, cbTransfer);
2180 }
2181 }
2182
2183 if (RT_SUCCESS(rc))
2184 {
2185 /* Do post processing for certain commands. */
2186 switch (s->aATAPICmd[0])
2187 {
2188 case SCSI_SEND_CUE_SHEET:
2189 case SCSI_READ_TOC_PMA_ATIP:
2190 {
2191 if (!s->pTrackList)
2192 rc = ATAPIPassthroughTrackListCreateEmpty(&s->pTrackList);
2193
2194 if (RT_SUCCESS(rc))
2195 rc = ATAPIPassthroughTrackListUpdate(s->pTrackList, s->aATAPICmd, s->CTX_SUFF(pbIOBuffer));
2196
2197 if ( RT_FAILURE(rc)
2198 && s->cErrors++ < MAX_LOG_REL_ERRORS)
2199 LogRel(("ATA: Error (%Rrc) while updating the tracklist during %s, burning the disc might fail\n",
2200 rc, s->aATAPICmd[0] == SCSI_SEND_CUE_SHEET ? "SEND CUE SHEET" : "READ TOC/PMA/ATIP"));
2201 break;
2202 }
2203 case SCSI_SYNCHRONIZE_CACHE:
2204 {
2205 if (s->pTrackList)
2206 ATAPIPassthroughTrackListClear(s->pTrackList);
2207 break;
2208 }
2209 }
2210
2211 if (s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE)
2212 {
2213 Assert(cbTransfer <= s->cbAtapiPassthroughTransfer);
2214 /*
2215 * Reply with the same amount of data as the real drive
2216 * but only if the command wasn't split.
2217 */
2218# if 0 /// @todo This destroys commands where cbTotalTransfer > cbIOBuffer
2219 if (s->cbElementaryTransfer < s->cbIOBuffer)
2220 s->cbTotalTransfer = cbTransfer;
2221# endif
2222
2223 if ( s->aATAPICmd[0] == SCSI_INQUIRY
2224 && s->fOverwriteInquiry)
2225 {
2226 /* Make sure that the real drive cannot be identified.
2227 * Motivation: changing the VM configuration should be as
2228 * invisible as possible to the guest. */
2229 Log3(("ATAPI PT inquiry data before (%d): %.*Rhxs\n", cbTransfer, cbTransfer, s->CTX_SUFF(pbIOBuffer)));
2230 ataR3SCSIPadStr(s->CTX_SUFF(pbIOBuffer) + 8, "VBOX", 8);
2231 ataR3SCSIPadStr(s->CTX_SUFF(pbIOBuffer) + 16, "CD-ROM", 16);
2232 ataR3SCSIPadStr(s->CTX_SUFF(pbIOBuffer) + 32, "1.0", 4);
2233 }
2234
2235 if (cbTransfer)
2236 Log3(("ATAPI PT data read (%d): %.*Rhxs\n", cbTransfer, cbTransfer, s->CTX_SUFF(pbIOBuffer)));
2237 }
2238
2239 /* The initial buffer end value has been set up based on the total
2240 * transfer size. But the I/O buffer size limits what can actually be
2241 * done in one transfer, so set the actual value of the buffer end. */
2242 s->cbElementaryTransfer = cbTransfer;
2243 if (cbTransfer >= s->cbAtapiPassthroughTransfer)
2244 {
2245 s->iSourceSink = ATAFN_SS_NULL;
2246 atapiR3CmdOK(s);
2247 }
2248 }
2249 else
2250 {
2251 if (s->cErrors < MAX_LOG_REL_ERRORS)
2252 {
2253 uint8_t u8Cmd = s->aATAPICmd[0];
2254 do
2255 {
2256 /* don't log superfluous errors */
2257 if ( rc == VERR_DEV_IO_ERROR
2258 && ( u8Cmd == SCSI_TEST_UNIT_READY
2259 || u8Cmd == SCSI_READ_CAPACITY
2260 || u8Cmd == SCSI_READ_DVD_STRUCTURE
2261 || u8Cmd == SCSI_READ_TOC_PMA_ATIP))
2262 break;
2263 s->cErrors++;
2264 LogRel(("PIIX3 ATA: LUN#%d: CD-ROM passthrough cmd=%#04x sense=%d ASC=%#02x ASCQ=%#02x %Rrc\n",
2265 s->iLUN, u8Cmd, abATAPISense[2] & 0x0f, abATAPISense[12], abATAPISense[13], rc));
2266 } while (0);
2267 }
2268 atapiR3CmdError(s, abATAPISense, sizeof(abATAPISense));
2269 }
2270 return false;
2271}
2272
2273/** @todo Revise ASAP. */
2274static bool atapiR3ReadDVDStructureSS(ATADevState *s)
2275{
2276 uint8_t *buf = s->CTX_SUFF(pbIOBuffer);
2277 int media = s->aATAPICmd[1];
2278 int format = s->aATAPICmd[7];
2279
2280 uint16_t max_len = ataBE2H_U16(&s->aATAPICmd[8]);
2281
2282 memset(buf, 0, max_len);
2283
2284 switch (format) {
2285 case 0x00:
2286 case 0x01:
2287 case 0x02:
2288 case 0x03:
2289 case 0x04:
2290 case 0x05:
2291 case 0x06:
2292 case 0x07:
2293 case 0x08:
2294 case 0x09:
2295 case 0x0a:
2296 case 0x0b:
2297 case 0x0c:
2298 case 0x0d:
2299 case 0x0e:
2300 case 0x0f:
2301 case 0x10:
2302 case 0x11:
2303 case 0x30:
2304 case 0x31:
2305 case 0xff:
2306 if (media == 0)
2307 {
2308 int uASC = SCSI_ASC_NONE;
2309
2310 switch (format)
2311 {
2312 case 0x0: /* Physical format information */
2313 {
2314 int layer = s->aATAPICmd[6];
2315 uint64_t total_sectors;
2316
2317 if (layer != 0)
2318 {
2319 uASC = -SCSI_ASC_INV_FIELD_IN_CMD_PACKET;
2320 break;
2321 }
2322
2323 total_sectors = s->cTotalSectors;
2324 total_sectors >>= 2;
2325 if (total_sectors == 0)
2326 {
2327 uASC = -SCSI_ASC_MEDIUM_NOT_PRESENT;
2328 break;
2329 }
2330
2331 buf[4] = 1; /* DVD-ROM, part version 1 */
2332 buf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
2333 buf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
2334 buf[7] = 0; /* default densities */
2335
2336 /* FIXME: 0x30000 per spec? */
2337 ataH2BE_U32(buf + 8, 0); /* start sector */
2338 ataH2BE_U32(buf + 12, total_sectors - 1); /* end sector */
2339 ataH2BE_U32(buf + 16, total_sectors - 1); /* l0 end sector */
2340
2341 /* Size of buffer, not including 2 byte size field */
2342 ataH2BE_U32(&buf[0], 2048 + 2);
2343
2344 /* 2k data + 4 byte header */
2345 uASC = (2048 + 4);
2346 break;
2347 }
2348 case 0x01: /* DVD copyright information */
2349 buf[4] = 0; /* no copyright data */
2350 buf[5] = 0; /* no region restrictions */
2351
2352 /* Size of buffer, not including 2 byte size field */
2353 ataH2BE_U16(buf, 4 + 2);
2354
2355 /* 4 byte header + 4 byte data */
2356 uASC = (4 + 4);
2357 break;
2358
2359 case 0x03: /* BCA information - invalid field for no BCA info */
2360 uASC = -SCSI_ASC_INV_FIELD_IN_CMD_PACKET;
2361 break;
2362
2363 case 0x04: /* DVD disc manufacturing information */
2364 /* Size of buffer, not including 2 byte size field */
2365 ataH2BE_U16(buf, 2048 + 2);
2366
2367 /* 2k data + 4 byte header */
2368 uASC = (2048 + 4);
2369 break;
2370 case 0xff:
2371 /*
2372 * This lists all the command capabilities above. Add new ones
2373 * in order and update the length and buffer return values.
2374 */
2375
2376 buf[4] = 0x00; /* Physical format */
2377 buf[5] = 0x40; /* Not writable, is readable */
2378 ataH2BE_U16((buf + 6), 2048 + 4);
2379
2380 buf[8] = 0x01; /* Copyright info */
2381 buf[9] = 0x40; /* Not writable, is readable */
2382 ataH2BE_U16((buf + 10), 4 + 4);
2383
2384 buf[12] = 0x03; /* BCA info */
2385 buf[13] = 0x40; /* Not writable, is readable */
2386 ataH2BE_U16((buf + 14), 188 + 4);
2387
2388 buf[16] = 0x04; /* Manufacturing info */
2389 buf[17] = 0x40; /* Not writable, is readable */
2390 ataH2BE_U16((buf + 18), 2048 + 4);
2391
2392 /* Size of buffer, not including 2 byte size field */
2393 ataH2BE_U16(buf, 16 + 2);
2394
2395 /* data written + 4 byte header */
2396 uASC = (16 + 4);
2397 break;
2398 default: /* TODO: formats beyond DVD-ROM requires */
2399 uASC = -SCSI_ASC_INV_FIELD_IN_CMD_PACKET;
2400 }
2401
2402 if (uASC < 0)
2403 {
2404 s->iSourceSink = ATAFN_SS_NULL;
2405 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, -uASC);
2406 return false;
2407 }
2408 break;
2409 }
2410 /* TODO: BD support, fall through for now */
2411
2412 /* Generic disk structures */
2413 case 0x80: /* TODO: AACS volume identifier */
2414 case 0x81: /* TODO: AACS media serial number */
2415 case 0x82: /* TODO: AACS media identifier */
2416 case 0x83: /* TODO: AACS media key block */
2417 case 0x90: /* TODO: List of recognized format layers */
2418 case 0xc0: /* TODO: Write protection status */
2419 default:
2420 s->iSourceSink = ATAFN_SS_NULL;
2421 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST,
2422 SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2423 return false;
2424 }
2425
2426 s->iSourceSink = ATAFN_SS_NULL;
2427 atapiR3CmdOK(s);
2428 return false;
2429}
2430
2431static bool atapiR3ReadSectors(ATADevState *s, uint32_t iATAPILBA, uint32_t cSectors, uint32_t cbSector)
2432{
2433 Assert(cSectors > 0);
2434 s->iATAPILBA = iATAPILBA;
2435 s->cbATAPISector = cbSector;
2436 ataR3StartTransfer(s, cSectors * cbSector, PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ, true);
2437 return false;
2438}
2439
2440
2441static bool atapiR3ReadCapacitySS(ATADevState *s)
2442{
2443 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2444
2445 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
2446 Assert(s->cbElementaryTransfer <= 8);
2447 ataH2BE_U32(pbBuf, s->cTotalSectors - 1);
2448 ataH2BE_U32(pbBuf + 4, 2048);
2449 s->iSourceSink = ATAFN_SS_NULL;
2450 atapiR3CmdOK(s);
2451 return false;
2452}
2453
2454
2455static bool atapiR3ReadDiscInformationSS(ATADevState *s)
2456{
2457 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2458
2459 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
2460 Assert(s->cbElementaryTransfer <= 34);
2461 memset(pbBuf, '\0', 34);
2462 ataH2BE_U16(pbBuf, 32);
2463 pbBuf[2] = (0 << 4) | (3 << 2) | (2 << 0); /* not erasable, complete session, complete disc */
2464 pbBuf[3] = 1; /* number of first track */
2465 pbBuf[4] = 1; /* number of sessions (LSB) */
2466 pbBuf[5] = 1; /* first track number in last session (LSB) */
2467 pbBuf[6] = 1; /* last track number in last session (LSB) */
2468 pbBuf[7] = (0 << 7) | (0 << 6) | (1 << 5) | (0 << 2) | (0 << 0); /* disc id not valid, disc bar code not valid, unrestricted use, not dirty, not RW medium */
2469 pbBuf[8] = 0; /* disc type = CD-ROM */
2470 pbBuf[9] = 0; /* number of sessions (MSB) */
2471 pbBuf[10] = 0; /* number of sessions (MSB) */
2472 pbBuf[11] = 0; /* number of sessions (MSB) */
2473 ataH2BE_U32(pbBuf + 16, 0x00ffffff); /* last session lead-in start time is not available */
2474 ataH2BE_U32(pbBuf + 20, 0x00ffffff); /* last possible start time for lead-out is not available */
2475 s->iSourceSink = ATAFN_SS_NULL;
2476 atapiR3CmdOK(s);
2477 return false;
2478}
2479
2480
2481static bool atapiR3ReadTrackInformationSS(ATADevState *s)
2482{
2483 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2484
2485 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
2486 Assert(s->cbElementaryTransfer <= 36);
2487 /* Accept address/number type of 1 only, and only track 1 exists. */
2488 if ((s->aATAPICmd[1] & 0x03) != 1 || ataBE2H_U32(&s->aATAPICmd[2]) != 1)
2489 {
2490 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2491 return false;
2492 }
2493 memset(pbBuf, '\0', 36);
2494 ataH2BE_U16(pbBuf, 34);
2495 pbBuf[2] = 1; /* track number (LSB) */
2496 pbBuf[3] = 1; /* session number (LSB) */
2497 pbBuf[5] = (0 << 5) | (0 << 4) | (4 << 0); /* not damaged, primary copy, data track */
2498 pbBuf[6] = (0 << 7) | (0 << 6) | (0 << 5) | (0 << 6) | (1 << 0); /* not reserved track, not blank, not packet writing, not fixed packet, data mode 1 */
2499 pbBuf[7] = (0 << 1) | (0 << 0); /* last recorded address not valid, next recordable address not valid */
2500 ataH2BE_U32(pbBuf + 8, 0); /* track start address is 0 */
2501 ataH2BE_U32(pbBuf + 24, s->cTotalSectors); /* track size */
2502 pbBuf[32] = 0; /* track number (MSB) */
2503 pbBuf[33] = 0; /* session number (MSB) */
2504 s->iSourceSink = ATAFN_SS_NULL;
2505 atapiR3CmdOK(s);
2506 return false;
2507}
2508
2509static uint32_t atapiR3GetConfigurationFillFeatureListProfiles(ATADevState *s, uint8_t *pbBuf, size_t cbBuf)
2510{
2511 if (cbBuf < 3*4)
2512 return 0;
2513
2514 ataH2BE_U16(pbBuf, 0x0); /* feature 0: list of profiles supported */
2515 pbBuf[2] = (0 << 2) | (1 << 1) | (1 << 0); /* version 0, persistent, current */
2516 pbBuf[3] = 8; /* additional bytes for profiles */
2517 /* The MMC-3 spec says that DVD-ROM read capability should be reported
2518 * before CD-ROM read capability. */
2519 ataH2BE_U16(pbBuf + 4, 0x10); /* profile: read-only DVD */
2520 pbBuf[6] = (0 << 0); /* NOT current profile */
2521 ataH2BE_U16(pbBuf + 8, 0x08); /* profile: read only CD */
2522 pbBuf[10] = (1 << 0); /* current profile */
2523
2524 return 3*4; /* Header + 2 profiles entries */
2525}
2526
2527static uint32_t atapiR3GetConfigurationFillFeatureCore(ATADevState *s, uint8_t *pbBuf, size_t cbBuf)
2528{
2529 if (cbBuf < 12)
2530 return 0;
2531
2532 ataH2BE_U16(pbBuf, 0x1); /* feature 0001h: Core Feature */
2533 pbBuf[2] = (0x2 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
2534 pbBuf[3] = 8; /* Additional length */
2535 ataH2BE_U16(pbBuf + 4, 0x00000002); /* Physical interface ATAPI. */
2536 pbBuf[8] = RT_BIT(0); /* DBE */
2537 /* Rest is reserved. */
2538
2539 return 12;
2540}
2541
2542static uint32_t atapiR3GetConfigurationFillFeatureMorphing(ATADevState *s, uint8_t *pbBuf, size_t cbBuf)
2543{
2544 if (cbBuf < 8)
2545 return 0;
2546
2547 ataH2BE_U16(pbBuf, 0x2); /* feature 0002h: Morphing Feature */
2548 pbBuf[2] = (0x1 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
2549 pbBuf[3] = 4; /* Additional length */
2550 pbBuf[4] = RT_BIT(1) | 0x0; /* OCEvent | !ASYNC */
2551 /* Rest is reserved. */
2552
2553 return 8;
2554}
2555
2556static uint32_t atapiR3GetConfigurationFillFeatureRemovableMedium(ATADevState *s, uint8_t *pbBuf, size_t cbBuf)
2557{
2558 if (cbBuf < 8)
2559 return 0;
2560
2561 ataH2BE_U16(pbBuf, 0x3); /* feature 0003h: Removable Medium Feature */
2562 pbBuf[2] = (0x2 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
2563 pbBuf[3] = 4; /* Additional length */
2564 /* Tray type loading | Load | Eject | !Pvnt Jmpr | !DBML | Lock */
2565 pbBuf[4] = (0x2 << 5) | RT_BIT(4) | RT_BIT(3) | (0x0 << 2) | (0x0 << 1) | RT_BIT(0);
2566 /* Rest is reserved. */
2567
2568 return 8;
2569}
2570
2571static uint32_t atapiR3GetConfigurationFillFeatureRandomReadable (ATADevState *s, uint8_t *pbBuf, size_t cbBuf)
2572{
2573 if (cbBuf < 12)
2574 return 0;
2575
2576 ataH2BE_U16(pbBuf, 0x10); /* feature 0010h: Random Readable Feature */
2577 pbBuf[2] = (0x0 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
2578 pbBuf[3] = 8; /* Additional length */
2579 ataH2BE_U32(pbBuf + 4, 2048); /* Logical block size. */
2580 ataH2BE_U16(pbBuf + 8, 0x10); /* Blocking (0x10 for DVD, CD is not defined). */
2581 pbBuf[10] = 0; /* PP not present */
2582 /* Rest is reserved. */
2583
2584 return 12;
2585}
2586
2587static uint32_t atapiR3GetConfigurationFillFeatureCDRead(ATADevState *s, uint8_t *pbBuf, size_t cbBuf)
2588{
2589 if (cbBuf < 8)
2590 return 0;
2591
2592 ataH2BE_U16(pbBuf, 0x1e); /* feature 001Eh: CD Read Feature */
2593 pbBuf[2] = (0x2 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
2594 pbBuf[3] = 0; /* Additional length */
2595 pbBuf[4] = (0x0 << 7) | (0x0 << 1) | 0x0; /* !DAP | !C2-Flags | !CD-Text. */
2596 /* Rest is reserved. */
2597
2598 return 8;
2599}
2600
2601static uint32_t atapiR3GetConfigurationFillFeaturePowerManagement(ATADevState *s, uint8_t *pbBuf, size_t cbBuf)
2602{
2603 if (cbBuf < 4)
2604 return 0;
2605
2606 ataH2BE_U16(pbBuf, 0x100); /* feature 0100h: Power Management Feature */
2607 pbBuf[2] = (0x0 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
2608 pbBuf[3] = 0; /* Additional length */
2609
2610 return 4;
2611}
2612
2613static uint32_t atapiR3GetConfigurationFillFeatureTimeout(ATADevState *s, uint8_t *pbBuf, size_t cbBuf)
2614{
2615 if (cbBuf < 8)
2616 return 0;
2617
2618 ataH2BE_U16(pbBuf, 0x105); /* feature 0105h: Timeout Feature */
2619 pbBuf[2] = (0x0 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
2620 pbBuf[3] = 4; /* Additional length */
2621 pbBuf[4] = 0x0; /* !Group3 */
2622
2623 return 8;
2624}
2625
2626static bool atapiR3GetConfigurationSS(ATADevState *s)
2627{
2628 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2629 uint32_t cbBuf = s->cbIOBuffer;
2630 uint32_t cbCopied = 0;
2631 uint16_t u16Sfn = ataBE2H_U16(&s->aATAPICmd[2]);
2632
2633 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
2634 Assert(s->cbElementaryTransfer <= 80);
2635 /* Accept valid request types only, and only starting feature 0. */
2636 if ((s->aATAPICmd[1] & 0x03) == 3 || u16Sfn != 0)
2637 {
2638 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2639 return false;
2640 }
2641 memset(pbBuf, '\0', cbBuf);
2642 /** @todo implement switching between CD-ROM and DVD-ROM profile (the only
2643 * way to differentiate them right now is based on the image size). */
2644 if (s->cTotalSectors)
2645 ataH2BE_U16(pbBuf + 6, 0x08); /* current profile: read-only CD */
2646 else
2647 ataH2BE_U16(pbBuf + 6, 0x00); /* current profile: none -> no media */
2648 cbBuf -= 8;
2649 pbBuf += 8;
2650
2651 cbCopied = atapiR3GetConfigurationFillFeatureListProfiles(s, pbBuf, cbBuf);
2652 cbBuf -= cbCopied;
2653 pbBuf += cbCopied;
2654
2655 cbCopied = atapiR3GetConfigurationFillFeatureCore(s, pbBuf, cbBuf);
2656 cbBuf -= cbCopied;
2657 pbBuf += cbCopied;
2658
2659 cbCopied = atapiR3GetConfigurationFillFeatureMorphing(s, pbBuf, cbBuf);
2660 cbBuf -= cbCopied;
2661 pbBuf += cbCopied;
2662
2663 cbCopied = atapiR3GetConfigurationFillFeatureRemovableMedium(s, pbBuf, cbBuf);
2664 cbBuf -= cbCopied;
2665 pbBuf += cbCopied;
2666
2667 cbCopied = atapiR3GetConfigurationFillFeatureRandomReadable (s, pbBuf, cbBuf);
2668 cbBuf -= cbCopied;
2669 pbBuf += cbCopied;
2670
2671 cbCopied = atapiR3GetConfigurationFillFeatureCDRead(s, pbBuf, cbBuf);
2672 cbBuf -= cbCopied;
2673 pbBuf += cbCopied;
2674
2675 cbCopied = atapiR3GetConfigurationFillFeaturePowerManagement(s, pbBuf, cbBuf);
2676 cbBuf -= cbCopied;
2677 pbBuf += cbCopied;
2678
2679 cbCopied = atapiR3GetConfigurationFillFeatureTimeout(s, pbBuf, cbBuf);
2680 cbBuf -= cbCopied;
2681 pbBuf += cbCopied;
2682
2683 /* Set data length now - the field is not included in the final length. */
2684 ataH2BE_U32(s->CTX_SUFF(pbIOBuffer), s->cbIOBuffer - cbBuf - 4);
2685
2686 /* Other profiles we might want to add in the future: 0x40 (BD-ROM) and 0x50 (HDDVD-ROM) */
2687 s->iSourceSink = ATAFN_SS_NULL;
2688 atapiR3CmdOK(s);
2689 return false;
2690}
2691
2692
2693static bool atapiR3GetEventStatusNotificationSS(ATADevState *s)
2694{
2695 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2696
2697 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
2698 Assert(s->cbElementaryTransfer <= 8);
2699
2700 if (!(s->aATAPICmd[1] & 1))
2701 {
2702 /* no asynchronous operation supported */
2703 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2704 return false;
2705 }
2706
2707 uint32_t OldStatus, NewStatus;
2708 do
2709 {
2710 OldStatus = ASMAtomicReadU32(&s->MediaEventStatus);
2711 NewStatus = ATA_EVENT_STATUS_UNCHANGED;
2712 switch (OldStatus)
2713 {
2714 case ATA_EVENT_STATUS_MEDIA_NEW:
2715 /* mount */
2716 ataH2BE_U16(pbBuf + 0, 6);
2717 pbBuf[2] = 0x04; /* media */
2718 pbBuf[3] = 0x5e; /* supported = busy|media|external|power|operational */
2719 pbBuf[4] = 0x02; /* new medium */
2720 pbBuf[5] = 0x02; /* medium present / door closed */
2721 pbBuf[6] = 0x00;
2722 pbBuf[7] = 0x00;
2723 break;
2724
2725 case ATA_EVENT_STATUS_MEDIA_CHANGED:
2726 case ATA_EVENT_STATUS_MEDIA_REMOVED:
2727 /* umount */
2728 ataH2BE_U16(pbBuf + 0, 6);
2729 pbBuf[2] = 0x04; /* media */
2730 pbBuf[3] = 0x5e; /* supported = busy|media|external|power|operational */
2731 pbBuf[4] = 0x03; /* media removal */
2732 pbBuf[5] = 0x00; /* medium absent / door closed */
2733 pbBuf[6] = 0x00;
2734 pbBuf[7] = 0x00;
2735 if (OldStatus == ATA_EVENT_STATUS_MEDIA_CHANGED)
2736 NewStatus = ATA_EVENT_STATUS_MEDIA_NEW;
2737 break;
2738
2739 case ATA_EVENT_STATUS_MEDIA_EJECT_REQUESTED: /* currently unused */
2740 ataH2BE_U16(pbBuf + 0, 6);
2741 pbBuf[2] = 0x04; /* media */
2742 pbBuf[3] = 0x5e; /* supported = busy|media|external|power|operational */
2743 pbBuf[4] = 0x01; /* eject requested (eject button pressed) */
2744 pbBuf[5] = 0x02; /* medium present / door closed */
2745 pbBuf[6] = 0x00;
2746 pbBuf[7] = 0x00;
2747 break;
2748
2749 case ATA_EVENT_STATUS_UNCHANGED:
2750 default:
2751 ataH2BE_U16(pbBuf + 0, 6);
2752 pbBuf[2] = 0x01; /* operational change request / notification */
2753 pbBuf[3] = 0x5e; /* supported = busy|media|external|power|operational */
2754 pbBuf[4] = 0x00;
2755 pbBuf[5] = 0x00;
2756 pbBuf[6] = 0x00;
2757 pbBuf[7] = 0x00;
2758 break;
2759 }
2760 } while (!ASMAtomicCmpXchgU32(&s->MediaEventStatus, NewStatus, OldStatus));
2761
2762 s->iSourceSink = ATAFN_SS_NULL;
2763 atapiR3CmdOK(s);
2764 return false;
2765}
2766
2767
2768static bool atapiR3InquirySS(ATADevState *s)
2769{
2770 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2771
2772 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
2773 Assert(s->cbElementaryTransfer <= 36);
2774 pbBuf[0] = 0x05; /* CD-ROM */
2775 pbBuf[1] = 0x80; /* removable */
2776# if 1/*ndef VBOX*/ /** @todo implement MESN + AENC. (async notification on removal and stuff.) */
2777 pbBuf[2] = 0x00; /* ISO */
2778 pbBuf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
2779# else
2780 pbBuf[2] = 0x00; /* ISO */
2781 pbBuf[3] = 0x91; /* format 1, MESN=1, AENC=9 ??? */
2782# endif
2783 pbBuf[4] = 31; /* additional length */
2784 pbBuf[5] = 0; /* reserved */
2785 pbBuf[6] = 0; /* reserved */
2786 pbBuf[7] = 0; /* reserved */
2787 ataR3SCSIPadStr(pbBuf + 8, s->szInquiryVendorId, 8);
2788 ataR3SCSIPadStr(pbBuf + 16, s->szInquiryProductId, 16);
2789 ataR3SCSIPadStr(pbBuf + 32, s->szInquiryRevision, 4);
2790 s->iSourceSink = ATAFN_SS_NULL;
2791 atapiR3CmdOK(s);
2792 return false;
2793}
2794
2795
2796static bool atapiR3ModeSenseErrorRecoverySS(ATADevState *s)
2797{
2798 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2799
2800 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
2801 Assert(s->cbElementaryTransfer <= 16);
2802 ataH2BE_U16(&pbBuf[0], 16 + 6);
2803 pbBuf[2] = (uint8_t)s->MediaTrackType;
2804 pbBuf[3] = 0;
2805 pbBuf[4] = 0;
2806 pbBuf[5] = 0;
2807 pbBuf[6] = 0;
2808 pbBuf[7] = 0;
2809
2810 pbBuf[8] = 0x01;
2811 pbBuf[9] = 0x06;
2812 pbBuf[10] = 0x00; /* Maximum error recovery */
2813 pbBuf[11] = 0x05; /* 5 retries */
2814 pbBuf[12] = 0x00;
2815 pbBuf[13] = 0x00;
2816 pbBuf[14] = 0x00;
2817 pbBuf[15] = 0x00;
2818 s->iSourceSink = ATAFN_SS_NULL;
2819 atapiR3CmdOK(s);
2820 return false;
2821}
2822
2823
2824static bool atapiR3ModeSenseCDStatusSS(ATADevState *s)
2825{
2826 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2827
2828 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
2829 Assert(s->cbElementaryTransfer <= 40);
2830 ataH2BE_U16(&pbBuf[0], 38);
2831 pbBuf[2] = (uint8_t)s->MediaTrackType;
2832 pbBuf[3] = 0;
2833 pbBuf[4] = 0;
2834 pbBuf[5] = 0;
2835 pbBuf[6] = 0;
2836 pbBuf[7] = 0;
2837
2838 pbBuf[8] = 0x2a;
2839 pbBuf[9] = 30; /* page length */
2840 pbBuf[10] = 0x08; /* DVD-ROM read support */
2841 pbBuf[11] = 0x00; /* no write support */
2842 /* The following claims we support audio play. This is obviously false,
2843 * but the Linux generic CDROM support makes many features depend on this
2844 * capability. If it's not set, this causes many things to be disabled. */
2845 pbBuf[12] = 0x71; /* multisession support, mode 2 form 1/2 support, audio play */
2846 pbBuf[13] = 0x00; /* no subchannel reads supported */
2847 pbBuf[14] = (1 << 0) | (1 << 3) | (1 << 5); /* lock supported, eject supported, tray type loading mechanism */
2848 if (s->pDrvMount->pfnIsLocked(s->pDrvMount))
2849 pbBuf[14] |= 1 << 1; /* report lock state */
2850 pbBuf[15] = 0; /* no subchannel reads supported, no separate audio volume control, no changer etc. */
2851 ataH2BE_U16(&pbBuf[16], 5632); /* (obsolete) claim 32x speed support */
2852 ataH2BE_U16(&pbBuf[18], 2); /* number of audio volume levels */
2853 ataH2BE_U16(&pbBuf[20], s->cbIOBuffer / _1K); /* buffer size supported in Kbyte */
2854 ataH2BE_U16(&pbBuf[22], 5632); /* (obsolete) current read speed 32x */
2855 pbBuf[24] = 0; /* reserved */
2856 pbBuf[25] = 0; /* reserved for digital audio (see idx 15) */
2857 ataH2BE_U16(&pbBuf[26], 0); /* (obsolete) maximum write speed */
2858 ataH2BE_U16(&pbBuf[28], 0); /* (obsolete) current write speed */
2859 ataH2BE_U16(&pbBuf[30], 0); /* copy management revision supported 0=no CSS */
2860 pbBuf[32] = 0; /* reserved */
2861 pbBuf[33] = 0; /* reserved */
2862 pbBuf[34] = 0; /* reserved */
2863 pbBuf[35] = 1; /* rotation control CAV */
2864 ataH2BE_U16(&pbBuf[36], 0); /* current write speed */
2865 ataH2BE_U16(&pbBuf[38], 0); /* number of write speed performance descriptors */
2866 s->iSourceSink = ATAFN_SS_NULL;
2867 atapiR3CmdOK(s);
2868 return false;
2869}
2870
2871
2872static bool atapiR3RequestSenseSS(ATADevState *s)
2873{
2874 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2875
2876 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
2877 memset(pbBuf, '\0', s->cbElementaryTransfer);
2878 memcpy(pbBuf, s->abATAPISense, RT_MIN(s->cbElementaryTransfer, sizeof(s->abATAPISense)));
2879 s->iSourceSink = ATAFN_SS_NULL;
2880 atapiR3CmdOK(s);
2881 return false;
2882}
2883
2884
2885static bool atapiR3MechanismStatusSS(ATADevState *s)
2886{
2887 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2888
2889 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
2890 Assert(s->cbElementaryTransfer <= 8);
2891 ataH2BE_U16(pbBuf, 0);
2892 /* no current LBA */
2893 pbBuf[2] = 0;
2894 pbBuf[3] = 0;
2895 pbBuf[4] = 0;
2896 pbBuf[5] = 1;
2897 ataH2BE_U16(pbBuf + 6, 0);
2898 s->iSourceSink = ATAFN_SS_NULL;
2899 atapiR3CmdOK(s);
2900 return false;
2901}
2902
2903
2904static bool atapiR3ReadTOCNormalSS(ATADevState *s)
2905{
2906 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer), *q, iStartTrack;
2907 bool fMSF;
2908 uint32_t cbSize;
2909
2910 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
2911 fMSF = (s->aATAPICmd[1] >> 1) & 1;
2912 iStartTrack = s->aATAPICmd[6];
2913 if (iStartTrack > 1 && iStartTrack != 0xaa)
2914 {
2915 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2916 return false;
2917 }
2918 q = pbBuf + 2;
2919 *q++ = 1; /* first session */
2920 *q++ = 1; /* last session */
2921 if (iStartTrack <= 1)
2922 {
2923 *q++ = 0; /* reserved */
2924 *q++ = 0x14; /* ADR, control */
2925 *q++ = 1; /* track number */
2926 *q++ = 0; /* reserved */
2927 if (fMSF)
2928 {
2929 *q++ = 0; /* reserved */
2930 ataLBA2MSF(q, 0);
2931 q += 3;
2932 }
2933 else
2934 {
2935 /* sector 0 */
2936 ataH2BE_U32(q, 0);
2937 q += 4;
2938 }
2939 }
2940 /* lead out track */
2941 *q++ = 0; /* reserved */
2942 *q++ = 0x14; /* ADR, control */
2943 *q++ = 0xaa; /* track number */
2944 *q++ = 0; /* reserved */
2945 if (fMSF)
2946 {
2947 *q++ = 0; /* reserved */
2948 ataLBA2MSF(q, s->cTotalSectors);
2949 q += 3;
2950 }
2951 else
2952 {
2953 ataH2BE_U32(q, s->cTotalSectors);
2954 q += 4;
2955 }
2956 cbSize = q - pbBuf;
2957 ataH2BE_U16(pbBuf, cbSize - 2);
2958 if (cbSize < s->cbTotalTransfer)
2959 s->cbTotalTransfer = cbSize;
2960 s->iSourceSink = ATAFN_SS_NULL;
2961 atapiR3CmdOK(s);
2962 return false;
2963}
2964
2965
2966static bool atapiR3ReadTOCMultiSS(ATADevState *s)
2967{
2968 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2969 bool fMSF;
2970
2971 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
2972 Assert(s->cbElementaryTransfer <= 12);
2973 fMSF = (s->aATAPICmd[1] >> 1) & 1;
2974 /* multi session: only a single session defined */
2975/** @todo double-check this stuff against what a real drive says for a CD-ROM (not a CD-R) with only a single data session. Maybe solve the problem with "cdrdao read-toc" not being able to figure out whether numbers are in BCD or hex. */
2976 memset(pbBuf, 0, 12);
2977 pbBuf[1] = 0x0a;
2978 pbBuf[2] = 0x01;
2979 pbBuf[3] = 0x01;
2980 pbBuf[5] = 0x14; /* ADR, control */
2981 pbBuf[6] = 1; /* first track in last complete session */
2982 if (fMSF)
2983 {
2984 pbBuf[8] = 0; /* reserved */
2985 ataLBA2MSF(&pbBuf[9], 0);
2986 }
2987 else
2988 {
2989 /* sector 0 */
2990 ataH2BE_U32(pbBuf + 8, 0);
2991 }
2992 s->iSourceSink = ATAFN_SS_NULL;
2993 atapiR3CmdOK(s);
2994 return false;
2995}
2996
2997
2998static bool atapiR3ReadTOCRawSS(ATADevState *s)
2999{
3000 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer), *q, iStartTrack;
3001 bool fMSF;
3002 uint32_t cbSize;
3003
3004 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
3005 fMSF = (s->aATAPICmd[1] >> 1) & 1;
3006 iStartTrack = s->aATAPICmd[6];
3007
3008 q = pbBuf + 2;
3009 *q++ = 1; /* first session */
3010 *q++ = 1; /* last session */
3011
3012 *q++ = 1; /* session number */
3013 *q++ = 0x14; /* data track */
3014 *q++ = 0; /* track number */
3015 *q++ = 0xa0; /* first track in program area */
3016 *q++ = 0; /* min */
3017 *q++ = 0; /* sec */
3018 *q++ = 0; /* frame */
3019 *q++ = 0;
3020 *q++ = 1; /* first track */
3021 *q++ = 0x00; /* disk type CD-DA or CD data */
3022 *q++ = 0;
3023
3024 *q++ = 1; /* session number */
3025 *q++ = 0x14; /* data track */
3026 *q++ = 0; /* track number */
3027 *q++ = 0xa1; /* last track in program area */
3028 *q++ = 0; /* min */
3029 *q++ = 0; /* sec */
3030 *q++ = 0; /* frame */
3031 *q++ = 0;
3032 *q++ = 1; /* last track */
3033 *q++ = 0;
3034 *q++ = 0;
3035
3036 *q++ = 1; /* session number */
3037 *q++ = 0x14; /* data track */
3038 *q++ = 0; /* track number */
3039 *q++ = 0xa2; /* lead-out */
3040 *q++ = 0; /* min */
3041 *q++ = 0; /* sec */
3042 *q++ = 0; /* frame */
3043 if (fMSF)
3044 {
3045 *q++ = 0; /* reserved */
3046 ataLBA2MSF(q, s->cTotalSectors);
3047 q += 3;
3048 }
3049 else
3050 {
3051 ataH2BE_U32(q, s->cTotalSectors);
3052 q += 4;
3053 }
3054
3055 *q++ = 1; /* session number */
3056 *q++ = 0x14; /* ADR, control */
3057 *q++ = 0; /* track number */
3058 *q++ = 1; /* point */
3059 *q++ = 0; /* min */
3060 *q++ = 0; /* sec */
3061 *q++ = 0; /* frame */
3062 if (fMSF)
3063 {
3064 *q++ = 0; /* reserved */
3065 ataLBA2MSF(q, 0);
3066 q += 3;
3067 }
3068 else
3069 {
3070 /* sector 0 */
3071 ataH2BE_U32(q, 0);
3072 q += 4;
3073 }
3074
3075 cbSize = q - pbBuf;
3076 ataH2BE_U16(pbBuf, cbSize - 2);
3077 if (cbSize < s->cbTotalTransfer)
3078 s->cbTotalTransfer = cbSize;
3079 s->iSourceSink = ATAFN_SS_NULL;
3080 atapiR3CmdOK(s);
3081 return false;
3082}
3083
3084
3085static void atapiR3ParseCmdVirtualATAPI(ATADevState *s)
3086{
3087 const uint8_t *pbPacket;
3088 uint8_t *pbBuf;
3089 uint32_t cbMax;
3090
3091 pbPacket = s->aATAPICmd;
3092 pbBuf = s->CTX_SUFF(pbIOBuffer);
3093 switch (pbPacket[0])
3094 {
3095 case SCSI_TEST_UNIT_READY:
3096 if (s->cNotifiedMediaChange > 0)
3097 {
3098 if (s->cNotifiedMediaChange-- > 2)
3099 atapiR3CmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
3100 else
3101 atapiR3CmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
3102 }
3103 else if (s->pDrvMount->pfnIsMounted(s->pDrvMount))
3104 atapiR3CmdOK(s);
3105 else
3106 atapiR3CmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
3107 break;
3108 case SCSI_GET_EVENT_STATUS_NOTIFICATION:
3109 cbMax = ataBE2H_U16(pbPacket + 7);
3110 ataR3StartTransfer(s, RT_MIN(cbMax, 8), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_GET_EVENT_STATUS_NOTIFICATION, true);
3111 break;
3112 case SCSI_MODE_SENSE_10:
3113 {
3114 uint8_t uPageControl, uPageCode;
3115 cbMax = ataBE2H_U16(pbPacket + 7);
3116 uPageControl = pbPacket[2] >> 6;
3117 uPageCode = pbPacket[2] & 0x3f;
3118 switch (uPageControl)
3119 {
3120 case SCSI_PAGECONTROL_CURRENT:
3121 switch (uPageCode)
3122 {
3123 case SCSI_MODEPAGE_ERROR_RECOVERY:
3124 ataR3StartTransfer(s, RT_MIN(cbMax, 16), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_MODE_SENSE_ERROR_RECOVERY, true);
3125 break;
3126 case SCSI_MODEPAGE_CD_STATUS:
3127 ataR3StartTransfer(s, RT_MIN(cbMax, 40), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_MODE_SENSE_CD_STATUS, true);
3128 break;
3129 default:
3130 goto error_cmd;
3131 }
3132 break;
3133 case SCSI_PAGECONTROL_CHANGEABLE:
3134 goto error_cmd;
3135 case SCSI_PAGECONTROL_DEFAULT:
3136 goto error_cmd;
3137 default:
3138 case SCSI_PAGECONTROL_SAVED:
3139 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
3140 break;
3141 }
3142 break;
3143 }
3144 case SCSI_REQUEST_SENSE:
3145 cbMax = pbPacket[4];
3146 ataR3StartTransfer(s, RT_MIN(cbMax, 18), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_REQUEST_SENSE, true);
3147 break;
3148 case SCSI_PREVENT_ALLOW_MEDIUM_REMOVAL:
3149 if (s->pDrvMount->pfnIsMounted(s->pDrvMount))
3150 {
3151 if (pbPacket[4] & 1)
3152 s->pDrvMount->pfnLock(s->pDrvMount);
3153 else
3154 s->pDrvMount->pfnUnlock(s->pDrvMount);
3155 atapiR3CmdOK(s);
3156 }
3157 else
3158 atapiR3CmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
3159 break;
3160 case SCSI_READ_10:
3161 case SCSI_READ_12:
3162 {
3163 uint32_t cSectors, iATAPILBA;
3164
3165 if (s->cNotifiedMediaChange > 0)
3166 {
3167 s->cNotifiedMediaChange-- ;
3168 atapiR3CmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
3169 break;
3170 }
3171 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
3172 {
3173 atapiR3CmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
3174 break;
3175 }
3176 if (pbPacket[0] == SCSI_READ_10)
3177 cSectors = ataBE2H_U16(pbPacket + 7);
3178 else
3179 cSectors = ataBE2H_U32(pbPacket + 6);
3180 iATAPILBA = ataBE2H_U32(pbPacket + 2);
3181 if (cSectors == 0)
3182 {
3183 atapiR3CmdOK(s);
3184 break;
3185 }
3186 if ((uint64_t)iATAPILBA + cSectors > s->cTotalSectors)
3187 {
3188 /* Rate limited logging, one log line per second. For
3189 * guests that insist on reading from places outside the
3190 * valid area this often generates too many release log
3191 * entries otherwise. */
3192 static uint64_t uLastLogTS = 0;
3193 if (RTTimeMilliTS() >= uLastLogTS + 1000)
3194 {
3195 LogRel(("PIIX3 ATA: LUN#%d: CD-ROM block number %Ld invalid (READ)\n", s->iLUN, (uint64_t)iATAPILBA + cSectors));
3196 uLastLogTS = RTTimeMilliTS();
3197 }
3198 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_LOGICAL_BLOCK_OOR);
3199 break;
3200 }
3201 atapiR3ReadSectors(s, iATAPILBA, cSectors, 2048);
3202 break;
3203 }
3204 case SCSI_READ_CD:
3205 {
3206 uint32_t cSectors, iATAPILBA;
3207
3208 if (s->cNotifiedMediaChange > 0)
3209 {
3210 s->cNotifiedMediaChange-- ;
3211 atapiR3CmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
3212 break;
3213 }
3214 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
3215 {
3216 atapiR3CmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
3217 break;
3218 }
3219 cSectors = (pbPacket[6] << 16) | (pbPacket[7] << 8) | pbPacket[8];
3220 iATAPILBA = ataBE2H_U32(pbPacket + 2);
3221 if (cSectors == 0)
3222 {
3223 atapiR3CmdOK(s);
3224 break;
3225 }
3226 if ((uint64_t)iATAPILBA + cSectors > s->cTotalSectors)
3227 {
3228 /* Rate limited logging, one log line per second. For
3229 * guests that insist on reading from places outside the
3230 * valid area this often generates too many release log
3231 * entries otherwise. */
3232 static uint64_t uLastLogTS = 0;
3233 if (RTTimeMilliTS() >= uLastLogTS + 1000)
3234 {
3235 LogRel(("PIIX3 ATA: LUN#%d: CD-ROM block number %Ld invalid (READ CD)\n", s->iLUN, (uint64_t)iATAPILBA + cSectors));
3236 uLastLogTS = RTTimeMilliTS();
3237 }
3238 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_LOGICAL_BLOCK_OOR);
3239 break;
3240 }
3241 switch (pbPacket[9] & 0xf8)
3242 {
3243 case 0x00:
3244 /* nothing */
3245 atapiR3CmdOK(s);
3246 break;
3247 case 0x10:
3248 /* normal read */
3249 atapiR3ReadSectors(s, iATAPILBA, cSectors, 2048);
3250 break;
3251 case 0xf8:
3252 /* read all data */
3253 atapiR3ReadSectors(s, iATAPILBA, cSectors, 2352);
3254 break;
3255 default:
3256 LogRel(("PIIX3 ATA: LUN#%d: CD-ROM sector format not supported (%#x)\n", s->iLUN, pbPacket[9] & 0xf8));
3257 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
3258 break;
3259 }
3260 break;
3261 }
3262 case SCSI_SEEK_10:
3263 {
3264 uint32_t iATAPILBA;
3265 if (s->cNotifiedMediaChange > 0)
3266 {
3267 s->cNotifiedMediaChange-- ;
3268 atapiR3CmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
3269 break;
3270 }
3271 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
3272 {
3273 atapiR3CmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
3274 break;
3275 }
3276 iATAPILBA = ataBE2H_U32(pbPacket + 2);
3277 if (iATAPILBA > s->cTotalSectors)
3278 {
3279 /* Rate limited logging, one log line per second. For
3280 * guests that insist on seeking to places outside the
3281 * valid area this often generates too many release log
3282 * entries otherwise. */
3283 static uint64_t uLastLogTS = 0;
3284 if (RTTimeMilliTS() >= uLastLogTS + 1000)
3285 {
3286 LogRel(("PIIX3 ATA: LUN#%d: CD-ROM block number %Ld invalid (SEEK)\n", s->iLUN, (uint64_t)iATAPILBA));
3287 uLastLogTS = RTTimeMilliTS();
3288 }
3289 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_LOGICAL_BLOCK_OOR);
3290 break;
3291 }
3292 atapiR3CmdOK(s);
3293 ataSetStatus(s, ATA_STAT_SEEK); /* Linux expects this. */
3294 break;
3295 }
3296 case SCSI_START_STOP_UNIT:
3297 {
3298 int rc = VINF_SUCCESS;
3299 switch (pbPacket[4] & 3)
3300 {
3301 case 0: /* 00 - Stop motor */
3302 case 1: /* 01 - Start motor */
3303 break;
3304 case 2: /* 10 - Eject media */
3305 {
3306 /* This must be done from EMT. */
3307 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
3308 PPDMDEVINS pDevIns = ATADEVSTATE_2_DEVINS(s);
3309 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
3310
3311 PDMCritSectLeave(&pCtl->lock);
3312 rc = VMR3ReqPriorityCallWait(PDMDevHlpGetVM(pDevIns), VMCPUID_ANY,
3313 (PFNRT)s->pDrvMount->pfnUnmount, 3,
3314 s->pDrvMount, false /*=fForce*/, true /*=fEject*/);
3315 Assert(RT_SUCCESS(rc) || rc == VERR_PDM_MEDIA_LOCKED || rc == VERR_PDM_MEDIA_NOT_MOUNTED);
3316 if (RT_SUCCESS(rc) && pThis->pMediaNotify)
3317 {
3318 rc = VMR3ReqCallNoWait(PDMDevHlpGetVM(pDevIns), VMCPUID_ANY,
3319 (PFNRT)pThis->pMediaNotify->pfnEjected, 2,
3320 pThis->pMediaNotify, s->iLUN);
3321 AssertRC(rc);
3322 }
3323 {
3324 STAM_PROFILE_START(&pCtl->StatLockWait, a);
3325 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
3326 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
3327 }
3328 break;
3329 }
3330 case 3: /* 11 - Load media */
3331 /** @todo rc = s->pDrvMount->pfnLoadMedia(s->pDrvMount) */
3332 break;
3333 }
3334 if (RT_SUCCESS(rc))
3335 atapiR3CmdOK(s);
3336 else
3337 atapiR3CmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIA_LOAD_OR_EJECT_FAILED);
3338 break;
3339 }
3340 case SCSI_MECHANISM_STATUS:
3341 {
3342 cbMax = ataBE2H_U16(pbPacket + 8);
3343 ataR3StartTransfer(s, RT_MIN(cbMax, 8), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_MECHANISM_STATUS, true);
3344 break;
3345 }
3346 case SCSI_READ_TOC_PMA_ATIP:
3347 {
3348 uint8_t format;
3349
3350 if (s->cNotifiedMediaChange > 0)
3351 {
3352 s->cNotifiedMediaChange-- ;
3353 atapiR3CmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
3354 break;
3355 }
3356 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
3357 {
3358 atapiR3CmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
3359 break;
3360 }
3361 cbMax = ataBE2H_U16(pbPacket + 7);
3362 /* SCSI MMC-3 spec says format is at offset 2 (lower 4 bits),
3363 * but Linux kernel uses offset 9 (topmost 2 bits). Hope that
3364 * the other field is clear... */
3365 format = (pbPacket[2] & 0xf) | (pbPacket[9] >> 6);
3366 switch (format)
3367 {
3368 case 0:
3369 ataR3StartTransfer(s, cbMax, PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_TOC_NORMAL, true);
3370 break;
3371 case 1:
3372 ataR3StartTransfer(s, RT_MIN(cbMax, 12), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_TOC_MULTI, true);
3373 break;
3374 case 2:
3375 ataR3StartTransfer(s, cbMax, PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_TOC_RAW, true);
3376 break;
3377 default:
3378 error_cmd:
3379 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
3380 break;
3381 }
3382 break;
3383 }
3384 case SCSI_READ_CAPACITY:
3385 if (s->cNotifiedMediaChange > 0)
3386 {
3387 s->cNotifiedMediaChange-- ;
3388 atapiR3CmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
3389 break;
3390 }
3391 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
3392 {
3393 atapiR3CmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
3394 break;
3395 }
3396 ataR3StartTransfer(s, 8, PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_CAPACITY, true);
3397 break;
3398 case SCSI_READ_DISC_INFORMATION:
3399 if (s->cNotifiedMediaChange > 0)
3400 {
3401 s->cNotifiedMediaChange-- ;
3402 atapiR3CmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
3403 break;
3404 }
3405 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
3406 {
3407 atapiR3CmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
3408 break;
3409 }
3410 cbMax = ataBE2H_U16(pbPacket + 7);
3411 ataR3StartTransfer(s, RT_MIN(cbMax, 34), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_DISC_INFORMATION, true);
3412 break;
3413 case SCSI_READ_TRACK_INFORMATION:
3414 if (s->cNotifiedMediaChange > 0)
3415 {
3416 s->cNotifiedMediaChange-- ;
3417 atapiR3CmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
3418 break;
3419 }
3420 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
3421 {
3422 atapiR3CmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
3423 break;
3424 }
3425 cbMax = ataBE2H_U16(pbPacket + 7);
3426 ataR3StartTransfer(s, RT_MIN(cbMax, 36), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_TRACK_INFORMATION, true);
3427 break;
3428 case SCSI_GET_CONFIGURATION:
3429 /* No media change stuff here, it can confuse Linux guests. */
3430 cbMax = ataBE2H_U16(pbPacket + 7);
3431 ataR3StartTransfer(s, RT_MIN(cbMax, 80), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_GET_CONFIGURATION, true);
3432 break;
3433 case SCSI_INQUIRY:
3434 cbMax = ataBE2H_U16(pbPacket + 3);
3435 ataR3StartTransfer(s, RT_MIN(cbMax, 36), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_INQUIRY, true);
3436 break;
3437 case SCSI_READ_DVD_STRUCTURE:
3438 {
3439 cbMax = ataBE2H_U16(pbPacket + 8);
3440 ataR3StartTransfer(s, RT_MIN(cbMax, 4), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_DVD_STRUCTURE, true);
3441 break;
3442 }
3443 default:
3444 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_ILLEGAL_OPCODE);
3445 break;
3446 }
3447}
3448
3449
3450/*
3451 * Parse ATAPI commands, passing them directly to the CD/DVD drive.
3452 */
3453static void atapiR3ParseCmdPassthrough(ATADevState *s)
3454{
3455 const uint8_t *pbPacket;
3456 uint8_t *pbBuf;
3457 uint32_t cSectors, iATAPILBA;
3458 uint32_t cbTransfer = 0;
3459 PDMMEDIATXDIR uTxDir = PDMMEDIATXDIR_NONE;
3460
3461 pbPacket = s->aATAPICmd;
3462 pbBuf = s->CTX_SUFF(pbIOBuffer);
3463 switch (pbPacket[0])
3464 {
3465 case SCSI_BLANK:
3466 goto sendcmd;
3467 case SCSI_CLOSE_TRACK_SESSION:
3468 goto sendcmd;
3469 case SCSI_ERASE_10:
3470 iATAPILBA = ataBE2H_U32(pbPacket + 2);
3471 cbTransfer = ataBE2H_U16(pbPacket + 7);
3472 Log2(("ATAPI PT: lba %d\n", iATAPILBA));
3473 uTxDir = PDMMEDIATXDIR_TO_DEVICE;
3474 goto sendcmd;
3475 case SCSI_FORMAT_UNIT:
3476 cbTransfer = s->uATARegLCyl | (s->uATARegHCyl << 8); /* use ATAPI transfer length */
3477 uTxDir = PDMMEDIATXDIR_TO_DEVICE;
3478 goto sendcmd;
3479 case SCSI_GET_CONFIGURATION:
3480 cbTransfer = ataBE2H_U16(pbPacket + 7);
3481 uTxDir = PDMMEDIATXDIR_FROM_DEVICE;
3482 goto sendcmd;
3483 case SCSI_GET_EVENT_STATUS_NOTIFICATION:
3484 cbTransfer = ataBE2H_U16(pbPacket + 7);
3485 if (ASMAtomicReadU32(&s->MediaEventStatus) != ATA_EVENT_STATUS_UNCHANGED)
3486 {
3487 ataR3StartTransfer(s, RT_MIN(cbTransfer, 8), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_GET_EVENT_STATUS_NOTIFICATION, true);
3488 break;
3489 }
3490 uTxDir = PDMMEDIATXDIR_FROM_DEVICE;
3491 goto sendcmd;
3492 case SCSI_GET_PERFORMANCE:
3493 cbTransfer = s->uATARegLCyl | (s->uATARegHCyl << 8); /* use ATAPI transfer length */
3494 uTxDir = PDMMEDIATXDIR_FROM_DEVICE;
3495 goto sendcmd;
3496 case SCSI_INQUIRY:
3497 cbTransfer = ataBE2H_U16(pbPacket + 3);
3498 uTxDir = PDMMEDIATXDIR_FROM_DEVICE;
3499 goto sendcmd;
3500 case SCSI_LOAD_UNLOAD_MEDIUM:
3501 goto sendcmd;
3502 case SCSI_MECHANISM_STATUS:
3503 cbTransfer = ataBE2H_U16(pbPacket + 8);
3504 uTxDir = PDMMEDIATXDIR_FROM_DEVICE;
3505 goto sendcmd;
3506 case SCSI_MODE_SELECT_10:
3507 cbTransfer = ataBE2H_U16(pbPacket + 7);
3508 uTxDir = PDMMEDIATXDIR_TO_DEVICE;
3509 goto sendcmd;
3510 case SCSI_MODE_SENSE_10:
3511 cbTransfer = ataBE2H_U16(pbPacket + 7);
3512 uTxDir = PDMMEDIATXDIR_FROM_DEVICE;
3513 goto sendcmd;
3514 case SCSI_PAUSE_RESUME:
3515 goto sendcmd;
3516 case SCSI_PLAY_AUDIO_10:
3517 goto sendcmd;
3518 case SCSI_PLAY_AUDIO_12:
3519 goto sendcmd;
3520 case SCSI_PLAY_AUDIO_MSF:
3521 goto sendcmd;
3522 case SCSI_PREVENT_ALLOW_MEDIUM_REMOVAL:
3523 /** @todo do not forget to unlock when a VM is shut down */
3524 goto sendcmd;
3525 case SCSI_READ_10:
3526 iATAPILBA = ataBE2H_U32(pbPacket + 2);
3527 cSectors = ataBE2H_U16(pbPacket + 7);
3528 Log2(("ATAPI PT: lba %d sectors %d\n", iATAPILBA, cSectors));
3529 s->cbATAPISector = 2048;
3530 cbTransfer = cSectors * s->cbATAPISector;
3531 uTxDir = PDMMEDIATXDIR_FROM_DEVICE;
3532 goto sendcmd;
3533 case SCSI_READ_12:
3534 iATAPILBA = ataBE2H_U32(pbPacket + 2);
3535 cSectors = ataBE2H_U32(pbPacket + 6);
3536 Log2(("ATAPI PT: lba %d sectors %d\n", iATAPILBA, cSectors));
3537 s->cbATAPISector = 2048;
3538 cbTransfer = cSectors * s->cbATAPISector;
3539 uTxDir = PDMMEDIATXDIR_FROM_DEVICE;
3540 goto sendcmd;
3541 case SCSI_READ_BUFFER:
3542 cbTransfer = ataBE2H_U24(pbPacket + 6);
3543 uTxDir = PDMMEDIATXDIR_FROM_DEVICE;
3544 goto sendcmd;
3545 case SCSI_READ_BUFFER_CAPACITY:
3546 cbTransfer = ataBE2H_U16(pbPacket + 7);
3547 uTxDir = PDMMEDIATXDIR_FROM_DEVICE;
3548 goto sendcmd;
3549 case SCSI_READ_CAPACITY:
3550 cbTransfer = 8;
3551 uTxDir = PDMMEDIATXDIR_FROM_DEVICE;
3552 goto sendcmd;
3553 case SCSI_READ_CD:
3554 case SCSI_READ_CD_MSF:
3555 {
3556 /* Get sector size based on the expected sector type field. */
3557 switch ((pbPacket[1] >> 2) & 0x7)
3558 {
3559 case 0x0: /* All types. */
3560 {
3561 uint32_t iLbaStart;
3562
3563 if (pbPacket[0] == SCSI_READ_CD)
3564 iLbaStart = ataBE2H_U32(&pbPacket[2]);
3565 else
3566 iLbaStart = ataMSF2LBA(&pbPacket[3]);
3567
3568 if (s->pTrackList)
3569 s->cbATAPISector = ATAPIPassthroughTrackListGetSectorSizeFromLba(s->pTrackList, iLbaStart);
3570 else
3571 s->cbATAPISector = 2048; /* Might be incorrect if we couldn't determine the type. */
3572 break;
3573 }
3574 case 0x1: /* CD-DA */
3575 s->cbATAPISector = 2352;
3576 break;
3577 case 0x2: /* Mode 1 */
3578 s->cbATAPISector = 2048;
3579 break;
3580 case 0x3: /* Mode 2 formless */
3581 s->cbATAPISector = 2336;
3582 break;
3583 case 0x4: /* Mode 2 form 1 */
3584 s->cbATAPISector = 2048;
3585 break;
3586 case 0x5: /* Mode 2 form 2 */
3587 s->cbATAPISector = 2324;
3588 break;
3589 default: /* Reserved */
3590 AssertMsgFailed(("Unknown sector type\n"));
3591 s->cbATAPISector = 0; /** @todo we should probably fail the command here already. */
3592 }
3593
3594 if (pbPacket[0] == SCSI_READ_CD)
3595 cbTransfer = ataBE2H_U24(pbPacket + 6) * s->cbATAPISector;
3596 else /* SCSI_READ_MSF */
3597 {
3598 cSectors = ataMSF2LBA(pbPacket + 6) - ataMSF2LBA(pbPacket + 3);
3599 if (cSectors > 32)
3600 cSectors = 32; /* Limit transfer size to 64~74K. Safety first. In any case this can only harm software doing CDDA extraction. */
3601 cbTransfer = cSectors * s->cbATAPISector;
3602 }
3603 uTxDir = PDMMEDIATXDIR_FROM_DEVICE;
3604 goto sendcmd;
3605 }
3606 case SCSI_READ_DISC_INFORMATION:
3607 cbTransfer = ataBE2H_U16(pbPacket + 7);
3608 uTxDir = PDMMEDIATXDIR_FROM_DEVICE;
3609 goto sendcmd;
3610 case SCSI_READ_DVD_STRUCTURE:
3611 cbTransfer = ataBE2H_U16(pbPacket + 8);
3612 uTxDir = PDMMEDIATXDIR_FROM_DEVICE;
3613 goto sendcmd;
3614 case SCSI_READ_FORMAT_CAPACITIES:
3615 cbTransfer = ataBE2H_U16(pbPacket + 7);
3616 uTxDir = PDMMEDIATXDIR_FROM_DEVICE;
3617 goto sendcmd;
3618 case SCSI_READ_SUBCHANNEL:
3619 cbTransfer = ataBE2H_U16(pbPacket + 7);
3620 uTxDir = PDMMEDIATXDIR_FROM_DEVICE;
3621 goto sendcmd;
3622 case SCSI_READ_TOC_PMA_ATIP:
3623 cbTransfer = ataBE2H_U16(pbPacket + 7);
3624 uTxDir = PDMMEDIATXDIR_FROM_DEVICE;
3625 goto sendcmd;
3626 case SCSI_READ_TRACK_INFORMATION:
3627 cbTransfer = ataBE2H_U16(pbPacket + 7);
3628 uTxDir = PDMMEDIATXDIR_FROM_DEVICE;
3629 goto sendcmd;
3630 case SCSI_REPAIR_TRACK:
3631 goto sendcmd;
3632 case SCSI_REPORT_KEY:
3633 cbTransfer = ataBE2H_U16(pbPacket + 8);
3634 uTxDir = PDMMEDIATXDIR_FROM_DEVICE;
3635 goto sendcmd;
3636 case SCSI_REQUEST_SENSE:
3637 cbTransfer = pbPacket[4];
3638 if ((s->abATAPISense[2] & 0x0f) != SCSI_SENSE_NONE)
3639 {
3640 ataR3StartTransfer(s, RT_MIN(cbTransfer, 18), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_REQUEST_SENSE, true);
3641 break;
3642 }
3643 uTxDir = PDMMEDIATXDIR_FROM_DEVICE;
3644 goto sendcmd;
3645 case SCSI_RESERVE_TRACK:
3646 goto sendcmd;
3647 case SCSI_SCAN:
3648 goto sendcmd;
3649 case SCSI_SEEK_10:
3650 goto sendcmd;
3651 case SCSI_SEND_CUE_SHEET:
3652 cbTransfer = ataBE2H_U24(pbPacket + 6);
3653 uTxDir = PDMMEDIATXDIR_TO_DEVICE;
3654 goto sendcmd;
3655 case SCSI_SEND_DVD_STRUCTURE:
3656 cbTransfer = ataBE2H_U16(pbPacket + 8);
3657 uTxDir = PDMMEDIATXDIR_TO_DEVICE;
3658 goto sendcmd;
3659 case SCSI_SEND_EVENT:
3660 cbTransfer = ataBE2H_U16(pbPacket + 8);
3661 uTxDir = PDMMEDIATXDIR_TO_DEVICE;
3662 goto sendcmd;
3663 case SCSI_SEND_KEY:
3664 cbTransfer = ataBE2H_U16(pbPacket + 8);
3665 uTxDir = PDMMEDIATXDIR_TO_DEVICE;
3666 goto sendcmd;
3667 case SCSI_SEND_OPC_INFORMATION:
3668 cbTransfer = ataBE2H_U16(pbPacket + 7);
3669 uTxDir = PDMMEDIATXDIR_TO_DEVICE;
3670 goto sendcmd;
3671 case SCSI_SET_CD_SPEED:
3672 goto sendcmd;
3673 case SCSI_SET_READ_AHEAD:
3674 goto sendcmd;
3675 case SCSI_SET_STREAMING:
3676 cbTransfer = ataBE2H_U16(pbPacket + 9);
3677 uTxDir = PDMMEDIATXDIR_TO_DEVICE;
3678 goto sendcmd;
3679 case SCSI_START_STOP_UNIT:
3680 goto sendcmd;
3681 case SCSI_STOP_PLAY_SCAN:
3682 goto sendcmd;
3683 case SCSI_SYNCHRONIZE_CACHE:
3684 goto sendcmd;
3685 case SCSI_TEST_UNIT_READY:
3686 goto sendcmd;
3687 case SCSI_VERIFY_10:
3688 goto sendcmd;
3689 case SCSI_WRITE_10:
3690 case SCSI_WRITE_AND_VERIFY_10:
3691 iATAPILBA = ataBE2H_U32(pbPacket + 2);
3692 cSectors = ataBE2H_U16(pbPacket + 7);
3693 if (s->pTrackList)
3694 s->cbATAPISector = ATAPIPassthroughTrackListGetSectorSizeFromLba(s->pTrackList, iATAPILBA);
3695 else
3696 s->cbATAPISector = 2048;
3697 Log2(("ATAPI PT: lba %d sectors %d sector size %d\n", iATAPILBA, cSectors, s->cbATAPISector));
3698 cbTransfer = cSectors * s->cbATAPISector;
3699 uTxDir = PDMMEDIATXDIR_TO_DEVICE;
3700 goto sendcmd;
3701 case SCSI_WRITE_12:
3702 iATAPILBA = ataBE2H_U32(pbPacket + 2);
3703 cSectors = ataBE2H_U32(pbPacket + 6);
3704 if (s->pTrackList)
3705 s->cbATAPISector = ATAPIPassthroughTrackListGetSectorSizeFromLba(s->pTrackList, iATAPILBA);
3706 else
3707 s->cbATAPISector = 2048;
3708 Log2(("ATAPI PT: lba %d sectors %d sector size %d\n", iATAPILBA, cSectors, s->cbATAPISector));
3709 cbTransfer = cSectors * s->cbATAPISector;
3710 uTxDir = PDMMEDIATXDIR_TO_DEVICE;
3711 goto sendcmd;
3712 case SCSI_WRITE_BUFFER:
3713 switch (pbPacket[1] & 0x1f)
3714 {
3715 case 0x04: /* download microcode */
3716 case 0x05: /* download microcode and save */
3717 case 0x06: /* download microcode with offsets */
3718 case 0x07: /* download microcode with offsets and save */
3719 case 0x0e: /* download microcode with offsets and defer activation */
3720 case 0x0f: /* activate deferred microcode */
3721 LogRel(("PIIX3 ATA: LUN#%d: CD-ROM passthrough command attempted to update firmware, blocked\n", s->iLUN));
3722 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
3723 break;
3724 default:
3725 cbTransfer = ataBE2H_U16(pbPacket + 6);
3726 uTxDir = PDMMEDIATXDIR_TO_DEVICE;
3727 goto sendcmd;
3728 }
3729 break;
3730 case SCSI_REPORT_LUNS: /* Not part of MMC-3, but used by Windows. */
3731 cbTransfer = ataBE2H_U32(pbPacket + 6);
3732 uTxDir = PDMMEDIATXDIR_FROM_DEVICE;
3733 goto sendcmd;
3734 case SCSI_REZERO_UNIT:
3735 /* Obsolete command used by cdrecord. What else would one expect?
3736 * This command is not sent to the drive, it is handled internally,
3737 * as the Linux kernel doesn't like it (message "scsi: unknown
3738 * opcode 0x01" in syslog) and replies with a sense code of 0,
3739 * which sends cdrecord to an endless loop. */
3740 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_ILLEGAL_OPCODE);
3741 break;
3742 default:
3743 LogRel(("PIIX3 ATA: LUN#%d: passthrough unimplemented for command %#x\n", s->iLUN, pbPacket[0]));
3744 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_ILLEGAL_OPCODE);
3745 break;
3746 sendcmd:
3747 /*
3748 * Send a command to the drive, passing data in/out as required.
3749 * Commands which exceed the I/O buffer size are split below
3750 * or aborted if splitting is not implemented.
3751 */
3752 Log2(("ATAPI PT: max size %d\n", cbTransfer));
3753 if (cbTransfer == 0)
3754 uTxDir = PDMMEDIATXDIR_NONE;
3755 ataR3StartTransfer(s, cbTransfer, uTxDir, ATAFN_BT_ATAPI_PASSTHROUGH_CMD, ATAFN_SS_ATAPI_PASSTHROUGH, true);
3756 }
3757}
3758
3759
3760static void atapiR3ParseCmd(ATADevState *s)
3761{
3762 const uint8_t *pbPacket;
3763
3764 pbPacket = s->aATAPICmd;
3765# ifdef DEBUG
3766 Log(("%s: LUN#%d DMA=%d CMD=%#04x \"%s\"\n", __FUNCTION__, s->iLUN, s->fDMA, pbPacket[0], SCSICmdText(pbPacket[0])));
3767# else /* !DEBUG */
3768 Log(("%s: LUN#%d DMA=%d CMD=%#04x\n", __FUNCTION__, s->iLUN, s->fDMA, pbPacket[0]));
3769# endif /* !DEBUG */
3770 Log2(("%s: limit=%#x packet: %.*Rhxs\n", __FUNCTION__, s->uATARegLCyl | (s->uATARegHCyl << 8), ATAPI_PACKET_SIZE, pbPacket));
3771
3772 if (s->fATAPIPassthrough)
3773 atapiR3ParseCmdPassthrough(s);
3774 else
3775 atapiR3ParseCmdVirtualATAPI(s);
3776}
3777
3778
3779static bool ataR3PacketSS(ATADevState *s)
3780{
3781 s->fDMA = !!(s->uATARegFeature & 1);
3782 memcpy(s->aATAPICmd, s->CTX_SUFF(pbIOBuffer), ATAPI_PACKET_SIZE);
3783 s->uTxDir = PDMMEDIATXDIR_NONE;
3784 s->cbTotalTransfer = 0;
3785 s->cbElementaryTransfer = 0;
3786 s->cbAtapiPassthroughTransfer = 0;
3787 atapiR3ParseCmd(s);
3788 return false;
3789}
3790
3791
3792/**
3793 * SCSI_GET_EVENT_STATUS_NOTIFICATION should return "medium removed" event
3794 * from now on, regardless if there was a medium inserted or not.
3795 */
3796static void ataR3MediumRemoved(ATADevState *s)
3797{
3798 ASMAtomicWriteU32(&s->MediaEventStatus, ATA_EVENT_STATUS_MEDIA_REMOVED);
3799}
3800
3801
3802/**
3803 * SCSI_GET_EVENT_STATUS_NOTIFICATION should return "medium inserted". If
3804 * there was already a medium inserted, don't forget to send the "medium
3805 * removed" event first.
3806 */
3807static void ataR3MediumInserted(ATADevState *s)
3808{
3809 uint32_t OldStatus, NewStatus;
3810 do
3811 {
3812 OldStatus = ASMAtomicReadU32(&s->MediaEventStatus);
3813 switch (OldStatus)
3814 {
3815 case ATA_EVENT_STATUS_MEDIA_CHANGED:
3816 case ATA_EVENT_STATUS_MEDIA_REMOVED:
3817 /* no change, we will send "medium removed" + "medium inserted" */
3818 NewStatus = ATA_EVENT_STATUS_MEDIA_CHANGED;
3819 break;
3820 default:
3821 NewStatus = ATA_EVENT_STATUS_MEDIA_NEW;
3822 break;
3823 }
3824 } while (!ASMAtomicCmpXchgU32(&s->MediaEventStatus, NewStatus, OldStatus));
3825}
3826
3827
3828/**
3829 * @interface_method_impl{PDMIMOUNTNOTIFY,pfnMountNotify}
3830 */
3831static DECLCALLBACK(void) ataR3MountNotify(PPDMIMOUNTNOTIFY pInterface)
3832{
3833 ATADevState *pIf = PDMIMOUNTNOTIFY_2_ATASTATE(pInterface);
3834 Log(("%s: changing LUN#%d\n", __FUNCTION__, pIf->iLUN));
3835
3836 /* Ignore the call if we're called while being attached. */
3837 if (!pIf->pDrvMedia)
3838 return;
3839
3840 if (pIf->fATAPI)
3841 pIf->cTotalSectors = pIf->pDrvMedia->pfnGetSize(pIf->pDrvMedia) / 2048;
3842 else
3843 pIf->cTotalSectors = pIf->pDrvMedia->pfnGetSize(pIf->pDrvMedia) / pIf->cbSector;
3844
3845 LogRel(("PIIX3 ATA: LUN#%d: CD/DVD, total number of sectors %Ld, passthrough unchanged\n", pIf->iLUN, pIf->cTotalSectors));
3846
3847 /* Report media changed in TEST UNIT and other (probably incorrect) places. */
3848 if (pIf->cNotifiedMediaChange < 2)
3849 pIf->cNotifiedMediaChange = 1;
3850 ataR3MediumInserted(pIf);
3851 ataR3MediumTypeSet(pIf, ATA_MEDIA_TYPE_UNKNOWN);
3852}
3853
3854/**
3855 * @interface_method_impl{PDMIMOUNTNOTIFY,pfnUnmountNotify}
3856 */
3857static DECLCALLBACK(void) ataR3UnmountNotify(PPDMIMOUNTNOTIFY pInterface)
3858{
3859 ATADevState *pIf = PDMIMOUNTNOTIFY_2_ATASTATE(pInterface);
3860 Log(("%s:\n", __FUNCTION__));
3861 pIf->cTotalSectors = 0;
3862
3863 /*
3864 * Whatever I do, XP will not use the GET MEDIA STATUS nor the EVENT stuff.
3865 * However, it will respond to TEST UNIT with a 0x6 0x28 (media changed) sense code.
3866 * So, we'll give it 4 TEST UNIT command to catch up, two which the media is not
3867 * present and 2 in which it is changed.
3868 */
3869 pIf->cNotifiedMediaChange = 1;
3870 ataR3MediumRemoved(pIf);
3871 ataR3MediumTypeSet(pIf, ATA_MEDIA_NO_DISC);
3872}
3873
3874static void ataR3PacketBT(ATADevState *s)
3875{
3876 s->cbElementaryTransfer = s->cbTotalTransfer;
3877 s->cbAtapiPassthroughTransfer = s->cbTotalTransfer;
3878 s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_CD;
3879 Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
3880 ataSetStatusValue(s, ATA_STAT_READY);
3881}
3882
3883
3884static void ataR3ResetDevice(ATADevState *s)
3885{
3886 s->cMultSectors = ATA_MAX_MULT_SECTORS;
3887 s->cNotifiedMediaChange = 0;
3888 ASMAtomicWriteU32(&s->MediaEventStatus, ATA_EVENT_STATUS_UNCHANGED);
3889 ASMAtomicWriteU32(&s->MediaTrackType, ATA_MEDIA_TYPE_UNKNOWN);
3890 ataUnsetIRQ(s);
3891
3892 s->uATARegSelect = 0x20;
3893 ataSetStatusValue(s, ATA_STAT_READY);
3894 ataR3SetSignature(s);
3895 s->cbTotalTransfer = 0;
3896 s->cbElementaryTransfer = 0;
3897 s->cbAtapiPassthroughTransfer = 0;
3898 s->iIOBufferPIODataStart = 0;
3899 s->iIOBufferPIODataEnd = 0;
3900 s->iBeginTransfer = ATAFN_BT_NULL;
3901 s->iSourceSink = ATAFN_SS_NULL;
3902 s->fDMA = false;
3903 s->fATAPITransfer = false;
3904 s->uATATransferMode = ATA_MODE_UDMA | 2; /* PIIX3 supports only up to UDMA2 */
3905
3906 s->uATARegFeature = 0;
3907}
3908
3909
3910static bool ataR3ExecuteDeviceDiagnosticSS(ATADevState *s)
3911{
3912 ataR3SetSignature(s);
3913 if (s->fATAPI)
3914 ataSetStatusValue(s, 0); /* NOTE: READY is _not_ set */
3915 else
3916 ataSetStatusValue(s, ATA_STAT_READY | ATA_STAT_SEEK);
3917 s->uATARegError = 0x01;
3918 return false;
3919}
3920
3921
3922static int ataR3TrimSectors(ATADevState *s, uint64_t u64Sector, uint32_t cSectors,
3923 bool *pfRedo)
3924{
3925 RTRANGE TrimRange;
3926 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
3927 int rc;
3928
3929 PDMCritSectLeave(&pCtl->lock);
3930
3931 TrimRange.offStart = u64Sector * s->cbSector;
3932 TrimRange.cbRange = cSectors * s->cbSector;
3933
3934 s->Led.Asserted.s.fWriting = s->Led.Actual.s.fWriting = 1;
3935 rc = s->pDrvMedia->pfnDiscard(s->pDrvMedia, &TrimRange, 1);
3936 s->Led.Actual.s.fWriting = 0;
3937
3938 if (RT_SUCCESS(rc))
3939 *pfRedo = false;
3940 else
3941 *pfRedo = ataR3IsRedoSetWarning(s, rc);
3942
3943 STAM_PROFILE_START(&pCtl->StatLockWait, a);
3944 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
3945 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
3946 return rc;
3947}
3948
3949
3950static bool ataR3TrimSS(ATADevState *s)
3951{
3952 int rc = VERR_GENERAL_FAILURE;
3953 uint32_t cRangesMax;
3954 uint64_t *pu64Range = (uint64_t *)s->CTX_SUFF(pbIOBuffer);
3955 bool fRedo = false;
3956
3957 cRangesMax = s->cbElementaryTransfer / sizeof(uint64_t);
3958 Assert(cRangesMax);
3959
3960 while (cRangesMax-- > 0)
3961 {
3962 if (ATA_RANGE_LENGTH_GET(*pu64Range) == 0)
3963 break;
3964
3965 rc = ataR3TrimSectors(s, *pu64Range & ATA_RANGE_LBA_MASK,
3966 ATA_RANGE_LENGTH_GET(*pu64Range), &fRedo);
3967 if (RT_FAILURE(rc))
3968 break;
3969
3970 pu64Range++;
3971 }
3972
3973 if (RT_SUCCESS(rc))
3974 {
3975 s->iSourceSink = ATAFN_SS_NULL;
3976 ataR3CmdOK(s, ATA_STAT_SEEK);
3977 }
3978 else
3979 {
3980 if (fRedo)
3981 return fRedo;
3982 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
3983 LogRel(("PIIX3 ATA: LUN#%d: disk trim error (rc=%Rrc iSector=%#RX64 cSectors=%#RX32)\n",
3984 s->iLUN, rc, *pu64Range & ATA_RANGE_LBA_MASK, ATA_RANGE_LENGTH_GET(*pu64Range)));
3985
3986 /*
3987 * Check if we got interrupted. We don't need to set status variables
3988 * because the request was aborted.
3989 */
3990 if (rc != VERR_INTERRUPTED)
3991 ataR3CmdError(s, ID_ERR);
3992 }
3993
3994 return false;
3995}
3996
3997
3998static void ataR3ParseCmd(ATADevState *s, uint8_t cmd)
3999{
4000# ifdef DEBUG
4001 Log(("%s: LUN#%d CMD=%#04x \"%s\"\n", __FUNCTION__, s->iLUN, cmd, ATACmdText(cmd)));
4002# else /* !DEBUG */
4003 Log(("%s: LUN#%d CMD=%#04x\n", __FUNCTION__, s->iLUN, cmd));
4004# endif /* !DEBUG */
4005 s->fLBA48 = false;
4006 s->fDMA = false;
4007 if (cmd == ATA_IDLE_IMMEDIATE)
4008 {
4009 /* Detect Linux timeout recovery, first tries IDLE IMMEDIATE (which
4010 * would overwrite the failing command unfortunately), then RESET. */
4011 int32_t uCmdWait = -1;
4012 uint64_t uNow = RTTimeNanoTS();
4013 if (s->u64CmdTS)
4014 uCmdWait = (uNow - s->u64CmdTS) / 1000;
4015 LogRel(("PIIX3 ATA: LUN#%d: IDLE IMMEDIATE, CmdIf=%#04x (%d usec ago)\n",
4016 s->iLUN, s->uATARegCommand, uCmdWait));
4017 }
4018 s->uATARegCommand = cmd;
4019 switch (cmd)
4020 {
4021 case ATA_IDENTIFY_DEVICE:
4022 if (s->pDrvMedia && !s->fATAPI)
4023 ataR3StartTransfer(s, 512, PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_NULL, ATAFN_SS_IDENTIFY, false);
4024 else
4025 {
4026 if (s->fATAPI)
4027 ataR3SetSignature(s);
4028 ataR3CmdError(s, ABRT_ERR);
4029 ataUnsetStatus(s, ATA_STAT_READY);
4030 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4031 }
4032 break;
4033 case ATA_RECALIBRATE:
4034 if (s->fATAPI)
4035 goto abort_cmd;
4036 /* fall through */
4037 case ATA_INITIALIZE_DEVICE_PARAMETERS:
4038 ataR3CmdOK(s, ATA_STAT_SEEK);
4039 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4040 break;
4041 case ATA_SET_MULTIPLE_MODE:
4042 if ( s->uATARegNSector != 0
4043 && ( s->uATARegNSector > ATA_MAX_MULT_SECTORS
4044 || (s->uATARegNSector & (s->uATARegNSector - 1)) != 0))
4045 {
4046 ataR3CmdError(s, ABRT_ERR);
4047 }
4048 else
4049 {
4050 Log2(("%s: set multi sector count to %d\n", __FUNCTION__, s->uATARegNSector));
4051 s->cMultSectors = s->uATARegNSector;
4052 ataR3CmdOK(s, 0);
4053 }
4054 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4055 break;
4056 case ATA_READ_VERIFY_SECTORS_EXT:
4057 s->fLBA48 = true;
4058 case ATA_READ_VERIFY_SECTORS:
4059 case ATA_READ_VERIFY_SECTORS_WITHOUT_RETRIES:
4060 /* do sector number check ? */
4061 ataR3CmdOK(s, ATA_STAT_SEEK);
4062 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4063 break;
4064 case ATA_READ_SECTORS_EXT:
4065 s->fLBA48 = true;
4066 case ATA_READ_SECTORS:
4067 case ATA_READ_SECTORS_WITHOUT_RETRIES:
4068 if (!s->pDrvMedia || s->fATAPI)
4069 goto abort_cmd;
4070 s->cSectorsPerIRQ = 1;
4071 ataR3StartTransfer(s, ataR3GetNSectors(s) * s->cbSector, PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_READ_SECTORS, false);
4072 break;
4073 case ATA_WRITE_SECTORS_EXT:
4074 s->fLBA48 = true;
4075 case ATA_WRITE_SECTORS:
4076 case ATA_WRITE_SECTORS_WITHOUT_RETRIES:
4077 if (!s->pDrvMedia || s->fATAPI)
4078 goto abort_cmd;
4079 s->cSectorsPerIRQ = 1;
4080 ataR3StartTransfer(s, ataR3GetNSectors(s) * s->cbSector, PDMMEDIATXDIR_TO_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_WRITE_SECTORS, false);
4081 break;
4082 case ATA_READ_MULTIPLE_EXT:
4083 s->fLBA48 = true;
4084 case ATA_READ_MULTIPLE:
4085 if (!s->pDrvMedia || !s->cMultSectors || s->fATAPI)
4086 goto abort_cmd;
4087 s->cSectorsPerIRQ = s->cMultSectors;
4088 ataR3StartTransfer(s, ataR3GetNSectors(s) * s->cbSector, PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_READ_SECTORS, false);
4089 break;
4090 case ATA_WRITE_MULTIPLE_EXT:
4091 s->fLBA48 = true;
4092 case ATA_WRITE_MULTIPLE:
4093 if (!s->pDrvMedia || !s->cMultSectors || s->fATAPI)
4094 goto abort_cmd;
4095 s->cSectorsPerIRQ = s->cMultSectors;
4096 ataR3StartTransfer(s, ataR3GetNSectors(s) * s->cbSector, PDMMEDIATXDIR_TO_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_WRITE_SECTORS, false);
4097 break;
4098 case ATA_READ_DMA_EXT:
4099 s->fLBA48 = true;
4100 case ATA_READ_DMA:
4101 case ATA_READ_DMA_WITHOUT_RETRIES:
4102 if (!s->pDrvMedia || s->fATAPI)
4103 goto abort_cmd;
4104 s->cSectorsPerIRQ = ATA_MAX_MULT_SECTORS;
4105 s->fDMA = true;
4106 ataR3StartTransfer(s, ataR3GetNSectors(s) * s->cbSector, PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_READ_SECTORS, false);
4107 break;
4108 case ATA_WRITE_DMA_EXT:
4109 s->fLBA48 = true;
4110 case ATA_WRITE_DMA:
4111 case ATA_WRITE_DMA_WITHOUT_RETRIES:
4112 if (!s->pDrvMedia || s->fATAPI)
4113 goto abort_cmd;
4114 s->cSectorsPerIRQ = ATA_MAX_MULT_SECTORS;
4115 s->fDMA = true;
4116 ataR3StartTransfer(s, ataR3GetNSectors(s) * s->cbSector, PDMMEDIATXDIR_TO_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_WRITE_SECTORS, false);
4117 break;
4118 case ATA_READ_NATIVE_MAX_ADDRESS_EXT:
4119 s->fLBA48 = true;
4120 ataR3SetSector(s, s->cTotalSectors - 1);
4121 ataR3CmdOK(s, 0);
4122 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4123 break;
4124 case ATA_SEEK: /* Used by the SCO OpenServer. Command is marked as obsolete */
4125 ataR3CmdOK(s, 0);
4126 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4127 break;
4128 case ATA_READ_NATIVE_MAX_ADDRESS:
4129 ataR3SetSector(s, RT_MIN(s->cTotalSectors, 1 << 28) - 1);
4130 ataR3CmdOK(s, 0);
4131 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4132 break;
4133 case ATA_CHECK_POWER_MODE:
4134 s->uATARegNSector = 0xff; /* drive active or idle */
4135 ataR3CmdOK(s, 0);
4136 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4137 break;
4138 case ATA_SET_FEATURES:
4139 Log2(("%s: feature=%#x\n", __FUNCTION__, s->uATARegFeature));
4140 if (!s->pDrvMedia)
4141 goto abort_cmd;
4142 switch (s->uATARegFeature)
4143 {
4144 case 0x02: /* write cache enable */
4145 Log2(("%s: write cache enable\n", __FUNCTION__));
4146 ataR3CmdOK(s, ATA_STAT_SEEK);
4147 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4148 break;
4149 case 0xaa: /* read look-ahead enable */
4150 Log2(("%s: read look-ahead enable\n", __FUNCTION__));
4151 ataR3CmdOK(s, ATA_STAT_SEEK);
4152 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4153 break;
4154 case 0x55: /* read look-ahead disable */
4155 Log2(("%s: read look-ahead disable\n", __FUNCTION__));
4156 ataR3CmdOK(s, ATA_STAT_SEEK);
4157 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4158 break;
4159 case 0xcc: /* reverting to power-on defaults enable */
4160 Log2(("%s: revert to power-on defaults enable\n", __FUNCTION__));
4161 ataR3CmdOK(s, ATA_STAT_SEEK);
4162 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4163 break;
4164 case 0x66: /* reverting to power-on defaults disable */
4165 Log2(("%s: revert to power-on defaults disable\n", __FUNCTION__));
4166 ataR3CmdOK(s, ATA_STAT_SEEK);
4167 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4168 break;
4169 case 0x82: /* write cache disable */
4170 Log2(("%s: write cache disable\n", __FUNCTION__));
4171 /* As per the ATA/ATAPI-6 specs, a write cache disable
4172 * command MUST flush the write buffers to disc. */
4173 ataR3StartTransfer(s, 0, PDMMEDIATXDIR_NONE, ATAFN_BT_NULL, ATAFN_SS_FLUSH, false);
4174 break;
4175 case 0x03: { /* set transfer mode */
4176 Log2(("%s: transfer mode %#04x\n", __FUNCTION__, s->uATARegNSector));
4177 switch (s->uATARegNSector & 0xf8)
4178 {
4179 case 0x00: /* PIO default */
4180 case 0x08: /* PIO mode */
4181 break;
4182 case ATA_MODE_MDMA: /* MDMA mode */
4183 s->uATATransferMode = (s->uATARegNSector & 0xf8) | RT_MIN(s->uATARegNSector & 0x07, ATA_MDMA_MODE_MAX);
4184 break;
4185 case ATA_MODE_UDMA: /* UDMA mode */
4186 s->uATATransferMode = (s->uATARegNSector & 0xf8) | RT_MIN(s->uATARegNSector & 0x07, ATA_UDMA_MODE_MAX);
4187 break;
4188 default:
4189 goto abort_cmd;
4190 }
4191 ataR3CmdOK(s, ATA_STAT_SEEK);
4192 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4193 break;
4194 }
4195 default:
4196 goto abort_cmd;
4197 }
4198 /*
4199 * OS/2 workarond:
4200 * The OS/2 IDE driver from MCP2 appears to rely on the feature register being
4201 * reset here. According to the specification, this is a driver bug as the register
4202 * contents are undefined after the call. This means we can just as well reset it.
4203 */
4204 s->uATARegFeature = 0;
4205 break;
4206 case ATA_FLUSH_CACHE_EXT:
4207 case ATA_FLUSH_CACHE:
4208 if (!s->pDrvMedia || s->fATAPI)
4209 goto abort_cmd;
4210 ataR3StartTransfer(s, 0, PDMMEDIATXDIR_NONE, ATAFN_BT_NULL, ATAFN_SS_FLUSH, false);
4211 break;
4212 case ATA_STANDBY_IMMEDIATE:
4213 ataR3CmdOK(s, 0);
4214 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4215 break;
4216 case ATA_IDLE_IMMEDIATE:
4217 LogRel(("PIIX3 ATA: LUN#%d: aborting current command\n", s->iLUN));
4218 ataR3AbortCurrentCommand(s, false);
4219 break;
4220 case ATA_SLEEP:
4221 ataR3CmdOK(s, 0);
4222 ataHCSetIRQ(s);
4223 break;
4224 /* ATAPI commands */
4225 case ATA_IDENTIFY_PACKET_DEVICE:
4226 if (s->fATAPI)
4227 ataR3StartTransfer(s, 512, PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_NULL, ATAFN_SS_ATAPI_IDENTIFY, false);
4228 else
4229 {
4230 ataR3CmdError(s, ABRT_ERR);
4231 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4232 }
4233 break;
4234 case ATA_EXECUTE_DEVICE_DIAGNOSTIC:
4235 ataR3StartTransfer(s, 0, PDMMEDIATXDIR_NONE, ATAFN_BT_NULL, ATAFN_SS_EXECUTE_DEVICE_DIAGNOSTIC, false);
4236 break;
4237 case ATA_DEVICE_RESET:
4238 if (!s->fATAPI)
4239 goto abort_cmd;
4240 LogRel(("PIIX3 ATA: LUN#%d: performing device RESET\n", s->iLUN));
4241 ataR3AbortCurrentCommand(s, true);
4242 break;
4243 case ATA_PACKET:
4244 if (!s->fATAPI)
4245 goto abort_cmd;
4246 /* overlapping commands not supported */
4247 if (s->uATARegFeature & 0x02)
4248 goto abort_cmd;
4249 ataR3StartTransfer(s, ATAPI_PACKET_SIZE, PDMMEDIATXDIR_TO_DEVICE, ATAFN_BT_PACKET, ATAFN_SS_PACKET, false);
4250 break;
4251 case ATA_DATA_SET_MANAGEMENT:
4252 if (!s->pDrvMedia || !s->pDrvMedia->pfnDiscard)
4253 goto abort_cmd;
4254 if ( !(s->uATARegFeature & UINT8_C(0x01))
4255 || (s->uATARegFeature & ~UINT8_C(0x01)))
4256 goto abort_cmd;
4257 s->fDMA = true;
4258 ataR3StartTransfer(s, (s->uATARegNSectorHOB << 8 | s->uATARegNSector) * s->cbSector, PDMMEDIATXDIR_TO_DEVICE, ATAFN_BT_NULL, ATAFN_SS_TRIM, false);
4259 break;
4260 default:
4261 abort_cmd:
4262 ataR3CmdError(s, ABRT_ERR);
4263 if (s->fATAPI)
4264 ataUnsetStatus(s, ATA_STAT_READY);
4265 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4266 break;
4267 }
4268}
4269
4270# endif /* IN_RING3 */
4271#endif /* IN_RING0 || IN_RING3 */
4272
4273/*
4274 * Note: There are four distinct cases of port I/O handling depending on
4275 * which devices (if any) are attached to an IDE channel:
4276 *
4277 * 1) No device attached. No response to writes or reads (i.e. reads return
4278 * all bits set).
4279 *
4280 * 2) Both devices attached. Reads and writes are processed normally.
4281 *
4282 * 3) Device 0 only. If device 0 is selected, normal behavior applies. But
4283 * if Device 1 is selected, writes are still directed to Device 0 (except
4284 * commands are not executed), reads from control/command registers are
4285 * directed to Device 0, but status/alt status reads return 0. If Device 1
4286 * is a PACKET device, all reads return 0. See ATAPI-6 clause 9.16.1 and
4287 * Table 18 in clause 7.1.
4288 *
4289 * 4) Device 1 only - non-standard(!). Device 1 can't tell if Device 0 is
4290 * present or not and behaves the same. That means if Device 0 is selected,
4291 * Device 1 responds to writes (except commands are not executed) but does
4292 * not respond to reads. If Device 1 selected, normal behavior applies.
4293 * See ATAPI-6 clause 9.16.2 and Table 15 in clause 7.1.
4294 */
4295
4296static int ataIOPortWriteU8(PATACONTROLLER pCtl, uint32_t addr, uint32_t val)
4297{
4298 Log2(("%s: LUN#%d write addr=%#x val=%#04x\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf].iLUN, addr, val));
4299 addr &= 7;
4300 switch (addr)
4301 {
4302 case 0:
4303 break;
4304 case 1: /* feature register */
4305 /* NOTE: data is written to the two drives */
4306 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
4307 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
4308 pCtl->aIfs[0].uATARegFeatureHOB = pCtl->aIfs[0].uATARegFeature;
4309 pCtl->aIfs[1].uATARegFeatureHOB = pCtl->aIfs[1].uATARegFeature;
4310 pCtl->aIfs[0].uATARegFeature = val;
4311 pCtl->aIfs[1].uATARegFeature = val;
4312 break;
4313 case 2: /* sector count */
4314 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
4315 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
4316 pCtl->aIfs[0].uATARegNSectorHOB = pCtl->aIfs[0].uATARegNSector;
4317 pCtl->aIfs[1].uATARegNSectorHOB = pCtl->aIfs[1].uATARegNSector;
4318 pCtl->aIfs[0].uATARegNSector = val;
4319 pCtl->aIfs[1].uATARegNSector = val;
4320 break;
4321 case 3: /* sector number */
4322 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
4323 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
4324 pCtl->aIfs[0].uATARegSectorHOB = pCtl->aIfs[0].uATARegSector;
4325 pCtl->aIfs[1].uATARegSectorHOB = pCtl->aIfs[1].uATARegSector;
4326 pCtl->aIfs[0].uATARegSector = val;
4327 pCtl->aIfs[1].uATARegSector = val;
4328 break;
4329 case 4: /* cylinder low */
4330 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
4331 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
4332 pCtl->aIfs[0].uATARegLCylHOB = pCtl->aIfs[0].uATARegLCyl;
4333 pCtl->aIfs[1].uATARegLCylHOB = pCtl->aIfs[1].uATARegLCyl;
4334 pCtl->aIfs[0].uATARegLCyl = val;
4335 pCtl->aIfs[1].uATARegLCyl = val;
4336 break;
4337 case 5: /* cylinder high */
4338 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
4339 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
4340 pCtl->aIfs[0].uATARegHCylHOB = pCtl->aIfs[0].uATARegHCyl;
4341 pCtl->aIfs[1].uATARegHCylHOB = pCtl->aIfs[1].uATARegHCyl;
4342 pCtl->aIfs[0].uATARegHCyl = val;
4343 pCtl->aIfs[1].uATARegHCyl = val;
4344 break;
4345 case 6: /* drive/head */
4346 pCtl->aIfs[0].uATARegSelect = (val & ~0x10) | 0xa0;
4347 pCtl->aIfs[1].uATARegSelect = (val | 0x10) | 0xa0;
4348 if (((val >> 4) & 1) != pCtl->iSelectedIf)
4349 {
4350 PPDMDEVINS pDevIns = CONTROLLER_2_DEVINS(pCtl);
4351
4352 /* select another drive */
4353 pCtl->iSelectedIf = (val >> 4) & 1;
4354 /* The IRQ line is multiplexed between the two drives, so
4355 * update the state when switching to another drive. Only need
4356 * to update interrupt line if it is enabled and there is a
4357 * state change. */
4358 if ( !(pCtl->aIfs[pCtl->iSelectedIf].uATARegDevCtl & ATA_DEVCTL_DISABLE_IRQ)
4359 && ( pCtl->aIfs[pCtl->iSelectedIf].fIrqPending
4360 != pCtl->aIfs[pCtl->iSelectedIf ^ 1].fIrqPending))
4361 {
4362 if (pCtl->aIfs[pCtl->iSelectedIf].fIrqPending)
4363 {
4364 Log2(("%s: LUN#%d asserting IRQ (drive select change)\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf].iLUN));
4365 /* The BMDMA unit unconditionally sets BM_STATUS_INT if
4366 * the interrupt line is asserted. It monitors the line
4367 * for a rising edge. */
4368 pCtl->BmDma.u8Status |= BM_STATUS_INT;
4369 if (pCtl->irq == 16)
4370 PDMDevHlpPCISetIrq(pDevIns, 0, 1);
4371 else
4372 PDMDevHlpISASetIrq(pDevIns, pCtl->irq, 1);
4373 }
4374 else
4375 {
4376 Log2(("%s: LUN#%d deasserting IRQ (drive select change)\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf].iLUN));
4377 if (pCtl->irq == 16)
4378 PDMDevHlpPCISetIrq(pDevIns, 0, 0);
4379 else
4380 PDMDevHlpISASetIrq(pDevIns, pCtl->irq, 0);
4381 }
4382 }
4383 }
4384 break;
4385 default:
4386 case 7: /* command */
4387 /* ignore commands to non-existent device */
4388 if (pCtl->iSelectedIf && !pCtl->aIfs[pCtl->iSelectedIf].pDrvMedia)
4389 break;
4390#ifndef IN_RING3
4391 /* Don't do anything complicated in GC */
4392 return VINF_IOM_R3_IOPORT_WRITE;
4393#else /* IN_RING3 */
4394 ataR3ParseCmd(&pCtl->aIfs[pCtl->iSelectedIf], val);
4395#endif /* !IN_RING3 */
4396 }
4397 return VINF_SUCCESS;
4398}
4399
4400
4401static int ataIOPortReadU8(PATACONTROLLER pCtl, uint32_t addr, uint32_t *pu32)
4402{
4403 ATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
4404 uint32_t val;
4405 bool fHOB;
4406
4407 /* Check if the guest is reading from a non-existent device. */
4408 if (!s->pDrvMedia)
4409 {
4410 if (pCtl->iSelectedIf) /* Device 1 selected, Device 0 responding for it. */
4411 {
4412 if (!pCtl->aIfs[0].pDrvMedia) /** @todo this case should never get here! */
4413 {
4414 Log2(("%s: addr=%#x: no device on channel\n", __FUNCTION__, addr));
4415 return VERR_IOM_IOPORT_UNUSED;
4416 }
4417 if (((addr & 7) != 1) && pCtl->aIfs[0].fATAPI) {
4418 Log2(("%s: addr=%#x, val=0: LUN#%d not attached/LUN#%d ATAPI\n", __FUNCTION__, addr,
4419 s->iLUN, pCtl->aIfs[0].iLUN));
4420 *pu32 = 0;
4421 return VINF_SUCCESS;
4422 }
4423 /* Else handle normally. */
4424 }
4425 else /* Device 0 selected (but not present). */
4426 {
4427 Log2(("%s: addr=%#x: LUN#%d not attached\n", __FUNCTION__, addr, s->iLUN));
4428 return VERR_IOM_IOPORT_UNUSED;
4429 }
4430 }
4431 fHOB = !!(s->uATARegDevCtl & (1 << 7));
4432 switch (addr & 7)
4433 {
4434 case 0: /* data register */
4435 val = 0xff;
4436 break;
4437 case 1: /* error register */
4438 /* The ATA specification is very terse when it comes to specifying
4439 * the precise effects of reading back the error/feature register.
4440 * The error register (read-only) shares the register number with
4441 * the feature register (write-only), so it seems that it's not
4442 * necessary to support the usual HOB readback here. */
4443 if (!s->pDrvMedia)
4444 val = 0;
4445 else
4446 val = s->uATARegError;
4447 break;
4448 case 2: /* sector count */
4449 if (fHOB)
4450 val = s->uATARegNSectorHOB;
4451 else
4452 val = s->uATARegNSector;
4453 break;
4454 case 3: /* sector number */
4455 if (fHOB)
4456 val = s->uATARegSectorHOB;
4457 else
4458 val = s->uATARegSector;
4459 break;
4460 case 4: /* cylinder low */
4461 if (fHOB)
4462 val = s->uATARegLCylHOB;
4463 else
4464 val = s->uATARegLCyl;
4465 break;
4466 case 5: /* cylinder high */
4467 if (fHOB)
4468 val = s->uATARegHCylHOB;
4469 else
4470 val = s->uATARegHCyl;
4471 break;
4472 case 6: /* drive/head */
4473 /* This register must always work as long as there is at least
4474 * one drive attached to the controller. It is common between
4475 * both drives anyway (completely identical content). */
4476 if (!pCtl->aIfs[0].pDrvMedia && !pCtl->aIfs[1].pDrvMedia)
4477 val = 0;
4478 else
4479 val = s->uATARegSelect;
4480 break;
4481 default:
4482 case 7: /* primary status */
4483 {
4484 /* Counter for number of busy status seen in GC in a row. */
4485 static unsigned cBusy = 0;
4486
4487 if (!s->pDrvMedia)
4488 val = 0;
4489 else
4490 val = s->uATARegStatus;
4491
4492 /* Give the async I/O thread an opportunity to make progress,
4493 * don't let it starve by guests polling frequently. EMT has a
4494 * lower priority than the async I/O thread, but sometimes the
4495 * host OS doesn't care. With some guests we are only allowed to
4496 * be busy for about 5 milliseconds in some situations. Note that
4497 * this is no guarantee for any other VBox thread getting
4498 * scheduled, so this just lowers the CPU load a bit when drives
4499 * are busy. It cannot help with timing problems. */
4500 if (val & ATA_STAT_BUSY)
4501 {
4502#ifdef IN_RING3
4503 cBusy = 0;
4504 PDMCritSectLeave(&pCtl->lock);
4505
4506#ifndef RT_OS_WINDOWS
4507 /*
4508 * The thread might be stuck in an I/O operation
4509 * due to a high I/O load on the host. (see @bugref{3301})
4510 * To perform the reset successfully
4511 * we interrupt the operation by sending a signal to the thread
4512 * if the thread didn't responded in 10ms.
4513 * This works only on POSIX hosts (Windows has a CancelSynchronousIo function which
4514 * does the same but it was introduced with Vista) but so far
4515 * this hang was only observed on Linux and Mac OS X.
4516 *
4517 * This is a workaround and needs to be solved properly.
4518 */
4519 if (pCtl->fReset)
4520 {
4521 uint64_t u64ResetTimeStop = RTTimeMilliTS();
4522
4523 if ((u64ResetTimeStop - pCtl->u64ResetTime) >= 10)
4524 {
4525 LogRel(("PIIX3 ATA LUN#%d: Async I/O thread probably stuck in operation, interrupting\n", s->iLUN));
4526 pCtl->u64ResetTime = u64ResetTimeStop;
4527 RTThreadPoke(pCtl->AsyncIOThread);
4528 }
4529 }
4530#endif
4531
4532 RTThreadYield();
4533
4534 {
4535 STAM_PROFILE_START(&pCtl->StatLockWait, a);
4536 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
4537 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
4538 }
4539
4540 val = s->uATARegStatus;
4541#else /* !IN_RING3 */
4542 /* Cannot yield CPU in raw-mode and ring-0 context. And switching
4543 * to host context for each and every busy status is too costly,
4544 * especially on SMP systems where we don't gain much by
4545 * yielding the CPU to someone else. */
4546 if (++cBusy >= 20)
4547 {
4548 cBusy = 0;
4549 return VINF_IOM_R3_IOPORT_READ;
4550 }
4551#endif /* !IN_RING3 */
4552 }
4553 else
4554 cBusy = 0;
4555 ataUnsetIRQ(s);
4556 break;
4557 }
4558 }
4559 Log2(("%s: LUN#%d addr=%#x val=%#04x\n", __FUNCTION__, s->iLUN, addr, val));
4560 *pu32 = val;
4561 return VINF_SUCCESS;
4562}
4563
4564
4565static uint32_t ataStatusRead(PATACONTROLLER pCtl, uint32_t addr)
4566{
4567 ATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
4568 uint32_t val;
4569
4570 //@todo: The handler should not be even registered if there
4571 // is no device on an IDE channel.
4572 if (!pCtl->aIfs[0].pDrvMedia && !pCtl->aIfs[1].pDrvMedia)
4573 val = 0xff;
4574 else if (pCtl->iSelectedIf == 1 && !s->pDrvMedia)
4575 val = 0; /* Device 1 selected, Device 0 responding for it. */
4576 else
4577 val = s->uATARegStatus;
4578 Log2(("%s: addr=%#x val=%#04x\n", __FUNCTION__, addr, val));
4579 return val;
4580}
4581
4582static int ataControlWrite(PATACONTROLLER pCtl, uint32_t addr, uint32_t val)
4583{
4584#ifndef IN_RING3
4585 if ((val ^ pCtl->aIfs[0].uATARegDevCtl) & ATA_DEVCTL_RESET)
4586 return VINF_IOM_R3_IOPORT_WRITE; /* The RESET stuff is too complicated for RC+R0. */
4587#endif /* !IN_RING3 */
4588
4589 Log2(("%s: addr=%#x val=%#04x\n", __FUNCTION__, addr, val));
4590 /* RESET is common for both drives attached to a controller. */
4591 if ( !(pCtl->aIfs[0].uATARegDevCtl & ATA_DEVCTL_RESET)
4592 && (val & ATA_DEVCTL_RESET))
4593 {
4594#ifdef IN_RING3
4595 /* Software RESET low to high */
4596 int32_t uCmdWait0 = -1;
4597 int32_t uCmdWait1 = -1;
4598 uint64_t uNow = RTTimeNanoTS();
4599 if (pCtl->aIfs[0].u64CmdTS)
4600 uCmdWait0 = (uNow - pCtl->aIfs[0].u64CmdTS) / 1000;
4601 if (pCtl->aIfs[1].u64CmdTS)
4602 uCmdWait1 = (uNow - pCtl->aIfs[1].u64CmdTS) / 1000;
4603 LogRel(("PIIX3 ATA: Ctl#%d: RESET, DevSel=%d AIOIf=%d CmdIf0=%#04x (%d usec ago) CmdIf1=%#04x (%d usec ago)\n",
4604 ATACONTROLLER_IDX(pCtl), pCtl->iSelectedIf, pCtl->iAIOIf,
4605 pCtl->aIfs[0].uATARegCommand, uCmdWait0,
4606 pCtl->aIfs[1].uATARegCommand, uCmdWait1));
4607 pCtl->fReset = true;
4608 /* Everything must be done after the reset flag is set, otherwise
4609 * there are unavoidable races with the currently executing request
4610 * (which might just finish in the mean time). */
4611 pCtl->fChainedTransfer = false;
4612 for (uint32_t i = 0; i < RT_ELEMENTS(pCtl->aIfs); i++)
4613 {
4614 ataR3ResetDevice(&pCtl->aIfs[i]);
4615 /* The following cannot be done using ataSetStatusValue() since the
4616 * reset flag is already set, which suppresses all status changes. */
4617 pCtl->aIfs[i].uATARegStatus = ATA_STAT_BUSY | ATA_STAT_SEEK;
4618 Log2(("%s: LUN#%d status %#04x\n", __FUNCTION__, pCtl->aIfs[i].iLUN, pCtl->aIfs[i].uATARegStatus));
4619 pCtl->aIfs[i].uATARegError = 0x01;
4620 }
4621 ataR3AsyncIOClearRequests(pCtl);
4622 Log2(("%s: Ctl#%d: message to async I/O thread, resetA\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
4623 if (val & ATA_DEVCTL_HOB)
4624 {
4625 val &= ~ATA_DEVCTL_HOB;
4626 Log2(("%s: ignored setting HOB\n", __FUNCTION__));
4627 }
4628
4629 /* Save the timestamp we started the reset. */
4630 pCtl->u64ResetTime = RTTimeMilliTS();
4631
4632 /* Issue the reset request now. */
4633 ataHCAsyncIOPutRequest(pCtl, &g_ataResetARequest);
4634#else /* !IN_RING3 */
4635 AssertMsgFailed(("RESET handling is too complicated for GC\n"));
4636#endif /* IN_RING3 */
4637 }
4638 else if ( (pCtl->aIfs[0].uATARegDevCtl & ATA_DEVCTL_RESET)
4639 && !(val & ATA_DEVCTL_RESET))
4640 {
4641#ifdef IN_RING3
4642 /* Software RESET high to low */
4643 Log(("%s: deasserting RESET\n", __FUNCTION__));
4644 Log2(("%s: Ctl#%d: message to async I/O thread, resetC\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
4645 if (val & ATA_DEVCTL_HOB)
4646 {
4647 val &= ~ATA_DEVCTL_HOB;
4648 Log2(("%s: ignored setting HOB\n", __FUNCTION__));
4649 }
4650 ataHCAsyncIOPutRequest(pCtl, &g_ataResetCRequest);
4651#else /* !IN_RING3 */
4652 AssertMsgFailed(("RESET handling is too complicated for GC\n"));
4653#endif /* IN_RING3 */
4654 }
4655
4656 /* Change of interrupt disable flag. Update interrupt line if interrupt
4657 * is pending on the current interface. */
4658 if ( ((val ^ pCtl->aIfs[0].uATARegDevCtl) & ATA_DEVCTL_DISABLE_IRQ)
4659 && pCtl->aIfs[pCtl->iSelectedIf].fIrqPending)
4660 {
4661 if (!(val & ATA_DEVCTL_DISABLE_IRQ))
4662 {
4663 Log2(("%s: LUN#%d asserting IRQ (interrupt disable change)\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf].iLUN));
4664 /* The BMDMA unit unconditionally sets BM_STATUS_INT if the
4665 * interrupt line is asserted. It monitors the line for a rising
4666 * edge. */
4667 pCtl->BmDma.u8Status |= BM_STATUS_INT;
4668 if (pCtl->irq == 16)
4669 PDMDevHlpPCISetIrq(CONTROLLER_2_DEVINS(pCtl), 0, 1);
4670 else
4671 PDMDevHlpISASetIrq(CONTROLLER_2_DEVINS(pCtl), pCtl->irq, 1);
4672 }
4673 else
4674 {
4675 Log2(("%s: LUN#%d deasserting IRQ (interrupt disable change)\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf].iLUN));
4676 if (pCtl->irq == 16)
4677 PDMDevHlpPCISetIrq(CONTROLLER_2_DEVINS(pCtl), 0, 0);
4678 else
4679 PDMDevHlpISASetIrq(CONTROLLER_2_DEVINS(pCtl), pCtl->irq, 0);
4680 }
4681 }
4682
4683 if (val & ATA_DEVCTL_HOB)
4684 Log2(("%s: set HOB\n", __FUNCTION__));
4685
4686 pCtl->aIfs[0].uATARegDevCtl = val;
4687 pCtl->aIfs[1].uATARegDevCtl = val;
4688
4689 return VINF_SUCCESS;
4690}
4691
4692#if defined(IN_RING0) || defined(IN_RING3)
4693
4694static void ataHCPIOTransfer(PATACONTROLLER pCtl)
4695{
4696 ATADevState *s;
4697
4698 s = &pCtl->aIfs[pCtl->iAIOIf];
4699 Log3(("%s: if=%p\n", __FUNCTION__, s));
4700
4701 if (s->cbTotalTransfer && s->iIOBufferCur > s->iIOBufferEnd)
4702 {
4703# ifdef IN_RING3
4704 LogRel(("PIIX3 ATA: LUN#%d: %s data in the middle of a PIO transfer - VERY SLOW\n", s->iLUN, s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE ? "loading" : "storing"));
4705 /* Any guest OS that triggers this case has a pathetic ATA driver.
4706 * In a real system it would block the CPU via IORDY, here we do it
4707 * very similarly by not continuing with the current instruction
4708 * until the transfer to/from the storage medium is completed. */
4709 if (s->iSourceSink != ATAFN_SS_NULL)
4710 {
4711 bool fRedo;
4712 uint8_t status = s->uATARegStatus;
4713 ataSetStatusValue(s, ATA_STAT_BUSY);
4714 Log2(("%s: calling source/sink function\n", __FUNCTION__));
4715 fRedo = g_apfnSourceSinkFuncs[s->iSourceSink](s);
4716 pCtl->fRedo = fRedo;
4717 if (RT_UNLIKELY(fRedo))
4718 return;
4719 ataSetStatusValue(s, status);
4720 s->iIOBufferCur = 0;
4721 s->iIOBufferEnd = s->cbElementaryTransfer;
4722 }
4723# else
4724 AssertReleaseFailed();
4725# endif
4726 }
4727 if (s->cbTotalTransfer)
4728 {
4729 if (s->fATAPITransfer)
4730 ataHCPIOTransferLimitATAPI(s);
4731
4732 if (s->uTxDir == PDMMEDIATXDIR_TO_DEVICE && s->cbElementaryTransfer > s->cbTotalTransfer)
4733 s->cbElementaryTransfer = s->cbTotalTransfer;
4734
4735 Log2(("%s: %s tx_size=%d elem_tx_size=%d index=%d end=%d\n",
4736 __FUNCTION__, s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE ? "T2I" : "I2T",
4737 s->cbTotalTransfer, s->cbElementaryTransfer,
4738 s->iIOBufferCur, s->iIOBufferEnd));
4739 ataHCPIOTransferStart(s, s->iIOBufferCur, s->cbElementaryTransfer);
4740 s->cbTotalTransfer -= s->cbElementaryTransfer;
4741 s->iIOBufferCur += s->cbElementaryTransfer;
4742
4743 if (s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE && s->cbElementaryTransfer > s->cbTotalTransfer)
4744 s->cbElementaryTransfer = s->cbTotalTransfer;
4745 }
4746 else
4747 ataHCPIOTransferStop(s);
4748}
4749
4750
4751DECLINLINE(void) ataHCPIOTransferFinish(PATACONTROLLER pCtl, ATADevState *s)
4752{
4753 /* Do not interfere with RESET processing if the PIO transfer finishes
4754 * while the RESET line is asserted. */
4755 if (pCtl->fReset)
4756 {
4757 Log2(("%s: Ctl#%d: suppressed continuing PIO transfer as RESET is active\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
4758 return;
4759 }
4760
4761 if ( s->uTxDir == PDMMEDIATXDIR_TO_DEVICE
4762 || ( s->iSourceSink != ATAFN_SS_NULL
4763 && s->iIOBufferCur >= s->iIOBufferEnd))
4764 {
4765 /* Need to continue the transfer in the async I/O thread. This is
4766 * the case for write operations or generally for not yet finished
4767 * transfers (some data might need to be read). */
4768 ataUnsetStatus(s, ATA_STAT_READY | ATA_STAT_DRQ);
4769 ataSetStatus(s, ATA_STAT_BUSY);
4770
4771 Log2(("%s: Ctl#%d: message to async I/O thread, continuing PIO transfer\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
4772 ataHCAsyncIOPutRequest(pCtl, &g_ataPIORequest);
4773 }
4774 else
4775 {
4776 /* Either everything finished (though some data might still be pending)
4777 * or some data is pending before the next read is due. */
4778
4779 /* Continue a previously started transfer. */
4780 ataUnsetStatus(s, ATA_STAT_DRQ);
4781 ataSetStatus(s, ATA_STAT_READY);
4782
4783 if (s->cbTotalTransfer)
4784 {
4785 /* There is more to transfer, happens usually for large ATAPI
4786 * reads - the protocol limits the chunk size to 65534 bytes. */
4787 ataHCPIOTransfer(pCtl);
4788 ataHCSetIRQ(s);
4789 }
4790 else
4791 {
4792 Log2(("%s: Ctl#%d: skipping message to async I/O thread, ending PIO transfer\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
4793 /* Finish PIO transfer. */
4794 ataHCPIOTransfer(pCtl);
4795 Assert(!pCtl->fRedo);
4796 }
4797 }
4798}
4799
4800#endif /* IN_RING0 || IN_RING3 */
4801
4802/**
4803 * Fallback for ataCopyPioData124 that handles unaligned and out of bounds cases.
4804 *
4805 * @param pIf The device interface to work with.
4806 * @param pbDst The destination buffer.
4807 * @param pbSrc The source buffer.
4808 * @param cbCopy The number of bytes to copy, either 1, 2 or 4 bytes.
4809 */
4810DECL_NO_INLINE(static, void) ataCopyPioData124Slow(ATADevState *pIf, uint8_t *pbDst, const uint8_t *pbSrc, uint32_t cbCopy)
4811{
4812 uint32_t const offStart = pIf->iIOBufferPIODataStart;
4813 uint32_t const offNext = offStart + cbCopy;
4814
4815 if (offStart + cbCopy > pIf->cbIOBuffer)
4816 {
4817 Log(("%s: cbCopy=%#x offStart=%#x cbIOBuffer=%#x offNext=%#x (iIOBufferPIODataEnd=%#x)\n",
4818 __FUNCTION__, cbCopy, offStart, pIf->cbIOBuffer, offNext, pIf->iIOBufferPIODataEnd));
4819 if (offStart < pIf->cbIOBuffer)
4820 cbCopy = pIf->cbIOBuffer - offStart;
4821 else
4822 cbCopy = 0;
4823 }
4824
4825 switch (cbCopy)
4826 {
4827 case 4: pbDst[3] = pbSrc[3]; /* fall thru */
4828 case 3: pbDst[2] = pbSrc[2]; /* fall thru */
4829 case 2: pbDst[1] = pbSrc[1]; /* fall thru */
4830 case 1: pbDst[0] = pbSrc[0]; /* fall thru */
4831 case 0: break;
4832 default: AssertFailed(); /* impossible */
4833 }
4834
4835 pIf->iIOBufferPIODataStart = offNext;
4836
4837}
4838
4839
4840/**
4841 * Work for ataDataWrite & ataDataRead that copies data without using memcpy.
4842 *
4843 * This also updates pIf->iIOBufferPIODataStart.
4844 *
4845 * The two buffers are either stack (32-bit aligned) or somewhere within
4846 * pIf->pbIOBuffer.
4847 *
4848 * @param pIf The device interface to work with.
4849 * @param pbDst The destination buffer.
4850 * @param pbSrc The source buffer.
4851 * @param cbCopy The number of bytes to copy, either 1, 2 or 4 bytes.
4852 */
4853DECLINLINE(void) ataCopyPioData124(ATADevState *pIf, uint8_t *pbDst, const uint8_t *pbSrc, uint32_t cbCopy)
4854{
4855 /*
4856 * Quick bounds checking can be done by checking that the pbIOBuffer offset
4857 * (iIOBufferPIODataStart) is aligned at the transfer size (which is ASSUMED
4858 * to be 1, 2 or 4). However, since we're paranoid and don't currently
4859 * trust iIOBufferPIODataEnd to be within bounds, we current check against the
4860 * IO buffer size too.
4861 */
4862 Assert(cbCopy == 1 || cbCopy == 2 || cbCopy == 4);
4863 uint32_t const offStart = pIf->iIOBufferPIODataStart;
4864 if (RT_LIKELY( !(offStart & (cbCopy - 1))
4865 && offStart + cbCopy <= pIf->cbIOBuffer))
4866 {
4867 switch (cbCopy)
4868 {
4869 case 4: *(uint32_t *)pbDst = *(uint32_t const *)pbSrc; break;
4870 case 2: *(uint16_t *)pbDst = *(uint16_t const *)pbSrc; break;
4871 case 1: *pbDst = *pbSrc; break;
4872 }
4873 pIf->iIOBufferPIODataStart = offStart + cbCopy;
4874 }
4875 else
4876 ataCopyPioData124Slow(pIf, pbDst, pbSrc, cbCopy);
4877}
4878
4879
4880/**
4881 * Port I/O Handler for primary port range OUT operations.
4882 * @see FNIOMIOPORTOUT for details.
4883 */
4884PDMBOTHCBDECL(int) ataIOPortWrite1Data(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t u32, unsigned cb)
4885{
4886 uint32_t i = (uint32_t)(uintptr_t)pvUser;
4887 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
4888 PATACONTROLLER pCtl = &pThis->aCts[i];
4889
4890 Assert(i < 2);
4891 Assert(Port == pCtl->IOPortBase1);
4892 Assert(cb == 2 || cb == 4); /* Writes to the data port may be 16-bit or 32-bit. */
4893
4894 int rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_WRITE);
4895 if (rc == VINF_SUCCESS)
4896 {
4897 ATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
4898
4899 if (s->iIOBufferPIODataStart < s->iIOBufferPIODataEnd)
4900 {
4901 Assert(s->uTxDir == PDMMEDIATXDIR_TO_DEVICE);
4902 uint8_t *pbDst = s->CTX_SUFF(pbIOBuffer) + s->iIOBufferPIODataStart;
4903 uint8_t const *pbSrc = (uint8_t const *)&u32;
4904
4905#ifdef IN_RC
4906 /* Raw-mode: The ataHCPIOTransfer following the last transfer unit
4907 requires I/O thread signalling, we must go to ring-3 for that. */
4908 if (s->iIOBufferPIODataStart + cb < s->iIOBufferPIODataEnd)
4909 ataCopyPioData124(s, pbDst, pbSrc, cb);
4910 else
4911 rc = VINF_IOM_R3_IOPORT_WRITE;
4912
4913#elif defined(IN_RING0)
4914 /* Ring-0: We can do I/O thread signalling here, however for paranoid reasons
4915 triggered by a special case in ataHCPIOTransferFinish, we take extra care here. */
4916 if (s->iIOBufferPIODataStart + cb < s->iIOBufferPIODataEnd)
4917 ataCopyPioData124(s, pbDst, pbSrc, cb);
4918 else if (s->uTxDir == PDMMEDIATXDIR_TO_DEVICE) /* paranoia */
4919 {
4920 ataCopyPioData124(s, pbDst, pbSrc, cb);
4921 ataHCPIOTransferFinish(pCtl, s);
4922 }
4923 else
4924 {
4925 Log(("%s: Unexpected\n",__FUNCTION__));
4926 rc = VINF_IOM_R3_IOPORT_WRITE;
4927 }
4928
4929#else /* IN_RING 3*/
4930 ataCopyPioData124(s, pbDst, pbSrc, cb);
4931 if (s->iIOBufferPIODataStart >= s->iIOBufferPIODataEnd)
4932 ataHCPIOTransferFinish(pCtl, s);
4933#endif /* IN_RING 3*/
4934 }
4935 else
4936 Log2(("%s: DUMMY data\n", __FUNCTION__));
4937
4938 Log3(("%s: addr=%#x val=%.*Rhxs rc=%d\n", __FUNCTION__, Port, cb, &u32, rc));
4939 PDMCritSectLeave(&pCtl->lock);
4940 }
4941 else
4942 Log3(("%s: addr=%#x -> %d\n", __FUNCTION__, Port, rc));
4943 return rc;
4944}
4945
4946
4947/**
4948 * Port I/O Handler for primary port range IN operations.
4949 * @see FNIOMIOPORTIN for details.
4950 */
4951PDMBOTHCBDECL(int) ataIOPortRead1Data(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t *pu32, unsigned cb)
4952{
4953 uint32_t i = (uint32_t)(uintptr_t)pvUser;
4954 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
4955 PATACONTROLLER pCtl = &pThis->aCts[i];
4956
4957 Assert(i < 2);
4958 Assert(Port == pCtl->IOPortBase1);
4959
4960 /* Reads from the data register may be 16-bit or 32-bit. Byte accesses are
4961 upgraded to word. */
4962 Assert(cb == 1 || cb == 2 || cb == 4);
4963 uint32_t cbActual = cb != 1 ? cb : 2;
4964 *pu32 = 0;
4965
4966 int rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_READ);
4967 if (rc == VINF_SUCCESS)
4968 {
4969 ATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
4970
4971 if (s->iIOBufferPIODataStart < s->iIOBufferPIODataEnd)
4972 {
4973 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
4974 uint8_t const *pbSrc = s->CTX_SUFF(pbIOBuffer) + s->iIOBufferPIODataStart;
4975 uint8_t *pbDst = (uint8_t *)pu32;
4976
4977#ifdef IN_RC
4978 /* All but the last transfer unit is simple enough for RC, but
4979 * sending a request to the async IO thread is too complicated. */
4980 if (s->iIOBufferPIODataStart + cbActual < s->iIOBufferPIODataEnd)
4981 ataCopyPioData124(s, pbDst, pbSrc, cbActual);
4982 else
4983 rc = VINF_IOM_R3_IOPORT_READ;
4984
4985#elif defined(IN_RING0)
4986 /* Ring-0: We can do I/O thread signalling here. However there is one
4987 case in ataHCPIOTransfer that does a LogRel and would (but not from
4988 here) call directly into the driver code. We detect that odd case
4989 here cand return to ring-3 to handle it. */
4990 if (s->iIOBufferPIODataStart + cbActual < s->iIOBufferPIODataEnd)
4991 ataCopyPioData124(s, pbDst, pbSrc, cbActual);
4992 else if ( s->cbTotalTransfer == 0
4993 || s->iSourceSink != ATAFN_SS_NULL
4994 || s->iIOBufferCur <= s->iIOBufferEnd)
4995 {
4996 ataCopyPioData124(s, pbDst, pbSrc, cbActual);
4997 ataHCPIOTransferFinish(pCtl, s);
4998 }
4999 else
5000 {
5001 Log(("%s: Unexpected\n",__FUNCTION__));
5002 rc = VINF_IOM_R3_IOPORT_READ;
5003 }
5004
5005#else /* IN_RING3 */
5006 ataCopyPioData124(s, pbDst, pbSrc, cbActual);
5007 if (s->iIOBufferPIODataStart >= s->iIOBufferPIODataEnd)
5008 ataHCPIOTransferFinish(pCtl, s);
5009#endif /* IN_RING3 */
5010
5011 /* Just to be on the safe side (caller takes care of this, really). */
5012 if (cb == 1)
5013 *pu32 &= 0xff;
5014 }
5015 else
5016 {
5017 Log2(("%s: DUMMY data\n", __FUNCTION__));
5018 memset(pu32, 0xff, cb);
5019 }
5020 Log3(("%s: addr=%#x val=%.*Rhxs rc=%d\n", __FUNCTION__, Port, cb, pu32, rc));
5021
5022 PDMCritSectLeave(&pCtl->lock);
5023 }
5024 else
5025 Log3(("%s: addr=%#x -> %d\n", __FUNCTION__, Port, rc));
5026
5027 return rc;
5028}
5029
5030
5031/**
5032 * Port I/O Handler for primary port range IN string operations.
5033 * @see FNIOMIOPORTINSTRING for details.
5034 */
5035PDMBOTHCBDECL(int) ataIOPortReadStr1Data(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint8_t *pbDst,
5036 uint32_t *pcTransfers, unsigned cb)
5037{
5038 uint32_t i = (uint32_t)(uintptr_t)pvUser;
5039 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
5040 PATACONTROLLER pCtl = &pThis->aCts[i];
5041
5042 Assert(i < 2);
5043 Assert(Port == pCtl->IOPortBase1);
5044 Assert(*pcTransfers > 0);
5045
5046 int rc;
5047 if (cb == 2 || cb == 4)
5048 {
5049 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_READ);
5050 if (rc == VINF_SUCCESS)
5051 {
5052 ATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
5053
5054 uint32_t const offStart = s->iIOBufferPIODataStart;
5055 if (offStart < s->iIOBufferPIODataEnd)
5056 {
5057 /*
5058 * Figure how much we can copy. Usually it's the same as the request.
5059 * The last transfer unit cannot be handled in RC, as it involves
5060 * thread communication. In R0 we let the non-string callback handle it,
5061 * and ditto for overflows/dummy data.
5062 */
5063 uint32_t cAvailable = (s->iIOBufferPIODataEnd - offStart) / cb;
5064#ifndef IN_RING3
5065 if (cAvailable > 0)
5066 cAvailable--;
5067#endif
5068 uint32_t const cRequested = *pcTransfers;
5069 if (cAvailable > cRequested)
5070 cAvailable = cRequested;
5071 uint32_t const cbTransfer = cAvailable * cb;
5072 if ( offStart + cbTransfer <= s->cbIOBuffer
5073 && cbTransfer > 0)
5074 {
5075 /*
5076 * Do the transfer.
5077 */
5078 uint8_t const *pbSrc = s->CTX_SUFF(pbIOBuffer) + offStart;
5079 memcpy(pbDst, pbSrc, cbTransfer);
5080 Log3(("%s: addr=%#x cb=%#x cbTransfer=%#x val=%.*Rhxd\n",
5081 __FUNCTION__, Port, cb, cbTransfer, cbTransfer, pbSrc));
5082 s->iIOBufferPIODataStart = offStart + cbTransfer;
5083
5084#ifdef IN_RING3
5085 if (s->iIOBufferPIODataStart >= s->iIOBufferPIODataEnd)
5086 ataHCPIOTransferFinish(pCtl, s);
5087#endif
5088 *pcTransfers = cRequested - cAvailable;
5089 }
5090 else
5091 Log2(("ataIOPortReadStr1Data: DUMMY/Overflow!\n"));
5092 }
5093 else
5094 {
5095 /*
5096 * Dummy read (shouldn't happen) return 0xff like the non-string handler.
5097 */
5098 Log2(("ataIOPortReadStr1Data: DUMMY data (%#x bytes)\n", *pcTransfers * cb));
5099 memset(pbDst, 0xff, *pcTransfers * cb);
5100 *pcTransfers = 0;
5101 }
5102
5103 PDMCritSectLeave(&pCtl->lock);
5104 }
5105 }
5106 /*
5107 * Let the non-string I/O callback handle 1 byte reads.
5108 */
5109 else
5110 {
5111 Log2(("ataIOPortReadStr1Data: 1 byte read (%#x transfers)\n", *pcTransfers));
5112 AssertFailed();
5113 rc = VINF_SUCCESS;
5114 }
5115 return rc;
5116}
5117
5118
5119/**
5120 * Port I/O Handler for primary port range OUT string operations.
5121 * @see FNIOMIOPORTOUTSTRING for details.
5122 */
5123PDMBOTHCBDECL(int) ataIOPortWriteStr1Data(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint8_t const *pbSrc,
5124 uint32_t *pcTransfers, unsigned cb)
5125{
5126 uint32_t i = (uint32_t)(uintptr_t)pvUser;
5127 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
5128 PATACONTROLLER pCtl = &pThis->aCts[i];
5129
5130 Assert(i < 2);
5131 Assert(Port == pCtl->IOPortBase1);
5132 Assert(*pcTransfers > 0);
5133
5134 int rc;
5135 if (cb == 2 || cb == 4)
5136 {
5137 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_WRITE);
5138 if (rc == VINF_SUCCESS)
5139 {
5140 ATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
5141
5142 uint32_t const offStart = s->iIOBufferPIODataStart;
5143 if (offStart < s->iIOBufferPIODataEnd)
5144 {
5145 /*
5146 * Figure how much we can copy. Usually it's the same as the request.
5147 * The last transfer unit cannot be handled in RC, as it involves
5148 * thread communication. In R0 we let the non-string callback handle it,
5149 * and ditto for overflows/dummy data.
5150 */
5151 uint32_t cAvailable = (s->iIOBufferPIODataEnd - offStart) / cb;
5152#ifndef IN_RING3
5153 if (cAvailable)
5154 cAvailable--;
5155#endif
5156 uint32_t const cRequested = *pcTransfers;
5157 if (cAvailable > cRequested)
5158 cAvailable = cRequested;
5159 uint32_t const cbTransfer = cAvailable * cb;
5160 if ( offStart + cbTransfer <= s->cbIOBuffer
5161 && cbTransfer)
5162 {
5163 /*
5164 * Do the transfer.
5165 */
5166 void *pvDst = s->CTX_SUFF(pbIOBuffer) + offStart;
5167 memcpy(pvDst, pbSrc, cbTransfer);
5168 Log3(("%s: addr=%#x val=%.*Rhxs\n", __FUNCTION__, Port, cbTransfer, pvDst));
5169 s->iIOBufferPIODataStart = offStart + cbTransfer;
5170
5171#ifdef IN_RING3
5172 if (s->iIOBufferPIODataStart >= s->iIOBufferPIODataEnd)
5173 ataHCPIOTransferFinish(pCtl, s);
5174#endif
5175 *pcTransfers = cRequested - cAvailable;
5176 }
5177 else
5178 Log2(("ataIOPortWriteStr1Data: DUMMY/Overflow!\n"));
5179 }
5180 else
5181 {
5182 Log2(("ataIOPortWriteStr1Data: DUMMY data (%#x bytes)\n", *pcTransfers * cb));
5183 *pcTransfers = 0;
5184 }
5185
5186 PDMCritSectLeave(&pCtl->lock);
5187 }
5188 }
5189 /*
5190 * Let the non-string I/O callback handle 1 byte reads.
5191 */
5192 else
5193 {
5194 Log2(("ataIOPortWriteStr1Data: 1 byte write (%#x transfers)\n", *pcTransfers));
5195 AssertFailed();
5196 rc = VINF_SUCCESS;
5197 }
5198
5199 return rc;
5200}
5201
5202
5203#ifdef IN_RING3
5204
5205static void ataR3DMATransferStop(ATADevState *s)
5206{
5207 s->cbTotalTransfer = 0;
5208 s->cbElementaryTransfer = 0;
5209 s->iBeginTransfer = ATAFN_BT_NULL;
5210 s->iSourceSink = ATAFN_SS_NULL;
5211}
5212
5213
5214/**
5215 * Perform the entire DMA transfer in one go (unless a source/sink operation
5216 * has to be redone or a RESET comes in between). Unlike the PIO counterpart
5217 * this function cannot handle empty transfers.
5218 *
5219 * @param pCtl Controller for which to perform the transfer.
5220 */
5221static void ataR3DMATransfer(PATACONTROLLER pCtl)
5222{
5223 PPDMDEVINS pDevIns = CONTROLLER_2_DEVINS(pCtl);
5224 ATADevState *s = &pCtl->aIfs[pCtl->iAIOIf];
5225 bool fRedo;
5226 RTGCPHYS32 pDesc;
5227 uint32_t cbTotalTransfer, cbElementaryTransfer;
5228 uint32_t iIOBufferCur, iIOBufferEnd;
5229 uint32_t dmalen;
5230 PDMMEDIATXDIR uTxDir;
5231 bool fLastDesc = false;
5232
5233 Assert(sizeof(BMDMADesc) == 8);
5234
5235 fRedo = pCtl->fRedo;
5236 if (RT_LIKELY(!fRedo))
5237 Assert(s->cbTotalTransfer);
5238 uTxDir = (PDMMEDIATXDIR)s->uTxDir;
5239 cbTotalTransfer = s->cbTotalTransfer;
5240 cbElementaryTransfer = s->cbElementaryTransfer;
5241 iIOBufferCur = s->iIOBufferCur;
5242 iIOBufferEnd = s->iIOBufferEnd;
5243
5244 /* The DMA loop is designed to hold the lock only when absolutely
5245 * necessary. This avoids long freezes should the guest access the
5246 * ATA registers etc. for some reason. */
5247 PDMCritSectLeave(&pCtl->lock);
5248
5249 Log2(("%s: %s tx_size=%d elem_tx_size=%d index=%d end=%d\n",
5250 __FUNCTION__, uTxDir == PDMMEDIATXDIR_FROM_DEVICE ? "T2I" : "I2T",
5251 cbTotalTransfer, cbElementaryTransfer,
5252 iIOBufferCur, iIOBufferEnd));
5253 for (pDesc = pCtl->pFirstDMADesc; pDesc <= pCtl->pLastDMADesc; pDesc += sizeof(BMDMADesc))
5254 {
5255 BMDMADesc DMADesc;
5256 RTGCPHYS32 pBuffer;
5257 uint32_t cbBuffer;
5258
5259 if (RT_UNLIKELY(fRedo))
5260 {
5261 pBuffer = pCtl->pRedoDMABuffer;
5262 cbBuffer = pCtl->cbRedoDMABuffer;
5263 fLastDesc = pCtl->fRedoDMALastDesc;
5264 }
5265 else
5266 {
5267 PDMDevHlpPhysRead(pDevIns, pDesc, &DMADesc, sizeof(BMDMADesc));
5268 pBuffer = RT_LE2H_U32(DMADesc.pBuffer);
5269 cbBuffer = RT_LE2H_U32(DMADesc.cbBuffer);
5270 fLastDesc = !!(cbBuffer & 0x80000000);
5271 cbBuffer &= 0xfffe;
5272 if (cbBuffer == 0)
5273 cbBuffer = 0x10000;
5274 if (cbBuffer > cbTotalTransfer)
5275 cbBuffer = cbTotalTransfer;
5276 }
5277
5278 while (RT_UNLIKELY(fRedo) || (cbBuffer && cbTotalTransfer))
5279 {
5280 if (RT_LIKELY(!fRedo))
5281 {
5282 dmalen = RT_MIN(cbBuffer, iIOBufferEnd - iIOBufferCur);
5283 Log2(("%s: DMA desc %#010x: addr=%#010x size=%#010x orig_size=%#010x\n", __FUNCTION__,
5284 (int)pDesc, pBuffer, cbBuffer, RT_LE2H_U32(DMADesc.cbBuffer) & 0xfffe));
5285
5286 PCIATAState *pATAState = PDMINS_2_DATA(pDevIns, PCIATAState *);
5287 AssertPtr(pATAState);
5288 if (uTxDir == PDMMEDIATXDIR_FROM_DEVICE)
5289 PDMDevHlpPCIPhysWrite(pDevIns, pBuffer, s->CTX_SUFF(pbIOBuffer) + iIOBufferCur, dmalen);
5290 else
5291 PDMDevHlpPCIPhysRead(pDevIns, pBuffer, s->CTX_SUFF(pbIOBuffer) + iIOBufferCur, dmalen);
5292
5293 iIOBufferCur += dmalen;
5294 cbTotalTransfer -= dmalen;
5295 cbBuffer -= dmalen;
5296 pBuffer += dmalen;
5297 }
5298 if ( iIOBufferCur == iIOBufferEnd
5299 && (uTxDir == PDMMEDIATXDIR_TO_DEVICE || cbTotalTransfer))
5300 {
5301 if (uTxDir == PDMMEDIATXDIR_FROM_DEVICE && cbElementaryTransfer > cbTotalTransfer)
5302 cbElementaryTransfer = cbTotalTransfer;
5303
5304 {
5305 STAM_PROFILE_START(&pCtl->StatLockWait, a);
5306 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
5307 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
5308 }
5309
5310 /* The RESET handler could have cleared the DMA transfer
5311 * state (since we didn't hold the lock until just now
5312 * the guest can continue in parallel). If so, the state
5313 * is already set up so the loop is exited immediately. */
5314 if (s->iSourceSink != ATAFN_SS_NULL)
5315 {
5316 s->iIOBufferCur = iIOBufferCur;
5317 s->iIOBufferEnd = iIOBufferEnd;
5318 s->cbElementaryTransfer = cbElementaryTransfer;
5319 s->cbTotalTransfer = cbTotalTransfer;
5320 Log2(("%s: calling source/sink function\n", __FUNCTION__));
5321 fRedo = g_apfnSourceSinkFuncs[s->iSourceSink](s);
5322 if (RT_UNLIKELY(fRedo))
5323 {
5324 pCtl->pFirstDMADesc = pDesc;
5325 pCtl->pRedoDMABuffer = pBuffer;
5326 pCtl->cbRedoDMABuffer = cbBuffer;
5327 pCtl->fRedoDMALastDesc = fLastDesc;
5328 }
5329 else
5330 {
5331 cbTotalTransfer = s->cbTotalTransfer;
5332 cbElementaryTransfer = s->cbElementaryTransfer;
5333
5334 if (uTxDir == PDMMEDIATXDIR_TO_DEVICE && cbElementaryTransfer > cbTotalTransfer)
5335 cbElementaryTransfer = cbTotalTransfer;
5336 iIOBufferCur = 0;
5337 iIOBufferEnd = cbElementaryTransfer;
5338 }
5339 pCtl->fRedo = fRedo;
5340 }
5341 else
5342 {
5343 /* This forces the loop to exit immediately. */
5344 pDesc = pCtl->pLastDMADesc + 1;
5345 }
5346
5347 PDMCritSectLeave(&pCtl->lock);
5348 if (RT_UNLIKELY(fRedo))
5349 break;
5350 }
5351 }
5352
5353 if (RT_UNLIKELY(fRedo))
5354 break;
5355
5356 /* end of transfer */
5357 if (!cbTotalTransfer || fLastDesc)
5358 break;
5359
5360 {
5361 STAM_PROFILE_START(&pCtl->StatLockWait, a);
5362 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
5363 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
5364 }
5365
5366 if (!(pCtl->BmDma.u8Cmd & BM_CMD_START) || pCtl->fReset)
5367 {
5368 LogRel(("PIIX3 ATA: Ctl#%d: ABORT DMA%s\n", ATACONTROLLER_IDX(pCtl), pCtl->fReset ? " due to RESET" : ""));
5369 if (!pCtl->fReset)
5370 ataR3DMATransferStop(s);
5371 /* This forces the loop to exit immediately. */
5372 pDesc = pCtl->pLastDMADesc + 1;
5373 }
5374
5375 PDMCritSectLeave(&pCtl->lock);
5376 }
5377
5378 {
5379 STAM_PROFILE_START(&pCtl->StatLockWait, a);
5380 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
5381 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
5382 }
5383
5384 if (RT_UNLIKELY(fRedo))
5385 return;
5386
5387 if (fLastDesc)
5388 pCtl->BmDma.u8Status &= ~BM_STATUS_DMAING;
5389 s->cbTotalTransfer = cbTotalTransfer;
5390 s->cbElementaryTransfer = cbElementaryTransfer;
5391 s->iIOBufferCur = iIOBufferCur;
5392 s->iIOBufferEnd = iIOBufferEnd;
5393}
5394
5395/**
5396 * Signal PDM that we're idle (if we actually are).
5397 *
5398 * @param pCtl The controller.
5399 */
5400static void ataR3AsyncSignalIdle(PATACONTROLLER pCtl)
5401{
5402 /*
5403 * Take the lock here and recheck the idle indicator to avoid
5404 * unnecessary work and racing ataR3WaitForAsyncIOIsIdle.
5405 */
5406 int rc = PDMCritSectEnter(&pCtl->AsyncIORequestLock, VINF_SUCCESS);
5407 AssertRC(rc);
5408
5409 if ( pCtl->fSignalIdle
5410 && ataR3AsyncIOIsIdle(pCtl, false /*fStrict*/))
5411 {
5412 PDMDevHlpAsyncNotificationCompleted(pCtl->pDevInsR3);
5413 RTThreadUserSignal(pCtl->AsyncIOThread); /* for ataR3Construct/ataR3ResetCommon. */
5414 }
5415
5416 rc = PDMCritSectLeave(&pCtl->AsyncIORequestLock);
5417 AssertRC(rc);
5418}
5419
5420/**
5421 * Async I/O thread for an interface.
5422 *
5423 * Once upon a time this was readable code with several loops and a different
5424 * semaphore for each purpose. But then came the "how can one save the state in
5425 * the middle of a PIO transfer" question. The solution was to use an ASM,
5426 * which is what's there now.
5427 */
5428static DECLCALLBACK(int) ataR3AsyncIOThread(RTTHREAD ThreadSelf, void *pvUser)
5429{
5430 const ATARequest *pReq;
5431 uint64_t u64TS = 0; /* shut up gcc */
5432 uint64_t uWait;
5433 int rc = VINF_SUCCESS;
5434 PATACONTROLLER pCtl = (PATACONTROLLER)pvUser;
5435 ATADevState *s;
5436
5437 pReq = NULL;
5438 pCtl->fChainedTransfer = false;
5439 while (!pCtl->fShutdown)
5440 {
5441 /* Keep this thread from doing anything as long as EMT is suspended. */
5442 while (pCtl->fRedoIdle)
5443 {
5444 if (pCtl->fSignalIdle)
5445 ataR3AsyncSignalIdle(pCtl);
5446 rc = RTSemEventWait(pCtl->SuspendIOSem, RT_INDEFINITE_WAIT);
5447 /* Continue if we got a signal by RTThreadPoke().
5448 * We will get notified if there is a request to process.
5449 */
5450 if (RT_UNLIKELY(rc == VERR_INTERRUPTED))
5451 continue;
5452 if (RT_FAILURE(rc) || pCtl->fShutdown)
5453 break;
5454
5455 pCtl->fRedoIdle = false;
5456 }
5457
5458 /* Wait for work. */
5459 while (pReq == NULL)
5460 {
5461 if (pCtl->fSignalIdle)
5462 ataR3AsyncSignalIdle(pCtl);
5463 rc = SUPSemEventWaitNoResume(pCtl->pSupDrvSession, pCtl->hAsyncIOSem, RT_INDEFINITE_WAIT);
5464 /* Continue if we got a signal by RTThreadPoke().
5465 * We will get notified if there is a request to process.
5466 */
5467 if (RT_UNLIKELY(rc == VERR_INTERRUPTED))
5468 continue;
5469 if (RT_FAILURE(rc) || RT_UNLIKELY(pCtl->fShutdown))
5470 break;
5471
5472 pReq = ataR3AsyncIOGetCurrentRequest(pCtl);
5473 }
5474
5475 if (RT_FAILURE(rc) || pCtl->fShutdown)
5476 break;
5477
5478 if (pReq == NULL)
5479 continue;
5480
5481 ATAAIO ReqType = pReq->ReqType;
5482
5483 Log2(("%s: Ctl#%d: state=%d, req=%d\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl), pCtl->uAsyncIOState, ReqType));
5484 if (pCtl->uAsyncIOState != ReqType)
5485 {
5486 /* The new state is not the state that was expected by the normal
5487 * state changes. This is either a RESET/ABORT or there's something
5488 * really strange going on. */
5489 if ( (pCtl->uAsyncIOState == ATA_AIO_PIO || pCtl->uAsyncIOState == ATA_AIO_DMA)
5490 && (ReqType == ATA_AIO_PIO || ReqType == ATA_AIO_DMA))
5491 {
5492 /* Incorrect sequence of PIO/DMA states. Dump request queue. */
5493 ataR3AsyncIODumpRequests(pCtl);
5494 }
5495 AssertReleaseMsg(ReqType == ATA_AIO_RESET_ASSERTED || ReqType == ATA_AIO_RESET_CLEARED || ReqType == ATA_AIO_ABORT || pCtl->uAsyncIOState == ReqType, ("I/O state inconsistent: state=%d request=%d\n", pCtl->uAsyncIOState, ReqType));
5496 }
5497
5498 /* Do our work. */
5499 {
5500 STAM_PROFILE_START(&pCtl->StatLockWait, a);
5501 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
5502 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
5503 }
5504
5505 if (pCtl->uAsyncIOState == ATA_AIO_NEW && !pCtl->fChainedTransfer)
5506 {
5507 u64TS = RTTimeNanoTS();
5508#if defined(DEBUG) || defined(VBOX_WITH_STATISTICS)
5509 STAM_PROFILE_ADV_START(&pCtl->StatAsyncTime, a);
5510#endif
5511 }
5512
5513 switch (ReqType)
5514 {
5515 case ATA_AIO_NEW:
5516
5517 pCtl->iAIOIf = pReq->u.t.iIf;
5518 s = &pCtl->aIfs[pCtl->iAIOIf];
5519 s->cbTotalTransfer = pReq->u.t.cbTotalTransfer;
5520 s->uTxDir = pReq->u.t.uTxDir;
5521 s->iBeginTransfer = pReq->u.t.iBeginTransfer;
5522 s->iSourceSink = pReq->u.t.iSourceSink;
5523 s->iIOBufferEnd = 0;
5524 s->u64CmdTS = u64TS;
5525
5526 if (s->fATAPI)
5527 {
5528 if (pCtl->fChainedTransfer)
5529 {
5530 /* Only count the actual transfers, not the PIO
5531 * transfer of the ATAPI command bytes. */
5532 if (s->fDMA)
5533 STAM_REL_COUNTER_INC(&s->StatATAPIDMA);
5534 else
5535 STAM_REL_COUNTER_INC(&s->StatATAPIPIO);
5536 }
5537 }
5538 else
5539 {
5540 if (s->fDMA)
5541 STAM_REL_COUNTER_INC(&s->StatATADMA);
5542 else
5543 STAM_REL_COUNTER_INC(&s->StatATAPIO);
5544 }
5545
5546 pCtl->fChainedTransfer = false;
5547
5548 if (s->iBeginTransfer != ATAFN_BT_NULL)
5549 {
5550 Log2(("%s: Ctl#%d: calling begin transfer function\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
5551 g_apfnBeginTransFuncs[s->iBeginTransfer](s);
5552 s->iBeginTransfer = ATAFN_BT_NULL;
5553 if (s->uTxDir != PDMMEDIATXDIR_FROM_DEVICE)
5554 s->iIOBufferEnd = s->cbElementaryTransfer;
5555 }
5556 else
5557 {
5558 s->cbElementaryTransfer = s->cbTotalTransfer;
5559 s->iIOBufferEnd = s->cbTotalTransfer;
5560 }
5561 s->iIOBufferCur = 0;
5562
5563 if (s->uTxDir != PDMMEDIATXDIR_TO_DEVICE)
5564 {
5565 if (s->iSourceSink != ATAFN_SS_NULL)
5566 {
5567 bool fRedo;
5568 Log2(("%s: Ctl#%d: calling source/sink function\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
5569 fRedo = g_apfnSourceSinkFuncs[s->iSourceSink](s);
5570 pCtl->fRedo = fRedo;
5571 if (RT_UNLIKELY(fRedo && !pCtl->fReset))
5572 {
5573 /* Operation failed at the initial transfer, restart
5574 * everything from scratch by resending the current
5575 * request. Occurs very rarely, not worth optimizing. */
5576 LogRel(("%s: Ctl#%d: redo entire operation\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
5577 ataHCAsyncIOPutRequest(pCtl, pReq);
5578 break;
5579 }
5580 }
5581 else
5582 ataR3CmdOK(s, 0);
5583 s->iIOBufferEnd = s->cbElementaryTransfer;
5584
5585 }
5586
5587 /* Do not go into the transfer phase if RESET is asserted.
5588 * The CritSect is released while waiting for the host OS
5589 * to finish the I/O, thus RESET is possible here. Most
5590 * important: do not change uAsyncIOState. */
5591 if (pCtl->fReset)
5592 break;
5593
5594 if (s->fDMA)
5595 {
5596 if (s->cbTotalTransfer)
5597 {
5598 ataSetStatus(s, ATA_STAT_DRQ);
5599
5600 pCtl->uAsyncIOState = ATA_AIO_DMA;
5601 /* If BMDMA is already started, do the transfer now. */
5602 if (pCtl->BmDma.u8Cmd & BM_CMD_START)
5603 {
5604 Log2(("%s: Ctl#%d: message to async I/O thread, continuing DMA transfer immediately\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
5605 ataHCAsyncIOPutRequest(pCtl, &g_ataDMARequest);
5606 }
5607 }
5608 else
5609 {
5610 Assert(s->uTxDir == PDMMEDIATXDIR_NONE); /* Any transfer which has an initial transfer size of 0 must be marked as such. */
5611 /* Finish DMA transfer. */
5612 ataR3DMATransferStop(s);
5613 ataHCSetIRQ(s);
5614 pCtl->uAsyncIOState = ATA_AIO_NEW;
5615 }
5616 }
5617 else
5618 {
5619 if (s->cbTotalTransfer)
5620 {
5621 ataHCPIOTransfer(pCtl);
5622 Assert(!pCtl->fRedo);
5623 if (s->fATAPITransfer || s->uTxDir != PDMMEDIATXDIR_TO_DEVICE)
5624 ataHCSetIRQ(s);
5625
5626 if (s->uTxDir == PDMMEDIATXDIR_TO_DEVICE || s->iSourceSink != ATAFN_SS_NULL)
5627 {
5628 /* Write operations and not yet finished transfers
5629 * must be completed in the async I/O thread. */
5630 pCtl->uAsyncIOState = ATA_AIO_PIO;
5631 }
5632 else
5633 {
5634 /* Finished read operation can be handled inline
5635 * in the end of PIO transfer handling code. Linux
5636 * depends on this, as it waits only briefly for
5637 * devices to become ready after incoming data
5638 * transfer. Cannot find anything in the ATA spec
5639 * that backs this assumption, but as all kernels
5640 * are affected (though most of the time it does
5641 * not cause any harm) this must work. */
5642 pCtl->uAsyncIOState = ATA_AIO_NEW;
5643 }
5644 }
5645 else
5646 {
5647 Assert(s->uTxDir == PDMMEDIATXDIR_NONE); /* Any transfer which has an initial transfer size of 0 must be marked as such. */
5648 /* Finish PIO transfer. */
5649 ataHCPIOTransfer(pCtl);
5650 Assert(!pCtl->fRedo);
5651 if (!s->fATAPITransfer)
5652 ataHCSetIRQ(s);
5653 pCtl->uAsyncIOState = ATA_AIO_NEW;
5654 }
5655 }
5656 break;
5657
5658 case ATA_AIO_DMA:
5659 {
5660 BMDMAState *bm = &pCtl->BmDma;
5661 s = &pCtl->aIfs[pCtl->iAIOIf]; /* Do not remove or there's an instant crash after loading the saved state */
5662 ATAFNSS iOriginalSourceSink = (ATAFNSS)s->iSourceSink; /* Used by the hack below, but gets reset by then. */
5663
5664 if (s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE)
5665 AssertRelease(bm->u8Cmd & BM_CMD_WRITE);
5666 else
5667 AssertRelease(!(bm->u8Cmd & BM_CMD_WRITE));
5668
5669 if (RT_LIKELY(!pCtl->fRedo))
5670 {
5671 /* The specs say that the descriptor table must not cross a
5672 * 4K boundary. */
5673 pCtl->pFirstDMADesc = bm->pvAddr;
5674 pCtl->pLastDMADesc = RT_ALIGN_32(bm->pvAddr + 1, _4K) - sizeof(BMDMADesc);
5675 }
5676 ataR3DMATransfer(pCtl);
5677
5678 if (RT_UNLIKELY(pCtl->fRedo && !pCtl->fReset))
5679 {
5680 LogRel(("PIIX3 ATA: Ctl#%d: redo DMA operation\n", ATACONTROLLER_IDX(pCtl)));
5681 ataHCAsyncIOPutRequest(pCtl, &g_ataDMARequest);
5682 break;
5683 }
5684
5685 /* The infamous delay IRQ hack. */
5686 if ( iOriginalSourceSink == ATAFN_SS_WRITE_SECTORS
5687 && s->cbTotalTransfer == 0
5688 && pCtl->DelayIRQMillies)
5689 {
5690 /* Delay IRQ for writing. Required to get the Win2K
5691 * installation work reliably (otherwise it crashes,
5692 * usually during component install). So far no better
5693 * solution has been found. */
5694 Log(("%s: delay IRQ hack\n", __FUNCTION__));
5695 PDMCritSectLeave(&pCtl->lock);
5696 RTThreadSleep(pCtl->DelayIRQMillies);
5697 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
5698 }
5699
5700 ataUnsetStatus(s, ATA_STAT_DRQ);
5701 Assert(!pCtl->fChainedTransfer);
5702 Assert(s->iSourceSink == ATAFN_SS_NULL);
5703 if (s->fATAPITransfer)
5704 {
5705 s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
5706 Log2(("%s: Ctl#%d: interrupt reason %#04x\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl), s->uATARegNSector));
5707 s->fATAPITransfer = false;
5708 }
5709 ataHCSetIRQ(s);
5710 pCtl->uAsyncIOState = ATA_AIO_NEW;
5711 break;
5712 }
5713
5714 case ATA_AIO_PIO:
5715 s = &pCtl->aIfs[pCtl->iAIOIf]; /* Do not remove or there's an instant crash after loading the saved state */
5716
5717 if (s->iSourceSink != ATAFN_SS_NULL)
5718 {
5719 bool fRedo;
5720 Log2(("%s: Ctl#%d: calling source/sink function\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
5721 fRedo = g_apfnSourceSinkFuncs[s->iSourceSink](s);
5722 pCtl->fRedo = fRedo;
5723 if (RT_UNLIKELY(fRedo && !pCtl->fReset))
5724 {
5725 LogRel(("PIIX3 ATA: Ctl#%d: redo PIO operation\n", ATACONTROLLER_IDX(pCtl)));
5726 ataHCAsyncIOPutRequest(pCtl, &g_ataPIORequest);
5727 break;
5728 }
5729 s->iIOBufferCur = 0;
5730 s->iIOBufferEnd = s->cbElementaryTransfer;
5731 }
5732 else
5733 {
5734 /* Continue a previously started transfer. */
5735 ataUnsetStatus(s, ATA_STAT_BUSY);
5736 ataSetStatus(s, ATA_STAT_READY);
5737 }
5738
5739 /* It is possible that the drives on this controller get RESET
5740 * during the above call to the source/sink function. If that's
5741 * the case, don't restart the transfer and don't finish it the
5742 * usual way. RESET handling took care of all that already.
5743 * Most important: do not change uAsyncIOState. */
5744 if (pCtl->fReset)
5745 break;
5746
5747 if (s->cbTotalTransfer)
5748 {
5749 ataHCPIOTransfer(pCtl);
5750 ataHCSetIRQ(s);
5751
5752 if (s->uTxDir == PDMMEDIATXDIR_TO_DEVICE || s->iSourceSink != ATAFN_SS_NULL)
5753 {
5754 /* Write operations and not yet finished transfers
5755 * must be completed in the async I/O thread. */
5756 pCtl->uAsyncIOState = ATA_AIO_PIO;
5757 }
5758 else
5759 {
5760 /* Finished read operation can be handled inline
5761 * in the end of PIO transfer handling code. Linux
5762 * depends on this, as it waits only briefly for
5763 * devices to become ready after incoming data
5764 * transfer. Cannot find anything in the ATA spec
5765 * that backs this assumption, but as all kernels
5766 * are affected (though most of the time it does
5767 * not cause any harm) this must work. */
5768 pCtl->uAsyncIOState = ATA_AIO_NEW;
5769 }
5770 }
5771 else
5772 {
5773 /* Finish PIO transfer. */
5774 ataHCPIOTransfer(pCtl);
5775 if ( !pCtl->fChainedTransfer
5776 && !s->fATAPITransfer
5777 && s->uTxDir != PDMMEDIATXDIR_FROM_DEVICE)
5778 {
5779 ataHCSetIRQ(s);
5780 }
5781 pCtl->uAsyncIOState = ATA_AIO_NEW;
5782 }
5783 break;
5784
5785 case ATA_AIO_RESET_ASSERTED:
5786 pCtl->uAsyncIOState = ATA_AIO_RESET_CLEARED;
5787 ataHCPIOTransferStop(&pCtl->aIfs[0]);
5788 ataHCPIOTransferStop(&pCtl->aIfs[1]);
5789 /* Do not change the DMA registers, they are not affected by the
5790 * ATA controller reset logic. It should be sufficient to issue a
5791 * new command, which is now possible as the state is cleared. */
5792 break;
5793
5794 case ATA_AIO_RESET_CLEARED:
5795 pCtl->uAsyncIOState = ATA_AIO_NEW;
5796 pCtl->fReset = false;
5797 /* Ensure that half-completed transfers are not redone. A reset
5798 * cancels the entire transfer, so continuing is wrong. */
5799 pCtl->fRedo = false;
5800 pCtl->fRedoDMALastDesc = false;
5801 LogRel(("PIIX3 ATA: Ctl#%d: finished processing RESET\n",
5802 ATACONTROLLER_IDX(pCtl)));
5803 for (uint32_t i = 0; i < RT_ELEMENTS(pCtl->aIfs); i++)
5804 {
5805 if (pCtl->aIfs[i].fATAPI)
5806 ataSetStatusValue(&pCtl->aIfs[i], 0); /* NOTE: READY is _not_ set */
5807 else
5808 ataSetStatusValue(&pCtl->aIfs[i], ATA_STAT_READY | ATA_STAT_SEEK);
5809 ataR3SetSignature(&pCtl->aIfs[i]);
5810 }
5811 break;
5812
5813 case ATA_AIO_ABORT:
5814 /* Abort the current command no matter what. There cannot be
5815 * any command activity on the other drive otherwise using
5816 * one thread per controller wouldn't work at all. */
5817 s = &pCtl->aIfs[pReq->u.a.iIf];
5818
5819 pCtl->uAsyncIOState = ATA_AIO_NEW;
5820 /* Do not change the DMA registers, they are not affected by the
5821 * ATA controller reset logic. It should be sufficient to issue a
5822 * new command, which is now possible as the state is cleared. */
5823 if (pReq->u.a.fResetDrive)
5824 {
5825 ataR3ResetDevice(s);
5826 ataR3ExecuteDeviceDiagnosticSS(s);
5827 }
5828 else
5829 {
5830 /* Stop any pending DMA transfer. */
5831 s->fDMA = false;
5832 ataHCPIOTransferStop(s);
5833 ataUnsetStatus(s, ATA_STAT_BUSY | ATA_STAT_DRQ | ATA_STAT_SEEK | ATA_STAT_ERR);
5834 ataSetStatus(s, ATA_STAT_READY);
5835 ataHCSetIRQ(s);
5836 }
5837 break;
5838
5839 default:
5840 AssertMsgFailed(("Undefined async I/O state %d\n", pCtl->uAsyncIOState));
5841 }
5842
5843 ataR3AsyncIORemoveCurrentRequest(pCtl, ReqType);
5844 pReq = ataR3AsyncIOGetCurrentRequest(pCtl);
5845
5846 if (pCtl->uAsyncIOState == ATA_AIO_NEW && !pCtl->fChainedTransfer)
5847 {
5848# if defined(DEBUG) || defined(VBOX_WITH_STATISTICS)
5849 STAM_PROFILE_ADV_STOP(&pCtl->StatAsyncTime, a);
5850# endif
5851
5852 u64TS = RTTimeNanoTS() - u64TS;
5853 uWait = u64TS / 1000;
5854 Log(("%s: Ctl#%d: LUN#%d finished I/O transaction in %d microseconds\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl), pCtl->aIfs[pCtl->iAIOIf].iLUN, (uint32_t)(uWait)));
5855 /* Mark command as finished. */
5856 pCtl->aIfs[pCtl->iAIOIf].u64CmdTS = 0;
5857
5858 /*
5859 * Release logging of command execution times depends on the
5860 * command type. ATAPI commands often take longer (due to CD/DVD
5861 * spin up time etc.) so the threshold is different.
5862 */
5863 if (pCtl->aIfs[pCtl->iAIOIf].uATARegCommand != ATA_PACKET)
5864 {
5865 if (uWait > 8 * 1000 * 1000)
5866 {
5867 /*
5868 * Command took longer than 8 seconds. This is close
5869 * enough or over the guest's command timeout, so place
5870 * an entry in the release log to allow tracking such
5871 * timing errors (which are often caused by the host).
5872 */
5873 LogRel(("PIIX3 ATA: execution time for ATA command %#04x was %d seconds\n", pCtl->aIfs[pCtl->iAIOIf].uATARegCommand, uWait / (1000 * 1000)));
5874 }
5875 }
5876 else
5877 {
5878 if (uWait > 20 * 1000 * 1000)
5879 {
5880 /*
5881 * Command took longer than 20 seconds. This is close
5882 * enough or over the guest's command timeout, so place
5883 * an entry in the release log to allow tracking such
5884 * timing errors (which are often caused by the host).
5885 */
5886 LogRel(("PIIX3 ATA: execution time for ATAPI command %#04x was %d seconds\n", pCtl->aIfs[pCtl->iAIOIf].aATAPICmd[0], uWait / (1000 * 1000)));
5887 }
5888 }
5889
5890# if defined(DEBUG) || defined(VBOX_WITH_STATISTICS)
5891 if (uWait < pCtl->StatAsyncMinWait || !pCtl->StatAsyncMinWait)
5892 pCtl->StatAsyncMinWait = uWait;
5893 if (uWait > pCtl->StatAsyncMaxWait)
5894 pCtl->StatAsyncMaxWait = uWait;
5895
5896 STAM_COUNTER_ADD(&pCtl->StatAsyncTimeUS, uWait);
5897 STAM_COUNTER_INC(&pCtl->StatAsyncOps);
5898# endif /* DEBUG || VBOX_WITH_STATISTICS */
5899 }
5900
5901 PDMCritSectLeave(&pCtl->lock);
5902 }
5903
5904 /* Signal the ultimate idleness. */
5905 RTThreadUserSignal(pCtl->AsyncIOThread);
5906 if (pCtl->fSignalIdle)
5907 PDMDevHlpAsyncNotificationCompleted(pCtl->pDevInsR3);
5908
5909 /* Cleanup the state. */
5910 /* Do not destroy request lock yet, still needed for proper shutdown. */
5911 pCtl->fShutdown = false;
5912
5913 Log2(("%s: Ctl#%d: return %Rrc\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl), rc));
5914 return rc;
5915}
5916
5917#endif /* IN_RING3 */
5918
5919static uint32_t ataBMDMACmdReadB(PATACONTROLLER pCtl, uint32_t addr)
5920{
5921 uint32_t val = pCtl->BmDma.u8Cmd;
5922 Log2(("%s: addr=%#06x val=%#04x\n", __FUNCTION__, addr, val));
5923 return val;
5924}
5925
5926
5927static void ataBMDMACmdWriteB(PATACONTROLLER pCtl, uint32_t addr, uint32_t val)
5928{
5929 Log2(("%s: addr=%#06x val=%#04x\n", __FUNCTION__, addr, val));
5930 if (!(val & BM_CMD_START))
5931 {
5932 pCtl->BmDma.u8Status &= ~BM_STATUS_DMAING;
5933 pCtl->BmDma.u8Cmd = val & (BM_CMD_START | BM_CMD_WRITE);
5934 }
5935 else
5936 {
5937#ifndef IN_RC
5938 /* Check whether the guest OS wants to change DMA direction in
5939 * mid-flight. Not allowed, according to the PIIX3 specs. */
5940 Assert(!(pCtl->BmDma.u8Status & BM_STATUS_DMAING) || !((val ^ pCtl->BmDma.u8Cmd) & 0x04));
5941 uint8_t uOldBmDmaStatus = pCtl->BmDma.u8Status;
5942 pCtl->BmDma.u8Status |= BM_STATUS_DMAING;
5943 pCtl->BmDma.u8Cmd = val & (BM_CMD_START | BM_CMD_WRITE);
5944
5945 /* Do not continue DMA transfers while the RESET line is asserted. */
5946 if (pCtl->fReset)
5947 {
5948 Log2(("%s: Ctl#%d: suppressed continuing DMA transfer as RESET is active\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
5949 return;
5950 }
5951
5952 /* Do not start DMA transfers if there's a PIO transfer going on,
5953 * or if there is already a transfer started on this controller. */
5954 if ( !pCtl->aIfs[pCtl->iSelectedIf].fDMA
5955 || (uOldBmDmaStatus & BM_STATUS_DMAING))
5956 return;
5957
5958 if (pCtl->aIfs[pCtl->iAIOIf].uATARegStatus & ATA_STAT_DRQ)
5959 {
5960 Log2(("%s: Ctl#%d: message to async I/O thread, continuing DMA transfer\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
5961 ataHCAsyncIOPutRequest(pCtl, &g_ataDMARequest);
5962 }
5963#else /* !IN_RING3 */
5964 AssertMsgFailed(("DMA START handling is too complicated for RC\n"));
5965#endif /* IN_RING3 */
5966 }
5967}
5968
5969static uint32_t ataBMDMAStatusReadB(PATACONTROLLER pCtl, uint32_t addr)
5970{
5971 uint32_t val = pCtl->BmDma.u8Status;
5972 Log2(("%s: addr=%#06x val=%#04x\n", __FUNCTION__, addr, val));
5973 return val;
5974}
5975
5976static void ataBMDMAStatusWriteB(PATACONTROLLER pCtl, uint32_t addr, uint32_t val)
5977{
5978 Log2(("%s: addr=%#06x val=%#04x\n", __FUNCTION__, addr, val));
5979 pCtl->BmDma.u8Status = (val & (BM_STATUS_D0DMA | BM_STATUS_D1DMA))
5980 | (pCtl->BmDma.u8Status & BM_STATUS_DMAING)
5981 | (pCtl->BmDma.u8Status & ~val & (BM_STATUS_ERROR | BM_STATUS_INT));
5982}
5983
5984static uint32_t ataBMDMAAddrReadL(PATACONTROLLER pCtl, uint32_t addr)
5985{
5986 uint32_t val = (uint32_t)pCtl->BmDma.pvAddr;
5987 Log2(("%s: addr=%#06x val=%#010x\n", __FUNCTION__, addr, val));
5988 return val;
5989}
5990
5991static void ataBMDMAAddrWriteL(PATACONTROLLER pCtl, uint32_t addr, uint32_t val)
5992{
5993 Log2(("%s: addr=%#06x val=%#010x\n", __FUNCTION__, addr, val));
5994 pCtl->BmDma.pvAddr = val & ~3;
5995}
5996
5997static void ataBMDMAAddrWriteLowWord(PATACONTROLLER pCtl, uint32_t addr, uint32_t val)
5998{
5999 Log2(("%s: addr=%#06x val=%#010x\n", __FUNCTION__, addr, val));
6000 pCtl->BmDma.pvAddr = (pCtl->BmDma.pvAddr & 0xFFFF0000) | RT_LOWORD(val & ~3);
6001
6002}
6003
6004static void ataBMDMAAddrWriteHighWord(PATACONTROLLER pCtl, uint32_t addr, uint32_t val)
6005{
6006 Log2(("%s: addr=%#06x val=%#010x\n", __FUNCTION__, addr, val));
6007 pCtl->BmDma.pvAddr = (RT_LOWORD(val) << 16) | RT_LOWORD(pCtl->BmDma.pvAddr);
6008}
6009
6010#define VAL(port, size) ( ((port) & 7) | ((size) << 3) )
6011
6012/**
6013 * Port I/O Handler for bus master DMA IN operations.
6014 * @see FNIOMIOPORTIN for details.
6015 */
6016PDMBOTHCBDECL(int) ataBMDMAIOPortRead(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t *pu32, unsigned cb)
6017{
6018 uint32_t i = (uint32_t)(uintptr_t)pvUser;
6019 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6020 PATACONTROLLER pCtl = &pThis->aCts[i];
6021
6022 int rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_READ);
6023 if (rc != VINF_SUCCESS)
6024 return rc;
6025 switch (VAL(Port, cb))
6026 {
6027 case VAL(0, 1): *pu32 = ataBMDMACmdReadB(pCtl, Port); break;
6028 case VAL(0, 2): *pu32 = ataBMDMACmdReadB(pCtl, Port); break;
6029 case VAL(2, 1): *pu32 = ataBMDMAStatusReadB(pCtl, Port); break;
6030 case VAL(2, 2): *pu32 = ataBMDMAStatusReadB(pCtl, Port); break;
6031 case VAL(4, 4): *pu32 = ataBMDMAAddrReadL(pCtl, Port); break;
6032 case VAL(0, 4):
6033 /* The SCO OpenServer tries to read 4 bytes starting from offset 0. */
6034 *pu32 = ataBMDMACmdReadB(pCtl, Port) | (ataBMDMAStatusReadB(pCtl, Port) << 16);
6035 break;
6036 default:
6037 AssertMsgFailed(("%s: Unsupported read from port %x size=%d\n", __FUNCTION__, Port, cb));
6038 PDMCritSectLeave(&pCtl->lock);
6039 return VERR_IOM_IOPORT_UNUSED;
6040 }
6041 PDMCritSectLeave(&pCtl->lock);
6042 return rc;
6043}
6044
6045/**
6046 * Port I/O Handler for bus master DMA OUT operations.
6047 * @see FNIOMIOPORTOUT for details.
6048 */
6049PDMBOTHCBDECL(int) ataBMDMAIOPortWrite(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t u32, unsigned cb)
6050{
6051 uint32_t i = (uint32_t)(uintptr_t)pvUser;
6052 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6053 PATACONTROLLER pCtl = &pThis->aCts[i];
6054
6055 int rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_WRITE);
6056 if (rc != VINF_SUCCESS)
6057 return rc;
6058 switch (VAL(Port, cb))
6059 {
6060 case VAL(0, 1):
6061#ifdef IN_RC
6062 if (u32 & BM_CMD_START)
6063 {
6064 rc = VINF_IOM_R3_IOPORT_WRITE;
6065 break;
6066 }
6067#endif
6068 ataBMDMACmdWriteB(pCtl, Port, u32);
6069 break;
6070 case VAL(2, 1): ataBMDMAStatusWriteB(pCtl, Port, u32); break;
6071 case VAL(4, 4): ataBMDMAAddrWriteL(pCtl, Port, u32); break;
6072 case VAL(4, 2): ataBMDMAAddrWriteLowWord(pCtl, Port, u32); break;
6073 case VAL(6, 2): ataBMDMAAddrWriteHighWord(pCtl, Port, u32); break;
6074 default: AssertMsgFailed(("%s: Unsupported write to port %x size=%d val=%x\n", __FUNCTION__, Port, cb, u32)); break;
6075 }
6076 PDMCritSectLeave(&pCtl->lock);
6077 return rc;
6078}
6079
6080#undef VAL
6081
6082#ifdef IN_RING3
6083
6084/**
6085 * Callback function for mapping an PCI I/O region.
6086 *
6087 * @return VBox status code.
6088 * @param pPciDev Pointer to PCI device. Use pPciDev->pDevIns to get the device instance.
6089 * @param iRegion The region number.
6090 * @param GCPhysAddress Physical address of the region. If iType is PCI_ADDRESS_SPACE_IO, this is an
6091 * I/O port, else it's a physical address.
6092 * This address is *NOT* relative to pci_mem_base like earlier!
6093 * @param enmType One of the PCI_ADDRESS_SPACE_* values.
6094 */
6095static DECLCALLBACK(int) ataR3BMDMAIORangeMap(PPCIDEVICE pPciDev, /*unsigned*/ int iRegion,
6096 RTGCPHYS GCPhysAddress, uint32_t cb, PCIADDRESSSPACE enmType)
6097{
6098 PCIATAState *pThis = PCIDEV_2_PCIATASTATE(pPciDev);
6099 int rc = VINF_SUCCESS;
6100 Assert(enmType == PCI_ADDRESS_SPACE_IO);
6101 Assert(iRegion == 4);
6102 AssertMsg(RT_ALIGN(GCPhysAddress, 8) == GCPhysAddress, ("Expected 8 byte alignment. GCPhysAddress=%#x\n", GCPhysAddress));
6103
6104 /* Register the port range. */
6105 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
6106 {
6107 int rc2 = PDMDevHlpIOPortRegister(pPciDev->pDevIns, (RTIOPORT)GCPhysAddress + i * 8, 8,
6108 (RTHCPTR)(uintptr_t)i, ataBMDMAIOPortWrite, ataBMDMAIOPortRead,
6109 NULL, NULL, "ATA Bus Master DMA");
6110 AssertRC(rc2);
6111 if (rc2 < rc)
6112 rc = rc2;
6113
6114 if (pThis->fRCEnabled)
6115 {
6116 rc2 = PDMDevHlpIOPortRegisterRC(pPciDev->pDevIns, (RTIOPORT)GCPhysAddress + i * 8, 8,
6117 (RTGCPTR)i, "ataBMDMAIOPortWrite", "ataBMDMAIOPortRead",
6118 NULL, NULL, "ATA Bus Master DMA");
6119 AssertRC(rc2);
6120 if (rc2 < rc)
6121 rc = rc2;
6122 }
6123 if (pThis->fR0Enabled)
6124 {
6125 rc2 = PDMDevHlpIOPortRegisterR0(pPciDev->pDevIns, (RTIOPORT)GCPhysAddress + i * 8, 8,
6126 (RTR0PTR)i, "ataBMDMAIOPortWrite", "ataBMDMAIOPortRead",
6127 NULL, NULL, "ATA Bus Master DMA");
6128 AssertRC(rc2);
6129 if (rc2 < rc)
6130 rc = rc2;
6131 }
6132 }
6133 return rc;
6134}
6135
6136
6137/* -=-=-=-=-=- PCIATAState::IBase -=-=-=-=-=- */
6138
6139/**
6140 * @interface_method_impl{PDMIBASE,pfnQueryInterface}
6141 */
6142static DECLCALLBACK(void *) ataR3Status_QueryInterface(PPDMIBASE pInterface, const char *pszIID)
6143{
6144 PCIATAState *pThis = PDMIBASE_2_PCIATASTATE(pInterface);
6145 PDMIBASE_RETURN_INTERFACE(pszIID, PDMIBASE, &pThis->IBase);
6146 PDMIBASE_RETURN_INTERFACE(pszIID, PDMILEDPORTS, &pThis->ILeds);
6147 return NULL;
6148}
6149
6150
6151/* -=-=-=-=-=- PCIATAState::ILeds -=-=-=-=-=- */
6152
6153/**
6154 * Gets the pointer to the status LED of a unit.
6155 *
6156 * @returns VBox status code.
6157 * @param pInterface Pointer to the interface structure containing the called function pointer.
6158 * @param iLUN The unit which status LED we desire.
6159 * @param ppLed Where to store the LED pointer.
6160 */
6161static DECLCALLBACK(int) ataR3Status_QueryStatusLed(PPDMILEDPORTS pInterface, unsigned iLUN, PPDMLED *ppLed)
6162{
6163 PCIATAState *pThis = PDMILEDPORTS_2_PCIATASTATE(pInterface);
6164 if (iLUN < 4)
6165 {
6166 switch (iLUN)
6167 {
6168 case 0: *ppLed = &pThis->aCts[0].aIfs[0].Led; break;
6169 case 1: *ppLed = &pThis->aCts[0].aIfs[1].Led; break;
6170 case 2: *ppLed = &pThis->aCts[1].aIfs[0].Led; break;
6171 case 3: *ppLed = &pThis->aCts[1].aIfs[1].Led; break;
6172 }
6173 Assert((*ppLed)->u32Magic == PDMLED_MAGIC);
6174 return VINF_SUCCESS;
6175 }
6176 return VERR_PDM_LUN_NOT_FOUND;
6177}
6178
6179
6180/* -=-=-=-=-=- ATADevState::IBase -=-=-=-=-=- */
6181
6182/**
6183 * @interface_method_impl{PDMIBASE,pfnQueryInterface}
6184 */
6185static DECLCALLBACK(void *) ataR3QueryInterface(PPDMIBASE pInterface, const char *pszIID)
6186{
6187 ATADevState *pIf = PDMIBASE_2_ATASTATE(pInterface);
6188 PDMIBASE_RETURN_INTERFACE(pszIID, PDMIBASE, &pIf->IBase);
6189 PDMIBASE_RETURN_INTERFACE(pszIID, PDMIMEDIAPORT, &pIf->IPort);
6190 PDMIBASE_RETURN_INTERFACE(pszIID, PDMIMOUNTNOTIFY, &pIf->IMountNotify);
6191 return NULL;
6192}
6193
6194
6195/* -=-=-=-=-=- ATADevState::IPort -=-=-=-=-=- */
6196
6197/**
6198 * @interface_method_impl{PDMIMEDIAPORT,pfnQueryDeviceLocation}
6199 */
6200static DECLCALLBACK(int) ataR3QueryDeviceLocation(PPDMIMEDIAPORT pInterface, const char **ppcszController,
6201 uint32_t *piInstance, uint32_t *piLUN)
6202{
6203 ATADevState *pIf = PDMIMEDIAPORT_2_ATASTATE(pInterface);
6204 PPDMDEVINS pDevIns = pIf->CTX_SUFF(pDevIns);
6205
6206 AssertPtrReturn(ppcszController, VERR_INVALID_POINTER);
6207 AssertPtrReturn(piInstance, VERR_INVALID_POINTER);
6208 AssertPtrReturn(piLUN, VERR_INVALID_POINTER);
6209
6210 *ppcszController = pDevIns->pReg->szName;
6211 *piInstance = pDevIns->iInstance;
6212 *piLUN = pIf->iLUN;
6213
6214 return VINF_SUCCESS;
6215}
6216
6217#endif /* IN_RING3 */
6218
6219/* -=-=-=-=-=- Wrappers -=-=-=-=-=- */
6220
6221
6222/**
6223 * Port I/O Handler for primary port range OUT operations.
6224 * @see FNIOMIOPORTOUT for details.
6225 */
6226PDMBOTHCBDECL(int) ataIOPortWrite1Other(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t u32, unsigned cb)
6227{
6228 uint32_t i = (uint32_t)(uintptr_t)pvUser;
6229 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6230 PATACONTROLLER pCtl = &pThis->aCts[i];
6231
6232 Assert(i < 2);
6233 Assert(Port != pCtl->IOPortBase1);
6234
6235 int rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_WRITE);
6236 if (rc == VINF_SUCCESS)
6237 {
6238 /* Writes to the other command block ports should be 8-bit only. If they
6239 * are not, the high bits are simply discarded. Undocumented, but observed
6240 * on a real PIIX4 system.
6241 */
6242 if (cb > 1)
6243 Log(("ataIOPortWrite1: suspect write to port %x val=%x size=%d\n", Port, u32, cb));
6244
6245 rc = ataIOPortWriteU8(pCtl, Port, u32);
6246
6247 PDMCritSectLeave(&pCtl->lock);
6248 }
6249 return rc;
6250}
6251
6252
6253/**
6254 * Port I/O Handler for primary port range IN operations.
6255 * @see FNIOMIOPORTIN for details.
6256 */
6257PDMBOTHCBDECL(int) ataIOPortRead1Other(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t *pu32, unsigned cb)
6258{
6259 uint32_t i = (uint32_t)(uintptr_t)pvUser;
6260 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6261 PATACONTROLLER pCtl = &pThis->aCts[i];
6262
6263 Assert(i < 2);
6264 Assert(Port != pCtl->IOPortBase1);
6265
6266 int rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_READ);
6267 if (rc == VINF_SUCCESS)
6268 {
6269 /* Reads from the other command block registers should be 8-bit only.
6270 * If they are not, the low byte is propagated to the high bits.
6271 * Undocumented, but observed on a real PIIX4 system.
6272 */
6273 rc = ataIOPortReadU8(pCtl, Port, pu32);
6274 if (cb > 1)
6275 {
6276 uint32_t pad;
6277
6278 /* Replicate the 8-bit result into the upper three bytes. */
6279 pad = *pu32 & 0xff;
6280 pad = pad | (pad << 8);
6281 pad = pad | (pad << 16);
6282 *pu32 = pad;
6283 Log(("ataIOPortRead1: suspect read from port %x size=%d\n", Port, cb));
6284 }
6285 PDMCritSectLeave(&pCtl->lock);
6286 }
6287 return rc;
6288}
6289
6290
6291/**
6292 * Port I/O Handler for secondary port range OUT operations.
6293 * @see FNIOMIOPORTOUT for details.
6294 */
6295PDMBOTHCBDECL(int) ataIOPortWrite2(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t u32, unsigned cb)
6296{
6297 uint32_t i = (uint32_t)(uintptr_t)pvUser;
6298 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6299 PATACONTROLLER pCtl = &pThis->aCts[i];
6300 int rc;
6301
6302 Assert(i < 2);
6303
6304 if (cb == 1)
6305 {
6306 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_WRITE);
6307 if (rc == VINF_SUCCESS)
6308 {
6309 rc = ataControlWrite(pCtl, Port, u32);
6310 PDMCritSectLeave(&pCtl->lock);
6311 }
6312 }
6313 else
6314 rc = VINF_SUCCESS;
6315 return rc;
6316}
6317
6318
6319/**
6320 * Port I/O Handler for secondary port range IN operations.
6321 * @see FNIOMIOPORTIN for details.
6322 */
6323PDMBOTHCBDECL(int) ataIOPortRead2(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t *pu32, unsigned cb)
6324{
6325 uint32_t i = (uint32_t)(uintptr_t)pvUser;
6326 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6327 PATACONTROLLER pCtl = &pThis->aCts[i];
6328 int rc;
6329
6330 Assert(i < 2);
6331
6332 if (cb == 1)
6333 {
6334 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_READ);
6335 if (rc == VINF_SUCCESS)
6336 {
6337 *pu32 = ataStatusRead(pCtl, Port);
6338 PDMCritSectLeave(&pCtl->lock);
6339 }
6340 }
6341 else
6342 rc = VERR_IOM_IOPORT_UNUSED;
6343 return rc;
6344}
6345
6346#ifdef IN_RING3
6347
6348
6349DECLINLINE(void) ataR3RelocBuffer(PPDMDEVINS pDevIns, ATADevState *s)
6350{
6351 if (s->pbIOBufferR3)
6352 s->pbIOBufferRC = MMHyperR3ToRC(PDMDevHlpGetVM(pDevIns), s->pbIOBufferR3);
6353}
6354
6355
6356/**
6357 * Detach notification.
6358 *
6359 * The DVD drive has been unplugged.
6360 *
6361 * @param pDevIns The device instance.
6362 * @param iLUN The logical unit which is being detached.
6363 * @param fFlags Flags, combination of the PDMDEVATT_FLAGS_* \#defines.
6364 */
6365static DECLCALLBACK(void) ataR3Detach(PPDMDEVINS pDevIns, unsigned iLUN, uint32_t fFlags)
6366{
6367 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6368 PATACONTROLLER pCtl;
6369 ATADevState *pIf;
6370 unsigned iController;
6371 unsigned iInterface;
6372
6373 AssertMsg(fFlags & PDM_TACH_FLAGS_NOT_HOT_PLUG,
6374 ("PIIX3IDE: Device does not support hotplugging\n"));
6375
6376 /*
6377 * Locate the controller and stuff.
6378 */
6379 iController = iLUN / RT_ELEMENTS(pThis->aCts[0].aIfs);
6380 AssertReleaseMsg(iController < RT_ELEMENTS(pThis->aCts), ("iController=%d iLUN=%d\n", iController, iLUN));
6381 pCtl = &pThis->aCts[iController];
6382
6383 iInterface = iLUN % RT_ELEMENTS(pThis->aCts[0].aIfs);
6384 pIf = &pCtl->aIfs[iInterface];
6385
6386 /*
6387 * Zero some important members.
6388 */
6389 pIf->pDrvBase = NULL;
6390 pIf->pDrvMedia = NULL;
6391 pIf->pDrvMount = NULL;
6392
6393 /*
6394 * In case there was a medium inserted.
6395 */
6396 ataR3MediumRemoved(pIf);
6397}
6398
6399
6400/**
6401 * Configure a LUN.
6402 *
6403 * @returns VBox status code.
6404 * @param pDevIns The device instance.
6405 * @param pIf The ATA unit state.
6406 */
6407static int ataR3ConfigLun(PPDMDEVINS pDevIns, ATADevState *pIf)
6408{
6409 int rc = VINF_SUCCESS;
6410 PDMMEDIATYPE enmType;
6411
6412 /*
6413 * Query Block, Bios and Mount interfaces.
6414 */
6415 pIf->pDrvMedia = PDMIBASE_QUERY_INTERFACE(pIf->pDrvBase, PDMIMEDIA);
6416 if (!pIf->pDrvMedia)
6417 {
6418 AssertMsgFailed(("Configuration error: LUN#%d hasn't a block interface!\n", pIf->iLUN));
6419 return VERR_PDM_MISSING_INTERFACE;
6420 }
6421
6422 pIf->pDrvMount = PDMIBASE_QUERY_INTERFACE(pIf->pDrvBase, PDMIMOUNT);
6423
6424 /*
6425 * Validate type.
6426 */
6427 enmType = pIf->pDrvMedia->pfnGetType(pIf->pDrvMedia);
6428 if ( enmType != PDMMEDIATYPE_CDROM
6429 && enmType != PDMMEDIATYPE_DVD
6430 && enmType != PDMMEDIATYPE_HARD_DISK)
6431 {
6432 AssertMsgFailed(("Configuration error: LUN#%d isn't a disk or cd/dvd-rom. enmType=%d\n", pIf->iLUN, enmType));
6433 return VERR_PDM_UNSUPPORTED_BLOCK_TYPE;
6434 }
6435 if ( ( enmType == PDMMEDIATYPE_DVD
6436 || enmType == PDMMEDIATYPE_CDROM)
6437 && !pIf->pDrvMount)
6438 {
6439 AssertMsgFailed(("Internal error: cdrom without a mountable interface, WTF???!\n"));
6440 return VERR_INTERNAL_ERROR;
6441 }
6442 pIf->fATAPI = enmType == PDMMEDIATYPE_DVD || enmType == PDMMEDIATYPE_CDROM;
6443 pIf->fATAPIPassthrough = pIf->fATAPI ? (pIf->pDrvMedia->pfnSendCmd != NULL) : false;
6444
6445 /*
6446 * Allocate I/O buffer.
6447 */
6448 if (pIf->fATAPI)
6449 pIf->cbSector = 2048;
6450 else
6451 pIf->cbSector = pIf->pDrvMedia->pfnGetSectorSize(pIf->pDrvMedia);
6452
6453 PVM pVM = PDMDevHlpGetVM(pDevIns);
6454 if (pIf->cbIOBuffer)
6455 {
6456 /* Buffer is (probably) already allocated. Validate the fields,
6457 * because memory corruption can also overwrite pIf->cbIOBuffer. */
6458 if (pIf->fATAPI)
6459 AssertRelease(pIf->cbIOBuffer == _128K);
6460 else
6461 AssertRelease(pIf->cbIOBuffer == ATA_MAX_MULT_SECTORS * pIf->cbSector);
6462 Assert(pIf->pbIOBufferR3);
6463 Assert(pIf->pbIOBufferR0 == MMHyperR3ToR0(pVM, pIf->pbIOBufferR3));
6464 Assert(pIf->pbIOBufferRC == MMHyperR3ToRC(pVM, pIf->pbIOBufferR3));
6465 }
6466 else
6467 {
6468 if (pIf->fATAPI)
6469 pIf->cbIOBuffer = _128K;
6470 else
6471 pIf->cbIOBuffer = ATA_MAX_MULT_SECTORS * pIf->cbSector;
6472 Assert(!pIf->pbIOBufferR3);
6473 rc = MMR3HyperAllocOnceNoRel(pVM, pIf->cbIOBuffer, 0, MM_TAG_PDM_DEVICE_USER, (void **)&pIf->pbIOBufferR3);
6474 if (RT_FAILURE(rc))
6475 return VERR_NO_MEMORY;
6476 pIf->pbIOBufferR0 = MMHyperR3ToR0(pVM, pIf->pbIOBufferR3);
6477 pIf->pbIOBufferRC = MMHyperR3ToRC(pVM, pIf->pbIOBufferR3);
6478 }
6479
6480 /*
6481 * Init geometry (only for non-CD/DVD media).
6482 */
6483 if (pIf->fATAPI)
6484 {
6485 pIf->cTotalSectors = pIf->pDrvMedia->pfnGetSize(pIf->pDrvMedia) / pIf->cbSector;
6486 pIf->PCHSGeometry.cCylinders = 0; /* dummy */
6487 pIf->PCHSGeometry.cHeads = 0; /* dummy */
6488 pIf->PCHSGeometry.cSectors = 0; /* dummy */
6489 LogRel(("PIIX3 ATA: LUN#%d: CD/DVD, total number of sectors %Ld, passthrough %s\n", pIf->iLUN, pIf->cTotalSectors, (pIf->fATAPIPassthrough ? "enabled" : "disabled")));
6490 }
6491 else
6492 {
6493 pIf->cTotalSectors = pIf->pDrvMedia->pfnGetSize(pIf->pDrvMedia) / pIf->cbSector;
6494 rc = pIf->pDrvMedia->pfnBiosGetPCHSGeometry(pIf->pDrvMedia, &pIf->PCHSGeometry);
6495 if (rc == VERR_PDM_MEDIA_NOT_MOUNTED)
6496 {
6497 pIf->PCHSGeometry.cCylinders = 0;
6498 pIf->PCHSGeometry.cHeads = 16; /*??*/
6499 pIf->PCHSGeometry.cSectors = 63; /*??*/
6500 }
6501 else if (rc == VERR_PDM_GEOMETRY_NOT_SET)
6502 {
6503 pIf->PCHSGeometry.cCylinders = 0; /* autodetect marker */
6504 rc = VINF_SUCCESS;
6505 }
6506 AssertRC(rc);
6507
6508 if ( pIf->PCHSGeometry.cCylinders == 0
6509 || pIf->PCHSGeometry.cHeads == 0
6510 || pIf->PCHSGeometry.cSectors == 0
6511 )
6512 {
6513 uint64_t cCylinders = pIf->cTotalSectors / (16 * 63);
6514 pIf->PCHSGeometry.cCylinders = RT_MAX(RT_MIN(cCylinders, 16383), 1);
6515 pIf->PCHSGeometry.cHeads = 16;
6516 pIf->PCHSGeometry.cSectors = 63;
6517 /* Set the disk geometry information. Ignore errors. */
6518 pIf->pDrvMedia->pfnBiosSetPCHSGeometry(pIf->pDrvMedia, &pIf->PCHSGeometry);
6519 rc = VINF_SUCCESS;
6520 }
6521 LogRel(("PIIX3 ATA: LUN#%d: disk, PCHS=%u/%u/%u, total number of sectors %Ld\n", pIf->iLUN, pIf->PCHSGeometry.cCylinders, pIf->PCHSGeometry.cHeads, pIf->PCHSGeometry.cSectors, pIf->cTotalSectors));
6522
6523 if (pIf->pDrvMedia->pfnDiscard)
6524 LogRel(("PIIX3 ATA: LUN#%d: TRIM enabled\n", pIf->iLUN));
6525 }
6526 return rc;
6527}
6528
6529
6530/**
6531 * Attach command.
6532 *
6533 * This is called when we change block driver for the DVD drive.
6534 *
6535 * @returns VBox status code.
6536 * @param pDevIns The device instance.
6537 * @param iLUN The logical unit which is being detached.
6538 * @param fFlags Flags, combination of the PDMDEVATT_FLAGS_* \#defines.
6539 */
6540static DECLCALLBACK(int) ataR3Attach(PPDMDEVINS pDevIns, unsigned iLUN, uint32_t fFlags)
6541{
6542 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6543 PATACONTROLLER pCtl;
6544 ATADevState *pIf;
6545 int rc;
6546 unsigned iController;
6547 unsigned iInterface;
6548
6549 AssertMsgReturn(fFlags & PDM_TACH_FLAGS_NOT_HOT_PLUG,
6550 ("PIIX3IDE: Device does not support hotplugging\n"),
6551 VERR_INVALID_PARAMETER);
6552
6553 /*
6554 * Locate the controller and stuff.
6555 */
6556 iController = iLUN / RT_ELEMENTS(pThis->aCts[0].aIfs);
6557 AssertReleaseMsg(iController < RT_ELEMENTS(pThis->aCts), ("iController=%d iLUN=%d\n", iController, iLUN));
6558 pCtl = &pThis->aCts[iController];
6559
6560 iInterface = iLUN % RT_ELEMENTS(pThis->aCts[0].aIfs);
6561 pIf = &pCtl->aIfs[iInterface];
6562
6563 /* the usual paranoia */
6564 AssertRelease(!pIf->pDrvBase);
6565 AssertRelease(!pIf->pDrvMedia);
6566 Assert(ATADEVSTATE_2_CONTROLLER(pIf) == pCtl);
6567 Assert(pIf->iLUN == iLUN);
6568
6569 /*
6570 * Try attach the block device and get the interfaces,
6571 * required as well as optional.
6572 */
6573 rc = PDMDevHlpDriverAttach(pDevIns, pIf->iLUN, &pIf->IBase, &pIf->pDrvBase, NULL);
6574 if (RT_SUCCESS(rc))
6575 {
6576 rc = ataR3ConfigLun(pDevIns, pIf);
6577 /*
6578 * In case there is a medium inserted.
6579 */
6580 ataR3MediumInserted(pIf);
6581 ataR3MediumTypeSet(pIf, ATA_MEDIA_TYPE_UNKNOWN);
6582 }
6583 else
6584 AssertMsgFailed(("Failed to attach LUN#%d. rc=%Rrc\n", pIf->iLUN, rc));
6585
6586 if (RT_FAILURE(rc))
6587 {
6588 pIf->pDrvBase = NULL;
6589 pIf->pDrvMedia = NULL;
6590 }
6591 return rc;
6592}
6593
6594
6595/**
6596 * Resume notification.
6597 *
6598 * @returns VBox status code.
6599 * @param pDevIns The device instance data.
6600 */
6601static DECLCALLBACK(void) ataR3Resume(PPDMDEVINS pDevIns)
6602{
6603 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6604 int rc;
6605
6606 Log(("%s:\n", __FUNCTION__));
6607 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
6608 {
6609 if (pThis->aCts[i].fRedo && pThis->aCts[i].fRedoIdle)
6610 {
6611 rc = RTSemEventSignal(pThis->aCts[i].SuspendIOSem);
6612 AssertRC(rc);
6613 }
6614 }
6615 return;
6616}
6617
6618
6619/**
6620 * Checks if all (both) the async I/O threads have quiesced.
6621 *
6622 * @returns true on success.
6623 * @returns false when one or more threads is still processing.
6624 * @param pThis Pointer to the instance data.
6625 */
6626static bool ataR3AllAsyncIOIsIdle(PPDMDEVINS pDevIns)
6627{
6628 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6629
6630 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
6631 if (pThis->aCts[i].AsyncIOThread != NIL_RTTHREAD)
6632 {
6633 bool fRc = ataR3AsyncIOIsIdle(&pThis->aCts[i], false /*fStrict*/);
6634 if (!fRc)
6635 {
6636 /* Make it signal PDM & itself when its done */
6637 PDMCritSectEnter(&pThis->aCts[i].AsyncIORequestLock, VERR_IGNORED);
6638 ASMAtomicWriteBool(&pThis->aCts[i].fSignalIdle, true);
6639 PDMCritSectLeave(&pThis->aCts[i].AsyncIORequestLock);
6640
6641 fRc = ataR3AsyncIOIsIdle(&pThis->aCts[i], false /*fStrict*/);
6642 if (!fRc)
6643 {
6644#if 0 /** @todo Need to do some time tracking here... */
6645 LogRel(("PIIX3 ATA: Ctl#%u is still executing, DevSel=%d AIOIf=%d CmdIf0=%#04x CmdIf1=%#04x\n",
6646 i, pThis->aCts[i].iSelectedIf, pThis->aCts[i].iAIOIf,
6647 pThis->aCts[i].aIfs[0].uATARegCommand, pThis->aCts[i].aIfs[1].uATARegCommand));
6648#endif
6649 return false;
6650 }
6651 }
6652 ASMAtomicWriteBool(&pThis->aCts[i].fSignalIdle, false);
6653 }
6654 return true;
6655}
6656
6657/**
6658 * Prepare state save and load operation.
6659 *
6660 * @returns VBox status code.
6661 * @param pDevIns Device instance of the device which registered the data unit.
6662 * @param pSSM SSM operation handle.
6663 */
6664static DECLCALLBACK(int) ataR3SaveLoadPrep(PPDMDEVINS pDevIns, PSSMHANDLE pSSM)
6665{
6666 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6667
6668 /* sanity - the suspend notification will wait on the async stuff. */
6669 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
6670 AssertLogRelMsgReturn(ataR3AsyncIOIsIdle(&pThis->aCts[i], false /*fStrict*/),
6671 ("i=%u\n", i),
6672 VERR_SSM_IDE_ASYNC_TIMEOUT);
6673 return VINF_SUCCESS;
6674}
6675
6676/**
6677 * @copydoc FNSSMDEVLIVEEXEC
6678 */
6679static DECLCALLBACK(int) ataR3LiveExec(PPDMDEVINS pDevIns, PSSMHANDLE pSSM, uint32_t uPass)
6680{
6681 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6682
6683 SSMR3PutU8(pSSM, pThis->u8Type);
6684 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
6685 {
6686 SSMR3PutBool(pSSM, true); /* For controller enabled / disabled. */
6687 for (uint32_t j = 0; j < RT_ELEMENTS(pThis->aCts[i].aIfs); j++)
6688 {
6689 SSMR3PutBool(pSSM, pThis->aCts[i].aIfs[j].pDrvBase != NULL);
6690 SSMR3PutStrZ(pSSM, pThis->aCts[i].aIfs[j].szSerialNumber);
6691 SSMR3PutStrZ(pSSM, pThis->aCts[i].aIfs[j].szFirmwareRevision);
6692 SSMR3PutStrZ(pSSM, pThis->aCts[i].aIfs[j].szModelNumber);
6693 }
6694 }
6695
6696 return VINF_SSM_DONT_CALL_AGAIN;
6697}
6698
6699/**
6700 * @copydoc FNSSMDEVSAVEEXEC
6701 */
6702static DECLCALLBACK(int) ataR3SaveExec(PPDMDEVINS pDevIns, PSSMHANDLE pSSM)
6703{
6704 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6705
6706 ataR3LiveExec(pDevIns, pSSM, SSM_PASS_FINAL);
6707
6708 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
6709 {
6710 SSMR3PutU8(pSSM, pThis->aCts[i].iSelectedIf);
6711 SSMR3PutU8(pSSM, pThis->aCts[i].iAIOIf);
6712 SSMR3PutU8(pSSM, pThis->aCts[i].uAsyncIOState);
6713 SSMR3PutBool(pSSM, pThis->aCts[i].fChainedTransfer);
6714 SSMR3PutBool(pSSM, pThis->aCts[i].fReset);
6715 SSMR3PutBool(pSSM, pThis->aCts[i].fRedo);
6716 SSMR3PutBool(pSSM, pThis->aCts[i].fRedoIdle);
6717 SSMR3PutBool(pSSM, pThis->aCts[i].fRedoDMALastDesc);
6718 SSMR3PutMem(pSSM, &pThis->aCts[i].BmDma, sizeof(pThis->aCts[i].BmDma));
6719 SSMR3PutGCPhys32(pSSM, pThis->aCts[i].pFirstDMADesc);
6720 SSMR3PutGCPhys32(pSSM, pThis->aCts[i].pLastDMADesc);
6721 SSMR3PutGCPhys32(pSSM, pThis->aCts[i].pRedoDMABuffer);
6722 SSMR3PutU32(pSSM, pThis->aCts[i].cbRedoDMABuffer);
6723
6724 for (uint32_t j = 0; j < RT_ELEMENTS(pThis->aCts[i].aIfs); j++)
6725 {
6726 SSMR3PutBool(pSSM, pThis->aCts[i].aIfs[j].fLBA48);
6727 SSMR3PutBool(pSSM, pThis->aCts[i].aIfs[j].fATAPI);
6728 SSMR3PutBool(pSSM, pThis->aCts[i].aIfs[j].fIrqPending);
6729 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].cMultSectors);
6730 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].PCHSGeometry.cCylinders);
6731 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].PCHSGeometry.cHeads);
6732 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].PCHSGeometry.cSectors);
6733 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].cSectorsPerIRQ);
6734 SSMR3PutU64(pSSM, pThis->aCts[i].aIfs[j].cTotalSectors);
6735 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegFeature);
6736 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegFeatureHOB);
6737 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegError);
6738 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegNSector);
6739 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegNSectorHOB);
6740 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegSector);
6741 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegSectorHOB);
6742 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegLCyl);
6743 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegLCylHOB);
6744 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegHCyl);
6745 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegHCylHOB);
6746 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegSelect);
6747 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegStatus);
6748 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegCommand);
6749 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegDevCtl);
6750 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATATransferMode);
6751 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uTxDir);
6752 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].iBeginTransfer);
6753 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].iSourceSink);
6754 SSMR3PutBool(pSSM, pThis->aCts[i].aIfs[j].fDMA);
6755 SSMR3PutBool(pSSM, pThis->aCts[i].aIfs[j].fATAPITransfer);
6756 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].cbTotalTransfer);
6757 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].cbElementaryTransfer);
6758 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].iIOBufferCur);
6759 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].iIOBufferEnd);
6760 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].iIOBufferPIODataStart);
6761 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].iIOBufferPIODataEnd);
6762 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].iATAPILBA);
6763 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].cbATAPISector);
6764 SSMR3PutMem(pSSM, &pThis->aCts[i].aIfs[j].aATAPICmd, sizeof(pThis->aCts[i].aIfs[j].aATAPICmd));
6765 SSMR3PutMem(pSSM, &pThis->aCts[i].aIfs[j].abATAPISense, sizeof(pThis->aCts[i].aIfs[j].abATAPISense));
6766 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].cNotifiedMediaChange);
6767 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].MediaEventStatus);
6768 SSMR3PutMem(pSSM, &pThis->aCts[i].aIfs[j].Led, sizeof(pThis->aCts[i].aIfs[j].Led));
6769 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].cbIOBuffer);
6770 if (pThis->aCts[i].aIfs[j].cbIOBuffer)
6771 SSMR3PutMem(pSSM, pThis->aCts[i].aIfs[j].CTX_SUFF(pbIOBuffer), pThis->aCts[i].aIfs[j].cbIOBuffer);
6772 else
6773 Assert(pThis->aCts[i].aIfs[j].CTX_SUFF(pbIOBuffer) == NULL);
6774 }
6775 }
6776
6777 return SSMR3PutU32(pSSM, ~0); /* sanity/terminator */
6778}
6779
6780/**
6781 * Converts the LUN number into a message string.
6782 */
6783static const char *ataR3StringifyLun(unsigned iLun)
6784{
6785 switch (iLun)
6786 {
6787 case 0: return "primary master";
6788 case 1: return "primary slave";
6789 case 2: return "secondary master";
6790 case 3: return "secondary slave";
6791 default: AssertFailedReturn("unknown lun");
6792 }
6793}
6794
6795/**
6796 * FNSSMDEVLOADEXEC
6797 */
6798static DECLCALLBACK(int) ataR3LoadExec(PPDMDEVINS pDevIns, PSSMHANDLE pSSM, uint32_t uVersion, uint32_t uPass)
6799{
6800 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6801 int rc;
6802 uint32_t u32;
6803
6804 if ( uVersion != ATA_SAVED_STATE_VERSION
6805 && uVersion != ATA_SAVED_STATE_VERSION_VBOX_30
6806 && uVersion != ATA_SAVED_STATE_VERSION_WITHOUT_FULL_SENSE
6807 && uVersion != ATA_SAVED_STATE_VERSION_WITHOUT_EVENT_STATUS
6808 && uVersion != ATA_SAVED_STATE_VERSION_WITH_BOOL_TYPE)
6809 {
6810 AssertMsgFailed(("uVersion=%d\n", uVersion));
6811 return VERR_SSM_UNSUPPORTED_DATA_UNIT_VERSION;
6812 }
6813
6814 /*
6815 * Verify the configuration.
6816 */
6817 if (uVersion > ATA_SAVED_STATE_VERSION_VBOX_30)
6818 {
6819 uint8_t u8Type;
6820 rc = SSMR3GetU8(pSSM, &u8Type);
6821 AssertRCReturn(rc, rc);
6822 if (u8Type != pThis->u8Type)
6823 return SSMR3SetCfgError(pSSM, RT_SRC_POS, N_("Config mismatch: u8Type - saved=%u config=%u"), u8Type, pThis->u8Type);
6824
6825 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
6826 {
6827 bool fEnabled;
6828 rc = SSMR3GetBool(pSSM, &fEnabled);
6829 AssertRCReturn(rc, rc);
6830 if (!fEnabled)
6831 return SSMR3SetCfgError(pSSM, RT_SRC_POS, N_("Ctr#%u onfig mismatch: fEnabled != true"), i);
6832
6833 for (uint32_t j = 0; j < RT_ELEMENTS(pThis->aCts[i].aIfs); j++)
6834 {
6835 ATADevState const *pIf = &pThis->aCts[i].aIfs[j];
6836
6837 bool fInUse;
6838 rc = SSMR3GetBool(pSSM, &fInUse);
6839 AssertRCReturn(rc, rc);
6840 if (fInUse != (pIf->pDrvBase != NULL))
6841 return SSMR3SetCfgError(pSSM, RT_SRC_POS,
6842 N_("The %s VM is missing a %s device. Please make sure the source and target VMs have compatible storage configurations"),
6843 fInUse ? "target" : "source", ataR3StringifyLun(pIf->iLUN) );
6844
6845 char szSerialNumber[ATA_SERIAL_NUMBER_LENGTH+1];
6846 rc = SSMR3GetStrZ(pSSM, szSerialNumber, sizeof(szSerialNumber));
6847 AssertRCReturn(rc, rc);
6848 if (strcmp(szSerialNumber, pIf->szSerialNumber))
6849 LogRel(("PIIX3 ATA: LUN#%u config mismatch: Serial number - saved='%s' config='%s'\n",
6850 pIf->iLUN, szSerialNumber, pIf->szSerialNumber));
6851
6852 char szFirmwareRevision[ATA_FIRMWARE_REVISION_LENGTH+1];
6853 rc = SSMR3GetStrZ(pSSM, szFirmwareRevision, sizeof(szFirmwareRevision));
6854 AssertRCReturn(rc, rc);
6855 if (strcmp(szFirmwareRevision, pIf->szFirmwareRevision))
6856 LogRel(("PIIX3 ATA: LUN#%u config mismatch: Firmware revision - saved='%s' config='%s'\n",
6857 pIf->iLUN, szFirmwareRevision, pIf->szFirmwareRevision));
6858
6859 char szModelNumber[ATA_MODEL_NUMBER_LENGTH+1];
6860 rc = SSMR3GetStrZ(pSSM, szModelNumber, sizeof(szModelNumber));
6861 AssertRCReturn(rc, rc);
6862 if (strcmp(szModelNumber, pIf->szModelNumber))
6863 LogRel(("PIIX3 ATA: LUN#%u config mismatch: Model number - saved='%s' config='%s'\n",
6864 pIf->iLUN, szModelNumber, pIf->szModelNumber));
6865 }
6866 }
6867 }
6868 if (uPass != SSM_PASS_FINAL)
6869 return VINF_SUCCESS;
6870
6871 /*
6872 * Restore valid parts of the PCIATAState structure
6873 */
6874 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
6875 {
6876 /* integrity check */
6877 if (!ataR3AsyncIOIsIdle(&pThis->aCts[i], false))
6878 {
6879 AssertMsgFailed(("Async I/O for controller %d is active\n", i));
6880 return VERR_INTERNAL_ERROR_4;
6881 }
6882
6883 SSMR3GetU8(pSSM, &pThis->aCts[i].iSelectedIf);
6884 SSMR3GetU8(pSSM, &pThis->aCts[i].iAIOIf);
6885 SSMR3GetU8(pSSM, &pThis->aCts[i].uAsyncIOState);
6886 SSMR3GetBool(pSSM, &pThis->aCts[i].fChainedTransfer);
6887 SSMR3GetBool(pSSM, (bool *)&pThis->aCts[i].fReset);
6888 SSMR3GetBool(pSSM, (bool *)&pThis->aCts[i].fRedo);
6889 SSMR3GetBool(pSSM, (bool *)&pThis->aCts[i].fRedoIdle);
6890 SSMR3GetBool(pSSM, (bool *)&pThis->aCts[i].fRedoDMALastDesc);
6891 SSMR3GetMem(pSSM, &pThis->aCts[i].BmDma, sizeof(pThis->aCts[i].BmDma));
6892 SSMR3GetGCPhys32(pSSM, &pThis->aCts[i].pFirstDMADesc);
6893 SSMR3GetGCPhys32(pSSM, &pThis->aCts[i].pLastDMADesc);
6894 SSMR3GetGCPhys32(pSSM, &pThis->aCts[i].pRedoDMABuffer);
6895 SSMR3GetU32(pSSM, &pThis->aCts[i].cbRedoDMABuffer);
6896
6897 for (uint32_t j = 0; j < RT_ELEMENTS(pThis->aCts[i].aIfs); j++)
6898 {
6899 SSMR3GetBool(pSSM, &pThis->aCts[i].aIfs[j].fLBA48);
6900 SSMR3GetBool(pSSM, &pThis->aCts[i].aIfs[j].fATAPI);
6901 SSMR3GetBool(pSSM, &pThis->aCts[i].aIfs[j].fIrqPending);
6902 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].cMultSectors);
6903 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].PCHSGeometry.cCylinders);
6904 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].PCHSGeometry.cHeads);
6905 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].PCHSGeometry.cSectors);
6906 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].cSectorsPerIRQ);
6907 SSMR3GetU64(pSSM, &pThis->aCts[i].aIfs[j].cTotalSectors);
6908 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegFeature);
6909 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegFeatureHOB);
6910 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegError);
6911 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegNSector);
6912 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegNSectorHOB);
6913 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegSector);
6914 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegSectorHOB);
6915 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegLCyl);
6916 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegLCylHOB);
6917 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegHCyl);
6918 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegHCylHOB);
6919 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegSelect);
6920 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegStatus);
6921 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegCommand);
6922 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegDevCtl);
6923 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATATransferMode);
6924 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uTxDir);
6925 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].iBeginTransfer);
6926 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].iSourceSink);
6927 SSMR3GetBool(pSSM, &pThis->aCts[i].aIfs[j].fDMA);
6928 SSMR3GetBool(pSSM, &pThis->aCts[i].aIfs[j].fATAPITransfer);
6929 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].cbTotalTransfer);
6930 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].cbElementaryTransfer);
6931 /* NB: cbPIOTransferLimit could be saved/restored but it's sufficient
6932 * to re-calculate it here, with a tiny risk that it could be
6933 * unnecessarily low for the current transfer only. Could be changed
6934 * when changing the saved state in the future.
6935 */
6936 pThis->aCts[i].aIfs[j].cbPIOTransferLimit = (pThis->aCts[i].aIfs[j].uATARegHCyl << 8) | pThis->aCts[i].aIfs[j].uATARegLCyl;
6937 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].iIOBufferCur);
6938 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].iIOBufferEnd);
6939 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].iIOBufferPIODataStart);
6940 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].iIOBufferPIODataEnd);
6941 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].iATAPILBA);
6942 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].cbATAPISector);
6943 SSMR3GetMem(pSSM, &pThis->aCts[i].aIfs[j].aATAPICmd, sizeof(pThis->aCts[i].aIfs[j].aATAPICmd));
6944 if (uVersion > ATA_SAVED_STATE_VERSION_WITHOUT_FULL_SENSE)
6945 {
6946 SSMR3GetMem(pSSM, pThis->aCts[i].aIfs[j].abATAPISense, sizeof(pThis->aCts[i].aIfs[j].abATAPISense));
6947 }
6948 else
6949 {
6950 uint8_t uATAPISenseKey, uATAPIASC;
6951 memset(pThis->aCts[i].aIfs[j].abATAPISense, '\0', sizeof(pThis->aCts[i].aIfs[j].abATAPISense));
6952 pThis->aCts[i].aIfs[j].abATAPISense[0] = 0x70 | (1 << 7);
6953 pThis->aCts[i].aIfs[j].abATAPISense[7] = 10;
6954 SSMR3GetU8(pSSM, &uATAPISenseKey);
6955 SSMR3GetU8(pSSM, &uATAPIASC);
6956 pThis->aCts[i].aIfs[j].abATAPISense[2] = uATAPISenseKey & 0x0f;
6957 pThis->aCts[i].aIfs[j].abATAPISense[12] = uATAPIASC;
6958 }
6959 /** @todo triple-check this hack after passthrough is working */
6960 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].cNotifiedMediaChange);
6961 if (uVersion > ATA_SAVED_STATE_VERSION_WITHOUT_EVENT_STATUS)
6962 SSMR3GetU32(pSSM, (uint32_t*)&pThis->aCts[i].aIfs[j].MediaEventStatus);
6963 else
6964 pThis->aCts[i].aIfs[j].MediaEventStatus = ATA_EVENT_STATUS_UNCHANGED;
6965 SSMR3GetMem(pSSM, &pThis->aCts[i].aIfs[j].Led, sizeof(pThis->aCts[i].aIfs[j].Led));
6966 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].cbIOBuffer);
6967 if (pThis->aCts[i].aIfs[j].cbIOBuffer)
6968 {
6969 if (pThis->aCts[i].aIfs[j].CTX_SUFF(pbIOBuffer))
6970 SSMR3GetMem(pSSM, pThis->aCts[i].aIfs[j].CTX_SUFF(pbIOBuffer), pThis->aCts[i].aIfs[j].cbIOBuffer);
6971 else
6972 {
6973 LogRel(("ATA: No buffer for %d/%d\n", i, j));
6974 if (SSMR3HandleGetAfter(pSSM) != SSMAFTER_DEBUG_IT)
6975 return SSMR3SetCfgError(pSSM, RT_SRC_POS, N_("No buffer for %d/%d"), i, j);
6976
6977 /* skip the buffer if we're loading for the debugger / animator. */
6978 uint8_t u8Ignored;
6979 size_t cbLeft = pThis->aCts[i].aIfs[j].cbIOBuffer;
6980 while (cbLeft-- > 0)
6981 SSMR3GetU8(pSSM, &u8Ignored);
6982 }
6983 }
6984 else
6985 Assert(pThis->aCts[i].aIfs[j].CTX_SUFF(pbIOBuffer) == NULL);
6986 }
6987 }
6988 if (uVersion <= ATA_SAVED_STATE_VERSION_VBOX_30)
6989 SSMR3GetU8(pSSM, &pThis->u8Type);
6990
6991 rc = SSMR3GetU32(pSSM, &u32);
6992 if (RT_FAILURE(rc))
6993 return rc;
6994 if (u32 != ~0U)
6995 {
6996 AssertMsgFailed(("u32=%#x expected ~0\n", u32));
6997 rc = VERR_SSM_DATA_UNIT_FORMAT_CHANGED;
6998 return rc;
6999 }
7000
7001 return VINF_SUCCESS;
7002}
7003
7004
7005/**
7006 * Callback employed by ataSuspend and ataR3PowerOff.
7007 *
7008 * @returns true if we've quiesced, false if we're still working.
7009 * @param pDevIns The device instance.
7010 */
7011static DECLCALLBACK(bool) ataR3IsAsyncSuspendOrPowerOffDone(PPDMDEVINS pDevIns)
7012{
7013 return ataR3AllAsyncIOIsIdle(pDevIns);
7014}
7015
7016
7017/**
7018 * Common worker for ataSuspend and ataR3PowerOff.
7019 */
7020static void ataR3SuspendOrPowerOff(PPDMDEVINS pDevIns)
7021{
7022 if (!ataR3AllAsyncIOIsIdle(pDevIns))
7023 PDMDevHlpSetAsyncNotification(pDevIns, ataR3IsAsyncSuspendOrPowerOffDone);
7024}
7025
7026
7027/**
7028 * Power Off notification.
7029 *
7030 * @returns VBox status code.
7031 * @param pDevIns The device instance data.
7032 */
7033static DECLCALLBACK(void) ataR3PowerOff(PPDMDEVINS pDevIns)
7034{
7035 Log(("%s:\n", __FUNCTION__));
7036 ataR3SuspendOrPowerOff(pDevIns);
7037}
7038
7039
7040/**
7041 * Suspend notification.
7042 *
7043 * @returns VBox status code.
7044 * @param pDevIns The device instance data.
7045 */
7046static DECLCALLBACK(void) ataR3Suspend(PPDMDEVINS pDevIns)
7047{
7048 Log(("%s:\n", __FUNCTION__));
7049 ataR3SuspendOrPowerOff(pDevIns);
7050}
7051
7052
7053/**
7054 * Callback employed by ataR3Reset.
7055 *
7056 * @returns true if we've quiesced, false if we're still working.
7057 * @param pDevIns The device instance.
7058 */
7059static DECLCALLBACK(bool) ataR3IsAsyncResetDone(PPDMDEVINS pDevIns)
7060{
7061 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
7062
7063 if (!ataR3AllAsyncIOIsIdle(pDevIns))
7064 return false;
7065
7066 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
7067 {
7068 PDMCritSectEnter(&pThis->aCts[i].lock, VERR_INTERNAL_ERROR);
7069 for (uint32_t j = 0; j < RT_ELEMENTS(pThis->aCts[i].aIfs); j++)
7070 ataR3ResetDevice(&pThis->aCts[i].aIfs[j]);
7071 PDMCritSectLeave(&pThis->aCts[i].lock);
7072 }
7073 return true;
7074}
7075
7076
7077/**
7078 * Common reset worker for ataR3Reset and ataR3Construct.
7079 *
7080 * @returns VBox status code.
7081 * @param pDevIns The device instance data.
7082 * @param fConstruct Indicates who is calling.
7083 */
7084static int ataR3ResetCommon(PPDMDEVINS pDevIns, bool fConstruct)
7085{
7086 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
7087
7088 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
7089 {
7090 PDMCritSectEnter(&pThis->aCts[i].lock, VERR_INTERNAL_ERROR);
7091
7092 pThis->aCts[i].iSelectedIf = 0;
7093 pThis->aCts[i].iAIOIf = 0;
7094 pThis->aCts[i].BmDma.u8Cmd = 0;
7095 /* Report that both drives present on the bus are in DMA mode. This
7096 * pretends that there is a BIOS that has set it up. Normal reset
7097 * default is 0x00. */
7098 pThis->aCts[i].BmDma.u8Status = (pThis->aCts[i].aIfs[0].pDrvBase != NULL ? BM_STATUS_D0DMA : 0)
7099 | (pThis->aCts[i].aIfs[1].pDrvBase != NULL ? BM_STATUS_D1DMA : 0);
7100 pThis->aCts[i].BmDma.pvAddr = 0;
7101
7102 pThis->aCts[i].fReset = true;
7103 pThis->aCts[i].fRedo = false;
7104 pThis->aCts[i].fRedoIdle = false;
7105 ataR3AsyncIOClearRequests(&pThis->aCts[i]);
7106 Log2(("%s: Ctl#%d: message to async I/O thread, reset controller\n", __FUNCTION__, i));
7107 ataHCAsyncIOPutRequest(&pThis->aCts[i], &g_ataResetARequest);
7108 ataHCAsyncIOPutRequest(&pThis->aCts[i], &g_ataResetCRequest);
7109
7110 PDMCritSectLeave(&pThis->aCts[i].lock);
7111 }
7112
7113 int rcRet = VINF_SUCCESS;
7114 if (!fConstruct)
7115 {
7116 /*
7117 * Setup asynchronous notification completion if the requests haven't
7118 * completed yet.
7119 */
7120 if (!ataR3IsAsyncResetDone(pDevIns))
7121 PDMDevHlpSetAsyncNotification(pDevIns, ataR3IsAsyncResetDone);
7122 }
7123 else
7124 {
7125 /*
7126 * Wait for the requests for complete.
7127 *
7128 * Would be real nice if we could do it all from EMT(0) and not
7129 * involve the worker threads, then we could dispense with all the
7130 * waiting and semaphore ping-pong here...
7131 */
7132 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
7133 {
7134 if (pThis->aCts[i].AsyncIOThread != NIL_RTTHREAD)
7135 {
7136 int rc = PDMCritSectEnter(&pThis->aCts[i].AsyncIORequestLock, VERR_IGNORED);
7137 AssertRC(rc);
7138
7139 ASMAtomicWriteBool(&pThis->aCts[i].fSignalIdle, true);
7140 rc = RTThreadUserReset(pThis->aCts[i].AsyncIOThread);
7141 AssertRC(rc);
7142
7143 rc = PDMCritSectLeave(&pThis->aCts[i].AsyncIORequestLock);
7144 AssertRC(rc);
7145
7146 if (!ataR3AsyncIOIsIdle(&pThis->aCts[i], false /*fStrict*/))
7147 {
7148 rc = RTThreadUserWait(pThis->aCts[i].AsyncIOThread, 30*1000 /*ms*/);
7149 if (RT_FAILURE(rc))
7150 rc = RTThreadUserWait(pThis->aCts[i].AsyncIOThread, 1000 /*ms*/);
7151 if (RT_FAILURE(rc))
7152 {
7153 AssertRC(rc);
7154 rcRet = rc;
7155 }
7156 }
7157 }
7158 ASMAtomicWriteBool(&pThis->aCts[i].fSignalIdle, false);
7159 }
7160 if (RT_SUCCESS(rcRet))
7161 {
7162 rcRet = ataR3IsAsyncResetDone(pDevIns) ? VINF_SUCCESS : VERR_INTERNAL_ERROR;
7163 AssertRC(rcRet);
7164 }
7165 }
7166 return rcRet;
7167}
7168
7169/**
7170 * Reset notification.
7171 *
7172 * @param pDevIns The device instance data.
7173 */
7174static DECLCALLBACK(void) ataR3Reset(PPDMDEVINS pDevIns)
7175{
7176 ataR3ResetCommon(pDevIns, false /*fConstruct*/);
7177}
7178
7179/**
7180 * @copydoc FNPDMDEVRELOCATE
7181 */
7182static DECLCALLBACK(void) ataR3Relocate(PPDMDEVINS pDevIns, RTGCINTPTR offDelta)
7183{
7184 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
7185
7186 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
7187 {
7188 pThis->aCts[i].pDevInsRC += offDelta;
7189 pThis->aCts[i].aIfs[0].pDevInsRC += offDelta;
7190 pThis->aCts[i].aIfs[0].pControllerRC += offDelta;
7191 ataR3RelocBuffer(pDevIns, &pThis->aCts[i].aIfs[0]);
7192 pThis->aCts[i].aIfs[1].pDevInsRC += offDelta;
7193 pThis->aCts[i].aIfs[1].pControllerRC += offDelta;
7194 ataR3RelocBuffer(pDevIns, &pThis->aCts[i].aIfs[1]);
7195 }
7196}
7197
7198/**
7199 * Destroy a driver instance.
7200 *
7201 * Most VM resources are freed by the VM. This callback is provided so that any non-VM
7202 * resources can be freed correctly.
7203 *
7204 * @param pDevIns The device instance data.
7205 */
7206static DECLCALLBACK(int) ataR3Destruct(PPDMDEVINS pDevIns)
7207{
7208 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
7209 int rc;
7210
7211 Log(("ataR3Destruct\n"));
7212 PDMDEV_CHECK_VERSIONS_RETURN_QUIET(pDevIns);
7213
7214 /*
7215 * Tell the async I/O threads to terminate.
7216 */
7217 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
7218 {
7219 if (pThis->aCts[i].AsyncIOThread != NIL_RTTHREAD)
7220 {
7221 ASMAtomicWriteU32(&pThis->aCts[i].fShutdown, true);
7222 rc = SUPSemEventSignal(pThis->aCts[i].pSupDrvSession, pThis->aCts[i].hAsyncIOSem);
7223 AssertRC(rc);
7224 rc = RTSemEventSignal(pThis->aCts[i].SuspendIOSem);
7225 AssertRC(rc);
7226 }
7227 }
7228
7229 /*
7230 * Wait for the threads to terminate before destroying their resources.
7231 */
7232 for (unsigned i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
7233 {
7234 if (pThis->aCts[i].AsyncIOThread != NIL_RTTHREAD)
7235 {
7236 rc = RTThreadWait(pThis->aCts[i].AsyncIOThread, 30000 /* 30 s*/, NULL);
7237 if (RT_SUCCESS(rc))
7238 pThis->aCts[i].AsyncIOThread = NIL_RTTHREAD;
7239 else
7240 LogRel(("PIIX3 ATA Dtor: Ctl#%u is still executing, DevSel=%d AIOIf=%d CmdIf0=%#04x CmdIf1=%#04x rc=%Rrc\n",
7241 i, pThis->aCts[i].iSelectedIf, pThis->aCts[i].iAIOIf,
7242 pThis->aCts[i].aIfs[0].uATARegCommand, pThis->aCts[i].aIfs[1].uATARegCommand, rc));
7243 }
7244 }
7245
7246 /*
7247 * Free resources.
7248 */
7249 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
7250 {
7251 if (PDMCritSectIsInitialized(&pThis->aCts[i].AsyncIORequestLock))
7252 PDMR3CritSectDelete(&pThis->aCts[i].AsyncIORequestLock);
7253 if (pThis->aCts[i].hAsyncIOSem != NIL_SUPSEMEVENT)
7254 {
7255 SUPSemEventClose(pThis->aCts[i].pSupDrvSession, pThis->aCts[i].hAsyncIOSem);
7256 pThis->aCts[i].hAsyncIOSem = NIL_SUPSEMEVENT;
7257 }
7258 if (pThis->aCts[i].SuspendIOSem != NIL_RTSEMEVENT)
7259 {
7260 RTSemEventDestroy(pThis->aCts[i].SuspendIOSem);
7261 pThis->aCts[i].SuspendIOSem = NIL_RTSEMEVENT;
7262 }
7263
7264 /* try one final time */
7265 if (pThis->aCts[i].AsyncIOThread != NIL_RTTHREAD)
7266 {
7267 rc = RTThreadWait(pThis->aCts[i].AsyncIOThread, 1 /*ms*/, NULL);
7268 if (RT_SUCCESS(rc))
7269 {
7270 pThis->aCts[i].AsyncIOThread = NIL_RTTHREAD;
7271 LogRel(("PIIX3 ATA Dtor: Ctl#%u actually completed.\n", i));
7272 }
7273 }
7274
7275 for (uint32_t iIf = 0; iIf < RT_ELEMENTS(pThis->aCts[i].aIfs); iIf++)
7276 {
7277 if (pThis->aCts[i].aIfs[iIf].pTrackList)
7278 {
7279 ATAPIPassthroughTrackListDestroy(pThis->aCts[i].aIfs[iIf].pTrackList);
7280 pThis->aCts[i].aIfs[iIf].pTrackList = NULL;
7281 }
7282 }
7283 }
7284
7285 return VINF_SUCCESS;
7286}
7287
7288/**
7289 * Convert config value to DEVPCBIOSBOOT.
7290 *
7291 * @returns VBox status code.
7292 * @param pDevIns The device instance data.
7293 * @param pCfg Configuration handle.
7294 * @param penmChipset Where to store the chipset type.
7295 */
7296static int ataR3ControllerFromCfg(PPDMDEVINS pDevIns, PCFGMNODE pCfg, CHIPSET *penmChipset)
7297{
7298 char szType[20];
7299
7300 int rc = CFGMR3QueryStringDef(pCfg, "Type", &szType[0], sizeof(szType), "PIIX4");
7301 if (RT_FAILURE(rc))
7302 return PDMDevHlpVMSetError(pDevIns, rc, RT_SRC_POS,
7303 N_("Configuration error: Querying \"Type\" as a string failed"));
7304 if (!strcmp(szType, "PIIX3"))
7305 *penmChipset = CHIPSET_PIIX3;
7306 else if (!strcmp(szType, "PIIX4"))
7307 *penmChipset = CHIPSET_PIIX4;
7308 else if (!strcmp(szType, "ICH6"))
7309 *penmChipset = CHIPSET_ICH6;
7310 else
7311 {
7312 PDMDevHlpVMSetError(pDevIns, rc, RT_SRC_POS,
7313 N_("Configuration error: The \"Type\" value \"%s\" is unknown"),
7314 szType);
7315 rc = VERR_INTERNAL_ERROR;
7316 }
7317 return rc;
7318}
7319
7320/**
7321 * @interface_method_impl{PDMDEVREG,pfnConstruct}
7322 */
7323static DECLCALLBACK(int) ataR3Construct(PPDMDEVINS pDevIns, int iInstance, PCFGMNODE pCfg)
7324{
7325 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
7326 PPDMIBASE pBase;
7327 int rc;
7328 bool fRCEnabled;
7329 bool fR0Enabled;
7330 uint32_t DelayIRQMillies;
7331
7332 Assert(iInstance == 0);
7333 PDMDEV_CHECK_VERSIONS_RETURN(pDevIns);
7334
7335 /*
7336 * Initialize NIL handle values (for the destructor).
7337 */
7338 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
7339 {
7340 pThis->aCts[i].hAsyncIOSem = NIL_SUPSEMEVENT;
7341 pThis->aCts[i].SuspendIOSem = NIL_RTSEMEVENT;
7342 pThis->aCts[i].AsyncIOThread = NIL_RTTHREAD;
7343 }
7344
7345 /*
7346 * Validate and read configuration.
7347 */
7348 if (!CFGMR3AreValuesValid(pCfg,
7349 "GCEnabled\0"
7350 "R0Enabled\0"
7351 "IRQDelay\0"
7352 "Type\0")
7353 /** @todo || invalid keys */)
7354 return PDMDEV_SET_ERROR(pDevIns, VERR_PDM_DEVINS_UNKNOWN_CFG_VALUES,
7355 N_("PIIX3 configuration error: unknown option specified"));
7356
7357 rc = CFGMR3QueryBoolDef(pCfg, "GCEnabled", &fRCEnabled, true);
7358 if (RT_FAILURE(rc))
7359 return PDMDEV_SET_ERROR(pDevIns, rc,
7360 N_("PIIX3 configuration error: failed to read GCEnabled as boolean"));
7361 Log(("%s: fRCEnabled=%d\n", __FUNCTION__, fRCEnabled));
7362
7363 rc = CFGMR3QueryBoolDef(pCfg, "R0Enabled", &fR0Enabled, true);
7364 if (RT_FAILURE(rc))
7365 return PDMDEV_SET_ERROR(pDevIns, rc,
7366 N_("PIIX3 configuration error: failed to read R0Enabled as boolean"));
7367 Log(("%s: fR0Enabled=%d\n", __FUNCTION__, fR0Enabled));
7368
7369 rc = CFGMR3QueryU32Def(pCfg, "IRQDelay", &DelayIRQMillies, 0);
7370 if (RT_FAILURE(rc))
7371 return PDMDEV_SET_ERROR(pDevIns, rc,
7372 N_("PIIX3 configuration error: failed to read IRQDelay as integer"));
7373 Log(("%s: DelayIRQMillies=%d\n", __FUNCTION__, DelayIRQMillies));
7374 Assert(DelayIRQMillies < 50);
7375
7376 CHIPSET enmChipset = CHIPSET_PIIX3;
7377 rc = ataR3ControllerFromCfg(pDevIns, pCfg, &enmChipset);
7378 if (RT_FAILURE(rc))
7379 return rc;
7380 pThis->u8Type = (uint8_t)enmChipset;
7381
7382 /*
7383 * Initialize data (most of it anyway).
7384 */
7385 /* Status LUN. */
7386 pThis->IBase.pfnQueryInterface = ataR3Status_QueryInterface;
7387 pThis->ILeds.pfnQueryStatusLed = ataR3Status_QueryStatusLed;
7388
7389 /* PCI configuration space. */
7390 PCIDevSetVendorId(&pThis->dev, 0x8086); /* Intel */
7391
7392 /*
7393 * When adding more IDE chipsets, don't forget to update pci_bios_init_device()
7394 * as it explicitly checks for PCI id for IDE controllers.
7395 */
7396 switch (pThis->u8Type)
7397 {
7398 case CHIPSET_ICH6:
7399 PCIDevSetDeviceId(&pThis->dev, 0x269e); /* ICH6 IDE */
7400 /** @todo: do we need it? Do we need anything else? */
7401 pThis->dev.config[0x48] = 0x00; /* UDMACTL */
7402 pThis->dev.config[0x4A] = 0x00; /* UDMATIM */
7403 pThis->dev.config[0x4B] = 0x00;
7404 {
7405 /*
7406 * See www.intel.com/Assets/PDF/manual/298600.pdf p. 30
7407 * Report
7408 * WR_Ping-Pong_EN: must be set
7409 * PCR0, PCR1: 80-pin primary cable reporting for both disks
7410 * SCR0, SCR1: 80-pin secondary cable reporting for both disks
7411 */
7412 uint16_t u16Config = (1<<10) | (1<<7) | (1<<6) | (1<<5) | (1<<4) ;
7413 pThis->dev.config[0x54] = u16Config & 0xff;
7414 pThis->dev.config[0x55] = u16Config >> 8;
7415 }
7416 break;
7417 case CHIPSET_PIIX4:
7418 PCIDevSetDeviceId(&pThis->dev, 0x7111); /* PIIX4 IDE */
7419 PCIDevSetRevisionId(&pThis->dev, 0x01); /* PIIX4E */
7420 pThis->dev.config[0x48] = 0x00; /* UDMACTL */
7421 pThis->dev.config[0x4A] = 0x00; /* UDMATIM */
7422 pThis->dev.config[0x4B] = 0x00;
7423 break;
7424 case CHIPSET_PIIX3:
7425 PCIDevSetDeviceId(&pThis->dev, 0x7010); /* PIIX3 IDE */
7426 break;
7427 default:
7428 AssertMsgFailed(("Unsupported IDE chipset type: %d\n", pThis->u8Type));
7429 }
7430
7431 PCIDevSetCommand( &pThis->dev, PCI_COMMAND_IOACCESS | PCI_COMMAND_MEMACCESS | PCI_COMMAND_BUSMASTER);
7432 PCIDevSetClassProg( &pThis->dev, 0x8a); /* programming interface = PCI_IDE bus master is supported */
7433 PCIDevSetClassSub( &pThis->dev, 0x01); /* class_sub = PCI_IDE */
7434 PCIDevSetClassBase( &pThis->dev, 0x01); /* class_base = PCI_mass_storage */
7435 PCIDevSetHeaderType(&pThis->dev, 0x00);
7436
7437 pThis->pDevIns = pDevIns;
7438 pThis->fRCEnabled = fRCEnabled;
7439 pThis->fR0Enabled = fR0Enabled;
7440 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
7441 {
7442 pThis->aCts[i].pDevInsR3 = pDevIns;
7443 pThis->aCts[i].pDevInsR0 = PDMDEVINS_2_R0PTR(pDevIns);
7444 pThis->aCts[i].pDevInsRC = PDMDEVINS_2_RCPTR(pDevIns);
7445 pThis->aCts[i].DelayIRQMillies = (uint32_t)DelayIRQMillies;
7446 for (uint32_t j = 0; j < RT_ELEMENTS(pThis->aCts[i].aIfs); j++)
7447 {
7448 ATADevState *pIf = &pThis->aCts[i].aIfs[j];
7449
7450 pIf->iLUN = i * RT_ELEMENTS(pThis->aCts) + j;
7451 pIf->pDevInsR3 = pDevIns;
7452 pIf->pDevInsR0 = PDMDEVINS_2_R0PTR(pDevIns);
7453 pIf->pDevInsRC = PDMDEVINS_2_RCPTR(pDevIns);
7454 pIf->pControllerR3 = &pThis->aCts[i];
7455 pIf->pControllerR0 = MMHyperR3ToR0(PDMDevHlpGetVM(pDevIns), &pThis->aCts[i]);
7456 pIf->pControllerRC = MMHyperR3ToRC(PDMDevHlpGetVM(pDevIns), &pThis->aCts[i]);
7457 pIf->IBase.pfnQueryInterface = ataR3QueryInterface;
7458 pIf->IMountNotify.pfnMountNotify = ataR3MountNotify;
7459 pIf->IMountNotify.pfnUnmountNotify = ataR3UnmountNotify;
7460 pIf->IPort.pfnQueryDeviceLocation = ataR3QueryDeviceLocation;
7461 pIf->Led.u32Magic = PDMLED_MAGIC;
7462 }
7463 }
7464
7465 Assert(RT_ELEMENTS(pThis->aCts) == 2);
7466 pThis->aCts[0].irq = 14;
7467 pThis->aCts[0].IOPortBase1 = 0x1f0;
7468 pThis->aCts[0].IOPortBase2 = 0x3f6;
7469 pThis->aCts[1].irq = 15;
7470 pThis->aCts[1].IOPortBase1 = 0x170;
7471 pThis->aCts[1].IOPortBase2 = 0x376;
7472
7473 /*
7474 * Set the default critical section to NOP as we lock on controller level.
7475 */
7476 rc = PDMDevHlpSetDeviceCritSect(pDevIns, PDMDevHlpCritSectGetNop(pDevIns));
7477 AssertRCReturn(rc, rc);
7478
7479 /*
7480 * Register the PCI device.
7481 * N.B. There's a hack in the PIIX3 PCI bridge device to assign this
7482 * device the slot next to itself.
7483 */
7484 rc = PDMDevHlpPCIRegister(pDevIns, &pThis->dev);
7485 if (RT_FAILURE(rc))
7486 return PDMDEV_SET_ERROR(pDevIns, rc,
7487 N_("PIIX3 cannot register PCI device"));
7488 //AssertMsg(pThis->dev.devfn == 9 || iInstance != 0, ("pThis->dev.devfn=%d\n", pThis->dev.devfn));
7489 rc = PDMDevHlpPCIIORegionRegister(pDevIns, 4, 0x10, PCI_ADDRESS_SPACE_IO, ataR3BMDMAIORangeMap);
7490 if (RT_FAILURE(rc))
7491 return PDMDEV_SET_ERROR(pDevIns, rc,
7492 N_("PIIX3 cannot register PCI I/O region for BMDMA"));
7493
7494 /*
7495 * Register the I/O ports.
7496 * The ports are all hardcoded and enforced by the PIIX3 host bridge controller.
7497 */
7498 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
7499 {
7500 rc = PDMDevHlpIOPortRegister(pDevIns, pThis->aCts[i].IOPortBase1, 1, (RTHCPTR)(uintptr_t)i,
7501 ataIOPortWrite1Data, ataIOPortRead1Data,
7502 ataIOPortWriteStr1Data, ataIOPortReadStr1Data, "ATA I/O Base 1 - Data");
7503 AssertLogRelRCReturn(rc, rc);
7504 rc = PDMDevHlpIOPortRegister(pDevIns, pThis->aCts[i].IOPortBase1 + 1, 7, (RTHCPTR)(uintptr_t)i,
7505 ataIOPortWrite1Other, ataIOPortRead1Other, NULL, NULL, "ATA I/O Base 1 - Other");
7506
7507 AssertLogRelRCReturn(rc, rc);
7508 if (fRCEnabled)
7509 {
7510 rc = PDMDevHlpIOPortRegisterRC(pDevIns, pThis->aCts[i].IOPortBase1, 1, (RTGCPTR)i,
7511 "ataIOPortWrite1Data", "ataIOPortRead1Data",
7512 "ataIOPortWriteStr1Data", "ataIOPortReadStr1Data", "ATA I/O Base 1 - Data");
7513 AssertLogRelRCReturn(rc, rc);
7514 rc = PDMDevHlpIOPortRegisterRC(pDevIns, pThis->aCts[i].IOPortBase1 + 1, 7, (RTGCPTR)i,
7515 "ataIOPortWrite1Other", "ataIOPortRead1Other", NULL, NULL, "ATA I/O Base 1 - Other");
7516 AssertLogRelRCReturn(rc, rc);
7517 }
7518
7519 if (fR0Enabled)
7520 {
7521#if 0
7522 rc = PDMDevHlpIOPortRegisterR0(pDevIns, pThis->aCts[i].IOPortBase1, 1, (RTR0PTR)i,
7523 "ataIOPortWrite1Data", "ataIOPortRead1Data", NULL, NULL, "ATA I/O Base 1 - Data");
7524#else
7525 rc = PDMDevHlpIOPortRegisterR0(pDevIns, pThis->aCts[i].IOPortBase1, 1, (RTR0PTR)i,
7526 "ataIOPortWrite1Data", "ataIOPortRead1Data",
7527 "ataIOPortWriteStr1Data", "ataIOPortReadStr1Data", "ATA I/O Base 1 - Data");
7528#endif
7529 AssertLogRelRCReturn(rc, rc);
7530 rc = PDMDevHlpIOPortRegisterR0(pDevIns, pThis->aCts[i].IOPortBase1 + 1, 7, (RTR0PTR)i,
7531 "ataIOPortWrite1Other", "ataIOPortRead1Other", NULL, NULL, "ATA I/O Base 1 - Other");
7532 AssertLogRelRCReturn(rc, rc);
7533 }
7534
7535 rc = PDMDevHlpIOPortRegister(pDevIns, pThis->aCts[i].IOPortBase2, 1, (RTHCPTR)(uintptr_t)i,
7536 ataIOPortWrite2, ataIOPortRead2, NULL, NULL, "ATA I/O Base 2");
7537 if (RT_FAILURE(rc))
7538 return PDMDEV_SET_ERROR(pDevIns, rc, N_("PIIX3 cannot register base2 I/O handlers"));
7539
7540 if (fRCEnabled)
7541 {
7542 rc = PDMDevHlpIOPortRegisterRC(pDevIns, pThis->aCts[i].IOPortBase2, 1, (RTGCPTR)i,
7543 "ataIOPortWrite2", "ataIOPortRead2", NULL, NULL, "ATA I/O Base 2");
7544 if (RT_FAILURE(rc))
7545 return PDMDEV_SET_ERROR(pDevIns, rc, N_("PIIX3 cannot register base2 I/O handlers (GC)"));
7546 }
7547 if (fR0Enabled)
7548 {
7549 rc = PDMDevHlpIOPortRegisterR0(pDevIns, pThis->aCts[i].IOPortBase2, 1, (RTR0PTR)i,
7550 "ataIOPortWrite2", "ataIOPortRead2", NULL, NULL, "ATA I/O Base 2");
7551 if (RT_FAILURE(rc))
7552 return PDMDEV_SET_ERROR(pDevIns, rc, N_("PIIX3 cannot register base2 I/O handlers (R0)"));
7553 }
7554
7555 for (uint32_t j = 0; j < RT_ELEMENTS(pThis->aCts[i].aIfs); j++)
7556 {
7557 ATADevState *pIf = &pThis->aCts[i].aIfs[j];
7558 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatATADMA, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_OCCURENCES,
7559 "Number of ATA DMA transfers.", "/Devices/IDE%d/ATA%d/Unit%d/DMA", iInstance, i, j);
7560 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatATAPIO, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_OCCURENCES,
7561 "Number of ATA PIO transfers.", "/Devices/IDE%d/ATA%d/Unit%d/PIO", iInstance, i, j);
7562 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatATAPIDMA, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_OCCURENCES,
7563 "Number of ATAPI DMA transfers.", "/Devices/IDE%d/ATA%d/Unit%d/AtapiDMA", iInstance, i, j);
7564 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatATAPIPIO, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_OCCURENCES,
7565 "Number of ATAPI PIO transfers.", "/Devices/IDE%d/ATA%d/Unit%d/AtapiPIO", iInstance, i, j);
7566#ifdef VBOX_WITH_STATISTICS /** @todo release too. */
7567 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatReads, STAMTYPE_PROFILE_ADV, STAMVISIBILITY_ALWAYS, STAMUNIT_TICKS_PER_CALL,
7568 "Profiling of the read operations.", "/Devices/IDE%d/ATA%d/Unit%d/Reads", iInstance, i, j);
7569#endif
7570 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatBytesRead, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_BYTES,
7571 "Amount of data read.", "/Devices/IDE%d/ATA%d/Unit%d/ReadBytes", iInstance, i, j);
7572#ifdef VBOX_INSTRUMENT_DMA_WRITES
7573 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatInstrVDWrites,STAMTYPE_PROFILE_ADV, STAMVISIBILITY_ALWAYS, STAMUNIT_TICKS_PER_CALL,
7574 "Profiling of the VD DMA write operations.", "/Devices/IDE%d/ATA%d/Unit%d/InstrVDWrites", iInstance, i, j);
7575#endif
7576#ifdef VBOX_WITH_STATISTICS
7577 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatWrites, STAMTYPE_PROFILE_ADV, STAMVISIBILITY_ALWAYS, STAMUNIT_TICKS_PER_CALL,
7578 "Profiling of the write operations.", "/Devices/IDE%d/ATA%d/Unit%d/Writes", iInstance, i, j);
7579#endif
7580 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatBytesWritten, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_BYTES,
7581 "Amount of data written.", "/Devices/IDE%d/ATA%d/Unit%d/WrittenBytes", iInstance, i, j);
7582#ifdef VBOX_WITH_STATISTICS
7583 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatFlushes, STAMTYPE_PROFILE, STAMVISIBILITY_ALWAYS, STAMUNIT_TICKS_PER_CALL,
7584 "Profiling of the flush operations.", "/Devices/IDE%d/ATA%d/Unit%d/Flushes", iInstance, i, j);
7585#endif
7586 }
7587#ifdef VBOX_WITH_STATISTICS /** @todo release too. */
7588 PDMDevHlpSTAMRegisterF(pDevIns, &pThis->aCts[i].StatAsyncOps, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_OCCURENCES,
7589 "The number of async operations.", "/Devices/IDE%d/ATA%d/Async/Operations", iInstance, i);
7590 /** @todo STAMUNIT_MICROSECS */
7591 PDMDevHlpSTAMRegisterF(pDevIns, &pThis->aCts[i].StatAsyncMinWait, STAMTYPE_U64_RESET, STAMVISIBILITY_ALWAYS, STAMUNIT_NONE,
7592 "Minimum wait in microseconds.", "/Devices/IDE%d/ATA%d/Async/MinWait", iInstance, i);
7593 PDMDevHlpSTAMRegisterF(pDevIns, &pThis->aCts[i].StatAsyncMaxWait, STAMTYPE_U64_RESET, STAMVISIBILITY_ALWAYS, STAMUNIT_NONE,
7594 "Maximum wait in microseconds.", "/Devices/IDE%d/ATA%d/Async/MaxWait", iInstance, i);
7595 PDMDevHlpSTAMRegisterF(pDevIns, &pThis->aCts[i].StatAsyncTimeUS, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_NONE,
7596 "Total time spent in microseconds.", "/Devices/IDE%d/ATA%d/Async/TotalTimeUS", iInstance, i);
7597 PDMDevHlpSTAMRegisterF(pDevIns, &pThis->aCts[i].StatAsyncTime, STAMTYPE_PROFILE_ADV, STAMVISIBILITY_ALWAYS, STAMUNIT_TICKS_PER_CALL,
7598 "Profiling of async operations.", "/Devices/IDE%d/ATA%d/Async/Time", iInstance, i);
7599 PDMDevHlpSTAMRegisterF(pDevIns, &pThis->aCts[i].StatLockWait, STAMTYPE_PROFILE, STAMVISIBILITY_ALWAYS, STAMUNIT_TICKS_PER_CALL,
7600 "Profiling of locks.", "/Devices/IDE%d/ATA%d/Async/LockWait", iInstance, i);
7601#endif /* VBOX_WITH_STATISTICS */
7602
7603 /* Initialize per-controller critical section. */
7604 rc = PDMDevHlpCritSectInit(pDevIns, &pThis->aCts[i].lock, RT_SRC_POS, "ATA#%u-Ctl", i);
7605 AssertLogRelRCReturn(rc, rc);
7606
7607 /* Initialize per-controller async I/O request critical section. */
7608 rc = PDMDevHlpCritSectInit(pDevIns, &pThis->aCts[i].AsyncIORequestLock, RT_SRC_POS, "ATA#%u-Req", i);
7609 AssertLogRelRCReturn(rc, rc);
7610 }
7611
7612 /*
7613 * Attach status driver (optional).
7614 */
7615 rc = PDMDevHlpDriverAttach(pDevIns, PDM_STATUS_LUN, &pThis->IBase, &pBase, "Status Port");
7616 if (RT_SUCCESS(rc))
7617 {
7618 pThis->pLedsConnector = PDMIBASE_QUERY_INTERFACE(pBase, PDMILEDCONNECTORS);
7619 pThis->pMediaNotify = PDMIBASE_QUERY_INTERFACE(pBase, PDMIMEDIANOTIFY);
7620 }
7621 else if (rc != VERR_PDM_NO_ATTACHED_DRIVER)
7622 {
7623 AssertMsgFailed(("Failed to attach to status driver. rc=%Rrc\n", rc));
7624 return PDMDEV_SET_ERROR(pDevIns, rc, N_("PIIX3 cannot attach to status driver"));
7625 }
7626
7627 /*
7628 * Attach the units.
7629 */
7630 uint32_t cbTotalBuffer = 0;
7631 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
7632 {
7633 PATACONTROLLER pCtl = &pThis->aCts[i];
7634
7635 /*
7636 * Start the worker thread.
7637 */
7638 pCtl->uAsyncIOState = ATA_AIO_NEW;
7639 pCtl->pSupDrvSession = PDMDevHlpGetSupDrvSession(pDevIns);
7640 rc = SUPSemEventCreate(pCtl->pSupDrvSession, &pCtl->hAsyncIOSem);
7641 AssertLogRelRCReturn(rc, rc);
7642 rc = RTSemEventCreate(&pCtl->SuspendIOSem);
7643 AssertLogRelRCReturn(rc, rc);
7644
7645 ataR3AsyncIOClearRequests(pCtl);
7646 rc = RTThreadCreateF(&pCtl->AsyncIOThread, ataR3AsyncIOThread, (void *)pCtl, 128*1024 /*cbStack*/,
7647 RTTHREADTYPE_IO, RTTHREADFLAGS_WAITABLE, "ATA-%u", i);
7648 AssertLogRelRCReturn(rc, rc);
7649 Assert( pCtl->AsyncIOThread != NIL_RTTHREAD && pCtl->hAsyncIOSem != NIL_SUPSEMEVENT
7650 && pCtl->SuspendIOSem != NIL_RTSEMEVENT && PDMCritSectIsInitialized(&pCtl->AsyncIORequestLock));
7651 Log(("%s: controller %d AIO thread id %#x; sem %p susp_sem %p\n", __FUNCTION__, i, pCtl->AsyncIOThread, pCtl->hAsyncIOSem, pCtl->SuspendIOSem));
7652
7653 for (uint32_t j = 0; j < RT_ELEMENTS(pCtl->aIfs); j++)
7654 {
7655 static const char *s_apszDescs[RT_ELEMENTS(pThis->aCts)][RT_ELEMENTS(pCtl->aIfs)] =
7656 {
7657 { "Primary Master", "Primary Slave" },
7658 { "Secondary Master", "Secondary Slave" }
7659 };
7660
7661 /*
7662 * Try attach the block device and get the interfaces,
7663 * required as well as optional.
7664 */
7665 ATADevState *pIf = &pCtl->aIfs[j];
7666
7667 rc = PDMDevHlpDriverAttach(pDevIns, pIf->iLUN, &pIf->IBase, &pIf->pDrvBase, s_apszDescs[i][j]);
7668 if (RT_SUCCESS(rc))
7669 {
7670 rc = ataR3ConfigLun(pDevIns, pIf);
7671 if (RT_SUCCESS(rc))
7672 {
7673 /*
7674 * Init vendor product data.
7675 */
7676 static const char *s_apszCFGMKeys[RT_ELEMENTS(pThis->aCts)][RT_ELEMENTS(pCtl->aIfs)] =
7677 {
7678 { "PrimaryMaster", "PrimarySlave" },
7679 { "SecondaryMaster", "SecondarySlave" }
7680 };
7681
7682 /* Generate a default serial number. */
7683 char szSerial[ATA_SERIAL_NUMBER_LENGTH+1];
7684 RTUUID Uuid;
7685 if (pIf->pDrvMedia)
7686 rc = pIf->pDrvMedia->pfnGetUuid(pIf->pDrvMedia, &Uuid);
7687 else
7688 RTUuidClear(&Uuid);
7689
7690 if (RT_FAILURE(rc) || RTUuidIsNull(&Uuid))
7691 {
7692 /* Generate a predictable serial for drives which don't have a UUID. */
7693 RTStrPrintf(szSerial, sizeof(szSerial), "VB%x-%04x%04x",
7694 pIf->iLUN + pDevIns->iInstance * 32,
7695 pThis->aCts[i].IOPortBase1, pThis->aCts[i].IOPortBase2);
7696 }
7697 else
7698 RTStrPrintf(szSerial, sizeof(szSerial), "VB%08x-%08x", Uuid.au32[0], Uuid.au32[3]);
7699
7700 /* Get user config if present using defaults otherwise. */
7701 PCFGMNODE pCfgNode = CFGMR3GetChild(pCfg, s_apszCFGMKeys[i][j]);
7702 rc = CFGMR3QueryStringDef(pCfgNode, "SerialNumber", pIf->szSerialNumber, sizeof(pIf->szSerialNumber),
7703 szSerial);
7704 if (RT_FAILURE(rc))
7705 {
7706 if (rc == VERR_CFGM_NOT_ENOUGH_SPACE)
7707 return PDMDEV_SET_ERROR(pDevIns, VERR_INVALID_PARAMETER,
7708 N_("PIIX3 configuration error: \"SerialNumber\" is longer than 20 bytes"));
7709 return PDMDEV_SET_ERROR(pDevIns, rc,
7710 N_("PIIX3 configuration error: failed to read \"SerialNumber\" as string"));
7711 }
7712
7713 rc = CFGMR3QueryStringDef(pCfgNode, "FirmwareRevision", pIf->szFirmwareRevision, sizeof(pIf->szFirmwareRevision),
7714 "1.0");
7715 if (RT_FAILURE(rc))
7716 {
7717 if (rc == VERR_CFGM_NOT_ENOUGH_SPACE)
7718 return PDMDEV_SET_ERROR(pDevIns, VERR_INVALID_PARAMETER,
7719 N_("PIIX3 configuration error: \"FirmwareRevision\" is longer than 8 bytes"));
7720 return PDMDEV_SET_ERROR(pDevIns, rc,
7721 N_("PIIX3 configuration error: failed to read \"FirmwareRevision\" as string"));
7722 }
7723
7724 rc = CFGMR3QueryStringDef(pCfgNode, "ModelNumber", pIf->szModelNumber, sizeof(pIf->szModelNumber),
7725 pIf->fATAPI ? "VBOX CD-ROM" : "VBOX HARDDISK");
7726 if (RT_FAILURE(rc))
7727 {
7728 if (rc == VERR_CFGM_NOT_ENOUGH_SPACE)
7729 return PDMDEV_SET_ERROR(pDevIns, VERR_INVALID_PARAMETER,
7730 N_("PIIX3 configuration error: \"ModelNumber\" is longer than 40 bytes"));
7731 return PDMDEV_SET_ERROR(pDevIns, rc,
7732 N_("PIIX3 configuration error: failed to read \"ModelNumber\" as string"));
7733 }
7734
7735 rc = CFGMR3QueryBoolDef(pCfgNode, "NonRotationalMedium", &pIf->fNonRotational, false);
7736 if (RT_FAILURE(rc))
7737 return PDMDEV_SET_ERROR(pDevIns, rc,
7738 N_("PIIX3 configuration error: failed to read \"NonRotationalMedium\" as boolean"));
7739
7740 /* There are three other identification strings for CD drives used for INQUIRY */
7741 if (pIf->fATAPI)
7742 {
7743 rc = CFGMR3QueryStringDef(pCfgNode, "ATAPIVendorId", pIf->szInquiryVendorId, sizeof(pIf->szInquiryVendorId),
7744 "VBOX");
7745 if (RT_FAILURE(rc))
7746 {
7747 if (rc == VERR_CFGM_NOT_ENOUGH_SPACE)
7748 return PDMDEV_SET_ERROR(pDevIns, VERR_INVALID_PARAMETER,
7749 N_("PIIX3 configuration error: \"ATAPIVendorId\" is longer than 16 bytes"));
7750 return PDMDEV_SET_ERROR(pDevIns, rc,
7751 N_("PIIX3 configuration error: failed to read \"ATAPIVendorId\" as string"));
7752 }
7753
7754 rc = CFGMR3QueryStringDef(pCfgNode, "ATAPIProductId", pIf->szInquiryProductId, sizeof(pIf->szInquiryProductId),
7755 "CD-ROM");
7756 if (RT_FAILURE(rc))
7757 {
7758 if (rc == VERR_CFGM_NOT_ENOUGH_SPACE)
7759 return PDMDEV_SET_ERROR(pDevIns, VERR_INVALID_PARAMETER,
7760 N_("PIIX3 configuration error: \"ATAPIProductId\" is longer than 16 bytes"));
7761 return PDMDEV_SET_ERROR(pDevIns, rc,
7762 N_("PIIX3 configuration error: failed to read \"ATAPIProductId\" as string"));
7763 }
7764
7765 rc = CFGMR3QueryStringDef(pCfgNode, "ATAPIRevision", pIf->szInquiryRevision, sizeof(pIf->szInquiryRevision),
7766 "1.0");
7767 if (RT_FAILURE(rc))
7768 {
7769 if (rc == VERR_CFGM_NOT_ENOUGH_SPACE)
7770 return PDMDEV_SET_ERROR(pDevIns, VERR_INVALID_PARAMETER,
7771 N_("PIIX3 configuration error: \"ATAPIRevision\" is longer than 4 bytes"));
7772 return PDMDEV_SET_ERROR(pDevIns, rc,
7773 N_("PIIX3 configuration error: failed to read \"ATAPIRevision\" as string"));
7774 }
7775
7776 rc = CFGMR3QueryBoolDef(pCfgNode, "OverwriteInquiry", &pIf->fOverwriteInquiry, true);
7777 if (RT_FAILURE(rc))
7778 return PDMDEV_SET_ERROR(pDevIns, rc,
7779 N_("PIIX3 configuration error: failed to read \"OverwriteInquiry\" as boolean"));
7780 }
7781 }
7782
7783 }
7784 else if (rc == VERR_PDM_NO_ATTACHED_DRIVER)
7785 {
7786 pIf->pDrvBase = NULL;
7787 pIf->pDrvMedia = NULL;
7788 pIf->cbIOBuffer = 0;
7789 pIf->pbIOBufferR3 = NULL;
7790 pIf->pbIOBufferR0 = NIL_RTR0PTR;
7791 pIf->pbIOBufferRC = NIL_RTGCPTR;
7792 LogRel(("PIIX3 ATA: LUN#%d: no unit\n", pIf->iLUN));
7793 }
7794 else
7795 {
7796 switch (rc)
7797 {
7798 case VERR_ACCESS_DENIED:
7799 /* Error already cached by DrvHostBase */
7800 return rc;
7801 default:
7802 return PDMDevHlpVMSetError(pDevIns, rc, RT_SRC_POS,
7803 N_("PIIX3 cannot attach drive to the %s"),
7804 s_apszDescs[i][j]);
7805 }
7806 }
7807 cbTotalBuffer += pIf->cbIOBuffer;
7808 }
7809 }
7810
7811 rc = PDMDevHlpSSMRegisterEx(pDevIns, ATA_SAVED_STATE_VERSION, sizeof(*pThis) + cbTotalBuffer, NULL,
7812 NULL, ataR3LiveExec, NULL,
7813 ataR3SaveLoadPrep, ataR3SaveExec, NULL,
7814 ataR3SaveLoadPrep, ataR3LoadExec, NULL);
7815 if (RT_FAILURE(rc))
7816 return PDMDEV_SET_ERROR(pDevIns, rc, N_("PIIX3 cannot register save state handlers"));
7817
7818 /*
7819 * Initialize the device state.
7820 */
7821 return ataR3ResetCommon(pDevIns, true /*fConstruct*/);
7822}
7823
7824
7825/**
7826 * The device registration structure.
7827 */
7828const PDMDEVREG g_DevicePIIX3IDE =
7829{
7830 /* u32Version */
7831 PDM_DEVREG_VERSION,
7832 /* szName */
7833 "piix3ide",
7834 /* szRCMod */
7835 "VBoxDDRC.rc",
7836 /* szR0Mod */
7837 "VBoxDDR0.r0",
7838 /* pszDescription */
7839 "Intel PIIX3 ATA controller.\n"
7840 " LUN #0 is primary master.\n"
7841 " LUN #1 is primary slave.\n"
7842 " LUN #2 is secondary master.\n"
7843 " LUN #3 is secondary slave.\n"
7844 " LUN #999 is the LED/Status connector.",
7845 /* fFlags */
7846 PDM_DEVREG_FLAGS_DEFAULT_BITS | PDM_DEVREG_FLAGS_RC | PDM_DEVREG_FLAGS_R0 |
7847 PDM_DEVREG_FLAGS_FIRST_SUSPEND_NOTIFICATION | PDM_DEVREG_FLAGS_FIRST_POWEROFF_NOTIFICATION |
7848 PDM_DEVREG_FLAGS_FIRST_RESET_NOTIFICATION,
7849 /* fClass */
7850 PDM_DEVREG_CLASS_STORAGE,
7851 /* cMaxInstances */
7852 1,
7853 /* cbInstance */
7854 sizeof(PCIATAState),
7855 /* pfnConstruct */
7856 ataR3Construct,
7857 /* pfnDestruct */
7858 ataR3Destruct,
7859 /* pfnRelocate */
7860 ataR3Relocate,
7861 /* pfnMemSetup */
7862 NULL,
7863 /* pfnPowerOn */
7864 NULL,
7865 /* pfnReset */
7866 ataR3Reset,
7867 /* pfnSuspend */
7868 ataR3Suspend,
7869 /* pfnResume */
7870 ataR3Resume,
7871 /* pfnAttach */
7872 ataR3Attach,
7873 /* pfnDetach */
7874 ataR3Detach,
7875 /* pfnQueryInterface. */
7876 NULL,
7877 /* pfnInitComplete */
7878 NULL,
7879 /* pfnPowerOff */
7880 ataR3PowerOff,
7881 /* pfnSoftReset */
7882 NULL,
7883 /* u32VersionEnd */
7884 PDM_DEVREG_VERSION
7885};
7886#endif /* IN_RING3 */
7887#endif /* !VBOX_DEVICE_STRUCT_TESTCASE */
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette