VirtualBox

source: vbox/trunk/src/VBox/Devices/Storage/DevATA.cpp@ 68369

Last change on this file since 68369 was 68369, checked in by vboxsync, 7 years ago

DevATA: bugref:8965: enable IDE0/IDE1 at device creation time as this is not properly done by the EFI if ICH9 is used

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 297.5 KB
Line 
1/* $Id: DevATA.cpp 68369 2017-08-10 13:15:16Z vboxsync $ */
2/** @file
3 * VBox storage devices: ATA/ATAPI controller device (disk and cdrom).
4 */
5
6/*
7 * Copyright (C) 2006-2016 Oracle Corporation
8 *
9 * This file is part of VirtualBox Open Source Edition (OSE), as
10 * available from http://www.virtualbox.org. This file is free software;
11 * you can redistribute it and/or modify it under the terms of the GNU
12 * General Public License (GPL) as published by the Free Software
13 * Foundation, in version 2 as it comes in the "COPYING" file of the
14 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
15 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
16 */
17
18
19/*********************************************************************************************************************************
20* Defined Constants And Macros *
21*********************************************************************************************************************************/
22/** Temporary instrumentation for tracking down potential virtual disk
23 * write performance issues. */
24#undef VBOX_INSTRUMENT_DMA_WRITES
25
26/** @name The SSM saved state versions.
27 * @{
28 */
29/** The current saved state version. */
30#define ATA_SAVED_STATE_VERSION 20
31/** The saved state version used by VirtualBox 3.0.
32 * This lacks the config part and has the type at the and. */
33#define ATA_SAVED_STATE_VERSION_VBOX_30 19
34#define ATA_SAVED_STATE_VERSION_WITH_BOOL_TYPE 18
35#define ATA_SAVED_STATE_VERSION_WITHOUT_FULL_SENSE 16
36#define ATA_SAVED_STATE_VERSION_WITHOUT_EVENT_STATUS 17
37/** @} */
38
39
40/*********************************************************************************************************************************
41* Header Files *
42*********************************************************************************************************************************/
43#define LOG_GROUP LOG_GROUP_DEV_IDE
44#include <VBox/vmm/pdmdev.h>
45#include <VBox/vmm/pdmstorageifs.h>
46#include <iprt/assert.h>
47#include <iprt/string.h>
48#ifdef IN_RING3
49# include <iprt/uuid.h>
50# include <iprt/semaphore.h>
51# include <iprt/thread.h>
52# include <iprt/time.h>
53# include <iprt/alloc.h>
54#endif /* IN_RING3 */
55#include <iprt/critsect.h>
56#include <iprt/asm.h>
57#include <VBox/vmm/stam.h>
58#include <VBox/vmm/mm.h>
59#include <VBox/vmm/pgm.h>
60
61#include <VBox/sup.h>
62#include <VBox/scsi.h>
63#include <VBox/scsiinline.h>
64#include <VBox/ata.h>
65
66#include "ATAPIPassthrough.h"
67#include "VBoxDD.h"
68
69
70/*********************************************************************************************************************************
71* Defined Constants And Macros *
72*********************************************************************************************************************************/
73/**
74 * Maximum number of sectors to transfer in a READ/WRITE MULTIPLE request.
75 * Set to 1 to disable multi-sector read support. According to the ATA
76 * specification this must be a power of 2 and it must fit in an 8 bit
77 * value. Thus the only valid values are 1, 2, 4, 8, 16, 32, 64 and 128.
78 */
79#define ATA_MAX_MULT_SECTORS 128
80
81/**
82 * Fastest PIO mode supported by the drive.
83 */
84#define ATA_PIO_MODE_MAX 4
85/**
86 * Fastest MDMA mode supported by the drive.
87 */
88#define ATA_MDMA_MODE_MAX 2
89/**
90 * Fastest UDMA mode supported by the drive.
91 */
92#define ATA_UDMA_MODE_MAX 6
93
94/** ATAPI sense info size. */
95#define ATAPI_SENSE_SIZE 64
96
97/** The maximum number of release log entries per device. */
98#define MAX_LOG_REL_ERRORS 1024
99
100/* MediaEventStatus */
101#define ATA_EVENT_STATUS_UNCHANGED 0 /**< medium event status not changed */
102#define ATA_EVENT_STATUS_MEDIA_NEW 1 /**< new medium inserted */
103#define ATA_EVENT_STATUS_MEDIA_REMOVED 2 /**< medium removed */
104#define ATA_EVENT_STATUS_MEDIA_CHANGED 3 /**< medium was removed + new medium was inserted */
105#define ATA_EVENT_STATUS_MEDIA_EJECT_REQUESTED 4 /**< medium eject requested (eject button pressed) */
106
107/* Media track type */
108#define ATA_MEDIA_TYPE_UNKNOWN 0 /**< unknown CD type */
109#define ATA_MEDIA_NO_DISC 0x70 /**< Door closed, no medium */
110
111/** @defgroup grp_piix3atabmdma PIIX3 ATA Bus Master DMA
112 * @{
113 */
114
115/** @name BM_STATUS
116 * @{
117 */
118/** Currently performing a DMA operation. */
119#define BM_STATUS_DMAING 0x01
120/** An error occurred during the DMA operation. */
121#define BM_STATUS_ERROR 0x02
122/** The DMA unit has raised the IDE interrupt line. */
123#define BM_STATUS_INT 0x04
124/** User-defined bit 0, commonly used to signal that drive 0 supports DMA. */
125#define BM_STATUS_D0DMA 0x20
126/** User-defined bit 1, commonly used to signal that drive 1 supports DMA. */
127#define BM_STATUS_D1DMA 0x40
128/** @} */
129
130/** @name BM_CMD
131 * @{
132 */
133/** Start the DMA operation. */
134#define BM_CMD_START 0x01
135/** Data transfer direction: from device to memory if set. */
136#define BM_CMD_WRITE 0x08
137/** @} */
138
139/** @} */
140
141/*********************************************************************************************************************************
142* Structures and Typedefs *
143*********************************************************************************************************************************/
144/** @defgroup grp_piix3atabmdma PIIX3 ATA Bus Master DMA
145 * @{
146 */
147/** PIIX3 Bus Master DMA unit state. */
148typedef struct BMDMAState
149{
150 /** Command register. */
151 uint8_t u8Cmd;
152 /** Status register. */
153 uint8_t u8Status;
154 /** Address of the MMIO region in the guest's memory space. */
155 RTGCPHYS32 GCPhysAddr;
156} BMDMAState;
157
158/** PIIX3 Bus Master DMA descriptor entry. */
159typedef struct BMDMADesc
160{
161 /** Address of the DMA source/target buffer. */
162 RTGCPHYS32 GCPhysBuffer;
163 /** Size of the DMA source/target buffer. */
164 uint32_t cbBuffer;
165} BMDMADesc;
166/** @} */
167
168
169/**
170 * The state of an ATA device.
171 *
172 * @implements PDMIBASE
173 * @implements PDMIBLOCKPORT
174 * @implements PDMIMOUNTNOTIFY
175 */
176typedef struct ATADevState
177{
178 /** Flag indicating whether the current command uses LBA48 mode. */
179 bool fLBA48;
180 /** Flag indicating whether this drive implements the ATAPI command set. */
181 bool fATAPI;
182 /** Set if this interface has asserted the IRQ. */
183 bool fIrqPending;
184 /** Currently configured number of sectors in a multi-sector transfer. */
185 uint8_t cMultSectors;
186 /** PCHS disk geometry. */
187 PDMMEDIAGEOMETRY PCHSGeometry;
188 /** Total number of sectors on this disk. */
189 uint64_t cTotalSectors;
190 /** Sector size of the medium. */
191 uint32_t cbSector;
192 /** Number of sectors to transfer per IRQ. */
193 uint32_t cSectorsPerIRQ;
194
195 /** ATA/ATAPI register 1: feature (write-only). */
196 uint8_t uATARegFeature;
197 /** ATA/ATAPI register 1: feature, high order byte. */
198 uint8_t uATARegFeatureHOB;
199 /** ATA/ATAPI register 1: error (read-only). */
200 uint8_t uATARegError;
201 /** ATA/ATAPI register 2: sector count (read/write). */
202 uint8_t uATARegNSector;
203 /** ATA/ATAPI register 2: sector count, high order byte. */
204 uint8_t uATARegNSectorHOB;
205 /** ATA/ATAPI register 3: sector (read/write). */
206 uint8_t uATARegSector;
207 /** ATA/ATAPI register 3: sector, high order byte. */
208 uint8_t uATARegSectorHOB;
209 /** ATA/ATAPI register 4: cylinder low (read/write). */
210 uint8_t uATARegLCyl;
211 /** ATA/ATAPI register 4: cylinder low, high order byte. */
212 uint8_t uATARegLCylHOB;
213 /** ATA/ATAPI register 5: cylinder high (read/write). */
214 uint8_t uATARegHCyl;
215 /** ATA/ATAPI register 5: cylinder high, high order byte. */
216 uint8_t uATARegHCylHOB;
217 /** ATA/ATAPI register 6: select drive/head (read/write). */
218 uint8_t uATARegSelect;
219 /** ATA/ATAPI register 7: status (read-only). */
220 uint8_t uATARegStatus;
221 /** ATA/ATAPI register 7: command (write-only). */
222 uint8_t uATARegCommand;
223 /** ATA/ATAPI drive control register (write-only). */
224 uint8_t uATARegDevCtl;
225
226 /** Currently active transfer mode (MDMA/UDMA) and speed. */
227 uint8_t uATATransferMode;
228 /** Current transfer direction. */
229 uint8_t uTxDir;
230 /** Index of callback for begin transfer. */
231 uint8_t iBeginTransfer;
232 /** Index of callback for source/sink of data. */
233 uint8_t iSourceSink;
234 /** Flag indicating whether the current command transfers data in DMA mode. */
235 bool fDMA;
236 /** Set to indicate that ATAPI transfer semantics must be used. */
237 bool fATAPITransfer;
238
239 /** Total ATA/ATAPI transfer size, shared PIO/DMA. */
240 uint32_t cbTotalTransfer;
241 /** Elementary ATA/ATAPI transfer size, shared PIO/DMA. */
242 uint32_t cbElementaryTransfer;
243 /** Maximum ATAPI elementary transfer size, PIO only. */
244 uint32_t cbPIOTransferLimit;
245 /** ATAPI passthrough transfer size, shared PIO/DMA */
246 uint32_t cbAtapiPassthroughTransfer;
247 /** Current read/write buffer position, shared PIO/DMA. */
248 uint32_t iIOBufferCur;
249 /** First element beyond end of valid buffer content, shared PIO/DMA. */
250 uint32_t iIOBufferEnd;
251 /** Align the following fields correctly. */
252 uint32_t Alignment0;
253
254 /** ATA/ATAPI current PIO read/write transfer position. Not shared with DMA for safety reasons. */
255 uint32_t iIOBufferPIODataStart;
256 /** ATA/ATAPI current PIO read/write transfer end. Not shared with DMA for safety reasons. */
257 uint32_t iIOBufferPIODataEnd;
258
259 /** ATAPI current LBA position. */
260 uint32_t iATAPILBA;
261 /** ATAPI current sector size. */
262 uint32_t cbATAPISector;
263 /** ATAPI current command. */
264 uint8_t aATAPICmd[ATAPI_PACKET_SIZE];
265 /** ATAPI sense data. */
266 uint8_t abATAPISense[ATAPI_SENSE_SIZE];
267 /** HACK: Countdown till we report a newly unmounted drive as mounted. */
268 uint8_t cNotifiedMediaChange;
269 /** The same for GET_EVENT_STATUS for mechanism */
270 volatile uint32_t MediaEventStatus;
271
272 /** Media type if known. */
273 volatile uint32_t MediaTrackType;
274
275 /** The status LED state for this drive. */
276 PDMLED Led;
277
278 /** Size of I/O buffer. */
279 uint32_t cbIOBuffer;
280 /** Pointer to the I/O buffer. */
281 R3PTRTYPE(uint8_t *) pbIOBufferR3;
282 /** Pointer to the I/O buffer. */
283 R0PTRTYPE(uint8_t *) pbIOBufferR0;
284 /** Pointer to the I/O buffer. */
285 RCPTRTYPE(uint8_t *) pbIOBufferRC;
286
287 RTRCPTR Aligmnent1; /**< Align the statistics at an 8-byte boundary. */
288
289 /*
290 * No data that is part of the saved state after this point!!!!!
291 */
292
293 /* Release statistics: number of ATA DMA commands. */
294 STAMCOUNTER StatATADMA;
295 /* Release statistics: number of ATA PIO commands. */
296 STAMCOUNTER StatATAPIO;
297 /* Release statistics: number of ATAPI PIO commands. */
298 STAMCOUNTER StatATAPIDMA;
299 /* Release statistics: number of ATAPI PIO commands. */
300 STAMCOUNTER StatATAPIPIO;
301#ifdef VBOX_INSTRUMENT_DMA_WRITES
302 /* Release statistics: number of DMA sector writes and the time spent. */
303 STAMPROFILEADV StatInstrVDWrites;
304#endif
305
306 /** Statistics: number of read operations and the time spent reading. */
307 STAMPROFILEADV StatReads;
308 /** Statistics: number of bytes read. */
309 STAMCOUNTER StatBytesRead;
310 /** Statistics: number of write operations and the time spent writing. */
311 STAMPROFILEADV StatWrites;
312 /** Statistics: number of bytes written. */
313 STAMCOUNTER StatBytesWritten;
314 /** Statistics: number of flush operations and the time spend flushing. */
315 STAMPROFILE StatFlushes;
316
317 /** Enable passing through commands directly to the ATAPI drive. */
318 bool fATAPIPassthrough;
319 /** Flag whether to overwrite inquiry data in passthrough mode. */
320 bool fOverwriteInquiry;
321 /** Number of errors we've reported to the release log.
322 * This is to prevent flooding caused by something going horribly wrong.
323 * this value against MAX_LOG_REL_ERRORS in places likely to cause floods
324 * like the ones we currently seeing on the linux smoke tests (2006-11-10). */
325 uint32_t cErrors;
326 /** Timestamp of last started command. 0 if no command pending. */
327 uint64_t u64CmdTS;
328
329 /** Pointer to the attached driver's base interface. */
330 R3PTRTYPE(PPDMIBASE) pDrvBase;
331 /** Pointer to the attached driver's block interface. */
332 R3PTRTYPE(PPDMIMEDIA) pDrvMedia;
333 /** Pointer to the attached driver's mount interface.
334 * This is NULL if the driver isn't a removable unit. */
335 R3PTRTYPE(PPDMIMOUNT) pDrvMount;
336 /** The base interface. */
337 PDMIBASE IBase;
338 /** The block port interface. */
339 PDMIMEDIAPORT IPort;
340 /** The mount notify interface. */
341 PDMIMOUNTNOTIFY IMountNotify;
342 /** The LUN #. */
343 RTUINT iLUN;
344#if HC_ARCH_BITS == 64
345 RTUINT Alignment2; /**< Align pDevInsR3 correctly. */
346#endif
347 /** Pointer to device instance. */
348 PPDMDEVINSR3 pDevInsR3;
349 /** Pointer to controller instance. */
350 R3PTRTYPE(struct ATACONTROLLER *) pControllerR3;
351 /** Pointer to device instance. */
352 PPDMDEVINSR0 pDevInsR0;
353 /** Pointer to controller instance. */
354 R0PTRTYPE(struct ATACONTROLLER *) pControllerR0;
355 /** Pointer to device instance. */
356 PPDMDEVINSRC pDevInsRC;
357 /** Pointer to controller instance. */
358 RCPTRTYPE(struct ATACONTROLLER *) pControllerRC;
359
360 /** The serial number to use for IDENTIFY DEVICE commands. */
361 char szSerialNumber[ATA_SERIAL_NUMBER_LENGTH+1];
362 /** The firmware revision to use for IDENTIFY DEVICE commands. */
363 char szFirmwareRevision[ATA_FIRMWARE_REVISION_LENGTH+1];
364 /** The model number to use for IDENTIFY DEVICE commands. */
365 char szModelNumber[ATA_MODEL_NUMBER_LENGTH+1];
366 /** The vendor identification string for SCSI INQUIRY commands. */
367 char szInquiryVendorId[SCSI_INQUIRY_VENDOR_ID_LENGTH+1];
368 /** The product identification string for SCSI INQUIRY commands. */
369 char szInquiryProductId[SCSI_INQUIRY_PRODUCT_ID_LENGTH+1];
370 /** The revision string for SCSI INQUIRY commands. */
371 char szInquiryRevision[SCSI_INQUIRY_REVISION_LENGTH+1];
372 /** The current tracklist of the loaded medium if passthrough is used. */
373 R3PTRTYPE(PTRACKLIST) pTrackList;
374
375 uint8_t abAlignment4[HC_ARCH_BITS == 64 ? 7 : 3];
376} ATADevState;
377AssertCompileMemberAlignment(ATADevState, cTotalSectors, 8);
378AssertCompileMemberAlignment(ATADevState, StatATADMA, 8);
379AssertCompileMemberAlignment(ATADevState, u64CmdTS, 8);
380AssertCompileMemberAlignment(ATADevState, pDevInsR3, 8);
381AssertCompileMemberAlignment(ATADevState, szSerialNumber, 8);
382AssertCompileSizeAlignment(ATADevState, 8);
383
384
385/**
386 * Transfer request forwarded to the async I/O thread.
387 */
388typedef struct ATATransferRequest
389{
390 /** The interface index the request is for. */
391 uint8_t iIf;
392 /** The index of the begin transfer callback to call. */
393 uint8_t iBeginTransfer;
394 /** The index of the source sink callback to call for doing the transfer. */
395 uint8_t iSourceSink;
396 /** How many bytes to transfer. */
397 uint32_t cbTotalTransfer;
398 /** Transfer direction. */
399 uint8_t uTxDir;
400} ATATransferRequest;
401
402
403/**
404 * Abort request forwarded to the async I/O thread.
405 */
406typedef struct ATAAbortRequest
407{
408 /** The interface index the request is for. */
409 uint8_t iIf;
410 /** Flag whether to reset the drive. */
411 bool fResetDrive;
412} ATAAbortRequest;
413
414
415/**
416 * Request type indicator.
417 */
418typedef enum
419{
420 /** Begin a new transfer. */
421 ATA_AIO_NEW = 0,
422 /** Continue a DMA transfer. */
423 ATA_AIO_DMA,
424 /** Continue a PIO transfer. */
425 ATA_AIO_PIO,
426 /** Reset the drives on current controller, stop all transfer activity. */
427 ATA_AIO_RESET_ASSERTED,
428 /** Reset the drives on current controller, resume operation. */
429 ATA_AIO_RESET_CLEARED,
430 /** Abort the current transfer of a particular drive. */
431 ATA_AIO_ABORT
432} ATAAIO;
433
434
435/**
436 * Combining structure for an ATA request to the async I/O thread
437 * started with the request type insicator.
438 */
439typedef struct ATARequest
440{
441 /** Request type. */
442 ATAAIO ReqType;
443 /** Request type dependent data. */
444 union
445 {
446 /** Transfer request specific data. */
447 ATATransferRequest t;
448 /** Abort request specific data. */
449 ATAAbortRequest a;
450 } u;
451} ATARequest;
452
453
454/**
455 * The state of an ATA controller containing to devices (master and slave).
456 */
457typedef struct ATACONTROLLER
458{
459 /** The base of the first I/O Port range. */
460 RTIOPORT IOPortBase1;
461 /** The base of the second I/O Port range. (0 if none) */
462 RTIOPORT IOPortBase2;
463 /** The assigned IRQ. */
464 RTUINT irq;
465 /** Access critical section */
466 PDMCRITSECT lock;
467
468 /** Selected drive. */
469 uint8_t iSelectedIf;
470 /** The interface on which to handle async I/O. */
471 uint8_t iAIOIf;
472 /** The state of the async I/O thread. */
473 uint8_t uAsyncIOState;
474 /** Flag indicating whether the next transfer is part of the current command. */
475 bool fChainedTransfer;
476 /** Set when the reset processing is currently active on this controller. */
477 bool fReset;
478 /** Flag whether the current transfer needs to be redone. */
479 bool fRedo;
480 /** Flag whether the redo suspend has been finished. */
481 bool fRedoIdle;
482 /** Flag whether the DMA operation to be redone is the final transfer. */
483 bool fRedoDMALastDesc;
484 /** The BusMaster DMA state. */
485 BMDMAState BmDma;
486 /** Pointer to first DMA descriptor. */
487 RTGCPHYS32 GCPhysFirstDMADesc;
488 /** Pointer to last DMA descriptor. */
489 RTGCPHYS32 GCPhysLastDMADesc;
490 /** Pointer to current DMA buffer (for redo operations). */
491 RTGCPHYS32 GCPhysRedoDMABuffer;
492 /** Size of current DMA buffer (for redo operations). */
493 uint32_t cbRedoDMABuffer;
494
495 /** The ATA/ATAPI interfaces of this controller. */
496 ATADevState aIfs[2];
497
498 /** Pointer to device instance. */
499 PPDMDEVINSR3 pDevInsR3;
500 /** Pointer to device instance. */
501 PPDMDEVINSR0 pDevInsR0;
502 /** Pointer to device instance. */
503 PPDMDEVINSRC pDevInsRC;
504
505 /** Set when the destroying the device instance and the thread must exit. */
506 uint32_t volatile fShutdown;
507 /** The async I/O thread handle. NIL_RTTHREAD if no thread. */
508 RTTHREAD AsyncIOThread;
509 /** The event semaphore the thread is waiting on for requests. */
510 SUPSEMEVENT hAsyncIOSem;
511 /** The support driver session handle. */
512 PSUPDRVSESSION pSupDrvSession;
513 /** The request queue for the AIO thread. One element is always unused. */
514 ATARequest aAsyncIORequests[4];
515 /** The position at which to insert a new request for the AIO thread. */
516 volatile uint8_t AsyncIOReqHead;
517 /** The position at which to get a new request for the AIO thread. */
518 volatile uint8_t AsyncIOReqTail;
519 /** Whether to call PDMDevHlpAsyncNotificationCompleted when idle. */
520 bool volatile fSignalIdle;
521 uint8_t Alignment3[1]; /**< Explicit padding of the 1 byte gap. */
522 /** Magic delay before triggering interrupts in DMA mode. */
523 uint32_t DelayIRQMillies;
524 /** The event semaphore the thread is waiting on during suspended I/O. */
525 RTSEMEVENT SuspendIOSem;
526 /** The lock protecting the request queue. */
527 PDMCRITSECT AsyncIORequestLock;
528
529 /** Timestamp we started the reset. */
530 uint64_t u64ResetTime;
531
532 /* Statistics */
533 STAMCOUNTER StatAsyncOps;
534 uint64_t StatAsyncMinWait;
535 uint64_t StatAsyncMaxWait;
536 STAMCOUNTER StatAsyncTimeUS;
537 STAMPROFILEADV StatAsyncTime;
538 STAMPROFILE StatLockWait;
539} ATACONTROLLER, *PATACONTROLLER;
540AssertCompileMemberAlignment(ATACONTROLLER, lock, 8);
541AssertCompileMemberAlignment(ATACONTROLLER, aIfs, 8);
542AssertCompileMemberAlignment(ATACONTROLLER, u64ResetTime, 8);
543AssertCompileMemberAlignment(ATACONTROLLER, StatAsyncOps, 8);
544AssertCompileMemberAlignment(ATACONTROLLER, AsyncIORequestLock, 8);
545AssertCompileSizeAlignment(ATACONTROLLER, 8);
546
547typedef enum CHIPSET
548{
549 /** PIIX3 chipset, must be 0 for saved state compatibility */
550 CHIPSET_PIIX3 = 0,
551 /** PIIX4 chipset, must be 1 for saved state compatibility */
552 CHIPSET_PIIX4 = 1,
553 /** ICH6 chipset */
554 CHIPSET_ICH6 = 2
555} CHIPSET;
556
557/**
558 * The state of the ATA PCI device.
559 *
560 * @extends PDMPCIDEV
561 * @implements PDMILEDPORTS
562 */
563typedef struct PCIATAState
564{
565 PDMPCIDEV dev;
566 /** The controllers. */
567 ATACONTROLLER aCts[2];
568 /** Pointer to device instance. */
569 PPDMDEVINSR3 pDevIns;
570 /** Status LUN: Base interface. */
571 PDMIBASE IBase;
572 /** Status LUN: Leds interface. */
573 PDMILEDPORTS ILeds;
574 /** Status LUN: Partner of ILeds. */
575 R3PTRTYPE(PPDMILEDCONNECTORS) pLedsConnector;
576 /** Status LUN: Media Notify. */
577 R3PTRTYPE(PPDMIMEDIANOTIFY) pMediaNotify;
578 /** Flag whether RC is enabled. */
579 bool fRCEnabled;
580 /** Flag whether R0 is enabled. */
581 bool fR0Enabled;
582 /** Flag indicating chipset being emulated. */
583 uint8_t u8Type;
584 bool Alignment0[HC_ARCH_BITS == 64 ? 5 : 1 ]; /**< Align the struct size. */
585} PCIATAState;
586
587#define ATACONTROLLER_IDX(pController) ( (pController) - PDMINS_2_DATA(CONTROLLER_2_DEVINS(pController), PCIATAState *)->aCts )
588
589#define ATADEVSTATE_2_CONTROLLER(pIf) ( (pIf)->CTX_SUFF(pController) )
590#define ATADEVSTATE_2_DEVINS(pIf) ( (pIf)->CTX_SUFF(pDevIns) )
591#define CONTROLLER_2_DEVINS(pController) ( (pController)->CTX_SUFF(pDevIns) )
592
593#ifndef VBOX_DEVICE_STRUCT_TESTCASE
594
595
596/*********************************************************************************************************************************
597* Internal Functions *
598*********************************************************************************************************************************/
599RT_C_DECLS_BEGIN
600
601PDMBOTHCBDECL(int) ataIOPortWrite1Data(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t u32, unsigned cb);
602PDMBOTHCBDECL(int) ataIOPortRead1Data(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t *u32, unsigned cb);
603PDMBOTHCBDECL(int) ataIOPortWriteStr1Data(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint8_t const *pbSrc,
604 uint32_t *pcTransfers, unsigned cb);
605PDMBOTHCBDECL(int) ataIOPortReadStr1Data(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint8_t *pbDst,
606 uint32_t *pcTransfers, unsigned cb);
607PDMBOTHCBDECL(int) ataIOPortWrite1Other(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t u32, unsigned cb);
608PDMBOTHCBDECL(int) ataIOPortRead1Other(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t *u32, unsigned cb);
609PDMBOTHCBDECL(int) ataIOPortWrite2(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t u32, unsigned cb);
610PDMBOTHCBDECL(int) ataIOPortRead2(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t *u32, unsigned cb);
611PDMBOTHCBDECL(int) ataBMDMAIOPortWrite(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t u32, unsigned cb);
612PDMBOTHCBDECL(int) ataBMDMAIOPortRead(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t *pu32, unsigned cb);
613RT_C_DECLS_END
614
615
616
617#ifdef IN_RING3
618DECLINLINE(void) ataSetStatusValue(ATADevState *s, uint8_t stat)
619{
620 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
621
622 /* Freeze status register contents while processing RESET. */
623 if (!pCtl->fReset)
624 {
625 s->uATARegStatus = stat;
626 Log2(("%s: LUN#%d status %#04x\n", __FUNCTION__, s->iLUN, s->uATARegStatus));
627 }
628}
629#endif /* IN_RING3 */
630
631
632DECLINLINE(void) ataSetStatus(ATADevState *s, uint8_t stat)
633{
634 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
635
636 /* Freeze status register contents while processing RESET. */
637 if (!pCtl->fReset)
638 {
639 s->uATARegStatus |= stat;
640 Log2(("%s: LUN#%d status %#04x\n", __FUNCTION__, s->iLUN, s->uATARegStatus));
641 }
642}
643
644
645DECLINLINE(void) ataUnsetStatus(ATADevState *s, uint8_t stat)
646{
647 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
648
649 /* Freeze status register contents while processing RESET. */
650 if (!pCtl->fReset)
651 {
652 s->uATARegStatus &= ~stat;
653 Log2(("%s: LUN#%d status %#04x\n", __FUNCTION__, s->iLUN, s->uATARegStatus));
654 }
655}
656
657#if defined(IN_RING3) || defined(IN_RING0)
658
659# ifdef IN_RING3
660typedef void (*PBeginTransferFunc)(ATADevState *);
661typedef bool (*PSourceSinkFunc)(ATADevState *);
662
663static void ataR3ReadWriteSectorsBT(ATADevState *);
664static void ataR3PacketBT(ATADevState *);
665static void atapiR3CmdBT(ATADevState *);
666static void atapiR3PassthroughCmdBT(ATADevState *);
667
668static bool ataR3IdentifySS(ATADevState *);
669static bool ataR3FlushSS(ATADevState *);
670static bool ataR3ReadSectorsSS(ATADevState *);
671static bool ataR3WriteSectorsSS(ATADevState *);
672static bool ataR3ExecuteDeviceDiagnosticSS(ATADevState *);
673static bool ataR3TrimSS(ATADevState *);
674static bool ataR3PacketSS(ATADevState *);
675static bool atapiR3GetConfigurationSS(ATADevState *);
676static bool atapiR3GetEventStatusNotificationSS(ATADevState *);
677static bool atapiR3IdentifySS(ATADevState *);
678static bool atapiR3InquirySS(ATADevState *);
679static bool atapiR3MechanismStatusSS(ATADevState *);
680static bool atapiR3ModeSenseErrorRecoverySS(ATADevState *);
681static bool atapiR3ModeSenseCDStatusSS(ATADevState *);
682static bool atapiR3ReadSS(ATADevState *);
683static bool atapiR3ReadCapacitySS(ATADevState *);
684static bool atapiR3ReadDiscInformationSS(ATADevState *);
685static bool atapiR3ReadTOCNormalSS(ATADevState *);
686static bool atapiR3ReadTOCMultiSS(ATADevState *);
687static bool atapiR3ReadTOCRawSS(ATADevState *);
688static bool atapiR3ReadTrackInformationSS(ATADevState *);
689static bool atapiR3RequestSenseSS(ATADevState *);
690static bool atapiR3PassthroughSS(ATADevState *);
691static bool atapiR3ReadDVDStructureSS(ATADevState *);
692# endif /* IN_RING3 */
693
694/**
695 * Begin of transfer function indexes for g_apfnBeginTransFuncs.
696 */
697typedef enum ATAFNBT
698{
699 ATAFN_BT_NULL = 0,
700 ATAFN_BT_READ_WRITE_SECTORS,
701 ATAFN_BT_PACKET,
702 ATAFN_BT_ATAPI_CMD,
703 ATAFN_BT_ATAPI_PASSTHROUGH_CMD,
704 ATAFN_BT_MAX
705} ATAFNBT;
706
707# ifdef IN_RING3
708/**
709 * Array of end transfer functions, the index is ATAFNET.
710 * Make sure ATAFNET and this array match!
711 */
712static const PBeginTransferFunc g_apfnBeginTransFuncs[ATAFN_BT_MAX] =
713{
714 NULL,
715 ataR3ReadWriteSectorsBT,
716 ataR3PacketBT,
717 atapiR3CmdBT,
718 atapiR3PassthroughCmdBT,
719};
720# endif /* IN_RING3 */
721
722/**
723 * Source/sink function indexes for g_apfnSourceSinkFuncs.
724 */
725typedef enum ATAFNSS
726{
727 ATAFN_SS_NULL = 0,
728 ATAFN_SS_IDENTIFY,
729 ATAFN_SS_FLUSH,
730 ATAFN_SS_READ_SECTORS,
731 ATAFN_SS_WRITE_SECTORS,
732 ATAFN_SS_EXECUTE_DEVICE_DIAGNOSTIC,
733 ATAFN_SS_TRIM,
734 ATAFN_SS_PACKET,
735 ATAFN_SS_ATAPI_GET_CONFIGURATION,
736 ATAFN_SS_ATAPI_GET_EVENT_STATUS_NOTIFICATION,
737 ATAFN_SS_ATAPI_IDENTIFY,
738 ATAFN_SS_ATAPI_INQUIRY,
739 ATAFN_SS_ATAPI_MECHANISM_STATUS,
740 ATAFN_SS_ATAPI_MODE_SENSE_ERROR_RECOVERY,
741 ATAFN_SS_ATAPI_MODE_SENSE_CD_STATUS,
742 ATAFN_SS_ATAPI_READ,
743 ATAFN_SS_ATAPI_READ_CAPACITY,
744 ATAFN_SS_ATAPI_READ_DISC_INFORMATION,
745 ATAFN_SS_ATAPI_READ_TOC_NORMAL,
746 ATAFN_SS_ATAPI_READ_TOC_MULTI,
747 ATAFN_SS_ATAPI_READ_TOC_RAW,
748 ATAFN_SS_ATAPI_READ_TRACK_INFORMATION,
749 ATAFN_SS_ATAPI_REQUEST_SENSE,
750 ATAFN_SS_ATAPI_PASSTHROUGH,
751 ATAFN_SS_ATAPI_READ_DVD_STRUCTURE,
752 ATAFN_SS_MAX
753} ATAFNSS;
754
755# ifdef IN_RING3
756/**
757 * Array of source/sink functions, the index is ATAFNSS.
758 * Make sure ATAFNSS and this array match!
759 */
760static const PSourceSinkFunc g_apfnSourceSinkFuncs[ATAFN_SS_MAX] =
761{
762 NULL,
763 ataR3IdentifySS,
764 ataR3FlushSS,
765 ataR3ReadSectorsSS,
766 ataR3WriteSectorsSS,
767 ataR3ExecuteDeviceDiagnosticSS,
768 ataR3TrimSS,
769 ataR3PacketSS,
770 atapiR3GetConfigurationSS,
771 atapiR3GetEventStatusNotificationSS,
772 atapiR3IdentifySS,
773 atapiR3InquirySS,
774 atapiR3MechanismStatusSS,
775 atapiR3ModeSenseErrorRecoverySS,
776 atapiR3ModeSenseCDStatusSS,
777 atapiR3ReadSS,
778 atapiR3ReadCapacitySS,
779 atapiR3ReadDiscInformationSS,
780 atapiR3ReadTOCNormalSS,
781 atapiR3ReadTOCMultiSS,
782 atapiR3ReadTOCRawSS,
783 atapiR3ReadTrackInformationSS,
784 atapiR3RequestSenseSS,
785 atapiR3PassthroughSS,
786 atapiR3ReadDVDStructureSS
787};
788# endif /* IN_RING3 */
789
790
791static const ATARequest g_ataDMARequest = { ATA_AIO_DMA, { { 0, 0, 0, 0, 0 } } };
792static const ATARequest g_ataPIORequest = { ATA_AIO_PIO, { { 0, 0, 0, 0, 0 } } };
793# ifdef IN_RING3
794static const ATARequest g_ataResetARequest = { ATA_AIO_RESET_ASSERTED, { { 0, 0, 0, 0, 0 } } };
795static const ATARequest g_ataResetCRequest = { ATA_AIO_RESET_CLEARED, { { 0, 0, 0, 0, 0 } } };
796# endif
797
798# ifdef IN_RING3
799static void ataR3AsyncIOClearRequests(PATACONTROLLER pCtl)
800{
801 int rc = PDMCritSectEnter(&pCtl->AsyncIORequestLock, VINF_SUCCESS);
802 AssertRC(rc);
803
804 pCtl->AsyncIOReqHead = 0;
805 pCtl->AsyncIOReqTail = 0;
806
807 rc = PDMCritSectLeave(&pCtl->AsyncIORequestLock);
808 AssertRC(rc);
809}
810# endif /* IN_RING3 */
811
812static void ataHCAsyncIOPutRequest(PATACONTROLLER pCtl, const ATARequest *pReq)
813{
814 int rc = PDMCritSectEnter(&pCtl->AsyncIORequestLock, VINF_SUCCESS);
815 AssertRC(rc);
816
817 Assert((pCtl->AsyncIOReqHead + 1) % RT_ELEMENTS(pCtl->aAsyncIORequests) != pCtl->AsyncIOReqTail);
818 memcpy(&pCtl->aAsyncIORequests[pCtl->AsyncIOReqHead], pReq, sizeof(*pReq));
819 pCtl->AsyncIOReqHead++;
820 pCtl->AsyncIOReqHead %= RT_ELEMENTS(pCtl->aAsyncIORequests);
821
822 rc = PDMCritSectLeave(&pCtl->AsyncIORequestLock);
823 AssertRC(rc);
824
825 rc = PDMHCCritSectScheduleExitEvent(&pCtl->lock, pCtl->hAsyncIOSem);
826 if (RT_FAILURE(rc))
827 {
828 rc = SUPSemEventSignal(pCtl->pSupDrvSession, pCtl->hAsyncIOSem);
829 AssertRC(rc);
830 }
831}
832
833# ifdef IN_RING3
834
835static const ATARequest *ataR3AsyncIOGetCurrentRequest(PATACONTROLLER pCtl)
836{
837 const ATARequest *pReq;
838
839 int rc = PDMCritSectEnter(&pCtl->AsyncIORequestLock, VINF_SUCCESS);
840 AssertRC(rc);
841
842 if (pCtl->AsyncIOReqHead != pCtl->AsyncIOReqTail)
843 pReq = &pCtl->aAsyncIORequests[pCtl->AsyncIOReqTail];
844 else
845 pReq = NULL;
846
847 rc = PDMCritSectLeave(&pCtl->AsyncIORequestLock);
848 AssertRC(rc);
849 return pReq;
850}
851
852
853/**
854 * Remove the request with the given type, as it's finished. The request
855 * is not removed blindly, as this could mean a RESET request that is not
856 * yet processed (but has cleared the request queue) is lost.
857 *
858 * @param pCtl Controller for which to remove the request.
859 * @param ReqType Type of the request to remove.
860 */
861static void ataR3AsyncIORemoveCurrentRequest(PATACONTROLLER pCtl, ATAAIO ReqType)
862{
863 int rc = PDMCritSectEnter(&pCtl->AsyncIORequestLock, VINF_SUCCESS);
864 AssertRC(rc);
865
866 if (pCtl->AsyncIOReqHead != pCtl->AsyncIOReqTail && pCtl->aAsyncIORequests[pCtl->AsyncIOReqTail].ReqType == ReqType)
867 {
868 pCtl->AsyncIOReqTail++;
869 pCtl->AsyncIOReqTail %= RT_ELEMENTS(pCtl->aAsyncIORequests);
870 }
871
872 rc = PDMCritSectLeave(&pCtl->AsyncIORequestLock);
873 AssertRC(rc);
874}
875
876
877/**
878 * Dump the request queue for a particular controller. First dump the queue
879 * contents, then the already processed entries, as long as they haven't been
880 * overwritten.
881 *
882 * @param pCtl Controller for which to dump the queue.
883 */
884static void ataR3AsyncIODumpRequests(PATACONTROLLER pCtl)
885{
886 int rc = PDMCritSectEnter(&pCtl->AsyncIORequestLock, VINF_SUCCESS);
887 AssertRC(rc);
888
889 LogRel(("PIIX3 ATA: Ctl#%d: request queue dump (topmost is current):\n", ATACONTROLLER_IDX(pCtl)));
890 uint8_t curr = pCtl->AsyncIOReqTail;
891 do
892 {
893 if (curr == pCtl->AsyncIOReqHead)
894 LogRel(("PIIX3 ATA: Ctl#%d: processed requests (topmost is oldest):\n", ATACONTROLLER_IDX(pCtl)));
895 switch (pCtl->aAsyncIORequests[curr].ReqType)
896 {
897 case ATA_AIO_NEW:
898 LogRel(("new transfer request, iIf=%d iBeginTransfer=%d iSourceSink=%d cbTotalTransfer=%d uTxDir=%d\n",
899 pCtl->aAsyncIORequests[curr].u.t.iIf, pCtl->aAsyncIORequests[curr].u.t.iBeginTransfer,
900 pCtl->aAsyncIORequests[curr].u.t.iSourceSink, pCtl->aAsyncIORequests[curr].u.t.cbTotalTransfer,
901 pCtl->aAsyncIORequests[curr].u.t.uTxDir));
902 break;
903 case ATA_AIO_DMA:
904 LogRel(("dma transfer continuation\n"));
905 break;
906 case ATA_AIO_PIO:
907 LogRel(("pio transfer continuation\n"));
908 break;
909 case ATA_AIO_RESET_ASSERTED:
910 LogRel(("reset asserted request\n"));
911 break;
912 case ATA_AIO_RESET_CLEARED:
913 LogRel(("reset cleared request\n"));
914 break;
915 case ATA_AIO_ABORT:
916 LogRel(("abort request, iIf=%d fResetDrive=%d\n", pCtl->aAsyncIORequests[curr].u.a.iIf,
917 pCtl->aAsyncIORequests[curr].u.a.fResetDrive));
918 break;
919 default:
920 LogRel(("unknown request %d\n", pCtl->aAsyncIORequests[curr].ReqType));
921 }
922 curr = (curr + 1) % RT_ELEMENTS(pCtl->aAsyncIORequests);
923 } while (curr != pCtl->AsyncIOReqTail);
924
925 rc = PDMCritSectLeave(&pCtl->AsyncIORequestLock);
926 AssertRC(rc);
927}
928
929
930/**
931 * Checks whether the request queue for a particular controller is empty
932 * or whether a particular controller is idle.
933 *
934 * @param pCtl Controller for which to check the queue.
935 * @param fStrict If set then the controller is checked to be idle.
936 */
937static bool ataR3AsyncIOIsIdle(PATACONTROLLER pCtl, bool fStrict)
938{
939 int rc = PDMCritSectEnter(&pCtl->AsyncIORequestLock, VINF_SUCCESS);
940 AssertRC(rc);
941
942 bool fIdle = pCtl->fRedoIdle;
943 if (!fIdle)
944 fIdle = (pCtl->AsyncIOReqHead == pCtl->AsyncIOReqTail);
945 if (fStrict)
946 fIdle &= (pCtl->uAsyncIOState == ATA_AIO_NEW);
947
948 rc = PDMCritSectLeave(&pCtl->AsyncIORequestLock);
949 AssertRC(rc);
950 return fIdle;
951}
952
953
954/**
955 * Send a transfer request to the async I/O thread.
956 *
957 * @param s Pointer to the ATA device state data.
958 * @param cbTotalTransfer Data transfer size.
959 * @param uTxDir Data transfer direction.
960 * @param iBeginTransfer Index of BeginTransfer callback.
961 * @param iSourceSink Index of SourceSink callback.
962 * @param fChainedTransfer Whether this is a transfer that is part of the previous command/transfer.
963 */
964static void ataR3StartTransfer(ATADevState *s, uint32_t cbTotalTransfer, uint8_t uTxDir, ATAFNBT iBeginTransfer,
965 ATAFNSS iSourceSink, bool fChainedTransfer)
966{
967 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
968 ATARequest Req;
969
970 Assert(PDMCritSectIsOwner(&pCtl->lock));
971
972 /* Do not issue new requests while the RESET line is asserted. */
973 if (pCtl->fReset)
974 {
975 Log2(("%s: Ctl#%d: suppressed new request as RESET is active\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
976 return;
977 }
978
979 /* If the controller is already doing something else right now, ignore
980 * the command that is being submitted. Some broken guests issue commands
981 * twice (e.g. the Linux kernel that comes with Acronis True Image 8). */
982 if (!fChainedTransfer && !ataR3AsyncIOIsIdle(pCtl, true /*fStrict*/))
983 {
984 Log(("%s: Ctl#%d: ignored command %#04x, controller state %d\n",
985 __FUNCTION__, ATACONTROLLER_IDX(pCtl), s->uATARegCommand, pCtl->uAsyncIOState));
986 LogRel(("PIIX3 IDE: guest issued command %#04x while controller busy\n", s->uATARegCommand));
987 return;
988 }
989
990 Req.ReqType = ATA_AIO_NEW;
991 if (fChainedTransfer)
992 Req.u.t.iIf = pCtl->iAIOIf;
993 else
994 Req.u.t.iIf = pCtl->iSelectedIf;
995 Req.u.t.cbTotalTransfer = cbTotalTransfer;
996 Req.u.t.uTxDir = uTxDir;
997 Req.u.t.iBeginTransfer = iBeginTransfer;
998 Req.u.t.iSourceSink = iSourceSink;
999 ataSetStatusValue(s, ATA_STAT_BUSY);
1000 pCtl->fChainedTransfer = fChainedTransfer;
1001
1002 /*
1003 * Kick the worker thread into action.
1004 */
1005 Log2(("%s: Ctl#%d: message to async I/O thread, new request\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
1006 ataHCAsyncIOPutRequest(pCtl, &Req);
1007}
1008
1009
1010/**
1011 * Send an abort command request to the async I/O thread.
1012 *
1013 * @param s Pointer to the ATA device state data.
1014 * @param fResetDrive Whether to reset the drive or just abort a command.
1015 */
1016static void ataR3AbortCurrentCommand(ATADevState *s, bool fResetDrive)
1017{
1018 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1019 ATARequest Req;
1020
1021 Assert(PDMCritSectIsOwner(&pCtl->lock));
1022
1023 /* Do not issue new requests while the RESET line is asserted. */
1024 if (pCtl->fReset)
1025 {
1026 Log2(("%s: Ctl#%d: suppressed aborting command as RESET is active\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
1027 return;
1028 }
1029
1030 Req.ReqType = ATA_AIO_ABORT;
1031 Req.u.a.iIf = pCtl->iSelectedIf;
1032 Req.u.a.fResetDrive = fResetDrive;
1033 ataSetStatus(s, ATA_STAT_BUSY);
1034 Log2(("%s: Ctl#%d: message to async I/O thread, abort command on LUN#%d\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl), s->iLUN));
1035 ataHCAsyncIOPutRequest(pCtl, &Req);
1036}
1037# endif /* IN_RING3 */
1038
1039static void ataHCSetIRQ(ATADevState *s)
1040{
1041 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1042 PPDMDEVINS pDevIns = ATADEVSTATE_2_DEVINS(s);
1043
1044 if (!(s->uATARegDevCtl & ATA_DEVCTL_DISABLE_IRQ))
1045 {
1046 Log2(("%s: LUN#%d asserting IRQ\n", __FUNCTION__, s->iLUN));
1047 /* The BMDMA unit unconditionally sets BM_STATUS_INT if the interrupt
1048 * line is asserted. It monitors the line for a rising edge. */
1049 if (!s->fIrqPending)
1050 pCtl->BmDma.u8Status |= BM_STATUS_INT;
1051 /* Only actually set the IRQ line if updating the currently selected drive. */
1052 if (s == &pCtl->aIfs[pCtl->iSelectedIf])
1053 {
1054 /** @todo experiment with adaptive IRQ delivery: for reads it is
1055 * better to wait for IRQ delivery, as it reduces latency. */
1056 if (pCtl->irq == 16)
1057 PDMDevHlpPCISetIrq(pDevIns, 0, 1);
1058 else
1059 PDMDevHlpISASetIrq(pDevIns, pCtl->irq, 1);
1060 }
1061 }
1062 s->fIrqPending = true;
1063}
1064
1065#endif /* IN_RING0 || IN_RING3 */
1066
1067static void ataUnsetIRQ(ATADevState *s)
1068{
1069 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1070 PPDMDEVINS pDevIns = ATADEVSTATE_2_DEVINS(s);
1071
1072 if (!(s->uATARegDevCtl & ATA_DEVCTL_DISABLE_IRQ))
1073 {
1074 Log2(("%s: LUN#%d deasserting IRQ\n", __FUNCTION__, s->iLUN));
1075 /* Only actually unset the IRQ line if updating the currently selected drive. */
1076 if (s == &pCtl->aIfs[pCtl->iSelectedIf])
1077 {
1078 if (pCtl->irq == 16)
1079 PDMDevHlpPCISetIrq(pDevIns, 0, 0);
1080 else
1081 PDMDevHlpISASetIrq(pDevIns, pCtl->irq, 0);
1082 }
1083 }
1084 s->fIrqPending = false;
1085}
1086
1087#if defined(IN_RING0) || defined(IN_RING3)
1088
1089static void ataHCPIOTransferStart(ATADevState *s, uint32_t start, uint32_t size)
1090{
1091 Log2(("%s: LUN#%d start %d size %d\n", __FUNCTION__, s->iLUN, start, size));
1092 s->iIOBufferPIODataStart = start;
1093 s->iIOBufferPIODataEnd = start + size;
1094 ataSetStatus(s, ATA_STAT_DRQ | ATA_STAT_SEEK);
1095 ataUnsetStatus(s, ATA_STAT_BUSY);
1096}
1097
1098
1099static void ataHCPIOTransferStop(ATADevState *s)
1100{
1101 Log2(("%s: LUN#%d\n", __FUNCTION__, s->iLUN));
1102 if (s->fATAPITransfer)
1103 {
1104 s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1105 Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
1106 ataHCSetIRQ(s);
1107 s->fATAPITransfer = false;
1108 }
1109 s->cbTotalTransfer = 0;
1110 s->cbElementaryTransfer = 0;
1111 s->iIOBufferPIODataStart = 0;
1112 s->iIOBufferPIODataEnd = 0;
1113 s->iBeginTransfer = ATAFN_BT_NULL;
1114 s->iSourceSink = ATAFN_SS_NULL;
1115}
1116
1117
1118static void ataHCPIOTransferLimitATAPI(ATADevState *s)
1119{
1120 uint32_t cbLimit, cbTransfer;
1121
1122 cbLimit = s->cbPIOTransferLimit;
1123 /* Use maximum transfer size if the guest requested 0. Avoids a hang. */
1124 if (cbLimit == 0)
1125 cbLimit = 0xfffe;
1126 Log2(("%s: byte count limit=%d\n", __FUNCTION__, cbLimit));
1127 if (cbLimit == 0xffff)
1128 cbLimit--;
1129 cbTransfer = RT_MIN(s->cbTotalTransfer, s->iIOBufferEnd - s->iIOBufferCur);
1130 if (cbTransfer > cbLimit)
1131 {
1132 /* Byte count limit for clipping must be even in this case */
1133 if (cbLimit & 1)
1134 cbLimit--;
1135 cbTransfer = cbLimit;
1136 }
1137 s->uATARegLCyl = cbTransfer;
1138 s->uATARegHCyl = cbTransfer >> 8;
1139 s->cbElementaryTransfer = cbTransfer;
1140}
1141
1142# ifdef IN_RING3
1143
1144/**
1145 * Enters the lock protecting the controller data against concurrent access.
1146 *
1147 * @returns nothing.
1148 * @param pCtl The controller to lock.
1149 */
1150DECLINLINE(void) ataR3LockEnter(PATACONTROLLER pCtl)
1151{
1152 STAM_PROFILE_START(&pCtl->StatLockWait, a);
1153 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
1154 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
1155}
1156
1157/**
1158 * Leaves the lock protecting the controller against concurrent data access.
1159 *
1160 * @returns nothing.
1161 * @param pCtl The controller to unlock.
1162 */
1163DECLINLINE(void) ataR3LockLeave(PATACONTROLLER pCtl)
1164{
1165 PDMCritSectLeave(&pCtl->lock);
1166}
1167
1168static uint32_t ataR3GetNSectors(ATADevState *s)
1169{
1170 /* 0 means either 256 (LBA28) or 65536 (LBA48) sectors. */
1171 if (s->fLBA48)
1172 {
1173 if (!s->uATARegNSector && !s->uATARegNSectorHOB)
1174 return 65536;
1175 else
1176 return s->uATARegNSectorHOB << 8 | s->uATARegNSector;
1177 }
1178 else
1179 {
1180 if (!s->uATARegNSector)
1181 return 256;
1182 else
1183 return s->uATARegNSector;
1184 }
1185}
1186
1187
1188static void ataR3PadString(uint8_t *pbDst, const char *pbSrc, uint32_t cbSize)
1189{
1190 for (uint32_t i = 0; i < cbSize; i++)
1191 {
1192 if (*pbSrc)
1193 pbDst[i ^ 1] = *pbSrc++;
1194 else
1195 pbDst[i ^ 1] = ' ';
1196 }
1197}
1198
1199
1200#if 0 /* unused */
1201/**
1202 * Compares two MSF values.
1203 *
1204 * @returns 1 if the first value is greater than the second value.
1205 * 0 if both are equal
1206 * -1 if the first value is smaller than the second value.
1207 */
1208DECLINLINE(int) atapiCmpMSF(const uint8_t *pbMSF1, const uint8_t *pbMSF2)
1209{
1210 int iRes = 0;
1211
1212 for (unsigned i = 0; i < 3; i++)
1213 {
1214 if (pbMSF1[i] < pbMSF2[i])
1215 {
1216 iRes = -1;
1217 break;
1218 }
1219 else if (pbMSF1[i] > pbMSF2[i])
1220 {
1221 iRes = 1;
1222 break;
1223 }
1224 }
1225
1226 return iRes;
1227}
1228#endif /* unused */
1229
1230static void ataR3CmdOK(ATADevState *s, uint8_t status)
1231{
1232 s->uATARegError = 0; /* Not needed by ATA spec, but cannot hurt. */
1233 ataSetStatusValue(s, ATA_STAT_READY | status);
1234}
1235
1236
1237static void ataR3CmdError(ATADevState *s, uint8_t uErrorCode)
1238{
1239 Log(("%s: code=%#x\n", __FUNCTION__, uErrorCode));
1240 Assert(uErrorCode);
1241 s->uATARegError = uErrorCode;
1242 ataSetStatusValue(s, ATA_STAT_READY | ATA_STAT_ERR);
1243 s->cbTotalTransfer = 0;
1244 s->cbElementaryTransfer = 0;
1245 s->iIOBufferCur = 0;
1246 s->iIOBufferEnd = 0;
1247 s->uTxDir = PDMMEDIATXDIR_NONE;
1248 s->iBeginTransfer = ATAFN_BT_NULL;
1249 s->iSourceSink = ATAFN_SS_NULL;
1250}
1251
1252static uint32_t ataR3Checksum(void* ptr, size_t count)
1253{
1254 uint8_t u8Sum = 0xa5, *p = (uint8_t*)ptr;
1255 size_t i;
1256
1257 for (i = 0; i < count; i++)
1258 {
1259 u8Sum += *p++;
1260 }
1261
1262 return (uint8_t)-(int32_t)u8Sum;
1263}
1264
1265static bool ataR3IdentifySS(ATADevState *s)
1266{
1267 uint16_t *p;
1268
1269 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
1270 Assert(s->cbElementaryTransfer == 512);
1271
1272 p = (uint16_t *)s->CTX_SUFF(pbIOBuffer);
1273 memset(p, 0, 512);
1274 p[0] = RT_H2LE_U16(0x0040);
1275 p[1] = RT_H2LE_U16(RT_MIN(s->PCHSGeometry.cCylinders, 16383));
1276 p[3] = RT_H2LE_U16(s->PCHSGeometry.cHeads);
1277 /* Block size; obsolete, but required for the BIOS. */
1278 p[5] = RT_H2LE_U16(s->cbSector);
1279 p[6] = RT_H2LE_U16(s->PCHSGeometry.cSectors);
1280 ataR3PadString((uint8_t *)(p + 10), s->szSerialNumber, ATA_SERIAL_NUMBER_LENGTH); /* serial number */
1281 p[20] = RT_H2LE_U16(3); /* XXX: retired, cache type */
1282 p[21] = RT_H2LE_U16(512); /* XXX: retired, cache size in sectors */
1283 p[22] = RT_H2LE_U16(0); /* ECC bytes per sector */
1284 ataR3PadString((uint8_t *)(p + 23), s->szFirmwareRevision, ATA_FIRMWARE_REVISION_LENGTH); /* firmware version */
1285 ataR3PadString((uint8_t *)(p + 27), s->szModelNumber, ATA_MODEL_NUMBER_LENGTH); /* model */
1286# if ATA_MAX_MULT_SECTORS > 1
1287 p[47] = RT_H2LE_U16(0x8000 | ATA_MAX_MULT_SECTORS);
1288# endif
1289 p[48] = RT_H2LE_U16(1); /* dword I/O, used by the BIOS */
1290 p[49] = RT_H2LE_U16(1 << 11 | 1 << 9 | 1 << 8); /* DMA and LBA supported */
1291 p[50] = RT_H2LE_U16(1 << 14); /* No drive specific standby timer minimum */
1292 p[51] = RT_H2LE_U16(240); /* PIO transfer cycle */
1293 p[52] = RT_H2LE_U16(240); /* DMA transfer cycle */
1294 p[53] = RT_H2LE_U16(1 | 1 << 1 | 1 << 2); /* words 54-58,64-70,88 valid */
1295 p[54] = RT_H2LE_U16(RT_MIN(s->PCHSGeometry.cCylinders, 16383));
1296 p[55] = RT_H2LE_U16(s->PCHSGeometry.cHeads);
1297 p[56] = RT_H2LE_U16(s->PCHSGeometry.cSectors);
1298 p[57] = RT_H2LE_U16( RT_MIN(s->PCHSGeometry.cCylinders, 16383)
1299 * s->PCHSGeometry.cHeads
1300 * s->PCHSGeometry.cSectors);
1301 p[58] = RT_H2LE_U16( RT_MIN(s->PCHSGeometry.cCylinders, 16383)
1302 * s->PCHSGeometry.cHeads
1303 * s->PCHSGeometry.cSectors >> 16);
1304 if (s->cMultSectors)
1305 p[59] = RT_H2LE_U16(0x100 | s->cMultSectors);
1306 if (s->cTotalSectors <= (1 << 28) - 1)
1307 {
1308 p[60] = RT_H2LE_U16(s->cTotalSectors);
1309 p[61] = RT_H2LE_U16(s->cTotalSectors >> 16);
1310 }
1311 else
1312 {
1313 /* Report maximum number of sectors possible with LBA28 */
1314 p[60] = RT_H2LE_U16(((1 << 28) - 1) & 0xffff);
1315 p[61] = RT_H2LE_U16(((1 << 28) - 1) >> 16);
1316 }
1317 p[63] = RT_H2LE_U16(ATA_TRANSFER_ID(ATA_MODE_MDMA, ATA_MDMA_MODE_MAX, s->uATATransferMode)); /* MDMA modes supported / mode enabled */
1318 p[64] = RT_H2LE_U16(ATA_PIO_MODE_MAX > 2 ? (1 << (ATA_PIO_MODE_MAX - 2)) - 1 : 0); /* PIO modes beyond PIO2 supported */
1319 p[65] = RT_H2LE_U16(120); /* minimum DMA multiword tx cycle time */
1320 p[66] = RT_H2LE_U16(120); /* recommended DMA multiword tx cycle time */
1321 p[67] = RT_H2LE_U16(120); /* minimum PIO cycle time without flow control */
1322 p[68] = RT_H2LE_U16(120); /* minimum PIO cycle time with IORDY flow control */
1323 if ( s->pDrvMedia->pfnDiscard
1324 || s->cbSector != 512
1325 || s->pDrvMedia->pfnIsNonRotational(s->pDrvMedia))
1326 {
1327 p[80] = RT_H2LE_U16(0x1f0); /* support everything up to ATA/ATAPI-8 ACS */
1328 p[81] = RT_H2LE_U16(0x28); /* conforms to ATA/ATAPI-8 ACS */
1329 }
1330 else
1331 {
1332 p[80] = RT_H2LE_U16(0x7e); /* support everything up to ATA/ATAPI-6 */
1333 p[81] = RT_H2LE_U16(0x22); /* conforms to ATA/ATAPI-6 */
1334 }
1335 p[82] = RT_H2LE_U16(1 << 3 | 1 << 5 | 1 << 6); /* supports power management, write cache and look-ahead */
1336 if (s->cTotalSectors <= (1 << 28) - 1)
1337 p[83] = RT_H2LE_U16(1 << 14 | 1 << 12); /* supports FLUSH CACHE */
1338 else
1339 p[83] = RT_H2LE_U16(1 << 14 | 1 << 10 | 1 << 12 | 1 << 13); /* supports LBA48, FLUSH CACHE and FLUSH CACHE EXT */
1340 p[84] = RT_H2LE_U16(1 << 14);
1341 p[85] = RT_H2LE_U16(1 << 3 | 1 << 5 | 1 << 6); /* enabled power management, write cache and look-ahead */
1342 if (s->cTotalSectors <= (1 << 28) - 1)
1343 p[86] = RT_H2LE_U16(1 << 12); /* enabled FLUSH CACHE */
1344 else
1345 p[86] = RT_H2LE_U16(1 << 10 | 1 << 12 | 1 << 13); /* enabled LBA48, FLUSH CACHE and FLUSH CACHE EXT */
1346 p[87] = RT_H2LE_U16(1 << 14);
1347 p[88] = RT_H2LE_U16(ATA_TRANSFER_ID(ATA_MODE_UDMA, ATA_UDMA_MODE_MAX, s->uATATransferMode)); /* UDMA modes supported / mode enabled */
1348 p[93] = RT_H2LE_U16((1 | 1 << 1) << ((s->iLUN & 1) == 0 ? 0 : 8) | 1 << 13 | 1 << 14);
1349 if (s->cTotalSectors > (1 << 28) - 1)
1350 {
1351 p[100] = RT_H2LE_U16(s->cTotalSectors);
1352 p[101] = RT_H2LE_U16(s->cTotalSectors >> 16);
1353 p[102] = RT_H2LE_U16(s->cTotalSectors >> 32);
1354 p[103] = RT_H2LE_U16(s->cTotalSectors >> 48);
1355 }
1356
1357 if (s->cbSector != 512)
1358 {
1359 uint32_t cSectorSizeInWords = s->cbSector / sizeof(uint16_t);
1360 /* Enable reporting of logical sector size. */
1361 p[106] |= RT_H2LE_U16(RT_BIT(12) | RT_BIT(14));
1362 p[117] = RT_H2LE_U16(cSectorSizeInWords);
1363 p[118] = RT_H2LE_U16(cSectorSizeInWords >> 16);
1364 }
1365
1366 if (s->pDrvMedia->pfnDiscard) /** @todo Set bit 14 in word 69 too? (Deterministic read after TRIM). */
1367 p[169] = RT_H2LE_U16(1); /* DATA SET MANAGEMENT command supported. */
1368 if (s->pDrvMedia->pfnIsNonRotational(s->pDrvMedia))
1369 p[217] = RT_H2LE_U16(1); /* Non-rotational medium */
1370 uint32_t uCsum = ataR3Checksum(p, 510);
1371 p[255] = RT_H2LE_U16(0xa5 | (uCsum << 8)); /* Integrity word */
1372 s->iSourceSink = ATAFN_SS_NULL;
1373 ataR3CmdOK(s, ATA_STAT_SEEK);
1374 return false;
1375}
1376
1377
1378static bool ataR3FlushSS(ATADevState *s)
1379{
1380 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1381 int rc;
1382
1383 Assert(s->uTxDir == PDMMEDIATXDIR_NONE);
1384 Assert(!s->cbElementaryTransfer);
1385
1386 ataR3LockLeave(pCtl);
1387
1388 STAM_PROFILE_START(&s->StatFlushes, f);
1389 rc = s->pDrvMedia->pfnFlush(s->pDrvMedia);
1390 AssertRC(rc);
1391 STAM_PROFILE_STOP(&s->StatFlushes, f);
1392
1393 ataR3LockEnter(pCtl);
1394 ataR3CmdOK(s, 0);
1395 return false;
1396}
1397
1398static bool atapiR3IdentifySS(ATADevState *s)
1399{
1400 uint16_t *p;
1401
1402 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
1403 Assert(s->cbElementaryTransfer == 512);
1404
1405 p = (uint16_t *)s->CTX_SUFF(pbIOBuffer);
1406 memset(p, 0, 512);
1407 /* Removable CDROM, 3ms response, 12 byte packets */
1408 p[0] = RT_H2LE_U16(2 << 14 | 5 << 8 | 1 << 7 | 0 << 5 | 0 << 0);
1409 ataR3PadString((uint8_t *)(p + 10), s->szSerialNumber, ATA_SERIAL_NUMBER_LENGTH); /* serial number */
1410 p[20] = RT_H2LE_U16(3); /* XXX: retired, cache type */
1411 p[21] = RT_H2LE_U16(512); /* XXX: retired, cache size in sectors */
1412 ataR3PadString((uint8_t *)(p + 23), s->szFirmwareRevision, ATA_FIRMWARE_REVISION_LENGTH); /* firmware version */
1413 ataR3PadString((uint8_t *)(p + 27), s->szModelNumber, ATA_MODEL_NUMBER_LENGTH); /* model */
1414 p[49] = RT_H2LE_U16(1 << 11 | 1 << 9 | 1 << 8); /* DMA and LBA supported */
1415 p[50] = RT_H2LE_U16(1 << 14); /* No drive specific standby timer minimum */
1416 p[51] = RT_H2LE_U16(240); /* PIO transfer cycle */
1417 p[52] = RT_H2LE_U16(240); /* DMA transfer cycle */
1418 p[53] = RT_H2LE_U16(1 << 1 | 1 << 2); /* words 64-70,88 are valid */
1419 p[63] = RT_H2LE_U16(ATA_TRANSFER_ID(ATA_MODE_MDMA, ATA_MDMA_MODE_MAX, s->uATATransferMode)); /* MDMA modes supported / mode enabled */
1420 p[64] = RT_H2LE_U16(ATA_PIO_MODE_MAX > 2 ? (1 << (ATA_PIO_MODE_MAX - 2)) - 1 : 0); /* PIO modes beyond PIO2 supported */
1421 p[65] = RT_H2LE_U16(120); /* minimum DMA multiword tx cycle time */
1422 p[66] = RT_H2LE_U16(120); /* recommended DMA multiword tx cycle time */
1423 p[67] = RT_H2LE_U16(120); /* minimum PIO cycle time without flow control */
1424 p[68] = RT_H2LE_U16(120); /* minimum PIO cycle time with IORDY flow control */
1425 p[73] = RT_H2LE_U16(0x003e); /* ATAPI CDROM major */
1426 p[74] = RT_H2LE_U16(9); /* ATAPI CDROM minor */
1427 p[75] = RT_H2LE_U16(1); /* queue depth 1 */
1428 p[80] = RT_H2LE_U16(0x7e); /* support everything up to ATA/ATAPI-6 */
1429 p[81] = RT_H2LE_U16(0x22); /* conforms to ATA/ATAPI-6 */
1430 p[82] = RT_H2LE_U16(1 << 4 | 1 << 9); /* supports packet command set and DEVICE RESET */
1431 p[83] = RT_H2LE_U16(1 << 14);
1432 p[84] = RT_H2LE_U16(1 << 14);
1433 p[85] = RT_H2LE_U16(1 << 4 | 1 << 9); /* enabled packet command set and DEVICE RESET */
1434 p[86] = RT_H2LE_U16(0);
1435 p[87] = RT_H2LE_U16(1 << 14);
1436 p[88] = RT_H2LE_U16(ATA_TRANSFER_ID(ATA_MODE_UDMA, ATA_UDMA_MODE_MAX, s->uATATransferMode)); /* UDMA modes supported / mode enabled */
1437 p[93] = RT_H2LE_U16((1 | 1 << 1) << ((s->iLUN & 1) == 0 ? 0 : 8) | 1 << 13 | 1 << 14);
1438 /* According to ATAPI-5 spec:
1439 *
1440 * The use of this word is optional.
1441 * If bits 7:0 of this word contain the signature A5h, bits 15:8
1442 * contain the data
1443 * structure checksum.
1444 * The data structure checksum is the twos complement of the sum of
1445 * all bytes in words 0 through 254 and the byte consisting of
1446 * bits 7:0 in word 255.
1447 * Each byte shall be added with unsigned arithmetic,
1448 * and overflow shall be ignored.
1449 * The sum of all 512 bytes is zero when the checksum is correct.
1450 */
1451 uint32_t uCsum = ataR3Checksum(p, 510);
1452 p[255] = RT_H2LE_U16(0xa5 | (uCsum << 8)); /* Integrity word */
1453
1454 s->iSourceSink = ATAFN_SS_NULL;
1455 ataR3CmdOK(s, ATA_STAT_SEEK);
1456 return false;
1457}
1458
1459
1460static void ataR3SetSignature(ATADevState *s)
1461{
1462 s->uATARegSelect &= 0xf0; /* clear head */
1463 /* put signature */
1464 s->uATARegNSector = 1;
1465 s->uATARegSector = 1;
1466 if (s->fATAPI)
1467 {
1468 s->uATARegLCyl = 0x14;
1469 s->uATARegHCyl = 0xeb;
1470 }
1471 else if (s->pDrvMedia)
1472 {
1473 s->uATARegLCyl = 0;
1474 s->uATARegHCyl = 0;
1475 }
1476 else
1477 {
1478 s->uATARegLCyl = 0xff;
1479 s->uATARegHCyl = 0xff;
1480 }
1481}
1482
1483
1484static uint64_t ataR3GetSector(ATADevState *s)
1485{
1486 uint64_t iLBA;
1487 if (s->uATARegSelect & 0x40)
1488 {
1489 /* any LBA variant */
1490 if (s->fLBA48)
1491 {
1492 /* LBA48 */
1493 iLBA = ((uint64_t)s->uATARegHCylHOB << 40) |
1494 ((uint64_t)s->uATARegLCylHOB << 32) |
1495 ((uint64_t)s->uATARegSectorHOB << 24) |
1496 ((uint64_t)s->uATARegHCyl << 16) |
1497 ((uint64_t)s->uATARegLCyl << 8) |
1498 s->uATARegSector;
1499 }
1500 else
1501 {
1502 /* LBA */
1503 iLBA = ((s->uATARegSelect & 0x0f) << 24) | (s->uATARegHCyl << 16) |
1504 (s->uATARegLCyl << 8) | s->uATARegSector;
1505 }
1506 }
1507 else
1508 {
1509 /* CHS */
1510 iLBA = ((s->uATARegHCyl << 8) | s->uATARegLCyl) * s->PCHSGeometry.cHeads * s->PCHSGeometry.cSectors +
1511 (s->uATARegSelect & 0x0f) * s->PCHSGeometry.cSectors +
1512 (s->uATARegSector - 1);
1513 }
1514 return iLBA;
1515}
1516
1517static void ataR3SetSector(ATADevState *s, uint64_t iLBA)
1518{
1519 uint32_t cyl, r;
1520 if (s->uATARegSelect & 0x40)
1521 {
1522 /* any LBA variant */
1523 if (s->fLBA48)
1524 {
1525 /* LBA48 */
1526 s->uATARegHCylHOB = iLBA >> 40;
1527 s->uATARegLCylHOB = iLBA >> 32;
1528 s->uATARegSectorHOB = iLBA >> 24;
1529 s->uATARegHCyl = iLBA >> 16;
1530 s->uATARegLCyl = iLBA >> 8;
1531 s->uATARegSector = iLBA;
1532 }
1533 else
1534 {
1535 /* LBA */
1536 s->uATARegSelect = (s->uATARegSelect & 0xf0) | (iLBA >> 24);
1537 s->uATARegHCyl = (iLBA >> 16);
1538 s->uATARegLCyl = (iLBA >> 8);
1539 s->uATARegSector = (iLBA);
1540 }
1541 }
1542 else
1543 {
1544 /* CHS */
1545 cyl = iLBA / (s->PCHSGeometry.cHeads * s->PCHSGeometry.cSectors);
1546 r = iLBA % (s->PCHSGeometry.cHeads * s->PCHSGeometry.cSectors);
1547 s->uATARegHCyl = cyl >> 8;
1548 s->uATARegLCyl = cyl;
1549 s->uATARegSelect = (s->uATARegSelect & 0xf0) | ((r / s->PCHSGeometry.cSectors) & 0x0f);
1550 s->uATARegSector = (r % s->PCHSGeometry.cSectors) + 1;
1551 }
1552}
1553
1554
1555static void ataR3WarningDiskFull(PPDMDEVINS pDevIns)
1556{
1557 int rc;
1558 LogRel(("PIIX3 ATA: Host disk full\n"));
1559 rc = PDMDevHlpVMSetRuntimeError(pDevIns, VMSETRTERR_FLAGS_SUSPEND | VMSETRTERR_FLAGS_NO_WAIT, "DevATA_DISKFULL",
1560 N_("Host system reported disk full. VM execution is suspended. You can resume after freeing some space"));
1561 AssertRC(rc);
1562}
1563
1564static void ataR3WarningFileTooBig(PPDMDEVINS pDevIns)
1565{
1566 int rc;
1567 LogRel(("PIIX3 ATA: File too big\n"));
1568 rc = PDMDevHlpVMSetRuntimeError(pDevIns, VMSETRTERR_FLAGS_SUSPEND | VMSETRTERR_FLAGS_NO_WAIT, "DevATA_FILETOOBIG",
1569 N_("Host system reported that the file size limit of the host file system has been exceeded. VM execution is suspended. You need to move your virtual hard disk to a filesystem which allows bigger files"));
1570 AssertRC(rc);
1571}
1572
1573static void ataR3WarningISCSI(PPDMDEVINS pDevIns)
1574{
1575 int rc;
1576 LogRel(("PIIX3 ATA: iSCSI target unavailable\n"));
1577 rc = PDMDevHlpVMSetRuntimeError(pDevIns, VMSETRTERR_FLAGS_SUSPEND | VMSETRTERR_FLAGS_NO_WAIT, "DevATA_ISCSIDOWN",
1578 N_("The iSCSI target has stopped responding. VM execution is suspended. You can resume when it is available again"));
1579 AssertRC(rc);
1580}
1581
1582static bool ataR3IsRedoSetWarning(ATADevState *s, int rc)
1583{
1584 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1585 Assert(!PDMCritSectIsOwner(&pCtl->lock));
1586 if (rc == VERR_DISK_FULL)
1587 {
1588 pCtl->fRedoIdle = true;
1589 ataR3WarningDiskFull(ATADEVSTATE_2_DEVINS(s));
1590 return true;
1591 }
1592 if (rc == VERR_FILE_TOO_BIG)
1593 {
1594 pCtl->fRedoIdle = true;
1595 ataR3WarningFileTooBig(ATADEVSTATE_2_DEVINS(s));
1596 return true;
1597 }
1598 if (rc == VERR_BROKEN_PIPE || rc == VERR_NET_CONNECTION_REFUSED)
1599 {
1600 pCtl->fRedoIdle = true;
1601 /* iSCSI connection abort (first error) or failure to reestablish
1602 * connection (second error). Pause VM. On resume we'll retry. */
1603 ataR3WarningISCSI(ATADEVSTATE_2_DEVINS(s));
1604 return true;
1605 }
1606 if (rc == VERR_VD_DEK_MISSING)
1607 {
1608 /* Error message already set. */
1609 pCtl->fRedoIdle = true;
1610 return true;
1611 }
1612
1613 return false;
1614}
1615
1616
1617static int ataR3ReadSectors(ATADevState *s, uint64_t u64Sector, void *pvBuf,
1618 uint32_t cSectors, bool *pfRedo)
1619{
1620 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1621 int rc;
1622
1623 ataR3LockLeave(pCtl);
1624
1625 STAM_PROFILE_ADV_START(&s->StatReads, r);
1626 s->Led.Asserted.s.fReading = s->Led.Actual.s.fReading = 1;
1627 rc = s->pDrvMedia->pfnRead(s->pDrvMedia, u64Sector * s->cbSector, pvBuf, cSectors * s->cbSector);
1628 s->Led.Actual.s.fReading = 0;
1629 STAM_PROFILE_ADV_STOP(&s->StatReads, r);
1630 Log4(("ataR3ReadSectors: rc=%Rrc cSectors=%#x u64Sector=%llu\n%.*Rhxd\n",
1631 rc, cSectors, u64Sector, cSectors * s->cbSector, pvBuf));
1632
1633 STAM_REL_COUNTER_ADD(&s->StatBytesRead, cSectors * s->cbSector);
1634
1635 if (RT_SUCCESS(rc))
1636 *pfRedo = false;
1637 else
1638 *pfRedo = ataR3IsRedoSetWarning(s, rc);
1639
1640 ataR3LockEnter(pCtl);
1641 return rc;
1642}
1643
1644
1645static int ataR3WriteSectors(ATADevState *s, uint64_t u64Sector,
1646 const void *pvBuf, uint32_t cSectors, bool *pfRedo)
1647{
1648 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1649 int rc;
1650
1651 ataR3LockLeave(pCtl);
1652
1653 STAM_PROFILE_ADV_START(&s->StatWrites, w);
1654 s->Led.Asserted.s.fWriting = s->Led.Actual.s.fWriting = 1;
1655# ifdef VBOX_INSTRUMENT_DMA_WRITES
1656 if (s->fDMA)
1657 STAM_PROFILE_ADV_START(&s->StatInstrVDWrites, vw);
1658# endif
1659 rc = s->pDrvMedia->pfnWrite(s->pDrvMedia, u64Sector * s->cbSector, pvBuf, cSectors * s->cbSector);
1660# ifdef VBOX_INSTRUMENT_DMA_WRITES
1661 if (s->fDMA)
1662 STAM_PROFILE_ADV_STOP(&s->StatInstrVDWrites, vw);
1663# endif
1664 s->Led.Actual.s.fWriting = 0;
1665 STAM_PROFILE_ADV_STOP(&s->StatWrites, w);
1666 Log4(("ataR3WriteSectors: rc=%Rrc cSectors=%#x u64Sector=%llu\n%.*Rhxd\n",
1667 rc, cSectors, u64Sector, cSectors * s->cbSector, pvBuf));
1668
1669 STAM_REL_COUNTER_ADD(&s->StatBytesWritten, cSectors * s->cbSector);
1670
1671 if (RT_SUCCESS(rc))
1672 *pfRedo = false;
1673 else
1674 *pfRedo = ataR3IsRedoSetWarning(s, rc);
1675
1676 ataR3LockEnter(pCtl);
1677 return rc;
1678}
1679
1680
1681static void ataR3ReadWriteSectorsBT(ATADevState *s)
1682{
1683 uint32_t cSectors;
1684
1685 cSectors = s->cbTotalTransfer / s->cbSector;
1686 if (cSectors > s->cSectorsPerIRQ)
1687 s->cbElementaryTransfer = s->cSectorsPerIRQ * s->cbSector;
1688 else
1689 s->cbElementaryTransfer = cSectors * s->cbSector;
1690 if (s->uTxDir == PDMMEDIATXDIR_TO_DEVICE)
1691 ataR3CmdOK(s, 0);
1692}
1693
1694
1695static bool ataR3ReadSectorsSS(ATADevState *s)
1696{
1697 int rc;
1698 uint32_t cSectors;
1699 uint64_t iLBA;
1700 bool fRedo;
1701
1702 cSectors = s->cbElementaryTransfer / s->cbSector;
1703 Assert(cSectors);
1704 iLBA = ataR3GetSector(s);
1705 Log(("%s: %d sectors at LBA %d\n", __FUNCTION__, cSectors, iLBA));
1706 rc = ataR3ReadSectors(s, iLBA, s->CTX_SUFF(pbIOBuffer), cSectors, &fRedo);
1707 if (RT_SUCCESS(rc))
1708 {
1709 ataR3SetSector(s, iLBA + cSectors);
1710 if (s->cbElementaryTransfer == s->cbTotalTransfer)
1711 s->iSourceSink = ATAFN_SS_NULL;
1712 ataR3CmdOK(s, ATA_STAT_SEEK);
1713 }
1714 else
1715 {
1716 if (fRedo)
1717 return fRedo;
1718 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
1719 LogRel(("PIIX3 ATA: LUN#%d: disk read error (rc=%Rrc iSector=%#RX64 cSectors=%#RX32)\n",
1720 s->iLUN, rc, iLBA, cSectors));
1721
1722 /*
1723 * Check if we got interrupted. We don't need to set status variables
1724 * because the request was aborted.
1725 */
1726 if (rc != VERR_INTERRUPTED)
1727 ataR3CmdError(s, ID_ERR);
1728 }
1729 return false;
1730}
1731
1732
1733static bool ataR3WriteSectorsSS(ATADevState *s)
1734{
1735 int rc;
1736 uint32_t cSectors;
1737 uint64_t iLBA;
1738 bool fRedo;
1739
1740 cSectors = s->cbElementaryTransfer / s->cbSector;
1741 Assert(cSectors);
1742 iLBA = ataR3GetSector(s);
1743 Log(("%s: %d sectors at LBA %d\n", __FUNCTION__, cSectors, iLBA));
1744 rc = ataR3WriteSectors(s, iLBA, s->CTX_SUFF(pbIOBuffer), cSectors, &fRedo);
1745 if (RT_SUCCESS(rc))
1746 {
1747 ataR3SetSector(s, iLBA + cSectors);
1748 if (!s->cbTotalTransfer)
1749 s->iSourceSink = ATAFN_SS_NULL;
1750 ataR3CmdOK(s, ATA_STAT_SEEK);
1751 }
1752 else
1753 {
1754 if (fRedo)
1755 return fRedo;
1756 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
1757 LogRel(("PIIX3 ATA: LUN#%d: disk write error (rc=%Rrc iSector=%#RX64 cSectors=%#RX32)\n",
1758 s->iLUN, rc, iLBA, cSectors));
1759
1760 /*
1761 * Check if we got interrupted. We don't need to set status variables
1762 * because the request was aborted.
1763 */
1764 if (rc != VERR_INTERRUPTED)
1765 ataR3CmdError(s, ID_ERR);
1766 }
1767 return false;
1768}
1769
1770
1771static void atapiR3CmdOK(ATADevState *s)
1772{
1773 s->uATARegError = 0;
1774 ataSetStatusValue(s, ATA_STAT_READY);
1775 s->uATARegNSector = (s->uATARegNSector & ~7)
1776 | ((s->uTxDir != PDMMEDIATXDIR_TO_DEVICE) ? ATAPI_INT_REASON_IO : 0)
1777 | (!s->cbTotalTransfer ? ATAPI_INT_REASON_CD : 0);
1778 Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
1779
1780 memset(s->abATAPISense, '\0', sizeof(s->abATAPISense));
1781 s->abATAPISense[0] = 0x70 | (1 << 7);
1782 s->abATAPISense[7] = 10;
1783}
1784
1785
1786static void atapiR3CmdError(ATADevState *s, const uint8_t *pabATAPISense, size_t cbATAPISense)
1787{
1788 Log(("%s: sense=%#x (%s) asc=%#x ascq=%#x (%s)\n", __FUNCTION__, pabATAPISense[2] & 0x0f, SCSISenseText(pabATAPISense[2] & 0x0f),
1789 pabATAPISense[12], pabATAPISense[13], SCSISenseExtText(pabATAPISense[12], pabATAPISense[13])));
1790 s->uATARegError = pabATAPISense[2] << 4;
1791 ataSetStatusValue(s, ATA_STAT_READY | ATA_STAT_ERR);
1792 s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1793 Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
1794 memset(s->abATAPISense, '\0', sizeof(s->abATAPISense));
1795 memcpy(s->abATAPISense, pabATAPISense, RT_MIN(cbATAPISense, sizeof(s->abATAPISense)));
1796 s->cbTotalTransfer = 0;
1797 s->cbElementaryTransfer = 0;
1798 s->cbAtapiPassthroughTransfer = 0;
1799 s->iIOBufferCur = 0;
1800 s->iIOBufferEnd = 0;
1801 s->uTxDir = PDMMEDIATXDIR_NONE;
1802 s->iBeginTransfer = ATAFN_BT_NULL;
1803 s->iSourceSink = ATAFN_SS_NULL;
1804}
1805
1806
1807/** @todo deprecated function - doesn't provide enough info. Replace by direct
1808 * calls to atapiR3CmdError() with full data. */
1809static void atapiR3CmdErrorSimple(ATADevState *s, uint8_t uATAPISenseKey, uint8_t uATAPIASC)
1810{
1811 uint8_t abATAPISense[ATAPI_SENSE_SIZE];
1812 memset(abATAPISense, '\0', sizeof(abATAPISense));
1813 abATAPISense[0] = 0x70 | (1 << 7);
1814 abATAPISense[2] = uATAPISenseKey & 0x0f;
1815 abATAPISense[7] = 10;
1816 abATAPISense[12] = uATAPIASC;
1817 atapiR3CmdError(s, abATAPISense, sizeof(abATAPISense));
1818}
1819
1820
1821static void atapiR3CmdBT(ATADevState *s)
1822{
1823 s->fATAPITransfer = true;
1824 s->cbElementaryTransfer = s->cbTotalTransfer;
1825 s->cbAtapiPassthroughTransfer = s->cbTotalTransfer;
1826 s->cbPIOTransferLimit = s->uATARegLCyl | (s->uATARegHCyl << 8);
1827 if (s->uTxDir == PDMMEDIATXDIR_TO_DEVICE)
1828 atapiR3CmdOK(s);
1829}
1830
1831
1832static void atapiR3PassthroughCmdBT(ATADevState *s)
1833{
1834 atapiR3CmdBT(s);
1835}
1836
1837static bool atapiR3ReadSS(ATADevState *s)
1838{
1839 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1840 int rc = VINF_SUCCESS;
1841 uint32_t cbTransfer, cSectors;
1842 uint64_t cbBlockRegion = 0;
1843
1844 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
1845 cbTransfer = RT_MIN(s->cbTotalTransfer, s->cbIOBuffer);
1846 cSectors = cbTransfer / s->cbATAPISector;
1847 Assert(cSectors * s->cbATAPISector <= cbTransfer);
1848 Log(("%s: %d sectors at LBA %d\n", __FUNCTION__, cSectors, s->iATAPILBA));
1849
1850 ataR3LockLeave(pCtl);
1851
1852 rc = s->pDrvMedia->pfnQueryRegionPropertiesForLba(s->pDrvMedia, s->iATAPILBA, NULL, NULL,
1853 &cbBlockRegion, NULL);
1854 if (RT_SUCCESS(rc))
1855 {
1856 STAM_PROFILE_ADV_START(&s->StatReads, r);
1857 s->Led.Asserted.s.fReading = s->Led.Actual.s.fReading = 1;
1858
1859 /* If the region block size and requested sector matches we can just pass the request through. */
1860 if (cbBlockRegion == s->cbATAPISector)
1861 rc = s->pDrvMedia->pfnRead(s->pDrvMedia, (uint64_t)s->iATAPILBA * s->cbATAPISector,
1862 s->CTX_SUFF(pbIOBuffer), s->cbATAPISector * cSectors);
1863 else
1864 {
1865 if (cbBlockRegion == 2048 && s->cbATAPISector == 2352)
1866 {
1867 /* Generate the sync bytes. */
1868 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
1869
1870 for (uint32_t i = s->iATAPILBA; i < s->iATAPILBA + cSectors; i++)
1871 {
1872 /* Sync bytes, see 4.2.3.8 CD Main Channel Block Formats */
1873 *pbBuf++ = 0x00;
1874 memset(pbBuf, 0xff, 10);
1875 pbBuf += 10;
1876 *pbBuf++ = 0x00;
1877 /* MSF */
1878 scsiLBA2MSF(pbBuf, i);
1879 pbBuf += 3;
1880 *pbBuf++ = 0x01; /* mode 1 data */
1881 /* data */
1882 rc = s->pDrvMedia->pfnRead(s->pDrvMedia, (uint64_t)i * 2048, pbBuf, 2048);
1883 if (RT_FAILURE(rc))
1884 break;
1885 pbBuf += 2048;
1886 /**
1887 * @todo: maybe compute ECC and parity, layout is:
1888 * 2072 4 EDC
1889 * 2076 172 P parity symbols
1890 * 2248 104 Q parity symbols
1891 */
1892 memset(pbBuf, 0, 280);
1893 pbBuf += 280;
1894 }
1895 }
1896 else if (cbBlockRegion == 2352 && s->cbATAPISector == 2048)
1897 {
1898 /* Read only the user data portion. */
1899 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
1900
1901 for (uint32_t i = s->iATAPILBA; i < s->iATAPILBA + cSectors; i++)
1902 {
1903 uint8_t abTmp[2352];
1904 rc = s->pDrvMedia->pfnRead(s->pDrvMedia, (uint64_t)i * 2352, &abTmp[0], 2352);
1905 if (RT_FAILURE(rc))
1906 break;
1907
1908 memcpy(pbBuf, &abTmp[16], 2048);
1909 pbBuf += 2048;
1910 }
1911 }
1912 }
1913 s->Led.Actual.s.fReading = 0;
1914 STAM_PROFILE_ADV_STOP(&s->StatReads, r);
1915 }
1916
1917 ataR3LockEnter(pCtl);
1918
1919 if (RT_SUCCESS(rc))
1920 {
1921 STAM_REL_COUNTER_ADD(&s->StatBytesRead, s->cbATAPISector * cSectors);
1922
1923 /* The initial buffer end value has been set up based on the total
1924 * transfer size. But the I/O buffer size limits what can actually be
1925 * done in one transfer, so set the actual value of the buffer end. */
1926 s->cbElementaryTransfer = cbTransfer;
1927 if (cbTransfer >= s->cbTotalTransfer)
1928 s->iSourceSink = ATAFN_SS_NULL;
1929 atapiR3CmdOK(s);
1930 s->iATAPILBA += cSectors;
1931 }
1932 else
1933 {
1934 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
1935 LogRel(("PIIX3 ATA: LUN#%d: CD-ROM read error, %d sectors at LBA %d\n", s->iLUN, cSectors, s->iATAPILBA));
1936
1937 /*
1938 * Check if we got interrupted. We don't need to set status variables
1939 * because the request was aborted.
1940 */
1941 if (rc != VERR_INTERRUPTED)
1942 atapiR3CmdErrorSimple(s, SCSI_SENSE_MEDIUM_ERROR, SCSI_ASC_READ_ERROR);
1943 }
1944 return false;
1945}
1946
1947/**
1948 * Sets the given media track type.
1949 */
1950static uint32_t ataR3MediumTypeSet(ATADevState *s, uint32_t MediaTrackType)
1951{
1952 return ASMAtomicXchgU32(&s->MediaTrackType, MediaTrackType);
1953}
1954
1955static bool atapiR3PassthroughSS(ATADevState *s)
1956{
1957 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1958 int rc = VINF_SUCCESS;
1959 uint8_t abATAPISense[ATAPI_SENSE_SIZE];
1960 uint32_t cbTransfer;
1961 PSTAMPROFILEADV pProf = NULL;
1962
1963 cbTransfer = RT_MIN(s->cbAtapiPassthroughTransfer, s->cbIOBuffer);
1964
1965 if (s->uTxDir == PDMMEDIATXDIR_TO_DEVICE)
1966 Log3(("ATAPI PT data write (%d): %.*Rhxs\n", cbTransfer, cbTransfer, s->CTX_SUFF(pbIOBuffer)));
1967
1968 /* Simple heuristics: if there is at least one sector of data
1969 * to transfer, it's worth updating the LEDs. */
1970 if (cbTransfer >= 2048)
1971 {
1972 if (s->uTxDir != PDMMEDIATXDIR_TO_DEVICE)
1973 {
1974 s->Led.Asserted.s.fReading = s->Led.Actual.s.fReading = 1;
1975 pProf = &s->StatReads;
1976 }
1977 else
1978 {
1979 s->Led.Asserted.s.fWriting = s->Led.Actual.s.fWriting = 1;
1980 pProf = &s->StatWrites;
1981 }
1982 }
1983
1984 ataR3LockLeave(pCtl);
1985
1986# if defined(LOG_ENABLED)
1987 char szBuf[1024];
1988
1989 memset(szBuf, 0, sizeof(szBuf));
1990
1991 switch (s->aATAPICmd[0])
1992 {
1993 case SCSI_MODE_SELECT_10:
1994 {
1995 size_t cbBlkDescLength = scsiBE2H_U16(&s->CTX_SUFF(pbIOBuffer)[6]);
1996
1997 SCSILogModePage(szBuf, sizeof(szBuf) - 1,
1998 s->CTX_SUFF(pbIOBuffer) + 8 + cbBlkDescLength,
1999 cbTransfer - 8 - cbBlkDescLength);
2000 break;
2001 }
2002 case SCSI_SEND_CUE_SHEET:
2003 {
2004 SCSILogCueSheet(szBuf, sizeof(szBuf) - 1,
2005 s->CTX_SUFF(pbIOBuffer), cbTransfer);
2006 break;
2007 }
2008 default:
2009 break;
2010 }
2011
2012 Log2(("%s\n", szBuf));
2013# endif
2014
2015 if (pProf) { STAM_PROFILE_ADV_START(pProf, b); }
2016 if ( cbTransfer > SCSI_MAX_BUFFER_SIZE
2017 || s->cbElementaryTransfer > s->cbIOBuffer)
2018 {
2019 /* Linux accepts commands with up to 100KB of data, but expects
2020 * us to handle commands with up to 128KB of data. The usual
2021 * imbalance of powers. */
2022 uint8_t aATAPICmd[ATAPI_PACKET_SIZE];
2023 uint32_t iATAPILBA, cSectors, cReqSectors, cbCurrTX;
2024 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2025 uint32_t cSectorsMax; /**< Maximum amount of sectors to read without exceeding the I/O buffer. */
2026
2027 Assert(s->cbATAPISector);
2028 cSectorsMax = cbTransfer / s->cbATAPISector;
2029 Assert(cSectorsMax * s->cbATAPISector <= s->cbIOBuffer);
2030
2031 switch (s->aATAPICmd[0])
2032 {
2033 case SCSI_READ_10:
2034 case SCSI_WRITE_10:
2035 case SCSI_WRITE_AND_VERIFY_10:
2036 iATAPILBA = scsiBE2H_U32(s->aATAPICmd + 2);
2037 cSectors = scsiBE2H_U16(s->aATAPICmd + 7);
2038 break;
2039 case SCSI_READ_12:
2040 case SCSI_WRITE_12:
2041 iATAPILBA = scsiBE2H_U32(s->aATAPICmd + 2);
2042 cSectors = scsiBE2H_U32(s->aATAPICmd + 6);
2043 break;
2044 case SCSI_READ_CD:
2045 iATAPILBA = scsiBE2H_U32(s->aATAPICmd + 2);
2046 cSectors = scsiBE2H_U24(s->aATAPICmd + 6);
2047 break;
2048 case SCSI_READ_CD_MSF:
2049 iATAPILBA = scsiMSF2LBA(s->aATAPICmd + 3);
2050 cSectors = scsiMSF2LBA(s->aATAPICmd + 6) - iATAPILBA;
2051 break;
2052 default:
2053 AssertMsgFailed(("Don't know how to split command %#04x\n", s->aATAPICmd[0]));
2054 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
2055 LogRel(("PIIX3 ATA: LUN#%d: CD-ROM passthrough split error\n", s->iLUN));
2056 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_ILLEGAL_OPCODE);
2057 ataR3LockEnter(pCtl);
2058 return false;
2059 }
2060 cSectorsMax = RT_MIN(cSectorsMax, cSectors);
2061 memcpy(aATAPICmd, s->aATAPICmd, ATAPI_PACKET_SIZE);
2062 cReqSectors = 0;
2063 for (uint32_t i = cSectorsMax; i > 0; i -= cReqSectors)
2064 {
2065 if (i * s->cbATAPISector > SCSI_MAX_BUFFER_SIZE)
2066 cReqSectors = SCSI_MAX_BUFFER_SIZE / s->cbATAPISector;
2067 else
2068 cReqSectors = i;
2069 cbCurrTX = s->cbATAPISector * cReqSectors;
2070 switch (s->aATAPICmd[0])
2071 {
2072 case SCSI_READ_10:
2073 case SCSI_WRITE_10:
2074 case SCSI_WRITE_AND_VERIFY_10:
2075 scsiH2BE_U32(aATAPICmd + 2, iATAPILBA);
2076 scsiH2BE_U16(aATAPICmd + 7, cReqSectors);
2077 break;
2078 case SCSI_READ_12:
2079 case SCSI_WRITE_12:
2080 scsiH2BE_U32(aATAPICmd + 2, iATAPILBA);
2081 scsiH2BE_U32(aATAPICmd + 6, cReqSectors);
2082 break;
2083 case SCSI_READ_CD:
2084 scsiH2BE_U32(aATAPICmd + 2, iATAPILBA);
2085 scsiH2BE_U24(aATAPICmd + 6, cReqSectors);
2086 break;
2087 case SCSI_READ_CD_MSF:
2088 scsiLBA2MSF(aATAPICmd + 3, iATAPILBA);
2089 scsiLBA2MSF(aATAPICmd + 6, iATAPILBA + cReqSectors);
2090 break;
2091 }
2092 rc = s->pDrvMedia->pfnSendCmd(s->pDrvMedia, aATAPICmd, ATAPI_PACKET_SIZE, (PDMMEDIATXDIR)s->uTxDir,
2093 pbBuf, &cbCurrTX, abATAPISense, sizeof(abATAPISense), 30000 /**< @todo timeout */);
2094 if (rc != VINF_SUCCESS)
2095 break;
2096 iATAPILBA += cReqSectors;
2097 pbBuf += s->cbATAPISector * cReqSectors;
2098 }
2099
2100 if (RT_SUCCESS(rc))
2101 {
2102 /* Adjust ATAPI command for the next call. */
2103 switch (s->aATAPICmd[0])
2104 {
2105 case SCSI_READ_10:
2106 case SCSI_WRITE_10:
2107 case SCSI_WRITE_AND_VERIFY_10:
2108 scsiH2BE_U32(s->aATAPICmd + 2, iATAPILBA);
2109 scsiH2BE_U16(s->aATAPICmd + 7, cSectors - cSectorsMax);
2110 break;
2111 case SCSI_READ_12:
2112 case SCSI_WRITE_12:
2113 scsiH2BE_U32(s->aATAPICmd + 2, iATAPILBA);
2114 scsiH2BE_U32(s->aATAPICmd + 6, cSectors - cSectorsMax);
2115 break;
2116 case SCSI_READ_CD:
2117 scsiH2BE_U32(s->aATAPICmd + 2, iATAPILBA);
2118 scsiH2BE_U24(s->aATAPICmd + 6, cSectors - cSectorsMax);
2119 break;
2120 case SCSI_READ_CD_MSF:
2121 scsiLBA2MSF(s->aATAPICmd + 3, iATAPILBA);
2122 scsiLBA2MSF(s->aATAPICmd + 6, iATAPILBA + cSectors - cSectorsMax);
2123 break;
2124 default:
2125 AssertMsgFailed(("Don't know how to split command %#04x\n", s->aATAPICmd[0]));
2126 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
2127 LogRel(("PIIX3 ATA: LUN#%d: CD-ROM passthrough split error\n", s->iLUN));
2128 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_ILLEGAL_OPCODE);
2129 return false;
2130 }
2131 }
2132 }
2133 else
2134 rc = s->pDrvMedia->pfnSendCmd(s->pDrvMedia, s->aATAPICmd, ATAPI_PACKET_SIZE, (PDMMEDIATXDIR)s->uTxDir,
2135 s->CTX_SUFF(pbIOBuffer), &cbTransfer, abATAPISense, sizeof(abATAPISense), 30000 /**< @todo timeout */);
2136 if (pProf) { STAM_PROFILE_ADV_STOP(pProf, b); }
2137
2138 ataR3LockEnter(pCtl);
2139
2140 /* Update the LEDs and the read/write statistics. */
2141 if (cbTransfer >= 2048)
2142 {
2143 if (s->uTxDir != PDMMEDIATXDIR_TO_DEVICE)
2144 {
2145 s->Led.Actual.s.fReading = 0;
2146 STAM_REL_COUNTER_ADD(&s->StatBytesRead, cbTransfer);
2147 }
2148 else
2149 {
2150 s->Led.Actual.s.fWriting = 0;
2151 STAM_REL_COUNTER_ADD(&s->StatBytesWritten, cbTransfer);
2152 }
2153 }
2154
2155 if (RT_SUCCESS(rc))
2156 {
2157 /* Do post processing for certain commands. */
2158 switch (s->aATAPICmd[0])
2159 {
2160 case SCSI_SEND_CUE_SHEET:
2161 case SCSI_READ_TOC_PMA_ATIP:
2162 {
2163 if (!s->pTrackList)
2164 rc = ATAPIPassthroughTrackListCreateEmpty(&s->pTrackList);
2165
2166 if (RT_SUCCESS(rc))
2167 rc = ATAPIPassthroughTrackListUpdate(s->pTrackList, s->aATAPICmd, s->CTX_SUFF(pbIOBuffer));
2168
2169 if ( RT_FAILURE(rc)
2170 && s->cErrors++ < MAX_LOG_REL_ERRORS)
2171 LogRel(("ATA: Error (%Rrc) while updating the tracklist during %s, burning the disc might fail\n",
2172 rc, s->aATAPICmd[0] == SCSI_SEND_CUE_SHEET ? "SEND CUE SHEET" : "READ TOC/PMA/ATIP"));
2173 break;
2174 }
2175 case SCSI_SYNCHRONIZE_CACHE:
2176 {
2177 if (s->pTrackList)
2178 ATAPIPassthroughTrackListClear(s->pTrackList);
2179 break;
2180 }
2181 }
2182
2183 if (s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE)
2184 {
2185 /*
2186 * Reply with the same amount of data as the real drive
2187 * but only if the command wasn't split.
2188 */
2189 if (s->cbAtapiPassthroughTransfer < s->cbIOBuffer)
2190 s->cbTotalTransfer = cbTransfer;
2191
2192 if ( s->aATAPICmd[0] == SCSI_INQUIRY
2193 && s->fOverwriteInquiry)
2194 {
2195 /* Make sure that the real drive cannot be identified.
2196 * Motivation: changing the VM configuration should be as
2197 * invisible as possible to the guest. */
2198 Log3(("ATAPI PT inquiry data before (%d): %.*Rhxs\n", cbTransfer, cbTransfer, s->CTX_SUFF(pbIOBuffer)));
2199 scsiPadStr(s->CTX_SUFF(pbIOBuffer) + 8, "VBOX", 8);
2200 scsiPadStr(s->CTX_SUFF(pbIOBuffer) + 16, "CD-ROM", 16);
2201 scsiPadStr(s->CTX_SUFF(pbIOBuffer) + 32, "1.0", 4);
2202 }
2203
2204 if (cbTransfer)
2205 Log3(("ATAPI PT data read (%d):\n%.*Rhxd\n", cbTransfer, cbTransfer, s->CTX_SUFF(pbIOBuffer)));
2206 }
2207
2208 /* The initial buffer end value has been set up based on the total
2209 * transfer size. But the I/O buffer size limits what can actually be
2210 * done in one transfer, so set the actual value of the buffer end. */
2211 Assert(cbTransfer <= s->cbAtapiPassthroughTransfer);
2212 s->cbElementaryTransfer = cbTransfer;
2213 s->cbAtapiPassthroughTransfer -= cbTransfer;
2214 if (!s->cbAtapiPassthroughTransfer)
2215 {
2216 s->iSourceSink = ATAFN_SS_NULL;
2217 atapiR3CmdOK(s);
2218 }
2219 }
2220 else
2221 {
2222 if (s->cErrors < MAX_LOG_REL_ERRORS)
2223 {
2224 uint8_t u8Cmd = s->aATAPICmd[0];
2225 do
2226 {
2227 /* don't log superfluous errors */
2228 if ( rc == VERR_DEV_IO_ERROR
2229 && ( u8Cmd == SCSI_TEST_UNIT_READY
2230 || u8Cmd == SCSI_READ_CAPACITY
2231 || u8Cmd == SCSI_READ_DVD_STRUCTURE
2232 || u8Cmd == SCSI_READ_TOC_PMA_ATIP))
2233 break;
2234 s->cErrors++;
2235 LogRel(("PIIX3 ATA: LUN#%d: CD-ROM passthrough cmd=%#04x sense=%d ASC=%#02x ASCQ=%#02x %Rrc\n",
2236 s->iLUN, u8Cmd, abATAPISense[2] & 0x0f, abATAPISense[12], abATAPISense[13], rc));
2237 } while (0);
2238 }
2239 atapiR3CmdError(s, abATAPISense, sizeof(abATAPISense));
2240 }
2241 return false;
2242}
2243
2244/** @todo Revise ASAP. */
2245static bool atapiR3ReadDVDStructureSS(ATADevState *s)
2246{
2247 uint8_t *buf = s->CTX_SUFF(pbIOBuffer);
2248 int media = s->aATAPICmd[1];
2249 int format = s->aATAPICmd[7];
2250
2251 uint16_t max_len = scsiBE2H_U16(&s->aATAPICmd[8]);
2252
2253 memset(buf, 0, max_len);
2254
2255 switch (format) {
2256 case 0x00:
2257 case 0x01:
2258 case 0x02:
2259 case 0x03:
2260 case 0x04:
2261 case 0x05:
2262 case 0x06:
2263 case 0x07:
2264 case 0x08:
2265 case 0x09:
2266 case 0x0a:
2267 case 0x0b:
2268 case 0x0c:
2269 case 0x0d:
2270 case 0x0e:
2271 case 0x0f:
2272 case 0x10:
2273 case 0x11:
2274 case 0x30:
2275 case 0x31:
2276 case 0xff:
2277 if (media == 0)
2278 {
2279 int uASC = SCSI_ASC_NONE;
2280
2281 switch (format)
2282 {
2283 case 0x0: /* Physical format information */
2284 {
2285 int layer = s->aATAPICmd[6];
2286 uint64_t total_sectors;
2287
2288 if (layer != 0)
2289 {
2290 uASC = -SCSI_ASC_INV_FIELD_IN_CMD_PACKET;
2291 break;
2292 }
2293
2294 total_sectors = s->cTotalSectors;
2295 total_sectors >>= 2;
2296 if (total_sectors == 0)
2297 {
2298 uASC = -SCSI_ASC_MEDIUM_NOT_PRESENT;
2299 break;
2300 }
2301
2302 buf[4] = 1; /* DVD-ROM, part version 1 */
2303 buf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
2304 buf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
2305 buf[7] = 0; /* default densities */
2306
2307 /* FIXME: 0x30000 per spec? */
2308 scsiH2BE_U32(buf + 8, 0); /* start sector */
2309 scsiH2BE_U32(buf + 12, total_sectors - 1); /* end sector */
2310 scsiH2BE_U32(buf + 16, total_sectors - 1); /* l0 end sector */
2311
2312 /* Size of buffer, not including 2 byte size field */
2313 scsiH2BE_U32(&buf[0], 2048 + 2);
2314
2315 /* 2k data + 4 byte header */
2316 uASC = (2048 + 4);
2317 break;
2318 }
2319 case 0x01: /* DVD copyright information */
2320 buf[4] = 0; /* no copyright data */
2321 buf[5] = 0; /* no region restrictions */
2322
2323 /* Size of buffer, not including 2 byte size field */
2324 scsiH2BE_U16(buf, 4 + 2);
2325
2326 /* 4 byte header + 4 byte data */
2327 uASC = (4 + 4);
2328 break;
2329
2330 case 0x03: /* BCA information - invalid field for no BCA info */
2331 uASC = -SCSI_ASC_INV_FIELD_IN_CMD_PACKET;
2332 break;
2333
2334 case 0x04: /* DVD disc manufacturing information */
2335 /* Size of buffer, not including 2 byte size field */
2336 scsiH2BE_U16(buf, 2048 + 2);
2337
2338 /* 2k data + 4 byte header */
2339 uASC = (2048 + 4);
2340 break;
2341 case 0xff:
2342 /*
2343 * This lists all the command capabilities above. Add new ones
2344 * in order and update the length and buffer return values.
2345 */
2346
2347 buf[4] = 0x00; /* Physical format */
2348 buf[5] = 0x40; /* Not writable, is readable */
2349 scsiH2BE_U16((buf + 6), 2048 + 4);
2350
2351 buf[8] = 0x01; /* Copyright info */
2352 buf[9] = 0x40; /* Not writable, is readable */
2353 scsiH2BE_U16((buf + 10), 4 + 4);
2354
2355 buf[12] = 0x03; /* BCA info */
2356 buf[13] = 0x40; /* Not writable, is readable */
2357 scsiH2BE_U16((buf + 14), 188 + 4);
2358
2359 buf[16] = 0x04; /* Manufacturing info */
2360 buf[17] = 0x40; /* Not writable, is readable */
2361 scsiH2BE_U16((buf + 18), 2048 + 4);
2362
2363 /* Size of buffer, not including 2 byte size field */
2364 scsiH2BE_U16(buf, 16 + 2);
2365
2366 /* data written + 4 byte header */
2367 uASC = (16 + 4);
2368 break;
2369 default: /** @todo formats beyond DVD-ROM requires */
2370 uASC = -SCSI_ASC_INV_FIELD_IN_CMD_PACKET;
2371 }
2372
2373 if (uASC < 0)
2374 {
2375 s->iSourceSink = ATAFN_SS_NULL;
2376 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, -uASC);
2377 return false;
2378 }
2379 break;
2380 }
2381 /** @todo BD support, fall through for now */
2382 /* fall thru */
2383
2384 /* Generic disk structures */
2385 case 0x80: /** @todo AACS volume identifier */
2386 case 0x81: /** @todo AACS media serial number */
2387 case 0x82: /** @todo AACS media identifier */
2388 case 0x83: /** @todo AACS media key block */
2389 case 0x90: /** @todo List of recognized format layers */
2390 case 0xc0: /** @todo Write protection status */
2391 default:
2392 s->iSourceSink = ATAFN_SS_NULL;
2393 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST,
2394 SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2395 return false;
2396 }
2397
2398 s->iSourceSink = ATAFN_SS_NULL;
2399 atapiR3CmdOK(s);
2400 return false;
2401}
2402
2403static bool atapiR3ReadSectors(ATADevState *s, uint32_t iATAPILBA, uint32_t cSectors, uint32_t cbSector)
2404{
2405 Assert(cSectors > 0);
2406 s->iATAPILBA = iATAPILBA;
2407 s->cbATAPISector = cbSector;
2408 ataR3StartTransfer(s, cSectors * cbSector, PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ, true);
2409 return false;
2410}
2411
2412
2413static bool atapiR3ReadCapacitySS(ATADevState *s)
2414{
2415 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2416
2417 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
2418 Assert(s->cbElementaryTransfer <= 8);
2419 scsiH2BE_U32(pbBuf, s->cTotalSectors - 1);
2420 scsiH2BE_U32(pbBuf + 4, 2048);
2421 s->iSourceSink = ATAFN_SS_NULL;
2422 atapiR3CmdOK(s);
2423 return false;
2424}
2425
2426
2427static bool atapiR3ReadDiscInformationSS(ATADevState *s)
2428{
2429 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2430
2431 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
2432 Assert(s->cbElementaryTransfer <= 34);
2433 memset(pbBuf, '\0', 34);
2434 scsiH2BE_U16(pbBuf, 32);
2435 pbBuf[2] = (0 << 4) | (3 << 2) | (2 << 0); /* not erasable, complete session, complete disc */
2436 pbBuf[3] = 1; /* number of first track */
2437 pbBuf[4] = 1; /* number of sessions (LSB) */
2438 pbBuf[5] = 1; /* first track number in last session (LSB) */
2439 pbBuf[6] = (uint8_t)s->pDrvMedia->pfnGetRegionCount(s->pDrvMedia); /* last track number in last session (LSB) */
2440 pbBuf[7] = (0 << 7) | (0 << 6) | (1 << 5) | (0 << 2) | (0 << 0); /* disc id not valid, disc bar code not valid, unrestricted use, not dirty, not RW medium */
2441 pbBuf[8] = 0; /* disc type = CD-ROM */
2442 pbBuf[9] = 0; /* number of sessions (MSB) */
2443 pbBuf[10] = 0; /* number of sessions (MSB) */
2444 pbBuf[11] = 0; /* number of sessions (MSB) */
2445 scsiH2BE_U32(pbBuf + 16, 0xffffffff); /* last session lead-in start time is not available */
2446 scsiH2BE_U32(pbBuf + 20, 0xffffffff); /* last possible start time for lead-out is not available */
2447 s->iSourceSink = ATAFN_SS_NULL;
2448 atapiR3CmdOK(s);
2449 return false;
2450}
2451
2452
2453static bool atapiR3ReadTrackInformationSS(ATADevState *s)
2454{
2455 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2456 uint32_t u32LogAddr = scsiBE2H_U32(&s->aATAPICmd[2]);
2457 uint8_t u8LogAddrType = s->aATAPICmd[1] & 0x03;
2458
2459 int rc = VINF_SUCCESS;
2460 uint64_t u64LbaStart = 0;
2461 uint32_t uRegion = 0;
2462 uint64_t cBlocks = 0;
2463 uint64_t cbBlock = 0;
2464 uint8_t u8DataMode = 0xf; /* Unknown data mode. */
2465 uint8_t u8TrackMode = 0;
2466 VDREGIONDATAFORM enmDataForm = VDREGIONDATAFORM_INVALID;
2467
2468 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
2469 Assert(s->cbElementaryTransfer <= 36);
2470
2471 switch (u8LogAddrType)
2472 {
2473 case 0x00:
2474 rc = s->pDrvMedia->pfnQueryRegionPropertiesForLba(s->pDrvMedia, u32LogAddr, &uRegion,
2475 NULL, NULL, NULL);
2476 if (RT_SUCCESS(rc))
2477 rc = s->pDrvMedia->pfnQueryRegionProperties(s->pDrvMedia, uRegion, &u64LbaStart,
2478 &cBlocks, &cbBlock, &enmDataForm);
2479 break;
2480 case 0x01:
2481 {
2482 if (u32LogAddr >= 1)
2483 {
2484 uRegion = u32LogAddr - 1;
2485 rc = s->pDrvMedia->pfnQueryRegionProperties(s->pDrvMedia, uRegion, &u64LbaStart,
2486 &cBlocks, &cbBlock, &enmDataForm);
2487 }
2488 else
2489 rc = VERR_NOT_FOUND; /** @todo: Return lead-in information. */
2490 break;
2491 }
2492 case 0x02:
2493 default:
2494 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2495 return false;
2496 }
2497
2498 if (RT_FAILURE(rc))
2499 {
2500 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2501 return false;
2502 }
2503
2504 switch (enmDataForm)
2505 {
2506 case VDREGIONDATAFORM_MODE1_2048:
2507 case VDREGIONDATAFORM_MODE1_2352:
2508 case VDREGIONDATAFORM_MODE1_0:
2509 u8DataMode = 1;
2510 break;
2511 case VDREGIONDATAFORM_XA_2336:
2512 case VDREGIONDATAFORM_XA_2352:
2513 case VDREGIONDATAFORM_XA_0:
2514 case VDREGIONDATAFORM_MODE2_2336:
2515 case VDREGIONDATAFORM_MODE2_2352:
2516 case VDREGIONDATAFORM_MODE2_0:
2517 u8DataMode = 2;
2518 break;
2519 default:
2520 u8DataMode = 0xf;
2521 }
2522
2523 if (enmDataForm == VDREGIONDATAFORM_CDDA)
2524 u8TrackMode = 0x0;
2525 else
2526 u8TrackMode = 0x4;
2527
2528 memset(pbBuf, '\0', 36);
2529 scsiH2BE_U16(pbBuf, 34);
2530 pbBuf[2] = uRegion + 1; /* track number (LSB) */
2531 pbBuf[3] = 1; /* session number (LSB) */
2532 pbBuf[5] = (0 << 5) | (0 << 4) | u8TrackMode; /* not damaged, primary copy, data track */
2533 pbBuf[6] = (0 << 7) | (0 << 6) | (0 << 5) | (0 << 6) | u8DataMode; /* not reserved track, not blank, not packet writing, not fixed packet */
2534 pbBuf[7] = (0 << 1) | (0 << 0); /* last recorded address not valid, next recordable address not valid */
2535 scsiH2BE_U32(pbBuf + 8, (uint32_t)u64LbaStart); /* track start address is 0 */
2536 scsiH2BE_U32(pbBuf + 24, (uint32_t)cBlocks); /* track size */
2537 pbBuf[32] = 0; /* track number (MSB) */
2538 pbBuf[33] = 0; /* session number (MSB) */
2539 s->iSourceSink = ATAFN_SS_NULL;
2540 atapiR3CmdOK(s);
2541 return false;
2542}
2543
2544static DECLCALLBACK(uint32_t) atapiR3GetConfigurationFillFeatureListProfiles(ATADevState *s, uint8_t *pbBuf, size_t cbBuf)
2545{
2546 RT_NOREF1(s);
2547 if (cbBuf < 3*4)
2548 return 0;
2549
2550 scsiH2BE_U16(pbBuf, 0x0); /* feature 0: list of profiles supported */
2551 pbBuf[2] = (0 << 2) | (1 << 1) | (1 << 0); /* version 0, persistent, current */
2552 pbBuf[3] = 8; /* additional bytes for profiles */
2553 /* The MMC-3 spec says that DVD-ROM read capability should be reported
2554 * before CD-ROM read capability. */
2555 scsiH2BE_U16(pbBuf + 4, 0x10); /* profile: read-only DVD */
2556 pbBuf[6] = (0 << 0); /* NOT current profile */
2557 scsiH2BE_U16(pbBuf + 8, 0x08); /* profile: read only CD */
2558 pbBuf[10] = (1 << 0); /* current profile */
2559
2560 return 3*4; /* Header + 2 profiles entries */
2561}
2562
2563static DECLCALLBACK(uint32_t) atapiR3GetConfigurationFillFeatureCore(ATADevState *s, uint8_t *pbBuf, size_t cbBuf)
2564{
2565 RT_NOREF1(s);
2566 if (cbBuf < 12)
2567 return 0;
2568
2569 scsiH2BE_U16(pbBuf, 0x1); /* feature 0001h: Core Feature */
2570 pbBuf[2] = (0x2 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
2571 pbBuf[3] = 8; /* Additional length */
2572 scsiH2BE_U16(pbBuf + 4, 0x00000002); /* Physical interface ATAPI. */
2573 pbBuf[8] = RT_BIT(0); /* DBE */
2574 /* Rest is reserved. */
2575
2576 return 12;
2577}
2578
2579static DECLCALLBACK(uint32_t) atapiR3GetConfigurationFillFeatureMorphing(ATADevState *s, uint8_t *pbBuf, size_t cbBuf)
2580{
2581 RT_NOREF1(s);
2582 if (cbBuf < 8)
2583 return 0;
2584
2585 scsiH2BE_U16(pbBuf, 0x2); /* feature 0002h: Morphing Feature */
2586 pbBuf[2] = (0x1 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
2587 pbBuf[3] = 4; /* Additional length */
2588 pbBuf[4] = RT_BIT(1) | 0x0; /* OCEvent | !ASYNC */
2589 /* Rest is reserved. */
2590
2591 return 8;
2592}
2593
2594static DECLCALLBACK(uint32_t) atapiR3GetConfigurationFillFeatureRemovableMedium(ATADevState *s, uint8_t *pbBuf, size_t cbBuf)
2595{
2596 RT_NOREF1(s);
2597 if (cbBuf < 8)
2598 return 0;
2599
2600 scsiH2BE_U16(pbBuf, 0x3); /* feature 0003h: Removable Medium Feature */
2601 pbBuf[2] = (0x2 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
2602 pbBuf[3] = 4; /* Additional length */
2603 /* Tray type loading | Load | Eject | !Pvnt Jmpr | !DBML | Lock */
2604 pbBuf[4] = (0x2 << 5) | RT_BIT(4) | RT_BIT(3) | (0x0 << 2) | (0x0 << 1) | RT_BIT(0);
2605 /* Rest is reserved. */
2606
2607 return 8;
2608}
2609
2610static DECLCALLBACK(uint32_t) atapiR3GetConfigurationFillFeatureRandomReadable (ATADevState *s, uint8_t *pbBuf, size_t cbBuf)
2611{
2612 RT_NOREF1(s);
2613 if (cbBuf < 12)
2614 return 0;
2615
2616 scsiH2BE_U16(pbBuf, 0x10); /* feature 0010h: Random Readable Feature */
2617 pbBuf[2] = (0x0 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
2618 pbBuf[3] = 8; /* Additional length */
2619 scsiH2BE_U32(pbBuf + 4, 2048); /* Logical block size. */
2620 scsiH2BE_U16(pbBuf + 8, 0x10); /* Blocking (0x10 for DVD, CD is not defined). */
2621 pbBuf[10] = 0; /* PP not present */
2622 /* Rest is reserved. */
2623
2624 return 12;
2625}
2626
2627static DECLCALLBACK(uint32_t) atapiR3GetConfigurationFillFeatureCDRead(ATADevState *s, uint8_t *pbBuf, size_t cbBuf)
2628{
2629 RT_NOREF1(s);
2630 if (cbBuf < 8)
2631 return 0;
2632
2633 scsiH2BE_U16(pbBuf, 0x1e); /* feature 001Eh: CD Read Feature */
2634 pbBuf[2] = (0x2 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
2635 pbBuf[3] = 0; /* Additional length */
2636 pbBuf[4] = (0x0 << 7) | (0x0 << 1) | 0x0; /* !DAP | !C2-Flags | !CD-Text. */
2637 /* Rest is reserved. */
2638
2639 return 8;
2640}
2641
2642static DECLCALLBACK(uint32_t) atapiR3GetConfigurationFillFeaturePowerManagement(ATADevState *s, uint8_t *pbBuf, size_t cbBuf)
2643{
2644 RT_NOREF1(s);
2645 if (cbBuf < 4)
2646 return 0;
2647
2648 scsiH2BE_U16(pbBuf, 0x100); /* feature 0100h: Power Management Feature */
2649 pbBuf[2] = (0x0 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
2650 pbBuf[3] = 0; /* Additional length */
2651
2652 return 4;
2653}
2654
2655static DECLCALLBACK(uint32_t) atapiR3GetConfigurationFillFeatureTimeout(ATADevState *s, uint8_t *pbBuf, size_t cbBuf)
2656{
2657 RT_NOREF1(s);
2658 if (cbBuf < 8)
2659 return 0;
2660
2661 scsiH2BE_U16(pbBuf, 0x105); /* feature 0105h: Timeout Feature */
2662 pbBuf[2] = (0x0 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
2663 pbBuf[3] = 4; /* Additional length */
2664 pbBuf[4] = 0x0; /* !Group3 */
2665
2666 return 8;
2667}
2668
2669/**
2670 * Callback to fill in the correct data for a feature.
2671 *
2672 * @returns Number of bytes written into the buffer.
2673 * @param s The ATA device state.
2674 * @param pbBuf The buffer to fill the data with.
2675 * @param cbBuf Size of the buffer.
2676 */
2677typedef DECLCALLBACK(uint32_t) FNATAPIR3FEATUREFILL(ATADevState *s, uint8_t *pbBuf, size_t cbBuf);
2678/** Pointer to a feature fill callback. */
2679typedef FNATAPIR3FEATUREFILL *PFNATAPIR3FEATUREFILL;
2680
2681/**
2682 * ATAPI feature descriptor.
2683 */
2684typedef struct ATAPIR3FEATDESC
2685{
2686 /** The feature number. */
2687 uint16_t u16Feat;
2688 /** The callback to fill in the correct data. */
2689 PFNATAPIR3FEATUREFILL pfnFeatureFill;
2690} ATAPIR3FEATDESC;
2691
2692/**
2693 * Array of known ATAPI feature descriptors.
2694 */
2695static const ATAPIR3FEATDESC s_aAtapiR3Features[] =
2696{
2697 { 0x0000, atapiR3GetConfigurationFillFeatureListProfiles},
2698 { 0x0001, atapiR3GetConfigurationFillFeatureCore},
2699 { 0x0002, atapiR3GetConfigurationFillFeatureMorphing},
2700 { 0x0003, atapiR3GetConfigurationFillFeatureRemovableMedium},
2701 { 0x0010, atapiR3GetConfigurationFillFeatureRandomReadable},
2702 { 0x001e, atapiR3GetConfigurationFillFeatureCDRead},
2703 { 0x0100, atapiR3GetConfigurationFillFeaturePowerManagement},
2704 { 0x0105, atapiR3GetConfigurationFillFeatureTimeout}
2705};
2706
2707static bool atapiR3GetConfigurationSS(ATADevState *s)
2708{
2709 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2710 uint32_t cbBuf = s->cbIOBuffer;
2711 uint32_t cbCopied = 0;
2712 uint16_t u16Sfn = scsiBE2H_U16(&s->aATAPICmd[2]);
2713 uint8_t u8Rt = s->aATAPICmd[1] & 0x03;
2714
2715 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
2716 Assert(s->cbElementaryTransfer <= 80);
2717 /* Accept valid request types only. */
2718 if (u8Rt == 3)
2719 {
2720 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2721 return false;
2722 }
2723 memset(pbBuf, '\0', cbBuf);
2724 /** @todo implement switching between CD-ROM and DVD-ROM profile (the only
2725 * way to differentiate them right now is based on the image size). */
2726 if (s->cTotalSectors)
2727 scsiH2BE_U16(pbBuf + 6, 0x08); /* current profile: read-only CD */
2728 else
2729 scsiH2BE_U16(pbBuf + 6, 0x00); /* current profile: none -> no media */
2730 cbBuf -= 8;
2731 pbBuf += 8;
2732
2733 if (u8Rt == 0x2)
2734 {
2735 for (uint32_t i = 0; i < RT_ELEMENTS(s_aAtapiR3Features); i++)
2736 {
2737 if (s_aAtapiR3Features[i].u16Feat == u16Sfn)
2738 {
2739 cbCopied = s_aAtapiR3Features[i].pfnFeatureFill(s, pbBuf, cbBuf);
2740 cbBuf -= cbCopied;
2741 pbBuf += cbCopied;
2742 break;
2743 }
2744 }
2745 }
2746 else
2747 {
2748 for (uint32_t i = 0; i < RT_ELEMENTS(s_aAtapiR3Features); i++)
2749 {
2750 if (s_aAtapiR3Features[i].u16Feat > u16Sfn)
2751 {
2752 cbCopied = s_aAtapiR3Features[i].pfnFeatureFill(s, pbBuf, cbBuf);
2753 cbBuf -= cbCopied;
2754 pbBuf += cbCopied;
2755 }
2756 }
2757 }
2758
2759 /* Set data length now - the field is not included in the final length. */
2760 scsiH2BE_U32(s->CTX_SUFF(pbIOBuffer), s->cbIOBuffer - cbBuf - 4);
2761
2762 /* Other profiles we might want to add in the future: 0x40 (BD-ROM) and 0x50 (HDDVD-ROM) */
2763 s->iSourceSink = ATAFN_SS_NULL;
2764 atapiR3CmdOK(s);
2765 return false;
2766}
2767
2768
2769static bool atapiR3GetEventStatusNotificationSS(ATADevState *s)
2770{
2771 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2772
2773 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
2774 Assert(s->cbElementaryTransfer <= 8);
2775
2776 if (!(s->aATAPICmd[1] & 1))
2777 {
2778 /* no asynchronous operation supported */
2779 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2780 return false;
2781 }
2782
2783 uint32_t OldStatus, NewStatus;
2784 do
2785 {
2786 OldStatus = ASMAtomicReadU32(&s->MediaEventStatus);
2787 NewStatus = ATA_EVENT_STATUS_UNCHANGED;
2788 switch (OldStatus)
2789 {
2790 case ATA_EVENT_STATUS_MEDIA_NEW:
2791 /* mount */
2792 scsiH2BE_U16(pbBuf + 0, 6);
2793 pbBuf[2] = 0x04; /* media */
2794 pbBuf[3] = 0x5e; /* supported = busy|media|external|power|operational */
2795 pbBuf[4] = 0x02; /* new medium */
2796 pbBuf[5] = 0x02; /* medium present / door closed */
2797 pbBuf[6] = 0x00;
2798 pbBuf[7] = 0x00;
2799 break;
2800
2801 case ATA_EVENT_STATUS_MEDIA_CHANGED:
2802 case ATA_EVENT_STATUS_MEDIA_REMOVED:
2803 /* umount */
2804 scsiH2BE_U16(pbBuf + 0, 6);
2805 pbBuf[2] = 0x04; /* media */
2806 pbBuf[3] = 0x5e; /* supported = busy|media|external|power|operational */
2807 pbBuf[4] = 0x03; /* media removal */
2808 pbBuf[5] = 0x00; /* medium absent / door closed */
2809 pbBuf[6] = 0x00;
2810 pbBuf[7] = 0x00;
2811 if (OldStatus == ATA_EVENT_STATUS_MEDIA_CHANGED)
2812 NewStatus = ATA_EVENT_STATUS_MEDIA_NEW;
2813 break;
2814
2815 case ATA_EVENT_STATUS_MEDIA_EJECT_REQUESTED: /* currently unused */
2816 scsiH2BE_U16(pbBuf + 0, 6);
2817 pbBuf[2] = 0x04; /* media */
2818 pbBuf[3] = 0x5e; /* supported = busy|media|external|power|operational */
2819 pbBuf[4] = 0x01; /* eject requested (eject button pressed) */
2820 pbBuf[5] = 0x02; /* medium present / door closed */
2821 pbBuf[6] = 0x00;
2822 pbBuf[7] = 0x00;
2823 break;
2824
2825 case ATA_EVENT_STATUS_UNCHANGED:
2826 default:
2827 scsiH2BE_U16(pbBuf + 0, 6);
2828 pbBuf[2] = 0x01; /* operational change request / notification */
2829 pbBuf[3] = 0x5e; /* supported = busy|media|external|power|operational */
2830 pbBuf[4] = 0x00;
2831 pbBuf[5] = 0x00;
2832 pbBuf[6] = 0x00;
2833 pbBuf[7] = 0x00;
2834 break;
2835 }
2836 } while (!ASMAtomicCmpXchgU32(&s->MediaEventStatus, NewStatus, OldStatus));
2837
2838 s->iSourceSink = ATAFN_SS_NULL;
2839 atapiR3CmdOK(s);
2840 return false;
2841}
2842
2843
2844static bool atapiR3InquirySS(ATADevState *s)
2845{
2846 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2847
2848 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
2849 Assert(s->cbElementaryTransfer <= 36);
2850 pbBuf[0] = 0x05; /* CD-ROM */
2851 pbBuf[1] = 0x80; /* removable */
2852# if 1/*ndef VBOX*/ /** @todo implement MESN + AENC. (async notification on removal and stuff.) */
2853 pbBuf[2] = 0x00; /* ISO */
2854 pbBuf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
2855# else
2856 pbBuf[2] = 0x00; /* ISO */
2857 pbBuf[3] = 0x91; /* format 1, MESN=1, AENC=9 ??? */
2858# endif
2859 pbBuf[4] = 31; /* additional length */
2860 pbBuf[5] = 0; /* reserved */
2861 pbBuf[6] = 0; /* reserved */
2862 pbBuf[7] = 0; /* reserved */
2863 scsiPadStr(pbBuf + 8, s->szInquiryVendorId, 8);
2864 scsiPadStr(pbBuf + 16, s->szInquiryProductId, 16);
2865 scsiPadStr(pbBuf + 32, s->szInquiryRevision, 4);
2866 s->iSourceSink = ATAFN_SS_NULL;
2867 atapiR3CmdOK(s);
2868 return false;
2869}
2870
2871
2872static bool atapiR3ModeSenseErrorRecoverySS(ATADevState *s)
2873{
2874 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2875
2876 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
2877 Assert(s->cbElementaryTransfer <= 16);
2878 scsiH2BE_U16(&pbBuf[0], 16 + 6);
2879 pbBuf[2] = (uint8_t)s->MediaTrackType;
2880 pbBuf[3] = 0;
2881 pbBuf[4] = 0;
2882 pbBuf[5] = 0;
2883 pbBuf[6] = 0;
2884 pbBuf[7] = 0;
2885
2886 pbBuf[8] = 0x01;
2887 pbBuf[9] = 0x06;
2888 pbBuf[10] = 0x00; /* Maximum error recovery */
2889 pbBuf[11] = 0x05; /* 5 retries */
2890 pbBuf[12] = 0x00;
2891 pbBuf[13] = 0x00;
2892 pbBuf[14] = 0x00;
2893 pbBuf[15] = 0x00;
2894 s->iSourceSink = ATAFN_SS_NULL;
2895 atapiR3CmdOK(s);
2896 return false;
2897}
2898
2899
2900static bool atapiR3ModeSenseCDStatusSS(ATADevState *s)
2901{
2902 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2903
2904 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
2905 Assert(s->cbElementaryTransfer <= 40);
2906 scsiH2BE_U16(&pbBuf[0], 38);
2907 pbBuf[2] = (uint8_t)s->MediaTrackType;
2908 pbBuf[3] = 0;
2909 pbBuf[4] = 0;
2910 pbBuf[5] = 0;
2911 pbBuf[6] = 0;
2912 pbBuf[7] = 0;
2913
2914 pbBuf[8] = 0x2a;
2915 pbBuf[9] = 30; /* page length */
2916 pbBuf[10] = 0x08; /* DVD-ROM read support */
2917 pbBuf[11] = 0x00; /* no write support */
2918 /* The following claims we support audio play. This is obviously false,
2919 * but the Linux generic CDROM support makes many features depend on this
2920 * capability. If it's not set, this causes many things to be disabled. */
2921 pbBuf[12] = 0x71; /* multisession support, mode 2 form 1/2 support, audio play */
2922 pbBuf[13] = 0x00; /* no subchannel reads supported */
2923 pbBuf[14] = (1 << 0) | (1 << 3) | (1 << 5); /* lock supported, eject supported, tray type loading mechanism */
2924 if (s->pDrvMount->pfnIsLocked(s->pDrvMount))
2925 pbBuf[14] |= 1 << 1; /* report lock state */
2926 pbBuf[15] = 0; /* no subchannel reads supported, no separate audio volume control, no changer etc. */
2927 scsiH2BE_U16(&pbBuf[16], 5632); /* (obsolete) claim 32x speed support */
2928 scsiH2BE_U16(&pbBuf[18], 2); /* number of audio volume levels */
2929 scsiH2BE_U16(&pbBuf[20], s->cbIOBuffer / _1K); /* buffer size supported in Kbyte */
2930 scsiH2BE_U16(&pbBuf[22], 5632); /* (obsolete) current read speed 32x */
2931 pbBuf[24] = 0; /* reserved */
2932 pbBuf[25] = 0; /* reserved for digital audio (see idx 15) */
2933 scsiH2BE_U16(&pbBuf[26], 0); /* (obsolete) maximum write speed */
2934 scsiH2BE_U16(&pbBuf[28], 0); /* (obsolete) current write speed */
2935 scsiH2BE_U16(&pbBuf[30], 0); /* copy management revision supported 0=no CSS */
2936 pbBuf[32] = 0; /* reserved */
2937 pbBuf[33] = 0; /* reserved */
2938 pbBuf[34] = 0; /* reserved */
2939 pbBuf[35] = 1; /* rotation control CAV */
2940 scsiH2BE_U16(&pbBuf[36], 0); /* current write speed */
2941 scsiH2BE_U16(&pbBuf[38], 0); /* number of write speed performance descriptors */
2942 s->iSourceSink = ATAFN_SS_NULL;
2943 atapiR3CmdOK(s);
2944 return false;
2945}
2946
2947
2948static bool atapiR3RequestSenseSS(ATADevState *s)
2949{
2950 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2951
2952 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
2953 memset(pbBuf, '\0', s->cbElementaryTransfer);
2954 memcpy(pbBuf, s->abATAPISense, RT_MIN(s->cbElementaryTransfer, sizeof(s->abATAPISense)));
2955 s->iSourceSink = ATAFN_SS_NULL;
2956 atapiR3CmdOK(s);
2957 return false;
2958}
2959
2960
2961static bool atapiR3MechanismStatusSS(ATADevState *s)
2962{
2963 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2964
2965 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
2966 Assert(s->cbElementaryTransfer <= 8);
2967 scsiH2BE_U16(pbBuf, 0);
2968 /* no current LBA */
2969 pbBuf[2] = 0;
2970 pbBuf[3] = 0;
2971 pbBuf[4] = 0;
2972 pbBuf[5] = 1;
2973 scsiH2BE_U16(pbBuf + 6, 0);
2974 s->iSourceSink = ATAFN_SS_NULL;
2975 atapiR3CmdOK(s);
2976 return false;
2977}
2978
2979
2980static bool atapiR3ReadTOCNormalSS(ATADevState *s)
2981{
2982 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer), *q, iStartTrack;
2983 bool fMSF;
2984 uint32_t cbSize;
2985 uint32_t cTracks = s->pDrvMedia->pfnGetRegionCount(s->pDrvMedia);
2986
2987 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
2988 fMSF = (s->aATAPICmd[1] >> 1) & 1;
2989 iStartTrack = s->aATAPICmd[6];
2990 if (iStartTrack == 0)
2991 iStartTrack = 1;
2992
2993 if (iStartTrack > cTracks && iStartTrack != 0xaa)
2994 {
2995 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2996 return false;
2997 }
2998 q = pbBuf + 2;
2999 *q++ = iStartTrack; /* first track number */
3000 *q++ = cTracks; /* last track number */
3001 for (uint32_t iTrack = iStartTrack; iTrack <= cTracks; iTrack++)
3002 {
3003 uint64_t uLbaStart = 0;
3004 VDREGIONDATAFORM enmDataForm = VDREGIONDATAFORM_MODE1_2048;
3005
3006 int rc = s->pDrvMedia->pfnQueryRegionProperties(s->pDrvMedia, iTrack - 1, &uLbaStart,
3007 NULL, NULL, &enmDataForm);
3008 AssertRC(rc);
3009
3010 *q++ = 0; /* reserved */
3011
3012 if (enmDataForm == VDREGIONDATAFORM_CDDA)
3013 *q++ = 0x10; /* ADR, control */
3014 else
3015 *q++ = 0x14; /* ADR, control */
3016
3017 *q++ = (uint8_t)iTrack; /* track number */
3018 *q++ = 0; /* reserved */
3019 if (fMSF)
3020 {
3021 *q++ = 0; /* reserved */
3022 scsiLBA2MSF(q, (uint32_t)uLbaStart);
3023 q += 3;
3024 }
3025 else
3026 {
3027 /* sector 0 */
3028 scsiH2BE_U32(q, (uint32_t)uLbaStart);
3029 q += 4;
3030 }
3031 }
3032 /* lead out track */
3033 *q++ = 0; /* reserved */
3034 *q++ = 0x14; /* ADR, control */
3035 *q++ = 0xaa; /* track number */
3036 *q++ = 0; /* reserved */
3037
3038 /* Query start and length of last track to get the start of the lead out track. */
3039 uint64_t uLbaStart = 0;
3040 uint64_t cBlocks = 0;
3041
3042 int rc = s->pDrvMedia->pfnQueryRegionProperties(s->pDrvMedia, cTracks - 1, &uLbaStart,
3043 &cBlocks, NULL, NULL);
3044 AssertRC(rc);
3045
3046 uLbaStart += cBlocks;
3047 if (fMSF)
3048 {
3049 *q++ = 0; /* reserved */
3050 scsiLBA2MSF(q, (uint32_t)uLbaStart);
3051 q += 3;
3052 }
3053 else
3054 {
3055 scsiH2BE_U32(q, (uint32_t)uLbaStart);
3056 q += 4;
3057 }
3058 cbSize = q - pbBuf;
3059 scsiH2BE_U16(pbBuf, cbSize - 2);
3060 if (cbSize < s->cbTotalTransfer)
3061 s->cbTotalTransfer = cbSize;
3062 s->iSourceSink = ATAFN_SS_NULL;
3063 atapiR3CmdOK(s);
3064 return false;
3065}
3066
3067
3068static bool atapiR3ReadTOCMultiSS(ATADevState *s)
3069{
3070 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
3071 bool fMSF;
3072
3073 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
3074 Assert(s->cbElementaryTransfer <= 12);
3075 fMSF = (s->aATAPICmd[1] >> 1) & 1;
3076 /* multi session: only a single session defined */
3077 /** @todo double-check this stuff against what a real drive says for a CD-ROM (not a CD-R)
3078 * with only a single data session. Maybe solve the problem with "cdrdao read-toc" not being
3079 * able to figure out whether numbers are in BCD or hex. */
3080 memset(pbBuf, 0, 12);
3081 pbBuf[1] = 0x0a;
3082 pbBuf[2] = 0x01;
3083 pbBuf[3] = 0x01;
3084
3085 VDREGIONDATAFORM enmDataForm = VDREGIONDATAFORM_MODE1_2048;
3086 int rc = s->pDrvMedia->pfnQueryRegionProperties(s->pDrvMedia, 0, NULL,
3087 NULL, NULL, &enmDataForm);
3088 AssertRC(rc);
3089
3090 if (enmDataForm == VDREGIONDATAFORM_CDDA)
3091 pbBuf[5] = 0x10; /* ADR, control */
3092 else
3093 pbBuf[5] = 0x14; /* ADR, control */
3094
3095 pbBuf[6] = 1; /* first track in last complete session */
3096 if (fMSF)
3097 {
3098 pbBuf[8] = 0; /* reserved */
3099 scsiLBA2MSF(&pbBuf[9], 0);
3100 }
3101 else
3102 {
3103 /* sector 0 */
3104 scsiH2BE_U32(pbBuf + 8, 0);
3105 }
3106 s->iSourceSink = ATAFN_SS_NULL;
3107 atapiR3CmdOK(s);
3108 return false;
3109}
3110
3111
3112static bool atapiR3ReadTOCRawSS(ATADevState *s)
3113{
3114 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer), *q, iStartTrack;
3115 bool fMSF;
3116 uint32_t cbSize;
3117
3118 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
3119 fMSF = (s->aATAPICmd[1] >> 1) & 1;
3120 iStartTrack = s->aATAPICmd[6];
3121
3122 q = pbBuf + 2;
3123 *q++ = 1; /* first session */
3124 *q++ = 1; /* last session */
3125
3126 *q++ = 1; /* session number */
3127 *q++ = 0x14; /* data track */
3128 *q++ = 0; /* track number */
3129 *q++ = 0xa0; /* first track in program area */
3130 *q++ = 0; /* min */
3131 *q++ = 0; /* sec */
3132 *q++ = 0; /* frame */
3133 *q++ = 0;
3134 *q++ = 1; /* first track */
3135 *q++ = 0x00; /* disk type CD-DA or CD data */
3136 *q++ = 0;
3137
3138 *q++ = 1; /* session number */
3139 *q++ = 0x14; /* data track */
3140 *q++ = 0; /* track number */
3141 *q++ = 0xa1; /* last track in program area */
3142 *q++ = 0; /* min */
3143 *q++ = 0; /* sec */
3144 *q++ = 0; /* frame */
3145 *q++ = 0;
3146 *q++ = 1; /* last track */
3147 *q++ = 0;
3148 *q++ = 0;
3149
3150 *q++ = 1; /* session number */
3151 *q++ = 0x14; /* data track */
3152 *q++ = 0; /* track number */
3153 *q++ = 0xa2; /* lead-out */
3154 *q++ = 0; /* min */
3155 *q++ = 0; /* sec */
3156 *q++ = 0; /* frame */
3157 if (fMSF)
3158 {
3159 *q++ = 0; /* reserved */
3160 scsiLBA2MSF(q, s->cTotalSectors);
3161 q += 3;
3162 }
3163 else
3164 {
3165 scsiH2BE_U32(q, s->cTotalSectors);
3166 q += 4;
3167 }
3168
3169 *q++ = 1; /* session number */
3170 *q++ = 0x14; /* ADR, control */
3171 *q++ = 0; /* track number */
3172 *q++ = 1; /* point */
3173 *q++ = 0; /* min */
3174 *q++ = 0; /* sec */
3175 *q++ = 0; /* frame */
3176 if (fMSF)
3177 {
3178 *q++ = 0; /* reserved */
3179 scsiLBA2MSF(q, 0);
3180 q += 3;
3181 }
3182 else
3183 {
3184 /* sector 0 */
3185 scsiH2BE_U32(q, 0);
3186 q += 4;
3187 }
3188
3189 cbSize = q - pbBuf;
3190 scsiH2BE_U16(pbBuf, cbSize - 2);
3191 if (cbSize < s->cbTotalTransfer)
3192 s->cbTotalTransfer = cbSize;
3193 s->iSourceSink = ATAFN_SS_NULL;
3194 atapiR3CmdOK(s);
3195 return false;
3196}
3197
3198
3199static void atapiR3ParseCmdVirtualATAPI(ATADevState *s)
3200{
3201 const uint8_t *pbPacket;
3202 uint8_t *pbBuf;
3203 uint32_t cbMax;
3204
3205 pbPacket = s->aATAPICmd;
3206 pbBuf = s->CTX_SUFF(pbIOBuffer);
3207 switch (pbPacket[0])
3208 {
3209 case SCSI_TEST_UNIT_READY:
3210 if (s->cNotifiedMediaChange > 0)
3211 {
3212 if (s->cNotifiedMediaChange-- > 2)
3213 atapiR3CmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
3214 else
3215 atapiR3CmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
3216 }
3217 else if (s->pDrvMount->pfnIsMounted(s->pDrvMount))
3218 atapiR3CmdOK(s);
3219 else
3220 atapiR3CmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
3221 break;
3222 case SCSI_GET_EVENT_STATUS_NOTIFICATION:
3223 cbMax = scsiBE2H_U16(pbPacket + 7);
3224 ataR3StartTransfer(s, RT_MIN(cbMax, 8), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_GET_EVENT_STATUS_NOTIFICATION, true);
3225 break;
3226 case SCSI_MODE_SENSE_10:
3227 {
3228 uint8_t uPageControl, uPageCode;
3229 cbMax = scsiBE2H_U16(pbPacket + 7);
3230 uPageControl = pbPacket[2] >> 6;
3231 uPageCode = pbPacket[2] & 0x3f;
3232 switch (uPageControl)
3233 {
3234 case SCSI_PAGECONTROL_CURRENT:
3235 switch (uPageCode)
3236 {
3237 case SCSI_MODEPAGE_ERROR_RECOVERY:
3238 ataR3StartTransfer(s, RT_MIN(cbMax, 16), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_MODE_SENSE_ERROR_RECOVERY, true);
3239 break;
3240 case SCSI_MODEPAGE_CD_STATUS:
3241 ataR3StartTransfer(s, RT_MIN(cbMax, 40), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_MODE_SENSE_CD_STATUS, true);
3242 break;
3243 default:
3244 goto error_cmd;
3245 }
3246 break;
3247 case SCSI_PAGECONTROL_CHANGEABLE:
3248 goto error_cmd;
3249 case SCSI_PAGECONTROL_DEFAULT:
3250 goto error_cmd;
3251 default:
3252 case SCSI_PAGECONTROL_SAVED:
3253 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
3254 break;
3255 }
3256 break;
3257 }
3258 case SCSI_REQUEST_SENSE:
3259 cbMax = pbPacket[4];
3260 ataR3StartTransfer(s, RT_MIN(cbMax, 18), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_REQUEST_SENSE, true);
3261 break;
3262 case SCSI_PREVENT_ALLOW_MEDIUM_REMOVAL:
3263 if (s->pDrvMount->pfnIsMounted(s->pDrvMount))
3264 {
3265 if (pbPacket[4] & 1)
3266 s->pDrvMount->pfnLock(s->pDrvMount);
3267 else
3268 s->pDrvMount->pfnUnlock(s->pDrvMount);
3269 atapiR3CmdOK(s);
3270 }
3271 else
3272 atapiR3CmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
3273 break;
3274 case SCSI_READ_10:
3275 case SCSI_READ_12:
3276 {
3277 uint32_t cSectors, iATAPILBA;
3278
3279 if (s->cNotifiedMediaChange > 0)
3280 {
3281 s->cNotifiedMediaChange-- ;
3282 atapiR3CmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
3283 break;
3284 }
3285 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
3286 {
3287 atapiR3CmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
3288 break;
3289 }
3290 if (pbPacket[0] == SCSI_READ_10)
3291 cSectors = scsiBE2H_U16(pbPacket + 7);
3292 else
3293 cSectors = scsiBE2H_U32(pbPacket + 6);
3294 iATAPILBA = scsiBE2H_U32(pbPacket + 2);
3295
3296 /* Check that the sector size is valid. */
3297 VDREGIONDATAFORM enmDataForm = VDREGIONDATAFORM_INVALID;
3298 int rc = s->pDrvMedia->pfnQueryRegionPropertiesForLba(s->pDrvMedia, iATAPILBA,
3299 NULL, NULL, NULL, &enmDataForm);
3300 AssertRC(rc);
3301 if ( enmDataForm != VDREGIONDATAFORM_MODE1_2048
3302 && enmDataForm != VDREGIONDATAFORM_MODE1_2352
3303 && enmDataForm != VDREGIONDATAFORM_MODE2_2336
3304 && enmDataForm != VDREGIONDATAFORM_MODE2_2352
3305 && enmDataForm != VDREGIONDATAFORM_RAW)
3306 {
3307 uint8_t abATAPISense[ATAPI_SENSE_SIZE];
3308 RT_ZERO(abATAPISense);
3309
3310 abATAPISense[0] = 0x70 | (1 << 7);
3311 abATAPISense[2] = (SCSI_SENSE_ILLEGAL_REQUEST & 0x0f) | SCSI_SENSE_FLAG_ILI;
3312 scsiH2BE_U32(&abATAPISense[3], iATAPILBA);
3313 abATAPISense[7] = 10;
3314 abATAPISense[12] = SCSI_ASC_ILLEGAL_MODE_FOR_THIS_TRACK;
3315 atapiR3CmdError(s, &abATAPISense[0], sizeof(abATAPISense));
3316 break;
3317 }
3318
3319 if (cSectors == 0)
3320 {
3321 atapiR3CmdOK(s);
3322 break;
3323 }
3324 if ((uint64_t)iATAPILBA + cSectors > s->cTotalSectors)
3325 {
3326 /* Rate limited logging, one log line per second. For
3327 * guests that insist on reading from places outside the
3328 * valid area this often generates too many release log
3329 * entries otherwise. */
3330 static uint64_t uLastLogTS = 0;
3331 if (RTTimeMilliTS() >= uLastLogTS + 1000)
3332 {
3333 LogRel(("PIIX3 ATA: LUN#%d: CD-ROM block number %Ld invalid (READ)\n", s->iLUN, (uint64_t)iATAPILBA + cSectors));
3334 uLastLogTS = RTTimeMilliTS();
3335 }
3336 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_LOGICAL_BLOCK_OOR);
3337 break;
3338 }
3339 atapiR3ReadSectors(s, iATAPILBA, cSectors, 2048);
3340 break;
3341 }
3342 case SCSI_READ_CD:
3343 {
3344 uint32_t cSectors, iATAPILBA;
3345
3346 if (s->cNotifiedMediaChange > 0)
3347 {
3348 s->cNotifiedMediaChange-- ;
3349 atapiR3CmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
3350 break;
3351 }
3352 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
3353 {
3354 atapiR3CmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
3355 break;
3356 }
3357 if ((pbPacket[10] & 0x7) != 0)
3358 {
3359 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
3360 break;
3361 }
3362 cSectors = (pbPacket[6] << 16) | (pbPacket[7] << 8) | pbPacket[8];
3363 iATAPILBA = scsiBE2H_U32(pbPacket + 2);
3364 if (cSectors == 0)
3365 {
3366 atapiR3CmdOK(s);
3367 break;
3368 }
3369 if ((uint64_t)iATAPILBA + cSectors > s->cTotalSectors)
3370 {
3371 /* Rate limited logging, one log line per second. For
3372 * guests that insist on reading from places outside the
3373 * valid area this often generates too many release log
3374 * entries otherwise. */
3375 static uint64_t uLastLogTS = 0;
3376 if (RTTimeMilliTS() >= uLastLogTS + 1000)
3377 {
3378 LogRel(("PIIX3 ATA: LUN#%d: CD-ROM block number %Ld invalid (READ CD)\n", s->iLUN, (uint64_t)iATAPILBA + cSectors));
3379 uLastLogTS = RTTimeMilliTS();
3380 }
3381 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_LOGICAL_BLOCK_OOR);
3382 break;
3383 }
3384 /*
3385 * If the LBA is in an audio track we are required to ignore pretty much all
3386 * of the channel selection values (except 0x00) and map everything to 0x10
3387 * which means read user data with a sector size of 2352 bytes.
3388 *
3389 * (MMC-6 chapter 6.19.2.6)
3390 */
3391 uint8_t uChnSel = pbPacket[9] & 0xf8;
3392 VDREGIONDATAFORM enmDataForm;
3393 int rc = s->pDrvMedia->pfnQueryRegionPropertiesForLba(s->pDrvMedia, iATAPILBA,
3394 NULL, NULL, NULL, &enmDataForm);
3395 AssertRC(rc);
3396
3397 if (enmDataForm == VDREGIONDATAFORM_CDDA)
3398 {
3399 if (uChnSel == 0)
3400 {
3401 /* nothing */
3402 atapiR3CmdOK(s);
3403 }
3404 else
3405 atapiR3ReadSectors(s, iATAPILBA, cSectors, 2352);
3406 }
3407 else
3408 {
3409 switch (uChnSel)
3410 {
3411 case 0x00:
3412 /* nothing */
3413 atapiR3CmdOK(s);
3414 break;
3415 case 0x10:
3416 /* normal read */
3417 atapiR3ReadSectors(s, iATAPILBA, cSectors, 2048);
3418 break;
3419 case 0xf8:
3420 /* read all data */
3421 atapiR3ReadSectors(s, iATAPILBA, cSectors, 2352);
3422 break;
3423 default:
3424 LogRel(("PIIX3 ATA: LUN#%d: CD-ROM sector format not supported (%#x)\n", s->iLUN, pbPacket[9] & 0xf8));
3425 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
3426 break;
3427 }
3428 }
3429 break;
3430 }
3431 case SCSI_SEEK_10:
3432 {
3433 uint32_t iATAPILBA;
3434 if (s->cNotifiedMediaChange > 0)
3435 {
3436 s->cNotifiedMediaChange-- ;
3437 atapiR3CmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
3438 break;
3439 }
3440 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
3441 {
3442 atapiR3CmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
3443 break;
3444 }
3445 iATAPILBA = scsiBE2H_U32(pbPacket + 2);
3446 if (iATAPILBA > s->cTotalSectors)
3447 {
3448 /* Rate limited logging, one log line per second. For
3449 * guests that insist on seeking to places outside the
3450 * valid area this often generates too many release log
3451 * entries otherwise. */
3452 static uint64_t uLastLogTS = 0;
3453 if (RTTimeMilliTS() >= uLastLogTS + 1000)
3454 {
3455 LogRel(("PIIX3 ATA: LUN#%d: CD-ROM block number %Ld invalid (SEEK)\n", s->iLUN, (uint64_t)iATAPILBA));
3456 uLastLogTS = RTTimeMilliTS();
3457 }
3458 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_LOGICAL_BLOCK_OOR);
3459 break;
3460 }
3461 atapiR3CmdOK(s);
3462 ataSetStatus(s, ATA_STAT_SEEK); /* Linux expects this. */
3463 break;
3464 }
3465 case SCSI_START_STOP_UNIT:
3466 {
3467 int rc = VINF_SUCCESS;
3468 switch (pbPacket[4] & 3)
3469 {
3470 case 0: /* 00 - Stop motor */
3471 case 1: /* 01 - Start motor */
3472 break;
3473 case 2: /* 10 - Eject media */
3474 {
3475 /* This must be done from EMT. */
3476 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
3477 PPDMDEVINS pDevIns = ATADEVSTATE_2_DEVINS(s);
3478 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
3479
3480 ataR3LockLeave(pCtl);
3481 rc = VMR3ReqPriorityCallWait(PDMDevHlpGetVM(pDevIns), VMCPUID_ANY,
3482 (PFNRT)s->pDrvMount->pfnUnmount, 3,
3483 s->pDrvMount, false /*=fForce*/, true /*=fEject*/);
3484 Assert(RT_SUCCESS(rc) || rc == VERR_PDM_MEDIA_LOCKED || rc == VERR_PDM_MEDIA_NOT_MOUNTED);
3485 if (RT_SUCCESS(rc) && pThis->pMediaNotify)
3486 {
3487 rc = VMR3ReqCallNoWait(PDMDevHlpGetVM(pDevIns), VMCPUID_ANY,
3488 (PFNRT)pThis->pMediaNotify->pfnEjected, 2,
3489 pThis->pMediaNotify, s->iLUN);
3490 AssertRC(rc);
3491 }
3492
3493 ataR3LockEnter(pCtl);
3494 break;
3495 }
3496 case 3: /* 11 - Load media */
3497 /** @todo rc = s->pDrvMount->pfnLoadMedia(s->pDrvMount) */
3498 break;
3499 }
3500 if (RT_SUCCESS(rc))
3501 atapiR3CmdOK(s);
3502 else
3503 atapiR3CmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIA_LOAD_OR_EJECT_FAILED);
3504 break;
3505 }
3506 case SCSI_MECHANISM_STATUS:
3507 {
3508 cbMax = scsiBE2H_U16(pbPacket + 8);
3509 ataR3StartTransfer(s, RT_MIN(cbMax, 8), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_MECHANISM_STATUS, true);
3510 break;
3511 }
3512 case SCSI_READ_TOC_PMA_ATIP:
3513 {
3514 uint8_t format;
3515
3516 if (s->cNotifiedMediaChange > 0)
3517 {
3518 s->cNotifiedMediaChange-- ;
3519 atapiR3CmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
3520 break;
3521 }
3522 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
3523 {
3524 atapiR3CmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
3525 break;
3526 }
3527 cbMax = scsiBE2H_U16(pbPacket + 7);
3528 /* SCSI MMC-3 spec says format is at offset 2 (lower 4 bits),
3529 * but Linux kernel uses offset 9 (topmost 2 bits). Hope that
3530 * the other field is clear... */
3531 format = (pbPacket[2] & 0xf) | (pbPacket[9] >> 6);
3532 switch (format)
3533 {
3534 case 0:
3535 ataR3StartTransfer(s, cbMax, PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_TOC_NORMAL, true);
3536 break;
3537 case 1:
3538 ataR3StartTransfer(s, RT_MIN(cbMax, 12), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_TOC_MULTI, true);
3539 break;
3540 case 2:
3541 ataR3StartTransfer(s, cbMax, PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_TOC_RAW, true);
3542 break;
3543 default:
3544 error_cmd:
3545 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
3546 break;
3547 }
3548 break;
3549 }
3550 case SCSI_READ_CAPACITY:
3551 if (s->cNotifiedMediaChange > 0)
3552 {
3553 s->cNotifiedMediaChange-- ;
3554 atapiR3CmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
3555 break;
3556 }
3557 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
3558 {
3559 atapiR3CmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
3560 break;
3561 }
3562 ataR3StartTransfer(s, 8, PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_CAPACITY, true);
3563 break;
3564 case SCSI_READ_DISC_INFORMATION:
3565 if (s->cNotifiedMediaChange > 0)
3566 {
3567 s->cNotifiedMediaChange-- ;
3568 atapiR3CmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
3569 break;
3570 }
3571 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
3572 {
3573 atapiR3CmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
3574 break;
3575 }
3576 cbMax = scsiBE2H_U16(pbPacket + 7);
3577 ataR3StartTransfer(s, RT_MIN(cbMax, 34), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_DISC_INFORMATION, true);
3578 break;
3579 case SCSI_READ_TRACK_INFORMATION:
3580 if (s->cNotifiedMediaChange > 0)
3581 {
3582 s->cNotifiedMediaChange-- ;
3583 atapiR3CmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
3584 break;
3585 }
3586 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
3587 {
3588 atapiR3CmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
3589 break;
3590 }
3591 cbMax = scsiBE2H_U16(pbPacket + 7);
3592 ataR3StartTransfer(s, RT_MIN(cbMax, 36), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_TRACK_INFORMATION, true);
3593 break;
3594 case SCSI_GET_CONFIGURATION:
3595 /* No media change stuff here, it can confuse Linux guests. */
3596 cbMax = scsiBE2H_U16(pbPacket + 7);
3597 ataR3StartTransfer(s, RT_MIN(cbMax, 80), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_GET_CONFIGURATION, true);
3598 break;
3599 case SCSI_INQUIRY:
3600 cbMax = scsiBE2H_U16(pbPacket + 3);
3601 ataR3StartTransfer(s, RT_MIN(cbMax, 36), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_INQUIRY, true);
3602 break;
3603 case SCSI_READ_DVD_STRUCTURE:
3604 {
3605 cbMax = scsiBE2H_U16(pbPacket + 8);
3606 ataR3StartTransfer(s, RT_MIN(cbMax, 4), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_DVD_STRUCTURE, true);
3607 break;
3608 }
3609 default:
3610 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_ILLEGAL_OPCODE);
3611 break;
3612 }
3613}
3614
3615
3616/*
3617 * Parse ATAPI commands, passing them directly to the CD/DVD drive.
3618 */
3619static void atapiR3ParseCmdPassthrough(ATADevState *s)
3620{
3621 const uint8_t *pbPacket = &s->aATAPICmd[0];
3622
3623 /* Some cases we have to handle here. */
3624 if ( pbPacket[0] == SCSI_GET_EVENT_STATUS_NOTIFICATION
3625 && ASMAtomicReadU32(&s->MediaEventStatus) != ATA_EVENT_STATUS_UNCHANGED)
3626 {
3627 uint32_t cbTransfer = scsiBE2H_U16(pbPacket + 7);
3628 ataR3StartTransfer(s, RT_MIN(cbTransfer, 8), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_GET_EVENT_STATUS_NOTIFICATION, true);
3629 }
3630 else if ( pbPacket[0] == SCSI_REQUEST_SENSE
3631 && (s->abATAPISense[2] & 0x0f) != SCSI_SENSE_NONE)
3632 ataR3StartTransfer(s, RT_MIN(pbPacket[4], 18), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_REQUEST_SENSE, true);
3633 else
3634 {
3635 size_t cbBuf = 0;
3636 size_t cbATAPISector = 0;
3637 size_t cbTransfer = 0;
3638 PDMMEDIATXDIR uTxDir = PDMMEDIATXDIR_NONE;
3639 uint8_t u8ScsiSts = SCSI_STATUS_OK;
3640
3641 if (pbPacket[0] == SCSI_FORMAT_UNIT || pbPacket[0] == SCSI_GET_PERFORMANCE)
3642 cbBuf = s->uATARegLCyl | (s->uATARegHCyl << 8); /* use ATAPI transfer length */
3643
3644 bool fPassthrough = ATAPIPassthroughParseCdb(pbPacket, sizeof(s->aATAPICmd), cbBuf, s->pTrackList,
3645 &s->abATAPISense[0], sizeof(s->abATAPISense), &uTxDir, &cbTransfer,
3646 &cbATAPISector, &u8ScsiSts);
3647 if (fPassthrough)
3648 {
3649 s->cbATAPISector = (uint32_t)cbATAPISector;
3650 Assert(s->cbATAPISector == (uint32_t)cbATAPISector);
3651 Assert(cbTransfer == (uint32_t)cbTransfer);
3652
3653 /*
3654 * Send a command to the drive, passing data in/out as required.
3655 * Commands which exceed the I/O buffer size are split below
3656 * or aborted if splitting is not implemented.
3657 */
3658 Log2(("ATAPI PT: max size %d\n", cbTransfer));
3659 if (cbTransfer == 0)
3660 uTxDir = PDMMEDIATXDIR_NONE;
3661 ataR3StartTransfer(s, (uint32_t)cbTransfer, uTxDir, ATAFN_BT_ATAPI_PASSTHROUGH_CMD, ATAFN_SS_ATAPI_PASSTHROUGH, true);
3662 }
3663 else if (u8ScsiSts == SCSI_STATUS_CHECK_CONDITION)
3664 {
3665 /* Sense data is already set, end the request and notify the guest. */
3666 Log(("%s: sense=%#x (%s) asc=%#x ascq=%#x (%s)\n", __FUNCTION__, s->abATAPISense[2] & 0x0f, SCSISenseText(s->abATAPISense[2] & 0x0f),
3667 s->abATAPISense[12], s->abATAPISense[13], SCSISenseExtText(s->abATAPISense[12], s->abATAPISense[13])));
3668 s->uATARegError = s->abATAPISense[2] << 4;
3669 ataSetStatusValue(s, ATA_STAT_READY | ATA_STAT_ERR);
3670 s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
3671 Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
3672 s->cbTotalTransfer = 0;
3673 s->cbElementaryTransfer = 0;
3674 s->cbAtapiPassthroughTransfer = 0;
3675 s->iIOBufferCur = 0;
3676 s->iIOBufferEnd = 0;
3677 s->uTxDir = PDMMEDIATXDIR_NONE;
3678 s->iBeginTransfer = ATAFN_BT_NULL;
3679 s->iSourceSink = ATAFN_SS_NULL;
3680 }
3681 else if (u8ScsiSts == SCSI_STATUS_OK)
3682 atapiR3CmdOK(s);
3683 }
3684}
3685
3686
3687static void atapiR3ParseCmd(ATADevState *s)
3688{
3689 const uint8_t *pbPacket;
3690
3691 pbPacket = s->aATAPICmd;
3692# ifdef DEBUG
3693 Log(("%s: LUN#%d DMA=%d CMD=%#04x \"%s\"\n", __FUNCTION__, s->iLUN, s->fDMA, pbPacket[0], SCSICmdText(pbPacket[0])));
3694# else /* !DEBUG */
3695 Log(("%s: LUN#%d DMA=%d CMD=%#04x\n", __FUNCTION__, s->iLUN, s->fDMA, pbPacket[0]));
3696# endif /* !DEBUG */
3697 Log2(("%s: limit=%#x packet: %.*Rhxs\n", __FUNCTION__, s->uATARegLCyl | (s->uATARegHCyl << 8), ATAPI_PACKET_SIZE, pbPacket));
3698
3699 if (s->fATAPIPassthrough)
3700 atapiR3ParseCmdPassthrough(s);
3701 else
3702 atapiR3ParseCmdVirtualATAPI(s);
3703}
3704
3705
3706static bool ataR3PacketSS(ATADevState *s)
3707{
3708 s->fDMA = !!(s->uATARegFeature & 1);
3709 memcpy(s->aATAPICmd, s->CTX_SUFF(pbIOBuffer), ATAPI_PACKET_SIZE);
3710 s->uTxDir = PDMMEDIATXDIR_NONE;
3711 s->cbTotalTransfer = 0;
3712 s->cbElementaryTransfer = 0;
3713 s->cbAtapiPassthroughTransfer = 0;
3714 atapiR3ParseCmd(s);
3715 return false;
3716}
3717
3718
3719/**
3720 * SCSI_GET_EVENT_STATUS_NOTIFICATION should return "medium removed" event
3721 * from now on, regardless if there was a medium inserted or not.
3722 */
3723static void ataR3MediumRemoved(ATADevState *s)
3724{
3725 ASMAtomicWriteU32(&s->MediaEventStatus, ATA_EVENT_STATUS_MEDIA_REMOVED);
3726}
3727
3728
3729/**
3730 * SCSI_GET_EVENT_STATUS_NOTIFICATION should return "medium inserted". If
3731 * there was already a medium inserted, don't forget to send the "medium
3732 * removed" event first.
3733 */
3734static void ataR3MediumInserted(ATADevState *s)
3735{
3736 uint32_t OldStatus, NewStatus;
3737 do
3738 {
3739 OldStatus = ASMAtomicReadU32(&s->MediaEventStatus);
3740 switch (OldStatus)
3741 {
3742 case ATA_EVENT_STATUS_MEDIA_CHANGED:
3743 case ATA_EVENT_STATUS_MEDIA_REMOVED:
3744 /* no change, we will send "medium removed" + "medium inserted" */
3745 NewStatus = ATA_EVENT_STATUS_MEDIA_CHANGED;
3746 break;
3747 default:
3748 NewStatus = ATA_EVENT_STATUS_MEDIA_NEW;
3749 break;
3750 }
3751 } while (!ASMAtomicCmpXchgU32(&s->MediaEventStatus, NewStatus, OldStatus));
3752}
3753
3754
3755/**
3756 * @interface_method_impl{PDMIMOUNTNOTIFY,pfnMountNotify}
3757 */
3758static DECLCALLBACK(void) ataR3MountNotify(PPDMIMOUNTNOTIFY pInterface)
3759{
3760 ATADevState *pIf = RT_FROM_MEMBER(pInterface, ATADevState, IMountNotify);
3761 Log(("%s: changing LUN#%d\n", __FUNCTION__, pIf->iLUN));
3762
3763 /* Ignore the call if we're called while being attached. */
3764 if (!pIf->pDrvMedia)
3765 return;
3766
3767 uint32_t cRegions = pIf->pDrvMedia->pfnGetRegionCount(pIf->pDrvMedia);
3768 for (uint32_t i = 0; i < cRegions; i++)
3769 {
3770 uint64_t cBlocks = 0;
3771 int rc = pIf->pDrvMedia->pfnQueryRegionProperties(pIf->pDrvMedia, i, NULL, &cBlocks,
3772 NULL, NULL);
3773 AssertRC(rc);
3774 pIf->cTotalSectors += cBlocks;
3775 }
3776
3777 LogRel(("PIIX3 ATA: LUN#%d: CD/DVD, total number of sectors %Ld, passthrough unchanged\n", pIf->iLUN, pIf->cTotalSectors));
3778
3779 /* Report media changed in TEST UNIT and other (probably incorrect) places. */
3780 if (pIf->cNotifiedMediaChange < 2)
3781 pIf->cNotifiedMediaChange = 1;
3782 ataR3MediumInserted(pIf);
3783 ataR3MediumTypeSet(pIf, ATA_MEDIA_TYPE_UNKNOWN);
3784}
3785
3786/**
3787 * @interface_method_impl{PDMIMOUNTNOTIFY,pfnUnmountNotify}
3788 */
3789static DECLCALLBACK(void) ataR3UnmountNotify(PPDMIMOUNTNOTIFY pInterface)
3790{
3791 ATADevState *pIf = RT_FROM_MEMBER(pInterface, ATADevState, IMountNotify);
3792 Log(("%s:\n", __FUNCTION__));
3793 pIf->cTotalSectors = 0;
3794
3795 /*
3796 * Whatever I do, XP will not use the GET MEDIA STATUS nor the EVENT stuff.
3797 * However, it will respond to TEST UNIT with a 0x6 0x28 (media changed) sense code.
3798 * So, we'll give it 4 TEST UNIT command to catch up, two which the media is not
3799 * present and 2 in which it is changed.
3800 */
3801 pIf->cNotifiedMediaChange = 1;
3802 ataR3MediumRemoved(pIf);
3803 ataR3MediumTypeSet(pIf, ATA_MEDIA_NO_DISC);
3804}
3805
3806static void ataR3PacketBT(ATADevState *s)
3807{
3808 s->cbElementaryTransfer = s->cbTotalTransfer;
3809 s->cbAtapiPassthroughTransfer = s->cbTotalTransfer;
3810 s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_CD;
3811 Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
3812 ataSetStatusValue(s, ATA_STAT_READY);
3813}
3814
3815
3816static void ataR3ResetDevice(ATADevState *s)
3817{
3818 s->cMultSectors = ATA_MAX_MULT_SECTORS;
3819 s->cNotifiedMediaChange = 0;
3820 ASMAtomicWriteU32(&s->MediaEventStatus, ATA_EVENT_STATUS_UNCHANGED);
3821 ASMAtomicWriteU32(&s->MediaTrackType, ATA_MEDIA_TYPE_UNKNOWN);
3822 ataUnsetIRQ(s);
3823
3824 s->uATARegSelect = 0x20;
3825 ataSetStatusValue(s, ATA_STAT_READY);
3826 ataR3SetSignature(s);
3827 s->cbTotalTransfer = 0;
3828 s->cbElementaryTransfer = 0;
3829 s->cbAtapiPassthroughTransfer = 0;
3830 s->iIOBufferPIODataStart = 0;
3831 s->iIOBufferPIODataEnd = 0;
3832 s->iBeginTransfer = ATAFN_BT_NULL;
3833 s->iSourceSink = ATAFN_SS_NULL;
3834 s->fDMA = false;
3835 s->fATAPITransfer = false;
3836 s->uATATransferMode = ATA_MODE_UDMA | 2; /* PIIX3 supports only up to UDMA2 */
3837
3838 s->uATARegFeature = 0;
3839}
3840
3841
3842static bool ataR3ExecuteDeviceDiagnosticSS(ATADevState *s)
3843{
3844 ataR3SetSignature(s);
3845 if (s->fATAPI)
3846 ataSetStatusValue(s, 0); /* NOTE: READY is _not_ set */
3847 else
3848 ataSetStatusValue(s, ATA_STAT_READY | ATA_STAT_SEEK);
3849 s->uATARegError = 0x01;
3850 return false;
3851}
3852
3853
3854static int ataR3TrimSectors(ATADevState *s, uint64_t u64Sector, uint32_t cSectors,
3855 bool *pfRedo)
3856{
3857 RTRANGE TrimRange;
3858 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
3859 int rc;
3860
3861 ataR3LockLeave(pCtl);
3862
3863 TrimRange.offStart = u64Sector * s->cbSector;
3864 TrimRange.cbRange = cSectors * s->cbSector;
3865
3866 s->Led.Asserted.s.fWriting = s->Led.Actual.s.fWriting = 1;
3867 rc = s->pDrvMedia->pfnDiscard(s->pDrvMedia, &TrimRange, 1);
3868 s->Led.Actual.s.fWriting = 0;
3869
3870 if (RT_SUCCESS(rc))
3871 *pfRedo = false;
3872 else
3873 *pfRedo = ataR3IsRedoSetWarning(s, rc);
3874
3875 ataR3LockEnter(pCtl);
3876 return rc;
3877}
3878
3879
3880static bool ataR3TrimSS(ATADevState *s)
3881{
3882 int rc = VERR_GENERAL_FAILURE;
3883 uint32_t cRangesMax;
3884 uint64_t *pu64Range = (uint64_t *)s->CTX_SUFF(pbIOBuffer);
3885 bool fRedo = false;
3886
3887 cRangesMax = s->cbElementaryTransfer / sizeof(uint64_t);
3888 Assert(cRangesMax);
3889
3890 while (cRangesMax-- > 0)
3891 {
3892 if (ATA_RANGE_LENGTH_GET(*pu64Range) == 0)
3893 break;
3894
3895 rc = ataR3TrimSectors(s, *pu64Range & ATA_RANGE_LBA_MASK,
3896 ATA_RANGE_LENGTH_GET(*pu64Range), &fRedo);
3897 if (RT_FAILURE(rc))
3898 break;
3899
3900 pu64Range++;
3901 }
3902
3903 if (RT_SUCCESS(rc))
3904 {
3905 s->iSourceSink = ATAFN_SS_NULL;
3906 ataR3CmdOK(s, ATA_STAT_SEEK);
3907 }
3908 else
3909 {
3910 if (fRedo)
3911 return fRedo;
3912 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
3913 LogRel(("PIIX3 ATA: LUN#%d: disk trim error (rc=%Rrc iSector=%#RX64 cSectors=%#RX32)\n",
3914 s->iLUN, rc, *pu64Range & ATA_RANGE_LBA_MASK, ATA_RANGE_LENGTH_GET(*pu64Range)));
3915
3916 /*
3917 * Check if we got interrupted. We don't need to set status variables
3918 * because the request was aborted.
3919 */
3920 if (rc != VERR_INTERRUPTED)
3921 ataR3CmdError(s, ID_ERR);
3922 }
3923
3924 return false;
3925}
3926
3927
3928static void ataR3ParseCmd(ATADevState *s, uint8_t cmd)
3929{
3930# ifdef DEBUG
3931 Log(("%s: LUN#%d CMD=%#04x \"%s\"\n", __FUNCTION__, s->iLUN, cmd, ATACmdText(cmd)));
3932# else /* !DEBUG */
3933 Log(("%s: LUN#%d CMD=%#04x\n", __FUNCTION__, s->iLUN, cmd));
3934# endif /* !DEBUG */
3935 s->fLBA48 = false;
3936 s->fDMA = false;
3937 if (cmd == ATA_IDLE_IMMEDIATE)
3938 {
3939 /* Detect Linux timeout recovery, first tries IDLE IMMEDIATE (which
3940 * would overwrite the failing command unfortunately), then RESET. */
3941 int32_t uCmdWait = -1;
3942 uint64_t uNow = RTTimeNanoTS();
3943 if (s->u64CmdTS)
3944 uCmdWait = (uNow - s->u64CmdTS) / 1000;
3945 LogRel(("PIIX3 ATA: LUN#%d: IDLE IMMEDIATE, CmdIf=%#04x (%d usec ago)\n",
3946 s->iLUN, s->uATARegCommand, uCmdWait));
3947 }
3948 s->uATARegCommand = cmd;
3949 switch (cmd)
3950 {
3951 case ATA_IDENTIFY_DEVICE:
3952 if (s->pDrvMedia && !s->fATAPI)
3953 ataR3StartTransfer(s, 512, PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_NULL, ATAFN_SS_IDENTIFY, false);
3954 else
3955 {
3956 if (s->fATAPI)
3957 ataR3SetSignature(s);
3958 ataR3CmdError(s, ABRT_ERR);
3959 ataUnsetStatus(s, ATA_STAT_READY);
3960 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
3961 }
3962 break;
3963 case ATA_RECALIBRATE:
3964 if (s->fATAPI)
3965 goto abort_cmd;
3966 /* fall through */
3967 case ATA_INITIALIZE_DEVICE_PARAMETERS:
3968 ataR3CmdOK(s, ATA_STAT_SEEK);
3969 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
3970 break;
3971 case ATA_SET_MULTIPLE_MODE:
3972 if ( s->uATARegNSector != 0
3973 && ( s->uATARegNSector > ATA_MAX_MULT_SECTORS
3974 || (s->uATARegNSector & (s->uATARegNSector - 1)) != 0))
3975 {
3976 ataR3CmdError(s, ABRT_ERR);
3977 }
3978 else
3979 {
3980 Log2(("%s: set multi sector count to %d\n", __FUNCTION__, s->uATARegNSector));
3981 s->cMultSectors = s->uATARegNSector;
3982 ataR3CmdOK(s, 0);
3983 }
3984 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
3985 break;
3986 case ATA_READ_VERIFY_SECTORS_EXT:
3987 s->fLBA48 = true;
3988 /* fall thru */
3989 case ATA_READ_VERIFY_SECTORS:
3990 case ATA_READ_VERIFY_SECTORS_WITHOUT_RETRIES:
3991 /* do sector number check ? */
3992 ataR3CmdOK(s, ATA_STAT_SEEK);
3993 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
3994 break;
3995 case ATA_READ_SECTORS_EXT:
3996 s->fLBA48 = true;
3997 /* fall thru */
3998 case ATA_READ_SECTORS:
3999 case ATA_READ_SECTORS_WITHOUT_RETRIES:
4000 if (!s->pDrvMedia || s->fATAPI)
4001 goto abort_cmd;
4002 s->cSectorsPerIRQ = 1;
4003 ataR3StartTransfer(s, ataR3GetNSectors(s) * s->cbSector, PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_READ_SECTORS, false);
4004 break;
4005 case ATA_WRITE_SECTORS_EXT:
4006 s->fLBA48 = true;
4007 /* fall thru */
4008 case ATA_WRITE_SECTORS:
4009 case ATA_WRITE_SECTORS_WITHOUT_RETRIES:
4010 if (!s->pDrvMedia || s->fATAPI)
4011 goto abort_cmd;
4012 s->cSectorsPerIRQ = 1;
4013 ataR3StartTransfer(s, ataR3GetNSectors(s) * s->cbSector, PDMMEDIATXDIR_TO_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_WRITE_SECTORS, false);
4014 break;
4015 case ATA_READ_MULTIPLE_EXT:
4016 s->fLBA48 = true;
4017 /* fall thru */
4018 case ATA_READ_MULTIPLE:
4019 if (!s->pDrvMedia || !s->cMultSectors || s->fATAPI)
4020 goto abort_cmd;
4021 s->cSectorsPerIRQ = s->cMultSectors;
4022 ataR3StartTransfer(s, ataR3GetNSectors(s) * s->cbSector, PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_READ_SECTORS, false);
4023 break;
4024 case ATA_WRITE_MULTIPLE_EXT:
4025 s->fLBA48 = true;
4026 /* fall thru */
4027 case ATA_WRITE_MULTIPLE:
4028 if (!s->pDrvMedia || !s->cMultSectors || s->fATAPI)
4029 goto abort_cmd;
4030 s->cSectorsPerIRQ = s->cMultSectors;
4031 ataR3StartTransfer(s, ataR3GetNSectors(s) * s->cbSector, PDMMEDIATXDIR_TO_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_WRITE_SECTORS, false);
4032 break;
4033 case ATA_READ_DMA_EXT:
4034 s->fLBA48 = true;
4035 /* fall thru */
4036 case ATA_READ_DMA:
4037 case ATA_READ_DMA_WITHOUT_RETRIES:
4038 if (!s->pDrvMedia || s->fATAPI)
4039 goto abort_cmd;
4040 s->cSectorsPerIRQ = ATA_MAX_MULT_SECTORS;
4041 s->fDMA = true;
4042 ataR3StartTransfer(s, ataR3GetNSectors(s) * s->cbSector, PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_READ_SECTORS, false);
4043 break;
4044 case ATA_WRITE_DMA_EXT:
4045 s->fLBA48 = true;
4046 /* fall thru */
4047 case ATA_WRITE_DMA:
4048 case ATA_WRITE_DMA_WITHOUT_RETRIES:
4049 if (!s->pDrvMedia || s->fATAPI)
4050 goto abort_cmd;
4051 s->cSectorsPerIRQ = ATA_MAX_MULT_SECTORS;
4052 s->fDMA = true;
4053 ataR3StartTransfer(s, ataR3GetNSectors(s) * s->cbSector, PDMMEDIATXDIR_TO_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_WRITE_SECTORS, false);
4054 break;
4055 case ATA_READ_NATIVE_MAX_ADDRESS_EXT:
4056 s->fLBA48 = true;
4057 ataR3SetSector(s, s->cTotalSectors - 1);
4058 ataR3CmdOK(s, 0);
4059 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4060 break;
4061 case ATA_SEEK: /* Used by the SCO OpenServer. Command is marked as obsolete */
4062 ataR3CmdOK(s, 0);
4063 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4064 break;
4065 case ATA_READ_NATIVE_MAX_ADDRESS:
4066 ataR3SetSector(s, RT_MIN(s->cTotalSectors, 1 << 28) - 1);
4067 ataR3CmdOK(s, 0);
4068 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4069 break;
4070 case ATA_CHECK_POWER_MODE:
4071 s->uATARegNSector = 0xff; /* drive active or idle */
4072 ataR3CmdOK(s, 0);
4073 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4074 break;
4075 case ATA_SET_FEATURES:
4076 Log2(("%s: feature=%#x\n", __FUNCTION__, s->uATARegFeature));
4077 if (!s->pDrvMedia)
4078 goto abort_cmd;
4079 switch (s->uATARegFeature)
4080 {
4081 case 0x02: /* write cache enable */
4082 Log2(("%s: write cache enable\n", __FUNCTION__));
4083 ataR3CmdOK(s, ATA_STAT_SEEK);
4084 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4085 break;
4086 case 0xaa: /* read look-ahead enable */
4087 Log2(("%s: read look-ahead enable\n", __FUNCTION__));
4088 ataR3CmdOK(s, ATA_STAT_SEEK);
4089 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4090 break;
4091 case 0x55: /* read look-ahead disable */
4092 Log2(("%s: read look-ahead disable\n", __FUNCTION__));
4093 ataR3CmdOK(s, ATA_STAT_SEEK);
4094 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4095 break;
4096 case 0xcc: /* reverting to power-on defaults enable */
4097 Log2(("%s: revert to power-on defaults enable\n", __FUNCTION__));
4098 ataR3CmdOK(s, ATA_STAT_SEEK);
4099 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4100 break;
4101 case 0x66: /* reverting to power-on defaults disable */
4102 Log2(("%s: revert to power-on defaults disable\n", __FUNCTION__));
4103 ataR3CmdOK(s, ATA_STAT_SEEK);
4104 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4105 break;
4106 case 0x82: /* write cache disable */
4107 Log2(("%s: write cache disable\n", __FUNCTION__));
4108 /* As per the ATA/ATAPI-6 specs, a write cache disable
4109 * command MUST flush the write buffers to disc. */
4110 ataR3StartTransfer(s, 0, PDMMEDIATXDIR_NONE, ATAFN_BT_NULL, ATAFN_SS_FLUSH, false);
4111 break;
4112 case 0x03: { /* set transfer mode */
4113 Log2(("%s: transfer mode %#04x\n", __FUNCTION__, s->uATARegNSector));
4114 switch (s->uATARegNSector & 0xf8)
4115 {
4116 case 0x00: /* PIO default */
4117 case 0x08: /* PIO mode */
4118 break;
4119 case ATA_MODE_MDMA: /* MDMA mode */
4120 s->uATATransferMode = (s->uATARegNSector & 0xf8) | RT_MIN(s->uATARegNSector & 0x07, ATA_MDMA_MODE_MAX);
4121 break;
4122 case ATA_MODE_UDMA: /* UDMA mode */
4123 s->uATATransferMode = (s->uATARegNSector & 0xf8) | RT_MIN(s->uATARegNSector & 0x07, ATA_UDMA_MODE_MAX);
4124 break;
4125 default:
4126 goto abort_cmd;
4127 }
4128 ataR3CmdOK(s, ATA_STAT_SEEK);
4129 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4130 break;
4131 }
4132 default:
4133 goto abort_cmd;
4134 }
4135 /*
4136 * OS/2 workarond:
4137 * The OS/2 IDE driver from MCP2 appears to rely on the feature register being
4138 * reset here. According to the specification, this is a driver bug as the register
4139 * contents are undefined after the call. This means we can just as well reset it.
4140 */
4141 s->uATARegFeature = 0;
4142 break;
4143 case ATA_FLUSH_CACHE_EXT:
4144 case ATA_FLUSH_CACHE:
4145 if (!s->pDrvMedia || s->fATAPI)
4146 goto abort_cmd;
4147 ataR3StartTransfer(s, 0, PDMMEDIATXDIR_NONE, ATAFN_BT_NULL, ATAFN_SS_FLUSH, false);
4148 break;
4149 case ATA_STANDBY_IMMEDIATE:
4150 ataR3CmdOK(s, 0);
4151 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4152 break;
4153 case ATA_IDLE_IMMEDIATE:
4154 LogRel(("PIIX3 ATA: LUN#%d: aborting current command\n", s->iLUN));
4155 ataR3AbortCurrentCommand(s, false);
4156 break;
4157 case ATA_SLEEP:
4158 ataR3CmdOK(s, 0);
4159 ataHCSetIRQ(s);
4160 break;
4161 /* ATAPI commands */
4162 case ATA_IDENTIFY_PACKET_DEVICE:
4163 if (s->fATAPI)
4164 ataR3StartTransfer(s, 512, PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_NULL, ATAFN_SS_ATAPI_IDENTIFY, false);
4165 else
4166 {
4167 ataR3CmdError(s, ABRT_ERR);
4168 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4169 }
4170 break;
4171 case ATA_EXECUTE_DEVICE_DIAGNOSTIC:
4172 ataR3StartTransfer(s, 0, PDMMEDIATXDIR_NONE, ATAFN_BT_NULL, ATAFN_SS_EXECUTE_DEVICE_DIAGNOSTIC, false);
4173 break;
4174 case ATA_DEVICE_RESET:
4175 if (!s->fATAPI)
4176 goto abort_cmd;
4177 LogRel(("PIIX3 ATA: LUN#%d: performing device RESET\n", s->iLUN));
4178 ataR3AbortCurrentCommand(s, true);
4179 break;
4180 case ATA_PACKET:
4181 if (!s->fATAPI)
4182 goto abort_cmd;
4183 /* overlapping commands not supported */
4184 if (s->uATARegFeature & 0x02)
4185 goto abort_cmd;
4186 ataR3StartTransfer(s, ATAPI_PACKET_SIZE, PDMMEDIATXDIR_TO_DEVICE, ATAFN_BT_PACKET, ATAFN_SS_PACKET, false);
4187 break;
4188 case ATA_DATA_SET_MANAGEMENT:
4189 if (!s->pDrvMedia || !s->pDrvMedia->pfnDiscard)
4190 goto abort_cmd;
4191 if ( !(s->uATARegFeature & UINT8_C(0x01))
4192 || (s->uATARegFeature & ~UINT8_C(0x01)))
4193 goto abort_cmd;
4194 s->fDMA = true;
4195 ataR3StartTransfer(s, (s->uATARegNSectorHOB << 8 | s->uATARegNSector) * s->cbSector, PDMMEDIATXDIR_TO_DEVICE, ATAFN_BT_NULL, ATAFN_SS_TRIM, false);
4196 break;
4197 default:
4198 abort_cmd:
4199 ataR3CmdError(s, ABRT_ERR);
4200 if (s->fATAPI)
4201 ataUnsetStatus(s, ATA_STAT_READY);
4202 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4203 break;
4204 }
4205}
4206
4207# endif /* IN_RING3 */
4208#endif /* IN_RING0 || IN_RING3 */
4209
4210/*
4211 * Note: There are four distinct cases of port I/O handling depending on
4212 * which devices (if any) are attached to an IDE channel:
4213 *
4214 * 1) No device attached. No response to writes or reads (i.e. reads return
4215 * all bits set).
4216 *
4217 * 2) Both devices attached. Reads and writes are processed normally.
4218 *
4219 * 3) Device 0 only. If device 0 is selected, normal behavior applies. But
4220 * if Device 1 is selected, writes are still directed to Device 0 (except
4221 * commands are not executed), reads from control/command registers are
4222 * directed to Device 0, but status/alt status reads return 0. If Device 1
4223 * is a PACKET device, all reads return 0. See ATAPI-6 clause 9.16.1 and
4224 * Table 18 in clause 7.1.
4225 *
4226 * 4) Device 1 only - non-standard(!). Device 1 can't tell if Device 0 is
4227 * present or not and behaves the same. That means if Device 0 is selected,
4228 * Device 1 responds to writes (except commands are not executed) but does
4229 * not respond to reads. If Device 1 selected, normal behavior applies.
4230 * See ATAPI-6 clause 9.16.2 and Table 15 in clause 7.1.
4231 */
4232
4233static int ataIOPortWriteU8(PATACONTROLLER pCtl, uint32_t addr, uint32_t val)
4234{
4235 Log2(("%s: LUN#%d write addr=%#x val=%#04x\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf].iLUN, addr, val));
4236 addr &= 7;
4237 switch (addr)
4238 {
4239 case 0:
4240 break;
4241 case 1: /* feature register */
4242 /* NOTE: data is written to the two drives */
4243 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
4244 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
4245 pCtl->aIfs[0].uATARegFeatureHOB = pCtl->aIfs[0].uATARegFeature;
4246 pCtl->aIfs[1].uATARegFeatureHOB = pCtl->aIfs[1].uATARegFeature;
4247 pCtl->aIfs[0].uATARegFeature = val;
4248 pCtl->aIfs[1].uATARegFeature = val;
4249 break;
4250 case 2: /* sector count */
4251 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
4252 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
4253 pCtl->aIfs[0].uATARegNSectorHOB = pCtl->aIfs[0].uATARegNSector;
4254 pCtl->aIfs[1].uATARegNSectorHOB = pCtl->aIfs[1].uATARegNSector;
4255 pCtl->aIfs[0].uATARegNSector = val;
4256 pCtl->aIfs[1].uATARegNSector = val;
4257 break;
4258 case 3: /* sector number */
4259 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
4260 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
4261 pCtl->aIfs[0].uATARegSectorHOB = pCtl->aIfs[0].uATARegSector;
4262 pCtl->aIfs[1].uATARegSectorHOB = pCtl->aIfs[1].uATARegSector;
4263 pCtl->aIfs[0].uATARegSector = val;
4264 pCtl->aIfs[1].uATARegSector = val;
4265 break;
4266 case 4: /* cylinder low */
4267 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
4268 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
4269 pCtl->aIfs[0].uATARegLCylHOB = pCtl->aIfs[0].uATARegLCyl;
4270 pCtl->aIfs[1].uATARegLCylHOB = pCtl->aIfs[1].uATARegLCyl;
4271 pCtl->aIfs[0].uATARegLCyl = val;
4272 pCtl->aIfs[1].uATARegLCyl = val;
4273 break;
4274 case 5: /* cylinder high */
4275 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
4276 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
4277 pCtl->aIfs[0].uATARegHCylHOB = pCtl->aIfs[0].uATARegHCyl;
4278 pCtl->aIfs[1].uATARegHCylHOB = pCtl->aIfs[1].uATARegHCyl;
4279 pCtl->aIfs[0].uATARegHCyl = val;
4280 pCtl->aIfs[1].uATARegHCyl = val;
4281 break;
4282 case 6: /* drive/head */
4283 pCtl->aIfs[0].uATARegSelect = (val & ~0x10) | 0xa0;
4284 pCtl->aIfs[1].uATARegSelect = (val | 0x10) | 0xa0;
4285 if (((val >> 4) & 1) != pCtl->iSelectedIf)
4286 {
4287 PPDMDEVINS pDevIns = CONTROLLER_2_DEVINS(pCtl);
4288
4289 /* select another drive */
4290 pCtl->iSelectedIf = (val >> 4) & 1;
4291 /* The IRQ line is multiplexed between the two drives, so
4292 * update the state when switching to another drive. Only need
4293 * to update interrupt line if it is enabled and there is a
4294 * state change. */
4295 if ( !(pCtl->aIfs[pCtl->iSelectedIf].uATARegDevCtl & ATA_DEVCTL_DISABLE_IRQ)
4296 && ( pCtl->aIfs[pCtl->iSelectedIf].fIrqPending
4297 != pCtl->aIfs[pCtl->iSelectedIf ^ 1].fIrqPending))
4298 {
4299 if (pCtl->aIfs[pCtl->iSelectedIf].fIrqPending)
4300 {
4301 Log2(("%s: LUN#%d asserting IRQ (drive select change)\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf].iLUN));
4302 /* The BMDMA unit unconditionally sets BM_STATUS_INT if
4303 * the interrupt line is asserted. It monitors the line
4304 * for a rising edge. */
4305 pCtl->BmDma.u8Status |= BM_STATUS_INT;
4306 if (pCtl->irq == 16)
4307 PDMDevHlpPCISetIrq(pDevIns, 0, 1);
4308 else
4309 PDMDevHlpISASetIrq(pDevIns, pCtl->irq, 1);
4310 }
4311 else
4312 {
4313 Log2(("%s: LUN#%d deasserting IRQ (drive select change)\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf].iLUN));
4314 if (pCtl->irq == 16)
4315 PDMDevHlpPCISetIrq(pDevIns, 0, 0);
4316 else
4317 PDMDevHlpISASetIrq(pDevIns, pCtl->irq, 0);
4318 }
4319 }
4320 }
4321 break;
4322 default:
4323 case 7: /* command */
4324 /* ignore commands to non-existent device */
4325 if (pCtl->iSelectedIf && !pCtl->aIfs[pCtl->iSelectedIf].pDrvMedia)
4326 break;
4327#ifndef IN_RING3
4328 /* Don't do anything complicated in GC */
4329 return VINF_IOM_R3_IOPORT_WRITE;
4330#else /* IN_RING3 */
4331 ataR3ParseCmd(&pCtl->aIfs[pCtl->iSelectedIf], val);
4332#endif /* !IN_RING3 */
4333 }
4334 return VINF_SUCCESS;
4335}
4336
4337
4338static int ataIOPortReadU8(PATACONTROLLER pCtl, uint32_t addr, uint32_t *pu32)
4339{
4340 ATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
4341 uint32_t val;
4342 bool fHOB;
4343
4344 /* Check if the guest is reading from a non-existent device. */
4345 if (!s->pDrvMedia)
4346 {
4347 if (pCtl->iSelectedIf) /* Device 1 selected, Device 0 responding for it. */
4348 {
4349 if (!pCtl->aIfs[0].pDrvMedia) /** @todo this case should never get here! */
4350 {
4351 Log2(("%s: addr=%#x: no device on channel\n", __FUNCTION__, addr));
4352 return VERR_IOM_IOPORT_UNUSED;
4353 }
4354 if (((addr & 7) != 1) && pCtl->aIfs[0].fATAPI) {
4355 Log2(("%s: addr=%#x, val=0: LUN#%d not attached/LUN#%d ATAPI\n", __FUNCTION__, addr,
4356 s->iLUN, pCtl->aIfs[0].iLUN));
4357 *pu32 = 0;
4358 return VINF_SUCCESS;
4359 }
4360 /* Else handle normally. */
4361 }
4362 else /* Device 0 selected (but not present). */
4363 {
4364 Log2(("%s: addr=%#x: LUN#%d not attached\n", __FUNCTION__, addr, s->iLUN));
4365 return VERR_IOM_IOPORT_UNUSED;
4366 }
4367 }
4368 fHOB = !!(s->uATARegDevCtl & (1 << 7));
4369 switch (addr & 7)
4370 {
4371 case 0: /* data register */
4372 val = 0xff;
4373 break;
4374 case 1: /* error register */
4375 /* The ATA specification is very terse when it comes to specifying
4376 * the precise effects of reading back the error/feature register.
4377 * The error register (read-only) shares the register number with
4378 * the feature register (write-only), so it seems that it's not
4379 * necessary to support the usual HOB readback here. */
4380 if (!s->pDrvMedia)
4381 val = 0;
4382 else
4383 val = s->uATARegError;
4384 break;
4385 case 2: /* sector count */
4386 if (fHOB)
4387 val = s->uATARegNSectorHOB;
4388 else
4389 val = s->uATARegNSector;
4390 break;
4391 case 3: /* sector number */
4392 if (fHOB)
4393 val = s->uATARegSectorHOB;
4394 else
4395 val = s->uATARegSector;
4396 break;
4397 case 4: /* cylinder low */
4398 if (fHOB)
4399 val = s->uATARegLCylHOB;
4400 else
4401 val = s->uATARegLCyl;
4402 break;
4403 case 5: /* cylinder high */
4404 if (fHOB)
4405 val = s->uATARegHCylHOB;
4406 else
4407 val = s->uATARegHCyl;
4408 break;
4409 case 6: /* drive/head */
4410 /* This register must always work as long as there is at least
4411 * one drive attached to the controller. It is common between
4412 * both drives anyway (completely identical content). */
4413 if (!pCtl->aIfs[0].pDrvMedia && !pCtl->aIfs[1].pDrvMedia)
4414 val = 0;
4415 else
4416 val = s->uATARegSelect;
4417 break;
4418 default:
4419 case 7: /* primary status */
4420 {
4421 /* Counter for number of busy status seen in GC in a row. */
4422 static unsigned cBusy = 0;
4423
4424 if (!s->pDrvMedia)
4425 val = 0;
4426 else
4427 val = s->uATARegStatus;
4428
4429 /* Give the async I/O thread an opportunity to make progress,
4430 * don't let it starve by guests polling frequently. EMT has a
4431 * lower priority than the async I/O thread, but sometimes the
4432 * host OS doesn't care. With some guests we are only allowed to
4433 * be busy for about 5 milliseconds in some situations. Note that
4434 * this is no guarantee for any other VBox thread getting
4435 * scheduled, so this just lowers the CPU load a bit when drives
4436 * are busy. It cannot help with timing problems. */
4437 if (val & ATA_STAT_BUSY)
4438 {
4439#ifdef IN_RING3
4440 cBusy = 0;
4441 ataR3LockLeave(pCtl);
4442
4443#ifndef RT_OS_WINDOWS
4444 /*
4445 * The thread might be stuck in an I/O operation
4446 * due to a high I/O load on the host. (see @bugref{3301})
4447 * To perform the reset successfully
4448 * we interrupt the operation by sending a signal to the thread
4449 * if the thread didn't responded in 10ms.
4450 * This works only on POSIX hosts (Windows has a CancelSynchronousIo function which
4451 * does the same but it was introduced with Vista) but so far
4452 * this hang was only observed on Linux and Mac OS X.
4453 *
4454 * This is a workaround and needs to be solved properly.
4455 */
4456 if (pCtl->fReset)
4457 {
4458 uint64_t u64ResetTimeStop = RTTimeMilliTS();
4459
4460 if ((u64ResetTimeStop - pCtl->u64ResetTime) >= 10)
4461 {
4462 LogRel(("PIIX3 ATA LUN#%d: Async I/O thread probably stuck in operation, interrupting\n", s->iLUN));
4463 pCtl->u64ResetTime = u64ResetTimeStop;
4464 RTThreadPoke(pCtl->AsyncIOThread);
4465 }
4466 }
4467#endif
4468
4469 RTThreadYield();
4470
4471 ataR3LockEnter(pCtl);
4472
4473 val = s->uATARegStatus;
4474#else /* !IN_RING3 */
4475 /* Cannot yield CPU in raw-mode and ring-0 context. And switching
4476 * to host context for each and every busy status is too costly,
4477 * especially on SMP systems where we don't gain much by
4478 * yielding the CPU to someone else. */
4479 if (++cBusy >= 20)
4480 {
4481 cBusy = 0;
4482 return VINF_IOM_R3_IOPORT_READ;
4483 }
4484#endif /* !IN_RING3 */
4485 }
4486 else
4487 cBusy = 0;
4488 ataUnsetIRQ(s);
4489 break;
4490 }
4491 }
4492 Log2(("%s: LUN#%d addr=%#x val=%#04x\n", __FUNCTION__, s->iLUN, addr, val));
4493 *pu32 = val;
4494 return VINF_SUCCESS;
4495}
4496
4497
4498static uint32_t ataStatusRead(PATACONTROLLER pCtl, uint32_t addr)
4499{
4500 ATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
4501 uint32_t val;
4502 RT_NOREF1(addr);
4503
4504 /// @todo The handler should not be even registered if there
4505 // is no device on an IDE channel.
4506 if (!pCtl->aIfs[0].pDrvMedia && !pCtl->aIfs[1].pDrvMedia)
4507 val = 0xff;
4508 else if (pCtl->iSelectedIf == 1 && !s->pDrvMedia)
4509 val = 0; /* Device 1 selected, Device 0 responding for it. */
4510 else
4511 val = s->uATARegStatus;
4512 Log2(("%s: addr=%#x val=%#04x\n", __FUNCTION__, addr, val));
4513 return val;
4514}
4515
4516static int ataControlWrite(PATACONTROLLER pCtl, uint32_t addr, uint32_t val)
4517{
4518 RT_NOREF1(addr);
4519#ifndef IN_RING3
4520 if ((val ^ pCtl->aIfs[0].uATARegDevCtl) & ATA_DEVCTL_RESET)
4521 return VINF_IOM_R3_IOPORT_WRITE; /* The RESET stuff is too complicated for RC+R0. */
4522#endif /* !IN_RING3 */
4523
4524 Log2(("%s: addr=%#x val=%#04x\n", __FUNCTION__, addr, val));
4525 /* RESET is common for both drives attached to a controller. */
4526 if ( !(pCtl->aIfs[0].uATARegDevCtl & ATA_DEVCTL_RESET)
4527 && (val & ATA_DEVCTL_RESET))
4528 {
4529#ifdef IN_RING3
4530 /* Software RESET low to high */
4531 int32_t uCmdWait0 = -1;
4532 int32_t uCmdWait1 = -1;
4533 uint64_t uNow = RTTimeNanoTS();
4534 if (pCtl->aIfs[0].u64CmdTS)
4535 uCmdWait0 = (uNow - pCtl->aIfs[0].u64CmdTS) / 1000;
4536 if (pCtl->aIfs[1].u64CmdTS)
4537 uCmdWait1 = (uNow - pCtl->aIfs[1].u64CmdTS) / 1000;
4538 LogRel(("PIIX3 ATA: Ctl#%d: RESET, DevSel=%d AIOIf=%d CmdIf0=%#04x (%d usec ago) CmdIf1=%#04x (%d usec ago)\n",
4539 ATACONTROLLER_IDX(pCtl), pCtl->iSelectedIf, pCtl->iAIOIf,
4540 pCtl->aIfs[0].uATARegCommand, uCmdWait0,
4541 pCtl->aIfs[1].uATARegCommand, uCmdWait1));
4542 pCtl->fReset = true;
4543 /* Everything must be done after the reset flag is set, otherwise
4544 * there are unavoidable races with the currently executing request
4545 * (which might just finish in the mean time). */
4546 pCtl->fChainedTransfer = false;
4547 for (uint32_t i = 0; i < RT_ELEMENTS(pCtl->aIfs); i++)
4548 {
4549 ataR3ResetDevice(&pCtl->aIfs[i]);
4550 /* The following cannot be done using ataSetStatusValue() since the
4551 * reset flag is already set, which suppresses all status changes. */
4552 pCtl->aIfs[i].uATARegStatus = ATA_STAT_BUSY | ATA_STAT_SEEK;
4553 Log2(("%s: LUN#%d status %#04x\n", __FUNCTION__, pCtl->aIfs[i].iLUN, pCtl->aIfs[i].uATARegStatus));
4554 pCtl->aIfs[i].uATARegError = 0x01;
4555 }
4556 pCtl->iSelectedIf = 0;
4557 ataR3AsyncIOClearRequests(pCtl);
4558 Log2(("%s: Ctl#%d: message to async I/O thread, resetA\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
4559 if (val & ATA_DEVCTL_HOB)
4560 {
4561 val &= ~ATA_DEVCTL_HOB;
4562 Log2(("%s: ignored setting HOB\n", __FUNCTION__));
4563 }
4564
4565 /* Save the timestamp we started the reset. */
4566 pCtl->u64ResetTime = RTTimeMilliTS();
4567
4568 /* Issue the reset request now. */
4569 ataHCAsyncIOPutRequest(pCtl, &g_ataResetARequest);
4570#else /* !IN_RING3 */
4571 AssertMsgFailed(("RESET handling is too complicated for GC\n"));
4572#endif /* IN_RING3 */
4573 }
4574 else if ( (pCtl->aIfs[0].uATARegDevCtl & ATA_DEVCTL_RESET)
4575 && !(val & ATA_DEVCTL_RESET))
4576 {
4577#ifdef IN_RING3
4578 /* Software RESET high to low */
4579 Log(("%s: deasserting RESET\n", __FUNCTION__));
4580 Log2(("%s: Ctl#%d: message to async I/O thread, resetC\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
4581 if (val & ATA_DEVCTL_HOB)
4582 {
4583 val &= ~ATA_DEVCTL_HOB;
4584 Log2(("%s: ignored setting HOB\n", __FUNCTION__));
4585 }
4586 ataHCAsyncIOPutRequest(pCtl, &g_ataResetCRequest);
4587#else /* !IN_RING3 */
4588 AssertMsgFailed(("RESET handling is too complicated for GC\n"));
4589#endif /* IN_RING3 */
4590 }
4591
4592 /* Change of interrupt disable flag. Update interrupt line if interrupt
4593 * is pending on the current interface. */
4594 if ( ((val ^ pCtl->aIfs[0].uATARegDevCtl) & ATA_DEVCTL_DISABLE_IRQ)
4595 && pCtl->aIfs[pCtl->iSelectedIf].fIrqPending)
4596 {
4597 if (!(val & ATA_DEVCTL_DISABLE_IRQ))
4598 {
4599 Log2(("%s: LUN#%d asserting IRQ (interrupt disable change)\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf].iLUN));
4600 /* The BMDMA unit unconditionally sets BM_STATUS_INT if the
4601 * interrupt line is asserted. It monitors the line for a rising
4602 * edge. */
4603 pCtl->BmDma.u8Status |= BM_STATUS_INT;
4604 if (pCtl->irq == 16)
4605 PDMDevHlpPCISetIrq(CONTROLLER_2_DEVINS(pCtl), 0, 1);
4606 else
4607 PDMDevHlpISASetIrq(CONTROLLER_2_DEVINS(pCtl), pCtl->irq, 1);
4608 }
4609 else
4610 {
4611 Log2(("%s: LUN#%d deasserting IRQ (interrupt disable change)\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf].iLUN));
4612 if (pCtl->irq == 16)
4613 PDMDevHlpPCISetIrq(CONTROLLER_2_DEVINS(pCtl), 0, 0);
4614 else
4615 PDMDevHlpISASetIrq(CONTROLLER_2_DEVINS(pCtl), pCtl->irq, 0);
4616 }
4617 }
4618
4619 if (val & ATA_DEVCTL_HOB)
4620 Log2(("%s: set HOB\n", __FUNCTION__));
4621
4622 pCtl->aIfs[0].uATARegDevCtl = val;
4623 pCtl->aIfs[1].uATARegDevCtl = val;
4624
4625 return VINF_SUCCESS;
4626}
4627
4628#if defined(IN_RING0) || defined(IN_RING3)
4629
4630static void ataHCPIOTransfer(PATACONTROLLER pCtl)
4631{
4632 ATADevState *s;
4633
4634 s = &pCtl->aIfs[pCtl->iAIOIf];
4635 Log3(("%s: if=%p\n", __FUNCTION__, s));
4636
4637 if (s->cbTotalTransfer && s->iIOBufferCur > s->iIOBufferEnd)
4638 {
4639# ifdef IN_RING3
4640 LogRel(("PIIX3 ATA: LUN#%d: %s data in the middle of a PIO transfer - VERY SLOW\n",
4641 s->iLUN, s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE ? "loading" : "storing"));
4642 /* Any guest OS that triggers this case has a pathetic ATA driver.
4643 * In a real system it would block the CPU via IORDY, here we do it
4644 * very similarly by not continuing with the current instruction
4645 * until the transfer to/from the storage medium is completed. */
4646 if (s->iSourceSink != ATAFN_SS_NULL)
4647 {
4648 bool fRedo;
4649 uint8_t status = s->uATARegStatus;
4650 ataSetStatusValue(s, ATA_STAT_BUSY);
4651 Log2(("%s: calling source/sink function\n", __FUNCTION__));
4652 fRedo = g_apfnSourceSinkFuncs[s->iSourceSink](s);
4653 pCtl->fRedo = fRedo;
4654 if (RT_UNLIKELY(fRedo))
4655 return;
4656 ataSetStatusValue(s, status);
4657 s->iIOBufferCur = 0;
4658 s->iIOBufferEnd = s->cbElementaryTransfer;
4659 }
4660# else
4661 AssertReleaseFailed();
4662# endif
4663 }
4664 if (s->cbTotalTransfer)
4665 {
4666 if (s->fATAPITransfer)
4667 ataHCPIOTransferLimitATAPI(s);
4668
4669 if (s->uTxDir == PDMMEDIATXDIR_TO_DEVICE && s->cbElementaryTransfer > s->cbTotalTransfer)
4670 s->cbElementaryTransfer = s->cbTotalTransfer;
4671
4672 Log2(("%s: %s tx_size=%d elem_tx_size=%d index=%d end=%d\n",
4673 __FUNCTION__, s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE ? "T2I" : "I2T",
4674 s->cbTotalTransfer, s->cbElementaryTransfer,
4675 s->iIOBufferCur, s->iIOBufferEnd));
4676 ataHCPIOTransferStart(s, s->iIOBufferCur, s->cbElementaryTransfer);
4677 s->cbTotalTransfer -= s->cbElementaryTransfer;
4678 s->iIOBufferCur += s->cbElementaryTransfer;
4679
4680 if (s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE && s->cbElementaryTransfer > s->cbTotalTransfer)
4681 s->cbElementaryTransfer = s->cbTotalTransfer;
4682 }
4683 else
4684 ataHCPIOTransferStop(s);
4685}
4686
4687
4688DECLINLINE(void) ataHCPIOTransferFinish(PATACONTROLLER pCtl, ATADevState *s)
4689{
4690 /* Do not interfere with RESET processing if the PIO transfer finishes
4691 * while the RESET line is asserted. */
4692 if (pCtl->fReset)
4693 {
4694 Log2(("%s: Ctl#%d: suppressed continuing PIO transfer as RESET is active\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
4695 return;
4696 }
4697
4698 if ( s->uTxDir == PDMMEDIATXDIR_TO_DEVICE
4699 || ( s->iSourceSink != ATAFN_SS_NULL
4700 && s->iIOBufferCur >= s->iIOBufferEnd))
4701 {
4702 /* Need to continue the transfer in the async I/O thread. This is
4703 * the case for write operations or generally for not yet finished
4704 * transfers (some data might need to be read). */
4705 ataUnsetStatus(s, ATA_STAT_READY | ATA_STAT_DRQ);
4706 ataSetStatus(s, ATA_STAT_BUSY);
4707
4708 Log2(("%s: Ctl#%d: message to async I/O thread, continuing PIO transfer\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
4709 ataHCAsyncIOPutRequest(pCtl, &g_ataPIORequest);
4710 }
4711 else
4712 {
4713 /* Either everything finished (though some data might still be pending)
4714 * or some data is pending before the next read is due. */
4715
4716 /* Continue a previously started transfer. */
4717 ataUnsetStatus(s, ATA_STAT_DRQ);
4718 ataSetStatus(s, ATA_STAT_READY);
4719
4720 if (s->cbTotalTransfer)
4721 {
4722 /* There is more to transfer, happens usually for large ATAPI
4723 * reads - the protocol limits the chunk size to 65534 bytes. */
4724 ataHCPIOTransfer(pCtl);
4725 ataHCSetIRQ(s);
4726 }
4727 else
4728 {
4729 Log2(("%s: Ctl#%d: skipping message to async I/O thread, ending PIO transfer\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
4730 /* Finish PIO transfer. */
4731 ataHCPIOTransfer(pCtl);
4732 Assert(!pCtl->fRedo);
4733 }
4734 }
4735}
4736
4737#endif /* IN_RING0 || IN_RING3 */
4738
4739/**
4740 * Fallback for ataCopyPioData124 that handles unaligned and out of bounds cases.
4741 *
4742 * @param pIf The device interface to work with.
4743 * @param pbDst The destination buffer.
4744 * @param pbSrc The source buffer.
4745 * @param cbCopy The number of bytes to copy, either 1, 2 or 4 bytes.
4746 */
4747DECL_NO_INLINE(static, void) ataCopyPioData124Slow(ATADevState *pIf, uint8_t *pbDst, const uint8_t *pbSrc, uint32_t cbCopy)
4748{
4749 uint32_t const offStart = pIf->iIOBufferPIODataStart;
4750 uint32_t const offNext = offStart + cbCopy;
4751
4752 if (offStart + cbCopy > pIf->cbIOBuffer)
4753 {
4754 Log(("%s: cbCopy=%#x offStart=%#x cbIOBuffer=%#x offNext=%#x (iIOBufferPIODataEnd=%#x)\n",
4755 __FUNCTION__, cbCopy, offStart, pIf->cbIOBuffer, offNext, pIf->iIOBufferPIODataEnd));
4756 if (offStart < pIf->cbIOBuffer)
4757 cbCopy = pIf->cbIOBuffer - offStart;
4758 else
4759 cbCopy = 0;
4760 }
4761
4762 switch (cbCopy)
4763 {
4764 case 4: pbDst[3] = pbSrc[3]; /* fall thru */
4765 case 3: pbDst[2] = pbSrc[2]; /* fall thru */
4766 case 2: pbDst[1] = pbSrc[1]; /* fall thru */
4767 case 1: pbDst[0] = pbSrc[0]; /* fall thru */
4768 case 0: break;
4769 default: AssertFailed(); /* impossible */
4770 }
4771
4772 pIf->iIOBufferPIODataStart = offNext;
4773
4774}
4775
4776
4777/**
4778 * Work for ataDataWrite & ataDataRead that copies data without using memcpy.
4779 *
4780 * This also updates pIf->iIOBufferPIODataStart.
4781 *
4782 * The two buffers are either stack (32-bit aligned) or somewhere within
4783 * pIf->pbIOBuffer.
4784 *
4785 * @param pIf The device interface to work with.
4786 * @param pbDst The destination buffer.
4787 * @param pbSrc The source buffer.
4788 * @param cbCopy The number of bytes to copy, either 1, 2 or 4 bytes.
4789 */
4790DECLINLINE(void) ataCopyPioData124(ATADevState *pIf, uint8_t *pbDst, const uint8_t *pbSrc, uint32_t cbCopy)
4791{
4792 /*
4793 * Quick bounds checking can be done by checking that the pbIOBuffer offset
4794 * (iIOBufferPIODataStart) is aligned at the transfer size (which is ASSUMED
4795 * to be 1, 2 or 4). However, since we're paranoid and don't currently
4796 * trust iIOBufferPIODataEnd to be within bounds, we current check against the
4797 * IO buffer size too.
4798 */
4799 Assert(cbCopy == 1 || cbCopy == 2 || cbCopy == 4);
4800 uint32_t const offStart = pIf->iIOBufferPIODataStart;
4801 if (RT_LIKELY( !(offStart & (cbCopy - 1))
4802 && offStart + cbCopy <= pIf->cbIOBuffer))
4803 {
4804 switch (cbCopy)
4805 {
4806 case 4: *(uint32_t *)pbDst = *(uint32_t const *)pbSrc; break;
4807 case 2: *(uint16_t *)pbDst = *(uint16_t const *)pbSrc; break;
4808 case 1: *pbDst = *pbSrc; break;
4809 }
4810 pIf->iIOBufferPIODataStart = offStart + cbCopy;
4811 }
4812 else
4813 ataCopyPioData124Slow(pIf, pbDst, pbSrc, cbCopy);
4814}
4815
4816
4817/**
4818 * Port I/O Handler for primary port range OUT operations.
4819 * @see FNIOMIOPORTOUT for details.
4820 */
4821PDMBOTHCBDECL(int) ataIOPortWrite1Data(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t u32, unsigned cb)
4822{
4823 uint32_t i = (uint32_t)(uintptr_t)pvUser;
4824 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
4825 PATACONTROLLER pCtl = &pThis->aCts[i];
4826 RT_NOREF1(Port);
4827
4828 Assert(i < 2);
4829 Assert(Port == pCtl->IOPortBase1);
4830 Assert(cb == 2 || cb == 4); /* Writes to the data port may be 16-bit or 32-bit. */
4831
4832 int rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_WRITE);
4833 if (rc == VINF_SUCCESS)
4834 {
4835 ATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
4836
4837 if (s->iIOBufferPIODataStart < s->iIOBufferPIODataEnd)
4838 {
4839 Assert(s->uTxDir == PDMMEDIATXDIR_TO_DEVICE);
4840 uint8_t *pbDst = s->CTX_SUFF(pbIOBuffer) + s->iIOBufferPIODataStart;
4841 uint8_t const *pbSrc = (uint8_t const *)&u32;
4842
4843#ifdef IN_RC
4844 /* Raw-mode: The ataHCPIOTransfer following the last transfer unit
4845 requires I/O thread signalling, we must go to ring-3 for that. */
4846 if (s->iIOBufferPIODataStart + cb < s->iIOBufferPIODataEnd)
4847 ataCopyPioData124(s, pbDst, pbSrc, cb);
4848 else
4849 rc = VINF_IOM_R3_IOPORT_WRITE;
4850
4851#elif defined(IN_RING0)
4852 /* Ring-0: We can do I/O thread signalling here, however for paranoid reasons
4853 triggered by a special case in ataHCPIOTransferFinish, we take extra care here. */
4854 if (s->iIOBufferPIODataStart + cb < s->iIOBufferPIODataEnd)
4855 ataCopyPioData124(s, pbDst, pbSrc, cb);
4856 else if (s->uTxDir == PDMMEDIATXDIR_TO_DEVICE) /* paranoia */
4857 {
4858 ataCopyPioData124(s, pbDst, pbSrc, cb);
4859 ataHCPIOTransferFinish(pCtl, s);
4860 }
4861 else
4862 {
4863 Log(("%s: Unexpected\n",__FUNCTION__));
4864 rc = VINF_IOM_R3_IOPORT_WRITE;
4865 }
4866
4867#else /* IN_RING 3*/
4868 ataCopyPioData124(s, pbDst, pbSrc, cb);
4869 if (s->iIOBufferPIODataStart >= s->iIOBufferPIODataEnd)
4870 ataHCPIOTransferFinish(pCtl, s);
4871#endif /* IN_RING 3*/
4872 }
4873 else
4874 Log2(("%s: DUMMY data\n", __FUNCTION__));
4875
4876 Log3(("%s: addr=%#x val=%.*Rhxs rc=%d\n", __FUNCTION__, Port, cb, &u32, rc));
4877 PDMCritSectLeave(&pCtl->lock);
4878 }
4879 else
4880 Log3(("%s: addr=%#x -> %d\n", __FUNCTION__, Port, rc));
4881 return rc;
4882}
4883
4884
4885/**
4886 * Port I/O Handler for primary port range IN operations.
4887 * @see FNIOMIOPORTIN for details.
4888 */
4889PDMBOTHCBDECL(int) ataIOPortRead1Data(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t *pu32, unsigned cb)
4890{
4891 uint32_t i = (uint32_t)(uintptr_t)pvUser;
4892 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
4893 PATACONTROLLER pCtl = &pThis->aCts[i];
4894 RT_NOREF1(Port);
4895
4896 Assert(i < 2);
4897 Assert(Port == pCtl->IOPortBase1);
4898
4899 /* Reads from the data register may be 16-bit or 32-bit. Byte accesses are
4900 upgraded to word. */
4901 Assert(cb == 1 || cb == 2 || cb == 4);
4902 uint32_t cbActual = cb != 1 ? cb : 2;
4903 *pu32 = 0;
4904
4905 int rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_READ);
4906 if (rc == VINF_SUCCESS)
4907 {
4908 ATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
4909
4910 if (s->iIOBufferPIODataStart < s->iIOBufferPIODataEnd)
4911 {
4912 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
4913 uint8_t const *pbSrc = s->CTX_SUFF(pbIOBuffer) + s->iIOBufferPIODataStart;
4914 uint8_t *pbDst = (uint8_t *)pu32;
4915
4916#ifdef IN_RC
4917 /* All but the last transfer unit is simple enough for RC, but
4918 * sending a request to the async IO thread is too complicated. */
4919 if (s->iIOBufferPIODataStart + cbActual < s->iIOBufferPIODataEnd)
4920 ataCopyPioData124(s, pbDst, pbSrc, cbActual);
4921 else
4922 rc = VINF_IOM_R3_IOPORT_READ;
4923
4924#elif defined(IN_RING0)
4925 /* Ring-0: We can do I/O thread signalling here. However there is one
4926 case in ataHCPIOTransfer that does a LogRel and would (but not from
4927 here) call directly into the driver code. We detect that odd case
4928 here cand return to ring-3 to handle it. */
4929 if (s->iIOBufferPIODataStart + cbActual < s->iIOBufferPIODataEnd)
4930 ataCopyPioData124(s, pbDst, pbSrc, cbActual);
4931 else if ( s->cbTotalTransfer == 0
4932 || s->iSourceSink != ATAFN_SS_NULL
4933 || s->iIOBufferCur <= s->iIOBufferEnd)
4934 {
4935 ataCopyPioData124(s, pbDst, pbSrc, cbActual);
4936 ataHCPIOTransferFinish(pCtl, s);
4937 }
4938 else
4939 {
4940 Log(("%s: Unexpected\n",__FUNCTION__));
4941 rc = VINF_IOM_R3_IOPORT_READ;
4942 }
4943
4944#else /* IN_RING3 */
4945 ataCopyPioData124(s, pbDst, pbSrc, cbActual);
4946 if (s->iIOBufferPIODataStart >= s->iIOBufferPIODataEnd)
4947 ataHCPIOTransferFinish(pCtl, s);
4948#endif /* IN_RING3 */
4949
4950 /* Just to be on the safe side (caller takes care of this, really). */
4951 if (cb == 1)
4952 *pu32 &= 0xff;
4953 }
4954 else
4955 {
4956 Log2(("%s: DUMMY data\n", __FUNCTION__));
4957 memset(pu32, 0xff, cb);
4958 }
4959 Log3(("%s: addr=%#x val=%.*Rhxs rc=%d\n", __FUNCTION__, Port, cb, pu32, rc));
4960
4961 PDMCritSectLeave(&pCtl->lock);
4962 }
4963 else
4964 Log3(("%s: addr=%#x -> %d\n", __FUNCTION__, Port, rc));
4965
4966 return rc;
4967}
4968
4969
4970/**
4971 * Port I/O Handler for primary port range IN string operations.
4972 * @see FNIOMIOPORTINSTRING for details.
4973 */
4974PDMBOTHCBDECL(int) ataIOPortReadStr1Data(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint8_t *pbDst,
4975 uint32_t *pcTransfers, unsigned cb)
4976{
4977 uint32_t i = (uint32_t)(uintptr_t)pvUser;
4978 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
4979 PATACONTROLLER pCtl = &pThis->aCts[i];
4980 RT_NOREF1(Port);
4981
4982 Assert(i < 2);
4983 Assert(Port == pCtl->IOPortBase1);
4984 Assert(*pcTransfers > 0);
4985
4986 int rc;
4987 if (cb == 2 || cb == 4)
4988 {
4989 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_READ);
4990 if (rc == VINF_SUCCESS)
4991 {
4992 ATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
4993
4994 uint32_t const offStart = s->iIOBufferPIODataStart;
4995 if (offStart < s->iIOBufferPIODataEnd)
4996 {
4997 /*
4998 * Figure how much we can copy. Usually it's the same as the request.
4999 * The last transfer unit cannot be handled in RC, as it involves
5000 * thread communication. In R0 we let the non-string callback handle it,
5001 * and ditto for overflows/dummy data.
5002 */
5003 uint32_t cAvailable = (s->iIOBufferPIODataEnd - offStart) / cb;
5004#ifndef IN_RING3
5005 if (cAvailable > 0)
5006 cAvailable--;
5007#endif
5008 uint32_t const cRequested = *pcTransfers;
5009 if (cAvailable > cRequested)
5010 cAvailable = cRequested;
5011 uint32_t const cbTransfer = cAvailable * cb;
5012 if ( offStart + cbTransfer <= s->cbIOBuffer
5013 && cbTransfer > 0)
5014 {
5015 /*
5016 * Do the transfer.
5017 */
5018 uint8_t const *pbSrc = s->CTX_SUFF(pbIOBuffer) + offStart;
5019 memcpy(pbDst, pbSrc, cbTransfer);
5020 Log3(("%s: addr=%#x cb=%#x cbTransfer=%#x val=%.*Rhxd\n",
5021 __FUNCTION__, Port, cb, cbTransfer, cbTransfer, pbSrc));
5022 s->iIOBufferPIODataStart = offStart + cbTransfer;
5023
5024#ifdef IN_RING3
5025 if (s->iIOBufferPIODataStart >= s->iIOBufferPIODataEnd)
5026 ataHCPIOTransferFinish(pCtl, s);
5027#endif
5028 *pcTransfers = cRequested - cAvailable;
5029 }
5030 else
5031 Log2(("ataIOPortReadStr1Data: DUMMY/Overflow!\n"));
5032 }
5033 else
5034 {
5035 /*
5036 * Dummy read (shouldn't happen) return 0xff like the non-string handler.
5037 */
5038 Log2(("ataIOPortReadStr1Data: DUMMY data (%#x bytes)\n", *pcTransfers * cb));
5039 memset(pbDst, 0xff, *pcTransfers * cb);
5040 *pcTransfers = 0;
5041 }
5042
5043 PDMCritSectLeave(&pCtl->lock);
5044 }
5045 }
5046 /*
5047 * Let the non-string I/O callback handle 1 byte reads.
5048 */
5049 else
5050 {
5051 Log2(("ataIOPortReadStr1Data: 1 byte read (%#x transfers)\n", *pcTransfers));
5052 AssertFailed();
5053 rc = VINF_SUCCESS;
5054 }
5055 return rc;
5056}
5057
5058
5059/**
5060 * Port I/O Handler for primary port range OUT string operations.
5061 * @see FNIOMIOPORTOUTSTRING for details.
5062 */
5063PDMBOTHCBDECL(int) ataIOPortWriteStr1Data(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint8_t const *pbSrc,
5064 uint32_t *pcTransfers, unsigned cb)
5065{
5066 uint32_t i = (uint32_t)(uintptr_t)pvUser;
5067 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
5068 PATACONTROLLER pCtl = &pThis->aCts[i];
5069 RT_NOREF1(Port);
5070
5071 Assert(i < 2);
5072 Assert(Port == pCtl->IOPortBase1);
5073 Assert(*pcTransfers > 0);
5074
5075 int rc;
5076 if (cb == 2 || cb == 4)
5077 {
5078 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_WRITE);
5079 if (rc == VINF_SUCCESS)
5080 {
5081 ATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
5082
5083 uint32_t const offStart = s->iIOBufferPIODataStart;
5084 if (offStart < s->iIOBufferPIODataEnd)
5085 {
5086 /*
5087 * Figure how much we can copy. Usually it's the same as the request.
5088 * The last transfer unit cannot be handled in RC, as it involves
5089 * thread communication. In R0 we let the non-string callback handle it,
5090 * and ditto for overflows/dummy data.
5091 */
5092 uint32_t cAvailable = (s->iIOBufferPIODataEnd - offStart) / cb;
5093#ifndef IN_RING3
5094 if (cAvailable)
5095 cAvailable--;
5096#endif
5097 uint32_t const cRequested = *pcTransfers;
5098 if (cAvailable > cRequested)
5099 cAvailable = cRequested;
5100 uint32_t const cbTransfer = cAvailable * cb;
5101 if ( offStart + cbTransfer <= s->cbIOBuffer
5102 && cbTransfer)
5103 {
5104 /*
5105 * Do the transfer.
5106 */
5107 void *pvDst = s->CTX_SUFF(pbIOBuffer) + offStart;
5108 memcpy(pvDst, pbSrc, cbTransfer);
5109 Log3(("%s: addr=%#x val=%.*Rhxs\n", __FUNCTION__, Port, cbTransfer, pvDst));
5110 s->iIOBufferPIODataStart = offStart + cbTransfer;
5111
5112#ifdef IN_RING3
5113 if (s->iIOBufferPIODataStart >= s->iIOBufferPIODataEnd)
5114 ataHCPIOTransferFinish(pCtl, s);
5115#endif
5116 *pcTransfers = cRequested - cAvailable;
5117 }
5118 else
5119 Log2(("ataIOPortWriteStr1Data: DUMMY/Overflow!\n"));
5120 }
5121 else
5122 {
5123 Log2(("ataIOPortWriteStr1Data: DUMMY data (%#x bytes)\n", *pcTransfers * cb));
5124 *pcTransfers = 0;
5125 }
5126
5127 PDMCritSectLeave(&pCtl->lock);
5128 }
5129 }
5130 /*
5131 * Let the non-string I/O callback handle 1 byte reads.
5132 */
5133 else
5134 {
5135 Log2(("ataIOPortWriteStr1Data: 1 byte write (%#x transfers)\n", *pcTransfers));
5136 AssertFailed();
5137 rc = VINF_SUCCESS;
5138 }
5139
5140 return rc;
5141}
5142
5143
5144#ifdef IN_RING3
5145
5146static void ataR3DMATransferStop(ATADevState *s)
5147{
5148 s->cbTotalTransfer = 0;
5149 s->cbElementaryTransfer = 0;
5150 s->iBeginTransfer = ATAFN_BT_NULL;
5151 s->iSourceSink = ATAFN_SS_NULL;
5152}
5153
5154
5155/**
5156 * Perform the entire DMA transfer in one go (unless a source/sink operation
5157 * has to be redone or a RESET comes in between). Unlike the PIO counterpart
5158 * this function cannot handle empty transfers.
5159 *
5160 * @param pCtl Controller for which to perform the transfer.
5161 */
5162static void ataR3DMATransfer(PATACONTROLLER pCtl)
5163{
5164 PPDMDEVINS pDevIns = CONTROLLER_2_DEVINS(pCtl);
5165 ATADevState *s = &pCtl->aIfs[pCtl->iAIOIf];
5166 bool fRedo;
5167 RTGCPHYS32 GCPhysDesc;
5168 uint32_t cbTotalTransfer, cbElementaryTransfer;
5169 uint32_t iIOBufferCur, iIOBufferEnd;
5170 PDMMEDIATXDIR uTxDir;
5171 bool fLastDesc = false;
5172
5173 Assert(sizeof(BMDMADesc) == 8);
5174
5175 fRedo = pCtl->fRedo;
5176 if (RT_LIKELY(!fRedo))
5177 Assert(s->cbTotalTransfer);
5178 uTxDir = (PDMMEDIATXDIR)s->uTxDir;
5179 cbTotalTransfer = s->cbTotalTransfer;
5180 cbElementaryTransfer = s->cbElementaryTransfer;
5181 iIOBufferCur = s->iIOBufferCur;
5182 iIOBufferEnd = s->iIOBufferEnd;
5183
5184 /* The DMA loop is designed to hold the lock only when absolutely
5185 * necessary. This avoids long freezes should the guest access the
5186 * ATA registers etc. for some reason. */
5187 ataR3LockLeave(pCtl);
5188
5189 Log2(("%s: %s tx_size=%d elem_tx_size=%d index=%d end=%d\n",
5190 __FUNCTION__, uTxDir == PDMMEDIATXDIR_FROM_DEVICE ? "T2I" : "I2T",
5191 cbTotalTransfer, cbElementaryTransfer,
5192 iIOBufferCur, iIOBufferEnd));
5193 for (GCPhysDesc = pCtl->GCPhysFirstDMADesc;
5194 GCPhysDesc <= pCtl->GCPhysLastDMADesc;
5195 GCPhysDesc += sizeof(BMDMADesc))
5196 {
5197 BMDMADesc DMADesc;
5198 RTGCPHYS32 GCPhysBuffer;
5199 uint32_t cbBuffer;
5200
5201 if (RT_UNLIKELY(fRedo))
5202 {
5203 GCPhysBuffer = pCtl->GCPhysRedoDMABuffer;
5204 cbBuffer = pCtl->cbRedoDMABuffer;
5205 fLastDesc = pCtl->fRedoDMALastDesc;
5206 DMADesc.GCPhysBuffer = DMADesc.cbBuffer = 0; /* Shut up MSC. */
5207 }
5208 else
5209 {
5210 PDMDevHlpPhysRead(pDevIns, GCPhysDesc, &DMADesc, sizeof(BMDMADesc));
5211 GCPhysBuffer = RT_LE2H_U32(DMADesc.GCPhysBuffer);
5212 cbBuffer = RT_LE2H_U32(DMADesc.cbBuffer);
5213 fLastDesc = !!(cbBuffer & 0x80000000);
5214 cbBuffer &= 0xfffe;
5215 if (cbBuffer == 0)
5216 cbBuffer = 0x10000;
5217 if (cbBuffer > cbTotalTransfer)
5218 cbBuffer = cbTotalTransfer;
5219 }
5220
5221 while (RT_UNLIKELY(fRedo) || (cbBuffer && cbTotalTransfer))
5222 {
5223 if (RT_LIKELY(!fRedo))
5224 {
5225 uint32_t cbXfer = RT_MIN(cbBuffer, iIOBufferEnd - iIOBufferCur);
5226 Log2(("%s: DMA desc %#010x: addr=%#010x size=%#010x orig_size=%#010x\n", __FUNCTION__,
5227 (int)GCPhysDesc, GCPhysBuffer, cbBuffer, RT_LE2H_U32(DMADesc.cbBuffer) & 0xfffe));
5228
5229 if (uTxDir == PDMMEDIATXDIR_FROM_DEVICE)
5230 PDMDevHlpPCIPhysWrite(pDevIns, GCPhysBuffer, s->CTX_SUFF(pbIOBuffer) + iIOBufferCur, cbXfer);
5231 else
5232 PDMDevHlpPCIPhysRead(pDevIns, GCPhysBuffer, s->CTX_SUFF(pbIOBuffer) + iIOBufferCur, cbXfer);
5233
5234 iIOBufferCur += cbXfer;
5235 cbTotalTransfer -= cbXfer;
5236 cbBuffer -= cbXfer;
5237 GCPhysBuffer += cbXfer;
5238 }
5239 if ( iIOBufferCur == iIOBufferEnd
5240 && (uTxDir == PDMMEDIATXDIR_TO_DEVICE || cbTotalTransfer))
5241 {
5242 if (uTxDir == PDMMEDIATXDIR_FROM_DEVICE && cbElementaryTransfer > cbTotalTransfer)
5243 cbElementaryTransfer = cbTotalTransfer;
5244
5245 ataR3LockEnter(pCtl);
5246
5247 /* The RESET handler could have cleared the DMA transfer
5248 * state (since we didn't hold the lock until just now
5249 * the guest can continue in parallel). If so, the state
5250 * is already set up so the loop is exited immediately. */
5251 if (s->iSourceSink != ATAFN_SS_NULL)
5252 {
5253 s->iIOBufferCur = iIOBufferCur;
5254 s->iIOBufferEnd = iIOBufferEnd;
5255 s->cbElementaryTransfer = cbElementaryTransfer;
5256 s->cbTotalTransfer = cbTotalTransfer;
5257 Log2(("%s: calling source/sink function\n", __FUNCTION__));
5258 fRedo = g_apfnSourceSinkFuncs[s->iSourceSink](s);
5259 if (RT_UNLIKELY(fRedo))
5260 {
5261 pCtl->GCPhysFirstDMADesc = GCPhysDesc;
5262 pCtl->GCPhysRedoDMABuffer = GCPhysBuffer;
5263 pCtl->cbRedoDMABuffer = cbBuffer;
5264 pCtl->fRedoDMALastDesc = fLastDesc;
5265 }
5266 else
5267 {
5268 cbTotalTransfer = s->cbTotalTransfer;
5269 cbElementaryTransfer = s->cbElementaryTransfer;
5270
5271 if (uTxDir == PDMMEDIATXDIR_TO_DEVICE && cbElementaryTransfer > cbTotalTransfer)
5272 cbElementaryTransfer = cbTotalTransfer;
5273 iIOBufferCur = 0;
5274 iIOBufferEnd = cbElementaryTransfer;
5275 }
5276 pCtl->fRedo = fRedo;
5277 }
5278 else
5279 {
5280 /* This forces the loop to exit immediately. */
5281 GCPhysDesc = pCtl->GCPhysLastDMADesc + 1;
5282 }
5283
5284 ataR3LockLeave(pCtl);
5285 if (RT_UNLIKELY(fRedo))
5286 break;
5287 }
5288 }
5289
5290 if (RT_UNLIKELY(fRedo))
5291 break;
5292
5293 /* end of transfer */
5294 if (!cbTotalTransfer || fLastDesc)
5295 break;
5296
5297 ataR3LockEnter(pCtl);
5298
5299 if (!(pCtl->BmDma.u8Cmd & BM_CMD_START) || pCtl->fReset)
5300 {
5301 LogRel(("PIIX3 ATA: Ctl#%d: ABORT DMA%s\n", ATACONTROLLER_IDX(pCtl), pCtl->fReset ? " due to RESET" : ""));
5302 if (!pCtl->fReset)
5303 ataR3DMATransferStop(s);
5304 /* This forces the loop to exit immediately. */
5305 GCPhysDesc = pCtl->GCPhysLastDMADesc + 1;
5306 }
5307
5308 ataR3LockLeave(pCtl);
5309 }
5310
5311 ataR3LockEnter(pCtl);
5312 if (RT_UNLIKELY(fRedo))
5313 return;
5314
5315 if (fLastDesc)
5316 pCtl->BmDma.u8Status &= ~BM_STATUS_DMAING;
5317 s->cbTotalTransfer = cbTotalTransfer;
5318 s->cbElementaryTransfer = cbElementaryTransfer;
5319 s->iIOBufferCur = iIOBufferCur;
5320 s->iIOBufferEnd = iIOBufferEnd;
5321}
5322
5323/**
5324 * Signal PDM that we're idle (if we actually are).
5325 *
5326 * @param pCtl The controller.
5327 */
5328static void ataR3AsyncSignalIdle(PATACONTROLLER pCtl)
5329{
5330 /*
5331 * Take the lock here and recheck the idle indicator to avoid
5332 * unnecessary work and racing ataR3WaitForAsyncIOIsIdle.
5333 */
5334 int rc = PDMCritSectEnter(&pCtl->AsyncIORequestLock, VINF_SUCCESS);
5335 AssertRC(rc);
5336
5337 if ( pCtl->fSignalIdle
5338 && ataR3AsyncIOIsIdle(pCtl, false /*fStrict*/))
5339 {
5340 PDMDevHlpAsyncNotificationCompleted(pCtl->pDevInsR3);
5341 RTThreadUserSignal(pCtl->AsyncIOThread); /* for ataR3Construct/ataR3ResetCommon. */
5342 }
5343
5344 rc = PDMCritSectLeave(&pCtl->AsyncIORequestLock);
5345 AssertRC(rc);
5346}
5347
5348/**
5349 * Async I/O thread for an interface.
5350 *
5351 * Once upon a time this was readable code with several loops and a different
5352 * semaphore for each purpose. But then came the "how can one save the state in
5353 * the middle of a PIO transfer" question. The solution was to use an ASM,
5354 * which is what's there now.
5355 */
5356static DECLCALLBACK(int) ataR3AsyncIOThread(RTTHREAD hThreadSelf, void *pvUser)
5357{
5358 RT_NOREF1(hThreadSelf);
5359 const ATARequest *pReq;
5360 uint64_t u64TS = 0; /* shut up gcc */
5361 uint64_t uWait;
5362 int rc = VINF_SUCCESS;
5363 PATACONTROLLER pCtl = (PATACONTROLLER)pvUser;
5364 ATADevState *s;
5365
5366 pReq = NULL;
5367 pCtl->fChainedTransfer = false;
5368 while (!pCtl->fShutdown)
5369 {
5370 /* Keep this thread from doing anything as long as EMT is suspended. */
5371 while (pCtl->fRedoIdle)
5372 {
5373 if (pCtl->fSignalIdle)
5374 ataR3AsyncSignalIdle(pCtl);
5375 rc = RTSemEventWait(pCtl->SuspendIOSem, RT_INDEFINITE_WAIT);
5376 /* Continue if we got a signal by RTThreadPoke().
5377 * We will get notified if there is a request to process.
5378 */
5379 if (RT_UNLIKELY(rc == VERR_INTERRUPTED))
5380 continue;
5381 if (RT_FAILURE(rc) || pCtl->fShutdown)
5382 break;
5383
5384 pCtl->fRedoIdle = false;
5385 }
5386
5387 /* Wait for work. */
5388 while (pReq == NULL)
5389 {
5390 if (pCtl->fSignalIdle)
5391 ataR3AsyncSignalIdle(pCtl);
5392 rc = SUPSemEventWaitNoResume(pCtl->pSupDrvSession, pCtl->hAsyncIOSem, RT_INDEFINITE_WAIT);
5393 /* Continue if we got a signal by RTThreadPoke().
5394 * We will get notified if there is a request to process.
5395 */
5396 if (RT_UNLIKELY(rc == VERR_INTERRUPTED))
5397 continue;
5398 if (RT_FAILURE(rc) || RT_UNLIKELY(pCtl->fShutdown))
5399 break;
5400
5401 pReq = ataR3AsyncIOGetCurrentRequest(pCtl);
5402 }
5403
5404 if (RT_FAILURE(rc) || pCtl->fShutdown)
5405 break;
5406
5407 if (pReq == NULL)
5408 continue;
5409
5410 ATAAIO ReqType = pReq->ReqType;
5411
5412 Log2(("%s: Ctl#%d: state=%d, req=%d\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl), pCtl->uAsyncIOState, ReqType));
5413 if (pCtl->uAsyncIOState != ReqType)
5414 {
5415 /* The new state is not the state that was expected by the normal
5416 * state changes. This is either a RESET/ABORT or there's something
5417 * really strange going on. */
5418 if ( (pCtl->uAsyncIOState == ATA_AIO_PIO || pCtl->uAsyncIOState == ATA_AIO_DMA)
5419 && (ReqType == ATA_AIO_PIO || ReqType == ATA_AIO_DMA))
5420 {
5421 /* Incorrect sequence of PIO/DMA states. Dump request queue. */
5422 ataR3AsyncIODumpRequests(pCtl);
5423 }
5424 AssertReleaseMsg( ReqType == ATA_AIO_RESET_ASSERTED
5425 || ReqType == ATA_AIO_RESET_CLEARED
5426 || ReqType == ATA_AIO_ABORT
5427 || pCtl->uAsyncIOState == ReqType,
5428 ("I/O state inconsistent: state=%d request=%d\n", pCtl->uAsyncIOState, ReqType));
5429 }
5430
5431 /* Do our work. */
5432 ataR3LockEnter(pCtl);
5433
5434 if (pCtl->uAsyncIOState == ATA_AIO_NEW && !pCtl->fChainedTransfer)
5435 {
5436 u64TS = RTTimeNanoTS();
5437#if defined(DEBUG) || defined(VBOX_WITH_STATISTICS)
5438 STAM_PROFILE_ADV_START(&pCtl->StatAsyncTime, a);
5439#endif
5440 }
5441
5442 switch (ReqType)
5443 {
5444 case ATA_AIO_NEW:
5445
5446 pCtl->iAIOIf = pReq->u.t.iIf;
5447 s = &pCtl->aIfs[pCtl->iAIOIf];
5448 s->cbTotalTransfer = pReq->u.t.cbTotalTransfer;
5449 s->uTxDir = pReq->u.t.uTxDir;
5450 s->iBeginTransfer = pReq->u.t.iBeginTransfer;
5451 s->iSourceSink = pReq->u.t.iSourceSink;
5452 s->iIOBufferEnd = 0;
5453 s->u64CmdTS = u64TS;
5454
5455 if (s->fATAPI)
5456 {
5457 if (pCtl->fChainedTransfer)
5458 {
5459 /* Only count the actual transfers, not the PIO
5460 * transfer of the ATAPI command bytes. */
5461 if (s->fDMA)
5462 STAM_REL_COUNTER_INC(&s->StatATAPIDMA);
5463 else
5464 STAM_REL_COUNTER_INC(&s->StatATAPIPIO);
5465 }
5466 }
5467 else
5468 {
5469 if (s->fDMA)
5470 STAM_REL_COUNTER_INC(&s->StatATADMA);
5471 else
5472 STAM_REL_COUNTER_INC(&s->StatATAPIO);
5473 }
5474
5475 pCtl->fChainedTransfer = false;
5476
5477 if (s->iBeginTransfer != ATAFN_BT_NULL)
5478 {
5479 Log2(("%s: Ctl#%d: calling begin transfer function\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
5480 g_apfnBeginTransFuncs[s->iBeginTransfer](s);
5481 s->iBeginTransfer = ATAFN_BT_NULL;
5482 if (s->uTxDir != PDMMEDIATXDIR_FROM_DEVICE)
5483 s->iIOBufferEnd = s->cbElementaryTransfer;
5484 }
5485 else
5486 {
5487 s->cbElementaryTransfer = s->cbTotalTransfer;
5488 s->iIOBufferEnd = s->cbTotalTransfer;
5489 }
5490 s->iIOBufferCur = 0;
5491
5492 if (s->uTxDir != PDMMEDIATXDIR_TO_DEVICE)
5493 {
5494 if (s->iSourceSink != ATAFN_SS_NULL)
5495 {
5496 bool fRedo;
5497 Log2(("%s: Ctl#%d: calling source/sink function\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
5498 fRedo = g_apfnSourceSinkFuncs[s->iSourceSink](s);
5499 pCtl->fRedo = fRedo;
5500 if (RT_UNLIKELY(fRedo && !pCtl->fReset))
5501 {
5502 /* Operation failed at the initial transfer, restart
5503 * everything from scratch by resending the current
5504 * request. Occurs very rarely, not worth optimizing. */
5505 LogRel(("%s: Ctl#%d: redo entire operation\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
5506 ataHCAsyncIOPutRequest(pCtl, pReq);
5507 break;
5508 }
5509 }
5510 else
5511 ataR3CmdOK(s, 0);
5512 s->iIOBufferEnd = s->cbElementaryTransfer;
5513
5514 }
5515
5516 /* Do not go into the transfer phase if RESET is asserted.
5517 * The CritSect is released while waiting for the host OS
5518 * to finish the I/O, thus RESET is possible here. Most
5519 * important: do not change uAsyncIOState. */
5520 if (pCtl->fReset)
5521 break;
5522
5523 if (s->fDMA)
5524 {
5525 if (s->cbTotalTransfer)
5526 {
5527 ataSetStatus(s, ATA_STAT_DRQ);
5528
5529 pCtl->uAsyncIOState = ATA_AIO_DMA;
5530 /* If BMDMA is already started, do the transfer now. */
5531 if (pCtl->BmDma.u8Cmd & BM_CMD_START)
5532 {
5533 Log2(("%s: Ctl#%d: message to async I/O thread, continuing DMA transfer immediately\n",
5534 __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
5535 ataHCAsyncIOPutRequest(pCtl, &g_ataDMARequest);
5536 }
5537 }
5538 else
5539 {
5540 Assert(s->uTxDir == PDMMEDIATXDIR_NONE); /* Any transfer which has an initial transfer size of 0 must be marked as such. */
5541 /* Finish DMA transfer. */
5542 ataR3DMATransferStop(s);
5543 ataHCSetIRQ(s);
5544 pCtl->uAsyncIOState = ATA_AIO_NEW;
5545 }
5546 }
5547 else
5548 {
5549 if (s->cbTotalTransfer)
5550 {
5551 ataHCPIOTransfer(pCtl);
5552 Assert(!pCtl->fRedo);
5553 if (s->fATAPITransfer || s->uTxDir != PDMMEDIATXDIR_TO_DEVICE)
5554 ataHCSetIRQ(s);
5555
5556 if (s->uTxDir == PDMMEDIATXDIR_TO_DEVICE || s->iSourceSink != ATAFN_SS_NULL)
5557 {
5558 /* Write operations and not yet finished transfers
5559 * must be completed in the async I/O thread. */
5560 pCtl->uAsyncIOState = ATA_AIO_PIO;
5561 }
5562 else
5563 {
5564 /* Finished read operation can be handled inline
5565 * in the end of PIO transfer handling code. Linux
5566 * depends on this, as it waits only briefly for
5567 * devices to become ready after incoming data
5568 * transfer. Cannot find anything in the ATA spec
5569 * that backs this assumption, but as all kernels
5570 * are affected (though most of the time it does
5571 * not cause any harm) this must work. */
5572 pCtl->uAsyncIOState = ATA_AIO_NEW;
5573 }
5574 }
5575 else
5576 {
5577 Assert(s->uTxDir == PDMMEDIATXDIR_NONE); /* Any transfer which has an initial transfer size of 0 must be marked as such. */
5578 /* Finish PIO transfer. */
5579 ataHCPIOTransfer(pCtl);
5580 Assert(!pCtl->fRedo);
5581 if (!s->fATAPITransfer)
5582 ataHCSetIRQ(s);
5583 pCtl->uAsyncIOState = ATA_AIO_NEW;
5584 }
5585 }
5586 break;
5587
5588 case ATA_AIO_DMA:
5589 {
5590 BMDMAState *bm = &pCtl->BmDma;
5591 s = &pCtl->aIfs[pCtl->iAIOIf]; /* Do not remove or there's an instant crash after loading the saved state */
5592 ATAFNSS iOriginalSourceSink = (ATAFNSS)s->iSourceSink; /* Used by the hack below, but gets reset by then. */
5593
5594 if (s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE)
5595 AssertRelease(bm->u8Cmd & BM_CMD_WRITE);
5596 else
5597 AssertRelease(!(bm->u8Cmd & BM_CMD_WRITE));
5598
5599 if (RT_LIKELY(!pCtl->fRedo))
5600 {
5601 /* The specs say that the descriptor table must not cross a
5602 * 4K boundary. */
5603 pCtl->GCPhysFirstDMADesc = bm->GCPhysAddr;
5604 pCtl->GCPhysLastDMADesc = RT_ALIGN_32(bm->GCPhysAddr + 1, _4K) - sizeof(BMDMADesc);
5605 }
5606 ataR3DMATransfer(pCtl);
5607
5608 if (RT_UNLIKELY(pCtl->fRedo && !pCtl->fReset))
5609 {
5610 LogRel(("PIIX3 ATA: Ctl#%d: redo DMA operation\n", ATACONTROLLER_IDX(pCtl)));
5611 ataHCAsyncIOPutRequest(pCtl, &g_ataDMARequest);
5612 break;
5613 }
5614
5615 /* The infamous delay IRQ hack. */
5616 if ( iOriginalSourceSink == ATAFN_SS_WRITE_SECTORS
5617 && s->cbTotalTransfer == 0
5618 && pCtl->DelayIRQMillies)
5619 {
5620 /* Delay IRQ for writing. Required to get the Win2K
5621 * installation work reliably (otherwise it crashes,
5622 * usually during component install). So far no better
5623 * solution has been found. */
5624 Log(("%s: delay IRQ hack\n", __FUNCTION__));
5625 ataR3LockLeave(pCtl);
5626 RTThreadSleep(pCtl->DelayIRQMillies);
5627 ataR3LockEnter(pCtl);
5628 }
5629
5630 ataUnsetStatus(s, ATA_STAT_DRQ);
5631 Assert(!pCtl->fChainedTransfer);
5632 Assert(s->iSourceSink == ATAFN_SS_NULL);
5633 if (s->fATAPITransfer)
5634 {
5635 s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
5636 Log2(("%s: Ctl#%d: interrupt reason %#04x\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl), s->uATARegNSector));
5637 s->fATAPITransfer = false;
5638 }
5639 ataHCSetIRQ(s);
5640 pCtl->uAsyncIOState = ATA_AIO_NEW;
5641 break;
5642 }
5643
5644 case ATA_AIO_PIO:
5645 s = &pCtl->aIfs[pCtl->iAIOIf]; /* Do not remove or there's an instant crash after loading the saved state */
5646
5647 if (s->iSourceSink != ATAFN_SS_NULL)
5648 {
5649 bool fRedo;
5650 Log2(("%s: Ctl#%d: calling source/sink function\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
5651 fRedo = g_apfnSourceSinkFuncs[s->iSourceSink](s);
5652 pCtl->fRedo = fRedo;
5653 if (RT_UNLIKELY(fRedo && !pCtl->fReset))
5654 {
5655 LogRel(("PIIX3 ATA: Ctl#%d: redo PIO operation\n", ATACONTROLLER_IDX(pCtl)));
5656 ataHCAsyncIOPutRequest(pCtl, &g_ataPIORequest);
5657 break;
5658 }
5659 s->iIOBufferCur = 0;
5660 s->iIOBufferEnd = s->cbElementaryTransfer;
5661 }
5662 else
5663 {
5664 /* Continue a previously started transfer. */
5665 ataUnsetStatus(s, ATA_STAT_BUSY);
5666 ataSetStatus(s, ATA_STAT_READY);
5667 }
5668
5669 /* It is possible that the drives on this controller get RESET
5670 * during the above call to the source/sink function. If that's
5671 * the case, don't restart the transfer and don't finish it the
5672 * usual way. RESET handling took care of all that already.
5673 * Most important: do not change uAsyncIOState. */
5674 if (pCtl->fReset)
5675 break;
5676
5677 if (s->cbTotalTransfer)
5678 {
5679 ataHCPIOTransfer(pCtl);
5680 ataHCSetIRQ(s);
5681
5682 if (s->uTxDir == PDMMEDIATXDIR_TO_DEVICE || s->iSourceSink != ATAFN_SS_NULL)
5683 {
5684 /* Write operations and not yet finished transfers
5685 * must be completed in the async I/O thread. */
5686 pCtl->uAsyncIOState = ATA_AIO_PIO;
5687 }
5688 else
5689 {
5690 /* Finished read operation can be handled inline
5691 * in the end of PIO transfer handling code. Linux
5692 * depends on this, as it waits only briefly for
5693 * devices to become ready after incoming data
5694 * transfer. Cannot find anything in the ATA spec
5695 * that backs this assumption, but as all kernels
5696 * are affected (though most of the time it does
5697 * not cause any harm) this must work. */
5698 pCtl->uAsyncIOState = ATA_AIO_NEW;
5699 }
5700 }
5701 else
5702 {
5703 /* Finish PIO transfer. */
5704 ataHCPIOTransfer(pCtl);
5705 if ( !pCtl->fChainedTransfer
5706 && !s->fATAPITransfer
5707 && s->uTxDir != PDMMEDIATXDIR_FROM_DEVICE)
5708 {
5709 ataHCSetIRQ(s);
5710 }
5711 pCtl->uAsyncIOState = ATA_AIO_NEW;
5712 }
5713 break;
5714
5715 case ATA_AIO_RESET_ASSERTED:
5716 pCtl->uAsyncIOState = ATA_AIO_RESET_CLEARED;
5717 ataHCPIOTransferStop(&pCtl->aIfs[0]);
5718 ataHCPIOTransferStop(&pCtl->aIfs[1]);
5719 /* Do not change the DMA registers, they are not affected by the
5720 * ATA controller reset logic. It should be sufficient to issue a
5721 * new command, which is now possible as the state is cleared. */
5722 break;
5723
5724 case ATA_AIO_RESET_CLEARED:
5725 pCtl->uAsyncIOState = ATA_AIO_NEW;
5726 pCtl->fReset = false;
5727 /* Ensure that half-completed transfers are not redone. A reset
5728 * cancels the entire transfer, so continuing is wrong. */
5729 pCtl->fRedo = false;
5730 pCtl->fRedoDMALastDesc = false;
5731 LogRel(("PIIX3 ATA: Ctl#%d: finished processing RESET\n",
5732 ATACONTROLLER_IDX(pCtl)));
5733 for (uint32_t i = 0; i < RT_ELEMENTS(pCtl->aIfs); i++)
5734 {
5735 if (pCtl->aIfs[i].fATAPI)
5736 ataSetStatusValue(&pCtl->aIfs[i], 0); /* NOTE: READY is _not_ set */
5737 else
5738 ataSetStatusValue(&pCtl->aIfs[i], ATA_STAT_READY | ATA_STAT_SEEK);
5739 ataR3SetSignature(&pCtl->aIfs[i]);
5740 }
5741 break;
5742
5743 case ATA_AIO_ABORT:
5744 /* Abort the current command no matter what. There cannot be
5745 * any command activity on the other drive otherwise using
5746 * one thread per controller wouldn't work at all. */
5747 s = &pCtl->aIfs[pReq->u.a.iIf];
5748
5749 pCtl->uAsyncIOState = ATA_AIO_NEW;
5750 /* Do not change the DMA registers, they are not affected by the
5751 * ATA controller reset logic. It should be sufficient to issue a
5752 * new command, which is now possible as the state is cleared. */
5753 if (pReq->u.a.fResetDrive)
5754 {
5755 ataR3ResetDevice(s);
5756 ataR3ExecuteDeviceDiagnosticSS(s);
5757 }
5758 else
5759 {
5760 /* Stop any pending DMA transfer. */
5761 s->fDMA = false;
5762 ataHCPIOTransferStop(s);
5763 ataUnsetStatus(s, ATA_STAT_BUSY | ATA_STAT_DRQ | ATA_STAT_SEEK | ATA_STAT_ERR);
5764 ataSetStatus(s, ATA_STAT_READY);
5765 ataHCSetIRQ(s);
5766 }
5767 break;
5768
5769 default:
5770 AssertMsgFailed(("Undefined async I/O state %d\n", pCtl->uAsyncIOState));
5771 }
5772
5773 ataR3AsyncIORemoveCurrentRequest(pCtl, ReqType);
5774 pReq = ataR3AsyncIOGetCurrentRequest(pCtl);
5775
5776 if (pCtl->uAsyncIOState == ATA_AIO_NEW && !pCtl->fChainedTransfer)
5777 {
5778# if defined(DEBUG) || defined(VBOX_WITH_STATISTICS)
5779 STAM_PROFILE_ADV_STOP(&pCtl->StatAsyncTime, a);
5780# endif
5781
5782 u64TS = RTTimeNanoTS() - u64TS;
5783 uWait = u64TS / 1000;
5784 Log(("%s: Ctl#%d: LUN#%d finished I/O transaction in %d microseconds\n",
5785 __FUNCTION__, ATACONTROLLER_IDX(pCtl), pCtl->aIfs[pCtl->iAIOIf].iLUN, (uint32_t)(uWait)));
5786 /* Mark command as finished. */
5787 pCtl->aIfs[pCtl->iAIOIf].u64CmdTS = 0;
5788
5789 /*
5790 * Release logging of command execution times depends on the
5791 * command type. ATAPI commands often take longer (due to CD/DVD
5792 * spin up time etc.) so the threshold is different.
5793 */
5794 if (pCtl->aIfs[pCtl->iAIOIf].uATARegCommand != ATA_PACKET)
5795 {
5796 if (uWait > 8 * 1000 * 1000)
5797 {
5798 /*
5799 * Command took longer than 8 seconds. This is close
5800 * enough or over the guest's command timeout, so place
5801 * an entry in the release log to allow tracking such
5802 * timing errors (which are often caused by the host).
5803 */
5804 LogRel(("PIIX3 ATA: execution time for ATA command %#04x was %d seconds\n",
5805 pCtl->aIfs[pCtl->iAIOIf].uATARegCommand, uWait / (1000 * 1000)));
5806 }
5807 }
5808 else
5809 {
5810 if (uWait > 20 * 1000 * 1000)
5811 {
5812 /*
5813 * Command took longer than 20 seconds. This is close
5814 * enough or over the guest's command timeout, so place
5815 * an entry in the release log to allow tracking such
5816 * timing errors (which are often caused by the host).
5817 */
5818 LogRel(("PIIX3 ATA: execution time for ATAPI command %#04x was %d seconds\n",
5819 pCtl->aIfs[pCtl->iAIOIf].aATAPICmd[0], uWait / (1000 * 1000)));
5820 }
5821 }
5822
5823# if defined(DEBUG) || defined(VBOX_WITH_STATISTICS)
5824 if (uWait < pCtl->StatAsyncMinWait || !pCtl->StatAsyncMinWait)
5825 pCtl->StatAsyncMinWait = uWait;
5826 if (uWait > pCtl->StatAsyncMaxWait)
5827 pCtl->StatAsyncMaxWait = uWait;
5828
5829 STAM_COUNTER_ADD(&pCtl->StatAsyncTimeUS, uWait);
5830 STAM_COUNTER_INC(&pCtl->StatAsyncOps);
5831# endif /* DEBUG || VBOX_WITH_STATISTICS */
5832 }
5833
5834 ataR3LockLeave(pCtl);
5835 }
5836
5837 /* Signal the ultimate idleness. */
5838 RTThreadUserSignal(pCtl->AsyncIOThread);
5839 if (pCtl->fSignalIdle)
5840 PDMDevHlpAsyncNotificationCompleted(pCtl->pDevInsR3);
5841
5842 /* Cleanup the state. */
5843 /* Do not destroy request lock yet, still needed for proper shutdown. */
5844 pCtl->fShutdown = false;
5845
5846 Log2(("%s: Ctl#%d: return %Rrc\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl), rc));
5847 return rc;
5848}
5849
5850#endif /* IN_RING3 */
5851
5852static uint32_t ataBMDMACmdReadB(PATACONTROLLER pCtl, uint32_t addr)
5853{
5854 uint32_t val = pCtl->BmDma.u8Cmd;
5855 RT_NOREF1(addr);
5856 Log2(("%s: addr=%#06x val=%#04x\n", __FUNCTION__, addr, val));
5857 return val;
5858}
5859
5860
5861static void ataBMDMACmdWriteB(PATACONTROLLER pCtl, uint32_t addr, uint32_t val)
5862{
5863 RT_NOREF1(addr);
5864 Log2(("%s: addr=%#06x val=%#04x\n", __FUNCTION__, addr, val));
5865 if (!(val & BM_CMD_START))
5866 {
5867 pCtl->BmDma.u8Status &= ~BM_STATUS_DMAING;
5868 pCtl->BmDma.u8Cmd = val & (BM_CMD_START | BM_CMD_WRITE);
5869 }
5870 else
5871 {
5872#ifndef IN_RC
5873 /* Check whether the guest OS wants to change DMA direction in
5874 * mid-flight. Not allowed, according to the PIIX3 specs. */
5875 Assert(!(pCtl->BmDma.u8Status & BM_STATUS_DMAING) || !((val ^ pCtl->BmDma.u8Cmd) & 0x04));
5876 uint8_t uOldBmDmaStatus = pCtl->BmDma.u8Status;
5877 pCtl->BmDma.u8Status |= BM_STATUS_DMAING;
5878 pCtl->BmDma.u8Cmd = val & (BM_CMD_START | BM_CMD_WRITE);
5879
5880 /* Do not continue DMA transfers while the RESET line is asserted. */
5881 if (pCtl->fReset)
5882 {
5883 Log2(("%s: Ctl#%d: suppressed continuing DMA transfer as RESET is active\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
5884 return;
5885 }
5886
5887 /* Do not start DMA transfers if there's a PIO transfer going on,
5888 * or if there is already a transfer started on this controller. */
5889 if ( !pCtl->aIfs[pCtl->iSelectedIf].fDMA
5890 || (uOldBmDmaStatus & BM_STATUS_DMAING))
5891 return;
5892
5893 if (pCtl->aIfs[pCtl->iAIOIf].uATARegStatus & ATA_STAT_DRQ)
5894 {
5895 Log2(("%s: Ctl#%d: message to async I/O thread, continuing DMA transfer\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
5896 ataHCAsyncIOPutRequest(pCtl, &g_ataDMARequest);
5897 }
5898#else /* !IN_RING3 */
5899 AssertMsgFailed(("DMA START handling is too complicated for RC\n"));
5900#endif /* IN_RING3 */
5901 }
5902}
5903
5904static uint32_t ataBMDMAStatusReadB(PATACONTROLLER pCtl, uint32_t addr)
5905{
5906 uint32_t val = pCtl->BmDma.u8Status;
5907 RT_NOREF1(addr);
5908 Log2(("%s: addr=%#06x val=%#04x\n", __FUNCTION__, addr, val));
5909 return val;
5910}
5911
5912static void ataBMDMAStatusWriteB(PATACONTROLLER pCtl, uint32_t addr, uint32_t val)
5913{
5914 RT_NOREF1(addr);
5915 Log2(("%s: addr=%#06x val=%#04x\n", __FUNCTION__, addr, val));
5916 pCtl->BmDma.u8Status = (val & (BM_STATUS_D0DMA | BM_STATUS_D1DMA))
5917 | (pCtl->BmDma.u8Status & BM_STATUS_DMAING)
5918 | (pCtl->BmDma.u8Status & ~val & (BM_STATUS_ERROR | BM_STATUS_INT));
5919}
5920
5921static uint32_t ataBMDMAAddrReadL(PATACONTROLLER pCtl, uint32_t addr)
5922{
5923 uint32_t val = (uint32_t)pCtl->BmDma.GCPhysAddr;
5924 RT_NOREF1(addr);
5925 Log2(("%s: addr=%#06x val=%#010x\n", __FUNCTION__, addr, val));
5926 return val;
5927}
5928
5929static void ataBMDMAAddrWriteL(PATACONTROLLER pCtl, uint32_t addr, uint32_t val)
5930{
5931 RT_NOREF1(addr);
5932 Log2(("%s: addr=%#06x val=%#010x\n", __FUNCTION__, addr, val));
5933 pCtl->BmDma.GCPhysAddr = val & ~3;
5934}
5935
5936static void ataBMDMAAddrWriteLowWord(PATACONTROLLER pCtl, uint32_t addr, uint32_t val)
5937{
5938 RT_NOREF1(addr);
5939 Log2(("%s: addr=%#06x val=%#010x\n", __FUNCTION__, addr, val));
5940 pCtl->BmDma.GCPhysAddr = (pCtl->BmDma.GCPhysAddr & 0xFFFF0000) | RT_LOWORD(val & ~3);
5941
5942}
5943
5944static void ataBMDMAAddrWriteHighWord(PATACONTROLLER pCtl, uint32_t addr, uint32_t val)
5945{
5946 Log2(("%s: addr=%#06x val=%#010x\n", __FUNCTION__, addr, val));
5947 RT_NOREF1(addr);
5948 pCtl->BmDma.GCPhysAddr = (RT_LOWORD(val) << 16) | RT_LOWORD(pCtl->BmDma.GCPhysAddr);
5949}
5950
5951#define VAL(port, size) ( ((port) & 7) | ((size) << 3) )
5952
5953/**
5954 * Port I/O Handler for bus master DMA IN operations.
5955 * @see FNIOMIOPORTIN for details.
5956 */
5957PDMBOTHCBDECL(int) ataBMDMAIOPortRead(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t *pu32, unsigned cb)
5958{
5959 uint32_t i = (uint32_t)(uintptr_t)pvUser;
5960 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
5961 PATACONTROLLER pCtl = &pThis->aCts[i];
5962
5963 int rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_READ);
5964 if (rc != VINF_SUCCESS)
5965 return rc;
5966 switch (VAL(Port, cb))
5967 {
5968 case VAL(0, 1): *pu32 = ataBMDMACmdReadB(pCtl, Port); break;
5969 case VAL(0, 2): *pu32 = ataBMDMACmdReadB(pCtl, Port); break;
5970 case VAL(2, 1): *pu32 = ataBMDMAStatusReadB(pCtl, Port); break;
5971 case VAL(2, 2): *pu32 = ataBMDMAStatusReadB(pCtl, Port); break;
5972 case VAL(4, 4): *pu32 = ataBMDMAAddrReadL(pCtl, Port); break;
5973 case VAL(0, 4):
5974 /* The SCO OpenServer tries to read 4 bytes starting from offset 0. */
5975 *pu32 = ataBMDMACmdReadB(pCtl, Port) | (ataBMDMAStatusReadB(pCtl, Port) << 16);
5976 break;
5977 default:
5978 AssertMsgFailed(("%s: Unsupported read from port %x size=%d\n", __FUNCTION__, Port, cb));
5979 rc = VERR_IOM_IOPORT_UNUSED;
5980 break;
5981 }
5982 PDMCritSectLeave(&pCtl->lock);
5983 return rc;
5984}
5985
5986/**
5987 * Port I/O Handler for bus master DMA OUT operations.
5988 * @see FNIOMIOPORTOUT for details.
5989 */
5990PDMBOTHCBDECL(int) ataBMDMAIOPortWrite(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t u32, unsigned cb)
5991{
5992 uint32_t i = (uint32_t)(uintptr_t)pvUser;
5993 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
5994 PATACONTROLLER pCtl = &pThis->aCts[i];
5995
5996 int rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_WRITE);
5997 if (rc != VINF_SUCCESS)
5998 return rc;
5999 switch (VAL(Port, cb))
6000 {
6001 case VAL(0, 1):
6002#ifdef IN_RC
6003 if (u32 & BM_CMD_START)
6004 {
6005 rc = VINF_IOM_R3_IOPORT_WRITE;
6006 break;
6007 }
6008#endif
6009 ataBMDMACmdWriteB(pCtl, Port, u32);
6010 break;
6011 case VAL(2, 1): ataBMDMAStatusWriteB(pCtl, Port, u32); break;
6012 case VAL(4, 4): ataBMDMAAddrWriteL(pCtl, Port, u32); break;
6013 case VAL(4, 2): ataBMDMAAddrWriteLowWord(pCtl, Port, u32); break;
6014 case VAL(6, 2): ataBMDMAAddrWriteHighWord(pCtl, Port, u32); break;
6015 default: AssertMsgFailed(("%s: Unsupported write to port %x size=%d val=%x\n", __FUNCTION__, Port, cb, u32)); break;
6016 }
6017 PDMCritSectLeave(&pCtl->lock);
6018 return rc;
6019}
6020
6021#undef VAL
6022
6023#ifdef IN_RING3
6024
6025/**
6026 * @callback_method_impl{FNPCIIOREGIONMAP}
6027 */
6028static DECLCALLBACK(int) ataR3BMDMAIORangeMap(PPDMDEVINS pDevIns, PPDMPCIDEV pPciDev, uint32_t iRegion,
6029 RTGCPHYS GCPhysAddress, RTGCPHYS cb, PCIADDRESSSPACE enmType)
6030{
6031 RT_NOREF(iRegion, cb, enmType, pPciDev);
6032 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6033 int rc = VINF_SUCCESS;
6034 Assert(enmType == PCI_ADDRESS_SPACE_IO);
6035 Assert(iRegion == 4);
6036 AssertMsg(RT_ALIGN(GCPhysAddress, 8) == GCPhysAddress, ("Expected 8 byte alignment. GCPhysAddress=%#x\n", GCPhysAddress));
6037
6038 /* Register the port range. */
6039 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
6040 {
6041 int rc2 = PDMDevHlpIOPortRegister(pDevIns, (RTIOPORT)GCPhysAddress + i * 8, 8,
6042 (RTHCPTR)(uintptr_t)i, ataBMDMAIOPortWrite, ataBMDMAIOPortRead,
6043 NULL, NULL, "ATA Bus Master DMA");
6044 AssertRC(rc2);
6045 if (rc2 < rc)
6046 rc = rc2;
6047
6048 if (pThis->fRCEnabled)
6049 {
6050 rc2 = PDMDevHlpIOPortRegisterRC(pDevIns, (RTIOPORT)GCPhysAddress + i * 8, 8,
6051 (RTGCPTR)i, "ataBMDMAIOPortWrite", "ataBMDMAIOPortRead",
6052 NULL, NULL, "ATA Bus Master DMA");
6053 AssertRC(rc2);
6054 if (rc2 < rc)
6055 rc = rc2;
6056 }
6057 if (pThis->fR0Enabled)
6058 {
6059 rc2 = PDMDevHlpIOPortRegisterR0(pDevIns, (RTIOPORT)GCPhysAddress + i * 8, 8,
6060 (RTR0PTR)i, "ataBMDMAIOPortWrite", "ataBMDMAIOPortRead",
6061 NULL, NULL, "ATA Bus Master DMA");
6062 AssertRC(rc2);
6063 if (rc2 < rc)
6064 rc = rc2;
6065 }
6066 }
6067 return rc;
6068}
6069
6070
6071/* -=-=-=-=-=- PCIATAState::IBase -=-=-=-=-=- */
6072
6073/**
6074 * @interface_method_impl{PDMIBASE,pfnQueryInterface}
6075 */
6076static DECLCALLBACK(void *) ataR3Status_QueryInterface(PPDMIBASE pInterface, const char *pszIID)
6077{
6078 PCIATAState *pThis = RT_FROM_MEMBER(pInterface, PCIATAState, IBase);
6079 PDMIBASE_RETURN_INTERFACE(pszIID, PDMIBASE, &pThis->IBase);
6080 PDMIBASE_RETURN_INTERFACE(pszIID, PDMILEDPORTS, &pThis->ILeds);
6081 return NULL;
6082}
6083
6084
6085/* -=-=-=-=-=- PCIATAState::ILeds -=-=-=-=-=- */
6086
6087/**
6088 * Gets the pointer to the status LED of a unit.
6089 *
6090 * @returns VBox status code.
6091 * @param pInterface Pointer to the interface structure containing the called function pointer.
6092 * @param iLUN The unit which status LED we desire.
6093 * @param ppLed Where to store the LED pointer.
6094 */
6095static DECLCALLBACK(int) ataR3Status_QueryStatusLed(PPDMILEDPORTS pInterface, unsigned iLUN, PPDMLED *ppLed)
6096{
6097 PCIATAState *pThis = RT_FROM_MEMBER(pInterface, PCIATAState, ILeds);
6098 if (iLUN < 4)
6099 {
6100 switch (iLUN)
6101 {
6102 case 0: *ppLed = &pThis->aCts[0].aIfs[0].Led; break;
6103 case 1: *ppLed = &pThis->aCts[0].aIfs[1].Led; break;
6104 case 2: *ppLed = &pThis->aCts[1].aIfs[0].Led; break;
6105 case 3: *ppLed = &pThis->aCts[1].aIfs[1].Led; break;
6106 }
6107 Assert((*ppLed)->u32Magic == PDMLED_MAGIC);
6108 return VINF_SUCCESS;
6109 }
6110 return VERR_PDM_LUN_NOT_FOUND;
6111}
6112
6113
6114/* -=-=-=-=-=- ATADevState::IBase -=-=-=-=-=- */
6115
6116/**
6117 * @interface_method_impl{PDMIBASE,pfnQueryInterface}
6118 */
6119static DECLCALLBACK(void *) ataR3QueryInterface(PPDMIBASE pInterface, const char *pszIID)
6120{
6121 ATADevState *pIf = RT_FROM_MEMBER(pInterface, ATADevState, IBase);
6122 PDMIBASE_RETURN_INTERFACE(pszIID, PDMIBASE, &pIf->IBase);
6123 PDMIBASE_RETURN_INTERFACE(pszIID, PDMIMEDIAPORT, &pIf->IPort);
6124 PDMIBASE_RETURN_INTERFACE(pszIID, PDMIMOUNTNOTIFY, &pIf->IMountNotify);
6125 return NULL;
6126}
6127
6128
6129/* -=-=-=-=-=- ATADevState::IPort -=-=-=-=-=- */
6130
6131/**
6132 * @interface_method_impl{PDMIMEDIAPORT,pfnQueryDeviceLocation}
6133 */
6134static DECLCALLBACK(int) ataR3QueryDeviceLocation(PPDMIMEDIAPORT pInterface, const char **ppcszController,
6135 uint32_t *piInstance, uint32_t *piLUN)
6136{
6137 ATADevState *pIf = RT_FROM_MEMBER(pInterface, ATADevState, IPort);
6138 PPDMDEVINS pDevIns = pIf->CTX_SUFF(pDevIns);
6139
6140 AssertPtrReturn(ppcszController, VERR_INVALID_POINTER);
6141 AssertPtrReturn(piInstance, VERR_INVALID_POINTER);
6142 AssertPtrReturn(piLUN, VERR_INVALID_POINTER);
6143
6144 *ppcszController = pDevIns->pReg->szName;
6145 *piInstance = pDevIns->iInstance;
6146 *piLUN = pIf->iLUN;
6147
6148 return VINF_SUCCESS;
6149}
6150
6151#endif /* IN_RING3 */
6152
6153/* -=-=-=-=-=- Wrappers -=-=-=-=-=- */
6154
6155
6156/**
6157 * Port I/O Handler for primary port range OUT operations.
6158 * @see FNIOMIOPORTOUT for details.
6159 */
6160PDMBOTHCBDECL(int) ataIOPortWrite1Other(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t u32, unsigned cb)
6161{
6162 uint32_t i = (uint32_t)(uintptr_t)pvUser;
6163 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6164 PATACONTROLLER pCtl = &pThis->aCts[i];
6165
6166 Assert(i < 2);
6167 Assert(Port != pCtl->IOPortBase1);
6168
6169 int rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_WRITE);
6170 if (rc == VINF_SUCCESS)
6171 {
6172 /* Writes to the other command block ports should be 8-bit only. If they
6173 * are not, the high bits are simply discarded. Undocumented, but observed
6174 * on a real PIIX4 system.
6175 */
6176 if (cb > 1)
6177 Log(("ataIOPortWrite1: suspect write to port %x val=%x size=%d\n", Port, u32, cb));
6178
6179 rc = ataIOPortWriteU8(pCtl, Port, u32);
6180
6181 PDMCritSectLeave(&pCtl->lock);
6182 }
6183 return rc;
6184}
6185
6186
6187/**
6188 * Port I/O Handler for primary port range IN operations.
6189 * @see FNIOMIOPORTIN for details.
6190 */
6191PDMBOTHCBDECL(int) ataIOPortRead1Other(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t *pu32, unsigned cb)
6192{
6193 uint32_t i = (uint32_t)(uintptr_t)pvUser;
6194 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6195 PATACONTROLLER pCtl = &pThis->aCts[i];
6196
6197 Assert(i < 2);
6198 Assert(Port != pCtl->IOPortBase1);
6199
6200 int rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_READ);
6201 if (rc == VINF_SUCCESS)
6202 {
6203 /* Reads from the other command block registers should be 8-bit only.
6204 * If they are not, the low byte is propagated to the high bits.
6205 * Undocumented, but observed on a real PIIX4 system.
6206 */
6207 rc = ataIOPortReadU8(pCtl, Port, pu32);
6208 if (cb > 1)
6209 {
6210 uint32_t pad;
6211
6212 /* Replicate the 8-bit result into the upper three bytes. */
6213 pad = *pu32 & 0xff;
6214 pad = pad | (pad << 8);
6215 pad = pad | (pad << 16);
6216 *pu32 = pad;
6217 Log(("ataIOPortRead1: suspect read from port %x size=%d\n", Port, cb));
6218 }
6219 PDMCritSectLeave(&pCtl->lock);
6220 }
6221 return rc;
6222}
6223
6224
6225/**
6226 * Port I/O Handler for secondary port range OUT operations.
6227 * @see FNIOMIOPORTOUT for details.
6228 */
6229PDMBOTHCBDECL(int) ataIOPortWrite2(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t u32, unsigned cb)
6230{
6231 uint32_t i = (uint32_t)(uintptr_t)pvUser;
6232 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6233 PATACONTROLLER pCtl = &pThis->aCts[i];
6234 int rc;
6235
6236 Assert(i < 2);
6237
6238 if (cb == 1)
6239 {
6240 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_WRITE);
6241 if (rc == VINF_SUCCESS)
6242 {
6243 rc = ataControlWrite(pCtl, Port, u32);
6244 PDMCritSectLeave(&pCtl->lock);
6245 }
6246 }
6247 else
6248 rc = VINF_SUCCESS;
6249 return rc;
6250}
6251
6252
6253/**
6254 * Port I/O Handler for secondary port range IN operations.
6255 * @see FNIOMIOPORTIN for details.
6256 */
6257PDMBOTHCBDECL(int) ataIOPortRead2(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t *pu32, unsigned cb)
6258{
6259 uint32_t i = (uint32_t)(uintptr_t)pvUser;
6260 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6261 PATACONTROLLER pCtl = &pThis->aCts[i];
6262 int rc;
6263
6264 Assert(i < 2);
6265
6266 if (cb == 1)
6267 {
6268 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_READ);
6269 if (rc == VINF_SUCCESS)
6270 {
6271 *pu32 = ataStatusRead(pCtl, Port);
6272 PDMCritSectLeave(&pCtl->lock);
6273 }
6274 }
6275 else
6276 rc = VERR_IOM_IOPORT_UNUSED;
6277 return rc;
6278}
6279
6280#ifdef IN_RING3
6281
6282
6283DECLINLINE(void) ataR3RelocBuffer(PPDMDEVINS pDevIns, ATADevState *s)
6284{
6285 if (s->pbIOBufferR3)
6286 s->pbIOBufferRC = MMHyperR3ToRC(PDMDevHlpGetVM(pDevIns), s->pbIOBufferR3);
6287}
6288
6289
6290/**
6291 * Detach notification.
6292 *
6293 * The DVD drive has been unplugged.
6294 *
6295 * @param pDevIns The device instance.
6296 * @param iLUN The logical unit which is being detached.
6297 * @param fFlags Flags, combination of the PDMDEVATT_FLAGS_* \#defines.
6298 */
6299static DECLCALLBACK(void) ataR3Detach(PPDMDEVINS pDevIns, unsigned iLUN, uint32_t fFlags)
6300{
6301 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6302 AssertMsg(fFlags & PDM_TACH_FLAGS_NOT_HOT_PLUG,
6303 ("PIIX3IDE: Device does not support hotplugging\n")); RT_NOREF(fFlags);
6304
6305 /*
6306 * Locate the controller and stuff.
6307 */
6308 unsigned iController = iLUN / RT_ELEMENTS(pThis->aCts[0].aIfs);
6309 AssertReleaseMsg(iController < RT_ELEMENTS(pThis->aCts), ("iController=%d iLUN=%d\n", iController, iLUN));
6310 PATACONTROLLER pCtl = &pThis->aCts[iController];
6311
6312 unsigned iInterface = iLUN % RT_ELEMENTS(pThis->aCts[0].aIfs);
6313 ATADevState *pIf = &pCtl->aIfs[iInterface];
6314
6315 /*
6316 * Zero some important members.
6317 */
6318 pIf->pDrvBase = NULL;
6319 pIf->pDrvMedia = NULL;
6320 pIf->pDrvMount = NULL;
6321
6322 /*
6323 * In case there was a medium inserted.
6324 */
6325 ataR3MediumRemoved(pIf);
6326}
6327
6328
6329/**
6330 * Configure a LUN.
6331 *
6332 * @returns VBox status code.
6333 * @param pDevIns The device instance.
6334 * @param pIf The ATA unit state.
6335 */
6336static int ataR3ConfigLun(PPDMDEVINS pDevIns, ATADevState *pIf)
6337{
6338 int rc = VINF_SUCCESS;
6339 PDMMEDIATYPE enmType;
6340
6341 /*
6342 * Query Block, Bios and Mount interfaces.
6343 */
6344 pIf->pDrvMedia = PDMIBASE_QUERY_INTERFACE(pIf->pDrvBase, PDMIMEDIA);
6345 if (!pIf->pDrvMedia)
6346 {
6347 AssertMsgFailed(("Configuration error: LUN#%d hasn't a block interface!\n", pIf->iLUN));
6348 return VERR_PDM_MISSING_INTERFACE;
6349 }
6350
6351 pIf->pDrvMount = PDMIBASE_QUERY_INTERFACE(pIf->pDrvBase, PDMIMOUNT);
6352
6353 /*
6354 * Validate type.
6355 */
6356 enmType = pIf->pDrvMedia->pfnGetType(pIf->pDrvMedia);
6357 if ( enmType != PDMMEDIATYPE_CDROM
6358 && enmType != PDMMEDIATYPE_DVD
6359 && enmType != PDMMEDIATYPE_HARD_DISK)
6360 {
6361 AssertMsgFailed(("Configuration error: LUN#%d isn't a disk or cd/dvd-rom. enmType=%d\n", pIf->iLUN, enmType));
6362 return VERR_PDM_UNSUPPORTED_BLOCK_TYPE;
6363 }
6364 if ( ( enmType == PDMMEDIATYPE_DVD
6365 || enmType == PDMMEDIATYPE_CDROM)
6366 && !pIf->pDrvMount)
6367 {
6368 AssertMsgFailed(("Internal error: cdrom without a mountable interface, WTF???!\n"));
6369 return VERR_INTERNAL_ERROR;
6370 }
6371 pIf->fATAPI = enmType == PDMMEDIATYPE_DVD || enmType == PDMMEDIATYPE_CDROM;
6372 pIf->fATAPIPassthrough = pIf->fATAPI ? (pIf->pDrvMedia->pfnSendCmd != NULL) : false;
6373
6374 /*
6375 * Allocate I/O buffer.
6376 */
6377 if (pIf->fATAPI)
6378 pIf->cbSector = 2048; /* Not required for ATAPI, one medium can have multiple sector sizes. */
6379 else
6380 pIf->cbSector = pIf->pDrvMedia->pfnGetSectorSize(pIf->pDrvMedia);
6381
6382 PVM pVM = PDMDevHlpGetVM(pDevIns);
6383 if (pIf->cbIOBuffer)
6384 {
6385 /* Buffer is (probably) already allocated. Validate the fields,
6386 * because memory corruption can also overwrite pIf->cbIOBuffer. */
6387 if (pIf->fATAPI)
6388 AssertRelease(pIf->cbIOBuffer == _128K);
6389 else
6390 AssertRelease(pIf->cbIOBuffer == ATA_MAX_MULT_SECTORS * pIf->cbSector);
6391 Assert(pIf->pbIOBufferR3);
6392 Assert(pIf->pbIOBufferR0 == MMHyperR3ToR0(pVM, pIf->pbIOBufferR3));
6393 Assert(pIf->pbIOBufferRC == MMHyperR3ToRC(pVM, pIf->pbIOBufferR3));
6394 }
6395 else
6396 {
6397 if (pIf->fATAPI)
6398 pIf->cbIOBuffer = _128K;
6399 else
6400 pIf->cbIOBuffer = ATA_MAX_MULT_SECTORS * pIf->cbSector;
6401 Assert(!pIf->pbIOBufferR3);
6402 rc = MMR3HyperAllocOnceNoRel(pVM, pIf->cbIOBuffer, 0, MM_TAG_PDM_DEVICE_USER, (void **)&pIf->pbIOBufferR3);
6403 if (RT_FAILURE(rc))
6404 return VERR_NO_MEMORY;
6405 pIf->pbIOBufferR0 = MMHyperR3ToR0(pVM, pIf->pbIOBufferR3);
6406 pIf->pbIOBufferRC = MMHyperR3ToRC(pVM, pIf->pbIOBufferR3);
6407 }
6408
6409 /*
6410 * Init geometry (only for non-CD/DVD media).
6411 */
6412 uint32_t cRegions = pIf->pDrvMedia->pfnGetRegionCount(pIf->pDrvMedia);
6413 pIf->cTotalSectors = 0;
6414 for (uint32_t i = 0; i < cRegions; i++)
6415 {
6416 uint64_t cBlocks = 0;
6417 rc = pIf->pDrvMedia->pfnQueryRegionProperties(pIf->pDrvMedia, i, NULL, &cBlocks,
6418 NULL, NULL);
6419 AssertRC(rc);
6420 pIf->cTotalSectors += cBlocks;
6421 }
6422
6423 if (pIf->fATAPI)
6424 {
6425 pIf->PCHSGeometry.cCylinders = 0; /* dummy */
6426 pIf->PCHSGeometry.cHeads = 0; /* dummy */
6427 pIf->PCHSGeometry.cSectors = 0; /* dummy */
6428 LogRel(("PIIX3 ATA: LUN#%d: CD/DVD, total number of sectors %Ld, passthrough %s\n",
6429 pIf->iLUN, pIf->cTotalSectors, (pIf->fATAPIPassthrough ? "enabled" : "disabled")));
6430 }
6431 else
6432 {
6433 rc = pIf->pDrvMedia->pfnBiosGetPCHSGeometry(pIf->pDrvMedia, &pIf->PCHSGeometry);
6434 if (rc == VERR_PDM_MEDIA_NOT_MOUNTED)
6435 {
6436 pIf->PCHSGeometry.cCylinders = 0;
6437 pIf->PCHSGeometry.cHeads = 16; /*??*/
6438 pIf->PCHSGeometry.cSectors = 63; /*??*/
6439 }
6440 else if (rc == VERR_PDM_GEOMETRY_NOT_SET)
6441 {
6442 pIf->PCHSGeometry.cCylinders = 0; /* autodetect marker */
6443 rc = VINF_SUCCESS;
6444 }
6445 AssertRC(rc);
6446
6447 if ( pIf->PCHSGeometry.cCylinders == 0
6448 || pIf->PCHSGeometry.cHeads == 0
6449 || pIf->PCHSGeometry.cSectors == 0
6450 )
6451 {
6452 uint64_t cCylinders = pIf->cTotalSectors / (16 * 63);
6453 pIf->PCHSGeometry.cCylinders = RT_MAX(RT_MIN(cCylinders, 16383), 1);
6454 pIf->PCHSGeometry.cHeads = 16;
6455 pIf->PCHSGeometry.cSectors = 63;
6456 /* Set the disk geometry information. Ignore errors. */
6457 pIf->pDrvMedia->pfnBiosSetPCHSGeometry(pIf->pDrvMedia, &pIf->PCHSGeometry);
6458 rc = VINF_SUCCESS;
6459 }
6460 LogRel(("PIIX3 ATA: LUN#%d: disk, PCHS=%u/%u/%u, total number of sectors %Ld\n",
6461 pIf->iLUN, pIf->PCHSGeometry.cCylinders, pIf->PCHSGeometry.cHeads, pIf->PCHSGeometry.cSectors,
6462 pIf->cTotalSectors));
6463
6464 if (pIf->pDrvMedia->pfnDiscard)
6465 LogRel(("PIIX3 ATA: LUN#%d: TRIM enabled\n", pIf->iLUN));
6466 }
6467 return rc;
6468}
6469
6470
6471/**
6472 * Attach command.
6473 *
6474 * This is called when we change block driver for the DVD drive.
6475 *
6476 * @returns VBox status code.
6477 * @param pDevIns The device instance.
6478 * @param iLUN The logical unit which is being detached.
6479 * @param fFlags Flags, combination of the PDMDEVATT_FLAGS_* \#defines.
6480 */
6481static DECLCALLBACK(int) ataR3Attach(PPDMDEVINS pDevIns, unsigned iLUN, uint32_t fFlags)
6482{
6483 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6484 PATACONTROLLER pCtl;
6485 ATADevState *pIf;
6486 int rc;
6487 unsigned iController;
6488 unsigned iInterface;
6489
6490 AssertMsgReturn(fFlags & PDM_TACH_FLAGS_NOT_HOT_PLUG,
6491 ("PIIX3IDE: Device does not support hotplugging\n"),
6492 VERR_INVALID_PARAMETER);
6493
6494 /*
6495 * Locate the controller and stuff.
6496 */
6497 iController = iLUN / RT_ELEMENTS(pThis->aCts[0].aIfs);
6498 AssertReleaseMsg(iController < RT_ELEMENTS(pThis->aCts), ("iController=%d iLUN=%d\n", iController, iLUN));
6499 pCtl = &pThis->aCts[iController];
6500
6501 iInterface = iLUN % RT_ELEMENTS(pThis->aCts[0].aIfs);
6502 pIf = &pCtl->aIfs[iInterface];
6503
6504 /* the usual paranoia */
6505 AssertRelease(!pIf->pDrvBase);
6506 AssertRelease(!pIf->pDrvMedia);
6507 Assert(ATADEVSTATE_2_CONTROLLER(pIf) == pCtl);
6508 Assert(pIf->iLUN == iLUN);
6509
6510 /*
6511 * Try attach the block device and get the interfaces,
6512 * required as well as optional.
6513 */
6514 rc = PDMDevHlpDriverAttach(pDevIns, pIf->iLUN, &pIf->IBase, &pIf->pDrvBase, NULL);
6515 if (RT_SUCCESS(rc))
6516 {
6517 rc = ataR3ConfigLun(pDevIns, pIf);
6518 /*
6519 * In case there is a medium inserted.
6520 */
6521 ataR3MediumInserted(pIf);
6522 ataR3MediumTypeSet(pIf, ATA_MEDIA_TYPE_UNKNOWN);
6523 }
6524 else
6525 AssertMsgFailed(("Failed to attach LUN#%d. rc=%Rrc\n", pIf->iLUN, rc));
6526
6527 if (RT_FAILURE(rc))
6528 {
6529 pIf->pDrvBase = NULL;
6530 pIf->pDrvMedia = NULL;
6531 }
6532 return rc;
6533}
6534
6535
6536/**
6537 * Resume notification.
6538 *
6539 * @returns VBox status code.
6540 * @param pDevIns The device instance data.
6541 */
6542static DECLCALLBACK(void) ataR3Resume(PPDMDEVINS pDevIns)
6543{
6544 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6545 int rc;
6546
6547 Log(("%s:\n", __FUNCTION__));
6548 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
6549 {
6550 if (pThis->aCts[i].fRedo && pThis->aCts[i].fRedoIdle)
6551 {
6552 rc = RTSemEventSignal(pThis->aCts[i].SuspendIOSem);
6553 AssertRC(rc);
6554 }
6555 }
6556 return;
6557}
6558
6559
6560/**
6561 * Checks if all (both) the async I/O threads have quiesced.
6562 *
6563 * @returns true on success.
6564 * @returns false when one or more threads is still processing.
6565 * @param pDevIns Pointer to the PDM device instance.
6566 */
6567static bool ataR3AllAsyncIOIsIdle(PPDMDEVINS pDevIns)
6568{
6569 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6570
6571 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
6572 if (pThis->aCts[i].AsyncIOThread != NIL_RTTHREAD)
6573 {
6574 bool fRc = ataR3AsyncIOIsIdle(&pThis->aCts[i], false /*fStrict*/);
6575 if (!fRc)
6576 {
6577 /* Make it signal PDM & itself when its done */
6578 PDMCritSectEnter(&pThis->aCts[i].AsyncIORequestLock, VERR_IGNORED);
6579 ASMAtomicWriteBool(&pThis->aCts[i].fSignalIdle, true);
6580 PDMCritSectLeave(&pThis->aCts[i].AsyncIORequestLock);
6581
6582 fRc = ataR3AsyncIOIsIdle(&pThis->aCts[i], false /*fStrict*/);
6583 if (!fRc)
6584 {
6585#if 0 /** @todo Need to do some time tracking here... */
6586 LogRel(("PIIX3 ATA: Ctl#%u is still executing, DevSel=%d AIOIf=%d CmdIf0=%#04x CmdIf1=%#04x\n",
6587 i, pThis->aCts[i].iSelectedIf, pThis->aCts[i].iAIOIf,
6588 pThis->aCts[i].aIfs[0].uATARegCommand, pThis->aCts[i].aIfs[1].uATARegCommand));
6589#endif
6590 return false;
6591 }
6592 }
6593 ASMAtomicWriteBool(&pThis->aCts[i].fSignalIdle, false);
6594 }
6595 return true;
6596}
6597
6598/**
6599 * Prepare state save and load operation.
6600 *
6601 * @returns VBox status code.
6602 * @param pDevIns Device instance of the device which registered the data unit.
6603 * @param pSSM SSM operation handle.
6604 */
6605static DECLCALLBACK(int) ataR3SaveLoadPrep(PPDMDEVINS pDevIns, PSSMHANDLE pSSM)
6606{
6607 RT_NOREF1(pSSM);
6608 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6609
6610 /* sanity - the suspend notification will wait on the async stuff. */
6611 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
6612 AssertLogRelMsgReturn(ataR3AsyncIOIsIdle(&pThis->aCts[i], false /*fStrict*/),
6613 ("i=%u\n", i),
6614 VERR_SSM_IDE_ASYNC_TIMEOUT);
6615 return VINF_SUCCESS;
6616}
6617
6618/**
6619 * @copydoc FNSSMDEVLIVEEXEC
6620 */
6621static DECLCALLBACK(int) ataR3LiveExec(PPDMDEVINS pDevIns, PSSMHANDLE pSSM, uint32_t uPass)
6622{
6623 RT_NOREF1(uPass);
6624 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6625
6626 SSMR3PutU8(pSSM, pThis->u8Type);
6627 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
6628 {
6629 SSMR3PutBool(pSSM, true); /* For controller enabled / disabled. */
6630 for (uint32_t j = 0; j < RT_ELEMENTS(pThis->aCts[i].aIfs); j++)
6631 {
6632 SSMR3PutBool(pSSM, pThis->aCts[i].aIfs[j].pDrvBase != NULL);
6633 SSMR3PutStrZ(pSSM, pThis->aCts[i].aIfs[j].szSerialNumber);
6634 SSMR3PutStrZ(pSSM, pThis->aCts[i].aIfs[j].szFirmwareRevision);
6635 SSMR3PutStrZ(pSSM, pThis->aCts[i].aIfs[j].szModelNumber);
6636 }
6637 }
6638
6639 return VINF_SSM_DONT_CALL_AGAIN;
6640}
6641
6642/**
6643 * @copydoc FNSSMDEVSAVEEXEC
6644 */
6645static DECLCALLBACK(int) ataR3SaveExec(PPDMDEVINS pDevIns, PSSMHANDLE pSSM)
6646{
6647 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6648
6649 ataR3LiveExec(pDevIns, pSSM, SSM_PASS_FINAL);
6650
6651 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
6652 {
6653 SSMR3PutU8(pSSM, pThis->aCts[i].iSelectedIf);
6654 SSMR3PutU8(pSSM, pThis->aCts[i].iAIOIf);
6655 SSMR3PutU8(pSSM, pThis->aCts[i].uAsyncIOState);
6656 SSMR3PutBool(pSSM, pThis->aCts[i].fChainedTransfer);
6657 SSMR3PutBool(pSSM, pThis->aCts[i].fReset);
6658 SSMR3PutBool(pSSM, pThis->aCts[i].fRedo);
6659 SSMR3PutBool(pSSM, pThis->aCts[i].fRedoIdle);
6660 SSMR3PutBool(pSSM, pThis->aCts[i].fRedoDMALastDesc);
6661 SSMR3PutMem(pSSM, &pThis->aCts[i].BmDma, sizeof(pThis->aCts[i].BmDma));
6662 SSMR3PutGCPhys32(pSSM, pThis->aCts[i].GCPhysFirstDMADesc);
6663 SSMR3PutGCPhys32(pSSM, pThis->aCts[i].GCPhysLastDMADesc);
6664 SSMR3PutGCPhys32(pSSM, pThis->aCts[i].GCPhysRedoDMABuffer);
6665 SSMR3PutU32(pSSM, pThis->aCts[i].cbRedoDMABuffer);
6666
6667 for (uint32_t j = 0; j < RT_ELEMENTS(pThis->aCts[i].aIfs); j++)
6668 {
6669 SSMR3PutBool(pSSM, pThis->aCts[i].aIfs[j].fLBA48);
6670 SSMR3PutBool(pSSM, pThis->aCts[i].aIfs[j].fATAPI);
6671 SSMR3PutBool(pSSM, pThis->aCts[i].aIfs[j].fIrqPending);
6672 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].cMultSectors);
6673 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].PCHSGeometry.cCylinders);
6674 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].PCHSGeometry.cHeads);
6675 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].PCHSGeometry.cSectors);
6676 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].cSectorsPerIRQ);
6677 SSMR3PutU64(pSSM, pThis->aCts[i].aIfs[j].cTotalSectors);
6678 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegFeature);
6679 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegFeatureHOB);
6680 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegError);
6681 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegNSector);
6682 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegNSectorHOB);
6683 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegSector);
6684 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegSectorHOB);
6685 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegLCyl);
6686 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegLCylHOB);
6687 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegHCyl);
6688 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegHCylHOB);
6689 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegSelect);
6690 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegStatus);
6691 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegCommand);
6692 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegDevCtl);
6693 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATATransferMode);
6694 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uTxDir);
6695 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].iBeginTransfer);
6696 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].iSourceSink);
6697 SSMR3PutBool(pSSM, pThis->aCts[i].aIfs[j].fDMA);
6698 SSMR3PutBool(pSSM, pThis->aCts[i].aIfs[j].fATAPITransfer);
6699 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].cbTotalTransfer);
6700 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].cbElementaryTransfer);
6701 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].iIOBufferCur);
6702 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].iIOBufferEnd);
6703 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].iIOBufferPIODataStart);
6704 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].iIOBufferPIODataEnd);
6705 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].iATAPILBA);
6706 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].cbATAPISector);
6707 SSMR3PutMem(pSSM, &pThis->aCts[i].aIfs[j].aATAPICmd, sizeof(pThis->aCts[i].aIfs[j].aATAPICmd));
6708 SSMR3PutMem(pSSM, &pThis->aCts[i].aIfs[j].abATAPISense, sizeof(pThis->aCts[i].aIfs[j].abATAPISense));
6709 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].cNotifiedMediaChange);
6710 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].MediaEventStatus);
6711 SSMR3PutMem(pSSM, &pThis->aCts[i].aIfs[j].Led, sizeof(pThis->aCts[i].aIfs[j].Led));
6712 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].cbIOBuffer);
6713 if (pThis->aCts[i].aIfs[j].cbIOBuffer)
6714 SSMR3PutMem(pSSM, pThis->aCts[i].aIfs[j].CTX_SUFF(pbIOBuffer), pThis->aCts[i].aIfs[j].cbIOBuffer);
6715 else
6716 Assert(pThis->aCts[i].aIfs[j].CTX_SUFF(pbIOBuffer) == NULL);
6717 }
6718 }
6719
6720 return SSMR3PutU32(pSSM, UINT32_MAX); /* sanity/terminator */
6721}
6722
6723/**
6724 * Converts the LUN number into a message string.
6725 */
6726static const char *ataR3StringifyLun(unsigned iLun)
6727{
6728 switch (iLun)
6729 {
6730 case 0: return "primary master";
6731 case 1: return "primary slave";
6732 case 2: return "secondary master";
6733 case 3: return "secondary slave";
6734 default: AssertFailedReturn("unknown lun");
6735 }
6736}
6737
6738/**
6739 * FNSSMDEVLOADEXEC
6740 */
6741static DECLCALLBACK(int) ataR3LoadExec(PPDMDEVINS pDevIns, PSSMHANDLE pSSM, uint32_t uVersion, uint32_t uPass)
6742{
6743 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6744 int rc;
6745 uint32_t u32;
6746
6747 if ( uVersion != ATA_SAVED_STATE_VERSION
6748 && uVersion != ATA_SAVED_STATE_VERSION_VBOX_30
6749 && uVersion != ATA_SAVED_STATE_VERSION_WITHOUT_FULL_SENSE
6750 && uVersion != ATA_SAVED_STATE_VERSION_WITHOUT_EVENT_STATUS
6751 && uVersion != ATA_SAVED_STATE_VERSION_WITH_BOOL_TYPE)
6752 {
6753 AssertMsgFailed(("uVersion=%d\n", uVersion));
6754 return VERR_SSM_UNSUPPORTED_DATA_UNIT_VERSION;
6755 }
6756
6757 /*
6758 * Verify the configuration.
6759 */
6760 if (uVersion > ATA_SAVED_STATE_VERSION_VBOX_30)
6761 {
6762 uint8_t u8Type;
6763 rc = SSMR3GetU8(pSSM, &u8Type);
6764 AssertRCReturn(rc, rc);
6765 if (u8Type != pThis->u8Type)
6766 return SSMR3SetCfgError(pSSM, RT_SRC_POS, N_("Config mismatch: u8Type - saved=%u config=%u"), u8Type, pThis->u8Type);
6767
6768 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
6769 {
6770 bool fEnabled;
6771 rc = SSMR3GetBool(pSSM, &fEnabled);
6772 AssertRCReturn(rc, rc);
6773 if (!fEnabled)
6774 return SSMR3SetCfgError(pSSM, RT_SRC_POS, N_("Ctr#%u onfig mismatch: fEnabled != true"), i);
6775
6776 for (uint32_t j = 0; j < RT_ELEMENTS(pThis->aCts[i].aIfs); j++)
6777 {
6778 ATADevState const *pIf = &pThis->aCts[i].aIfs[j];
6779
6780 bool fInUse;
6781 rc = SSMR3GetBool(pSSM, &fInUse);
6782 AssertRCReturn(rc, rc);
6783 if (fInUse != (pIf->pDrvBase != NULL))
6784 return SSMR3SetCfgError(pSSM, RT_SRC_POS,
6785 N_("The %s VM is missing a %s device. Please make sure the source and target VMs have compatible storage configurations"),
6786 fInUse ? "target" : "source", ataR3StringifyLun(pIf->iLUN) );
6787
6788 char szSerialNumber[ATA_SERIAL_NUMBER_LENGTH+1];
6789 rc = SSMR3GetStrZ(pSSM, szSerialNumber, sizeof(szSerialNumber));
6790 AssertRCReturn(rc, rc);
6791 if (strcmp(szSerialNumber, pIf->szSerialNumber))
6792 LogRel(("PIIX3 ATA: LUN#%u config mismatch: Serial number - saved='%s' config='%s'\n",
6793 pIf->iLUN, szSerialNumber, pIf->szSerialNumber));
6794
6795 char szFirmwareRevision[ATA_FIRMWARE_REVISION_LENGTH+1];
6796 rc = SSMR3GetStrZ(pSSM, szFirmwareRevision, sizeof(szFirmwareRevision));
6797 AssertRCReturn(rc, rc);
6798 if (strcmp(szFirmwareRevision, pIf->szFirmwareRevision))
6799 LogRel(("PIIX3 ATA: LUN#%u config mismatch: Firmware revision - saved='%s' config='%s'\n",
6800 pIf->iLUN, szFirmwareRevision, pIf->szFirmwareRevision));
6801
6802 char szModelNumber[ATA_MODEL_NUMBER_LENGTH+1];
6803 rc = SSMR3GetStrZ(pSSM, szModelNumber, sizeof(szModelNumber));
6804 AssertRCReturn(rc, rc);
6805 if (strcmp(szModelNumber, pIf->szModelNumber))
6806 LogRel(("PIIX3 ATA: LUN#%u config mismatch: Model number - saved='%s' config='%s'\n",
6807 pIf->iLUN, szModelNumber, pIf->szModelNumber));
6808 }
6809 }
6810 }
6811 if (uPass != SSM_PASS_FINAL)
6812 return VINF_SUCCESS;
6813
6814 /*
6815 * Restore valid parts of the PCIATAState structure
6816 */
6817 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
6818 {
6819 /* integrity check */
6820 if (!ataR3AsyncIOIsIdle(&pThis->aCts[i], false))
6821 {
6822 AssertMsgFailed(("Async I/O for controller %d is active\n", i));
6823 return VERR_INTERNAL_ERROR_4;
6824 }
6825
6826 SSMR3GetU8(pSSM, &pThis->aCts[i].iSelectedIf);
6827 SSMR3GetU8(pSSM, &pThis->aCts[i].iAIOIf);
6828 SSMR3GetU8(pSSM, &pThis->aCts[i].uAsyncIOState);
6829 SSMR3GetBool(pSSM, &pThis->aCts[i].fChainedTransfer);
6830 SSMR3GetBool(pSSM, (bool *)&pThis->aCts[i].fReset);
6831 SSMR3GetBool(pSSM, (bool *)&pThis->aCts[i].fRedo);
6832 SSMR3GetBool(pSSM, (bool *)&pThis->aCts[i].fRedoIdle);
6833 SSMR3GetBool(pSSM, (bool *)&pThis->aCts[i].fRedoDMALastDesc);
6834 SSMR3GetMem(pSSM, &pThis->aCts[i].BmDma, sizeof(pThis->aCts[i].BmDma));
6835 SSMR3GetGCPhys32(pSSM, &pThis->aCts[i].GCPhysFirstDMADesc);
6836 SSMR3GetGCPhys32(pSSM, &pThis->aCts[i].GCPhysLastDMADesc);
6837 SSMR3GetGCPhys32(pSSM, &pThis->aCts[i].GCPhysRedoDMABuffer);
6838 SSMR3GetU32(pSSM, &pThis->aCts[i].cbRedoDMABuffer);
6839
6840 for (uint32_t j = 0; j < RT_ELEMENTS(pThis->aCts[i].aIfs); j++)
6841 {
6842 SSMR3GetBool(pSSM, &pThis->aCts[i].aIfs[j].fLBA48);
6843 SSMR3GetBool(pSSM, &pThis->aCts[i].aIfs[j].fATAPI);
6844 SSMR3GetBool(pSSM, &pThis->aCts[i].aIfs[j].fIrqPending);
6845 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].cMultSectors);
6846 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].PCHSGeometry.cCylinders);
6847 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].PCHSGeometry.cHeads);
6848 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].PCHSGeometry.cSectors);
6849 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].cSectorsPerIRQ);
6850 SSMR3GetU64(pSSM, &pThis->aCts[i].aIfs[j].cTotalSectors);
6851 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegFeature);
6852 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegFeatureHOB);
6853 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegError);
6854 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegNSector);
6855 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegNSectorHOB);
6856 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegSector);
6857 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegSectorHOB);
6858 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegLCyl);
6859 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegLCylHOB);
6860 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegHCyl);
6861 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegHCylHOB);
6862 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegSelect);
6863 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegStatus);
6864 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegCommand);
6865 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegDevCtl);
6866 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATATransferMode);
6867 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uTxDir);
6868 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].iBeginTransfer);
6869 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].iSourceSink);
6870 SSMR3GetBool(pSSM, &pThis->aCts[i].aIfs[j].fDMA);
6871 SSMR3GetBool(pSSM, &pThis->aCts[i].aIfs[j].fATAPITransfer);
6872 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].cbTotalTransfer);
6873 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].cbElementaryTransfer);
6874 /* NB: cbPIOTransferLimit could be saved/restored but it's sufficient
6875 * to re-calculate it here, with a tiny risk that it could be
6876 * unnecessarily low for the current transfer only. Could be changed
6877 * when changing the saved state in the future.
6878 */
6879 pThis->aCts[i].aIfs[j].cbPIOTransferLimit = (pThis->aCts[i].aIfs[j].uATARegHCyl << 8) | pThis->aCts[i].aIfs[j].uATARegLCyl;
6880 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].iIOBufferCur);
6881 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].iIOBufferEnd);
6882 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].iIOBufferPIODataStart);
6883 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].iIOBufferPIODataEnd);
6884 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].iATAPILBA);
6885 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].cbATAPISector);
6886 SSMR3GetMem(pSSM, &pThis->aCts[i].aIfs[j].aATAPICmd, sizeof(pThis->aCts[i].aIfs[j].aATAPICmd));
6887 if (uVersion > ATA_SAVED_STATE_VERSION_WITHOUT_FULL_SENSE)
6888 {
6889 SSMR3GetMem(pSSM, pThis->aCts[i].aIfs[j].abATAPISense, sizeof(pThis->aCts[i].aIfs[j].abATAPISense));
6890 }
6891 else
6892 {
6893 uint8_t uATAPISenseKey, uATAPIASC;
6894 memset(pThis->aCts[i].aIfs[j].abATAPISense, '\0', sizeof(pThis->aCts[i].aIfs[j].abATAPISense));
6895 pThis->aCts[i].aIfs[j].abATAPISense[0] = 0x70 | (1 << 7);
6896 pThis->aCts[i].aIfs[j].abATAPISense[7] = 10;
6897 SSMR3GetU8(pSSM, &uATAPISenseKey);
6898 SSMR3GetU8(pSSM, &uATAPIASC);
6899 pThis->aCts[i].aIfs[j].abATAPISense[2] = uATAPISenseKey & 0x0f;
6900 pThis->aCts[i].aIfs[j].abATAPISense[12] = uATAPIASC;
6901 }
6902 /** @todo triple-check this hack after passthrough is working */
6903 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].cNotifiedMediaChange);
6904 if (uVersion > ATA_SAVED_STATE_VERSION_WITHOUT_EVENT_STATUS)
6905 SSMR3GetU32(pSSM, (uint32_t*)&pThis->aCts[i].aIfs[j].MediaEventStatus);
6906 else
6907 pThis->aCts[i].aIfs[j].MediaEventStatus = ATA_EVENT_STATUS_UNCHANGED;
6908 SSMR3GetMem(pSSM, &pThis->aCts[i].aIfs[j].Led, sizeof(pThis->aCts[i].aIfs[j].Led));
6909 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].cbIOBuffer);
6910 if (pThis->aCts[i].aIfs[j].cbIOBuffer)
6911 {
6912 if (pThis->aCts[i].aIfs[j].CTX_SUFF(pbIOBuffer))
6913 SSMR3GetMem(pSSM, pThis->aCts[i].aIfs[j].CTX_SUFF(pbIOBuffer), pThis->aCts[i].aIfs[j].cbIOBuffer);
6914 else
6915 {
6916 LogRel(("ATA: No buffer for %d/%d\n", i, j));
6917 if (SSMR3HandleGetAfter(pSSM) != SSMAFTER_DEBUG_IT)
6918 return SSMR3SetCfgError(pSSM, RT_SRC_POS, N_("No buffer for %d/%d"), i, j);
6919
6920 /* skip the buffer if we're loading for the debugger / animator. */
6921 uint8_t u8Ignored;
6922 size_t cbLeft = pThis->aCts[i].aIfs[j].cbIOBuffer;
6923 while (cbLeft-- > 0)
6924 SSMR3GetU8(pSSM, &u8Ignored);
6925 }
6926 }
6927 else
6928 Assert(pThis->aCts[i].aIfs[j].CTX_SUFF(pbIOBuffer) == NULL);
6929 }
6930 }
6931 if (uVersion <= ATA_SAVED_STATE_VERSION_VBOX_30)
6932 SSMR3GetU8(pSSM, &pThis->u8Type);
6933
6934 rc = SSMR3GetU32(pSSM, &u32);
6935 if (RT_FAILURE(rc))
6936 return rc;
6937 if (u32 != ~0U)
6938 {
6939 AssertMsgFailed(("u32=%#x expected ~0\n", u32));
6940 rc = VERR_SSM_DATA_UNIT_FORMAT_CHANGED;
6941 return rc;
6942 }
6943
6944 return VINF_SUCCESS;
6945}
6946
6947
6948/**
6949 * Callback employed by ataSuspend and ataR3PowerOff.
6950 *
6951 * @returns true if we've quiesced, false if we're still working.
6952 * @param pDevIns The device instance.
6953 */
6954static DECLCALLBACK(bool) ataR3IsAsyncSuspendOrPowerOffDone(PPDMDEVINS pDevIns)
6955{
6956 return ataR3AllAsyncIOIsIdle(pDevIns);
6957}
6958
6959
6960/**
6961 * Common worker for ataSuspend and ataR3PowerOff.
6962 */
6963static void ataR3SuspendOrPowerOff(PPDMDEVINS pDevIns)
6964{
6965 if (!ataR3AllAsyncIOIsIdle(pDevIns))
6966 PDMDevHlpSetAsyncNotification(pDevIns, ataR3IsAsyncSuspendOrPowerOffDone);
6967}
6968
6969
6970/**
6971 * Power Off notification.
6972 *
6973 * @returns VBox status code.
6974 * @param pDevIns The device instance data.
6975 */
6976static DECLCALLBACK(void) ataR3PowerOff(PPDMDEVINS pDevIns)
6977{
6978 Log(("%s:\n", __FUNCTION__));
6979 ataR3SuspendOrPowerOff(pDevIns);
6980}
6981
6982
6983/**
6984 * Suspend notification.
6985 *
6986 * @returns VBox status code.
6987 * @param pDevIns The device instance data.
6988 */
6989static DECLCALLBACK(void) ataR3Suspend(PPDMDEVINS pDevIns)
6990{
6991 Log(("%s:\n", __FUNCTION__));
6992 ataR3SuspendOrPowerOff(pDevIns);
6993}
6994
6995
6996/**
6997 * Callback employed by ataR3Reset.
6998 *
6999 * @returns true if we've quiesced, false if we're still working.
7000 * @param pDevIns The device instance.
7001 */
7002static DECLCALLBACK(bool) ataR3IsAsyncResetDone(PPDMDEVINS pDevIns)
7003{
7004 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
7005
7006 if (!ataR3AllAsyncIOIsIdle(pDevIns))
7007 return false;
7008
7009 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
7010 {
7011 PDMCritSectEnter(&pThis->aCts[i].lock, VERR_INTERNAL_ERROR);
7012 for (uint32_t j = 0; j < RT_ELEMENTS(pThis->aCts[i].aIfs); j++)
7013 ataR3ResetDevice(&pThis->aCts[i].aIfs[j]);
7014 PDMCritSectLeave(&pThis->aCts[i].lock);
7015 }
7016 return true;
7017}
7018
7019
7020/**
7021 * Common reset worker for ataR3Reset and ataR3Construct.
7022 *
7023 * @returns VBox status code.
7024 * @param pDevIns The device instance data.
7025 * @param fConstruct Indicates who is calling.
7026 */
7027static int ataR3ResetCommon(PPDMDEVINS pDevIns, bool fConstruct)
7028{
7029 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
7030
7031 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
7032 {
7033 PDMCritSectEnter(&pThis->aCts[i].lock, VERR_INTERNAL_ERROR);
7034
7035 pThis->aCts[i].iSelectedIf = 0;
7036 pThis->aCts[i].iAIOIf = 0;
7037 pThis->aCts[i].BmDma.u8Cmd = 0;
7038 /* Report that both drives present on the bus are in DMA mode. This
7039 * pretends that there is a BIOS that has set it up. Normal reset
7040 * default is 0x00. */
7041 pThis->aCts[i].BmDma.u8Status = (pThis->aCts[i].aIfs[0].pDrvBase != NULL ? BM_STATUS_D0DMA : 0)
7042 | (pThis->aCts[i].aIfs[1].pDrvBase != NULL ? BM_STATUS_D1DMA : 0);
7043 pThis->aCts[i].BmDma.GCPhysAddr = 0;
7044
7045 pThis->aCts[i].fReset = true;
7046 pThis->aCts[i].fRedo = false;
7047 pThis->aCts[i].fRedoIdle = false;
7048 ataR3AsyncIOClearRequests(&pThis->aCts[i]);
7049 Log2(("%s: Ctl#%d: message to async I/O thread, reset controller\n", __FUNCTION__, i));
7050 ataHCAsyncIOPutRequest(&pThis->aCts[i], &g_ataResetARequest);
7051 ataHCAsyncIOPutRequest(&pThis->aCts[i], &g_ataResetCRequest);
7052
7053 PDMCritSectLeave(&pThis->aCts[i].lock);
7054 }
7055
7056 int rcRet = VINF_SUCCESS;
7057 if (!fConstruct)
7058 {
7059 /*
7060 * Setup asynchronous notification completion if the requests haven't
7061 * completed yet.
7062 */
7063 if (!ataR3IsAsyncResetDone(pDevIns))
7064 PDMDevHlpSetAsyncNotification(pDevIns, ataR3IsAsyncResetDone);
7065 }
7066 else
7067 {
7068 /*
7069 * Wait for the requests for complete.
7070 *
7071 * Would be real nice if we could do it all from EMT(0) and not
7072 * involve the worker threads, then we could dispense with all the
7073 * waiting and semaphore ping-pong here...
7074 */
7075 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
7076 {
7077 if (pThis->aCts[i].AsyncIOThread != NIL_RTTHREAD)
7078 {
7079 int rc = PDMCritSectEnter(&pThis->aCts[i].AsyncIORequestLock, VERR_IGNORED);
7080 AssertRC(rc);
7081
7082 ASMAtomicWriteBool(&pThis->aCts[i].fSignalIdle, true);
7083 rc = RTThreadUserReset(pThis->aCts[i].AsyncIOThread);
7084 AssertRC(rc);
7085
7086 rc = PDMCritSectLeave(&pThis->aCts[i].AsyncIORequestLock);
7087 AssertRC(rc);
7088
7089 if (!ataR3AsyncIOIsIdle(&pThis->aCts[i], false /*fStrict*/))
7090 {
7091 rc = RTThreadUserWait(pThis->aCts[i].AsyncIOThread, 30*1000 /*ms*/);
7092 if (RT_FAILURE(rc))
7093 rc = RTThreadUserWait(pThis->aCts[i].AsyncIOThread, 1000 /*ms*/);
7094 if (RT_FAILURE(rc))
7095 {
7096 AssertRC(rc);
7097 rcRet = rc;
7098 }
7099 }
7100 }
7101 ASMAtomicWriteBool(&pThis->aCts[i].fSignalIdle, false);
7102 }
7103 if (RT_SUCCESS(rcRet))
7104 {
7105 rcRet = ataR3IsAsyncResetDone(pDevIns) ? VINF_SUCCESS : VERR_INTERNAL_ERROR;
7106 AssertRC(rcRet);
7107 }
7108 }
7109 return rcRet;
7110}
7111
7112/**
7113 * Reset notification.
7114 *
7115 * @param pDevIns The device instance data.
7116 */
7117static DECLCALLBACK(void) ataR3Reset(PPDMDEVINS pDevIns)
7118{
7119 ataR3ResetCommon(pDevIns, false /*fConstruct*/);
7120}
7121
7122/**
7123 * @copydoc FNPDMDEVRELOCATE
7124 */
7125static DECLCALLBACK(void) ataR3Relocate(PPDMDEVINS pDevIns, RTGCINTPTR offDelta)
7126{
7127 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
7128
7129 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
7130 {
7131 pThis->aCts[i].pDevInsRC += offDelta;
7132 pThis->aCts[i].aIfs[0].pDevInsRC += offDelta;
7133 pThis->aCts[i].aIfs[0].pControllerRC += offDelta;
7134 ataR3RelocBuffer(pDevIns, &pThis->aCts[i].aIfs[0]);
7135 pThis->aCts[i].aIfs[1].pDevInsRC += offDelta;
7136 pThis->aCts[i].aIfs[1].pControllerRC += offDelta;
7137 ataR3RelocBuffer(pDevIns, &pThis->aCts[i].aIfs[1]);
7138 }
7139}
7140
7141/**
7142 * Destroy a driver instance.
7143 *
7144 * Most VM resources are freed by the VM. This callback is provided so that any non-VM
7145 * resources can be freed correctly.
7146 *
7147 * @param pDevIns The device instance data.
7148 */
7149static DECLCALLBACK(int) ataR3Destruct(PPDMDEVINS pDevIns)
7150{
7151 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
7152 int rc;
7153
7154 Log(("ataR3Destruct\n"));
7155 PDMDEV_CHECK_VERSIONS_RETURN_QUIET(pDevIns);
7156
7157 /*
7158 * Tell the async I/O threads to terminate.
7159 */
7160 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
7161 {
7162 if (pThis->aCts[i].AsyncIOThread != NIL_RTTHREAD)
7163 {
7164 ASMAtomicWriteU32(&pThis->aCts[i].fShutdown, true);
7165 rc = SUPSemEventSignal(pThis->aCts[i].pSupDrvSession, pThis->aCts[i].hAsyncIOSem);
7166 AssertRC(rc);
7167 rc = RTSemEventSignal(pThis->aCts[i].SuspendIOSem);
7168 AssertRC(rc);
7169 }
7170 }
7171
7172 /*
7173 * Wait for the threads to terminate before destroying their resources.
7174 */
7175 for (unsigned i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
7176 {
7177 if (pThis->aCts[i].AsyncIOThread != NIL_RTTHREAD)
7178 {
7179 rc = RTThreadWait(pThis->aCts[i].AsyncIOThread, 30000 /* 30 s*/, NULL);
7180 if (RT_SUCCESS(rc))
7181 pThis->aCts[i].AsyncIOThread = NIL_RTTHREAD;
7182 else
7183 LogRel(("PIIX3 ATA Dtor: Ctl#%u is still executing, DevSel=%d AIOIf=%d CmdIf0=%#04x CmdIf1=%#04x rc=%Rrc\n",
7184 i, pThis->aCts[i].iSelectedIf, pThis->aCts[i].iAIOIf,
7185 pThis->aCts[i].aIfs[0].uATARegCommand, pThis->aCts[i].aIfs[1].uATARegCommand, rc));
7186 }
7187 }
7188
7189 /*
7190 * Free resources.
7191 */
7192 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
7193 {
7194 if (PDMCritSectIsInitialized(&pThis->aCts[i].AsyncIORequestLock))
7195 PDMR3CritSectDelete(&pThis->aCts[i].AsyncIORequestLock);
7196 if (pThis->aCts[i].hAsyncIOSem != NIL_SUPSEMEVENT)
7197 {
7198 SUPSemEventClose(pThis->aCts[i].pSupDrvSession, pThis->aCts[i].hAsyncIOSem);
7199 pThis->aCts[i].hAsyncIOSem = NIL_SUPSEMEVENT;
7200 }
7201 if (pThis->aCts[i].SuspendIOSem != NIL_RTSEMEVENT)
7202 {
7203 RTSemEventDestroy(pThis->aCts[i].SuspendIOSem);
7204 pThis->aCts[i].SuspendIOSem = NIL_RTSEMEVENT;
7205 }
7206
7207 /* try one final time */
7208 if (pThis->aCts[i].AsyncIOThread != NIL_RTTHREAD)
7209 {
7210 rc = RTThreadWait(pThis->aCts[i].AsyncIOThread, 1 /*ms*/, NULL);
7211 if (RT_SUCCESS(rc))
7212 {
7213 pThis->aCts[i].AsyncIOThread = NIL_RTTHREAD;
7214 LogRel(("PIIX3 ATA Dtor: Ctl#%u actually completed.\n", i));
7215 }
7216 }
7217
7218 for (uint32_t iIf = 0; iIf < RT_ELEMENTS(pThis->aCts[i].aIfs); iIf++)
7219 {
7220 if (pThis->aCts[i].aIfs[iIf].pTrackList)
7221 {
7222 ATAPIPassthroughTrackListDestroy(pThis->aCts[i].aIfs[iIf].pTrackList);
7223 pThis->aCts[i].aIfs[iIf].pTrackList = NULL;
7224 }
7225 }
7226 }
7227
7228 return VINF_SUCCESS;
7229}
7230
7231/**
7232 * Convert config value to DEVPCBIOSBOOT.
7233 *
7234 * @returns VBox status code.
7235 * @param pDevIns The device instance data.
7236 * @param pCfg Configuration handle.
7237 * @param penmChipset Where to store the chipset type.
7238 */
7239static int ataR3ControllerFromCfg(PPDMDEVINS pDevIns, PCFGMNODE pCfg, CHIPSET *penmChipset)
7240{
7241 char szType[20];
7242
7243 int rc = CFGMR3QueryStringDef(pCfg, "Type", &szType[0], sizeof(szType), "PIIX4");
7244 if (RT_FAILURE(rc))
7245 return PDMDevHlpVMSetError(pDevIns, rc, RT_SRC_POS,
7246 N_("Configuration error: Querying \"Type\" as a string failed"));
7247 if (!strcmp(szType, "PIIX3"))
7248 *penmChipset = CHIPSET_PIIX3;
7249 else if (!strcmp(szType, "PIIX4"))
7250 *penmChipset = CHIPSET_PIIX4;
7251 else if (!strcmp(szType, "ICH6"))
7252 *penmChipset = CHIPSET_ICH6;
7253 else
7254 {
7255 PDMDevHlpVMSetError(pDevIns, rc, RT_SRC_POS,
7256 N_("Configuration error: The \"Type\" value \"%s\" is unknown"),
7257 szType);
7258 rc = VERR_INTERNAL_ERROR;
7259 }
7260 return rc;
7261}
7262
7263/**
7264 * @interface_method_impl{PDMDEVREG,pfnConstruct}
7265 */
7266static DECLCALLBACK(int) ataR3Construct(PPDMDEVINS pDevIns, int iInstance, PCFGMNODE pCfg)
7267{
7268 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
7269 PPDMIBASE pBase;
7270 int rc;
7271 bool fRCEnabled;
7272 bool fR0Enabled;
7273 uint32_t DelayIRQMillies;
7274
7275 Assert(iInstance == 0);
7276 PDMDEV_CHECK_VERSIONS_RETURN(pDevIns);
7277
7278 /*
7279 * Initialize NIL handle values (for the destructor).
7280 */
7281 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
7282 {
7283 pThis->aCts[i].hAsyncIOSem = NIL_SUPSEMEVENT;
7284 pThis->aCts[i].SuspendIOSem = NIL_RTSEMEVENT;
7285 pThis->aCts[i].AsyncIOThread = NIL_RTTHREAD;
7286 }
7287
7288 /*
7289 * Validate and read configuration.
7290 */
7291 if (!CFGMR3AreValuesValid(pCfg,
7292 "GCEnabled\0"
7293 "R0Enabled\0"
7294 "IRQDelay\0"
7295 "Type\0")
7296 /** @todo || invalid keys */)
7297 return PDMDEV_SET_ERROR(pDevIns, VERR_PDM_DEVINS_UNKNOWN_CFG_VALUES,
7298 N_("PIIX3 configuration error: unknown option specified"));
7299
7300 rc = CFGMR3QueryBoolDef(pCfg, "GCEnabled", &fRCEnabled, true);
7301 if (RT_FAILURE(rc))
7302 return PDMDEV_SET_ERROR(pDevIns, rc,
7303 N_("PIIX3 configuration error: failed to read GCEnabled as boolean"));
7304 Log(("%s: fRCEnabled=%d\n", __FUNCTION__, fRCEnabled));
7305
7306 rc = CFGMR3QueryBoolDef(pCfg, "R0Enabled", &fR0Enabled, true);
7307 if (RT_FAILURE(rc))
7308 return PDMDEV_SET_ERROR(pDevIns, rc,
7309 N_("PIIX3 configuration error: failed to read R0Enabled as boolean"));
7310 Log(("%s: fR0Enabled=%d\n", __FUNCTION__, fR0Enabled));
7311
7312 rc = CFGMR3QueryU32Def(pCfg, "IRQDelay", &DelayIRQMillies, 0);
7313 if (RT_FAILURE(rc))
7314 return PDMDEV_SET_ERROR(pDevIns, rc,
7315 N_("PIIX3 configuration error: failed to read IRQDelay as integer"));
7316 Log(("%s: DelayIRQMillies=%d\n", __FUNCTION__, DelayIRQMillies));
7317 Assert(DelayIRQMillies < 50);
7318
7319 CHIPSET enmChipset = CHIPSET_PIIX3;
7320 rc = ataR3ControllerFromCfg(pDevIns, pCfg, &enmChipset);
7321 if (RT_FAILURE(rc))
7322 return rc;
7323 pThis->u8Type = (uint8_t)enmChipset;
7324
7325 /*
7326 * Initialize data (most of it anyway).
7327 */
7328 /* Status LUN. */
7329 pThis->IBase.pfnQueryInterface = ataR3Status_QueryInterface;
7330 pThis->ILeds.pfnQueryStatusLed = ataR3Status_QueryStatusLed;
7331
7332 /* PCI configuration space. */
7333 PCIDevSetVendorId(&pThis->dev, 0x8086); /* Intel */
7334
7335 /*
7336 * When adding more IDE chipsets, don't forget to update pci_bios_init_device()
7337 * as it explicitly checks for PCI id for IDE controllers.
7338 */
7339 switch (pThis->u8Type)
7340 {
7341 case CHIPSET_ICH6:
7342 PCIDevSetDeviceId(&pThis->dev, 0x269e); /* ICH6 IDE */
7343 /** @todo do we need it? Do we need anything else? */
7344 pThis->dev.abConfig[0x48] = 0x00; /* UDMACTL */
7345 pThis->dev.abConfig[0x4A] = 0x00; /* UDMATIM */
7346 pThis->dev.abConfig[0x4B] = 0x00;
7347 {
7348 /*
7349 * See www.intel.com/Assets/PDF/manual/298600.pdf p. 30
7350 * Report
7351 * WR_Ping-Pong_EN: must be set
7352 * PCR0, PCR1: 80-pin primary cable reporting for both disks
7353 * SCR0, SCR1: 80-pin secondary cable reporting for both disks
7354 */
7355 uint16_t u16Config = (1<<10) | (1<<7) | (1<<6) | (1<<5) | (1<<4) ;
7356 pThis->dev.abConfig[0x54] = u16Config & 0xff;
7357 pThis->dev.abConfig[0x55] = u16Config >> 8;
7358 }
7359 break;
7360 case CHIPSET_PIIX4:
7361 PCIDevSetDeviceId(&pThis->dev, 0x7111); /* PIIX4 IDE */
7362 PCIDevSetRevisionId(&pThis->dev, 0x01); /* PIIX4E */
7363 pThis->dev.abConfig[0x48] = 0x00; /* UDMACTL */
7364 pThis->dev.abConfig[0x4A] = 0x00; /* UDMATIM */
7365 pThis->dev.abConfig[0x4B] = 0x00;
7366 break;
7367 case CHIPSET_PIIX3:
7368 PCIDevSetDeviceId(&pThis->dev, 0x7010); /* PIIX3 IDE */
7369 break;
7370 default:
7371 AssertMsgFailed(("Unsupported IDE chipset type: %d\n", pThis->u8Type));
7372 }
7373
7374 /** @todo
7375 * This is the job of the BIOS / EFI!
7376 *
7377 * The same is done in DevPCI.cpp / pci_bios_init_device() but there is no
7378 * corresponding function in DevPciIch9.cpp. The EFI has corresponding code
7379 * in OvmfPkg/Library/PlatformBdsLib/BdsPlatform.c: NotifyDev() but this
7380 * function assumes that the IDE controller is located at PCI 00:01.1 which
7381 * is not true if the ICH9 chipset is used.
7382 */
7383 PCIDevSetWord(&pThis->dev, 0x40, 0x8000); /* enable IDE0 */
7384 PCIDevSetWord(&pThis->dev, 0x42, 0x8000); /* enable IDE1 */
7385
7386 PCIDevSetCommand( &pThis->dev, PCI_COMMAND_IOACCESS | PCI_COMMAND_MEMACCESS | PCI_COMMAND_BUSMASTER);
7387 PCIDevSetClassProg( &pThis->dev, 0x8a); /* programming interface = PCI_IDE bus master is supported */
7388 PCIDevSetClassSub( &pThis->dev, 0x01); /* class_sub = PCI_IDE */
7389 PCIDevSetClassBase( &pThis->dev, 0x01); /* class_base = PCI_mass_storage */
7390 PCIDevSetHeaderType(&pThis->dev, 0x00);
7391
7392 pThis->pDevIns = pDevIns;
7393 pThis->fRCEnabled = fRCEnabled;
7394 pThis->fR0Enabled = fR0Enabled;
7395 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
7396 {
7397 pThis->aCts[i].pDevInsR3 = pDevIns;
7398 pThis->aCts[i].pDevInsR0 = PDMDEVINS_2_R0PTR(pDevIns);
7399 pThis->aCts[i].pDevInsRC = PDMDEVINS_2_RCPTR(pDevIns);
7400 pThis->aCts[i].DelayIRQMillies = (uint32_t)DelayIRQMillies;
7401 for (uint32_t j = 0; j < RT_ELEMENTS(pThis->aCts[i].aIfs); j++)
7402 {
7403 ATADevState *pIf = &pThis->aCts[i].aIfs[j];
7404
7405 pIf->iLUN = i * RT_ELEMENTS(pThis->aCts) + j;
7406 pIf->pDevInsR3 = pDevIns;
7407 pIf->pDevInsR0 = PDMDEVINS_2_R0PTR(pDevIns);
7408 pIf->pDevInsRC = PDMDEVINS_2_RCPTR(pDevIns);
7409 pIf->pControllerR3 = &pThis->aCts[i];
7410 pIf->pControllerR0 = MMHyperR3ToR0(PDMDevHlpGetVM(pDevIns), &pThis->aCts[i]);
7411 pIf->pControllerRC = MMHyperR3ToRC(PDMDevHlpGetVM(pDevIns), &pThis->aCts[i]);
7412 pIf->IBase.pfnQueryInterface = ataR3QueryInterface;
7413 pIf->IMountNotify.pfnMountNotify = ataR3MountNotify;
7414 pIf->IMountNotify.pfnUnmountNotify = ataR3UnmountNotify;
7415 pIf->IPort.pfnQueryDeviceLocation = ataR3QueryDeviceLocation;
7416 pIf->Led.u32Magic = PDMLED_MAGIC;
7417 }
7418 }
7419
7420 Assert(RT_ELEMENTS(pThis->aCts) == 2);
7421 pThis->aCts[0].irq = 14;
7422 pThis->aCts[0].IOPortBase1 = 0x1f0;
7423 pThis->aCts[0].IOPortBase2 = 0x3f6;
7424 pThis->aCts[1].irq = 15;
7425 pThis->aCts[1].IOPortBase1 = 0x170;
7426 pThis->aCts[1].IOPortBase2 = 0x376;
7427
7428 /*
7429 * Set the default critical section to NOP as we lock on controller level.
7430 */
7431 rc = PDMDevHlpSetDeviceCritSect(pDevIns, PDMDevHlpCritSectGetNop(pDevIns));
7432 AssertRCReturn(rc, rc);
7433
7434 /*
7435 * Register the PCI device.
7436 */
7437 rc = PDMDevHlpPCIRegisterEx(pDevIns, &pThis->dev, PDMPCIDEVREG_CFG_PRIMARY, PDMPCIDEVREG_F_NOT_MANDATORY_NO,
7438 1 /*uPciDevNo*/, 1 /*uPciDevFn*/, "piix3ide");
7439 if (RT_FAILURE(rc))
7440 return PDMDEV_SET_ERROR(pDevIns, rc, N_("PIIX3 cannot register PCI device"));
7441 rc = PDMDevHlpPCIIORegionRegister(pDevIns, 4, 0x10, PCI_ADDRESS_SPACE_IO, ataR3BMDMAIORangeMap);
7442 if (RT_FAILURE(rc))
7443 return PDMDEV_SET_ERROR(pDevIns, rc, N_("PIIX3 cannot register PCI I/O region for BMDMA"));
7444
7445 /*
7446 * Register the I/O ports.
7447 * The ports are all hardcoded and enforced by the PIIX3 host bridge controller.
7448 */
7449 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
7450 {
7451 rc = PDMDevHlpIOPortRegister(pDevIns, pThis->aCts[i].IOPortBase1, 1, (RTHCPTR)(uintptr_t)i,
7452 ataIOPortWrite1Data, ataIOPortRead1Data,
7453 ataIOPortWriteStr1Data, ataIOPortReadStr1Data, "ATA I/O Base 1 - Data");
7454 AssertLogRelRCReturn(rc, rc);
7455 rc = PDMDevHlpIOPortRegister(pDevIns, pThis->aCts[i].IOPortBase1 + 1, 7, (RTHCPTR)(uintptr_t)i,
7456 ataIOPortWrite1Other, ataIOPortRead1Other, NULL, NULL, "ATA I/O Base 1 - Other");
7457
7458 AssertLogRelRCReturn(rc, rc);
7459 if (fRCEnabled)
7460 {
7461 rc = PDMDevHlpIOPortRegisterRC(pDevIns, pThis->aCts[i].IOPortBase1, 1, (RTGCPTR)i,
7462 "ataIOPortWrite1Data", "ataIOPortRead1Data",
7463 "ataIOPortWriteStr1Data", "ataIOPortReadStr1Data", "ATA I/O Base 1 - Data");
7464 AssertLogRelRCReturn(rc, rc);
7465 rc = PDMDevHlpIOPortRegisterRC(pDevIns, pThis->aCts[i].IOPortBase1 + 1, 7, (RTGCPTR)i,
7466 "ataIOPortWrite1Other", "ataIOPortRead1Other", NULL, NULL, "ATA I/O Base 1 - Other");
7467 AssertLogRelRCReturn(rc, rc);
7468 }
7469
7470 if (fR0Enabled)
7471 {
7472#if 0
7473 rc = PDMDevHlpIOPortRegisterR0(pDevIns, pThis->aCts[i].IOPortBase1, 1, (RTR0PTR)i,
7474 "ataIOPortWrite1Data", "ataIOPortRead1Data", NULL, NULL, "ATA I/O Base 1 - Data");
7475#else
7476 rc = PDMDevHlpIOPortRegisterR0(pDevIns, pThis->aCts[i].IOPortBase1, 1, (RTR0PTR)i,
7477 "ataIOPortWrite1Data", "ataIOPortRead1Data",
7478 "ataIOPortWriteStr1Data", "ataIOPortReadStr1Data", "ATA I/O Base 1 - Data");
7479#endif
7480 AssertLogRelRCReturn(rc, rc);
7481 rc = PDMDevHlpIOPortRegisterR0(pDevIns, pThis->aCts[i].IOPortBase1 + 1, 7, (RTR0PTR)i,
7482 "ataIOPortWrite1Other", "ataIOPortRead1Other", NULL, NULL, "ATA I/O Base 1 - Other");
7483 AssertLogRelRCReturn(rc, rc);
7484 }
7485
7486 rc = PDMDevHlpIOPortRegister(pDevIns, pThis->aCts[i].IOPortBase2, 1, (RTHCPTR)(uintptr_t)i,
7487 ataIOPortWrite2, ataIOPortRead2, NULL, NULL, "ATA I/O Base 2");
7488 if (RT_FAILURE(rc))
7489 return PDMDEV_SET_ERROR(pDevIns, rc, N_("PIIX3 cannot register base2 I/O handlers"));
7490
7491 if (fRCEnabled)
7492 {
7493 rc = PDMDevHlpIOPortRegisterRC(pDevIns, pThis->aCts[i].IOPortBase2, 1, (RTGCPTR)i,
7494 "ataIOPortWrite2", "ataIOPortRead2", NULL, NULL, "ATA I/O Base 2");
7495 if (RT_FAILURE(rc))
7496 return PDMDEV_SET_ERROR(pDevIns, rc, N_("PIIX3 cannot register base2 I/O handlers (GC)"));
7497 }
7498 if (fR0Enabled)
7499 {
7500 rc = PDMDevHlpIOPortRegisterR0(pDevIns, pThis->aCts[i].IOPortBase2, 1, (RTR0PTR)i,
7501 "ataIOPortWrite2", "ataIOPortRead2", NULL, NULL, "ATA I/O Base 2");
7502 if (RT_FAILURE(rc))
7503 return PDMDEV_SET_ERROR(pDevIns, rc, N_("PIIX3 cannot register base2 I/O handlers (R0)"));
7504 }
7505
7506 for (uint32_t j = 0; j < RT_ELEMENTS(pThis->aCts[i].aIfs); j++)
7507 {
7508 ATADevState *pIf = &pThis->aCts[i].aIfs[j];
7509 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatATADMA, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_OCCURENCES,
7510 "Number of ATA DMA transfers.", "/Devices/IDE%d/ATA%d/Unit%d/DMA", iInstance, i, j);
7511 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatATAPIO, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_OCCURENCES,
7512 "Number of ATA PIO transfers.", "/Devices/IDE%d/ATA%d/Unit%d/PIO", iInstance, i, j);
7513 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatATAPIDMA, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_OCCURENCES,
7514 "Number of ATAPI DMA transfers.", "/Devices/IDE%d/ATA%d/Unit%d/AtapiDMA", iInstance, i, j);
7515 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatATAPIPIO, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_OCCURENCES,
7516 "Number of ATAPI PIO transfers.", "/Devices/IDE%d/ATA%d/Unit%d/AtapiPIO", iInstance, i, j);
7517#ifdef VBOX_WITH_STATISTICS /** @todo release too. */
7518 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatReads, STAMTYPE_PROFILE_ADV, STAMVISIBILITY_ALWAYS, STAMUNIT_TICKS_PER_CALL,
7519 "Profiling of the read operations.", "/Devices/IDE%d/ATA%d/Unit%d/Reads", iInstance, i, j);
7520#endif
7521 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatBytesRead, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_BYTES,
7522 "Amount of data read.", "/Devices/IDE%d/ATA%d/Unit%d/ReadBytes", iInstance, i, j);
7523#ifdef VBOX_INSTRUMENT_DMA_WRITES
7524 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatInstrVDWrites,STAMTYPE_PROFILE_ADV, STAMVISIBILITY_ALWAYS, STAMUNIT_TICKS_PER_CALL,
7525 "Profiling of the VD DMA write operations.", "/Devices/IDE%d/ATA%d/Unit%d/InstrVDWrites", iInstance, i, j);
7526#endif
7527#ifdef VBOX_WITH_STATISTICS
7528 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatWrites, STAMTYPE_PROFILE_ADV, STAMVISIBILITY_ALWAYS, STAMUNIT_TICKS_PER_CALL,
7529 "Profiling of the write operations.", "/Devices/IDE%d/ATA%d/Unit%d/Writes", iInstance, i, j);
7530#endif
7531 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatBytesWritten, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_BYTES,
7532 "Amount of data written.", "/Devices/IDE%d/ATA%d/Unit%d/WrittenBytes", iInstance, i, j);
7533#ifdef VBOX_WITH_STATISTICS
7534 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatFlushes, STAMTYPE_PROFILE, STAMVISIBILITY_ALWAYS, STAMUNIT_TICKS_PER_CALL,
7535 "Profiling of the flush operations.", "/Devices/IDE%d/ATA%d/Unit%d/Flushes", iInstance, i, j);
7536#endif
7537 }
7538#ifdef VBOX_WITH_STATISTICS /** @todo release too. */
7539 PDMDevHlpSTAMRegisterF(pDevIns, &pThis->aCts[i].StatAsyncOps, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_OCCURENCES,
7540 "The number of async operations.", "/Devices/IDE%d/ATA%d/Async/Operations", iInstance, i);
7541 /** @todo STAMUNIT_MICROSECS */
7542 PDMDevHlpSTAMRegisterF(pDevIns, &pThis->aCts[i].StatAsyncMinWait, STAMTYPE_U64_RESET, STAMVISIBILITY_ALWAYS, STAMUNIT_NONE,
7543 "Minimum wait in microseconds.", "/Devices/IDE%d/ATA%d/Async/MinWait", iInstance, i);
7544 PDMDevHlpSTAMRegisterF(pDevIns, &pThis->aCts[i].StatAsyncMaxWait, STAMTYPE_U64_RESET, STAMVISIBILITY_ALWAYS, STAMUNIT_NONE,
7545 "Maximum wait in microseconds.", "/Devices/IDE%d/ATA%d/Async/MaxWait", iInstance, i);
7546 PDMDevHlpSTAMRegisterF(pDevIns, &pThis->aCts[i].StatAsyncTimeUS, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_NONE,
7547 "Total time spent in microseconds.", "/Devices/IDE%d/ATA%d/Async/TotalTimeUS", iInstance, i);
7548 PDMDevHlpSTAMRegisterF(pDevIns, &pThis->aCts[i].StatAsyncTime, STAMTYPE_PROFILE_ADV, STAMVISIBILITY_ALWAYS, STAMUNIT_TICKS_PER_CALL,
7549 "Profiling of async operations.", "/Devices/IDE%d/ATA%d/Async/Time", iInstance, i);
7550 PDMDevHlpSTAMRegisterF(pDevIns, &pThis->aCts[i].StatLockWait, STAMTYPE_PROFILE, STAMVISIBILITY_ALWAYS, STAMUNIT_TICKS_PER_CALL,
7551 "Profiling of locks.", "/Devices/IDE%d/ATA%d/Async/LockWait", iInstance, i);
7552#endif /* VBOX_WITH_STATISTICS */
7553
7554 /* Initialize per-controller critical section. */
7555 rc = PDMDevHlpCritSectInit(pDevIns, &pThis->aCts[i].lock, RT_SRC_POS, "ATA#%u-Ctl", i);
7556 AssertLogRelRCReturn(rc, rc);
7557
7558 /* Initialize per-controller async I/O request critical section. */
7559 rc = PDMDevHlpCritSectInit(pDevIns, &pThis->aCts[i].AsyncIORequestLock, RT_SRC_POS, "ATA#%u-Req", i);
7560 AssertLogRelRCReturn(rc, rc);
7561 }
7562
7563 /*
7564 * Attach status driver (optional).
7565 */
7566 rc = PDMDevHlpDriverAttach(pDevIns, PDM_STATUS_LUN, &pThis->IBase, &pBase, "Status Port");
7567 if (RT_SUCCESS(rc))
7568 {
7569 pThis->pLedsConnector = PDMIBASE_QUERY_INTERFACE(pBase, PDMILEDCONNECTORS);
7570 pThis->pMediaNotify = PDMIBASE_QUERY_INTERFACE(pBase, PDMIMEDIANOTIFY);
7571 }
7572 else if (rc != VERR_PDM_NO_ATTACHED_DRIVER)
7573 {
7574 AssertMsgFailed(("Failed to attach to status driver. rc=%Rrc\n", rc));
7575 return PDMDEV_SET_ERROR(pDevIns, rc, N_("PIIX3 cannot attach to status driver"));
7576 }
7577
7578 /*
7579 * Attach the units.
7580 */
7581 uint32_t cbTotalBuffer = 0;
7582 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
7583 {
7584 PATACONTROLLER pCtl = &pThis->aCts[i];
7585
7586 /*
7587 * Start the worker thread.
7588 */
7589 pCtl->uAsyncIOState = ATA_AIO_NEW;
7590 pCtl->pSupDrvSession = PDMDevHlpGetSupDrvSession(pDevIns);
7591 rc = SUPSemEventCreate(pCtl->pSupDrvSession, &pCtl->hAsyncIOSem);
7592 AssertLogRelRCReturn(rc, rc);
7593 rc = RTSemEventCreate(&pCtl->SuspendIOSem);
7594 AssertLogRelRCReturn(rc, rc);
7595
7596 ataR3AsyncIOClearRequests(pCtl);
7597 rc = RTThreadCreateF(&pCtl->AsyncIOThread, ataR3AsyncIOThread, (void *)pCtl, 128*1024 /*cbStack*/,
7598 RTTHREADTYPE_IO, RTTHREADFLAGS_WAITABLE, "ATA-%u", i);
7599 AssertLogRelRCReturn(rc, rc);
7600 Assert( pCtl->AsyncIOThread != NIL_RTTHREAD && pCtl->hAsyncIOSem != NIL_SUPSEMEVENT
7601 && pCtl->SuspendIOSem != NIL_RTSEMEVENT && PDMCritSectIsInitialized(&pCtl->AsyncIORequestLock));
7602 Log(("%s: controller %d AIO thread id %#x; sem %p susp_sem %p\n", __FUNCTION__, i, pCtl->AsyncIOThread, pCtl->hAsyncIOSem, pCtl->SuspendIOSem));
7603
7604 for (uint32_t j = 0; j < RT_ELEMENTS(pCtl->aIfs); j++)
7605 {
7606 static const char *s_apszDescs[RT_ELEMENTS(pThis->aCts)][RT_ELEMENTS(pCtl->aIfs)] =
7607 {
7608 { "Primary Master", "Primary Slave" },
7609 { "Secondary Master", "Secondary Slave" }
7610 };
7611
7612 /*
7613 * Try attach the block device and get the interfaces,
7614 * required as well as optional.
7615 */
7616 ATADevState *pIf = &pCtl->aIfs[j];
7617
7618 rc = PDMDevHlpDriverAttach(pDevIns, pIf->iLUN, &pIf->IBase, &pIf->pDrvBase, s_apszDescs[i][j]);
7619 if (RT_SUCCESS(rc))
7620 {
7621 rc = ataR3ConfigLun(pDevIns, pIf);
7622 if (RT_SUCCESS(rc))
7623 {
7624 /*
7625 * Init vendor product data.
7626 */
7627 static const char *s_apszCFGMKeys[RT_ELEMENTS(pThis->aCts)][RT_ELEMENTS(pCtl->aIfs)] =
7628 {
7629 { "PrimaryMaster", "PrimarySlave" },
7630 { "SecondaryMaster", "SecondarySlave" }
7631 };
7632
7633 /* Generate a default serial number. */
7634 char szSerial[ATA_SERIAL_NUMBER_LENGTH+1];
7635 RTUUID Uuid;
7636 if (pIf->pDrvMedia)
7637 rc = pIf->pDrvMedia->pfnGetUuid(pIf->pDrvMedia, &Uuid);
7638 else
7639 RTUuidClear(&Uuid);
7640
7641 if (RT_FAILURE(rc) || RTUuidIsNull(&Uuid))
7642 {
7643 /* Generate a predictable serial for drives which don't have a UUID. */
7644 RTStrPrintf(szSerial, sizeof(szSerial), "VB%x-%04x%04x",
7645 pIf->iLUN + pDevIns->iInstance * 32,
7646 pThis->aCts[i].IOPortBase1, pThis->aCts[i].IOPortBase2);
7647 }
7648 else
7649 RTStrPrintf(szSerial, sizeof(szSerial), "VB%08x-%08x", Uuid.au32[0], Uuid.au32[3]);
7650
7651 /* Get user config if present using defaults otherwise. */
7652 PCFGMNODE pCfgNode = CFGMR3GetChild(pCfg, s_apszCFGMKeys[i][j]);
7653 rc = CFGMR3QueryStringDef(pCfgNode, "SerialNumber", pIf->szSerialNumber, sizeof(pIf->szSerialNumber),
7654 szSerial);
7655 if (RT_FAILURE(rc))
7656 {
7657 if (rc == VERR_CFGM_NOT_ENOUGH_SPACE)
7658 return PDMDEV_SET_ERROR(pDevIns, VERR_INVALID_PARAMETER,
7659 N_("PIIX3 configuration error: \"SerialNumber\" is longer than 20 bytes"));
7660 return PDMDEV_SET_ERROR(pDevIns, rc,
7661 N_("PIIX3 configuration error: failed to read \"SerialNumber\" as string"));
7662 }
7663
7664 rc = CFGMR3QueryStringDef(pCfgNode, "FirmwareRevision", pIf->szFirmwareRevision, sizeof(pIf->szFirmwareRevision),
7665 "1.0");
7666 if (RT_FAILURE(rc))
7667 {
7668 if (rc == VERR_CFGM_NOT_ENOUGH_SPACE)
7669 return PDMDEV_SET_ERROR(pDevIns, VERR_INVALID_PARAMETER,
7670 N_("PIIX3 configuration error: \"FirmwareRevision\" is longer than 8 bytes"));
7671 return PDMDEV_SET_ERROR(pDevIns, rc,
7672 N_("PIIX3 configuration error: failed to read \"FirmwareRevision\" as string"));
7673 }
7674
7675 rc = CFGMR3QueryStringDef(pCfgNode, "ModelNumber", pIf->szModelNumber, sizeof(pIf->szModelNumber),
7676 pIf->fATAPI ? "VBOX CD-ROM" : "VBOX HARDDISK");
7677 if (RT_FAILURE(rc))
7678 {
7679 if (rc == VERR_CFGM_NOT_ENOUGH_SPACE)
7680 return PDMDEV_SET_ERROR(pDevIns, VERR_INVALID_PARAMETER,
7681 N_("PIIX3 configuration error: \"ModelNumber\" is longer than 40 bytes"));
7682 return PDMDEV_SET_ERROR(pDevIns, rc,
7683 N_("PIIX3 configuration error: failed to read \"ModelNumber\" as string"));
7684 }
7685
7686 /* There are three other identification strings for CD drives used for INQUIRY */
7687 if (pIf->fATAPI)
7688 {
7689 rc = CFGMR3QueryStringDef(pCfgNode, "ATAPIVendorId", pIf->szInquiryVendorId, sizeof(pIf->szInquiryVendorId),
7690 "VBOX");
7691 if (RT_FAILURE(rc))
7692 {
7693 if (rc == VERR_CFGM_NOT_ENOUGH_SPACE)
7694 return PDMDEV_SET_ERROR(pDevIns, VERR_INVALID_PARAMETER,
7695 N_("PIIX3 configuration error: \"ATAPIVendorId\" is longer than 16 bytes"));
7696 return PDMDEV_SET_ERROR(pDevIns, rc,
7697 N_("PIIX3 configuration error: failed to read \"ATAPIVendorId\" as string"));
7698 }
7699
7700 rc = CFGMR3QueryStringDef(pCfgNode, "ATAPIProductId", pIf->szInquiryProductId, sizeof(pIf->szInquiryProductId),
7701 "CD-ROM");
7702 if (RT_FAILURE(rc))
7703 {
7704 if (rc == VERR_CFGM_NOT_ENOUGH_SPACE)
7705 return PDMDEV_SET_ERROR(pDevIns, VERR_INVALID_PARAMETER,
7706 N_("PIIX3 configuration error: \"ATAPIProductId\" is longer than 16 bytes"));
7707 return PDMDEV_SET_ERROR(pDevIns, rc,
7708 N_("PIIX3 configuration error: failed to read \"ATAPIProductId\" as string"));
7709 }
7710
7711 rc = CFGMR3QueryStringDef(pCfgNode, "ATAPIRevision", pIf->szInquiryRevision, sizeof(pIf->szInquiryRevision),
7712 "1.0");
7713 if (RT_FAILURE(rc))
7714 {
7715 if (rc == VERR_CFGM_NOT_ENOUGH_SPACE)
7716 return PDMDEV_SET_ERROR(pDevIns, VERR_INVALID_PARAMETER,
7717 N_("PIIX3 configuration error: \"ATAPIRevision\" is longer than 4 bytes"));
7718 return PDMDEV_SET_ERROR(pDevIns, rc,
7719 N_("PIIX3 configuration error: failed to read \"ATAPIRevision\" as string"));
7720 }
7721
7722 rc = CFGMR3QueryBoolDef(pCfgNode, "OverwriteInquiry", &pIf->fOverwriteInquiry, true);
7723 if (RT_FAILURE(rc))
7724 return PDMDEV_SET_ERROR(pDevIns, rc,
7725 N_("PIIX3 configuration error: failed to read \"OverwriteInquiry\" as boolean"));
7726 }
7727 }
7728
7729 }
7730 else if (rc == VERR_PDM_NO_ATTACHED_DRIVER)
7731 {
7732 pIf->pDrvBase = NULL;
7733 pIf->pDrvMedia = NULL;
7734 pIf->cbIOBuffer = 0;
7735 pIf->pbIOBufferR3 = NULL;
7736 pIf->pbIOBufferR0 = NIL_RTR0PTR;
7737 pIf->pbIOBufferRC = NIL_RTGCPTR;
7738 LogRel(("PIIX3 ATA: LUN#%d: no unit\n", pIf->iLUN));
7739 }
7740 else
7741 {
7742 switch (rc)
7743 {
7744 case VERR_ACCESS_DENIED:
7745 /* Error already cached by DrvHostBase */
7746 return rc;
7747 default:
7748 return PDMDevHlpVMSetError(pDevIns, rc, RT_SRC_POS,
7749 N_("PIIX3 cannot attach drive to the %s"),
7750 s_apszDescs[i][j]);
7751 }
7752 }
7753 cbTotalBuffer += pIf->cbIOBuffer;
7754 }
7755 }
7756
7757 rc = PDMDevHlpSSMRegisterEx(pDevIns, ATA_SAVED_STATE_VERSION, sizeof(*pThis) + cbTotalBuffer, NULL,
7758 NULL, ataR3LiveExec, NULL,
7759 ataR3SaveLoadPrep, ataR3SaveExec, NULL,
7760 ataR3SaveLoadPrep, ataR3LoadExec, NULL);
7761 if (RT_FAILURE(rc))
7762 return PDMDEV_SET_ERROR(pDevIns, rc, N_("PIIX3 cannot register save state handlers"));
7763
7764 /*
7765 * Initialize the device state.
7766 */
7767 return ataR3ResetCommon(pDevIns, true /*fConstruct*/);
7768}
7769
7770
7771/**
7772 * The device registration structure.
7773 */
7774const PDMDEVREG g_DevicePIIX3IDE =
7775{
7776 /* u32Version */
7777 PDM_DEVREG_VERSION,
7778 /* szName */
7779 "piix3ide",
7780 /* szRCMod */
7781 "VBoxDDRC.rc",
7782 /* szR0Mod */
7783 "VBoxDDR0.r0",
7784 /* pszDescription */
7785 "Intel PIIX3 ATA controller.\n"
7786 " LUN #0 is primary master.\n"
7787 " LUN #1 is primary slave.\n"
7788 " LUN #2 is secondary master.\n"
7789 " LUN #3 is secondary slave.\n"
7790 " LUN #999 is the LED/Status connector.",
7791 /* fFlags */
7792 PDM_DEVREG_FLAGS_DEFAULT_BITS | PDM_DEVREG_FLAGS_RC | PDM_DEVREG_FLAGS_R0 |
7793 PDM_DEVREG_FLAGS_FIRST_SUSPEND_NOTIFICATION | PDM_DEVREG_FLAGS_FIRST_POWEROFF_NOTIFICATION |
7794 PDM_DEVREG_FLAGS_FIRST_RESET_NOTIFICATION,
7795 /* fClass */
7796 PDM_DEVREG_CLASS_STORAGE,
7797 /* cMaxInstances */
7798 1,
7799 /* cbInstance */
7800 sizeof(PCIATAState),
7801 /* pfnConstruct */
7802 ataR3Construct,
7803 /* pfnDestruct */
7804 ataR3Destruct,
7805 /* pfnRelocate */
7806 ataR3Relocate,
7807 /* pfnMemSetup */
7808 NULL,
7809 /* pfnPowerOn */
7810 NULL,
7811 /* pfnReset */
7812 ataR3Reset,
7813 /* pfnSuspend */
7814 ataR3Suspend,
7815 /* pfnResume */
7816 ataR3Resume,
7817 /* pfnAttach */
7818 ataR3Attach,
7819 /* pfnDetach */
7820 ataR3Detach,
7821 /* pfnQueryInterface. */
7822 NULL,
7823 /* pfnInitComplete */
7824 NULL,
7825 /* pfnPowerOff */
7826 ataR3PowerOff,
7827 /* pfnSoftReset */
7828 NULL,
7829 /* u32VersionEnd */
7830 PDM_DEVREG_VERSION
7831};
7832#endif /* IN_RING3 */
7833#endif /* !VBOX_DEVICE_STRUCT_TESTCASE */
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette