VirtualBox

source: vbox/trunk/src/VBox/Devices/Storage/DevATA.cpp@ 69922

Last change on this file since 69922 was 69500, checked in by vboxsync, 7 years ago

*: scm --update-copyright-year

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 297.5 KB
Line 
1/* $Id: DevATA.cpp 69500 2017-10-28 15:14:05Z vboxsync $ */
2/** @file
3 * VBox storage devices: ATA/ATAPI controller device (disk and cdrom).
4 */
5
6/*
7 * Copyright (C) 2006-2017 Oracle Corporation
8 *
9 * This file is part of VirtualBox Open Source Edition (OSE), as
10 * available from http://www.virtualbox.org. This file is free software;
11 * you can redistribute it and/or modify it under the terms of the GNU
12 * General Public License (GPL) as published by the Free Software
13 * Foundation, in version 2 as it comes in the "COPYING" file of the
14 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
15 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
16 */
17
18
19/*********************************************************************************************************************************
20* Defined Constants And Macros *
21*********************************************************************************************************************************/
22/** Temporary instrumentation for tracking down potential virtual disk
23 * write performance issues. */
24#undef VBOX_INSTRUMENT_DMA_WRITES
25
26/** @name The SSM saved state versions.
27 * @{
28 */
29/** The current saved state version. */
30#define ATA_SAVED_STATE_VERSION 20
31/** The saved state version used by VirtualBox 3.0.
32 * This lacks the config part and has the type at the and. */
33#define ATA_SAVED_STATE_VERSION_VBOX_30 19
34#define ATA_SAVED_STATE_VERSION_WITH_BOOL_TYPE 18
35#define ATA_SAVED_STATE_VERSION_WITHOUT_FULL_SENSE 16
36#define ATA_SAVED_STATE_VERSION_WITHOUT_EVENT_STATUS 17
37/** @} */
38
39
40/*********************************************************************************************************************************
41* Header Files *
42*********************************************************************************************************************************/
43#define LOG_GROUP LOG_GROUP_DEV_IDE
44#include <VBox/vmm/pdmdev.h>
45#include <VBox/vmm/pdmstorageifs.h>
46#include <iprt/assert.h>
47#include <iprt/string.h>
48#ifdef IN_RING3
49# include <iprt/uuid.h>
50# include <iprt/semaphore.h>
51# include <iprt/thread.h>
52# include <iprt/time.h>
53# include <iprt/alloc.h>
54#endif /* IN_RING3 */
55#include <iprt/critsect.h>
56#include <iprt/asm.h>
57#include <VBox/vmm/stam.h>
58#include <VBox/vmm/mm.h>
59#include <VBox/vmm/pgm.h>
60
61#include <VBox/sup.h>
62#include <VBox/scsi.h>
63#include <VBox/scsiinline.h>
64#include <VBox/ata.h>
65
66#include "ATAPIPassthrough.h"
67#include "VBoxDD.h"
68
69
70/*********************************************************************************************************************************
71* Defined Constants And Macros *
72*********************************************************************************************************************************/
73/**
74 * Maximum number of sectors to transfer in a READ/WRITE MULTIPLE request.
75 * Set to 1 to disable multi-sector read support. According to the ATA
76 * specification this must be a power of 2 and it must fit in an 8 bit
77 * value. Thus the only valid values are 1, 2, 4, 8, 16, 32, 64 and 128.
78 */
79#define ATA_MAX_MULT_SECTORS 128
80
81/**
82 * Fastest PIO mode supported by the drive.
83 */
84#define ATA_PIO_MODE_MAX 4
85/**
86 * Fastest MDMA mode supported by the drive.
87 */
88#define ATA_MDMA_MODE_MAX 2
89/**
90 * Fastest UDMA mode supported by the drive.
91 */
92#define ATA_UDMA_MODE_MAX 6
93
94/** ATAPI sense info size. */
95#define ATAPI_SENSE_SIZE 64
96
97/** The maximum number of release log entries per device. */
98#define MAX_LOG_REL_ERRORS 1024
99
100/* MediaEventStatus */
101#define ATA_EVENT_STATUS_UNCHANGED 0 /**< medium event status not changed */
102#define ATA_EVENT_STATUS_MEDIA_NEW 1 /**< new medium inserted */
103#define ATA_EVENT_STATUS_MEDIA_REMOVED 2 /**< medium removed */
104#define ATA_EVENT_STATUS_MEDIA_CHANGED 3 /**< medium was removed + new medium was inserted */
105#define ATA_EVENT_STATUS_MEDIA_EJECT_REQUESTED 4 /**< medium eject requested (eject button pressed) */
106
107/* Media track type */
108#define ATA_MEDIA_TYPE_UNKNOWN 0 /**< unknown CD type */
109#define ATA_MEDIA_NO_DISC 0x70 /**< Door closed, no medium */
110
111/** @defgroup grp_piix3atabmdma PIIX3 ATA Bus Master DMA
112 * @{
113 */
114
115/** @name BM_STATUS
116 * @{
117 */
118/** Currently performing a DMA operation. */
119#define BM_STATUS_DMAING 0x01
120/** An error occurred during the DMA operation. */
121#define BM_STATUS_ERROR 0x02
122/** The DMA unit has raised the IDE interrupt line. */
123#define BM_STATUS_INT 0x04
124/** User-defined bit 0, commonly used to signal that drive 0 supports DMA. */
125#define BM_STATUS_D0DMA 0x20
126/** User-defined bit 1, commonly used to signal that drive 1 supports DMA. */
127#define BM_STATUS_D1DMA 0x40
128/** @} */
129
130/** @name BM_CMD
131 * @{
132 */
133/** Start the DMA operation. */
134#define BM_CMD_START 0x01
135/** Data transfer direction: from device to memory if set. */
136#define BM_CMD_WRITE 0x08
137/** @} */
138
139/** @} */
140
141
142/*********************************************************************************************************************************
143* Structures and Typedefs *
144*********************************************************************************************************************************/
145/** @defgroup grp_piix3atabmdma PIIX3 ATA Bus Master DMA
146 * @{
147 */
148/** PIIX3 Bus Master DMA unit state. */
149typedef struct BMDMAState
150{
151 /** Command register. */
152 uint8_t u8Cmd;
153 /** Status register. */
154 uint8_t u8Status;
155 /** Address of the MMIO region in the guest's memory space. */
156 RTGCPHYS32 GCPhysAddr;
157} BMDMAState;
158
159/** PIIX3 Bus Master DMA descriptor entry. */
160typedef struct BMDMADesc
161{
162 /** Address of the DMA source/target buffer. */
163 RTGCPHYS32 GCPhysBuffer;
164 /** Size of the DMA source/target buffer. */
165 uint32_t cbBuffer;
166} BMDMADesc;
167/** @} */
168
169
170/**
171 * The state of an ATA device.
172 *
173 * @implements PDMIBASE
174 * @implements PDMIBLOCKPORT
175 * @implements PDMIMOUNTNOTIFY
176 */
177typedef struct ATADevState
178{
179 /** Flag indicating whether the current command uses LBA48 mode. */
180 bool fLBA48;
181 /** Flag indicating whether this drive implements the ATAPI command set. */
182 bool fATAPI;
183 /** Set if this interface has asserted the IRQ. */
184 bool fIrqPending;
185 /** Currently configured number of sectors in a multi-sector transfer. */
186 uint8_t cMultSectors;
187 /** PCHS disk geometry. */
188 PDMMEDIAGEOMETRY PCHSGeometry;
189 /** Total number of sectors on this disk. */
190 uint64_t cTotalSectors;
191 /** Sector size of the medium. */
192 uint32_t cbSector;
193 /** Number of sectors to transfer per IRQ. */
194 uint32_t cSectorsPerIRQ;
195
196 /** ATA/ATAPI register 1: feature (write-only). */
197 uint8_t uATARegFeature;
198 /** ATA/ATAPI register 1: feature, high order byte. */
199 uint8_t uATARegFeatureHOB;
200 /** ATA/ATAPI register 1: error (read-only). */
201 uint8_t uATARegError;
202 /** ATA/ATAPI register 2: sector count (read/write). */
203 uint8_t uATARegNSector;
204 /** ATA/ATAPI register 2: sector count, high order byte. */
205 uint8_t uATARegNSectorHOB;
206 /** ATA/ATAPI register 3: sector (read/write). */
207 uint8_t uATARegSector;
208 /** ATA/ATAPI register 3: sector, high order byte. */
209 uint8_t uATARegSectorHOB;
210 /** ATA/ATAPI register 4: cylinder low (read/write). */
211 uint8_t uATARegLCyl;
212 /** ATA/ATAPI register 4: cylinder low, high order byte. */
213 uint8_t uATARegLCylHOB;
214 /** ATA/ATAPI register 5: cylinder high (read/write). */
215 uint8_t uATARegHCyl;
216 /** ATA/ATAPI register 5: cylinder high, high order byte. */
217 uint8_t uATARegHCylHOB;
218 /** ATA/ATAPI register 6: select drive/head (read/write). */
219 uint8_t uATARegSelect;
220 /** ATA/ATAPI register 7: status (read-only). */
221 uint8_t uATARegStatus;
222 /** ATA/ATAPI register 7: command (write-only). */
223 uint8_t uATARegCommand;
224 /** ATA/ATAPI drive control register (write-only). */
225 uint8_t uATARegDevCtl;
226
227 /** Currently active transfer mode (MDMA/UDMA) and speed. */
228 uint8_t uATATransferMode;
229 /** Current transfer direction. */
230 uint8_t uTxDir;
231 /** Index of callback for begin transfer. */
232 uint8_t iBeginTransfer;
233 /** Index of callback for source/sink of data. */
234 uint8_t iSourceSink;
235 /** Flag indicating whether the current command transfers data in DMA mode. */
236 bool fDMA;
237 /** Set to indicate that ATAPI transfer semantics must be used. */
238 bool fATAPITransfer;
239
240 /** Total ATA/ATAPI transfer size, shared PIO/DMA. */
241 uint32_t cbTotalTransfer;
242 /** Elementary ATA/ATAPI transfer size, shared PIO/DMA. */
243 uint32_t cbElementaryTransfer;
244 /** Maximum ATAPI elementary transfer size, PIO only. */
245 uint32_t cbPIOTransferLimit;
246 /** ATAPI passthrough transfer size, shared PIO/DMA */
247 uint32_t cbAtapiPassthroughTransfer;
248 /** Current read/write buffer position, shared PIO/DMA. */
249 uint32_t iIOBufferCur;
250 /** First element beyond end of valid buffer content, shared PIO/DMA. */
251 uint32_t iIOBufferEnd;
252 /** Align the following fields correctly. */
253 uint32_t Alignment0;
254
255 /** ATA/ATAPI current PIO read/write transfer position. Not shared with DMA for safety reasons. */
256 uint32_t iIOBufferPIODataStart;
257 /** ATA/ATAPI current PIO read/write transfer end. Not shared with DMA for safety reasons. */
258 uint32_t iIOBufferPIODataEnd;
259
260 /** ATAPI current LBA position. */
261 uint32_t iATAPILBA;
262 /** ATAPI current sector size. */
263 uint32_t cbATAPISector;
264 /** ATAPI current command. */
265 uint8_t aATAPICmd[ATAPI_PACKET_SIZE];
266 /** ATAPI sense data. */
267 uint8_t abATAPISense[ATAPI_SENSE_SIZE];
268 /** HACK: Countdown till we report a newly unmounted drive as mounted. */
269 uint8_t cNotifiedMediaChange;
270 /** The same for GET_EVENT_STATUS for mechanism */
271 volatile uint32_t MediaEventStatus;
272
273 /** Media type if known. */
274 volatile uint32_t MediaTrackType;
275
276 /** The status LED state for this drive. */
277 PDMLED Led;
278
279 /** Size of I/O buffer. */
280 uint32_t cbIOBuffer;
281 /** Pointer to the I/O buffer. */
282 R3PTRTYPE(uint8_t *) pbIOBufferR3;
283 /** Pointer to the I/O buffer. */
284 R0PTRTYPE(uint8_t *) pbIOBufferR0;
285 /** Pointer to the I/O buffer. */
286 RCPTRTYPE(uint8_t *) pbIOBufferRC;
287
288 RTRCPTR Aligmnent1; /**< Align the statistics at an 8-byte boundary. */
289
290 /*
291 * No data that is part of the saved state after this point!!!!!
292 */
293
294 /* Release statistics: number of ATA DMA commands. */
295 STAMCOUNTER StatATADMA;
296 /* Release statistics: number of ATA PIO commands. */
297 STAMCOUNTER StatATAPIO;
298 /* Release statistics: number of ATAPI PIO commands. */
299 STAMCOUNTER StatATAPIDMA;
300 /* Release statistics: number of ATAPI PIO commands. */
301 STAMCOUNTER StatATAPIPIO;
302#ifdef VBOX_INSTRUMENT_DMA_WRITES
303 /* Release statistics: number of DMA sector writes and the time spent. */
304 STAMPROFILEADV StatInstrVDWrites;
305#endif
306
307 /** Statistics: number of read operations and the time spent reading. */
308 STAMPROFILEADV StatReads;
309 /** Statistics: number of bytes read. */
310 STAMCOUNTER StatBytesRead;
311 /** Statistics: number of write operations and the time spent writing. */
312 STAMPROFILEADV StatWrites;
313 /** Statistics: number of bytes written. */
314 STAMCOUNTER StatBytesWritten;
315 /** Statistics: number of flush operations and the time spend flushing. */
316 STAMPROFILE StatFlushes;
317
318 /** Enable passing through commands directly to the ATAPI drive. */
319 bool fATAPIPassthrough;
320 /** Flag whether to overwrite inquiry data in passthrough mode. */
321 bool fOverwriteInquiry;
322 /** Number of errors we've reported to the release log.
323 * This is to prevent flooding caused by something going horribly wrong.
324 * this value against MAX_LOG_REL_ERRORS in places likely to cause floods
325 * like the ones we currently seeing on the linux smoke tests (2006-11-10). */
326 uint32_t cErrors;
327 /** Timestamp of last started command. 0 if no command pending. */
328 uint64_t u64CmdTS;
329
330 /** Pointer to the attached driver's base interface. */
331 R3PTRTYPE(PPDMIBASE) pDrvBase;
332 /** Pointer to the attached driver's block interface. */
333 R3PTRTYPE(PPDMIMEDIA) pDrvMedia;
334 /** Pointer to the attached driver's mount interface.
335 * This is NULL if the driver isn't a removable unit. */
336 R3PTRTYPE(PPDMIMOUNT) pDrvMount;
337 /** The base interface. */
338 PDMIBASE IBase;
339 /** The block port interface. */
340 PDMIMEDIAPORT IPort;
341 /** The mount notify interface. */
342 PDMIMOUNTNOTIFY IMountNotify;
343 /** The LUN #. */
344 RTUINT iLUN;
345#if HC_ARCH_BITS == 64
346 RTUINT Alignment2; /**< Align pDevInsR3 correctly. */
347#endif
348 /** Pointer to device instance. */
349 PPDMDEVINSR3 pDevInsR3;
350 /** Pointer to controller instance. */
351 R3PTRTYPE(struct ATACONTROLLER *) pControllerR3;
352 /** Pointer to device instance. */
353 PPDMDEVINSR0 pDevInsR0;
354 /** Pointer to controller instance. */
355 R0PTRTYPE(struct ATACONTROLLER *) pControllerR0;
356 /** Pointer to device instance. */
357 PPDMDEVINSRC pDevInsRC;
358 /** Pointer to controller instance. */
359 RCPTRTYPE(struct ATACONTROLLER *) pControllerRC;
360
361 /** The serial number to use for IDENTIFY DEVICE commands. */
362 char szSerialNumber[ATA_SERIAL_NUMBER_LENGTH+1];
363 /** The firmware revision to use for IDENTIFY DEVICE commands. */
364 char szFirmwareRevision[ATA_FIRMWARE_REVISION_LENGTH+1];
365 /** The model number to use for IDENTIFY DEVICE commands. */
366 char szModelNumber[ATA_MODEL_NUMBER_LENGTH+1];
367 /** The vendor identification string for SCSI INQUIRY commands. */
368 char szInquiryVendorId[SCSI_INQUIRY_VENDOR_ID_LENGTH+1];
369 /** The product identification string for SCSI INQUIRY commands. */
370 char szInquiryProductId[SCSI_INQUIRY_PRODUCT_ID_LENGTH+1];
371 /** The revision string for SCSI INQUIRY commands. */
372 char szInquiryRevision[SCSI_INQUIRY_REVISION_LENGTH+1];
373 /** The current tracklist of the loaded medium if passthrough is used. */
374 R3PTRTYPE(PTRACKLIST) pTrackList;
375
376 uint8_t abAlignment4[HC_ARCH_BITS == 64 ? 7 : 3];
377} ATADevState;
378AssertCompileMemberAlignment(ATADevState, cTotalSectors, 8);
379AssertCompileMemberAlignment(ATADevState, StatATADMA, 8);
380AssertCompileMemberAlignment(ATADevState, u64CmdTS, 8);
381AssertCompileMemberAlignment(ATADevState, pDevInsR3, 8);
382AssertCompileMemberAlignment(ATADevState, szSerialNumber, 8);
383AssertCompileSizeAlignment(ATADevState, 8);
384
385
386/**
387 * Transfer request forwarded to the async I/O thread.
388 */
389typedef struct ATATransferRequest
390{
391 /** The interface index the request is for. */
392 uint8_t iIf;
393 /** The index of the begin transfer callback to call. */
394 uint8_t iBeginTransfer;
395 /** The index of the source sink callback to call for doing the transfer. */
396 uint8_t iSourceSink;
397 /** How many bytes to transfer. */
398 uint32_t cbTotalTransfer;
399 /** Transfer direction. */
400 uint8_t uTxDir;
401} ATATransferRequest;
402
403
404/**
405 * Abort request forwarded to the async I/O thread.
406 */
407typedef struct ATAAbortRequest
408{
409 /** The interface index the request is for. */
410 uint8_t iIf;
411 /** Flag whether to reset the drive. */
412 bool fResetDrive;
413} ATAAbortRequest;
414
415
416/**
417 * Request type indicator.
418 */
419typedef enum
420{
421 /** Begin a new transfer. */
422 ATA_AIO_NEW = 0,
423 /** Continue a DMA transfer. */
424 ATA_AIO_DMA,
425 /** Continue a PIO transfer. */
426 ATA_AIO_PIO,
427 /** Reset the drives on current controller, stop all transfer activity. */
428 ATA_AIO_RESET_ASSERTED,
429 /** Reset the drives on current controller, resume operation. */
430 ATA_AIO_RESET_CLEARED,
431 /** Abort the current transfer of a particular drive. */
432 ATA_AIO_ABORT
433} ATAAIO;
434
435
436/**
437 * Combining structure for an ATA request to the async I/O thread
438 * started with the request type insicator.
439 */
440typedef struct ATARequest
441{
442 /** Request type. */
443 ATAAIO ReqType;
444 /** Request type dependent data. */
445 union
446 {
447 /** Transfer request specific data. */
448 ATATransferRequest t;
449 /** Abort request specific data. */
450 ATAAbortRequest a;
451 } u;
452} ATARequest;
453
454
455/**
456 * The state of an ATA controller containing to devices (master and slave).
457 */
458typedef struct ATACONTROLLER
459{
460 /** The base of the first I/O Port range. */
461 RTIOPORT IOPortBase1;
462 /** The base of the second I/O Port range. (0 if none) */
463 RTIOPORT IOPortBase2;
464 /** The assigned IRQ. */
465 RTUINT irq;
466 /** Access critical section */
467 PDMCRITSECT lock;
468
469 /** Selected drive. */
470 uint8_t iSelectedIf;
471 /** The interface on which to handle async I/O. */
472 uint8_t iAIOIf;
473 /** The state of the async I/O thread. */
474 uint8_t uAsyncIOState;
475 /** Flag indicating whether the next transfer is part of the current command. */
476 bool fChainedTransfer;
477 /** Set when the reset processing is currently active on this controller. */
478 bool fReset;
479 /** Flag whether the current transfer needs to be redone. */
480 bool fRedo;
481 /** Flag whether the redo suspend has been finished. */
482 bool fRedoIdle;
483 /** Flag whether the DMA operation to be redone is the final transfer. */
484 bool fRedoDMALastDesc;
485 /** The BusMaster DMA state. */
486 BMDMAState BmDma;
487 /** Pointer to first DMA descriptor. */
488 RTGCPHYS32 GCPhysFirstDMADesc;
489 /** Pointer to last DMA descriptor. */
490 RTGCPHYS32 GCPhysLastDMADesc;
491 /** Pointer to current DMA buffer (for redo operations). */
492 RTGCPHYS32 GCPhysRedoDMABuffer;
493 /** Size of current DMA buffer (for redo operations). */
494 uint32_t cbRedoDMABuffer;
495
496 /** The ATA/ATAPI interfaces of this controller. */
497 ATADevState aIfs[2];
498
499 /** Pointer to device instance. */
500 PPDMDEVINSR3 pDevInsR3;
501 /** Pointer to device instance. */
502 PPDMDEVINSR0 pDevInsR0;
503 /** Pointer to device instance. */
504 PPDMDEVINSRC pDevInsRC;
505
506 /** Set when the destroying the device instance and the thread must exit. */
507 uint32_t volatile fShutdown;
508 /** The async I/O thread handle. NIL_RTTHREAD if no thread. */
509 RTTHREAD AsyncIOThread;
510 /** The event semaphore the thread is waiting on for requests. */
511 SUPSEMEVENT hAsyncIOSem;
512 /** The support driver session handle. */
513 PSUPDRVSESSION pSupDrvSession;
514 /** The request queue for the AIO thread. One element is always unused. */
515 ATARequest aAsyncIORequests[4];
516 /** The position at which to insert a new request for the AIO thread. */
517 volatile uint8_t AsyncIOReqHead;
518 /** The position at which to get a new request for the AIO thread. */
519 volatile uint8_t AsyncIOReqTail;
520 /** Whether to call PDMDevHlpAsyncNotificationCompleted when idle. */
521 bool volatile fSignalIdle;
522 uint8_t Alignment3[1]; /**< Explicit padding of the 1 byte gap. */
523 /** Magic delay before triggering interrupts in DMA mode. */
524 uint32_t DelayIRQMillies;
525 /** The event semaphore the thread is waiting on during suspended I/O. */
526 RTSEMEVENT SuspendIOSem;
527 /** The lock protecting the request queue. */
528 PDMCRITSECT AsyncIORequestLock;
529
530 /** Timestamp we started the reset. */
531 uint64_t u64ResetTime;
532
533 /* Statistics */
534 STAMCOUNTER StatAsyncOps;
535 uint64_t StatAsyncMinWait;
536 uint64_t StatAsyncMaxWait;
537 STAMCOUNTER StatAsyncTimeUS;
538 STAMPROFILEADV StatAsyncTime;
539 STAMPROFILE StatLockWait;
540} ATACONTROLLER, *PATACONTROLLER;
541AssertCompileMemberAlignment(ATACONTROLLER, lock, 8);
542AssertCompileMemberAlignment(ATACONTROLLER, aIfs, 8);
543AssertCompileMemberAlignment(ATACONTROLLER, u64ResetTime, 8);
544AssertCompileMemberAlignment(ATACONTROLLER, StatAsyncOps, 8);
545AssertCompileMemberAlignment(ATACONTROLLER, AsyncIORequestLock, 8);
546AssertCompileSizeAlignment(ATACONTROLLER, 8);
547
548typedef enum CHIPSET
549{
550 /** PIIX3 chipset, must be 0 for saved state compatibility */
551 CHIPSET_PIIX3 = 0,
552 /** PIIX4 chipset, must be 1 for saved state compatibility */
553 CHIPSET_PIIX4 = 1,
554 /** ICH6 chipset */
555 CHIPSET_ICH6 = 2
556} CHIPSET;
557
558/**
559 * The state of the ATA PCI device.
560 *
561 * @extends PDMPCIDEV
562 * @implements PDMILEDPORTS
563 */
564typedef struct PCIATAState
565{
566 PDMPCIDEV dev;
567 /** The controllers. */
568 ATACONTROLLER aCts[2];
569 /** Pointer to device instance. */
570 PPDMDEVINSR3 pDevIns;
571 /** Status LUN: Base interface. */
572 PDMIBASE IBase;
573 /** Status LUN: Leds interface. */
574 PDMILEDPORTS ILeds;
575 /** Status LUN: Partner of ILeds. */
576 R3PTRTYPE(PPDMILEDCONNECTORS) pLedsConnector;
577 /** Status LUN: Media Notify. */
578 R3PTRTYPE(PPDMIMEDIANOTIFY) pMediaNotify;
579 /** Flag whether RC is enabled. */
580 bool fRCEnabled;
581 /** Flag whether R0 is enabled. */
582 bool fR0Enabled;
583 /** Flag indicating chipset being emulated. */
584 uint8_t u8Type;
585 bool Alignment0[HC_ARCH_BITS == 64 ? 5 : 1 ]; /**< Align the struct size. */
586} PCIATAState;
587
588#define ATACONTROLLER_IDX(pController) ( (pController) - PDMINS_2_DATA(CONTROLLER_2_DEVINS(pController), PCIATAState *)->aCts )
589
590#define ATADEVSTATE_2_CONTROLLER(pIf) ( (pIf)->CTX_SUFF(pController) )
591#define ATADEVSTATE_2_DEVINS(pIf) ( (pIf)->CTX_SUFF(pDevIns) )
592#define CONTROLLER_2_DEVINS(pController) ( (pController)->CTX_SUFF(pDevIns) )
593
594#ifndef VBOX_DEVICE_STRUCT_TESTCASE
595
596
597/*********************************************************************************************************************************
598* Internal Functions *
599*********************************************************************************************************************************/
600RT_C_DECLS_BEGIN
601
602PDMBOTHCBDECL(int) ataIOPortWrite1Data(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t u32, unsigned cb);
603PDMBOTHCBDECL(int) ataIOPortRead1Data(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t *u32, unsigned cb);
604PDMBOTHCBDECL(int) ataIOPortWriteStr1Data(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint8_t const *pbSrc,
605 uint32_t *pcTransfers, unsigned cb);
606PDMBOTHCBDECL(int) ataIOPortReadStr1Data(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint8_t *pbDst,
607 uint32_t *pcTransfers, unsigned cb);
608PDMBOTHCBDECL(int) ataIOPortWrite1Other(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t u32, unsigned cb);
609PDMBOTHCBDECL(int) ataIOPortRead1Other(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t *u32, unsigned cb);
610PDMBOTHCBDECL(int) ataIOPortWrite2(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t u32, unsigned cb);
611PDMBOTHCBDECL(int) ataIOPortRead2(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t *u32, unsigned cb);
612PDMBOTHCBDECL(int) ataBMDMAIOPortWrite(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t u32, unsigned cb);
613PDMBOTHCBDECL(int) ataBMDMAIOPortRead(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t *pu32, unsigned cb);
614RT_C_DECLS_END
615
616
617
618#ifdef IN_RING3
619DECLINLINE(void) ataSetStatusValue(ATADevState *s, uint8_t stat)
620{
621 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
622
623 /* Freeze status register contents while processing RESET. */
624 if (!pCtl->fReset)
625 {
626 s->uATARegStatus = stat;
627 Log2(("%s: LUN#%d status %#04x\n", __FUNCTION__, s->iLUN, s->uATARegStatus));
628 }
629}
630#endif /* IN_RING3 */
631
632
633DECLINLINE(void) ataSetStatus(ATADevState *s, uint8_t stat)
634{
635 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
636
637 /* Freeze status register contents while processing RESET. */
638 if (!pCtl->fReset)
639 {
640 s->uATARegStatus |= stat;
641 Log2(("%s: LUN#%d status %#04x\n", __FUNCTION__, s->iLUN, s->uATARegStatus));
642 }
643}
644
645
646DECLINLINE(void) ataUnsetStatus(ATADevState *s, uint8_t stat)
647{
648 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
649
650 /* Freeze status register contents while processing RESET. */
651 if (!pCtl->fReset)
652 {
653 s->uATARegStatus &= ~stat;
654 Log2(("%s: LUN#%d status %#04x\n", __FUNCTION__, s->iLUN, s->uATARegStatus));
655 }
656}
657
658#if defined(IN_RING3) || defined(IN_RING0)
659
660# ifdef IN_RING3
661typedef void (*PBeginTransferFunc)(ATADevState *);
662typedef bool (*PSourceSinkFunc)(ATADevState *);
663
664static void ataR3ReadWriteSectorsBT(ATADevState *);
665static void ataR3PacketBT(ATADevState *);
666static void atapiR3CmdBT(ATADevState *);
667static void atapiR3PassthroughCmdBT(ATADevState *);
668
669static bool ataR3IdentifySS(ATADevState *);
670static bool ataR3FlushSS(ATADevState *);
671static bool ataR3ReadSectorsSS(ATADevState *);
672static bool ataR3WriteSectorsSS(ATADevState *);
673static bool ataR3ExecuteDeviceDiagnosticSS(ATADevState *);
674static bool ataR3TrimSS(ATADevState *);
675static bool ataR3PacketSS(ATADevState *);
676static bool atapiR3GetConfigurationSS(ATADevState *);
677static bool atapiR3GetEventStatusNotificationSS(ATADevState *);
678static bool atapiR3IdentifySS(ATADevState *);
679static bool atapiR3InquirySS(ATADevState *);
680static bool atapiR3MechanismStatusSS(ATADevState *);
681static bool atapiR3ModeSenseErrorRecoverySS(ATADevState *);
682static bool atapiR3ModeSenseCDStatusSS(ATADevState *);
683static bool atapiR3ReadSS(ATADevState *);
684static bool atapiR3ReadCapacitySS(ATADevState *);
685static bool atapiR3ReadDiscInformationSS(ATADevState *);
686static bool atapiR3ReadTOCNormalSS(ATADevState *);
687static bool atapiR3ReadTOCMultiSS(ATADevState *);
688static bool atapiR3ReadTOCRawSS(ATADevState *);
689static bool atapiR3ReadTrackInformationSS(ATADevState *);
690static bool atapiR3RequestSenseSS(ATADevState *);
691static bool atapiR3PassthroughSS(ATADevState *);
692static bool atapiR3ReadDVDStructureSS(ATADevState *);
693# endif /* IN_RING3 */
694
695/**
696 * Begin of transfer function indexes for g_apfnBeginTransFuncs.
697 */
698typedef enum ATAFNBT
699{
700 ATAFN_BT_NULL = 0,
701 ATAFN_BT_READ_WRITE_SECTORS,
702 ATAFN_BT_PACKET,
703 ATAFN_BT_ATAPI_CMD,
704 ATAFN_BT_ATAPI_PASSTHROUGH_CMD,
705 ATAFN_BT_MAX
706} ATAFNBT;
707
708# ifdef IN_RING3
709/**
710 * Array of end transfer functions, the index is ATAFNET.
711 * Make sure ATAFNET and this array match!
712 */
713static const PBeginTransferFunc g_apfnBeginTransFuncs[ATAFN_BT_MAX] =
714{
715 NULL,
716 ataR3ReadWriteSectorsBT,
717 ataR3PacketBT,
718 atapiR3CmdBT,
719 atapiR3PassthroughCmdBT,
720};
721# endif /* IN_RING3 */
722
723/**
724 * Source/sink function indexes for g_apfnSourceSinkFuncs.
725 */
726typedef enum ATAFNSS
727{
728 ATAFN_SS_NULL = 0,
729 ATAFN_SS_IDENTIFY,
730 ATAFN_SS_FLUSH,
731 ATAFN_SS_READ_SECTORS,
732 ATAFN_SS_WRITE_SECTORS,
733 ATAFN_SS_EXECUTE_DEVICE_DIAGNOSTIC,
734 ATAFN_SS_TRIM,
735 ATAFN_SS_PACKET,
736 ATAFN_SS_ATAPI_GET_CONFIGURATION,
737 ATAFN_SS_ATAPI_GET_EVENT_STATUS_NOTIFICATION,
738 ATAFN_SS_ATAPI_IDENTIFY,
739 ATAFN_SS_ATAPI_INQUIRY,
740 ATAFN_SS_ATAPI_MECHANISM_STATUS,
741 ATAFN_SS_ATAPI_MODE_SENSE_ERROR_RECOVERY,
742 ATAFN_SS_ATAPI_MODE_SENSE_CD_STATUS,
743 ATAFN_SS_ATAPI_READ,
744 ATAFN_SS_ATAPI_READ_CAPACITY,
745 ATAFN_SS_ATAPI_READ_DISC_INFORMATION,
746 ATAFN_SS_ATAPI_READ_TOC_NORMAL,
747 ATAFN_SS_ATAPI_READ_TOC_MULTI,
748 ATAFN_SS_ATAPI_READ_TOC_RAW,
749 ATAFN_SS_ATAPI_READ_TRACK_INFORMATION,
750 ATAFN_SS_ATAPI_REQUEST_SENSE,
751 ATAFN_SS_ATAPI_PASSTHROUGH,
752 ATAFN_SS_ATAPI_READ_DVD_STRUCTURE,
753 ATAFN_SS_MAX
754} ATAFNSS;
755
756# ifdef IN_RING3
757/**
758 * Array of source/sink functions, the index is ATAFNSS.
759 * Make sure ATAFNSS and this array match!
760 */
761static const PSourceSinkFunc g_apfnSourceSinkFuncs[ATAFN_SS_MAX] =
762{
763 NULL,
764 ataR3IdentifySS,
765 ataR3FlushSS,
766 ataR3ReadSectorsSS,
767 ataR3WriteSectorsSS,
768 ataR3ExecuteDeviceDiagnosticSS,
769 ataR3TrimSS,
770 ataR3PacketSS,
771 atapiR3GetConfigurationSS,
772 atapiR3GetEventStatusNotificationSS,
773 atapiR3IdentifySS,
774 atapiR3InquirySS,
775 atapiR3MechanismStatusSS,
776 atapiR3ModeSenseErrorRecoverySS,
777 atapiR3ModeSenseCDStatusSS,
778 atapiR3ReadSS,
779 atapiR3ReadCapacitySS,
780 atapiR3ReadDiscInformationSS,
781 atapiR3ReadTOCNormalSS,
782 atapiR3ReadTOCMultiSS,
783 atapiR3ReadTOCRawSS,
784 atapiR3ReadTrackInformationSS,
785 atapiR3RequestSenseSS,
786 atapiR3PassthroughSS,
787 atapiR3ReadDVDStructureSS
788};
789# endif /* IN_RING3 */
790
791
792static const ATARequest g_ataDMARequest = { ATA_AIO_DMA, { { 0, 0, 0, 0, 0 } } };
793static const ATARequest g_ataPIORequest = { ATA_AIO_PIO, { { 0, 0, 0, 0, 0 } } };
794# ifdef IN_RING3
795static const ATARequest g_ataResetARequest = { ATA_AIO_RESET_ASSERTED, { { 0, 0, 0, 0, 0 } } };
796static const ATARequest g_ataResetCRequest = { ATA_AIO_RESET_CLEARED, { { 0, 0, 0, 0, 0 } } };
797# endif
798
799# ifdef IN_RING3
800static void ataR3AsyncIOClearRequests(PATACONTROLLER pCtl)
801{
802 int rc = PDMCritSectEnter(&pCtl->AsyncIORequestLock, VINF_SUCCESS);
803 AssertRC(rc);
804
805 pCtl->AsyncIOReqHead = 0;
806 pCtl->AsyncIOReqTail = 0;
807
808 rc = PDMCritSectLeave(&pCtl->AsyncIORequestLock);
809 AssertRC(rc);
810}
811# endif /* IN_RING3 */
812
813static void ataHCAsyncIOPutRequest(PATACONTROLLER pCtl, const ATARequest *pReq)
814{
815 int rc = PDMCritSectEnter(&pCtl->AsyncIORequestLock, VINF_SUCCESS);
816 AssertRC(rc);
817
818 Assert((pCtl->AsyncIOReqHead + 1) % RT_ELEMENTS(pCtl->aAsyncIORequests) != pCtl->AsyncIOReqTail);
819 memcpy(&pCtl->aAsyncIORequests[pCtl->AsyncIOReqHead], pReq, sizeof(*pReq));
820 pCtl->AsyncIOReqHead++;
821 pCtl->AsyncIOReqHead %= RT_ELEMENTS(pCtl->aAsyncIORequests);
822
823 rc = PDMCritSectLeave(&pCtl->AsyncIORequestLock);
824 AssertRC(rc);
825
826 rc = PDMHCCritSectScheduleExitEvent(&pCtl->lock, pCtl->hAsyncIOSem);
827 if (RT_FAILURE(rc))
828 {
829 rc = SUPSemEventSignal(pCtl->pSupDrvSession, pCtl->hAsyncIOSem);
830 AssertRC(rc);
831 }
832}
833
834# ifdef IN_RING3
835
836static const ATARequest *ataR3AsyncIOGetCurrentRequest(PATACONTROLLER pCtl)
837{
838 const ATARequest *pReq;
839
840 int rc = PDMCritSectEnter(&pCtl->AsyncIORequestLock, VINF_SUCCESS);
841 AssertRC(rc);
842
843 if (pCtl->AsyncIOReqHead != pCtl->AsyncIOReqTail)
844 pReq = &pCtl->aAsyncIORequests[pCtl->AsyncIOReqTail];
845 else
846 pReq = NULL;
847
848 rc = PDMCritSectLeave(&pCtl->AsyncIORequestLock);
849 AssertRC(rc);
850 return pReq;
851}
852
853
854/**
855 * Remove the request with the given type, as it's finished. The request
856 * is not removed blindly, as this could mean a RESET request that is not
857 * yet processed (but has cleared the request queue) is lost.
858 *
859 * @param pCtl Controller for which to remove the request.
860 * @param ReqType Type of the request to remove.
861 */
862static void ataR3AsyncIORemoveCurrentRequest(PATACONTROLLER pCtl, ATAAIO ReqType)
863{
864 int rc = PDMCritSectEnter(&pCtl->AsyncIORequestLock, VINF_SUCCESS);
865 AssertRC(rc);
866
867 if (pCtl->AsyncIOReqHead != pCtl->AsyncIOReqTail && pCtl->aAsyncIORequests[pCtl->AsyncIOReqTail].ReqType == ReqType)
868 {
869 pCtl->AsyncIOReqTail++;
870 pCtl->AsyncIOReqTail %= RT_ELEMENTS(pCtl->aAsyncIORequests);
871 }
872
873 rc = PDMCritSectLeave(&pCtl->AsyncIORequestLock);
874 AssertRC(rc);
875}
876
877
878/**
879 * Dump the request queue for a particular controller. First dump the queue
880 * contents, then the already processed entries, as long as they haven't been
881 * overwritten.
882 *
883 * @param pCtl Controller for which to dump the queue.
884 */
885static void ataR3AsyncIODumpRequests(PATACONTROLLER pCtl)
886{
887 int rc = PDMCritSectEnter(&pCtl->AsyncIORequestLock, VINF_SUCCESS);
888 AssertRC(rc);
889
890 LogRel(("PIIX3 ATA: Ctl#%d: request queue dump (topmost is current):\n", ATACONTROLLER_IDX(pCtl)));
891 uint8_t curr = pCtl->AsyncIOReqTail;
892 do
893 {
894 if (curr == pCtl->AsyncIOReqHead)
895 LogRel(("PIIX3 ATA: Ctl#%d: processed requests (topmost is oldest):\n", ATACONTROLLER_IDX(pCtl)));
896 switch (pCtl->aAsyncIORequests[curr].ReqType)
897 {
898 case ATA_AIO_NEW:
899 LogRel(("new transfer request, iIf=%d iBeginTransfer=%d iSourceSink=%d cbTotalTransfer=%d uTxDir=%d\n",
900 pCtl->aAsyncIORequests[curr].u.t.iIf, pCtl->aAsyncIORequests[curr].u.t.iBeginTransfer,
901 pCtl->aAsyncIORequests[curr].u.t.iSourceSink, pCtl->aAsyncIORequests[curr].u.t.cbTotalTransfer,
902 pCtl->aAsyncIORequests[curr].u.t.uTxDir));
903 break;
904 case ATA_AIO_DMA:
905 LogRel(("dma transfer continuation\n"));
906 break;
907 case ATA_AIO_PIO:
908 LogRel(("pio transfer continuation\n"));
909 break;
910 case ATA_AIO_RESET_ASSERTED:
911 LogRel(("reset asserted request\n"));
912 break;
913 case ATA_AIO_RESET_CLEARED:
914 LogRel(("reset cleared request\n"));
915 break;
916 case ATA_AIO_ABORT:
917 LogRel(("abort request, iIf=%d fResetDrive=%d\n", pCtl->aAsyncIORequests[curr].u.a.iIf,
918 pCtl->aAsyncIORequests[curr].u.a.fResetDrive));
919 break;
920 default:
921 LogRel(("unknown request %d\n", pCtl->aAsyncIORequests[curr].ReqType));
922 }
923 curr = (curr + 1) % RT_ELEMENTS(pCtl->aAsyncIORequests);
924 } while (curr != pCtl->AsyncIOReqTail);
925
926 rc = PDMCritSectLeave(&pCtl->AsyncIORequestLock);
927 AssertRC(rc);
928}
929
930
931/**
932 * Checks whether the request queue for a particular controller is empty
933 * or whether a particular controller is idle.
934 *
935 * @param pCtl Controller for which to check the queue.
936 * @param fStrict If set then the controller is checked to be idle.
937 */
938static bool ataR3AsyncIOIsIdle(PATACONTROLLER pCtl, bool fStrict)
939{
940 int rc = PDMCritSectEnter(&pCtl->AsyncIORequestLock, VINF_SUCCESS);
941 AssertRC(rc);
942
943 bool fIdle = pCtl->fRedoIdle;
944 if (!fIdle)
945 fIdle = (pCtl->AsyncIOReqHead == pCtl->AsyncIOReqTail);
946 if (fStrict)
947 fIdle &= (pCtl->uAsyncIOState == ATA_AIO_NEW);
948
949 rc = PDMCritSectLeave(&pCtl->AsyncIORequestLock);
950 AssertRC(rc);
951 return fIdle;
952}
953
954
955/**
956 * Send a transfer request to the async I/O thread.
957 *
958 * @param s Pointer to the ATA device state data.
959 * @param cbTotalTransfer Data transfer size.
960 * @param uTxDir Data transfer direction.
961 * @param iBeginTransfer Index of BeginTransfer callback.
962 * @param iSourceSink Index of SourceSink callback.
963 * @param fChainedTransfer Whether this is a transfer that is part of the previous command/transfer.
964 */
965static void ataR3StartTransfer(ATADevState *s, uint32_t cbTotalTransfer, uint8_t uTxDir, ATAFNBT iBeginTransfer,
966 ATAFNSS iSourceSink, bool fChainedTransfer)
967{
968 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
969 ATARequest Req;
970
971 Assert(PDMCritSectIsOwner(&pCtl->lock));
972
973 /* Do not issue new requests while the RESET line is asserted. */
974 if (pCtl->fReset)
975 {
976 Log2(("%s: Ctl#%d: suppressed new request as RESET is active\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
977 return;
978 }
979
980 /* If the controller is already doing something else right now, ignore
981 * the command that is being submitted. Some broken guests issue commands
982 * twice (e.g. the Linux kernel that comes with Acronis True Image 8). */
983 if (!fChainedTransfer && !ataR3AsyncIOIsIdle(pCtl, true /*fStrict*/))
984 {
985 Log(("%s: Ctl#%d: ignored command %#04x, controller state %d\n",
986 __FUNCTION__, ATACONTROLLER_IDX(pCtl), s->uATARegCommand, pCtl->uAsyncIOState));
987 LogRel(("PIIX3 IDE: guest issued command %#04x while controller busy\n", s->uATARegCommand));
988 return;
989 }
990
991 Req.ReqType = ATA_AIO_NEW;
992 if (fChainedTransfer)
993 Req.u.t.iIf = pCtl->iAIOIf;
994 else
995 Req.u.t.iIf = pCtl->iSelectedIf;
996 Req.u.t.cbTotalTransfer = cbTotalTransfer;
997 Req.u.t.uTxDir = uTxDir;
998 Req.u.t.iBeginTransfer = iBeginTransfer;
999 Req.u.t.iSourceSink = iSourceSink;
1000 ataSetStatusValue(s, ATA_STAT_BUSY);
1001 pCtl->fChainedTransfer = fChainedTransfer;
1002
1003 /*
1004 * Kick the worker thread into action.
1005 */
1006 Log2(("%s: Ctl#%d: message to async I/O thread, new request\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
1007 ataHCAsyncIOPutRequest(pCtl, &Req);
1008}
1009
1010
1011/**
1012 * Send an abort command request to the async I/O thread.
1013 *
1014 * @param s Pointer to the ATA device state data.
1015 * @param fResetDrive Whether to reset the drive or just abort a command.
1016 */
1017static void ataR3AbortCurrentCommand(ATADevState *s, bool fResetDrive)
1018{
1019 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1020 ATARequest Req;
1021
1022 Assert(PDMCritSectIsOwner(&pCtl->lock));
1023
1024 /* Do not issue new requests while the RESET line is asserted. */
1025 if (pCtl->fReset)
1026 {
1027 Log2(("%s: Ctl#%d: suppressed aborting command as RESET is active\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
1028 return;
1029 }
1030
1031 Req.ReqType = ATA_AIO_ABORT;
1032 Req.u.a.iIf = pCtl->iSelectedIf;
1033 Req.u.a.fResetDrive = fResetDrive;
1034 ataSetStatus(s, ATA_STAT_BUSY);
1035 Log2(("%s: Ctl#%d: message to async I/O thread, abort command on LUN#%d\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl), s->iLUN));
1036 ataHCAsyncIOPutRequest(pCtl, &Req);
1037}
1038# endif /* IN_RING3 */
1039
1040static void ataHCSetIRQ(ATADevState *s)
1041{
1042 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1043 PPDMDEVINS pDevIns = ATADEVSTATE_2_DEVINS(s);
1044
1045 if (!(s->uATARegDevCtl & ATA_DEVCTL_DISABLE_IRQ))
1046 {
1047 Log2(("%s: LUN#%d asserting IRQ\n", __FUNCTION__, s->iLUN));
1048 /* The BMDMA unit unconditionally sets BM_STATUS_INT if the interrupt
1049 * line is asserted. It monitors the line for a rising edge. */
1050 if (!s->fIrqPending)
1051 pCtl->BmDma.u8Status |= BM_STATUS_INT;
1052 /* Only actually set the IRQ line if updating the currently selected drive. */
1053 if (s == &pCtl->aIfs[pCtl->iSelectedIf])
1054 {
1055 /** @todo experiment with adaptive IRQ delivery: for reads it is
1056 * better to wait for IRQ delivery, as it reduces latency. */
1057 if (pCtl->irq == 16)
1058 PDMDevHlpPCISetIrq(pDevIns, 0, 1);
1059 else
1060 PDMDevHlpISASetIrq(pDevIns, pCtl->irq, 1);
1061 }
1062 }
1063 s->fIrqPending = true;
1064}
1065
1066#endif /* IN_RING0 || IN_RING3 */
1067
1068static void ataUnsetIRQ(ATADevState *s)
1069{
1070 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1071 PPDMDEVINS pDevIns = ATADEVSTATE_2_DEVINS(s);
1072
1073 if (!(s->uATARegDevCtl & ATA_DEVCTL_DISABLE_IRQ))
1074 {
1075 Log2(("%s: LUN#%d deasserting IRQ\n", __FUNCTION__, s->iLUN));
1076 /* Only actually unset the IRQ line if updating the currently selected drive. */
1077 if (s == &pCtl->aIfs[pCtl->iSelectedIf])
1078 {
1079 if (pCtl->irq == 16)
1080 PDMDevHlpPCISetIrq(pDevIns, 0, 0);
1081 else
1082 PDMDevHlpISASetIrq(pDevIns, pCtl->irq, 0);
1083 }
1084 }
1085 s->fIrqPending = false;
1086}
1087
1088#if defined(IN_RING0) || defined(IN_RING3)
1089
1090static void ataHCPIOTransferStart(ATADevState *s, uint32_t start, uint32_t size)
1091{
1092 Log2(("%s: LUN#%d start %d size %d\n", __FUNCTION__, s->iLUN, start, size));
1093 s->iIOBufferPIODataStart = start;
1094 s->iIOBufferPIODataEnd = start + size;
1095 ataSetStatus(s, ATA_STAT_DRQ | ATA_STAT_SEEK);
1096 ataUnsetStatus(s, ATA_STAT_BUSY);
1097}
1098
1099
1100static void ataHCPIOTransferStop(ATADevState *s)
1101{
1102 Log2(("%s: LUN#%d\n", __FUNCTION__, s->iLUN));
1103 if (s->fATAPITransfer)
1104 {
1105 s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1106 Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
1107 ataHCSetIRQ(s);
1108 s->fATAPITransfer = false;
1109 }
1110 s->cbTotalTransfer = 0;
1111 s->cbElementaryTransfer = 0;
1112 s->iIOBufferPIODataStart = 0;
1113 s->iIOBufferPIODataEnd = 0;
1114 s->iBeginTransfer = ATAFN_BT_NULL;
1115 s->iSourceSink = ATAFN_SS_NULL;
1116}
1117
1118
1119static void ataHCPIOTransferLimitATAPI(ATADevState *s)
1120{
1121 uint32_t cbLimit, cbTransfer;
1122
1123 cbLimit = s->cbPIOTransferLimit;
1124 /* Use maximum transfer size if the guest requested 0. Avoids a hang. */
1125 if (cbLimit == 0)
1126 cbLimit = 0xfffe;
1127 Log2(("%s: byte count limit=%d\n", __FUNCTION__, cbLimit));
1128 if (cbLimit == 0xffff)
1129 cbLimit--;
1130 cbTransfer = RT_MIN(s->cbTotalTransfer, s->iIOBufferEnd - s->iIOBufferCur);
1131 if (cbTransfer > cbLimit)
1132 {
1133 /* Byte count limit for clipping must be even in this case */
1134 if (cbLimit & 1)
1135 cbLimit--;
1136 cbTransfer = cbLimit;
1137 }
1138 s->uATARegLCyl = cbTransfer;
1139 s->uATARegHCyl = cbTransfer >> 8;
1140 s->cbElementaryTransfer = cbTransfer;
1141}
1142
1143# ifdef IN_RING3
1144
1145/**
1146 * Enters the lock protecting the controller data against concurrent access.
1147 *
1148 * @returns nothing.
1149 * @param pCtl The controller to lock.
1150 */
1151DECLINLINE(void) ataR3LockEnter(PATACONTROLLER pCtl)
1152{
1153 STAM_PROFILE_START(&pCtl->StatLockWait, a);
1154 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
1155 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
1156}
1157
1158/**
1159 * Leaves the lock protecting the controller against concurrent data access.
1160 *
1161 * @returns nothing.
1162 * @param pCtl The controller to unlock.
1163 */
1164DECLINLINE(void) ataR3LockLeave(PATACONTROLLER pCtl)
1165{
1166 PDMCritSectLeave(&pCtl->lock);
1167}
1168
1169static uint32_t ataR3GetNSectors(ATADevState *s)
1170{
1171 /* 0 means either 256 (LBA28) or 65536 (LBA48) sectors. */
1172 if (s->fLBA48)
1173 {
1174 if (!s->uATARegNSector && !s->uATARegNSectorHOB)
1175 return 65536;
1176 else
1177 return s->uATARegNSectorHOB << 8 | s->uATARegNSector;
1178 }
1179 else
1180 {
1181 if (!s->uATARegNSector)
1182 return 256;
1183 else
1184 return s->uATARegNSector;
1185 }
1186}
1187
1188
1189static void ataR3PadString(uint8_t *pbDst, const char *pbSrc, uint32_t cbSize)
1190{
1191 for (uint32_t i = 0; i < cbSize; i++)
1192 {
1193 if (*pbSrc)
1194 pbDst[i ^ 1] = *pbSrc++;
1195 else
1196 pbDst[i ^ 1] = ' ';
1197 }
1198}
1199
1200
1201#if 0 /* unused */
1202/**
1203 * Compares two MSF values.
1204 *
1205 * @returns 1 if the first value is greater than the second value.
1206 * 0 if both are equal
1207 * -1 if the first value is smaller than the second value.
1208 */
1209DECLINLINE(int) atapiCmpMSF(const uint8_t *pbMSF1, const uint8_t *pbMSF2)
1210{
1211 int iRes = 0;
1212
1213 for (unsigned i = 0; i < 3; i++)
1214 {
1215 if (pbMSF1[i] < pbMSF2[i])
1216 {
1217 iRes = -1;
1218 break;
1219 }
1220 else if (pbMSF1[i] > pbMSF2[i])
1221 {
1222 iRes = 1;
1223 break;
1224 }
1225 }
1226
1227 return iRes;
1228}
1229#endif /* unused */
1230
1231static void ataR3CmdOK(ATADevState *s, uint8_t status)
1232{
1233 s->uATARegError = 0; /* Not needed by ATA spec, but cannot hurt. */
1234 ataSetStatusValue(s, ATA_STAT_READY | status);
1235}
1236
1237
1238static void ataR3CmdError(ATADevState *s, uint8_t uErrorCode)
1239{
1240 Log(("%s: code=%#x\n", __FUNCTION__, uErrorCode));
1241 Assert(uErrorCode);
1242 s->uATARegError = uErrorCode;
1243 ataSetStatusValue(s, ATA_STAT_READY | ATA_STAT_ERR);
1244 s->cbTotalTransfer = 0;
1245 s->cbElementaryTransfer = 0;
1246 s->iIOBufferCur = 0;
1247 s->iIOBufferEnd = 0;
1248 s->uTxDir = PDMMEDIATXDIR_NONE;
1249 s->iBeginTransfer = ATAFN_BT_NULL;
1250 s->iSourceSink = ATAFN_SS_NULL;
1251}
1252
1253static uint32_t ataR3Checksum(void* ptr, size_t count)
1254{
1255 uint8_t u8Sum = 0xa5, *p = (uint8_t*)ptr;
1256 size_t i;
1257
1258 for (i = 0; i < count; i++)
1259 {
1260 u8Sum += *p++;
1261 }
1262
1263 return (uint8_t)-(int32_t)u8Sum;
1264}
1265
1266static bool ataR3IdentifySS(ATADevState *s)
1267{
1268 uint16_t *p;
1269
1270 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
1271 Assert(s->cbElementaryTransfer == 512);
1272
1273 p = (uint16_t *)s->CTX_SUFF(pbIOBuffer);
1274 memset(p, 0, 512);
1275 p[0] = RT_H2LE_U16(0x0040);
1276 p[1] = RT_H2LE_U16(RT_MIN(s->PCHSGeometry.cCylinders, 16383));
1277 p[3] = RT_H2LE_U16(s->PCHSGeometry.cHeads);
1278 /* Block size; obsolete, but required for the BIOS. */
1279 p[5] = RT_H2LE_U16(s->cbSector);
1280 p[6] = RT_H2LE_U16(s->PCHSGeometry.cSectors);
1281 ataR3PadString((uint8_t *)(p + 10), s->szSerialNumber, ATA_SERIAL_NUMBER_LENGTH); /* serial number */
1282 p[20] = RT_H2LE_U16(3); /* XXX: retired, cache type */
1283 p[21] = RT_H2LE_U16(512); /* XXX: retired, cache size in sectors */
1284 p[22] = RT_H2LE_U16(0); /* ECC bytes per sector */
1285 ataR3PadString((uint8_t *)(p + 23), s->szFirmwareRevision, ATA_FIRMWARE_REVISION_LENGTH); /* firmware version */
1286 ataR3PadString((uint8_t *)(p + 27), s->szModelNumber, ATA_MODEL_NUMBER_LENGTH); /* model */
1287# if ATA_MAX_MULT_SECTORS > 1
1288 p[47] = RT_H2LE_U16(0x8000 | ATA_MAX_MULT_SECTORS);
1289# endif
1290 p[48] = RT_H2LE_U16(1); /* dword I/O, used by the BIOS */
1291 p[49] = RT_H2LE_U16(1 << 11 | 1 << 9 | 1 << 8); /* DMA and LBA supported */
1292 p[50] = RT_H2LE_U16(1 << 14); /* No drive specific standby timer minimum */
1293 p[51] = RT_H2LE_U16(240); /* PIO transfer cycle */
1294 p[52] = RT_H2LE_U16(240); /* DMA transfer cycle */
1295 p[53] = RT_H2LE_U16(1 | 1 << 1 | 1 << 2); /* words 54-58,64-70,88 valid */
1296 p[54] = RT_H2LE_U16(RT_MIN(s->PCHSGeometry.cCylinders, 16383));
1297 p[55] = RT_H2LE_U16(s->PCHSGeometry.cHeads);
1298 p[56] = RT_H2LE_U16(s->PCHSGeometry.cSectors);
1299 p[57] = RT_H2LE_U16( RT_MIN(s->PCHSGeometry.cCylinders, 16383)
1300 * s->PCHSGeometry.cHeads
1301 * s->PCHSGeometry.cSectors);
1302 p[58] = RT_H2LE_U16( RT_MIN(s->PCHSGeometry.cCylinders, 16383)
1303 * s->PCHSGeometry.cHeads
1304 * s->PCHSGeometry.cSectors >> 16);
1305 if (s->cMultSectors)
1306 p[59] = RT_H2LE_U16(0x100 | s->cMultSectors);
1307 if (s->cTotalSectors <= (1 << 28) - 1)
1308 {
1309 p[60] = RT_H2LE_U16(s->cTotalSectors);
1310 p[61] = RT_H2LE_U16(s->cTotalSectors >> 16);
1311 }
1312 else
1313 {
1314 /* Report maximum number of sectors possible with LBA28 */
1315 p[60] = RT_H2LE_U16(((1 << 28) - 1) & 0xffff);
1316 p[61] = RT_H2LE_U16(((1 << 28) - 1) >> 16);
1317 }
1318 p[63] = RT_H2LE_U16(ATA_TRANSFER_ID(ATA_MODE_MDMA, ATA_MDMA_MODE_MAX, s->uATATransferMode)); /* MDMA modes supported / mode enabled */
1319 p[64] = RT_H2LE_U16(ATA_PIO_MODE_MAX > 2 ? (1 << (ATA_PIO_MODE_MAX - 2)) - 1 : 0); /* PIO modes beyond PIO2 supported */
1320 p[65] = RT_H2LE_U16(120); /* minimum DMA multiword tx cycle time */
1321 p[66] = RT_H2LE_U16(120); /* recommended DMA multiword tx cycle time */
1322 p[67] = RT_H2LE_U16(120); /* minimum PIO cycle time without flow control */
1323 p[68] = RT_H2LE_U16(120); /* minimum PIO cycle time with IORDY flow control */
1324 if ( s->pDrvMedia->pfnDiscard
1325 || s->cbSector != 512
1326 || s->pDrvMedia->pfnIsNonRotational(s->pDrvMedia))
1327 {
1328 p[80] = RT_H2LE_U16(0x1f0); /* support everything up to ATA/ATAPI-8 ACS */
1329 p[81] = RT_H2LE_U16(0x28); /* conforms to ATA/ATAPI-8 ACS */
1330 }
1331 else
1332 {
1333 p[80] = RT_H2LE_U16(0x7e); /* support everything up to ATA/ATAPI-6 */
1334 p[81] = RT_H2LE_U16(0x22); /* conforms to ATA/ATAPI-6 */
1335 }
1336 p[82] = RT_H2LE_U16(1 << 3 | 1 << 5 | 1 << 6); /* supports power management, write cache and look-ahead */
1337 if (s->cTotalSectors <= (1 << 28) - 1)
1338 p[83] = RT_H2LE_U16(1 << 14 | 1 << 12); /* supports FLUSH CACHE */
1339 else
1340 p[83] = RT_H2LE_U16(1 << 14 | 1 << 10 | 1 << 12 | 1 << 13); /* supports LBA48, FLUSH CACHE and FLUSH CACHE EXT */
1341 p[84] = RT_H2LE_U16(1 << 14);
1342 p[85] = RT_H2LE_U16(1 << 3 | 1 << 5 | 1 << 6); /* enabled power management, write cache and look-ahead */
1343 if (s->cTotalSectors <= (1 << 28) - 1)
1344 p[86] = RT_H2LE_U16(1 << 12); /* enabled FLUSH CACHE */
1345 else
1346 p[86] = RT_H2LE_U16(1 << 10 | 1 << 12 | 1 << 13); /* enabled LBA48, FLUSH CACHE and FLUSH CACHE EXT */
1347 p[87] = RT_H2LE_U16(1 << 14);
1348 p[88] = RT_H2LE_U16(ATA_TRANSFER_ID(ATA_MODE_UDMA, ATA_UDMA_MODE_MAX, s->uATATransferMode)); /* UDMA modes supported / mode enabled */
1349 p[93] = RT_H2LE_U16((1 | 1 << 1) << ((s->iLUN & 1) == 0 ? 0 : 8) | 1 << 13 | 1 << 14);
1350 if (s->cTotalSectors > (1 << 28) - 1)
1351 {
1352 p[100] = RT_H2LE_U16(s->cTotalSectors);
1353 p[101] = RT_H2LE_U16(s->cTotalSectors >> 16);
1354 p[102] = RT_H2LE_U16(s->cTotalSectors >> 32);
1355 p[103] = RT_H2LE_U16(s->cTotalSectors >> 48);
1356 }
1357
1358 if (s->cbSector != 512)
1359 {
1360 uint32_t cSectorSizeInWords = s->cbSector / sizeof(uint16_t);
1361 /* Enable reporting of logical sector size. */
1362 p[106] |= RT_H2LE_U16(RT_BIT(12) | RT_BIT(14));
1363 p[117] = RT_H2LE_U16(cSectorSizeInWords);
1364 p[118] = RT_H2LE_U16(cSectorSizeInWords >> 16);
1365 }
1366
1367 if (s->pDrvMedia->pfnDiscard) /** @todo Set bit 14 in word 69 too? (Deterministic read after TRIM). */
1368 p[169] = RT_H2LE_U16(1); /* DATA SET MANAGEMENT command supported. */
1369 if (s->pDrvMedia->pfnIsNonRotational(s->pDrvMedia))
1370 p[217] = RT_H2LE_U16(1); /* Non-rotational medium */
1371 uint32_t uCsum = ataR3Checksum(p, 510);
1372 p[255] = RT_H2LE_U16(0xa5 | (uCsum << 8)); /* Integrity word */
1373 s->iSourceSink = ATAFN_SS_NULL;
1374 ataR3CmdOK(s, ATA_STAT_SEEK);
1375 return false;
1376}
1377
1378
1379static bool ataR3FlushSS(ATADevState *s)
1380{
1381 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1382 int rc;
1383
1384 Assert(s->uTxDir == PDMMEDIATXDIR_NONE);
1385 Assert(!s->cbElementaryTransfer);
1386
1387 ataR3LockLeave(pCtl);
1388
1389 STAM_PROFILE_START(&s->StatFlushes, f);
1390 rc = s->pDrvMedia->pfnFlush(s->pDrvMedia);
1391 AssertRC(rc);
1392 STAM_PROFILE_STOP(&s->StatFlushes, f);
1393
1394 ataR3LockEnter(pCtl);
1395 ataR3CmdOK(s, 0);
1396 return false;
1397}
1398
1399static bool atapiR3IdentifySS(ATADevState *s)
1400{
1401 uint16_t *p;
1402
1403 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
1404 Assert(s->cbElementaryTransfer == 512);
1405
1406 p = (uint16_t *)s->CTX_SUFF(pbIOBuffer);
1407 memset(p, 0, 512);
1408 /* Removable CDROM, 3ms response, 12 byte packets */
1409 p[0] = RT_H2LE_U16(2 << 14 | 5 << 8 | 1 << 7 | 0 << 5 | 0 << 0);
1410 ataR3PadString((uint8_t *)(p + 10), s->szSerialNumber, ATA_SERIAL_NUMBER_LENGTH); /* serial number */
1411 p[20] = RT_H2LE_U16(3); /* XXX: retired, cache type */
1412 p[21] = RT_H2LE_U16(512); /* XXX: retired, cache size in sectors */
1413 ataR3PadString((uint8_t *)(p + 23), s->szFirmwareRevision, ATA_FIRMWARE_REVISION_LENGTH); /* firmware version */
1414 ataR3PadString((uint8_t *)(p + 27), s->szModelNumber, ATA_MODEL_NUMBER_LENGTH); /* model */
1415 p[49] = RT_H2LE_U16(1 << 11 | 1 << 9 | 1 << 8); /* DMA and LBA supported */
1416 p[50] = RT_H2LE_U16(1 << 14); /* No drive specific standby timer minimum */
1417 p[51] = RT_H2LE_U16(240); /* PIO transfer cycle */
1418 p[52] = RT_H2LE_U16(240); /* DMA transfer cycle */
1419 p[53] = RT_H2LE_U16(1 << 1 | 1 << 2); /* words 64-70,88 are valid */
1420 p[63] = RT_H2LE_U16(ATA_TRANSFER_ID(ATA_MODE_MDMA, ATA_MDMA_MODE_MAX, s->uATATransferMode)); /* MDMA modes supported / mode enabled */
1421 p[64] = RT_H2LE_U16(ATA_PIO_MODE_MAX > 2 ? (1 << (ATA_PIO_MODE_MAX - 2)) - 1 : 0); /* PIO modes beyond PIO2 supported */
1422 p[65] = RT_H2LE_U16(120); /* minimum DMA multiword tx cycle time */
1423 p[66] = RT_H2LE_U16(120); /* recommended DMA multiword tx cycle time */
1424 p[67] = RT_H2LE_U16(120); /* minimum PIO cycle time without flow control */
1425 p[68] = RT_H2LE_U16(120); /* minimum PIO cycle time with IORDY flow control */
1426 p[73] = RT_H2LE_U16(0x003e); /* ATAPI CDROM major */
1427 p[74] = RT_H2LE_U16(9); /* ATAPI CDROM minor */
1428 p[75] = RT_H2LE_U16(1); /* queue depth 1 */
1429 p[80] = RT_H2LE_U16(0x7e); /* support everything up to ATA/ATAPI-6 */
1430 p[81] = RT_H2LE_U16(0x22); /* conforms to ATA/ATAPI-6 */
1431 p[82] = RT_H2LE_U16(1 << 4 | 1 << 9); /* supports packet command set and DEVICE RESET */
1432 p[83] = RT_H2LE_U16(1 << 14);
1433 p[84] = RT_H2LE_U16(1 << 14);
1434 p[85] = RT_H2LE_U16(1 << 4 | 1 << 9); /* enabled packet command set and DEVICE RESET */
1435 p[86] = RT_H2LE_U16(0);
1436 p[87] = RT_H2LE_U16(1 << 14);
1437 p[88] = RT_H2LE_U16(ATA_TRANSFER_ID(ATA_MODE_UDMA, ATA_UDMA_MODE_MAX, s->uATATransferMode)); /* UDMA modes supported / mode enabled */
1438 p[93] = RT_H2LE_U16((1 | 1 << 1) << ((s->iLUN & 1) == 0 ? 0 : 8) | 1 << 13 | 1 << 14);
1439 /* According to ATAPI-5 spec:
1440 *
1441 * The use of this word is optional.
1442 * If bits 7:0 of this word contain the signature A5h, bits 15:8
1443 * contain the data
1444 * structure checksum.
1445 * The data structure checksum is the twos complement of the sum of
1446 * all bytes in words 0 through 254 and the byte consisting of
1447 * bits 7:0 in word 255.
1448 * Each byte shall be added with unsigned arithmetic,
1449 * and overflow shall be ignored.
1450 * The sum of all 512 bytes is zero when the checksum is correct.
1451 */
1452 uint32_t uCsum = ataR3Checksum(p, 510);
1453 p[255] = RT_H2LE_U16(0xa5 | (uCsum << 8)); /* Integrity word */
1454
1455 s->iSourceSink = ATAFN_SS_NULL;
1456 ataR3CmdOK(s, ATA_STAT_SEEK);
1457 return false;
1458}
1459
1460
1461static void ataR3SetSignature(ATADevState *s)
1462{
1463 s->uATARegSelect &= 0xf0; /* clear head */
1464 /* put signature */
1465 s->uATARegNSector = 1;
1466 s->uATARegSector = 1;
1467 if (s->fATAPI)
1468 {
1469 s->uATARegLCyl = 0x14;
1470 s->uATARegHCyl = 0xeb;
1471 }
1472 else if (s->pDrvMedia)
1473 {
1474 s->uATARegLCyl = 0;
1475 s->uATARegHCyl = 0;
1476 }
1477 else
1478 {
1479 s->uATARegLCyl = 0xff;
1480 s->uATARegHCyl = 0xff;
1481 }
1482}
1483
1484
1485static uint64_t ataR3GetSector(ATADevState *s)
1486{
1487 uint64_t iLBA;
1488 if (s->uATARegSelect & 0x40)
1489 {
1490 /* any LBA variant */
1491 if (s->fLBA48)
1492 {
1493 /* LBA48 */
1494 iLBA = ((uint64_t)s->uATARegHCylHOB << 40) |
1495 ((uint64_t)s->uATARegLCylHOB << 32) |
1496 ((uint64_t)s->uATARegSectorHOB << 24) |
1497 ((uint64_t)s->uATARegHCyl << 16) |
1498 ((uint64_t)s->uATARegLCyl << 8) |
1499 s->uATARegSector;
1500 }
1501 else
1502 {
1503 /* LBA */
1504 iLBA = ((s->uATARegSelect & 0x0f) << 24) | (s->uATARegHCyl << 16) |
1505 (s->uATARegLCyl << 8) | s->uATARegSector;
1506 }
1507 }
1508 else
1509 {
1510 /* CHS */
1511 iLBA = ((s->uATARegHCyl << 8) | s->uATARegLCyl) * s->PCHSGeometry.cHeads * s->PCHSGeometry.cSectors +
1512 (s->uATARegSelect & 0x0f) * s->PCHSGeometry.cSectors +
1513 (s->uATARegSector - 1);
1514 }
1515 return iLBA;
1516}
1517
1518static void ataR3SetSector(ATADevState *s, uint64_t iLBA)
1519{
1520 uint32_t cyl, r;
1521 if (s->uATARegSelect & 0x40)
1522 {
1523 /* any LBA variant */
1524 if (s->fLBA48)
1525 {
1526 /* LBA48 */
1527 s->uATARegHCylHOB = iLBA >> 40;
1528 s->uATARegLCylHOB = iLBA >> 32;
1529 s->uATARegSectorHOB = iLBA >> 24;
1530 s->uATARegHCyl = iLBA >> 16;
1531 s->uATARegLCyl = iLBA >> 8;
1532 s->uATARegSector = iLBA;
1533 }
1534 else
1535 {
1536 /* LBA */
1537 s->uATARegSelect = (s->uATARegSelect & 0xf0) | (iLBA >> 24);
1538 s->uATARegHCyl = (iLBA >> 16);
1539 s->uATARegLCyl = (iLBA >> 8);
1540 s->uATARegSector = (iLBA);
1541 }
1542 }
1543 else
1544 {
1545 /* CHS */
1546 cyl = iLBA / (s->PCHSGeometry.cHeads * s->PCHSGeometry.cSectors);
1547 r = iLBA % (s->PCHSGeometry.cHeads * s->PCHSGeometry.cSectors);
1548 s->uATARegHCyl = cyl >> 8;
1549 s->uATARegLCyl = cyl;
1550 s->uATARegSelect = (s->uATARegSelect & 0xf0) | ((r / s->PCHSGeometry.cSectors) & 0x0f);
1551 s->uATARegSector = (r % s->PCHSGeometry.cSectors) + 1;
1552 }
1553}
1554
1555
1556static void ataR3WarningDiskFull(PPDMDEVINS pDevIns)
1557{
1558 int rc;
1559 LogRel(("PIIX3 ATA: Host disk full\n"));
1560 rc = PDMDevHlpVMSetRuntimeError(pDevIns, VMSETRTERR_FLAGS_SUSPEND | VMSETRTERR_FLAGS_NO_WAIT, "DevATA_DISKFULL",
1561 N_("Host system reported disk full. VM execution is suspended. You can resume after freeing some space"));
1562 AssertRC(rc);
1563}
1564
1565static void ataR3WarningFileTooBig(PPDMDEVINS pDevIns)
1566{
1567 int rc;
1568 LogRel(("PIIX3 ATA: File too big\n"));
1569 rc = PDMDevHlpVMSetRuntimeError(pDevIns, VMSETRTERR_FLAGS_SUSPEND | VMSETRTERR_FLAGS_NO_WAIT, "DevATA_FILETOOBIG",
1570 N_("Host system reported that the file size limit of the host file system has been exceeded. VM execution is suspended. You need to move your virtual hard disk to a filesystem which allows bigger files"));
1571 AssertRC(rc);
1572}
1573
1574static void ataR3WarningISCSI(PPDMDEVINS pDevIns)
1575{
1576 int rc;
1577 LogRel(("PIIX3 ATA: iSCSI target unavailable\n"));
1578 rc = PDMDevHlpVMSetRuntimeError(pDevIns, VMSETRTERR_FLAGS_SUSPEND | VMSETRTERR_FLAGS_NO_WAIT, "DevATA_ISCSIDOWN",
1579 N_("The iSCSI target has stopped responding. VM execution is suspended. You can resume when it is available again"));
1580 AssertRC(rc);
1581}
1582
1583static bool ataR3IsRedoSetWarning(ATADevState *s, int rc)
1584{
1585 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1586 Assert(!PDMCritSectIsOwner(&pCtl->lock));
1587 if (rc == VERR_DISK_FULL)
1588 {
1589 pCtl->fRedoIdle = true;
1590 ataR3WarningDiskFull(ATADEVSTATE_2_DEVINS(s));
1591 return true;
1592 }
1593 if (rc == VERR_FILE_TOO_BIG)
1594 {
1595 pCtl->fRedoIdle = true;
1596 ataR3WarningFileTooBig(ATADEVSTATE_2_DEVINS(s));
1597 return true;
1598 }
1599 if (rc == VERR_BROKEN_PIPE || rc == VERR_NET_CONNECTION_REFUSED)
1600 {
1601 pCtl->fRedoIdle = true;
1602 /* iSCSI connection abort (first error) or failure to reestablish
1603 * connection (second error). Pause VM. On resume we'll retry. */
1604 ataR3WarningISCSI(ATADEVSTATE_2_DEVINS(s));
1605 return true;
1606 }
1607 if (rc == VERR_VD_DEK_MISSING)
1608 {
1609 /* Error message already set. */
1610 pCtl->fRedoIdle = true;
1611 return true;
1612 }
1613
1614 return false;
1615}
1616
1617
1618static int ataR3ReadSectors(ATADevState *s, uint64_t u64Sector, void *pvBuf,
1619 uint32_t cSectors, bool *pfRedo)
1620{
1621 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1622 int rc;
1623
1624 ataR3LockLeave(pCtl);
1625
1626 STAM_PROFILE_ADV_START(&s->StatReads, r);
1627 s->Led.Asserted.s.fReading = s->Led.Actual.s.fReading = 1;
1628 rc = s->pDrvMedia->pfnRead(s->pDrvMedia, u64Sector * s->cbSector, pvBuf, cSectors * s->cbSector);
1629 s->Led.Actual.s.fReading = 0;
1630 STAM_PROFILE_ADV_STOP(&s->StatReads, r);
1631 Log4(("ataR3ReadSectors: rc=%Rrc cSectors=%#x u64Sector=%llu\n%.*Rhxd\n",
1632 rc, cSectors, u64Sector, cSectors * s->cbSector, pvBuf));
1633
1634 STAM_REL_COUNTER_ADD(&s->StatBytesRead, cSectors * s->cbSector);
1635
1636 if (RT_SUCCESS(rc))
1637 *pfRedo = false;
1638 else
1639 *pfRedo = ataR3IsRedoSetWarning(s, rc);
1640
1641 ataR3LockEnter(pCtl);
1642 return rc;
1643}
1644
1645
1646static int ataR3WriteSectors(ATADevState *s, uint64_t u64Sector,
1647 const void *pvBuf, uint32_t cSectors, bool *pfRedo)
1648{
1649 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1650 int rc;
1651
1652 ataR3LockLeave(pCtl);
1653
1654 STAM_PROFILE_ADV_START(&s->StatWrites, w);
1655 s->Led.Asserted.s.fWriting = s->Led.Actual.s.fWriting = 1;
1656# ifdef VBOX_INSTRUMENT_DMA_WRITES
1657 if (s->fDMA)
1658 STAM_PROFILE_ADV_START(&s->StatInstrVDWrites, vw);
1659# endif
1660 rc = s->pDrvMedia->pfnWrite(s->pDrvMedia, u64Sector * s->cbSector, pvBuf, cSectors * s->cbSector);
1661# ifdef VBOX_INSTRUMENT_DMA_WRITES
1662 if (s->fDMA)
1663 STAM_PROFILE_ADV_STOP(&s->StatInstrVDWrites, vw);
1664# endif
1665 s->Led.Actual.s.fWriting = 0;
1666 STAM_PROFILE_ADV_STOP(&s->StatWrites, w);
1667 Log4(("ataR3WriteSectors: rc=%Rrc cSectors=%#x u64Sector=%llu\n%.*Rhxd\n",
1668 rc, cSectors, u64Sector, cSectors * s->cbSector, pvBuf));
1669
1670 STAM_REL_COUNTER_ADD(&s->StatBytesWritten, cSectors * s->cbSector);
1671
1672 if (RT_SUCCESS(rc))
1673 *pfRedo = false;
1674 else
1675 *pfRedo = ataR3IsRedoSetWarning(s, rc);
1676
1677 ataR3LockEnter(pCtl);
1678 return rc;
1679}
1680
1681
1682static void ataR3ReadWriteSectorsBT(ATADevState *s)
1683{
1684 uint32_t cSectors;
1685
1686 cSectors = s->cbTotalTransfer / s->cbSector;
1687 if (cSectors > s->cSectorsPerIRQ)
1688 s->cbElementaryTransfer = s->cSectorsPerIRQ * s->cbSector;
1689 else
1690 s->cbElementaryTransfer = cSectors * s->cbSector;
1691 if (s->uTxDir == PDMMEDIATXDIR_TO_DEVICE)
1692 ataR3CmdOK(s, 0);
1693}
1694
1695
1696static bool ataR3ReadSectorsSS(ATADevState *s)
1697{
1698 int rc;
1699 uint32_t cSectors;
1700 uint64_t iLBA;
1701 bool fRedo;
1702
1703 cSectors = s->cbElementaryTransfer / s->cbSector;
1704 Assert(cSectors);
1705 iLBA = ataR3GetSector(s);
1706 Log(("%s: %d sectors at LBA %d\n", __FUNCTION__, cSectors, iLBA));
1707 rc = ataR3ReadSectors(s, iLBA, s->CTX_SUFF(pbIOBuffer), cSectors, &fRedo);
1708 if (RT_SUCCESS(rc))
1709 {
1710 ataR3SetSector(s, iLBA + cSectors);
1711 if (s->cbElementaryTransfer == s->cbTotalTransfer)
1712 s->iSourceSink = ATAFN_SS_NULL;
1713 ataR3CmdOK(s, ATA_STAT_SEEK);
1714 }
1715 else
1716 {
1717 if (fRedo)
1718 return fRedo;
1719 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
1720 LogRel(("PIIX3 ATA: LUN#%d: disk read error (rc=%Rrc iSector=%#RX64 cSectors=%#RX32)\n",
1721 s->iLUN, rc, iLBA, cSectors));
1722
1723 /*
1724 * Check if we got interrupted. We don't need to set status variables
1725 * because the request was aborted.
1726 */
1727 if (rc != VERR_INTERRUPTED)
1728 ataR3CmdError(s, ID_ERR);
1729 }
1730 return false;
1731}
1732
1733
1734static bool ataR3WriteSectorsSS(ATADevState *s)
1735{
1736 int rc;
1737 uint32_t cSectors;
1738 uint64_t iLBA;
1739 bool fRedo;
1740
1741 cSectors = s->cbElementaryTransfer / s->cbSector;
1742 Assert(cSectors);
1743 iLBA = ataR3GetSector(s);
1744 Log(("%s: %d sectors at LBA %d\n", __FUNCTION__, cSectors, iLBA));
1745 rc = ataR3WriteSectors(s, iLBA, s->CTX_SUFF(pbIOBuffer), cSectors, &fRedo);
1746 if (RT_SUCCESS(rc))
1747 {
1748 ataR3SetSector(s, iLBA + cSectors);
1749 if (!s->cbTotalTransfer)
1750 s->iSourceSink = ATAFN_SS_NULL;
1751 ataR3CmdOK(s, ATA_STAT_SEEK);
1752 }
1753 else
1754 {
1755 if (fRedo)
1756 return fRedo;
1757 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
1758 LogRel(("PIIX3 ATA: LUN#%d: disk write error (rc=%Rrc iSector=%#RX64 cSectors=%#RX32)\n",
1759 s->iLUN, rc, iLBA, cSectors));
1760
1761 /*
1762 * Check if we got interrupted. We don't need to set status variables
1763 * because the request was aborted.
1764 */
1765 if (rc != VERR_INTERRUPTED)
1766 ataR3CmdError(s, ID_ERR);
1767 }
1768 return false;
1769}
1770
1771
1772static void atapiR3CmdOK(ATADevState *s)
1773{
1774 s->uATARegError = 0;
1775 ataSetStatusValue(s, ATA_STAT_READY);
1776 s->uATARegNSector = (s->uATARegNSector & ~7)
1777 | ((s->uTxDir != PDMMEDIATXDIR_TO_DEVICE) ? ATAPI_INT_REASON_IO : 0)
1778 | (!s->cbTotalTransfer ? ATAPI_INT_REASON_CD : 0);
1779 Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
1780
1781 memset(s->abATAPISense, '\0', sizeof(s->abATAPISense));
1782 s->abATAPISense[0] = 0x70 | (1 << 7);
1783 s->abATAPISense[7] = 10;
1784}
1785
1786
1787static void atapiR3CmdError(ATADevState *s, const uint8_t *pabATAPISense, size_t cbATAPISense)
1788{
1789 Log(("%s: sense=%#x (%s) asc=%#x ascq=%#x (%s)\n", __FUNCTION__, pabATAPISense[2] & 0x0f, SCSISenseText(pabATAPISense[2] & 0x0f),
1790 pabATAPISense[12], pabATAPISense[13], SCSISenseExtText(pabATAPISense[12], pabATAPISense[13])));
1791 s->uATARegError = pabATAPISense[2] << 4;
1792 ataSetStatusValue(s, ATA_STAT_READY | ATA_STAT_ERR);
1793 s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1794 Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
1795 memset(s->abATAPISense, '\0', sizeof(s->abATAPISense));
1796 memcpy(s->abATAPISense, pabATAPISense, RT_MIN(cbATAPISense, sizeof(s->abATAPISense)));
1797 s->cbTotalTransfer = 0;
1798 s->cbElementaryTransfer = 0;
1799 s->cbAtapiPassthroughTransfer = 0;
1800 s->iIOBufferCur = 0;
1801 s->iIOBufferEnd = 0;
1802 s->uTxDir = PDMMEDIATXDIR_NONE;
1803 s->iBeginTransfer = ATAFN_BT_NULL;
1804 s->iSourceSink = ATAFN_SS_NULL;
1805}
1806
1807
1808/** @todo deprecated function - doesn't provide enough info. Replace by direct
1809 * calls to atapiR3CmdError() with full data. */
1810static void atapiR3CmdErrorSimple(ATADevState *s, uint8_t uATAPISenseKey, uint8_t uATAPIASC)
1811{
1812 uint8_t abATAPISense[ATAPI_SENSE_SIZE];
1813 memset(abATAPISense, '\0', sizeof(abATAPISense));
1814 abATAPISense[0] = 0x70 | (1 << 7);
1815 abATAPISense[2] = uATAPISenseKey & 0x0f;
1816 abATAPISense[7] = 10;
1817 abATAPISense[12] = uATAPIASC;
1818 atapiR3CmdError(s, abATAPISense, sizeof(abATAPISense));
1819}
1820
1821
1822static void atapiR3CmdBT(ATADevState *s)
1823{
1824 s->fATAPITransfer = true;
1825 s->cbElementaryTransfer = s->cbTotalTransfer;
1826 s->cbAtapiPassthroughTransfer = s->cbTotalTransfer;
1827 s->cbPIOTransferLimit = s->uATARegLCyl | (s->uATARegHCyl << 8);
1828 if (s->uTxDir == PDMMEDIATXDIR_TO_DEVICE)
1829 atapiR3CmdOK(s);
1830}
1831
1832
1833static void atapiR3PassthroughCmdBT(ATADevState *s)
1834{
1835 atapiR3CmdBT(s);
1836}
1837
1838static bool atapiR3ReadSS(ATADevState *s)
1839{
1840 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1841 int rc = VINF_SUCCESS;
1842 uint32_t cbTransfer, cSectors;
1843 uint64_t cbBlockRegion = 0;
1844
1845 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
1846 cbTransfer = RT_MIN(s->cbTotalTransfer, s->cbIOBuffer);
1847 cSectors = cbTransfer / s->cbATAPISector;
1848 Assert(cSectors * s->cbATAPISector <= cbTransfer);
1849 Log(("%s: %d sectors at LBA %d\n", __FUNCTION__, cSectors, s->iATAPILBA));
1850
1851 ataR3LockLeave(pCtl);
1852
1853 rc = s->pDrvMedia->pfnQueryRegionPropertiesForLba(s->pDrvMedia, s->iATAPILBA, NULL, NULL,
1854 &cbBlockRegion, NULL);
1855 if (RT_SUCCESS(rc))
1856 {
1857 STAM_PROFILE_ADV_START(&s->StatReads, r);
1858 s->Led.Asserted.s.fReading = s->Led.Actual.s.fReading = 1;
1859
1860 /* If the region block size and requested sector matches we can just pass the request through. */
1861 if (cbBlockRegion == s->cbATAPISector)
1862 rc = s->pDrvMedia->pfnRead(s->pDrvMedia, (uint64_t)s->iATAPILBA * s->cbATAPISector,
1863 s->CTX_SUFF(pbIOBuffer), s->cbATAPISector * cSectors);
1864 else
1865 {
1866 if (cbBlockRegion == 2048 && s->cbATAPISector == 2352)
1867 {
1868 /* Generate the sync bytes. */
1869 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
1870
1871 for (uint32_t i = s->iATAPILBA; i < s->iATAPILBA + cSectors; i++)
1872 {
1873 /* Sync bytes, see 4.2.3.8 CD Main Channel Block Formats */
1874 *pbBuf++ = 0x00;
1875 memset(pbBuf, 0xff, 10);
1876 pbBuf += 10;
1877 *pbBuf++ = 0x00;
1878 /* MSF */
1879 scsiLBA2MSF(pbBuf, i);
1880 pbBuf += 3;
1881 *pbBuf++ = 0x01; /* mode 1 data */
1882 /* data */
1883 rc = s->pDrvMedia->pfnRead(s->pDrvMedia, (uint64_t)i * 2048, pbBuf, 2048);
1884 if (RT_FAILURE(rc))
1885 break;
1886 pbBuf += 2048;
1887 /**
1888 * @todo: maybe compute ECC and parity, layout is:
1889 * 2072 4 EDC
1890 * 2076 172 P parity symbols
1891 * 2248 104 Q parity symbols
1892 */
1893 memset(pbBuf, 0, 280);
1894 pbBuf += 280;
1895 }
1896 }
1897 else if (cbBlockRegion == 2352 && s->cbATAPISector == 2048)
1898 {
1899 /* Read only the user data portion. */
1900 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
1901
1902 for (uint32_t i = s->iATAPILBA; i < s->iATAPILBA + cSectors; i++)
1903 {
1904 uint8_t abTmp[2352];
1905 rc = s->pDrvMedia->pfnRead(s->pDrvMedia, (uint64_t)i * 2352, &abTmp[0], 2352);
1906 if (RT_FAILURE(rc))
1907 break;
1908
1909 memcpy(pbBuf, &abTmp[16], 2048);
1910 pbBuf += 2048;
1911 }
1912 }
1913 }
1914 s->Led.Actual.s.fReading = 0;
1915 STAM_PROFILE_ADV_STOP(&s->StatReads, r);
1916 }
1917
1918 ataR3LockEnter(pCtl);
1919
1920 if (RT_SUCCESS(rc))
1921 {
1922 STAM_REL_COUNTER_ADD(&s->StatBytesRead, s->cbATAPISector * cSectors);
1923
1924 /* The initial buffer end value has been set up based on the total
1925 * transfer size. But the I/O buffer size limits what can actually be
1926 * done in one transfer, so set the actual value of the buffer end. */
1927 s->cbElementaryTransfer = cbTransfer;
1928 if (cbTransfer >= s->cbTotalTransfer)
1929 s->iSourceSink = ATAFN_SS_NULL;
1930 atapiR3CmdOK(s);
1931 s->iATAPILBA += cSectors;
1932 }
1933 else
1934 {
1935 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
1936 LogRel(("PIIX3 ATA: LUN#%d: CD-ROM read error, %d sectors at LBA %d\n", s->iLUN, cSectors, s->iATAPILBA));
1937
1938 /*
1939 * Check if we got interrupted. We don't need to set status variables
1940 * because the request was aborted.
1941 */
1942 if (rc != VERR_INTERRUPTED)
1943 atapiR3CmdErrorSimple(s, SCSI_SENSE_MEDIUM_ERROR, SCSI_ASC_READ_ERROR);
1944 }
1945 return false;
1946}
1947
1948/**
1949 * Sets the given media track type.
1950 */
1951static uint32_t ataR3MediumTypeSet(ATADevState *s, uint32_t MediaTrackType)
1952{
1953 return ASMAtomicXchgU32(&s->MediaTrackType, MediaTrackType);
1954}
1955
1956static bool atapiR3PassthroughSS(ATADevState *s)
1957{
1958 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1959 int rc = VINF_SUCCESS;
1960 uint8_t abATAPISense[ATAPI_SENSE_SIZE];
1961 uint32_t cbTransfer;
1962 PSTAMPROFILEADV pProf = NULL;
1963
1964 cbTransfer = RT_MIN(s->cbAtapiPassthroughTransfer, s->cbIOBuffer);
1965
1966 if (s->uTxDir == PDMMEDIATXDIR_TO_DEVICE)
1967 Log3(("ATAPI PT data write (%d): %.*Rhxs\n", cbTransfer, cbTransfer, s->CTX_SUFF(pbIOBuffer)));
1968
1969 /* Simple heuristics: if there is at least one sector of data
1970 * to transfer, it's worth updating the LEDs. */
1971 if (cbTransfer >= 2048)
1972 {
1973 if (s->uTxDir != PDMMEDIATXDIR_TO_DEVICE)
1974 {
1975 s->Led.Asserted.s.fReading = s->Led.Actual.s.fReading = 1;
1976 pProf = &s->StatReads;
1977 }
1978 else
1979 {
1980 s->Led.Asserted.s.fWriting = s->Led.Actual.s.fWriting = 1;
1981 pProf = &s->StatWrites;
1982 }
1983 }
1984
1985 ataR3LockLeave(pCtl);
1986
1987# if defined(LOG_ENABLED)
1988 char szBuf[1024];
1989
1990 memset(szBuf, 0, sizeof(szBuf));
1991
1992 switch (s->aATAPICmd[0])
1993 {
1994 case SCSI_MODE_SELECT_10:
1995 {
1996 size_t cbBlkDescLength = scsiBE2H_U16(&s->CTX_SUFF(pbIOBuffer)[6]);
1997
1998 SCSILogModePage(szBuf, sizeof(szBuf) - 1,
1999 s->CTX_SUFF(pbIOBuffer) + 8 + cbBlkDescLength,
2000 cbTransfer - 8 - cbBlkDescLength);
2001 break;
2002 }
2003 case SCSI_SEND_CUE_SHEET:
2004 {
2005 SCSILogCueSheet(szBuf, sizeof(szBuf) - 1,
2006 s->CTX_SUFF(pbIOBuffer), cbTransfer);
2007 break;
2008 }
2009 default:
2010 break;
2011 }
2012
2013 Log2(("%s\n", szBuf));
2014# endif
2015
2016 if (pProf) { STAM_PROFILE_ADV_START(pProf, b); }
2017 if ( cbTransfer > SCSI_MAX_BUFFER_SIZE
2018 || s->cbElementaryTransfer > s->cbIOBuffer)
2019 {
2020 /* Linux accepts commands with up to 100KB of data, but expects
2021 * us to handle commands with up to 128KB of data. The usual
2022 * imbalance of powers. */
2023 uint8_t aATAPICmd[ATAPI_PACKET_SIZE];
2024 uint32_t iATAPILBA, cSectors, cReqSectors, cbCurrTX;
2025 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2026 uint32_t cSectorsMax; /**< Maximum amount of sectors to read without exceeding the I/O buffer. */
2027
2028 Assert(s->cbATAPISector);
2029 cSectorsMax = cbTransfer / s->cbATAPISector;
2030 Assert(cSectorsMax * s->cbATAPISector <= s->cbIOBuffer);
2031
2032 switch (s->aATAPICmd[0])
2033 {
2034 case SCSI_READ_10:
2035 case SCSI_WRITE_10:
2036 case SCSI_WRITE_AND_VERIFY_10:
2037 iATAPILBA = scsiBE2H_U32(s->aATAPICmd + 2);
2038 cSectors = scsiBE2H_U16(s->aATAPICmd + 7);
2039 break;
2040 case SCSI_READ_12:
2041 case SCSI_WRITE_12:
2042 iATAPILBA = scsiBE2H_U32(s->aATAPICmd + 2);
2043 cSectors = scsiBE2H_U32(s->aATAPICmd + 6);
2044 break;
2045 case SCSI_READ_CD:
2046 iATAPILBA = scsiBE2H_U32(s->aATAPICmd + 2);
2047 cSectors = scsiBE2H_U24(s->aATAPICmd + 6);
2048 break;
2049 case SCSI_READ_CD_MSF:
2050 iATAPILBA = scsiMSF2LBA(s->aATAPICmd + 3);
2051 cSectors = scsiMSF2LBA(s->aATAPICmd + 6) - iATAPILBA;
2052 break;
2053 default:
2054 AssertMsgFailed(("Don't know how to split command %#04x\n", s->aATAPICmd[0]));
2055 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
2056 LogRel(("PIIX3 ATA: LUN#%d: CD-ROM passthrough split error\n", s->iLUN));
2057 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_ILLEGAL_OPCODE);
2058 ataR3LockEnter(pCtl);
2059 return false;
2060 }
2061 cSectorsMax = RT_MIN(cSectorsMax, cSectors);
2062 memcpy(aATAPICmd, s->aATAPICmd, ATAPI_PACKET_SIZE);
2063 cReqSectors = 0;
2064 for (uint32_t i = cSectorsMax; i > 0; i -= cReqSectors)
2065 {
2066 if (i * s->cbATAPISector > SCSI_MAX_BUFFER_SIZE)
2067 cReqSectors = SCSI_MAX_BUFFER_SIZE / s->cbATAPISector;
2068 else
2069 cReqSectors = i;
2070 cbCurrTX = s->cbATAPISector * cReqSectors;
2071 switch (s->aATAPICmd[0])
2072 {
2073 case SCSI_READ_10:
2074 case SCSI_WRITE_10:
2075 case SCSI_WRITE_AND_VERIFY_10:
2076 scsiH2BE_U32(aATAPICmd + 2, iATAPILBA);
2077 scsiH2BE_U16(aATAPICmd + 7, cReqSectors);
2078 break;
2079 case SCSI_READ_12:
2080 case SCSI_WRITE_12:
2081 scsiH2BE_U32(aATAPICmd + 2, iATAPILBA);
2082 scsiH2BE_U32(aATAPICmd + 6, cReqSectors);
2083 break;
2084 case SCSI_READ_CD:
2085 scsiH2BE_U32(aATAPICmd + 2, iATAPILBA);
2086 scsiH2BE_U24(aATAPICmd + 6, cReqSectors);
2087 break;
2088 case SCSI_READ_CD_MSF:
2089 scsiLBA2MSF(aATAPICmd + 3, iATAPILBA);
2090 scsiLBA2MSF(aATAPICmd + 6, iATAPILBA + cReqSectors);
2091 break;
2092 }
2093 rc = s->pDrvMedia->pfnSendCmd(s->pDrvMedia, aATAPICmd, ATAPI_PACKET_SIZE, (PDMMEDIATXDIR)s->uTxDir,
2094 pbBuf, &cbCurrTX, abATAPISense, sizeof(abATAPISense), 30000 /**< @todo timeout */);
2095 if (rc != VINF_SUCCESS)
2096 break;
2097 iATAPILBA += cReqSectors;
2098 pbBuf += s->cbATAPISector * cReqSectors;
2099 }
2100
2101 if (RT_SUCCESS(rc))
2102 {
2103 /* Adjust ATAPI command for the next call. */
2104 switch (s->aATAPICmd[0])
2105 {
2106 case SCSI_READ_10:
2107 case SCSI_WRITE_10:
2108 case SCSI_WRITE_AND_VERIFY_10:
2109 scsiH2BE_U32(s->aATAPICmd + 2, iATAPILBA);
2110 scsiH2BE_U16(s->aATAPICmd + 7, cSectors - cSectorsMax);
2111 break;
2112 case SCSI_READ_12:
2113 case SCSI_WRITE_12:
2114 scsiH2BE_U32(s->aATAPICmd + 2, iATAPILBA);
2115 scsiH2BE_U32(s->aATAPICmd + 6, cSectors - cSectorsMax);
2116 break;
2117 case SCSI_READ_CD:
2118 scsiH2BE_U32(s->aATAPICmd + 2, iATAPILBA);
2119 scsiH2BE_U24(s->aATAPICmd + 6, cSectors - cSectorsMax);
2120 break;
2121 case SCSI_READ_CD_MSF:
2122 scsiLBA2MSF(s->aATAPICmd + 3, iATAPILBA);
2123 scsiLBA2MSF(s->aATAPICmd + 6, iATAPILBA + cSectors - cSectorsMax);
2124 break;
2125 default:
2126 AssertMsgFailed(("Don't know how to split command %#04x\n", s->aATAPICmd[0]));
2127 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
2128 LogRel(("PIIX3 ATA: LUN#%d: CD-ROM passthrough split error\n", s->iLUN));
2129 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_ILLEGAL_OPCODE);
2130 return false;
2131 }
2132 }
2133 }
2134 else
2135 rc = s->pDrvMedia->pfnSendCmd(s->pDrvMedia, s->aATAPICmd, ATAPI_PACKET_SIZE, (PDMMEDIATXDIR)s->uTxDir,
2136 s->CTX_SUFF(pbIOBuffer), &cbTransfer, abATAPISense, sizeof(abATAPISense), 30000 /**< @todo timeout */);
2137 if (pProf) { STAM_PROFILE_ADV_STOP(pProf, b); }
2138
2139 ataR3LockEnter(pCtl);
2140
2141 /* Update the LEDs and the read/write statistics. */
2142 if (cbTransfer >= 2048)
2143 {
2144 if (s->uTxDir != PDMMEDIATXDIR_TO_DEVICE)
2145 {
2146 s->Led.Actual.s.fReading = 0;
2147 STAM_REL_COUNTER_ADD(&s->StatBytesRead, cbTransfer);
2148 }
2149 else
2150 {
2151 s->Led.Actual.s.fWriting = 0;
2152 STAM_REL_COUNTER_ADD(&s->StatBytesWritten, cbTransfer);
2153 }
2154 }
2155
2156 if (RT_SUCCESS(rc))
2157 {
2158 /* Do post processing for certain commands. */
2159 switch (s->aATAPICmd[0])
2160 {
2161 case SCSI_SEND_CUE_SHEET:
2162 case SCSI_READ_TOC_PMA_ATIP:
2163 {
2164 if (!s->pTrackList)
2165 rc = ATAPIPassthroughTrackListCreateEmpty(&s->pTrackList);
2166
2167 if (RT_SUCCESS(rc))
2168 rc = ATAPIPassthroughTrackListUpdate(s->pTrackList, s->aATAPICmd, s->CTX_SUFF(pbIOBuffer));
2169
2170 if ( RT_FAILURE(rc)
2171 && s->cErrors++ < MAX_LOG_REL_ERRORS)
2172 LogRel(("ATA: Error (%Rrc) while updating the tracklist during %s, burning the disc might fail\n",
2173 rc, s->aATAPICmd[0] == SCSI_SEND_CUE_SHEET ? "SEND CUE SHEET" : "READ TOC/PMA/ATIP"));
2174 break;
2175 }
2176 case SCSI_SYNCHRONIZE_CACHE:
2177 {
2178 if (s->pTrackList)
2179 ATAPIPassthroughTrackListClear(s->pTrackList);
2180 break;
2181 }
2182 }
2183
2184 if (s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE)
2185 {
2186 /*
2187 * Reply with the same amount of data as the real drive
2188 * but only if the command wasn't split.
2189 */
2190 if (s->cbAtapiPassthroughTransfer < s->cbIOBuffer)
2191 s->cbTotalTransfer = cbTransfer;
2192
2193 if ( s->aATAPICmd[0] == SCSI_INQUIRY
2194 && s->fOverwriteInquiry)
2195 {
2196 /* Make sure that the real drive cannot be identified.
2197 * Motivation: changing the VM configuration should be as
2198 * invisible as possible to the guest. */
2199 Log3(("ATAPI PT inquiry data before (%d): %.*Rhxs\n", cbTransfer, cbTransfer, s->CTX_SUFF(pbIOBuffer)));
2200 scsiPadStr(s->CTX_SUFF(pbIOBuffer) + 8, "VBOX", 8);
2201 scsiPadStr(s->CTX_SUFF(pbIOBuffer) + 16, "CD-ROM", 16);
2202 scsiPadStr(s->CTX_SUFF(pbIOBuffer) + 32, "1.0", 4);
2203 }
2204
2205 if (cbTransfer)
2206 Log3(("ATAPI PT data read (%d):\n%.*Rhxd\n", cbTransfer, cbTransfer, s->CTX_SUFF(pbIOBuffer)));
2207 }
2208
2209 /* The initial buffer end value has been set up based on the total
2210 * transfer size. But the I/O buffer size limits what can actually be
2211 * done in one transfer, so set the actual value of the buffer end. */
2212 Assert(cbTransfer <= s->cbAtapiPassthroughTransfer);
2213 s->cbElementaryTransfer = cbTransfer;
2214 s->cbAtapiPassthroughTransfer -= cbTransfer;
2215 if (!s->cbAtapiPassthroughTransfer)
2216 {
2217 s->iSourceSink = ATAFN_SS_NULL;
2218 atapiR3CmdOK(s);
2219 }
2220 }
2221 else
2222 {
2223 if (s->cErrors < MAX_LOG_REL_ERRORS)
2224 {
2225 uint8_t u8Cmd = s->aATAPICmd[0];
2226 do
2227 {
2228 /* don't log superfluous errors */
2229 if ( rc == VERR_DEV_IO_ERROR
2230 && ( u8Cmd == SCSI_TEST_UNIT_READY
2231 || u8Cmd == SCSI_READ_CAPACITY
2232 || u8Cmd == SCSI_READ_DVD_STRUCTURE
2233 || u8Cmd == SCSI_READ_TOC_PMA_ATIP))
2234 break;
2235 s->cErrors++;
2236 LogRel(("PIIX3 ATA: LUN#%d: CD-ROM passthrough cmd=%#04x sense=%d ASC=%#02x ASCQ=%#02x %Rrc\n",
2237 s->iLUN, u8Cmd, abATAPISense[2] & 0x0f, abATAPISense[12], abATAPISense[13], rc));
2238 } while (0);
2239 }
2240 atapiR3CmdError(s, abATAPISense, sizeof(abATAPISense));
2241 }
2242 return false;
2243}
2244
2245/** @todo Revise ASAP. */
2246static bool atapiR3ReadDVDStructureSS(ATADevState *s)
2247{
2248 uint8_t *buf = s->CTX_SUFF(pbIOBuffer);
2249 int media = s->aATAPICmd[1];
2250 int format = s->aATAPICmd[7];
2251
2252 uint16_t max_len = scsiBE2H_U16(&s->aATAPICmd[8]);
2253
2254 memset(buf, 0, max_len);
2255
2256 switch (format) {
2257 case 0x00:
2258 case 0x01:
2259 case 0x02:
2260 case 0x03:
2261 case 0x04:
2262 case 0x05:
2263 case 0x06:
2264 case 0x07:
2265 case 0x08:
2266 case 0x09:
2267 case 0x0a:
2268 case 0x0b:
2269 case 0x0c:
2270 case 0x0d:
2271 case 0x0e:
2272 case 0x0f:
2273 case 0x10:
2274 case 0x11:
2275 case 0x30:
2276 case 0x31:
2277 case 0xff:
2278 if (media == 0)
2279 {
2280 int uASC = SCSI_ASC_NONE;
2281
2282 switch (format)
2283 {
2284 case 0x0: /* Physical format information */
2285 {
2286 int layer = s->aATAPICmd[6];
2287 uint64_t total_sectors;
2288
2289 if (layer != 0)
2290 {
2291 uASC = -SCSI_ASC_INV_FIELD_IN_CMD_PACKET;
2292 break;
2293 }
2294
2295 total_sectors = s->cTotalSectors;
2296 total_sectors >>= 2;
2297 if (total_sectors == 0)
2298 {
2299 uASC = -SCSI_ASC_MEDIUM_NOT_PRESENT;
2300 break;
2301 }
2302
2303 buf[4] = 1; /* DVD-ROM, part version 1 */
2304 buf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
2305 buf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
2306 buf[7] = 0; /* default densities */
2307
2308 /* FIXME: 0x30000 per spec? */
2309 scsiH2BE_U32(buf + 8, 0); /* start sector */
2310 scsiH2BE_U32(buf + 12, total_sectors - 1); /* end sector */
2311 scsiH2BE_U32(buf + 16, total_sectors - 1); /* l0 end sector */
2312
2313 /* Size of buffer, not including 2 byte size field */
2314 scsiH2BE_U32(&buf[0], 2048 + 2);
2315
2316 /* 2k data + 4 byte header */
2317 uASC = (2048 + 4);
2318 break;
2319 }
2320 case 0x01: /* DVD copyright information */
2321 buf[4] = 0; /* no copyright data */
2322 buf[5] = 0; /* no region restrictions */
2323
2324 /* Size of buffer, not including 2 byte size field */
2325 scsiH2BE_U16(buf, 4 + 2);
2326
2327 /* 4 byte header + 4 byte data */
2328 uASC = (4 + 4);
2329 break;
2330
2331 case 0x03: /* BCA information - invalid field for no BCA info */
2332 uASC = -SCSI_ASC_INV_FIELD_IN_CMD_PACKET;
2333 break;
2334
2335 case 0x04: /* DVD disc manufacturing information */
2336 /* Size of buffer, not including 2 byte size field */
2337 scsiH2BE_U16(buf, 2048 + 2);
2338
2339 /* 2k data + 4 byte header */
2340 uASC = (2048 + 4);
2341 break;
2342 case 0xff:
2343 /*
2344 * This lists all the command capabilities above. Add new ones
2345 * in order and update the length and buffer return values.
2346 */
2347
2348 buf[4] = 0x00; /* Physical format */
2349 buf[5] = 0x40; /* Not writable, is readable */
2350 scsiH2BE_U16((buf + 6), 2048 + 4);
2351
2352 buf[8] = 0x01; /* Copyright info */
2353 buf[9] = 0x40; /* Not writable, is readable */
2354 scsiH2BE_U16((buf + 10), 4 + 4);
2355
2356 buf[12] = 0x03; /* BCA info */
2357 buf[13] = 0x40; /* Not writable, is readable */
2358 scsiH2BE_U16((buf + 14), 188 + 4);
2359
2360 buf[16] = 0x04; /* Manufacturing info */
2361 buf[17] = 0x40; /* Not writable, is readable */
2362 scsiH2BE_U16((buf + 18), 2048 + 4);
2363
2364 /* Size of buffer, not including 2 byte size field */
2365 scsiH2BE_U16(buf, 16 + 2);
2366
2367 /* data written + 4 byte header */
2368 uASC = (16 + 4);
2369 break;
2370 default: /** @todo formats beyond DVD-ROM requires */
2371 uASC = -SCSI_ASC_INV_FIELD_IN_CMD_PACKET;
2372 }
2373
2374 if (uASC < 0)
2375 {
2376 s->iSourceSink = ATAFN_SS_NULL;
2377 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, -uASC);
2378 return false;
2379 }
2380 break;
2381 }
2382 /** @todo BD support, fall through for now */
2383 RT_FALL_THRU();
2384
2385 /* Generic disk structures */
2386 case 0x80: /** @todo AACS volume identifier */
2387 case 0x81: /** @todo AACS media serial number */
2388 case 0x82: /** @todo AACS media identifier */
2389 case 0x83: /** @todo AACS media key block */
2390 case 0x90: /** @todo List of recognized format layers */
2391 case 0xc0: /** @todo Write protection status */
2392 default:
2393 s->iSourceSink = ATAFN_SS_NULL;
2394 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST,
2395 SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2396 return false;
2397 }
2398
2399 s->iSourceSink = ATAFN_SS_NULL;
2400 atapiR3CmdOK(s);
2401 return false;
2402}
2403
2404static bool atapiR3ReadSectors(ATADevState *s, uint32_t iATAPILBA, uint32_t cSectors, uint32_t cbSector)
2405{
2406 Assert(cSectors > 0);
2407 s->iATAPILBA = iATAPILBA;
2408 s->cbATAPISector = cbSector;
2409 ataR3StartTransfer(s, cSectors * cbSector, PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ, true);
2410 return false;
2411}
2412
2413
2414static bool atapiR3ReadCapacitySS(ATADevState *s)
2415{
2416 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2417
2418 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
2419 Assert(s->cbElementaryTransfer <= 8);
2420 scsiH2BE_U32(pbBuf, s->cTotalSectors - 1);
2421 scsiH2BE_U32(pbBuf + 4, 2048);
2422 s->iSourceSink = ATAFN_SS_NULL;
2423 atapiR3CmdOK(s);
2424 return false;
2425}
2426
2427
2428static bool atapiR3ReadDiscInformationSS(ATADevState *s)
2429{
2430 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2431
2432 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
2433 Assert(s->cbElementaryTransfer <= 34);
2434 memset(pbBuf, '\0', 34);
2435 scsiH2BE_U16(pbBuf, 32);
2436 pbBuf[2] = (0 << 4) | (3 << 2) | (2 << 0); /* not erasable, complete session, complete disc */
2437 pbBuf[3] = 1; /* number of first track */
2438 pbBuf[4] = 1; /* number of sessions (LSB) */
2439 pbBuf[5] = 1; /* first track number in last session (LSB) */
2440 pbBuf[6] = (uint8_t)s->pDrvMedia->pfnGetRegionCount(s->pDrvMedia); /* last track number in last session (LSB) */
2441 pbBuf[7] = (0 << 7) | (0 << 6) | (1 << 5) | (0 << 2) | (0 << 0); /* disc id not valid, disc bar code not valid, unrestricted use, not dirty, not RW medium */
2442 pbBuf[8] = 0; /* disc type = CD-ROM */
2443 pbBuf[9] = 0; /* number of sessions (MSB) */
2444 pbBuf[10] = 0; /* number of sessions (MSB) */
2445 pbBuf[11] = 0; /* number of sessions (MSB) */
2446 scsiH2BE_U32(pbBuf + 16, 0xffffffff); /* last session lead-in start time is not available */
2447 scsiH2BE_U32(pbBuf + 20, 0xffffffff); /* last possible start time for lead-out is not available */
2448 s->iSourceSink = ATAFN_SS_NULL;
2449 atapiR3CmdOK(s);
2450 return false;
2451}
2452
2453
2454static bool atapiR3ReadTrackInformationSS(ATADevState *s)
2455{
2456 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2457 uint32_t u32LogAddr = scsiBE2H_U32(&s->aATAPICmd[2]);
2458 uint8_t u8LogAddrType = s->aATAPICmd[1] & 0x03;
2459
2460 int rc = VINF_SUCCESS;
2461 uint64_t u64LbaStart = 0;
2462 uint32_t uRegion = 0;
2463 uint64_t cBlocks = 0;
2464 uint64_t cbBlock = 0;
2465 uint8_t u8DataMode = 0xf; /* Unknown data mode. */
2466 uint8_t u8TrackMode = 0;
2467 VDREGIONDATAFORM enmDataForm = VDREGIONDATAFORM_INVALID;
2468
2469 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
2470 Assert(s->cbElementaryTransfer <= 36);
2471
2472 switch (u8LogAddrType)
2473 {
2474 case 0x00:
2475 rc = s->pDrvMedia->pfnQueryRegionPropertiesForLba(s->pDrvMedia, u32LogAddr, &uRegion,
2476 NULL, NULL, NULL);
2477 if (RT_SUCCESS(rc))
2478 rc = s->pDrvMedia->pfnQueryRegionProperties(s->pDrvMedia, uRegion, &u64LbaStart,
2479 &cBlocks, &cbBlock, &enmDataForm);
2480 break;
2481 case 0x01:
2482 {
2483 if (u32LogAddr >= 1)
2484 {
2485 uRegion = u32LogAddr - 1;
2486 rc = s->pDrvMedia->pfnQueryRegionProperties(s->pDrvMedia, uRegion, &u64LbaStart,
2487 &cBlocks, &cbBlock, &enmDataForm);
2488 }
2489 else
2490 rc = VERR_NOT_FOUND; /** @todo Return lead-in information. */
2491 break;
2492 }
2493 case 0x02:
2494 default:
2495 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2496 return false;
2497 }
2498
2499 if (RT_FAILURE(rc))
2500 {
2501 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2502 return false;
2503 }
2504
2505 switch (enmDataForm)
2506 {
2507 case VDREGIONDATAFORM_MODE1_2048:
2508 case VDREGIONDATAFORM_MODE1_2352:
2509 case VDREGIONDATAFORM_MODE1_0:
2510 u8DataMode = 1;
2511 break;
2512 case VDREGIONDATAFORM_XA_2336:
2513 case VDREGIONDATAFORM_XA_2352:
2514 case VDREGIONDATAFORM_XA_0:
2515 case VDREGIONDATAFORM_MODE2_2336:
2516 case VDREGIONDATAFORM_MODE2_2352:
2517 case VDREGIONDATAFORM_MODE2_0:
2518 u8DataMode = 2;
2519 break;
2520 default:
2521 u8DataMode = 0xf;
2522 }
2523
2524 if (enmDataForm == VDREGIONDATAFORM_CDDA)
2525 u8TrackMode = 0x0;
2526 else
2527 u8TrackMode = 0x4;
2528
2529 memset(pbBuf, '\0', 36);
2530 scsiH2BE_U16(pbBuf, 34);
2531 pbBuf[2] = uRegion + 1; /* track number (LSB) */
2532 pbBuf[3] = 1; /* session number (LSB) */
2533 pbBuf[5] = (0 << 5) | (0 << 4) | u8TrackMode; /* not damaged, primary copy, data track */
2534 pbBuf[6] = (0 << 7) | (0 << 6) | (0 << 5) | (0 << 6) | u8DataMode; /* not reserved track, not blank, not packet writing, not fixed packet */
2535 pbBuf[7] = (0 << 1) | (0 << 0); /* last recorded address not valid, next recordable address not valid */
2536 scsiH2BE_U32(pbBuf + 8, (uint32_t)u64LbaStart); /* track start address is 0 */
2537 scsiH2BE_U32(pbBuf + 24, (uint32_t)cBlocks); /* track size */
2538 pbBuf[32] = 0; /* track number (MSB) */
2539 pbBuf[33] = 0; /* session number (MSB) */
2540 s->iSourceSink = ATAFN_SS_NULL;
2541 atapiR3CmdOK(s);
2542 return false;
2543}
2544
2545static DECLCALLBACK(uint32_t) atapiR3GetConfigurationFillFeatureListProfiles(ATADevState *s, uint8_t *pbBuf, size_t cbBuf)
2546{
2547 RT_NOREF1(s);
2548 if (cbBuf < 3*4)
2549 return 0;
2550
2551 scsiH2BE_U16(pbBuf, 0x0); /* feature 0: list of profiles supported */
2552 pbBuf[2] = (0 << 2) | (1 << 1) | (1 << 0); /* version 0, persistent, current */
2553 pbBuf[3] = 8; /* additional bytes for profiles */
2554 /* The MMC-3 spec says that DVD-ROM read capability should be reported
2555 * before CD-ROM read capability. */
2556 scsiH2BE_U16(pbBuf + 4, 0x10); /* profile: read-only DVD */
2557 pbBuf[6] = (0 << 0); /* NOT current profile */
2558 scsiH2BE_U16(pbBuf + 8, 0x08); /* profile: read only CD */
2559 pbBuf[10] = (1 << 0); /* current profile */
2560
2561 return 3*4; /* Header + 2 profiles entries */
2562}
2563
2564static DECLCALLBACK(uint32_t) atapiR3GetConfigurationFillFeatureCore(ATADevState *s, uint8_t *pbBuf, size_t cbBuf)
2565{
2566 RT_NOREF1(s);
2567 if (cbBuf < 12)
2568 return 0;
2569
2570 scsiH2BE_U16(pbBuf, 0x1); /* feature 0001h: Core Feature */
2571 pbBuf[2] = (0x2 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
2572 pbBuf[3] = 8; /* Additional length */
2573 scsiH2BE_U16(pbBuf + 4, 0x00000002); /* Physical interface ATAPI. */
2574 pbBuf[8] = RT_BIT(0); /* DBE */
2575 /* Rest is reserved. */
2576
2577 return 12;
2578}
2579
2580static DECLCALLBACK(uint32_t) atapiR3GetConfigurationFillFeatureMorphing(ATADevState *s, uint8_t *pbBuf, size_t cbBuf)
2581{
2582 RT_NOREF1(s);
2583 if (cbBuf < 8)
2584 return 0;
2585
2586 scsiH2BE_U16(pbBuf, 0x2); /* feature 0002h: Morphing Feature */
2587 pbBuf[2] = (0x1 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
2588 pbBuf[3] = 4; /* Additional length */
2589 pbBuf[4] = RT_BIT(1) | 0x0; /* OCEvent | !ASYNC */
2590 /* Rest is reserved. */
2591
2592 return 8;
2593}
2594
2595static DECLCALLBACK(uint32_t) atapiR3GetConfigurationFillFeatureRemovableMedium(ATADevState *s, uint8_t *pbBuf, size_t cbBuf)
2596{
2597 RT_NOREF1(s);
2598 if (cbBuf < 8)
2599 return 0;
2600
2601 scsiH2BE_U16(pbBuf, 0x3); /* feature 0003h: Removable Medium Feature */
2602 pbBuf[2] = (0x2 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
2603 pbBuf[3] = 4; /* Additional length */
2604 /* Tray type loading | Load | Eject | !Pvnt Jmpr | !DBML | Lock */
2605 pbBuf[4] = (0x2 << 5) | RT_BIT(4) | RT_BIT(3) | (0x0 << 2) | (0x0 << 1) | RT_BIT(0);
2606 /* Rest is reserved. */
2607
2608 return 8;
2609}
2610
2611static DECLCALLBACK(uint32_t) atapiR3GetConfigurationFillFeatureRandomReadable (ATADevState *s, uint8_t *pbBuf, size_t cbBuf)
2612{
2613 RT_NOREF1(s);
2614 if (cbBuf < 12)
2615 return 0;
2616
2617 scsiH2BE_U16(pbBuf, 0x10); /* feature 0010h: Random Readable Feature */
2618 pbBuf[2] = (0x0 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
2619 pbBuf[3] = 8; /* Additional length */
2620 scsiH2BE_U32(pbBuf + 4, 2048); /* Logical block size. */
2621 scsiH2BE_U16(pbBuf + 8, 0x10); /* Blocking (0x10 for DVD, CD is not defined). */
2622 pbBuf[10] = 0; /* PP not present */
2623 /* Rest is reserved. */
2624
2625 return 12;
2626}
2627
2628static DECLCALLBACK(uint32_t) atapiR3GetConfigurationFillFeatureCDRead(ATADevState *s, uint8_t *pbBuf, size_t cbBuf)
2629{
2630 RT_NOREF1(s);
2631 if (cbBuf < 8)
2632 return 0;
2633
2634 scsiH2BE_U16(pbBuf, 0x1e); /* feature 001Eh: CD Read Feature */
2635 pbBuf[2] = (0x2 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
2636 pbBuf[3] = 0; /* Additional length */
2637 pbBuf[4] = (0x0 << 7) | (0x0 << 1) | 0x0; /* !DAP | !C2-Flags | !CD-Text. */
2638 /* Rest is reserved. */
2639
2640 return 8;
2641}
2642
2643static DECLCALLBACK(uint32_t) atapiR3GetConfigurationFillFeaturePowerManagement(ATADevState *s, uint8_t *pbBuf, size_t cbBuf)
2644{
2645 RT_NOREF1(s);
2646 if (cbBuf < 4)
2647 return 0;
2648
2649 scsiH2BE_U16(pbBuf, 0x100); /* feature 0100h: Power Management Feature */
2650 pbBuf[2] = (0x0 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
2651 pbBuf[3] = 0; /* Additional length */
2652
2653 return 4;
2654}
2655
2656static DECLCALLBACK(uint32_t) atapiR3GetConfigurationFillFeatureTimeout(ATADevState *s, uint8_t *pbBuf, size_t cbBuf)
2657{
2658 RT_NOREF1(s);
2659 if (cbBuf < 8)
2660 return 0;
2661
2662 scsiH2BE_U16(pbBuf, 0x105); /* feature 0105h: Timeout Feature */
2663 pbBuf[2] = (0x0 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */
2664 pbBuf[3] = 4; /* Additional length */
2665 pbBuf[4] = 0x0; /* !Group3 */
2666
2667 return 8;
2668}
2669
2670/**
2671 * Callback to fill in the correct data for a feature.
2672 *
2673 * @returns Number of bytes written into the buffer.
2674 * @param s The ATA device state.
2675 * @param pbBuf The buffer to fill the data with.
2676 * @param cbBuf Size of the buffer.
2677 */
2678typedef DECLCALLBACK(uint32_t) FNATAPIR3FEATUREFILL(ATADevState *s, uint8_t *pbBuf, size_t cbBuf);
2679/** Pointer to a feature fill callback. */
2680typedef FNATAPIR3FEATUREFILL *PFNATAPIR3FEATUREFILL;
2681
2682/**
2683 * ATAPI feature descriptor.
2684 */
2685typedef struct ATAPIR3FEATDESC
2686{
2687 /** The feature number. */
2688 uint16_t u16Feat;
2689 /** The callback to fill in the correct data. */
2690 PFNATAPIR3FEATUREFILL pfnFeatureFill;
2691} ATAPIR3FEATDESC;
2692
2693/**
2694 * Array of known ATAPI feature descriptors.
2695 */
2696static const ATAPIR3FEATDESC s_aAtapiR3Features[] =
2697{
2698 { 0x0000, atapiR3GetConfigurationFillFeatureListProfiles},
2699 { 0x0001, atapiR3GetConfigurationFillFeatureCore},
2700 { 0x0002, atapiR3GetConfigurationFillFeatureMorphing},
2701 { 0x0003, atapiR3GetConfigurationFillFeatureRemovableMedium},
2702 { 0x0010, atapiR3GetConfigurationFillFeatureRandomReadable},
2703 { 0x001e, atapiR3GetConfigurationFillFeatureCDRead},
2704 { 0x0100, atapiR3GetConfigurationFillFeaturePowerManagement},
2705 { 0x0105, atapiR3GetConfigurationFillFeatureTimeout}
2706};
2707
2708static bool atapiR3GetConfigurationSS(ATADevState *s)
2709{
2710 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2711 uint32_t cbBuf = s->cbIOBuffer;
2712 uint32_t cbCopied = 0;
2713 uint16_t u16Sfn = scsiBE2H_U16(&s->aATAPICmd[2]);
2714 uint8_t u8Rt = s->aATAPICmd[1] & 0x03;
2715
2716 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
2717 Assert(s->cbElementaryTransfer <= 80);
2718 /* Accept valid request types only. */
2719 if (u8Rt == 3)
2720 {
2721 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2722 return false;
2723 }
2724 memset(pbBuf, '\0', cbBuf);
2725 /** @todo implement switching between CD-ROM and DVD-ROM profile (the only
2726 * way to differentiate them right now is based on the image size). */
2727 if (s->cTotalSectors)
2728 scsiH2BE_U16(pbBuf + 6, 0x08); /* current profile: read-only CD */
2729 else
2730 scsiH2BE_U16(pbBuf + 6, 0x00); /* current profile: none -> no media */
2731 cbBuf -= 8;
2732 pbBuf += 8;
2733
2734 if (u8Rt == 0x2)
2735 {
2736 for (uint32_t i = 0; i < RT_ELEMENTS(s_aAtapiR3Features); i++)
2737 {
2738 if (s_aAtapiR3Features[i].u16Feat == u16Sfn)
2739 {
2740 cbCopied = s_aAtapiR3Features[i].pfnFeatureFill(s, pbBuf, cbBuf);
2741 cbBuf -= cbCopied;
2742 pbBuf += cbCopied;
2743 break;
2744 }
2745 }
2746 }
2747 else
2748 {
2749 for (uint32_t i = 0; i < RT_ELEMENTS(s_aAtapiR3Features); i++)
2750 {
2751 if (s_aAtapiR3Features[i].u16Feat > u16Sfn)
2752 {
2753 cbCopied = s_aAtapiR3Features[i].pfnFeatureFill(s, pbBuf, cbBuf);
2754 cbBuf -= cbCopied;
2755 pbBuf += cbCopied;
2756 }
2757 }
2758 }
2759
2760 /* Set data length now - the field is not included in the final length. */
2761 scsiH2BE_U32(s->CTX_SUFF(pbIOBuffer), s->cbIOBuffer - cbBuf - 4);
2762
2763 /* Other profiles we might want to add in the future: 0x40 (BD-ROM) and 0x50 (HDDVD-ROM) */
2764 s->iSourceSink = ATAFN_SS_NULL;
2765 atapiR3CmdOK(s);
2766 return false;
2767}
2768
2769
2770static bool atapiR3GetEventStatusNotificationSS(ATADevState *s)
2771{
2772 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2773
2774 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
2775 Assert(s->cbElementaryTransfer <= 8);
2776
2777 if (!(s->aATAPICmd[1] & 1))
2778 {
2779 /* no asynchronous operation supported */
2780 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2781 return false;
2782 }
2783
2784 uint32_t OldStatus, NewStatus;
2785 do
2786 {
2787 OldStatus = ASMAtomicReadU32(&s->MediaEventStatus);
2788 NewStatus = ATA_EVENT_STATUS_UNCHANGED;
2789 switch (OldStatus)
2790 {
2791 case ATA_EVENT_STATUS_MEDIA_NEW:
2792 /* mount */
2793 scsiH2BE_U16(pbBuf + 0, 6);
2794 pbBuf[2] = 0x04; /* media */
2795 pbBuf[3] = 0x5e; /* supported = busy|media|external|power|operational */
2796 pbBuf[4] = 0x02; /* new medium */
2797 pbBuf[5] = 0x02; /* medium present / door closed */
2798 pbBuf[6] = 0x00;
2799 pbBuf[7] = 0x00;
2800 break;
2801
2802 case ATA_EVENT_STATUS_MEDIA_CHANGED:
2803 case ATA_EVENT_STATUS_MEDIA_REMOVED:
2804 /* umount */
2805 scsiH2BE_U16(pbBuf + 0, 6);
2806 pbBuf[2] = 0x04; /* media */
2807 pbBuf[3] = 0x5e; /* supported = busy|media|external|power|operational */
2808 pbBuf[4] = 0x03; /* media removal */
2809 pbBuf[5] = 0x00; /* medium absent / door closed */
2810 pbBuf[6] = 0x00;
2811 pbBuf[7] = 0x00;
2812 if (OldStatus == ATA_EVENT_STATUS_MEDIA_CHANGED)
2813 NewStatus = ATA_EVENT_STATUS_MEDIA_NEW;
2814 break;
2815
2816 case ATA_EVENT_STATUS_MEDIA_EJECT_REQUESTED: /* currently unused */
2817 scsiH2BE_U16(pbBuf + 0, 6);
2818 pbBuf[2] = 0x04; /* media */
2819 pbBuf[3] = 0x5e; /* supported = busy|media|external|power|operational */
2820 pbBuf[4] = 0x01; /* eject requested (eject button pressed) */
2821 pbBuf[5] = 0x02; /* medium present / door closed */
2822 pbBuf[6] = 0x00;
2823 pbBuf[7] = 0x00;
2824 break;
2825
2826 case ATA_EVENT_STATUS_UNCHANGED:
2827 default:
2828 scsiH2BE_U16(pbBuf + 0, 6);
2829 pbBuf[2] = 0x01; /* operational change request / notification */
2830 pbBuf[3] = 0x5e; /* supported = busy|media|external|power|operational */
2831 pbBuf[4] = 0x00;
2832 pbBuf[5] = 0x00;
2833 pbBuf[6] = 0x00;
2834 pbBuf[7] = 0x00;
2835 break;
2836 }
2837 } while (!ASMAtomicCmpXchgU32(&s->MediaEventStatus, NewStatus, OldStatus));
2838
2839 s->iSourceSink = ATAFN_SS_NULL;
2840 atapiR3CmdOK(s);
2841 return false;
2842}
2843
2844
2845static bool atapiR3InquirySS(ATADevState *s)
2846{
2847 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2848
2849 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
2850 Assert(s->cbElementaryTransfer <= 36);
2851 pbBuf[0] = 0x05; /* CD-ROM */
2852 pbBuf[1] = 0x80; /* removable */
2853# if 1/*ndef VBOX*/ /** @todo implement MESN + AENC. (async notification on removal and stuff.) */
2854 pbBuf[2] = 0x00; /* ISO */
2855 pbBuf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
2856# else
2857 pbBuf[2] = 0x00; /* ISO */
2858 pbBuf[3] = 0x91; /* format 1, MESN=1, AENC=9 ??? */
2859# endif
2860 pbBuf[4] = 31; /* additional length */
2861 pbBuf[5] = 0; /* reserved */
2862 pbBuf[6] = 0; /* reserved */
2863 pbBuf[7] = 0; /* reserved */
2864 scsiPadStr(pbBuf + 8, s->szInquiryVendorId, 8);
2865 scsiPadStr(pbBuf + 16, s->szInquiryProductId, 16);
2866 scsiPadStr(pbBuf + 32, s->szInquiryRevision, 4);
2867 s->iSourceSink = ATAFN_SS_NULL;
2868 atapiR3CmdOK(s);
2869 return false;
2870}
2871
2872
2873static bool atapiR3ModeSenseErrorRecoverySS(ATADevState *s)
2874{
2875 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2876
2877 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
2878 Assert(s->cbElementaryTransfer <= 16);
2879 scsiH2BE_U16(&pbBuf[0], 16 + 6);
2880 pbBuf[2] = (uint8_t)s->MediaTrackType;
2881 pbBuf[3] = 0;
2882 pbBuf[4] = 0;
2883 pbBuf[5] = 0;
2884 pbBuf[6] = 0;
2885 pbBuf[7] = 0;
2886
2887 pbBuf[8] = 0x01;
2888 pbBuf[9] = 0x06;
2889 pbBuf[10] = 0x00; /* Maximum error recovery */
2890 pbBuf[11] = 0x05; /* 5 retries */
2891 pbBuf[12] = 0x00;
2892 pbBuf[13] = 0x00;
2893 pbBuf[14] = 0x00;
2894 pbBuf[15] = 0x00;
2895 s->iSourceSink = ATAFN_SS_NULL;
2896 atapiR3CmdOK(s);
2897 return false;
2898}
2899
2900
2901static bool atapiR3ModeSenseCDStatusSS(ATADevState *s)
2902{
2903 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2904
2905 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
2906 Assert(s->cbElementaryTransfer <= 40);
2907 scsiH2BE_U16(&pbBuf[0], 38);
2908 pbBuf[2] = (uint8_t)s->MediaTrackType;
2909 pbBuf[3] = 0;
2910 pbBuf[4] = 0;
2911 pbBuf[5] = 0;
2912 pbBuf[6] = 0;
2913 pbBuf[7] = 0;
2914
2915 pbBuf[8] = 0x2a;
2916 pbBuf[9] = 30; /* page length */
2917 pbBuf[10] = 0x08; /* DVD-ROM read support */
2918 pbBuf[11] = 0x00; /* no write support */
2919 /* The following claims we support audio play. This is obviously false,
2920 * but the Linux generic CDROM support makes many features depend on this
2921 * capability. If it's not set, this causes many things to be disabled. */
2922 pbBuf[12] = 0x71; /* multisession support, mode 2 form 1/2 support, audio play */
2923 pbBuf[13] = 0x00; /* no subchannel reads supported */
2924 pbBuf[14] = (1 << 0) | (1 << 3) | (1 << 5); /* lock supported, eject supported, tray type loading mechanism */
2925 if (s->pDrvMount->pfnIsLocked(s->pDrvMount))
2926 pbBuf[14] |= 1 << 1; /* report lock state */
2927 pbBuf[15] = 0; /* no subchannel reads supported, no separate audio volume control, no changer etc. */
2928 scsiH2BE_U16(&pbBuf[16], 5632); /* (obsolete) claim 32x speed support */
2929 scsiH2BE_U16(&pbBuf[18], 2); /* number of audio volume levels */
2930 scsiH2BE_U16(&pbBuf[20], s->cbIOBuffer / _1K); /* buffer size supported in Kbyte */
2931 scsiH2BE_U16(&pbBuf[22], 5632); /* (obsolete) current read speed 32x */
2932 pbBuf[24] = 0; /* reserved */
2933 pbBuf[25] = 0; /* reserved for digital audio (see idx 15) */
2934 scsiH2BE_U16(&pbBuf[26], 0); /* (obsolete) maximum write speed */
2935 scsiH2BE_U16(&pbBuf[28], 0); /* (obsolete) current write speed */
2936 scsiH2BE_U16(&pbBuf[30], 0); /* copy management revision supported 0=no CSS */
2937 pbBuf[32] = 0; /* reserved */
2938 pbBuf[33] = 0; /* reserved */
2939 pbBuf[34] = 0; /* reserved */
2940 pbBuf[35] = 1; /* rotation control CAV */
2941 scsiH2BE_U16(&pbBuf[36], 0); /* current write speed */
2942 scsiH2BE_U16(&pbBuf[38], 0); /* number of write speed performance descriptors */
2943 s->iSourceSink = ATAFN_SS_NULL;
2944 atapiR3CmdOK(s);
2945 return false;
2946}
2947
2948
2949static bool atapiR3RequestSenseSS(ATADevState *s)
2950{
2951 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2952
2953 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
2954 memset(pbBuf, '\0', s->cbElementaryTransfer);
2955 memcpy(pbBuf, s->abATAPISense, RT_MIN(s->cbElementaryTransfer, sizeof(s->abATAPISense)));
2956 s->iSourceSink = ATAFN_SS_NULL;
2957 atapiR3CmdOK(s);
2958 return false;
2959}
2960
2961
2962static bool atapiR3MechanismStatusSS(ATADevState *s)
2963{
2964 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2965
2966 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
2967 Assert(s->cbElementaryTransfer <= 8);
2968 scsiH2BE_U16(pbBuf, 0);
2969 /* no current LBA */
2970 pbBuf[2] = 0;
2971 pbBuf[3] = 0;
2972 pbBuf[4] = 0;
2973 pbBuf[5] = 1;
2974 scsiH2BE_U16(pbBuf + 6, 0);
2975 s->iSourceSink = ATAFN_SS_NULL;
2976 atapiR3CmdOK(s);
2977 return false;
2978}
2979
2980
2981static bool atapiR3ReadTOCNormalSS(ATADevState *s)
2982{
2983 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer), *q, iStartTrack;
2984 bool fMSF;
2985 uint32_t cbSize;
2986 uint32_t cTracks = s->pDrvMedia->pfnGetRegionCount(s->pDrvMedia);
2987
2988 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
2989 fMSF = (s->aATAPICmd[1] >> 1) & 1;
2990 iStartTrack = s->aATAPICmd[6];
2991 if (iStartTrack == 0)
2992 iStartTrack = 1;
2993
2994 if (iStartTrack > cTracks && iStartTrack != 0xaa)
2995 {
2996 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2997 return false;
2998 }
2999 q = pbBuf + 2;
3000 *q++ = iStartTrack; /* first track number */
3001 *q++ = cTracks; /* last track number */
3002 for (uint32_t iTrack = iStartTrack; iTrack <= cTracks; iTrack++)
3003 {
3004 uint64_t uLbaStart = 0;
3005 VDREGIONDATAFORM enmDataForm = VDREGIONDATAFORM_MODE1_2048;
3006
3007 int rc = s->pDrvMedia->pfnQueryRegionProperties(s->pDrvMedia, iTrack - 1, &uLbaStart,
3008 NULL, NULL, &enmDataForm);
3009 AssertRC(rc);
3010
3011 *q++ = 0; /* reserved */
3012
3013 if (enmDataForm == VDREGIONDATAFORM_CDDA)
3014 *q++ = 0x10; /* ADR, control */
3015 else
3016 *q++ = 0x14; /* ADR, control */
3017
3018 *q++ = (uint8_t)iTrack; /* track number */
3019 *q++ = 0; /* reserved */
3020 if (fMSF)
3021 {
3022 *q++ = 0; /* reserved */
3023 scsiLBA2MSF(q, (uint32_t)uLbaStart);
3024 q += 3;
3025 }
3026 else
3027 {
3028 /* sector 0 */
3029 scsiH2BE_U32(q, (uint32_t)uLbaStart);
3030 q += 4;
3031 }
3032 }
3033 /* lead out track */
3034 *q++ = 0; /* reserved */
3035 *q++ = 0x14; /* ADR, control */
3036 *q++ = 0xaa; /* track number */
3037 *q++ = 0; /* reserved */
3038
3039 /* Query start and length of last track to get the start of the lead out track. */
3040 uint64_t uLbaStart = 0;
3041 uint64_t cBlocks = 0;
3042
3043 int rc = s->pDrvMedia->pfnQueryRegionProperties(s->pDrvMedia, cTracks - 1, &uLbaStart,
3044 &cBlocks, NULL, NULL);
3045 AssertRC(rc);
3046
3047 uLbaStart += cBlocks;
3048 if (fMSF)
3049 {
3050 *q++ = 0; /* reserved */
3051 scsiLBA2MSF(q, (uint32_t)uLbaStart);
3052 q += 3;
3053 }
3054 else
3055 {
3056 scsiH2BE_U32(q, (uint32_t)uLbaStart);
3057 q += 4;
3058 }
3059 cbSize = q - pbBuf;
3060 scsiH2BE_U16(pbBuf, cbSize - 2);
3061 if (cbSize < s->cbTotalTransfer)
3062 s->cbTotalTransfer = cbSize;
3063 s->iSourceSink = ATAFN_SS_NULL;
3064 atapiR3CmdOK(s);
3065 return false;
3066}
3067
3068
3069static bool atapiR3ReadTOCMultiSS(ATADevState *s)
3070{
3071 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
3072 bool fMSF;
3073
3074 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
3075 Assert(s->cbElementaryTransfer <= 12);
3076 fMSF = (s->aATAPICmd[1] >> 1) & 1;
3077 /* multi session: only a single session defined */
3078 /** @todo double-check this stuff against what a real drive says for a CD-ROM (not a CD-R)
3079 * with only a single data session. Maybe solve the problem with "cdrdao read-toc" not being
3080 * able to figure out whether numbers are in BCD or hex. */
3081 memset(pbBuf, 0, 12);
3082 pbBuf[1] = 0x0a;
3083 pbBuf[2] = 0x01;
3084 pbBuf[3] = 0x01;
3085
3086 VDREGIONDATAFORM enmDataForm = VDREGIONDATAFORM_MODE1_2048;
3087 int rc = s->pDrvMedia->pfnQueryRegionProperties(s->pDrvMedia, 0, NULL,
3088 NULL, NULL, &enmDataForm);
3089 AssertRC(rc);
3090
3091 if (enmDataForm == VDREGIONDATAFORM_CDDA)
3092 pbBuf[5] = 0x10; /* ADR, control */
3093 else
3094 pbBuf[5] = 0x14; /* ADR, control */
3095
3096 pbBuf[6] = 1; /* first track in last complete session */
3097 if (fMSF)
3098 {
3099 pbBuf[8] = 0; /* reserved */
3100 scsiLBA2MSF(&pbBuf[9], 0);
3101 }
3102 else
3103 {
3104 /* sector 0 */
3105 scsiH2BE_U32(pbBuf + 8, 0);
3106 }
3107 s->iSourceSink = ATAFN_SS_NULL;
3108 atapiR3CmdOK(s);
3109 return false;
3110}
3111
3112
3113static bool atapiR3ReadTOCRawSS(ATADevState *s)
3114{
3115 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer), *q, iStartTrack;
3116 bool fMSF;
3117 uint32_t cbSize;
3118
3119 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
3120 fMSF = (s->aATAPICmd[1] >> 1) & 1;
3121 iStartTrack = s->aATAPICmd[6];
3122
3123 q = pbBuf + 2;
3124 *q++ = 1; /* first session */
3125 *q++ = 1; /* last session */
3126
3127 *q++ = 1; /* session number */
3128 *q++ = 0x14; /* data track */
3129 *q++ = 0; /* track number */
3130 *q++ = 0xa0; /* first track in program area */
3131 *q++ = 0; /* min */
3132 *q++ = 0; /* sec */
3133 *q++ = 0; /* frame */
3134 *q++ = 0;
3135 *q++ = 1; /* first track */
3136 *q++ = 0x00; /* disk type CD-DA or CD data */
3137 *q++ = 0;
3138
3139 *q++ = 1; /* session number */
3140 *q++ = 0x14; /* data track */
3141 *q++ = 0; /* track number */
3142 *q++ = 0xa1; /* last track in program area */
3143 *q++ = 0; /* min */
3144 *q++ = 0; /* sec */
3145 *q++ = 0; /* frame */
3146 *q++ = 0;
3147 *q++ = 1; /* last track */
3148 *q++ = 0;
3149 *q++ = 0;
3150
3151 *q++ = 1; /* session number */
3152 *q++ = 0x14; /* data track */
3153 *q++ = 0; /* track number */
3154 *q++ = 0xa2; /* lead-out */
3155 *q++ = 0; /* min */
3156 *q++ = 0; /* sec */
3157 *q++ = 0; /* frame */
3158 if (fMSF)
3159 {
3160 *q++ = 0; /* reserved */
3161 scsiLBA2MSF(q, s->cTotalSectors);
3162 q += 3;
3163 }
3164 else
3165 {
3166 scsiH2BE_U32(q, s->cTotalSectors);
3167 q += 4;
3168 }
3169
3170 *q++ = 1; /* session number */
3171 *q++ = 0x14; /* ADR, control */
3172 *q++ = 0; /* track number */
3173 *q++ = 1; /* point */
3174 *q++ = 0; /* min */
3175 *q++ = 0; /* sec */
3176 *q++ = 0; /* frame */
3177 if (fMSF)
3178 {
3179 *q++ = 0; /* reserved */
3180 scsiLBA2MSF(q, 0);
3181 q += 3;
3182 }
3183 else
3184 {
3185 /* sector 0 */
3186 scsiH2BE_U32(q, 0);
3187 q += 4;
3188 }
3189
3190 cbSize = q - pbBuf;
3191 scsiH2BE_U16(pbBuf, cbSize - 2);
3192 if (cbSize < s->cbTotalTransfer)
3193 s->cbTotalTransfer = cbSize;
3194 s->iSourceSink = ATAFN_SS_NULL;
3195 atapiR3CmdOK(s);
3196 return false;
3197}
3198
3199
3200static void atapiR3ParseCmdVirtualATAPI(ATADevState *s)
3201{
3202 const uint8_t *pbPacket;
3203 uint8_t *pbBuf;
3204 uint32_t cbMax;
3205
3206 pbPacket = s->aATAPICmd;
3207 pbBuf = s->CTX_SUFF(pbIOBuffer);
3208 switch (pbPacket[0])
3209 {
3210 case SCSI_TEST_UNIT_READY:
3211 if (s->cNotifiedMediaChange > 0)
3212 {
3213 if (s->cNotifiedMediaChange-- > 2)
3214 atapiR3CmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
3215 else
3216 atapiR3CmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
3217 }
3218 else if (s->pDrvMount->pfnIsMounted(s->pDrvMount))
3219 atapiR3CmdOK(s);
3220 else
3221 atapiR3CmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
3222 break;
3223 case SCSI_GET_EVENT_STATUS_NOTIFICATION:
3224 cbMax = scsiBE2H_U16(pbPacket + 7);
3225 ataR3StartTransfer(s, RT_MIN(cbMax, 8), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_GET_EVENT_STATUS_NOTIFICATION, true);
3226 break;
3227 case SCSI_MODE_SENSE_10:
3228 {
3229 uint8_t uPageControl, uPageCode;
3230 cbMax = scsiBE2H_U16(pbPacket + 7);
3231 uPageControl = pbPacket[2] >> 6;
3232 uPageCode = pbPacket[2] & 0x3f;
3233 switch (uPageControl)
3234 {
3235 case SCSI_PAGECONTROL_CURRENT:
3236 switch (uPageCode)
3237 {
3238 case SCSI_MODEPAGE_ERROR_RECOVERY:
3239 ataR3StartTransfer(s, RT_MIN(cbMax, 16), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_MODE_SENSE_ERROR_RECOVERY, true);
3240 break;
3241 case SCSI_MODEPAGE_CD_STATUS:
3242 ataR3StartTransfer(s, RT_MIN(cbMax, 40), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_MODE_SENSE_CD_STATUS, true);
3243 break;
3244 default:
3245 goto error_cmd;
3246 }
3247 break;
3248 case SCSI_PAGECONTROL_CHANGEABLE:
3249 goto error_cmd;
3250 case SCSI_PAGECONTROL_DEFAULT:
3251 goto error_cmd;
3252 default:
3253 case SCSI_PAGECONTROL_SAVED:
3254 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
3255 break;
3256 }
3257 break;
3258 }
3259 case SCSI_REQUEST_SENSE:
3260 cbMax = pbPacket[4];
3261 ataR3StartTransfer(s, RT_MIN(cbMax, 18), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_REQUEST_SENSE, true);
3262 break;
3263 case SCSI_PREVENT_ALLOW_MEDIUM_REMOVAL:
3264 if (s->pDrvMount->pfnIsMounted(s->pDrvMount))
3265 {
3266 if (pbPacket[4] & 1)
3267 s->pDrvMount->pfnLock(s->pDrvMount);
3268 else
3269 s->pDrvMount->pfnUnlock(s->pDrvMount);
3270 atapiR3CmdOK(s);
3271 }
3272 else
3273 atapiR3CmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
3274 break;
3275 case SCSI_READ_10:
3276 case SCSI_READ_12:
3277 {
3278 uint32_t cSectors, iATAPILBA;
3279
3280 if (s->cNotifiedMediaChange > 0)
3281 {
3282 s->cNotifiedMediaChange-- ;
3283 atapiR3CmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
3284 break;
3285 }
3286 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
3287 {
3288 atapiR3CmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
3289 break;
3290 }
3291 if (pbPacket[0] == SCSI_READ_10)
3292 cSectors = scsiBE2H_U16(pbPacket + 7);
3293 else
3294 cSectors = scsiBE2H_U32(pbPacket + 6);
3295 iATAPILBA = scsiBE2H_U32(pbPacket + 2);
3296
3297 /* Check that the sector size is valid. */
3298 VDREGIONDATAFORM enmDataForm = VDREGIONDATAFORM_INVALID;
3299 int rc = s->pDrvMedia->pfnQueryRegionPropertiesForLba(s->pDrvMedia, iATAPILBA,
3300 NULL, NULL, NULL, &enmDataForm);
3301 AssertRC(rc);
3302 if ( enmDataForm != VDREGIONDATAFORM_MODE1_2048
3303 && enmDataForm != VDREGIONDATAFORM_MODE1_2352
3304 && enmDataForm != VDREGIONDATAFORM_MODE2_2336
3305 && enmDataForm != VDREGIONDATAFORM_MODE2_2352
3306 && enmDataForm != VDREGIONDATAFORM_RAW)
3307 {
3308 uint8_t abATAPISense[ATAPI_SENSE_SIZE];
3309 RT_ZERO(abATAPISense);
3310
3311 abATAPISense[0] = 0x70 | (1 << 7);
3312 abATAPISense[2] = (SCSI_SENSE_ILLEGAL_REQUEST & 0x0f) | SCSI_SENSE_FLAG_ILI;
3313 scsiH2BE_U32(&abATAPISense[3], iATAPILBA);
3314 abATAPISense[7] = 10;
3315 abATAPISense[12] = SCSI_ASC_ILLEGAL_MODE_FOR_THIS_TRACK;
3316 atapiR3CmdError(s, &abATAPISense[0], sizeof(abATAPISense));
3317 break;
3318 }
3319
3320 if (cSectors == 0)
3321 {
3322 atapiR3CmdOK(s);
3323 break;
3324 }
3325 if ((uint64_t)iATAPILBA + cSectors > s->cTotalSectors)
3326 {
3327 /* Rate limited logging, one log line per second. For
3328 * guests that insist on reading from places outside the
3329 * valid area this often generates too many release log
3330 * entries otherwise. */
3331 static uint64_t uLastLogTS = 0;
3332 if (RTTimeMilliTS() >= uLastLogTS + 1000)
3333 {
3334 LogRel(("PIIX3 ATA: LUN#%d: CD-ROM block number %Ld invalid (READ)\n", s->iLUN, (uint64_t)iATAPILBA + cSectors));
3335 uLastLogTS = RTTimeMilliTS();
3336 }
3337 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_LOGICAL_BLOCK_OOR);
3338 break;
3339 }
3340 atapiR3ReadSectors(s, iATAPILBA, cSectors, 2048);
3341 break;
3342 }
3343 case SCSI_READ_CD:
3344 {
3345 uint32_t cSectors, iATAPILBA;
3346
3347 if (s->cNotifiedMediaChange > 0)
3348 {
3349 s->cNotifiedMediaChange-- ;
3350 atapiR3CmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
3351 break;
3352 }
3353 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
3354 {
3355 atapiR3CmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
3356 break;
3357 }
3358 if ((pbPacket[10] & 0x7) != 0)
3359 {
3360 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
3361 break;
3362 }
3363 cSectors = (pbPacket[6] << 16) | (pbPacket[7] << 8) | pbPacket[8];
3364 iATAPILBA = scsiBE2H_U32(pbPacket + 2);
3365 if (cSectors == 0)
3366 {
3367 atapiR3CmdOK(s);
3368 break;
3369 }
3370 if ((uint64_t)iATAPILBA + cSectors > s->cTotalSectors)
3371 {
3372 /* Rate limited logging, one log line per second. For
3373 * guests that insist on reading from places outside the
3374 * valid area this often generates too many release log
3375 * entries otherwise. */
3376 static uint64_t uLastLogTS = 0;
3377 if (RTTimeMilliTS() >= uLastLogTS + 1000)
3378 {
3379 LogRel(("PIIX3 ATA: LUN#%d: CD-ROM block number %Ld invalid (READ CD)\n", s->iLUN, (uint64_t)iATAPILBA + cSectors));
3380 uLastLogTS = RTTimeMilliTS();
3381 }
3382 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_LOGICAL_BLOCK_OOR);
3383 break;
3384 }
3385 /*
3386 * If the LBA is in an audio track we are required to ignore pretty much all
3387 * of the channel selection values (except 0x00) and map everything to 0x10
3388 * which means read user data with a sector size of 2352 bytes.
3389 *
3390 * (MMC-6 chapter 6.19.2.6)
3391 */
3392 uint8_t uChnSel = pbPacket[9] & 0xf8;
3393 VDREGIONDATAFORM enmDataForm;
3394 int rc = s->pDrvMedia->pfnQueryRegionPropertiesForLba(s->pDrvMedia, iATAPILBA,
3395 NULL, NULL, NULL, &enmDataForm);
3396 AssertRC(rc);
3397
3398 if (enmDataForm == VDREGIONDATAFORM_CDDA)
3399 {
3400 if (uChnSel == 0)
3401 {
3402 /* nothing */
3403 atapiR3CmdOK(s);
3404 }
3405 else
3406 atapiR3ReadSectors(s, iATAPILBA, cSectors, 2352);
3407 }
3408 else
3409 {
3410 switch (uChnSel)
3411 {
3412 case 0x00:
3413 /* nothing */
3414 atapiR3CmdOK(s);
3415 break;
3416 case 0x10:
3417 /* normal read */
3418 atapiR3ReadSectors(s, iATAPILBA, cSectors, 2048);
3419 break;
3420 case 0xf8:
3421 /* read all data */
3422 atapiR3ReadSectors(s, iATAPILBA, cSectors, 2352);
3423 break;
3424 default:
3425 LogRel(("PIIX3 ATA: LUN#%d: CD-ROM sector format not supported (%#x)\n", s->iLUN, pbPacket[9] & 0xf8));
3426 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
3427 break;
3428 }
3429 }
3430 break;
3431 }
3432 case SCSI_SEEK_10:
3433 {
3434 uint32_t iATAPILBA;
3435 if (s->cNotifiedMediaChange > 0)
3436 {
3437 s->cNotifiedMediaChange-- ;
3438 atapiR3CmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
3439 break;
3440 }
3441 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
3442 {
3443 atapiR3CmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
3444 break;
3445 }
3446 iATAPILBA = scsiBE2H_U32(pbPacket + 2);
3447 if (iATAPILBA > s->cTotalSectors)
3448 {
3449 /* Rate limited logging, one log line per second. For
3450 * guests that insist on seeking to places outside the
3451 * valid area this often generates too many release log
3452 * entries otherwise. */
3453 static uint64_t uLastLogTS = 0;
3454 if (RTTimeMilliTS() >= uLastLogTS + 1000)
3455 {
3456 LogRel(("PIIX3 ATA: LUN#%d: CD-ROM block number %Ld invalid (SEEK)\n", s->iLUN, (uint64_t)iATAPILBA));
3457 uLastLogTS = RTTimeMilliTS();
3458 }
3459 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_LOGICAL_BLOCK_OOR);
3460 break;
3461 }
3462 atapiR3CmdOK(s);
3463 ataSetStatus(s, ATA_STAT_SEEK); /* Linux expects this. */
3464 break;
3465 }
3466 case SCSI_START_STOP_UNIT:
3467 {
3468 int rc = VINF_SUCCESS;
3469 switch (pbPacket[4] & 3)
3470 {
3471 case 0: /* 00 - Stop motor */
3472 case 1: /* 01 - Start motor */
3473 break;
3474 case 2: /* 10 - Eject media */
3475 {
3476 /* This must be done from EMT. */
3477 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
3478 PPDMDEVINS pDevIns = ATADEVSTATE_2_DEVINS(s);
3479 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
3480
3481 ataR3LockLeave(pCtl);
3482 rc = VMR3ReqPriorityCallWait(PDMDevHlpGetVM(pDevIns), VMCPUID_ANY,
3483 (PFNRT)s->pDrvMount->pfnUnmount, 3,
3484 s->pDrvMount, false /*=fForce*/, true /*=fEject*/);
3485 Assert(RT_SUCCESS(rc) || rc == VERR_PDM_MEDIA_LOCKED || rc == VERR_PDM_MEDIA_NOT_MOUNTED);
3486 if (RT_SUCCESS(rc) && pThis->pMediaNotify)
3487 {
3488 rc = VMR3ReqCallNoWait(PDMDevHlpGetVM(pDevIns), VMCPUID_ANY,
3489 (PFNRT)pThis->pMediaNotify->pfnEjected, 2,
3490 pThis->pMediaNotify, s->iLUN);
3491 AssertRC(rc);
3492 }
3493
3494 ataR3LockEnter(pCtl);
3495 break;
3496 }
3497 case 3: /* 11 - Load media */
3498 /** @todo rc = s->pDrvMount->pfnLoadMedia(s->pDrvMount) */
3499 break;
3500 }
3501 if (RT_SUCCESS(rc))
3502 atapiR3CmdOK(s);
3503 else
3504 atapiR3CmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIA_LOAD_OR_EJECT_FAILED);
3505 break;
3506 }
3507 case SCSI_MECHANISM_STATUS:
3508 {
3509 cbMax = scsiBE2H_U16(pbPacket + 8);
3510 ataR3StartTransfer(s, RT_MIN(cbMax, 8), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_MECHANISM_STATUS, true);
3511 break;
3512 }
3513 case SCSI_READ_TOC_PMA_ATIP:
3514 {
3515 uint8_t format;
3516
3517 if (s->cNotifiedMediaChange > 0)
3518 {
3519 s->cNotifiedMediaChange-- ;
3520 atapiR3CmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
3521 break;
3522 }
3523 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
3524 {
3525 atapiR3CmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
3526 break;
3527 }
3528 cbMax = scsiBE2H_U16(pbPacket + 7);
3529 /* SCSI MMC-3 spec says format is at offset 2 (lower 4 bits),
3530 * but Linux kernel uses offset 9 (topmost 2 bits). Hope that
3531 * the other field is clear... */
3532 format = (pbPacket[2] & 0xf) | (pbPacket[9] >> 6);
3533 switch (format)
3534 {
3535 case 0:
3536 ataR3StartTransfer(s, cbMax, PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_TOC_NORMAL, true);
3537 break;
3538 case 1:
3539 ataR3StartTransfer(s, RT_MIN(cbMax, 12), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_TOC_MULTI, true);
3540 break;
3541 case 2:
3542 ataR3StartTransfer(s, cbMax, PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_TOC_RAW, true);
3543 break;
3544 default:
3545 error_cmd:
3546 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
3547 break;
3548 }
3549 break;
3550 }
3551 case SCSI_READ_CAPACITY:
3552 if (s->cNotifiedMediaChange > 0)
3553 {
3554 s->cNotifiedMediaChange-- ;
3555 atapiR3CmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
3556 break;
3557 }
3558 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
3559 {
3560 atapiR3CmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
3561 break;
3562 }
3563 ataR3StartTransfer(s, 8, PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_CAPACITY, true);
3564 break;
3565 case SCSI_READ_DISC_INFORMATION:
3566 if (s->cNotifiedMediaChange > 0)
3567 {
3568 s->cNotifiedMediaChange-- ;
3569 atapiR3CmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
3570 break;
3571 }
3572 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
3573 {
3574 atapiR3CmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
3575 break;
3576 }
3577 cbMax = scsiBE2H_U16(pbPacket + 7);
3578 ataR3StartTransfer(s, RT_MIN(cbMax, 34), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_DISC_INFORMATION, true);
3579 break;
3580 case SCSI_READ_TRACK_INFORMATION:
3581 if (s->cNotifiedMediaChange > 0)
3582 {
3583 s->cNotifiedMediaChange-- ;
3584 atapiR3CmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
3585 break;
3586 }
3587 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
3588 {
3589 atapiR3CmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
3590 break;
3591 }
3592 cbMax = scsiBE2H_U16(pbPacket + 7);
3593 ataR3StartTransfer(s, RT_MIN(cbMax, 36), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_TRACK_INFORMATION, true);
3594 break;
3595 case SCSI_GET_CONFIGURATION:
3596 /* No media change stuff here, it can confuse Linux guests. */
3597 cbMax = scsiBE2H_U16(pbPacket + 7);
3598 ataR3StartTransfer(s, RT_MIN(cbMax, 80), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_GET_CONFIGURATION, true);
3599 break;
3600 case SCSI_INQUIRY:
3601 cbMax = scsiBE2H_U16(pbPacket + 3);
3602 ataR3StartTransfer(s, RT_MIN(cbMax, 36), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_INQUIRY, true);
3603 break;
3604 case SCSI_READ_DVD_STRUCTURE:
3605 {
3606 cbMax = scsiBE2H_U16(pbPacket + 8);
3607 ataR3StartTransfer(s, RT_MIN(cbMax, 4), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_DVD_STRUCTURE, true);
3608 break;
3609 }
3610 default:
3611 atapiR3CmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_ILLEGAL_OPCODE);
3612 break;
3613 }
3614}
3615
3616
3617/*
3618 * Parse ATAPI commands, passing them directly to the CD/DVD drive.
3619 */
3620static void atapiR3ParseCmdPassthrough(ATADevState *s)
3621{
3622 const uint8_t *pbPacket = &s->aATAPICmd[0];
3623
3624 /* Some cases we have to handle here. */
3625 if ( pbPacket[0] == SCSI_GET_EVENT_STATUS_NOTIFICATION
3626 && ASMAtomicReadU32(&s->MediaEventStatus) != ATA_EVENT_STATUS_UNCHANGED)
3627 {
3628 uint32_t cbTransfer = scsiBE2H_U16(pbPacket + 7);
3629 ataR3StartTransfer(s, RT_MIN(cbTransfer, 8), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_GET_EVENT_STATUS_NOTIFICATION, true);
3630 }
3631 else if ( pbPacket[0] == SCSI_REQUEST_SENSE
3632 && (s->abATAPISense[2] & 0x0f) != SCSI_SENSE_NONE)
3633 ataR3StartTransfer(s, RT_MIN(pbPacket[4], 18), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_REQUEST_SENSE, true);
3634 else
3635 {
3636 size_t cbBuf = 0;
3637 size_t cbATAPISector = 0;
3638 size_t cbTransfer = 0;
3639 PDMMEDIATXDIR uTxDir = PDMMEDIATXDIR_NONE;
3640 uint8_t u8ScsiSts = SCSI_STATUS_OK;
3641
3642 if (pbPacket[0] == SCSI_FORMAT_UNIT || pbPacket[0] == SCSI_GET_PERFORMANCE)
3643 cbBuf = s->uATARegLCyl | (s->uATARegHCyl << 8); /* use ATAPI transfer length */
3644
3645 bool fPassthrough = ATAPIPassthroughParseCdb(pbPacket, sizeof(s->aATAPICmd), cbBuf, s->pTrackList,
3646 &s->abATAPISense[0], sizeof(s->abATAPISense), &uTxDir, &cbTransfer,
3647 &cbATAPISector, &u8ScsiSts);
3648 if (fPassthrough)
3649 {
3650 s->cbATAPISector = (uint32_t)cbATAPISector;
3651 Assert(s->cbATAPISector == (uint32_t)cbATAPISector);
3652 Assert(cbTransfer == (uint32_t)cbTransfer);
3653
3654 /*
3655 * Send a command to the drive, passing data in/out as required.
3656 * Commands which exceed the I/O buffer size are split below
3657 * or aborted if splitting is not implemented.
3658 */
3659 Log2(("ATAPI PT: max size %d\n", cbTransfer));
3660 if (cbTransfer == 0)
3661 uTxDir = PDMMEDIATXDIR_NONE;
3662 ataR3StartTransfer(s, (uint32_t)cbTransfer, uTxDir, ATAFN_BT_ATAPI_PASSTHROUGH_CMD, ATAFN_SS_ATAPI_PASSTHROUGH, true);
3663 }
3664 else if (u8ScsiSts == SCSI_STATUS_CHECK_CONDITION)
3665 {
3666 /* Sense data is already set, end the request and notify the guest. */
3667 Log(("%s: sense=%#x (%s) asc=%#x ascq=%#x (%s)\n", __FUNCTION__, s->abATAPISense[2] & 0x0f, SCSISenseText(s->abATAPISense[2] & 0x0f),
3668 s->abATAPISense[12], s->abATAPISense[13], SCSISenseExtText(s->abATAPISense[12], s->abATAPISense[13])));
3669 s->uATARegError = s->abATAPISense[2] << 4;
3670 ataSetStatusValue(s, ATA_STAT_READY | ATA_STAT_ERR);
3671 s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
3672 Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
3673 s->cbTotalTransfer = 0;
3674 s->cbElementaryTransfer = 0;
3675 s->cbAtapiPassthroughTransfer = 0;
3676 s->iIOBufferCur = 0;
3677 s->iIOBufferEnd = 0;
3678 s->uTxDir = PDMMEDIATXDIR_NONE;
3679 s->iBeginTransfer = ATAFN_BT_NULL;
3680 s->iSourceSink = ATAFN_SS_NULL;
3681 }
3682 else if (u8ScsiSts == SCSI_STATUS_OK)
3683 atapiR3CmdOK(s);
3684 }
3685}
3686
3687
3688static void atapiR3ParseCmd(ATADevState *s)
3689{
3690 const uint8_t *pbPacket;
3691
3692 pbPacket = s->aATAPICmd;
3693# ifdef DEBUG
3694 Log(("%s: LUN#%d DMA=%d CMD=%#04x \"%s\"\n", __FUNCTION__, s->iLUN, s->fDMA, pbPacket[0], SCSICmdText(pbPacket[0])));
3695# else /* !DEBUG */
3696 Log(("%s: LUN#%d DMA=%d CMD=%#04x\n", __FUNCTION__, s->iLUN, s->fDMA, pbPacket[0]));
3697# endif /* !DEBUG */
3698 Log2(("%s: limit=%#x packet: %.*Rhxs\n", __FUNCTION__, s->uATARegLCyl | (s->uATARegHCyl << 8), ATAPI_PACKET_SIZE, pbPacket));
3699
3700 if (s->fATAPIPassthrough)
3701 atapiR3ParseCmdPassthrough(s);
3702 else
3703 atapiR3ParseCmdVirtualATAPI(s);
3704}
3705
3706
3707static bool ataR3PacketSS(ATADevState *s)
3708{
3709 s->fDMA = !!(s->uATARegFeature & 1);
3710 memcpy(s->aATAPICmd, s->CTX_SUFF(pbIOBuffer), ATAPI_PACKET_SIZE);
3711 s->uTxDir = PDMMEDIATXDIR_NONE;
3712 s->cbTotalTransfer = 0;
3713 s->cbElementaryTransfer = 0;
3714 s->cbAtapiPassthroughTransfer = 0;
3715 atapiR3ParseCmd(s);
3716 return false;
3717}
3718
3719
3720/**
3721 * SCSI_GET_EVENT_STATUS_NOTIFICATION should return "medium removed" event
3722 * from now on, regardless if there was a medium inserted or not.
3723 */
3724static void ataR3MediumRemoved(ATADevState *s)
3725{
3726 ASMAtomicWriteU32(&s->MediaEventStatus, ATA_EVENT_STATUS_MEDIA_REMOVED);
3727}
3728
3729
3730/**
3731 * SCSI_GET_EVENT_STATUS_NOTIFICATION should return "medium inserted". If
3732 * there was already a medium inserted, don't forget to send the "medium
3733 * removed" event first.
3734 */
3735static void ataR3MediumInserted(ATADevState *s)
3736{
3737 uint32_t OldStatus, NewStatus;
3738 do
3739 {
3740 OldStatus = ASMAtomicReadU32(&s->MediaEventStatus);
3741 switch (OldStatus)
3742 {
3743 case ATA_EVENT_STATUS_MEDIA_CHANGED:
3744 case ATA_EVENT_STATUS_MEDIA_REMOVED:
3745 /* no change, we will send "medium removed" + "medium inserted" */
3746 NewStatus = ATA_EVENT_STATUS_MEDIA_CHANGED;
3747 break;
3748 default:
3749 NewStatus = ATA_EVENT_STATUS_MEDIA_NEW;
3750 break;
3751 }
3752 } while (!ASMAtomicCmpXchgU32(&s->MediaEventStatus, NewStatus, OldStatus));
3753}
3754
3755
3756/**
3757 * @interface_method_impl{PDMIMOUNTNOTIFY,pfnMountNotify}
3758 */
3759static DECLCALLBACK(void) ataR3MountNotify(PPDMIMOUNTNOTIFY pInterface)
3760{
3761 ATADevState *pIf = RT_FROM_MEMBER(pInterface, ATADevState, IMountNotify);
3762 Log(("%s: changing LUN#%d\n", __FUNCTION__, pIf->iLUN));
3763
3764 /* Ignore the call if we're called while being attached. */
3765 if (!pIf->pDrvMedia)
3766 return;
3767
3768 uint32_t cRegions = pIf->pDrvMedia->pfnGetRegionCount(pIf->pDrvMedia);
3769 for (uint32_t i = 0; i < cRegions; i++)
3770 {
3771 uint64_t cBlocks = 0;
3772 int rc = pIf->pDrvMedia->pfnQueryRegionProperties(pIf->pDrvMedia, i, NULL, &cBlocks,
3773 NULL, NULL);
3774 AssertRC(rc);
3775 pIf->cTotalSectors += cBlocks;
3776 }
3777
3778 LogRel(("PIIX3 ATA: LUN#%d: CD/DVD, total number of sectors %Ld, passthrough unchanged\n", pIf->iLUN, pIf->cTotalSectors));
3779
3780 /* Report media changed in TEST UNIT and other (probably incorrect) places. */
3781 if (pIf->cNotifiedMediaChange < 2)
3782 pIf->cNotifiedMediaChange = 1;
3783 ataR3MediumInserted(pIf);
3784 ataR3MediumTypeSet(pIf, ATA_MEDIA_TYPE_UNKNOWN);
3785}
3786
3787/**
3788 * @interface_method_impl{PDMIMOUNTNOTIFY,pfnUnmountNotify}
3789 */
3790static DECLCALLBACK(void) ataR3UnmountNotify(PPDMIMOUNTNOTIFY pInterface)
3791{
3792 ATADevState *pIf = RT_FROM_MEMBER(pInterface, ATADevState, IMountNotify);
3793 Log(("%s:\n", __FUNCTION__));
3794 pIf->cTotalSectors = 0;
3795
3796 /*
3797 * Whatever I do, XP will not use the GET MEDIA STATUS nor the EVENT stuff.
3798 * However, it will respond to TEST UNIT with a 0x6 0x28 (media changed) sense code.
3799 * So, we'll give it 4 TEST UNIT command to catch up, two which the media is not
3800 * present and 2 in which it is changed.
3801 */
3802 pIf->cNotifiedMediaChange = 1;
3803 ataR3MediumRemoved(pIf);
3804 ataR3MediumTypeSet(pIf, ATA_MEDIA_NO_DISC);
3805}
3806
3807static void ataR3PacketBT(ATADevState *s)
3808{
3809 s->cbElementaryTransfer = s->cbTotalTransfer;
3810 s->cbAtapiPassthroughTransfer = s->cbTotalTransfer;
3811 s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_CD;
3812 Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
3813 ataSetStatusValue(s, ATA_STAT_READY);
3814}
3815
3816
3817static void ataR3ResetDevice(ATADevState *s)
3818{
3819 s->cMultSectors = ATA_MAX_MULT_SECTORS;
3820 s->cNotifiedMediaChange = 0;
3821 ASMAtomicWriteU32(&s->MediaEventStatus, ATA_EVENT_STATUS_UNCHANGED);
3822 ASMAtomicWriteU32(&s->MediaTrackType, ATA_MEDIA_TYPE_UNKNOWN);
3823 ataUnsetIRQ(s);
3824
3825 s->uATARegSelect = 0x20;
3826 ataSetStatusValue(s, ATA_STAT_READY);
3827 ataR3SetSignature(s);
3828 s->cbTotalTransfer = 0;
3829 s->cbElementaryTransfer = 0;
3830 s->cbAtapiPassthroughTransfer = 0;
3831 s->iIOBufferPIODataStart = 0;
3832 s->iIOBufferPIODataEnd = 0;
3833 s->iBeginTransfer = ATAFN_BT_NULL;
3834 s->iSourceSink = ATAFN_SS_NULL;
3835 s->fDMA = false;
3836 s->fATAPITransfer = false;
3837 s->uATATransferMode = ATA_MODE_UDMA | 2; /* PIIX3 supports only up to UDMA2 */
3838
3839 s->uATARegFeature = 0;
3840}
3841
3842
3843static bool ataR3ExecuteDeviceDiagnosticSS(ATADevState *s)
3844{
3845 ataR3SetSignature(s);
3846 if (s->fATAPI)
3847 ataSetStatusValue(s, 0); /* NOTE: READY is _not_ set */
3848 else
3849 ataSetStatusValue(s, ATA_STAT_READY | ATA_STAT_SEEK);
3850 s->uATARegError = 0x01;
3851 return false;
3852}
3853
3854
3855static int ataR3TrimSectors(ATADevState *s, uint64_t u64Sector, uint32_t cSectors,
3856 bool *pfRedo)
3857{
3858 RTRANGE TrimRange;
3859 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
3860 int rc;
3861
3862 ataR3LockLeave(pCtl);
3863
3864 TrimRange.offStart = u64Sector * s->cbSector;
3865 TrimRange.cbRange = cSectors * s->cbSector;
3866
3867 s->Led.Asserted.s.fWriting = s->Led.Actual.s.fWriting = 1;
3868 rc = s->pDrvMedia->pfnDiscard(s->pDrvMedia, &TrimRange, 1);
3869 s->Led.Actual.s.fWriting = 0;
3870
3871 if (RT_SUCCESS(rc))
3872 *pfRedo = false;
3873 else
3874 *pfRedo = ataR3IsRedoSetWarning(s, rc);
3875
3876 ataR3LockEnter(pCtl);
3877 return rc;
3878}
3879
3880
3881static bool ataR3TrimSS(ATADevState *s)
3882{
3883 int rc = VERR_GENERAL_FAILURE;
3884 uint32_t cRangesMax;
3885 uint64_t *pu64Range = (uint64_t *)s->CTX_SUFF(pbIOBuffer);
3886 bool fRedo = false;
3887
3888 cRangesMax = s->cbElementaryTransfer / sizeof(uint64_t);
3889 Assert(cRangesMax);
3890
3891 while (cRangesMax-- > 0)
3892 {
3893 if (ATA_RANGE_LENGTH_GET(*pu64Range) == 0)
3894 break;
3895
3896 rc = ataR3TrimSectors(s, *pu64Range & ATA_RANGE_LBA_MASK,
3897 ATA_RANGE_LENGTH_GET(*pu64Range), &fRedo);
3898 if (RT_FAILURE(rc))
3899 break;
3900
3901 pu64Range++;
3902 }
3903
3904 if (RT_SUCCESS(rc))
3905 {
3906 s->iSourceSink = ATAFN_SS_NULL;
3907 ataR3CmdOK(s, ATA_STAT_SEEK);
3908 }
3909 else
3910 {
3911 if (fRedo)
3912 return fRedo;
3913 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
3914 LogRel(("PIIX3 ATA: LUN#%d: disk trim error (rc=%Rrc iSector=%#RX64 cSectors=%#RX32)\n",
3915 s->iLUN, rc, *pu64Range & ATA_RANGE_LBA_MASK, ATA_RANGE_LENGTH_GET(*pu64Range)));
3916
3917 /*
3918 * Check if we got interrupted. We don't need to set status variables
3919 * because the request was aborted.
3920 */
3921 if (rc != VERR_INTERRUPTED)
3922 ataR3CmdError(s, ID_ERR);
3923 }
3924
3925 return false;
3926}
3927
3928
3929static void ataR3ParseCmd(ATADevState *s, uint8_t cmd)
3930{
3931# ifdef DEBUG
3932 Log(("%s: LUN#%d CMD=%#04x \"%s\"\n", __FUNCTION__, s->iLUN, cmd, ATACmdText(cmd)));
3933# else /* !DEBUG */
3934 Log(("%s: LUN#%d CMD=%#04x\n", __FUNCTION__, s->iLUN, cmd));
3935# endif /* !DEBUG */
3936 s->fLBA48 = false;
3937 s->fDMA = false;
3938 if (cmd == ATA_IDLE_IMMEDIATE)
3939 {
3940 /* Detect Linux timeout recovery, first tries IDLE IMMEDIATE (which
3941 * would overwrite the failing command unfortunately), then RESET. */
3942 int32_t uCmdWait = -1;
3943 uint64_t uNow = RTTimeNanoTS();
3944 if (s->u64CmdTS)
3945 uCmdWait = (uNow - s->u64CmdTS) / 1000;
3946 LogRel(("PIIX3 ATA: LUN#%d: IDLE IMMEDIATE, CmdIf=%#04x (%d usec ago)\n",
3947 s->iLUN, s->uATARegCommand, uCmdWait));
3948 }
3949 s->uATARegCommand = cmd;
3950 switch (cmd)
3951 {
3952 case ATA_IDENTIFY_DEVICE:
3953 if (s->pDrvMedia && !s->fATAPI)
3954 ataR3StartTransfer(s, 512, PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_NULL, ATAFN_SS_IDENTIFY, false);
3955 else
3956 {
3957 if (s->fATAPI)
3958 ataR3SetSignature(s);
3959 ataR3CmdError(s, ABRT_ERR);
3960 ataUnsetStatus(s, ATA_STAT_READY);
3961 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
3962 }
3963 break;
3964 case ATA_RECALIBRATE:
3965 if (s->fATAPI)
3966 goto abort_cmd;
3967 RT_FALL_THRU();
3968 case ATA_INITIALIZE_DEVICE_PARAMETERS:
3969 ataR3CmdOK(s, ATA_STAT_SEEK);
3970 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
3971 break;
3972 case ATA_SET_MULTIPLE_MODE:
3973 if ( s->uATARegNSector != 0
3974 && ( s->uATARegNSector > ATA_MAX_MULT_SECTORS
3975 || (s->uATARegNSector & (s->uATARegNSector - 1)) != 0))
3976 {
3977 ataR3CmdError(s, ABRT_ERR);
3978 }
3979 else
3980 {
3981 Log2(("%s: set multi sector count to %d\n", __FUNCTION__, s->uATARegNSector));
3982 s->cMultSectors = s->uATARegNSector;
3983 ataR3CmdOK(s, 0);
3984 }
3985 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
3986 break;
3987 case ATA_READ_VERIFY_SECTORS_EXT:
3988 s->fLBA48 = true;
3989 RT_FALL_THRU();
3990 case ATA_READ_VERIFY_SECTORS:
3991 case ATA_READ_VERIFY_SECTORS_WITHOUT_RETRIES:
3992 /* do sector number check ? */
3993 ataR3CmdOK(s, ATA_STAT_SEEK);
3994 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
3995 break;
3996 case ATA_READ_SECTORS_EXT:
3997 s->fLBA48 = true;
3998 RT_FALL_THRU();
3999 case ATA_READ_SECTORS:
4000 case ATA_READ_SECTORS_WITHOUT_RETRIES:
4001 if (!s->pDrvMedia || s->fATAPI)
4002 goto abort_cmd;
4003 s->cSectorsPerIRQ = 1;
4004 ataR3StartTransfer(s, ataR3GetNSectors(s) * s->cbSector, PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_READ_SECTORS, false);
4005 break;
4006 case ATA_WRITE_SECTORS_EXT:
4007 s->fLBA48 = true;
4008 RT_FALL_THRU();
4009 case ATA_WRITE_SECTORS:
4010 case ATA_WRITE_SECTORS_WITHOUT_RETRIES:
4011 if (!s->pDrvMedia || s->fATAPI)
4012 goto abort_cmd;
4013 s->cSectorsPerIRQ = 1;
4014 ataR3StartTransfer(s, ataR3GetNSectors(s) * s->cbSector, PDMMEDIATXDIR_TO_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_WRITE_SECTORS, false);
4015 break;
4016 case ATA_READ_MULTIPLE_EXT:
4017 s->fLBA48 = true;
4018 RT_FALL_THRU();
4019 case ATA_READ_MULTIPLE:
4020 if (!s->pDrvMedia || !s->cMultSectors || s->fATAPI)
4021 goto abort_cmd;
4022 s->cSectorsPerIRQ = s->cMultSectors;
4023 ataR3StartTransfer(s, ataR3GetNSectors(s) * s->cbSector, PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_READ_SECTORS, false);
4024 break;
4025 case ATA_WRITE_MULTIPLE_EXT:
4026 s->fLBA48 = true;
4027 RT_FALL_THRU();
4028 case ATA_WRITE_MULTIPLE:
4029 if (!s->pDrvMedia || !s->cMultSectors || s->fATAPI)
4030 goto abort_cmd;
4031 s->cSectorsPerIRQ = s->cMultSectors;
4032 ataR3StartTransfer(s, ataR3GetNSectors(s) * s->cbSector, PDMMEDIATXDIR_TO_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_WRITE_SECTORS, false);
4033 break;
4034 case ATA_READ_DMA_EXT:
4035 s->fLBA48 = true;
4036 RT_FALL_THRU();
4037 case ATA_READ_DMA:
4038 case ATA_READ_DMA_WITHOUT_RETRIES:
4039 if (!s->pDrvMedia || s->fATAPI)
4040 goto abort_cmd;
4041 s->cSectorsPerIRQ = ATA_MAX_MULT_SECTORS;
4042 s->fDMA = true;
4043 ataR3StartTransfer(s, ataR3GetNSectors(s) * s->cbSector, PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_READ_SECTORS, false);
4044 break;
4045 case ATA_WRITE_DMA_EXT:
4046 s->fLBA48 = true;
4047 RT_FALL_THRU();
4048 case ATA_WRITE_DMA:
4049 case ATA_WRITE_DMA_WITHOUT_RETRIES:
4050 if (!s->pDrvMedia || s->fATAPI)
4051 goto abort_cmd;
4052 s->cSectorsPerIRQ = ATA_MAX_MULT_SECTORS;
4053 s->fDMA = true;
4054 ataR3StartTransfer(s, ataR3GetNSectors(s) * s->cbSector, PDMMEDIATXDIR_TO_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_WRITE_SECTORS, false);
4055 break;
4056 case ATA_READ_NATIVE_MAX_ADDRESS_EXT:
4057 s->fLBA48 = true;
4058 ataR3SetSector(s, s->cTotalSectors - 1);
4059 ataR3CmdOK(s, 0);
4060 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4061 break;
4062 case ATA_SEEK: /* Used by the SCO OpenServer. Command is marked as obsolete */
4063 ataR3CmdOK(s, 0);
4064 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4065 break;
4066 case ATA_READ_NATIVE_MAX_ADDRESS:
4067 ataR3SetSector(s, RT_MIN(s->cTotalSectors, 1 << 28) - 1);
4068 ataR3CmdOK(s, 0);
4069 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4070 break;
4071 case ATA_CHECK_POWER_MODE:
4072 s->uATARegNSector = 0xff; /* drive active or idle */
4073 ataR3CmdOK(s, 0);
4074 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4075 break;
4076 case ATA_SET_FEATURES:
4077 Log2(("%s: feature=%#x\n", __FUNCTION__, s->uATARegFeature));
4078 if (!s->pDrvMedia)
4079 goto abort_cmd;
4080 switch (s->uATARegFeature)
4081 {
4082 case 0x02: /* write cache enable */
4083 Log2(("%s: write cache enable\n", __FUNCTION__));
4084 ataR3CmdOK(s, ATA_STAT_SEEK);
4085 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4086 break;
4087 case 0xaa: /* read look-ahead enable */
4088 Log2(("%s: read look-ahead enable\n", __FUNCTION__));
4089 ataR3CmdOK(s, ATA_STAT_SEEK);
4090 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4091 break;
4092 case 0x55: /* read look-ahead disable */
4093 Log2(("%s: read look-ahead disable\n", __FUNCTION__));
4094 ataR3CmdOK(s, ATA_STAT_SEEK);
4095 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4096 break;
4097 case 0xcc: /* reverting to power-on defaults enable */
4098 Log2(("%s: revert to power-on defaults enable\n", __FUNCTION__));
4099 ataR3CmdOK(s, ATA_STAT_SEEK);
4100 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4101 break;
4102 case 0x66: /* reverting to power-on defaults disable */
4103 Log2(("%s: revert to power-on defaults disable\n", __FUNCTION__));
4104 ataR3CmdOK(s, ATA_STAT_SEEK);
4105 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4106 break;
4107 case 0x82: /* write cache disable */
4108 Log2(("%s: write cache disable\n", __FUNCTION__));
4109 /* As per the ATA/ATAPI-6 specs, a write cache disable
4110 * command MUST flush the write buffers to disc. */
4111 ataR3StartTransfer(s, 0, PDMMEDIATXDIR_NONE, ATAFN_BT_NULL, ATAFN_SS_FLUSH, false);
4112 break;
4113 case 0x03: { /* set transfer mode */
4114 Log2(("%s: transfer mode %#04x\n", __FUNCTION__, s->uATARegNSector));
4115 switch (s->uATARegNSector & 0xf8)
4116 {
4117 case 0x00: /* PIO default */
4118 case 0x08: /* PIO mode */
4119 break;
4120 case ATA_MODE_MDMA: /* MDMA mode */
4121 s->uATATransferMode = (s->uATARegNSector & 0xf8) | RT_MIN(s->uATARegNSector & 0x07, ATA_MDMA_MODE_MAX);
4122 break;
4123 case ATA_MODE_UDMA: /* UDMA mode */
4124 s->uATATransferMode = (s->uATARegNSector & 0xf8) | RT_MIN(s->uATARegNSector & 0x07, ATA_UDMA_MODE_MAX);
4125 break;
4126 default:
4127 goto abort_cmd;
4128 }
4129 ataR3CmdOK(s, ATA_STAT_SEEK);
4130 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4131 break;
4132 }
4133 default:
4134 goto abort_cmd;
4135 }
4136 /*
4137 * OS/2 workarond:
4138 * The OS/2 IDE driver from MCP2 appears to rely on the feature register being
4139 * reset here. According to the specification, this is a driver bug as the register
4140 * contents are undefined after the call. This means we can just as well reset it.
4141 */
4142 s->uATARegFeature = 0;
4143 break;
4144 case ATA_FLUSH_CACHE_EXT:
4145 case ATA_FLUSH_CACHE:
4146 if (!s->pDrvMedia || s->fATAPI)
4147 goto abort_cmd;
4148 ataR3StartTransfer(s, 0, PDMMEDIATXDIR_NONE, ATAFN_BT_NULL, ATAFN_SS_FLUSH, false);
4149 break;
4150 case ATA_STANDBY_IMMEDIATE:
4151 ataR3CmdOK(s, 0);
4152 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4153 break;
4154 case ATA_IDLE_IMMEDIATE:
4155 LogRel(("PIIX3 ATA: LUN#%d: aborting current command\n", s->iLUN));
4156 ataR3AbortCurrentCommand(s, false);
4157 break;
4158 case ATA_SLEEP:
4159 ataR3CmdOK(s, 0);
4160 ataHCSetIRQ(s);
4161 break;
4162 /* ATAPI commands */
4163 case ATA_IDENTIFY_PACKET_DEVICE:
4164 if (s->fATAPI)
4165 ataR3StartTransfer(s, 512, PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_NULL, ATAFN_SS_ATAPI_IDENTIFY, false);
4166 else
4167 {
4168 ataR3CmdError(s, ABRT_ERR);
4169 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4170 }
4171 break;
4172 case ATA_EXECUTE_DEVICE_DIAGNOSTIC:
4173 ataR3StartTransfer(s, 0, PDMMEDIATXDIR_NONE, ATAFN_BT_NULL, ATAFN_SS_EXECUTE_DEVICE_DIAGNOSTIC, false);
4174 break;
4175 case ATA_DEVICE_RESET:
4176 if (!s->fATAPI)
4177 goto abort_cmd;
4178 LogRel(("PIIX3 ATA: LUN#%d: performing device RESET\n", s->iLUN));
4179 ataR3AbortCurrentCommand(s, true);
4180 break;
4181 case ATA_PACKET:
4182 if (!s->fATAPI)
4183 goto abort_cmd;
4184 /* overlapping commands not supported */
4185 if (s->uATARegFeature & 0x02)
4186 goto abort_cmd;
4187 ataR3StartTransfer(s, ATAPI_PACKET_SIZE, PDMMEDIATXDIR_TO_DEVICE, ATAFN_BT_PACKET, ATAFN_SS_PACKET, false);
4188 break;
4189 case ATA_DATA_SET_MANAGEMENT:
4190 if (!s->pDrvMedia || !s->pDrvMedia->pfnDiscard)
4191 goto abort_cmd;
4192 if ( !(s->uATARegFeature & UINT8_C(0x01))
4193 || (s->uATARegFeature & ~UINT8_C(0x01)))
4194 goto abort_cmd;
4195 s->fDMA = true;
4196 ataR3StartTransfer(s, (s->uATARegNSectorHOB << 8 | s->uATARegNSector) * s->cbSector, PDMMEDIATXDIR_TO_DEVICE, ATAFN_BT_NULL, ATAFN_SS_TRIM, false);
4197 break;
4198 default:
4199 abort_cmd:
4200 ataR3CmdError(s, ABRT_ERR);
4201 if (s->fATAPI)
4202 ataUnsetStatus(s, ATA_STAT_READY);
4203 ataHCSetIRQ(s); /* Shortcut, do not use AIO thread. */
4204 break;
4205 }
4206}
4207
4208# endif /* IN_RING3 */
4209#endif /* IN_RING0 || IN_RING3 */
4210
4211/*
4212 * Note: There are four distinct cases of port I/O handling depending on
4213 * which devices (if any) are attached to an IDE channel:
4214 *
4215 * 1) No device attached. No response to writes or reads (i.e. reads return
4216 * all bits set).
4217 *
4218 * 2) Both devices attached. Reads and writes are processed normally.
4219 *
4220 * 3) Device 0 only. If device 0 is selected, normal behavior applies. But
4221 * if Device 1 is selected, writes are still directed to Device 0 (except
4222 * commands are not executed), reads from control/command registers are
4223 * directed to Device 0, but status/alt status reads return 0. If Device 1
4224 * is a PACKET device, all reads return 0. See ATAPI-6 clause 9.16.1 and
4225 * Table 18 in clause 7.1.
4226 *
4227 * 4) Device 1 only - non-standard(!). Device 1 can't tell if Device 0 is
4228 * present or not and behaves the same. That means if Device 0 is selected,
4229 * Device 1 responds to writes (except commands are not executed) but does
4230 * not respond to reads. If Device 1 selected, normal behavior applies.
4231 * See ATAPI-6 clause 9.16.2 and Table 15 in clause 7.1.
4232 */
4233
4234static int ataIOPortWriteU8(PATACONTROLLER pCtl, uint32_t addr, uint32_t val)
4235{
4236 Log2(("%s: LUN#%d write addr=%#x val=%#04x\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf].iLUN, addr, val));
4237 addr &= 7;
4238 switch (addr)
4239 {
4240 case 0:
4241 break;
4242 case 1: /* feature register */
4243 /* NOTE: data is written to the two drives */
4244 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
4245 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
4246 pCtl->aIfs[0].uATARegFeatureHOB = pCtl->aIfs[0].uATARegFeature;
4247 pCtl->aIfs[1].uATARegFeatureHOB = pCtl->aIfs[1].uATARegFeature;
4248 pCtl->aIfs[0].uATARegFeature = val;
4249 pCtl->aIfs[1].uATARegFeature = val;
4250 break;
4251 case 2: /* sector count */
4252 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
4253 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
4254 pCtl->aIfs[0].uATARegNSectorHOB = pCtl->aIfs[0].uATARegNSector;
4255 pCtl->aIfs[1].uATARegNSectorHOB = pCtl->aIfs[1].uATARegNSector;
4256 pCtl->aIfs[0].uATARegNSector = val;
4257 pCtl->aIfs[1].uATARegNSector = val;
4258 break;
4259 case 3: /* sector number */
4260 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
4261 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
4262 pCtl->aIfs[0].uATARegSectorHOB = pCtl->aIfs[0].uATARegSector;
4263 pCtl->aIfs[1].uATARegSectorHOB = pCtl->aIfs[1].uATARegSector;
4264 pCtl->aIfs[0].uATARegSector = val;
4265 pCtl->aIfs[1].uATARegSector = val;
4266 break;
4267 case 4: /* cylinder low */
4268 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
4269 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
4270 pCtl->aIfs[0].uATARegLCylHOB = pCtl->aIfs[0].uATARegLCyl;
4271 pCtl->aIfs[1].uATARegLCylHOB = pCtl->aIfs[1].uATARegLCyl;
4272 pCtl->aIfs[0].uATARegLCyl = val;
4273 pCtl->aIfs[1].uATARegLCyl = val;
4274 break;
4275 case 5: /* cylinder high */
4276 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
4277 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
4278 pCtl->aIfs[0].uATARegHCylHOB = pCtl->aIfs[0].uATARegHCyl;
4279 pCtl->aIfs[1].uATARegHCylHOB = pCtl->aIfs[1].uATARegHCyl;
4280 pCtl->aIfs[0].uATARegHCyl = val;
4281 pCtl->aIfs[1].uATARegHCyl = val;
4282 break;
4283 case 6: /* drive/head */
4284 pCtl->aIfs[0].uATARegSelect = (val & ~0x10) | 0xa0;
4285 pCtl->aIfs[1].uATARegSelect = (val | 0x10) | 0xa0;
4286 if (((val >> 4) & 1) != pCtl->iSelectedIf)
4287 {
4288 PPDMDEVINS pDevIns = CONTROLLER_2_DEVINS(pCtl);
4289
4290 /* select another drive */
4291 pCtl->iSelectedIf = (val >> 4) & 1;
4292 /* The IRQ line is multiplexed between the two drives, so
4293 * update the state when switching to another drive. Only need
4294 * to update interrupt line if it is enabled and there is a
4295 * state change. */
4296 if ( !(pCtl->aIfs[pCtl->iSelectedIf].uATARegDevCtl & ATA_DEVCTL_DISABLE_IRQ)
4297 && ( pCtl->aIfs[pCtl->iSelectedIf].fIrqPending
4298 != pCtl->aIfs[pCtl->iSelectedIf ^ 1].fIrqPending))
4299 {
4300 if (pCtl->aIfs[pCtl->iSelectedIf].fIrqPending)
4301 {
4302 Log2(("%s: LUN#%d asserting IRQ (drive select change)\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf].iLUN));
4303 /* The BMDMA unit unconditionally sets BM_STATUS_INT if
4304 * the interrupt line is asserted. It monitors the line
4305 * for a rising edge. */
4306 pCtl->BmDma.u8Status |= BM_STATUS_INT;
4307 if (pCtl->irq == 16)
4308 PDMDevHlpPCISetIrq(pDevIns, 0, 1);
4309 else
4310 PDMDevHlpISASetIrq(pDevIns, pCtl->irq, 1);
4311 }
4312 else
4313 {
4314 Log2(("%s: LUN#%d deasserting IRQ (drive select change)\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf].iLUN));
4315 if (pCtl->irq == 16)
4316 PDMDevHlpPCISetIrq(pDevIns, 0, 0);
4317 else
4318 PDMDevHlpISASetIrq(pDevIns, pCtl->irq, 0);
4319 }
4320 }
4321 }
4322 break;
4323 default:
4324 case 7: /* command */
4325 /* ignore commands to non-existent device */
4326 if (pCtl->iSelectedIf && !pCtl->aIfs[pCtl->iSelectedIf].pDrvMedia)
4327 break;
4328#ifndef IN_RING3
4329 /* Don't do anything complicated in GC */
4330 return VINF_IOM_R3_IOPORT_WRITE;
4331#else /* IN_RING3 */
4332 ataR3ParseCmd(&pCtl->aIfs[pCtl->iSelectedIf], val);
4333#endif /* !IN_RING3 */
4334 }
4335 return VINF_SUCCESS;
4336}
4337
4338
4339static int ataIOPortReadU8(PATACONTROLLER pCtl, uint32_t addr, uint32_t *pu32)
4340{
4341 ATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
4342 uint32_t val;
4343 bool fHOB;
4344
4345 /* Check if the guest is reading from a non-existent device. */
4346 if (!s->pDrvMedia)
4347 {
4348 if (pCtl->iSelectedIf) /* Device 1 selected, Device 0 responding for it. */
4349 {
4350 if (!pCtl->aIfs[0].pDrvMedia) /** @todo this case should never get here! */
4351 {
4352 Log2(("%s: addr=%#x: no device on channel\n", __FUNCTION__, addr));
4353 return VERR_IOM_IOPORT_UNUSED;
4354 }
4355 if (((addr & 7) != 1) && pCtl->aIfs[0].fATAPI) {
4356 Log2(("%s: addr=%#x, val=0: LUN#%d not attached/LUN#%d ATAPI\n", __FUNCTION__, addr,
4357 s->iLUN, pCtl->aIfs[0].iLUN));
4358 *pu32 = 0;
4359 return VINF_SUCCESS;
4360 }
4361 /* Else handle normally. */
4362 }
4363 else /* Device 0 selected (but not present). */
4364 {
4365 Log2(("%s: addr=%#x: LUN#%d not attached\n", __FUNCTION__, addr, s->iLUN));
4366 return VERR_IOM_IOPORT_UNUSED;
4367 }
4368 }
4369 fHOB = !!(s->uATARegDevCtl & (1 << 7));
4370 switch (addr & 7)
4371 {
4372 case 0: /* data register */
4373 val = 0xff;
4374 break;
4375 case 1: /* error register */
4376 /* The ATA specification is very terse when it comes to specifying
4377 * the precise effects of reading back the error/feature register.
4378 * The error register (read-only) shares the register number with
4379 * the feature register (write-only), so it seems that it's not
4380 * necessary to support the usual HOB readback here. */
4381 if (!s->pDrvMedia)
4382 val = 0;
4383 else
4384 val = s->uATARegError;
4385 break;
4386 case 2: /* sector count */
4387 if (fHOB)
4388 val = s->uATARegNSectorHOB;
4389 else
4390 val = s->uATARegNSector;
4391 break;
4392 case 3: /* sector number */
4393 if (fHOB)
4394 val = s->uATARegSectorHOB;
4395 else
4396 val = s->uATARegSector;
4397 break;
4398 case 4: /* cylinder low */
4399 if (fHOB)
4400 val = s->uATARegLCylHOB;
4401 else
4402 val = s->uATARegLCyl;
4403 break;
4404 case 5: /* cylinder high */
4405 if (fHOB)
4406 val = s->uATARegHCylHOB;
4407 else
4408 val = s->uATARegHCyl;
4409 break;
4410 case 6: /* drive/head */
4411 /* This register must always work as long as there is at least
4412 * one drive attached to the controller. It is common between
4413 * both drives anyway (completely identical content). */
4414 if (!pCtl->aIfs[0].pDrvMedia && !pCtl->aIfs[1].pDrvMedia)
4415 val = 0;
4416 else
4417 val = s->uATARegSelect;
4418 break;
4419 default:
4420 case 7: /* primary status */
4421 {
4422 /* Counter for number of busy status seen in GC in a row. */
4423 static unsigned cBusy = 0;
4424
4425 if (!s->pDrvMedia)
4426 val = 0;
4427 else
4428 val = s->uATARegStatus;
4429
4430 /* Give the async I/O thread an opportunity to make progress,
4431 * don't let it starve by guests polling frequently. EMT has a
4432 * lower priority than the async I/O thread, but sometimes the
4433 * host OS doesn't care. With some guests we are only allowed to
4434 * be busy for about 5 milliseconds in some situations. Note that
4435 * this is no guarantee for any other VBox thread getting
4436 * scheduled, so this just lowers the CPU load a bit when drives
4437 * are busy. It cannot help with timing problems. */
4438 if (val & ATA_STAT_BUSY)
4439 {
4440#ifdef IN_RING3
4441 cBusy = 0;
4442 ataR3LockLeave(pCtl);
4443
4444#ifndef RT_OS_WINDOWS
4445 /*
4446 * The thread might be stuck in an I/O operation
4447 * due to a high I/O load on the host. (see @bugref{3301})
4448 * To perform the reset successfully
4449 * we interrupt the operation by sending a signal to the thread
4450 * if the thread didn't responded in 10ms.
4451 * This works only on POSIX hosts (Windows has a CancelSynchronousIo function which
4452 * does the same but it was introduced with Vista) but so far
4453 * this hang was only observed on Linux and Mac OS X.
4454 *
4455 * This is a workaround and needs to be solved properly.
4456 */
4457 if (pCtl->fReset)
4458 {
4459 uint64_t u64ResetTimeStop = RTTimeMilliTS();
4460
4461 if ((u64ResetTimeStop - pCtl->u64ResetTime) >= 10)
4462 {
4463 LogRel(("PIIX3 ATA LUN#%d: Async I/O thread probably stuck in operation, interrupting\n", s->iLUN));
4464 pCtl->u64ResetTime = u64ResetTimeStop;
4465 RTThreadPoke(pCtl->AsyncIOThread);
4466 }
4467 }
4468#endif
4469
4470 RTThreadYield();
4471
4472 ataR3LockEnter(pCtl);
4473
4474 val = s->uATARegStatus;
4475#else /* !IN_RING3 */
4476 /* Cannot yield CPU in raw-mode and ring-0 context. And switching
4477 * to host context for each and every busy status is too costly,
4478 * especially on SMP systems where we don't gain much by
4479 * yielding the CPU to someone else. */
4480 if (++cBusy >= 20)
4481 {
4482 cBusy = 0;
4483 return VINF_IOM_R3_IOPORT_READ;
4484 }
4485#endif /* !IN_RING3 */
4486 }
4487 else
4488 cBusy = 0;
4489 ataUnsetIRQ(s);
4490 break;
4491 }
4492 }
4493 Log2(("%s: LUN#%d addr=%#x val=%#04x\n", __FUNCTION__, s->iLUN, addr, val));
4494 *pu32 = val;
4495 return VINF_SUCCESS;
4496}
4497
4498
4499static uint32_t ataStatusRead(PATACONTROLLER pCtl, uint32_t addr)
4500{
4501 ATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
4502 uint32_t val;
4503 RT_NOREF1(addr);
4504
4505 /// @todo The handler should not be even registered if there
4506 // is no device on an IDE channel.
4507 if (!pCtl->aIfs[0].pDrvMedia && !pCtl->aIfs[1].pDrvMedia)
4508 val = 0xff;
4509 else if (pCtl->iSelectedIf == 1 && !s->pDrvMedia)
4510 val = 0; /* Device 1 selected, Device 0 responding for it. */
4511 else
4512 val = s->uATARegStatus;
4513 Log2(("%s: addr=%#x val=%#04x\n", __FUNCTION__, addr, val));
4514 return val;
4515}
4516
4517static int ataControlWrite(PATACONTROLLER pCtl, uint32_t addr, uint32_t val)
4518{
4519 RT_NOREF1(addr);
4520#ifndef IN_RING3
4521 if ((val ^ pCtl->aIfs[0].uATARegDevCtl) & ATA_DEVCTL_RESET)
4522 return VINF_IOM_R3_IOPORT_WRITE; /* The RESET stuff is too complicated for RC+R0. */
4523#endif /* !IN_RING3 */
4524
4525 Log2(("%s: addr=%#x val=%#04x\n", __FUNCTION__, addr, val));
4526 /* RESET is common for both drives attached to a controller. */
4527 if ( !(pCtl->aIfs[0].uATARegDevCtl & ATA_DEVCTL_RESET)
4528 && (val & ATA_DEVCTL_RESET))
4529 {
4530#ifdef IN_RING3
4531 /* Software RESET low to high */
4532 int32_t uCmdWait0 = -1;
4533 int32_t uCmdWait1 = -1;
4534 uint64_t uNow = RTTimeNanoTS();
4535 if (pCtl->aIfs[0].u64CmdTS)
4536 uCmdWait0 = (uNow - pCtl->aIfs[0].u64CmdTS) / 1000;
4537 if (pCtl->aIfs[1].u64CmdTS)
4538 uCmdWait1 = (uNow - pCtl->aIfs[1].u64CmdTS) / 1000;
4539 LogRel(("PIIX3 ATA: Ctl#%d: RESET, DevSel=%d AIOIf=%d CmdIf0=%#04x (%d usec ago) CmdIf1=%#04x (%d usec ago)\n",
4540 ATACONTROLLER_IDX(pCtl), pCtl->iSelectedIf, pCtl->iAIOIf,
4541 pCtl->aIfs[0].uATARegCommand, uCmdWait0,
4542 pCtl->aIfs[1].uATARegCommand, uCmdWait1));
4543 pCtl->fReset = true;
4544 /* Everything must be done after the reset flag is set, otherwise
4545 * there are unavoidable races with the currently executing request
4546 * (which might just finish in the mean time). */
4547 pCtl->fChainedTransfer = false;
4548 for (uint32_t i = 0; i < RT_ELEMENTS(pCtl->aIfs); i++)
4549 {
4550 ataR3ResetDevice(&pCtl->aIfs[i]);
4551 /* The following cannot be done using ataSetStatusValue() since the
4552 * reset flag is already set, which suppresses all status changes. */
4553 pCtl->aIfs[i].uATARegStatus = ATA_STAT_BUSY | ATA_STAT_SEEK;
4554 Log2(("%s: LUN#%d status %#04x\n", __FUNCTION__, pCtl->aIfs[i].iLUN, pCtl->aIfs[i].uATARegStatus));
4555 pCtl->aIfs[i].uATARegError = 0x01;
4556 }
4557 pCtl->iSelectedIf = 0;
4558 ataR3AsyncIOClearRequests(pCtl);
4559 Log2(("%s: Ctl#%d: message to async I/O thread, resetA\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
4560 if (val & ATA_DEVCTL_HOB)
4561 {
4562 val &= ~ATA_DEVCTL_HOB;
4563 Log2(("%s: ignored setting HOB\n", __FUNCTION__));
4564 }
4565
4566 /* Save the timestamp we started the reset. */
4567 pCtl->u64ResetTime = RTTimeMilliTS();
4568
4569 /* Issue the reset request now. */
4570 ataHCAsyncIOPutRequest(pCtl, &g_ataResetARequest);
4571#else /* !IN_RING3 */
4572 AssertMsgFailed(("RESET handling is too complicated for GC\n"));
4573#endif /* IN_RING3 */
4574 }
4575 else if ( (pCtl->aIfs[0].uATARegDevCtl & ATA_DEVCTL_RESET)
4576 && !(val & ATA_DEVCTL_RESET))
4577 {
4578#ifdef IN_RING3
4579 /* Software RESET high to low */
4580 Log(("%s: deasserting RESET\n", __FUNCTION__));
4581 Log2(("%s: Ctl#%d: message to async I/O thread, resetC\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
4582 if (val & ATA_DEVCTL_HOB)
4583 {
4584 val &= ~ATA_DEVCTL_HOB;
4585 Log2(("%s: ignored setting HOB\n", __FUNCTION__));
4586 }
4587 ataHCAsyncIOPutRequest(pCtl, &g_ataResetCRequest);
4588#else /* !IN_RING3 */
4589 AssertMsgFailed(("RESET handling is too complicated for GC\n"));
4590#endif /* IN_RING3 */
4591 }
4592
4593 /* Change of interrupt disable flag. Update interrupt line if interrupt
4594 * is pending on the current interface. */
4595 if ( ((val ^ pCtl->aIfs[0].uATARegDevCtl) & ATA_DEVCTL_DISABLE_IRQ)
4596 && pCtl->aIfs[pCtl->iSelectedIf].fIrqPending)
4597 {
4598 if (!(val & ATA_DEVCTL_DISABLE_IRQ))
4599 {
4600 Log2(("%s: LUN#%d asserting IRQ (interrupt disable change)\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf].iLUN));
4601 /* The BMDMA unit unconditionally sets BM_STATUS_INT if the
4602 * interrupt line is asserted. It monitors the line for a rising
4603 * edge. */
4604 pCtl->BmDma.u8Status |= BM_STATUS_INT;
4605 if (pCtl->irq == 16)
4606 PDMDevHlpPCISetIrq(CONTROLLER_2_DEVINS(pCtl), 0, 1);
4607 else
4608 PDMDevHlpISASetIrq(CONTROLLER_2_DEVINS(pCtl), pCtl->irq, 1);
4609 }
4610 else
4611 {
4612 Log2(("%s: LUN#%d deasserting IRQ (interrupt disable change)\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf].iLUN));
4613 if (pCtl->irq == 16)
4614 PDMDevHlpPCISetIrq(CONTROLLER_2_DEVINS(pCtl), 0, 0);
4615 else
4616 PDMDevHlpISASetIrq(CONTROLLER_2_DEVINS(pCtl), pCtl->irq, 0);
4617 }
4618 }
4619
4620 if (val & ATA_DEVCTL_HOB)
4621 Log2(("%s: set HOB\n", __FUNCTION__));
4622
4623 pCtl->aIfs[0].uATARegDevCtl = val;
4624 pCtl->aIfs[1].uATARegDevCtl = val;
4625
4626 return VINF_SUCCESS;
4627}
4628
4629#if defined(IN_RING0) || defined(IN_RING3)
4630
4631static void ataHCPIOTransfer(PATACONTROLLER pCtl)
4632{
4633 ATADevState *s;
4634
4635 s = &pCtl->aIfs[pCtl->iAIOIf];
4636 Log3(("%s: if=%p\n", __FUNCTION__, s));
4637
4638 if (s->cbTotalTransfer && s->iIOBufferCur > s->iIOBufferEnd)
4639 {
4640# ifdef IN_RING3
4641 LogRel(("PIIX3 ATA: LUN#%d: %s data in the middle of a PIO transfer - VERY SLOW\n",
4642 s->iLUN, s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE ? "loading" : "storing"));
4643 /* Any guest OS that triggers this case has a pathetic ATA driver.
4644 * In a real system it would block the CPU via IORDY, here we do it
4645 * very similarly by not continuing with the current instruction
4646 * until the transfer to/from the storage medium is completed. */
4647 if (s->iSourceSink != ATAFN_SS_NULL)
4648 {
4649 bool fRedo;
4650 uint8_t status = s->uATARegStatus;
4651 ataSetStatusValue(s, ATA_STAT_BUSY);
4652 Log2(("%s: calling source/sink function\n", __FUNCTION__));
4653 fRedo = g_apfnSourceSinkFuncs[s->iSourceSink](s);
4654 pCtl->fRedo = fRedo;
4655 if (RT_UNLIKELY(fRedo))
4656 return;
4657 ataSetStatusValue(s, status);
4658 s->iIOBufferCur = 0;
4659 s->iIOBufferEnd = s->cbElementaryTransfer;
4660 }
4661# else
4662 AssertReleaseFailed();
4663# endif
4664 }
4665 if (s->cbTotalTransfer)
4666 {
4667 if (s->fATAPITransfer)
4668 ataHCPIOTransferLimitATAPI(s);
4669
4670 if (s->uTxDir == PDMMEDIATXDIR_TO_DEVICE && s->cbElementaryTransfer > s->cbTotalTransfer)
4671 s->cbElementaryTransfer = s->cbTotalTransfer;
4672
4673 Log2(("%s: %s tx_size=%d elem_tx_size=%d index=%d end=%d\n",
4674 __FUNCTION__, s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE ? "T2I" : "I2T",
4675 s->cbTotalTransfer, s->cbElementaryTransfer,
4676 s->iIOBufferCur, s->iIOBufferEnd));
4677 ataHCPIOTransferStart(s, s->iIOBufferCur, s->cbElementaryTransfer);
4678 s->cbTotalTransfer -= s->cbElementaryTransfer;
4679 s->iIOBufferCur += s->cbElementaryTransfer;
4680
4681 if (s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE && s->cbElementaryTransfer > s->cbTotalTransfer)
4682 s->cbElementaryTransfer = s->cbTotalTransfer;
4683 }
4684 else
4685 ataHCPIOTransferStop(s);
4686}
4687
4688
4689DECLINLINE(void) ataHCPIOTransferFinish(PATACONTROLLER pCtl, ATADevState *s)
4690{
4691 /* Do not interfere with RESET processing if the PIO transfer finishes
4692 * while the RESET line is asserted. */
4693 if (pCtl->fReset)
4694 {
4695 Log2(("%s: Ctl#%d: suppressed continuing PIO transfer as RESET is active\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
4696 return;
4697 }
4698
4699 if ( s->uTxDir == PDMMEDIATXDIR_TO_DEVICE
4700 || ( s->iSourceSink != ATAFN_SS_NULL
4701 && s->iIOBufferCur >= s->iIOBufferEnd))
4702 {
4703 /* Need to continue the transfer in the async I/O thread. This is
4704 * the case for write operations or generally for not yet finished
4705 * transfers (some data might need to be read). */
4706 ataUnsetStatus(s, ATA_STAT_READY | ATA_STAT_DRQ);
4707 ataSetStatus(s, ATA_STAT_BUSY);
4708
4709 Log2(("%s: Ctl#%d: message to async I/O thread, continuing PIO transfer\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
4710 ataHCAsyncIOPutRequest(pCtl, &g_ataPIORequest);
4711 }
4712 else
4713 {
4714 /* Either everything finished (though some data might still be pending)
4715 * or some data is pending before the next read is due. */
4716
4717 /* Continue a previously started transfer. */
4718 ataUnsetStatus(s, ATA_STAT_DRQ);
4719 ataSetStatus(s, ATA_STAT_READY);
4720
4721 if (s->cbTotalTransfer)
4722 {
4723 /* There is more to transfer, happens usually for large ATAPI
4724 * reads - the protocol limits the chunk size to 65534 bytes. */
4725 ataHCPIOTransfer(pCtl);
4726 ataHCSetIRQ(s);
4727 }
4728 else
4729 {
4730 Log2(("%s: Ctl#%d: skipping message to async I/O thread, ending PIO transfer\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
4731 /* Finish PIO transfer. */
4732 ataHCPIOTransfer(pCtl);
4733 Assert(!pCtl->fRedo);
4734 }
4735 }
4736}
4737
4738#endif /* IN_RING0 || IN_RING3 */
4739
4740/**
4741 * Fallback for ataCopyPioData124 that handles unaligned and out of bounds cases.
4742 *
4743 * @param pIf The device interface to work with.
4744 * @param pbDst The destination buffer.
4745 * @param pbSrc The source buffer.
4746 * @param cbCopy The number of bytes to copy, either 1, 2 or 4 bytes.
4747 */
4748DECL_NO_INLINE(static, void) ataCopyPioData124Slow(ATADevState *pIf, uint8_t *pbDst, const uint8_t *pbSrc, uint32_t cbCopy)
4749{
4750 uint32_t const offStart = pIf->iIOBufferPIODataStart;
4751 uint32_t const offNext = offStart + cbCopy;
4752
4753 if (offStart + cbCopy > pIf->cbIOBuffer)
4754 {
4755 Log(("%s: cbCopy=%#x offStart=%#x cbIOBuffer=%#x offNext=%#x (iIOBufferPIODataEnd=%#x)\n",
4756 __FUNCTION__, cbCopy, offStart, pIf->cbIOBuffer, offNext, pIf->iIOBufferPIODataEnd));
4757 if (offStart < pIf->cbIOBuffer)
4758 cbCopy = pIf->cbIOBuffer - offStart;
4759 else
4760 cbCopy = 0;
4761 }
4762
4763 switch (cbCopy)
4764 {
4765 case 4: pbDst[3] = pbSrc[3]; RT_FALL_THRU();
4766 case 3: pbDst[2] = pbSrc[2]; RT_FALL_THRU();
4767 case 2: pbDst[1] = pbSrc[1]; RT_FALL_THRU();
4768 case 1: pbDst[0] = pbSrc[0]; RT_FALL_THRU();
4769 case 0: break;
4770 default: AssertFailed(); /* impossible */
4771 }
4772
4773 pIf->iIOBufferPIODataStart = offNext;
4774
4775}
4776
4777
4778/**
4779 * Work for ataDataWrite & ataDataRead that copies data without using memcpy.
4780 *
4781 * This also updates pIf->iIOBufferPIODataStart.
4782 *
4783 * The two buffers are either stack (32-bit aligned) or somewhere within
4784 * pIf->pbIOBuffer.
4785 *
4786 * @param pIf The device interface to work with.
4787 * @param pbDst The destination buffer.
4788 * @param pbSrc The source buffer.
4789 * @param cbCopy The number of bytes to copy, either 1, 2 or 4 bytes.
4790 */
4791DECLINLINE(void) ataCopyPioData124(ATADevState *pIf, uint8_t *pbDst, const uint8_t *pbSrc, uint32_t cbCopy)
4792{
4793 /*
4794 * Quick bounds checking can be done by checking that the pbIOBuffer offset
4795 * (iIOBufferPIODataStart) is aligned at the transfer size (which is ASSUMED
4796 * to be 1, 2 or 4). However, since we're paranoid and don't currently
4797 * trust iIOBufferPIODataEnd to be within bounds, we current check against the
4798 * IO buffer size too.
4799 */
4800 Assert(cbCopy == 1 || cbCopy == 2 || cbCopy == 4);
4801 uint32_t const offStart = pIf->iIOBufferPIODataStart;
4802 if (RT_LIKELY( !(offStart & (cbCopy - 1))
4803 && offStart + cbCopy <= pIf->cbIOBuffer))
4804 {
4805 switch (cbCopy)
4806 {
4807 case 4: *(uint32_t *)pbDst = *(uint32_t const *)pbSrc; break;
4808 case 2: *(uint16_t *)pbDst = *(uint16_t const *)pbSrc; break;
4809 case 1: *pbDst = *pbSrc; break;
4810 }
4811 pIf->iIOBufferPIODataStart = offStart + cbCopy;
4812 }
4813 else
4814 ataCopyPioData124Slow(pIf, pbDst, pbSrc, cbCopy);
4815}
4816
4817
4818/**
4819 * Port I/O Handler for primary port range OUT operations.
4820 * @see FNIOMIOPORTOUT for details.
4821 */
4822PDMBOTHCBDECL(int) ataIOPortWrite1Data(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t u32, unsigned cb)
4823{
4824 uint32_t i = (uint32_t)(uintptr_t)pvUser;
4825 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
4826 PATACONTROLLER pCtl = &pThis->aCts[i];
4827 RT_NOREF1(Port);
4828
4829 Assert(i < 2);
4830 Assert(Port == pCtl->IOPortBase1);
4831 Assert(cb == 2 || cb == 4); /* Writes to the data port may be 16-bit or 32-bit. */
4832
4833 int rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_WRITE);
4834 if (rc == VINF_SUCCESS)
4835 {
4836 ATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
4837
4838 if (s->iIOBufferPIODataStart < s->iIOBufferPIODataEnd)
4839 {
4840 Assert(s->uTxDir == PDMMEDIATXDIR_TO_DEVICE);
4841 uint8_t *pbDst = s->CTX_SUFF(pbIOBuffer) + s->iIOBufferPIODataStart;
4842 uint8_t const *pbSrc = (uint8_t const *)&u32;
4843
4844#ifdef IN_RC
4845 /* Raw-mode: The ataHCPIOTransfer following the last transfer unit
4846 requires I/O thread signalling, we must go to ring-3 for that. */
4847 if (s->iIOBufferPIODataStart + cb < s->iIOBufferPIODataEnd)
4848 ataCopyPioData124(s, pbDst, pbSrc, cb);
4849 else
4850 rc = VINF_IOM_R3_IOPORT_WRITE;
4851
4852#elif defined(IN_RING0)
4853 /* Ring-0: We can do I/O thread signalling here, however for paranoid reasons
4854 triggered by a special case in ataHCPIOTransferFinish, we take extra care here. */
4855 if (s->iIOBufferPIODataStart + cb < s->iIOBufferPIODataEnd)
4856 ataCopyPioData124(s, pbDst, pbSrc, cb);
4857 else if (s->uTxDir == PDMMEDIATXDIR_TO_DEVICE) /* paranoia */
4858 {
4859 ataCopyPioData124(s, pbDst, pbSrc, cb);
4860 ataHCPIOTransferFinish(pCtl, s);
4861 }
4862 else
4863 {
4864 Log(("%s: Unexpected\n",__FUNCTION__));
4865 rc = VINF_IOM_R3_IOPORT_WRITE;
4866 }
4867
4868#else /* IN_RING 3*/
4869 ataCopyPioData124(s, pbDst, pbSrc, cb);
4870 if (s->iIOBufferPIODataStart >= s->iIOBufferPIODataEnd)
4871 ataHCPIOTransferFinish(pCtl, s);
4872#endif /* IN_RING 3*/
4873 }
4874 else
4875 Log2(("%s: DUMMY data\n", __FUNCTION__));
4876
4877 Log3(("%s: addr=%#x val=%.*Rhxs rc=%d\n", __FUNCTION__, Port, cb, &u32, rc));
4878 PDMCritSectLeave(&pCtl->lock);
4879 }
4880 else
4881 Log3(("%s: addr=%#x -> %d\n", __FUNCTION__, Port, rc));
4882 return rc;
4883}
4884
4885
4886/**
4887 * Port I/O Handler for primary port range IN operations.
4888 * @see FNIOMIOPORTIN for details.
4889 */
4890PDMBOTHCBDECL(int) ataIOPortRead1Data(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t *pu32, unsigned cb)
4891{
4892 uint32_t i = (uint32_t)(uintptr_t)pvUser;
4893 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
4894 PATACONTROLLER pCtl = &pThis->aCts[i];
4895 RT_NOREF1(Port);
4896
4897 Assert(i < 2);
4898 Assert(Port == pCtl->IOPortBase1);
4899
4900 /* Reads from the data register may be 16-bit or 32-bit. Byte accesses are
4901 upgraded to word. */
4902 Assert(cb == 1 || cb == 2 || cb == 4);
4903 uint32_t cbActual = cb != 1 ? cb : 2;
4904 *pu32 = 0;
4905
4906 int rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_READ);
4907 if (rc == VINF_SUCCESS)
4908 {
4909 ATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
4910
4911 if (s->iIOBufferPIODataStart < s->iIOBufferPIODataEnd)
4912 {
4913 Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE);
4914 uint8_t const *pbSrc = s->CTX_SUFF(pbIOBuffer) + s->iIOBufferPIODataStart;
4915 uint8_t *pbDst = (uint8_t *)pu32;
4916
4917#ifdef IN_RC
4918 /* All but the last transfer unit is simple enough for RC, but
4919 * sending a request to the async IO thread is too complicated. */
4920 if (s->iIOBufferPIODataStart + cbActual < s->iIOBufferPIODataEnd)
4921 ataCopyPioData124(s, pbDst, pbSrc, cbActual);
4922 else
4923 rc = VINF_IOM_R3_IOPORT_READ;
4924
4925#elif defined(IN_RING0)
4926 /* Ring-0: We can do I/O thread signalling here. However there is one
4927 case in ataHCPIOTransfer that does a LogRel and would (but not from
4928 here) call directly into the driver code. We detect that odd case
4929 here cand return to ring-3 to handle it. */
4930 if (s->iIOBufferPIODataStart + cbActual < s->iIOBufferPIODataEnd)
4931 ataCopyPioData124(s, pbDst, pbSrc, cbActual);
4932 else if ( s->cbTotalTransfer == 0
4933 || s->iSourceSink != ATAFN_SS_NULL
4934 || s->iIOBufferCur <= s->iIOBufferEnd)
4935 {
4936 ataCopyPioData124(s, pbDst, pbSrc, cbActual);
4937 ataHCPIOTransferFinish(pCtl, s);
4938 }
4939 else
4940 {
4941 Log(("%s: Unexpected\n",__FUNCTION__));
4942 rc = VINF_IOM_R3_IOPORT_READ;
4943 }
4944
4945#else /* IN_RING3 */
4946 ataCopyPioData124(s, pbDst, pbSrc, cbActual);
4947 if (s->iIOBufferPIODataStart >= s->iIOBufferPIODataEnd)
4948 ataHCPIOTransferFinish(pCtl, s);
4949#endif /* IN_RING3 */
4950
4951 /* Just to be on the safe side (caller takes care of this, really). */
4952 if (cb == 1)
4953 *pu32 &= 0xff;
4954 }
4955 else
4956 {
4957 Log2(("%s: DUMMY data\n", __FUNCTION__));
4958 memset(pu32, 0xff, cb);
4959 }
4960 Log3(("%s: addr=%#x val=%.*Rhxs rc=%d\n", __FUNCTION__, Port, cb, pu32, rc));
4961
4962 PDMCritSectLeave(&pCtl->lock);
4963 }
4964 else
4965 Log3(("%s: addr=%#x -> %d\n", __FUNCTION__, Port, rc));
4966
4967 return rc;
4968}
4969
4970
4971/**
4972 * Port I/O Handler for primary port range IN string operations.
4973 * @see FNIOMIOPORTINSTRING for details.
4974 */
4975PDMBOTHCBDECL(int) ataIOPortReadStr1Data(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint8_t *pbDst,
4976 uint32_t *pcTransfers, unsigned cb)
4977{
4978 uint32_t i = (uint32_t)(uintptr_t)pvUser;
4979 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
4980 PATACONTROLLER pCtl = &pThis->aCts[i];
4981 RT_NOREF1(Port);
4982
4983 Assert(i < 2);
4984 Assert(Port == pCtl->IOPortBase1);
4985 Assert(*pcTransfers > 0);
4986
4987 int rc;
4988 if (cb == 2 || cb == 4)
4989 {
4990 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_READ);
4991 if (rc == VINF_SUCCESS)
4992 {
4993 ATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
4994
4995 uint32_t const offStart = s->iIOBufferPIODataStart;
4996 if (offStart < s->iIOBufferPIODataEnd)
4997 {
4998 /*
4999 * Figure how much we can copy. Usually it's the same as the request.
5000 * The last transfer unit cannot be handled in RC, as it involves
5001 * thread communication. In R0 we let the non-string callback handle it,
5002 * and ditto for overflows/dummy data.
5003 */
5004 uint32_t cAvailable = (s->iIOBufferPIODataEnd - offStart) / cb;
5005#ifndef IN_RING3
5006 if (cAvailable > 0)
5007 cAvailable--;
5008#endif
5009 uint32_t const cRequested = *pcTransfers;
5010 if (cAvailable > cRequested)
5011 cAvailable = cRequested;
5012 uint32_t const cbTransfer = cAvailable * cb;
5013 if ( offStart + cbTransfer <= s->cbIOBuffer
5014 && cbTransfer > 0)
5015 {
5016 /*
5017 * Do the transfer.
5018 */
5019 uint8_t const *pbSrc = s->CTX_SUFF(pbIOBuffer) + offStart;
5020 memcpy(pbDst, pbSrc, cbTransfer);
5021 Log3(("%s: addr=%#x cb=%#x cbTransfer=%#x val=%.*Rhxd\n",
5022 __FUNCTION__, Port, cb, cbTransfer, cbTransfer, pbSrc));
5023 s->iIOBufferPIODataStart = offStart + cbTransfer;
5024
5025#ifdef IN_RING3
5026 if (s->iIOBufferPIODataStart >= s->iIOBufferPIODataEnd)
5027 ataHCPIOTransferFinish(pCtl, s);
5028#endif
5029 *pcTransfers = cRequested - cAvailable;
5030 }
5031 else
5032 Log2(("ataIOPortReadStr1Data: DUMMY/Overflow!\n"));
5033 }
5034 else
5035 {
5036 /*
5037 * Dummy read (shouldn't happen) return 0xff like the non-string handler.
5038 */
5039 Log2(("ataIOPortReadStr1Data: DUMMY data (%#x bytes)\n", *pcTransfers * cb));
5040 memset(pbDst, 0xff, *pcTransfers * cb);
5041 *pcTransfers = 0;
5042 }
5043
5044 PDMCritSectLeave(&pCtl->lock);
5045 }
5046 }
5047 /*
5048 * Let the non-string I/O callback handle 1 byte reads.
5049 */
5050 else
5051 {
5052 Log2(("ataIOPortReadStr1Data: 1 byte read (%#x transfers)\n", *pcTransfers));
5053 AssertFailed();
5054 rc = VINF_SUCCESS;
5055 }
5056 return rc;
5057}
5058
5059
5060/**
5061 * Port I/O Handler for primary port range OUT string operations.
5062 * @see FNIOMIOPORTOUTSTRING for details.
5063 */
5064PDMBOTHCBDECL(int) ataIOPortWriteStr1Data(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint8_t const *pbSrc,
5065 uint32_t *pcTransfers, unsigned cb)
5066{
5067 uint32_t i = (uint32_t)(uintptr_t)pvUser;
5068 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
5069 PATACONTROLLER pCtl = &pThis->aCts[i];
5070 RT_NOREF1(Port);
5071
5072 Assert(i < 2);
5073 Assert(Port == pCtl->IOPortBase1);
5074 Assert(*pcTransfers > 0);
5075
5076 int rc;
5077 if (cb == 2 || cb == 4)
5078 {
5079 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_WRITE);
5080 if (rc == VINF_SUCCESS)
5081 {
5082 ATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
5083
5084 uint32_t const offStart = s->iIOBufferPIODataStart;
5085 if (offStart < s->iIOBufferPIODataEnd)
5086 {
5087 /*
5088 * Figure how much we can copy. Usually it's the same as the request.
5089 * The last transfer unit cannot be handled in RC, as it involves
5090 * thread communication. In R0 we let the non-string callback handle it,
5091 * and ditto for overflows/dummy data.
5092 */
5093 uint32_t cAvailable = (s->iIOBufferPIODataEnd - offStart) / cb;
5094#ifndef IN_RING3
5095 if (cAvailable)
5096 cAvailable--;
5097#endif
5098 uint32_t const cRequested = *pcTransfers;
5099 if (cAvailable > cRequested)
5100 cAvailable = cRequested;
5101 uint32_t const cbTransfer = cAvailable * cb;
5102 if ( offStart + cbTransfer <= s->cbIOBuffer
5103 && cbTransfer)
5104 {
5105 /*
5106 * Do the transfer.
5107 */
5108 void *pvDst = s->CTX_SUFF(pbIOBuffer) + offStart;
5109 memcpy(pvDst, pbSrc, cbTransfer);
5110 Log3(("%s: addr=%#x val=%.*Rhxs\n", __FUNCTION__, Port, cbTransfer, pvDst));
5111 s->iIOBufferPIODataStart = offStart + cbTransfer;
5112
5113#ifdef IN_RING3
5114 if (s->iIOBufferPIODataStart >= s->iIOBufferPIODataEnd)
5115 ataHCPIOTransferFinish(pCtl, s);
5116#endif
5117 *pcTransfers = cRequested - cAvailable;
5118 }
5119 else
5120 Log2(("ataIOPortWriteStr1Data: DUMMY/Overflow!\n"));
5121 }
5122 else
5123 {
5124 Log2(("ataIOPortWriteStr1Data: DUMMY data (%#x bytes)\n", *pcTransfers * cb));
5125 *pcTransfers = 0;
5126 }
5127
5128 PDMCritSectLeave(&pCtl->lock);
5129 }
5130 }
5131 /*
5132 * Let the non-string I/O callback handle 1 byte reads.
5133 */
5134 else
5135 {
5136 Log2(("ataIOPortWriteStr1Data: 1 byte write (%#x transfers)\n", *pcTransfers));
5137 AssertFailed();
5138 rc = VINF_SUCCESS;
5139 }
5140
5141 return rc;
5142}
5143
5144
5145#ifdef IN_RING3
5146
5147static void ataR3DMATransferStop(ATADevState *s)
5148{
5149 s->cbTotalTransfer = 0;
5150 s->cbElementaryTransfer = 0;
5151 s->iBeginTransfer = ATAFN_BT_NULL;
5152 s->iSourceSink = ATAFN_SS_NULL;
5153}
5154
5155
5156/**
5157 * Perform the entire DMA transfer in one go (unless a source/sink operation
5158 * has to be redone or a RESET comes in between). Unlike the PIO counterpart
5159 * this function cannot handle empty transfers.
5160 *
5161 * @param pCtl Controller for which to perform the transfer.
5162 */
5163static void ataR3DMATransfer(PATACONTROLLER pCtl)
5164{
5165 PPDMDEVINS pDevIns = CONTROLLER_2_DEVINS(pCtl);
5166 ATADevState *s = &pCtl->aIfs[pCtl->iAIOIf];
5167 bool fRedo;
5168 RTGCPHYS32 GCPhysDesc;
5169 uint32_t cbTotalTransfer, cbElementaryTransfer;
5170 uint32_t iIOBufferCur, iIOBufferEnd;
5171 PDMMEDIATXDIR uTxDir;
5172 bool fLastDesc = false;
5173
5174 Assert(sizeof(BMDMADesc) == 8);
5175
5176 fRedo = pCtl->fRedo;
5177 if (RT_LIKELY(!fRedo))
5178 Assert(s->cbTotalTransfer);
5179 uTxDir = (PDMMEDIATXDIR)s->uTxDir;
5180 cbTotalTransfer = s->cbTotalTransfer;
5181 cbElementaryTransfer = s->cbElementaryTransfer;
5182 iIOBufferCur = s->iIOBufferCur;
5183 iIOBufferEnd = s->iIOBufferEnd;
5184
5185 /* The DMA loop is designed to hold the lock only when absolutely
5186 * necessary. This avoids long freezes should the guest access the
5187 * ATA registers etc. for some reason. */
5188 ataR3LockLeave(pCtl);
5189
5190 Log2(("%s: %s tx_size=%d elem_tx_size=%d index=%d end=%d\n",
5191 __FUNCTION__, uTxDir == PDMMEDIATXDIR_FROM_DEVICE ? "T2I" : "I2T",
5192 cbTotalTransfer, cbElementaryTransfer,
5193 iIOBufferCur, iIOBufferEnd));
5194 for (GCPhysDesc = pCtl->GCPhysFirstDMADesc;
5195 GCPhysDesc <= pCtl->GCPhysLastDMADesc;
5196 GCPhysDesc += sizeof(BMDMADesc))
5197 {
5198 BMDMADesc DMADesc;
5199 RTGCPHYS32 GCPhysBuffer;
5200 uint32_t cbBuffer;
5201
5202 if (RT_UNLIKELY(fRedo))
5203 {
5204 GCPhysBuffer = pCtl->GCPhysRedoDMABuffer;
5205 cbBuffer = pCtl->cbRedoDMABuffer;
5206 fLastDesc = pCtl->fRedoDMALastDesc;
5207 DMADesc.GCPhysBuffer = DMADesc.cbBuffer = 0; /* Shut up MSC. */
5208 }
5209 else
5210 {
5211 PDMDevHlpPhysRead(pDevIns, GCPhysDesc, &DMADesc, sizeof(BMDMADesc));
5212 GCPhysBuffer = RT_LE2H_U32(DMADesc.GCPhysBuffer);
5213 cbBuffer = RT_LE2H_U32(DMADesc.cbBuffer);
5214 fLastDesc = !!(cbBuffer & 0x80000000);
5215 cbBuffer &= 0xfffe;
5216 if (cbBuffer == 0)
5217 cbBuffer = 0x10000;
5218 if (cbBuffer > cbTotalTransfer)
5219 cbBuffer = cbTotalTransfer;
5220 }
5221
5222 while (RT_UNLIKELY(fRedo) || (cbBuffer && cbTotalTransfer))
5223 {
5224 if (RT_LIKELY(!fRedo))
5225 {
5226 uint32_t cbXfer = RT_MIN(cbBuffer, iIOBufferEnd - iIOBufferCur);
5227 Log2(("%s: DMA desc %#010x: addr=%#010x size=%#010x orig_size=%#010x\n", __FUNCTION__,
5228 (int)GCPhysDesc, GCPhysBuffer, cbBuffer, RT_LE2H_U32(DMADesc.cbBuffer) & 0xfffe));
5229
5230 if (uTxDir == PDMMEDIATXDIR_FROM_DEVICE)
5231 PDMDevHlpPCIPhysWrite(pDevIns, GCPhysBuffer, s->CTX_SUFF(pbIOBuffer) + iIOBufferCur, cbXfer);
5232 else
5233 PDMDevHlpPCIPhysRead(pDevIns, GCPhysBuffer, s->CTX_SUFF(pbIOBuffer) + iIOBufferCur, cbXfer);
5234
5235 iIOBufferCur += cbXfer;
5236 cbTotalTransfer -= cbXfer;
5237 cbBuffer -= cbXfer;
5238 GCPhysBuffer += cbXfer;
5239 }
5240 if ( iIOBufferCur == iIOBufferEnd
5241 && (uTxDir == PDMMEDIATXDIR_TO_DEVICE || cbTotalTransfer))
5242 {
5243 if (uTxDir == PDMMEDIATXDIR_FROM_DEVICE && cbElementaryTransfer > cbTotalTransfer)
5244 cbElementaryTransfer = cbTotalTransfer;
5245
5246 ataR3LockEnter(pCtl);
5247
5248 /* The RESET handler could have cleared the DMA transfer
5249 * state (since we didn't hold the lock until just now
5250 * the guest can continue in parallel). If so, the state
5251 * is already set up so the loop is exited immediately. */
5252 if (s->iSourceSink != ATAFN_SS_NULL)
5253 {
5254 s->iIOBufferCur = iIOBufferCur;
5255 s->iIOBufferEnd = iIOBufferEnd;
5256 s->cbElementaryTransfer = cbElementaryTransfer;
5257 s->cbTotalTransfer = cbTotalTransfer;
5258 Log2(("%s: calling source/sink function\n", __FUNCTION__));
5259 fRedo = g_apfnSourceSinkFuncs[s->iSourceSink](s);
5260 if (RT_UNLIKELY(fRedo))
5261 {
5262 pCtl->GCPhysFirstDMADesc = GCPhysDesc;
5263 pCtl->GCPhysRedoDMABuffer = GCPhysBuffer;
5264 pCtl->cbRedoDMABuffer = cbBuffer;
5265 pCtl->fRedoDMALastDesc = fLastDesc;
5266 }
5267 else
5268 {
5269 cbTotalTransfer = s->cbTotalTransfer;
5270 cbElementaryTransfer = s->cbElementaryTransfer;
5271
5272 if (uTxDir == PDMMEDIATXDIR_TO_DEVICE && cbElementaryTransfer > cbTotalTransfer)
5273 cbElementaryTransfer = cbTotalTransfer;
5274 iIOBufferCur = 0;
5275 iIOBufferEnd = cbElementaryTransfer;
5276 }
5277 pCtl->fRedo = fRedo;
5278 }
5279 else
5280 {
5281 /* This forces the loop to exit immediately. */
5282 GCPhysDesc = pCtl->GCPhysLastDMADesc + 1;
5283 }
5284
5285 ataR3LockLeave(pCtl);
5286 if (RT_UNLIKELY(fRedo))
5287 break;
5288 }
5289 }
5290
5291 if (RT_UNLIKELY(fRedo))
5292 break;
5293
5294 /* end of transfer */
5295 if (!cbTotalTransfer || fLastDesc)
5296 break;
5297
5298 ataR3LockEnter(pCtl);
5299
5300 if (!(pCtl->BmDma.u8Cmd & BM_CMD_START) || pCtl->fReset)
5301 {
5302 LogRel(("PIIX3 ATA: Ctl#%d: ABORT DMA%s\n", ATACONTROLLER_IDX(pCtl), pCtl->fReset ? " due to RESET" : ""));
5303 if (!pCtl->fReset)
5304 ataR3DMATransferStop(s);
5305 /* This forces the loop to exit immediately. */
5306 GCPhysDesc = pCtl->GCPhysLastDMADesc + 1;
5307 }
5308
5309 ataR3LockLeave(pCtl);
5310 }
5311
5312 ataR3LockEnter(pCtl);
5313 if (RT_UNLIKELY(fRedo))
5314 return;
5315
5316 if (fLastDesc)
5317 pCtl->BmDma.u8Status &= ~BM_STATUS_DMAING;
5318 s->cbTotalTransfer = cbTotalTransfer;
5319 s->cbElementaryTransfer = cbElementaryTransfer;
5320 s->iIOBufferCur = iIOBufferCur;
5321 s->iIOBufferEnd = iIOBufferEnd;
5322}
5323
5324/**
5325 * Signal PDM that we're idle (if we actually are).
5326 *
5327 * @param pCtl The controller.
5328 */
5329static void ataR3AsyncSignalIdle(PATACONTROLLER pCtl)
5330{
5331 /*
5332 * Take the lock here and recheck the idle indicator to avoid
5333 * unnecessary work and racing ataR3WaitForAsyncIOIsIdle.
5334 */
5335 int rc = PDMCritSectEnter(&pCtl->AsyncIORequestLock, VINF_SUCCESS);
5336 AssertRC(rc);
5337
5338 if ( pCtl->fSignalIdle
5339 && ataR3AsyncIOIsIdle(pCtl, false /*fStrict*/))
5340 {
5341 PDMDevHlpAsyncNotificationCompleted(pCtl->pDevInsR3);
5342 RTThreadUserSignal(pCtl->AsyncIOThread); /* for ataR3Construct/ataR3ResetCommon. */
5343 }
5344
5345 rc = PDMCritSectLeave(&pCtl->AsyncIORequestLock);
5346 AssertRC(rc);
5347}
5348
5349/**
5350 * Async I/O thread for an interface.
5351 *
5352 * Once upon a time this was readable code with several loops and a different
5353 * semaphore for each purpose. But then came the "how can one save the state in
5354 * the middle of a PIO transfer" question. The solution was to use an ASM,
5355 * which is what's there now.
5356 */
5357static DECLCALLBACK(int) ataR3AsyncIOThread(RTTHREAD hThreadSelf, void *pvUser)
5358{
5359 RT_NOREF1(hThreadSelf);
5360 const ATARequest *pReq;
5361 uint64_t u64TS = 0; /* shut up gcc */
5362 uint64_t uWait;
5363 int rc = VINF_SUCCESS;
5364 PATACONTROLLER pCtl = (PATACONTROLLER)pvUser;
5365 ATADevState *s;
5366
5367 pReq = NULL;
5368 pCtl->fChainedTransfer = false;
5369 while (!pCtl->fShutdown)
5370 {
5371 /* Keep this thread from doing anything as long as EMT is suspended. */
5372 while (pCtl->fRedoIdle)
5373 {
5374 if (pCtl->fSignalIdle)
5375 ataR3AsyncSignalIdle(pCtl);
5376 rc = RTSemEventWait(pCtl->SuspendIOSem, RT_INDEFINITE_WAIT);
5377 /* Continue if we got a signal by RTThreadPoke().
5378 * We will get notified if there is a request to process.
5379 */
5380 if (RT_UNLIKELY(rc == VERR_INTERRUPTED))
5381 continue;
5382 if (RT_FAILURE(rc) || pCtl->fShutdown)
5383 break;
5384
5385 pCtl->fRedoIdle = false;
5386 }
5387
5388 /* Wait for work. */
5389 while (pReq == NULL)
5390 {
5391 if (pCtl->fSignalIdle)
5392 ataR3AsyncSignalIdle(pCtl);
5393 rc = SUPSemEventWaitNoResume(pCtl->pSupDrvSession, pCtl->hAsyncIOSem, RT_INDEFINITE_WAIT);
5394 /* Continue if we got a signal by RTThreadPoke().
5395 * We will get notified if there is a request to process.
5396 */
5397 if (RT_UNLIKELY(rc == VERR_INTERRUPTED))
5398 continue;
5399 if (RT_FAILURE(rc) || RT_UNLIKELY(pCtl->fShutdown))
5400 break;
5401
5402 pReq = ataR3AsyncIOGetCurrentRequest(pCtl);
5403 }
5404
5405 if (RT_FAILURE(rc) || pCtl->fShutdown)
5406 break;
5407
5408 if (pReq == NULL)
5409 continue;
5410
5411 ATAAIO ReqType = pReq->ReqType;
5412
5413 Log2(("%s: Ctl#%d: state=%d, req=%d\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl), pCtl->uAsyncIOState, ReqType));
5414 if (pCtl->uAsyncIOState != ReqType)
5415 {
5416 /* The new state is not the state that was expected by the normal
5417 * state changes. This is either a RESET/ABORT or there's something
5418 * really strange going on. */
5419 if ( (pCtl->uAsyncIOState == ATA_AIO_PIO || pCtl->uAsyncIOState == ATA_AIO_DMA)
5420 && (ReqType == ATA_AIO_PIO || ReqType == ATA_AIO_DMA))
5421 {
5422 /* Incorrect sequence of PIO/DMA states. Dump request queue. */
5423 ataR3AsyncIODumpRequests(pCtl);
5424 }
5425 AssertReleaseMsg( ReqType == ATA_AIO_RESET_ASSERTED
5426 || ReqType == ATA_AIO_RESET_CLEARED
5427 || ReqType == ATA_AIO_ABORT
5428 || pCtl->uAsyncIOState == ReqType,
5429 ("I/O state inconsistent: state=%d request=%d\n", pCtl->uAsyncIOState, ReqType));
5430 }
5431
5432 /* Do our work. */
5433 ataR3LockEnter(pCtl);
5434
5435 if (pCtl->uAsyncIOState == ATA_AIO_NEW && !pCtl->fChainedTransfer)
5436 {
5437 u64TS = RTTimeNanoTS();
5438#if defined(DEBUG) || defined(VBOX_WITH_STATISTICS)
5439 STAM_PROFILE_ADV_START(&pCtl->StatAsyncTime, a);
5440#endif
5441 }
5442
5443 switch (ReqType)
5444 {
5445 case ATA_AIO_NEW:
5446
5447 pCtl->iAIOIf = pReq->u.t.iIf;
5448 s = &pCtl->aIfs[pCtl->iAIOIf];
5449 s->cbTotalTransfer = pReq->u.t.cbTotalTransfer;
5450 s->uTxDir = pReq->u.t.uTxDir;
5451 s->iBeginTransfer = pReq->u.t.iBeginTransfer;
5452 s->iSourceSink = pReq->u.t.iSourceSink;
5453 s->iIOBufferEnd = 0;
5454 s->u64CmdTS = u64TS;
5455
5456 if (s->fATAPI)
5457 {
5458 if (pCtl->fChainedTransfer)
5459 {
5460 /* Only count the actual transfers, not the PIO
5461 * transfer of the ATAPI command bytes. */
5462 if (s->fDMA)
5463 STAM_REL_COUNTER_INC(&s->StatATAPIDMA);
5464 else
5465 STAM_REL_COUNTER_INC(&s->StatATAPIPIO);
5466 }
5467 }
5468 else
5469 {
5470 if (s->fDMA)
5471 STAM_REL_COUNTER_INC(&s->StatATADMA);
5472 else
5473 STAM_REL_COUNTER_INC(&s->StatATAPIO);
5474 }
5475
5476 pCtl->fChainedTransfer = false;
5477
5478 if (s->iBeginTransfer != ATAFN_BT_NULL)
5479 {
5480 Log2(("%s: Ctl#%d: calling begin transfer function\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
5481 g_apfnBeginTransFuncs[s->iBeginTransfer](s);
5482 s->iBeginTransfer = ATAFN_BT_NULL;
5483 if (s->uTxDir != PDMMEDIATXDIR_FROM_DEVICE)
5484 s->iIOBufferEnd = s->cbElementaryTransfer;
5485 }
5486 else
5487 {
5488 s->cbElementaryTransfer = s->cbTotalTransfer;
5489 s->iIOBufferEnd = s->cbTotalTransfer;
5490 }
5491 s->iIOBufferCur = 0;
5492
5493 if (s->uTxDir != PDMMEDIATXDIR_TO_DEVICE)
5494 {
5495 if (s->iSourceSink != ATAFN_SS_NULL)
5496 {
5497 bool fRedo;
5498 Log2(("%s: Ctl#%d: calling source/sink function\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
5499 fRedo = g_apfnSourceSinkFuncs[s->iSourceSink](s);
5500 pCtl->fRedo = fRedo;
5501 if (RT_UNLIKELY(fRedo && !pCtl->fReset))
5502 {
5503 /* Operation failed at the initial transfer, restart
5504 * everything from scratch by resending the current
5505 * request. Occurs very rarely, not worth optimizing. */
5506 LogRel(("%s: Ctl#%d: redo entire operation\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
5507 ataHCAsyncIOPutRequest(pCtl, pReq);
5508 break;
5509 }
5510 }
5511 else
5512 ataR3CmdOK(s, 0);
5513 s->iIOBufferEnd = s->cbElementaryTransfer;
5514
5515 }
5516
5517 /* Do not go into the transfer phase if RESET is asserted.
5518 * The CritSect is released while waiting for the host OS
5519 * to finish the I/O, thus RESET is possible here. Most
5520 * important: do not change uAsyncIOState. */
5521 if (pCtl->fReset)
5522 break;
5523
5524 if (s->fDMA)
5525 {
5526 if (s->cbTotalTransfer)
5527 {
5528 ataSetStatus(s, ATA_STAT_DRQ);
5529
5530 pCtl->uAsyncIOState = ATA_AIO_DMA;
5531 /* If BMDMA is already started, do the transfer now. */
5532 if (pCtl->BmDma.u8Cmd & BM_CMD_START)
5533 {
5534 Log2(("%s: Ctl#%d: message to async I/O thread, continuing DMA transfer immediately\n",
5535 __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
5536 ataHCAsyncIOPutRequest(pCtl, &g_ataDMARequest);
5537 }
5538 }
5539 else
5540 {
5541 Assert(s->uTxDir == PDMMEDIATXDIR_NONE); /* Any transfer which has an initial transfer size of 0 must be marked as such. */
5542 /* Finish DMA transfer. */
5543 ataR3DMATransferStop(s);
5544 ataHCSetIRQ(s);
5545 pCtl->uAsyncIOState = ATA_AIO_NEW;
5546 }
5547 }
5548 else
5549 {
5550 if (s->cbTotalTransfer)
5551 {
5552 ataHCPIOTransfer(pCtl);
5553 Assert(!pCtl->fRedo);
5554 if (s->fATAPITransfer || s->uTxDir != PDMMEDIATXDIR_TO_DEVICE)
5555 ataHCSetIRQ(s);
5556
5557 if (s->uTxDir == PDMMEDIATXDIR_TO_DEVICE || s->iSourceSink != ATAFN_SS_NULL)
5558 {
5559 /* Write operations and not yet finished transfers
5560 * must be completed in the async I/O thread. */
5561 pCtl->uAsyncIOState = ATA_AIO_PIO;
5562 }
5563 else
5564 {
5565 /* Finished read operation can be handled inline
5566 * in the end of PIO transfer handling code. Linux
5567 * depends on this, as it waits only briefly for
5568 * devices to become ready after incoming data
5569 * transfer. Cannot find anything in the ATA spec
5570 * that backs this assumption, but as all kernels
5571 * are affected (though most of the time it does
5572 * not cause any harm) this must work. */
5573 pCtl->uAsyncIOState = ATA_AIO_NEW;
5574 }
5575 }
5576 else
5577 {
5578 Assert(s->uTxDir == PDMMEDIATXDIR_NONE); /* Any transfer which has an initial transfer size of 0 must be marked as such. */
5579 /* Finish PIO transfer. */
5580 ataHCPIOTransfer(pCtl);
5581 Assert(!pCtl->fRedo);
5582 if (!s->fATAPITransfer)
5583 ataHCSetIRQ(s);
5584 pCtl->uAsyncIOState = ATA_AIO_NEW;
5585 }
5586 }
5587 break;
5588
5589 case ATA_AIO_DMA:
5590 {
5591 BMDMAState *bm = &pCtl->BmDma;
5592 s = &pCtl->aIfs[pCtl->iAIOIf]; /* Do not remove or there's an instant crash after loading the saved state */
5593 ATAFNSS iOriginalSourceSink = (ATAFNSS)s->iSourceSink; /* Used by the hack below, but gets reset by then. */
5594
5595 if (s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE)
5596 AssertRelease(bm->u8Cmd & BM_CMD_WRITE);
5597 else
5598 AssertRelease(!(bm->u8Cmd & BM_CMD_WRITE));
5599
5600 if (RT_LIKELY(!pCtl->fRedo))
5601 {
5602 /* The specs say that the descriptor table must not cross a
5603 * 4K boundary. */
5604 pCtl->GCPhysFirstDMADesc = bm->GCPhysAddr;
5605 pCtl->GCPhysLastDMADesc = RT_ALIGN_32(bm->GCPhysAddr + 1, _4K) - sizeof(BMDMADesc);
5606 }
5607 ataR3DMATransfer(pCtl);
5608
5609 if (RT_UNLIKELY(pCtl->fRedo && !pCtl->fReset))
5610 {
5611 LogRel(("PIIX3 ATA: Ctl#%d: redo DMA operation\n", ATACONTROLLER_IDX(pCtl)));
5612 ataHCAsyncIOPutRequest(pCtl, &g_ataDMARequest);
5613 break;
5614 }
5615
5616 /* The infamous delay IRQ hack. */
5617 if ( iOriginalSourceSink == ATAFN_SS_WRITE_SECTORS
5618 && s->cbTotalTransfer == 0
5619 && pCtl->DelayIRQMillies)
5620 {
5621 /* Delay IRQ for writing. Required to get the Win2K
5622 * installation work reliably (otherwise it crashes,
5623 * usually during component install). So far no better
5624 * solution has been found. */
5625 Log(("%s: delay IRQ hack\n", __FUNCTION__));
5626 ataR3LockLeave(pCtl);
5627 RTThreadSleep(pCtl->DelayIRQMillies);
5628 ataR3LockEnter(pCtl);
5629 }
5630
5631 ataUnsetStatus(s, ATA_STAT_DRQ);
5632 Assert(!pCtl->fChainedTransfer);
5633 Assert(s->iSourceSink == ATAFN_SS_NULL);
5634 if (s->fATAPITransfer)
5635 {
5636 s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
5637 Log2(("%s: Ctl#%d: interrupt reason %#04x\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl), s->uATARegNSector));
5638 s->fATAPITransfer = false;
5639 }
5640 ataHCSetIRQ(s);
5641 pCtl->uAsyncIOState = ATA_AIO_NEW;
5642 break;
5643 }
5644
5645 case ATA_AIO_PIO:
5646 s = &pCtl->aIfs[pCtl->iAIOIf]; /* Do not remove or there's an instant crash after loading the saved state */
5647
5648 if (s->iSourceSink != ATAFN_SS_NULL)
5649 {
5650 bool fRedo;
5651 Log2(("%s: Ctl#%d: calling source/sink function\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
5652 fRedo = g_apfnSourceSinkFuncs[s->iSourceSink](s);
5653 pCtl->fRedo = fRedo;
5654 if (RT_UNLIKELY(fRedo && !pCtl->fReset))
5655 {
5656 LogRel(("PIIX3 ATA: Ctl#%d: redo PIO operation\n", ATACONTROLLER_IDX(pCtl)));
5657 ataHCAsyncIOPutRequest(pCtl, &g_ataPIORequest);
5658 break;
5659 }
5660 s->iIOBufferCur = 0;
5661 s->iIOBufferEnd = s->cbElementaryTransfer;
5662 }
5663 else
5664 {
5665 /* Continue a previously started transfer. */
5666 ataUnsetStatus(s, ATA_STAT_BUSY);
5667 ataSetStatus(s, ATA_STAT_READY);
5668 }
5669
5670 /* It is possible that the drives on this controller get RESET
5671 * during the above call to the source/sink function. If that's
5672 * the case, don't restart the transfer and don't finish it the
5673 * usual way. RESET handling took care of all that already.
5674 * Most important: do not change uAsyncIOState. */
5675 if (pCtl->fReset)
5676 break;
5677
5678 if (s->cbTotalTransfer)
5679 {
5680 ataHCPIOTransfer(pCtl);
5681 ataHCSetIRQ(s);
5682
5683 if (s->uTxDir == PDMMEDIATXDIR_TO_DEVICE || s->iSourceSink != ATAFN_SS_NULL)
5684 {
5685 /* Write operations and not yet finished transfers
5686 * must be completed in the async I/O thread. */
5687 pCtl->uAsyncIOState = ATA_AIO_PIO;
5688 }
5689 else
5690 {
5691 /* Finished read operation can be handled inline
5692 * in the end of PIO transfer handling code. Linux
5693 * depends on this, as it waits only briefly for
5694 * devices to become ready after incoming data
5695 * transfer. Cannot find anything in the ATA spec
5696 * that backs this assumption, but as all kernels
5697 * are affected (though most of the time it does
5698 * not cause any harm) this must work. */
5699 pCtl->uAsyncIOState = ATA_AIO_NEW;
5700 }
5701 }
5702 else
5703 {
5704 /* Finish PIO transfer. */
5705 ataHCPIOTransfer(pCtl);
5706 if ( !pCtl->fChainedTransfer
5707 && !s->fATAPITransfer
5708 && s->uTxDir != PDMMEDIATXDIR_FROM_DEVICE)
5709 {
5710 ataHCSetIRQ(s);
5711 }
5712 pCtl->uAsyncIOState = ATA_AIO_NEW;
5713 }
5714 break;
5715
5716 case ATA_AIO_RESET_ASSERTED:
5717 pCtl->uAsyncIOState = ATA_AIO_RESET_CLEARED;
5718 ataHCPIOTransferStop(&pCtl->aIfs[0]);
5719 ataHCPIOTransferStop(&pCtl->aIfs[1]);
5720 /* Do not change the DMA registers, they are not affected by the
5721 * ATA controller reset logic. It should be sufficient to issue a
5722 * new command, which is now possible as the state is cleared. */
5723 break;
5724
5725 case ATA_AIO_RESET_CLEARED:
5726 pCtl->uAsyncIOState = ATA_AIO_NEW;
5727 pCtl->fReset = false;
5728 /* Ensure that half-completed transfers are not redone. A reset
5729 * cancels the entire transfer, so continuing is wrong. */
5730 pCtl->fRedo = false;
5731 pCtl->fRedoDMALastDesc = false;
5732 LogRel(("PIIX3 ATA: Ctl#%d: finished processing RESET\n",
5733 ATACONTROLLER_IDX(pCtl)));
5734 for (uint32_t i = 0; i < RT_ELEMENTS(pCtl->aIfs); i++)
5735 {
5736 if (pCtl->aIfs[i].fATAPI)
5737 ataSetStatusValue(&pCtl->aIfs[i], 0); /* NOTE: READY is _not_ set */
5738 else
5739 ataSetStatusValue(&pCtl->aIfs[i], ATA_STAT_READY | ATA_STAT_SEEK);
5740 ataR3SetSignature(&pCtl->aIfs[i]);
5741 }
5742 break;
5743
5744 case ATA_AIO_ABORT:
5745 /* Abort the current command no matter what. There cannot be
5746 * any command activity on the other drive otherwise using
5747 * one thread per controller wouldn't work at all. */
5748 s = &pCtl->aIfs[pReq->u.a.iIf];
5749
5750 pCtl->uAsyncIOState = ATA_AIO_NEW;
5751 /* Do not change the DMA registers, they are not affected by the
5752 * ATA controller reset logic. It should be sufficient to issue a
5753 * new command, which is now possible as the state is cleared. */
5754 if (pReq->u.a.fResetDrive)
5755 {
5756 ataR3ResetDevice(s);
5757 ataR3ExecuteDeviceDiagnosticSS(s);
5758 }
5759 else
5760 {
5761 /* Stop any pending DMA transfer. */
5762 s->fDMA = false;
5763 ataHCPIOTransferStop(s);
5764 ataUnsetStatus(s, ATA_STAT_BUSY | ATA_STAT_DRQ | ATA_STAT_SEEK | ATA_STAT_ERR);
5765 ataSetStatus(s, ATA_STAT_READY);
5766 ataHCSetIRQ(s);
5767 }
5768 break;
5769
5770 default:
5771 AssertMsgFailed(("Undefined async I/O state %d\n", pCtl->uAsyncIOState));
5772 }
5773
5774 ataR3AsyncIORemoveCurrentRequest(pCtl, ReqType);
5775 pReq = ataR3AsyncIOGetCurrentRequest(pCtl);
5776
5777 if (pCtl->uAsyncIOState == ATA_AIO_NEW && !pCtl->fChainedTransfer)
5778 {
5779# if defined(DEBUG) || defined(VBOX_WITH_STATISTICS)
5780 STAM_PROFILE_ADV_STOP(&pCtl->StatAsyncTime, a);
5781# endif
5782
5783 u64TS = RTTimeNanoTS() - u64TS;
5784 uWait = u64TS / 1000;
5785 Log(("%s: Ctl#%d: LUN#%d finished I/O transaction in %d microseconds\n",
5786 __FUNCTION__, ATACONTROLLER_IDX(pCtl), pCtl->aIfs[pCtl->iAIOIf].iLUN, (uint32_t)(uWait)));
5787 /* Mark command as finished. */
5788 pCtl->aIfs[pCtl->iAIOIf].u64CmdTS = 0;
5789
5790 /*
5791 * Release logging of command execution times depends on the
5792 * command type. ATAPI commands often take longer (due to CD/DVD
5793 * spin up time etc.) so the threshold is different.
5794 */
5795 if (pCtl->aIfs[pCtl->iAIOIf].uATARegCommand != ATA_PACKET)
5796 {
5797 if (uWait > 8 * 1000 * 1000)
5798 {
5799 /*
5800 * Command took longer than 8 seconds. This is close
5801 * enough or over the guest's command timeout, so place
5802 * an entry in the release log to allow tracking such
5803 * timing errors (which are often caused by the host).
5804 */
5805 LogRel(("PIIX3 ATA: execution time for ATA command %#04x was %d seconds\n",
5806 pCtl->aIfs[pCtl->iAIOIf].uATARegCommand, uWait / (1000 * 1000)));
5807 }
5808 }
5809 else
5810 {
5811 if (uWait > 20 * 1000 * 1000)
5812 {
5813 /*
5814 * Command took longer than 20 seconds. This is close
5815 * enough or over the guest's command timeout, so place
5816 * an entry in the release log to allow tracking such
5817 * timing errors (which are often caused by the host).
5818 */
5819 LogRel(("PIIX3 ATA: execution time for ATAPI command %#04x was %d seconds\n",
5820 pCtl->aIfs[pCtl->iAIOIf].aATAPICmd[0], uWait / (1000 * 1000)));
5821 }
5822 }
5823
5824# if defined(DEBUG) || defined(VBOX_WITH_STATISTICS)
5825 if (uWait < pCtl->StatAsyncMinWait || !pCtl->StatAsyncMinWait)
5826 pCtl->StatAsyncMinWait = uWait;
5827 if (uWait > pCtl->StatAsyncMaxWait)
5828 pCtl->StatAsyncMaxWait = uWait;
5829
5830 STAM_COUNTER_ADD(&pCtl->StatAsyncTimeUS, uWait);
5831 STAM_COUNTER_INC(&pCtl->StatAsyncOps);
5832# endif /* DEBUG || VBOX_WITH_STATISTICS */
5833 }
5834
5835 ataR3LockLeave(pCtl);
5836 }
5837
5838 /* Signal the ultimate idleness. */
5839 RTThreadUserSignal(pCtl->AsyncIOThread);
5840 if (pCtl->fSignalIdle)
5841 PDMDevHlpAsyncNotificationCompleted(pCtl->pDevInsR3);
5842
5843 /* Cleanup the state. */
5844 /* Do not destroy request lock yet, still needed for proper shutdown. */
5845 pCtl->fShutdown = false;
5846
5847 Log2(("%s: Ctl#%d: return %Rrc\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl), rc));
5848 return rc;
5849}
5850
5851#endif /* IN_RING3 */
5852
5853static uint32_t ataBMDMACmdReadB(PATACONTROLLER pCtl, uint32_t addr)
5854{
5855 uint32_t val = pCtl->BmDma.u8Cmd;
5856 RT_NOREF1(addr);
5857 Log2(("%s: addr=%#06x val=%#04x\n", __FUNCTION__, addr, val));
5858 return val;
5859}
5860
5861
5862static void ataBMDMACmdWriteB(PATACONTROLLER pCtl, uint32_t addr, uint32_t val)
5863{
5864 RT_NOREF1(addr);
5865 Log2(("%s: addr=%#06x val=%#04x\n", __FUNCTION__, addr, val));
5866 if (!(val & BM_CMD_START))
5867 {
5868 pCtl->BmDma.u8Status &= ~BM_STATUS_DMAING;
5869 pCtl->BmDma.u8Cmd = val & (BM_CMD_START | BM_CMD_WRITE);
5870 }
5871 else
5872 {
5873#ifndef IN_RC
5874 /* Check whether the guest OS wants to change DMA direction in
5875 * mid-flight. Not allowed, according to the PIIX3 specs. */
5876 Assert(!(pCtl->BmDma.u8Status & BM_STATUS_DMAING) || !((val ^ pCtl->BmDma.u8Cmd) & 0x04));
5877 uint8_t uOldBmDmaStatus = pCtl->BmDma.u8Status;
5878 pCtl->BmDma.u8Status |= BM_STATUS_DMAING;
5879 pCtl->BmDma.u8Cmd = val & (BM_CMD_START | BM_CMD_WRITE);
5880
5881 /* Do not continue DMA transfers while the RESET line is asserted. */
5882 if (pCtl->fReset)
5883 {
5884 Log2(("%s: Ctl#%d: suppressed continuing DMA transfer as RESET is active\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
5885 return;
5886 }
5887
5888 /* Do not start DMA transfers if there's a PIO transfer going on,
5889 * or if there is already a transfer started on this controller. */
5890 if ( !pCtl->aIfs[pCtl->iSelectedIf].fDMA
5891 || (uOldBmDmaStatus & BM_STATUS_DMAING))
5892 return;
5893
5894 if (pCtl->aIfs[pCtl->iAIOIf].uATARegStatus & ATA_STAT_DRQ)
5895 {
5896 Log2(("%s: Ctl#%d: message to async I/O thread, continuing DMA transfer\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
5897 ataHCAsyncIOPutRequest(pCtl, &g_ataDMARequest);
5898 }
5899#else /* !IN_RING3 */
5900 AssertMsgFailed(("DMA START handling is too complicated for RC\n"));
5901#endif /* IN_RING3 */
5902 }
5903}
5904
5905static uint32_t ataBMDMAStatusReadB(PATACONTROLLER pCtl, uint32_t addr)
5906{
5907 uint32_t val = pCtl->BmDma.u8Status;
5908 RT_NOREF1(addr);
5909 Log2(("%s: addr=%#06x val=%#04x\n", __FUNCTION__, addr, val));
5910 return val;
5911}
5912
5913static void ataBMDMAStatusWriteB(PATACONTROLLER pCtl, uint32_t addr, uint32_t val)
5914{
5915 RT_NOREF1(addr);
5916 Log2(("%s: addr=%#06x val=%#04x\n", __FUNCTION__, addr, val));
5917 pCtl->BmDma.u8Status = (val & (BM_STATUS_D0DMA | BM_STATUS_D1DMA))
5918 | (pCtl->BmDma.u8Status & BM_STATUS_DMAING)
5919 | (pCtl->BmDma.u8Status & ~val & (BM_STATUS_ERROR | BM_STATUS_INT));
5920}
5921
5922static uint32_t ataBMDMAAddrReadL(PATACONTROLLER pCtl, uint32_t addr)
5923{
5924 uint32_t val = (uint32_t)pCtl->BmDma.GCPhysAddr;
5925 RT_NOREF1(addr);
5926 Log2(("%s: addr=%#06x val=%#010x\n", __FUNCTION__, addr, val));
5927 return val;
5928}
5929
5930static void ataBMDMAAddrWriteL(PATACONTROLLER pCtl, uint32_t addr, uint32_t val)
5931{
5932 RT_NOREF1(addr);
5933 Log2(("%s: addr=%#06x val=%#010x\n", __FUNCTION__, addr, val));
5934 pCtl->BmDma.GCPhysAddr = val & ~3;
5935}
5936
5937static void ataBMDMAAddrWriteLowWord(PATACONTROLLER pCtl, uint32_t addr, uint32_t val)
5938{
5939 RT_NOREF1(addr);
5940 Log2(("%s: addr=%#06x val=%#010x\n", __FUNCTION__, addr, val));
5941 pCtl->BmDma.GCPhysAddr = (pCtl->BmDma.GCPhysAddr & 0xFFFF0000) | RT_LOWORD(val & ~3);
5942
5943}
5944
5945static void ataBMDMAAddrWriteHighWord(PATACONTROLLER pCtl, uint32_t addr, uint32_t val)
5946{
5947 Log2(("%s: addr=%#06x val=%#010x\n", __FUNCTION__, addr, val));
5948 RT_NOREF1(addr);
5949 pCtl->BmDma.GCPhysAddr = (RT_LOWORD(val) << 16) | RT_LOWORD(pCtl->BmDma.GCPhysAddr);
5950}
5951
5952#define VAL(port, size) ( ((port) & 7) | ((size) << 3) )
5953
5954/**
5955 * Port I/O Handler for bus master DMA IN operations.
5956 * @see FNIOMIOPORTIN for details.
5957 */
5958PDMBOTHCBDECL(int) ataBMDMAIOPortRead(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t *pu32, unsigned cb)
5959{
5960 uint32_t i = (uint32_t)(uintptr_t)pvUser;
5961 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
5962 PATACONTROLLER pCtl = &pThis->aCts[i];
5963
5964 int rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_READ);
5965 if (rc != VINF_SUCCESS)
5966 return rc;
5967 switch (VAL(Port, cb))
5968 {
5969 case VAL(0, 1): *pu32 = ataBMDMACmdReadB(pCtl, Port); break;
5970 case VAL(0, 2): *pu32 = ataBMDMACmdReadB(pCtl, Port); break;
5971 case VAL(2, 1): *pu32 = ataBMDMAStatusReadB(pCtl, Port); break;
5972 case VAL(2, 2): *pu32 = ataBMDMAStatusReadB(pCtl, Port); break;
5973 case VAL(4, 4): *pu32 = ataBMDMAAddrReadL(pCtl, Port); break;
5974 case VAL(0, 4):
5975 /* The SCO OpenServer tries to read 4 bytes starting from offset 0. */
5976 *pu32 = ataBMDMACmdReadB(pCtl, Port) | (ataBMDMAStatusReadB(pCtl, Port) << 16);
5977 break;
5978 default:
5979 AssertMsgFailed(("%s: Unsupported read from port %x size=%d\n", __FUNCTION__, Port, cb));
5980 rc = VERR_IOM_IOPORT_UNUSED;
5981 break;
5982 }
5983 PDMCritSectLeave(&pCtl->lock);
5984 return rc;
5985}
5986
5987/**
5988 * Port I/O Handler for bus master DMA OUT operations.
5989 * @see FNIOMIOPORTOUT for details.
5990 */
5991PDMBOTHCBDECL(int) ataBMDMAIOPortWrite(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t u32, unsigned cb)
5992{
5993 uint32_t i = (uint32_t)(uintptr_t)pvUser;
5994 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
5995 PATACONTROLLER pCtl = &pThis->aCts[i];
5996
5997 int rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_WRITE);
5998 if (rc != VINF_SUCCESS)
5999 return rc;
6000 switch (VAL(Port, cb))
6001 {
6002 case VAL(0, 1):
6003#ifdef IN_RC
6004 if (u32 & BM_CMD_START)
6005 {
6006 rc = VINF_IOM_R3_IOPORT_WRITE;
6007 break;
6008 }
6009#endif
6010 ataBMDMACmdWriteB(pCtl, Port, u32);
6011 break;
6012 case VAL(2, 1): ataBMDMAStatusWriteB(pCtl, Port, u32); break;
6013 case VAL(4, 4): ataBMDMAAddrWriteL(pCtl, Port, u32); break;
6014 case VAL(4, 2): ataBMDMAAddrWriteLowWord(pCtl, Port, u32); break;
6015 case VAL(6, 2): ataBMDMAAddrWriteHighWord(pCtl, Port, u32); break;
6016 default: AssertMsgFailed(("%s: Unsupported write to port %x size=%d val=%x\n", __FUNCTION__, Port, cb, u32)); break;
6017 }
6018 PDMCritSectLeave(&pCtl->lock);
6019 return rc;
6020}
6021
6022#undef VAL
6023
6024#ifdef IN_RING3
6025
6026/**
6027 * @callback_method_impl{FNPCIIOREGIONMAP}
6028 */
6029static DECLCALLBACK(int) ataR3BMDMAIORangeMap(PPDMDEVINS pDevIns, PPDMPCIDEV pPciDev, uint32_t iRegion,
6030 RTGCPHYS GCPhysAddress, RTGCPHYS cb, PCIADDRESSSPACE enmType)
6031{
6032 RT_NOREF(iRegion, cb, enmType, pPciDev);
6033 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6034 int rc = VINF_SUCCESS;
6035 Assert(enmType == PCI_ADDRESS_SPACE_IO);
6036 Assert(iRegion == 4);
6037 AssertMsg(RT_ALIGN(GCPhysAddress, 8) == GCPhysAddress, ("Expected 8 byte alignment. GCPhysAddress=%#x\n", GCPhysAddress));
6038
6039 /* Register the port range. */
6040 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
6041 {
6042 int rc2 = PDMDevHlpIOPortRegister(pDevIns, (RTIOPORT)GCPhysAddress + i * 8, 8,
6043 (RTHCPTR)(uintptr_t)i, ataBMDMAIOPortWrite, ataBMDMAIOPortRead,
6044 NULL, NULL, "ATA Bus Master DMA");
6045 AssertRC(rc2);
6046 if (rc2 < rc)
6047 rc = rc2;
6048
6049 if (pThis->fRCEnabled)
6050 {
6051 rc2 = PDMDevHlpIOPortRegisterRC(pDevIns, (RTIOPORT)GCPhysAddress + i * 8, 8,
6052 (RTGCPTR)i, "ataBMDMAIOPortWrite", "ataBMDMAIOPortRead",
6053 NULL, NULL, "ATA Bus Master DMA");
6054 AssertRC(rc2);
6055 if (rc2 < rc)
6056 rc = rc2;
6057 }
6058 if (pThis->fR0Enabled)
6059 {
6060 rc2 = PDMDevHlpIOPortRegisterR0(pDevIns, (RTIOPORT)GCPhysAddress + i * 8, 8,
6061 (RTR0PTR)i, "ataBMDMAIOPortWrite", "ataBMDMAIOPortRead",
6062 NULL, NULL, "ATA Bus Master DMA");
6063 AssertRC(rc2);
6064 if (rc2 < rc)
6065 rc = rc2;
6066 }
6067 }
6068 return rc;
6069}
6070
6071
6072/* -=-=-=-=-=- PCIATAState::IBase -=-=-=-=-=- */
6073
6074/**
6075 * @interface_method_impl{PDMIBASE,pfnQueryInterface}
6076 */
6077static DECLCALLBACK(void *) ataR3Status_QueryInterface(PPDMIBASE pInterface, const char *pszIID)
6078{
6079 PCIATAState *pThis = RT_FROM_MEMBER(pInterface, PCIATAState, IBase);
6080 PDMIBASE_RETURN_INTERFACE(pszIID, PDMIBASE, &pThis->IBase);
6081 PDMIBASE_RETURN_INTERFACE(pszIID, PDMILEDPORTS, &pThis->ILeds);
6082 return NULL;
6083}
6084
6085
6086/* -=-=-=-=-=- PCIATAState::ILeds -=-=-=-=-=- */
6087
6088/**
6089 * Gets the pointer to the status LED of a unit.
6090 *
6091 * @returns VBox status code.
6092 * @param pInterface Pointer to the interface structure containing the called function pointer.
6093 * @param iLUN The unit which status LED we desire.
6094 * @param ppLed Where to store the LED pointer.
6095 */
6096static DECLCALLBACK(int) ataR3Status_QueryStatusLed(PPDMILEDPORTS pInterface, unsigned iLUN, PPDMLED *ppLed)
6097{
6098 PCIATAState *pThis = RT_FROM_MEMBER(pInterface, PCIATAState, ILeds);
6099 if (iLUN < 4)
6100 {
6101 switch (iLUN)
6102 {
6103 case 0: *ppLed = &pThis->aCts[0].aIfs[0].Led; break;
6104 case 1: *ppLed = &pThis->aCts[0].aIfs[1].Led; break;
6105 case 2: *ppLed = &pThis->aCts[1].aIfs[0].Led; break;
6106 case 3: *ppLed = &pThis->aCts[1].aIfs[1].Led; break;
6107 }
6108 Assert((*ppLed)->u32Magic == PDMLED_MAGIC);
6109 return VINF_SUCCESS;
6110 }
6111 return VERR_PDM_LUN_NOT_FOUND;
6112}
6113
6114
6115/* -=-=-=-=-=- ATADevState::IBase -=-=-=-=-=- */
6116
6117/**
6118 * @interface_method_impl{PDMIBASE,pfnQueryInterface}
6119 */
6120static DECLCALLBACK(void *) ataR3QueryInterface(PPDMIBASE pInterface, const char *pszIID)
6121{
6122 ATADevState *pIf = RT_FROM_MEMBER(pInterface, ATADevState, IBase);
6123 PDMIBASE_RETURN_INTERFACE(pszIID, PDMIBASE, &pIf->IBase);
6124 PDMIBASE_RETURN_INTERFACE(pszIID, PDMIMEDIAPORT, &pIf->IPort);
6125 PDMIBASE_RETURN_INTERFACE(pszIID, PDMIMOUNTNOTIFY, &pIf->IMountNotify);
6126 return NULL;
6127}
6128
6129
6130/* -=-=-=-=-=- ATADevState::IPort -=-=-=-=-=- */
6131
6132/**
6133 * @interface_method_impl{PDMIMEDIAPORT,pfnQueryDeviceLocation}
6134 */
6135static DECLCALLBACK(int) ataR3QueryDeviceLocation(PPDMIMEDIAPORT pInterface, const char **ppcszController,
6136 uint32_t *piInstance, uint32_t *piLUN)
6137{
6138 ATADevState *pIf = RT_FROM_MEMBER(pInterface, ATADevState, IPort);
6139 PPDMDEVINS pDevIns = pIf->CTX_SUFF(pDevIns);
6140
6141 AssertPtrReturn(ppcszController, VERR_INVALID_POINTER);
6142 AssertPtrReturn(piInstance, VERR_INVALID_POINTER);
6143 AssertPtrReturn(piLUN, VERR_INVALID_POINTER);
6144
6145 *ppcszController = pDevIns->pReg->szName;
6146 *piInstance = pDevIns->iInstance;
6147 *piLUN = pIf->iLUN;
6148
6149 return VINF_SUCCESS;
6150}
6151
6152#endif /* IN_RING3 */
6153
6154/* -=-=-=-=-=- Wrappers -=-=-=-=-=- */
6155
6156
6157/**
6158 * Port I/O Handler for primary port range OUT operations.
6159 * @see FNIOMIOPORTOUT for details.
6160 */
6161PDMBOTHCBDECL(int) ataIOPortWrite1Other(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t u32, unsigned cb)
6162{
6163 uint32_t i = (uint32_t)(uintptr_t)pvUser;
6164 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6165 PATACONTROLLER pCtl = &pThis->aCts[i];
6166
6167 Assert(i < 2);
6168 Assert(Port != pCtl->IOPortBase1);
6169
6170 int rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_WRITE);
6171 if (rc == VINF_SUCCESS)
6172 {
6173 /* Writes to the other command block ports should be 8-bit only. If they
6174 * are not, the high bits are simply discarded. Undocumented, but observed
6175 * on a real PIIX4 system.
6176 */
6177 if (cb > 1)
6178 Log(("ataIOPortWrite1: suspect write to port %x val=%x size=%d\n", Port, u32, cb));
6179
6180 rc = ataIOPortWriteU8(pCtl, Port, u32);
6181
6182 PDMCritSectLeave(&pCtl->lock);
6183 }
6184 return rc;
6185}
6186
6187
6188/**
6189 * Port I/O Handler for primary port range IN operations.
6190 * @see FNIOMIOPORTIN for details.
6191 */
6192PDMBOTHCBDECL(int) ataIOPortRead1Other(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t *pu32, unsigned cb)
6193{
6194 uint32_t i = (uint32_t)(uintptr_t)pvUser;
6195 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6196 PATACONTROLLER pCtl = &pThis->aCts[i];
6197
6198 Assert(i < 2);
6199 Assert(Port != pCtl->IOPortBase1);
6200
6201 int rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_READ);
6202 if (rc == VINF_SUCCESS)
6203 {
6204 /* Reads from the other command block registers should be 8-bit only.
6205 * If they are not, the low byte is propagated to the high bits.
6206 * Undocumented, but observed on a real PIIX4 system.
6207 */
6208 rc = ataIOPortReadU8(pCtl, Port, pu32);
6209 if (cb > 1)
6210 {
6211 uint32_t pad;
6212
6213 /* Replicate the 8-bit result into the upper three bytes. */
6214 pad = *pu32 & 0xff;
6215 pad = pad | (pad << 8);
6216 pad = pad | (pad << 16);
6217 *pu32 = pad;
6218 Log(("ataIOPortRead1: suspect read from port %x size=%d\n", Port, cb));
6219 }
6220 PDMCritSectLeave(&pCtl->lock);
6221 }
6222 return rc;
6223}
6224
6225
6226/**
6227 * Port I/O Handler for secondary port range OUT operations.
6228 * @see FNIOMIOPORTOUT for details.
6229 */
6230PDMBOTHCBDECL(int) ataIOPortWrite2(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t u32, unsigned cb)
6231{
6232 uint32_t i = (uint32_t)(uintptr_t)pvUser;
6233 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6234 PATACONTROLLER pCtl = &pThis->aCts[i];
6235 int rc;
6236
6237 Assert(i < 2);
6238
6239 if (cb == 1)
6240 {
6241 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_WRITE);
6242 if (rc == VINF_SUCCESS)
6243 {
6244 rc = ataControlWrite(pCtl, Port, u32);
6245 PDMCritSectLeave(&pCtl->lock);
6246 }
6247 }
6248 else
6249 rc = VINF_SUCCESS;
6250 return rc;
6251}
6252
6253
6254/**
6255 * Port I/O Handler for secondary port range IN operations.
6256 * @see FNIOMIOPORTIN for details.
6257 */
6258PDMBOTHCBDECL(int) ataIOPortRead2(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t *pu32, unsigned cb)
6259{
6260 uint32_t i = (uint32_t)(uintptr_t)pvUser;
6261 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6262 PATACONTROLLER pCtl = &pThis->aCts[i];
6263 int rc;
6264
6265 Assert(i < 2);
6266
6267 if (cb == 1)
6268 {
6269 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_R3_IOPORT_READ);
6270 if (rc == VINF_SUCCESS)
6271 {
6272 *pu32 = ataStatusRead(pCtl, Port);
6273 PDMCritSectLeave(&pCtl->lock);
6274 }
6275 }
6276 else
6277 rc = VERR_IOM_IOPORT_UNUSED;
6278 return rc;
6279}
6280
6281#ifdef IN_RING3
6282
6283
6284DECLINLINE(void) ataR3RelocBuffer(PPDMDEVINS pDevIns, ATADevState *s)
6285{
6286 if (s->pbIOBufferR3)
6287 s->pbIOBufferRC = MMHyperR3ToRC(PDMDevHlpGetVM(pDevIns), s->pbIOBufferR3);
6288}
6289
6290
6291/**
6292 * Detach notification.
6293 *
6294 * The DVD drive has been unplugged.
6295 *
6296 * @param pDevIns The device instance.
6297 * @param iLUN The logical unit which is being detached.
6298 * @param fFlags Flags, combination of the PDMDEVATT_FLAGS_* \#defines.
6299 */
6300static DECLCALLBACK(void) ataR3Detach(PPDMDEVINS pDevIns, unsigned iLUN, uint32_t fFlags)
6301{
6302 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6303 AssertMsg(fFlags & PDM_TACH_FLAGS_NOT_HOT_PLUG,
6304 ("PIIX3IDE: Device does not support hotplugging\n")); RT_NOREF(fFlags);
6305
6306 /*
6307 * Locate the controller and stuff.
6308 */
6309 unsigned iController = iLUN / RT_ELEMENTS(pThis->aCts[0].aIfs);
6310 AssertReleaseMsg(iController < RT_ELEMENTS(pThis->aCts), ("iController=%d iLUN=%d\n", iController, iLUN));
6311 PATACONTROLLER pCtl = &pThis->aCts[iController];
6312
6313 unsigned iInterface = iLUN % RT_ELEMENTS(pThis->aCts[0].aIfs);
6314 ATADevState *pIf = &pCtl->aIfs[iInterface];
6315
6316 /*
6317 * Zero some important members.
6318 */
6319 pIf->pDrvBase = NULL;
6320 pIf->pDrvMedia = NULL;
6321 pIf->pDrvMount = NULL;
6322
6323 /*
6324 * In case there was a medium inserted.
6325 */
6326 ataR3MediumRemoved(pIf);
6327}
6328
6329
6330/**
6331 * Configure a LUN.
6332 *
6333 * @returns VBox status code.
6334 * @param pDevIns The device instance.
6335 * @param pIf The ATA unit state.
6336 */
6337static int ataR3ConfigLun(PPDMDEVINS pDevIns, ATADevState *pIf)
6338{
6339 int rc = VINF_SUCCESS;
6340 PDMMEDIATYPE enmType;
6341
6342 /*
6343 * Query Block, Bios and Mount interfaces.
6344 */
6345 pIf->pDrvMedia = PDMIBASE_QUERY_INTERFACE(pIf->pDrvBase, PDMIMEDIA);
6346 if (!pIf->pDrvMedia)
6347 {
6348 AssertMsgFailed(("Configuration error: LUN#%d hasn't a block interface!\n", pIf->iLUN));
6349 return VERR_PDM_MISSING_INTERFACE;
6350 }
6351
6352 pIf->pDrvMount = PDMIBASE_QUERY_INTERFACE(pIf->pDrvBase, PDMIMOUNT);
6353
6354 /*
6355 * Validate type.
6356 */
6357 enmType = pIf->pDrvMedia->pfnGetType(pIf->pDrvMedia);
6358 if ( enmType != PDMMEDIATYPE_CDROM
6359 && enmType != PDMMEDIATYPE_DVD
6360 && enmType != PDMMEDIATYPE_HARD_DISK)
6361 {
6362 AssertMsgFailed(("Configuration error: LUN#%d isn't a disk or cd/dvd-rom. enmType=%d\n", pIf->iLUN, enmType));
6363 return VERR_PDM_UNSUPPORTED_BLOCK_TYPE;
6364 }
6365 if ( ( enmType == PDMMEDIATYPE_DVD
6366 || enmType == PDMMEDIATYPE_CDROM)
6367 && !pIf->pDrvMount)
6368 {
6369 AssertMsgFailed(("Internal error: cdrom without a mountable interface, WTF???!\n"));
6370 return VERR_INTERNAL_ERROR;
6371 }
6372 pIf->fATAPI = enmType == PDMMEDIATYPE_DVD || enmType == PDMMEDIATYPE_CDROM;
6373 pIf->fATAPIPassthrough = pIf->fATAPI ? (pIf->pDrvMedia->pfnSendCmd != NULL) : false;
6374
6375 /*
6376 * Allocate I/O buffer.
6377 */
6378 if (pIf->fATAPI)
6379 pIf->cbSector = 2048; /* Not required for ATAPI, one medium can have multiple sector sizes. */
6380 else
6381 pIf->cbSector = pIf->pDrvMedia->pfnGetSectorSize(pIf->pDrvMedia);
6382
6383 PVM pVM = PDMDevHlpGetVM(pDevIns);
6384 if (pIf->cbIOBuffer)
6385 {
6386 /* Buffer is (probably) already allocated. Validate the fields,
6387 * because memory corruption can also overwrite pIf->cbIOBuffer. */
6388 if (pIf->fATAPI)
6389 AssertRelease(pIf->cbIOBuffer == _128K);
6390 else
6391 AssertRelease(pIf->cbIOBuffer == ATA_MAX_MULT_SECTORS * pIf->cbSector);
6392 Assert(pIf->pbIOBufferR3);
6393 Assert(pIf->pbIOBufferR0 == MMHyperR3ToR0(pVM, pIf->pbIOBufferR3));
6394 Assert(pIf->pbIOBufferRC == MMHyperR3ToRC(pVM, pIf->pbIOBufferR3));
6395 }
6396 else
6397 {
6398 if (pIf->fATAPI)
6399 pIf->cbIOBuffer = _128K;
6400 else
6401 pIf->cbIOBuffer = ATA_MAX_MULT_SECTORS * pIf->cbSector;
6402 Assert(!pIf->pbIOBufferR3);
6403 rc = MMR3HyperAllocOnceNoRel(pVM, pIf->cbIOBuffer, 0, MM_TAG_PDM_DEVICE_USER, (void **)&pIf->pbIOBufferR3);
6404 if (RT_FAILURE(rc))
6405 return VERR_NO_MEMORY;
6406 pIf->pbIOBufferR0 = MMHyperR3ToR0(pVM, pIf->pbIOBufferR3);
6407 pIf->pbIOBufferRC = MMHyperR3ToRC(pVM, pIf->pbIOBufferR3);
6408 }
6409
6410 /*
6411 * Init geometry (only for non-CD/DVD media).
6412 */
6413 uint32_t cRegions = pIf->pDrvMedia->pfnGetRegionCount(pIf->pDrvMedia);
6414 pIf->cTotalSectors = 0;
6415 for (uint32_t i = 0; i < cRegions; i++)
6416 {
6417 uint64_t cBlocks = 0;
6418 rc = pIf->pDrvMedia->pfnQueryRegionProperties(pIf->pDrvMedia, i, NULL, &cBlocks,
6419 NULL, NULL);
6420 AssertRC(rc);
6421 pIf->cTotalSectors += cBlocks;
6422 }
6423
6424 if (pIf->fATAPI)
6425 {
6426 pIf->PCHSGeometry.cCylinders = 0; /* dummy */
6427 pIf->PCHSGeometry.cHeads = 0; /* dummy */
6428 pIf->PCHSGeometry.cSectors = 0; /* dummy */
6429 LogRel(("PIIX3 ATA: LUN#%d: CD/DVD, total number of sectors %Ld, passthrough %s\n",
6430 pIf->iLUN, pIf->cTotalSectors, (pIf->fATAPIPassthrough ? "enabled" : "disabled")));
6431 }
6432 else
6433 {
6434 rc = pIf->pDrvMedia->pfnBiosGetPCHSGeometry(pIf->pDrvMedia, &pIf->PCHSGeometry);
6435 if (rc == VERR_PDM_MEDIA_NOT_MOUNTED)
6436 {
6437 pIf->PCHSGeometry.cCylinders = 0;
6438 pIf->PCHSGeometry.cHeads = 16; /*??*/
6439 pIf->PCHSGeometry.cSectors = 63; /*??*/
6440 }
6441 else if (rc == VERR_PDM_GEOMETRY_NOT_SET)
6442 {
6443 pIf->PCHSGeometry.cCylinders = 0; /* autodetect marker */
6444 rc = VINF_SUCCESS;
6445 }
6446 AssertRC(rc);
6447
6448 if ( pIf->PCHSGeometry.cCylinders == 0
6449 || pIf->PCHSGeometry.cHeads == 0
6450 || pIf->PCHSGeometry.cSectors == 0
6451 )
6452 {
6453 uint64_t cCylinders = pIf->cTotalSectors / (16 * 63);
6454 pIf->PCHSGeometry.cCylinders = RT_MAX(RT_MIN(cCylinders, 16383), 1);
6455 pIf->PCHSGeometry.cHeads = 16;
6456 pIf->PCHSGeometry.cSectors = 63;
6457 /* Set the disk geometry information. Ignore errors. */
6458 pIf->pDrvMedia->pfnBiosSetPCHSGeometry(pIf->pDrvMedia, &pIf->PCHSGeometry);
6459 rc = VINF_SUCCESS;
6460 }
6461 LogRel(("PIIX3 ATA: LUN#%d: disk, PCHS=%u/%u/%u, total number of sectors %Ld\n",
6462 pIf->iLUN, pIf->PCHSGeometry.cCylinders, pIf->PCHSGeometry.cHeads, pIf->PCHSGeometry.cSectors,
6463 pIf->cTotalSectors));
6464
6465 if (pIf->pDrvMedia->pfnDiscard)
6466 LogRel(("PIIX3 ATA: LUN#%d: TRIM enabled\n", pIf->iLUN));
6467 }
6468 return rc;
6469}
6470
6471
6472/**
6473 * Attach command.
6474 *
6475 * This is called when we change block driver for the DVD drive.
6476 *
6477 * @returns VBox status code.
6478 * @param pDevIns The device instance.
6479 * @param iLUN The logical unit which is being detached.
6480 * @param fFlags Flags, combination of the PDMDEVATT_FLAGS_* \#defines.
6481 */
6482static DECLCALLBACK(int) ataR3Attach(PPDMDEVINS pDevIns, unsigned iLUN, uint32_t fFlags)
6483{
6484 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6485 PATACONTROLLER pCtl;
6486 ATADevState *pIf;
6487 int rc;
6488 unsigned iController;
6489 unsigned iInterface;
6490
6491 AssertMsgReturn(fFlags & PDM_TACH_FLAGS_NOT_HOT_PLUG,
6492 ("PIIX3IDE: Device does not support hotplugging\n"),
6493 VERR_INVALID_PARAMETER);
6494
6495 /*
6496 * Locate the controller and stuff.
6497 */
6498 iController = iLUN / RT_ELEMENTS(pThis->aCts[0].aIfs);
6499 AssertReleaseMsg(iController < RT_ELEMENTS(pThis->aCts), ("iController=%d iLUN=%d\n", iController, iLUN));
6500 pCtl = &pThis->aCts[iController];
6501
6502 iInterface = iLUN % RT_ELEMENTS(pThis->aCts[0].aIfs);
6503 pIf = &pCtl->aIfs[iInterface];
6504
6505 /* the usual paranoia */
6506 AssertRelease(!pIf->pDrvBase);
6507 AssertRelease(!pIf->pDrvMedia);
6508 Assert(ATADEVSTATE_2_CONTROLLER(pIf) == pCtl);
6509 Assert(pIf->iLUN == iLUN);
6510
6511 /*
6512 * Try attach the block device and get the interfaces,
6513 * required as well as optional.
6514 */
6515 rc = PDMDevHlpDriverAttach(pDevIns, pIf->iLUN, &pIf->IBase, &pIf->pDrvBase, NULL);
6516 if (RT_SUCCESS(rc))
6517 {
6518 rc = ataR3ConfigLun(pDevIns, pIf);
6519 /*
6520 * In case there is a medium inserted.
6521 */
6522 ataR3MediumInserted(pIf);
6523 ataR3MediumTypeSet(pIf, ATA_MEDIA_TYPE_UNKNOWN);
6524 }
6525 else
6526 AssertMsgFailed(("Failed to attach LUN#%d. rc=%Rrc\n", pIf->iLUN, rc));
6527
6528 if (RT_FAILURE(rc))
6529 {
6530 pIf->pDrvBase = NULL;
6531 pIf->pDrvMedia = NULL;
6532 }
6533 return rc;
6534}
6535
6536
6537/**
6538 * Resume notification.
6539 *
6540 * @returns VBox status code.
6541 * @param pDevIns The device instance data.
6542 */
6543static DECLCALLBACK(void) ataR3Resume(PPDMDEVINS pDevIns)
6544{
6545 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6546 int rc;
6547
6548 Log(("%s:\n", __FUNCTION__));
6549 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
6550 {
6551 if (pThis->aCts[i].fRedo && pThis->aCts[i].fRedoIdle)
6552 {
6553 rc = RTSemEventSignal(pThis->aCts[i].SuspendIOSem);
6554 AssertRC(rc);
6555 }
6556 }
6557 return;
6558}
6559
6560
6561/**
6562 * Checks if all (both) the async I/O threads have quiesced.
6563 *
6564 * @returns true on success.
6565 * @returns false when one or more threads is still processing.
6566 * @param pDevIns Pointer to the PDM device instance.
6567 */
6568static bool ataR3AllAsyncIOIsIdle(PPDMDEVINS pDevIns)
6569{
6570 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6571
6572 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
6573 if (pThis->aCts[i].AsyncIOThread != NIL_RTTHREAD)
6574 {
6575 bool fRc = ataR3AsyncIOIsIdle(&pThis->aCts[i], false /*fStrict*/);
6576 if (!fRc)
6577 {
6578 /* Make it signal PDM & itself when its done */
6579 PDMCritSectEnter(&pThis->aCts[i].AsyncIORequestLock, VERR_IGNORED);
6580 ASMAtomicWriteBool(&pThis->aCts[i].fSignalIdle, true);
6581 PDMCritSectLeave(&pThis->aCts[i].AsyncIORequestLock);
6582
6583 fRc = ataR3AsyncIOIsIdle(&pThis->aCts[i], false /*fStrict*/);
6584 if (!fRc)
6585 {
6586#if 0 /** @todo Need to do some time tracking here... */
6587 LogRel(("PIIX3 ATA: Ctl#%u is still executing, DevSel=%d AIOIf=%d CmdIf0=%#04x CmdIf1=%#04x\n",
6588 i, pThis->aCts[i].iSelectedIf, pThis->aCts[i].iAIOIf,
6589 pThis->aCts[i].aIfs[0].uATARegCommand, pThis->aCts[i].aIfs[1].uATARegCommand));
6590#endif
6591 return false;
6592 }
6593 }
6594 ASMAtomicWriteBool(&pThis->aCts[i].fSignalIdle, false);
6595 }
6596 return true;
6597}
6598
6599/**
6600 * Prepare state save and load operation.
6601 *
6602 * @returns VBox status code.
6603 * @param pDevIns Device instance of the device which registered the data unit.
6604 * @param pSSM SSM operation handle.
6605 */
6606static DECLCALLBACK(int) ataR3SaveLoadPrep(PPDMDEVINS pDevIns, PSSMHANDLE pSSM)
6607{
6608 RT_NOREF1(pSSM);
6609 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6610
6611 /* sanity - the suspend notification will wait on the async stuff. */
6612 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
6613 AssertLogRelMsgReturn(ataR3AsyncIOIsIdle(&pThis->aCts[i], false /*fStrict*/),
6614 ("i=%u\n", i),
6615 VERR_SSM_IDE_ASYNC_TIMEOUT);
6616 return VINF_SUCCESS;
6617}
6618
6619/**
6620 * @copydoc FNSSMDEVLIVEEXEC
6621 */
6622static DECLCALLBACK(int) ataR3LiveExec(PPDMDEVINS pDevIns, PSSMHANDLE pSSM, uint32_t uPass)
6623{
6624 RT_NOREF1(uPass);
6625 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6626
6627 SSMR3PutU8(pSSM, pThis->u8Type);
6628 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
6629 {
6630 SSMR3PutBool(pSSM, true); /* For controller enabled / disabled. */
6631 for (uint32_t j = 0; j < RT_ELEMENTS(pThis->aCts[i].aIfs); j++)
6632 {
6633 SSMR3PutBool(pSSM, pThis->aCts[i].aIfs[j].pDrvBase != NULL);
6634 SSMR3PutStrZ(pSSM, pThis->aCts[i].aIfs[j].szSerialNumber);
6635 SSMR3PutStrZ(pSSM, pThis->aCts[i].aIfs[j].szFirmwareRevision);
6636 SSMR3PutStrZ(pSSM, pThis->aCts[i].aIfs[j].szModelNumber);
6637 }
6638 }
6639
6640 return VINF_SSM_DONT_CALL_AGAIN;
6641}
6642
6643/**
6644 * @copydoc FNSSMDEVSAVEEXEC
6645 */
6646static DECLCALLBACK(int) ataR3SaveExec(PPDMDEVINS pDevIns, PSSMHANDLE pSSM)
6647{
6648 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6649
6650 ataR3LiveExec(pDevIns, pSSM, SSM_PASS_FINAL);
6651
6652 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
6653 {
6654 SSMR3PutU8(pSSM, pThis->aCts[i].iSelectedIf);
6655 SSMR3PutU8(pSSM, pThis->aCts[i].iAIOIf);
6656 SSMR3PutU8(pSSM, pThis->aCts[i].uAsyncIOState);
6657 SSMR3PutBool(pSSM, pThis->aCts[i].fChainedTransfer);
6658 SSMR3PutBool(pSSM, pThis->aCts[i].fReset);
6659 SSMR3PutBool(pSSM, pThis->aCts[i].fRedo);
6660 SSMR3PutBool(pSSM, pThis->aCts[i].fRedoIdle);
6661 SSMR3PutBool(pSSM, pThis->aCts[i].fRedoDMALastDesc);
6662 SSMR3PutMem(pSSM, &pThis->aCts[i].BmDma, sizeof(pThis->aCts[i].BmDma));
6663 SSMR3PutGCPhys32(pSSM, pThis->aCts[i].GCPhysFirstDMADesc);
6664 SSMR3PutGCPhys32(pSSM, pThis->aCts[i].GCPhysLastDMADesc);
6665 SSMR3PutGCPhys32(pSSM, pThis->aCts[i].GCPhysRedoDMABuffer);
6666 SSMR3PutU32(pSSM, pThis->aCts[i].cbRedoDMABuffer);
6667
6668 for (uint32_t j = 0; j < RT_ELEMENTS(pThis->aCts[i].aIfs); j++)
6669 {
6670 SSMR3PutBool(pSSM, pThis->aCts[i].aIfs[j].fLBA48);
6671 SSMR3PutBool(pSSM, pThis->aCts[i].aIfs[j].fATAPI);
6672 SSMR3PutBool(pSSM, pThis->aCts[i].aIfs[j].fIrqPending);
6673 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].cMultSectors);
6674 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].PCHSGeometry.cCylinders);
6675 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].PCHSGeometry.cHeads);
6676 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].PCHSGeometry.cSectors);
6677 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].cSectorsPerIRQ);
6678 SSMR3PutU64(pSSM, pThis->aCts[i].aIfs[j].cTotalSectors);
6679 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegFeature);
6680 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegFeatureHOB);
6681 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegError);
6682 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegNSector);
6683 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegNSectorHOB);
6684 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegSector);
6685 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegSectorHOB);
6686 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegLCyl);
6687 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegLCylHOB);
6688 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegHCyl);
6689 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegHCylHOB);
6690 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegSelect);
6691 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegStatus);
6692 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegCommand);
6693 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegDevCtl);
6694 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATATransferMode);
6695 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uTxDir);
6696 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].iBeginTransfer);
6697 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].iSourceSink);
6698 SSMR3PutBool(pSSM, pThis->aCts[i].aIfs[j].fDMA);
6699 SSMR3PutBool(pSSM, pThis->aCts[i].aIfs[j].fATAPITransfer);
6700 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].cbTotalTransfer);
6701 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].cbElementaryTransfer);
6702 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].iIOBufferCur);
6703 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].iIOBufferEnd);
6704 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].iIOBufferPIODataStart);
6705 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].iIOBufferPIODataEnd);
6706 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].iATAPILBA);
6707 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].cbATAPISector);
6708 SSMR3PutMem(pSSM, &pThis->aCts[i].aIfs[j].aATAPICmd, sizeof(pThis->aCts[i].aIfs[j].aATAPICmd));
6709 SSMR3PutMem(pSSM, &pThis->aCts[i].aIfs[j].abATAPISense, sizeof(pThis->aCts[i].aIfs[j].abATAPISense));
6710 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].cNotifiedMediaChange);
6711 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].MediaEventStatus);
6712 SSMR3PutMem(pSSM, &pThis->aCts[i].aIfs[j].Led, sizeof(pThis->aCts[i].aIfs[j].Led));
6713 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].cbIOBuffer);
6714 if (pThis->aCts[i].aIfs[j].cbIOBuffer)
6715 SSMR3PutMem(pSSM, pThis->aCts[i].aIfs[j].CTX_SUFF(pbIOBuffer), pThis->aCts[i].aIfs[j].cbIOBuffer);
6716 else
6717 Assert(pThis->aCts[i].aIfs[j].CTX_SUFF(pbIOBuffer) == NULL);
6718 }
6719 }
6720
6721 return SSMR3PutU32(pSSM, UINT32_MAX); /* sanity/terminator */
6722}
6723
6724/**
6725 * Converts the LUN number into a message string.
6726 */
6727static const char *ataR3StringifyLun(unsigned iLun)
6728{
6729 switch (iLun)
6730 {
6731 case 0: return "primary master";
6732 case 1: return "primary slave";
6733 case 2: return "secondary master";
6734 case 3: return "secondary slave";
6735 default: AssertFailedReturn("unknown lun");
6736 }
6737}
6738
6739/**
6740 * FNSSMDEVLOADEXEC
6741 */
6742static DECLCALLBACK(int) ataR3LoadExec(PPDMDEVINS pDevIns, PSSMHANDLE pSSM, uint32_t uVersion, uint32_t uPass)
6743{
6744 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6745 int rc;
6746 uint32_t u32;
6747
6748 if ( uVersion != ATA_SAVED_STATE_VERSION
6749 && uVersion != ATA_SAVED_STATE_VERSION_VBOX_30
6750 && uVersion != ATA_SAVED_STATE_VERSION_WITHOUT_FULL_SENSE
6751 && uVersion != ATA_SAVED_STATE_VERSION_WITHOUT_EVENT_STATUS
6752 && uVersion != ATA_SAVED_STATE_VERSION_WITH_BOOL_TYPE)
6753 {
6754 AssertMsgFailed(("uVersion=%d\n", uVersion));
6755 return VERR_SSM_UNSUPPORTED_DATA_UNIT_VERSION;
6756 }
6757
6758 /*
6759 * Verify the configuration.
6760 */
6761 if (uVersion > ATA_SAVED_STATE_VERSION_VBOX_30)
6762 {
6763 uint8_t u8Type;
6764 rc = SSMR3GetU8(pSSM, &u8Type);
6765 AssertRCReturn(rc, rc);
6766 if (u8Type != pThis->u8Type)
6767 return SSMR3SetCfgError(pSSM, RT_SRC_POS, N_("Config mismatch: u8Type - saved=%u config=%u"), u8Type, pThis->u8Type);
6768
6769 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
6770 {
6771 bool fEnabled;
6772 rc = SSMR3GetBool(pSSM, &fEnabled);
6773 AssertRCReturn(rc, rc);
6774 if (!fEnabled)
6775 return SSMR3SetCfgError(pSSM, RT_SRC_POS, N_("Ctr#%u onfig mismatch: fEnabled != true"), i);
6776
6777 for (uint32_t j = 0; j < RT_ELEMENTS(pThis->aCts[i].aIfs); j++)
6778 {
6779 ATADevState const *pIf = &pThis->aCts[i].aIfs[j];
6780
6781 bool fInUse;
6782 rc = SSMR3GetBool(pSSM, &fInUse);
6783 AssertRCReturn(rc, rc);
6784 if (fInUse != (pIf->pDrvBase != NULL))
6785 return SSMR3SetCfgError(pSSM, RT_SRC_POS,
6786 N_("The %s VM is missing a %s device. Please make sure the source and target VMs have compatible storage configurations"),
6787 fInUse ? "target" : "source", ataR3StringifyLun(pIf->iLUN) );
6788
6789 char szSerialNumber[ATA_SERIAL_NUMBER_LENGTH+1];
6790 rc = SSMR3GetStrZ(pSSM, szSerialNumber, sizeof(szSerialNumber));
6791 AssertRCReturn(rc, rc);
6792 if (strcmp(szSerialNumber, pIf->szSerialNumber))
6793 LogRel(("PIIX3 ATA: LUN#%u config mismatch: Serial number - saved='%s' config='%s'\n",
6794 pIf->iLUN, szSerialNumber, pIf->szSerialNumber));
6795
6796 char szFirmwareRevision[ATA_FIRMWARE_REVISION_LENGTH+1];
6797 rc = SSMR3GetStrZ(pSSM, szFirmwareRevision, sizeof(szFirmwareRevision));
6798 AssertRCReturn(rc, rc);
6799 if (strcmp(szFirmwareRevision, pIf->szFirmwareRevision))
6800 LogRel(("PIIX3 ATA: LUN#%u config mismatch: Firmware revision - saved='%s' config='%s'\n",
6801 pIf->iLUN, szFirmwareRevision, pIf->szFirmwareRevision));
6802
6803 char szModelNumber[ATA_MODEL_NUMBER_LENGTH+1];
6804 rc = SSMR3GetStrZ(pSSM, szModelNumber, sizeof(szModelNumber));
6805 AssertRCReturn(rc, rc);
6806 if (strcmp(szModelNumber, pIf->szModelNumber))
6807 LogRel(("PIIX3 ATA: LUN#%u config mismatch: Model number - saved='%s' config='%s'\n",
6808 pIf->iLUN, szModelNumber, pIf->szModelNumber));
6809 }
6810 }
6811 }
6812 if (uPass != SSM_PASS_FINAL)
6813 return VINF_SUCCESS;
6814
6815 /*
6816 * Restore valid parts of the PCIATAState structure
6817 */
6818 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
6819 {
6820 /* integrity check */
6821 if (!ataR3AsyncIOIsIdle(&pThis->aCts[i], false))
6822 {
6823 AssertMsgFailed(("Async I/O for controller %d is active\n", i));
6824 return VERR_INTERNAL_ERROR_4;
6825 }
6826
6827 SSMR3GetU8(pSSM, &pThis->aCts[i].iSelectedIf);
6828 SSMR3GetU8(pSSM, &pThis->aCts[i].iAIOIf);
6829 SSMR3GetU8(pSSM, &pThis->aCts[i].uAsyncIOState);
6830 SSMR3GetBool(pSSM, &pThis->aCts[i].fChainedTransfer);
6831 SSMR3GetBool(pSSM, (bool *)&pThis->aCts[i].fReset);
6832 SSMR3GetBool(pSSM, (bool *)&pThis->aCts[i].fRedo);
6833 SSMR3GetBool(pSSM, (bool *)&pThis->aCts[i].fRedoIdle);
6834 SSMR3GetBool(pSSM, (bool *)&pThis->aCts[i].fRedoDMALastDesc);
6835 SSMR3GetMem(pSSM, &pThis->aCts[i].BmDma, sizeof(pThis->aCts[i].BmDma));
6836 SSMR3GetGCPhys32(pSSM, &pThis->aCts[i].GCPhysFirstDMADesc);
6837 SSMR3GetGCPhys32(pSSM, &pThis->aCts[i].GCPhysLastDMADesc);
6838 SSMR3GetGCPhys32(pSSM, &pThis->aCts[i].GCPhysRedoDMABuffer);
6839 SSMR3GetU32(pSSM, &pThis->aCts[i].cbRedoDMABuffer);
6840
6841 for (uint32_t j = 0; j < RT_ELEMENTS(pThis->aCts[i].aIfs); j++)
6842 {
6843 SSMR3GetBool(pSSM, &pThis->aCts[i].aIfs[j].fLBA48);
6844 SSMR3GetBool(pSSM, &pThis->aCts[i].aIfs[j].fATAPI);
6845 SSMR3GetBool(pSSM, &pThis->aCts[i].aIfs[j].fIrqPending);
6846 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].cMultSectors);
6847 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].PCHSGeometry.cCylinders);
6848 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].PCHSGeometry.cHeads);
6849 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].PCHSGeometry.cSectors);
6850 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].cSectorsPerIRQ);
6851 SSMR3GetU64(pSSM, &pThis->aCts[i].aIfs[j].cTotalSectors);
6852 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegFeature);
6853 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegFeatureHOB);
6854 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegError);
6855 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegNSector);
6856 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegNSectorHOB);
6857 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegSector);
6858 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegSectorHOB);
6859 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegLCyl);
6860 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegLCylHOB);
6861 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegHCyl);
6862 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegHCylHOB);
6863 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegSelect);
6864 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegStatus);
6865 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegCommand);
6866 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegDevCtl);
6867 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATATransferMode);
6868 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uTxDir);
6869 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].iBeginTransfer);
6870 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].iSourceSink);
6871 SSMR3GetBool(pSSM, &pThis->aCts[i].aIfs[j].fDMA);
6872 SSMR3GetBool(pSSM, &pThis->aCts[i].aIfs[j].fATAPITransfer);
6873 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].cbTotalTransfer);
6874 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].cbElementaryTransfer);
6875 /* NB: cbPIOTransferLimit could be saved/restored but it's sufficient
6876 * to re-calculate it here, with a tiny risk that it could be
6877 * unnecessarily low for the current transfer only. Could be changed
6878 * when changing the saved state in the future.
6879 */
6880 pThis->aCts[i].aIfs[j].cbPIOTransferLimit = (pThis->aCts[i].aIfs[j].uATARegHCyl << 8) | pThis->aCts[i].aIfs[j].uATARegLCyl;
6881 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].iIOBufferCur);
6882 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].iIOBufferEnd);
6883 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].iIOBufferPIODataStart);
6884 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].iIOBufferPIODataEnd);
6885 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].iATAPILBA);
6886 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].cbATAPISector);
6887 SSMR3GetMem(pSSM, &pThis->aCts[i].aIfs[j].aATAPICmd, sizeof(pThis->aCts[i].aIfs[j].aATAPICmd));
6888 if (uVersion > ATA_SAVED_STATE_VERSION_WITHOUT_FULL_SENSE)
6889 {
6890 SSMR3GetMem(pSSM, pThis->aCts[i].aIfs[j].abATAPISense, sizeof(pThis->aCts[i].aIfs[j].abATAPISense));
6891 }
6892 else
6893 {
6894 uint8_t uATAPISenseKey, uATAPIASC;
6895 memset(pThis->aCts[i].aIfs[j].abATAPISense, '\0', sizeof(pThis->aCts[i].aIfs[j].abATAPISense));
6896 pThis->aCts[i].aIfs[j].abATAPISense[0] = 0x70 | (1 << 7);
6897 pThis->aCts[i].aIfs[j].abATAPISense[7] = 10;
6898 SSMR3GetU8(pSSM, &uATAPISenseKey);
6899 SSMR3GetU8(pSSM, &uATAPIASC);
6900 pThis->aCts[i].aIfs[j].abATAPISense[2] = uATAPISenseKey & 0x0f;
6901 pThis->aCts[i].aIfs[j].abATAPISense[12] = uATAPIASC;
6902 }
6903 /** @todo triple-check this hack after passthrough is working */
6904 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].cNotifiedMediaChange);
6905 if (uVersion > ATA_SAVED_STATE_VERSION_WITHOUT_EVENT_STATUS)
6906 SSMR3GetU32(pSSM, (uint32_t*)&pThis->aCts[i].aIfs[j].MediaEventStatus);
6907 else
6908 pThis->aCts[i].aIfs[j].MediaEventStatus = ATA_EVENT_STATUS_UNCHANGED;
6909 SSMR3GetMem(pSSM, &pThis->aCts[i].aIfs[j].Led, sizeof(pThis->aCts[i].aIfs[j].Led));
6910 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].cbIOBuffer);
6911 if (pThis->aCts[i].aIfs[j].cbIOBuffer)
6912 {
6913 if (pThis->aCts[i].aIfs[j].CTX_SUFF(pbIOBuffer))
6914 SSMR3GetMem(pSSM, pThis->aCts[i].aIfs[j].CTX_SUFF(pbIOBuffer), pThis->aCts[i].aIfs[j].cbIOBuffer);
6915 else
6916 {
6917 LogRel(("ATA: No buffer for %d/%d\n", i, j));
6918 if (SSMR3HandleGetAfter(pSSM) != SSMAFTER_DEBUG_IT)
6919 return SSMR3SetCfgError(pSSM, RT_SRC_POS, N_("No buffer for %d/%d"), i, j);
6920
6921 /* skip the buffer if we're loading for the debugger / animator. */
6922 uint8_t u8Ignored;
6923 size_t cbLeft = pThis->aCts[i].aIfs[j].cbIOBuffer;
6924 while (cbLeft-- > 0)
6925 SSMR3GetU8(pSSM, &u8Ignored);
6926 }
6927 }
6928 else
6929 Assert(pThis->aCts[i].aIfs[j].CTX_SUFF(pbIOBuffer) == NULL);
6930 }
6931 }
6932 if (uVersion <= ATA_SAVED_STATE_VERSION_VBOX_30)
6933 SSMR3GetU8(pSSM, &pThis->u8Type);
6934
6935 rc = SSMR3GetU32(pSSM, &u32);
6936 if (RT_FAILURE(rc))
6937 return rc;
6938 if (u32 != ~0U)
6939 {
6940 AssertMsgFailed(("u32=%#x expected ~0\n", u32));
6941 rc = VERR_SSM_DATA_UNIT_FORMAT_CHANGED;
6942 return rc;
6943 }
6944
6945 return VINF_SUCCESS;
6946}
6947
6948
6949/**
6950 * Callback employed by ataSuspend and ataR3PowerOff.
6951 *
6952 * @returns true if we've quiesced, false if we're still working.
6953 * @param pDevIns The device instance.
6954 */
6955static DECLCALLBACK(bool) ataR3IsAsyncSuspendOrPowerOffDone(PPDMDEVINS pDevIns)
6956{
6957 return ataR3AllAsyncIOIsIdle(pDevIns);
6958}
6959
6960
6961/**
6962 * Common worker for ataSuspend and ataR3PowerOff.
6963 */
6964static void ataR3SuspendOrPowerOff(PPDMDEVINS pDevIns)
6965{
6966 if (!ataR3AllAsyncIOIsIdle(pDevIns))
6967 PDMDevHlpSetAsyncNotification(pDevIns, ataR3IsAsyncSuspendOrPowerOffDone);
6968}
6969
6970
6971/**
6972 * Power Off notification.
6973 *
6974 * @returns VBox status code.
6975 * @param pDevIns The device instance data.
6976 */
6977static DECLCALLBACK(void) ataR3PowerOff(PPDMDEVINS pDevIns)
6978{
6979 Log(("%s:\n", __FUNCTION__));
6980 ataR3SuspendOrPowerOff(pDevIns);
6981}
6982
6983
6984/**
6985 * Suspend notification.
6986 *
6987 * @returns VBox status code.
6988 * @param pDevIns The device instance data.
6989 */
6990static DECLCALLBACK(void) ataR3Suspend(PPDMDEVINS pDevIns)
6991{
6992 Log(("%s:\n", __FUNCTION__));
6993 ataR3SuspendOrPowerOff(pDevIns);
6994}
6995
6996
6997/**
6998 * Callback employed by ataR3Reset.
6999 *
7000 * @returns true if we've quiesced, false if we're still working.
7001 * @param pDevIns The device instance.
7002 */
7003static DECLCALLBACK(bool) ataR3IsAsyncResetDone(PPDMDEVINS pDevIns)
7004{
7005 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
7006
7007 if (!ataR3AllAsyncIOIsIdle(pDevIns))
7008 return false;
7009
7010 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
7011 {
7012 PDMCritSectEnter(&pThis->aCts[i].lock, VERR_INTERNAL_ERROR);
7013 for (uint32_t j = 0; j < RT_ELEMENTS(pThis->aCts[i].aIfs); j++)
7014 ataR3ResetDevice(&pThis->aCts[i].aIfs[j]);
7015 PDMCritSectLeave(&pThis->aCts[i].lock);
7016 }
7017 return true;
7018}
7019
7020
7021/**
7022 * Common reset worker for ataR3Reset and ataR3Construct.
7023 *
7024 * @returns VBox status code.
7025 * @param pDevIns The device instance data.
7026 * @param fConstruct Indicates who is calling.
7027 */
7028static int ataR3ResetCommon(PPDMDEVINS pDevIns, bool fConstruct)
7029{
7030 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
7031
7032 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
7033 {
7034 PDMCritSectEnter(&pThis->aCts[i].lock, VERR_INTERNAL_ERROR);
7035
7036 pThis->aCts[i].iSelectedIf = 0;
7037 pThis->aCts[i].iAIOIf = 0;
7038 pThis->aCts[i].BmDma.u8Cmd = 0;
7039 /* Report that both drives present on the bus are in DMA mode. This
7040 * pretends that there is a BIOS that has set it up. Normal reset
7041 * default is 0x00. */
7042 pThis->aCts[i].BmDma.u8Status = (pThis->aCts[i].aIfs[0].pDrvBase != NULL ? BM_STATUS_D0DMA : 0)
7043 | (pThis->aCts[i].aIfs[1].pDrvBase != NULL ? BM_STATUS_D1DMA : 0);
7044 pThis->aCts[i].BmDma.GCPhysAddr = 0;
7045
7046 pThis->aCts[i].fReset = true;
7047 pThis->aCts[i].fRedo = false;
7048 pThis->aCts[i].fRedoIdle = false;
7049 ataR3AsyncIOClearRequests(&pThis->aCts[i]);
7050 Log2(("%s: Ctl#%d: message to async I/O thread, reset controller\n", __FUNCTION__, i));
7051 ataHCAsyncIOPutRequest(&pThis->aCts[i], &g_ataResetARequest);
7052 ataHCAsyncIOPutRequest(&pThis->aCts[i], &g_ataResetCRequest);
7053
7054 PDMCritSectLeave(&pThis->aCts[i].lock);
7055 }
7056
7057 int rcRet = VINF_SUCCESS;
7058 if (!fConstruct)
7059 {
7060 /*
7061 * Setup asynchronous notification completion if the requests haven't
7062 * completed yet.
7063 */
7064 if (!ataR3IsAsyncResetDone(pDevIns))
7065 PDMDevHlpSetAsyncNotification(pDevIns, ataR3IsAsyncResetDone);
7066 }
7067 else
7068 {
7069 /*
7070 * Wait for the requests for complete.
7071 *
7072 * Would be real nice if we could do it all from EMT(0) and not
7073 * involve the worker threads, then we could dispense with all the
7074 * waiting and semaphore ping-pong here...
7075 */
7076 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
7077 {
7078 if (pThis->aCts[i].AsyncIOThread != NIL_RTTHREAD)
7079 {
7080 int rc = PDMCritSectEnter(&pThis->aCts[i].AsyncIORequestLock, VERR_IGNORED);
7081 AssertRC(rc);
7082
7083 ASMAtomicWriteBool(&pThis->aCts[i].fSignalIdle, true);
7084 rc = RTThreadUserReset(pThis->aCts[i].AsyncIOThread);
7085 AssertRC(rc);
7086
7087 rc = PDMCritSectLeave(&pThis->aCts[i].AsyncIORequestLock);
7088 AssertRC(rc);
7089
7090 if (!ataR3AsyncIOIsIdle(&pThis->aCts[i], false /*fStrict*/))
7091 {
7092 rc = RTThreadUserWait(pThis->aCts[i].AsyncIOThread, 30*1000 /*ms*/);
7093 if (RT_FAILURE(rc))
7094 rc = RTThreadUserWait(pThis->aCts[i].AsyncIOThread, 1000 /*ms*/);
7095 if (RT_FAILURE(rc))
7096 {
7097 AssertRC(rc);
7098 rcRet = rc;
7099 }
7100 }
7101 }
7102 ASMAtomicWriteBool(&pThis->aCts[i].fSignalIdle, false);
7103 }
7104 if (RT_SUCCESS(rcRet))
7105 {
7106 rcRet = ataR3IsAsyncResetDone(pDevIns) ? VINF_SUCCESS : VERR_INTERNAL_ERROR;
7107 AssertRC(rcRet);
7108 }
7109 }
7110 return rcRet;
7111}
7112
7113/**
7114 * Reset notification.
7115 *
7116 * @param pDevIns The device instance data.
7117 */
7118static DECLCALLBACK(void) ataR3Reset(PPDMDEVINS pDevIns)
7119{
7120 ataR3ResetCommon(pDevIns, false /*fConstruct*/);
7121}
7122
7123/**
7124 * @copydoc FNPDMDEVRELOCATE
7125 */
7126static DECLCALLBACK(void) ataR3Relocate(PPDMDEVINS pDevIns, RTGCINTPTR offDelta)
7127{
7128 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
7129
7130 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
7131 {
7132 pThis->aCts[i].pDevInsRC += offDelta;
7133 pThis->aCts[i].aIfs[0].pDevInsRC += offDelta;
7134 pThis->aCts[i].aIfs[0].pControllerRC += offDelta;
7135 ataR3RelocBuffer(pDevIns, &pThis->aCts[i].aIfs[0]);
7136 pThis->aCts[i].aIfs[1].pDevInsRC += offDelta;
7137 pThis->aCts[i].aIfs[1].pControllerRC += offDelta;
7138 ataR3RelocBuffer(pDevIns, &pThis->aCts[i].aIfs[1]);
7139 }
7140}
7141
7142/**
7143 * Destroy a driver instance.
7144 *
7145 * Most VM resources are freed by the VM. This callback is provided so that any non-VM
7146 * resources can be freed correctly.
7147 *
7148 * @param pDevIns The device instance data.
7149 */
7150static DECLCALLBACK(int) ataR3Destruct(PPDMDEVINS pDevIns)
7151{
7152 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
7153 int rc;
7154
7155 Log(("ataR3Destruct\n"));
7156 PDMDEV_CHECK_VERSIONS_RETURN_QUIET(pDevIns);
7157
7158 /*
7159 * Tell the async I/O threads to terminate.
7160 */
7161 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
7162 {
7163 if (pThis->aCts[i].AsyncIOThread != NIL_RTTHREAD)
7164 {
7165 ASMAtomicWriteU32(&pThis->aCts[i].fShutdown, true);
7166 rc = SUPSemEventSignal(pThis->aCts[i].pSupDrvSession, pThis->aCts[i].hAsyncIOSem);
7167 AssertRC(rc);
7168 rc = RTSemEventSignal(pThis->aCts[i].SuspendIOSem);
7169 AssertRC(rc);
7170 }
7171 }
7172
7173 /*
7174 * Wait for the threads to terminate before destroying their resources.
7175 */
7176 for (unsigned i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
7177 {
7178 if (pThis->aCts[i].AsyncIOThread != NIL_RTTHREAD)
7179 {
7180 rc = RTThreadWait(pThis->aCts[i].AsyncIOThread, 30000 /* 30 s*/, NULL);
7181 if (RT_SUCCESS(rc))
7182 pThis->aCts[i].AsyncIOThread = NIL_RTTHREAD;
7183 else
7184 LogRel(("PIIX3 ATA Dtor: Ctl#%u is still executing, DevSel=%d AIOIf=%d CmdIf0=%#04x CmdIf1=%#04x rc=%Rrc\n",
7185 i, pThis->aCts[i].iSelectedIf, pThis->aCts[i].iAIOIf,
7186 pThis->aCts[i].aIfs[0].uATARegCommand, pThis->aCts[i].aIfs[1].uATARegCommand, rc));
7187 }
7188 }
7189
7190 /*
7191 * Free resources.
7192 */
7193 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
7194 {
7195 if (PDMCritSectIsInitialized(&pThis->aCts[i].AsyncIORequestLock))
7196 PDMR3CritSectDelete(&pThis->aCts[i].AsyncIORequestLock);
7197 if (pThis->aCts[i].hAsyncIOSem != NIL_SUPSEMEVENT)
7198 {
7199 SUPSemEventClose(pThis->aCts[i].pSupDrvSession, pThis->aCts[i].hAsyncIOSem);
7200 pThis->aCts[i].hAsyncIOSem = NIL_SUPSEMEVENT;
7201 }
7202 if (pThis->aCts[i].SuspendIOSem != NIL_RTSEMEVENT)
7203 {
7204 RTSemEventDestroy(pThis->aCts[i].SuspendIOSem);
7205 pThis->aCts[i].SuspendIOSem = NIL_RTSEMEVENT;
7206 }
7207
7208 /* try one final time */
7209 if (pThis->aCts[i].AsyncIOThread != NIL_RTTHREAD)
7210 {
7211 rc = RTThreadWait(pThis->aCts[i].AsyncIOThread, 1 /*ms*/, NULL);
7212 if (RT_SUCCESS(rc))
7213 {
7214 pThis->aCts[i].AsyncIOThread = NIL_RTTHREAD;
7215 LogRel(("PIIX3 ATA Dtor: Ctl#%u actually completed.\n", i));
7216 }
7217 }
7218
7219 for (uint32_t iIf = 0; iIf < RT_ELEMENTS(pThis->aCts[i].aIfs); iIf++)
7220 {
7221 if (pThis->aCts[i].aIfs[iIf].pTrackList)
7222 {
7223 ATAPIPassthroughTrackListDestroy(pThis->aCts[i].aIfs[iIf].pTrackList);
7224 pThis->aCts[i].aIfs[iIf].pTrackList = NULL;
7225 }
7226 }
7227 }
7228
7229 return VINF_SUCCESS;
7230}
7231
7232/**
7233 * Convert config value to DEVPCBIOSBOOT.
7234 *
7235 * @returns VBox status code.
7236 * @param pDevIns The device instance data.
7237 * @param pCfg Configuration handle.
7238 * @param penmChipset Where to store the chipset type.
7239 */
7240static int ataR3ControllerFromCfg(PPDMDEVINS pDevIns, PCFGMNODE pCfg, CHIPSET *penmChipset)
7241{
7242 char szType[20];
7243
7244 int rc = CFGMR3QueryStringDef(pCfg, "Type", &szType[0], sizeof(szType), "PIIX4");
7245 if (RT_FAILURE(rc))
7246 return PDMDevHlpVMSetError(pDevIns, rc, RT_SRC_POS,
7247 N_("Configuration error: Querying \"Type\" as a string failed"));
7248 if (!strcmp(szType, "PIIX3"))
7249 *penmChipset = CHIPSET_PIIX3;
7250 else if (!strcmp(szType, "PIIX4"))
7251 *penmChipset = CHIPSET_PIIX4;
7252 else if (!strcmp(szType, "ICH6"))
7253 *penmChipset = CHIPSET_ICH6;
7254 else
7255 {
7256 PDMDevHlpVMSetError(pDevIns, rc, RT_SRC_POS,
7257 N_("Configuration error: The \"Type\" value \"%s\" is unknown"),
7258 szType);
7259 rc = VERR_INTERNAL_ERROR;
7260 }
7261 return rc;
7262}
7263
7264/**
7265 * @interface_method_impl{PDMDEVREG,pfnConstruct}
7266 */
7267static DECLCALLBACK(int) ataR3Construct(PPDMDEVINS pDevIns, int iInstance, PCFGMNODE pCfg)
7268{
7269 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
7270 PPDMIBASE pBase;
7271 int rc;
7272 bool fRCEnabled;
7273 bool fR0Enabled;
7274 uint32_t DelayIRQMillies;
7275
7276 Assert(iInstance == 0);
7277 PDMDEV_CHECK_VERSIONS_RETURN(pDevIns);
7278
7279 /*
7280 * Initialize NIL handle values (for the destructor).
7281 */
7282 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
7283 {
7284 pThis->aCts[i].hAsyncIOSem = NIL_SUPSEMEVENT;
7285 pThis->aCts[i].SuspendIOSem = NIL_RTSEMEVENT;
7286 pThis->aCts[i].AsyncIOThread = NIL_RTTHREAD;
7287 }
7288
7289 /*
7290 * Validate and read configuration.
7291 */
7292 if (!CFGMR3AreValuesValid(pCfg,
7293 "GCEnabled\0"
7294 "R0Enabled\0"
7295 "IRQDelay\0"
7296 "Type\0")
7297 /** @todo || invalid keys */)
7298 return PDMDEV_SET_ERROR(pDevIns, VERR_PDM_DEVINS_UNKNOWN_CFG_VALUES,
7299 N_("PIIX3 configuration error: unknown option specified"));
7300
7301 rc = CFGMR3QueryBoolDef(pCfg, "GCEnabled", &fRCEnabled, true);
7302 if (RT_FAILURE(rc))
7303 return PDMDEV_SET_ERROR(pDevIns, rc,
7304 N_("PIIX3 configuration error: failed to read GCEnabled as boolean"));
7305 Log(("%s: fRCEnabled=%d\n", __FUNCTION__, fRCEnabled));
7306
7307 rc = CFGMR3QueryBoolDef(pCfg, "R0Enabled", &fR0Enabled, true);
7308 if (RT_FAILURE(rc))
7309 return PDMDEV_SET_ERROR(pDevIns, rc,
7310 N_("PIIX3 configuration error: failed to read R0Enabled as boolean"));
7311 Log(("%s: fR0Enabled=%d\n", __FUNCTION__, fR0Enabled));
7312
7313 rc = CFGMR3QueryU32Def(pCfg, "IRQDelay", &DelayIRQMillies, 0);
7314 if (RT_FAILURE(rc))
7315 return PDMDEV_SET_ERROR(pDevIns, rc,
7316 N_("PIIX3 configuration error: failed to read IRQDelay as integer"));
7317 Log(("%s: DelayIRQMillies=%d\n", __FUNCTION__, DelayIRQMillies));
7318 Assert(DelayIRQMillies < 50);
7319
7320 CHIPSET enmChipset = CHIPSET_PIIX3;
7321 rc = ataR3ControllerFromCfg(pDevIns, pCfg, &enmChipset);
7322 if (RT_FAILURE(rc))
7323 return rc;
7324 pThis->u8Type = (uint8_t)enmChipset;
7325
7326 /*
7327 * Initialize data (most of it anyway).
7328 */
7329 /* Status LUN. */
7330 pThis->IBase.pfnQueryInterface = ataR3Status_QueryInterface;
7331 pThis->ILeds.pfnQueryStatusLed = ataR3Status_QueryStatusLed;
7332
7333 /* PCI configuration space. */
7334 PCIDevSetVendorId(&pThis->dev, 0x8086); /* Intel */
7335
7336 /*
7337 * When adding more IDE chipsets, don't forget to update pci_bios_init_device()
7338 * as it explicitly checks for PCI id for IDE controllers.
7339 */
7340 switch (pThis->u8Type)
7341 {
7342 case CHIPSET_ICH6:
7343 PCIDevSetDeviceId(&pThis->dev, 0x269e); /* ICH6 IDE */
7344 /** @todo do we need it? Do we need anything else? */
7345 pThis->dev.abConfig[0x48] = 0x00; /* UDMACTL */
7346 pThis->dev.abConfig[0x4A] = 0x00; /* UDMATIM */
7347 pThis->dev.abConfig[0x4B] = 0x00;
7348 {
7349 /*
7350 * See www.intel.com/Assets/PDF/manual/298600.pdf p. 30
7351 * Report
7352 * WR_Ping-Pong_EN: must be set
7353 * PCR0, PCR1: 80-pin primary cable reporting for both disks
7354 * SCR0, SCR1: 80-pin secondary cable reporting for both disks
7355 */
7356 uint16_t u16Config = (1<<10) | (1<<7) | (1<<6) | (1<<5) | (1<<4) ;
7357 pThis->dev.abConfig[0x54] = u16Config & 0xff;
7358 pThis->dev.abConfig[0x55] = u16Config >> 8;
7359 }
7360 break;
7361 case CHIPSET_PIIX4:
7362 PCIDevSetDeviceId(&pThis->dev, 0x7111); /* PIIX4 IDE */
7363 PCIDevSetRevisionId(&pThis->dev, 0x01); /* PIIX4E */
7364 pThis->dev.abConfig[0x48] = 0x00; /* UDMACTL */
7365 pThis->dev.abConfig[0x4A] = 0x00; /* UDMATIM */
7366 pThis->dev.abConfig[0x4B] = 0x00;
7367 break;
7368 case CHIPSET_PIIX3:
7369 PCIDevSetDeviceId(&pThis->dev, 0x7010); /* PIIX3 IDE */
7370 break;
7371 default:
7372 AssertMsgFailed(("Unsupported IDE chipset type: %d\n", pThis->u8Type));
7373 }
7374
7375 /** @todo
7376 * This is the job of the BIOS / EFI!
7377 *
7378 * The same is done in DevPCI.cpp / pci_bios_init_device() but there is no
7379 * corresponding function in DevPciIch9.cpp. The EFI has corresponding code
7380 * in OvmfPkg/Library/PlatformBdsLib/BdsPlatform.c: NotifyDev() but this
7381 * function assumes that the IDE controller is located at PCI 00:01.1 which
7382 * is not true if the ICH9 chipset is used.
7383 */
7384 PCIDevSetWord(&pThis->dev, 0x40, 0x8000); /* enable IDE0 */
7385 PCIDevSetWord(&pThis->dev, 0x42, 0x8000); /* enable IDE1 */
7386
7387 PCIDevSetCommand( &pThis->dev, PCI_COMMAND_IOACCESS | PCI_COMMAND_MEMACCESS | PCI_COMMAND_BUSMASTER);
7388 PCIDevSetClassProg( &pThis->dev, 0x8a); /* programming interface = PCI_IDE bus master is supported */
7389 PCIDevSetClassSub( &pThis->dev, 0x01); /* class_sub = PCI_IDE */
7390 PCIDevSetClassBase( &pThis->dev, 0x01); /* class_base = PCI_mass_storage */
7391 PCIDevSetHeaderType(&pThis->dev, 0x00);
7392
7393 pThis->pDevIns = pDevIns;
7394 pThis->fRCEnabled = fRCEnabled;
7395 pThis->fR0Enabled = fR0Enabled;
7396 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
7397 {
7398 pThis->aCts[i].pDevInsR3 = pDevIns;
7399 pThis->aCts[i].pDevInsR0 = PDMDEVINS_2_R0PTR(pDevIns);
7400 pThis->aCts[i].pDevInsRC = PDMDEVINS_2_RCPTR(pDevIns);
7401 pThis->aCts[i].DelayIRQMillies = (uint32_t)DelayIRQMillies;
7402 for (uint32_t j = 0; j < RT_ELEMENTS(pThis->aCts[i].aIfs); j++)
7403 {
7404 ATADevState *pIf = &pThis->aCts[i].aIfs[j];
7405
7406 pIf->iLUN = i * RT_ELEMENTS(pThis->aCts) + j;
7407 pIf->pDevInsR3 = pDevIns;
7408 pIf->pDevInsR0 = PDMDEVINS_2_R0PTR(pDevIns);
7409 pIf->pDevInsRC = PDMDEVINS_2_RCPTR(pDevIns);
7410 pIf->pControllerR3 = &pThis->aCts[i];
7411 pIf->pControllerR0 = MMHyperR3ToR0(PDMDevHlpGetVM(pDevIns), &pThis->aCts[i]);
7412 pIf->pControllerRC = MMHyperR3ToRC(PDMDevHlpGetVM(pDevIns), &pThis->aCts[i]);
7413 pIf->IBase.pfnQueryInterface = ataR3QueryInterface;
7414 pIf->IMountNotify.pfnMountNotify = ataR3MountNotify;
7415 pIf->IMountNotify.pfnUnmountNotify = ataR3UnmountNotify;
7416 pIf->IPort.pfnQueryDeviceLocation = ataR3QueryDeviceLocation;
7417 pIf->Led.u32Magic = PDMLED_MAGIC;
7418 }
7419 }
7420
7421 Assert(RT_ELEMENTS(pThis->aCts) == 2);
7422 pThis->aCts[0].irq = 14;
7423 pThis->aCts[0].IOPortBase1 = 0x1f0;
7424 pThis->aCts[0].IOPortBase2 = 0x3f6;
7425 pThis->aCts[1].irq = 15;
7426 pThis->aCts[1].IOPortBase1 = 0x170;
7427 pThis->aCts[1].IOPortBase2 = 0x376;
7428
7429 /*
7430 * Set the default critical section to NOP as we lock on controller level.
7431 */
7432 rc = PDMDevHlpSetDeviceCritSect(pDevIns, PDMDevHlpCritSectGetNop(pDevIns));
7433 AssertRCReturn(rc, rc);
7434
7435 /*
7436 * Register the PCI device.
7437 */
7438 rc = PDMDevHlpPCIRegisterEx(pDevIns, &pThis->dev, PDMPCIDEVREG_CFG_PRIMARY, PDMPCIDEVREG_F_NOT_MANDATORY_NO,
7439 1 /*uPciDevNo*/, 1 /*uPciDevFn*/, "piix3ide");
7440 if (RT_FAILURE(rc))
7441 return PDMDEV_SET_ERROR(pDevIns, rc, N_("PIIX3 cannot register PCI device"));
7442 rc = PDMDevHlpPCIIORegionRegister(pDevIns, 4, 0x10, PCI_ADDRESS_SPACE_IO, ataR3BMDMAIORangeMap);
7443 if (RT_FAILURE(rc))
7444 return PDMDEV_SET_ERROR(pDevIns, rc, N_("PIIX3 cannot register PCI I/O region for BMDMA"));
7445
7446 /*
7447 * Register the I/O ports.
7448 * The ports are all hardcoded and enforced by the PIIX3 host bridge controller.
7449 */
7450 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
7451 {
7452 rc = PDMDevHlpIOPortRegister(pDevIns, pThis->aCts[i].IOPortBase1, 1, (RTHCPTR)(uintptr_t)i,
7453 ataIOPortWrite1Data, ataIOPortRead1Data,
7454 ataIOPortWriteStr1Data, ataIOPortReadStr1Data, "ATA I/O Base 1 - Data");
7455 AssertLogRelRCReturn(rc, rc);
7456 rc = PDMDevHlpIOPortRegister(pDevIns, pThis->aCts[i].IOPortBase1 + 1, 7, (RTHCPTR)(uintptr_t)i,
7457 ataIOPortWrite1Other, ataIOPortRead1Other, NULL, NULL, "ATA I/O Base 1 - Other");
7458
7459 AssertLogRelRCReturn(rc, rc);
7460 if (fRCEnabled)
7461 {
7462 rc = PDMDevHlpIOPortRegisterRC(pDevIns, pThis->aCts[i].IOPortBase1, 1, (RTGCPTR)i,
7463 "ataIOPortWrite1Data", "ataIOPortRead1Data",
7464 "ataIOPortWriteStr1Data", "ataIOPortReadStr1Data", "ATA I/O Base 1 - Data");
7465 AssertLogRelRCReturn(rc, rc);
7466 rc = PDMDevHlpIOPortRegisterRC(pDevIns, pThis->aCts[i].IOPortBase1 + 1, 7, (RTGCPTR)i,
7467 "ataIOPortWrite1Other", "ataIOPortRead1Other", NULL, NULL, "ATA I/O Base 1 - Other");
7468 AssertLogRelRCReturn(rc, rc);
7469 }
7470
7471 if (fR0Enabled)
7472 {
7473#if 0
7474 rc = PDMDevHlpIOPortRegisterR0(pDevIns, pThis->aCts[i].IOPortBase1, 1, (RTR0PTR)i,
7475 "ataIOPortWrite1Data", "ataIOPortRead1Data", NULL, NULL, "ATA I/O Base 1 - Data");
7476#else
7477 rc = PDMDevHlpIOPortRegisterR0(pDevIns, pThis->aCts[i].IOPortBase1, 1, (RTR0PTR)i,
7478 "ataIOPortWrite1Data", "ataIOPortRead1Data",
7479 "ataIOPortWriteStr1Data", "ataIOPortReadStr1Data", "ATA I/O Base 1 - Data");
7480#endif
7481 AssertLogRelRCReturn(rc, rc);
7482 rc = PDMDevHlpIOPortRegisterR0(pDevIns, pThis->aCts[i].IOPortBase1 + 1, 7, (RTR0PTR)i,
7483 "ataIOPortWrite1Other", "ataIOPortRead1Other", NULL, NULL, "ATA I/O Base 1 - Other");
7484 AssertLogRelRCReturn(rc, rc);
7485 }
7486
7487 rc = PDMDevHlpIOPortRegister(pDevIns, pThis->aCts[i].IOPortBase2, 1, (RTHCPTR)(uintptr_t)i,
7488 ataIOPortWrite2, ataIOPortRead2, NULL, NULL, "ATA I/O Base 2");
7489 if (RT_FAILURE(rc))
7490 return PDMDEV_SET_ERROR(pDevIns, rc, N_("PIIX3 cannot register base2 I/O handlers"));
7491
7492 if (fRCEnabled)
7493 {
7494 rc = PDMDevHlpIOPortRegisterRC(pDevIns, pThis->aCts[i].IOPortBase2, 1, (RTGCPTR)i,
7495 "ataIOPortWrite2", "ataIOPortRead2", NULL, NULL, "ATA I/O Base 2");
7496 if (RT_FAILURE(rc))
7497 return PDMDEV_SET_ERROR(pDevIns, rc, N_("PIIX3 cannot register base2 I/O handlers (GC)"));
7498 }
7499 if (fR0Enabled)
7500 {
7501 rc = PDMDevHlpIOPortRegisterR0(pDevIns, pThis->aCts[i].IOPortBase2, 1, (RTR0PTR)i,
7502 "ataIOPortWrite2", "ataIOPortRead2", NULL, NULL, "ATA I/O Base 2");
7503 if (RT_FAILURE(rc))
7504 return PDMDEV_SET_ERROR(pDevIns, rc, N_("PIIX3 cannot register base2 I/O handlers (R0)"));
7505 }
7506
7507 for (uint32_t j = 0; j < RT_ELEMENTS(pThis->aCts[i].aIfs); j++)
7508 {
7509 ATADevState *pIf = &pThis->aCts[i].aIfs[j];
7510 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatATADMA, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_OCCURENCES,
7511 "Number of ATA DMA transfers.", "/Devices/IDE%d/ATA%d/Unit%d/DMA", iInstance, i, j);
7512 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatATAPIO, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_OCCURENCES,
7513 "Number of ATA PIO transfers.", "/Devices/IDE%d/ATA%d/Unit%d/PIO", iInstance, i, j);
7514 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatATAPIDMA, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_OCCURENCES,
7515 "Number of ATAPI DMA transfers.", "/Devices/IDE%d/ATA%d/Unit%d/AtapiDMA", iInstance, i, j);
7516 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatATAPIPIO, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_OCCURENCES,
7517 "Number of ATAPI PIO transfers.", "/Devices/IDE%d/ATA%d/Unit%d/AtapiPIO", iInstance, i, j);
7518#ifdef VBOX_WITH_STATISTICS /** @todo release too. */
7519 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatReads, STAMTYPE_PROFILE_ADV, STAMVISIBILITY_ALWAYS, STAMUNIT_TICKS_PER_CALL,
7520 "Profiling of the read operations.", "/Devices/IDE%d/ATA%d/Unit%d/Reads", iInstance, i, j);
7521#endif
7522 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatBytesRead, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_BYTES,
7523 "Amount of data read.", "/Devices/IDE%d/ATA%d/Unit%d/ReadBytes", iInstance, i, j);
7524#ifdef VBOX_INSTRUMENT_DMA_WRITES
7525 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatInstrVDWrites,STAMTYPE_PROFILE_ADV, STAMVISIBILITY_ALWAYS, STAMUNIT_TICKS_PER_CALL,
7526 "Profiling of the VD DMA write operations.", "/Devices/IDE%d/ATA%d/Unit%d/InstrVDWrites", iInstance, i, j);
7527#endif
7528#ifdef VBOX_WITH_STATISTICS
7529 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatWrites, STAMTYPE_PROFILE_ADV, STAMVISIBILITY_ALWAYS, STAMUNIT_TICKS_PER_CALL,
7530 "Profiling of the write operations.", "/Devices/IDE%d/ATA%d/Unit%d/Writes", iInstance, i, j);
7531#endif
7532 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatBytesWritten, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_BYTES,
7533 "Amount of data written.", "/Devices/IDE%d/ATA%d/Unit%d/WrittenBytes", iInstance, i, j);
7534#ifdef VBOX_WITH_STATISTICS
7535 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatFlushes, STAMTYPE_PROFILE, STAMVISIBILITY_ALWAYS, STAMUNIT_TICKS_PER_CALL,
7536 "Profiling of the flush operations.", "/Devices/IDE%d/ATA%d/Unit%d/Flushes", iInstance, i, j);
7537#endif
7538 }
7539#ifdef VBOX_WITH_STATISTICS /** @todo release too. */
7540 PDMDevHlpSTAMRegisterF(pDevIns, &pThis->aCts[i].StatAsyncOps, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_OCCURENCES,
7541 "The number of async operations.", "/Devices/IDE%d/ATA%d/Async/Operations", iInstance, i);
7542 /** @todo STAMUNIT_MICROSECS */
7543 PDMDevHlpSTAMRegisterF(pDevIns, &pThis->aCts[i].StatAsyncMinWait, STAMTYPE_U64_RESET, STAMVISIBILITY_ALWAYS, STAMUNIT_NONE,
7544 "Minimum wait in microseconds.", "/Devices/IDE%d/ATA%d/Async/MinWait", iInstance, i);
7545 PDMDevHlpSTAMRegisterF(pDevIns, &pThis->aCts[i].StatAsyncMaxWait, STAMTYPE_U64_RESET, STAMVISIBILITY_ALWAYS, STAMUNIT_NONE,
7546 "Maximum wait in microseconds.", "/Devices/IDE%d/ATA%d/Async/MaxWait", iInstance, i);
7547 PDMDevHlpSTAMRegisterF(pDevIns, &pThis->aCts[i].StatAsyncTimeUS, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_NONE,
7548 "Total time spent in microseconds.", "/Devices/IDE%d/ATA%d/Async/TotalTimeUS", iInstance, i);
7549 PDMDevHlpSTAMRegisterF(pDevIns, &pThis->aCts[i].StatAsyncTime, STAMTYPE_PROFILE_ADV, STAMVISIBILITY_ALWAYS, STAMUNIT_TICKS_PER_CALL,
7550 "Profiling of async operations.", "/Devices/IDE%d/ATA%d/Async/Time", iInstance, i);
7551 PDMDevHlpSTAMRegisterF(pDevIns, &pThis->aCts[i].StatLockWait, STAMTYPE_PROFILE, STAMVISIBILITY_ALWAYS, STAMUNIT_TICKS_PER_CALL,
7552 "Profiling of locks.", "/Devices/IDE%d/ATA%d/Async/LockWait", iInstance, i);
7553#endif /* VBOX_WITH_STATISTICS */
7554
7555 /* Initialize per-controller critical section. */
7556 rc = PDMDevHlpCritSectInit(pDevIns, &pThis->aCts[i].lock, RT_SRC_POS, "ATA#%u-Ctl", i);
7557 AssertLogRelRCReturn(rc, rc);
7558
7559 /* Initialize per-controller async I/O request critical section. */
7560 rc = PDMDevHlpCritSectInit(pDevIns, &pThis->aCts[i].AsyncIORequestLock, RT_SRC_POS, "ATA#%u-Req", i);
7561 AssertLogRelRCReturn(rc, rc);
7562 }
7563
7564 /*
7565 * Attach status driver (optional).
7566 */
7567 rc = PDMDevHlpDriverAttach(pDevIns, PDM_STATUS_LUN, &pThis->IBase, &pBase, "Status Port");
7568 if (RT_SUCCESS(rc))
7569 {
7570 pThis->pLedsConnector = PDMIBASE_QUERY_INTERFACE(pBase, PDMILEDCONNECTORS);
7571 pThis->pMediaNotify = PDMIBASE_QUERY_INTERFACE(pBase, PDMIMEDIANOTIFY);
7572 }
7573 else if (rc != VERR_PDM_NO_ATTACHED_DRIVER)
7574 {
7575 AssertMsgFailed(("Failed to attach to status driver. rc=%Rrc\n", rc));
7576 return PDMDEV_SET_ERROR(pDevIns, rc, N_("PIIX3 cannot attach to status driver"));
7577 }
7578
7579 /*
7580 * Attach the units.
7581 */
7582 uint32_t cbTotalBuffer = 0;
7583 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
7584 {
7585 PATACONTROLLER pCtl = &pThis->aCts[i];
7586
7587 /*
7588 * Start the worker thread.
7589 */
7590 pCtl->uAsyncIOState = ATA_AIO_NEW;
7591 pCtl->pSupDrvSession = PDMDevHlpGetSupDrvSession(pDevIns);
7592 rc = SUPSemEventCreate(pCtl->pSupDrvSession, &pCtl->hAsyncIOSem);
7593 AssertLogRelRCReturn(rc, rc);
7594 rc = RTSemEventCreate(&pCtl->SuspendIOSem);
7595 AssertLogRelRCReturn(rc, rc);
7596
7597 ataR3AsyncIOClearRequests(pCtl);
7598 rc = RTThreadCreateF(&pCtl->AsyncIOThread, ataR3AsyncIOThread, (void *)pCtl, 128*1024 /*cbStack*/,
7599 RTTHREADTYPE_IO, RTTHREADFLAGS_WAITABLE, "ATA-%u", i);
7600 AssertLogRelRCReturn(rc, rc);
7601 Assert( pCtl->AsyncIOThread != NIL_RTTHREAD && pCtl->hAsyncIOSem != NIL_SUPSEMEVENT
7602 && pCtl->SuspendIOSem != NIL_RTSEMEVENT && PDMCritSectIsInitialized(&pCtl->AsyncIORequestLock));
7603 Log(("%s: controller %d AIO thread id %#x; sem %p susp_sem %p\n", __FUNCTION__, i, pCtl->AsyncIOThread, pCtl->hAsyncIOSem, pCtl->SuspendIOSem));
7604
7605 for (uint32_t j = 0; j < RT_ELEMENTS(pCtl->aIfs); j++)
7606 {
7607 static const char *s_apszDescs[RT_ELEMENTS(pThis->aCts)][RT_ELEMENTS(pCtl->aIfs)] =
7608 {
7609 { "Primary Master", "Primary Slave" },
7610 { "Secondary Master", "Secondary Slave" }
7611 };
7612
7613 /*
7614 * Try attach the block device and get the interfaces,
7615 * required as well as optional.
7616 */
7617 ATADevState *pIf = &pCtl->aIfs[j];
7618
7619 rc = PDMDevHlpDriverAttach(pDevIns, pIf->iLUN, &pIf->IBase, &pIf->pDrvBase, s_apszDescs[i][j]);
7620 if (RT_SUCCESS(rc))
7621 {
7622 rc = ataR3ConfigLun(pDevIns, pIf);
7623 if (RT_SUCCESS(rc))
7624 {
7625 /*
7626 * Init vendor product data.
7627 */
7628 static const char *s_apszCFGMKeys[RT_ELEMENTS(pThis->aCts)][RT_ELEMENTS(pCtl->aIfs)] =
7629 {
7630 { "PrimaryMaster", "PrimarySlave" },
7631 { "SecondaryMaster", "SecondarySlave" }
7632 };
7633
7634 /* Generate a default serial number. */
7635 char szSerial[ATA_SERIAL_NUMBER_LENGTH+1];
7636 RTUUID Uuid;
7637 if (pIf->pDrvMedia)
7638 rc = pIf->pDrvMedia->pfnGetUuid(pIf->pDrvMedia, &Uuid);
7639 else
7640 RTUuidClear(&Uuid);
7641
7642 if (RT_FAILURE(rc) || RTUuidIsNull(&Uuid))
7643 {
7644 /* Generate a predictable serial for drives which don't have a UUID. */
7645 RTStrPrintf(szSerial, sizeof(szSerial), "VB%x-%04x%04x",
7646 pIf->iLUN + pDevIns->iInstance * 32,
7647 pThis->aCts[i].IOPortBase1, pThis->aCts[i].IOPortBase2);
7648 }
7649 else
7650 RTStrPrintf(szSerial, sizeof(szSerial), "VB%08x-%08x", Uuid.au32[0], Uuid.au32[3]);
7651
7652 /* Get user config if present using defaults otherwise. */
7653 PCFGMNODE pCfgNode = CFGMR3GetChild(pCfg, s_apszCFGMKeys[i][j]);
7654 rc = CFGMR3QueryStringDef(pCfgNode, "SerialNumber", pIf->szSerialNumber, sizeof(pIf->szSerialNumber),
7655 szSerial);
7656 if (RT_FAILURE(rc))
7657 {
7658 if (rc == VERR_CFGM_NOT_ENOUGH_SPACE)
7659 return PDMDEV_SET_ERROR(pDevIns, VERR_INVALID_PARAMETER,
7660 N_("PIIX3 configuration error: \"SerialNumber\" is longer than 20 bytes"));
7661 return PDMDEV_SET_ERROR(pDevIns, rc,
7662 N_("PIIX3 configuration error: failed to read \"SerialNumber\" as string"));
7663 }
7664
7665 rc = CFGMR3QueryStringDef(pCfgNode, "FirmwareRevision", pIf->szFirmwareRevision, sizeof(pIf->szFirmwareRevision),
7666 "1.0");
7667 if (RT_FAILURE(rc))
7668 {
7669 if (rc == VERR_CFGM_NOT_ENOUGH_SPACE)
7670 return PDMDEV_SET_ERROR(pDevIns, VERR_INVALID_PARAMETER,
7671 N_("PIIX3 configuration error: \"FirmwareRevision\" is longer than 8 bytes"));
7672 return PDMDEV_SET_ERROR(pDevIns, rc,
7673 N_("PIIX3 configuration error: failed to read \"FirmwareRevision\" as string"));
7674 }
7675
7676 rc = CFGMR3QueryStringDef(pCfgNode, "ModelNumber", pIf->szModelNumber, sizeof(pIf->szModelNumber),
7677 pIf->fATAPI ? "VBOX CD-ROM" : "VBOX HARDDISK");
7678 if (RT_FAILURE(rc))
7679 {
7680 if (rc == VERR_CFGM_NOT_ENOUGH_SPACE)
7681 return PDMDEV_SET_ERROR(pDevIns, VERR_INVALID_PARAMETER,
7682 N_("PIIX3 configuration error: \"ModelNumber\" is longer than 40 bytes"));
7683 return PDMDEV_SET_ERROR(pDevIns, rc,
7684 N_("PIIX3 configuration error: failed to read \"ModelNumber\" as string"));
7685 }
7686
7687 /* There are three other identification strings for CD drives used for INQUIRY */
7688 if (pIf->fATAPI)
7689 {
7690 rc = CFGMR3QueryStringDef(pCfgNode, "ATAPIVendorId", pIf->szInquiryVendorId, sizeof(pIf->szInquiryVendorId),
7691 "VBOX");
7692 if (RT_FAILURE(rc))
7693 {
7694 if (rc == VERR_CFGM_NOT_ENOUGH_SPACE)
7695 return PDMDEV_SET_ERROR(pDevIns, VERR_INVALID_PARAMETER,
7696 N_("PIIX3 configuration error: \"ATAPIVendorId\" is longer than 16 bytes"));
7697 return PDMDEV_SET_ERROR(pDevIns, rc,
7698 N_("PIIX3 configuration error: failed to read \"ATAPIVendorId\" as string"));
7699 }
7700
7701 rc = CFGMR3QueryStringDef(pCfgNode, "ATAPIProductId", pIf->szInquiryProductId, sizeof(pIf->szInquiryProductId),
7702 "CD-ROM");
7703 if (RT_FAILURE(rc))
7704 {
7705 if (rc == VERR_CFGM_NOT_ENOUGH_SPACE)
7706 return PDMDEV_SET_ERROR(pDevIns, VERR_INVALID_PARAMETER,
7707 N_("PIIX3 configuration error: \"ATAPIProductId\" is longer than 16 bytes"));
7708 return PDMDEV_SET_ERROR(pDevIns, rc,
7709 N_("PIIX3 configuration error: failed to read \"ATAPIProductId\" as string"));
7710 }
7711
7712 rc = CFGMR3QueryStringDef(pCfgNode, "ATAPIRevision", pIf->szInquiryRevision, sizeof(pIf->szInquiryRevision),
7713 "1.0");
7714 if (RT_FAILURE(rc))
7715 {
7716 if (rc == VERR_CFGM_NOT_ENOUGH_SPACE)
7717 return PDMDEV_SET_ERROR(pDevIns, VERR_INVALID_PARAMETER,
7718 N_("PIIX3 configuration error: \"ATAPIRevision\" is longer than 4 bytes"));
7719 return PDMDEV_SET_ERROR(pDevIns, rc,
7720 N_("PIIX3 configuration error: failed to read \"ATAPIRevision\" as string"));
7721 }
7722
7723 rc = CFGMR3QueryBoolDef(pCfgNode, "OverwriteInquiry", &pIf->fOverwriteInquiry, true);
7724 if (RT_FAILURE(rc))
7725 return PDMDEV_SET_ERROR(pDevIns, rc,
7726 N_("PIIX3 configuration error: failed to read \"OverwriteInquiry\" as boolean"));
7727 }
7728 }
7729
7730 }
7731 else if (rc == VERR_PDM_NO_ATTACHED_DRIVER)
7732 {
7733 pIf->pDrvBase = NULL;
7734 pIf->pDrvMedia = NULL;
7735 pIf->cbIOBuffer = 0;
7736 pIf->pbIOBufferR3 = NULL;
7737 pIf->pbIOBufferR0 = NIL_RTR0PTR;
7738 pIf->pbIOBufferRC = NIL_RTGCPTR;
7739 LogRel(("PIIX3 ATA: LUN#%d: no unit\n", pIf->iLUN));
7740 }
7741 else
7742 {
7743 switch (rc)
7744 {
7745 case VERR_ACCESS_DENIED:
7746 /* Error already cached by DrvHostBase */
7747 return rc;
7748 default:
7749 return PDMDevHlpVMSetError(pDevIns, rc, RT_SRC_POS,
7750 N_("PIIX3 cannot attach drive to the %s"),
7751 s_apszDescs[i][j]);
7752 }
7753 }
7754 cbTotalBuffer += pIf->cbIOBuffer;
7755 }
7756 }
7757
7758 rc = PDMDevHlpSSMRegisterEx(pDevIns, ATA_SAVED_STATE_VERSION, sizeof(*pThis) + cbTotalBuffer, NULL,
7759 NULL, ataR3LiveExec, NULL,
7760 ataR3SaveLoadPrep, ataR3SaveExec, NULL,
7761 ataR3SaveLoadPrep, ataR3LoadExec, NULL);
7762 if (RT_FAILURE(rc))
7763 return PDMDEV_SET_ERROR(pDevIns, rc, N_("PIIX3 cannot register save state handlers"));
7764
7765 /*
7766 * Initialize the device state.
7767 */
7768 return ataR3ResetCommon(pDevIns, true /*fConstruct*/);
7769}
7770
7771
7772/**
7773 * The device registration structure.
7774 */
7775const PDMDEVREG g_DevicePIIX3IDE =
7776{
7777 /* u32Version */
7778 PDM_DEVREG_VERSION,
7779 /* szName */
7780 "piix3ide",
7781 /* szRCMod */
7782 "VBoxDDRC.rc",
7783 /* szR0Mod */
7784 "VBoxDDR0.r0",
7785 /* pszDescription */
7786 "Intel PIIX3 ATA controller.\n"
7787 " LUN #0 is primary master.\n"
7788 " LUN #1 is primary slave.\n"
7789 " LUN #2 is secondary master.\n"
7790 " LUN #3 is secondary slave.\n"
7791 " LUN #999 is the LED/Status connector.",
7792 /* fFlags */
7793 PDM_DEVREG_FLAGS_DEFAULT_BITS | PDM_DEVREG_FLAGS_RC | PDM_DEVREG_FLAGS_R0 |
7794 PDM_DEVREG_FLAGS_FIRST_SUSPEND_NOTIFICATION | PDM_DEVREG_FLAGS_FIRST_POWEROFF_NOTIFICATION |
7795 PDM_DEVREG_FLAGS_FIRST_RESET_NOTIFICATION,
7796 /* fClass */
7797 PDM_DEVREG_CLASS_STORAGE,
7798 /* cMaxInstances */
7799 1,
7800 /* cbInstance */
7801 sizeof(PCIATAState),
7802 /* pfnConstruct */
7803 ataR3Construct,
7804 /* pfnDestruct */
7805 ataR3Destruct,
7806 /* pfnRelocate */
7807 ataR3Relocate,
7808 /* pfnMemSetup */
7809 NULL,
7810 /* pfnPowerOn */
7811 NULL,
7812 /* pfnReset */
7813 ataR3Reset,
7814 /* pfnSuspend */
7815 ataR3Suspend,
7816 /* pfnResume */
7817 ataR3Resume,
7818 /* pfnAttach */
7819 ataR3Attach,
7820 /* pfnDetach */
7821 ataR3Detach,
7822 /* pfnQueryInterface. */
7823 NULL,
7824 /* pfnInitComplete */
7825 NULL,
7826 /* pfnPowerOff */
7827 ataR3PowerOff,
7828 /* pfnSoftReset */
7829 NULL,
7830 /* u32VersionEnd */
7831 PDM_DEVREG_VERSION
7832};
7833#endif /* IN_RING3 */
7834#endif /* !VBOX_DEVICE_STRUCT_TESTCASE */
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette