VirtualBox

source: vbox/trunk/src/VBox/Devices/Storage/DevATA.cpp@ 27805

Last change on this file since 27805 was 27361, checked in by vboxsync, 15 years ago

Storate/ATA: implemented ATA_EVENT_STATUS_MEDIA_EJECT_REQUESTED (currently unused)
  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 268.5 KB
Line 
1/* $Id: DevATA.cpp 27361 2010-03-15 14:24:42Z vboxsync $ */
2/** @file
3 * VBox storage devices: ATA/ATAPI controller device (disk and cdrom).
4 */
5
6/*
7 * Copyright (C) 2006-2008 Sun Microsystems, Inc.
8 *
9 * This file is part of VirtualBox Open Source Edition (OSE), as
10 * available from http://www.virtualbox.org. This file is free software;
11 * you can redistribute it and/or modify it under the terms of the GNU
12 * General Public License (GPL) as published by the Free Software
13 * Foundation, in version 2 as it comes in the "COPYING" file of the
14 * VirtualBox OSE distribution. VirtualBox OSE is distributed in the
15 * hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
16 *
17 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa
18 * Clara, CA 95054 USA or visit http://www.sun.com if you need
19 * additional information or have any questions.
20 */
21
22/*******************************************************************************
23* Defined Constants And Macros *
24*******************************************************************************/
25/** Temporary instrumentation for tracking down potential virtual disk
26 * write performance issues. */
27#undef VBOX_INSTRUMENT_DMA_WRITES
28
29/** @name The SSM saved state versions.
30 * @{
31 */
32/** The current saved state version. */
33#define ATA_SAVED_STATE_VERSION 20
34/** The saved state version used by VirtualBox 3.0.
35 * This lacks the config part and has the type at the and. */
36#define ATA_SAVED_STATE_VERSION_VBOX_30 19
37#define ATA_SAVED_STATE_VERSION_WITH_BOOL_TYPE 18
38#define ATA_SAVED_STATE_VERSION_WITHOUT_FULL_SENSE 16
39#define ATA_SAVED_STATE_VERSION_WITHOUT_EVENT_STATUS 17
40/** @} */
41
42/*******************************************************************************
43* Header Files *
44*******************************************************************************/
45#define LOG_GROUP LOG_GROUP_DEV_IDE
46#include <VBox/pdmdev.h>
47#include <iprt/assert.h>
48#include <iprt/string.h>
49#ifdef IN_RING3
50# include <iprt/uuid.h>
51# include <iprt/semaphore.h>
52# include <iprt/thread.h>
53# include <iprt/time.h>
54# include <iprt/alloc.h>
55#endif /* IN_RING3 */
56#include <iprt/critsect.h>
57#include <iprt/asm.h>
58#include <VBox/stam.h>
59#include <VBox/mm.h>
60#include <VBox/pgm.h>
61
62#include <VBox/scsi.h>
63
64#include "PIIX3ATABmDma.h"
65#include "ide.h"
66#include "../Builtins.h"
67
68/*******************************************************************************
69* Defined Constants And Macros *
70*******************************************************************************/
71/**
72 * Maximum number of sectors to transfer in a READ/WRITE MULTIPLE request.
73 * Set to 1 to disable multi-sector read support. According to the ATA
74 * specification this must be a power of 2 and it must fit in an 8 bit
75 * value. Thus the only valid values are 1, 2, 4, 8, 16, 32, 64 and 128.
76 */
77#define ATA_MAX_MULT_SECTORS 128
78
79/**
80 * Fastest PIO mode supported by the drive.
81 */
82#define ATA_PIO_MODE_MAX 4
83/**
84 * Fastest MDMA mode supported by the drive.
85 */
86#define ATA_MDMA_MODE_MAX 2
87/**
88 * Fastest UDMA mode supported by the drive.
89 */
90#define ATA_UDMA_MODE_MAX 6
91
92/** ATAPI sense info size. */
93#define ATAPI_SENSE_SIZE 64
94
95/** The maximum number of release log entries per device. */
96#define MAX_LOG_REL_ERRORS 1024
97
98/* MediaEventStatus */
99#define ATA_EVENT_STATUS_UNCHANGED 0 /**< medium event status not changed */
100#define ATA_EVENT_STATUS_MEDIA_NEW 1 /**< new medium inserted */
101#define ATA_EVENT_STATUS_MEDIA_REMOVED 2 /**< medium removed */
102#define ATA_EVENT_STATUS_MEDIA_CHANGED 3 /**< medium was removed + new medium was inserted */
103#define ATA_EVENT_STATUS_MEDIA_EJECT_REQUESTED 4 /**< medium eject requested (eject button pressed) */
104
105/**
106 * Length of the configurable VPD data (without termination)
107 */
108#define ATA_SERIAL_NUMBER_LENGTH 20
109#define ATA_FIRMWARE_REVISION_LENGTH 8
110#define ATA_MODEL_NUMBER_LENGTH 40
111#define ATAPI_INQUIRY_VENDOR_ID_LENGTH 8
112#define ATAPI_INQUIRY_PRODUCT_ID_LENGTH 16
113#define ATAPI_INQUIRY_REVISION_LENGTH 4
114
115/*******************************************************************************
116* Structures and Typedefs *
117*******************************************************************************/
118/**
119 * The state of an ATA device.
120 *
121 * @implements PDMIBASE
122 * @implements PDMIBLOCKPORT
123 * @implements PDMIMOUNTNOTIFY
124 */
125typedef struct ATADevState
126{
127 /** Flag indicating whether the current command uses LBA48 mode. */
128 bool fLBA48;
129 /** Flag indicating whether this drive implements the ATAPI command set. */
130 bool fATAPI;
131 /** Set if this interface has asserted the IRQ. */
132 bool fIrqPending;
133 /** Currently configured number of sectors in a multi-sector transfer. */
134 uint8_t cMultSectors;
135 /** PCHS disk geometry. */
136 PDMMEDIAGEOMETRY PCHSGeometry;
137 /** Total number of sectors on this disk. */
138 uint64_t cTotalSectors;
139 /** Number of sectors to transfer per IRQ. */
140 uint32_t cSectorsPerIRQ;
141
142 /** ATA/ATAPI register 1: feature (write-only). */
143 uint8_t uATARegFeature;
144 /** ATA/ATAPI register 1: feature, high order byte. */
145 uint8_t uATARegFeatureHOB;
146 /** ATA/ATAPI register 1: error (read-only). */
147 uint8_t uATARegError;
148 /** ATA/ATAPI register 2: sector count (read/write). */
149 uint8_t uATARegNSector;
150 /** ATA/ATAPI register 2: sector count, high order byte. */
151 uint8_t uATARegNSectorHOB;
152 /** ATA/ATAPI register 3: sector (read/write). */
153 uint8_t uATARegSector;
154 /** ATA/ATAPI register 3: sector, high order byte. */
155 uint8_t uATARegSectorHOB;
156 /** ATA/ATAPI register 4: cylinder low (read/write). */
157 uint8_t uATARegLCyl;
158 /** ATA/ATAPI register 4: cylinder low, high order byte. */
159 uint8_t uATARegLCylHOB;
160 /** ATA/ATAPI register 5: cylinder high (read/write). */
161 uint8_t uATARegHCyl;
162 /** ATA/ATAPI register 5: cylinder high, high order byte. */
163 uint8_t uATARegHCylHOB;
164 /** ATA/ATAPI register 6: select drive/head (read/write). */
165 uint8_t uATARegSelect;
166 /** ATA/ATAPI register 7: status (read-only). */
167 uint8_t uATARegStatus;
168 /** ATA/ATAPI register 7: command (write-only). */
169 uint8_t uATARegCommand;
170 /** ATA/ATAPI drive control register (write-only). */
171 uint8_t uATARegDevCtl;
172
173 /** Currently active transfer mode (MDMA/UDMA) and speed. */
174 uint8_t uATATransferMode;
175 /** Current transfer direction. */
176 uint8_t uTxDir;
177 /** Index of callback for begin transfer. */
178 uint8_t iBeginTransfer;
179 /** Index of callback for source/sink of data. */
180 uint8_t iSourceSink;
181 /** Flag indicating whether the current command transfers data in DMA mode. */
182 bool fDMA;
183 /** Set to indicate that ATAPI transfer semantics must be used. */
184 bool fATAPITransfer;
185
186 /** Total ATA/ATAPI transfer size, shared PIO/DMA. */
187 uint32_t cbTotalTransfer;
188 /** Elementary ATA/ATAPI transfer size, shared PIO/DMA. */
189 uint32_t cbElementaryTransfer;
190 /** Current read/write buffer position, shared PIO/DMA. */
191 uint32_t iIOBufferCur;
192 /** First element beyond end of valid buffer content, shared PIO/DMA. */
193 uint32_t iIOBufferEnd;
194
195 /** ATA/ATAPI current PIO read/write transfer position. Not shared with DMA for safety reasons. */
196 uint32_t iIOBufferPIODataStart;
197 /** ATA/ATAPI current PIO read/write transfer end. Not shared with DMA for safety reasons. */
198 uint32_t iIOBufferPIODataEnd;
199
200 /** ATAPI current LBA position. */
201 uint32_t iATAPILBA;
202 /** ATAPI current sector size. */
203 uint32_t cbATAPISector;
204 /** ATAPI current command. */
205 uint8_t aATAPICmd[ATAPI_PACKET_SIZE];
206 /** ATAPI sense data. */
207 uint8_t abATAPISense[ATAPI_SENSE_SIZE];
208 /** HACK: Countdown till we report a newly unmounted drive as mounted. */
209 uint8_t cNotifiedMediaChange;
210 /** The same for GET_EVENT_STATUS for mechanism */
211 volatile uint32_t MediaEventStatus;
212
213 uint32_t Alignment0;
214
215 /** The status LED state for this drive. */
216 PDMLED Led;
217
218 /** Size of I/O buffer. */
219 uint32_t cbIOBuffer;
220 /** Pointer to the I/O buffer. */
221 R3PTRTYPE(uint8_t *) pbIOBufferR3;
222 /** Pointer to the I/O buffer. */
223 R0PTRTYPE(uint8_t *) pbIOBufferR0;
224 /** Pointer to the I/O buffer. */
225 RCPTRTYPE(uint8_t *) pbIOBufferRC;
226
227 RTRCPTR Aligmnent1; /**< Align the statistics at an 8-byte boundrary. */
228
229 /*
230 * No data that is part of the saved state after this point!!!!!
231 */
232
233 /* Release statistics: number of ATA DMA commands. */
234 STAMCOUNTER StatATADMA;
235 /* Release statistics: number of ATA PIO commands. */
236 STAMCOUNTER StatATAPIO;
237 /* Release statistics: number of ATAPI PIO commands. */
238 STAMCOUNTER StatATAPIDMA;
239 /* Release statistics: number of ATAPI PIO commands. */
240 STAMCOUNTER StatATAPIPIO;
241#ifdef VBOX_INSTRUMENT_DMA_WRITES
242 /* Release statistics: number of DMA sector writes and the time spent. */
243 STAMPROFILEADV StatInstrVDWrites;
244#endif
245
246 /** Statistics: number of read operations and the time spent reading. */
247 STAMPROFILEADV StatReads;
248 /** Statistics: number of bytes read. */
249 STAMCOUNTER StatBytesRead;
250 /** Statistics: number of write operations and the time spent writing. */
251 STAMPROFILEADV StatWrites;
252 /** Statistics: number of bytes written. */
253 STAMCOUNTER StatBytesWritten;
254 /** Statistics: number of flush operations and the time spend flushing. */
255 STAMPROFILE StatFlushes;
256
257 /** Enable passing through commands directly to the ATAPI drive. */
258 bool fATAPIPassthrough;
259 /** Number of errors we've reported to the release log.
260 * This is to prevent flooding caused by something going horribly wrong.
261 * this value against MAX_LOG_REL_ERRORS in places likely to cause floods
262 * like the ones we currently seeing on the linux smoke tests (2006-11-10). */
263 uint32_t cErrors;
264 /** Timestamp of last started command. 0 if no command pending. */
265 uint64_t u64CmdTS;
266
267 /** Pointer to the attached driver's base interface. */
268 R3PTRTYPE(PPDMIBASE) pDrvBase;
269 /** Pointer to the attached driver's block interface. */
270 R3PTRTYPE(PPDMIBLOCK) pDrvBlock;
271 /** Pointer to the attached driver's block bios interface. */
272 R3PTRTYPE(PPDMIBLOCKBIOS) pDrvBlockBios;
273 /** Pointer to the attached driver's mount interface.
274 * This is NULL if the driver isn't a removable unit. */
275 R3PTRTYPE(PPDMIMOUNT) pDrvMount;
276 /** The base interface. */
277 PDMIBASE IBase;
278 /** The block port interface. */
279 PDMIBLOCKPORT IPort;
280 /** The mount notify interface. */
281 PDMIMOUNTNOTIFY IMountNotify;
282 /** The LUN #. */
283 RTUINT iLUN;
284 RTUINT Alignment2; /**< Align pDevInsR3 correctly. */
285 /** Pointer to device instance. */
286 PPDMDEVINSR3 pDevInsR3;
287 /** Pointer to controller instance. */
288 R3PTRTYPE(struct ATACONTROLLER *) pControllerR3;
289 /** Pointer to device instance. */
290 PPDMDEVINSR0 pDevInsR0;
291 /** Pointer to controller instance. */
292 R0PTRTYPE(struct ATACONTROLLER *) pControllerR0;
293 /** Pointer to device instance. */
294 PPDMDEVINSRC pDevInsRC;
295 /** Pointer to controller instance. */
296 RCPTRTYPE(struct ATACONTROLLER *) pControllerRC;
297
298 /** The serial number to use for IDENTIFY DEVICE commands. */
299 char szSerialNumber[ATA_SERIAL_NUMBER_LENGTH+1];
300 /** The firmware revision to use for IDENTIFY DEVICE commands. */
301 char szFirmwareRevision[ATA_FIRMWARE_REVISION_LENGTH+1];
302 /** The model number to use for IDENTIFY DEVICE commands. */
303 char szModelNumber[ATA_MODEL_NUMBER_LENGTH+1];
304 /** The vendor identification string for SCSI INQUIRY commands. */
305 char szInquiryVendorId[ATAPI_INQUIRY_VENDOR_ID_LENGTH+1];
306 /** The product identification string for SCSI INQUIRY commands. */
307 char szInquiryProductId[ATAPI_INQUIRY_PRODUCT_ID_LENGTH+1];
308 /** The revision string for SCSI INQUIRY commands. */
309 char szInquiryRevision[ATAPI_INQUIRY_REVISION_LENGTH+1];
310
311 uint8_t abAlignment3[7];
312} ATADevState;
313AssertCompileMemberAlignment(ATADevState, cTotalSectors, 8);
314AssertCompileMemberAlignment(ATADevState, StatATADMA, 8);
315AssertCompileMemberAlignment(ATADevState, u64CmdTS, 8);
316AssertCompileMemberAlignment(ATADevState, pDevInsR3, 8);
317AssertCompileMemberAlignment(ATADevState, szSerialNumber, 8);
318AssertCompileSizeAlignment(ATADevState, 8);
319
320
321typedef struct ATATransferRequest
322{
323 uint8_t iIf;
324 uint8_t iBeginTransfer;
325 uint8_t iSourceSink;
326 uint32_t cbTotalTransfer;
327 uint8_t uTxDir;
328} ATATransferRequest;
329
330
331typedef struct ATAAbortRequest
332{
333 uint8_t iIf;
334 bool fResetDrive;
335} ATAAbortRequest;
336
337
338typedef enum
339{
340 /** Begin a new transfer. */
341 ATA_AIO_NEW = 0,
342 /** Continue a DMA transfer. */
343 ATA_AIO_DMA,
344 /** Continue a PIO transfer. */
345 ATA_AIO_PIO,
346 /** Reset the drives on current controller, stop all transfer activity. */
347 ATA_AIO_RESET_ASSERTED,
348 /** Reset the drives on current controller, resume operation. */
349 ATA_AIO_RESET_CLEARED,
350 /** Abort the current transfer of a particular drive. */
351 ATA_AIO_ABORT
352} ATAAIO;
353
354
355typedef struct ATARequest
356{
357 ATAAIO ReqType;
358 union
359 {
360 ATATransferRequest t;
361 ATAAbortRequest a;
362 } u;
363} ATARequest;
364
365
366typedef struct ATACONTROLLER
367{
368 /** The base of the first I/O Port range. */
369 RTIOPORT IOPortBase1;
370 /** The base of the second I/O Port range. (0 if none) */
371 RTIOPORT IOPortBase2;
372 /** The assigned IRQ. */
373 RTUINT irq;
374 /** Access critical section */
375 PDMCRITSECT lock;
376
377 /** Selected drive. */
378 uint8_t iSelectedIf;
379 /** The interface on which to handle async I/O. */
380 uint8_t iAIOIf;
381 /** The state of the async I/O thread. */
382 uint8_t uAsyncIOState;
383 /** Flag indicating whether the next transfer is part of the current command. */
384 bool fChainedTransfer;
385 /** Set when the reset processing is currently active on this controller. */
386 bool fReset;
387 /** Flag whether the current transfer needs to be redone. */
388 bool fRedo;
389 /** Flag whether the redo suspend has been finished. */
390 bool fRedoIdle;
391 /** Flag whether the DMA operation to be redone is the final transfer. */
392 bool fRedoDMALastDesc;
393 /** The BusMaster DMA state. */
394 BMDMAState BmDma;
395 /** Pointer to first DMA descriptor. */
396 RTGCPHYS32 pFirstDMADesc;
397 /** Pointer to last DMA descriptor. */
398 RTGCPHYS32 pLastDMADesc;
399 /** Pointer to current DMA buffer (for redo operations). */
400 RTGCPHYS32 pRedoDMABuffer;
401 /** Size of current DMA buffer (for redo operations). */
402 uint32_t cbRedoDMABuffer;
403
404 /** The ATA/ATAPI interfaces of this controller. */
405 ATADevState aIfs[2];
406
407 /** Pointer to device instance. */
408 PPDMDEVINSR3 pDevInsR3;
409 /** Pointer to device instance. */
410 PPDMDEVINSR0 pDevInsR0;
411 /** Pointer to device instance. */
412 PPDMDEVINSRC pDevInsRC;
413
414 /** Set when the destroying the device instance and the thread must exit. */
415 uint32_t volatile fShutdown;
416 /** The async I/O thread handle. NIL_RTTHREAD if no thread. */
417 RTTHREAD AsyncIOThread;
418 /** The event semaphore the thread is waiting on for requests. */
419 RTSEMEVENT AsyncIOSem;
420 /** The request queue for the AIO thread. One element is always unused. */
421 ATARequest aAsyncIORequests[4];
422 /** The position at which to insert a new request for the AIO thread. */
423 uint8_t AsyncIOReqHead;
424 /** The position at which to get a new request for the AIO thread. */
425 uint8_t AsyncIOReqTail;
426 /** Whether to call PDMDevHlpAsyncNotificationCompleted when idle. */
427 bool volatile fSignalIdle;
428 uint8_t Alignment3[1]; /**< Explicit padding of the 1 byte gap. */
429 /** Magic delay before triggering interrupts in DMA mode. */
430 uint32_t DelayIRQMillies;
431 /** The mutex protecting the request queue. */
432 RTSEMMUTEX AsyncIORequestMutex;
433 /** The event semaphore the thread is waiting on during suspended I/O. */
434 RTSEMEVENT SuspendIOSem;
435#if 0 /*HC_ARCH_BITS == 32*/
436 uint32_t Alignment0;
437#endif
438
439 /** Timestamp we started the reset. */
440 uint64_t u64ResetTime;
441
442 /* Statistics */
443 STAMCOUNTER StatAsyncOps;
444 uint64_t StatAsyncMinWait;
445 uint64_t StatAsyncMaxWait;
446 STAMCOUNTER StatAsyncTimeUS;
447 STAMPROFILEADV StatAsyncTime;
448 STAMPROFILE StatLockWait;
449} ATACONTROLLER, *PATACONTROLLER;
450AssertCompileMemberAlignment(ATACONTROLLER, lock, 8);
451AssertCompileMemberAlignment(ATACONTROLLER, aIfs, 8);
452AssertCompileMemberAlignment(ATACONTROLLER, u64ResetTime, 8);
453AssertCompileMemberAlignment(ATACONTROLLER, StatAsyncOps, 8);
454
455typedef enum CHIPSET
456{
457 /** PIIX3 chipset, must be 0 for saved state compatibility */
458 CHIPSET_PIIX3 = 0,
459 /** PIIX4 chipset, must be 1 for saved state compatibility */
460 CHIPSET_PIIX4 = 1,
461 /** ICH6 chipset */
462 CHIPSET_ICH6 = 2
463} CHIPSET;
464
465/**
466 * The state of the ATA PCI device.
467 *
468 * @extends PCIDEVICE
469 * @implements PDMILEDPORTS
470 */
471typedef struct PCIATAState
472{
473 PCIDEVICE dev;
474 /** The controllers. */
475 ATACONTROLLER aCts[2];
476 /** Pointer to device instance. */
477 PPDMDEVINSR3 pDevIns;
478 /** Status LUN: Base interface. */
479 PDMIBASE IBase;
480 /** Status LUN: Leds interface. */
481 PDMILEDPORTS ILeds;
482 /** Status LUN: Partner of ILeds. */
483 R3PTRTYPE(PPDMILEDCONNECTORS) pLedsConnector;
484 /** Flag whether GC is enabled. */
485 bool fGCEnabled;
486 /** Flag whether R0 is enabled. */
487 bool fR0Enabled;
488 /** Flag indicating chipset being emulated. */
489 uint8_t u8Type;
490 bool Alignment0[HC_ARCH_BITS == 64 ? 5 : 1 ]; /**< Align the struct size. */
491} PCIATAState;
492
493#define PDMIBASE_2_PCIATASTATE(pInterface) ( (PCIATAState *)((uintptr_t)(pInterface) - RT_OFFSETOF(PCIATAState, IBase)) )
494#define PDMILEDPORTS_2_PCIATASTATE(pInterface) ( (PCIATAState *)((uintptr_t)(pInterface) - RT_OFFSETOF(PCIATAState, ILeds)) )
495#define PDMIBLOCKPORT_2_ATASTATE(pInterface) ( (ATADevState *)((uintptr_t)(pInterface) - RT_OFFSETOF(ATADevState, IPort)) )
496#define PDMIMOUNT_2_ATASTATE(pInterface) ( (ATADevState *)((uintptr_t)(pInterface) - RT_OFFSETOF(ATADevState, IMount)) )
497#define PDMIMOUNTNOTIFY_2_ATASTATE(pInterface) ( (ATADevState *)((uintptr_t)(pInterface) - RT_OFFSETOF(ATADevState, IMountNotify)) )
498#define PCIDEV_2_PCIATASTATE(pPciDev) ( (PCIATAState *)(pPciDev) )
499
500#define ATACONTROLLER_IDX(pController) ( (pController) - PDMINS_2_DATA(CONTROLLER_2_DEVINS(pController), PCIATAState *)->aCts )
501
502#define ATADEVSTATE_2_CONTROLLER(pIf) ( (pIf)->CTX_SUFF(pController) )
503#define ATADEVSTATE_2_DEVINS(pIf) ( (pIf)->CTX_SUFF(pDevIns) )
504#define CONTROLLER_2_DEVINS(pController) ( (pController)->CTX_SUFF(pDevIns) )
505#define PDMIBASE_2_ATASTATE(pInterface) ( (ATADevState *)((uintptr_t)(pInterface) - RT_OFFSETOF(ATADevState, IBase)) )
506
507#ifndef VBOX_DEVICE_STRUCT_TESTCASE
508/*******************************************************************************
509 * Internal Functions *
510 ******************************************************************************/
511RT_C_DECLS_BEGIN
512PDMBOTHCBDECL(int) ataIOPortWrite1(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t u32, unsigned cb);
513PDMBOTHCBDECL(int) ataIOPortRead1(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t *u32, unsigned cb);
514PDMBOTHCBDECL(int) ataIOPortWriteStr1(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, RTGCPTR *pGCPtrSrc, PRTGCUINTREG pcTransfer, unsigned cb);
515PDMBOTHCBDECL(int) ataIOPortReadStr1(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, RTGCPTR *pGCPtrDst, PRTGCUINTREG pcTransfer, unsigned cb);
516PDMBOTHCBDECL(int) ataIOPortWrite2(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t u32, unsigned cb);
517PDMBOTHCBDECL(int) ataIOPortRead2(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t *u32, unsigned cb);
518PDMBOTHCBDECL(int) ataBMDMAIOPortWrite(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t u32, unsigned cb);
519PDMBOTHCBDECL(int) ataBMDMAIOPortRead(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t *pu32, unsigned cb);
520RT_C_DECLS_END
521
522
523
524DECLINLINE(void) ataSetStatusValue(ATADevState *s, uint8_t stat)
525{
526 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
527
528 /* Freeze status register contents while processing RESET. */
529 if (!pCtl->fReset)
530 {
531 s->uATARegStatus = stat;
532 Log2(("%s: LUN#%d status %#04x\n", __FUNCTION__, s->iLUN, s->uATARegStatus));
533 }
534}
535
536
537DECLINLINE(void) ataSetStatus(ATADevState *s, uint8_t stat)
538{
539 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
540
541 /* Freeze status register contents while processing RESET. */
542 if (!pCtl->fReset)
543 {
544 s->uATARegStatus |= stat;
545 Log2(("%s: LUN#%d status %#04x\n", __FUNCTION__, s->iLUN, s->uATARegStatus));
546 }
547}
548
549
550DECLINLINE(void) ataUnsetStatus(ATADevState *s, uint8_t stat)
551{
552 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
553
554 /* Freeze status register contents while processing RESET. */
555 if (!pCtl->fReset)
556 {
557 s->uATARegStatus &= ~stat;
558 Log2(("%s: LUN#%d status %#04x\n", __FUNCTION__, s->iLUN, s->uATARegStatus));
559 }
560}
561
562#ifdef IN_RING3
563
564typedef void (*PBeginTransferFunc)(ATADevState *);
565typedef bool (*PSourceSinkFunc)(ATADevState *);
566
567static void ataReadWriteSectorsBT(ATADevState *);
568static void ataPacketBT(ATADevState *);
569static void atapiCmdBT(ATADevState *);
570static void atapiPassthroughCmdBT(ATADevState *);
571
572static bool ataIdentifySS(ATADevState *);
573static bool ataFlushSS(ATADevState *);
574static bool ataReadSectorsSS(ATADevState *);
575static bool ataWriteSectorsSS(ATADevState *);
576static bool ataExecuteDeviceDiagnosticSS(ATADevState *);
577static bool ataPacketSS(ATADevState *);
578static bool atapiGetConfigurationSS(ATADevState *);
579static bool atapiGetEventStatusNotificationSS(ATADevState *);
580static bool atapiIdentifySS(ATADevState *);
581static bool atapiInquirySS(ATADevState *);
582static bool atapiMechanismStatusSS(ATADevState *);
583static bool atapiModeSenseErrorRecoverySS(ATADevState *);
584static bool atapiModeSenseCDStatusSS(ATADevState *);
585static bool atapiReadSS(ATADevState *);
586static bool atapiReadCapacitySS(ATADevState *);
587static bool atapiReadDiscInformationSS(ATADevState *);
588static bool atapiReadTOCNormalSS(ATADevState *);
589static bool atapiReadTOCMultiSS(ATADevState *);
590static bool atapiReadTOCRawSS(ATADevState *);
591static bool atapiReadTrackInformationSS(ATADevState *);
592static bool atapiRequestSenseSS(ATADevState *);
593static bool atapiPassthroughSS(ATADevState *);
594static bool atapiReadDVDStructureSS(ATADevState *);
595
596/**
597 * Begin of transfer function indexes for g_apfnBeginTransFuncs.
598 */
599typedef enum ATAFNBT
600{
601 ATAFN_BT_NULL = 0,
602 ATAFN_BT_READ_WRITE_SECTORS,
603 ATAFN_BT_PACKET,
604 ATAFN_BT_ATAPI_CMD,
605 ATAFN_BT_ATAPI_PASSTHROUGH_CMD,
606 ATAFN_BT_MAX
607} ATAFNBT;
608
609/**
610 * Array of end transfer functions, the index is ATAFNET.
611 * Make sure ATAFNET and this array match!
612 */
613static const PBeginTransferFunc g_apfnBeginTransFuncs[ATAFN_BT_MAX] =
614{
615 NULL,
616 ataReadWriteSectorsBT,
617 ataPacketBT,
618 atapiCmdBT,
619 atapiPassthroughCmdBT,
620};
621
622/**
623 * Source/sink function indexes for g_apfnSourceSinkFuncs.
624 */
625typedef enum ATAFNSS
626{
627 ATAFN_SS_NULL = 0,
628 ATAFN_SS_IDENTIFY,
629 ATAFN_SS_FLUSH,
630 ATAFN_SS_READ_SECTORS,
631 ATAFN_SS_WRITE_SECTORS,
632 ATAFN_SS_EXECUTE_DEVICE_DIAGNOSTIC,
633 ATAFN_SS_PACKET,
634 ATAFN_SS_ATAPI_GET_CONFIGURATION,
635 ATAFN_SS_ATAPI_GET_EVENT_STATUS_NOTIFICATION,
636 ATAFN_SS_ATAPI_IDENTIFY,
637 ATAFN_SS_ATAPI_INQUIRY,
638 ATAFN_SS_ATAPI_MECHANISM_STATUS,
639 ATAFN_SS_ATAPI_MODE_SENSE_ERROR_RECOVERY,
640 ATAFN_SS_ATAPI_MODE_SENSE_CD_STATUS,
641 ATAFN_SS_ATAPI_READ,
642 ATAFN_SS_ATAPI_READ_CAPACITY,
643 ATAFN_SS_ATAPI_READ_DISC_INFORMATION,
644 ATAFN_SS_ATAPI_READ_TOC_NORMAL,
645 ATAFN_SS_ATAPI_READ_TOC_MULTI,
646 ATAFN_SS_ATAPI_READ_TOC_RAW,
647 ATAFN_SS_ATAPI_READ_TRACK_INFORMATION,
648 ATAFN_SS_ATAPI_REQUEST_SENSE,
649 ATAFN_SS_ATAPI_PASSTHROUGH,
650 ATAFN_SS_ATAPI_READ_DVD_STRUCTURE,
651 ATAFN_SS_MAX
652} ATAFNSS;
653
654/**
655 * Array of source/sink functions, the index is ATAFNSS.
656 * Make sure ATAFNSS and this array match!
657 */
658static const PSourceSinkFunc g_apfnSourceSinkFuncs[ATAFN_SS_MAX] =
659{
660 NULL,
661 ataIdentifySS,
662 ataFlushSS,
663 ataReadSectorsSS,
664 ataWriteSectorsSS,
665 ataExecuteDeviceDiagnosticSS,
666 ataPacketSS,
667 atapiGetConfigurationSS,
668 atapiGetEventStatusNotificationSS,
669 atapiIdentifySS,
670 atapiInquirySS,
671 atapiMechanismStatusSS,
672 atapiModeSenseErrorRecoverySS,
673 atapiModeSenseCDStatusSS,
674 atapiReadSS,
675 atapiReadCapacitySS,
676 atapiReadDiscInformationSS,
677 atapiReadTOCNormalSS,
678 atapiReadTOCMultiSS,
679 atapiReadTOCRawSS,
680 atapiReadTrackInformationSS,
681 atapiRequestSenseSS,
682 atapiPassthroughSS,
683 atapiReadDVDStructureSS
684};
685
686
687static const ATARequest g_ataDMARequest = { ATA_AIO_DMA, { { 0, 0, 0, 0, 0 } } };
688static const ATARequest g_ataPIORequest = { ATA_AIO_PIO, { { 0, 0, 0, 0, 0 } } };
689static const ATARequest g_ataResetARequest = { ATA_AIO_RESET_ASSERTED, { { 0, 0, 0, 0, 0 } } };
690static const ATARequest g_ataResetCRequest = { ATA_AIO_RESET_CLEARED, { { 0, 0, 0, 0, 0 } } };
691
692static void ataAsyncIOClearRequests(PATACONTROLLER pCtl)
693{
694 int rc;
695
696 rc = RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT);
697 AssertRC(rc);
698 pCtl->AsyncIOReqHead = 0;
699 pCtl->AsyncIOReqTail = 0;
700 rc = RTSemMutexRelease(pCtl->AsyncIORequestMutex);
701 AssertRC(rc);
702}
703
704
705static void ataAsyncIOPutRequest(PATACONTROLLER pCtl, const ATARequest *pReq)
706{
707 int rc;
708
709 rc = RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT);
710 AssertRC(rc);
711 Assert((pCtl->AsyncIOReqHead + 1) % RT_ELEMENTS(pCtl->aAsyncIORequests) != pCtl->AsyncIOReqTail);
712 memcpy(&pCtl->aAsyncIORequests[pCtl->AsyncIOReqHead], pReq, sizeof(*pReq));
713 pCtl->AsyncIOReqHead++;
714 pCtl->AsyncIOReqHead %= RT_ELEMENTS(pCtl->aAsyncIORequests);
715 rc = RTSemMutexRelease(pCtl->AsyncIORequestMutex);
716 AssertRC(rc);
717 rc = PDMR3CritSectScheduleExitEvent(&pCtl->lock, pCtl->AsyncIOSem);
718 if (RT_FAILURE(rc))
719 {
720 rc = RTSemEventSignal(pCtl->AsyncIOSem);
721 AssertRC(rc);
722 }
723}
724
725
726static const ATARequest *ataAsyncIOGetCurrentRequest(PATACONTROLLER pCtl)
727{
728 int rc;
729 const ATARequest *pReq;
730
731 rc = RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT);
732 AssertRC(rc);
733 if (pCtl->AsyncIOReqHead != pCtl->AsyncIOReqTail)
734 pReq = &pCtl->aAsyncIORequests[pCtl->AsyncIOReqTail];
735 else
736 pReq = NULL;
737 rc = RTSemMutexRelease(pCtl->AsyncIORequestMutex);
738 AssertRC(rc);
739 return pReq;
740}
741
742
743/**
744 * Remove the request with the given type, as it's finished. The request
745 * is not removed blindly, as this could mean a RESET request that is not
746 * yet processed (but has cleared the request queue) is lost.
747 *
748 * @param pCtl Controller for which to remove the request.
749 * @param ReqType Type of the request to remove.
750 */
751static void ataAsyncIORemoveCurrentRequest(PATACONTROLLER pCtl, ATAAIO ReqType)
752{
753 int rc;
754
755 rc = RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT);
756 AssertRC(rc);
757 if (pCtl->AsyncIOReqHead != pCtl->AsyncIOReqTail && pCtl->aAsyncIORequests[pCtl->AsyncIOReqTail].ReqType == ReqType)
758 {
759 pCtl->AsyncIOReqTail++;
760 pCtl->AsyncIOReqTail %= RT_ELEMENTS(pCtl->aAsyncIORequests);
761 }
762 rc = RTSemMutexRelease(pCtl->AsyncIORequestMutex);
763 AssertRC(rc);
764}
765
766
767/**
768 * Dump the request queue for a particular controller. First dump the queue
769 * contents, then the already processed entries, as long as they haven't been
770 * overwritten.
771 *
772 * @param pCtl Controller for which to dump the queue.
773 */
774static void ataAsyncIODumpRequests(PATACONTROLLER pCtl)
775{
776 int rc;
777 uint8_t curr;
778
779 rc = RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT);
780 AssertRC(rc);
781 LogRel(("PIIX3 ATA: Ctl#%d: request queue dump (topmost is current):\n", ATACONTROLLER_IDX(pCtl)));
782 curr = pCtl->AsyncIOReqTail;
783 do
784 {
785 if (curr == pCtl->AsyncIOReqHead)
786 LogRel(("PIIX3 ATA: Ctl#%d: processed requests (topmost is oldest):\n", ATACONTROLLER_IDX(pCtl)));
787 switch (pCtl->aAsyncIORequests[curr].ReqType)
788 {
789 case ATA_AIO_NEW:
790 LogRel(("new transfer request, iIf=%d iBeginTransfer=%d iSourceSink=%d cbTotalTransfer=%d uTxDir=%d\n", pCtl->aAsyncIORequests[curr].u.t.iIf, pCtl->aAsyncIORequests[curr].u.t.iBeginTransfer, pCtl->aAsyncIORequests[curr].u.t.iSourceSink, pCtl->aAsyncIORequests[curr].u.t.cbTotalTransfer, pCtl->aAsyncIORequests[curr].u.t.uTxDir));
791 break;
792 case ATA_AIO_DMA:
793 LogRel(("dma transfer continuation\n"));
794 break;
795 case ATA_AIO_PIO:
796 LogRel(("pio transfer continuation\n"));
797 break;
798 case ATA_AIO_RESET_ASSERTED:
799 LogRel(("reset asserted request\n"));
800 break;
801 case ATA_AIO_RESET_CLEARED:
802 LogRel(("reset cleared request\n"));
803 break;
804 case ATA_AIO_ABORT:
805 LogRel(("abort request, iIf=%d fResetDrive=%d\n", pCtl->aAsyncIORequests[curr].u.a.iIf, pCtl->aAsyncIORequests[curr].u.a.fResetDrive));
806 break;
807 default:
808 LogRel(("unknown request %d\n", pCtl->aAsyncIORequests[curr].ReqType));
809 }
810 curr = (curr + 1) % RT_ELEMENTS(pCtl->aAsyncIORequests);
811 } while (curr != pCtl->AsyncIOReqTail);
812 rc = RTSemMutexRelease(pCtl->AsyncIORequestMutex);
813 AssertRC(rc);
814}
815
816
817/**
818 * Checks whether the request queue for a particular controller is empty
819 * or whether a particular controller is idle.
820 *
821 * @param pCtl Controller for which to check the queue.
822 * @param fStrict If set then the controller is checked to be idle.
823 */
824static bool ataAsyncIOIsIdle(PATACONTROLLER pCtl, bool fStrict)
825{
826 int rc;
827 bool fIdle;
828
829 rc = RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT);
830 AssertRC(rc);
831 fIdle = pCtl->fRedoIdle;
832 if (!fIdle)
833 fIdle = (pCtl->AsyncIOReqHead == pCtl->AsyncIOReqTail);
834 if (fStrict)
835 fIdle &= (pCtl->uAsyncIOState == ATA_AIO_NEW);
836 rc = RTSemMutexRelease(pCtl->AsyncIORequestMutex);
837 AssertRC(rc);
838 return fIdle;
839}
840
841
842/**
843 * Send a transfer request to the async I/O thread.
844 *
845 * @param s Pointer to the ATA device state data.
846 * @param cbTotalTransfer Data transfer size.
847 * @param uTxDir Data transfer direction.
848 * @param iBeginTransfer Index of BeginTransfer callback.
849 * @param iSourceSink Index of SourceSink callback.
850 * @param fChainedTransfer Whether this is a transfer that is part of the previous command/transfer.
851 */
852static void ataStartTransfer(ATADevState *s, uint32_t cbTotalTransfer, uint8_t uTxDir, ATAFNBT iBeginTransfer, ATAFNSS iSourceSink, bool fChainedTransfer)
853{
854 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
855 ATARequest Req;
856
857 Assert(PDMCritSectIsOwner(&pCtl->lock));
858
859 /* Do not issue new requests while the RESET line is asserted. */
860 if (pCtl->fReset)
861 {
862 Log2(("%s: Ctl#%d: suppressed new request as RESET is active\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
863 return;
864 }
865
866 /* If the controller is already doing something else right now, ignore
867 * the command that is being submitted. Some broken guests issue commands
868 * twice (e.g. the Linux kernel that comes with Acronis True Image 8). */
869 if (!fChainedTransfer && !ataAsyncIOIsIdle(pCtl, true /*fStrict*/))
870 {
871 Log(("%s: Ctl#%d: ignored command %#04x, controller state %d\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl), s->uATARegCommand, pCtl->uAsyncIOState));
872 LogRel(("PIIX3 IDE: guest issued command %#04x while controller busy\n", s->uATARegCommand));
873 return;
874 }
875
876 Req.ReqType = ATA_AIO_NEW;
877 if (fChainedTransfer)
878 Req.u.t.iIf = pCtl->iAIOIf;
879 else
880 Req.u.t.iIf = pCtl->iSelectedIf;
881 Req.u.t.cbTotalTransfer = cbTotalTransfer;
882 Req.u.t.uTxDir = uTxDir;
883 Req.u.t.iBeginTransfer = iBeginTransfer;
884 Req.u.t.iSourceSink = iSourceSink;
885 ataSetStatusValue(s, ATA_STAT_BUSY);
886 pCtl->fChainedTransfer = fChainedTransfer;
887
888 /*
889 * Kick the worker thread into action.
890 */
891 Log2(("%s: Ctl#%d: message to async I/O thread, new request\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
892 ataAsyncIOPutRequest(pCtl, &Req);
893}
894
895
896/**
897 * Send an abort command request to the async I/O thread.
898 *
899 * @param s Pointer to the ATA device state data.
900 * @param fResetDrive Whether to reset the drive or just abort a command.
901 */
902static void ataAbortCurrentCommand(ATADevState *s, bool fResetDrive)
903{
904 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
905 ATARequest Req;
906
907 Assert(PDMCritSectIsOwner(&pCtl->lock));
908
909 /* Do not issue new requests while the RESET line is asserted. */
910 if (pCtl->fReset)
911 {
912 Log2(("%s: Ctl#%d: suppressed aborting command as RESET is active\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
913 return;
914 }
915
916 Req.ReqType = ATA_AIO_ABORT;
917 Req.u.a.iIf = pCtl->iSelectedIf;
918 Req.u.a.fResetDrive = fResetDrive;
919 ataSetStatus(s, ATA_STAT_BUSY);
920 Log2(("%s: Ctl#%d: message to async I/O thread, abort command on LUN#%d\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl), s->iLUN));
921 ataAsyncIOPutRequest(pCtl, &Req);
922}
923
924
925static void ataSetIRQ(ATADevState *s)
926{
927 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
928 PPDMDEVINS pDevIns = ATADEVSTATE_2_DEVINS(s);
929
930 if (!(s->uATARegDevCtl & ATA_DEVCTL_DISABLE_IRQ))
931 {
932 Log2(("%s: LUN#%d asserting IRQ\n", __FUNCTION__, s->iLUN));
933 /* The BMDMA unit unconditionally sets BM_STATUS_INT if the interrupt
934 * line is asserted. It monitors the line for a rising edge. */
935 if (!s->fIrqPending)
936 pCtl->BmDma.u8Status |= BM_STATUS_INT;
937 /* Only actually set the IRQ line if updating the currently selected drive. */
938 if (s == &pCtl->aIfs[pCtl->iSelectedIf])
939 {
940 /** @todo experiment with adaptive IRQ delivery: for reads it is
941 * better to wait for IRQ delivery, as it reduces latency. */
942 if (pCtl->irq == 16)
943 PDMDevHlpPCISetIrqNoWait(pDevIns, 0, 1);
944 else
945 PDMDevHlpISASetIrqNoWait(pDevIns, pCtl->irq, 1);
946 }
947 }
948 s->fIrqPending = true;
949}
950
951#endif /* IN_RING3 */
952
953static void ataUnsetIRQ(ATADevState *s)
954{
955 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
956 PPDMDEVINS pDevIns = ATADEVSTATE_2_DEVINS(s);
957
958 if (!(s->uATARegDevCtl & ATA_DEVCTL_DISABLE_IRQ))
959 {
960 Log2(("%s: LUN#%d deasserting IRQ\n", __FUNCTION__, s->iLUN));
961 /* Only actually unset the IRQ line if updating the currently selected drive. */
962 if (s == &pCtl->aIfs[pCtl->iSelectedIf])
963 {
964 if (pCtl->irq == 16)
965 PDMDevHlpPCISetIrqNoWait(pDevIns, 0, 0);
966 else
967 PDMDevHlpISASetIrqNoWait(pDevIns, pCtl->irq, 0);
968 }
969 }
970 s->fIrqPending = false;
971}
972
973#ifdef IN_RING3
974
975static void ataPIOTransferStart(ATADevState *s, uint32_t start, uint32_t size)
976{
977 Log2(("%s: LUN#%d start %d size %d\n", __FUNCTION__, s->iLUN, start, size));
978 s->iIOBufferPIODataStart = start;
979 s->iIOBufferPIODataEnd = start + size;
980 ataSetStatus(s, ATA_STAT_DRQ);
981}
982
983
984static void ataPIOTransferStop(ATADevState *s)
985{
986 Log2(("%s: LUN#%d\n", __FUNCTION__, s->iLUN));
987 if (s->fATAPITransfer)
988 {
989 s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
990 Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
991 ataSetIRQ(s);
992 s->fATAPITransfer = false;
993 }
994 s->cbTotalTransfer = 0;
995 s->cbElementaryTransfer = 0;
996 s->iIOBufferPIODataStart = 0;
997 s->iIOBufferPIODataEnd = 0;
998 s->iBeginTransfer = ATAFN_BT_NULL;
999 s->iSourceSink = ATAFN_SS_NULL;
1000}
1001
1002
1003static void ataPIOTransferLimitATAPI(ATADevState *s)
1004{
1005 uint32_t cbLimit, cbTransfer;
1006
1007 cbLimit = s->uATARegLCyl | (s->uATARegHCyl << 8);
1008 /* Use maximum transfer size if the guest requested 0. Avoids a hang. */
1009 if (cbLimit == 0)
1010 cbLimit = 0xfffe;
1011 Log2(("%s: byte count limit=%d\n", __FUNCTION__, cbLimit));
1012 if (cbLimit == 0xffff)
1013 cbLimit--;
1014 cbTransfer = RT_MIN(s->cbTotalTransfer, s->iIOBufferEnd - s->iIOBufferCur);
1015 if (cbTransfer > cbLimit)
1016 {
1017 /* Byte count limit for clipping must be even in this case */
1018 if (cbLimit & 1)
1019 cbLimit--;
1020 cbTransfer = cbLimit;
1021 }
1022 s->uATARegLCyl = cbTransfer;
1023 s->uATARegHCyl = cbTransfer >> 8;
1024 s->cbElementaryTransfer = cbTransfer;
1025}
1026
1027
1028static uint32_t ataGetNSectors(ATADevState *s)
1029{
1030 /* 0 means either 256 (LBA28) or 65536 (LBA48) sectors. */
1031 if (s->fLBA48)
1032 {
1033 if (!s->uATARegNSector && !s->uATARegNSectorHOB)
1034 return 65536;
1035 else
1036 return s->uATARegNSectorHOB << 8 | s->uATARegNSector;
1037 }
1038 else
1039 {
1040 if (!s->uATARegNSector)
1041 return 256;
1042 else
1043 return s->uATARegNSector;
1044 }
1045}
1046
1047
1048static void ataPadString(uint8_t *pbDst, const char *pbSrc, uint32_t cbSize)
1049{
1050 for (uint32_t i = 0; i < cbSize; i++)
1051 {
1052 if (*pbSrc)
1053 pbDst[i ^ 1] = *pbSrc++;
1054 else
1055 pbDst[i ^ 1] = ' ';
1056 }
1057}
1058
1059
1060static void ataSCSIPadStr(uint8_t *pbDst, const char *pbSrc, uint32_t cbSize)
1061{
1062 for (uint32_t i = 0; i < cbSize; i++)
1063 {
1064 if (*pbSrc)
1065 pbDst[i] = *pbSrc++;
1066 else
1067 pbDst[i] = ' ';
1068 }
1069}
1070
1071
1072DECLINLINE(void) ataH2BE_U16(uint8_t *pbBuf, uint16_t val)
1073{
1074 pbBuf[0] = val >> 8;
1075 pbBuf[1] = val;
1076}
1077
1078
1079DECLINLINE(void) ataH2BE_U24(uint8_t *pbBuf, uint32_t val)
1080{
1081 pbBuf[0] = val >> 16;
1082 pbBuf[1] = val >> 8;
1083 pbBuf[2] = val;
1084}
1085
1086
1087DECLINLINE(void) ataH2BE_U32(uint8_t *pbBuf, uint32_t val)
1088{
1089 pbBuf[0] = val >> 24;
1090 pbBuf[1] = val >> 16;
1091 pbBuf[2] = val >> 8;
1092 pbBuf[3] = val;
1093}
1094
1095
1096DECLINLINE(uint16_t) ataBE2H_U16(const uint8_t *pbBuf)
1097{
1098 return (pbBuf[0] << 8) | pbBuf[1];
1099}
1100
1101
1102DECLINLINE(uint32_t) ataBE2H_U24(const uint8_t *pbBuf)
1103{
1104 return (pbBuf[0] << 16) | (pbBuf[1] << 8) | pbBuf[2];
1105}
1106
1107
1108DECLINLINE(uint32_t) ataBE2H_U32(const uint8_t *pbBuf)
1109{
1110 return (pbBuf[0] << 24) | (pbBuf[1] << 16) | (pbBuf[2] << 8) | pbBuf[3];
1111}
1112
1113
1114DECLINLINE(void) ataLBA2MSF(uint8_t *pbBuf, uint32_t iATAPILBA)
1115{
1116 iATAPILBA += 150;
1117 pbBuf[0] = (iATAPILBA / 75) / 60;
1118 pbBuf[1] = (iATAPILBA / 75) % 60;
1119 pbBuf[2] = iATAPILBA % 75;
1120}
1121
1122
1123DECLINLINE(uint32_t) ataMSF2LBA(const uint8_t *pbBuf)
1124{
1125 return (pbBuf[0] * 60 + pbBuf[1]) * 75 + pbBuf[2];
1126}
1127
1128
1129static void ataCmdOK(ATADevState *s, uint8_t status)
1130{
1131 s->uATARegError = 0; /* Not needed by ATA spec, but cannot hurt. */
1132 ataSetStatusValue(s, ATA_STAT_READY | status);
1133}
1134
1135
1136static void ataCmdError(ATADevState *s, uint8_t uErrorCode)
1137{
1138 Log(("%s: code=%#x\n", __FUNCTION__, uErrorCode));
1139 s->uATARegError = uErrorCode;
1140 ataSetStatusValue(s, ATA_STAT_READY | ATA_STAT_ERR);
1141 s->cbTotalTransfer = 0;
1142 s->cbElementaryTransfer = 0;
1143 s->iIOBufferCur = 0;
1144 s->iIOBufferEnd = 0;
1145 s->uTxDir = PDMBLOCKTXDIR_NONE;
1146 s->iBeginTransfer = ATAFN_BT_NULL;
1147 s->iSourceSink = ATAFN_SS_NULL;
1148}
1149
1150static uint32_t ataChecksum(void* ptr, size_t count)
1151{
1152 uint8_t u8Sum = 0xa5, *p = (uint8_t*)ptr;
1153 size_t i;
1154
1155 for (i = 0; i < count; i++)
1156 {
1157 u8Sum += *p++;
1158 }
1159
1160 return (uint8_t)-(int32_t)u8Sum;
1161}
1162
1163static bool ataIdentifySS(ATADevState *s)
1164{
1165 uint16_t *p;
1166
1167 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1168 Assert(s->cbElementaryTransfer == 512);
1169
1170 p = (uint16_t *)s->CTX_SUFF(pbIOBuffer);
1171 memset(p, 0, 512);
1172 p[0] = RT_H2LE_U16(0x0040);
1173 p[1] = RT_H2LE_U16(RT_MIN(s->PCHSGeometry.cCylinders, 16383));
1174 p[3] = RT_H2LE_U16(s->PCHSGeometry.cHeads);
1175 /* Block size; obsolete, but required for the BIOS. */
1176 p[5] = RT_H2LE_U16(512);
1177 p[6] = RT_H2LE_U16(s->PCHSGeometry.cSectors);
1178 ataPadString((uint8_t *)(p + 10), s->szSerialNumber, ATA_SERIAL_NUMBER_LENGTH); /* serial number */
1179 p[20] = RT_H2LE_U16(3); /* XXX: retired, cache type */
1180 p[21] = RT_H2LE_U16(512); /* XXX: retired, cache size in sectors */
1181 p[22] = RT_H2LE_U16(0); /* ECC bytes per sector */
1182 ataPadString((uint8_t *)(p + 23), s->szFirmwareRevision, ATA_FIRMWARE_REVISION_LENGTH); /* firmware version */
1183 ataPadString((uint8_t *)(p + 27), s->szModelNumber, ATA_MODEL_NUMBER_LENGTH); /* model */
1184#if ATA_MAX_MULT_SECTORS > 1
1185 p[47] = RT_H2LE_U16(0x8000 | ATA_MAX_MULT_SECTORS);
1186#endif
1187 p[48] = RT_H2LE_U16(1); /* dword I/O, used by the BIOS */
1188 p[49] = RT_H2LE_U16(1 << 11 | 1 << 9 | 1 << 8); /* DMA and LBA supported */
1189 p[50] = RT_H2LE_U16(1 << 14); /* No drive specific standby timer minimum */
1190 p[51] = RT_H2LE_U16(240); /* PIO transfer cycle */
1191 p[52] = RT_H2LE_U16(240); /* DMA transfer cycle */
1192 p[53] = RT_H2LE_U16(1 | 1 << 1 | 1 << 2); /* words 54-58,64-70,88 valid */
1193 p[54] = RT_H2LE_U16(RT_MIN(s->PCHSGeometry.cCylinders, 16383));
1194 p[55] = RT_H2LE_U16(s->PCHSGeometry.cHeads);
1195 p[56] = RT_H2LE_U16(s->PCHSGeometry.cSectors);
1196 p[57] = RT_H2LE_U16( RT_MIN(s->PCHSGeometry.cCylinders, 16383)
1197 * s->PCHSGeometry.cHeads
1198 * s->PCHSGeometry.cSectors);
1199 p[58] = RT_H2LE_U16( RT_MIN(s->PCHSGeometry.cCylinders, 16383)
1200 * s->PCHSGeometry.cHeads
1201 * s->PCHSGeometry.cSectors >> 16);
1202 if (s->cMultSectors)
1203 p[59] = RT_H2LE_U16(0x100 | s->cMultSectors);
1204 if (s->cTotalSectors <= (1 << 28) - 1)
1205 {
1206 p[60] = RT_H2LE_U16(s->cTotalSectors);
1207 p[61] = RT_H2LE_U16(s->cTotalSectors >> 16);
1208 }
1209 else
1210 {
1211 /* Report maximum number of sectors possible with LBA28 */
1212 p[60] = RT_H2LE_U16(((1 << 28) - 1) & 0xffff);
1213 p[61] = RT_H2LE_U16(((1 << 28) - 1) >> 16);
1214 }
1215 p[63] = RT_H2LE_U16(ATA_TRANSFER_ID(ATA_MODE_MDMA, ATA_MDMA_MODE_MAX, s->uATATransferMode)); /* MDMA modes supported / mode enabled */
1216 p[64] = RT_H2LE_U16(ATA_PIO_MODE_MAX > 2 ? (1 << (ATA_PIO_MODE_MAX - 2)) - 1 : 0); /* PIO modes beyond PIO2 supported */
1217 p[65] = RT_H2LE_U16(120); /* minimum DMA multiword tx cycle time */
1218 p[66] = RT_H2LE_U16(120); /* recommended DMA multiword tx cycle time */
1219 p[67] = RT_H2LE_U16(120); /* minimum PIO cycle time without flow control */
1220 p[68] = RT_H2LE_U16(120); /* minimum PIO cycle time with IORDY flow control */
1221 p[80] = RT_H2LE_U16(0x7e); /* support everything up to ATA/ATAPI-6 */
1222 p[81] = RT_H2LE_U16(0x22); /* conforms to ATA/ATAPI-6 */
1223 p[82] = RT_H2LE_U16(1 << 3 | 1 << 5 | 1 << 6); /* supports power management, write cache and look-ahead */
1224 if (s->cTotalSectors <= (1 << 28) - 1)
1225 p[83] = RT_H2LE_U16(1 << 14 | 1 << 12); /* supports FLUSH CACHE */
1226 else
1227 p[83] = RT_H2LE_U16(1 << 14 | 1 << 10 | 1 << 12 | 1 << 13); /* supports LBA48, FLUSH CACHE and FLUSH CACHE EXT */
1228 p[84] = RT_H2LE_U16(1 << 14);
1229 p[85] = RT_H2LE_U16(1 << 3 | 1 << 5 | 1 << 6); /* enabled power management, write cache and look-ahead */
1230 if (s->cTotalSectors <= (1 << 28) - 1)
1231 p[86] = RT_H2LE_U16(1 << 12); /* enabled FLUSH CACHE */
1232 else
1233 p[86] = RT_H2LE_U16(1 << 10 | 1 << 12 | 1 << 13); /* enabled LBA48, FLUSH CACHE and FLUSH CACHE EXT */
1234 p[87] = RT_H2LE_U16(1 << 14);
1235 p[88] = RT_H2LE_U16(ATA_TRANSFER_ID(ATA_MODE_UDMA, ATA_UDMA_MODE_MAX, s->uATATransferMode)); /* UDMA modes supported / mode enabled */
1236 p[93] = RT_H2LE_U16((1 | 1 << 1) << ((s->iLUN & 1) == 0 ? 0 : 8) | 1 << 13 | 1 << 14);
1237 if (s->cTotalSectors > (1 << 28) - 1)
1238 {
1239 p[100] = RT_H2LE_U16(s->cTotalSectors);
1240 p[101] = RT_H2LE_U16(s->cTotalSectors >> 16);
1241 p[102] = RT_H2LE_U16(s->cTotalSectors >> 32);
1242 p[103] = RT_H2LE_U16(s->cTotalSectors >> 48);
1243 }
1244 uint32_t uCsum = ataChecksum(p, 510);
1245 p[255] = RT_H2LE_U16(0xa5 | (uCsum << 8)); /* Integrity word */
1246 s->iSourceSink = ATAFN_SS_NULL;
1247 ataCmdOK(s, ATA_STAT_SEEK);
1248 return false;
1249}
1250
1251
1252static bool ataFlushSS(ATADevState *s)
1253{
1254 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1255 int rc;
1256
1257 Assert(s->uTxDir == PDMBLOCKTXDIR_NONE);
1258 Assert(!s->cbElementaryTransfer);
1259
1260 PDMCritSectLeave(&pCtl->lock);
1261
1262 STAM_PROFILE_START(&s->StatFlushes, f);
1263 rc = s->pDrvBlock->pfnFlush(s->pDrvBlock);
1264 AssertRC(rc);
1265 STAM_PROFILE_STOP(&s->StatFlushes, f);
1266
1267 STAM_PROFILE_START(&pCtl->StatLockWait, a);
1268 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
1269 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
1270 ataCmdOK(s, 0);
1271 return false;
1272}
1273
1274static bool atapiIdentifySS(ATADevState *s)
1275{
1276 uint16_t *p;
1277
1278 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1279 Assert(s->cbElementaryTransfer == 512);
1280
1281 p = (uint16_t *)s->CTX_SUFF(pbIOBuffer);
1282 memset(p, 0, 512);
1283 /* Removable CDROM, 50us response, 12 byte packets */
1284 p[0] = RT_H2LE_U16(2 << 14 | 5 << 8 | 1 << 7 | 2 << 5 | 0 << 0);
1285 ataPadString((uint8_t *)(p + 10), s->szSerialNumber, ATA_SERIAL_NUMBER_LENGTH); /* serial number */
1286 p[20] = RT_H2LE_U16(3); /* XXX: retired, cache type */
1287 p[21] = RT_H2LE_U16(512); /* XXX: retired, cache size in sectors */
1288 ataPadString((uint8_t *)(p + 23), s->szFirmwareRevision, ATA_FIRMWARE_REVISION_LENGTH); /* firmware version */
1289 ataPadString((uint8_t *)(p + 27), s->szModelNumber, ATA_MODEL_NUMBER_LENGTH); /* model */
1290 p[49] = RT_H2LE_U16(1 << 11 | 1 << 9 | 1 << 8); /* DMA and LBA supported */
1291 p[50] = RT_H2LE_U16(1 << 14); /* No drive specific standby timer minimum */
1292 p[51] = RT_H2LE_U16(240); /* PIO transfer cycle */
1293 p[52] = RT_H2LE_U16(240); /* DMA transfer cycle */
1294 p[53] = RT_H2LE_U16(1 << 1 | 1 << 2); /* words 64-70,88 are valid */
1295 p[63] = RT_H2LE_U16(ATA_TRANSFER_ID(ATA_MODE_MDMA, ATA_MDMA_MODE_MAX, s->uATATransferMode)); /* MDMA modes supported / mode enabled */
1296 p[64] = RT_H2LE_U16(ATA_PIO_MODE_MAX > 2 ? (1 << (ATA_PIO_MODE_MAX - 2)) - 1 : 0); /* PIO modes beyond PIO2 supported */
1297 p[65] = RT_H2LE_U16(120); /* minimum DMA multiword tx cycle time */
1298 p[66] = RT_H2LE_U16(120); /* recommended DMA multiword tx cycle time */
1299 p[67] = RT_H2LE_U16(120); /* minimum PIO cycle time without flow control */
1300 p[68] = RT_H2LE_U16(120); /* minimum PIO cycle time with IORDY flow control */
1301 p[73] = RT_H2LE_U16(0x003e); /* ATAPI CDROM major */
1302 p[74] = RT_H2LE_U16(9); /* ATAPI CDROM minor */
1303 p[75] = RT_H2LE_U16(1); /* queue depth 1 */
1304 p[80] = RT_H2LE_U16(0x7e); /* support everything up to ATA/ATAPI-6 */
1305 p[81] = RT_H2LE_U16(0x22); /* conforms to ATA/ATAPI-6 */
1306 p[82] = RT_H2LE_U16(1 << 4 | 1 << 9); /* supports packet command set and DEVICE RESET */
1307 p[83] = RT_H2LE_U16(1 << 14);
1308 p[84] = RT_H2LE_U16(1 << 14);
1309 p[85] = RT_H2LE_U16(1 << 4 | 1 << 9); /* enabled packet command set and DEVICE RESET */
1310 p[86] = RT_H2LE_U16(0);
1311 p[87] = RT_H2LE_U16(1 << 14);
1312 p[88] = RT_H2LE_U16(ATA_TRANSFER_ID(ATA_MODE_UDMA, ATA_UDMA_MODE_MAX, s->uATATransferMode)); /* UDMA modes supported / mode enabled */
1313 p[93] = RT_H2LE_U16((1 | 1 << 1) << ((s->iLUN & 1) == 0 ? 0 : 8) | 1 << 13 | 1 << 14);
1314 /* According to ATAPI-5 spec:
1315 *
1316 * The use of this word is optional.
1317 * If bits 7:0 of this word contain the signature A5h, bits 15:8
1318 * contain the data
1319 * structure checksum.
1320 * The data structure checksum is the twos complement of the sum of
1321 * all bytes in words 0 through 254 and the byte consisting of
1322 * bits 7:0 in word 255.
1323 * Each byte shall be added with unsigned arithmetic,
1324 * and overflow shall be ignored.
1325 * The sum of all 512 bytes is zero when the checksum is correct.
1326 */
1327 uint32_t uCsum = ataChecksum(p, 510);
1328 p[255] = RT_H2LE_U16(0xa5 | (uCsum << 8)); /* Integrity word */
1329
1330 s->iSourceSink = ATAFN_SS_NULL;
1331 ataCmdOK(s, ATA_STAT_SEEK);
1332 return false;
1333}
1334
1335
1336static void ataSetSignature(ATADevState *s)
1337{
1338 s->uATARegSelect &= 0xf0; /* clear head */
1339 /* put signature */
1340 s->uATARegNSector = 1;
1341 s->uATARegSector = 1;
1342 if (s->fATAPI)
1343 {
1344 s->uATARegLCyl = 0x14;
1345 s->uATARegHCyl = 0xeb;
1346 }
1347 else if (s->pDrvBlock)
1348 {
1349 s->uATARegLCyl = 0;
1350 s->uATARegHCyl = 0;
1351 }
1352 else
1353 {
1354 s->uATARegLCyl = 0xff;
1355 s->uATARegHCyl = 0xff;
1356 }
1357}
1358
1359
1360static uint64_t ataGetSector(ATADevState *s)
1361{
1362 uint64_t iLBA;
1363 if (s->uATARegSelect & 0x40)
1364 {
1365 /* any LBA variant */
1366 if (s->fLBA48)
1367 {
1368 /* LBA48 */
1369 iLBA = ((uint64_t)s->uATARegHCylHOB << 40) |
1370 ((uint64_t)s->uATARegLCylHOB << 32) |
1371 ((uint64_t)s->uATARegSectorHOB << 24) |
1372 ((uint64_t)s->uATARegHCyl << 16) |
1373 ((uint64_t)s->uATARegLCyl << 8) |
1374 s->uATARegSector;
1375 }
1376 else
1377 {
1378 /* LBA */
1379 iLBA = ((s->uATARegSelect & 0x0f) << 24) | (s->uATARegHCyl << 16) |
1380 (s->uATARegLCyl << 8) | s->uATARegSector;
1381 }
1382 }
1383 else
1384 {
1385 /* CHS */
1386 iLBA = ((s->uATARegHCyl << 8) | s->uATARegLCyl) * s->PCHSGeometry.cHeads * s->PCHSGeometry.cSectors +
1387 (s->uATARegSelect & 0x0f) * s->PCHSGeometry.cSectors +
1388 (s->uATARegSector - 1);
1389 }
1390 return iLBA;
1391}
1392
1393static void ataSetSector(ATADevState *s, uint64_t iLBA)
1394{
1395 uint32_t cyl, r;
1396 if (s->uATARegSelect & 0x40)
1397 {
1398 /* any LBA variant */
1399 if (s->fLBA48)
1400 {
1401 /* LBA48 */
1402 s->uATARegHCylHOB = iLBA >> 40;
1403 s->uATARegLCylHOB = iLBA >> 32;
1404 s->uATARegSectorHOB = iLBA >> 24;
1405 s->uATARegHCyl = iLBA >> 16;
1406 s->uATARegLCyl = iLBA >> 8;
1407 s->uATARegSector = iLBA;
1408 }
1409 else
1410 {
1411 /* LBA */
1412 s->uATARegSelect = (s->uATARegSelect & 0xf0) | (iLBA >> 24);
1413 s->uATARegHCyl = (iLBA >> 16);
1414 s->uATARegLCyl = (iLBA >> 8);
1415 s->uATARegSector = (iLBA);
1416 }
1417 }
1418 else
1419 {
1420 /* CHS */
1421 cyl = iLBA / (s->PCHSGeometry.cHeads * s->PCHSGeometry.cSectors);
1422 r = iLBA % (s->PCHSGeometry.cHeads * s->PCHSGeometry.cSectors);
1423 s->uATARegHCyl = cyl >> 8;
1424 s->uATARegLCyl = cyl;
1425 s->uATARegSelect = (s->uATARegSelect & 0xf0) | ((r / s->PCHSGeometry.cSectors) & 0x0f);
1426 s->uATARegSector = (r % s->PCHSGeometry.cSectors) + 1;
1427 }
1428}
1429
1430
1431static void ataWarningDiskFull(PPDMDEVINS pDevIns)
1432{
1433 int rc;
1434 LogRel(("PIIX3 ATA: Host disk full\n"));
1435 rc = PDMDevHlpVMSetRuntimeError(pDevIns, 0 /*fFlags*/, "DevATA_DISKFULL",
1436 N_("Host system reported disk full. VM execution is suspended. You can resume after freeing some space"));
1437 AssertRC(rc);
1438}
1439
1440static void ataWarningFileTooBig(PPDMDEVINS pDevIns)
1441{
1442 int rc;
1443 LogRel(("PIIX3 ATA: File too big\n"));
1444 rc = PDMDevHlpVMSetRuntimeError(pDevIns, 0 /*fFlags*/, "DevATA_FILETOOBIG",
1445 N_("Host system reported that the file size limit of the host file system has been exceeded. VM execution is suspended. You need to move your virtual hard disk to a filesystem which allows bigger files"));
1446 AssertRC(rc);
1447}
1448
1449static void ataWarningISCSI(PPDMDEVINS pDevIns)
1450{
1451 int rc;
1452 LogRel(("PIIX3 ATA: iSCSI target unavailable\n"));
1453 rc = PDMDevHlpVMSetRuntimeError(pDevIns, 0 /*fFlags*/, "DevATA_ISCSIDOWN",
1454 N_("The iSCSI target has stopped responding. VM execution is suspended. You can resume when it is available again"));
1455 AssertRC(rc);
1456}
1457
1458/**
1459 * Suspend I/O operations on a controller. Also suspends EMT, because it's
1460 * waiting for I/O to make progress. The next attempt to perform an I/O
1461 * operation will be made when EMT is resumed up again (as the resume
1462 * callback below restarts I/O).
1463 *
1464 * @param pCtl Controller for which to suspend I/O.
1465 */
1466static void ataSuspendRedo(PATACONTROLLER pCtl)
1467{
1468 PPDMDEVINS pDevIns = CONTROLLER_2_DEVINS(pCtl);
1469 int rc;
1470
1471 pCtl->fRedoIdle = true;
1472 rc = VMR3ReqCallWait(PDMDevHlpGetVM(pDevIns), VMCPUID_ANY,
1473 (PFNRT)PDMDevHlpVMSuspend, 1, pDevIns);
1474 AssertReleaseRC(rc);
1475}
1476
1477bool ataIsRedoSetWarning(ATADevState *s, int rc)
1478{
1479 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1480 Assert(!PDMCritSectIsOwner(&pCtl->lock));
1481 if (rc == VERR_DISK_FULL)
1482 {
1483 ataWarningDiskFull(ATADEVSTATE_2_DEVINS(s));
1484 ataSuspendRedo(pCtl);
1485 return true;
1486 }
1487 if (rc == VERR_FILE_TOO_BIG)
1488 {
1489 ataWarningFileTooBig(ATADEVSTATE_2_DEVINS(s));
1490 ataSuspendRedo(pCtl);
1491 return true;
1492 }
1493 if (rc == VERR_BROKEN_PIPE || rc == VERR_NET_CONNECTION_REFUSED)
1494 {
1495 /* iSCSI connection abort (first error) or failure to reestablish
1496 * connection (second error). Pause VM. On resume we'll retry. */
1497 ataWarningISCSI(ATADEVSTATE_2_DEVINS(s));
1498 ataSuspendRedo(pCtl);
1499 return true;
1500 }
1501 return false;
1502}
1503
1504
1505static int ataReadSectors(ATADevState *s, uint64_t u64Sector, void *pvBuf, uint32_t cSectors, bool *fRedo)
1506{
1507 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1508 int rc;
1509
1510 PDMCritSectLeave(&pCtl->lock);
1511
1512 STAM_PROFILE_ADV_START(&s->StatReads, r);
1513 s->Led.Asserted.s.fReading = s->Led.Actual.s.fReading = 1;
1514 rc = s->pDrvBlock->pfnRead(s->pDrvBlock, u64Sector * 512, pvBuf, cSectors * 512);
1515 s->Led.Actual.s.fReading = 0;
1516 STAM_PROFILE_ADV_STOP(&s->StatReads, r);
1517
1518 STAM_REL_COUNTER_ADD(&s->StatBytesRead, cSectors * 512);
1519
1520 if (RT_SUCCESS(rc))
1521 *fRedo = false;
1522 else
1523 *fRedo = ataIsRedoSetWarning(s, rc);
1524
1525 STAM_PROFILE_START(&pCtl->StatLockWait, a);
1526 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
1527 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
1528 return rc;
1529}
1530
1531
1532static int ataWriteSectors(ATADevState *s, uint64_t u64Sector, const void *pvBuf, uint32_t cSectors, bool *fRedo)
1533{
1534 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1535 int rc;
1536
1537 PDMCritSectLeave(&pCtl->lock);
1538
1539 STAM_PROFILE_ADV_START(&s->StatWrites, w);
1540 s->Led.Asserted.s.fWriting = s->Led.Actual.s.fWriting = 1;
1541#ifdef VBOX_INSTRUMENT_DMA_WRITES
1542 if (s->fDMA)
1543 STAM_PROFILE_ADV_START(&s->StatInstrVDWrites, vw);
1544#endif
1545 rc = s->pDrvBlock->pfnWrite(s->pDrvBlock, u64Sector * 512, pvBuf, cSectors * 512);
1546#ifdef VBOX_INSTRUMENT_DMA_WRITES
1547 if (s->fDMA)
1548 STAM_PROFILE_ADV_STOP(&s->StatInstrVDWrites, vw);
1549#endif
1550 s->Led.Actual.s.fWriting = 0;
1551 STAM_PROFILE_ADV_STOP(&s->StatWrites, w);
1552
1553 STAM_REL_COUNTER_ADD(&s->StatBytesWritten, cSectors * 512);
1554
1555 if (RT_SUCCESS(rc))
1556 *fRedo = false;
1557 else
1558 *fRedo = ataIsRedoSetWarning(s, rc);
1559
1560 STAM_PROFILE_START(&pCtl->StatLockWait, a);
1561 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
1562 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
1563 return rc;
1564}
1565
1566
1567static void ataReadWriteSectorsBT(ATADevState *s)
1568{
1569 uint32_t cSectors;
1570
1571 cSectors = s->cbTotalTransfer / 512;
1572 if (cSectors > s->cSectorsPerIRQ)
1573 s->cbElementaryTransfer = s->cSectorsPerIRQ * 512;
1574 else
1575 s->cbElementaryTransfer = cSectors * 512;
1576 if (s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE)
1577 ataCmdOK(s, 0);
1578}
1579
1580
1581static bool ataReadSectorsSS(ATADevState *s)
1582{
1583 int rc;
1584 uint32_t cSectors;
1585 uint64_t iLBA;
1586 bool fRedo;
1587
1588 cSectors = s->cbElementaryTransfer / 512;
1589 Assert(cSectors);
1590 iLBA = ataGetSector(s);
1591 Log(("%s: %d sectors at LBA %d\n", __FUNCTION__, cSectors, iLBA));
1592 rc = ataReadSectors(s, iLBA, s->CTX_SUFF(pbIOBuffer), cSectors, &fRedo);
1593 if (RT_SUCCESS(rc))
1594 {
1595 ataSetSector(s, iLBA + cSectors);
1596 if (s->cbElementaryTransfer == s->cbTotalTransfer)
1597 s->iSourceSink = ATAFN_SS_NULL;
1598 ataCmdOK(s, ATA_STAT_SEEK);
1599 }
1600 else
1601 {
1602 if (fRedo)
1603 return fRedo;
1604 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
1605 LogRel(("PIIX3 ATA: LUN#%d: disk read error (rc=%Rrc iSector=%#RX64 cSectors=%#RX32)\n",
1606 s->iLUN, rc, iLBA, cSectors));
1607
1608 /*
1609 * Check if we got interrupted. We don't need to set status variables
1610 * because the request was aborted.
1611 */
1612 if (rc != VERR_INTERRUPTED)
1613 ataCmdError(s, ID_ERR);
1614 }
1615 return false;
1616}
1617
1618
1619static bool ataWriteSectorsSS(ATADevState *s)
1620{
1621 int rc;
1622 uint32_t cSectors;
1623 uint64_t iLBA;
1624 bool fRedo;
1625
1626 cSectors = s->cbElementaryTransfer / 512;
1627 Assert(cSectors);
1628 iLBA = ataGetSector(s);
1629 Log(("%s: %d sectors at LBA %d\n", __FUNCTION__, cSectors, iLBA));
1630 rc = ataWriteSectors(s, iLBA, s->CTX_SUFF(pbIOBuffer), cSectors, &fRedo);
1631 if (RT_SUCCESS(rc))
1632 {
1633 ataSetSector(s, iLBA + cSectors);
1634 if (!s->cbTotalTransfer)
1635 s->iSourceSink = ATAFN_SS_NULL;
1636 ataCmdOK(s, ATA_STAT_SEEK);
1637 }
1638 else
1639 {
1640 if (fRedo)
1641 return fRedo;
1642 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
1643 LogRel(("PIIX3 ATA: LUN#%d: disk write error (rc=%Rrc iSector=%#RX64 cSectors=%#RX32)\n",
1644 s->iLUN, rc, iLBA, cSectors));
1645
1646 /*
1647 * Check if we got interrupted. We don't need to set status variables
1648 * because the request was aborted.
1649 */
1650 if (rc != VERR_INTERRUPTED)
1651 ataCmdError(s, ID_ERR);
1652 }
1653 return false;
1654}
1655
1656
1657static void atapiCmdOK(ATADevState *s)
1658{
1659 s->uATARegError = 0;
1660 ataSetStatusValue(s, ATA_STAT_READY);
1661 s->uATARegNSector = (s->uATARegNSector & ~7)
1662 | ((s->uTxDir != PDMBLOCKTXDIR_TO_DEVICE) ? ATAPI_INT_REASON_IO : 0)
1663 | (!s->cbTotalTransfer ? ATAPI_INT_REASON_CD : 0);
1664 Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
1665
1666 memset(s->abATAPISense, '\0', sizeof(s->abATAPISense));
1667 s->abATAPISense[0] = 0x70 | (1 << 7);
1668 s->abATAPISense[7] = 10;
1669}
1670
1671
1672static void atapiCmdError(ATADevState *s, const uint8_t *pabATAPISense, size_t cbATAPISense)
1673{
1674 Log(("%s: sense=%#x (%s) asc=%#x ascq=%#x (%s)\n", __FUNCTION__, pabATAPISense[2] & 0x0f, SCSISenseText(pabATAPISense[2] & 0x0f),
1675 pabATAPISense[12], pabATAPISense[13], SCSISenseExtText(pabATAPISense[12], pabATAPISense[13])));
1676 s->uATARegError = pabATAPISense[2] << 4;
1677 ataSetStatusValue(s, ATA_STAT_READY | ATA_STAT_ERR);
1678 s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1679 Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
1680 memset(s->abATAPISense, '\0', sizeof(s->abATAPISense));
1681 memcpy(s->abATAPISense, pabATAPISense, RT_MIN(cbATAPISense, sizeof(s->abATAPISense)));
1682 s->cbTotalTransfer = 0;
1683 s->cbElementaryTransfer = 0;
1684 s->iIOBufferCur = 0;
1685 s->iIOBufferEnd = 0;
1686 s->uTxDir = PDMBLOCKTXDIR_NONE;
1687 s->iBeginTransfer = ATAFN_BT_NULL;
1688 s->iSourceSink = ATAFN_SS_NULL;
1689}
1690
1691
1692/** @todo deprecated function - doesn't provide enough info. Replace by direct
1693 * calls to atapiCmdError() with full data. */
1694static void atapiCmdErrorSimple(ATADevState *s, uint8_t uATAPISenseKey, uint8_t uATAPIASC)
1695{
1696 uint8_t abATAPISense[ATAPI_SENSE_SIZE];
1697 memset(abATAPISense, '\0', sizeof(abATAPISense));
1698 abATAPISense[0] = 0x70 | (1 << 7);
1699 abATAPISense[2] = uATAPISenseKey & 0x0f;
1700 abATAPISense[7] = 10;
1701 abATAPISense[12] = uATAPIASC;
1702 atapiCmdError(s, abATAPISense, sizeof(abATAPISense));
1703}
1704
1705
1706static void atapiCmdBT(ATADevState *s)
1707{
1708 s->fATAPITransfer = true;
1709 s->cbElementaryTransfer = s->cbTotalTransfer;
1710 if (s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE)
1711 atapiCmdOK(s);
1712}
1713
1714
1715static void atapiPassthroughCmdBT(ATADevState *s)
1716{
1717 /* @todo implement an algorithm for correctly determining the read and
1718 * write sector size without sending additional commands to the drive.
1719 * This should be doable by saving processing the configuration requests
1720 * and replies. */
1721#if 0
1722 if (s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE)
1723 {
1724 uint8_t cmd = s->aATAPICmd[0];
1725 if (cmd == SCSI_WRITE_10 || cmd == SCSI_WRITE_12 || cmd == SCSI_WRITE_AND_VERIFY_10)
1726 {
1727 uint8_t aModeSenseCmd[10];
1728 uint8_t aModeSenseResult[16];
1729 uint8_t uDummySense;
1730 uint32_t cbTransfer;
1731 int rc;
1732
1733 cbTransfer = sizeof(aModeSenseResult);
1734 aModeSenseCmd[0] = SCSI_MODE_SENSE_10;
1735 aModeSenseCmd[1] = 0x08; /* disable block descriptor = 1 */
1736 aModeSenseCmd[2] = (SCSI_PAGECONTROL_CURRENT << 6) | SCSI_MODEPAGE_WRITE_PARAMETER;
1737 aModeSenseCmd[3] = 0; /* subpage code */
1738 aModeSenseCmd[4] = 0; /* reserved */
1739 aModeSenseCmd[5] = 0; /* reserved */
1740 aModeSenseCmd[6] = 0; /* reserved */
1741 aModeSenseCmd[7] = cbTransfer >> 8;
1742 aModeSenseCmd[8] = cbTransfer & 0xff;
1743 aModeSenseCmd[9] = 0; /* control */
1744 rc = s->pDrvBlock->pfnSendCmd(s->pDrvBlock, aModeSenseCmd, PDMBLOCKTXDIR_FROM_DEVICE, aModeSenseResult, &cbTransfer, &uDummySense, 500);
1745 if (RT_FAILURE(rc))
1746 {
1747 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_NONE);
1748 return;
1749 }
1750 /* Select sector size based on the current data block type. */
1751 switch (aModeSenseResult[12] & 0x0f)
1752 {
1753 case 0:
1754 s->cbATAPISector = 2352;
1755 break;
1756 case 1:
1757 s->cbATAPISector = 2368;
1758 break;
1759 case 2:
1760 case 3:
1761 s->cbATAPISector = 2448;
1762 break;
1763 case 8:
1764 case 10:
1765 s->cbATAPISector = 2048;
1766 break;
1767 case 9:
1768 s->cbATAPISector = 2336;
1769 break;
1770 case 11:
1771 s->cbATAPISector = 2056;
1772 break;
1773 case 12:
1774 s->cbATAPISector = 2324;
1775 break;
1776 case 13:
1777 s->cbATAPISector = 2332;
1778 break;
1779 default:
1780 s->cbATAPISector = 0;
1781 }
1782 Log2(("%s: sector size %d\n", __FUNCTION__, s->cbATAPISector));
1783 s->cbTotalTransfer *= s->cbATAPISector;
1784 if (s->cbTotalTransfer == 0)
1785 s->uTxDir = PDMBLOCKTXDIR_NONE;
1786 }
1787 }
1788#endif
1789 atapiCmdBT(s);
1790}
1791
1792
1793static bool atapiReadSS(ATADevState *s)
1794{
1795 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1796 int rc = VINF_SUCCESS;
1797 uint32_t cbTransfer, cSectors;
1798
1799 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
1800 cbTransfer = RT_MIN(s->cbTotalTransfer, s->cbIOBuffer);
1801 cSectors = cbTransfer / s->cbATAPISector;
1802 Assert(cSectors * s->cbATAPISector <= cbTransfer);
1803 Log(("%s: %d sectors at LBA %d\n", __FUNCTION__, cSectors, s->iATAPILBA));
1804
1805 PDMCritSectLeave(&pCtl->lock);
1806
1807 STAM_PROFILE_ADV_START(&s->StatReads, r);
1808 s->Led.Asserted.s.fReading = s->Led.Actual.s.fReading = 1;
1809 switch (s->cbATAPISector)
1810 {
1811 case 2048:
1812 rc = s->pDrvBlock->pfnRead(s->pDrvBlock, (uint64_t)s->iATAPILBA * s->cbATAPISector, s->CTX_SUFF(pbIOBuffer), s->cbATAPISector * cSectors);
1813 break;
1814 case 2352:
1815 {
1816 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
1817
1818 for (uint32_t i = s->iATAPILBA; i < s->iATAPILBA + cSectors; i++)
1819 {
1820 /* Sync bytes, see 4.2.3.8 CD Main Channel Block Formats */
1821 *pbBuf++ = 0x00;
1822 memset(pbBuf, 0xff, 10);
1823 pbBuf += 10;
1824 *pbBuf++ = 0x00;
1825 /* MSF */
1826 ataLBA2MSF(pbBuf, i);
1827 pbBuf += 3;
1828 *pbBuf++ = 0x01; /* mode 1 data */
1829 /* data */
1830 rc = s->pDrvBlock->pfnRead(s->pDrvBlock, (uint64_t)i * 2048, pbBuf, 2048);
1831 if (RT_FAILURE(rc))
1832 break;
1833 pbBuf += 2048;
1834 /**
1835 * @todo: maybe compute ECC and parity, layout is:
1836 * 2072 4 EDC
1837 * 2076 172 P parity symbols
1838 * 2248 104 Q parity symbols
1839 */
1840 memset(pbBuf, 0, 280);
1841 pbBuf += 280;
1842 }
1843 }
1844 break;
1845 default:
1846 break;
1847 }
1848 STAM_PROFILE_ADV_STOP(&s->StatReads, r);
1849
1850 STAM_PROFILE_START(&pCtl->StatLockWait, a);
1851 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
1852 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
1853
1854 if (RT_SUCCESS(rc))
1855 {
1856 s->Led.Actual.s.fReading = 0;
1857 STAM_REL_COUNTER_ADD(&s->StatBytesRead, s->cbATAPISector * cSectors);
1858
1859 /* The initial buffer end value has been set up based on the total
1860 * transfer size. But the I/O buffer size limits what can actually be
1861 * done in one transfer, so set the actual value of the buffer end. */
1862 s->cbElementaryTransfer = cbTransfer;
1863 if (cbTransfer >= s->cbTotalTransfer)
1864 s->iSourceSink = ATAFN_SS_NULL;
1865 atapiCmdOK(s);
1866 s->iATAPILBA += cSectors;
1867 }
1868 else
1869 {
1870 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
1871 LogRel(("PIIX3 ATA: LUN#%d: CD-ROM read error, %d sectors at LBA %d\n", s->iLUN, cSectors, s->iATAPILBA));
1872
1873 /*
1874 * Check if we got interrupted. We don't need to set status variables
1875 * because the request was aborted.
1876 */
1877 if (rc != VERR_INTERRUPTED)
1878 atapiCmdErrorSimple(s, SCSI_SENSE_MEDIUM_ERROR, SCSI_ASC_READ_ERROR);
1879 }
1880 return false;
1881}
1882
1883
1884static bool atapiPassthroughSS(ATADevState *s)
1885{
1886 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
1887 int rc = VINF_SUCCESS;
1888 uint8_t abATAPISense[ATAPI_SENSE_SIZE];
1889 uint32_t cbTransfer;
1890 PSTAMPROFILEADV pProf = NULL;
1891
1892 cbTransfer = s->cbElementaryTransfer;
1893
1894 if (s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE)
1895 Log3(("ATAPI PT data write (%d): %.*Rhxs\n", cbTransfer, cbTransfer, s->CTX_SUFF(pbIOBuffer)));
1896
1897 /* Simple heuristics: if there is at least one sector of data
1898 * to transfer, it's worth updating the LEDs. */
1899 if (cbTransfer >= 2048)
1900 {
1901 if (s->uTxDir != PDMBLOCKTXDIR_TO_DEVICE)
1902 {
1903 s->Led.Asserted.s.fReading = s->Led.Actual.s.fReading = 1;
1904 pProf = &s->StatReads;
1905 }
1906 else
1907 {
1908 s->Led.Asserted.s.fWriting = s->Led.Actual.s.fWriting = 1;
1909 pProf = &s->StatWrites;
1910 }
1911 }
1912
1913 PDMCritSectLeave(&pCtl->lock);
1914
1915 if (pProf) { STAM_PROFILE_ADV_START(pProf, b); }
1916 if (cbTransfer > SCSI_MAX_BUFFER_SIZE)
1917 {
1918 /* Linux accepts commands with up to 100KB of data, but expects
1919 * us to handle commands with up to 128KB of data. The usual
1920 * imbalance of powers. */
1921 uint8_t aATAPICmd[ATAPI_PACKET_SIZE];
1922 uint32_t iATAPILBA, cSectors, cReqSectors, cbCurrTX;
1923 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
1924
1925 switch (s->aATAPICmd[0])
1926 {
1927 case SCSI_READ_10:
1928 case SCSI_WRITE_10:
1929 case SCSI_WRITE_AND_VERIFY_10:
1930 iATAPILBA = ataBE2H_U32(s->aATAPICmd + 2);
1931 cSectors = ataBE2H_U16(s->aATAPICmd + 7);
1932 break;
1933 case SCSI_READ_12:
1934 case SCSI_WRITE_12:
1935 iATAPILBA = ataBE2H_U32(s->aATAPICmd + 2);
1936 cSectors = ataBE2H_U32(s->aATAPICmd + 6);
1937 break;
1938 case SCSI_READ_CD:
1939 iATAPILBA = ataBE2H_U32(s->aATAPICmd + 2);
1940 cSectors = ataBE2H_U24(s->aATAPICmd + 6) / s->cbATAPISector;
1941 break;
1942 case SCSI_READ_CD_MSF:
1943 iATAPILBA = ataMSF2LBA(s->aATAPICmd + 3);
1944 cSectors = ataMSF2LBA(s->aATAPICmd + 6) - iATAPILBA;
1945 break;
1946 default:
1947 AssertMsgFailed(("Don't know how to split command %#04x\n", s->aATAPICmd[0]));
1948 if (s->cErrors++ < MAX_LOG_REL_ERRORS)
1949 LogRel(("PIIX3 ATA: LUN#%d: CD-ROM passthrough split error\n", s->iLUN));
1950 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_ILLEGAL_OPCODE);
1951 {
1952 STAM_PROFILE_START(&pCtl->StatLockWait, a);
1953 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
1954 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
1955 }
1956 return false;
1957 }
1958 memcpy(aATAPICmd, s->aATAPICmd, ATAPI_PACKET_SIZE);
1959 cReqSectors = 0;
1960 for (uint32_t i = cSectors; i > 0; i -= cReqSectors)
1961 {
1962 if (i * s->cbATAPISector > SCSI_MAX_BUFFER_SIZE)
1963 cReqSectors = SCSI_MAX_BUFFER_SIZE / s->cbATAPISector;
1964 else
1965 cReqSectors = i;
1966 cbCurrTX = s->cbATAPISector * cReqSectors;
1967 switch (s->aATAPICmd[0])
1968 {
1969 case SCSI_READ_10:
1970 case SCSI_WRITE_10:
1971 case SCSI_WRITE_AND_VERIFY_10:
1972 ataH2BE_U32(aATAPICmd + 2, iATAPILBA);
1973 ataH2BE_U16(aATAPICmd + 7, cReqSectors);
1974 break;
1975 case SCSI_READ_12:
1976 case SCSI_WRITE_12:
1977 ataH2BE_U32(aATAPICmd + 2, iATAPILBA);
1978 ataH2BE_U32(aATAPICmd + 6, cReqSectors);
1979 break;
1980 case SCSI_READ_CD:
1981 ataH2BE_U32(s->aATAPICmd + 2, iATAPILBA);
1982 ataH2BE_U24(s->aATAPICmd + 6, cbCurrTX);
1983 break;
1984 case SCSI_READ_CD_MSF:
1985 ataLBA2MSF(aATAPICmd + 3, iATAPILBA);
1986 ataLBA2MSF(aATAPICmd + 6, iATAPILBA + cReqSectors);
1987 break;
1988 }
1989 rc = s->pDrvBlock->pfnSendCmd(s->pDrvBlock, aATAPICmd, (PDMBLOCKTXDIR)s->uTxDir, pbBuf, &cbCurrTX, abATAPISense, sizeof(abATAPISense), 30000 /**< @todo timeout */);
1990 if (rc != VINF_SUCCESS)
1991 break;
1992 iATAPILBA += cReqSectors;
1993 pbBuf += s->cbATAPISector * cReqSectors;
1994 }
1995 }
1996 else
1997 rc = s->pDrvBlock->pfnSendCmd(s->pDrvBlock, s->aATAPICmd, (PDMBLOCKTXDIR)s->uTxDir, s->CTX_SUFF(pbIOBuffer), &cbTransfer, abATAPISense, sizeof(abATAPISense), 30000 /**< @todo timeout */);
1998 if (pProf) { STAM_PROFILE_ADV_STOP(pProf, b); }
1999
2000 STAM_PROFILE_START(&pCtl->StatLockWait, a);
2001 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
2002 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
2003
2004 /* Update the LEDs and the read/write statistics. */
2005 if (cbTransfer >= 2048)
2006 {
2007 if (s->uTxDir != PDMBLOCKTXDIR_TO_DEVICE)
2008 {
2009 s->Led.Actual.s.fReading = 0;
2010 STAM_REL_COUNTER_ADD(&s->StatBytesRead, cbTransfer);
2011 }
2012 else
2013 {
2014 s->Led.Actual.s.fWriting = 0;
2015 STAM_REL_COUNTER_ADD(&s->StatBytesWritten, cbTransfer);
2016 }
2017 }
2018
2019 if (RT_SUCCESS(rc))
2020 {
2021 if (s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE)
2022 {
2023 Assert(cbTransfer <= s->cbTotalTransfer);
2024 /* Reply with the same amount of data as the real drive. */
2025 s->cbTotalTransfer = cbTransfer;
2026 /* The initial buffer end value has been set up based on the total
2027 * transfer size. But the I/O buffer size limits what can actually be
2028 * done in one transfer, so set the actual value of the buffer end. */
2029 s->cbElementaryTransfer = cbTransfer;
2030 if (s->aATAPICmd[0] == SCSI_INQUIRY)
2031 {
2032 /* Make sure that the real drive cannot be identified.
2033 * Motivation: changing the VM configuration should be as
2034 * invisible as possible to the guest. */
2035 Log3(("ATAPI PT inquiry data before (%d): %.*Rhxs\n", cbTransfer, cbTransfer, s->CTX_SUFF(pbIOBuffer)));
2036 ataSCSIPadStr(s->CTX_SUFF(pbIOBuffer) + 8, "VBOX", 8);
2037 ataSCSIPadStr(s->CTX_SUFF(pbIOBuffer) + 16, "CD-ROM", 16);
2038 ataSCSIPadStr(s->CTX_SUFF(pbIOBuffer) + 32, "1.0", 4);
2039 }
2040 if (cbTransfer)
2041 Log3(("ATAPI PT data read (%d): %.*Rhxs\n", cbTransfer, cbTransfer, s->CTX_SUFF(pbIOBuffer)));
2042 }
2043 s->iSourceSink = ATAFN_SS_NULL;
2044 atapiCmdOK(s);
2045 }
2046 else
2047 {
2048 if (s->cErrors < MAX_LOG_REL_ERRORS)
2049 {
2050 uint8_t u8Cmd = s->aATAPICmd[0];
2051 do
2052 {
2053 /* don't log superflous errors */
2054 if ( rc == VERR_DEV_IO_ERROR
2055 && ( u8Cmd == SCSI_TEST_UNIT_READY
2056 || u8Cmd == SCSI_READ_CAPACITY
2057 || u8Cmd == SCSI_READ_DVD_STRUCTURE
2058 || u8Cmd == SCSI_READ_TOC_PMA_ATIP))
2059 break;
2060 s->cErrors++;
2061 LogRel(("PIIX3 ATA: LUN#%d: CD-ROM passthrough cmd=%#04x sense=%d ASC=%#02x ASCQ=%#02x %Rrc\n",
2062 s->iLUN, u8Cmd, abATAPISense[2] & 0x0f, abATAPISense[12], abATAPISense[13], rc));
2063 } while (0);
2064 }
2065 atapiCmdError(s, abATAPISense, sizeof(abATAPISense));
2066 }
2067 return false;
2068}
2069
2070/** @todo: Revise ASAP. */
2071static bool atapiReadDVDStructureSS(ATADevState *s)
2072{
2073 uint8_t *buf = s->CTX_SUFF(pbIOBuffer);
2074 int media = s->aATAPICmd[1];
2075 int format = s->aATAPICmd[7];
2076
2077 uint16_t max_len = ataBE2H_U16(&s->aATAPICmd[8]);
2078
2079 memset(buf, 0, max_len);
2080
2081 switch (format) {
2082 case 0x00:
2083 case 0x01:
2084 case 0x02:
2085 case 0x03:
2086 case 0x04:
2087 case 0x05:
2088 case 0x06:
2089 case 0x07:
2090 case 0x08:
2091 case 0x09:
2092 case 0x0a:
2093 case 0x0b:
2094 case 0x0c:
2095 case 0x0d:
2096 case 0x0e:
2097 case 0x0f:
2098 case 0x10:
2099 case 0x11:
2100 case 0x30:
2101 case 0x31:
2102 case 0xff:
2103 if (media == 0)
2104 {
2105 int uASC = SCSI_ASC_NONE;
2106
2107 switch (format)
2108 {
2109 case 0x0: /* Physical format information */
2110 {
2111 int layer = s->aATAPICmd[6];
2112 uint64_t total_sectors;
2113
2114 if (layer != 0)
2115 {
2116 uASC = -SCSI_ASC_INV_FIELD_IN_CMD_PACKET;
2117 break;
2118 }
2119
2120 total_sectors = s->cTotalSectors;
2121 total_sectors >>= 2;
2122 if (total_sectors == 0)
2123 {
2124 uASC = -SCSI_ASC_MEDIUM_NOT_PRESENT;
2125 break;
2126 }
2127
2128 buf[4] = 1; /* DVD-ROM, part version 1 */
2129 buf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
2130 buf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
2131 buf[7] = 0; /* default densities */
2132
2133 /* FIXME: 0x30000 per spec? */
2134 ataH2BE_U32(buf + 8, 0); /* start sector */
2135 ataH2BE_U32(buf + 12, total_sectors - 1); /* end sector */
2136 ataH2BE_U32(buf + 16, total_sectors - 1); /* l0 end sector */
2137
2138 /* Size of buffer, not including 2 byte size field */
2139 ataH2BE_U32(&buf[0], 2048 + 2);
2140
2141 /* 2k data + 4 byte header */
2142 uASC = (2048 + 4);
2143 }
2144 break;
2145 case 0x01: /* DVD copyright information */
2146 buf[4] = 0; /* no copyright data */
2147 buf[5] = 0; /* no region restrictions */
2148
2149 /* Size of buffer, not including 2 byte size field */
2150 ataH2BE_U16(buf, 4 + 2);
2151
2152 /* 4 byte header + 4 byte data */
2153 uASC = (4 + 4);
2154
2155 case 0x03: /* BCA information - invalid field for no BCA info */
2156 uASC = -SCSI_ASC_INV_FIELD_IN_CMD_PACKET;
2157 break;
2158
2159 case 0x04: /* DVD disc manufacturing information */
2160 /* Size of buffer, not including 2 byte size field */
2161 ataH2BE_U16(buf, 2048 + 2);
2162
2163 /* 2k data + 4 byte header */
2164 uASC = (2048 + 4);
2165 break;
2166 case 0xff:
2167 /*
2168 * This lists all the command capabilities above. Add new ones
2169 * in order and update the length and buffer return values.
2170 */
2171
2172 buf[4] = 0x00; /* Physical format */
2173 buf[5] = 0x40; /* Not writable, is readable */
2174 ataH2BE_U16((buf + 6), 2048 + 4);
2175
2176 buf[8] = 0x01; /* Copyright info */
2177 buf[9] = 0x40; /* Not writable, is readable */
2178 ataH2BE_U16((buf + 10), 4 + 4);
2179
2180 buf[12] = 0x03; /* BCA info */
2181 buf[13] = 0x40; /* Not writable, is readable */
2182 ataH2BE_U16((buf + 14), 188 + 4);
2183
2184 buf[16] = 0x04; /* Manufacturing info */
2185 buf[17] = 0x40; /* Not writable, is readable */
2186 ataH2BE_U16((buf + 18), 2048 + 4);
2187
2188 /* Size of buffer, not including 2 byte size field */
2189 ataH2BE_U16(buf, 16 + 2);
2190
2191 /* data written + 4 byte header */
2192 uASC = (16 + 4);
2193 break;
2194 default: /* TODO: formats beyond DVD-ROM requires */
2195 uASC = -SCSI_ASC_INV_FIELD_IN_CMD_PACKET;
2196 }
2197
2198 if (uASC < 0)
2199 {
2200 s->iSourceSink = ATAFN_SS_NULL;
2201 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, -uASC);
2202 return false;
2203 }
2204 break;
2205 }
2206 /* TODO: BD support, fall through for now */
2207
2208 /* Generic disk structures */
2209 case 0x80: /* TODO: AACS volume identifier */
2210 case 0x81: /* TODO: AACS media serial number */
2211 case 0x82: /* TODO: AACS media identifier */
2212 case 0x83: /* TODO: AACS media key block */
2213 case 0x90: /* TODO: List of recognized format layers */
2214 case 0xc0: /* TODO: Write protection status */
2215 default:
2216 s->iSourceSink = ATAFN_SS_NULL;
2217 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST,
2218 SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2219 return false;
2220 }
2221
2222 s->iSourceSink = ATAFN_SS_NULL;
2223 atapiCmdOK(s);
2224 return false;
2225}
2226
2227static bool atapiReadSectors(ATADevState *s, uint32_t iATAPILBA, uint32_t cSectors, uint32_t cbSector)
2228{
2229 Assert(cSectors > 0);
2230 s->iATAPILBA = iATAPILBA;
2231 s->cbATAPISector = cbSector;
2232 ataStartTransfer(s, cSectors * cbSector, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ, true);
2233 return false;
2234}
2235
2236
2237static bool atapiReadCapacitySS(ATADevState *s)
2238{
2239 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2240
2241 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
2242 Assert(s->cbElementaryTransfer <= 8);
2243 ataH2BE_U32(pbBuf, s->cTotalSectors - 1);
2244 ataH2BE_U32(pbBuf + 4, 2048);
2245 s->iSourceSink = ATAFN_SS_NULL;
2246 atapiCmdOK(s);
2247 return false;
2248}
2249
2250
2251static bool atapiReadDiscInformationSS(ATADevState *s)
2252{
2253 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2254
2255 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
2256 Assert(s->cbElementaryTransfer <= 34);
2257 memset(pbBuf, '\0', 34);
2258 ataH2BE_U16(pbBuf, 32);
2259 pbBuf[2] = (0 << 4) | (3 << 2) | (2 << 0); /* not erasable, complete session, complete disc */
2260 pbBuf[3] = 1; /* number of first track */
2261 pbBuf[4] = 1; /* number of sessions (LSB) */
2262 pbBuf[5] = 1; /* first track number in last session (LSB) */
2263 pbBuf[6] = 1; /* last track number in last session (LSB) */
2264 pbBuf[7] = (0 << 7) | (0 << 6) | (1 << 5) | (0 << 2) | (0 << 0); /* disc id not valid, disc bar code not valid, unrestricted use, not dirty, not RW medium */
2265 pbBuf[8] = 0; /* disc type = CD-ROM */
2266 pbBuf[9] = 0; /* number of sessions (MSB) */
2267 pbBuf[10] = 0; /* number of sessions (MSB) */
2268 pbBuf[11] = 0; /* number of sessions (MSB) */
2269 ataH2BE_U32(pbBuf + 16, 0x00ffffff); /* last session lead-in start time is not available */
2270 ataH2BE_U32(pbBuf + 20, 0x00ffffff); /* last possible start time for lead-out is not available */
2271 s->iSourceSink = ATAFN_SS_NULL;
2272 atapiCmdOK(s);
2273 return false;
2274}
2275
2276
2277static bool atapiReadTrackInformationSS(ATADevState *s)
2278{
2279 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2280
2281 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
2282 Assert(s->cbElementaryTransfer <= 36);
2283 /* Accept address/number type of 1 only, and only track 1 exists. */
2284 if ((s->aATAPICmd[1] & 0x03) != 1 || ataBE2H_U32(&s->aATAPICmd[2]) != 1)
2285 {
2286 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2287 return false;
2288 }
2289 memset(pbBuf, '\0', 36);
2290 ataH2BE_U16(pbBuf, 34);
2291 pbBuf[2] = 1; /* track number (LSB) */
2292 pbBuf[3] = 1; /* session number (LSB) */
2293 pbBuf[5] = (0 << 5) | (0 << 4) | (4 << 0); /* not damaged, primary copy, data track */
2294 pbBuf[6] = (0 << 7) | (0 << 6) | (0 << 5) | (0 << 6) | (1 << 0); /* not reserved track, not blank, not packet writing, not fixed packet, data mode 1 */
2295 pbBuf[7] = (0 << 1) | (0 << 0); /* last recorded address not valid, next recordable address not valid */
2296 ataH2BE_U32(pbBuf + 8, 0); /* track start address is 0 */
2297 ataH2BE_U32(pbBuf + 24, s->cTotalSectors); /* track size */
2298 pbBuf[32] = 0; /* track number (MSB) */
2299 pbBuf[33] = 0; /* session number (MSB) */
2300 s->iSourceSink = ATAFN_SS_NULL;
2301 atapiCmdOK(s);
2302 return false;
2303}
2304
2305
2306static bool atapiGetConfigurationSS(ATADevState *s)
2307{
2308 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2309 uint16_t u16Sfn = ataBE2H_U16(&s->aATAPICmd[2]);
2310
2311 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
2312 Assert(s->cbElementaryTransfer <= 32);
2313 /* Accept valid request types only, and only starting feature 0. */
2314 if ((s->aATAPICmd[1] & 0x03) == 3 || u16Sfn != 0)
2315 {
2316 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2317 return false;
2318 }
2319 memset(pbBuf, '\0', 32);
2320 ataH2BE_U32(pbBuf, 16);
2321 /** @todo implement switching between CD-ROM and DVD-ROM profile (the only
2322 * way to differentiate them right now is based on the image size). Also
2323 * implement signalling "no current profile" if no medium is loaded. */
2324 ataH2BE_U16(pbBuf + 6, 0x08); /* current profile: read-only CD */
2325
2326 ataH2BE_U16(pbBuf + 8, 0); /* feature 0: list of profiles supported */
2327 pbBuf[10] = (0 << 2) | (1 << 1) | (1 || 0); /* version 0, persistent, current */
2328 pbBuf[11] = 8; /* additional bytes for profiles */
2329 /* The MMC-3 spec says that DVD-ROM read capability should be reported
2330 * before CD-ROM read capability. */
2331 ataH2BE_U16(pbBuf + 12, 0x10); /* profile: read-only DVD */
2332 pbBuf[14] = (0 << 0); /* NOT current profile */
2333 ataH2BE_U16(pbBuf + 16, 0x08); /* profile: read only CD */
2334 pbBuf[18] = (1 << 0); /* current profile */
2335 /* Other profiles we might want to add in the future: 0x40 (BD-ROM) and 0x50 (HDDVD-ROM) */
2336 s->iSourceSink = ATAFN_SS_NULL;
2337 atapiCmdOK(s);
2338 return false;
2339}
2340
2341
2342static bool atapiGetEventStatusNotificationSS(ATADevState *s)
2343{
2344 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2345
2346 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
2347 Assert(s->cbElementaryTransfer <= 8);
2348
2349 if (!(s->aATAPICmd[1] & 1))
2350 {
2351 /* no asynchronous operation supported */
2352 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2353 return false;
2354 }
2355
2356 uint32_t OldStatus, NewStatus;
2357 do
2358 {
2359 OldStatus = ASMAtomicReadU32(&s->MediaEventStatus);
2360 NewStatus = ATA_EVENT_STATUS_UNCHANGED;
2361 switch (OldStatus)
2362 {
2363 case ATA_EVENT_STATUS_MEDIA_NEW:
2364 /* mount */
2365 ataH2BE_U16(pbBuf + 0, 6);
2366 pbBuf[2] = 0x04; /* media */
2367 pbBuf[3] = 0x5e; /* suppored = busy|media|external|power|operational */
2368 pbBuf[4] = 0x02; /* new medium */
2369 pbBuf[5] = 0x02; /* medium present / door closed */
2370 pbBuf[6] = 0x00;
2371 pbBuf[7] = 0x00;
2372 break;
2373
2374 case ATA_EVENT_STATUS_MEDIA_CHANGED:
2375 case ATA_EVENT_STATUS_MEDIA_REMOVED:
2376 /* umount */
2377 ataH2BE_U16(pbBuf + 0, 6);
2378 pbBuf[2] = 0x04; /* media */
2379 pbBuf[3] = 0x5e; /* suppored = busy|media|external|power|operational */
2380 pbBuf[4] = 0x03; /* media removal */
2381 pbBuf[5] = 0x00; /* medium absent / door closed */
2382 pbBuf[6] = 0x00;
2383 pbBuf[7] = 0x00;
2384 if (OldStatus == ATA_EVENT_STATUS_MEDIA_CHANGED)
2385 NewStatus = ATA_EVENT_STATUS_MEDIA_NEW;
2386 break;
2387
2388 case ATA_EVENT_STATUS_MEDIA_EJECT_REQUESTED: /* currently unused */
2389 ataH2BE_U16(pbBuf + 0, 6);
2390 pbBuf[2] = 0x04; /* media */
2391 pbBuf[3] = 0x5e; /* supported = busy|media|external|power|operational */
2392 pbBuf[4] = 0x01; /* eject requested (eject button pressed) */
2393 pbBuf[5] = 0x02; /* medium present / door closed */
2394 pbBuf[6] = 0x00;
2395 pbBuf[7] = 0x00;
2396 break;
2397
2398 case ATA_EVENT_STATUS_UNCHANGED:
2399 default:
2400 ataH2BE_U16(pbBuf + 0, 6);
2401 pbBuf[2] = 0x01; /* operational change request / notification */
2402 pbBuf[3] = 0x5e; /* suppored = busy|media|external|power|operational */
2403 pbBuf[4] = 0x00;
2404 pbBuf[5] = 0x00;
2405 pbBuf[6] = 0x00;
2406 pbBuf[7] = 0x00;
2407 break;
2408 }
2409 } while (!ASMAtomicCmpXchgU32(&s->MediaEventStatus, NewStatus, OldStatus));
2410
2411 s->iSourceSink = ATAFN_SS_NULL;
2412 atapiCmdOK(s);
2413 return false;
2414}
2415
2416
2417static bool atapiInquirySS(ATADevState *s)
2418{
2419 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2420
2421 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
2422 Assert(s->cbElementaryTransfer <= 36);
2423 pbBuf[0] = 0x05; /* CD-ROM */
2424 pbBuf[1] = 0x80; /* removable */
2425#if 1/*ndef VBOX*/ /** @todo implement MESN + AENC. (async notification on removal and stuff.) */
2426 pbBuf[2] = 0x00; /* ISO */
2427 pbBuf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
2428#else
2429 pbBuf[2] = 0x00; /* ISO */
2430 pbBuf[3] = 0x91; /* format 1, MESN=1, AENC=9 ??? */
2431#endif
2432 pbBuf[4] = 31; /* additional length */
2433 pbBuf[5] = 0; /* reserved */
2434 pbBuf[6] = 0; /* reserved */
2435 pbBuf[7] = 0; /* reserved */
2436 ataSCSIPadStr(pbBuf + 8, s->szInquiryVendorId, 8);
2437 ataSCSIPadStr(pbBuf + 16, s->szInquiryProductId, 16);
2438 ataSCSIPadStr(pbBuf + 32, s->szInquiryRevision, 4);
2439 s->iSourceSink = ATAFN_SS_NULL;
2440 atapiCmdOK(s);
2441 return false;
2442}
2443
2444
2445static bool atapiModeSenseErrorRecoverySS(ATADevState *s)
2446{
2447 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2448
2449 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
2450 Assert(s->cbElementaryTransfer <= 16);
2451 ataH2BE_U16(&pbBuf[0], 16 + 6);
2452 pbBuf[2] = 0x70;
2453 pbBuf[3] = 0;
2454 pbBuf[4] = 0;
2455 pbBuf[5] = 0;
2456 pbBuf[6] = 0;
2457 pbBuf[7] = 0;
2458
2459 pbBuf[8] = 0x01;
2460 pbBuf[9] = 0x06;
2461 pbBuf[10] = 0x00;
2462 pbBuf[11] = 0x05;
2463 pbBuf[12] = 0x00;
2464 pbBuf[13] = 0x00;
2465 pbBuf[14] = 0x00;
2466 pbBuf[15] = 0x00;
2467 s->iSourceSink = ATAFN_SS_NULL;
2468 atapiCmdOK(s);
2469 return false;
2470}
2471
2472
2473static bool atapiModeSenseCDStatusSS(ATADevState *s)
2474{
2475 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2476
2477 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
2478 Assert(s->cbElementaryTransfer <= 40);
2479 ataH2BE_U16(&pbBuf[0], 38);
2480 pbBuf[2] = 0x70;
2481 pbBuf[3] = 0;
2482 pbBuf[4] = 0;
2483 pbBuf[5] = 0;
2484 pbBuf[6] = 0;
2485 pbBuf[7] = 0;
2486
2487 pbBuf[8] = 0x2a;
2488 pbBuf[9] = 30; /* page length */
2489 pbBuf[10] = 0x08; /* DVD-ROM read support */
2490 pbBuf[11] = 0x00; /* no write support */
2491 /* The following claims we support audio play. This is obviously false,
2492 * but the Linux generic CDROM support makes many features depend on this
2493 * capability. If it's not set, this causes many things to be disabled. */
2494 pbBuf[12] = 0x71; /* multisession support, mode 2 form 1/2 support, audio play */
2495 pbBuf[13] = 0x00; /* no subchannel reads supported */
2496 pbBuf[14] = (1 << 0) | (1 << 3) | (1 << 5); /* lock supported, eject supported, tray type loading mechanism */
2497 if (s->pDrvMount->pfnIsLocked(s->pDrvMount))
2498 pbBuf[14] |= 1 << 1; /* report lock state */
2499 pbBuf[15] = 0; /* no subchannel reads supported, no separate audio volume control, no changer etc. */
2500 ataH2BE_U16(&pbBuf[16], 5632); /* (obsolete) claim 32x speed support */
2501 ataH2BE_U16(&pbBuf[18], 2); /* number of audio volume levels */
2502 ataH2BE_U16(&pbBuf[20], s->cbIOBuffer / _1K); /* buffer size supported in Kbyte */
2503 ataH2BE_U16(&pbBuf[22], 5632); /* (obsolete) current read speed 32x */
2504 pbBuf[24] = 0; /* reserved */
2505 pbBuf[25] = 0; /* reserved for digital audio (see idx 15) */
2506 ataH2BE_U16(&pbBuf[26], 0); /* (obsolete) maximum write speed */
2507 ataH2BE_U16(&pbBuf[28], 0); /* (obsolete) current write speed */
2508 ataH2BE_U16(&pbBuf[30], 0); /* copy management revision supported 0=no CSS */
2509 pbBuf[32] = 0; /* reserved */
2510 pbBuf[33] = 0; /* reserved */
2511 pbBuf[34] = 0; /* reserved */
2512 pbBuf[35] = 1; /* rotation control CAV */
2513 ataH2BE_U16(&pbBuf[36], 0); /* current write speed */
2514 ataH2BE_U16(&pbBuf[38], 0); /* number of write speed performance descriptors */
2515 s->iSourceSink = ATAFN_SS_NULL;
2516 atapiCmdOK(s);
2517 return false;
2518}
2519
2520
2521static bool atapiRequestSenseSS(ATADevState *s)
2522{
2523 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2524
2525 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
2526 memset(pbBuf, '\0', s->cbElementaryTransfer);
2527 memcpy(pbBuf, s->abATAPISense, RT_MIN(s->cbElementaryTransfer, sizeof(s->abATAPISense)));
2528 s->iSourceSink = ATAFN_SS_NULL;
2529 atapiCmdOK(s);
2530 return false;
2531}
2532
2533
2534static bool atapiMechanismStatusSS(ATADevState *s)
2535{
2536 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2537
2538 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
2539 Assert(s->cbElementaryTransfer <= 8);
2540 ataH2BE_U16(pbBuf, 0);
2541 /* no current LBA */
2542 pbBuf[2] = 0;
2543 pbBuf[3] = 0;
2544 pbBuf[4] = 0;
2545 pbBuf[5] = 1;
2546 ataH2BE_U16(pbBuf + 6, 0);
2547 s->iSourceSink = ATAFN_SS_NULL;
2548 atapiCmdOK(s);
2549 return false;
2550}
2551
2552
2553static bool atapiReadTOCNormalSS(ATADevState *s)
2554{
2555 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer), *q, iStartTrack;
2556 bool fMSF;
2557 uint32_t cbSize;
2558
2559 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
2560 fMSF = (s->aATAPICmd[1] >> 1) & 1;
2561 iStartTrack = s->aATAPICmd[6];
2562 if (iStartTrack > 1 && iStartTrack != 0xaa)
2563 {
2564 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2565 return false;
2566 }
2567 q = pbBuf + 2;
2568 *q++ = 1; /* first session */
2569 *q++ = 1; /* last session */
2570 if (iStartTrack <= 1)
2571 {
2572 *q++ = 0; /* reserved */
2573 *q++ = 0x14; /* ADR, control */
2574 *q++ = 1; /* track number */
2575 *q++ = 0; /* reserved */
2576 if (fMSF)
2577 {
2578 *q++ = 0; /* reserved */
2579 ataLBA2MSF(q, 0);
2580 q += 3;
2581 }
2582 else
2583 {
2584 /* sector 0 */
2585 ataH2BE_U32(q, 0);
2586 q += 4;
2587 }
2588 }
2589 /* lead out track */
2590 *q++ = 0; /* reserved */
2591 *q++ = 0x14; /* ADR, control */
2592 *q++ = 0xaa; /* track number */
2593 *q++ = 0; /* reserved */
2594 if (fMSF)
2595 {
2596 *q++ = 0; /* reserved */
2597 ataLBA2MSF(q, s->cTotalSectors);
2598 q += 3;
2599 }
2600 else
2601 {
2602 ataH2BE_U32(q, s->cTotalSectors);
2603 q += 4;
2604 }
2605 cbSize = q - pbBuf;
2606 ataH2BE_U16(pbBuf, cbSize - 2);
2607 if (cbSize < s->cbTotalTransfer)
2608 s->cbTotalTransfer = cbSize;
2609 s->iSourceSink = ATAFN_SS_NULL;
2610 atapiCmdOK(s);
2611 return false;
2612}
2613
2614
2615static bool atapiReadTOCMultiSS(ATADevState *s)
2616{
2617 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer);
2618 bool fMSF;
2619
2620 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
2621 Assert(s->cbElementaryTransfer <= 12);
2622 fMSF = (s->aATAPICmd[1] >> 1) & 1;
2623 /* multi session: only a single session defined */
2624/** @todo double-check this stuff against what a real drive says for a CD-ROM (not a CD-R) with only a single data session. Maybe solve the problem with "cdrdao read-toc" not being able to figure out whether numbers are in BCD or hex. */
2625 memset(pbBuf, 0, 12);
2626 pbBuf[1] = 0x0a;
2627 pbBuf[2] = 0x01;
2628 pbBuf[3] = 0x01;
2629 pbBuf[5] = 0x14; /* ADR, control */
2630 pbBuf[6] = 1; /* first track in last complete session */
2631 if (fMSF)
2632 {
2633 pbBuf[8] = 0; /* reserved */
2634 ataLBA2MSF(&pbBuf[9], 0);
2635 }
2636 else
2637 {
2638 /* sector 0 */
2639 ataH2BE_U32(pbBuf + 8, 0);
2640 }
2641 s->iSourceSink = ATAFN_SS_NULL;
2642 atapiCmdOK(s);
2643 return false;
2644}
2645
2646
2647static bool atapiReadTOCRawSS(ATADevState *s)
2648{
2649 uint8_t *pbBuf = s->CTX_SUFF(pbIOBuffer), *q, iStartTrack;
2650 bool fMSF;
2651 uint32_t cbSize;
2652
2653 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
2654 fMSF = (s->aATAPICmd[1] >> 1) & 1;
2655 iStartTrack = s->aATAPICmd[6];
2656
2657 q = pbBuf + 2;
2658 *q++ = 1; /* first session */
2659 *q++ = 1; /* last session */
2660
2661 *q++ = 1; /* session number */
2662 *q++ = 0x14; /* data track */
2663 *q++ = 0; /* track number */
2664 *q++ = 0xa0; /* first track in program area */
2665 *q++ = 0; /* min */
2666 *q++ = 0; /* sec */
2667 *q++ = 0; /* frame */
2668 *q++ = 0;
2669 *q++ = 1; /* first track */
2670 *q++ = 0x00; /* disk type CD-DA or CD data */
2671 *q++ = 0;
2672
2673 *q++ = 1; /* session number */
2674 *q++ = 0x14; /* data track */
2675 *q++ = 0; /* track number */
2676 *q++ = 0xa1; /* last track in program area */
2677 *q++ = 0; /* min */
2678 *q++ = 0; /* sec */
2679 *q++ = 0; /* frame */
2680 *q++ = 0;
2681 *q++ = 1; /* last track */
2682 *q++ = 0;
2683 *q++ = 0;
2684
2685 *q++ = 1; /* session number */
2686 *q++ = 0x14; /* data track */
2687 *q++ = 0; /* track number */
2688 *q++ = 0xa2; /* lead-out */
2689 *q++ = 0; /* min */
2690 *q++ = 0; /* sec */
2691 *q++ = 0; /* frame */
2692 if (fMSF)
2693 {
2694 *q++ = 0; /* reserved */
2695 ataLBA2MSF(q, s->cTotalSectors);
2696 q += 3;
2697 }
2698 else
2699 {
2700 ataH2BE_U32(q, s->cTotalSectors);
2701 q += 4;
2702 }
2703
2704 *q++ = 1; /* session number */
2705 *q++ = 0x14; /* ADR, control */
2706 *q++ = 0; /* track number */
2707 *q++ = 1; /* point */
2708 *q++ = 0; /* min */
2709 *q++ = 0; /* sec */
2710 *q++ = 0; /* frame */
2711 if (fMSF)
2712 {
2713 *q++ = 0; /* reserved */
2714 ataLBA2MSF(q, 0);
2715 q += 3;
2716 }
2717 else
2718 {
2719 /* sector 0 */
2720 ataH2BE_U32(q, 0);
2721 q += 4;
2722 }
2723
2724 cbSize = q - pbBuf;
2725 ataH2BE_U16(pbBuf, cbSize - 2);
2726 if (cbSize < s->cbTotalTransfer)
2727 s->cbTotalTransfer = cbSize;
2728 s->iSourceSink = ATAFN_SS_NULL;
2729 atapiCmdOK(s);
2730 return false;
2731}
2732
2733
2734static void atapiParseCmdVirtualATAPI(ATADevState *s)
2735{
2736 const uint8_t *pbPacket;
2737 uint8_t *pbBuf;
2738 uint32_t cbMax;
2739
2740 pbPacket = s->aATAPICmd;
2741 pbBuf = s->CTX_SUFF(pbIOBuffer);
2742 switch (pbPacket[0])
2743 {
2744 case SCSI_TEST_UNIT_READY:
2745 if (s->cNotifiedMediaChange > 0)
2746 {
2747 if (s->cNotifiedMediaChange-- > 2)
2748 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2749 else
2750 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2751 }
2752 else if (s->pDrvMount->pfnIsMounted(s->pDrvMount))
2753 atapiCmdOK(s);
2754 else
2755 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2756 break;
2757 case SCSI_GET_EVENT_STATUS_NOTIFICATION:
2758 cbMax = ataBE2H_U16(pbPacket + 7);
2759 ataStartTransfer(s, RT_MIN(cbMax, 8), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_GET_EVENT_STATUS_NOTIFICATION, true);
2760 break;
2761 case SCSI_MODE_SENSE_10:
2762 {
2763 uint8_t uPageControl, uPageCode;
2764 cbMax = ataBE2H_U16(pbPacket + 7);
2765 uPageControl = pbPacket[2] >> 6;
2766 uPageCode = pbPacket[2] & 0x3f;
2767 switch (uPageControl)
2768 {
2769 case SCSI_PAGECONTROL_CURRENT:
2770 switch (uPageCode)
2771 {
2772 case SCSI_MODEPAGE_ERROR_RECOVERY:
2773 ataStartTransfer(s, RT_MIN(cbMax, 16), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_MODE_SENSE_ERROR_RECOVERY, true);
2774 break;
2775 case SCSI_MODEPAGE_CD_STATUS:
2776 ataStartTransfer(s, RT_MIN(cbMax, 40), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_MODE_SENSE_CD_STATUS, true);
2777 break;
2778 default:
2779 goto error_cmd;
2780 }
2781 break;
2782 case SCSI_PAGECONTROL_CHANGEABLE:
2783 goto error_cmd;
2784 case SCSI_PAGECONTROL_DEFAULT:
2785 goto error_cmd;
2786 default:
2787 case SCSI_PAGECONTROL_SAVED:
2788 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
2789 break;
2790 }
2791 }
2792 break;
2793 case SCSI_REQUEST_SENSE:
2794 cbMax = pbPacket[4];
2795 ataStartTransfer(s, RT_MIN(cbMax, 18), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_REQUEST_SENSE, true);
2796 break;
2797 case SCSI_PREVENT_ALLOW_MEDIUM_REMOVAL:
2798 if (s->pDrvMount->pfnIsMounted(s->pDrvMount))
2799 {
2800 if (pbPacket[4] & 1)
2801 s->pDrvMount->pfnLock(s->pDrvMount);
2802 else
2803 s->pDrvMount->pfnUnlock(s->pDrvMount);
2804 atapiCmdOK(s);
2805 }
2806 else
2807 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2808 break;
2809 case SCSI_READ_10:
2810 case SCSI_READ_12:
2811 {
2812 uint32_t cSectors, iATAPILBA;
2813
2814 if (s->cNotifiedMediaChange > 0)
2815 {
2816 s->cNotifiedMediaChange-- ;
2817 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2818 break;
2819 }
2820 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
2821 {
2822 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2823 break;
2824 }
2825 if (pbPacket[0] == SCSI_READ_10)
2826 cSectors = ataBE2H_U16(pbPacket + 7);
2827 else
2828 cSectors = ataBE2H_U32(pbPacket + 6);
2829 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2830 if (cSectors == 0)
2831 {
2832 atapiCmdOK(s);
2833 break;
2834 }
2835 if ((uint64_t)iATAPILBA + cSectors > s->cTotalSectors)
2836 {
2837 /* Rate limited logging, one log line per second. For
2838 * guests that insist on reading from places outside the
2839 * valid area this often generates too many release log
2840 * entries otherwise. */
2841 static uint64_t uLastLogTS = 0;
2842 if (RTTimeMilliTS() >= uLastLogTS + 1000)
2843 {
2844 LogRel(("PIIX3 ATA: LUN#%d: CD-ROM block number %Ld invalid (READ)\n", s->iLUN, (uint64_t)iATAPILBA + cSectors));
2845 uLastLogTS = RTTimeMilliTS();
2846 }
2847 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_LOGICAL_BLOCK_OOR);
2848 break;
2849 }
2850 atapiReadSectors(s, iATAPILBA, cSectors, 2048);
2851 }
2852 break;
2853 case SCSI_READ_CD:
2854 {
2855 uint32_t cSectors, iATAPILBA;
2856
2857 if (s->cNotifiedMediaChange > 0)
2858 {
2859 s->cNotifiedMediaChange-- ;
2860 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2861 break;
2862 }
2863 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
2864 {
2865 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2866 break;
2867 }
2868 cSectors = (pbPacket[6] << 16) | (pbPacket[7] << 8) | pbPacket[8];
2869 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2870 if (cSectors == 0)
2871 {
2872 atapiCmdOK(s);
2873 break;
2874 }
2875 if ((uint64_t)iATAPILBA + cSectors > s->cTotalSectors)
2876 {
2877 /* Rate limited logging, one log line per second. For
2878 * guests that insist on reading from places outside the
2879 * valid area this often generates too many release log
2880 * entries otherwise. */
2881 static uint64_t uLastLogTS = 0;
2882 if (RTTimeMilliTS() >= uLastLogTS + 1000)
2883 {
2884 LogRel(("PIIX3 ATA: LUN#%d: CD-ROM block number %Ld invalid (READ CD)\n", s->iLUN, (uint64_t)iATAPILBA + cSectors));
2885 uLastLogTS = RTTimeMilliTS();
2886 }
2887 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_LOGICAL_BLOCK_OOR);
2888 break;
2889 }
2890 switch (pbPacket[9] & 0xf8)
2891 {
2892 case 0x00:
2893 /* nothing */
2894 atapiCmdOK(s);
2895 break;
2896 case 0x10:
2897 /* normal read */
2898 atapiReadSectors(s, iATAPILBA, cSectors, 2048);
2899 break;
2900 case 0xf8:
2901 /* read all data */
2902 atapiReadSectors(s, iATAPILBA, cSectors, 2352);
2903 break;
2904 default:
2905 LogRel(("PIIX3 ATA: LUN#%d: CD-ROM sector format not supported (%#x)\n", s->iLUN, pbPacket[9] & 0xf8));
2906 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
2907 break;
2908 }
2909 }
2910 break;
2911 case SCSI_SEEK_10:
2912 {
2913 uint32_t iATAPILBA;
2914 if (s->cNotifiedMediaChange > 0)
2915 {
2916 s->cNotifiedMediaChange-- ;
2917 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2918 break;
2919 }
2920 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
2921 {
2922 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2923 break;
2924 }
2925 iATAPILBA = ataBE2H_U32(pbPacket + 2);
2926 if (iATAPILBA > s->cTotalSectors)
2927 {
2928 /* Rate limited logging, one log line per second. For
2929 * guests that insist on seeking to places outside the
2930 * valid area this often generates too many release log
2931 * entries otherwise. */
2932 static uint64_t uLastLogTS = 0;
2933 if (RTTimeMilliTS() >= uLastLogTS + 1000)
2934 {
2935 LogRel(("PIIX3 ATA: LUN#%d: CD-ROM block number %Ld invalid (SEEK)\n", s->iLUN, (uint64_t)iATAPILBA));
2936 uLastLogTS = RTTimeMilliTS();
2937 }
2938 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_LOGICAL_BLOCK_OOR);
2939 break;
2940 }
2941 atapiCmdOK(s);
2942 ataSetStatus(s, ATA_STAT_SEEK); /* Linux expects this. */
2943 }
2944 break;
2945 case SCSI_START_STOP_UNIT:
2946 {
2947 int rc = VINF_SUCCESS;
2948 switch (pbPacket[4] & 3)
2949 {
2950 case 0: /* 00 - Stop motor */
2951 case 1: /* 01 - Start motor */
2952 break;
2953 case 2: /* 10 - Eject media */
2954 /* This must be done from EMT. */
2955 {
2956 PATACONTROLLER pCtl = ATADEVSTATE_2_CONTROLLER(s);
2957 PPDMDEVINS pDevIns = ATADEVSTATE_2_DEVINS(s);
2958
2959 PDMCritSectLeave(&pCtl->lock);
2960 rc = VMR3ReqCallWait(PDMDevHlpGetVM(pDevIns), VMCPUID_ANY,
2961 (PFNRT)s->pDrvMount->pfnUnmount, 2, s->pDrvMount, false);
2962 Assert(RT_SUCCESS(rc) || (rc == VERR_PDM_MEDIA_LOCKED));
2963 {
2964 STAM_PROFILE_START(&pCtl->StatLockWait, a);
2965 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
2966 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
2967 }
2968 }
2969 break;
2970 case 3: /* 11 - Load media */
2971 /** @todo rc = s->pDrvMount->pfnLoadMedia(s->pDrvMount) */
2972 break;
2973 }
2974 if (RT_SUCCESS(rc))
2975 atapiCmdOK(s);
2976 else
2977 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIA_LOAD_OR_EJECT_FAILED);
2978 }
2979 break;
2980 case SCSI_MECHANISM_STATUS:
2981 {
2982 cbMax = ataBE2H_U16(pbPacket + 8);
2983 ataStartTransfer(s, RT_MIN(cbMax, 8), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_MECHANISM_STATUS, true);
2984 }
2985 break;
2986 case SCSI_READ_TOC_PMA_ATIP:
2987 {
2988 uint8_t format;
2989
2990 if (s->cNotifiedMediaChange > 0)
2991 {
2992 s->cNotifiedMediaChange-- ;
2993 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
2994 break;
2995 }
2996 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
2997 {
2998 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
2999 break;
3000 }
3001 cbMax = ataBE2H_U16(pbPacket + 7);
3002 /* SCSI MMC-3 spec says format is at offset 2 (lower 4 bits),
3003 * but Linux kernel uses offset 9 (topmost 2 bits). Hope that
3004 * the other field is clear... */
3005 format = (pbPacket[2] & 0xf) | (pbPacket[9] >> 6);
3006 switch (format)
3007 {
3008 case 0:
3009 ataStartTransfer(s, cbMax, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_TOC_NORMAL, true);
3010 break;
3011 case 1:
3012 ataStartTransfer(s, RT_MIN(cbMax, 12), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_TOC_MULTI, true);
3013 break;
3014 case 2:
3015 ataStartTransfer(s, cbMax, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_TOC_RAW, true);
3016 break;
3017 default:
3018 error_cmd:
3019 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
3020 break;
3021 }
3022 }
3023 break;
3024 case SCSI_READ_CAPACITY:
3025 if (s->cNotifiedMediaChange > 0)
3026 {
3027 s->cNotifiedMediaChange-- ;
3028 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
3029 break;
3030 }
3031 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
3032 {
3033 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
3034 break;
3035 }
3036 ataStartTransfer(s, 8, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_CAPACITY, true);
3037 break;
3038 case SCSI_READ_DISC_INFORMATION:
3039 if (s->cNotifiedMediaChange > 0)
3040 {
3041 s->cNotifiedMediaChange-- ;
3042 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
3043 break;
3044 }
3045 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
3046 {
3047 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
3048 break;
3049 }
3050 cbMax = ataBE2H_U16(pbPacket + 7);
3051 ataStartTransfer(s, RT_MIN(cbMax, 34), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_DISC_INFORMATION, true);
3052 break;
3053 case SCSI_READ_TRACK_INFORMATION:
3054 if (s->cNotifiedMediaChange > 0)
3055 {
3056 s->cNotifiedMediaChange-- ;
3057 atapiCmdErrorSimple(s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */
3058 break;
3059 }
3060 else if (!s->pDrvMount->pfnIsMounted(s->pDrvMount))
3061 {
3062 atapiCmdErrorSimple(s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT);
3063 break;
3064 }
3065 cbMax = ataBE2H_U16(pbPacket + 7);
3066 ataStartTransfer(s, RT_MIN(cbMax, 36), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_TRACK_INFORMATION, true);
3067 break;
3068 case SCSI_GET_CONFIGURATION:
3069 /* No media change stuff here, it can confuse Linux guests. */
3070 cbMax = ataBE2H_U16(pbPacket + 7);
3071 ataStartTransfer(s, RT_MIN(cbMax, 32), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_GET_CONFIGURATION, true);
3072 break;
3073 case SCSI_INQUIRY:
3074 cbMax = ataBE2H_U16(pbPacket + 3);
3075 ataStartTransfer(s, RT_MIN(cbMax, 36), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_INQUIRY, true);
3076 break;
3077 case SCSI_READ_DVD_STRUCTURE:
3078 {
3079 cbMax = ataBE2H_U16(pbPacket + 8);
3080 ataStartTransfer(s, RT_MIN(cbMax, 4), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_DVD_STRUCTURE, true);
3081 break;
3082 }
3083 default:
3084 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_ILLEGAL_OPCODE);
3085 break;
3086 }
3087}
3088
3089
3090/*
3091 * Parse ATAPI commands, passing them directly to the CD/DVD drive.
3092 */
3093static void atapiParseCmdPassthrough(ATADevState *s)
3094{
3095 const uint8_t *pbPacket;
3096 uint8_t *pbBuf;
3097 uint32_t cSectors, iATAPILBA;
3098 uint32_t cbTransfer = 0;
3099 PDMBLOCKTXDIR uTxDir = PDMBLOCKTXDIR_NONE;
3100
3101 pbPacket = s->aATAPICmd;
3102 pbBuf = s->CTX_SUFF(pbIOBuffer);
3103 switch (pbPacket[0])
3104 {
3105 case SCSI_BLANK:
3106 goto sendcmd;
3107 case SCSI_CLOSE_TRACK_SESSION:
3108 goto sendcmd;
3109 case SCSI_ERASE_10:
3110 iATAPILBA = ataBE2H_U32(pbPacket + 2);
3111 cbTransfer = ataBE2H_U16(pbPacket + 7);
3112 Log2(("ATAPI PT: lba %d\n", iATAPILBA));
3113 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
3114 goto sendcmd;
3115 case SCSI_FORMAT_UNIT:
3116 cbTransfer = s->uATARegLCyl | (s->uATARegHCyl << 8); /* use ATAPI transfer length */
3117 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
3118 goto sendcmd;
3119 case SCSI_GET_CONFIGURATION:
3120 cbTransfer = ataBE2H_U16(pbPacket + 7);
3121 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
3122 goto sendcmd;
3123 case SCSI_GET_EVENT_STATUS_NOTIFICATION:
3124 cbTransfer = ataBE2H_U16(pbPacket + 7);
3125 if (ASMAtomicReadU32(&s->MediaEventStatus) != ATA_EVENT_STATUS_UNCHANGED)
3126 {
3127 ataStartTransfer(s, RT_MIN(cbTransfer, 8), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_GET_EVENT_STATUS_NOTIFICATION, true);
3128 break;
3129 }
3130 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
3131 goto sendcmd;
3132 case SCSI_GET_PERFORMANCE:
3133 cbTransfer = s->uATARegLCyl | (s->uATARegHCyl << 8); /* use ATAPI transfer length */
3134 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
3135 goto sendcmd;
3136 case SCSI_INQUIRY:
3137 cbTransfer = ataBE2H_U16(pbPacket + 3);
3138 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
3139 goto sendcmd;
3140 case SCSI_LOAD_UNLOAD_MEDIUM:
3141 goto sendcmd;
3142 case SCSI_MECHANISM_STATUS:
3143 cbTransfer = ataBE2H_U16(pbPacket + 8);
3144 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
3145 goto sendcmd;
3146 case SCSI_MODE_SELECT_10:
3147 cbTransfer = ataBE2H_U16(pbPacket + 7);
3148 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
3149 goto sendcmd;
3150 case SCSI_MODE_SENSE_10:
3151 cbTransfer = ataBE2H_U16(pbPacket + 7);
3152 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
3153 goto sendcmd;
3154 case SCSI_PAUSE_RESUME:
3155 goto sendcmd;
3156 case SCSI_PLAY_AUDIO_10:
3157 goto sendcmd;
3158 case SCSI_PLAY_AUDIO_12:
3159 goto sendcmd;
3160 case SCSI_PLAY_AUDIO_MSF:
3161 goto sendcmd;
3162 case SCSI_PREVENT_ALLOW_MEDIUM_REMOVAL:
3163 /** @todo do not forget to unlock when a VM is shut down */
3164 goto sendcmd;
3165 case SCSI_READ_10:
3166 iATAPILBA = ataBE2H_U32(pbPacket + 2);
3167 cSectors = ataBE2H_U16(pbPacket + 7);
3168 Log2(("ATAPI PT: lba %d sectors %d\n", iATAPILBA, cSectors));
3169 s->cbATAPISector = 2048; /**< @todo this size is not always correct */
3170 cbTransfer = cSectors * s->cbATAPISector;
3171 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
3172 goto sendcmd;
3173 case SCSI_READ_12:
3174 iATAPILBA = ataBE2H_U32(pbPacket + 2);
3175 cSectors = ataBE2H_U32(pbPacket + 6);
3176 Log2(("ATAPI PT: lba %d sectors %d\n", iATAPILBA, cSectors));
3177 s->cbATAPISector = 2048; /**< @todo this size is not always correct */
3178 cbTransfer = cSectors * s->cbATAPISector;
3179 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
3180 goto sendcmd;
3181 case SCSI_READ_BUFFER:
3182 cbTransfer = ataBE2H_U24(pbPacket + 6);
3183 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
3184 goto sendcmd;
3185 case SCSI_READ_BUFFER_CAPACITY:
3186 cbTransfer = ataBE2H_U16(pbPacket + 7);
3187 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
3188 goto sendcmd;
3189 case SCSI_READ_CAPACITY:
3190 cbTransfer = 8;
3191 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
3192 goto sendcmd;
3193 case SCSI_READ_CD:
3194 s->cbATAPISector = 2048; /**< @todo this size is not always correct */
3195 cbTransfer = ataBE2H_U24(pbPacket + 6) / s->cbATAPISector * s->cbATAPISector;
3196 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
3197 goto sendcmd;
3198 case SCSI_READ_CD_MSF:
3199 cSectors = ataMSF2LBA(pbPacket + 6) - ataMSF2LBA(pbPacket + 3);
3200 if (cSectors > 32)
3201 cSectors = 32; /* Limit transfer size to 64~74K. Safety first. In any case this can only harm software doing CDDA extraction. */
3202 s->cbATAPISector = 2048; /**< @todo this size is not always correct */
3203 cbTransfer = cSectors * s->cbATAPISector;
3204 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
3205 goto sendcmd;
3206 case SCSI_READ_DISC_INFORMATION:
3207 cbTransfer = ataBE2H_U16(pbPacket + 7);
3208 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
3209 goto sendcmd;
3210 case SCSI_READ_DVD_STRUCTURE:
3211 cbTransfer = ataBE2H_U16(pbPacket + 8);
3212 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
3213 goto sendcmd;
3214 case SCSI_READ_FORMAT_CAPACITIES:
3215 cbTransfer = ataBE2H_U16(pbPacket + 7);
3216 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
3217 goto sendcmd;
3218 case SCSI_READ_SUBCHANNEL:
3219 cbTransfer = ataBE2H_U16(pbPacket + 7);
3220 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
3221 goto sendcmd;
3222 case SCSI_READ_TOC_PMA_ATIP:
3223 cbTransfer = ataBE2H_U16(pbPacket + 7);
3224 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
3225 goto sendcmd;
3226 case SCSI_READ_TRACK_INFORMATION:
3227 cbTransfer = ataBE2H_U16(pbPacket + 7);
3228 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
3229 goto sendcmd;
3230 case SCSI_REPAIR_TRACK:
3231 goto sendcmd;
3232 case SCSI_REPORT_KEY:
3233 cbTransfer = ataBE2H_U16(pbPacket + 8);
3234 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
3235 goto sendcmd;
3236 case SCSI_REQUEST_SENSE:
3237 cbTransfer = pbPacket[4];
3238 if ((s->abATAPISense[2] & 0x0f) != SCSI_SENSE_NONE)
3239 {
3240 ataStartTransfer(s, RT_MIN(cbTransfer, 18), PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_REQUEST_SENSE, true);
3241 break;
3242 }
3243 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
3244 goto sendcmd;
3245 case SCSI_RESERVE_TRACK:
3246 goto sendcmd;
3247 case SCSI_SCAN:
3248 goto sendcmd;
3249 case SCSI_SEEK_10:
3250 goto sendcmd;
3251 case SCSI_SEND_CUE_SHEET:
3252 cbTransfer = ataBE2H_U24(pbPacket + 6);
3253 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
3254 goto sendcmd;
3255 case SCSI_SEND_DVD_STRUCTURE:
3256 cbTransfer = ataBE2H_U16(pbPacket + 8);
3257 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
3258 goto sendcmd;
3259 case SCSI_SEND_EVENT:
3260 cbTransfer = ataBE2H_U16(pbPacket + 8);
3261 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
3262 goto sendcmd;
3263 case SCSI_SEND_KEY:
3264 cbTransfer = ataBE2H_U16(pbPacket + 8);
3265 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
3266 goto sendcmd;
3267 case SCSI_SEND_OPC_INFORMATION:
3268 cbTransfer = ataBE2H_U16(pbPacket + 7);
3269 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
3270 goto sendcmd;
3271 case SCSI_SET_CD_SPEED:
3272 goto sendcmd;
3273 case SCSI_SET_READ_AHEAD:
3274 goto sendcmd;
3275 case SCSI_SET_STREAMING:
3276 cbTransfer = ataBE2H_U16(pbPacket + 9);
3277 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
3278 goto sendcmd;
3279 case SCSI_START_STOP_UNIT:
3280 goto sendcmd;
3281 case SCSI_STOP_PLAY_SCAN:
3282 goto sendcmd;
3283 case SCSI_SYNCHRONIZE_CACHE:
3284 goto sendcmd;
3285 case SCSI_TEST_UNIT_READY:
3286 goto sendcmd;
3287 case SCSI_VERIFY_10:
3288 goto sendcmd;
3289 case SCSI_WRITE_10:
3290 iATAPILBA = ataBE2H_U32(pbPacket + 2);
3291 cSectors = ataBE2H_U16(pbPacket + 7);
3292 Log2(("ATAPI PT: lba %d sectors %d\n", iATAPILBA, cSectors));
3293#if 0
3294 /* The sector size is determined by the async I/O thread. */
3295 s->cbATAPISector = 0;
3296 /* Preliminary, will be corrected once the sector size is known. */
3297 cbTransfer = cSectors;
3298#else
3299 s->cbATAPISector = 2048; /**< @todo this size is not always correct */
3300 cbTransfer = cSectors * s->cbATAPISector;
3301#endif
3302 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
3303 goto sendcmd;
3304 case SCSI_WRITE_12:
3305 iATAPILBA = ataBE2H_U32(pbPacket + 2);
3306 cSectors = ataBE2H_U32(pbPacket + 6);
3307 Log2(("ATAPI PT: lba %d sectors %d\n", iATAPILBA, cSectors));
3308#if 0
3309 /* The sector size is determined by the async I/O thread. */
3310 s->cbATAPISector = 0;
3311 /* Preliminary, will be corrected once the sector size is known. */
3312 cbTransfer = cSectors;
3313#else
3314 s->cbATAPISector = 2048; /**< @todo this size is not always correct */
3315 cbTransfer = cSectors * s->cbATAPISector;
3316#endif
3317 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
3318 goto sendcmd;
3319 case SCSI_WRITE_AND_VERIFY_10:
3320 iATAPILBA = ataBE2H_U32(pbPacket + 2);
3321 cSectors = ataBE2H_U16(pbPacket + 7);
3322 Log2(("ATAPI PT: lba %d sectors %d\n", iATAPILBA, cSectors));
3323 /* The sector size is determined by the async I/O thread. */
3324 s->cbATAPISector = 0;
3325 /* Preliminary, will be corrected once the sector size is known. */
3326 cbTransfer = cSectors;
3327 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
3328 goto sendcmd;
3329 case SCSI_WRITE_BUFFER:
3330 switch (pbPacket[1] & 0x1f)
3331 {
3332 case 0x04: /* download microcode */
3333 case 0x05: /* download microcode and save */
3334 case 0x06: /* download microcode with offsets */
3335 case 0x07: /* download microcode with offsets and save */
3336 case 0x0e: /* download microcode with offsets and defer activation */
3337 case 0x0f: /* activate deferred microcode */
3338 LogRel(("PIIX3 ATA: LUN#%d: CD-ROM passthrough command attempted to update firmware, blocked\n", s->iLUN));
3339 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET);
3340 break;
3341 default:
3342 cbTransfer = ataBE2H_U16(pbPacket + 6);
3343 uTxDir = PDMBLOCKTXDIR_TO_DEVICE;
3344 goto sendcmd;
3345 }
3346 break;
3347 case SCSI_REPORT_LUNS: /* Not part of MMC-3, but used by Windows. */
3348 cbTransfer = ataBE2H_U32(pbPacket + 6);
3349 uTxDir = PDMBLOCKTXDIR_FROM_DEVICE;
3350 goto sendcmd;
3351 case SCSI_REZERO_UNIT:
3352 /* Obsolete command used by cdrecord. What else would one expect?
3353 * This command is not sent to the drive, it is handled internally,
3354 * as the Linux kernel doesn't like it (message "scsi: unknown
3355 * opcode 0x01" in syslog) and replies with a sense code of 0,
3356 * which sends cdrecord to an endless loop. */
3357 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_ILLEGAL_OPCODE);
3358 break;
3359 default:
3360 LogRel(("PIIX3 ATA: LUN#%d: passthrough unimplemented for command %#x\n", s->iLUN, pbPacket[0]));
3361 atapiCmdErrorSimple(s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_ILLEGAL_OPCODE);
3362 break;
3363 sendcmd:
3364 /* Send a command to the drive, passing data in/out as required. */
3365 Log2(("ATAPI PT: max size %d\n", cbTransfer));
3366 Assert(cbTransfer <= s->cbIOBuffer);
3367 if (cbTransfer == 0)
3368 uTxDir = PDMBLOCKTXDIR_NONE;
3369 ataStartTransfer(s, cbTransfer, uTxDir, ATAFN_BT_ATAPI_PASSTHROUGH_CMD, ATAFN_SS_ATAPI_PASSTHROUGH, true);
3370 }
3371}
3372
3373
3374static void atapiParseCmd(ATADevState *s)
3375{
3376 const uint8_t *pbPacket;
3377
3378 pbPacket = s->aATAPICmd;
3379#ifdef DEBUG
3380 Log(("%s: LUN#%d DMA=%d CMD=%#04x \"%s\"\n", __FUNCTION__, s->iLUN, s->fDMA, pbPacket[0], SCSICmdText(pbPacket[0])));
3381#else /* !DEBUG */
3382 Log(("%s: LUN#%d DMA=%d CMD=%#04x\n", __FUNCTION__, s->iLUN, s->fDMA, pbPacket[0]));
3383#endif /* !DEBUG */
3384 Log2(("%s: limit=%#x packet: %.*Rhxs\n", __FUNCTION__, s->uATARegLCyl | (s->uATARegHCyl << 8), ATAPI_PACKET_SIZE, pbPacket));
3385
3386 if (s->fATAPIPassthrough)
3387 atapiParseCmdPassthrough(s);
3388 else
3389 atapiParseCmdVirtualATAPI(s);
3390}
3391
3392
3393static bool ataPacketSS(ATADevState *s)
3394{
3395 s->fDMA = !!(s->uATARegFeature & 1);
3396 memcpy(s->aATAPICmd, s->CTX_SUFF(pbIOBuffer), ATAPI_PACKET_SIZE);
3397 s->uTxDir = PDMBLOCKTXDIR_NONE;
3398 s->cbTotalTransfer = 0;
3399 s->cbElementaryTransfer = 0;
3400 atapiParseCmd(s);
3401 return false;
3402}
3403
3404
3405/**
3406 * SCSI_GET_EVENT_STATUS_NOTIFICATION should return "medium removed" event
3407 * from now on, regardless if there was a medium inserted or not.
3408 */
3409static void ataMediumRemoved(ATADevState *s)
3410{
3411 ASMAtomicWriteU32(&s->MediaEventStatus, ATA_EVENT_STATUS_MEDIA_REMOVED);
3412}
3413
3414
3415/**
3416 * SCSI_GET_EVENT_STATUS_NOTIFICATION should return "medium inserted". If
3417 * there was already a medium inserted, don't forget to send the "medium
3418 * removed" event first.
3419 */
3420static void ataMediumInserted(ATADevState *s)
3421{
3422 uint32_t OldStatus, NewStatus;
3423 do
3424 {
3425 OldStatus = ASMAtomicReadU32(&s->MediaEventStatus);
3426 switch (OldStatus)
3427 {
3428 case ATA_EVENT_STATUS_MEDIA_CHANGED:
3429 case ATA_EVENT_STATUS_MEDIA_REMOVED:
3430 /* no change, we will send "medium removed" + "medium inserted" */
3431 NewStatus = ATA_EVENT_STATUS_MEDIA_CHANGED;
3432 break;
3433 default:
3434 NewStatus = ATA_EVENT_STATUS_MEDIA_NEW;
3435 break;
3436 }
3437 } while (!ASMAtomicCmpXchgU32(&s->MediaEventStatus, NewStatus, OldStatus));
3438}
3439
3440
3441/**
3442 * Called when a media is mounted.
3443 *
3444 * @param pInterface Pointer to the interface structure containing the called function pointer.
3445 */
3446static DECLCALLBACK(void) ataMountNotify(PPDMIMOUNTNOTIFY pInterface)
3447{
3448 ATADevState *pIf = PDMIMOUNTNOTIFY_2_ATASTATE(pInterface);
3449 Log(("%s: changing LUN#%d\n", __FUNCTION__, pIf->iLUN));
3450
3451 /* Ignore the call if we're called while being attached. */
3452 if (!pIf->pDrvBlock)
3453 return;
3454
3455 if (pIf->fATAPI)
3456 pIf->cTotalSectors = pIf->pDrvBlock->pfnGetSize(pIf->pDrvBlock) / 2048;
3457 else
3458 pIf->cTotalSectors = pIf->pDrvBlock->pfnGetSize(pIf->pDrvBlock) / 512;
3459
3460 LogRel(("PIIX3 ATA: LUN#%d: CD/DVD, total number of sectors %Ld, passthrough unchanged\n", pIf->iLUN, pIf->cTotalSectors));
3461
3462 /* Report media changed in TEST UNIT and other (probably incorrect) places. */
3463 if (pIf->cNotifiedMediaChange < 2)
3464 pIf->cNotifiedMediaChange = 2;
3465 ataMediumInserted(pIf);
3466}
3467
3468/**
3469 * Called when a media is unmounted
3470 * @param pInterface Pointer to the interface structure containing the called function pointer.
3471 */
3472static DECLCALLBACK(void) ataUnmountNotify(PPDMIMOUNTNOTIFY pInterface)
3473{
3474 ATADevState *pIf = PDMIMOUNTNOTIFY_2_ATASTATE(pInterface);
3475 Log(("%s:\n", __FUNCTION__));
3476 pIf->cTotalSectors = 0;
3477
3478 /*
3479 * Whatever I do, XP will not use the GET MEDIA STATUS nor the EVENT stuff.
3480 * However, it will respond to TEST UNIT with a 0x6 0x28 (media changed) sense code.
3481 * So, we'll give it 4 TEST UNIT command to catch up, two which the media is not
3482 * present and 2 in which it is changed.
3483 */
3484 pIf->cNotifiedMediaChange = 4;
3485 ataMediumRemoved(pIf);
3486}
3487
3488static void ataPacketBT(ATADevState *s)
3489{
3490 s->cbElementaryTransfer = s->cbTotalTransfer;
3491 s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_CD;
3492 Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector));
3493 ataSetStatusValue(s, ATA_STAT_READY);
3494}
3495
3496
3497static void ataResetDevice(ATADevState *s)
3498{
3499 s->cMultSectors = ATA_MAX_MULT_SECTORS;
3500 s->cNotifiedMediaChange = 0;
3501 ASMAtomicWriteU32(&s->MediaEventStatus, ATA_EVENT_STATUS_UNCHANGED);
3502 ataUnsetIRQ(s);
3503
3504 s->uATARegSelect = 0x20;
3505 ataSetStatusValue(s, ATA_STAT_READY);
3506 ataSetSignature(s);
3507 s->cbTotalTransfer = 0;
3508 s->cbElementaryTransfer = 0;
3509 s->iIOBufferPIODataStart = 0;
3510 s->iIOBufferPIODataEnd = 0;
3511 s->iBeginTransfer = ATAFN_BT_NULL;
3512 s->iSourceSink = ATAFN_SS_NULL;
3513 s->fDMA = false;
3514 s->fATAPITransfer = false;
3515 s->uATATransferMode = ATA_MODE_UDMA | 2; /* PIIX3 supports only up to UDMA2 */
3516
3517 s->uATARegFeature = 0;
3518}
3519
3520
3521static bool ataExecuteDeviceDiagnosticSS(ATADevState *s)
3522{
3523 ataSetSignature(s);
3524 if (s->fATAPI)
3525 ataSetStatusValue(s, 0); /* NOTE: READY is _not_ set */
3526 else
3527 ataSetStatusValue(s, ATA_STAT_READY);
3528 s->uATARegError = 0x01;
3529 return false;
3530}
3531
3532
3533static void ataParseCmd(ATADevState *s, uint8_t cmd)
3534{
3535#ifdef DEBUG
3536 Log(("%s: LUN#%d CMD=%#04x \"%s\"\n", __FUNCTION__, s->iLUN, cmd, ATACmdText(cmd)));
3537#else /* !DEBUG */
3538 Log(("%s: LUN#%d CMD=%#04x\n", __FUNCTION__, s->iLUN, cmd));
3539#endif /* !DEBUG */
3540 s->fLBA48 = false;
3541 s->fDMA = false;
3542 if (cmd == ATA_IDLE_IMMEDIATE)
3543 {
3544 /* Detect Linux timeout recovery, first tries IDLE IMMEDIATE (which
3545 * would overwrite the failing command unfortunately), then RESET. */
3546 int32_t uCmdWait = -1;
3547 uint64_t uNow = RTTimeNanoTS();
3548 if (s->u64CmdTS)
3549 uCmdWait = (uNow - s->u64CmdTS) / 1000;
3550 LogRel(("PIIX3 ATA: LUN#%d: IDLE IMMEDIATE, CmdIf=%#04x (%d usec ago)\n",
3551 s->iLUN, s->uATARegCommand, uCmdWait));
3552 }
3553 s->uATARegCommand = cmd;
3554 switch (cmd)
3555 {
3556 case ATA_IDENTIFY_DEVICE:
3557 if (s->pDrvBlock && !s->fATAPI)
3558 ataStartTransfer(s, 512, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_NULL, ATAFN_SS_IDENTIFY, false);
3559 else
3560 {
3561 if (s->fATAPI)
3562 ataSetSignature(s);
3563 ataCmdError(s, ABRT_ERR);
3564 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3565 }
3566 break;
3567 case ATA_INITIALIZE_DEVICE_PARAMETERS:
3568 case ATA_RECALIBRATE:
3569 ataCmdOK(s, ATA_STAT_SEEK);
3570 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3571 break;
3572 case ATA_SET_MULTIPLE_MODE:
3573 if ( s->uATARegNSector != 0
3574 && ( s->uATARegNSector > ATA_MAX_MULT_SECTORS
3575 || (s->uATARegNSector & (s->uATARegNSector - 1)) != 0))
3576 {
3577 ataCmdError(s, ABRT_ERR);
3578 }
3579 else
3580 {
3581 Log2(("%s: set multi sector count to %d\n", __FUNCTION__, s->uATARegNSector));
3582 s->cMultSectors = s->uATARegNSector;
3583 ataCmdOK(s, 0);
3584 }
3585 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3586 break;
3587 case ATA_READ_VERIFY_SECTORS_EXT:
3588 s->fLBA48 = true;
3589 case ATA_READ_VERIFY_SECTORS:
3590 case ATA_READ_VERIFY_SECTORS_WITHOUT_RETRIES:
3591 /* do sector number check ? */
3592 ataCmdOK(s, 0);
3593 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3594 break;
3595 case ATA_READ_SECTORS_EXT:
3596 s->fLBA48 = true;
3597 case ATA_READ_SECTORS:
3598 case ATA_READ_SECTORS_WITHOUT_RETRIES:
3599 if (!s->pDrvBlock)
3600 goto abort_cmd;
3601 s->cSectorsPerIRQ = 1;
3602 ataStartTransfer(s, ataGetNSectors(s) * 512, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_READ_SECTORS, false);
3603 break;
3604 case ATA_WRITE_SECTORS_EXT:
3605 s->fLBA48 = true;
3606 case ATA_WRITE_SECTORS:
3607 case ATA_WRITE_SECTORS_WITHOUT_RETRIES:
3608 s->cSectorsPerIRQ = 1;
3609 ataStartTransfer(s, ataGetNSectors(s) * 512, PDMBLOCKTXDIR_TO_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_WRITE_SECTORS, false);
3610 break;
3611 case ATA_READ_MULTIPLE_EXT:
3612 s->fLBA48 = true;
3613 case ATA_READ_MULTIPLE:
3614 if (!s->cMultSectors)
3615 goto abort_cmd;
3616 s->cSectorsPerIRQ = s->cMultSectors;
3617 ataStartTransfer(s, ataGetNSectors(s) * 512, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_READ_SECTORS, false);
3618 break;
3619 case ATA_WRITE_MULTIPLE_EXT:
3620 s->fLBA48 = true;
3621 case ATA_WRITE_MULTIPLE:
3622 if (!s->cMultSectors)
3623 goto abort_cmd;
3624 s->cSectorsPerIRQ = s->cMultSectors;
3625 ataStartTransfer(s, ataGetNSectors(s) * 512, PDMBLOCKTXDIR_TO_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_WRITE_SECTORS, false);
3626 break;
3627 case ATA_READ_DMA_EXT:
3628 s->fLBA48 = true;
3629 case ATA_READ_DMA:
3630 case ATA_READ_DMA_WITHOUT_RETRIES:
3631 if (!s->pDrvBlock)
3632 goto abort_cmd;
3633 s->cSectorsPerIRQ = ATA_MAX_MULT_SECTORS;
3634 s->fDMA = true;
3635 ataStartTransfer(s, ataGetNSectors(s) * 512, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_READ_SECTORS, false);
3636 break;
3637 case ATA_WRITE_DMA_EXT:
3638 s->fLBA48 = true;
3639 case ATA_WRITE_DMA:
3640 case ATA_WRITE_DMA_WITHOUT_RETRIES:
3641 if (!s->pDrvBlock)
3642 goto abort_cmd;
3643 s->cSectorsPerIRQ = ATA_MAX_MULT_SECTORS;
3644 s->fDMA = true;
3645 ataStartTransfer(s, ataGetNSectors(s) * 512, PDMBLOCKTXDIR_TO_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_WRITE_SECTORS, false);
3646 break;
3647 case ATA_READ_NATIVE_MAX_ADDRESS_EXT:
3648 s->fLBA48 = true;
3649 ataSetSector(s, s->cTotalSectors - 1);
3650 ataCmdOK(s, 0);
3651 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3652 break;
3653 case ATA_SEEK: /* Used by the SCO OpenServer. Command is marked as obsolete */
3654 ataCmdOK(s, 0);
3655 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3656 break;
3657 case ATA_READ_NATIVE_MAX_ADDRESS:
3658 ataSetSector(s, RT_MIN(s->cTotalSectors, 1 << 28) - 1);
3659 ataCmdOK(s, 0);
3660 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3661 break;
3662 case ATA_CHECK_POWER_MODE:
3663 s->uATARegNSector = 0xff; /* drive active or idle */
3664 ataCmdOK(s, 0);
3665 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3666 break;
3667 case ATA_SET_FEATURES:
3668 Log2(("%s: feature=%#x\n", __FUNCTION__, s->uATARegFeature));
3669 if (!s->pDrvBlock)
3670 goto abort_cmd;
3671 switch (s->uATARegFeature)
3672 {
3673 case 0x02: /* write cache enable */
3674 Log2(("%s: write cache enable\n", __FUNCTION__));
3675 ataCmdOK(s, ATA_STAT_SEEK);
3676 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3677 break;
3678 case 0xaa: /* read look-ahead enable */
3679 Log2(("%s: read look-ahead enable\n", __FUNCTION__));
3680 ataCmdOK(s, ATA_STAT_SEEK);
3681 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3682 break;
3683 case 0x55: /* read look-ahead disable */
3684 Log2(("%s: read look-ahead disable\n", __FUNCTION__));
3685 ataCmdOK(s, ATA_STAT_SEEK);
3686 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3687 break;
3688 case 0xcc: /* reverting to power-on defaults enable */
3689 Log2(("%s: revert to power-on defaults enable\n", __FUNCTION__));
3690 ataCmdOK(s, ATA_STAT_SEEK);
3691 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3692 break;
3693 case 0x66: /* reverting to power-on defaults disable */
3694 Log2(("%s: revert to power-on defaults disable\n", __FUNCTION__));
3695 ataCmdOK(s, ATA_STAT_SEEK);
3696 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3697 break;
3698 case 0x82: /* write cache disable */
3699 Log2(("%s: write cache disable\n", __FUNCTION__));
3700 /* As per the ATA/ATAPI-6 specs, a write cache disable
3701 * command MUST flush the write buffers to disc. */
3702 ataStartTransfer(s, 0, PDMBLOCKTXDIR_NONE, ATAFN_BT_NULL, ATAFN_SS_FLUSH, false);
3703 break;
3704 case 0x03: { /* set transfer mode */
3705 Log2(("%s: transfer mode %#04x\n", __FUNCTION__, s->uATARegNSector));
3706 switch (s->uATARegNSector & 0xf8)
3707 {
3708 case 0x00: /* PIO default */
3709 case 0x08: /* PIO mode */
3710 break;
3711 case ATA_MODE_MDMA: /* MDMA mode */
3712 s->uATATransferMode = (s->uATARegNSector & 0xf8) | RT_MIN(s->uATARegNSector & 0x07, ATA_MDMA_MODE_MAX);
3713 break;
3714 case ATA_MODE_UDMA: /* UDMA mode */
3715 s->uATATransferMode = (s->uATARegNSector & 0xf8) | RT_MIN(s->uATARegNSector & 0x07, ATA_UDMA_MODE_MAX);
3716 break;
3717 default:
3718 goto abort_cmd;
3719 }
3720 ataCmdOK(s, ATA_STAT_SEEK);
3721 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3722 break;
3723 }
3724 default:
3725 goto abort_cmd;
3726 }
3727 /*
3728 * OS/2 workarond:
3729 * The OS/2 IDE driver from MCP2 appears to rely on the feature register being
3730 * reset here. According to the specification, this is a driver bug as the register
3731 * contents are undefined after the call. This means we can just as well reset it.
3732 */
3733 s->uATARegFeature = 0;
3734 break;
3735 case ATA_FLUSH_CACHE_EXT:
3736 case ATA_FLUSH_CACHE:
3737 if (!s->pDrvBlock || s->fATAPI)
3738 goto abort_cmd;
3739 ataStartTransfer(s, 0, PDMBLOCKTXDIR_NONE, ATAFN_BT_NULL, ATAFN_SS_FLUSH, false);
3740 break;
3741 case ATA_STANDBY_IMMEDIATE:
3742 ataCmdOK(s, 0);
3743 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3744 break;
3745 case ATA_IDLE_IMMEDIATE:
3746 LogRel(("PIIX3 ATA: LUN#%d: aborting current command\n", s->iLUN));
3747 ataAbortCurrentCommand(s, false);
3748 break;
3749 case ATA_SLEEP:
3750 ataCmdOK(s, 0);
3751 ataSetIRQ(s);
3752 break;
3753 /* ATAPI commands */
3754 case ATA_IDENTIFY_PACKET_DEVICE:
3755 if (s->fATAPI)
3756 ataStartTransfer(s, 512, PDMBLOCKTXDIR_FROM_DEVICE, ATAFN_BT_NULL, ATAFN_SS_ATAPI_IDENTIFY, false);
3757 else
3758 {
3759 ataCmdError(s, ABRT_ERR);
3760 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3761 }
3762 break;
3763 case ATA_EXECUTE_DEVICE_DIAGNOSTIC:
3764 ataStartTransfer(s, 0, PDMBLOCKTXDIR_NONE, ATAFN_BT_NULL, ATAFN_SS_EXECUTE_DEVICE_DIAGNOSTIC, false);
3765 break;
3766 case ATA_DEVICE_RESET:
3767 if (!s->fATAPI)
3768 goto abort_cmd;
3769 LogRel(("PIIX3 ATA: LUN#%d: performing device RESET\n", s->iLUN));
3770 ataAbortCurrentCommand(s, true);
3771 break;
3772 case ATA_PACKET:
3773 if (!s->fATAPI)
3774 goto abort_cmd;
3775 /* overlapping commands not supported */
3776 if (s->uATARegFeature & 0x02)
3777 goto abort_cmd;
3778 ataStartTransfer(s, ATAPI_PACKET_SIZE, PDMBLOCKTXDIR_TO_DEVICE, ATAFN_BT_PACKET, ATAFN_SS_PACKET, false);
3779 break;
3780 default:
3781 abort_cmd:
3782 ataCmdError(s, ABRT_ERR);
3783 ataSetIRQ(s); /* Shortcut, do not use AIO thread. */
3784 break;
3785 }
3786}
3787
3788#endif /* IN_RING3 */
3789
3790static int ataIOPortWriteU8(PATACONTROLLER pCtl, uint32_t addr, uint32_t val)
3791{
3792 Log2(("%s: write addr=%#x val=%#04x\n", __FUNCTION__, addr, val));
3793 addr &= 7;
3794 switch (addr)
3795 {
3796 case 0:
3797 break;
3798 case 1: /* feature register */
3799 /* NOTE: data is written to the two drives */
3800 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3801 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3802 pCtl->aIfs[0].uATARegFeatureHOB = pCtl->aIfs[0].uATARegFeature;
3803 pCtl->aIfs[1].uATARegFeatureHOB = pCtl->aIfs[1].uATARegFeature;
3804 pCtl->aIfs[0].uATARegFeature = val;
3805 pCtl->aIfs[1].uATARegFeature = val;
3806 break;
3807 case 2: /* sector count */
3808 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3809 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3810 pCtl->aIfs[0].uATARegNSectorHOB = pCtl->aIfs[0].uATARegNSector;
3811 pCtl->aIfs[1].uATARegNSectorHOB = pCtl->aIfs[1].uATARegNSector;
3812 pCtl->aIfs[0].uATARegNSector = val;
3813 pCtl->aIfs[1].uATARegNSector = val;
3814 break;
3815 case 3: /* sector number */
3816 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3817 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3818 pCtl->aIfs[0].uATARegSectorHOB = pCtl->aIfs[0].uATARegSector;
3819 pCtl->aIfs[1].uATARegSectorHOB = pCtl->aIfs[1].uATARegSector;
3820 pCtl->aIfs[0].uATARegSector = val;
3821 pCtl->aIfs[1].uATARegSector = val;
3822 break;
3823 case 4: /* cylinder low */
3824 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3825 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3826 pCtl->aIfs[0].uATARegLCylHOB = pCtl->aIfs[0].uATARegLCyl;
3827 pCtl->aIfs[1].uATARegLCylHOB = pCtl->aIfs[1].uATARegLCyl;
3828 pCtl->aIfs[0].uATARegLCyl = val;
3829 pCtl->aIfs[1].uATARegLCyl = val;
3830 break;
3831 case 5: /* cylinder high */
3832 pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3833 pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB;
3834 pCtl->aIfs[0].uATARegHCylHOB = pCtl->aIfs[0].uATARegHCyl;
3835 pCtl->aIfs[1].uATARegHCylHOB = pCtl->aIfs[1].uATARegHCyl;
3836 pCtl->aIfs[0].uATARegHCyl = val;
3837 pCtl->aIfs[1].uATARegHCyl = val;
3838 break;
3839 case 6: /* drive/head */
3840 pCtl->aIfs[0].uATARegSelect = (val & ~0x10) | 0xa0;
3841 pCtl->aIfs[1].uATARegSelect = (val | 0x10) | 0xa0;
3842 if (((val >> 4) & 1) != pCtl->iSelectedIf)
3843 {
3844 PPDMDEVINS pDevIns = CONTROLLER_2_DEVINS(pCtl);
3845
3846 /* select another drive */
3847 pCtl->iSelectedIf = (val >> 4) & 1;
3848 /* The IRQ line is multiplexed between the two drives, so
3849 * update the state when switching to another drive. Only need
3850 * to update interrupt line if it is enabled and there is a
3851 * state change. */
3852 if ( !(pCtl->aIfs[pCtl->iSelectedIf].uATARegDevCtl & ATA_DEVCTL_DISABLE_IRQ)
3853 && ( pCtl->aIfs[pCtl->iSelectedIf].fIrqPending
3854 != pCtl->aIfs[pCtl->iSelectedIf ^ 1].fIrqPending))
3855 {
3856 if (pCtl->aIfs[pCtl->iSelectedIf].fIrqPending)
3857 {
3858 Log2(("%s: LUN#%d asserting IRQ (drive select change)\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf].iLUN));
3859 /* The BMDMA unit unconditionally sets BM_STATUS_INT if
3860 * the interrupt line is asserted. It monitors the line
3861 * for a rising edge. */
3862 pCtl->BmDma.u8Status |= BM_STATUS_INT;
3863 if (pCtl->irq == 16)
3864 PDMDevHlpPCISetIrqNoWait(pDevIns, 0, 1);
3865 else
3866 PDMDevHlpISASetIrqNoWait(pDevIns, pCtl->irq, 1);
3867 }
3868 else
3869 {
3870 Log2(("%s: LUN#%d deasserting IRQ (drive select change)\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf].iLUN));
3871 if (pCtl->irq == 16)
3872 PDMDevHlpPCISetIrqNoWait(pDevIns, 0, 0);
3873 else
3874 PDMDevHlpISASetIrqNoWait(pDevIns, pCtl->irq, 0);
3875 }
3876 }
3877 }
3878 break;
3879 default:
3880 case 7: /* command */
3881 /* ignore commands to non existant slave */
3882 if (pCtl->iSelectedIf && !pCtl->aIfs[pCtl->iSelectedIf].pDrvBlock)
3883 break;
3884#ifndef IN_RING3
3885 /* Don't do anything complicated in GC */
3886 return VINF_IOM_HC_IOPORT_WRITE;
3887#else /* IN_RING3 */
3888 ataParseCmd(&pCtl->aIfs[pCtl->iSelectedIf], val);
3889#endif /* !IN_RING3 */
3890 }
3891 return VINF_SUCCESS;
3892}
3893
3894
3895static int ataIOPortReadU8(PATACONTROLLER pCtl, uint32_t addr, uint32_t *pu32)
3896{
3897 ATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
3898 uint32_t val;
3899 bool fHOB;
3900
3901 fHOB = !!(s->uATARegDevCtl & (1 << 7));
3902 switch (addr & 7)
3903 {
3904 case 0: /* data register */
3905 val = 0xff;
3906 break;
3907 case 1: /* error register */
3908 /* The ATA specification is very terse when it comes to specifying
3909 * the precise effects of reading back the error/feature register.
3910 * The error register (read-only) shares the register number with
3911 * the feature register (write-only), so it seems that it's not
3912 * necessary to support the usual HOB readback here. */
3913 if (!s->pDrvBlock)
3914 val = 0;
3915 else
3916 val = s->uATARegError;
3917 break;
3918 case 2: /* sector count */
3919 if (!s->pDrvBlock)
3920 val = 0;
3921 else if (fHOB)
3922 val = s->uATARegNSectorHOB;
3923 else
3924 val = s->uATARegNSector;
3925 break;
3926 case 3: /* sector number */
3927 if (!s->pDrvBlock)
3928 val = 0;
3929 else if (fHOB)
3930 val = s->uATARegSectorHOB;
3931 else
3932 val = s->uATARegSector;
3933 break;
3934 case 4: /* cylinder low */
3935 if (!s->pDrvBlock)
3936 val = 0;
3937 else if (fHOB)
3938 val = s->uATARegLCylHOB;
3939 else
3940 val = s->uATARegLCyl;
3941 break;
3942 case 5: /* cylinder high */
3943 if (!s->pDrvBlock)
3944 val = 0;
3945 else if (fHOB)
3946 val = s->uATARegHCylHOB;
3947 else
3948 val = s->uATARegHCyl;
3949 break;
3950 case 6: /* drive/head */
3951 /* This register must always work as long as there is at least
3952 * one drive attached to the controller. It is common between
3953 * both drives anyway (completely identical content). */
3954 if (!pCtl->aIfs[0].pDrvBlock && !pCtl->aIfs[1].pDrvBlock)
3955 val = 0;
3956 else
3957 val = s->uATARegSelect;
3958 break;
3959 default:
3960 case 7: /* primary status */
3961 {
3962 /* Counter for number of busy status seen in GC in a row. */
3963 static unsigned cBusy = 0;
3964
3965 if (!s->pDrvBlock)
3966 val = 0;
3967 else
3968 val = s->uATARegStatus;
3969
3970 /* Give the async I/O thread an opportunity to make progress,
3971 * don't let it starve by guests polling frequently. EMT has a
3972 * lower priority than the async I/O thread, but sometimes the
3973 * host OS doesn't care. With some guests we are only allowed to
3974 * be busy for about 5 milliseconds in some situations. Note that
3975 * this is no guarantee for any other VBox thread getting
3976 * scheduled, so this just lowers the CPU load a bit when drives
3977 * are busy. It cannot help with timing problems. */
3978 if (val & ATA_STAT_BUSY)
3979 {
3980#ifdef IN_RING3
3981 cBusy = 0;
3982 PDMCritSectLeave(&pCtl->lock);
3983
3984#ifndef RT_OS_WINDOWS
3985 /*
3986 * The thread might be stuck in an I/O operation
3987 * due to a high I/O load on the host. (see @bugref{3301})
3988 * To perform the reset successfully
3989 * we interrupt the operation by sending a signal to the thread
3990 * if the thread didn't responded in 10ms.
3991 * This works only on POSIX hosts (Windows has a CancelSynchronousIo function which
3992 * does the same but it was introduced with Vista) but so far
3993 * this hang was only observed on Linux and Mac OS X.
3994 *
3995 * This is a workaround and needs to be solved properly.
3996 */
3997 if (pCtl->fReset)
3998 {
3999 uint64_t u64ResetTimeStop = RTTimeMilliTS();
4000
4001 if ((u64ResetTimeStop - pCtl->u64ResetTime) >= 10)
4002 {
4003 LogRel(("PIIX3 ATA: Async I/O thread probably stuck in operation, interrupting\n"));
4004 pCtl->u64ResetTime = u64ResetTimeStop;
4005 RTThreadPoke(pCtl->AsyncIOThread);
4006 }
4007 }
4008#endif
4009
4010 RTThreadYield();
4011
4012 {
4013 STAM_PROFILE_START(&pCtl->StatLockWait, a);
4014 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
4015 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
4016 }
4017
4018 val = s->uATARegStatus;
4019#else /* !IN_RING3 */
4020 /* Cannot yield CPU in guest context. And switching to host
4021 * context for each and every busy status is too costly,
4022 * especially on SMP systems where we don't gain much by
4023 * yielding the CPU to someone else. */
4024 if (++cBusy >= 20)
4025 {
4026 cBusy = 0;
4027 return VINF_IOM_HC_IOPORT_READ;
4028 }
4029#endif /* !IN_RING3 */
4030 }
4031 else
4032 cBusy = 0;
4033 ataUnsetIRQ(s);
4034 break;
4035 }
4036 }
4037 Log2(("%s: addr=%#x val=%#04x\n", __FUNCTION__, addr, val));
4038 *pu32 = val;
4039 return VINF_SUCCESS;
4040}
4041
4042
4043static uint32_t ataStatusRead(PATACONTROLLER pCtl, uint32_t addr)
4044{
4045 ATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
4046 uint32_t val;
4047
4048 if ((!pCtl->aIfs[0].pDrvBlock && !pCtl->aIfs[1].pDrvBlock) ||
4049 (pCtl->iSelectedIf == 1 && !s->pDrvBlock))
4050 val = 0;
4051 else
4052 val = s->uATARegStatus;
4053 Log2(("%s: addr=%#x val=%#04x\n", __FUNCTION__, addr, val));
4054 return val;
4055}
4056
4057static int ataControlWrite(PATACONTROLLER pCtl, uint32_t addr, uint32_t val)
4058{
4059#ifndef IN_RING3
4060 if ((val ^ pCtl->aIfs[0].uATARegDevCtl) & ATA_DEVCTL_RESET)
4061 return VINF_IOM_HC_IOPORT_WRITE; /* The RESET stuff is too complicated for GC. */
4062#endif /* !IN_RING3 */
4063
4064 Log2(("%s: addr=%#x val=%#04x\n", __FUNCTION__, addr, val));
4065 /* RESET is common for both drives attached to a controller. */
4066 if (!(pCtl->aIfs[0].uATARegDevCtl & ATA_DEVCTL_RESET) &&
4067 (val & ATA_DEVCTL_RESET))
4068 {
4069#ifdef IN_RING3
4070 /* Software RESET low to high */
4071 int32_t uCmdWait0 = -1, uCmdWait1 = -1;
4072 uint64_t uNow = RTTimeNanoTS();
4073 if (pCtl->aIfs[0].u64CmdTS)
4074 uCmdWait0 = (uNow - pCtl->aIfs[0].u64CmdTS) / 1000;
4075 if (pCtl->aIfs[1].u64CmdTS)
4076 uCmdWait1 = (uNow - pCtl->aIfs[1].u64CmdTS) / 1000;
4077 LogRel(("PIIX3 ATA: Ctl#%d: RESET, DevSel=%d AIOIf=%d CmdIf0=%#04x (%d usec ago) CmdIf1=%#04x (%d usec ago)\n",
4078 ATACONTROLLER_IDX(pCtl), pCtl->iSelectedIf, pCtl->iAIOIf,
4079 pCtl->aIfs[0].uATARegCommand, uCmdWait0,
4080 pCtl->aIfs[1].uATARegCommand, uCmdWait1));
4081 pCtl->fReset = true;
4082 /* Everything must be done after the reset flag is set, otherwise
4083 * there are unavoidable races with the currently executing request
4084 * (which might just finish in the mean time). */
4085 pCtl->fChainedTransfer = false;
4086 for (uint32_t i = 0; i < RT_ELEMENTS(pCtl->aIfs); i++)
4087 {
4088 ataResetDevice(&pCtl->aIfs[i]);
4089 /* The following cannot be done using ataSetStatusValue() since the
4090 * reset flag is already set, which suppresses all status changes. */
4091 pCtl->aIfs[i].uATARegStatus = ATA_STAT_BUSY | ATA_STAT_SEEK;
4092 Log2(("%s: LUN#%d status %#04x\n", __FUNCTION__, pCtl->aIfs[i].iLUN, pCtl->aIfs[i].uATARegStatus));
4093 pCtl->aIfs[i].uATARegError = 0x01;
4094 }
4095 ataAsyncIOClearRequests(pCtl);
4096 Log2(("%s: Ctl#%d: message to async I/O thread, resetA\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
4097 if (val & ATA_DEVCTL_HOB)
4098 {
4099 val &= ~ATA_DEVCTL_HOB;
4100 Log2(("%s: ignored setting HOB\n", __FUNCTION__));
4101 }
4102
4103 /* Save the timestamp we started the reset. */
4104 pCtl->u64ResetTime = RTTimeMilliTS();
4105
4106 /* Issue the reset request now. */
4107 ataAsyncIOPutRequest(pCtl, &g_ataResetARequest);
4108#else /* !IN_RING3 */
4109 AssertMsgFailed(("RESET handling is too complicated for GC\n"));
4110#endif /* IN_RING3 */
4111 }
4112 else if ((pCtl->aIfs[0].uATARegDevCtl & ATA_DEVCTL_RESET) &&
4113 !(val & ATA_DEVCTL_RESET))
4114 {
4115#ifdef IN_RING3
4116 /* Software RESET high to low */
4117 Log(("%s: deasserting RESET\n", __FUNCTION__));
4118 Log2(("%s: Ctl#%d: message to async I/O thread, resetC\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
4119 if (val & ATA_DEVCTL_HOB)
4120 {
4121 val &= ~ATA_DEVCTL_HOB;
4122 Log2(("%s: ignored setting HOB\n", __FUNCTION__));
4123 }
4124 ataAsyncIOPutRequest(pCtl, &g_ataResetCRequest);
4125#else /* !IN_RING3 */
4126 AssertMsgFailed(("RESET handling is too complicated for GC\n"));
4127#endif /* IN_RING3 */
4128 }
4129
4130 /* Change of interrupt disable flag. Update interrupt line if interrupt
4131 * is pending on the current interface. */
4132 if ((val ^ pCtl->aIfs[0].uATARegDevCtl) & ATA_DEVCTL_DISABLE_IRQ
4133 && pCtl->aIfs[pCtl->iSelectedIf].fIrqPending)
4134 {
4135 if (!(val & ATA_DEVCTL_DISABLE_IRQ))
4136 {
4137 Log2(("%s: LUN#%d asserting IRQ (interrupt disable change)\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf].iLUN));
4138 /* The BMDMA unit unconditionally sets BM_STATUS_INT if the
4139 * interrupt line is asserted. It monitors the line for a rising
4140 * edge. */
4141 pCtl->BmDma.u8Status |= BM_STATUS_INT;
4142 if (pCtl->irq == 16)
4143 PDMDevHlpPCISetIrqNoWait(CONTROLLER_2_DEVINS(pCtl), 0, 1);
4144 else
4145 PDMDevHlpISASetIrqNoWait(CONTROLLER_2_DEVINS(pCtl), pCtl->irq, 1);
4146 }
4147 else
4148 {
4149 Log2(("%s: LUN#%d deasserting IRQ (interrupt disable change)\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf].iLUN));
4150 if (pCtl->irq == 16)
4151 PDMDevHlpPCISetIrqNoWait(CONTROLLER_2_DEVINS(pCtl), 0, 0);
4152 else
4153 PDMDevHlpISASetIrqNoWait(CONTROLLER_2_DEVINS(pCtl), pCtl->irq, 0);
4154 }
4155 }
4156
4157 if (val & ATA_DEVCTL_HOB)
4158 Log2(("%s: set HOB\n", __FUNCTION__));
4159
4160 pCtl->aIfs[0].uATARegDevCtl = val;
4161 pCtl->aIfs[1].uATARegDevCtl = val;
4162
4163 return VINF_SUCCESS;
4164}
4165
4166#ifdef IN_RING3
4167
4168static void ataPIOTransfer(PATACONTROLLER pCtl)
4169{
4170 ATADevState *s;
4171
4172 s = &pCtl->aIfs[pCtl->iAIOIf];
4173 Log3(("%s: if=%p\n", __FUNCTION__, s));
4174
4175 if (s->cbTotalTransfer && s->iIOBufferCur > s->iIOBufferEnd)
4176 {
4177 LogRel(("PIIX3 ATA: LUN#%d: %s data in the middle of a PIO transfer - VERY SLOW\n", s->iLUN, s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE ? "loading" : "storing"));
4178 /* Any guest OS that triggers this case has a pathetic ATA driver.
4179 * In a real system it would block the CPU via IORDY, here we do it
4180 * very similarly by not continuing with the current instruction
4181 * until the transfer to/from the storage medium is completed. */
4182 if (s->iSourceSink != ATAFN_SS_NULL)
4183 {
4184 bool fRedo;
4185 uint8_t status = s->uATARegStatus;
4186 ataSetStatusValue(s, ATA_STAT_BUSY);
4187 Log2(("%s: calling source/sink function\n", __FUNCTION__));
4188 fRedo = g_apfnSourceSinkFuncs[s->iSourceSink](s);
4189 pCtl->fRedo = fRedo;
4190 if (RT_UNLIKELY(fRedo))
4191 return;
4192 ataSetStatusValue(s, status);
4193 s->iIOBufferCur = 0;
4194 s->iIOBufferEnd = s->cbElementaryTransfer;
4195 }
4196 }
4197 if (s->cbTotalTransfer)
4198 {
4199 if (s->fATAPITransfer)
4200 ataPIOTransferLimitATAPI(s);
4201
4202 if (s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE && s->cbElementaryTransfer > s->cbTotalTransfer)
4203 s->cbElementaryTransfer = s->cbTotalTransfer;
4204
4205 Log2(("%s: %s tx_size=%d elem_tx_size=%d index=%d end=%d\n",
4206 __FUNCTION__, s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE ? "T2I" : "I2T",
4207 s->cbTotalTransfer, s->cbElementaryTransfer,
4208 s->iIOBufferCur, s->iIOBufferEnd));
4209 ataPIOTransferStart(s, s->iIOBufferCur, s->cbElementaryTransfer);
4210 s->cbTotalTransfer -= s->cbElementaryTransfer;
4211 s->iIOBufferCur += s->cbElementaryTransfer;
4212
4213 if (s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE && s->cbElementaryTransfer > s->cbTotalTransfer)
4214 s->cbElementaryTransfer = s->cbTotalTransfer;
4215 }
4216 else
4217 ataPIOTransferStop(s);
4218}
4219
4220
4221DECLINLINE(void) ataPIOTransferFinish(PATACONTROLLER pCtl, ATADevState *s)
4222{
4223 /* Do not interfere with RESET processing if the PIO transfer finishes
4224 * while the RESET line is asserted. */
4225 if (pCtl->fReset)
4226 {
4227 Log2(("%s: Ctl#%d: suppressed continuing PIO transfer as RESET is active\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
4228 return;
4229 }
4230
4231 if ( s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE
4232 || ( s->iSourceSink != ATAFN_SS_NULL
4233 && s->iIOBufferCur >= s->iIOBufferEnd))
4234 {
4235 /* Need to continue the transfer in the async I/O thread. This is
4236 * the case for write operations or generally for not yet finished
4237 * transfers (some data might need to be read). */
4238 ataUnsetStatus(s, ATA_STAT_READY | ATA_STAT_DRQ);
4239 ataSetStatus(s, ATA_STAT_BUSY);
4240
4241 Log2(("%s: Ctl#%d: message to async I/O thread, continuing PIO transfer\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
4242 ataAsyncIOPutRequest(pCtl, &g_ataPIORequest);
4243 }
4244 else
4245 {
4246 /* Either everything finished (though some data might still be pending)
4247 * or some data is pending before the next read is due. */
4248
4249 /* Continue a previously started transfer. */
4250 ataUnsetStatus(s, ATA_STAT_DRQ);
4251 ataSetStatus(s, ATA_STAT_READY);
4252
4253 if (s->cbTotalTransfer)
4254 {
4255 /* There is more to transfer, happens usually for large ATAPI
4256 * reads - the protocol limits the chunk size to 65534 bytes. */
4257 ataPIOTransfer(pCtl);
4258 ataSetIRQ(s);
4259 }
4260 else
4261 {
4262 Log2(("%s: Ctl#%d: skipping message to async I/O thread, ending PIO transfer\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
4263 /* Finish PIO transfer. */
4264 ataPIOTransfer(pCtl);
4265 Assert(!pCtl->fRedo);
4266 }
4267 }
4268}
4269
4270#endif /* IN_RING3 */
4271
4272static int ataDataWrite(PATACONTROLLER pCtl, uint32_t addr, uint32_t cbSize, const uint8_t *pbBuf)
4273{
4274 ATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
4275 uint8_t *p;
4276
4277 if (s->iIOBufferPIODataStart < s->iIOBufferPIODataEnd)
4278 {
4279 Assert(s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE);
4280 p = s->CTX_SUFF(pbIOBuffer) + s->iIOBufferPIODataStart;
4281#ifndef IN_RING3
4282 /* All but the last transfer unit is simple enough for GC, but
4283 * sending a request to the async IO thread is too complicated. */
4284 if (s->iIOBufferPIODataStart + cbSize < s->iIOBufferPIODataEnd)
4285 {
4286 memcpy(p, pbBuf, cbSize);
4287 s->iIOBufferPIODataStart += cbSize;
4288 }
4289 else
4290 return VINF_IOM_HC_IOPORT_WRITE;
4291#else /* IN_RING3 */
4292 memcpy(p, pbBuf, cbSize);
4293 s->iIOBufferPIODataStart += cbSize;
4294 if (s->iIOBufferPIODataStart >= s->iIOBufferPIODataEnd)
4295 ataPIOTransferFinish(pCtl, s);
4296#endif /* !IN_RING3 */
4297 }
4298 else
4299 Log2(("%s: DUMMY data\n", __FUNCTION__));
4300 Log3(("%s: addr=%#x val=%.*Rhxs\n", __FUNCTION__, addr, cbSize, pbBuf));
4301 return VINF_SUCCESS;
4302}
4303
4304static int ataDataRead(PATACONTROLLER pCtl, uint32_t addr, uint32_t cbSize, uint8_t *pbBuf)
4305{
4306 ATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
4307 uint8_t *p;
4308
4309 if (s->iIOBufferPIODataStart < s->iIOBufferPIODataEnd)
4310 {
4311 Assert(s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE);
4312 p = s->CTX_SUFF(pbIOBuffer) + s->iIOBufferPIODataStart;
4313#ifndef IN_RING3
4314 /* All but the last transfer unit is simple enough for GC, but
4315 * sending a request to the async IO thread is too complicated. */
4316 if (s->iIOBufferPIODataStart + cbSize < s->iIOBufferPIODataEnd)
4317 {
4318 memcpy(pbBuf, p, cbSize);
4319 s->iIOBufferPIODataStart += cbSize;
4320 }
4321 else
4322 return VINF_IOM_HC_IOPORT_READ;
4323#else /* IN_RING3 */
4324 memcpy(pbBuf, p, cbSize);
4325 s->iIOBufferPIODataStart += cbSize;
4326 if (s->iIOBufferPIODataStart >= s->iIOBufferPIODataEnd)
4327 ataPIOTransferFinish(pCtl, s);
4328#endif /* !IN_RING3 */
4329 }
4330 else
4331 {
4332 Log2(("%s: DUMMY data\n", __FUNCTION__));
4333 memset(pbBuf, '\xff', cbSize);
4334 }
4335 Log3(("%s: addr=%#x val=%.*Rhxs\n", __FUNCTION__, addr, cbSize, pbBuf));
4336 return VINF_SUCCESS;
4337}
4338
4339#ifdef IN_RING3
4340
4341static void ataDMATransferStop(ATADevState *s)
4342{
4343 s->cbTotalTransfer = 0;
4344 s->cbElementaryTransfer = 0;
4345 s->iBeginTransfer = ATAFN_BT_NULL;
4346 s->iSourceSink = ATAFN_SS_NULL;
4347}
4348
4349
4350/**
4351 * Perform the entire DMA transfer in one go (unless a source/sink operation
4352 * has to be redone or a RESET comes in between). Unlike the PIO counterpart
4353 * this function cannot handle empty transfers.
4354 *
4355 * @param pCtl Controller for which to perform the transfer.
4356 */
4357static void ataDMATransfer(PATACONTROLLER pCtl)
4358{
4359 PPDMDEVINS pDevIns = CONTROLLER_2_DEVINS(pCtl);
4360 ATADevState *s = &pCtl->aIfs[pCtl->iAIOIf];
4361 bool fRedo;
4362 RTGCPHYS32 pDesc;
4363 uint32_t cbTotalTransfer, cbElementaryTransfer;
4364 uint32_t iIOBufferCur, iIOBufferEnd;
4365 uint32_t dmalen;
4366 PDMBLOCKTXDIR uTxDir;
4367 bool fLastDesc = false;
4368
4369 Assert(sizeof(BMDMADesc) == 8);
4370
4371 fRedo = pCtl->fRedo;
4372 if (RT_LIKELY(!fRedo))
4373 Assert(s->cbTotalTransfer);
4374 uTxDir = (PDMBLOCKTXDIR)s->uTxDir;
4375 cbTotalTransfer = s->cbTotalTransfer;
4376 cbElementaryTransfer = s->cbElementaryTransfer;
4377 iIOBufferCur = s->iIOBufferCur;
4378 iIOBufferEnd = s->iIOBufferEnd;
4379
4380 /* The DMA loop is designed to hold the lock only when absolutely
4381 * necessary. This avoids long freezes should the guest access the
4382 * ATA registers etc. for some reason. */
4383 PDMCritSectLeave(&pCtl->lock);
4384
4385 Log2(("%s: %s tx_size=%d elem_tx_size=%d index=%d end=%d\n",
4386 __FUNCTION__, uTxDir == PDMBLOCKTXDIR_FROM_DEVICE ? "T2I" : "I2T",
4387 cbTotalTransfer, cbElementaryTransfer,
4388 iIOBufferCur, iIOBufferEnd));
4389 for (pDesc = pCtl->pFirstDMADesc; pDesc <= pCtl->pLastDMADesc; pDesc += sizeof(BMDMADesc))
4390 {
4391 BMDMADesc DMADesc;
4392 RTGCPHYS32 pBuffer;
4393 uint32_t cbBuffer;
4394
4395 if (RT_UNLIKELY(fRedo))
4396 {
4397 pBuffer = pCtl->pRedoDMABuffer;
4398 cbBuffer = pCtl->cbRedoDMABuffer;
4399 fLastDesc = pCtl->fRedoDMALastDesc;
4400 }
4401 else
4402 {
4403 PDMDevHlpPhysRead(pDevIns, pDesc, &DMADesc, sizeof(BMDMADesc));
4404 pBuffer = RT_LE2H_U32(DMADesc.pBuffer);
4405 cbBuffer = RT_LE2H_U32(DMADesc.cbBuffer);
4406 fLastDesc = !!(cbBuffer & 0x80000000);
4407 cbBuffer &= 0xfffe;
4408 if (cbBuffer == 0)
4409 cbBuffer = 0x10000;
4410 if (cbBuffer > cbTotalTransfer)
4411 cbBuffer = cbTotalTransfer;
4412 }
4413
4414 while (RT_UNLIKELY(fRedo) || (cbBuffer && cbTotalTransfer))
4415 {
4416 if (RT_LIKELY(!fRedo))
4417 {
4418 dmalen = RT_MIN(cbBuffer, iIOBufferEnd - iIOBufferCur);
4419 Log2(("%s: DMA desc %#010x: addr=%#010x size=%#010x\n", __FUNCTION__,
4420 (int)pDesc, pBuffer, cbBuffer));
4421 if (uTxDir == PDMBLOCKTXDIR_FROM_DEVICE)
4422 PDMDevHlpPhysWrite(pDevIns, pBuffer, s->CTX_SUFF(pbIOBuffer) + iIOBufferCur, dmalen);
4423 else
4424 PDMDevHlpPhysRead(pDevIns, pBuffer, s->CTX_SUFF(pbIOBuffer) + iIOBufferCur, dmalen);
4425 iIOBufferCur += dmalen;
4426 cbTotalTransfer -= dmalen;
4427 cbBuffer -= dmalen;
4428 pBuffer += dmalen;
4429 }
4430 if ( iIOBufferCur == iIOBufferEnd
4431 && (uTxDir == PDMBLOCKTXDIR_TO_DEVICE || cbTotalTransfer))
4432 {
4433 if (uTxDir == PDMBLOCKTXDIR_FROM_DEVICE && cbElementaryTransfer > cbTotalTransfer)
4434 cbElementaryTransfer = cbTotalTransfer;
4435
4436 {
4437 STAM_PROFILE_START(&pCtl->StatLockWait, a);
4438 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
4439 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
4440 }
4441
4442 /* The RESET handler could have cleared the DMA transfer
4443 * state (since we didn't hold the lock until just now
4444 * the guest can continue in parallel). If so, the state
4445 * is already set up so the loop is exited immediately. */
4446 if (s->iSourceSink != ATAFN_SS_NULL)
4447 {
4448 s->iIOBufferCur = iIOBufferCur;
4449 s->iIOBufferEnd = iIOBufferEnd;
4450 s->cbElementaryTransfer = cbElementaryTransfer;
4451 s->cbTotalTransfer = cbTotalTransfer;
4452 Log2(("%s: calling source/sink function\n", __FUNCTION__));
4453 fRedo = g_apfnSourceSinkFuncs[s->iSourceSink](s);
4454 if (RT_UNLIKELY(fRedo))
4455 {
4456 pCtl->pFirstDMADesc = pDesc;
4457 pCtl->pRedoDMABuffer = pBuffer;
4458 pCtl->cbRedoDMABuffer = cbBuffer;
4459 pCtl->fRedoDMALastDesc = fLastDesc;
4460 }
4461 else
4462 {
4463 cbTotalTransfer = s->cbTotalTransfer;
4464 cbElementaryTransfer = s->cbElementaryTransfer;
4465
4466 if (uTxDir == PDMBLOCKTXDIR_TO_DEVICE && cbElementaryTransfer > cbTotalTransfer)
4467 cbElementaryTransfer = cbTotalTransfer;
4468 iIOBufferCur = 0;
4469 iIOBufferEnd = cbElementaryTransfer;
4470 }
4471 pCtl->fRedo = fRedo;
4472 }
4473 else
4474 {
4475 /* This forces the loop to exit immediately. */
4476 pDesc = pCtl->pLastDMADesc + 1;
4477 }
4478
4479 PDMCritSectLeave(&pCtl->lock);
4480 if (RT_UNLIKELY(fRedo))
4481 break;
4482 }
4483 }
4484
4485 if (RT_UNLIKELY(fRedo))
4486 break;
4487
4488 /* end of transfer */
4489 if (!cbTotalTransfer || fLastDesc)
4490 break;
4491
4492 {
4493 STAM_PROFILE_START(&pCtl->StatLockWait, a);
4494 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
4495 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
4496 }
4497
4498 if (!(pCtl->BmDma.u8Cmd & BM_CMD_START) || pCtl->fReset)
4499 {
4500 LogRel(("PIIX3 ATA: Ctl#%d: ABORT DMA%s\n", ATACONTROLLER_IDX(pCtl), pCtl->fReset ? " due to RESET" : ""));
4501 if (!pCtl->fReset)
4502 ataDMATransferStop(s);
4503 /* This forces the loop to exit immediately. */
4504 pDesc = pCtl->pLastDMADesc + 1;
4505 }
4506
4507 PDMCritSectLeave(&pCtl->lock);
4508 }
4509
4510 {
4511 STAM_PROFILE_START(&pCtl->StatLockWait, a);
4512 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
4513 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
4514 }
4515
4516 if (RT_UNLIKELY(fRedo))
4517 return;
4518
4519 if (fLastDesc)
4520 pCtl->BmDma.u8Status &= ~BM_STATUS_DMAING;
4521 s->cbTotalTransfer = cbTotalTransfer;
4522 s->cbElementaryTransfer = cbElementaryTransfer;
4523 s->iIOBufferCur = iIOBufferCur;
4524 s->iIOBufferEnd = iIOBufferEnd;
4525}
4526
4527/**
4528 * Signal PDM that we're idle (if we actually are).
4529 *
4530 * @param pCtl The controller.
4531 */
4532static void ataR3AsyncSignalIdle(PATACONTROLLER pCtl)
4533{
4534 /*
4535 * Take the mutex here and recheck the idle indicator to avoid
4536 * unnecessary work and racing ataR3WaitForAsyncIOIsIdle.
4537 */
4538 int rc = RTSemMutexRequest(pCtl->AsyncIORequestMutex, RT_INDEFINITE_WAIT); AssertRC(rc);
4539
4540 if ( pCtl->fSignalIdle
4541 && ataAsyncIOIsIdle(pCtl, false /*fStrict*/))
4542 {
4543 PDMDevHlpAsyncNotificationCompleted(pCtl->pDevInsR3);
4544 RTThreadUserSignal(pCtl->AsyncIOThread); /* for ataR3Construct/ataR3ResetCommon. */
4545 }
4546
4547 rc = RTSemMutexRelease(pCtl->AsyncIORequestMutex); AssertRC(rc);
4548}
4549
4550/** Asynch I/O thread for an interface. Once upon a time this was readable
4551 * code with several loops and a different semaphore for each purpose. But
4552 * then came the "how can one save the state in the middle of a PIO transfer"
4553 * question. The solution was to use an ASM, which is what's there now. */
4554static DECLCALLBACK(int) ataAsyncIOLoop(RTTHREAD ThreadSelf, void *pvUser)
4555{
4556 const ATARequest *pReq;
4557 uint64_t u64TS = 0; /* shut up gcc */
4558 uint64_t uWait;
4559 int rc = VINF_SUCCESS;
4560 PATACONTROLLER pCtl = (PATACONTROLLER)pvUser;
4561 ATADevState *s;
4562
4563 pReq = NULL;
4564 pCtl->fChainedTransfer = false;
4565 while (!pCtl->fShutdown)
4566 {
4567 /* Keep this thread from doing anything as long as EMT is suspended. */
4568 while (pCtl->fRedoIdle)
4569 {
4570 if (pCtl->fSignalIdle)
4571 ataR3AsyncSignalIdle(pCtl);
4572 rc = RTSemEventWait(pCtl->SuspendIOSem, RT_INDEFINITE_WAIT);
4573 /* Continue if we got a signal by RTThreadPoke().
4574 * We will get notified if there is a request to process.
4575 */
4576 if (RT_UNLIKELY(rc == VERR_INTERRUPTED))
4577 continue;
4578 if (RT_FAILURE(rc) || pCtl->fShutdown)
4579 break;
4580
4581 pCtl->fRedoIdle = false;
4582 }
4583
4584 /* Wait for work. */
4585 while (pReq == NULL)
4586 {
4587 if (pCtl->fSignalIdle)
4588 ataR3AsyncSignalIdle(pCtl);
4589 rc = RTSemEventWait(pCtl->AsyncIOSem, RT_INDEFINITE_WAIT);
4590 /* Continue if we got a signal by RTThreadPoke().
4591 * We will get notified if there is a request to process.
4592 */
4593 if (RT_UNLIKELY(rc == VERR_INTERRUPTED))
4594 continue;
4595 if (RT_FAILURE(rc) || RT_UNLIKELY(pCtl->fShutdown))
4596 break;
4597
4598 pReq = ataAsyncIOGetCurrentRequest(pCtl);
4599 }
4600
4601 if (RT_FAILURE(rc) || pCtl->fShutdown)
4602 break;
4603
4604 if (pReq == NULL)
4605 continue;
4606
4607 ATAAIO ReqType = pReq->ReqType;
4608
4609 Log2(("%s: Ctl#%d: state=%d, req=%d\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl), pCtl->uAsyncIOState, ReqType));
4610 if (pCtl->uAsyncIOState != ReqType)
4611 {
4612 /* The new state is not the state that was expected by the normal
4613 * state changes. This is either a RESET/ABORT or there's something
4614 * really strange going on. */
4615 if ( (pCtl->uAsyncIOState == ATA_AIO_PIO || pCtl->uAsyncIOState == ATA_AIO_DMA)
4616 && (ReqType == ATA_AIO_PIO || ReqType == ATA_AIO_DMA))
4617 {
4618 /* Incorrect sequence of PIO/DMA states. Dump request queue. */
4619 ataAsyncIODumpRequests(pCtl);
4620 }
4621 AssertReleaseMsg(ReqType == ATA_AIO_RESET_ASSERTED || ReqType == ATA_AIO_RESET_CLEARED || ReqType == ATA_AIO_ABORT || pCtl->uAsyncIOState == ReqType, ("I/O state inconsistent: state=%d request=%d\n", pCtl->uAsyncIOState, ReqType));
4622 }
4623
4624 /* Do our work. */
4625 {
4626 STAM_PROFILE_START(&pCtl->StatLockWait, a);
4627 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
4628 STAM_PROFILE_STOP(&pCtl->StatLockWait, a);
4629 }
4630
4631 if (pCtl->uAsyncIOState == ATA_AIO_NEW && !pCtl->fChainedTransfer)
4632 {
4633 u64TS = RTTimeNanoTS();
4634#if defined(DEBUG) || defined(VBOX_WITH_STATISTICS)
4635 STAM_PROFILE_ADV_START(&pCtl->StatAsyncTime, a);
4636#endif /* DEBUG || VBOX_WITH_STATISTICS */
4637 }
4638
4639 switch (ReqType)
4640 {
4641 case ATA_AIO_NEW:
4642
4643 pCtl->iAIOIf = pReq->u.t.iIf;
4644 s = &pCtl->aIfs[pCtl->iAIOIf];
4645 s->cbTotalTransfer = pReq->u.t.cbTotalTransfer;
4646 s->uTxDir = pReq->u.t.uTxDir;
4647 s->iBeginTransfer = pReq->u.t.iBeginTransfer;
4648 s->iSourceSink = pReq->u.t.iSourceSink;
4649 s->iIOBufferEnd = 0;
4650 s->u64CmdTS = u64TS;
4651
4652 if (s->fATAPI)
4653 {
4654 if (pCtl->fChainedTransfer)
4655 {
4656 /* Only count the actual transfers, not the PIO
4657 * transfer of the ATAPI command bytes. */
4658 if (s->fDMA)
4659 STAM_REL_COUNTER_INC(&s->StatATAPIDMA);
4660 else
4661 STAM_REL_COUNTER_INC(&s->StatATAPIPIO);
4662 }
4663 }
4664 else
4665 {
4666 if (s->fDMA)
4667 STAM_REL_COUNTER_INC(&s->StatATADMA);
4668 else
4669 STAM_REL_COUNTER_INC(&s->StatATAPIO);
4670 }
4671
4672 pCtl->fChainedTransfer = false;
4673
4674 if (s->iBeginTransfer != ATAFN_BT_NULL)
4675 {
4676 Log2(("%s: Ctl#%d: calling begin transfer function\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
4677 g_apfnBeginTransFuncs[s->iBeginTransfer](s);
4678 s->iBeginTransfer = ATAFN_BT_NULL;
4679 if (s->uTxDir != PDMBLOCKTXDIR_FROM_DEVICE)
4680 s->iIOBufferEnd = s->cbElementaryTransfer;
4681 }
4682 else
4683 {
4684 s->cbElementaryTransfer = s->cbTotalTransfer;
4685 s->iIOBufferEnd = s->cbTotalTransfer;
4686 }
4687 s->iIOBufferCur = 0;
4688
4689 if (s->uTxDir != PDMBLOCKTXDIR_TO_DEVICE)
4690 {
4691 if (s->iSourceSink != ATAFN_SS_NULL)
4692 {
4693 bool fRedo;
4694 Log2(("%s: Ctl#%d: calling source/sink function\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
4695 fRedo = g_apfnSourceSinkFuncs[s->iSourceSink](s);
4696 pCtl->fRedo = fRedo;
4697 if (RT_UNLIKELY(fRedo && !pCtl->fReset))
4698 {
4699 /* Operation failed at the initial transfer, restart
4700 * everything from scratch by resending the current
4701 * request. Occurs very rarely, not worth optimizing. */
4702 LogRel(("%s: Ctl#%d: redo entire operation\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
4703 ataAsyncIOPutRequest(pCtl, pReq);
4704 break;
4705 }
4706 }
4707 else
4708 ataCmdOK(s, 0);
4709 s->iIOBufferEnd = s->cbElementaryTransfer;
4710
4711 }
4712
4713 /* Do not go into the transfer phase if RESET is asserted.
4714 * The CritSect is released while waiting for the host OS
4715 * to finish the I/O, thus RESET is possible here. Most
4716 * important: do not change uAsyncIOState. */
4717 if (pCtl->fReset)
4718 break;
4719
4720 if (s->fDMA)
4721 {
4722 if (s->cbTotalTransfer)
4723 {
4724 ataSetStatus(s, ATA_STAT_DRQ);
4725
4726 pCtl->uAsyncIOState = ATA_AIO_DMA;
4727 /* If BMDMA is already started, do the transfer now. */
4728 if (pCtl->BmDma.u8Cmd & BM_CMD_START)
4729 {
4730 Log2(("%s: Ctl#%d: message to async I/O thread, continuing DMA transfer immediately\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
4731 ataAsyncIOPutRequest(pCtl, &g_ataDMARequest);
4732 }
4733 }
4734 else
4735 {
4736 Assert(s->uTxDir == PDMBLOCKTXDIR_NONE); /* Any transfer which has an initial transfer size of 0 must be marked as such. */
4737 /* Finish DMA transfer. */
4738 ataDMATransferStop(s);
4739 ataSetIRQ(s);
4740 pCtl->uAsyncIOState = ATA_AIO_NEW;
4741 }
4742 }
4743 else
4744 {
4745 if (s->cbTotalTransfer)
4746 {
4747 ataPIOTransfer(pCtl);
4748 Assert(!pCtl->fRedo);
4749 if (s->fATAPITransfer || s->uTxDir != PDMBLOCKTXDIR_TO_DEVICE)
4750 ataSetIRQ(s);
4751
4752 if (s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE || s->iSourceSink != ATAFN_SS_NULL)
4753 {
4754 /* Write operations and not yet finished transfers
4755 * must be completed in the async I/O thread. */
4756 pCtl->uAsyncIOState = ATA_AIO_PIO;
4757 }
4758 else
4759 {
4760 /* Finished read operation can be handled inline
4761 * in the end of PIO transfer handling code. Linux
4762 * depends on this, as it waits only briefly for
4763 * devices to become ready after incoming data
4764 * transfer. Cannot find anything in the ATA spec
4765 * that backs this assumption, but as all kernels
4766 * are affected (though most of the time it does
4767 * not cause any harm) this must work. */
4768 pCtl->uAsyncIOState = ATA_AIO_NEW;
4769 }
4770 }
4771 else
4772 {
4773 Assert(s->uTxDir == PDMBLOCKTXDIR_NONE); /* Any transfer which has an initial transfer size of 0 must be marked as such. */
4774 /* Finish PIO transfer. */
4775 ataPIOTransfer(pCtl);
4776 Assert(!pCtl->fRedo);
4777 if (!s->fATAPITransfer)
4778 ataSetIRQ(s);
4779 pCtl->uAsyncIOState = ATA_AIO_NEW;
4780 }
4781 }
4782 break;
4783
4784 case ATA_AIO_DMA:
4785 {
4786 BMDMAState *bm = &pCtl->BmDma;
4787 s = &pCtl->aIfs[pCtl->iAIOIf]; /* Do not remove or there's an instant crash after loading the saved state */
4788 ATAFNSS iOriginalSourceSink = (ATAFNSS)s->iSourceSink; /* Used by the hack below, but gets reset by then. */
4789
4790 if (s->uTxDir == PDMBLOCKTXDIR_FROM_DEVICE)
4791 AssertRelease(bm->u8Cmd & BM_CMD_WRITE);
4792 else
4793 AssertRelease(!(bm->u8Cmd & BM_CMD_WRITE));
4794
4795 if (RT_LIKELY(!pCtl->fRedo))
4796 {
4797 /* The specs say that the descriptor table must not cross a
4798 * 4K boundary. */
4799 pCtl->pFirstDMADesc = bm->pvAddr;
4800 pCtl->pLastDMADesc = RT_ALIGN_32(bm->pvAddr + 1, _4K) - sizeof(BMDMADesc);
4801 }
4802 ataDMATransfer(pCtl);
4803
4804 if (RT_UNLIKELY(pCtl->fRedo && !pCtl->fReset))
4805 {
4806 LogRel(("PIIX3 ATA: Ctl#%d: redo DMA operation\n", ATACONTROLLER_IDX(pCtl)));
4807 ataAsyncIOPutRequest(pCtl, &g_ataDMARequest);
4808 break;
4809 }
4810
4811 /* The infamous delay IRQ hack. */
4812 if ( iOriginalSourceSink == ATAFN_SS_WRITE_SECTORS
4813 && s->cbTotalTransfer == 0
4814 && pCtl->DelayIRQMillies)
4815 {
4816 /* Delay IRQ for writing. Required to get the Win2K
4817 * installation work reliably (otherwise it crashes,
4818 * usually during component install). So far no better
4819 * solution has been found. */
4820 Log(("%s: delay IRQ hack\n", __FUNCTION__));
4821 PDMCritSectLeave(&pCtl->lock);
4822 RTThreadSleep(pCtl->DelayIRQMillies);
4823 PDMCritSectEnter(&pCtl->lock, VINF_SUCCESS);
4824 }
4825
4826 ataUnsetStatus(s, ATA_STAT_DRQ);
4827 Assert(!pCtl->fChainedTransfer);
4828 Assert(s->iSourceSink == ATAFN_SS_NULL);
4829 if (s->fATAPITransfer)
4830 {
4831 s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
4832 Log2(("%s: Ctl#%d: interrupt reason %#04x\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl), s->uATARegNSector));
4833 s->fATAPITransfer = false;
4834 }
4835 ataSetIRQ(s);
4836 pCtl->uAsyncIOState = ATA_AIO_NEW;
4837 break;
4838 }
4839
4840 case ATA_AIO_PIO:
4841 s = &pCtl->aIfs[pCtl->iAIOIf]; /* Do not remove or there's an instant crash after loading the saved state */
4842
4843 if (s->iSourceSink != ATAFN_SS_NULL)
4844 {
4845 bool fRedo;
4846 Log2(("%s: Ctl#%d: calling source/sink function\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
4847 fRedo = g_apfnSourceSinkFuncs[s->iSourceSink](s);
4848 pCtl->fRedo = fRedo;
4849 if (RT_UNLIKELY(fRedo && !pCtl->fReset))
4850 {
4851 LogRel(("PIIX3 ATA: Ctl#%d: redo PIO operation\n", ATACONTROLLER_IDX(pCtl)));
4852 ataAsyncIOPutRequest(pCtl, &g_ataPIORequest);
4853 ataSuspendRedo(pCtl);
4854 break;
4855 }
4856 s->iIOBufferCur = 0;
4857 s->iIOBufferEnd = s->cbElementaryTransfer;
4858 }
4859 else
4860 {
4861 /* Continue a previously started transfer. */
4862 ataUnsetStatus(s, ATA_STAT_BUSY);
4863 ataSetStatus(s, ATA_STAT_READY);
4864 }
4865
4866 /* It is possible that the drives on this controller get RESET
4867 * during the above call to the source/sink function. If that's
4868 * the case, don't restart the transfer and don't finish it the
4869 * usual way. RESET handling took care of all that already.
4870 * Most important: do not change uAsyncIOState. */
4871 if (pCtl->fReset)
4872 break;
4873
4874 if (s->cbTotalTransfer)
4875 {
4876 ataPIOTransfer(pCtl);
4877 ataSetIRQ(s);
4878
4879 if (s->uTxDir == PDMBLOCKTXDIR_TO_DEVICE || s->iSourceSink != ATAFN_SS_NULL)
4880 {
4881 /* Write operations and not yet finished transfers
4882 * must be completed in the async I/O thread. */
4883 pCtl->uAsyncIOState = ATA_AIO_PIO;
4884 }
4885 else
4886 {
4887 /* Finished read operation can be handled inline
4888 * in the end of PIO transfer handling code. Linux
4889 * depends on this, as it waits only briefly for
4890 * devices to become ready after incoming data
4891 * transfer. Cannot find anything in the ATA spec
4892 * that backs this assumption, but as all kernels
4893 * are affected (though most of the time it does
4894 * not cause any harm) this must work. */
4895 pCtl->uAsyncIOState = ATA_AIO_NEW;
4896 }
4897 }
4898 else
4899 {
4900 /* Finish PIO transfer. */
4901 ataPIOTransfer(pCtl);
4902 if ( !pCtl->fChainedTransfer
4903 && !s->fATAPITransfer
4904 && s->uTxDir != PDMBLOCKTXDIR_FROM_DEVICE)
4905 {
4906 ataSetIRQ(s);
4907 }
4908 pCtl->uAsyncIOState = ATA_AIO_NEW;
4909 }
4910 break;
4911
4912 case ATA_AIO_RESET_ASSERTED:
4913 pCtl->uAsyncIOState = ATA_AIO_RESET_CLEARED;
4914 ataPIOTransferStop(&pCtl->aIfs[0]);
4915 ataPIOTransferStop(&pCtl->aIfs[1]);
4916 /* Do not change the DMA registers, they are not affected by the
4917 * ATA controller reset logic. It should be sufficient to issue a
4918 * new command, which is now possible as the state is cleared. */
4919 break;
4920
4921 case ATA_AIO_RESET_CLEARED:
4922 pCtl->uAsyncIOState = ATA_AIO_NEW;
4923 pCtl->fReset = false;
4924 /* Ensure that half-completed transfers are not redone. A reset
4925 * cancels the entire transfer, so continuing is wrong. */
4926 pCtl->fRedo = false;
4927 pCtl->fRedoDMALastDesc = false;
4928 LogRel(("PIIX3 ATA: Ctl#%d: finished processing RESET\n",
4929 ATACONTROLLER_IDX(pCtl)));
4930 for (uint32_t i = 0; i < RT_ELEMENTS(pCtl->aIfs); i++)
4931 {
4932 if (pCtl->aIfs[i].fATAPI)
4933 ataSetStatusValue(&pCtl->aIfs[i], 0); /* NOTE: READY is _not_ set */
4934 else
4935 ataSetStatusValue(&pCtl->aIfs[i], ATA_STAT_READY | ATA_STAT_SEEK);
4936 ataSetSignature(&pCtl->aIfs[i]);
4937 }
4938 break;
4939
4940 case ATA_AIO_ABORT:
4941 /* Abort the current command only if it operates on the same interface. */
4942 if (pCtl->iAIOIf == pReq->u.a.iIf)
4943 {
4944 s = &pCtl->aIfs[pCtl->iAIOIf];
4945
4946 pCtl->uAsyncIOState = ATA_AIO_NEW;
4947 /* Do not change the DMA registers, they are not affected by the
4948 * ATA controller reset logic. It should be sufficient to issue a
4949 * new command, which is now possible as the state is cleared. */
4950 if (pReq->u.a.fResetDrive)
4951 {
4952 ataResetDevice(s);
4953 ataExecuteDeviceDiagnosticSS(s);
4954 }
4955 else
4956 {
4957 /* Stop any pending DMA transfer. */
4958 s->fDMA = false;
4959 ataPIOTransferStop(s);
4960 ataUnsetStatus(s, ATA_STAT_BUSY | ATA_STAT_DRQ | ATA_STAT_SEEK | ATA_STAT_ERR);
4961 ataSetStatus(s, ATA_STAT_READY);
4962 ataSetIRQ(s);
4963 }
4964 }
4965 break;
4966
4967 default:
4968 AssertMsgFailed(("Undefined async I/O state %d\n", pCtl->uAsyncIOState));
4969 }
4970
4971 ataAsyncIORemoveCurrentRequest(pCtl, ReqType);
4972 pReq = ataAsyncIOGetCurrentRequest(pCtl);
4973
4974 if (pCtl->uAsyncIOState == ATA_AIO_NEW && !pCtl->fChainedTransfer)
4975 {
4976#if defined(DEBUG) || defined(VBOX_WITH_STATISTICS)
4977 STAM_PROFILE_ADV_STOP(&pCtl->StatAsyncTime, a);
4978#endif /* DEBUG || VBOX_WITH_STATISTICS */
4979
4980 u64TS = RTTimeNanoTS() - u64TS;
4981 uWait = u64TS / 1000;
4982 Log(("%s: Ctl#%d: LUN#%d finished I/O transaction in %d microseconds\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl), pCtl->aIfs[pCtl->iAIOIf].iLUN, (uint32_t)(uWait)));
4983 /* Mark command as finished. */
4984 pCtl->aIfs[pCtl->iAIOIf].u64CmdTS = 0;
4985
4986 /*
4987 * Release logging of command execution times depends on the
4988 * command type. ATAPI commands often take longer (due to CD/DVD
4989 * spin up time etc.) so the threshold is different.
4990 */
4991 if (pCtl->aIfs[pCtl->iAIOIf].uATARegCommand != ATA_PACKET)
4992 {
4993 if (uWait > 8 * 1000 * 1000)
4994 {
4995 /*
4996 * Command took longer than 8 seconds. This is close
4997 * enough or over the guest's command timeout, so place
4998 * an entry in the release log to allow tracking such
4999 * timing errors (which are often caused by the host).
5000 */
5001 LogRel(("PIIX3 ATA: execution time for ATA command %#04x was %d seconds\n", pCtl->aIfs[pCtl->iAIOIf].uATARegCommand, uWait / (1000 * 1000)));
5002 }
5003 }
5004 else
5005 {
5006 if (uWait > 20 * 1000 * 1000)
5007 {
5008 /*
5009 * Command took longer than 20 seconds. This is close
5010 * enough or over the guest's command timeout, so place
5011 * an entry in the release log to allow tracking such
5012 * timing errors (which are often caused by the host).
5013 */
5014 LogRel(("PIIX3 ATA: execution time for ATAPI command %#04x was %d seconds\n", pCtl->aIfs[pCtl->iAIOIf].aATAPICmd[0], uWait / (1000 * 1000)));
5015 }
5016 }
5017
5018#if defined(DEBUG) || defined(VBOX_WITH_STATISTICS)
5019 if (uWait < pCtl->StatAsyncMinWait || !pCtl->StatAsyncMinWait)
5020 pCtl->StatAsyncMinWait = uWait;
5021 if (uWait > pCtl->StatAsyncMaxWait)
5022 pCtl->StatAsyncMaxWait = uWait;
5023
5024 STAM_COUNTER_ADD(&pCtl->StatAsyncTimeUS, uWait);
5025 STAM_COUNTER_INC(&pCtl->StatAsyncOps);
5026#endif /* DEBUG || VBOX_WITH_STATISTICS */
5027 }
5028
5029 PDMCritSectLeave(&pCtl->lock);
5030 }
5031
5032 /* Signal the ultimate idleness. */
5033 RTThreadUserSignal(pCtl->AsyncIOThread);
5034 if (pCtl->fSignalIdle)
5035 PDMDevHlpAsyncNotificationCompleted(pCtl->pDevInsR3);
5036
5037 /* Cleanup the state. */
5038 /* Do not destroy request mutex yet, still needed for proper shutdown. */
5039 pCtl->fShutdown = false;
5040
5041 Log2(("%s: Ctl#%d: return %Rrc\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl), rc));
5042 return rc;
5043}
5044
5045#endif /* IN_RING3 */
5046
5047static uint32_t ataBMDMACmdReadB(PATACONTROLLER pCtl, uint32_t addr)
5048{
5049 uint32_t val = pCtl->BmDma.u8Cmd;
5050 Log2(("%s: addr=%#06x val=%#04x\n", __FUNCTION__, addr, val));
5051 return val;
5052}
5053
5054
5055static void ataBMDMACmdWriteB(PATACONTROLLER pCtl, uint32_t addr, uint32_t val)
5056{
5057 Log2(("%s: addr=%#06x val=%#04x\n", __FUNCTION__, addr, val));
5058 if (!(val & BM_CMD_START))
5059 {
5060 pCtl->BmDma.u8Status &= ~BM_STATUS_DMAING;
5061 pCtl->BmDma.u8Cmd = val & (BM_CMD_START | BM_CMD_WRITE);
5062 }
5063 else
5064 {
5065#ifdef IN_RING3
5066 /* Check whether the guest OS wants to change DMA direction in
5067 * mid-flight. Not allowed, according to the PIIX3 specs. */
5068 Assert(!(pCtl->BmDma.u8Status & BM_STATUS_DMAING) || !((val ^ pCtl->BmDma.u8Cmd) & 0x04));
5069 pCtl->BmDma.u8Status |= BM_STATUS_DMAING;
5070 pCtl->BmDma.u8Cmd = val & (BM_CMD_START | BM_CMD_WRITE);
5071
5072 /* Do not continue DMA transfers while the RESET line is asserted. */
5073 if (pCtl->fReset)
5074 {
5075 Log2(("%s: Ctl#%d: suppressed continuing DMA transfer as RESET is active\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
5076 return;
5077 }
5078
5079 /* Do not start DMA transfers if there's a PIO transfer going on. */
5080 if (!pCtl->aIfs[pCtl->iSelectedIf].fDMA)
5081 return;
5082
5083 if (pCtl->aIfs[pCtl->iAIOIf].uATARegStatus & ATA_STAT_DRQ)
5084 {
5085 Log2(("%s: Ctl#%d: message to async I/O thread, continuing DMA transfer\n", __FUNCTION__, ATACONTROLLER_IDX(pCtl)));
5086 ataAsyncIOPutRequest(pCtl, &g_ataDMARequest);
5087 }
5088#else /* !IN_RING3 */
5089 AssertMsgFailed(("DMA START handling is too complicated for GC\n"));
5090#endif /* IN_RING3 */
5091 }
5092}
5093
5094static uint32_t ataBMDMAStatusReadB(PATACONTROLLER pCtl, uint32_t addr)
5095{
5096 uint32_t val = pCtl->BmDma.u8Status;
5097 Log2(("%s: addr=%#06x val=%#04x\n", __FUNCTION__, addr, val));
5098 return val;
5099}
5100
5101static void ataBMDMAStatusWriteB(PATACONTROLLER pCtl, uint32_t addr, uint32_t val)
5102{
5103 Log2(("%s: addr=%#06x val=%#04x\n", __FUNCTION__, addr, val));
5104 pCtl->BmDma.u8Status = (val & (BM_STATUS_D0DMA | BM_STATUS_D1DMA))
5105 | (pCtl->BmDma.u8Status & BM_STATUS_DMAING)
5106 | (pCtl->BmDma.u8Status & ~val & (BM_STATUS_ERROR | BM_STATUS_INT));
5107}
5108
5109static uint32_t ataBMDMAAddrReadL(PATACONTROLLER pCtl, uint32_t addr)
5110{
5111 uint32_t val = (uint32_t)pCtl->BmDma.pvAddr;
5112 Log2(("%s: addr=%#06x val=%#010x\n", __FUNCTION__, addr, val));
5113 return val;
5114}
5115
5116static void ataBMDMAAddrWriteL(PATACONTROLLER pCtl, uint32_t addr, uint32_t val)
5117{
5118 Log2(("%s: addr=%#06x val=%#010x\n", __FUNCTION__, addr, val));
5119 pCtl->BmDma.pvAddr = val & ~3;
5120}
5121
5122static void ataBMDMAAddrWriteLowWord(PATACONTROLLER pCtl, uint32_t addr, uint32_t val)
5123{
5124 Log2(("%s: addr=%#06x val=%#010x\n", __FUNCTION__, addr, val));
5125 pCtl->BmDma.pvAddr = (pCtl->BmDma.pvAddr & 0xFFFF0000) | RT_LOWORD(val & ~3);
5126
5127}
5128
5129static void ataBMDMAAddrWriteHighWord(PATACONTROLLER pCtl, uint32_t addr, uint32_t val)
5130{
5131 Log2(("%s: addr=%#06x val=%#010x\n", __FUNCTION__, addr, val));
5132 pCtl->BmDma.pvAddr = (RT_LOWORD(val) << 16) | RT_LOWORD(pCtl->BmDma.pvAddr);
5133}
5134
5135#define VAL(port, size) ( ((port) & 7) | ((size) << 3) )
5136
5137/**
5138 * Port I/O Handler for bus master DMA IN operations.
5139 * @see FNIOMIOPORTIN for details.
5140 */
5141PDMBOTHCBDECL(int) ataBMDMAIOPortRead(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t *pu32, unsigned cb)
5142{
5143 uint32_t i = (uint32_t)(uintptr_t)pvUser;
5144 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
5145 PATACONTROLLER pCtl = &pThis->aCts[i];
5146 int rc;
5147
5148 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_HC_IOPORT_READ);
5149 if (rc != VINF_SUCCESS)
5150 return rc;
5151 switch (VAL(Port, cb))
5152 {
5153 case VAL(0, 1): *pu32 = ataBMDMACmdReadB(pCtl, Port); break;
5154 case VAL(0, 2): *pu32 = ataBMDMACmdReadB(pCtl, Port); break;
5155 case VAL(2, 1): *pu32 = ataBMDMAStatusReadB(pCtl, Port); break;
5156 case VAL(2, 2): *pu32 = ataBMDMAStatusReadB(pCtl, Port); break;
5157 case VAL(4, 4): *pu32 = ataBMDMAAddrReadL(pCtl, Port); break;
5158 case VAL(0, 4):
5159 /* The SCO OpenServer tries to read 4 bytes starting from offset 0. */
5160 *pu32 = ataBMDMACmdReadB(pCtl, Port) | (ataBMDMAStatusReadB(pCtl, Port) << 16);
5161 break;
5162 default:
5163 AssertMsgFailed(("%s: Unsupported read from port %x size=%d\n", __FUNCTION__, Port, cb));
5164 PDMCritSectLeave(&pCtl->lock);
5165 return VERR_IOM_IOPORT_UNUSED;
5166 }
5167 PDMCritSectLeave(&pCtl->lock);
5168 return rc;
5169}
5170
5171/**
5172 * Port I/O Handler for bus master DMA OUT operations.
5173 * @see FNIOMIOPORTOUT for details.
5174 */
5175PDMBOTHCBDECL(int) ataBMDMAIOPortWrite(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t u32, unsigned cb)
5176{
5177 uint32_t i = (uint32_t)(uintptr_t)pvUser;
5178 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
5179 PATACONTROLLER pCtl = &pThis->aCts[i];
5180 int rc;
5181
5182 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_HC_IOPORT_WRITE);
5183 if (rc != VINF_SUCCESS)
5184 return rc;
5185 switch (VAL(Port, cb))
5186 {
5187 case VAL(0, 1):
5188#ifndef IN_RING3
5189 if (u32 & BM_CMD_START)
5190 {
5191 rc = VINF_IOM_HC_IOPORT_WRITE;
5192 break;
5193 }
5194#endif /* !IN_RING3 */
5195 ataBMDMACmdWriteB(pCtl, Port, u32);
5196 break;
5197 case VAL(2, 1): ataBMDMAStatusWriteB(pCtl, Port, u32); break;
5198 case VAL(4, 4): ataBMDMAAddrWriteL(pCtl, Port, u32); break;
5199 case VAL(4, 2): ataBMDMAAddrWriteLowWord(pCtl, Port, u32); break;
5200 case VAL(6, 2): ataBMDMAAddrWriteHighWord(pCtl, Port, u32); break;
5201 default: AssertMsgFailed(("%s: Unsupported write to port %x size=%d val=%x\n", __FUNCTION__, Port, cb, u32)); break;
5202 }
5203 PDMCritSectLeave(&pCtl->lock);
5204 return rc;
5205}
5206
5207#undef VAL
5208
5209#ifdef IN_RING3
5210
5211/**
5212 * Callback function for mapping an PCI I/O region.
5213 *
5214 * @return VBox status code.
5215 * @param pPciDev Pointer to PCI device. Use pPciDev->pDevIns to get the device instance.
5216 * @param iRegion The region number.
5217 * @param GCPhysAddress Physical address of the region. If iType is PCI_ADDRESS_SPACE_IO, this is an
5218 * I/O port, else it's a physical address.
5219 * This address is *NOT* relative to pci_mem_base like earlier!
5220 * @param enmType One of the PCI_ADDRESS_SPACE_* values.
5221 */
5222static DECLCALLBACK(int) ataBMDMAIORangeMap(PPCIDEVICE pPciDev, /*unsigned*/ int iRegion, RTGCPHYS GCPhysAddress, uint32_t cb, PCIADDRESSSPACE enmType)
5223{
5224 PCIATAState *pThis = PCIDEV_2_PCIATASTATE(pPciDev);
5225 int rc = VINF_SUCCESS;
5226 Assert(enmType == PCI_ADDRESS_SPACE_IO);
5227 Assert(iRegion == 4);
5228 AssertMsg(RT_ALIGN(GCPhysAddress, 8) == GCPhysAddress, ("Expected 8 byte alignment. GCPhysAddress=%#x\n", GCPhysAddress));
5229
5230 /* Register the port range. */
5231 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
5232 {
5233 int rc2 = PDMDevHlpIOPortRegister(pPciDev->pDevIns, (RTIOPORT)GCPhysAddress + i * 8, 8,
5234 (RTHCPTR)i, ataBMDMAIOPortWrite, ataBMDMAIOPortRead, NULL, NULL, "ATA Bus Master DMA");
5235 AssertRC(rc2);
5236 if (rc2 < rc)
5237 rc = rc2;
5238
5239 if (pThis->fGCEnabled)
5240 {
5241 rc2 = PDMDevHlpIOPortRegisterRC(pPciDev->pDevIns, (RTIOPORT)GCPhysAddress + i * 8, 8,
5242 (RTGCPTR)i, "ataBMDMAIOPortWrite", "ataBMDMAIOPortRead", NULL, NULL, "ATA Bus Master DMA");
5243 AssertRC(rc2);
5244 if (rc2 < rc)
5245 rc = rc2;
5246 }
5247 if (pThis->fR0Enabled)
5248 {
5249 rc2 = PDMDevHlpIOPortRegisterR0(pPciDev->pDevIns, (RTIOPORT)GCPhysAddress + i * 8, 8,
5250 (RTR0PTR)i, "ataBMDMAIOPortWrite", "ataBMDMAIOPortRead", NULL, NULL, "ATA Bus Master DMA");
5251 AssertRC(rc2);
5252 if (rc2 < rc)
5253 rc = rc2;
5254 }
5255 }
5256 return rc;
5257}
5258
5259
5260/* -=-=-=-=-=- PCIATAState::IBase -=-=-=-=-=- */
5261
5262/**
5263 * @interface_method_impl{PDMIBASE,pfnQueryInterface}
5264 */
5265static DECLCALLBACK(void *) ataStatus_QueryInterface(PPDMIBASE pInterface, const char *pszIID)
5266{
5267 PCIATAState *pThis = PDMIBASE_2_PCIATASTATE(pInterface);
5268 PDMIBASE_RETURN_INTERFACE(pszIID, PDMIBASE, &pThis->IBase);
5269 PDMIBASE_RETURN_INTERFACE(pszIID, PDMILEDPORTS, &pThis->ILeds);
5270 return NULL;
5271}
5272
5273
5274/* -=-=-=-=-=- PCIATAState::ILeds -=-=-=-=-=- */
5275
5276/**
5277 * Gets the pointer to the status LED of a unit.
5278 *
5279 * @returns VBox status code.
5280 * @param pInterface Pointer to the interface structure containing the called function pointer.
5281 * @param iLUN The unit which status LED we desire.
5282 * @param ppLed Where to store the LED pointer.
5283 */
5284static DECLCALLBACK(int) ataStatus_QueryStatusLed(PPDMILEDPORTS pInterface, unsigned iLUN, PPDMLED *ppLed)
5285{
5286 PCIATAState *pThis = PDMILEDPORTS_2_PCIATASTATE(pInterface);
5287 if (iLUN < 4)
5288 {
5289 switch (iLUN)
5290 {
5291 case 0: *ppLed = &pThis->aCts[0].aIfs[0].Led; break;
5292 case 1: *ppLed = &pThis->aCts[0].aIfs[1].Led; break;
5293 case 2: *ppLed = &pThis->aCts[1].aIfs[0].Led; break;
5294 case 3: *ppLed = &pThis->aCts[1].aIfs[1].Led; break;
5295 }
5296 Assert((*ppLed)->u32Magic == PDMLED_MAGIC);
5297 return VINF_SUCCESS;
5298 }
5299 return VERR_PDM_LUN_NOT_FOUND;
5300}
5301
5302
5303/* -=-=-=-=-=- ATADevState::IBase -=-=-=-=-=- */
5304
5305/**
5306 * @interface_method_impl{PDMIBASE,pfnQueryInterface}
5307 */
5308static DECLCALLBACK(void *) ataQueryInterface(PPDMIBASE pInterface, const char *pszIID)
5309{
5310 ATADevState *pIf = PDMIBASE_2_ATASTATE(pInterface);
5311 PDMIBASE_RETURN_INTERFACE(pszIID, PDMIBASE, &pIf->IBase);
5312 PDMIBASE_RETURN_INTERFACE(pszIID, PDMIBLOCKPORT, &pIf->IPort);
5313 PDMIBASE_RETURN_INTERFACE(pszIID, PDMIMOUNTNOTIFY, &pIf->IMountNotify);
5314 return NULL;
5315}
5316
5317#endif /* IN_RING3 */
5318
5319
5320/* -=-=-=-=-=- Wrappers -=-=-=-=-=- */
5321
5322/**
5323 * Port I/O Handler for primary port range OUT operations.
5324 * @see FNIOMIOPORTOUT for details.
5325 */
5326PDMBOTHCBDECL(int) ataIOPortWrite1(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t u32, unsigned cb)
5327{
5328 uint32_t i = (uint32_t)(uintptr_t)pvUser;
5329 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
5330 PATACONTROLLER pCtl = &pThis->aCts[i];
5331 int rc = VINF_SUCCESS;
5332
5333 Assert(i < 2);
5334
5335 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_HC_IOPORT_WRITE);
5336 if (rc != VINF_SUCCESS)
5337 return rc;
5338 if (cb == 1)
5339 rc = ataIOPortWriteU8(pCtl, Port, u32);
5340 else if (Port == pCtl->IOPortBase1)
5341 {
5342 Assert(cb == 2 || cb == 4);
5343 rc = ataDataWrite(pCtl, Port, cb, (const uint8_t *)&u32);
5344 }
5345 else
5346 AssertMsgFailed(("ataIOPortWrite1: unsupported write to port %x val=%x size=%d\n", Port, u32, cb));
5347 PDMCritSectLeave(&pCtl->lock);
5348 return rc;
5349}
5350
5351
5352/**
5353 * Port I/O Handler for primary port range IN operations.
5354 * @see FNIOMIOPORTIN for details.
5355 */
5356PDMBOTHCBDECL(int) ataIOPortRead1(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t *pu32, unsigned cb)
5357{
5358 uint32_t i = (uint32_t)(uintptr_t)pvUser;
5359 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
5360 PATACONTROLLER pCtl = &pThis->aCts[i];
5361 int rc = VINF_SUCCESS;
5362
5363 Assert(i < 2);
5364
5365 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_HC_IOPORT_READ);
5366 if (rc != VINF_SUCCESS)
5367 return rc;
5368 if (cb == 1)
5369 {
5370 rc = ataIOPortReadU8(pCtl, Port, pu32);
5371 }
5372 else if (Port == pCtl->IOPortBase1)
5373 {
5374 Assert(cb == 2 || cb == 4);
5375 rc = ataDataRead(pCtl, Port, cb, (uint8_t *)pu32);
5376 if (cb == 2)
5377 *pu32 &= 0xffff;
5378 }
5379 else
5380 {
5381 AssertMsgFailed(("ataIOPortRead1: unsupported read from port %x size=%d\n", Port, cb));
5382 rc = VERR_IOM_IOPORT_UNUSED;
5383 }
5384 PDMCritSectLeave(&pCtl->lock);
5385 return rc;
5386}
5387
5388#ifndef IN_RING0 /** @todo do this in ring-0 as well. */
5389/**
5390 * Port I/O Handler for primary port range IN string operations.
5391 * @see FNIOMIOPORTINSTRING for details.
5392 */
5393PDMBOTHCBDECL(int) ataIOPortReadStr1(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, RTGCPTR *pGCPtrDst, PRTGCUINTREG pcTransfer, unsigned cb)
5394{
5395 uint32_t i = (uint32_t)(uintptr_t)pvUser;
5396 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
5397 PATACONTROLLER pCtl = &pThis->aCts[i];
5398 int rc = VINF_SUCCESS;
5399
5400 Assert(i < 2);
5401
5402 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_HC_IOPORT_READ);
5403 if (rc != VINF_SUCCESS)
5404 return rc;
5405 if (Port == pCtl->IOPortBase1)
5406 {
5407 uint32_t cTransAvailable, cTransfer = *pcTransfer, cbTransfer;
5408 RTGCPTR GCDst = *pGCPtrDst;
5409 ATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
5410 Assert(cb == 2 || cb == 4);
5411
5412 cTransAvailable = (s->iIOBufferPIODataEnd - s->iIOBufferPIODataStart) / cb;
5413#ifndef IN_RING3
5414 /* Deal with the unlikely case where no data (or not enough for the read length operation) is available; go back to ring 3. */
5415 if (!cTransAvailable)
5416 {
5417 PDMCritSectLeave(&pCtl->lock);
5418 return VINF_IOM_HC_IOPORT_READ;
5419 }
5420 /* The last transfer unit cannot be handled in GC, as it involves thread communication. */
5421 cTransAvailable--;
5422#endif /* !IN_RING3 */
5423 /* Do not handle the dummy transfer stuff here, leave it to the single-word transfers.
5424 * They are not performance-critical and generally shouldn't occur at all. */
5425 if (cTransAvailable > cTransfer)
5426 cTransAvailable = cTransfer;
5427 cbTransfer = cTransAvailable * cb;
5428
5429 rc = PGMPhysSimpleDirtyWriteGCPtr(PDMDevHlpGetVMCPU(pDevIns), GCDst, s->CTX_SUFF(pbIOBuffer) + s->iIOBufferPIODataStart, cbTransfer);
5430 Assert(rc == VINF_SUCCESS);
5431
5432 if (cbTransfer)
5433 Log3(("%s: addr=%#x val=%.*Rhxs\n", __FUNCTION__, Port, cbTransfer, s->CTX_SUFF(pbIOBuffer) + s->iIOBufferPIODataStart));
5434 s->iIOBufferPIODataStart += cbTransfer;
5435 *pGCPtrDst = (RTGCPTR)((RTGCUINTPTR)GCDst + cbTransfer);
5436 *pcTransfer = cTransfer - cTransAvailable;
5437#ifdef IN_RING3
5438 if (s->iIOBufferPIODataStart >= s->iIOBufferPIODataEnd)
5439 ataPIOTransferFinish(pCtl, s);
5440#endif /* IN_RING3 */
5441 }
5442 PDMCritSectLeave(&pCtl->lock);
5443 return rc;
5444}
5445
5446
5447/**
5448 * Port I/O Handler for primary port range OUT string operations.
5449 * @see FNIOMIOPORTOUTSTRING for details.
5450 */
5451PDMBOTHCBDECL(int) ataIOPortWriteStr1(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, RTGCPTR *pGCPtrSrc, PRTGCUINTREG pcTransfer, unsigned cb)
5452{
5453 uint32_t i = (uint32_t)(uintptr_t)pvUser;
5454 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
5455 PATACONTROLLER pCtl = &pThis->aCts[i];
5456 int rc;
5457
5458 Assert(i < 2);
5459
5460 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_HC_IOPORT_WRITE);
5461 if (rc != VINF_SUCCESS)
5462 return rc;
5463 if (Port == pCtl->IOPortBase1)
5464 {
5465 uint32_t cTransAvailable, cTransfer = *pcTransfer, cbTransfer;
5466 RTGCPTR GCSrc = *pGCPtrSrc;
5467 ATADevState *s = &pCtl->aIfs[pCtl->iSelectedIf];
5468 Assert(cb == 2 || cb == 4);
5469
5470 cTransAvailable = (s->iIOBufferPIODataEnd - s->iIOBufferPIODataStart) / cb;
5471#ifndef IN_RING3
5472 /* Deal with the unlikely case where no data (or not enough for the read length operation) is available; go back to ring 3. */
5473 if (!cTransAvailable)
5474 {
5475 PDMCritSectLeave(&pCtl->lock);
5476 return VINF_IOM_HC_IOPORT_WRITE;
5477 }
5478 /* The last transfer unit cannot be handled in GC, as it involves thread communication. */
5479 cTransAvailable--;
5480#endif /* !IN_RING3 */
5481 /* Do not handle the dummy transfer stuff here, leave it to the single-word transfers.
5482 * They are not performance-critical and generally shouldn't occur at all. */
5483 if (cTransAvailable > cTransfer)
5484 cTransAvailable = cTransfer;
5485 cbTransfer = cTransAvailable * cb;
5486
5487 rc = PGMPhysSimpleReadGCPtr(PDMDevHlpGetVMCPU(pDevIns), s->CTX_SUFF(pbIOBuffer) + s->iIOBufferPIODataStart, GCSrc, cbTransfer);
5488 Assert(rc == VINF_SUCCESS);
5489
5490 if (cbTransfer)
5491 Log3(("%s: addr=%#x val=%.*Rhxs\n", __FUNCTION__, Port, cbTransfer, s->CTX_SUFF(pbIOBuffer) + s->iIOBufferPIODataStart));
5492 s->iIOBufferPIODataStart += cbTransfer;
5493 *pGCPtrSrc = (RTGCPTR)((RTGCUINTPTR)GCSrc + cbTransfer);
5494 *pcTransfer = cTransfer - cTransAvailable;
5495#ifdef IN_RING3
5496 if (s->iIOBufferPIODataStart >= s->iIOBufferPIODataEnd)
5497 ataPIOTransferFinish(pCtl, s);
5498#endif /* IN_RING3 */
5499 }
5500 PDMCritSectLeave(&pCtl->lock);
5501 return rc;
5502}
5503#endif /* !IN_RING0 */
5504
5505/**
5506 * Port I/O Handler for secondary port range OUT operations.
5507 * @see FNIOMIOPORTOUT for details.
5508 */
5509PDMBOTHCBDECL(int) ataIOPortWrite2(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t u32, unsigned cb)
5510{
5511 uint32_t i = (uint32_t)(uintptr_t)pvUser;
5512 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
5513 PATACONTROLLER pCtl = &pThis->aCts[i];
5514 int rc;
5515
5516 Assert(i < 2);
5517
5518 if (cb != 1)
5519 return VINF_SUCCESS;
5520 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_HC_IOPORT_WRITE);
5521 if (rc != VINF_SUCCESS)
5522 return rc;
5523 rc = ataControlWrite(pCtl, Port, u32);
5524 PDMCritSectLeave(&pCtl->lock);
5525 return rc;
5526}
5527
5528
5529/**
5530 * Port I/O Handler for secondary port range IN operations.
5531 * @see FNIOMIOPORTIN for details.
5532 */
5533PDMBOTHCBDECL(int) ataIOPortRead2(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT Port, uint32_t *pu32, unsigned cb)
5534{
5535 uint32_t i = (uint32_t)(uintptr_t)pvUser;
5536 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
5537 PATACONTROLLER pCtl = &pThis->aCts[i];
5538 int rc;
5539
5540 Assert(i < 2);
5541
5542 if (cb != 1)
5543 return VERR_IOM_IOPORT_UNUSED;
5544
5545 rc = PDMCritSectEnter(&pCtl->lock, VINF_IOM_HC_IOPORT_READ);
5546 if (rc != VINF_SUCCESS)
5547 return rc;
5548 *pu32 = ataStatusRead(pCtl, Port);
5549 PDMCritSectLeave(&pCtl->lock);
5550 return VINF_SUCCESS;
5551}
5552
5553#ifdef IN_RING3
5554
5555
5556DECLINLINE(void) ataRelocBuffer(PPDMDEVINS pDevIns, ATADevState *s)
5557{
5558 if (s->pbIOBufferR3)
5559 s->pbIOBufferRC = MMHyperR3ToRC(PDMDevHlpGetVM(pDevIns), s->pbIOBufferR3);
5560}
5561
5562
5563/**
5564 * @copydoc FNPDMDEVRELOCATE
5565 */
5566static DECLCALLBACK(void) ataR3Relocate(PPDMDEVINS pDevIns, RTGCINTPTR offDelta)
5567{
5568 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
5569
5570 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
5571 {
5572 pThis->aCts[i].pDevInsRC += offDelta;
5573 pThis->aCts[i].aIfs[0].pDevInsRC += offDelta;
5574 pThis->aCts[i].aIfs[0].pControllerRC += offDelta;
5575 ataRelocBuffer(pDevIns, &pThis->aCts[i].aIfs[0]);
5576 pThis->aCts[i].aIfs[1].pDevInsRC += offDelta;
5577 pThis->aCts[i].aIfs[1].pControllerRC += offDelta;
5578 ataRelocBuffer(pDevIns, &pThis->aCts[i].aIfs[1]);
5579 }
5580}
5581
5582
5583/**
5584 * Destroy a driver instance.
5585 *
5586 * Most VM resources are freed by the VM. This callback is provided so that any non-VM
5587 * resources can be freed correctly.
5588 *
5589 * @param pDevIns The device instance data.
5590 */
5591static DECLCALLBACK(int) ataR3Destruct(PPDMDEVINS pDevIns)
5592{
5593 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
5594 int rc;
5595
5596 Log(("ataR3Destruct\n"));
5597 PDMDEV_CHECK_VERSIONS_RETURN_QUIET(pDevIns);
5598
5599 /*
5600 * Tell the async I/O threads to terminate.
5601 */
5602 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
5603 {
5604 if (pThis->aCts[i].AsyncIOThread != NIL_RTTHREAD)
5605 {
5606 ASMAtomicWriteU32(&pThis->aCts[i].fShutdown, true);
5607 rc = RTSemEventSignal(pThis->aCts[i].AsyncIOSem);
5608 AssertRC(rc);
5609 }
5610 }
5611
5612 /*
5613 * Wait for the threads to terminate before destroying their resources.
5614 */
5615 for (unsigned i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
5616 {
5617 if (pThis->aCts[i].AsyncIOThread != NIL_RTTHREAD)
5618 {
5619 rc = RTThreadWait(pThis->aCts[i].AsyncIOThread, 30000 /* 30 s*/, NULL);
5620 if (RT_SUCCESS(rc))
5621 pThis->aCts[i].AsyncIOThread = NIL_RTTHREAD;
5622 else
5623 LogRel(("PIIX3 ATA Dtor: Ctl#%u is still executing, DevSel=%d AIOIf=%d CmdIf0=%#04x CmdIf1=%#04x rc=%Rrc\n",
5624 i, pThis->aCts[i].iSelectedIf, pThis->aCts[i].iAIOIf,
5625 pThis->aCts[i].aIfs[0].uATARegCommand, pThis->aCts[i].aIfs[1].uATARegCommand, rc));
5626 }
5627 }
5628
5629 /*
5630 * Free resources.
5631 */
5632 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
5633 {
5634 if (pThis->aCts[i].AsyncIORequestMutex != NIL_RTSEMMUTEX)
5635 {
5636 RTSemMutexDestroy(pThis->aCts[i].AsyncIORequestMutex);
5637 pThis->aCts[i].AsyncIORequestMutex = NIL_RTSEMMUTEX;
5638 }
5639 if (pThis->aCts[i].AsyncIOSem != NIL_RTSEMEVENT)
5640 {
5641 RTSemEventDestroy(pThis->aCts[i].AsyncIOSem);
5642 pThis->aCts[i].AsyncIOSem = NIL_RTSEMEVENT;
5643 }
5644 if (pThis->aCts[i].SuspendIOSem != NIL_RTSEMEVENT)
5645 {
5646 RTSemEventDestroy(pThis->aCts[i].SuspendIOSem);
5647 pThis->aCts[i].SuspendIOSem = NIL_RTSEMEVENT;
5648 }
5649
5650 /* try one final time */
5651 if (pThis->aCts[i].AsyncIOThread != NIL_RTTHREAD)
5652 {
5653 rc = RTThreadWait(pThis->aCts[i].AsyncIOThread, 1 /*ms*/, NULL);
5654 if (RT_SUCCESS(rc))
5655 {
5656 pThis->aCts[i].AsyncIOThread = NIL_RTTHREAD;
5657 LogRel(("PIIX3 ATA Dtor: Ctl#%u actually completed.\n", i));
5658 }
5659 }
5660 }
5661
5662 return VINF_SUCCESS;
5663}
5664
5665
5666/**
5667 * Detach notification.
5668 *
5669 * The DVD drive has been unplugged.
5670 *
5671 * @param pDevIns The device instance.
5672 * @param iLUN The logical unit which is being detached.
5673 * @param fFlags Flags, combination of the PDMDEVATT_FLAGS_* \#defines.
5674 */
5675static DECLCALLBACK(void) ataR3Detach(PPDMDEVINS pDevIns, unsigned iLUN, uint32_t fFlags)
5676{
5677 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
5678 PATACONTROLLER pCtl;
5679 ATADevState *pIf;
5680 unsigned iController;
5681 unsigned iInterface;
5682
5683 AssertMsg(fFlags & PDM_TACH_FLAGS_NOT_HOT_PLUG,
5684 ("PIIX3IDE: Device does not support hotplugging\n"));
5685
5686 /*
5687 * Locate the controller and stuff.
5688 */
5689 iController = iLUN / RT_ELEMENTS(pThis->aCts[0].aIfs);
5690 AssertReleaseMsg(iController < RT_ELEMENTS(pThis->aCts), ("iController=%d iLUN=%d\n", iController, iLUN));
5691 pCtl = &pThis->aCts[iController];
5692
5693 iInterface = iLUN % RT_ELEMENTS(pThis->aCts[0].aIfs);
5694 pIf = &pCtl->aIfs[iInterface];
5695
5696 /*
5697 * Zero some important members.
5698 */
5699 pIf->pDrvBase = NULL;
5700 pIf->pDrvBlock = NULL;
5701 pIf->pDrvBlockBios = NULL;
5702 pIf->pDrvMount = NULL;
5703
5704 /*
5705 * In case there was a medium inserted.
5706 */
5707 ataMediumRemoved(pIf);
5708}
5709
5710
5711/**
5712 * Configure a LUN.
5713 *
5714 * @returns VBox status code.
5715 * @param pDevIns The device instance.
5716 * @param pIf The ATA unit state.
5717 */
5718static int ataConfigLun(PPDMDEVINS pDevIns, ATADevState *pIf)
5719{
5720 int rc = VINF_SUCCESS;
5721 PDMBLOCKTYPE enmType;
5722
5723 /*
5724 * Query Block, Bios and Mount interfaces.
5725 */
5726 pIf->pDrvBlock = PDMIBASE_QUERY_INTERFACE(pIf->pDrvBase, PDMIBLOCK);
5727 if (!pIf->pDrvBlock)
5728 {
5729 AssertMsgFailed(("Configuration error: LUN#%d hasn't a block interface!\n", pIf->iLUN));
5730 return VERR_PDM_MISSING_INTERFACE;
5731 }
5732
5733 /** @todo implement the BIOS invisible code path. */
5734 pIf->pDrvBlockBios = PDMIBASE_QUERY_INTERFACE(pIf->pDrvBase, PDMIBLOCKBIOS);
5735 if (!pIf->pDrvBlockBios)
5736 {
5737 AssertMsgFailed(("Configuration error: LUN#%d hasn't a block BIOS interface!\n", pIf->iLUN));
5738 return VERR_PDM_MISSING_INTERFACE;
5739 }
5740 pIf->pDrvMount = PDMIBASE_QUERY_INTERFACE(pIf->pDrvBase, PDMIMOUNT);
5741
5742 /*
5743 * Validate type.
5744 */
5745 enmType = pIf->pDrvBlock->pfnGetType(pIf->pDrvBlock);
5746 if ( enmType != PDMBLOCKTYPE_CDROM
5747 && enmType != PDMBLOCKTYPE_DVD
5748 && enmType != PDMBLOCKTYPE_HARD_DISK)
5749 {
5750 AssertMsgFailed(("Configuration error: LUN#%d isn't a disk or cd/dvd-rom. enmType=%d\n", pIf->iLUN, enmType));
5751 return VERR_PDM_UNSUPPORTED_BLOCK_TYPE;
5752 }
5753 if ( ( enmType == PDMBLOCKTYPE_DVD
5754 || enmType == PDMBLOCKTYPE_CDROM)
5755 && !pIf->pDrvMount)
5756 {
5757 AssertMsgFailed(("Internal error: cdrom without a mountable interface, WTF???!\n"));
5758 return VERR_INTERNAL_ERROR;
5759 }
5760 pIf->fATAPI = enmType == PDMBLOCKTYPE_DVD || enmType == PDMBLOCKTYPE_CDROM;
5761 pIf->fATAPIPassthrough = pIf->fATAPI ? (pIf->pDrvBlock->pfnSendCmd != NULL) : false;
5762
5763 /*
5764 * Allocate I/O buffer.
5765 */
5766 PVM pVM = PDMDevHlpGetVM(pDevIns);
5767 if (pIf->cbIOBuffer)
5768 {
5769 /* Buffer is (probably) already allocated. Validate the fields,
5770 * because memory corruption can also overwrite pIf->cbIOBuffer. */
5771 if (pIf->fATAPI)
5772 AssertRelease(pIf->cbIOBuffer == _128K);
5773 else
5774 AssertRelease(pIf->cbIOBuffer == ATA_MAX_MULT_SECTORS * 512);
5775 Assert(pIf->pbIOBufferR3);
5776 Assert(pIf->pbIOBufferR0 == MMHyperR3ToR0(pVM, pIf->pbIOBufferR3));
5777 Assert(pIf->pbIOBufferRC == MMHyperR3ToRC(pVM, pIf->pbIOBufferR3));
5778 }
5779 else
5780 {
5781 if (pIf->fATAPI)
5782 pIf->cbIOBuffer = _128K;
5783 else
5784 pIf->cbIOBuffer = ATA_MAX_MULT_SECTORS * 512;
5785 Assert(!pIf->pbIOBufferR3);
5786 rc = MMR3HyperAllocOnceNoRel(pVM, pIf->cbIOBuffer, 0, MM_TAG_PDM_DEVICE_USER, (void **)&pIf->pbIOBufferR3);
5787 if (RT_FAILURE(rc))
5788 return VERR_NO_MEMORY;
5789 pIf->pbIOBufferR0 = MMHyperR3ToR0(pVM, pIf->pbIOBufferR3);
5790 pIf->pbIOBufferRC = MMHyperR3ToRC(pVM, pIf->pbIOBufferR3);
5791 }
5792
5793 /*
5794 * Init geometry (only for non-CD/DVD media).
5795 */
5796 if (pIf->fATAPI)
5797 {
5798 pIf->cTotalSectors = pIf->pDrvBlock->pfnGetSize(pIf->pDrvBlock) / 2048;
5799 pIf->PCHSGeometry.cCylinders = 0; /* dummy */
5800 pIf->PCHSGeometry.cHeads = 0; /* dummy */
5801 pIf->PCHSGeometry.cSectors = 0; /* dummy */
5802 LogRel(("PIIX3 ATA: LUN#%d: CD/DVD, total number of sectors %Ld, passthrough %s\n", pIf->iLUN, pIf->cTotalSectors, (pIf->fATAPIPassthrough ? "enabled" : "disabled")));
5803 }
5804 else
5805 {
5806 pIf->cTotalSectors = pIf->pDrvBlock->pfnGetSize(pIf->pDrvBlock) / 512;
5807 rc = pIf->pDrvBlockBios->pfnGetPCHSGeometry(pIf->pDrvBlockBios,
5808 &pIf->PCHSGeometry);
5809 if (rc == VERR_PDM_MEDIA_NOT_MOUNTED)
5810 {
5811 pIf->PCHSGeometry.cCylinders = 0;
5812 pIf->PCHSGeometry.cHeads = 16; /*??*/
5813 pIf->PCHSGeometry.cSectors = 63; /*??*/
5814 }
5815 else if (rc == VERR_PDM_GEOMETRY_NOT_SET)
5816 {
5817 pIf->PCHSGeometry.cCylinders = 0; /* autodetect marker */
5818 rc = VINF_SUCCESS;
5819 }
5820 AssertRC(rc);
5821
5822 if ( pIf->PCHSGeometry.cCylinders == 0
5823 || pIf->PCHSGeometry.cHeads == 0
5824 || pIf->PCHSGeometry.cSectors == 0
5825 )
5826 {
5827 uint64_t cCylinders = pIf->cTotalSectors / (16 * 63);
5828 pIf->PCHSGeometry.cCylinders = RT_MAX(RT_MIN(cCylinders, 16383), 1);
5829 pIf->PCHSGeometry.cHeads = 16;
5830 pIf->PCHSGeometry.cSectors = 63;
5831 /* Set the disk geometry information. Ignore errors. */
5832 pIf->pDrvBlockBios->pfnSetPCHSGeometry(pIf->pDrvBlockBios,
5833 &pIf->PCHSGeometry);
5834 rc = VINF_SUCCESS;
5835 }
5836 LogRel(("PIIX3 ATA: LUN#%d: disk, PCHS=%u/%u/%u, total number of sectors %Ld\n", pIf->iLUN, pIf->PCHSGeometry.cCylinders, pIf->PCHSGeometry.cHeads, pIf->PCHSGeometry.cSectors, pIf->cTotalSectors));
5837 }
5838 return rc;
5839}
5840
5841
5842/**
5843 * Attach command.
5844 *
5845 * This is called when we change block driver for the DVD drive.
5846 *
5847 * @returns VBox status code.
5848 * @param pDevIns The device instance.
5849 * @param iLUN The logical unit which is being detached.
5850 * @param fFlags Flags, combination of the PDMDEVATT_FLAGS_* \#defines.
5851 */
5852static DECLCALLBACK(int) ataR3Attach(PPDMDEVINS pDevIns, unsigned iLUN, uint32_t fFlags)
5853{
5854 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
5855 PATACONTROLLER pCtl;
5856 ATADevState *pIf;
5857 int rc;
5858 unsigned iController;
5859 unsigned iInterface;
5860
5861 AssertMsgReturn(fFlags & PDM_TACH_FLAGS_NOT_HOT_PLUG,
5862 ("PIIX3IDE: Device does not support hotplugging\n"),
5863 VERR_INVALID_PARAMETER);
5864
5865 /*
5866 * Locate the controller and stuff.
5867 */
5868 iController = iLUN / RT_ELEMENTS(pThis->aCts[0].aIfs);
5869 AssertReleaseMsg(iController < RT_ELEMENTS(pThis->aCts), ("iController=%d iLUN=%d\n", iController, iLUN));
5870 pCtl = &pThis->aCts[iController];
5871
5872 iInterface = iLUN % RT_ELEMENTS(pThis->aCts[0].aIfs);
5873 pIf = &pCtl->aIfs[iInterface];
5874
5875 /* the usual paranoia */
5876 AssertRelease(!pIf->pDrvBase);
5877 AssertRelease(!pIf->pDrvBlock);
5878 Assert(ATADEVSTATE_2_CONTROLLER(pIf) == pCtl);
5879 Assert(pIf->iLUN == iLUN);
5880
5881 /*
5882 * Try attach the block device and get the interfaces,
5883 * required as well as optional.
5884 */
5885 rc = PDMDevHlpDriverAttach(pDevIns, pIf->iLUN, &pIf->IBase, &pIf->pDrvBase, NULL);
5886 if (RT_SUCCESS(rc))
5887 {
5888 rc = ataConfigLun(pDevIns, pIf);
5889 /*
5890 * In case there is a medium inserted.
5891 */
5892 ataMediumInserted(pIf);
5893 }
5894 else
5895 AssertMsgFailed(("Failed to attach LUN#%d. rc=%Rrc\n", pIf->iLUN, rc));
5896
5897 if (RT_FAILURE(rc))
5898 {
5899 pIf->pDrvBase = NULL;
5900 pIf->pDrvBlock = NULL;
5901 }
5902 return rc;
5903}
5904
5905
5906/**
5907 * Resume notification.
5908 *
5909 * @returns VBox status.
5910 * @param pDevIns The device instance data.
5911 */
5912static DECLCALLBACK(void) ataR3Resume(PPDMDEVINS pDevIns)
5913{
5914 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
5915 int rc;
5916
5917 Log(("%s:\n", __FUNCTION__));
5918 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
5919 {
5920 if (pThis->aCts[i].fRedo && pThis->aCts[i].fRedoIdle)
5921 {
5922 rc = RTSemEventSignal(pThis->aCts[i].SuspendIOSem);
5923 AssertRC(rc);
5924 }
5925 }
5926 return;
5927}
5928
5929
5930/**
5931 * Checks if all (both) the async I/O threads have quiesced.
5932 *
5933 * @returns true on success.
5934 * @returns false when one or more threads is still processing.
5935 * @param pThis Pointer to the instance data.
5936 */
5937static bool ataR3AllAsyncIOIsIdle(PPDMDEVINS pDevIns)
5938{
5939 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
5940
5941 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
5942 if (pThis->aCts[i].AsyncIOThread != NIL_RTTHREAD)
5943 {
5944 bool fRc = ataAsyncIOIsIdle(&pThis->aCts[i], false /*fStrict*/);
5945 if (!fRc)
5946 {
5947 /* Make it signal PDM & itself when its done */
5948 RTSemMutexRequest(pThis->aCts[i].AsyncIORequestMutex, RT_INDEFINITE_WAIT);
5949 ASMAtomicWriteBool(&pThis->aCts[i].fSignalIdle, true);
5950 RTSemMutexRelease(pThis->aCts[i].AsyncIORequestMutex);
5951 fRc = ataAsyncIOIsIdle(&pThis->aCts[i], false /*fStrict*/);
5952 if (!fRc)
5953 {
5954#if 0 /** @todo Need to do some time tracking here... */
5955 LogRel(("PIIX3 ATA: Ctl#%u is still executing, DevSel=%d AIOIf=%d CmdIf0=%#04x CmdIf1=%#04x\n",
5956 i, pThis->aCts[i].iSelectedIf, pThis->aCts[i].iAIOIf,
5957 pThis->aCts[i].aIfs[0].uATARegCommand, pThis->aCts[i].aIfs[1].uATARegCommand));
5958#endif
5959 return false;
5960 }
5961 }
5962 ASMAtomicWriteBool(&pThis->aCts[i].fSignalIdle, false);
5963 }
5964 return true;
5965}
5966
5967
5968/**
5969 * Callback employed by ataSuspend and ataR3PowerOff.
5970 *
5971 * @returns true if we've quiesced, false if we're still working.
5972 * @param pDevIns The device instance.
5973 */
5974static DECLCALLBACK(bool) ataR3IsAsyncSuspendOrPowerOffDone(PPDMDEVINS pDevIns)
5975{
5976 return ataR3AllAsyncIOIsIdle(pDevIns);
5977}
5978
5979
5980/**
5981 * Common worker for ataSuspend and ataR3PowerOff.
5982 */
5983static void ataR3SuspendOrPowerOff(PPDMDEVINS pDevIns)
5984{
5985 if (!ataR3AllAsyncIOIsIdle(pDevIns))
5986 PDMDevHlpSetAsyncNotification(pDevIns, ataR3IsAsyncSuspendOrPowerOffDone);
5987}
5988
5989
5990/**
5991 * Power Off notification.
5992 *
5993 * @returns VBox status.
5994 * @param pDevIns The device instance data.
5995 */
5996static DECLCALLBACK(void) ataR3PowerOff(PPDMDEVINS pDevIns)
5997{
5998 Log(("%s:\n", __FUNCTION__));
5999 ataR3SuspendOrPowerOff(pDevIns);
6000}
6001
6002
6003/**
6004 * Suspend notification.
6005 *
6006 * @returns VBox status.
6007 * @param pDevIns The device instance data.
6008 */
6009static DECLCALLBACK(void) ataR3Suspend(PPDMDEVINS pDevIns)
6010{
6011 Log(("%s:\n", __FUNCTION__));
6012 ataR3SuspendOrPowerOff(pDevIns);
6013}
6014
6015
6016/**
6017 * Callback employed by ataR3Reset.
6018 *
6019 * @returns true if we've quiesced, false if we're still working.
6020 * @param pDevIns The device instance.
6021 */
6022static DECLCALLBACK(bool) ataR3IsAsyncResetDone(PPDMDEVINS pDevIns)
6023{
6024 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6025
6026 if (!ataR3AllAsyncIOIsIdle(pDevIns))
6027 return false;
6028
6029 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
6030 {
6031 PDMCritSectEnter(&pThis->aCts[i].lock, VERR_INTERNAL_ERROR);
6032 for (uint32_t j = 0; j < RT_ELEMENTS(pThis->aCts[i].aIfs); j++)
6033 ataResetDevice(&pThis->aCts[i].aIfs[j]);
6034 PDMCritSectLeave(&pThis->aCts[i].lock);
6035 }
6036 return true;
6037}
6038
6039
6040/**
6041 * Common reset worker for ataR3Reset and ataR3Construct.
6042 *
6043 * @returns VBox status.
6044 * @param pDevIns The device instance data.
6045 * @param fConstruct Indicates who is calling.
6046 */
6047static int ataR3ResetCommon(PPDMDEVINS pDevIns, bool fConstruct)
6048{
6049 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6050
6051 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
6052 {
6053 PDMCritSectEnter(&pThis->aCts[i].lock, VERR_INTERNAL_ERROR);
6054
6055 pThis->aCts[i].iSelectedIf = 0;
6056 pThis->aCts[i].iAIOIf = 0;
6057 pThis->aCts[i].BmDma.u8Cmd = 0;
6058 /* Report that both drives present on the bus are in DMA mode. This
6059 * pretends that there is a BIOS that has set it up. Normal reset
6060 * default is 0x00. */
6061 pThis->aCts[i].BmDma.u8Status = (pThis->aCts[i].aIfs[0].pDrvBase != NULL ? BM_STATUS_D0DMA : 0)
6062 | (pThis->aCts[i].aIfs[1].pDrvBase != NULL ? BM_STATUS_D1DMA : 0);
6063 pThis->aCts[i].BmDma.pvAddr = 0;
6064
6065 pThis->aCts[i].fReset = true;
6066 pThis->aCts[i].fRedo = false;
6067 pThis->aCts[i].fRedoIdle = false;
6068 ataAsyncIOClearRequests(&pThis->aCts[i]);
6069 Log2(("%s: Ctl#%d: message to async I/O thread, reset controller\n", __FUNCTION__, i));
6070 ataAsyncIOPutRequest(&pThis->aCts[i], &g_ataResetARequest);
6071 ataAsyncIOPutRequest(&pThis->aCts[i], &g_ataResetCRequest);
6072
6073 PDMCritSectLeave(&pThis->aCts[i].lock);
6074 }
6075
6076 int rcRet = VINF_SUCCESS;
6077 if (!fConstruct)
6078 {
6079 /*
6080 * Setup asynchronous notification compmletion if the requests haven't
6081 * completed yet.
6082 */
6083 if (!ataR3IsAsyncResetDone(pDevIns))
6084 PDMDevHlpSetAsyncNotification(pDevIns, ataR3IsAsyncResetDone);
6085 }
6086 else
6087 {
6088 /*
6089 * Wait for the requests for complete.
6090 *
6091 * Would be real nice if we could do it all from EMT(0) and not
6092 * involve the worker threads, then we could dispense with all the
6093 * waiting and semaphore ping-pong here...
6094 */
6095 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
6096 {
6097 if (pThis->aCts[i].AsyncIOThread != NIL_RTTHREAD)
6098 {
6099 int rc = RTSemMutexRequest(pThis->aCts[i].AsyncIORequestMutex, RT_INDEFINITE_WAIT);
6100 AssertRC(rc);
6101
6102 ASMAtomicWriteBool(&pThis->aCts[i].fSignalIdle, true);
6103 rc = RTThreadUserReset(pThis->aCts[i].AsyncIOThread);
6104 AssertRC(rc);
6105
6106 rc = RTSemMutexRelease(pThis->aCts[i].AsyncIORequestMutex);
6107 AssertRC(rc);
6108
6109 if (!ataAsyncIOIsIdle(&pThis->aCts[i], false /*fStrict*/))
6110 {
6111 rc = RTThreadUserWait(pThis->aCts[i].AsyncIOThread, 30*1000 /*ms*/);
6112 if (RT_FAILURE(rc))
6113 rc = RTThreadUserWait(pThis->aCts[i].AsyncIOThread, 1000 /*ms*/);
6114 if (RT_FAILURE(rc))
6115 {
6116 AssertRC(rc);
6117 rcRet = rc;
6118 }
6119 }
6120 }
6121 ASMAtomicWriteBool(&pThis->aCts[i].fSignalIdle, false);
6122 }
6123 if (RT_SUCCESS(rcRet))
6124 {
6125 rcRet = ataR3IsAsyncResetDone(pDevIns) ? VINF_SUCCESS : VERR_INTERNAL_ERROR;
6126 AssertRC(rcRet);
6127 }
6128 }
6129 return rcRet;
6130}
6131
6132
6133/**
6134 * Reset notification.
6135 *
6136 * @param pDevIns The device instance data.
6137 */
6138static DECLCALLBACK(void) ataR3Reset(PPDMDEVINS pDevIns)
6139{
6140 ataR3ResetCommon(pDevIns, false /*fConstruct*/);
6141}
6142
6143
6144/**
6145 * Prepare state save and load operation.
6146 *
6147 * @returns VBox status code.
6148 * @param pDevIns Device instance of the device which registered the data unit.
6149 * @param pSSM SSM operation handle.
6150 */
6151static DECLCALLBACK(int) ataSaveLoadPrep(PPDMDEVINS pDevIns, PSSMHANDLE pSSM)
6152{
6153 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6154
6155 /* sanity - the suspend notification will wait on the async stuff. */
6156 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
6157 AssertLogRelMsgReturn(ataAsyncIOIsIdle(&pThis->aCts[i], false /*fStrict*/),
6158 ("i=%u\n", i),
6159 VERR_SSM_IDE_ASYNC_TIMEOUT);
6160 return VINF_SUCCESS;
6161}
6162
6163/**
6164 * @copydoc FNSSMDEVLIVEEXEC
6165 */
6166static DECLCALLBACK(int) ataLiveExec(PPDMDEVINS pDevIns, PSSMHANDLE pSSM, uint32_t uPass)
6167{
6168 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6169
6170 SSMR3PutU8(pSSM, pThis->u8Type);
6171 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
6172 {
6173 SSMR3PutBool(pSSM, true); /* For controller enabled / disabled. */
6174 for (uint32_t j = 0; j < RT_ELEMENTS(pThis->aCts[i].aIfs); j++)
6175 {
6176 SSMR3PutBool(pSSM, pThis->aCts[i].aIfs[j].pDrvBase != NULL);
6177 SSMR3PutStrZ(pSSM, pThis->aCts[i].aIfs[j].szSerialNumber);
6178 SSMR3PutStrZ(pSSM, pThis->aCts[i].aIfs[j].szFirmwareRevision);
6179 SSMR3PutStrZ(pSSM, pThis->aCts[i].aIfs[j].szModelNumber);
6180 }
6181 }
6182
6183 return VINF_SSM_DONT_CALL_AGAIN;
6184}
6185
6186
6187/**
6188 * @copydoc FNSSMDEVSAVEEXEC
6189 */
6190static DECLCALLBACK(int) ataSaveExec(PPDMDEVINS pDevIns, PSSMHANDLE pSSM)
6191{
6192 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6193
6194 ataLiveExec(pDevIns, pSSM, SSM_PASS_FINAL);
6195
6196 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
6197 {
6198 SSMR3PutU8(pSSM, pThis->aCts[i].iSelectedIf);
6199 SSMR3PutU8(pSSM, pThis->aCts[i].iAIOIf);
6200 SSMR3PutU8(pSSM, pThis->aCts[i].uAsyncIOState);
6201 SSMR3PutBool(pSSM, pThis->aCts[i].fChainedTransfer);
6202 SSMR3PutBool(pSSM, pThis->aCts[i].fReset);
6203 SSMR3PutBool(pSSM, pThis->aCts[i].fRedo);
6204 SSMR3PutBool(pSSM, pThis->aCts[i].fRedoIdle);
6205 SSMR3PutBool(pSSM, pThis->aCts[i].fRedoDMALastDesc);
6206 SSMR3PutMem(pSSM, &pThis->aCts[i].BmDma, sizeof(pThis->aCts[i].BmDma));
6207 SSMR3PutGCPhys32(pSSM, pThis->aCts[i].pFirstDMADesc);
6208 SSMR3PutGCPhys32(pSSM, pThis->aCts[i].pLastDMADesc);
6209 SSMR3PutGCPhys32(pSSM, pThis->aCts[i].pRedoDMABuffer);
6210 SSMR3PutU32(pSSM, pThis->aCts[i].cbRedoDMABuffer);
6211
6212 for (uint32_t j = 0; j < RT_ELEMENTS(pThis->aCts[i].aIfs); j++)
6213 {
6214 SSMR3PutBool(pSSM, pThis->aCts[i].aIfs[j].fLBA48);
6215 SSMR3PutBool(pSSM, pThis->aCts[i].aIfs[j].fATAPI);
6216 SSMR3PutBool(pSSM, pThis->aCts[i].aIfs[j].fIrqPending);
6217 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].cMultSectors);
6218 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].PCHSGeometry.cCylinders);
6219 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].PCHSGeometry.cHeads);
6220 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].PCHSGeometry.cSectors);
6221 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].cSectorsPerIRQ);
6222 SSMR3PutU64(pSSM, pThis->aCts[i].aIfs[j].cTotalSectors);
6223 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegFeature);
6224 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegFeatureHOB);
6225 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegError);
6226 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegNSector);
6227 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegNSectorHOB);
6228 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegSector);
6229 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegSectorHOB);
6230 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegLCyl);
6231 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegLCylHOB);
6232 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegHCyl);
6233 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegHCylHOB);
6234 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegSelect);
6235 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegStatus);
6236 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegCommand);
6237 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegDevCtl);
6238 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uATATransferMode);
6239 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].uTxDir);
6240 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].iBeginTransfer);
6241 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].iSourceSink);
6242 SSMR3PutBool(pSSM, pThis->aCts[i].aIfs[j].fDMA);
6243 SSMR3PutBool(pSSM, pThis->aCts[i].aIfs[j].fATAPITransfer);
6244 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].cbTotalTransfer);
6245 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].cbElementaryTransfer);
6246 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].iIOBufferCur);
6247 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].iIOBufferEnd);
6248 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].iIOBufferPIODataStart);
6249 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].iIOBufferPIODataEnd);
6250 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].iATAPILBA);
6251 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].cbATAPISector);
6252 SSMR3PutMem(pSSM, &pThis->aCts[i].aIfs[j].aATAPICmd, sizeof(pThis->aCts[i].aIfs[j].aATAPICmd));
6253 SSMR3PutMem(pSSM, &pThis->aCts[i].aIfs[j].abATAPISense, sizeof(pThis->aCts[i].aIfs[j].abATAPISense));
6254 SSMR3PutU8(pSSM, pThis->aCts[i].aIfs[j].cNotifiedMediaChange);
6255 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].MediaEventStatus);
6256 SSMR3PutMem(pSSM, &pThis->aCts[i].aIfs[j].Led, sizeof(pThis->aCts[i].aIfs[j].Led));
6257 SSMR3PutU32(pSSM, pThis->aCts[i].aIfs[j].cbIOBuffer);
6258 if (pThis->aCts[i].aIfs[j].cbIOBuffer)
6259 SSMR3PutMem(pSSM, pThis->aCts[i].aIfs[j].CTX_SUFF(pbIOBuffer), pThis->aCts[i].aIfs[j].cbIOBuffer);
6260 else
6261 Assert(pThis->aCts[i].aIfs[j].CTX_SUFF(pbIOBuffer) == NULL);
6262 }
6263 }
6264
6265 return SSMR3PutU32(pSSM, ~0); /* sanity/terminator */
6266}
6267
6268/**
6269 * Converts the LUN number into a message string.
6270 */
6271static const char *ataStringifyLun(unsigned iLun)
6272{
6273 switch (iLun)
6274 {
6275 case 0: return "primary master";
6276 case 1: return "primary slave";
6277 case 2: return "secondary master";
6278 case 3: return "secondary slave";
6279 default: AssertFailedReturn("unknown lun");
6280 }
6281}
6282
6283/**
6284 * FNSSMDEVLOADEXEC
6285 */
6286static DECLCALLBACK(int) ataLoadExec(PPDMDEVINS pDevIns, PSSMHANDLE pSSM, uint32_t uVersion, uint32_t uPass)
6287{
6288 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6289 int rc;
6290 uint32_t u32;
6291
6292 if ( uVersion != ATA_SAVED_STATE_VERSION
6293 && uVersion != ATA_SAVED_STATE_VERSION_VBOX_30
6294 && uVersion != ATA_SAVED_STATE_VERSION_WITHOUT_FULL_SENSE
6295 && uVersion != ATA_SAVED_STATE_VERSION_WITHOUT_EVENT_STATUS
6296 && uVersion != ATA_SAVED_STATE_VERSION_WITH_BOOL_TYPE)
6297 {
6298 AssertMsgFailed(("uVersion=%d\n", uVersion));
6299 return VERR_SSM_UNSUPPORTED_DATA_UNIT_VERSION;
6300 }
6301
6302 /*
6303 * Verify the configuration.
6304 */
6305 if (uVersion > ATA_SAVED_STATE_VERSION_VBOX_30)
6306 {
6307 uint8_t u8Type;
6308 rc = SSMR3GetU8(pSSM, &u8Type);
6309 AssertRCReturn(rc, rc);
6310 if (u8Type != pThis->u8Type)
6311 return SSMR3SetCfgError(pSSM, RT_SRC_POS, N_("Config mismatch: u8Type - saved=%u config=%u"), u8Type, pThis->u8Type);
6312
6313 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
6314 {
6315 bool fEnabled;
6316 rc = SSMR3GetBool(pSSM, &fEnabled);
6317 AssertRCReturn(rc, rc);
6318 if (!fEnabled)
6319 return SSMR3SetCfgError(pSSM, RT_SRC_POS, N_("Ctr#%u onfig mismatch: fEnabled != true"), i);
6320
6321 for (uint32_t j = 0; j < RT_ELEMENTS(pThis->aCts[i].aIfs); j++)
6322 {
6323 ATADevState const *pIf = &pThis->aCts[i].aIfs[j];
6324
6325 bool fInUse;
6326 rc = SSMR3GetBool(pSSM, &fInUse);
6327 AssertRCReturn(rc, rc);
6328 if (fInUse != (pIf->pDrvBase != NULL))
6329 return SSMR3SetCfgError(pSSM, RT_SRC_POS,
6330 N_("The %s VM is missing a %s device. Please make sure the source and target VMs have compatible storage configurations"),
6331 fInUse ? "target" : "source", ataStringifyLun(pIf->iLUN) );
6332
6333 char szSerialNumber[ATA_SERIAL_NUMBER_LENGTH+1];
6334 rc = SSMR3GetStrZ(pSSM, szSerialNumber, sizeof(szSerialNumber));
6335 AssertRCReturn(rc, rc);
6336 if (strcmp(szSerialNumber, pIf->szSerialNumber))
6337 LogRel(("PIIX3 ATA: LUN#%u config mismatch: Serial number - saved='%s' config='%s'\n",
6338 pIf->iLUN, szSerialNumber, pIf->szSerialNumber));
6339
6340 char szFirmwareRevision[ATA_FIRMWARE_REVISION_LENGTH+1];
6341 rc = SSMR3GetStrZ(pSSM, szFirmwareRevision, sizeof(szFirmwareRevision));
6342 AssertRCReturn(rc, rc);
6343 if (strcmp(szFirmwareRevision, pIf->szFirmwareRevision))
6344 LogRel(("PIIX3 ATA: LUN#%u config mismatch: Firmware revision - saved='%s' config='%s'\n",
6345 pIf->iLUN, szFirmwareRevision, pIf->szFirmwareRevision));
6346
6347 char szModelNumber[ATA_MODEL_NUMBER_LENGTH+1];
6348 rc = SSMR3GetStrZ(pSSM, szModelNumber, sizeof(szModelNumber));
6349 AssertRCReturn(rc, rc);
6350 if (strcmp(szModelNumber, pIf->szModelNumber))
6351 LogRel(("PIIX3 ATA: LUN#%u config mismatch: Model number - saved='%s' config='%s'\n",
6352 pIf->iLUN, szModelNumber, pIf->szModelNumber));
6353 }
6354 }
6355 }
6356 if (uPass != SSM_PASS_FINAL)
6357 return VINF_SUCCESS;
6358
6359 /*
6360 * Restore valid parts of the PCIATAState structure
6361 */
6362 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
6363 {
6364 /* integrity check */
6365 if (!ataAsyncIOIsIdle(&pThis->aCts[i], false))
6366 {
6367 AssertMsgFailed(("Async I/O for controller %d is active\n", i));
6368 return VERR_INTERNAL_ERROR_4;
6369 }
6370
6371 SSMR3GetU8(pSSM, &pThis->aCts[i].iSelectedIf);
6372 SSMR3GetU8(pSSM, &pThis->aCts[i].iAIOIf);
6373 SSMR3GetU8(pSSM, &pThis->aCts[i].uAsyncIOState);
6374 SSMR3GetBool(pSSM, &pThis->aCts[i].fChainedTransfer);
6375 SSMR3GetBool(pSSM, (bool *)&pThis->aCts[i].fReset);
6376 SSMR3GetBool(pSSM, (bool *)&pThis->aCts[i].fRedo);
6377 SSMR3GetBool(pSSM, (bool *)&pThis->aCts[i].fRedoIdle);
6378 SSMR3GetBool(pSSM, (bool *)&pThis->aCts[i].fRedoDMALastDesc);
6379 SSMR3GetMem(pSSM, &pThis->aCts[i].BmDma, sizeof(pThis->aCts[i].BmDma));
6380 SSMR3GetGCPhys32(pSSM, &pThis->aCts[i].pFirstDMADesc);
6381 SSMR3GetGCPhys32(pSSM, &pThis->aCts[i].pLastDMADesc);
6382 SSMR3GetGCPhys32(pSSM, &pThis->aCts[i].pRedoDMABuffer);
6383 SSMR3GetU32(pSSM, &pThis->aCts[i].cbRedoDMABuffer);
6384
6385 for (uint32_t j = 0; j < RT_ELEMENTS(pThis->aCts[i].aIfs); j++)
6386 {
6387 SSMR3GetBool(pSSM, &pThis->aCts[i].aIfs[j].fLBA48);
6388 SSMR3GetBool(pSSM, &pThis->aCts[i].aIfs[j].fATAPI);
6389 SSMR3GetBool(pSSM, &pThis->aCts[i].aIfs[j].fIrqPending);
6390 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].cMultSectors);
6391 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].PCHSGeometry.cCylinders);
6392 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].PCHSGeometry.cHeads);
6393 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].PCHSGeometry.cSectors);
6394 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].cSectorsPerIRQ);
6395 SSMR3GetU64(pSSM, &pThis->aCts[i].aIfs[j].cTotalSectors);
6396 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegFeature);
6397 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegFeatureHOB);
6398 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegError);
6399 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegNSector);
6400 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegNSectorHOB);
6401 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegSector);
6402 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegSectorHOB);
6403 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegLCyl);
6404 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegLCylHOB);
6405 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegHCyl);
6406 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegHCylHOB);
6407 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegSelect);
6408 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegStatus);
6409 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegCommand);
6410 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegDevCtl);
6411 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uATATransferMode);
6412 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].uTxDir);
6413 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].iBeginTransfer);
6414 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].iSourceSink);
6415 SSMR3GetBool(pSSM, &pThis->aCts[i].aIfs[j].fDMA);
6416 SSMR3GetBool(pSSM, &pThis->aCts[i].aIfs[j].fATAPITransfer);
6417 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].cbTotalTransfer);
6418 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].cbElementaryTransfer);
6419 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].iIOBufferCur);
6420 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].iIOBufferEnd);
6421 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].iIOBufferPIODataStart);
6422 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].iIOBufferPIODataEnd);
6423 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].iATAPILBA);
6424 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].cbATAPISector);
6425 SSMR3GetMem(pSSM, &pThis->aCts[i].aIfs[j].aATAPICmd, sizeof(pThis->aCts[i].aIfs[j].aATAPICmd));
6426 if (uVersion > ATA_SAVED_STATE_VERSION_WITHOUT_FULL_SENSE)
6427 {
6428 SSMR3GetMem(pSSM, pThis->aCts[i].aIfs[j].abATAPISense, sizeof(pThis->aCts[i].aIfs[j].abATAPISense));
6429 }
6430 else
6431 {
6432 uint8_t uATAPISenseKey, uATAPIASC;
6433 memset(pThis->aCts[i].aIfs[j].abATAPISense, '\0', sizeof(pThis->aCts[i].aIfs[j].abATAPISense));
6434 pThis->aCts[i].aIfs[j].abATAPISense[0] = 0x70 | (1 << 7);
6435 pThis->aCts[i].aIfs[j].abATAPISense[7] = 10;
6436 SSMR3GetU8(pSSM, &uATAPISenseKey);
6437 SSMR3GetU8(pSSM, &uATAPIASC);
6438 pThis->aCts[i].aIfs[j].abATAPISense[2] = uATAPISenseKey & 0x0f;
6439 pThis->aCts[i].aIfs[j].abATAPISense[12] = uATAPIASC;
6440 }
6441 /** @todo triple-check this hack after passthrough is working */
6442 SSMR3GetU8(pSSM, &pThis->aCts[i].aIfs[j].cNotifiedMediaChange);
6443 if (uVersion > ATA_SAVED_STATE_VERSION_WITHOUT_EVENT_STATUS)
6444 SSMR3GetU32(pSSM, (uint32_t*)&pThis->aCts[i].aIfs[j].MediaEventStatus);
6445 else
6446 pThis->aCts[i].aIfs[j].MediaEventStatus = ATA_EVENT_STATUS_UNCHANGED;
6447 SSMR3GetMem(pSSM, &pThis->aCts[i].aIfs[j].Led, sizeof(pThis->aCts[i].aIfs[j].Led));
6448 SSMR3GetU32(pSSM, &pThis->aCts[i].aIfs[j].cbIOBuffer);
6449 if (pThis->aCts[i].aIfs[j].cbIOBuffer)
6450 {
6451 if (pThis->aCts[i].aIfs[j].CTX_SUFF(pbIOBuffer))
6452 SSMR3GetMem(pSSM, pThis->aCts[i].aIfs[j].CTX_SUFF(pbIOBuffer), pThis->aCts[i].aIfs[j].cbIOBuffer);
6453 else
6454 {
6455 LogRel(("ATA: No buffer for %d/%d\n", i, j));
6456 if (SSMR3HandleGetAfter(pSSM) != SSMAFTER_DEBUG_IT)
6457 return SSMR3SetCfgError(pSSM, RT_SRC_POS, N_("No buffer for %d/%d"), i, j);
6458
6459 /* skip the buffer if we're loading for the debugger / animator. */
6460 uint8_t u8Ignored;
6461 size_t cbLeft = pThis->aCts[i].aIfs[j].cbIOBuffer;
6462 while (cbLeft-- > 0)
6463 SSMR3GetU8(pSSM, &u8Ignored);
6464 }
6465 }
6466 else
6467 Assert(pThis->aCts[i].aIfs[j].CTX_SUFF(pbIOBuffer) == NULL);
6468 }
6469 }
6470 if (uVersion <= ATA_SAVED_STATE_VERSION_VBOX_30)
6471 SSMR3GetU8(pSSM, &pThis->u8Type);
6472
6473 rc = SSMR3GetU32(pSSM, &u32);
6474 if (RT_FAILURE(rc))
6475 return rc;
6476 if (u32 != ~0U)
6477 {
6478 AssertMsgFailed(("u32=%#x expected ~0\n", u32));
6479 rc = VERR_SSM_DATA_UNIT_FORMAT_CHANGED;
6480 return rc;
6481 }
6482
6483 return VINF_SUCCESS;
6484}
6485
6486/**
6487 * Convert config value to DEVPCBIOSBOOT.
6488 *
6489 * @returns VBox status code.
6490 * @param pDevIns The device instance data.
6491 * @param pCfg Configuration handle.
6492 * @param penmChipset Where to store the chipset type.
6493 */
6494static int ataControllerFromCfg(PPDMDEVINS pDevIns, PCFGMNODE pCfg, CHIPSET *penmChipset)
6495{
6496 char szType[20];
6497
6498 int rc = CFGMR3QueryStringDef(pCfg, "Type", &szType[0], sizeof(szType), "PIIX4");
6499 if (RT_FAILURE(rc))
6500 return PDMDevHlpVMSetError(pDevIns, rc, RT_SRC_POS,
6501 N_("Configuration error: Querying \"Type\" as a string failed"));
6502 if (!strcmp(szType, "PIIX3"))
6503 *penmChipset = CHIPSET_PIIX3;
6504 else if (!strcmp(szType, "PIIX4"))
6505 *penmChipset = CHIPSET_PIIX4;
6506 else if (!strcmp(szType, "ICH6"))
6507 *penmChipset = CHIPSET_ICH6;
6508 else
6509 {
6510 PDMDevHlpVMSetError(pDevIns, rc, RT_SRC_POS,
6511 N_("Configuration error: The \"Type\" value \"%s\" is unknown"),
6512 szType);
6513 rc = VERR_INTERNAL_ERROR;
6514 }
6515 return rc;
6516}
6517
6518
6519/**
6520 * @interface_method_impl{PDMDEVREG,pfnConstruct}
6521 */
6522static DECLCALLBACK(int) ataR3Construct(PPDMDEVINS pDevIns, int iInstance, PCFGMNODE pCfg)
6523{
6524 PCIATAState *pThis = PDMINS_2_DATA(pDevIns, PCIATAState *);
6525 PPDMIBASE pBase;
6526 int rc;
6527 bool fGCEnabled;
6528 bool fR0Enabled;
6529 uint32_t DelayIRQMillies;
6530
6531 Assert(iInstance == 0);
6532 PDMDEV_CHECK_VERSIONS_RETURN(pDevIns);
6533
6534 /*
6535 * Initialize NIL handle values (for the destructor).
6536 */
6537 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
6538 {
6539 pThis->aCts[i].AsyncIOSem = NIL_RTSEMEVENT;
6540 pThis->aCts[i].SuspendIOSem = NIL_RTSEMEVENT;
6541 pThis->aCts[i].AsyncIORequestMutex = NIL_RTSEMMUTEX;
6542 pThis->aCts[i].AsyncIOThread = NIL_RTTHREAD;
6543 }
6544
6545 /*
6546 * Validate and read configuration.
6547 */
6548 if (!CFGMR3AreValuesValid(pCfg,
6549 "GCEnabled\0"
6550 "R0Enabled\0"
6551 "IRQDelay\0"
6552 "Type\0")
6553 /** @todo || invalid keys */)
6554 return PDMDEV_SET_ERROR(pDevIns, VERR_PDM_DEVINS_UNKNOWN_CFG_VALUES,
6555 N_("PIIX3 configuration error: unknown option specified"));
6556
6557 rc = CFGMR3QueryBoolDef(pCfg, "GCEnabled", &fGCEnabled, true);
6558 if (RT_FAILURE(rc))
6559 return PDMDEV_SET_ERROR(pDevIns, rc,
6560 N_("PIIX3 configuration error: failed to read GCEnabled as boolean"));
6561 Log(("%s: fGCEnabled=%d\n", __FUNCTION__, fGCEnabled));
6562
6563 rc = CFGMR3QueryBoolDef(pCfg, "R0Enabled", &fR0Enabled, true);
6564 if (RT_FAILURE(rc))
6565 return PDMDEV_SET_ERROR(pDevIns, rc,
6566 N_("PIIX3 configuration error: failed to read R0Enabled as boolean"));
6567 Log(("%s: fR0Enabled=%d\n", __FUNCTION__, fR0Enabled));
6568
6569 rc = CFGMR3QueryU32Def(pCfg, "IRQDelay", &DelayIRQMillies, 0);
6570 if (RT_FAILURE(rc))
6571 return PDMDEV_SET_ERROR(pDevIns, rc,
6572 N_("PIIX3 configuration error: failed to read IRQDelay as integer"));
6573 Log(("%s: DelayIRQMillies=%d\n", __FUNCTION__, DelayIRQMillies));
6574 Assert(DelayIRQMillies < 50);
6575
6576 CHIPSET enmChipset = CHIPSET_PIIX3;
6577 rc = ataControllerFromCfg(pDevIns, pCfg, &enmChipset);
6578 if (RT_FAILURE(rc))
6579 return rc;
6580 pThis->u8Type = (uint8_t)enmChipset;
6581
6582 /*
6583 * Initialize data (most of it anyway).
6584 */
6585 /* Status LUN. */
6586 pThis->IBase.pfnQueryInterface = ataStatus_QueryInterface;
6587 pThis->ILeds.pfnQueryStatusLed = ataStatus_QueryStatusLed;
6588
6589 /* PCI configuration space. */
6590 PCIDevSetVendorId(&pThis->dev, 0x8086); /* Intel */
6591
6592 /*
6593 * When adding more IDE chipsets, don't forget to update pci_bios_init_device()
6594 * as it explicitly checks for PCI id for IDE controllers.
6595 */
6596 switch (pThis->u8Type)
6597 {
6598 case CHIPSET_ICH6:
6599 PCIDevSetDeviceId(&pThis->dev, 0x269e); /* ICH6 IDE */
6600 /** @todo: do we need it? Do we need anything else? */
6601 pThis->dev.config[0x48] = 0x00; /* UDMACTL */
6602 pThis->dev.config[0x4A] = 0x00; /* UDMATIM */
6603 pThis->dev.config[0x4B] = 0x00;
6604 {
6605 /*
6606 * See www.intel.com/Assets/PDF/manual/298600.pdf p. 30
6607 * Report
6608 * WR_Ping-Pong_EN: must be set
6609 * PCR0, PCR1: 80-pin primary cable reporting for both disks
6610 * SCR0, SCR1: 80-pin secondary cable reporting for both disks
6611 */
6612 uint16_t u16Config = (1<<10) | (1<<7) | (1<<6) | (1<<5) | (1<<4) ;
6613 pThis->dev.config[0x54] = u16Config & 0xff;
6614 pThis->dev.config[0x55] = u16Config >> 8;
6615 }
6616 break;
6617 case CHIPSET_PIIX4:
6618 PCIDevSetDeviceId(&pThis->dev, 0x7111); /* PIIX4 IDE */
6619 PCIDevSetRevisionId(&pThis->dev, 0x01); /* PIIX4E */
6620 pThis->dev.config[0x48] = 0x00; /* UDMACTL */
6621 pThis->dev.config[0x4A] = 0x00; /* UDMATIM */
6622 pThis->dev.config[0x4B] = 0x00;
6623 break;
6624 case CHIPSET_PIIX3:
6625 PCIDevSetDeviceId(&pThis->dev, 0x7010); /* PIIX3 IDE */
6626 break;
6627 default:
6628 AssertMsgFailed(("Unsupported IDE chipset type: %d\n", pThis->u8Type));
6629 }
6630
6631 PCIDevSetCommand( &pThis->dev, PCI_COMMAND_IOACCESS | PCI_COMMAND_MEMACCESS | PCI_COMMAND_BUSMASTER);
6632 PCIDevSetClassProg( &pThis->dev, 0x8a); /* programming interface = PCI_IDE bus master is supported */
6633 PCIDevSetClassSub( &pThis->dev, 0x01); /* class_sub = PCI_IDE */
6634 PCIDevSetClassBase( &pThis->dev, 0x01); /* class_base = PCI_mass_storage */
6635 PCIDevSetHeaderType(&pThis->dev, 0x00);
6636
6637 pThis->pDevIns = pDevIns;
6638 pThis->fGCEnabled = fGCEnabled;
6639 pThis->fR0Enabled = fR0Enabled;
6640 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
6641 {
6642 pThis->aCts[i].pDevInsR3 = pDevIns;
6643 pThis->aCts[i].pDevInsR0 = PDMDEVINS_2_R0PTR(pDevIns);
6644 pThis->aCts[i].pDevInsRC = PDMDEVINS_2_RCPTR(pDevIns);
6645 pThis->aCts[i].DelayIRQMillies = (uint32_t)DelayIRQMillies;
6646 for (uint32_t j = 0; j < RT_ELEMENTS(pThis->aCts[i].aIfs); j++)
6647 {
6648 ATADevState *pIf = &pThis->aCts[i].aIfs[j];
6649
6650 pIf->iLUN = i * RT_ELEMENTS(pThis->aCts) + j;
6651 pIf->pDevInsR3 = pDevIns;
6652 pIf->pDevInsR0 = PDMDEVINS_2_R0PTR(pDevIns);
6653 pIf->pDevInsRC = PDMDEVINS_2_RCPTR(pDevIns);
6654 pIf->pControllerR3 = &pThis->aCts[i];
6655 pIf->pControllerR0 = MMHyperR3ToR0(PDMDevHlpGetVM(pDevIns), &pThis->aCts[i]);
6656 pIf->pControllerRC = MMHyperR3ToRC(PDMDevHlpGetVM(pDevIns), &pThis->aCts[i]);
6657 pIf->IBase.pfnQueryInterface = ataQueryInterface;
6658 pIf->IMountNotify.pfnMountNotify = ataMountNotify;
6659 pIf->IMountNotify.pfnUnmountNotify = ataUnmountNotify;
6660 pIf->Led.u32Magic = PDMLED_MAGIC;
6661 }
6662 }
6663
6664 Assert(RT_ELEMENTS(pThis->aCts) == 2);
6665 pThis->aCts[0].irq = 14;
6666 pThis->aCts[0].IOPortBase1 = 0x1f0;
6667 pThis->aCts[0].IOPortBase2 = 0x3f6;
6668 pThis->aCts[1].irq = 15;
6669 pThis->aCts[1].IOPortBase1 = 0x170;
6670 pThis->aCts[1].IOPortBase2 = 0x376;
6671
6672 /*
6673 * Register the PCI device.
6674 * N.B. There's a hack in the PIIX3 PCI bridge device to assign this
6675 * device the slot next to itself.
6676 */
6677 rc = PDMDevHlpPCIRegister(pDevIns, &pThis->dev);
6678 if (RT_FAILURE(rc))
6679 return PDMDEV_SET_ERROR(pDevIns, rc,
6680 N_("PIIX3 cannot register PCI device"));
6681 AssertMsg(pThis->dev.devfn == 9 || iInstance != 0, ("pThis->dev.devfn=%d\n", pThis->dev.devfn));
6682 rc = PDMDevHlpPCIIORegionRegister(pDevIns, 4, 0x10, PCI_ADDRESS_SPACE_IO, ataBMDMAIORangeMap);
6683 if (RT_FAILURE(rc))
6684 return PDMDEV_SET_ERROR(pDevIns, rc,
6685 N_("PIIX3 cannot register PCI I/O region for BMDMA"));
6686
6687 /*
6688 * Register the I/O ports.
6689 * The ports are all hardcoded and enforced by the PIIX3 host bridge controller.
6690 */
6691 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
6692 {
6693 rc = PDMDevHlpIOPortRegister(pDevIns, pThis->aCts[i].IOPortBase1, 8, (RTHCPTR)i,
6694 ataIOPortWrite1, ataIOPortRead1, ataIOPortWriteStr1, ataIOPortReadStr1, "ATA I/O Base 1");
6695 if (RT_FAILURE(rc))
6696 return PDMDEV_SET_ERROR(pDevIns, rc, N_("PIIX3 cannot register I/O handlers"));
6697
6698 if (fGCEnabled)
6699 {
6700 rc = PDMDevHlpIOPortRegisterRC(pDevIns, pThis->aCts[i].IOPortBase1, 8, (RTGCPTR)i,
6701 "ataIOPortWrite1", "ataIOPortRead1", "ataIOPortWriteStr1", "ataIOPortReadStr1", "ATA I/O Base 1");
6702 if (RT_FAILURE(rc))
6703 return PDMDEV_SET_ERROR(pDevIns, rc, N_("PIIX3 cannot register I/O handlers (GC)"));
6704 }
6705
6706 if (fR0Enabled)
6707 {
6708#if 1
6709 rc = PDMDevHlpIOPortRegisterR0(pDevIns, pThis->aCts[i].IOPortBase1, 8, (RTR0PTR)i,
6710 "ataIOPortWrite1", "ataIOPortRead1", NULL, NULL, "ATA I/O Base 1");
6711#else
6712 rc = PDMDevHlpIOPortRegisterR0(pDevIns, pThis->aCts[i].IOPortBase1, 8, (RTR0PTR)i,
6713 "ataIOPortWrite1", "ataIOPortRead1", "ataIOPortWriteStr1", "ataIOPortReadStr1", "ATA I/O Base 1");
6714#endif
6715 if (RT_FAILURE(rc))
6716 return PDMDEV_SET_ERROR(pDevIns, rc, "PIIX3 cannot register I/O handlers (R0).");
6717 }
6718
6719 rc = PDMDevHlpIOPortRegister(pDevIns, pThis->aCts[i].IOPortBase2, 1, (RTHCPTR)i,
6720 ataIOPortWrite2, ataIOPortRead2, NULL, NULL, "ATA I/O Base 2");
6721 if (RT_FAILURE(rc))
6722 return PDMDEV_SET_ERROR(pDevIns, rc, N_("PIIX3 cannot register base2 I/O handlers"));
6723
6724 if (fGCEnabled)
6725 {
6726 rc = PDMDevHlpIOPortRegisterRC(pDevIns, pThis->aCts[i].IOPortBase2, 1, (RTGCPTR)i,
6727 "ataIOPortWrite2", "ataIOPortRead2", NULL, NULL, "ATA I/O Base 2");
6728 if (RT_FAILURE(rc))
6729 return PDMDEV_SET_ERROR(pDevIns, rc, N_("PIIX3 cannot register base2 I/O handlers (GC)"));
6730 }
6731 if (fR0Enabled)
6732 {
6733 rc = PDMDevHlpIOPortRegisterR0(pDevIns, pThis->aCts[i].IOPortBase2, 1, (RTR0PTR)i,
6734 "ataIOPortWrite2", "ataIOPortRead2", NULL, NULL, "ATA I/O Base 2");
6735 if (RT_FAILURE(rc))
6736 return PDMDEV_SET_ERROR(pDevIns, rc, N_("PIIX3 cannot register base2 I/O handlers (R0)"));
6737 }
6738
6739 for (uint32_t j = 0; j < RT_ELEMENTS(pThis->aCts[i].aIfs); j++)
6740 {
6741 ATADevState *pIf = &pThis->aCts[i].aIfs[j];
6742 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatATADMA, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_OCCURENCES,
6743 "Number of ATA DMA transfers.", "/Devices/IDE%d/ATA%d/Unit%d/DMA", iInstance, i, j);
6744 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatATAPIO, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_OCCURENCES,
6745 "Number of ATA PIO transfers.", "/Devices/IDE%d/ATA%d/Unit%d/PIO", iInstance, i, j);
6746 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatATAPIDMA, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_OCCURENCES,
6747 "Number of ATAPI DMA transfers.", "/Devices/IDE%d/ATA%d/Unit%d/AtapiDMA", iInstance, i, j);
6748 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatATAPIPIO, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_OCCURENCES,
6749 "Number of ATAPI PIO transfers.", "/Devices/IDE%d/ATA%d/Unit%d/AtapiPIO", iInstance, i, j);
6750#ifdef VBOX_WITH_STATISTICS /** @todo release too. */
6751 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatReads, STAMTYPE_PROFILE_ADV, STAMVISIBILITY_ALWAYS, STAMUNIT_TICKS_PER_CALL,
6752 "Profiling of the read operations.", "/Devices/IDE%d/ATA%d/Unit%d/Reads", iInstance, i, j);
6753#endif
6754 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatBytesRead, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_BYTES,
6755 "Amount of data read.", "/Devices/IDE%d/ATA%d/Unit%d/ReadBytes", iInstance, i, j);
6756#ifdef VBOX_INSTRUMENT_DMA_WRITES
6757 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatInstrVDWrites,STAMTYPE_PROFILE_ADV, STAMVISIBILITY_ALWAYS, STAMUNIT_TICKS_PER_CALL,
6758 "Profiling of the VD DMA write operations.", "/Devices/IDE%d/ATA%d/Unit%d/InstrVDWrites", iInstance, i, j);
6759#endif
6760#ifdef VBOX_WITH_STATISTICS
6761 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatWrites, STAMTYPE_PROFILE_ADV, STAMVISIBILITY_ALWAYS, STAMUNIT_TICKS_PER_CALL,
6762 "Profiling of the write operations.", "/Devices/IDE%d/ATA%d/Unit%d/Writes", iInstance, i, j);
6763#endif
6764 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatBytesWritten, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_BYTES,
6765 "Amount of data written.", "/Devices/IDE%d/ATA%d/Unit%d/WrittenBytes", iInstance, i, j);
6766#ifdef VBOX_WITH_STATISTICS
6767 PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatFlushes, STAMTYPE_PROFILE, STAMVISIBILITY_ALWAYS, STAMUNIT_TICKS_PER_CALL,
6768 "Profiling of the flush operations.", "/Devices/IDE%d/ATA%d/Unit%d/Flushes", iInstance, i, j);
6769#endif
6770 }
6771#ifdef VBOX_WITH_STATISTICS /** @todo release too. */
6772 PDMDevHlpSTAMRegisterF(pDevIns, &pThis->aCts[i].StatAsyncOps, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_OCCURENCES,
6773 "The number of async operations.", "/Devices/IDE%d/ATA%d/Async/Operations", iInstance, i);
6774 /** @todo STAMUNIT_MICROSECS */
6775 PDMDevHlpSTAMRegisterF(pDevIns, &pThis->aCts[i].StatAsyncMinWait, STAMTYPE_U64_RESET, STAMVISIBILITY_ALWAYS, STAMUNIT_NONE,
6776 "Minimum wait in microseconds.", "/Devices/IDE%d/ATA%d/Async/MinWait", iInstance, i);
6777 PDMDevHlpSTAMRegisterF(pDevIns, &pThis->aCts[i].StatAsyncMaxWait, STAMTYPE_U64_RESET, STAMVISIBILITY_ALWAYS, STAMUNIT_NONE,
6778 "Maximum wait in microseconds.", "/Devices/IDE%d/ATA%d/Async/MaxWait", iInstance, i);
6779 PDMDevHlpSTAMRegisterF(pDevIns, &pThis->aCts[i].StatAsyncTimeUS, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_NONE,
6780 "Total time spent in microseconds.", "/Devices/IDE%d/ATA%d/Async/TotalTimeUS", iInstance, i);
6781 PDMDevHlpSTAMRegisterF(pDevIns, &pThis->aCts[i].StatAsyncTime, STAMTYPE_PROFILE_ADV, STAMVISIBILITY_ALWAYS, STAMUNIT_TICKS_PER_CALL,
6782 "Profiling of async operations.", "/Devices/IDE%d/ATA%d/Async/Time", iInstance, i);
6783 PDMDevHlpSTAMRegisterF(pDevIns, &pThis->aCts[i].StatLockWait, STAMTYPE_PROFILE, STAMVISIBILITY_ALWAYS, STAMUNIT_TICKS_PER_CALL,
6784 "Profiling of locks.", "/Devices/IDE%d/ATA%d/Async/LockWait", iInstance, i);
6785#endif /* VBOX_WITH_STATISTICS */
6786
6787 /* Initialize per-controller critical section */
6788 rc = PDMDevHlpCritSectInit(pDevIns, &pThis->aCts[i].lock, RT_SRC_POS, "ATA%u", i);
6789 if (RT_FAILURE(rc))
6790 return PDMDEV_SET_ERROR(pDevIns, rc, N_("PIIX3 cannot initialize critical section"));
6791 }
6792
6793 /*
6794 * Attach status driver (optional).
6795 */
6796 rc = PDMDevHlpDriverAttach(pDevIns, PDM_STATUS_LUN, &pThis->IBase, &pBase, "Status Port");
6797 if (RT_SUCCESS(rc))
6798 pThis->pLedsConnector = PDMIBASE_QUERY_INTERFACE(pBase, PDMILEDCONNECTORS);
6799 else if (rc != VERR_PDM_NO_ATTACHED_DRIVER)
6800 {
6801 AssertMsgFailed(("Failed to attach to status driver. rc=%Rrc\n", rc));
6802 return PDMDEV_SET_ERROR(pDevIns, rc, N_("PIIX3 cannot attach to status driver"));
6803 }
6804
6805 /*
6806 * Attach the units.
6807 */
6808 uint32_t cbTotalBuffer = 0;
6809 for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++)
6810 {
6811 PATACONTROLLER pCtl = &pThis->aCts[i];
6812
6813 /*
6814 * Start the worker thread.
6815 */
6816 pCtl->uAsyncIOState = ATA_AIO_NEW;
6817 rc = RTSemEventCreate(&pCtl->AsyncIOSem);
6818 AssertLogRelRCReturn(rc, rc);
6819 rc = RTSemEventCreate(&pCtl->SuspendIOSem);
6820 AssertLogRelRCReturn(rc, rc);
6821 rc = RTSemMutexCreate(&pCtl->AsyncIORequestMutex);
6822 AssertLogRelRCReturn(rc, rc);
6823 ataAsyncIOClearRequests(pCtl);
6824 rc = RTThreadCreateF(&pCtl->AsyncIOThread, ataAsyncIOLoop, (void *)pCtl, 128*1024 /*cbStack*/,
6825 RTTHREADTYPE_IO, RTTHREADFLAGS_WAITABLE, "ATA-%u", i);
6826 AssertLogRelRCReturn(rc, rc);
6827 Assert(pCtl->AsyncIOThread != NIL_RTTHREAD && pCtl->AsyncIOSem != NIL_RTSEMEVENT && pCtl->SuspendIOSem != NIL_RTSEMEVENT && pCtl->AsyncIORequestMutex != NIL_RTSEMMUTEX);
6828 Log(("%s: controller %d AIO thread id %#x; sem %p susp_sem %p mutex %p\n", __FUNCTION__, i, pCtl->AsyncIOThread, pCtl->AsyncIOSem, pCtl->SuspendIOSem, pCtl->AsyncIORequestMutex));
6829
6830 for (uint32_t j = 0; j < RT_ELEMENTS(pCtl->aIfs); j++)
6831 {
6832 static const char *s_apszDescs[RT_ELEMENTS(pThis->aCts)][RT_ELEMENTS(pCtl->aIfs)] =
6833 {
6834 { "Primary Master", "Primary Slave" },
6835 { "Secondary Master", "Secondary Slave" }
6836 };
6837
6838 /*
6839 * Try attach the block device and get the interfaces,
6840 * required as well as optional.
6841 */
6842 ATADevState *pIf = &pCtl->aIfs[j];
6843
6844 rc = PDMDevHlpDriverAttach(pDevIns, pIf->iLUN, &pIf->IBase, &pIf->pDrvBase, s_apszDescs[i][j]);
6845 if (RT_SUCCESS(rc))
6846 {
6847 rc = ataConfigLun(pDevIns, pIf);
6848 if (RT_SUCCESS(rc))
6849 {
6850 /*
6851 * Init vendor product data.
6852 */
6853 static const char *s_apszCFGMKeys[RT_ELEMENTS(pThis->aCts)][RT_ELEMENTS(pCtl->aIfs)] =
6854 {
6855 { "PrimaryMaster", "PrimarySlave" },
6856 { "SecondaryMaster", "SecondarySlave" }
6857 };
6858
6859 /* Generate a default serial number. */
6860 char szSerial[ATA_SERIAL_NUMBER_LENGTH+1];
6861 RTUUID Uuid;
6862 if (pIf->pDrvBlock)
6863 rc = pIf->pDrvBlock->pfnGetUuid(pIf->pDrvBlock, &Uuid);
6864 else
6865 RTUuidClear(&Uuid);
6866
6867 if (RT_FAILURE(rc) || RTUuidIsNull(&Uuid))
6868 {
6869 /* Generate a predictable serial for drives which don't have a UUID. */
6870 RTStrPrintf(szSerial, sizeof(szSerial), "VB%x-%04x%04x",
6871 pIf->iLUN + pDevIns->iInstance * 32,
6872 pThis->aCts[i].IOPortBase1, pThis->aCts[i].IOPortBase2);
6873 }
6874 else
6875 RTStrPrintf(szSerial, sizeof(szSerial), "VB%08x-%08x", Uuid.au32[0], Uuid.au32[3]);
6876
6877 /* Get user config if present using defaults otherwise. */
6878 PCFGMNODE pCfgNode = CFGMR3GetChild(pCfg, s_apszCFGMKeys[i][j]);
6879 rc = CFGMR3QueryStringDef(pCfgNode, "SerialNumber", pIf->szSerialNumber, sizeof(pIf->szSerialNumber),
6880 szSerial);
6881 if (RT_FAILURE(rc))
6882 {
6883 if (rc == VERR_CFGM_NOT_ENOUGH_SPACE)
6884 return PDMDEV_SET_ERROR(pDevIns, VERR_INVALID_PARAMETER,
6885 N_("PIIX3 configuration error: \"SerialNumber\" is longer than 20 bytes"));
6886 return PDMDEV_SET_ERROR(pDevIns, rc,
6887 N_("PIIX3 configuration error: failed to read \"SerialNumber\" as string"));
6888 }
6889
6890 rc = CFGMR3QueryStringDef(pCfgNode, "FirmwareRevision", pIf->szFirmwareRevision, sizeof(pIf->szFirmwareRevision),
6891 "1.0");
6892 if (RT_FAILURE(rc))
6893 {
6894 if (rc == VERR_CFGM_NOT_ENOUGH_SPACE)
6895 return PDMDEV_SET_ERROR(pDevIns, VERR_INVALID_PARAMETER,
6896 N_("PIIX3 configuration error: \"FirmwareRevision\" is longer than 8 bytes"));
6897 return PDMDEV_SET_ERROR(pDevIns, rc,
6898 N_("PIIX3 configuration error: failed to read \"FirmwareRevision\" as string"));
6899 }
6900
6901 rc = CFGMR3QueryStringDef(pCfgNode, "ModelNumber", pIf->szModelNumber, sizeof(pIf->szModelNumber),
6902 pIf->fATAPI ? "VBOX CD-ROM" : "VBOX HARDDISK");
6903 if (RT_FAILURE(rc))
6904 {
6905 if (rc == VERR_CFGM_NOT_ENOUGH_SPACE)
6906 return PDMDEV_SET_ERROR(pDevIns, VERR_INVALID_PARAMETER,
6907 N_("PIIX3 configuration error: \"ModelNumber\" is longer than 40 bytes"));
6908 return PDMDEV_SET_ERROR(pDevIns, rc,
6909 N_("PIIX3 configuration error: failed to read \"ModelNumber\" as string"));
6910 }
6911
6912 /* There are three other identification strings for CD drives used for INQUIRY */
6913 if (pIf->fATAPI)
6914 {
6915 rc = CFGMR3QueryStringDef(pCfgNode, "ATAPIVendorId", pIf->szInquiryVendorId, sizeof(pIf->szInquiryVendorId),
6916 "VBOX");
6917 if (RT_FAILURE(rc))
6918 {
6919 if (rc == VERR_CFGM_NOT_ENOUGH_SPACE)
6920 return PDMDEV_SET_ERROR(pDevIns, VERR_INVALID_PARAMETER,
6921 N_("PIIX3 configuration error: \"ATAPIVendorId\" is longer than 16 bytes"));
6922 return PDMDEV_SET_ERROR(pDevIns, rc,
6923 N_("PIIX3 configuration error: failed to read \"ATAPIVendorId\" as string"));
6924 }
6925
6926 rc = CFGMR3QueryStringDef(pCfgNode, "ATAPIProductId", pIf->szInquiryProductId, sizeof(pIf->szInquiryProductId),
6927 "CD-ROM");
6928 if (RT_FAILURE(rc))
6929 {
6930 if (rc == VERR_CFGM_NOT_ENOUGH_SPACE)
6931 return PDMDEV_SET_ERROR(pDevIns, VERR_INVALID_PARAMETER,
6932 N_("PIIX3 configuration error: \"ATAPIProductId\" is longer than 16 bytes"));
6933 return PDMDEV_SET_ERROR(pDevIns, rc,
6934 N_("PIIX3 configuration error: failed to read \"ATAPIProductId\" as string"));
6935 }
6936
6937 rc = CFGMR3QueryStringDef(pCfgNode, "ATAPIRevision", pIf->szInquiryRevision, sizeof(pIf->szInquiryRevision),
6938 "1.0");
6939 if (RT_FAILURE(rc))
6940 {
6941 if (rc == VERR_CFGM_NOT_ENOUGH_SPACE)
6942 return PDMDEV_SET_ERROR(pDevIns, VERR_INVALID_PARAMETER,
6943 N_("PIIX3 configuration error: \"ATAPIRevision\" is longer than 4 bytes"));
6944 return PDMDEV_SET_ERROR(pDevIns, rc,
6945 N_("PIIX3 configuration error: failed to read \"ATAPIRevision\" as string"));
6946 }
6947 }
6948 }
6949
6950 }
6951 else if (rc == VERR_PDM_NO_ATTACHED_DRIVER)
6952 {
6953 pIf->pDrvBase = NULL;
6954 pIf->pDrvBlock = NULL;
6955 pIf->cbIOBuffer = 0;
6956 pIf->pbIOBufferR3 = NULL;
6957 pIf->pbIOBufferR0 = NIL_RTR0PTR;
6958 pIf->pbIOBufferRC = NIL_RTGCPTR;
6959 LogRel(("PIIX3 ATA: LUN#%d: no unit\n", pIf->iLUN));
6960 }
6961 else
6962 {
6963 switch (rc)
6964 {
6965 case VERR_ACCESS_DENIED:
6966 /* Error already catched by DrvHostBase */
6967 return rc;
6968 default:
6969 return PDMDevHlpVMSetError(pDevIns, rc, RT_SRC_POS,
6970 N_("PIIX3 cannot attach drive to the %s"),
6971 s_apszDescs[i][j]);
6972 }
6973 }
6974 cbTotalBuffer += pIf->cbIOBuffer;
6975 }
6976 }
6977
6978 rc = PDMDevHlpSSMRegisterEx(pDevIns, ATA_SAVED_STATE_VERSION, sizeof(*pThis) + cbTotalBuffer, NULL,
6979 NULL, ataLiveExec, NULL,
6980 ataSaveLoadPrep, ataSaveExec, NULL,
6981 ataSaveLoadPrep, ataLoadExec, NULL);
6982 if (RT_FAILURE(rc))
6983 return PDMDEV_SET_ERROR(pDevIns, rc, N_("PIIX3 cannot register save state handlers"));
6984
6985 /*
6986 * Initialize the device state.
6987 */
6988 return ataR3ResetCommon(pDevIns, true /*fConstruct*/);
6989}
6990
6991
6992/**
6993 * The device registration structure.
6994 */
6995const PDMDEVREG g_DevicePIIX3IDE =
6996{
6997 /* u32Version */
6998 PDM_DEVREG_VERSION,
6999 /* szName */
7000 "piix3ide",
7001 /* szRCMod */
7002 "VBoxDDGC.gc",
7003 /* szR0Mod */
7004 "VBoxDDR0.r0",
7005 /* pszDescription */
7006 "Intel PIIX3 ATA controller.\n"
7007 " LUN #0 is primary master.\n"
7008 " LUN #1 is primary slave.\n"
7009 " LUN #2 is secondary master.\n"
7010 " LUN #3 is secondary slave.\n"
7011 " LUN #999 is the LED/Status connector.",
7012 /* fFlags */
7013 PDM_DEVREG_FLAGS_DEFAULT_BITS | PDM_DEVREG_FLAGS_RC | PDM_DEVREG_FLAGS_R0 |
7014 PDM_DEVREG_FLAGS_FIRST_SUSPEND_NOTIFICATION | PDM_DEVREG_FLAGS_FIRST_POWEROFF_NOTIFICATION,
7015 /* fClass */
7016 PDM_DEVREG_CLASS_STORAGE,
7017 /* cMaxInstances */
7018 1,
7019 /* cbInstance */
7020 sizeof(PCIATAState),
7021 /* pfnConstruct */
7022 ataR3Construct,
7023 /* pfnDestruct */
7024 ataR3Destruct,
7025 /* pfnRelocate */
7026 ataR3Relocate,
7027 /* pfnIOCtl */
7028 NULL,
7029 /* pfnPowerOn */
7030 NULL,
7031 /* pfnReset */
7032 ataR3Reset,
7033 /* pfnSuspend */
7034 ataR3Suspend,
7035 /* pfnResume */
7036 ataR3Resume,
7037 /* pfnAttach */
7038 ataR3Attach,
7039 /* pfnDetach */
7040 ataR3Detach,
7041 /* pfnQueryInterface. */
7042 NULL,
7043 /* pfnInitComplete */
7044 NULL,
7045 /* pfnPowerOff */
7046 ataR3PowerOff,
7047 /* pfnSoftReset */
7048 NULL,
7049 /* u32VersionEnd */
7050 PDM_DEVREG_VERSION
7051};
7052#endif /* IN_RING3 */
7053#endif /* !VBOX_DEVICE_STRUCT_TESTCASE */
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette