1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24#include "qemu/osdep.h"
25#include "hw/hw.h"
26#include "hw/pci/msi.h"
27#include "hw/pci/pci.h"
28
29#include "qemu/error-report.h"
30#include "sysemu/block-backend.h"
31#include "sysemu/dma.h"
32#include "hw/ide/internal.h"
33#include "hw/ide/pci.h"
34#include "hw/ide/ahci_internal.h"
35
36#include "trace.h"
37
38static void check_cmd(AHCIState *s, int port);
39static int handle_cmd(AHCIState *s, int port, uint8_t slot);
40static void ahci_reset_port(AHCIState *s, int port);
41static bool ahci_write_fis_d2h(AHCIDevice *ad);
42static void ahci_init_d2h(AHCIDevice *ad);
43static int ahci_dma_prepare_buf(IDEDMA *dma, int32_t limit);
44static bool ahci_map_clb_address(AHCIDevice *ad);
45static bool ahci_map_fis_address(AHCIDevice *ad);
46static void ahci_unmap_clb_address(AHCIDevice *ad);
47static void ahci_unmap_fis_address(AHCIDevice *ad);
48
49static const char *AHCIPortIRQ_lookup[AHCI_PORT_IRQ__COUNT] = {
50 [AHCI_PORT_IRQ_BIT_DHRS] = "DHRS",
51 [AHCI_PORT_IRQ_BIT_PSS] = "PSS",
52 [AHCI_PORT_IRQ_BIT_DSS] = "DSS",
53 [AHCI_PORT_IRQ_BIT_SDBS] = "SDBS",
54 [AHCI_PORT_IRQ_BIT_UFS] = "UFS",
55 [AHCI_PORT_IRQ_BIT_DPS] = "DPS",
56 [AHCI_PORT_IRQ_BIT_PCS] = "PCS",
57 [AHCI_PORT_IRQ_BIT_DMPS] = "DMPS",
58 [8 ... 21] = "RESERVED",
59 [AHCI_PORT_IRQ_BIT_PRCS] = "PRCS",
60 [AHCI_PORT_IRQ_BIT_IPMS] = "IPMS",
61 [AHCI_PORT_IRQ_BIT_OFS] = "OFS",
62 [25] = "RESERVED",
63 [AHCI_PORT_IRQ_BIT_INFS] = "INFS",
64 [AHCI_PORT_IRQ_BIT_IFS] = "IFS",
65 [AHCI_PORT_IRQ_BIT_HBDS] = "HBDS",
66 [AHCI_PORT_IRQ_BIT_HBFS] = "HBFS",
67 [AHCI_PORT_IRQ_BIT_TFES] = "TFES",
68 [AHCI_PORT_IRQ_BIT_CPDS] = "CPDS"
69};
70
71static uint32_t ahci_port_read(AHCIState *s, int port, int offset)
72{
73 uint32_t val;
74 AHCIPortRegs *pr;
75 pr = &s->dev[port].port_regs;
76
77 switch (offset) {
78 case PORT_LST_ADDR:
79 val = pr->lst_addr;
80 break;
81 case PORT_LST_ADDR_HI:
82 val = pr->lst_addr_hi;
83 break;
84 case PORT_FIS_ADDR:
85 val = pr->fis_addr;
86 break;
87 case PORT_FIS_ADDR_HI:
88 val = pr->fis_addr_hi;
89 break;
90 case PORT_IRQ_STAT:
91 val = pr->irq_stat;
92 break;
93 case PORT_IRQ_MASK:
94 val = pr->irq_mask;
95 break;
96 case PORT_CMD:
97 val = pr->cmd;
98 break;
99 case PORT_TFDATA:
100 val = pr->tfdata;
101 break;
102 case PORT_SIG:
103 val = pr->sig;
104 break;
105 case PORT_SCR_STAT:
106 if (s->dev[port].port.ifs[0].blk) {
107 val = SATA_SCR_SSTATUS_DET_DEV_PRESENT_PHY_UP |
108 SATA_SCR_SSTATUS_SPD_GEN1 | SATA_SCR_SSTATUS_IPM_ACTIVE;
109 } else {
110 val = SATA_SCR_SSTATUS_DET_NODEV;
111 }
112 break;
113 case PORT_SCR_CTL:
114 val = pr->scr_ctl;
115 break;
116 case PORT_SCR_ERR:
117 val = pr->scr_err;
118 break;
119 case PORT_SCR_ACT:
120 val = pr->scr_act;
121 break;
122 case PORT_CMD_ISSUE:
123 val = pr->cmd_issue;
124 break;
125 case PORT_RESERVED:
126 default:
127 val = 0;
128 }
129
130 trace_ahci_port_read(s, port, offset, val);
131 return val;
132}
133
134static void ahci_irq_raise(AHCIState *s, AHCIDevice *dev)
135{
136 DeviceState *dev_state = s->container;
137 PCIDevice *pci_dev = (PCIDevice *) object_dynamic_cast(OBJECT(dev_state),
138 TYPE_PCI_DEVICE);
139
140 trace_ahci_irq_raise(s);
141
142 if (pci_dev && msi_enabled(pci_dev)) {
143 msi_notify(pci_dev, 0);
144 } else {
145 qemu_irq_raise(s->irq);
146 }
147}
148
149static void ahci_irq_lower(AHCIState *s, AHCIDevice *dev)
150{
151 DeviceState *dev_state = s->container;
152 PCIDevice *pci_dev = (PCIDevice *) object_dynamic_cast(OBJECT(dev_state),
153 TYPE_PCI_DEVICE);
154
155 trace_ahci_irq_lower(s);
156
157 if (!pci_dev || !msi_enabled(pci_dev)) {
158 qemu_irq_lower(s->irq);
159 }
160}
161
162static void ahci_check_irq(AHCIState *s)
163{
164 int i;
165 uint32_t old_irq = s->control_regs.irqstatus;
166
167 s->control_regs.irqstatus = 0;
168 for (i = 0; i < s->ports; i++) {
169 AHCIPortRegs *pr = &s->dev[i].port_regs;
170 if (pr->irq_stat & pr->irq_mask) {
171 s->control_regs.irqstatus |= (1 << i);
172 }
173 }
174 trace_ahci_check_irq(s, old_irq, s->control_regs.irqstatus);
175 if (s->control_regs.irqstatus &&
176 (s->control_regs.ghc & HOST_CTL_IRQ_EN)) {
177 ahci_irq_raise(s, NULL);
178 } else {
179 ahci_irq_lower(s, NULL);
180 }
181}
182
183static void ahci_trigger_irq(AHCIState *s, AHCIDevice *d,
184 enum AHCIPortIRQ irqbit)
185{
186 g_assert((unsigned)irqbit < 32);
187 uint32_t irq = 1U << irqbit;
188 uint32_t irqstat = d->port_regs.irq_stat | irq;
189
190 trace_ahci_trigger_irq(s, d->port_no,
191 AHCIPortIRQ_lookup[irqbit], irq,
192 d->port_regs.irq_stat, irqstat,
193 irqstat & d->port_regs.irq_mask);
194
195 d->port_regs.irq_stat = irqstat;
196 ahci_check_irq(s);
197}
198
199static void map_page(AddressSpace *as, uint8_t **ptr, uint64_t addr,
200 uint32_t wanted)
201{
202 hwaddr len = wanted;
203
204 if (*ptr) {
205 dma_memory_unmap(as, *ptr, len, DMA_DIRECTION_FROM_DEVICE, len);
206 }
207
208 *ptr = dma_memory_map(as, addr, &len, DMA_DIRECTION_FROM_DEVICE);
209 if (len < wanted) {
210 dma_memory_unmap(as, *ptr, len, DMA_DIRECTION_FROM_DEVICE, len);
211 *ptr = NULL;
212 }
213}
214
215
216
217
218
219
220
221
222
223static int ahci_cond_start_engines(AHCIDevice *ad)
224{
225 AHCIPortRegs *pr = &ad->port_regs;
226 bool cmd_start = pr->cmd & PORT_CMD_START;
227 bool cmd_on = pr->cmd & PORT_CMD_LIST_ON;
228 bool fis_start = pr->cmd & PORT_CMD_FIS_RX;
229 bool fis_on = pr->cmd & PORT_CMD_FIS_ON;
230
231 if (cmd_start && !cmd_on) {
232 if (!ahci_map_clb_address(ad)) {
233 pr->cmd &= ~PORT_CMD_START;
234 error_report("AHCI: Failed to start DMA engine: "
235 "bad command list buffer address");
236 return -1;
237 }
238 } else if (!cmd_start && cmd_on) {
239 ahci_unmap_clb_address(ad);
240 }
241
242 if (fis_start && !fis_on) {
243 if (!ahci_map_fis_address(ad)) {
244 pr->cmd &= ~PORT_CMD_FIS_RX;
245 error_report("AHCI: Failed to start FIS receive engine: "
246 "bad FIS receive buffer address");
247 return -1;
248 }
249 } else if (!fis_start && fis_on) {
250 ahci_unmap_fis_address(ad);
251 }
252
253 return 0;
254}
255
256static void ahci_port_write(AHCIState *s, int port, int offset, uint32_t val)
257{
258 AHCIPortRegs *pr = &s->dev[port].port_regs;
259
260 trace_ahci_port_write(s, port, offset, val);
261 switch (offset) {
262 case PORT_LST_ADDR:
263 pr->lst_addr = val;
264 break;
265 case PORT_LST_ADDR_HI:
266 pr->lst_addr_hi = val;
267 break;
268 case PORT_FIS_ADDR:
269 pr->fis_addr = val;
270 break;
271 case PORT_FIS_ADDR_HI:
272 pr->fis_addr_hi = val;
273 break;
274 case PORT_IRQ_STAT:
275 pr->irq_stat &= ~val;
276 ahci_check_irq(s);
277 break;
278 case PORT_IRQ_MASK:
279 pr->irq_mask = val & 0xfdc000ff;
280 ahci_check_irq(s);
281 break;
282 case PORT_CMD:
283
284
285
286
287
288
289 pr->cmd = (pr->cmd & PORT_CMD_RO_MASK) |
290 (val & ~(PORT_CMD_RO_MASK|PORT_CMD_ICC_MASK));
291
292
293 ahci_cond_start_engines(&s->dev[port]);
294
295
296
297
298
299 if ((pr->cmd & PORT_CMD_FIS_ON) &&
300 !s->dev[port].init_d2h_sent) {
301 ahci_init_d2h(&s->dev[port]);
302 }
303
304 check_cmd(s, port);
305 break;
306 case PORT_TFDATA:
307
308 break;
309 case PORT_SIG:
310
311 break;
312 case PORT_SCR_STAT:
313
314 break;
315 case PORT_SCR_CTL:
316 if (((pr->scr_ctl & AHCI_SCR_SCTL_DET) == 1) &&
317 ((val & AHCI_SCR_SCTL_DET) == 0)) {
318 ahci_reset_port(s, port);
319 }
320 pr->scr_ctl = val;
321 break;
322 case PORT_SCR_ERR:
323 pr->scr_err &= ~val;
324 break;
325 case PORT_SCR_ACT:
326
327 pr->scr_act |= val;
328 break;
329 case PORT_CMD_ISSUE:
330 pr->cmd_issue |= val;
331 check_cmd(s, port);
332 break;
333 default:
334 break;
335 }
336}
337
338static uint64_t ahci_mem_read_32(void *opaque, hwaddr addr)
339{
340 AHCIState *s = opaque;
341 uint32_t val = 0;
342
343 if (addr < AHCI_GENERIC_HOST_CONTROL_REGS_MAX_ADDR) {
344 switch (addr) {
345 case HOST_CAP:
346 val = s->control_regs.cap;
347 break;
348 case HOST_CTL:
349 val = s->control_regs.ghc;
350 break;
351 case HOST_IRQ_STAT:
352 val = s->control_regs.irqstatus;
353 break;
354 case HOST_PORTS_IMPL:
355 val = s->control_regs.impl;
356 break;
357 case HOST_VERSION:
358 val = s->control_regs.version;
359 break;
360 }
361 } else if ((addr >= AHCI_PORT_REGS_START_ADDR) &&
362 (addr < (AHCI_PORT_REGS_START_ADDR +
363 (s->ports * AHCI_PORT_ADDR_OFFSET_LEN)))) {
364 val = ahci_port_read(s, (addr - AHCI_PORT_REGS_START_ADDR) >> 7,
365 addr & AHCI_PORT_ADDR_OFFSET_MASK);
366 }
367
368 trace_ahci_mem_read_32(s, addr, val);
369 return val;
370}
371
372
373
374
375
376
377
378static uint64_t ahci_mem_read(void *opaque, hwaddr addr, unsigned size)
379{
380 hwaddr aligned = addr & ~0x3;
381 int ofst = addr - aligned;
382 uint64_t lo = ahci_mem_read_32(opaque, aligned);
383 uint64_t hi;
384 uint64_t val;
385
386
387 if (ofst + size <= 4) {
388 val = lo >> (ofst * 8);
389 } else {
390 g_assert_cmpint(size, >, 1);
391
392
393
394 hi = ahci_mem_read_32(opaque, aligned + 4);
395 val = (hi << 32 | lo) >> (ofst * 8);
396 }
397
398 trace_ahci_mem_read(opaque, size, addr, val);
399 return val;
400}
401
402
403static void ahci_mem_write(void *opaque, hwaddr addr,
404 uint64_t val, unsigned size)
405{
406 AHCIState *s = opaque;
407
408 trace_ahci_mem_write(s, size, addr, val);
409
410
411 if (addr & 3) {
412 fprintf(stderr, "ahci: Mis-aligned write to addr 0x"
413 TARGET_FMT_plx "\n", addr);
414 return;
415 }
416
417 if (addr < AHCI_GENERIC_HOST_CONTROL_REGS_MAX_ADDR) {
418 switch (addr) {
419 case HOST_CAP:
420
421 break;
422 case HOST_CTL:
423 if (val & HOST_CTL_RESET) {
424 ahci_reset(s);
425 } else {
426 s->control_regs.ghc = (val & 0x3) | HOST_CTL_AHCI_EN;
427 ahci_check_irq(s);
428 }
429 break;
430 case HOST_IRQ_STAT:
431 s->control_regs.irqstatus &= ~val;
432 ahci_check_irq(s);
433 break;
434 case HOST_PORTS_IMPL:
435
436 break;
437 case HOST_VERSION:
438
439 break;
440 default:
441 trace_ahci_mem_write_unknown(s, size, addr, val);
442 }
443 } else if ((addr >= AHCI_PORT_REGS_START_ADDR) &&
444 (addr < (AHCI_PORT_REGS_START_ADDR +
445 (s->ports * AHCI_PORT_ADDR_OFFSET_LEN)))) {
446 ahci_port_write(s, (addr - AHCI_PORT_REGS_START_ADDR) >> 7,
447 addr & AHCI_PORT_ADDR_OFFSET_MASK, val);
448 }
449
450}
451
452static const MemoryRegionOps ahci_mem_ops = {
453 .read = ahci_mem_read,
454 .write = ahci_mem_write,
455 .endianness = DEVICE_LITTLE_ENDIAN,
456};
457
458static uint64_t ahci_idp_read(void *opaque, hwaddr addr,
459 unsigned size)
460{
461 AHCIState *s = opaque;
462
463 if (addr == s->idp_offset) {
464
465 return s->idp_index;
466 } else if (addr == s->idp_offset + 4) {
467
468 return ahci_mem_read(opaque, s->idp_index, size);
469 } else {
470 return 0;
471 }
472}
473
474static void ahci_idp_write(void *opaque, hwaddr addr,
475 uint64_t val, unsigned size)
476{
477 AHCIState *s = opaque;
478
479 if (addr == s->idp_offset) {
480
481 s->idp_index = (uint32_t)val & ((AHCI_MEM_BAR_SIZE - 1) & ~3);
482 } else if (addr == s->idp_offset + 4) {
483
484 ahci_mem_write(opaque, s->idp_index, val, size);
485 }
486}
487
488static const MemoryRegionOps ahci_idp_ops = {
489 .read = ahci_idp_read,
490 .write = ahci_idp_write,
491 .endianness = DEVICE_LITTLE_ENDIAN,
492};
493
494
495static void ahci_reg_init(AHCIState *s)
496{
497 int i;
498
499 s->control_regs.cap = (s->ports - 1) |
500 (AHCI_NUM_COMMAND_SLOTS << 8) |
501 (AHCI_SUPPORTED_SPEED_GEN1 << AHCI_SUPPORTED_SPEED) |
502 HOST_CAP_NCQ | HOST_CAP_AHCI | HOST_CAP_64;
503
504 s->control_regs.impl = (1 << s->ports) - 1;
505
506 s->control_regs.version = AHCI_VERSION_1_0;
507
508 for (i = 0; i < s->ports; i++) {
509 s->dev[i].port_state = STATE_RUN;
510 }
511}
512
513static void check_cmd(AHCIState *s, int port)
514{
515 AHCIPortRegs *pr = &s->dev[port].port_regs;
516 uint8_t slot;
517
518 if ((pr->cmd & PORT_CMD_START) && pr->cmd_issue) {
519 for (slot = 0; (slot < 32) && pr->cmd_issue; slot++) {
520 if ((pr->cmd_issue & (1U << slot)) &&
521 !handle_cmd(s, port, slot)) {
522 pr->cmd_issue &= ~(1U << slot);
523 }
524 }
525 }
526}
527
528static void ahci_check_cmd_bh(void *opaque)
529{
530 AHCIDevice *ad = opaque;
531
532 qemu_bh_delete(ad->check_bh);
533 ad->check_bh = NULL;
534
535 if ((ad->busy_slot != -1) &&
536 !(ad->port.ifs[0].status & (BUSY_STAT|DRQ_STAT))) {
537
538 ad->port_regs.cmd_issue &= ~(1 << ad->busy_slot);
539 ad->busy_slot = -1;
540 }
541
542 check_cmd(ad->hba, ad->port_no);
543}
544
545static void ahci_init_d2h(AHCIDevice *ad)
546{
547 IDEState *ide_state = &ad->port.ifs[0];
548 AHCIPortRegs *pr = &ad->port_regs;
549
550 if (ad->init_d2h_sent) {
551 return;
552 }
553
554 if (ahci_write_fis_d2h(ad)) {
555 ad->init_d2h_sent = true;
556
557
558 pr->sig = ((uint32_t)ide_state->hcyl << 24) |
559 (ide_state->lcyl << 16) |
560 (ide_state->sector << 8) |
561 (ide_state->nsector & 0xFF);
562 }
563}
564
565static void ahci_set_signature(AHCIDevice *ad, uint32_t sig)
566{
567 IDEState *s = &ad->port.ifs[0];
568 s->hcyl = sig >> 24 & 0xFF;
569 s->lcyl = sig >> 16 & 0xFF;
570 s->sector = sig >> 8 & 0xFF;
571 s->nsector = sig & 0xFF;
572
573 trace_ahci_set_signature(ad->hba, ad->port_no, s->nsector, s->sector,
574 s->lcyl, s->hcyl, sig);
575}
576
577static void ahci_reset_port(AHCIState *s, int port)
578{
579 AHCIDevice *d = &s->dev[port];
580 AHCIPortRegs *pr = &d->port_regs;
581 IDEState *ide_state = &d->port.ifs[0];
582 int i;
583
584 trace_ahci_reset_port(s, port);
585
586 ide_bus_reset(&d->port);
587 ide_state->ncq_queues = AHCI_MAX_CMDS;
588
589 pr->scr_stat = 0;
590 pr->scr_err = 0;
591 pr->scr_act = 0;
592 pr->tfdata = 0x7F;
593 pr->sig = 0xFFFFFFFF;
594 d->busy_slot = -1;
595 d->init_d2h_sent = false;
596
597 ide_state = &s->dev[port].port.ifs[0];
598 if (!ide_state->blk) {
599 return;
600 }
601
602
603 for (i = 0; i < AHCI_MAX_CMDS; i++) {
604 NCQTransferState *ncq_tfs = &s->dev[port].ncq_tfs[i];
605 ncq_tfs->halt = false;
606 if (!ncq_tfs->used) {
607 continue;
608 }
609
610 if (ncq_tfs->aiocb) {
611 blk_aio_cancel(ncq_tfs->aiocb);
612 ncq_tfs->aiocb = NULL;
613 }
614
615
616 if (!ncq_tfs->used) {
617 continue;
618 }
619
620 qemu_sglist_destroy(&ncq_tfs->sglist);
621 ncq_tfs->used = 0;
622 }
623
624 s->dev[port].port_state = STATE_RUN;
625 if (ide_state->drive_kind == IDE_CD) {
626 ahci_set_signature(d, SATA_SIGNATURE_CDROM);\
627 ide_state->status = SEEK_STAT | WRERR_STAT | READY_STAT;
628 } else {
629 ahci_set_signature(d, SATA_SIGNATURE_DISK);
630 ide_state->status = SEEK_STAT | WRERR_STAT;
631 }
632
633 ide_state->error = 1;
634 ahci_init_d2h(d);
635}
636
637
638static char *ahci_pretty_buffer_fis(uint8_t *fis, int cmd_len)
639{
640 int i;
641 GString *s = g_string_new("FIS:");
642
643 for (i = 0; i < cmd_len; i++) {
644 if ((i & 0xf) == 0) {
645 g_string_append_printf(s, "\n0x%02x: ", i);
646 }
647 g_string_append_printf(s, "%02x ", fis[i]);
648 }
649 g_string_append_c(s, '\n');
650
651 return g_string_free(s, FALSE);
652}
653
654static bool ahci_map_fis_address(AHCIDevice *ad)
655{
656 AHCIPortRegs *pr = &ad->port_regs;
657 map_page(ad->hba->as, &ad->res_fis,
658 ((uint64_t)pr->fis_addr_hi << 32) | pr->fis_addr, 256);
659 if (ad->res_fis != NULL) {
660 pr->cmd |= PORT_CMD_FIS_ON;
661 return true;
662 }
663
664 pr->cmd &= ~PORT_CMD_FIS_ON;
665 return false;
666}
667
668static void ahci_unmap_fis_address(AHCIDevice *ad)
669{
670 if (ad->res_fis == NULL) {
671 trace_ahci_unmap_fis_address_null(ad->hba, ad->port_no);
672 return;
673 }
674 ad->port_regs.cmd &= ~PORT_CMD_FIS_ON;
675 dma_memory_unmap(ad->hba->as, ad->res_fis, 256,
676 DMA_DIRECTION_FROM_DEVICE, 256);
677 ad->res_fis = NULL;
678}
679
680static bool ahci_map_clb_address(AHCIDevice *ad)
681{
682 AHCIPortRegs *pr = &ad->port_regs;
683 ad->cur_cmd = NULL;
684 map_page(ad->hba->as, &ad->lst,
685 ((uint64_t)pr->lst_addr_hi << 32) | pr->lst_addr, 1024);
686 if (ad->lst != NULL) {
687 pr->cmd |= PORT_CMD_LIST_ON;
688 return true;
689 }
690
691 pr->cmd &= ~PORT_CMD_LIST_ON;
692 return false;
693}
694
695static void ahci_unmap_clb_address(AHCIDevice *ad)
696{
697 if (ad->lst == NULL) {
698 trace_ahci_unmap_clb_address_null(ad->hba, ad->port_no);
699 return;
700 }
701 ad->port_regs.cmd &= ~PORT_CMD_LIST_ON;
702 dma_memory_unmap(ad->hba->as, ad->lst, 1024,
703 DMA_DIRECTION_FROM_DEVICE, 1024);
704 ad->lst = NULL;
705}
706
707static void ahci_write_fis_sdb(AHCIState *s, NCQTransferState *ncq_tfs)
708{
709 AHCIDevice *ad = ncq_tfs->drive;
710 AHCIPortRegs *pr = &ad->port_regs;
711 IDEState *ide_state;
712 SDBFIS *sdb_fis;
713
714 if (!ad->res_fis ||
715 !(pr->cmd & PORT_CMD_FIS_RX)) {
716 return;
717 }
718
719 sdb_fis = (SDBFIS *)&ad->res_fis[RES_FIS_SDBFIS];
720 ide_state = &ad->port.ifs[0];
721
722 sdb_fis->type = SATA_FIS_TYPE_SDB;
723
724 sdb_fis->flags = 0x40;
725 sdb_fis->status = ide_state->status & 0x77;
726 sdb_fis->error = ide_state->error;
727
728 sdb_fis->payload = cpu_to_le32(ad->finished);
729
730
731 pr->tfdata = (ad->port.ifs[0].error << 8) |
732 (ad->port.ifs[0].status & 0x77) |
733 (pr->tfdata & 0x88);
734 pr->scr_act &= ~ad->finished;
735 ad->finished = 0;
736
737
738 if (sdb_fis->flags & 0x40) {
739 ahci_trigger_irq(s, ad, AHCI_PORT_IRQ_BIT_SDBS);
740 }
741}
742
743static void ahci_write_fis_pio(AHCIDevice *ad, uint16_t len)
744{
745 AHCIPortRegs *pr = &ad->port_regs;
746 uint8_t *pio_fis;
747 IDEState *s = &ad->port.ifs[0];
748
749 if (!ad->res_fis || !(pr->cmd & PORT_CMD_FIS_RX)) {
750 return;
751 }
752
753 pio_fis = &ad->res_fis[RES_FIS_PSFIS];
754
755 pio_fis[0] = SATA_FIS_TYPE_PIO_SETUP;
756 pio_fis[1] = (ad->hba->control_regs.irqstatus ? (1 << 6) : 0);
757 pio_fis[2] = s->status;
758 pio_fis[3] = s->error;
759
760 pio_fis[4] = s->sector;
761 pio_fis[5] = s->lcyl;
762 pio_fis[6] = s->hcyl;
763 pio_fis[7] = s->select;
764 pio_fis[8] = s->hob_sector;
765 pio_fis[9] = s->hob_lcyl;
766 pio_fis[10] = s->hob_hcyl;
767 pio_fis[11] = 0;
768 pio_fis[12] = s->nsector & 0xFF;
769 pio_fis[13] = (s->nsector >> 8) & 0xFF;
770 pio_fis[14] = 0;
771 pio_fis[15] = s->status;
772 pio_fis[16] = len & 255;
773 pio_fis[17] = len >> 8;
774 pio_fis[18] = 0;
775 pio_fis[19] = 0;
776
777
778 pr->tfdata = (ad->port.ifs[0].error << 8) |
779 ad->port.ifs[0].status;
780
781 if (pio_fis[2] & ERR_STAT) {
782 ahci_trigger_irq(ad->hba, ad, AHCI_PORT_IRQ_BIT_TFES);
783 }
784
785 ahci_trigger_irq(ad->hba, ad, AHCI_PORT_IRQ_BIT_PSS);
786}
787
788static bool ahci_write_fis_d2h(AHCIDevice *ad)
789{
790 AHCIPortRegs *pr = &ad->port_regs;
791 uint8_t *d2h_fis;
792 int i;
793 IDEState *s = &ad->port.ifs[0];
794
795 if (!ad->res_fis || !(pr->cmd & PORT_CMD_FIS_RX)) {
796 return false;
797 }
798
799 d2h_fis = &ad->res_fis[RES_FIS_RFIS];
800
801 d2h_fis[0] = SATA_FIS_TYPE_REGISTER_D2H;
802 d2h_fis[1] = (ad->hba->control_regs.irqstatus ? (1 << 6) : 0);
803 d2h_fis[2] = s->status;
804 d2h_fis[3] = s->error;
805
806 d2h_fis[4] = s->sector;
807 d2h_fis[5] = s->lcyl;
808 d2h_fis[6] = s->hcyl;
809 d2h_fis[7] = s->select;
810 d2h_fis[8] = s->hob_sector;
811 d2h_fis[9] = s->hob_lcyl;
812 d2h_fis[10] = s->hob_hcyl;
813 d2h_fis[11] = 0;
814 d2h_fis[12] = s->nsector & 0xFF;
815 d2h_fis[13] = (s->nsector >> 8) & 0xFF;
816 for (i = 14; i < 20; i++) {
817 d2h_fis[i] = 0;
818 }
819
820
821 pr->tfdata = (ad->port.ifs[0].error << 8) |
822 ad->port.ifs[0].status;
823
824 if (d2h_fis[2] & ERR_STAT) {
825 ahci_trigger_irq(ad->hba, ad, AHCI_PORT_IRQ_BIT_TFES);
826 }
827
828 ahci_trigger_irq(ad->hba, ad, AHCI_PORT_IRQ_BIT_DHRS);
829 return true;
830}
831
832static int prdt_tbl_entry_size(const AHCI_SG *tbl)
833{
834
835 return (le32_to_cpu(tbl->flags_size) & AHCI_PRDT_SIZE_MASK) + 1;
836}
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851static int ahci_populate_sglist(AHCIDevice *ad, QEMUSGList *sglist,
852 AHCICmdHdr *cmd, int64_t limit, uint64_t offset)
853{
854 uint16_t opts = le16_to_cpu(cmd->opts);
855 uint16_t prdtl = le16_to_cpu(cmd->prdtl);
856 uint64_t cfis_addr = le64_to_cpu(cmd->tbl_addr);
857 uint64_t prdt_addr = cfis_addr + 0x80;
858 dma_addr_t prdt_len = (prdtl * sizeof(AHCI_SG));
859 dma_addr_t real_prdt_len = prdt_len;
860 uint8_t *prdt;
861 int i;
862 int r = 0;
863 uint64_t sum = 0;
864 int off_idx = -1;
865 int64_t off_pos = -1;
866 int tbl_entry_size;
867 IDEBus *bus = &ad->port;
868 BusState *qbus = BUS(bus);
869
870 trace_ahci_populate_sglist(ad->hba, ad->port_no);
871
872 if (!prdtl) {
873 trace_ahci_populate_sglist_no_prdtl(ad->hba, ad->port_no, opts);
874 return -1;
875 }
876
877
878 if (!(prdt = dma_memory_map(ad->hba->as, prdt_addr, &prdt_len,
879 DMA_DIRECTION_TO_DEVICE))){
880 trace_ahci_populate_sglist_no_map(ad->hba, ad->port_no);
881 return -1;
882 }
883
884 if (prdt_len < real_prdt_len) {
885 trace_ahci_populate_sglist_short_map(ad->hba, ad->port_no);
886 r = -1;
887 goto out;
888 }
889
890
891 if (prdtl > 0) {
892 AHCI_SG *tbl = (AHCI_SG *)prdt;
893 sum = 0;
894 for (i = 0; i < prdtl; i++) {
895 tbl_entry_size = prdt_tbl_entry_size(&tbl[i]);
896 if (offset < (sum + tbl_entry_size)) {
897 off_idx = i;
898 off_pos = offset - sum;
899 break;
900 }
901 sum += tbl_entry_size;
902 }
903 if ((off_idx == -1) || (off_pos < 0) || (off_pos > tbl_entry_size)) {
904 trace_ahci_populate_sglist_bad_offset(ad->hba, ad->port_no,
905 off_idx, off_pos);
906 r = -1;
907 goto out;
908 }
909
910 qemu_sglist_init(sglist, qbus->parent, (prdtl - off_idx),
911 ad->hba->as);
912 qemu_sglist_add(sglist, le64_to_cpu(tbl[off_idx].addr) + off_pos,
913 MIN(prdt_tbl_entry_size(&tbl[off_idx]) - off_pos,
914 limit));
915
916 for (i = off_idx + 1; i < prdtl && sglist->size < limit; i++) {
917 qemu_sglist_add(sglist, le64_to_cpu(tbl[i].addr),
918 MIN(prdt_tbl_entry_size(&tbl[i]),
919 limit - sglist->size));
920 }
921 }
922
923out:
924 dma_memory_unmap(ad->hba->as, prdt, prdt_len,
925 DMA_DIRECTION_TO_DEVICE, prdt_len);
926 return r;
927}
928
929static void ncq_err(NCQTransferState *ncq_tfs)
930{
931 IDEState *ide_state = &ncq_tfs->drive->port.ifs[0];
932
933 ide_state->error = ABRT_ERR;
934 ide_state->status = READY_STAT | ERR_STAT;
935 ncq_tfs->drive->port_regs.scr_err |= (1 << ncq_tfs->tag);
936 qemu_sglist_destroy(&ncq_tfs->sglist);
937 ncq_tfs->used = 0;
938}
939
940static void ncq_finish(NCQTransferState *ncq_tfs)
941{
942
943
944
945 if (!(ncq_tfs->drive->port_regs.scr_err & (1 << ncq_tfs->tag))) {
946 ncq_tfs->drive->finished |= (1 << ncq_tfs->tag);
947 }
948
949 ahci_write_fis_sdb(ncq_tfs->drive->hba, ncq_tfs);
950
951 trace_ncq_finish(ncq_tfs->drive->hba, ncq_tfs->drive->port_no,
952 ncq_tfs->tag);
953
954 block_acct_done(blk_get_stats(ncq_tfs->drive->port.ifs[0].blk),
955 &ncq_tfs->acct);
956 qemu_sglist_destroy(&ncq_tfs->sglist);
957 ncq_tfs->used = 0;
958}
959
960static void ncq_cb(void *opaque, int ret)
961{
962 NCQTransferState *ncq_tfs = (NCQTransferState *)opaque;
963 IDEState *ide_state = &ncq_tfs->drive->port.ifs[0];
964
965 ncq_tfs->aiocb = NULL;
966 if (ret == -ECANCELED) {
967 return;
968 }
969
970 if (ret < 0) {
971 bool is_read = ncq_tfs->cmd == READ_FPDMA_QUEUED;
972 BlockErrorAction action = blk_get_error_action(ide_state->blk,
973 is_read, -ret);
974 if (action == BLOCK_ERROR_ACTION_STOP) {
975 ncq_tfs->halt = true;
976 ide_state->bus->error_status = IDE_RETRY_HBA;
977 } else if (action == BLOCK_ERROR_ACTION_REPORT) {
978 ncq_err(ncq_tfs);
979 }
980 blk_error_action(ide_state->blk, action, is_read, -ret);
981 } else {
982 ide_state->status = READY_STAT | SEEK_STAT;
983 }
984
985 if (!ncq_tfs->halt) {
986 ncq_finish(ncq_tfs);
987 }
988}
989
990static int is_ncq(uint8_t ata_cmd)
991{
992
993 switch (ata_cmd) {
994 case READ_FPDMA_QUEUED:
995 case WRITE_FPDMA_QUEUED:
996 case NCQ_NON_DATA:
997 case RECEIVE_FPDMA_QUEUED:
998 case SEND_FPDMA_QUEUED:
999 return 1;
1000 default:
1001 return 0;
1002 }
1003}
1004
1005static void execute_ncq_command(NCQTransferState *ncq_tfs)
1006{
1007 AHCIDevice *ad = ncq_tfs->drive;
1008 IDEState *ide_state = &ad->port.ifs[0];
1009 int port = ad->port_no;
1010
1011 g_assert(is_ncq(ncq_tfs->cmd));
1012 ncq_tfs->halt = false;
1013
1014 switch (ncq_tfs->cmd) {
1015 case READ_FPDMA_QUEUED:
1016 trace_execute_ncq_command_read(ad->hba, port, ncq_tfs->tag,
1017 ncq_tfs->sector_count, ncq_tfs->lba);
1018 dma_acct_start(ide_state->blk, &ncq_tfs->acct,
1019 &ncq_tfs->sglist, BLOCK_ACCT_READ);
1020 ncq_tfs->aiocb = dma_blk_read(ide_state->blk, &ncq_tfs->sglist,
1021 ncq_tfs->lba << BDRV_SECTOR_BITS,
1022 BDRV_SECTOR_SIZE,
1023 ncq_cb, ncq_tfs);
1024 break;
1025 case WRITE_FPDMA_QUEUED:
1026 trace_execute_ncq_command_read(ad->hba, port, ncq_tfs->tag,
1027 ncq_tfs->sector_count, ncq_tfs->lba);
1028 dma_acct_start(ide_state->blk, &ncq_tfs->acct,
1029 &ncq_tfs->sglist, BLOCK_ACCT_WRITE);
1030 ncq_tfs->aiocb = dma_blk_write(ide_state->blk, &ncq_tfs->sglist,
1031 ncq_tfs->lba << BDRV_SECTOR_BITS,
1032 BDRV_SECTOR_SIZE,
1033 ncq_cb, ncq_tfs);
1034 break;
1035 default:
1036 trace_execute_ncq_command_unsup(ad->hba, port,
1037 ncq_tfs->tag, ncq_tfs->cmd);
1038 ncq_err(ncq_tfs);
1039 }
1040}
1041
1042
1043static void process_ncq_command(AHCIState *s, int port, uint8_t *cmd_fis,
1044 uint8_t slot)
1045{
1046 AHCIDevice *ad = &s->dev[port];
1047 NCQFrame *ncq_fis = (NCQFrame*)cmd_fis;
1048 uint8_t tag = ncq_fis->tag >> 3;
1049 NCQTransferState *ncq_tfs = &ad->ncq_tfs[tag];
1050 size_t size;
1051
1052 g_assert(is_ncq(ncq_fis->command));
1053 if (ncq_tfs->used) {
1054
1055 fprintf(stderr, "%s: tag %d already used\n", __func__, tag);
1056 return;
1057 }
1058
1059 ncq_tfs->used = 1;
1060 ncq_tfs->drive = ad;
1061 ncq_tfs->slot = slot;
1062 ncq_tfs->cmdh = &((AHCICmdHdr *)ad->lst)[slot];
1063 ncq_tfs->cmd = ncq_fis->command;
1064 ncq_tfs->lba = ((uint64_t)ncq_fis->lba5 << 40) |
1065 ((uint64_t)ncq_fis->lba4 << 32) |
1066 ((uint64_t)ncq_fis->lba3 << 24) |
1067 ((uint64_t)ncq_fis->lba2 << 16) |
1068 ((uint64_t)ncq_fis->lba1 << 8) |
1069 (uint64_t)ncq_fis->lba0;
1070 ncq_tfs->tag = tag;
1071
1072
1073 if (tag != slot) {
1074 trace_process_ncq_command_mismatch(s, port, tag, slot);
1075 }
1076
1077 if (ncq_fis->aux0 || ncq_fis->aux1 || ncq_fis->aux2 || ncq_fis->aux3) {
1078 trace_process_ncq_command_aux(s, port, tag);
1079 }
1080 if (ncq_fis->prio || ncq_fis->icc) {
1081 trace_process_ncq_command_prioicc(s, port, tag);
1082 }
1083 if (ncq_fis->fua & NCQ_FIS_FUA_MASK) {
1084 trace_process_ncq_command_fua(s, port, tag);
1085 }
1086 if (ncq_fis->tag & NCQ_FIS_RARC_MASK) {
1087 trace_process_ncq_command_rarc(s, port, tag);
1088 }
1089
1090 ncq_tfs->sector_count = ((ncq_fis->sector_count_high << 8) |
1091 ncq_fis->sector_count_low);
1092 if (!ncq_tfs->sector_count) {
1093 ncq_tfs->sector_count = 0x10000;
1094 }
1095 size = ncq_tfs->sector_count * 512;
1096 ahci_populate_sglist(ad, &ncq_tfs->sglist, ncq_tfs->cmdh, size, 0);
1097
1098 if (ncq_tfs->sglist.size < size) {
1099 error_report("ahci: PRDT length for NCQ command (0x%zx) "
1100 "is smaller than the requested size (0x%zx)",
1101 ncq_tfs->sglist.size, size);
1102 ncq_err(ncq_tfs);
1103 ahci_trigger_irq(ad->hba, ad, AHCI_PORT_IRQ_BIT_OFS);
1104 return;
1105 } else if (ncq_tfs->sglist.size != size) {
1106 trace_process_ncq_command_large(s, port, tag,
1107 ncq_tfs->sglist.size, size);
1108 }
1109
1110 trace_process_ncq_command(s, port, tag,
1111 ncq_fis->command,
1112 ncq_tfs->lba,
1113 ncq_tfs->lba + ncq_tfs->sector_count - 1);
1114 execute_ncq_command(ncq_tfs);
1115}
1116
1117static AHCICmdHdr *get_cmd_header(AHCIState *s, uint8_t port, uint8_t slot)
1118{
1119 if (port >= s->ports || slot >= AHCI_MAX_CMDS) {
1120 return NULL;
1121 }
1122
1123 return s->dev[port].lst ? &((AHCICmdHdr *)s->dev[port].lst)[slot] : NULL;
1124}
1125
1126static void handle_reg_h2d_fis(AHCIState *s, int port,
1127 uint8_t slot, uint8_t *cmd_fis)
1128{
1129 IDEState *ide_state = &s->dev[port].port.ifs[0];
1130 AHCICmdHdr *cmd = get_cmd_header(s, port, slot);
1131 uint16_t opts = le16_to_cpu(cmd->opts);
1132
1133 if (cmd_fis[1] & 0x0F) {
1134 trace_handle_reg_h2d_fis_pmp(s, port, cmd_fis[1],
1135 cmd_fis[2], cmd_fis[3]);
1136 return;
1137 }
1138
1139 if (cmd_fis[1] & 0x70) {
1140 trace_handle_reg_h2d_fis_res(s, port, cmd_fis[1],
1141 cmd_fis[2], cmd_fis[3]);
1142 return;
1143 }
1144
1145 if (!(cmd_fis[1] & SATA_FIS_REG_H2D_UPDATE_COMMAND_REGISTER)) {
1146 switch (s->dev[port].port_state) {
1147 case STATE_RUN:
1148 if (cmd_fis[15] & ATA_SRST) {
1149 s->dev[port].port_state = STATE_RESET;
1150 }
1151 break;
1152 case STATE_RESET:
1153 if (!(cmd_fis[15] & ATA_SRST)) {
1154 ahci_reset_port(s, port);
1155 }
1156 break;
1157 }
1158 return;
1159 }
1160
1161
1162 if (is_ncq(cmd_fis[2])) {
1163 process_ncq_command(s, port, cmd_fis, slot);
1164 return;
1165 }
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178 ide_state->feature = cmd_fis[3];
1179 ide_state->sector = cmd_fis[4];
1180 ide_state->lcyl = cmd_fis[5];
1181 ide_state->hcyl = cmd_fis[6];
1182 ide_state->select = cmd_fis[7];
1183 ide_state->hob_sector = cmd_fis[8];
1184 ide_state->hob_lcyl = cmd_fis[9];
1185 ide_state->hob_hcyl = cmd_fis[10];
1186 ide_state->hob_feature = cmd_fis[11];
1187 ide_state->nsector = (int64_t)((cmd_fis[13] << 8) | cmd_fis[12]);
1188
1189
1190
1191
1192
1193 if (opts & AHCI_CMD_ATAPI) {
1194 memcpy(ide_state->io_buffer, &cmd_fis[AHCI_COMMAND_TABLE_ACMD], 0x10);
1195 if (trace_event_get_state_backends(TRACE_HANDLE_REG_H2D_FIS_DUMP)) {
1196 char *pretty_fis = ahci_pretty_buffer_fis(ide_state->io_buffer, 0x10);
1197 trace_handle_reg_h2d_fis_dump(s, port, pretty_fis);
1198 g_free(pretty_fis);
1199 }
1200 s->dev[port].done_atapi_packet = false;
1201
1202 }
1203
1204 ide_state->error = 0;
1205
1206
1207 cmd->status = 0;
1208
1209
1210 ide_exec_cmd(&s->dev[port].port, cmd_fis[2]);
1211}
1212
1213static int handle_cmd(AHCIState *s, int port, uint8_t slot)
1214{
1215 IDEState *ide_state;
1216 uint64_t tbl_addr;
1217 AHCICmdHdr *cmd;
1218 uint8_t *cmd_fis;
1219 dma_addr_t cmd_len;
1220
1221 if (s->dev[port].port.ifs[0].status & (BUSY_STAT|DRQ_STAT)) {
1222
1223 trace_handle_cmd_busy(s, port);
1224 return -1;
1225 }
1226
1227 if (!s->dev[port].lst) {
1228 trace_handle_cmd_nolist(s, port);
1229 return -1;
1230 }
1231 cmd = get_cmd_header(s, port, slot);
1232
1233 s->dev[port].cur_cmd = cmd;
1234
1235
1236 ide_state = &s->dev[port].port.ifs[0];
1237 if (!ide_state->blk) {
1238 trace_handle_cmd_badport(s, port);
1239 return -1;
1240 }
1241
1242 tbl_addr = le64_to_cpu(cmd->tbl_addr);
1243 cmd_len = 0x80;
1244 cmd_fis = dma_memory_map(s->as, tbl_addr, &cmd_len,
1245 DMA_DIRECTION_FROM_DEVICE);
1246 if (!cmd_fis) {
1247 trace_handle_cmd_badfis(s, port);
1248 return -1;
1249 } else if (cmd_len != 0x80) {
1250 ahci_trigger_irq(s, &s->dev[port], AHCI_PORT_IRQ_BIT_HBFS);
1251 trace_handle_cmd_badmap(s, port, cmd_len);
1252 goto out;
1253 }
1254 if (trace_event_get_state_backends(TRACE_HANDLE_CMD_FIS_DUMP)) {
1255 char *pretty_fis = ahci_pretty_buffer_fis(cmd_fis, 0x80);
1256 trace_handle_cmd_fis_dump(s, port, pretty_fis);
1257 g_free(pretty_fis);
1258 }
1259 switch (cmd_fis[0]) {
1260 case SATA_FIS_TYPE_REGISTER_H2D:
1261 handle_reg_h2d_fis(s, port, slot, cmd_fis);
1262 break;
1263 default:
1264 trace_handle_cmd_unhandled_fis(s, port,
1265 cmd_fis[0], cmd_fis[1], cmd_fis[2]);
1266 break;
1267 }
1268
1269out:
1270 dma_memory_unmap(s->as, cmd_fis, cmd_len, DMA_DIRECTION_FROM_DEVICE,
1271 cmd_len);
1272
1273 if (s->dev[port].port.ifs[0].status & (BUSY_STAT|DRQ_STAT)) {
1274
1275 s->dev[port].busy_slot = slot;
1276 return -1;
1277 }
1278
1279
1280 return 0;
1281}
1282
1283
1284static void ahci_start_transfer(IDEDMA *dma)
1285{
1286 AHCIDevice *ad = DO_UPCAST(AHCIDevice, dma, dma);
1287 IDEState *s = &ad->port.ifs[0];
1288 uint32_t size = (uint32_t)(s->data_end - s->data_ptr);
1289
1290 uint16_t opts = le16_to_cpu(ad->cur_cmd->opts);
1291 int is_write = opts & AHCI_CMD_WRITE;
1292 int is_atapi = opts & AHCI_CMD_ATAPI;
1293 int has_sglist = 0;
1294
1295 if (is_atapi && !ad->done_atapi_packet) {
1296
1297 ad->done_atapi_packet = true;
1298 size = 0;
1299 goto out;
1300 }
1301
1302 if (ahci_dma_prepare_buf(dma, size)) {
1303 has_sglist = 1;
1304 }
1305
1306 trace_ahci_start_transfer(ad->hba, ad->port_no, is_write ? "writ" : "read",
1307 size, is_atapi ? "atapi" : "ata",
1308 has_sglist ? "" : "o");
1309
1310 if (has_sglist && size) {
1311 if (is_write) {
1312 dma_buf_write(s->data_ptr, size, &s->sg);
1313 } else {
1314 dma_buf_read(s->data_ptr, size, &s->sg);
1315 }
1316 }
1317
1318out:
1319
1320 s->data_ptr = s->data_end;
1321
1322
1323 dma_buf_commit(s, size);
1324
1325 s->end_transfer_func(s);
1326
1327 if (!(s->status & DRQ_STAT)) {
1328
1329 ahci_write_fis_pio(ad, le32_to_cpu(ad->cur_cmd->status));
1330 }
1331}
1332
1333static void ahci_start_dma(IDEDMA *dma, IDEState *s,
1334 BlockCompletionFunc *dma_cb)
1335{
1336 AHCIDevice *ad = DO_UPCAST(AHCIDevice, dma, dma);
1337 trace_ahci_start_dma(ad->hba, ad->port_no);
1338 s->io_buffer_offset = 0;
1339 dma_cb(s, 0);
1340}
1341
1342static void ahci_restart_dma(IDEDMA *dma)
1343{
1344
1345}
1346
1347
1348
1349
1350
1351static void ahci_restart(IDEDMA *dma)
1352{
1353 AHCIDevice *ad = DO_UPCAST(AHCIDevice, dma, dma);
1354 int i;
1355
1356 for (i = 0; i < AHCI_MAX_CMDS; i++) {
1357 NCQTransferState *ncq_tfs = &ad->ncq_tfs[i];
1358 if (ncq_tfs->halt) {
1359 execute_ncq_command(ncq_tfs);
1360 }
1361 }
1362}
1363
1364
1365
1366
1367
1368static int32_t ahci_dma_prepare_buf(IDEDMA *dma, int32_t limit)
1369{
1370 AHCIDevice *ad = DO_UPCAST(AHCIDevice, dma, dma);
1371 IDEState *s = &ad->port.ifs[0];
1372
1373 if (ahci_populate_sglist(ad, &s->sg, ad->cur_cmd,
1374 limit, s->io_buffer_offset) == -1) {
1375 trace_ahci_dma_prepare_buf_fail(ad->hba, ad->port_no);
1376 return -1;
1377 }
1378 s->io_buffer_size = s->sg.size;
1379
1380 trace_ahci_dma_prepare_buf(ad->hba, ad->port_no, limit, s->io_buffer_size);
1381 return s->io_buffer_size;
1382}
1383
1384
1385
1386
1387
1388
1389static void ahci_commit_buf(IDEDMA *dma, uint32_t tx_bytes)
1390{
1391 AHCIDevice *ad = DO_UPCAST(AHCIDevice, dma, dma);
1392
1393 tx_bytes += le32_to_cpu(ad->cur_cmd->status);
1394 ad->cur_cmd->status = cpu_to_le32(tx_bytes);
1395}
1396
1397static int ahci_dma_rw_buf(IDEDMA *dma, int is_write)
1398{
1399 AHCIDevice *ad = DO_UPCAST(AHCIDevice, dma, dma);
1400 IDEState *s = &ad->port.ifs[0];
1401 uint8_t *p = s->io_buffer + s->io_buffer_index;
1402 int l = s->io_buffer_size - s->io_buffer_index;
1403
1404 if (ahci_populate_sglist(ad, &s->sg, ad->cur_cmd, l, s->io_buffer_offset)) {
1405 return 0;
1406 }
1407
1408 if (is_write) {
1409 dma_buf_read(p, l, &s->sg);
1410 } else {
1411 dma_buf_write(p, l, &s->sg);
1412 }
1413
1414
1415 dma_buf_commit(s, l);
1416 s->io_buffer_index += l;
1417
1418 trace_ahci_dma_rw_buf(ad->hba, ad->port_no, l);
1419 return 1;
1420}
1421
1422static void ahci_cmd_done(IDEDMA *dma)
1423{
1424 AHCIDevice *ad = DO_UPCAST(AHCIDevice, dma, dma);
1425
1426 trace_ahci_cmd_done(ad->hba, ad->port_no);
1427
1428
1429 ahci_write_fis_d2h(ad);
1430
1431 if (!ad->check_bh) {
1432
1433 ad->check_bh = qemu_bh_new(ahci_check_cmd_bh, ad);
1434 qemu_bh_schedule(ad->check_bh);
1435 }
1436}
1437
1438static void ahci_irq_set(void *opaque, int n, int level)
1439{
1440}
1441
1442static const IDEDMAOps ahci_dma_ops = {
1443 .start_dma = ahci_start_dma,
1444 .restart = ahci_restart,
1445 .restart_dma = ahci_restart_dma,
1446 .start_transfer = ahci_start_transfer,
1447 .prepare_buf = ahci_dma_prepare_buf,
1448 .commit_buf = ahci_commit_buf,
1449 .rw_buf = ahci_dma_rw_buf,
1450 .cmd_done = ahci_cmd_done,
1451};
1452
1453void ahci_init(AHCIState *s, DeviceState *qdev)
1454{
1455 s->container = qdev;
1456
1457 memory_region_init_io(&s->mem, OBJECT(qdev), &ahci_mem_ops, s,
1458 "ahci", AHCI_MEM_BAR_SIZE);
1459 memory_region_init_io(&s->idp, OBJECT(qdev), &ahci_idp_ops, s,
1460 "ahci-idp", 32);
1461}
1462
1463void ahci_realize(AHCIState *s, DeviceState *qdev, AddressSpace *as, int ports)
1464{
1465 qemu_irq *irqs;
1466 int i;
1467
1468 s->as = as;
1469 s->ports = ports;
1470 s->dev = g_new0(AHCIDevice, ports);
1471 ahci_reg_init(s);
1472 irqs = qemu_allocate_irqs(ahci_irq_set, s, s->ports);
1473 for (i = 0; i < s->ports; i++) {
1474 AHCIDevice *ad = &s->dev[i];
1475
1476 ide_bus_new(&ad->port, sizeof(ad->port), qdev, i, 1);
1477 ide_init2(&ad->port, irqs[i]);
1478
1479 ad->hba = s;
1480 ad->port_no = i;
1481 ad->port.dma = &ad->dma;
1482 ad->port.dma->ops = &ahci_dma_ops;
1483 ide_register_restart_cb(&ad->port);
1484 }
1485 g_free(irqs);
1486}
1487
1488void ahci_uninit(AHCIState *s)
1489{
1490 int i, j;
1491
1492 for (i = 0; i < s->ports; i++) {
1493 AHCIDevice *ad = &s->dev[i];
1494
1495 for (j = 0; j < 2; j++) {
1496 IDEState *s = &ad->port.ifs[j];
1497
1498 ide_exit(s);
1499 }
1500 object_unparent(OBJECT(&ad->port));
1501 }
1502
1503 g_free(s->dev);
1504}
1505
1506void ahci_reset(AHCIState *s)
1507{
1508 AHCIPortRegs *pr;
1509 int i;
1510
1511 trace_ahci_reset(s);
1512
1513 s->control_regs.irqstatus = 0;
1514
1515
1516
1517
1518
1519
1520
1521
1522 s->control_regs.ghc = HOST_CTL_AHCI_EN;
1523
1524 for (i = 0; i < s->ports; i++) {
1525 pr = &s->dev[i].port_regs;
1526 pr->irq_stat = 0;
1527 pr->irq_mask = 0;
1528 pr->scr_ctl = 0;
1529 pr->cmd = PORT_CMD_SPIN_UP | PORT_CMD_POWER_ON;
1530 ahci_reset_port(s, i);
1531 }
1532}
1533
1534static const VMStateDescription vmstate_ncq_tfs = {
1535 .name = "ncq state",
1536 .version_id = 1,
1537 .fields = (VMStateField[]) {
1538 VMSTATE_UINT32(sector_count, NCQTransferState),
1539 VMSTATE_UINT64(lba, NCQTransferState),
1540 VMSTATE_UINT8(tag, NCQTransferState),
1541 VMSTATE_UINT8(cmd, NCQTransferState),
1542 VMSTATE_UINT8(slot, NCQTransferState),
1543 VMSTATE_BOOL(used, NCQTransferState),
1544 VMSTATE_BOOL(halt, NCQTransferState),
1545 VMSTATE_END_OF_LIST()
1546 },
1547};
1548
1549static const VMStateDescription vmstate_ahci_device = {
1550 .name = "ahci port",
1551 .version_id = 1,
1552 .fields = (VMStateField[]) {
1553 VMSTATE_IDE_BUS(port, AHCIDevice),
1554 VMSTATE_IDE_DRIVE(port.ifs[0], AHCIDevice),
1555 VMSTATE_UINT32(port_state, AHCIDevice),
1556 VMSTATE_UINT32(finished, AHCIDevice),
1557 VMSTATE_UINT32(port_regs.lst_addr, AHCIDevice),
1558 VMSTATE_UINT32(port_regs.lst_addr_hi, AHCIDevice),
1559 VMSTATE_UINT32(port_regs.fis_addr, AHCIDevice),
1560 VMSTATE_UINT32(port_regs.fis_addr_hi, AHCIDevice),
1561 VMSTATE_UINT32(port_regs.irq_stat, AHCIDevice),
1562 VMSTATE_UINT32(port_regs.irq_mask, AHCIDevice),
1563 VMSTATE_UINT32(port_regs.cmd, AHCIDevice),
1564 VMSTATE_UINT32(port_regs.tfdata, AHCIDevice),
1565 VMSTATE_UINT32(port_regs.sig, AHCIDevice),
1566 VMSTATE_UINT32(port_regs.scr_stat, AHCIDevice),
1567 VMSTATE_UINT32(port_regs.scr_ctl, AHCIDevice),
1568 VMSTATE_UINT32(port_regs.scr_err, AHCIDevice),
1569 VMSTATE_UINT32(port_regs.scr_act, AHCIDevice),
1570 VMSTATE_UINT32(port_regs.cmd_issue, AHCIDevice),
1571 VMSTATE_BOOL(done_atapi_packet, AHCIDevice),
1572 VMSTATE_INT32(busy_slot, AHCIDevice),
1573 VMSTATE_BOOL(init_d2h_sent, AHCIDevice),
1574 VMSTATE_STRUCT_ARRAY(ncq_tfs, AHCIDevice, AHCI_MAX_CMDS,
1575 1, vmstate_ncq_tfs, NCQTransferState),
1576 VMSTATE_END_OF_LIST()
1577 },
1578};
1579
1580static int ahci_state_post_load(void *opaque, int version_id)
1581{
1582 int i, j;
1583 struct AHCIDevice *ad;
1584 NCQTransferState *ncq_tfs;
1585 AHCIPortRegs *pr;
1586 AHCIState *s = opaque;
1587
1588 for (i = 0; i < s->ports; i++) {
1589 ad = &s->dev[i];
1590 pr = &ad->port_regs;
1591
1592 if (!(pr->cmd & PORT_CMD_START) && (pr->cmd & PORT_CMD_LIST_ON)) {
1593 error_report("AHCI: DMA engine should be off, but status bit "
1594 "indicates it is still running.");
1595 return -1;
1596 }
1597 if (!(pr->cmd & PORT_CMD_FIS_RX) && (pr->cmd & PORT_CMD_FIS_ON)) {
1598 error_report("AHCI: FIS RX engine should be off, but status bit "
1599 "indicates it is still running.");
1600 return -1;
1601 }
1602
1603
1604
1605 pr->cmd &= ~(PORT_CMD_LIST_ON | PORT_CMD_FIS_ON);
1606 if (ahci_cond_start_engines(ad) != 0) {
1607 return -1;
1608 }
1609
1610 for (j = 0; j < AHCI_MAX_CMDS; j++) {
1611 ncq_tfs = &ad->ncq_tfs[j];
1612 ncq_tfs->drive = ad;
1613
1614 if (ncq_tfs->used != ncq_tfs->halt) {
1615 return -1;
1616 }
1617 if (!ncq_tfs->halt) {
1618 continue;
1619 }
1620 if (!is_ncq(ncq_tfs->cmd)) {
1621 return -1;
1622 }
1623 if (ncq_tfs->slot != ncq_tfs->tag) {
1624 return -1;
1625 }
1626
1627
1628 ncq_tfs->cmdh = get_cmd_header(s, i, ncq_tfs->slot);
1629 if (!ncq_tfs->cmdh) {
1630 return -1;
1631 }
1632 ahci_populate_sglist(ncq_tfs->drive, &ncq_tfs->sglist,
1633 ncq_tfs->cmdh, ncq_tfs->sector_count * 512,
1634 0);
1635 if (ncq_tfs->sector_count != ncq_tfs->sglist.size >> 9) {
1636 return -1;
1637 }
1638 }
1639
1640
1641
1642
1643
1644
1645
1646
1647
1648
1649 if (ad->busy_slot == -1) {
1650 check_cmd(s, i);
1651 } else {
1652
1653
1654 if (ad->busy_slot < 0 || ad->busy_slot >= AHCI_MAX_CMDS) {
1655 return -1;
1656 }
1657 ad->cur_cmd = get_cmd_header(s, i, ad->busy_slot);
1658 }
1659 }
1660
1661 return 0;
1662}
1663
1664const VMStateDescription vmstate_ahci = {
1665 .name = "ahci",
1666 .version_id = 1,
1667 .post_load = ahci_state_post_load,
1668 .fields = (VMStateField[]) {
1669 VMSTATE_STRUCT_VARRAY_POINTER_INT32(dev, AHCIState, ports,
1670 vmstate_ahci_device, AHCIDevice),
1671 VMSTATE_UINT32(control_regs.cap, AHCIState),
1672 VMSTATE_UINT32(control_regs.ghc, AHCIState),
1673 VMSTATE_UINT32(control_regs.irqstatus, AHCIState),
1674 VMSTATE_UINT32(control_regs.impl, AHCIState),
1675 VMSTATE_UINT32(control_regs.version, AHCIState),
1676 VMSTATE_UINT32(idp_index, AHCIState),
1677 VMSTATE_INT32_EQUAL(ports, AHCIState, NULL),
1678 VMSTATE_END_OF_LIST()
1679 },
1680};
1681
1682static const VMStateDescription vmstate_sysbus_ahci = {
1683 .name = "sysbus-ahci",
1684 .fields = (VMStateField[]) {
1685 VMSTATE_AHCI(ahci, SysbusAHCIState),
1686 VMSTATE_END_OF_LIST()
1687 },
1688};
1689
1690static void sysbus_ahci_reset(DeviceState *dev)
1691{
1692 SysbusAHCIState *s = SYSBUS_AHCI(dev);
1693
1694 ahci_reset(&s->ahci);
1695}
1696
1697static void sysbus_ahci_init(Object *obj)
1698{
1699 SysbusAHCIState *s = SYSBUS_AHCI(obj);
1700 SysBusDevice *sbd = SYS_BUS_DEVICE(obj);
1701
1702 ahci_init(&s->ahci, DEVICE(obj));
1703
1704 sysbus_init_mmio(sbd, &s->ahci.mem);
1705 sysbus_init_irq(sbd, &s->ahci.irq);
1706}
1707
1708static void sysbus_ahci_realize(DeviceState *dev, Error **errp)
1709{
1710 SysbusAHCIState *s = SYSBUS_AHCI(dev);
1711
1712 ahci_realize(&s->ahci, dev, &address_space_memory, s->num_ports);
1713}
1714
1715static Property sysbus_ahci_properties[] = {
1716 DEFINE_PROP_UINT32("num-ports", SysbusAHCIState, num_ports, 1),
1717 DEFINE_PROP_END_OF_LIST(),
1718};
1719
1720static void sysbus_ahci_class_init(ObjectClass *klass, void *data)
1721{
1722 DeviceClass *dc = DEVICE_CLASS(klass);
1723
1724 dc->realize = sysbus_ahci_realize;
1725 dc->vmsd = &vmstate_sysbus_ahci;
1726 dc->props = sysbus_ahci_properties;
1727 dc->reset = sysbus_ahci_reset;
1728 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
1729}
1730
1731static const TypeInfo sysbus_ahci_info = {
1732 .name = TYPE_SYSBUS_AHCI,
1733 .parent = TYPE_SYS_BUS_DEVICE,
1734 .instance_size = sizeof(SysbusAHCIState),
1735 .instance_init = sysbus_ahci_init,
1736 .class_init = sysbus_ahci_class_init,
1737};
1738
1739static void sysbus_ahci_register_types(void)
1740{
1741 type_register_static(&sysbus_ahci_info);
1742}
1743
1744type_init(sysbus_ahci_register_types)
1745
1746int32_t ahci_get_num_ports(PCIDevice *dev)
1747{
1748 AHCIPCIState *d = ICH_AHCI(dev);
1749 AHCIState *ahci = &d->ahci;
1750
1751 return ahci->ports;
1752}
1753
1754void ahci_ide_create_devs(PCIDevice *dev, DriveInfo **hd)
1755{
1756 AHCIPCIState *d = ICH_AHCI(dev);
1757 AHCIState *ahci = &d->ahci;
1758 int i;
1759
1760 for (i = 0; i < ahci->ports; i++) {
1761 if (hd[i] == NULL) {
1762 continue;
1763 }
1764 ide_create_drive(&ahci->dev[i].port, 0, hd[i]);
1765 }
1766
1767}
1768
