1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24#include "qemu/osdep.h"
25#include "hw/irq.h"
26#include "hw/pci/msi.h"
27#include "hw/pci/pci.h"
28#include "hw/qdev-properties.h"
29#include "migration/vmstate.h"
30
31#include "qemu/error-report.h"
32#include "qemu/log.h"
33#include "qemu/main-loop.h"
34#include "qemu/module.h"
35#include "sysemu/block-backend.h"
36#include "sysemu/dma.h"
37#include "hw/ide/internal.h"
38#include "hw/ide/pci.h"
39#include "ahci_internal.h"
40
41#include "trace.h"
42
43static void check_cmd(AHCIState *s, int port);
44static void handle_cmd(AHCIState *s, int port, uint8_t slot);
45static void ahci_reset_port(AHCIState *s, int port);
46static bool ahci_write_fis_d2h(AHCIDevice *ad, bool d2h_fis_i);
47static void ahci_clear_cmd_issue(AHCIDevice *ad, uint8_t slot);
48static void ahci_init_d2h(AHCIDevice *ad);
49static int ahci_dma_prepare_buf(const IDEDMA *dma, int32_t limit);
50static bool ahci_map_clb_address(AHCIDevice *ad);
51static bool ahci_map_fis_address(AHCIDevice *ad);
52static void ahci_unmap_clb_address(AHCIDevice *ad);
53static void ahci_unmap_fis_address(AHCIDevice *ad);
54
55static const char *AHCIHostReg_lookup[AHCI_HOST_REG__COUNT] = {
56 [AHCI_HOST_REG_CAP] = "CAP",
57 [AHCI_HOST_REG_CTL] = "GHC",
58 [AHCI_HOST_REG_IRQ_STAT] = "IS",
59 [AHCI_HOST_REG_PORTS_IMPL] = "PI",
60 [AHCI_HOST_REG_VERSION] = "VS",
61 [AHCI_HOST_REG_CCC_CTL] = "CCC_CTL",
62 [AHCI_HOST_REG_CCC_PORTS] = "CCC_PORTS",
63 [AHCI_HOST_REG_EM_LOC] = "EM_LOC",
64 [AHCI_HOST_REG_EM_CTL] = "EM_CTL",
65 [AHCI_HOST_REG_CAP2] = "CAP2",
66 [AHCI_HOST_REG_BOHC] = "BOHC",
67};
68
69static const char *AHCIPortReg_lookup[AHCI_PORT_REG__COUNT] = {
70 [AHCI_PORT_REG_LST_ADDR] = "PxCLB",
71 [AHCI_PORT_REG_LST_ADDR_HI] = "PxCLBU",
72 [AHCI_PORT_REG_FIS_ADDR] = "PxFB",
73 [AHCI_PORT_REG_FIS_ADDR_HI] = "PxFBU",
74 [AHCI_PORT_REG_IRQ_STAT] = "PxIS",
75 [AHCI_PORT_REG_IRQ_MASK] = "PXIE",
76 [AHCI_PORT_REG_CMD] = "PxCMD",
77 [7] = "Reserved",
78 [AHCI_PORT_REG_TFDATA] = "PxTFD",
79 [AHCI_PORT_REG_SIG] = "PxSIG",
80 [AHCI_PORT_REG_SCR_STAT] = "PxSSTS",
81 [AHCI_PORT_REG_SCR_CTL] = "PxSCTL",
82 [AHCI_PORT_REG_SCR_ERR] = "PxSERR",
83 [AHCI_PORT_REG_SCR_ACT] = "PxSACT",
84 [AHCI_PORT_REG_CMD_ISSUE] = "PxCI",
85 [AHCI_PORT_REG_SCR_NOTIF] = "PxSNTF",
86 [AHCI_PORT_REG_FIS_CTL] = "PxFBS",
87 [AHCI_PORT_REG_DEV_SLEEP] = "PxDEVSLP",
88 [18 ... 27] = "Reserved",
89 [AHCI_PORT_REG_VENDOR_1 ...
90 AHCI_PORT_REG_VENDOR_4] = "PxVS",
91};
92
93static const char *AHCIPortIRQ_lookup[AHCI_PORT_IRQ__COUNT] = {
94 [AHCI_PORT_IRQ_BIT_DHRS] = "DHRS",
95 [AHCI_PORT_IRQ_BIT_PSS] = "PSS",
96 [AHCI_PORT_IRQ_BIT_DSS] = "DSS",
97 [AHCI_PORT_IRQ_BIT_SDBS] = "SDBS",
98 [AHCI_PORT_IRQ_BIT_UFS] = "UFS",
99 [AHCI_PORT_IRQ_BIT_DPS] = "DPS",
100 [AHCI_PORT_IRQ_BIT_PCS] = "PCS",
101 [AHCI_PORT_IRQ_BIT_DMPS] = "DMPS",
102 [8 ... 21] = "RESERVED",
103 [AHCI_PORT_IRQ_BIT_PRCS] = "PRCS",
104 [AHCI_PORT_IRQ_BIT_IPMS] = "IPMS",
105 [AHCI_PORT_IRQ_BIT_OFS] = "OFS",
106 [25] = "RESERVED",
107 [AHCI_PORT_IRQ_BIT_INFS] = "INFS",
108 [AHCI_PORT_IRQ_BIT_IFS] = "IFS",
109 [AHCI_PORT_IRQ_BIT_HBDS] = "HBDS",
110 [AHCI_PORT_IRQ_BIT_HBFS] = "HBFS",
111 [AHCI_PORT_IRQ_BIT_TFES] = "TFES",
112 [AHCI_PORT_IRQ_BIT_CPDS] = "CPDS"
113};
114
115static uint32_t ahci_port_read(AHCIState *s, int port, int offset)
116{
117 uint32_t val;
118 AHCIPortRegs *pr = &s->dev[port].port_regs;
119 enum AHCIPortReg regnum = offset / sizeof(uint32_t);
120 assert(regnum < (AHCI_PORT_ADDR_OFFSET_LEN / sizeof(uint32_t)));
121
122 switch (regnum) {
123 case AHCI_PORT_REG_LST_ADDR:
124 val = pr->lst_addr;
125 break;
126 case AHCI_PORT_REG_LST_ADDR_HI:
127 val = pr->lst_addr_hi;
128 break;
129 case AHCI_PORT_REG_FIS_ADDR:
130 val = pr->fis_addr;
131 break;
132 case AHCI_PORT_REG_FIS_ADDR_HI:
133 val = pr->fis_addr_hi;
134 break;
135 case AHCI_PORT_REG_IRQ_STAT:
136 val = pr->irq_stat;
137 break;
138 case AHCI_PORT_REG_IRQ_MASK:
139 val = pr->irq_mask;
140 break;
141 case AHCI_PORT_REG_CMD:
142 val = pr->cmd;
143 break;
144 case AHCI_PORT_REG_TFDATA:
145 val = pr->tfdata;
146 break;
147 case AHCI_PORT_REG_SIG:
148 val = pr->sig;
149 break;
150 case AHCI_PORT_REG_SCR_STAT:
151 if (s->dev[port].port.ifs[0].blk) {
152 val = SATA_SCR_SSTATUS_DET_DEV_PRESENT_PHY_UP |
153 SATA_SCR_SSTATUS_SPD_GEN1 | SATA_SCR_SSTATUS_IPM_ACTIVE;
154 } else {
155 val = SATA_SCR_SSTATUS_DET_NODEV;
156 }
157 break;
158 case AHCI_PORT_REG_SCR_CTL:
159 val = pr->scr_ctl;
160 break;
161 case AHCI_PORT_REG_SCR_ERR:
162 val = pr->scr_err;
163 break;
164 case AHCI_PORT_REG_SCR_ACT:
165 val = pr->scr_act;
166 break;
167 case AHCI_PORT_REG_CMD_ISSUE:
168 val = pr->cmd_issue;
169 break;
170 default:
171 trace_ahci_port_read_default(s, port, AHCIPortReg_lookup[regnum],
172 offset);
173 val = 0;
174 }
175
176 trace_ahci_port_read(s, port, AHCIPortReg_lookup[regnum], offset, val);
177 return val;
178}
179
180static void ahci_irq_raise(AHCIState *s)
181{
182 DeviceState *dev_state = s->container;
183 PCIDevice *pci_dev = (PCIDevice *) object_dynamic_cast(OBJECT(dev_state),
184 TYPE_PCI_DEVICE);
185
186 trace_ahci_irq_raise(s);
187
188 if (pci_dev && msi_enabled(pci_dev)) {
189 msi_notify(pci_dev, 0);
190 } else {
191 qemu_irq_raise(s->irq);
192 }
193}
194
195static void ahci_irq_lower(AHCIState *s)
196{
197 DeviceState *dev_state = s->container;
198 PCIDevice *pci_dev = (PCIDevice *) object_dynamic_cast(OBJECT(dev_state),
199 TYPE_PCI_DEVICE);
200
201 trace_ahci_irq_lower(s);
202
203 if (!pci_dev || !msi_enabled(pci_dev)) {
204 qemu_irq_lower(s->irq);
205 }
206}
207
208static void ahci_check_irq(AHCIState *s)
209{
210 int i;
211 uint32_t old_irq = s->control_regs.irqstatus;
212
213 s->control_regs.irqstatus = 0;
214 for (i = 0; i < s->ports; i++) {
215 AHCIPortRegs *pr = &s->dev[i].port_regs;
216 if (pr->irq_stat & pr->irq_mask) {
217 s->control_regs.irqstatus |= (1 << i);
218 }
219 }
220 trace_ahci_check_irq(s, old_irq, s->control_regs.irqstatus);
221 if (s->control_regs.irqstatus &&
222 (s->control_regs.ghc & HOST_CTL_IRQ_EN)) {
223 ahci_irq_raise(s);
224 } else {
225 ahci_irq_lower(s);
226 }
227}
228
229static void ahci_trigger_irq(AHCIState *s, AHCIDevice *d,
230 enum AHCIPortIRQ irqbit)
231{
232 g_assert((unsigned)irqbit < 32);
233 uint32_t irq = 1U << irqbit;
234 uint32_t irqstat = d->port_regs.irq_stat | irq;
235
236 trace_ahci_trigger_irq(s, d->port_no,
237 AHCIPortIRQ_lookup[irqbit], irq,
238 d->port_regs.irq_stat, irqstat,
239 irqstat & d->port_regs.irq_mask);
240
241 d->port_regs.irq_stat = irqstat;
242 ahci_check_irq(s);
243}
244
245static void map_page(AddressSpace *as, uint8_t **ptr, uint64_t addr,
246 uint32_t wanted)
247{
248 hwaddr len = wanted;
249
250 if (*ptr) {
251 dma_memory_unmap(as, *ptr, len, DMA_DIRECTION_FROM_DEVICE, len);
252 }
253
254 *ptr = dma_memory_map(as, addr, &len, DMA_DIRECTION_FROM_DEVICE,
255 MEMTXATTRS_UNSPECIFIED);
256 if (len < wanted && *ptr) {
257 dma_memory_unmap(as, *ptr, len, DMA_DIRECTION_FROM_DEVICE, len);
258 *ptr = NULL;
259 }
260}
261
262
263
264
265
266
267
268
269
270static int ahci_cond_start_engines(AHCIDevice *ad)
271{
272 AHCIPortRegs *pr = &ad->port_regs;
273 bool cmd_start = pr->cmd & PORT_CMD_START;
274 bool cmd_on = pr->cmd & PORT_CMD_LIST_ON;
275 bool fis_start = pr->cmd & PORT_CMD_FIS_RX;
276 bool fis_on = pr->cmd & PORT_CMD_FIS_ON;
277
278 if (cmd_start && !cmd_on) {
279 if (!ahci_map_clb_address(ad)) {
280 pr->cmd &= ~PORT_CMD_START;
281 error_report("AHCI: Failed to start DMA engine: "
282 "bad command list buffer address");
283 return -1;
284 }
285 } else if (!cmd_start && cmd_on) {
286 ahci_unmap_clb_address(ad);
287 }
288
289 if (fis_start && !fis_on) {
290 if (!ahci_map_fis_address(ad)) {
291 pr->cmd &= ~PORT_CMD_FIS_RX;
292 error_report("AHCI: Failed to start FIS receive engine: "
293 "bad FIS receive buffer address");
294 return -1;
295 }
296 } else if (!fis_start && fis_on) {
297 ahci_unmap_fis_address(ad);
298 }
299
300 return 0;
301}
302
303static void ahci_port_write(AHCIState *s, int port, int offset, uint32_t val)
304{
305 AHCIPortRegs *pr = &s->dev[port].port_regs;
306 enum AHCIPortReg regnum = offset / sizeof(uint32_t);
307 assert(regnum < (AHCI_PORT_ADDR_OFFSET_LEN / sizeof(uint32_t)));
308 trace_ahci_port_write(s, port, AHCIPortReg_lookup[regnum], offset, val);
309
310 switch (regnum) {
311 case AHCI_PORT_REG_LST_ADDR:
312 pr->lst_addr = val;
313 break;
314 case AHCI_PORT_REG_LST_ADDR_HI:
315 pr->lst_addr_hi = val;
316 break;
317 case AHCI_PORT_REG_FIS_ADDR:
318 pr->fis_addr = val;
319 break;
320 case AHCI_PORT_REG_FIS_ADDR_HI:
321 pr->fis_addr_hi = val;
322 break;
323 case AHCI_PORT_REG_IRQ_STAT:
324 pr->irq_stat &= ~val;
325 ahci_check_irq(s);
326 break;
327 case AHCI_PORT_REG_IRQ_MASK:
328 pr->irq_mask = val & 0xfdc000ff;
329 ahci_check_irq(s);
330 break;
331 case AHCI_PORT_REG_CMD:
332 if ((pr->cmd & PORT_CMD_START) && !(val & PORT_CMD_START)) {
333 pr->scr_act = 0;
334 pr->cmd_issue = 0;
335 }
336
337
338
339
340
341
342
343 pr->cmd = (pr->cmd & PORT_CMD_RO_MASK) |
344 (val & ~(PORT_CMD_RO_MASK | PORT_CMD_ICC_MASK));
345
346
347 ahci_cond_start_engines(&s->dev[port]);
348
349
350
351
352
353 if ((pr->cmd & PORT_CMD_FIS_ON) &&
354 !s->dev[port].init_d2h_sent) {
355 ahci_init_d2h(&s->dev[port]);
356 }
357
358 check_cmd(s, port);
359 break;
360 case AHCI_PORT_REG_TFDATA:
361 case AHCI_PORT_REG_SIG:
362 case AHCI_PORT_REG_SCR_STAT:
363
364 break;
365 case AHCI_PORT_REG_SCR_CTL:
366 if (((pr->scr_ctl & AHCI_SCR_SCTL_DET) == 1) &&
367 ((val & AHCI_SCR_SCTL_DET) == 0)) {
368 ahci_reset_port(s, port);
369 }
370 pr->scr_ctl = val;
371 break;
372 case AHCI_PORT_REG_SCR_ERR:
373 pr->scr_err &= ~val;
374 break;
375 case AHCI_PORT_REG_SCR_ACT:
376
377 pr->scr_act |= val;
378 break;
379 case AHCI_PORT_REG_CMD_ISSUE:
380 pr->cmd_issue |= val;
381 check_cmd(s, port);
382 break;
383 default:
384 trace_ahci_port_write_unimpl(s, port, AHCIPortReg_lookup[regnum],
385 offset, val);
386 qemu_log_mask(LOG_UNIMP, "Attempted write to unimplemented register: "
387 "AHCI port %d register %s, offset 0x%x: 0x%"PRIx32,
388 port, AHCIPortReg_lookup[regnum], offset, val);
389 break;
390 }
391}
392
393static uint64_t ahci_mem_read_32(void *opaque, hwaddr addr)
394{
395 AHCIState *s = opaque;
396 uint32_t val = 0;
397
398 if (addr < AHCI_GENERIC_HOST_CONTROL_REGS_MAX_ADDR) {
399 enum AHCIHostReg regnum = addr / 4;
400 assert(regnum < AHCI_HOST_REG__COUNT);
401
402 switch (regnum) {
403 case AHCI_HOST_REG_CAP:
404 val = s->control_regs.cap;
405 break;
406 case AHCI_HOST_REG_CTL:
407 val = s->control_regs.ghc;
408 break;
409 case AHCI_HOST_REG_IRQ_STAT:
410 val = s->control_regs.irqstatus;
411 break;
412 case AHCI_HOST_REG_PORTS_IMPL:
413 val = s->control_regs.impl;
414 break;
415 case AHCI_HOST_REG_VERSION:
416 val = s->control_regs.version;
417 break;
418 default:
419 trace_ahci_mem_read_32_host_default(s, AHCIHostReg_lookup[regnum],
420 addr);
421 }
422 trace_ahci_mem_read_32_host(s, AHCIHostReg_lookup[regnum], addr, val);
423 } else if ((addr >= AHCI_PORT_REGS_START_ADDR) &&
424 (addr < (AHCI_PORT_REGS_START_ADDR +
425 (s->ports * AHCI_PORT_ADDR_OFFSET_LEN)))) {
426 val = ahci_port_read(s, (addr - AHCI_PORT_REGS_START_ADDR) >> 7,
427 addr & AHCI_PORT_ADDR_OFFSET_MASK);
428 } else {
429 trace_ahci_mem_read_32_default(s, addr, val);
430 }
431
432 trace_ahci_mem_read_32(s, addr, val);
433 return val;
434}
435
436
437
438
439
440
441
442static uint64_t ahci_mem_read(void *opaque, hwaddr addr, unsigned size)
443{
444 hwaddr aligned = addr & ~0x3;
445 int ofst = addr - aligned;
446 uint64_t lo = ahci_mem_read_32(opaque, aligned);
447 uint64_t hi;
448 uint64_t val;
449
450
451 if (ofst + size <= 4) {
452 val = lo >> (ofst * 8);
453 } else {
454 g_assert(size > 1);
455
456
457
458 hi = ahci_mem_read_32(opaque, aligned + 4);
459 val = (hi << 32 | lo) >> (ofst * 8);
460 }
461
462 trace_ahci_mem_read(opaque, size, addr, val);
463 return val;
464}
465
466
467static void ahci_mem_write(void *opaque, hwaddr addr,
468 uint64_t val, unsigned size)
469{
470 AHCIState *s = opaque;
471
472 trace_ahci_mem_write(s, size, addr, val);
473
474
475 if (addr & 3) {
476 qemu_log_mask(LOG_GUEST_ERROR,
477 "ahci: Mis-aligned write to addr 0x%03" HWADDR_PRIX "\n",
478 addr);
479 return;
480 }
481
482 if (addr < AHCI_GENERIC_HOST_CONTROL_REGS_MAX_ADDR) {
483 enum AHCIHostReg regnum = addr / 4;
484 assert(regnum < AHCI_HOST_REG__COUNT);
485
486 switch (regnum) {
487 case AHCI_HOST_REG_CAP:
488
489 break;
490 case AHCI_HOST_REG_CTL:
491 if (val & HOST_CTL_RESET) {
492 ahci_reset(s);
493 } else {
494 s->control_regs.ghc = (val & 0x3) | HOST_CTL_AHCI_EN;
495 ahci_check_irq(s);
496 }
497 break;
498 case AHCI_HOST_REG_IRQ_STAT:
499 s->control_regs.irqstatus &= ~val;
500 ahci_check_irq(s);
501 break;
502 case AHCI_HOST_REG_PORTS_IMPL:
503
504 break;
505 case AHCI_HOST_REG_VERSION:
506
507 break;
508 default:
509 qemu_log_mask(LOG_UNIMP,
510 "Attempted write to unimplemented register: "
511 "AHCI host register %s, "
512 "offset 0x%"PRIx64": 0x%"PRIx64,
513 AHCIHostReg_lookup[regnum], addr, val);
514 trace_ahci_mem_write_host_unimpl(s, size,
515 AHCIHostReg_lookup[regnum], addr);
516 }
517 trace_ahci_mem_write_host(s, size, AHCIHostReg_lookup[regnum],
518 addr, val);
519 } else if ((addr >= AHCI_PORT_REGS_START_ADDR) &&
520 (addr < (AHCI_PORT_REGS_START_ADDR +
521 (s->ports * AHCI_PORT_ADDR_OFFSET_LEN)))) {
522 ahci_port_write(s, (addr - AHCI_PORT_REGS_START_ADDR) >> 7,
523 addr & AHCI_PORT_ADDR_OFFSET_MASK, val);
524 } else {
525 qemu_log_mask(LOG_UNIMP, "Attempted write to unimplemented register: "
526 "AHCI global register at offset 0x%"PRIx64": 0x%"PRIx64,
527 addr, val);
528 trace_ahci_mem_write_unimpl(s, size, addr, val);
529 }
530}
531
532static const MemoryRegionOps ahci_mem_ops = {
533 .read = ahci_mem_read,
534 .write = ahci_mem_write,
535 .endianness = DEVICE_LITTLE_ENDIAN,
536};
537
538static uint64_t ahci_idp_read(void *opaque, hwaddr addr,
539 unsigned size)
540{
541 AHCIState *s = opaque;
542
543 if (addr == s->idp_offset) {
544
545 return s->idp_index;
546 } else if (addr == s->idp_offset + 4) {
547
548 return ahci_mem_read(opaque, s->idp_index, size);
549 } else {
550 return 0;
551 }
552}
553
554static void ahci_idp_write(void *opaque, hwaddr addr,
555 uint64_t val, unsigned size)
556{
557 AHCIState *s = opaque;
558
559 if (addr == s->idp_offset) {
560
561 s->idp_index = (uint32_t)val & ((AHCI_MEM_BAR_SIZE - 1) & ~3);
562 } else if (addr == s->idp_offset + 4) {
563
564 ahci_mem_write(opaque, s->idp_index, val, size);
565 }
566}
567
568static const MemoryRegionOps ahci_idp_ops = {
569 .read = ahci_idp_read,
570 .write = ahci_idp_write,
571 .endianness = DEVICE_LITTLE_ENDIAN,
572};
573
574
575static void ahci_reg_init(AHCIState *s)
576{
577 int i;
578
579 s->control_regs.cap = (s->ports - 1) |
580 (AHCI_NUM_COMMAND_SLOTS << 8) |
581 (AHCI_SUPPORTED_SPEED_GEN1 << AHCI_SUPPORTED_SPEED) |
582 HOST_CAP_NCQ | HOST_CAP_AHCI | HOST_CAP_64;
583
584 s->control_regs.impl = (1 << s->ports) - 1;
585
586 s->control_regs.version = AHCI_VERSION_1_0;
587
588 for (i = 0; i < s->ports; i++) {
589 s->dev[i].port_state = STATE_RUN;
590 }
591}
592
593static void check_cmd(AHCIState *s, int port)
594{
595 AHCIPortRegs *pr = &s->dev[port].port_regs;
596 uint8_t slot;
597
598 if ((pr->cmd & PORT_CMD_START) && pr->cmd_issue) {
599 for (slot = 0; (slot < 32) && pr->cmd_issue; slot++) {
600 if (pr->cmd_issue & (1U << slot)) {
601 handle_cmd(s, port, slot);
602 }
603 }
604 }
605}
606
607static void ahci_check_cmd_bh(void *opaque)
608{
609 AHCIDevice *ad = opaque;
610
611 qemu_bh_delete(ad->check_bh);
612 ad->check_bh = NULL;
613
614 check_cmd(ad->hba, ad->port_no);
615}
616
617static void ahci_init_d2h(AHCIDevice *ad)
618{
619 IDEState *ide_state = &ad->port.ifs[0];
620 AHCIPortRegs *pr = &ad->port_regs;
621
622 if (ad->init_d2h_sent) {
623 return;
624 }
625
626 if (ahci_write_fis_d2h(ad, true)) {
627 ad->init_d2h_sent = true;
628
629
630 pr->sig = ((uint32_t)ide_state->hcyl << 24) |
631 (ide_state->lcyl << 16) |
632 (ide_state->sector << 8) |
633 (ide_state->nsector & 0xFF);
634 }
635}
636
637static void ahci_set_signature(AHCIDevice *ad, uint32_t sig)
638{
639 IDEState *s = &ad->port.ifs[0];
640 s->hcyl = sig >> 24 & 0xFF;
641 s->lcyl = sig >> 16 & 0xFF;
642 s->sector = sig >> 8 & 0xFF;
643 s->nsector = sig & 0xFF;
644
645 trace_ahci_set_signature(ad->hba, ad->port_no, s->nsector, s->sector,
646 s->lcyl, s->hcyl, sig);
647}
648
649static void ahci_reset_port(AHCIState *s, int port)
650{
651 AHCIDevice *d = &s->dev[port];
652 AHCIPortRegs *pr = &d->port_regs;
653 IDEState *ide_state = &d->port.ifs[0];
654 int i;
655
656 trace_ahci_reset_port(s, port);
657
658 ide_bus_reset(&d->port);
659 ide_state->ncq_queues = AHCI_MAX_CMDS;
660
661 pr->scr_stat = 0;
662 pr->scr_err = 0;
663 pr->scr_act = 0;
664 pr->tfdata = 0x7F;
665 pr->sig = 0xFFFFFFFF;
666 d->busy_slot = -1;
667 d->init_d2h_sent = false;
668
669 ide_state = &s->dev[port].port.ifs[0];
670 if (!ide_state->blk) {
671 return;
672 }
673
674
675 for (i = 0; i < AHCI_MAX_CMDS; i++) {
676 NCQTransferState *ncq_tfs = &s->dev[port].ncq_tfs[i];
677 ncq_tfs->halt = false;
678 if (!ncq_tfs->used) {
679 continue;
680 }
681
682 if (ncq_tfs->aiocb) {
683 blk_aio_cancel(ncq_tfs->aiocb);
684 ncq_tfs->aiocb = NULL;
685 }
686
687
688 if (!ncq_tfs->used) {
689 continue;
690 }
691
692 qemu_sglist_destroy(&ncq_tfs->sglist);
693 ncq_tfs->used = 0;
694 }
695
696 s->dev[port].port_state = STATE_RUN;
697 if (ide_state->drive_kind == IDE_CD) {
698 ahci_set_signature(d, SATA_SIGNATURE_CDROM);
699 ide_state->status = SEEK_STAT | WRERR_STAT | READY_STAT;
700 } else {
701 ahci_set_signature(d, SATA_SIGNATURE_DISK);
702 ide_state->status = SEEK_STAT | WRERR_STAT;
703 }
704
705 ide_state->error = 1;
706 ahci_init_d2h(d);
707}
708
709
710static char *ahci_pretty_buffer_fis(const uint8_t *fis, int cmd_len)
711{
712 int i;
713 GString *s = g_string_new("FIS:");
714
715 for (i = 0; i < cmd_len; i++) {
716 if ((i & 0xf) == 0) {
717 g_string_append_printf(s, "\n0x%02x: ", i);
718 }
719 g_string_append_printf(s, "%02x ", fis[i]);
720 }
721 g_string_append_c(s, '\n');
722
723 return g_string_free(s, FALSE);
724}
725
726static bool ahci_map_fis_address(AHCIDevice *ad)
727{
728 AHCIPortRegs *pr = &ad->port_regs;
729 map_page(ad->hba->as, &ad->res_fis,
730 ((uint64_t)pr->fis_addr_hi << 32) | pr->fis_addr, 256);
731 if (ad->res_fis != NULL) {
732 pr->cmd |= PORT_CMD_FIS_ON;
733 return true;
734 }
735
736 pr->cmd &= ~PORT_CMD_FIS_ON;
737 return false;
738}
739
740static void ahci_unmap_fis_address(AHCIDevice *ad)
741{
742 if (ad->res_fis == NULL) {
743 trace_ahci_unmap_fis_address_null(ad->hba, ad->port_no);
744 return;
745 }
746 ad->port_regs.cmd &= ~PORT_CMD_FIS_ON;
747 dma_memory_unmap(ad->hba->as, ad->res_fis, 256,
748 DMA_DIRECTION_FROM_DEVICE, 256);
749 ad->res_fis = NULL;
750}
751
752static bool ahci_map_clb_address(AHCIDevice *ad)
753{
754 AHCIPortRegs *pr = &ad->port_regs;
755 ad->cur_cmd = NULL;
756 map_page(ad->hba->as, &ad->lst,
757 ((uint64_t)pr->lst_addr_hi << 32) | pr->lst_addr, 1024);
758 if (ad->lst != NULL) {
759 pr->cmd |= PORT_CMD_LIST_ON;
760 return true;
761 }
762
763 pr->cmd &= ~PORT_CMD_LIST_ON;
764 return false;
765}
766
767static void ahci_unmap_clb_address(AHCIDevice *ad)
768{
769 if (ad->lst == NULL) {
770 trace_ahci_unmap_clb_address_null(ad->hba, ad->port_no);
771 return;
772 }
773 ad->port_regs.cmd &= ~PORT_CMD_LIST_ON;
774 dma_memory_unmap(ad->hba->as, ad->lst, 1024,
775 DMA_DIRECTION_FROM_DEVICE, 1024);
776 ad->lst = NULL;
777}
778
779static void ahci_write_fis_sdb(AHCIState *s, NCQTransferState *ncq_tfs)
780{
781 AHCIDevice *ad = ncq_tfs->drive;
782 AHCIPortRegs *pr = &ad->port_regs;
783 IDEState *ide_state;
784 SDBFIS *sdb_fis;
785
786 if (!ad->res_fis ||
787 !(pr->cmd & PORT_CMD_FIS_RX)) {
788 return;
789 }
790
791 sdb_fis = (SDBFIS *)&ad->res_fis[RES_FIS_SDBFIS];
792 ide_state = &ad->port.ifs[0];
793
794 sdb_fis->type = SATA_FIS_TYPE_SDB;
795
796 sdb_fis->flags = 0x40;
797 sdb_fis->status = ide_state->status & 0x77;
798 sdb_fis->error = ide_state->error;
799
800 sdb_fis->payload = cpu_to_le32(ad->finished);
801
802
803 pr->tfdata = (ad->port.ifs[0].error << 8) |
804 (ad->port.ifs[0].status & 0x77) |
805 (pr->tfdata & 0x88);
806 pr->scr_act &= ~ad->finished;
807 ad->finished = 0;
808
809
810
811
812
813
814 if (sdb_fis->status & ERR_STAT) {
815 ahci_trigger_irq(s, ad, AHCI_PORT_IRQ_BIT_TFES);
816 } else if (sdb_fis->flags & 0x40) {
817 ahci_trigger_irq(s, ad, AHCI_PORT_IRQ_BIT_SDBS);
818 }
819}
820
821static void ahci_write_fis_pio(AHCIDevice *ad, uint16_t len, bool pio_fis_i)
822{
823 AHCIPortRegs *pr = &ad->port_regs;
824 uint8_t *pio_fis;
825 IDEState *s = &ad->port.ifs[0];
826
827 if (!ad->res_fis || !(pr->cmd & PORT_CMD_FIS_RX)) {
828 return;
829 }
830
831 pio_fis = &ad->res_fis[RES_FIS_PSFIS];
832
833 pio_fis[0] = SATA_FIS_TYPE_PIO_SETUP;
834 pio_fis[1] = (pio_fis_i ? (1 << 6) : 0);
835 pio_fis[2] = s->status;
836 pio_fis[3] = s->error;
837
838 pio_fis[4] = s->sector;
839 pio_fis[5] = s->lcyl;
840 pio_fis[6] = s->hcyl;
841 pio_fis[7] = s->select;
842 pio_fis[8] = s->hob_sector;
843 pio_fis[9] = s->hob_lcyl;
844 pio_fis[10] = s->hob_hcyl;
845 pio_fis[11] = 0;
846 pio_fis[12] = s->nsector & 0xFF;
847 pio_fis[13] = (s->nsector >> 8) & 0xFF;
848 pio_fis[14] = 0;
849 pio_fis[15] = s->status;
850 pio_fis[16] = len & 255;
851 pio_fis[17] = len >> 8;
852 pio_fis[18] = 0;
853 pio_fis[19] = 0;
854
855
856 pr->tfdata = (ad->port.ifs[0].error << 8) |
857 ad->port.ifs[0].status;
858
859 if (pio_fis[2] & ERR_STAT) {
860 ahci_trigger_irq(ad->hba, ad, AHCI_PORT_IRQ_BIT_TFES);
861 }
862}
863
864static bool ahci_write_fis_d2h(AHCIDevice *ad, bool d2h_fis_i)
865{
866 AHCIPortRegs *pr = &ad->port_regs;
867 uint8_t *d2h_fis;
868 int i;
869 IDEState *s = &ad->port.ifs[0];
870
871 if (!ad->res_fis || !(pr->cmd & PORT_CMD_FIS_RX)) {
872 return false;
873 }
874
875 d2h_fis = &ad->res_fis[RES_FIS_RFIS];
876
877 d2h_fis[0] = SATA_FIS_TYPE_REGISTER_D2H;
878 d2h_fis[1] = d2h_fis_i ? (1 << 6) : 0;
879 d2h_fis[2] = s->status;
880 d2h_fis[3] = s->error;
881
882 d2h_fis[4] = s->sector;
883 d2h_fis[5] = s->lcyl;
884 d2h_fis[6] = s->hcyl;
885 d2h_fis[7] = s->select;
886 d2h_fis[8] = s->hob_sector;
887 d2h_fis[9] = s->hob_lcyl;
888 d2h_fis[10] = s->hob_hcyl;
889 d2h_fis[11] = 0;
890 d2h_fis[12] = s->nsector & 0xFF;
891 d2h_fis[13] = (s->nsector >> 8) & 0xFF;
892 for (i = 14; i < 20; i++) {
893 d2h_fis[i] = 0;
894 }
895
896
897 pr->tfdata = (ad->port.ifs[0].error << 8) |
898 ad->port.ifs[0].status;
899
900 if (d2h_fis[2] & ERR_STAT) {
901 ahci_trigger_irq(ad->hba, ad, AHCI_PORT_IRQ_BIT_TFES);
902 }
903
904 if (d2h_fis_i) {
905 ahci_trigger_irq(ad->hba, ad, AHCI_PORT_IRQ_BIT_DHRS);
906 }
907
908 return true;
909}
910
911static int prdt_tbl_entry_size(const AHCI_SG *tbl)
912{
913
914 return (le32_to_cpu(tbl->flags_size) & AHCI_PRDT_SIZE_MASK) + 1;
915}
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930static int ahci_populate_sglist(AHCIDevice *ad, QEMUSGList *sglist,
931 AHCICmdHdr *cmd, int64_t limit, uint64_t offset)
932{
933 uint16_t opts = le16_to_cpu(cmd->opts);
934 uint16_t prdtl = le16_to_cpu(cmd->prdtl);
935 uint64_t cfis_addr = le64_to_cpu(cmd->tbl_addr);
936 uint64_t prdt_addr = cfis_addr + 0x80;
937 dma_addr_t prdt_len = (prdtl * sizeof(AHCI_SG));
938 dma_addr_t real_prdt_len = prdt_len;
939 uint8_t *prdt;
940 int i;
941 int r = 0;
942 uint64_t sum = 0;
943 int off_idx = -1;
944 int64_t off_pos = -1;
945 int tbl_entry_size;
946 IDEBus *bus = &ad->port;
947 BusState *qbus = BUS(bus);
948
949 trace_ahci_populate_sglist(ad->hba, ad->port_no);
950
951 if (!prdtl) {
952 trace_ahci_populate_sglist_no_prdtl(ad->hba, ad->port_no, opts);
953 return -1;
954 }
955
956
957 if (!(prdt = dma_memory_map(ad->hba->as, prdt_addr, &prdt_len,
958 DMA_DIRECTION_TO_DEVICE,
959 MEMTXATTRS_UNSPECIFIED))){
960 trace_ahci_populate_sglist_no_map(ad->hba, ad->port_no);
961 return -1;
962 }
963
964 if (prdt_len < real_prdt_len) {
965 trace_ahci_populate_sglist_short_map(ad->hba, ad->port_no);
966 r = -1;
967 goto out;
968 }
969
970
971 if (prdtl > 0) {
972 AHCI_SG *tbl = (AHCI_SG *)prdt;
973 sum = 0;
974 for (i = 0; i < prdtl; i++) {
975 tbl_entry_size = prdt_tbl_entry_size(&tbl[i]);
976 if (offset < (sum + tbl_entry_size)) {
977 off_idx = i;
978 off_pos = offset - sum;
979 break;
980 }
981 sum += tbl_entry_size;
982 }
983 if ((off_idx == -1) || (off_pos < 0) || (off_pos > tbl_entry_size)) {
984 trace_ahci_populate_sglist_bad_offset(ad->hba, ad->port_no,
985 off_idx, off_pos);
986 r = -1;
987 goto out;
988 }
989
990 qemu_sglist_init(sglist, qbus->parent, (prdtl - off_idx),
991 ad->hba->as);
992 qemu_sglist_add(sglist, le64_to_cpu(tbl[off_idx].addr) + off_pos,
993 MIN(prdt_tbl_entry_size(&tbl[off_idx]) - off_pos,
994 limit));
995
996 for (i = off_idx + 1; i < prdtl && sglist->size < limit; i++) {
997 qemu_sglist_add(sglist, le64_to_cpu(tbl[i].addr),
998 MIN(prdt_tbl_entry_size(&tbl[i]),
999 limit - sglist->size));
1000 }
1001 }
1002
1003out:
1004 dma_memory_unmap(ad->hba->as, prdt, prdt_len,
1005 DMA_DIRECTION_TO_DEVICE, prdt_len);
1006 return r;
1007}
1008
1009static void ncq_err(NCQTransferState *ncq_tfs)
1010{
1011 IDEState *ide_state = &ncq_tfs->drive->port.ifs[0];
1012
1013 ide_state->error = ABRT_ERR;
1014 ide_state->status = READY_STAT | ERR_STAT;
1015 qemu_sglist_destroy(&ncq_tfs->sglist);
1016 ncq_tfs->used = 0;
1017}
1018
1019static void ncq_finish(NCQTransferState *ncq_tfs)
1020{
1021
1022
1023
1024 if (ncq_tfs->used) {
1025 ncq_tfs->drive->finished |= (1 << ncq_tfs->tag);
1026 }
1027
1028 ahci_write_fis_sdb(ncq_tfs->drive->hba, ncq_tfs);
1029
1030 trace_ncq_finish(ncq_tfs->drive->hba, ncq_tfs->drive->port_no,
1031 ncq_tfs->tag);
1032
1033 block_acct_done(blk_get_stats(ncq_tfs->drive->port.ifs[0].blk),
1034 &ncq_tfs->acct);
1035 qemu_sglist_destroy(&ncq_tfs->sglist);
1036 ncq_tfs->used = 0;
1037}
1038
1039static void ncq_cb(void *opaque, int ret)
1040{
1041 NCQTransferState *ncq_tfs = (NCQTransferState *)opaque;
1042 IDEState *ide_state = &ncq_tfs->drive->port.ifs[0];
1043
1044 ncq_tfs->aiocb = NULL;
1045
1046 if (ret < 0) {
1047 bool is_read = ncq_tfs->cmd == READ_FPDMA_QUEUED;
1048 BlockErrorAction action = blk_get_error_action(ide_state->blk,
1049 is_read, -ret);
1050 if (action == BLOCK_ERROR_ACTION_STOP) {
1051 ncq_tfs->halt = true;
1052 ide_state->bus->error_status = IDE_RETRY_HBA;
1053 } else if (action == BLOCK_ERROR_ACTION_REPORT) {
1054 ncq_err(ncq_tfs);
1055 }
1056 blk_error_action(ide_state->blk, action, is_read, -ret);
1057 } else {
1058 ide_state->status = READY_STAT | SEEK_STAT;
1059 }
1060
1061 if (!ncq_tfs->halt) {
1062 ncq_finish(ncq_tfs);
1063 }
1064}
1065
1066static int is_ncq(uint8_t ata_cmd)
1067{
1068
1069 switch (ata_cmd) {
1070 case READ_FPDMA_QUEUED:
1071 case WRITE_FPDMA_QUEUED:
1072 case NCQ_NON_DATA:
1073 case RECEIVE_FPDMA_QUEUED:
1074 case SEND_FPDMA_QUEUED:
1075 return 1;
1076 default:
1077 return 0;
1078 }
1079}
1080
1081static void execute_ncq_command(NCQTransferState *ncq_tfs)
1082{
1083 AHCIDevice *ad = ncq_tfs->drive;
1084 IDEState *ide_state = &ad->port.ifs[0];
1085 int port = ad->port_no;
1086
1087 g_assert(is_ncq(ncq_tfs->cmd));
1088 ncq_tfs->halt = false;
1089
1090 switch (ncq_tfs->cmd) {
1091 case READ_FPDMA_QUEUED:
1092 trace_execute_ncq_command_read(ad->hba, port, ncq_tfs->tag,
1093 ncq_tfs->sector_count, ncq_tfs->lba);
1094 dma_acct_start(ide_state->blk, &ncq_tfs->acct,
1095 &ncq_tfs->sglist, BLOCK_ACCT_READ);
1096 ncq_tfs->aiocb = dma_blk_read(ide_state->blk, &ncq_tfs->sglist,
1097 ncq_tfs->lba << BDRV_SECTOR_BITS,
1098 BDRV_SECTOR_SIZE,
1099 ncq_cb, ncq_tfs);
1100 break;
1101 case WRITE_FPDMA_QUEUED:
1102 trace_execute_ncq_command_write(ad->hba, port, ncq_tfs->tag,
1103 ncq_tfs->sector_count, ncq_tfs->lba);
1104 dma_acct_start(ide_state->blk, &ncq_tfs->acct,
1105 &ncq_tfs->sglist, BLOCK_ACCT_WRITE);
1106 ncq_tfs->aiocb = dma_blk_write(ide_state->blk, &ncq_tfs->sglist,
1107 ncq_tfs->lba << BDRV_SECTOR_BITS,
1108 BDRV_SECTOR_SIZE,
1109 ncq_cb, ncq_tfs);
1110 break;
1111 default:
1112 trace_execute_ncq_command_unsup(ad->hba, port,
1113 ncq_tfs->tag, ncq_tfs->cmd);
1114 ncq_err(ncq_tfs);
1115 }
1116}
1117
1118
1119static void process_ncq_command(AHCIState *s, int port, const uint8_t *cmd_fis,
1120 uint8_t slot)
1121{
1122 AHCIDevice *ad = &s->dev[port];
1123 const NCQFrame *ncq_fis = (NCQFrame *)cmd_fis;
1124 uint8_t tag = ncq_fis->tag >> 3;
1125 NCQTransferState *ncq_tfs = &ad->ncq_tfs[tag];
1126 size_t size;
1127
1128 g_assert(is_ncq(ncq_fis->command));
1129 if (ncq_tfs->used) {
1130
1131 qemu_log_mask(LOG_GUEST_ERROR, "%s: tag %d already used\n",
1132 __func__, tag);
1133 return;
1134 }
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145 ahci_clear_cmd_issue(ad, slot);
1146
1147
1148
1149
1150
1151
1152 ahci_write_fis_d2h(ad, false);
1153
1154 ncq_tfs->used = 1;
1155 ncq_tfs->drive = ad;
1156 ncq_tfs->slot = slot;
1157 ncq_tfs->cmdh = &((AHCICmdHdr *)ad->lst)[slot];
1158 ncq_tfs->cmd = ncq_fis->command;
1159 ncq_tfs->lba = ((uint64_t)ncq_fis->lba5 << 40) |
1160 ((uint64_t)ncq_fis->lba4 << 32) |
1161 ((uint64_t)ncq_fis->lba3 << 24) |
1162 ((uint64_t)ncq_fis->lba2 << 16) |
1163 ((uint64_t)ncq_fis->lba1 << 8) |
1164 (uint64_t)ncq_fis->lba0;
1165 ncq_tfs->tag = tag;
1166
1167
1168 if (tag != slot) {
1169 trace_process_ncq_command_mismatch(s, port, tag, slot);
1170 }
1171
1172 if (ncq_fis->aux0 || ncq_fis->aux1 || ncq_fis->aux2 || ncq_fis->aux3) {
1173 trace_process_ncq_command_aux(s, port, tag);
1174 }
1175 if (ncq_fis->prio || ncq_fis->icc) {
1176 trace_process_ncq_command_prioicc(s, port, tag);
1177 }
1178 if (ncq_fis->fua & NCQ_FIS_FUA_MASK) {
1179 trace_process_ncq_command_fua(s, port, tag);
1180 }
1181 if (ncq_fis->tag & NCQ_FIS_RARC_MASK) {
1182 trace_process_ncq_command_rarc(s, port, tag);
1183 }
1184
1185 ncq_tfs->sector_count = ((ncq_fis->sector_count_high << 8) |
1186 ncq_fis->sector_count_low);
1187 if (!ncq_tfs->sector_count) {
1188 ncq_tfs->sector_count = 0x10000;
1189 }
1190 size = ncq_tfs->sector_count * BDRV_SECTOR_SIZE;
1191 ahci_populate_sglist(ad, &ncq_tfs->sglist, ncq_tfs->cmdh, size, 0);
1192
1193 if (ncq_tfs->sglist.size < size) {
1194 error_report("ahci: PRDT length for NCQ command (0x" DMA_ADDR_FMT ") "
1195 "is smaller than the requested size (0x%zx)",
1196 ncq_tfs->sglist.size, size);
1197 ncq_err(ncq_tfs);
1198 ahci_trigger_irq(ad->hba, ad, AHCI_PORT_IRQ_BIT_OFS);
1199 return;
1200 } else if (ncq_tfs->sglist.size != size) {
1201 trace_process_ncq_command_large(s, port, tag,
1202 ncq_tfs->sglist.size, size);
1203 }
1204
1205 trace_process_ncq_command(s, port, tag,
1206 ncq_fis->command,
1207 ncq_tfs->lba,
1208 ncq_tfs->lba + ncq_tfs->sector_count - 1);
1209 execute_ncq_command(ncq_tfs);
1210}
1211
1212static AHCICmdHdr *get_cmd_header(AHCIState *s, uint8_t port, uint8_t slot)
1213{
1214 if (port >= s->ports || slot >= AHCI_MAX_CMDS) {
1215 return NULL;
1216 }
1217
1218 return s->dev[port].lst ? &((AHCICmdHdr *)s->dev[port].lst)[slot] : NULL;
1219}
1220
1221static void handle_reg_h2d_fis(AHCIState *s, int port,
1222 uint8_t slot, const uint8_t *cmd_fis)
1223{
1224 IDEState *ide_state = &s->dev[port].port.ifs[0];
1225 AHCICmdHdr *cmd = get_cmd_header(s, port, slot);
1226 AHCIDevice *ad = &s->dev[port];
1227 uint16_t opts = le16_to_cpu(cmd->opts);
1228
1229 if (cmd_fis[1] & 0x0F) {
1230 trace_handle_reg_h2d_fis_pmp(s, port, cmd_fis[1],
1231 cmd_fis[2], cmd_fis[3]);
1232 return;
1233 }
1234
1235 if (cmd_fis[1] & 0x70) {
1236 trace_handle_reg_h2d_fis_res(s, port, cmd_fis[1],
1237 cmd_fis[2], cmd_fis[3]);
1238 return;
1239 }
1240
1241 if (!(cmd_fis[1] & SATA_FIS_REG_H2D_UPDATE_COMMAND_REGISTER)) {
1242 switch (s->dev[port].port_state) {
1243 case STATE_RUN:
1244 if (cmd_fis[15] & ATA_SRST) {
1245 s->dev[port].port_state = STATE_RESET;
1246 }
1247 break;
1248 case STATE_RESET:
1249 if (!(cmd_fis[15] & ATA_SRST)) {
1250 ahci_reset_port(s, port);
1251 }
1252 break;
1253 }
1254 return;
1255 }
1256
1257
1258 if (is_ncq(cmd_fis[2])) {
1259 process_ncq_command(s, port, cmd_fis, slot);
1260 return;
1261 }
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274 ide_state->feature = cmd_fis[3];
1275 ide_state->sector = cmd_fis[4];
1276 ide_state->lcyl = cmd_fis[5];
1277 ide_state->hcyl = cmd_fis[6];
1278 ide_state->select = cmd_fis[7];
1279 ide_state->hob_sector = cmd_fis[8];
1280 ide_state->hob_lcyl = cmd_fis[9];
1281 ide_state->hob_hcyl = cmd_fis[10];
1282 ide_state->hob_feature = cmd_fis[11];
1283 ide_state->nsector = (int64_t)((cmd_fis[13] << 8) | cmd_fis[12]);
1284
1285
1286
1287
1288
1289 if (opts & AHCI_CMD_ATAPI) {
1290 memcpy(ide_state->io_buffer, &cmd_fis[AHCI_COMMAND_TABLE_ACMD], 0x10);
1291 if (trace_event_get_state_backends(TRACE_HANDLE_REG_H2D_FIS_DUMP)) {
1292 char *pretty_fis = ahci_pretty_buffer_fis(ide_state->io_buffer, 0x10);
1293 trace_handle_reg_h2d_fis_dump(s, port, pretty_fis);
1294 g_free(pretty_fis);
1295 }
1296 }
1297
1298 ide_state->error = 0;
1299 s->dev[port].done_first_drq = false;
1300
1301 cmd->status = 0;
1302
1303
1304
1305
1306
1307
1308
1309 ad->busy_slot = slot;
1310
1311
1312 ide_bus_exec_cmd(&s->dev[port].port, cmd_fis[2]);
1313}
1314
1315static void handle_cmd(AHCIState *s, int port, uint8_t slot)
1316{
1317 IDEState *ide_state;
1318 uint64_t tbl_addr;
1319 AHCICmdHdr *cmd;
1320 uint8_t *cmd_fis;
1321 dma_addr_t cmd_len;
1322
1323 if (s->dev[port].port.ifs[0].status & (BUSY_STAT|DRQ_STAT)) {
1324
1325 trace_handle_cmd_busy(s, port);
1326 return;
1327 }
1328
1329 if (!s->dev[port].lst) {
1330 trace_handle_cmd_nolist(s, port);
1331 return;
1332 }
1333 cmd = get_cmd_header(s, port, slot);
1334
1335 s->dev[port].cur_cmd = cmd;
1336
1337
1338 ide_state = &s->dev[port].port.ifs[0];
1339 if (!ide_state->blk) {
1340 trace_handle_cmd_badport(s, port);
1341 return;
1342 }
1343
1344 tbl_addr = le64_to_cpu(cmd->tbl_addr);
1345 cmd_len = 0x80;
1346 cmd_fis = dma_memory_map(s->as, tbl_addr, &cmd_len,
1347 DMA_DIRECTION_TO_DEVICE, MEMTXATTRS_UNSPECIFIED);
1348 if (!cmd_fis) {
1349 trace_handle_cmd_badfis(s, port);
1350 return;
1351 } else if (cmd_len != 0x80) {
1352 ahci_trigger_irq(s, &s->dev[port], AHCI_PORT_IRQ_BIT_HBFS);
1353 trace_handle_cmd_badmap(s, port, cmd_len);
1354 goto out;
1355 }
1356 if (trace_event_get_state_backends(TRACE_HANDLE_CMD_FIS_DUMP)) {
1357 char *pretty_fis = ahci_pretty_buffer_fis(cmd_fis, 0x80);
1358 trace_handle_cmd_fis_dump(s, port, pretty_fis);
1359 g_free(pretty_fis);
1360 }
1361 switch (cmd_fis[0]) {
1362 case SATA_FIS_TYPE_REGISTER_H2D:
1363 handle_reg_h2d_fis(s, port, slot, cmd_fis);
1364 break;
1365 default:
1366 trace_handle_cmd_unhandled_fis(s, port,
1367 cmd_fis[0], cmd_fis[1], cmd_fis[2]);
1368 break;
1369 }
1370
1371out:
1372 dma_memory_unmap(s->as, cmd_fis, cmd_len, DMA_DIRECTION_TO_DEVICE,
1373 cmd_len);
1374}
1375
1376
1377static void ahci_pio_transfer(const IDEDMA *dma)
1378{
1379 AHCIDevice *ad = DO_UPCAST(AHCIDevice, dma, dma);
1380 IDEState *s = &ad->port.ifs[0];
1381 uint32_t size = (uint32_t)(s->data_end - s->data_ptr);
1382
1383 uint16_t opts = le16_to_cpu(ad->cur_cmd->opts);
1384 int is_write = opts & AHCI_CMD_WRITE;
1385 int is_atapi = opts & AHCI_CMD_ATAPI;
1386 int has_sglist = 0;
1387 bool pio_fis_i;
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399 pio_fis_i = ad->done_first_drq || (!is_atapi && !is_write);
1400 ahci_write_fis_pio(ad, size, pio_fis_i);
1401
1402 if (is_atapi && !ad->done_first_drq) {
1403
1404 goto out;
1405 }
1406
1407 if (ahci_dma_prepare_buf(dma, size)) {
1408 has_sglist = 1;
1409 }
1410
1411 trace_ahci_pio_transfer(ad->hba, ad->port_no, is_write ? "writ" : "read",
1412 size, is_atapi ? "atapi" : "ata",
1413 has_sglist ? "" : "o");
1414
1415 if (has_sglist && size) {
1416 const MemTxAttrs attrs = MEMTXATTRS_UNSPECIFIED;
1417
1418 if (is_write) {
1419 dma_buf_write(s->data_ptr, size, NULL, &s->sg, attrs);
1420 } else {
1421 dma_buf_read(s->data_ptr, size, NULL, &s->sg, attrs);
1422 }
1423 }
1424
1425
1426 dma_buf_commit(s, size);
1427
1428out:
1429
1430 s->data_ptr = s->data_end;
1431
1432 ad->done_first_drq = true;
1433 if (pio_fis_i) {
1434 ahci_trigger_irq(ad->hba, ad, AHCI_PORT_IRQ_BIT_PSS);
1435 }
1436}
1437
1438static void ahci_start_dma(const IDEDMA *dma, IDEState *s,
1439 BlockCompletionFunc *dma_cb)
1440{
1441 AHCIDevice *ad = DO_UPCAST(AHCIDevice, dma, dma);
1442 trace_ahci_start_dma(ad->hba, ad->port_no);
1443 s->io_buffer_offset = 0;
1444 dma_cb(s, 0);
1445}
1446
1447static void ahci_restart_dma(const IDEDMA *dma)
1448{
1449
1450}
1451
1452
1453
1454
1455
1456static void ahci_restart(const IDEDMA *dma)
1457{
1458 AHCIDevice *ad = DO_UPCAST(AHCIDevice, dma, dma);
1459 int i;
1460
1461 for (i = 0; i < AHCI_MAX_CMDS; i++) {
1462 NCQTransferState *ncq_tfs = &ad->ncq_tfs[i];
1463 if (ncq_tfs->halt) {
1464 execute_ncq_command(ncq_tfs);
1465 }
1466 }
1467}
1468
1469
1470
1471
1472
1473static int32_t ahci_dma_prepare_buf(const IDEDMA *dma, int32_t limit)
1474{
1475 AHCIDevice *ad = DO_UPCAST(AHCIDevice, dma, dma);
1476 IDEState *s = &ad->port.ifs[0];
1477
1478 if (ahci_populate_sglist(ad, &s->sg, ad->cur_cmd,
1479 limit, s->io_buffer_offset) == -1) {
1480 trace_ahci_dma_prepare_buf_fail(ad->hba, ad->port_no);
1481 return -1;
1482 }
1483 s->io_buffer_size = s->sg.size;
1484
1485 trace_ahci_dma_prepare_buf(ad->hba, ad->port_no, limit, s->io_buffer_size);
1486 return s->io_buffer_size;
1487}
1488
1489
1490
1491
1492
1493
1494static void ahci_commit_buf(const IDEDMA *dma, uint32_t tx_bytes)
1495{
1496 AHCIDevice *ad = DO_UPCAST(AHCIDevice, dma, dma);
1497
1498 tx_bytes += le32_to_cpu(ad->cur_cmd->status);
1499 ad->cur_cmd->status = cpu_to_le32(tx_bytes);
1500}
1501
1502static int ahci_dma_rw_buf(const IDEDMA *dma, bool is_write)
1503{
1504 AHCIDevice *ad = DO_UPCAST(AHCIDevice, dma, dma);
1505 IDEState *s = &ad->port.ifs[0];
1506 uint8_t *p = s->io_buffer + s->io_buffer_index;
1507 int l = s->io_buffer_size - s->io_buffer_index;
1508
1509 if (ahci_populate_sglist(ad, &s->sg, ad->cur_cmd, l, s->io_buffer_offset)) {
1510 return 0;
1511 }
1512
1513 if (is_write) {
1514 dma_buf_read(p, l, NULL, &s->sg, MEMTXATTRS_UNSPECIFIED);
1515 } else {
1516 dma_buf_write(p, l, NULL, &s->sg, MEMTXATTRS_UNSPECIFIED);
1517 }
1518
1519
1520 dma_buf_commit(s, l);
1521 s->io_buffer_index += l;
1522
1523 trace_ahci_dma_rw_buf(ad->hba, ad->port_no, l);
1524 return 1;
1525}
1526
1527static void ahci_clear_cmd_issue(AHCIDevice *ad, uint8_t slot)
1528{
1529 IDEState *ide_state = &ad->port.ifs[0];
1530
1531 if (!(ide_state->status & ERR_STAT) &&
1532 !(ide_state->status & (BUSY_STAT | DRQ_STAT))) {
1533 ad->port_regs.cmd_issue &= ~(1 << slot);
1534 }
1535}
1536
1537
1538static void ahci_cmd_done(const IDEDMA *dma)
1539{
1540 AHCIDevice *ad = DO_UPCAST(AHCIDevice, dma, dma);
1541 IDEState *ide_state = &ad->port.ifs[0];
1542
1543 trace_ahci_cmd_done(ad->hba, ad->port_no);
1544
1545
1546 if (ad->busy_slot != -1) {
1547 ahci_clear_cmd_issue(ad, ad->busy_slot);
1548 ad->busy_slot = -1;
1549 }
1550
1551
1552
1553
1554
1555
1556 ahci_write_fis_d2h(ad, true);
1557
1558 if (!(ide_state->status & ERR_STAT) &&
1559 ad->port_regs.cmd_issue && !ad->check_bh) {
1560 ad->check_bh = qemu_bh_new_guarded(ahci_check_cmd_bh, ad,
1561 &ad->mem_reentrancy_guard);
1562 qemu_bh_schedule(ad->check_bh);
1563 }
1564}
1565
1566static void ahci_irq_set(void *opaque, int n, int level)
1567{
1568 qemu_log_mask(LOG_UNIMP, "ahci: IRQ#%d level:%d\n", n, level);
1569}
1570
1571static const IDEDMAOps ahci_dma_ops = {
1572 .start_dma = ahci_start_dma,
1573 .restart = ahci_restart,
1574 .restart_dma = ahci_restart_dma,
1575 .pio_transfer = ahci_pio_transfer,
1576 .prepare_buf = ahci_dma_prepare_buf,
1577 .commit_buf = ahci_commit_buf,
1578 .rw_buf = ahci_dma_rw_buf,
1579 .cmd_done = ahci_cmd_done,
1580};
1581
1582void ahci_init(AHCIState *s, DeviceState *qdev)
1583{
1584 s->container = qdev;
1585
1586 memory_region_init_io(&s->mem, OBJECT(qdev), &ahci_mem_ops, s,
1587 "ahci", AHCI_MEM_BAR_SIZE);
1588 memory_region_init_io(&s->idp, OBJECT(qdev), &ahci_idp_ops, s,
1589 "ahci-idp", 32);
1590}
1591
1592void ahci_realize(AHCIState *s, DeviceState *qdev, AddressSpace *as, int ports)
1593{
1594 qemu_irq *irqs;
1595 int i;
1596
1597 s->as = as;
1598 s->ports = ports;
1599 s->dev = g_new0(AHCIDevice, ports);
1600 ahci_reg_init(s);
1601 irqs = qemu_allocate_irqs(ahci_irq_set, s, s->ports);
1602 for (i = 0; i < s->ports; i++) {
1603 AHCIDevice *ad = &s->dev[i];
1604
1605 ide_bus_init(&ad->port, sizeof(ad->port), qdev, i, 1);
1606 ide_bus_init_output_irq(&ad->port, irqs[i]);
1607
1608 ad->hba = s;
1609 ad->port_no = i;
1610 ad->port.dma = &ad->dma;
1611 ad->port.dma->ops = &ahci_dma_ops;
1612 ide_bus_register_restart_cb(&ad->port);
1613 }
1614 g_free(irqs);
1615}
1616
1617void ahci_uninit(AHCIState *s)
1618{
1619 int i, j;
1620
1621 for (i = 0; i < s->ports; i++) {
1622 AHCIDevice *ad = &s->dev[i];
1623
1624 for (j = 0; j < 2; j++) {
1625 IDEState *s = &ad->port.ifs[j];
1626
1627 ide_exit(s);
1628 }
1629 object_unparent(OBJECT(&ad->port));
1630 }
1631
1632 g_free(s->dev);
1633}
1634
1635void ahci_reset(AHCIState *s)
1636{
1637 AHCIPortRegs *pr;
1638 int i;
1639
1640 trace_ahci_reset(s);
1641
1642 s->control_regs.irqstatus = 0;
1643
1644
1645
1646
1647
1648
1649
1650
1651 s->control_regs.ghc = HOST_CTL_AHCI_EN;
1652
1653 for (i = 0; i < s->ports; i++) {
1654 pr = &s->dev[i].port_regs;
1655 pr->irq_stat = 0;
1656 pr->irq_mask = 0;
1657 pr->scr_ctl = 0;
1658 pr->cmd = PORT_CMD_SPIN_UP | PORT_CMD_POWER_ON;
1659 ahci_reset_port(s, i);
1660 }
1661}
1662
1663static const VMStateDescription vmstate_ncq_tfs = {
1664 .name = "ncq state",
1665 .version_id = 1,
1666 .fields = (VMStateField[]) {
1667 VMSTATE_UINT32(sector_count, NCQTransferState),
1668 VMSTATE_UINT64(lba, NCQTransferState),
1669 VMSTATE_UINT8(tag, NCQTransferState),
1670 VMSTATE_UINT8(cmd, NCQTransferState),
1671 VMSTATE_UINT8(slot, NCQTransferState),
1672 VMSTATE_BOOL(used, NCQTransferState),
1673 VMSTATE_BOOL(halt, NCQTransferState),
1674 VMSTATE_END_OF_LIST()
1675 },
1676};
1677
1678static const VMStateDescription vmstate_ahci_device = {
1679 .name = "ahci port",
1680 .version_id = 1,
1681 .fields = (VMStateField[]) {
1682 VMSTATE_IDE_BUS(port, AHCIDevice),
1683 VMSTATE_IDE_DRIVE(port.ifs[0], AHCIDevice),
1684 VMSTATE_UINT32(port_state, AHCIDevice),
1685 VMSTATE_UINT32(finished, AHCIDevice),
1686 VMSTATE_UINT32(port_regs.lst_addr, AHCIDevice),
1687 VMSTATE_UINT32(port_regs.lst_addr_hi, AHCIDevice),
1688 VMSTATE_UINT32(port_regs.fis_addr, AHCIDevice),
1689 VMSTATE_UINT32(port_regs.fis_addr_hi, AHCIDevice),
1690 VMSTATE_UINT32(port_regs.irq_stat, AHCIDevice),
1691 VMSTATE_UINT32(port_regs.irq_mask, AHCIDevice),
1692 VMSTATE_UINT32(port_regs.cmd, AHCIDevice),
1693 VMSTATE_UINT32(port_regs.tfdata, AHCIDevice),
1694 VMSTATE_UINT32(port_regs.sig, AHCIDevice),
1695 VMSTATE_UINT32(port_regs.scr_stat, AHCIDevice),
1696 VMSTATE_UINT32(port_regs.scr_ctl, AHCIDevice),
1697 VMSTATE_UINT32(port_regs.scr_err, AHCIDevice),
1698 VMSTATE_UINT32(port_regs.scr_act, AHCIDevice),
1699 VMSTATE_UINT32(port_regs.cmd_issue, AHCIDevice),
1700 VMSTATE_BOOL(done_first_drq, AHCIDevice),
1701 VMSTATE_INT32(busy_slot, AHCIDevice),
1702 VMSTATE_BOOL(init_d2h_sent, AHCIDevice),
1703 VMSTATE_STRUCT_ARRAY(ncq_tfs, AHCIDevice, AHCI_MAX_CMDS,
1704 1, vmstate_ncq_tfs, NCQTransferState),
1705 VMSTATE_END_OF_LIST()
1706 },
1707};
1708
1709static int ahci_state_post_load(void *opaque, int version_id)
1710{
1711 int i, j;
1712 struct AHCIDevice *ad;
1713 NCQTransferState *ncq_tfs;
1714 AHCIPortRegs *pr;
1715 AHCIState *s = opaque;
1716
1717 for (i = 0; i < s->ports; i++) {
1718 ad = &s->dev[i];
1719 pr = &ad->port_regs;
1720
1721 if (!(pr->cmd & PORT_CMD_START) && (pr->cmd & PORT_CMD_LIST_ON)) {
1722 error_report("AHCI: DMA engine should be off, but status bit "
1723 "indicates it is still running.");
1724 return -1;
1725 }
1726 if (!(pr->cmd & PORT_CMD_FIS_RX) && (pr->cmd & PORT_CMD_FIS_ON)) {
1727 error_report("AHCI: FIS RX engine should be off, but status bit "
1728 "indicates it is still running.");
1729 return -1;
1730 }
1731
1732
1733
1734 pr->cmd &= ~(PORT_CMD_LIST_ON | PORT_CMD_FIS_ON);
1735 if (ahci_cond_start_engines(ad) != 0) {
1736 return -1;
1737 }
1738
1739 for (j = 0; j < AHCI_MAX_CMDS; j++) {
1740 ncq_tfs = &ad->ncq_tfs[j];
1741 ncq_tfs->drive = ad;
1742
1743 if (ncq_tfs->used != ncq_tfs->halt) {
1744 return -1;
1745 }
1746 if (!ncq_tfs->halt) {
1747 continue;
1748 }
1749 if (!is_ncq(ncq_tfs->cmd)) {
1750 return -1;
1751 }
1752 if (ncq_tfs->slot != ncq_tfs->tag) {
1753 return -1;
1754 }
1755
1756
1757 ncq_tfs->cmdh = get_cmd_header(s, i, ncq_tfs->slot);
1758 if (!ncq_tfs->cmdh) {
1759 return -1;
1760 }
1761 ahci_populate_sglist(ncq_tfs->drive, &ncq_tfs->sglist,
1762 ncq_tfs->cmdh,
1763 ncq_tfs->sector_count * BDRV_SECTOR_SIZE,
1764 0);
1765 if (ncq_tfs->sector_count != ncq_tfs->sglist.size >> 9) {
1766 return -1;
1767 }
1768 }
1769
1770
1771
1772
1773
1774
1775
1776
1777
1778
1779 if (ad->busy_slot == -1) {
1780 check_cmd(s, i);
1781 } else {
1782
1783
1784 if (ad->busy_slot < 0 || ad->busy_slot >= AHCI_MAX_CMDS) {
1785 return -1;
1786 }
1787 ad->cur_cmd = get_cmd_header(s, i, ad->busy_slot);
1788 }
1789 }
1790
1791 return 0;
1792}
1793
1794const VMStateDescription vmstate_ahci = {
1795 .name = "ahci",
1796 .version_id = 1,
1797 .post_load = ahci_state_post_load,
1798 .fields = (VMStateField[]) {
1799 VMSTATE_STRUCT_VARRAY_POINTER_INT32(dev, AHCIState, ports,
1800 vmstate_ahci_device, AHCIDevice),
1801 VMSTATE_UINT32(control_regs.cap, AHCIState),
1802 VMSTATE_UINT32(control_regs.ghc, AHCIState),
1803 VMSTATE_UINT32(control_regs.irqstatus, AHCIState),
1804 VMSTATE_UINT32(control_regs.impl, AHCIState),
1805 VMSTATE_UINT32(control_regs.version, AHCIState),
1806 VMSTATE_UINT32(idp_index, AHCIState),
1807 VMSTATE_INT32_EQUAL(ports, AHCIState, NULL),
1808 VMSTATE_END_OF_LIST()
1809 },
1810};
1811
1812static const VMStateDescription vmstate_sysbus_ahci = {
1813 .name = "sysbus-ahci",
1814 .fields = (VMStateField[]) {
1815 VMSTATE_AHCI(ahci, SysbusAHCIState),
1816 VMSTATE_END_OF_LIST()
1817 },
1818};
1819
1820static void sysbus_ahci_reset(DeviceState *dev)
1821{
1822 SysbusAHCIState *s = SYSBUS_AHCI(dev);
1823
1824 ahci_reset(&s->ahci);
1825}
1826
1827static void sysbus_ahci_init(Object *obj)
1828{
1829 SysbusAHCIState *s = SYSBUS_AHCI(obj);
1830 SysBusDevice *sbd = SYS_BUS_DEVICE(obj);
1831
1832 ahci_init(&s->ahci, DEVICE(obj));
1833
1834 sysbus_init_mmio(sbd, &s->ahci.mem);
1835 sysbus_init_irq(sbd, &s->ahci.irq);
1836}
1837
1838static void sysbus_ahci_realize(DeviceState *dev, Error **errp)
1839{
1840 SysbusAHCIState *s = SYSBUS_AHCI(dev);
1841
1842 ahci_realize(&s->ahci, dev, &address_space_memory, s->num_ports);
1843}
1844
1845static Property sysbus_ahci_properties[] = {
1846 DEFINE_PROP_UINT32("num-ports", SysbusAHCIState, num_ports, 1),
1847 DEFINE_PROP_END_OF_LIST(),
1848};
1849
1850static void sysbus_ahci_class_init(ObjectClass *klass, void *data)
1851{
1852 DeviceClass *dc = DEVICE_CLASS(klass);
1853
1854 dc->realize = sysbus_ahci_realize;
1855 dc->vmsd = &vmstate_sysbus_ahci;
1856 device_class_set_props(dc, sysbus_ahci_properties);
1857 dc->reset = sysbus_ahci_reset;
1858 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
1859}
1860
1861static const TypeInfo sysbus_ahci_info = {
1862 .name = TYPE_SYSBUS_AHCI,
1863 .parent = TYPE_SYS_BUS_DEVICE,
1864 .instance_size = sizeof(SysbusAHCIState),
1865 .instance_init = sysbus_ahci_init,
1866 .class_init = sysbus_ahci_class_init,
1867};
1868
1869static void sysbus_ahci_register_types(void)
1870{
1871 type_register_static(&sysbus_ahci_info);
1872}
1873
1874type_init(sysbus_ahci_register_types)
1875
1876int32_t ahci_get_num_ports(PCIDevice *dev)
1877{
1878 AHCIPCIState *d = ICH9_AHCI(dev);
1879 AHCIState *ahci = &d->ahci;
1880
1881 return ahci->ports;
1882}
1883
1884void ahci_ide_create_devs(PCIDevice *dev, DriveInfo **hd)
1885{
1886 AHCIPCIState *d = ICH9_AHCI(dev);
1887 AHCIState *ahci = &d->ahci;
1888 int i;
1889
1890 for (i = 0; i < ahci->ports; i++) {
1891 if (hd[i] == NULL) {
1892 continue;
1893 }
1894 ide_bus_create_drive(&ahci->dev[i].port, 0, hd[i]);
1895 }
1896
1897}
1898
