From f215e02bf85f68d3a6106c2a1f4f7f063f819064 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Thu, 11 Apr 2024 10:17:27 +0200 Subject: Adding upstream version 7.0.14-dfsg. Signed-off-by: Daniel Baumann --- src/VBox/Devices/Storage/DevATA.cpp | 8484 +++++++++++++++++++++++++++++++++++ 1 file changed, 8484 insertions(+) create mode 100644 src/VBox/Devices/Storage/DevATA.cpp (limited to 'src/VBox/Devices/Storage/DevATA.cpp') diff --git a/src/VBox/Devices/Storage/DevATA.cpp b/src/VBox/Devices/Storage/DevATA.cpp new file mode 100644 index 00000000..bef5a2b0 --- /dev/null +++ b/src/VBox/Devices/Storage/DevATA.cpp @@ -0,0 +1,8484 @@ +/* $Id: DevATA.cpp $ */ +/** @file + * VBox storage devices: ATA/ATAPI controller device (disk and cdrom). + */ + +/* + * Copyright (C) 2006-2023 Oracle and/or its affiliates. + * + * This file is part of VirtualBox base platform packages, as + * available from https://www.virtualbox.org. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation, in version 3 of the + * License. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see . + * + * SPDX-License-Identifier: GPL-3.0-only + */ + + +/********************************************************************************************************************************* +* Header Files * +*********************************************************************************************************************************/ +#define LOG_GROUP LOG_GROUP_DEV_IDE +#include +#include +#include +#include +#ifdef IN_RING3 +# include +# include +# include +# include +# include +# include +#endif /* IN_RING3 */ +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include + +#include "ATAPIPassthrough.h" +#include "VBoxDD.h" + + +/********************************************************************************************************************************* +* Defined Constants And Macros * +*********************************************************************************************************************************/ +/** Temporary instrumentation for tracking down potential virtual disk + * write performance issues. */ +#undef VBOX_INSTRUMENT_DMA_WRITES + +/** @name The SSM saved state versions. + * @{ + */ +/** The current saved state version. */ +#define ATA_SAVED_STATE_VERSION 21 +/** Saved state version without iCurLBA for ATA commands. */ +#define ATA_SAVED_STATE_VERSION_WITHOUT_ATA_ILBA 20 +/** The saved state version used by VirtualBox 3.0. + * This lacks the config part and has the type at the and. */ +#define ATA_SAVED_STATE_VERSION_VBOX_30 19 +#define ATA_SAVED_STATE_VERSION_WITH_BOOL_TYPE 18 +#define ATA_SAVED_STATE_VERSION_WITHOUT_FULL_SENSE 16 +#define ATA_SAVED_STATE_VERSION_WITHOUT_EVENT_STATUS 17 +/** @} */ + +/** Values read from an empty (with no devices attached) ATA bus. */ +#define ATA_EMPTY_BUS_DATA 0x7F +#define ATA_EMPTY_BUS_DATA_32 0x7F7F7F7F + +/** + * Maximum number of sectors to transfer in a READ/WRITE MULTIPLE request. + * Set to 1 to disable multi-sector read support. According to the ATA + * specification this must be a power of 2 and it must fit in an 8 bit + * value. Thus the only valid values are 1, 2, 4, 8, 16, 32, 64 and 128. + */ +#define ATA_MAX_MULT_SECTORS 128 + +/** The maxium I/O buffer size (for sanity). */ +#define ATA_MAX_SECTOR_SIZE _4K +/** The maxium I/O buffer size (for sanity). */ +#define ATA_MAX_IO_BUFFER_SIZE (ATA_MAX_MULT_SECTORS * ATA_MAX_SECTOR_SIZE) + +/** Mask to be applied to all indexing into ATACONTROLLER::aIfs. */ +#define ATA_SELECTED_IF_MASK 1 + +/** + * Fastest PIO mode supported by the drive. + */ +#define ATA_PIO_MODE_MAX 4 +/** + * Fastest MDMA mode supported by the drive. + */ +#define ATA_MDMA_MODE_MAX 2 +/** + * Fastest UDMA mode supported by the drive. + */ +#define ATA_UDMA_MODE_MAX 6 + +/** ATAPI sense info size. */ +#define ATAPI_SENSE_SIZE 64 + +/** The maximum number of release log entries per device. */ +#define MAX_LOG_REL_ERRORS 1024 + +/* MediaEventStatus */ +#define ATA_EVENT_STATUS_UNCHANGED 0 /**< medium event status not changed */ +#define ATA_EVENT_STATUS_MEDIA_EJECT_REQUESTED 1 /**< medium eject requested (eject button pressed) */ +#define ATA_EVENT_STATUS_MEDIA_NEW 2 /**< new medium inserted */ +#define ATA_EVENT_STATUS_MEDIA_REMOVED 3 /**< medium removed */ +#define ATA_EVENT_STATUS_MEDIA_CHANGED 4 /**< medium was removed + new medium was inserted */ + +/* Media track type */ +#define ATA_MEDIA_TYPE_UNKNOWN 0 /**< unknown CD type */ +#define ATA_MEDIA_NO_DISC 0x70 /**< Door closed, no medium */ + +/** @defgroup grp_piix3atabmdma PIIX3 ATA Bus Master DMA + * @{ + */ + +/** @name BM_STATUS + * @{ + */ +/** Currently performing a DMA operation. */ +#define BM_STATUS_DMAING 0x01 +/** An error occurred during the DMA operation. */ +#define BM_STATUS_ERROR 0x02 +/** The DMA unit has raised the IDE interrupt line. */ +#define BM_STATUS_INT 0x04 +/** User-defined bit 0, commonly used to signal that drive 0 supports DMA. */ +#define BM_STATUS_D0DMA 0x20 +/** User-defined bit 1, commonly used to signal that drive 1 supports DMA. */ +#define BM_STATUS_D1DMA 0x40 +/** @} */ + +/** @name BM_CMD + * @{ + */ +/** Start the DMA operation. */ +#define BM_CMD_START 0x01 +/** Data transfer direction: from device to memory if set. */ +#define BM_CMD_WRITE 0x08 +/** @} */ + +/** Number of I/O ports per bus-master DMA controller. */ +#define BM_DMA_CTL_IOPORTS 8 +/** Mask corresponding to BM_DMA_CTL_IOPORTS. */ +#define BM_DMA_CTL_IOPORTS_MASK 7 +/** Shift count corresponding to BM_DMA_CTL_IOPORTS. */ +#define BM_DMA_CTL_IOPORTS_SHIFT 3 + +/** @} */ + +#define ATADEVSTATE_2_DEVINS(pIf) ( (pIf)->CTX_SUFF(pDevIns) ) +#define CONTROLLER_2_DEVINS(pController) ( (pController)->CTX_SUFF(pDevIns) ) + + +/********************************************************************************************************************************* +* Structures and Typedefs * +*********************************************************************************************************************************/ +/** @defgroup grp_piix3atabmdma PIIX3 ATA Bus Master DMA + * @{ + */ +/** PIIX3 Bus Master DMA unit state. */ +typedef struct BMDMAState +{ + /** Command register. */ + uint8_t u8Cmd; + /** Status register. */ + uint8_t u8Status; + /** Explicit alignment padding. */ + uint8_t abAlignment[2]; + /** Address of the MMIO region in the guest's memory space. */ + RTGCPHYS32 GCPhysAddr; +} BMDMAState; + +/** PIIX3 Bus Master DMA descriptor entry. */ +typedef struct BMDMADesc +{ + /** Address of the DMA source/target buffer. */ + RTGCPHYS32 GCPhysBuffer; + /** Size of the DMA source/target buffer. */ + uint32_t cbBuffer; +} BMDMADesc; +/** @} */ + + +/** + * The shared state of an ATA device. + */ +typedef struct ATADEVSTATE +{ + /** The I/O buffer. + * @note Page aligned in case it helps. */ + uint8_t abIOBuffer[ATA_MAX_IO_BUFFER_SIZE]; + + /** Flag indicating whether the current command uses LBA48 mode. */ + bool fLBA48; + /** Flag indicating whether this drive implements the ATAPI command set. */ + bool fATAPI; + /** Set if this interface has asserted the IRQ. */ + bool fIrqPending; + /** Currently configured number of sectors in a multi-sector transfer. */ + uint8_t cMultSectors; + /** Physical CHS disk geometry (static). */ + PDMMEDIAGEOMETRY PCHSGeometry; + /** Translated CHS disk geometry (variable). */ + PDMMEDIAGEOMETRY XCHSGeometry; + /** Total number of sectors on this disk. */ + uint64_t cTotalSectors; + /** Sector size of the medium. */ + uint32_t cbSector; + /** Number of sectors to transfer per IRQ. */ + uint32_t cSectorsPerIRQ; + + /** ATA/ATAPI register 1: feature (write-only). */ + uint8_t uATARegFeature; + /** ATA/ATAPI register 1: feature, high order byte. */ + uint8_t uATARegFeatureHOB; + /** ATA/ATAPI register 1: error (read-only). */ + uint8_t uATARegError; + /** ATA/ATAPI register 2: sector count (read/write). */ + uint8_t uATARegNSector; + /** ATA/ATAPI register 2: sector count, high order byte. */ + uint8_t uATARegNSectorHOB; + /** ATA/ATAPI register 3: sector (read/write). */ + uint8_t uATARegSector; + /** ATA/ATAPI register 3: sector, high order byte. */ + uint8_t uATARegSectorHOB; + /** ATA/ATAPI register 4: cylinder low (read/write). */ + uint8_t uATARegLCyl; + /** ATA/ATAPI register 4: cylinder low, high order byte. */ + uint8_t uATARegLCylHOB; + /** ATA/ATAPI register 5: cylinder high (read/write). */ + uint8_t uATARegHCyl; + /** ATA/ATAPI register 5: cylinder high, high order byte. */ + uint8_t uATARegHCylHOB; + /** ATA/ATAPI register 6: select drive/head (read/write). */ + uint8_t uATARegSelect; + /** ATA/ATAPI register 7: status (read-only). */ + uint8_t uATARegStatus; + /** ATA/ATAPI register 7: command (write-only). */ + uint8_t uATARegCommand; + /** ATA/ATAPI drive control register (write-only). */ + uint8_t uATARegDevCtl; + + /** Currently active transfer mode (MDMA/UDMA) and speed. */ + uint8_t uATATransferMode; + /** Current transfer direction. */ + uint8_t uTxDir; + /** Index of callback for begin transfer. */ + uint8_t iBeginTransfer; + /** Index of callback for source/sink of data. */ + uint8_t iSourceSink; + /** Flag indicating whether the current command transfers data in DMA mode. */ + bool fDMA; + /** Set to indicate that ATAPI transfer semantics must be used. */ + bool fATAPITransfer; + + /** Total ATA/ATAPI transfer size, shared PIO/DMA. */ + uint32_t cbTotalTransfer; + /** Elementary ATA/ATAPI transfer size, shared PIO/DMA. */ + uint32_t cbElementaryTransfer; + /** Maximum ATAPI elementary transfer size, PIO only. */ + uint32_t cbPIOTransferLimit; + /** ATAPI passthrough transfer size, shared PIO/DMA */ + uint32_t cbAtapiPassthroughTransfer; + /** Current read/write buffer position, shared PIO/DMA. */ + uint32_t iIOBufferCur; + /** First element beyond end of valid buffer content, shared PIO/DMA. */ + uint32_t iIOBufferEnd; + /** Align the following fields correctly. */ + uint32_t Alignment0; + + /** ATA/ATAPI current PIO read/write transfer position. Not shared with DMA for safety reasons. */ + uint32_t iIOBufferPIODataStart; + /** ATA/ATAPI current PIO read/write transfer end. Not shared with DMA for safety reasons. */ + uint32_t iIOBufferPIODataEnd; + + /** Current LBA position (both ATA/ATAPI). */ + uint32_t iCurLBA; + /** ATAPI current sector size. */ + uint32_t cbATAPISector; + /** ATAPI current command. */ + uint8_t abATAPICmd[ATAPI_PACKET_SIZE]; + /** ATAPI sense data. */ + uint8_t abATAPISense[ATAPI_SENSE_SIZE]; + /** HACK: Countdown till we report a newly unmounted drive as mounted. */ + uint8_t cNotifiedMediaChange; + /** The same for GET_EVENT_STATUS for mechanism */ + volatile uint32_t MediaEventStatus; + + /** Media type if known. */ + volatile uint32_t MediaTrackType; + + /** The status LED state for this drive. */ + PDMLED Led; + + /** Size of I/O buffer. */ + uint32_t cbIOBuffer; + + /* + * No data that is part of the saved state after this point!!!!! + */ + + /** Counter for number of busy status seen in R3 in a row. */ + uint8_t cBusyStatusHackR3; + /** Counter for number of busy status seen in GC/R0 in a row. */ + uint8_t cBusyStatusHackRZ; + /** Defines the R3 yield rate by a mask (power of 2 minus one). + * Lower is more agressive. */ + uint8_t cBusyStatusHackR3Rate; + /** Defines the R0/RC yield rate by a mask (power of 2 minus one). + * Lower is more agressive. */ + uint8_t cBusyStatusHackRZRate; + + /** Release statistics: number of ATA DMA commands. */ + STAMCOUNTER StatATADMA; + /** Release statistics: number of ATA PIO commands. */ + STAMCOUNTER StatATAPIO; + /** Release statistics: number of ATAPI PIO commands. */ + STAMCOUNTER StatATAPIDMA; + /** Release statistics: number of ATAPI PIO commands. */ + STAMCOUNTER StatATAPIPIO; +#ifdef VBOX_INSTRUMENT_DMA_WRITES + /** Release statistics: number of DMA sector writes and the time spent. */ + STAMPROFILEADV StatInstrVDWrites; +#endif + /** Release statistics: Profiling RTThreadYield calls during status polling. */ + STAMPROFILEADV StatStatusYields; + + /** Statistics: number of read operations and the time spent reading. */ + STAMPROFILEADV StatReads; + /** Statistics: number of bytes read. */ + STAMCOUNTER StatBytesRead; + /** Statistics: number of write operations and the time spent writing. */ + STAMPROFILEADV StatWrites; + /** Statistics: number of bytes written. */ + STAMCOUNTER StatBytesWritten; + /** Statistics: number of flush operations and the time spend flushing. */ + STAMPROFILE StatFlushes; + + /** Enable passing through commands directly to the ATAPI drive. */ + bool fATAPIPassthrough; + /** Flag whether to overwrite inquiry data in passthrough mode. */ + bool fOverwriteInquiry; + /** Number of errors we've reported to the release log. + * This is to prevent flooding caused by something going horribly wrong. + * this value against MAX_LOG_REL_ERRORS in places likely to cause floods + * like the ones we currently seeing on the linux smoke tests (2006-11-10). */ + uint32_t cErrors; + /** Timestamp of last started command. 0 if no command pending. */ + uint64_t u64CmdTS; + + /** The LUN number. */ + uint32_t iLUN; + /** The controller number. */ + uint8_t iCtl; + /** The device number. */ + uint8_t iDev; + /** Set if the device is present. */ + bool fPresent; + /** Explicit alignment. */ + uint8_t bAlignment2; + + /** The serial number to use for IDENTIFY DEVICE commands. */ + char szSerialNumber[ATA_SERIAL_NUMBER_LENGTH+1]; + /** The firmware revision to use for IDENTIFY DEVICE commands. */ + char szFirmwareRevision[ATA_FIRMWARE_REVISION_LENGTH+1]; + /** The model number to use for IDENTIFY DEVICE commands. */ + char szModelNumber[ATA_MODEL_NUMBER_LENGTH+1]; + /** The vendor identification string for SCSI INQUIRY commands. */ + char szInquiryVendorId[SCSI_INQUIRY_VENDOR_ID_LENGTH+1]; + /** The product identification string for SCSI INQUIRY commands. */ + char szInquiryProductId[SCSI_INQUIRY_PRODUCT_ID_LENGTH+1]; + /** The revision string for SCSI INQUIRY commands. */ + char szInquiryRevision[SCSI_INQUIRY_REVISION_LENGTH+1]; + + /** Padding the structure to a multiple of 4096 for better I/O buffer alignment. */ + uint8_t abAlignment4[7 + 3528]; +} ATADEVSTATE; +AssertCompileMemberAlignment(ATADEVSTATE, cTotalSectors, 8); +AssertCompileMemberAlignment(ATADEVSTATE, StatATADMA, 8); +AssertCompileMemberAlignment(ATADEVSTATE, u64CmdTS, 8); +AssertCompileMemberAlignment(ATADEVSTATE, szSerialNumber, 8); +AssertCompileSizeAlignment(ATADEVSTATE, 4096); /* To align the buffer on a page boundrary. */ +/** Pointer to the shared state of an ATA device. */ +typedef ATADEVSTATE *PATADEVSTATE; + + +/** + * The ring-3 state of an ATA device. + * + * @implements PDMIBASE + * @implements PDMIBLOCKPORT + * @implements PDMIMOUNTNOTIFY + */ +typedef struct ATADEVSTATER3 +{ + /** Pointer to the attached driver's base interface. */ + R3PTRTYPE(PPDMIBASE) pDrvBase; + /** Pointer to the attached driver's block interface. */ + R3PTRTYPE(PPDMIMEDIA) pDrvMedia; + /** Pointer to the attached driver's mount interface. + * This is NULL if the driver isn't a removable unit. */ + R3PTRTYPE(PPDMIMOUNT) pDrvMount; + /** The base interface. */ + PDMIBASE IBase; + /** The block port interface. */ + PDMIMEDIAPORT IPort; + /** The mount notify interface. */ + PDMIMOUNTNOTIFY IMountNotify; + + /** The LUN number. */ + uint32_t iLUN; + /** The controller number. */ + uint8_t iCtl; + /** The device number. */ + uint8_t iDev; + /** Explicit alignment. */ + uint8_t abAlignment2[2]; + /** The device instance so we can get our bearings from an interface method. */ + PPDMDEVINSR3 pDevIns; + + /** The current tracklist of the loaded medium if passthrough is used. */ + R3PTRTYPE(PTRACKLIST) pTrackList; +} ATADEVSTATER3; +/** Pointer to the ring-3 state of an ATA device. */ +typedef ATADEVSTATER3 *PATADEVSTATER3; + + +/** + * Transfer request forwarded to the async I/O thread. + */ +typedef struct ATATransferRequest +{ + /** The interface index the request is for. */ + uint8_t iIf; + /** The index of the begin transfer callback to call. */ + uint8_t iBeginTransfer; + /** The index of the source sink callback to call for doing the transfer. */ + uint8_t iSourceSink; + /** Transfer direction. */ + uint8_t uTxDir; + /** How many bytes to transfer. */ + uint32_t cbTotalTransfer; +} ATATransferRequest; + + +/** + * Abort request forwarded to the async I/O thread. + */ +typedef struct ATAAbortRequest +{ + /** The interface index the request is for. */ + uint8_t iIf; + /** Flag whether to reset the drive. */ + bool fResetDrive; +} ATAAbortRequest; + + +/** + * Request type indicator. + */ +typedef enum +{ + /** Begin a new transfer. */ + ATA_AIO_NEW = 0, + /** Continue a DMA transfer. */ + ATA_AIO_DMA, + /** Continue a PIO transfer. */ + ATA_AIO_PIO, + /** Reset the drives on current controller, stop all transfer activity. */ + ATA_AIO_RESET_ASSERTED, + /** Reset the drives on current controller, resume operation. */ + ATA_AIO_RESET_CLEARED, + /** Abort the current transfer of a particular drive. */ + ATA_AIO_ABORT +} ATAAIO; + + +/** + * Combining structure for an ATA request to the async I/O thread + * started with the request type insicator. + */ +typedef struct ATARequest +{ + /** Request type. */ + ATAAIO ReqType; + /** Request type dependent data. */ + union + { + /** Transfer request specific data. */ + ATATransferRequest t; + /** Abort request specific data. */ + ATAAbortRequest a; + } u; +} ATARequest; + + +/** + * The shared state of an ATA controller. + * + * Has two devices, the master (0) and the slave (1). + */ +typedef struct ATACONTROLLER +{ + /** The ATA/ATAPI interfaces of this controller. */ + ATADEVSTATE aIfs[2]; + + /** The base of the first I/O Port range. */ + RTIOPORT IOPortBase1; + /** The base of the second I/O Port range. (0 if none) */ + RTIOPORT IOPortBase2; + /** The assigned IRQ. */ + uint32_t irq; + /** Access critical section */ + PDMCRITSECT lock; + + /** Selected drive. */ + uint8_t iSelectedIf; + /** The interface on which to handle async I/O. */ + uint8_t iAIOIf; + /** The state of the async I/O thread. */ + uint8_t uAsyncIOState; + /** Flag indicating whether the next transfer is part of the current command. */ + bool fChainedTransfer; + /** Set when the reset processing is currently active on this controller. */ + bool fReset; + /** Flag whether the current transfer needs to be redone. */ + bool fRedo; + /** Flag whether the redo suspend has been finished. */ + bool fRedoIdle; + /** Flag whether the DMA operation to be redone is the final transfer. */ + bool fRedoDMALastDesc; + /** The BusMaster DMA state. */ + BMDMAState BmDma; + /** Pointer to first DMA descriptor. */ + RTGCPHYS32 GCPhysFirstDMADesc; + /** Pointer to last DMA descriptor. */ + RTGCPHYS32 GCPhysLastDMADesc; + /** Pointer to current DMA buffer (for redo operations). */ + RTGCPHYS32 GCPhysRedoDMABuffer; + /** Size of current DMA buffer (for redo operations). */ + uint32_t cbRedoDMABuffer; + + /** The event semaphore the thread is waiting on for requests. */ + SUPSEMEVENT hAsyncIOSem; + /** The request queue for the AIO thread. One element is always unused. */ + ATARequest aAsyncIORequests[4]; + /** The position at which to insert a new request for the AIO thread. */ + volatile uint8_t AsyncIOReqHead; + /** The position at which to get a new request for the AIO thread. */ + volatile uint8_t AsyncIOReqTail; + /** The controller number. */ + uint8_t iCtl; + /** Magic delay before triggering interrupts in DMA mode. */ + uint32_t msDelayIRQ; + /** The lock protecting the request queue. */ + PDMCRITSECT AsyncIORequestLock; + + /** Timestamp we started the reset. */ + uint64_t u64ResetTime; + + /** The first port in the first I/O port range, regular operation. */ + IOMIOPORTHANDLE hIoPorts1First; + /** The other ports in the first I/O port range, regular operation. */ + IOMIOPORTHANDLE hIoPorts1Other; + /** The second I/O port range, regular operation. */ + IOMIOPORTHANDLE hIoPorts2; + /** The first I/O port range, empty controller operation. */ + IOMIOPORTHANDLE hIoPortsEmpty1; + /** The second I/O port range, empty controller operation. */ + IOMIOPORTHANDLE hIoPortsEmpty2; + + /* Statistics */ + STAMCOUNTER StatAsyncOps; + uint64_t StatAsyncMinWait; + uint64_t StatAsyncMaxWait; + STAMCOUNTER StatAsyncTimeUS; + STAMPROFILEADV StatAsyncTime; + STAMPROFILE StatLockWait; + uint8_t abAlignment4[3328]; +} ATACONTROLLER; +AssertCompileMemberAlignment(ATACONTROLLER, lock, 8); +AssertCompileMemberAlignment(ATACONTROLLER, aIfs, 8); +AssertCompileMemberAlignment(ATACONTROLLER, u64ResetTime, 8); +AssertCompileMemberAlignment(ATACONTROLLER, StatAsyncOps, 8); +AssertCompileMemberAlignment(ATACONTROLLER, AsyncIORequestLock, 8); +AssertCompileSizeAlignment(ATACONTROLLER, 4096); /* To align the controllers, devices and I/O buffers on page boundaries. */ +/** Pointer to the shared state of an ATA controller. */ +typedef ATACONTROLLER *PATACONTROLLER; + + +/** + * The ring-3 state of an ATA controller. + */ +typedef struct ATACONTROLLERR3 +{ + /** The ATA/ATAPI interfaces of this controller. */ + ATADEVSTATER3 aIfs[2]; + + /** Pointer to device instance. */ + PPDMDEVINSR3 pDevIns; + + /** The async I/O thread handle. NIL_RTTHREAD if no thread. */ + RTTHREAD hAsyncIOThread; + /** The event semaphore the thread is waiting on during suspended I/O. */ + RTSEMEVENT hSuspendIOSem; + /** Set when the destroying the device instance and the thread must exit. */ + uint32_t volatile fShutdown; + /** Whether to call PDMDevHlpAsyncNotificationCompleted when idle. */ + bool volatile fSignalIdle; + + /** The controller number. */ + uint8_t iCtl; + + uint8_t abAlignment[3]; +} ATACONTROLLERR3; +/** Pointer to the ring-3 state of an ATA controller. */ +typedef ATACONTROLLERR3 *PATACONTROLLERR3; + + +/** ATA chipset type. */ +typedef enum CHIPSET +{ + /** PIIX3 chipset, must be 0 for saved state compatibility */ + CHIPSET_PIIX3 = 0, + /** PIIX4 chipset, must be 1 for saved state compatibility */ + CHIPSET_PIIX4, + /** ICH6 chipset */ + CHIPSET_ICH6, + CHIPSET_32BIT_HACK=0x7fffffff +} CHIPSET; +AssertCompileSize(CHIPSET, 4); + +/** + * The shared state of a ATA PCI device. + */ +typedef struct ATASTATE +{ + /** The controllers. */ + ATACONTROLLER aCts[2]; + /** Flag indicating chipset being emulated. */ + CHIPSET enmChipset; + /** Explicit alignment padding. */ + uint8_t abAlignment1[7]; + /** PCI region \#4: Bus-master DMA I/O ports. */ + IOMIOPORTHANDLE hIoPortsBmDma; +} ATASTATE; +/** Pointer to the shared state of an ATA PCI device. */ +typedef ATASTATE *PATASTATE; + + +/** + * The ring-3 state of a ATA PCI device. + * + * @implements PDMILEDPORTS + */ +typedef struct ATASTATER3 +{ + /** The controllers. */ + ATACONTROLLERR3 aCts[2]; + /** Status LUN: Base interface. */ + PDMIBASE IBase; + /** Status LUN: Leds interface. */ + PDMILEDPORTS ILeds; + /** Status LUN: Partner of ILeds. */ + R3PTRTYPE(PPDMILEDCONNECTORS) pLedsConnector; + /** Status LUN: Media Notify. */ + R3PTRTYPE(PPDMIMEDIANOTIFY) pMediaNotify; + /** Pointer to device instance (for getting our bearings in interface methods). */ + PPDMDEVINSR3 pDevIns; +} ATASTATER3; +/** Pointer to the ring-3 state of an ATA PCI device. */ +typedef ATASTATER3 *PATASTATER3; + + +/** + * The ring-0 state of the ATA PCI device. + */ +typedef struct ATASTATER0 +{ + uint64_t uUnused; +} ATASTATER0; +/** Pointer to the ring-0 state of an ATA PCI device. */ +typedef ATASTATER0 *PATASTATER0; + + +/** + * The raw-mode state of the ATA PCI device. + */ +typedef struct ATASTATERC +{ + uint64_t uUnused; +} ATASTATERC; +/** Pointer to the raw-mode state of an ATA PCI device. */ +typedef ATASTATERC *PATASTATERC; + + +/** The current context state of an ATA PCI device. */ +typedef CTX_SUFF(ATASTATE) ATASTATECC; +/** Pointer to the current context state of an ATA PCI device. */ +typedef CTX_SUFF(PATASTATE) PATASTATECC; + + +#ifndef VBOX_DEVICE_STRUCT_TESTCASE + + +#ifdef IN_RING3 +DECLINLINE(void) ataSetStatusValue(PATACONTROLLER pCtl, PATADEVSTATE s, uint8_t stat) +{ + /* Freeze status register contents while processing RESET. */ + if (!pCtl->fReset) + { + s->uATARegStatus = stat; + Log2(("%s: LUN#%d status %#04x\n", __FUNCTION__, s->iLUN, s->uATARegStatus)); + } +} +#endif /* IN_RING3 */ + + +DECLINLINE(void) ataSetStatus(PATACONTROLLER pCtl, PATADEVSTATE s, uint8_t stat) +{ + /* Freeze status register contents while processing RESET. */ + if (!pCtl->fReset) + { + s->uATARegStatus |= stat; + Log2(("%s: LUN#%d status %#04x\n", __FUNCTION__, s->iLUN, s->uATARegStatus)); + } +} + + +DECLINLINE(void) ataUnsetStatus(PATACONTROLLER pCtl, PATADEVSTATE s, uint8_t stat) +{ + /* Freeze status register contents while processing RESET. */ + if (!pCtl->fReset) + { + s->uATARegStatus &= ~stat; + Log2(("%s: LUN#%d status %#04x\n", __FUNCTION__, s->iLUN, s->uATARegStatus)); + } +} + +#if defined(IN_RING3) || defined(IN_RING0) + +# ifdef IN_RING3 +typedef void FNBEGINTRANSFER(PATACONTROLLER pCtl, PATADEVSTATE s); +typedef FNBEGINTRANSFER *PFNBEGINTRANSFER; +typedef bool FNSOURCESINK(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, PATADEVSTATER3 pDevR3); +typedef FNSOURCESINK *PFNSOURCESINK; + +static FNBEGINTRANSFER ataR3ReadWriteSectorsBT; +static FNBEGINTRANSFER ataR3PacketBT; +static FNBEGINTRANSFER atapiR3CmdBT; +static FNBEGINTRANSFER atapiR3PassthroughCmdBT; + +static FNSOURCESINK ataR3IdentifySS; +static FNSOURCESINK ataR3FlushSS; +static FNSOURCESINK ataR3ReadSectorsSS; +static FNSOURCESINK ataR3WriteSectorsSS; +static FNSOURCESINK ataR3ExecuteDeviceDiagnosticSS; +static FNSOURCESINK ataR3TrimSS; +static FNSOURCESINK ataR3PacketSS; +static FNSOURCESINK ataR3InitDevParmSS; +static FNSOURCESINK ataR3RecalibrateSS; +static FNSOURCESINK atapiR3GetConfigurationSS; +static FNSOURCESINK atapiR3GetEventStatusNotificationSS; +static FNSOURCESINK atapiR3IdentifySS; +static FNSOURCESINK atapiR3InquirySS; +static FNSOURCESINK atapiR3MechanismStatusSS; +static FNSOURCESINK atapiR3ModeSenseErrorRecoverySS; +static FNSOURCESINK atapiR3ModeSenseCDStatusSS; +static FNSOURCESINK atapiR3ReadSS; +static FNSOURCESINK atapiR3ReadCapacitySS; +static FNSOURCESINK atapiR3ReadDiscInformationSS; +static FNSOURCESINK atapiR3ReadTOCNormalSS; +static FNSOURCESINK atapiR3ReadTOCMultiSS; +static FNSOURCESINK atapiR3ReadTOCRawSS; +static FNSOURCESINK atapiR3ReadTrackInformationSS; +static FNSOURCESINK atapiR3RequestSenseSS; +static FNSOURCESINK atapiR3PassthroughSS; +static FNSOURCESINK atapiR3ReadDVDStructureSS; +# endif /* IN_RING3 */ + +/** + * Begin of transfer function indexes for g_apfnBeginTransFuncs. + */ +typedef enum ATAFNBT +{ + ATAFN_BT_NULL = 0, + ATAFN_BT_READ_WRITE_SECTORS, + ATAFN_BT_PACKET, + ATAFN_BT_ATAPI_CMD, + ATAFN_BT_ATAPI_PASSTHROUGH_CMD, + ATAFN_BT_MAX +} ATAFNBT; + +# ifdef IN_RING3 +/** + * Array of end transfer functions, the index is ATAFNET. + * Make sure ATAFNET and this array match! + */ +static const PFNBEGINTRANSFER g_apfnBeginTransFuncs[ATAFN_BT_MAX] = +{ + NULL, + ataR3ReadWriteSectorsBT, + ataR3PacketBT, + atapiR3CmdBT, + atapiR3PassthroughCmdBT, +}; +# endif /* IN_RING3 */ + +/** + * Source/sink function indexes for g_apfnSourceSinkFuncs. + */ +typedef enum ATAFNSS +{ + ATAFN_SS_NULL = 0, + ATAFN_SS_IDENTIFY, + ATAFN_SS_FLUSH, + ATAFN_SS_READ_SECTORS, + ATAFN_SS_WRITE_SECTORS, + ATAFN_SS_EXECUTE_DEVICE_DIAGNOSTIC, + ATAFN_SS_TRIM, + ATAFN_SS_PACKET, + ATAFN_SS_INITIALIZE_DEVICE_PARAMETERS, + ATAFN_SS_RECALIBRATE, + ATAFN_SS_ATAPI_GET_CONFIGURATION, + ATAFN_SS_ATAPI_GET_EVENT_STATUS_NOTIFICATION, + ATAFN_SS_ATAPI_IDENTIFY, + ATAFN_SS_ATAPI_INQUIRY, + ATAFN_SS_ATAPI_MECHANISM_STATUS, + ATAFN_SS_ATAPI_MODE_SENSE_ERROR_RECOVERY, + ATAFN_SS_ATAPI_MODE_SENSE_CD_STATUS, + ATAFN_SS_ATAPI_READ, + ATAFN_SS_ATAPI_READ_CAPACITY, + ATAFN_SS_ATAPI_READ_DISC_INFORMATION, + ATAFN_SS_ATAPI_READ_TOC_NORMAL, + ATAFN_SS_ATAPI_READ_TOC_MULTI, + ATAFN_SS_ATAPI_READ_TOC_RAW, + ATAFN_SS_ATAPI_READ_TRACK_INFORMATION, + ATAFN_SS_ATAPI_REQUEST_SENSE, + ATAFN_SS_ATAPI_PASSTHROUGH, + ATAFN_SS_ATAPI_READ_DVD_STRUCTURE, + ATAFN_SS_MAX +} ATAFNSS; + +# ifdef IN_RING3 +/** + * Array of source/sink functions, the index is ATAFNSS. + * Make sure ATAFNSS and this array match! + */ +static const PFNSOURCESINK g_apfnSourceSinkFuncs[ATAFN_SS_MAX] = +{ + NULL, + ataR3IdentifySS, + ataR3FlushSS, + ataR3ReadSectorsSS, + ataR3WriteSectorsSS, + ataR3ExecuteDeviceDiagnosticSS, + ataR3TrimSS, + ataR3PacketSS, + ataR3InitDevParmSS, + ataR3RecalibrateSS, + atapiR3GetConfigurationSS, + atapiR3GetEventStatusNotificationSS, + atapiR3IdentifySS, + atapiR3InquirySS, + atapiR3MechanismStatusSS, + atapiR3ModeSenseErrorRecoverySS, + atapiR3ModeSenseCDStatusSS, + atapiR3ReadSS, + atapiR3ReadCapacitySS, + atapiR3ReadDiscInformationSS, + atapiR3ReadTOCNormalSS, + atapiR3ReadTOCMultiSS, + atapiR3ReadTOCRawSS, + atapiR3ReadTrackInformationSS, + atapiR3RequestSenseSS, + atapiR3PassthroughSS, + atapiR3ReadDVDStructureSS +}; +# endif /* IN_RING3 */ + + +static const ATARequest g_ataDMARequest = { ATA_AIO_DMA, { { 0, 0, 0, 0, 0 } } }; +static const ATARequest g_ataPIORequest = { ATA_AIO_PIO, { { 0, 0, 0, 0, 0 } } }; +# ifdef IN_RING3 +static const ATARequest g_ataResetARequest = { ATA_AIO_RESET_ASSERTED, { { 0, 0, 0, 0, 0 } } }; +static const ATARequest g_ataResetCRequest = { ATA_AIO_RESET_CLEARED, { { 0, 0, 0, 0, 0 } } }; +# endif + +# ifdef IN_RING3 +static void ataR3AsyncIOClearRequests(PPDMDEVINS pDevIns, PATACONTROLLER pCtl) +{ + int rc = PDMDevHlpCritSectEnter(pDevIns, &pCtl->AsyncIORequestLock, VINF_SUCCESS); + PDM_CRITSECT_RELEASE_ASSERT_RC_DEV(pDevIns, &pCtl->AsyncIORequestLock, rc); + + pCtl->AsyncIOReqHead = 0; + pCtl->AsyncIOReqTail = 0; + + rc = PDMDevHlpCritSectLeave(pDevIns, &pCtl->AsyncIORequestLock); + AssertRC(rc); +} +# endif /* IN_RING3 */ + +static void ataHCAsyncIOPutRequest(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, const ATARequest *pReq) +{ + int rc = PDMDevHlpCritSectEnter(pDevIns, &pCtl->AsyncIORequestLock, VINF_SUCCESS); + PDM_CRITSECT_RELEASE_ASSERT_RC_DEV(pDevIns, &pCtl->AsyncIORequestLock, rc); + + uint8_t const iAsyncIORequest = pCtl->AsyncIOReqHead % RT_ELEMENTS(pCtl->aAsyncIORequests); + Assert((iAsyncIORequest + 1) % RT_ELEMENTS(pCtl->aAsyncIORequests) != pCtl->AsyncIOReqTail); + memcpy(&pCtl->aAsyncIORequests[iAsyncIORequest], pReq, sizeof(*pReq)); + pCtl->AsyncIOReqHead = (iAsyncIORequest + 1) % RT_ELEMENTS(pCtl->aAsyncIORequests); + + rc = PDMDevHlpCritSectLeave(pDevIns, &pCtl->AsyncIORequestLock); + AssertRC(rc); + + rc = PDMDevHlpCritSectScheduleExitEvent(pDevIns, &pCtl->lock, pCtl->hAsyncIOSem); + if (RT_FAILURE(rc)) + { + rc = PDMDevHlpSUPSemEventSignal(pDevIns, pCtl->hAsyncIOSem); + AssertRC(rc); + } +} + +# ifdef IN_RING3 + +static const ATARequest *ataR3AsyncIOGetCurrentRequest(PPDMDEVINS pDevIns, PATACONTROLLER pCtl) +{ + const ATARequest *pReq; + + int rc = PDMDevHlpCritSectEnter(pDevIns, &pCtl->AsyncIORequestLock, VINF_SUCCESS); + PDM_CRITSECT_RELEASE_ASSERT_RC_DEV(pDevIns, &pCtl->AsyncIORequestLock, rc); + + if (pCtl->AsyncIOReqHead != pCtl->AsyncIOReqTail) + pReq = &pCtl->aAsyncIORequests[pCtl->AsyncIOReqTail]; + else + pReq = NULL; + + rc = PDMDevHlpCritSectLeave(pDevIns, &pCtl->AsyncIORequestLock); + AssertRC(rc); + return pReq; +} + + +/** + * Remove the request with the given type, as it's finished. The request + * is not removed blindly, as this could mean a RESET request that is not + * yet processed (but has cleared the request queue) is lost. + * + * @param pDevIns The device instance. + * @param pCtl Controller for which to remove the request. + * @param ReqType Type of the request to remove. + */ +static void ataR3AsyncIORemoveCurrentRequest(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, ATAAIO ReqType) +{ + int rc = PDMDevHlpCritSectEnter(pDevIns, &pCtl->AsyncIORequestLock, VINF_SUCCESS); + PDM_CRITSECT_RELEASE_ASSERT_RC_DEV(pDevIns, &pCtl->AsyncIORequestLock, rc); + + if (pCtl->AsyncIOReqHead != pCtl->AsyncIOReqTail && pCtl->aAsyncIORequests[pCtl->AsyncIOReqTail].ReqType == ReqType) + { + pCtl->AsyncIOReqTail++; + pCtl->AsyncIOReqTail %= RT_ELEMENTS(pCtl->aAsyncIORequests); + } + + rc = PDMDevHlpCritSectLeave(pDevIns, &pCtl->AsyncIORequestLock); + AssertRC(rc); +} + + +/** + * Dump the request queue for a particular controller. First dump the queue + * contents, then the already processed entries, as long as they haven't been + * overwritten. + * + * @param pDevIns The device instance. + * @param pCtl Controller for which to dump the queue. + */ +static void ataR3AsyncIODumpRequests(PPDMDEVINS pDevIns, PATACONTROLLER pCtl) +{ + int rc = PDMDevHlpCritSectEnter(pDevIns, &pCtl->AsyncIORequestLock, VINF_SUCCESS); + PDM_CRITSECT_RELEASE_ASSERT_RC_DEV(pDevIns, &pCtl->AsyncIORequestLock, rc); + + LogRel(("PIIX3 ATA: Ctl#%d: request queue dump (topmost is current):\n", pCtl->iCtl)); + uint8_t curr = pCtl->AsyncIOReqTail; + do + { + if (curr == pCtl->AsyncIOReqHead) + LogRel(("PIIX3 ATA: Ctl#%d: processed requests (topmost is oldest):\n", pCtl->iCtl)); + switch (pCtl->aAsyncIORequests[curr].ReqType) + { + case ATA_AIO_NEW: + LogRel(("new transfer request, iIf=%d iBeginTransfer=%d iSourceSink=%d cbTotalTransfer=%d uTxDir=%d\n", + pCtl->aAsyncIORequests[curr].u.t.iIf, pCtl->aAsyncIORequests[curr].u.t.iBeginTransfer, + pCtl->aAsyncIORequests[curr].u.t.iSourceSink, pCtl->aAsyncIORequests[curr].u.t.cbTotalTransfer, + pCtl->aAsyncIORequests[curr].u.t.uTxDir)); + break; + case ATA_AIO_DMA: + LogRel(("dma transfer continuation\n")); + break; + case ATA_AIO_PIO: + LogRel(("pio transfer continuation\n")); + break; + case ATA_AIO_RESET_ASSERTED: + LogRel(("reset asserted request\n")); + break; + case ATA_AIO_RESET_CLEARED: + LogRel(("reset cleared request\n")); + break; + case ATA_AIO_ABORT: + LogRel(("abort request, iIf=%d fResetDrive=%d\n", pCtl->aAsyncIORequests[curr].u.a.iIf, + pCtl->aAsyncIORequests[curr].u.a.fResetDrive)); + break; + default: + LogRel(("unknown request %d\n", pCtl->aAsyncIORequests[curr].ReqType)); + } + curr = (curr + 1) % RT_ELEMENTS(pCtl->aAsyncIORequests); + } while (curr != pCtl->AsyncIOReqTail); + + rc = PDMDevHlpCritSectLeave(pDevIns, &pCtl->AsyncIORequestLock); + AssertRC(rc); +} + + +/** + * Checks whether the request queue for a particular controller is empty + * or whether a particular controller is idle. + * + * @param pDevIns The device instance. + * @param pCtl Controller for which to check the queue. + * @param fStrict If set then the controller is checked to be idle. + */ +static bool ataR3AsyncIOIsIdle(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, bool fStrict) +{ + int rc = PDMDevHlpCritSectEnter(pDevIns, &pCtl->AsyncIORequestLock, VINF_SUCCESS); + PDM_CRITSECT_RELEASE_ASSERT_RC_DEV(pDevIns, &pCtl->AsyncIORequestLock, rc); + + bool fIdle = pCtl->fRedoIdle; + if (!fIdle) + fIdle = (pCtl->AsyncIOReqHead == pCtl->AsyncIOReqTail); + if (fStrict) + fIdle &= (pCtl->uAsyncIOState == ATA_AIO_NEW); + + rc = PDMDevHlpCritSectLeave(pDevIns, &pCtl->AsyncIORequestLock); + AssertRC(rc); + return fIdle; +} + + +/** + * Send a transfer request to the async I/O thread. + * + * @param pDevIns The device instance. + * @param pCtl The ATA controller. + * @param s Pointer to the ATA device state data. + * @param cbTotalTransfer Data transfer size. + * @param uTxDir Data transfer direction. + * @param iBeginTransfer Index of BeginTransfer callback. + * @param iSourceSink Index of SourceSink callback. + * @param fChainedTransfer Whether this is a transfer that is part of the previous command/transfer. + */ +static void ataR3StartTransfer(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, + uint32_t cbTotalTransfer, uint8_t uTxDir, ATAFNBT iBeginTransfer, + ATAFNSS iSourceSink, bool fChainedTransfer) +{ + ATARequest Req; + + Assert(PDMDevHlpCritSectIsOwner(pDevIns, &pCtl->lock)); + + /* Do not issue new requests while the RESET line is asserted. */ + if (pCtl->fReset) + { + Log2(("%s: Ctl#%d: suppressed new request as RESET is active\n", __FUNCTION__, pCtl->iCtl)); + return; + } + + /* If the controller is already doing something else right now, ignore + * the command that is being submitted. Some broken guests issue commands + * twice (e.g. the Linux kernel that comes with Acronis True Image 8). */ + if (!fChainedTransfer && !ataR3AsyncIOIsIdle(pDevIns, pCtl, true /*fStrict*/)) + { + Log(("%s: Ctl#%d: ignored command %#04x, controller state %d\n", __FUNCTION__, pCtl->iCtl, s->uATARegCommand, pCtl->uAsyncIOState)); + LogRel(("PIIX3 IDE: guest issued command %#04x while controller busy\n", s->uATARegCommand)); + return; + } + + Req.ReqType = ATA_AIO_NEW; + if (fChainedTransfer) + Req.u.t.iIf = pCtl->iAIOIf; + else + Req.u.t.iIf = pCtl->iSelectedIf; + Req.u.t.cbTotalTransfer = cbTotalTransfer; + Req.u.t.uTxDir = uTxDir; + Req.u.t.iBeginTransfer = iBeginTransfer; + Req.u.t.iSourceSink = iSourceSink; + ataSetStatusValue(pCtl, s, ATA_STAT_BUSY); + pCtl->fChainedTransfer = fChainedTransfer; + + /* + * Kick the worker thread into action. + */ + Log2(("%s: Ctl#%d: message to async I/O thread, new request\n", __FUNCTION__, pCtl->iCtl)); + ataHCAsyncIOPutRequest(pDevIns, pCtl, &Req); +} + + +/** + * Send an abort command request to the async I/O thread. + * + * @param pDevIns The device instance. + * @param pCtl The ATA controller. + * @param s Pointer to the ATA device state data. + * @param fResetDrive Whether to reset the drive or just abort a command. + */ +static void ataR3AbortCurrentCommand(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, bool fResetDrive) +{ + ATARequest Req; + + Assert(PDMDevHlpCritSectIsOwner(pDevIns, &pCtl->lock)); + + /* Do not issue new requests while the RESET line is asserted. */ + if (pCtl->fReset) + { + Log2(("%s: Ctl#%d: suppressed aborting command as RESET is active\n", __FUNCTION__, pCtl->iCtl)); + return; + } + + Req.ReqType = ATA_AIO_ABORT; + Req.u.a.iIf = pCtl->iSelectedIf; + Req.u.a.fResetDrive = fResetDrive; + ataSetStatus(pCtl, s, ATA_STAT_BUSY); + Log2(("%s: Ctl#%d: message to async I/O thread, abort command on LUN#%d\n", __FUNCTION__, pCtl->iCtl, s->iLUN)); + ataHCAsyncIOPutRequest(pDevIns, pCtl, &Req); +} + +# endif /* IN_RING3 */ + +/** + * Set the internal interrupt pending status, update INTREQ as appropriate. + * + * @param pDevIns The device instance. + * @param pCtl The ATA controller. + * @param s Pointer to the ATA device state data. + */ +static void ataHCSetIRQ(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s) +{ + if (!s->fIrqPending) + { + if (!(s->uATARegDevCtl & ATA_DEVCTL_DISABLE_IRQ)) + { + Log2(("%s: LUN#%d asserting IRQ\n", __FUNCTION__, s->iLUN)); + /* The BMDMA unit unconditionally sets BM_STATUS_INT if the interrupt + * line is asserted. It monitors the line for a rising edge. */ + pCtl->BmDma.u8Status |= BM_STATUS_INT; + /* Only actually set the IRQ line if updating the currently selected drive. */ + if (s == &pCtl->aIfs[pCtl->iSelectedIf & ATA_SELECTED_IF_MASK]) + { + /** @todo experiment with adaptive IRQ delivery: for reads it is + * better to wait for IRQ delivery, as it reduces latency. */ + if (pCtl->irq == 16) + PDMDevHlpPCISetIrq(pDevIns, 0, 1); + else + PDMDevHlpISASetIrq(pDevIns, pCtl->irq, 1); + } + } + s->fIrqPending = true; + } +} + +#endif /* IN_RING0 || IN_RING3 */ + +/** + * Clear the internal interrupt pending status, update INTREQ as appropriate. + * + * @param pDevIns The device instance. + * @param pCtl The ATA controller. + * @param s Pointer to the ATA device state data. + */ +static void ataUnsetIRQ(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s) +{ + if (s->fIrqPending) + { + if (!(s->uATARegDevCtl & ATA_DEVCTL_DISABLE_IRQ)) + { + Log2(("%s: LUN#%d deasserting IRQ\n", __FUNCTION__, s->iLUN)); + /* Only actually unset the IRQ line if updating the currently selected drive. */ + if (s == &pCtl->aIfs[pCtl->iSelectedIf & ATA_SELECTED_IF_MASK]) + { + if (pCtl->irq == 16) + PDMDevHlpPCISetIrq(pDevIns, 0, 0); + else + PDMDevHlpISASetIrq(pDevIns, pCtl->irq, 0); + } + } + s->fIrqPending = false; + } +} + +#if defined(IN_RING0) || defined(IN_RING3) + +static void ataHCPIOTransferStart(PATACONTROLLER pCtl, PATADEVSTATE s, uint32_t start, uint32_t size) +{ + Log2(("%s: LUN#%d start %d size %d\n", __FUNCTION__, s->iLUN, start, size)); + s->iIOBufferPIODataStart = start; + s->iIOBufferPIODataEnd = start + size; + ataSetStatus(pCtl, s, ATA_STAT_DRQ | ATA_STAT_SEEK); + ataUnsetStatus(pCtl, s, ATA_STAT_BUSY); +} + + +static void ataHCPIOTransferStop(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s) +{ + Log2(("%s: LUN#%d\n", __FUNCTION__, s->iLUN)); + if (s->fATAPITransfer) + { + s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD; + Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector)); + ataHCSetIRQ(pDevIns, pCtl, s); + s->fATAPITransfer = false; + } + s->cbTotalTransfer = 0; + s->cbElementaryTransfer = 0; + s->iIOBufferPIODataStart = 0; + s->iIOBufferPIODataEnd = 0; + s->iBeginTransfer = ATAFN_BT_NULL; + s->iSourceSink = ATAFN_SS_NULL; +} + + +static void ataHCPIOTransferLimitATAPI(PATADEVSTATE s) +{ + uint32_t cbLimit, cbTransfer; + + cbLimit = s->cbPIOTransferLimit; + /* Use maximum transfer size if the guest requested 0. Avoids a hang. */ + if (cbLimit == 0) + cbLimit = 0xfffe; + Log2(("%s: byte count limit=%d\n", __FUNCTION__, cbLimit)); + if (cbLimit == 0xffff) + cbLimit--; + cbTransfer = RT_MIN(s->cbTotalTransfer, s->iIOBufferEnd - s->iIOBufferCur); + if (cbTransfer > cbLimit) + { + /* Byte count limit for clipping must be even in this case */ + if (cbLimit & 1) + cbLimit--; + cbTransfer = cbLimit; + } + s->uATARegLCyl = cbTransfer; + s->uATARegHCyl = cbTransfer >> 8; + s->cbElementaryTransfer = cbTransfer; +} + +# ifdef IN_RING3 + +/** + * Enters the lock protecting the controller data against concurrent access. + * + * @param pDevIns The device instance. + * @param pCtl The controller to lock. + */ +DECLINLINE(void) ataR3LockEnter(PPDMDEVINS pDevIns, PATACONTROLLER pCtl) +{ + STAM_PROFILE_START(&pCtl->StatLockWait, a); + int const rcLock = PDMDevHlpCritSectEnter(pDevIns, &pCtl->lock, VINF_SUCCESS); + PDM_CRITSECT_RELEASE_ASSERT_RC_DEV(pDevIns, &pCtl->lock, rcLock); + STAM_PROFILE_STOP(&pCtl->StatLockWait, a); +} + +/** + * Leaves the lock protecting the controller against concurrent data access. + * + * @param pDevIns The device instance. + * @param pCtl The controller to unlock. + */ +DECLINLINE(void) ataR3LockLeave(PPDMDEVINS pDevIns, PATACONTROLLER pCtl) +{ + PDMDevHlpCritSectLeave(pDevIns, &pCtl->lock); +} + +static uint32_t ataR3GetNSectors(PATADEVSTATE s) +{ + /* 0 means either 256 (LBA28) or 65536 (LBA48) sectors. */ + if (s->fLBA48) + { + if (!s->uATARegNSector && !s->uATARegNSectorHOB) + return 65536; + else + return s->uATARegNSectorHOB << 8 | s->uATARegNSector; + } + else + { + if (!s->uATARegNSector) + return 256; + else + return s->uATARegNSector; + } +} + + +static void ataR3PadString(uint8_t *pbDst, const char *pbSrc, uint32_t cbSize) +{ + for (uint32_t i = 0; i < cbSize; i++) + { + if (*pbSrc) + pbDst[i ^ 1] = *pbSrc++; + else + pbDst[i ^ 1] = ' '; + } +} + + +#if 0 /* unused */ +/** + * Compares two MSF values. + * + * @returns 1 if the first value is greater than the second value. + * 0 if both are equal + * -1 if the first value is smaller than the second value. + */ +DECLINLINE(int) atapiCmpMSF(const uint8_t *pbMSF1, const uint8_t *pbMSF2) +{ + int iRes = 0; + + for (unsigned i = 0; i < 3; i++) + { + if (pbMSF1[i] < pbMSF2[i]) + { + iRes = -1; + break; + } + else if (pbMSF1[i] > pbMSF2[i]) + { + iRes = 1; + break; + } + } + + return iRes; +} +#endif /* unused */ + +static void ataR3CmdOK(PATACONTROLLER pCtl, PATADEVSTATE s, uint8_t status) +{ + s->uATARegError = 0; /* Not needed by ATA spec, but cannot hurt. */ + ataSetStatusValue(pCtl, s, ATA_STAT_READY | status); +} + + +static void ataR3CmdError(PATACONTROLLER pCtl, PATADEVSTATE s, uint8_t uErrorCode) +{ + Log(("%s: code=%#x\n", __FUNCTION__, uErrorCode)); + Assert(uErrorCode); + s->uATARegError = uErrorCode; + ataSetStatusValue(pCtl, s, ATA_STAT_READY | ATA_STAT_SEEK | ATA_STAT_ERR); + s->cbTotalTransfer = 0; + s->cbElementaryTransfer = 0; + s->iIOBufferCur = 0; + s->iIOBufferEnd = 0; + s->uTxDir = PDMMEDIATXDIR_NONE; + s->iBeginTransfer = ATAFN_BT_NULL; + s->iSourceSink = ATAFN_SS_NULL; +} + +static uint32_t ataR3Checksum(void* ptr, size_t count) +{ + uint8_t u8Sum = 0xa5, *p = (uint8_t*)ptr; + size_t i; + + for (i = 0; i < count; i++) + { + u8Sum += *p++; + } + + return (uint8_t)-(int32_t)u8Sum; +} + +/** + * Sink/Source: IDENTIFY + */ +static bool ataR3IdentifySS(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, PATADEVSTATER3 pDevR3) +{ + uint16_t *p; + RT_NOREF(pDevIns); + + Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE); + Assert(s->cbElementaryTransfer == 512); + + p = (uint16_t *)&s->abIOBuffer[0]; + memset(p, 0, 512); + p[0] = RT_H2LE_U16(0x0040); + p[1] = RT_H2LE_U16(RT_MIN(s->PCHSGeometry.cCylinders, 16383)); + p[3] = RT_H2LE_U16(s->PCHSGeometry.cHeads); + /* Block size; obsolete, but required for the BIOS. */ + p[5] = RT_H2LE_U16(s->cbSector); + p[6] = RT_H2LE_U16(s->PCHSGeometry.cSectors); + ataR3PadString((uint8_t *)(p + 10), s->szSerialNumber, ATA_SERIAL_NUMBER_LENGTH); /* serial number */ + p[20] = RT_H2LE_U16(3); /* XXX: retired, cache type */ + p[21] = RT_H2LE_U16(512); /* XXX: retired, cache size in sectors */ + p[22] = RT_H2LE_U16(0); /* ECC bytes per sector */ + ataR3PadString((uint8_t *)(p + 23), s->szFirmwareRevision, ATA_FIRMWARE_REVISION_LENGTH); /* firmware version */ + ataR3PadString((uint8_t *)(p + 27), s->szModelNumber, ATA_MODEL_NUMBER_LENGTH); /* model */ +# if ATA_MAX_MULT_SECTORS > 1 + p[47] = RT_H2LE_U16(0x8000 | ATA_MAX_MULT_SECTORS); +# endif + p[48] = RT_H2LE_U16(1); /* dword I/O, used by the BIOS */ + p[49] = RT_H2LE_U16(1 << 11 | 1 << 9 | 1 << 8); /* DMA and LBA supported */ + p[50] = RT_H2LE_U16(1 << 14); /* No drive specific standby timer minimum */ + p[51] = RT_H2LE_U16(240); /* PIO transfer cycle */ + p[52] = RT_H2LE_U16(240); /* DMA transfer cycle */ + p[53] = RT_H2LE_U16(1 | 1 << 1 | 1 << 2); /* words 54-58,64-70,88 valid */ + p[54] = RT_H2LE_U16(RT_MIN(s->XCHSGeometry.cCylinders, 16383)); + p[55] = RT_H2LE_U16(s->XCHSGeometry.cHeads); + p[56] = RT_H2LE_U16(s->XCHSGeometry.cSectors); + p[57] = RT_H2LE_U16( RT_MIN(s->XCHSGeometry.cCylinders, 16383) + * s->XCHSGeometry.cHeads + * s->XCHSGeometry.cSectors); + p[58] = RT_H2LE_U16( RT_MIN(s->XCHSGeometry.cCylinders, 16383) + * s->XCHSGeometry.cHeads + * s->XCHSGeometry.cSectors >> 16); + if (s->cMultSectors) + p[59] = RT_H2LE_U16(0x100 | s->cMultSectors); + if (s->cTotalSectors <= (1 << 28) - 1) + { + p[60] = RT_H2LE_U16(s->cTotalSectors); + p[61] = RT_H2LE_U16(s->cTotalSectors >> 16); + } + else + { + /* Report maximum number of sectors possible with LBA28 */ + p[60] = RT_H2LE_U16(((1 << 28) - 1) & 0xffff); + p[61] = RT_H2LE_U16(((1 << 28) - 1) >> 16); + } + p[63] = RT_H2LE_U16(ATA_TRANSFER_ID(ATA_MODE_MDMA, ATA_MDMA_MODE_MAX, s->uATATransferMode)); /* MDMA modes supported / mode enabled */ + p[64] = RT_H2LE_U16(ATA_PIO_MODE_MAX > 2 ? (1 << (ATA_PIO_MODE_MAX - 2)) - 1 : 0); /* PIO modes beyond PIO2 supported */ + p[65] = RT_H2LE_U16(120); /* minimum DMA multiword tx cycle time */ + p[66] = RT_H2LE_U16(120); /* recommended DMA multiword tx cycle time */ + p[67] = RT_H2LE_U16(120); /* minimum PIO cycle time without flow control */ + p[68] = RT_H2LE_U16(120); /* minimum PIO cycle time with IORDY flow control */ + if ( pDevR3->pDrvMedia->pfnDiscard + || s->cbSector != 512 + || pDevR3->pDrvMedia->pfnIsNonRotational(pDevR3->pDrvMedia)) + { + p[80] = RT_H2LE_U16(0x1f0); /* support everything up to ATA/ATAPI-8 ACS */ + p[81] = RT_H2LE_U16(0x28); /* conforms to ATA/ATAPI-8 ACS */ + } + else + { + p[80] = RT_H2LE_U16(0x7e); /* support everything up to ATA/ATAPI-6 */ + p[81] = RT_H2LE_U16(0x22); /* conforms to ATA/ATAPI-6 */ + } + p[82] = RT_H2LE_U16(1 << 3 | 1 << 5 | 1 << 6); /* supports power management, write cache and look-ahead */ + if (s->cTotalSectors <= (1 << 28) - 1) + p[83] = RT_H2LE_U16(1 << 14 | 1 << 12); /* supports FLUSH CACHE */ + else + p[83] = RT_H2LE_U16(1 << 14 | 1 << 10 | 1 << 12 | 1 << 13); /* supports LBA48, FLUSH CACHE and FLUSH CACHE EXT */ + p[84] = RT_H2LE_U16(1 << 14); + p[85] = RT_H2LE_U16(1 << 3 | 1 << 5 | 1 << 6); /* enabled power management, write cache and look-ahead */ + if (s->cTotalSectors <= (1 << 28) - 1) + p[86] = RT_H2LE_U16(1 << 12); /* enabled FLUSH CACHE */ + else + p[86] = RT_H2LE_U16(1 << 10 | 1 << 12 | 1 << 13); /* enabled LBA48, FLUSH CACHE and FLUSH CACHE EXT */ + p[87] = RT_H2LE_U16(1 << 14); + p[88] = RT_H2LE_U16(ATA_TRANSFER_ID(ATA_MODE_UDMA, ATA_UDMA_MODE_MAX, s->uATATransferMode)); /* UDMA modes supported / mode enabled */ + p[93] = RT_H2LE_U16((1 | 1 << 1) << ((s->iLUN & 1) == 0 ? 0 : 8) | 1 << 13 | 1 << 14); + if (s->cTotalSectors > (1 << 28) - 1) + { + p[100] = RT_H2LE_U16(s->cTotalSectors); + p[101] = RT_H2LE_U16(s->cTotalSectors >> 16); + p[102] = RT_H2LE_U16(s->cTotalSectors >> 32); + p[103] = RT_H2LE_U16(s->cTotalSectors >> 48); + } + + if (s->cbSector != 512) + { + uint32_t cSectorSizeInWords = s->cbSector / sizeof(uint16_t); + /* Enable reporting of logical sector size. */ + p[106] |= RT_H2LE_U16(RT_BIT(12) | RT_BIT(14)); + p[117] = RT_H2LE_U16(cSectorSizeInWords); + p[118] = RT_H2LE_U16(cSectorSizeInWords >> 16); + } + + if (pDevR3->pDrvMedia->pfnDiscard) /** @todo Set bit 14 in word 69 too? (Deterministic read after TRIM). */ + p[169] = RT_H2LE_U16(1); /* DATA SET MANAGEMENT command supported. */ + if (pDevR3->pDrvMedia->pfnIsNonRotational(pDevR3->pDrvMedia)) + p[217] = RT_H2LE_U16(1); /* Non-rotational medium */ + uint32_t uCsum = ataR3Checksum(p, 510); + p[255] = RT_H2LE_U16(0xa5 | (uCsum << 8)); /* Integrity word */ + s->iSourceSink = ATAFN_SS_NULL; + ataR3CmdOK(pCtl, s, ATA_STAT_SEEK); + return false; +} + + +/** + * Sink/Source: FLUSH + */ +static bool ataR3FlushSS(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, PATADEVSTATER3 pDevR3) +{ + int rc; + + Assert(s->uTxDir == PDMMEDIATXDIR_NONE); + Assert(!s->cbElementaryTransfer); + + ataR3LockLeave(pDevIns, pCtl); + + STAM_PROFILE_START(&s->StatFlushes, f); + rc = pDevR3->pDrvMedia->pfnFlush(pDevR3->pDrvMedia); + AssertRC(rc); + STAM_PROFILE_STOP(&s->StatFlushes, f); + + ataR3LockEnter(pDevIns, pCtl); + ataR3CmdOK(pCtl, s, 0); + return false; +} + +/** + * Sink/Source: ATAPI IDENTIFY + */ +static bool atapiR3IdentifySS(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, PATADEVSTATER3 pDevR3) +{ + uint16_t *p; + RT_NOREF(pDevIns, pDevR3); + + Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE); + Assert(s->cbElementaryTransfer == 512); + + p = (uint16_t *)&s->abIOBuffer[0]; + memset(p, 0, 512); + /* Removable CDROM, 3ms response, 12 byte packets */ + p[0] = RT_H2LE_U16(2 << 14 | 5 << 8 | 1 << 7 | 0 << 5 | 0 << 0); + ataR3PadString((uint8_t *)(p + 10), s->szSerialNumber, ATA_SERIAL_NUMBER_LENGTH); /* serial number */ + p[20] = RT_H2LE_U16(3); /* XXX: retired, cache type */ + p[21] = RT_H2LE_U16(512); /* XXX: retired, cache size in sectors */ + ataR3PadString((uint8_t *)(p + 23), s->szFirmwareRevision, ATA_FIRMWARE_REVISION_LENGTH); /* firmware version */ + ataR3PadString((uint8_t *)(p + 27), s->szModelNumber, ATA_MODEL_NUMBER_LENGTH); /* model */ + p[49] = RT_H2LE_U16(1 << 11 | 1 << 9 | 1 << 8); /* DMA and LBA supported */ + p[50] = RT_H2LE_U16(1 << 14); /* No drive specific standby timer minimum */ + p[51] = RT_H2LE_U16(240); /* PIO transfer cycle */ + p[52] = RT_H2LE_U16(240); /* DMA transfer cycle */ + p[53] = RT_H2LE_U16(1 << 1 | 1 << 2); /* words 64-70,88 are valid */ + p[63] = RT_H2LE_U16(ATA_TRANSFER_ID(ATA_MODE_MDMA, ATA_MDMA_MODE_MAX, s->uATATransferMode)); /* MDMA modes supported / mode enabled */ + p[64] = RT_H2LE_U16(ATA_PIO_MODE_MAX > 2 ? (1 << (ATA_PIO_MODE_MAX - 2)) - 1 : 0); /* PIO modes beyond PIO2 supported */ + p[65] = RT_H2LE_U16(120); /* minimum DMA multiword tx cycle time */ + p[66] = RT_H2LE_U16(120); /* recommended DMA multiword tx cycle time */ + p[67] = RT_H2LE_U16(120); /* minimum PIO cycle time without flow control */ + p[68] = RT_H2LE_U16(120); /* minimum PIO cycle time with IORDY flow control */ + p[73] = RT_H2LE_U16(0x003e); /* ATAPI CDROM major */ + p[74] = RT_H2LE_U16(9); /* ATAPI CDROM minor */ + p[75] = RT_H2LE_U16(1); /* queue depth 1 */ + p[80] = RT_H2LE_U16(0x7e); /* support everything up to ATA/ATAPI-6 */ + p[81] = RT_H2LE_U16(0x22); /* conforms to ATA/ATAPI-6 */ + p[82] = RT_H2LE_U16(1 << 4 | 1 << 9); /* supports packet command set and DEVICE RESET */ + p[83] = RT_H2LE_U16(1 << 14); + p[84] = RT_H2LE_U16(1 << 14); + p[85] = RT_H2LE_U16(1 << 4 | 1 << 9); /* enabled packet command set and DEVICE RESET */ + p[86] = RT_H2LE_U16(0); + p[87] = RT_H2LE_U16(1 << 14); + p[88] = RT_H2LE_U16(ATA_TRANSFER_ID(ATA_MODE_UDMA, ATA_UDMA_MODE_MAX, s->uATATransferMode)); /* UDMA modes supported / mode enabled */ + p[93] = RT_H2LE_U16((1 | 1 << 1) << ((s->iLUN & 1) == 0 ? 0 : 8) | 1 << 13 | 1 << 14); + /* According to ATAPI-5 spec: + * + * The use of this word is optional. + * If bits 7:0 of this word contain the signature A5h, bits 15:8 + * contain the data + * structure checksum. + * The data structure checksum is the twos complement of the sum of + * all bytes in words 0 through 254 and the byte consisting of + * bits 7:0 in word 255. + * Each byte shall be added with unsigned arithmetic, + * and overflow shall be ignored. + * The sum of all 512 bytes is zero when the checksum is correct. + */ + uint32_t uCsum = ataR3Checksum(p, 510); + p[255] = RT_H2LE_U16(0xa5 | (uCsum << 8)); /* Integrity word */ + + s->iSourceSink = ATAFN_SS_NULL; + ataR3CmdOK(pCtl, s, ATA_STAT_SEEK); + return false; +} + + +static void ataR3SetSignature(PATADEVSTATE s) +{ + s->uATARegSelect &= 0xf0; /* clear head */ + /* put signature */ + s->uATARegNSector = 1; + s->uATARegSector = 1; + if (s->fATAPI) + { + s->uATARegLCyl = 0x14; + s->uATARegHCyl = 0xeb; + } + else + { + s->uATARegLCyl = 0; + s->uATARegHCyl = 0; + } +} + + +static uint64_t ataR3GetSector(PATADEVSTATE s) +{ + uint64_t iLBA; + if (s->uATARegSelect & 0x40) + { + /* any LBA variant */ + if (s->fLBA48) + { + /* LBA48 */ + iLBA = ((uint64_t)s->uATARegHCylHOB << 40) + | ((uint64_t)s->uATARegLCylHOB << 32) + | ((uint64_t)s->uATARegSectorHOB << 24) + | ((uint64_t)s->uATARegHCyl << 16) + | ((uint64_t)s->uATARegLCyl << 8) + | s->uATARegSector; + } + else + { + /* LBA */ + iLBA = ((uint32_t)(s->uATARegSelect & 0x0f) << 24) + | ((uint32_t)s->uATARegHCyl << 16) + | ((uint32_t)s->uATARegLCyl << 8) + | s->uATARegSector; + } + } + else + { + /* CHS */ + iLBA = (((uint32_t)s->uATARegHCyl << 8) | s->uATARegLCyl) * s->XCHSGeometry.cHeads * s->XCHSGeometry.cSectors + + (s->uATARegSelect & 0x0f) * s->XCHSGeometry.cSectors + + (s->uATARegSector - 1); + LogFlowFunc(("CHS %u/%u/%u -> LBA %llu\n", ((uint32_t)s->uATARegHCyl << 8) | s->uATARegLCyl, s->uATARegSelect & 0x0f, s->uATARegSector, iLBA)); + } + return iLBA; +} + +static void ataR3SetSector(PATADEVSTATE s, uint64_t iLBA) +{ + uint32_t cyl, r; + if (s->uATARegSelect & 0x40) + { + /* any LBA variant */ + if (s->fLBA48) + { + /* LBA48 */ + s->uATARegHCylHOB = iLBA >> 40; + s->uATARegLCylHOB = iLBA >> 32; + s->uATARegSectorHOB = iLBA >> 24; + s->uATARegHCyl = iLBA >> 16; + s->uATARegLCyl = iLBA >> 8; + s->uATARegSector = iLBA; + } + else + { + /* LBA */ + s->uATARegSelect = (s->uATARegSelect & 0xf0) | (iLBA >> 24); + s->uATARegHCyl = (iLBA >> 16); + s->uATARegLCyl = (iLBA >> 8); + s->uATARegSector = (iLBA); + } + } + else + { + /* CHS */ + AssertMsgReturnVoid(s->XCHSGeometry.cHeads && s->XCHSGeometry.cSectors, ("Device geometry not set!\n")); + cyl = iLBA / (s->XCHSGeometry.cHeads * s->XCHSGeometry.cSectors); + r = iLBA % (s->XCHSGeometry.cHeads * s->XCHSGeometry.cSectors); + s->uATARegHCyl = cyl >> 8; + s->uATARegLCyl = cyl; + s->uATARegSelect = (s->uATARegSelect & 0xf0) | ((r / s->XCHSGeometry.cSectors) & 0x0f); + s->uATARegSector = (r % s->XCHSGeometry.cSectors) + 1; + LogFlowFunc(("LBA %llu -> CHS %u/%u/%u\n", iLBA, cyl, s->uATARegSelect & 0x0f, s->uATARegSector)); + } +} + + +static void ataR3WarningDiskFull(PPDMDEVINS pDevIns) +{ + int rc; + LogRel(("PIIX3 ATA: Host disk full\n")); + rc = PDMDevHlpVMSetRuntimeError(pDevIns, VMSETRTERR_FLAGS_SUSPEND | VMSETRTERR_FLAGS_NO_WAIT, "DevATA_DISKFULL", + N_("Host system reported disk full. VM execution is suspended. You can resume after freeing some space")); + AssertRC(rc); +} + +static void ataR3WarningFileTooBig(PPDMDEVINS pDevIns) +{ + int rc; + LogRel(("PIIX3 ATA: File too big\n")); + rc = PDMDevHlpVMSetRuntimeError(pDevIns, VMSETRTERR_FLAGS_SUSPEND | VMSETRTERR_FLAGS_NO_WAIT, "DevATA_FILETOOBIG", + N_("Host system reported that the file size limit of the host file system has been exceeded. VM execution is suspended. You need to move your virtual hard disk to a filesystem which allows bigger files")); + AssertRC(rc); +} + +static void ataR3WarningISCSI(PPDMDEVINS pDevIns) +{ + int rc; + LogRel(("PIIX3 ATA: iSCSI target unavailable\n")); + rc = PDMDevHlpVMSetRuntimeError(pDevIns, VMSETRTERR_FLAGS_SUSPEND | VMSETRTERR_FLAGS_NO_WAIT, "DevATA_ISCSIDOWN", + N_("The iSCSI target has stopped responding. VM execution is suspended. You can resume when it is available again")); + AssertRC(rc); +} + +static void ataR3WarningFileStale(PPDMDEVINS pDevIns) +{ + int rc; + LogRel(("PIIX3 ATA: File handle became stale\n")); + rc = PDMDevHlpVMSetRuntimeError(pDevIns, VMSETRTERR_FLAGS_SUSPEND | VMSETRTERR_FLAGS_NO_WAIT, "DevATA_FILESTALE", + N_("The file became stale (often due to a restarted NFS server). VM execution is suspended. You can resume when it is available again")); + AssertRC(rc); +} + + +static bool ataR3IsRedoSetWarning(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, int rc) +{ + Assert(!PDMDevHlpCritSectIsOwner(pDevIns, &pCtl->lock)); + if (rc == VERR_DISK_FULL) + { + pCtl->fRedoIdle = true; + ataR3WarningDiskFull(pDevIns); + return true; + } + if (rc == VERR_FILE_TOO_BIG) + { + pCtl->fRedoIdle = true; + ataR3WarningFileTooBig(pDevIns); + return true; + } + if (rc == VERR_BROKEN_PIPE || rc == VERR_NET_CONNECTION_REFUSED) + { + pCtl->fRedoIdle = true; + /* iSCSI connection abort (first error) or failure to reestablish + * connection (second error). Pause VM. On resume we'll retry. */ + ataR3WarningISCSI(pDevIns); + return true; + } + if (rc == VERR_STALE_FILE_HANDLE) + { + pCtl->fRedoIdle = true; + ataR3WarningFileStale(pDevIns); + return true; + } + if (rc == VERR_VD_DEK_MISSING) + { + /* Error message already set. */ + pCtl->fRedoIdle = true; + return true; + } + + return false; +} + + +static int ataR3ReadSectors(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, PATADEVSTATER3 pDevR3, + uint64_t u64Sector, void *pvBuf, uint32_t cSectors, bool *pfRedo) +{ + int rc; + uint32_t const cbSector = s->cbSector; + uint32_t cbToRead = cSectors * cbSector; + Assert(pvBuf == &s->abIOBuffer[0]); + AssertReturnStmt(cbToRead <= sizeof(s->abIOBuffer), *pfRedo = false, VERR_BUFFER_OVERFLOW); + + ataR3LockLeave(pDevIns, pCtl); + + STAM_PROFILE_ADV_START(&s->StatReads, r); + s->Led.Asserted.s.fReading = s->Led.Actual.s.fReading = 1; + rc = pDevR3->pDrvMedia->pfnRead(pDevR3->pDrvMedia, u64Sector * cbSector, pvBuf, cbToRead); + s->Led.Actual.s.fReading = 0; + STAM_PROFILE_ADV_STOP(&s->StatReads, r); + Log4(("ataR3ReadSectors: rc=%Rrc cSectors=%#x u64Sector=%llu\n%.*Rhxd\n", + rc, cSectors, u64Sector, cbToRead, pvBuf)); + + STAM_REL_COUNTER_ADD(&s->StatBytesRead, cbToRead); + + if (RT_SUCCESS(rc)) + *pfRedo = false; + else + *pfRedo = ataR3IsRedoSetWarning(pDevIns, pCtl, rc); + + ataR3LockEnter(pDevIns, pCtl); + return rc; +} + + +static int ataR3WriteSectors(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, PATADEVSTATER3 pDevR3, + uint64_t u64Sector, const void *pvBuf, uint32_t cSectors, bool *pfRedo) +{ + int rc; + uint32_t const cbSector = s->cbSector; + uint32_t cbToWrite = cSectors * cbSector; + Assert(pvBuf == &s->abIOBuffer[0]); + AssertReturnStmt(cbToWrite <= sizeof(s->abIOBuffer), *pfRedo = false, VERR_BUFFER_OVERFLOW); + + ataR3LockLeave(pDevIns, pCtl); + + STAM_PROFILE_ADV_START(&s->StatWrites, w); + s->Led.Asserted.s.fWriting = s->Led.Actual.s.fWriting = 1; +# ifdef VBOX_INSTRUMENT_DMA_WRITES + if (s->fDMA) + STAM_PROFILE_ADV_START(&s->StatInstrVDWrites, vw); +# endif + rc = pDevR3->pDrvMedia->pfnWrite(pDevR3->pDrvMedia, u64Sector * cbSector, pvBuf, cbToWrite); +# ifdef VBOX_INSTRUMENT_DMA_WRITES + if (s->fDMA) + STAM_PROFILE_ADV_STOP(&s->StatInstrVDWrites, vw); +# endif + s->Led.Actual.s.fWriting = 0; + STAM_PROFILE_ADV_STOP(&s->StatWrites, w); + Log4(("ataR3WriteSectors: rc=%Rrc cSectors=%#x u64Sector=%llu\n%.*Rhxd\n", + rc, cSectors, u64Sector, cbToWrite, pvBuf)); + + STAM_REL_COUNTER_ADD(&s->StatBytesWritten, cbToWrite); + + if (RT_SUCCESS(rc)) + *pfRedo = false; + else + *pfRedo = ataR3IsRedoSetWarning(pDevIns, pCtl, rc); + + ataR3LockEnter(pDevIns, pCtl); + return rc; +} + + +/** + * Begin Transfer: READ/WRITE SECTORS + */ +static void ataR3ReadWriteSectorsBT(PATACONTROLLER pCtl, PATADEVSTATE s) +{ + uint32_t const cbSector = RT_MAX(s->cbSector, 1); + uint32_t cSectors; + + cSectors = s->cbTotalTransfer / cbSector; + if (cSectors > s->cSectorsPerIRQ) + s->cbElementaryTransfer = s->cSectorsPerIRQ * cbSector; + else + s->cbElementaryTransfer = cSectors * cbSector; + if (s->uTxDir == PDMMEDIATXDIR_TO_DEVICE) + ataR3CmdOK(pCtl, s, 0); +} + + +/** + * Sink/Source: READ SECTORS + */ +static bool ataR3ReadSectorsSS(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, PATADEVSTATER3 pDevR3) +{ + uint32_t const cbSector = RT_MAX(s->cbSector, 1); + uint32_t cSectors; + uint64_t iLBA; + bool fRedo; + int rc; + + cSectors = s->cbElementaryTransfer / cbSector; + Assert(cSectors); + iLBA = s->iCurLBA; + Log(("%s: %d sectors at LBA %d\n", __FUNCTION__, cSectors, iLBA)); + rc = ataR3ReadSectors(pDevIns, pCtl, s, pDevR3, iLBA, s->abIOBuffer, cSectors, &fRedo); + if (RT_SUCCESS(rc)) + { + /* When READ SECTORS etc. finishes, the address in the task + * file register points at the last sector read, not at the next + * sector that would be read. This ensures the registers always + * contain a valid sector address. + */ + if (s->cbElementaryTransfer == s->cbTotalTransfer) + { + s->iSourceSink = ATAFN_SS_NULL; + ataR3SetSector(s, iLBA + cSectors - 1); + } + else + ataR3SetSector(s, iLBA + cSectors); + s->uATARegNSector -= cSectors; + s->iCurLBA += cSectors; + ataR3CmdOK(pCtl, s, ATA_STAT_SEEK); + } + else + { + if (fRedo) + return fRedo; + if (s->cErrors++ < MAX_LOG_REL_ERRORS) + LogRel(("PIIX3 ATA: LUN#%d: disk read error (rc=%Rrc iSector=%#RX64 cSectors=%#RX32)\n", + s->iLUN, rc, iLBA, cSectors)); + + /* + * Check if we got interrupted. We don't need to set status variables + * because the request was aborted. + */ + if (rc != VERR_INTERRUPTED) + ataR3CmdError(pCtl, s, ID_ERR); + } + return false; +} + + +/** + * Sink/Source: WRITE SECTOR + */ +static bool ataR3WriteSectorsSS(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, PATADEVSTATER3 pDevR3) +{ + uint32_t const cbSector = RT_MAX(s->cbSector, 1); + uint64_t iLBA; + uint32_t cSectors; + bool fRedo; + int rc; + + cSectors = s->cbElementaryTransfer / cbSector; + Assert(cSectors); + iLBA = s->iCurLBA; + Log(("%s: %d sectors at LBA %d\n", __FUNCTION__, cSectors, iLBA)); + rc = ataR3WriteSectors(pDevIns, pCtl, s, pDevR3, iLBA, s->abIOBuffer, cSectors, &fRedo); + if (RT_SUCCESS(rc)) + { + ataR3SetSector(s, iLBA + cSectors); + s->iCurLBA = iLBA + cSectors; + if (!s->cbTotalTransfer) + s->iSourceSink = ATAFN_SS_NULL; + ataR3CmdOK(pCtl, s, ATA_STAT_SEEK); + } + else + { + if (fRedo) + return fRedo; + if (s->cErrors++ < MAX_LOG_REL_ERRORS) + LogRel(("PIIX3 ATA: LUN#%d: disk write error (rc=%Rrc iSector=%#RX64 cSectors=%#RX32)\n", + s->iLUN, rc, iLBA, cSectors)); + + /* + * Check if we got interrupted. We don't need to set status variables + * because the request was aborted. + */ + if (rc != VERR_INTERRUPTED) + ataR3CmdError(pCtl, s, ID_ERR); + } + return false; +} + + +static void atapiR3CmdOK(PATACONTROLLER pCtl, PATADEVSTATE s) +{ + s->uATARegError = 0; + ataSetStatusValue(pCtl, s, ATA_STAT_READY); + s->uATARegNSector = (s->uATARegNSector & ~7) + | ((s->uTxDir != PDMMEDIATXDIR_TO_DEVICE) ? ATAPI_INT_REASON_IO : 0) + | (!s->cbTotalTransfer ? ATAPI_INT_REASON_CD : 0); + Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector)); + + memset(s->abATAPISense, '\0', sizeof(s->abATAPISense)); + s->abATAPISense[0] = 0x70 | (1 << 7); + s->abATAPISense[7] = 10; +} + + +static void atapiR3CmdError(PATACONTROLLER pCtl, PATADEVSTATE s, const uint8_t *pabATAPISense, size_t cbATAPISense) +{ + Log(("%s: sense=%#x (%s) asc=%#x ascq=%#x (%s)\n", __FUNCTION__, pabATAPISense[2] & 0x0f, SCSISenseText(pabATAPISense[2] & 0x0f), + pabATAPISense[12], pabATAPISense[13], SCSISenseExtText(pabATAPISense[12], pabATAPISense[13]))); + s->uATARegError = pabATAPISense[2] << 4; + ataSetStatusValue(pCtl, s, ATA_STAT_READY | ATA_STAT_ERR); + s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD; + Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector)); + memset(s->abATAPISense, '\0', sizeof(s->abATAPISense)); + memcpy(s->abATAPISense, pabATAPISense, RT_MIN(cbATAPISense, sizeof(s->abATAPISense))); + s->cbTotalTransfer = 0; + s->cbElementaryTransfer = 0; + s->cbAtapiPassthroughTransfer = 0; + s->iIOBufferCur = 0; + s->iIOBufferEnd = 0; + s->uTxDir = PDMMEDIATXDIR_NONE; + s->iBeginTransfer = ATAFN_BT_NULL; + s->iSourceSink = ATAFN_SS_NULL; +} + + +/** @todo deprecated function - doesn't provide enough info. Replace by direct + * calls to atapiR3CmdError() with full data. */ +static void atapiR3CmdErrorSimple(PATACONTROLLER pCtl, PATADEVSTATE s, uint8_t uATAPISenseKey, uint8_t uATAPIASC) +{ + uint8_t abATAPISense[ATAPI_SENSE_SIZE]; + memset(abATAPISense, '\0', sizeof(abATAPISense)); + abATAPISense[0] = 0x70 | (1 << 7); + abATAPISense[2] = uATAPISenseKey & 0x0f; + abATAPISense[7] = 10; + abATAPISense[12] = uATAPIASC; + atapiR3CmdError(pCtl, s, abATAPISense, sizeof(abATAPISense)); +} + + +/** + * Begin Transfer: ATAPI command + */ +static void atapiR3CmdBT(PATACONTROLLER pCtl, PATADEVSTATE s) +{ + s->fATAPITransfer = true; + s->cbElementaryTransfer = s->cbTotalTransfer; + s->cbAtapiPassthroughTransfer = s->cbTotalTransfer; + s->cbPIOTransferLimit = s->uATARegLCyl | (s->uATARegHCyl << 8); + if (s->uTxDir == PDMMEDIATXDIR_TO_DEVICE) + atapiR3CmdOK(pCtl, s); +} + + +/** + * Begin Transfer: ATAPI Passthrough command + */ +static void atapiR3PassthroughCmdBT(PATACONTROLLER pCtl, PATADEVSTATE s) +{ + atapiR3CmdBT(pCtl, s); +} + + +/** + * Sink/Source: READ + */ +static bool atapiR3ReadSS(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, PATADEVSTATER3 pDevR3) +{ + int rc; + uint64_t cbBlockRegion = 0; + VDREGIONDATAFORM enmDataForm; + + Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE); + uint32_t const iATAPILBA = s->iCurLBA; + uint32_t const cbTransfer = RT_MIN(s->cbTotalTransfer, RT_MIN(s->cbIOBuffer, ATA_MAX_IO_BUFFER_SIZE)); + uint32_t const cbATAPISector = s->cbATAPISector; + uint32_t const cSectors = cbTransfer / cbATAPISector; + Assert(cSectors * cbATAPISector <= cbTransfer); + Log(("%s: %d sectors at LBA %d\n", __FUNCTION__, cSectors, iATAPILBA)); + AssertLogRelReturn(cSectors * cbATAPISector <= sizeof(s->abIOBuffer), false); + + ataR3LockLeave(pDevIns, pCtl); + + rc = pDevR3->pDrvMedia->pfnQueryRegionPropertiesForLba(pDevR3->pDrvMedia, iATAPILBA, NULL, NULL, + &cbBlockRegion, &enmDataForm); + if (RT_SUCCESS(rc)) + { + STAM_PROFILE_ADV_START(&s->StatReads, r); + s->Led.Asserted.s.fReading = s->Led.Actual.s.fReading = 1; + + /* If the region block size and requested sector matches we can just pass the request through. */ + if (cbBlockRegion == cbATAPISector) + rc = pDevR3->pDrvMedia->pfnRead(pDevR3->pDrvMedia, (uint64_t)iATAPILBA * cbATAPISector, + s->abIOBuffer, cbATAPISector * cSectors); + else + { + uint32_t const iEndSector = iATAPILBA + cSectors; + ASSERT_GUEST(iEndSector >= iATAPILBA); + if (cbBlockRegion == 2048 && cbATAPISector == 2352) + { + /* Generate the sync bytes. */ + uint8_t *pbBuf = s->abIOBuffer; + + for (uint32_t i = iATAPILBA; i < iEndSector; i++) + { + /* Sync bytes, see 4.2.3.8 CD Main Channel Block Formats */ + *pbBuf++ = 0x00; + memset(pbBuf, 0xff, 10); + pbBuf += 10; + *pbBuf++ = 0x00; + /* MSF */ + scsiLBA2MSF(pbBuf, i); + pbBuf += 3; + *pbBuf++ = 0x01; /* mode 1 data */ + /* data */ + rc = pDevR3->pDrvMedia->pfnRead(pDevR3->pDrvMedia, (uint64_t)i * 2048, pbBuf, 2048); + if (RT_FAILURE(rc)) + break; + pbBuf += 2048; + /** + * @todo maybe compute ECC and parity, layout is: + * 2072 4 EDC + * 2076 172 P parity symbols + * 2248 104 Q parity symbols + */ + memset(pbBuf, 0, 280); + pbBuf += 280; + } + } + else if (cbBlockRegion == 2352 && cbATAPISector == 2048) + { + /* Read only the user data portion. */ + uint8_t *pbBuf = s->abIOBuffer; + + for (uint32_t i = iATAPILBA; i < iEndSector; i++) + { + uint8_t abTmp[2352]; + uint8_t cbSkip; + + rc = pDevR3->pDrvMedia->pfnRead(pDevR3->pDrvMedia, (uint64_t)i * 2352, &abTmp[0], 2352); + if (RT_FAILURE(rc)) + break; + + /* Mode 2 has an additional subheader before user data; we need to + * skip 16 bytes for Mode 1 (sync + header) and 20 bytes for Mode 2 + + * (sync + header + subheader). + */ + switch (enmDataForm) { + case VDREGIONDATAFORM_MODE2_2352: + case VDREGIONDATAFORM_XA_2352: + cbSkip = 24; + break; + case VDREGIONDATAFORM_MODE1_2352: + cbSkip = 16; + break; + default: + AssertMsgFailed(("Unexpected region form (%#u), using default skip value\n", enmDataForm)); + cbSkip = 16; + } + memcpy(pbBuf, &abTmp[cbSkip], 2048); + pbBuf += 2048; + } + } + else + ASSERT_GUEST_MSG_FAILED(("Unsupported: cbBlockRegion=%u cbATAPISector=%u\n", cbBlockRegion, cbATAPISector)); + } + s->Led.Actual.s.fReading = 0; + STAM_PROFILE_ADV_STOP(&s->StatReads, r); + } + + ataR3LockEnter(pDevIns, pCtl); + + if (RT_SUCCESS(rc)) + { + STAM_REL_COUNTER_ADD(&s->StatBytesRead, cbATAPISector * cSectors); + + /* The initial buffer end value has been set up based on the total + * transfer size. But the I/O buffer size limits what can actually be + * done in one transfer, so set the actual value of the buffer end. */ + s->cbElementaryTransfer = cbTransfer; + if (cbTransfer >= s->cbTotalTransfer) + s->iSourceSink = ATAFN_SS_NULL; + atapiR3CmdOK(pCtl, s); + s->iCurLBA = iATAPILBA + cSectors; + } + else + { + if (s->cErrors++ < MAX_LOG_REL_ERRORS) + LogRel(("PIIX3 ATA: LUN#%d: CD-ROM read error, %d sectors at LBA %d\n", s->iLUN, cSectors, iATAPILBA)); + + /* + * Check if we got interrupted. We don't need to set status variables + * because the request was aborted. + */ + if (rc != VERR_INTERRUPTED) + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_MEDIUM_ERROR, SCSI_ASC_READ_ERROR); + } + return false; +} + +/** + * Sets the given media track type. + */ +static uint32_t ataR3MediumTypeSet(PATADEVSTATE s, uint32_t MediaTrackType) +{ + return ASMAtomicXchgU32(&s->MediaTrackType, MediaTrackType); +} + + +/** + * Sink/Source: Passthrough + */ +static bool atapiR3PassthroughSS(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, PATADEVSTATER3 pDevR3) +{ + int rc = VINF_SUCCESS; + uint8_t abATAPISense[ATAPI_SENSE_SIZE]; + uint32_t cbTransfer; + PSTAMPROFILEADV pProf = NULL; + + cbTransfer = RT_MIN(s->cbAtapiPassthroughTransfer, RT_MIN(s->cbIOBuffer, ATA_MAX_IO_BUFFER_SIZE)); + + if (s->uTxDir == PDMMEDIATXDIR_TO_DEVICE) + Log3(("ATAPI PT data write (%d): %.*Rhxs\n", cbTransfer, cbTransfer, s->abIOBuffer)); + + /* Simple heuristics: if there is at least one sector of data + * to transfer, it's worth updating the LEDs. */ + if (cbTransfer >= 2048) + { + if (s->uTxDir != PDMMEDIATXDIR_TO_DEVICE) + { + s->Led.Asserted.s.fReading = s->Led.Actual.s.fReading = 1; + pProf = &s->StatReads; + } + else + { + s->Led.Asserted.s.fWriting = s->Led.Actual.s.fWriting = 1; + pProf = &s->StatWrites; + } + } + + ataR3LockLeave(pDevIns, pCtl); + +# if defined(LOG_ENABLED) + char szBuf[1024]; + + memset(szBuf, 0, sizeof(szBuf)); + + switch (s->abATAPICmd[0]) + { + case SCSI_MODE_SELECT_10: + { + size_t cbBlkDescLength = scsiBE2H_U16(&s->abIOBuffer[6]); + + SCSILogModePage(szBuf, sizeof(szBuf) - 1, + s->abIOBuffer + 8 + cbBlkDescLength, + cbTransfer - 8 - cbBlkDescLength); + break; + } + case SCSI_SEND_CUE_SHEET: + { + SCSILogCueSheet(szBuf, sizeof(szBuf) - 1, + s->abIOBuffer, cbTransfer); + break; + } + default: + break; + } + + Log2(("%s\n", szBuf)); +# endif + + if (pProf) { STAM_PROFILE_ADV_START(pProf, b); } + + Assert(s->cbATAPISector); + const uint32_t cbATAPISector = RT_MAX(s->cbATAPISector, 1); /* paranoia */ + const uint32_t cbIOBuffer = RT_MIN(s->cbIOBuffer, ATA_MAX_IO_BUFFER_SIZE); /* ditto */ + + if ( cbTransfer > SCSI_MAX_BUFFER_SIZE + || s->cbElementaryTransfer > cbIOBuffer) + { + /* Linux accepts commands with up to 100KB of data, but expects + * us to handle commands with up to 128KB of data. The usual + * imbalance of powers. */ + uint8_t abATAPICmd[ATAPI_PACKET_SIZE]; + uint32_t iATAPILBA, cSectors, cReqSectors, cbCurrTX; + uint8_t *pbBuf = s->abIOBuffer; + uint32_t cSectorsMax; /**< Maximum amount of sectors to read without exceeding the I/O buffer. */ + + cSectorsMax = cbTransfer / cbATAPISector; + AssertStmt(cSectorsMax * s->cbATAPISector <= cbIOBuffer, cSectorsMax = cbIOBuffer / cbATAPISector); + + switch (s->abATAPICmd[0]) + { + case SCSI_READ_10: + case SCSI_WRITE_10: + case SCSI_WRITE_AND_VERIFY_10: + iATAPILBA = scsiBE2H_U32(s->abATAPICmd + 2); + cSectors = scsiBE2H_U16(s->abATAPICmd + 7); + break; + case SCSI_READ_12: + case SCSI_WRITE_12: + iATAPILBA = scsiBE2H_U32(s->abATAPICmd + 2); + cSectors = scsiBE2H_U32(s->abATAPICmd + 6); + break; + case SCSI_READ_CD: + iATAPILBA = scsiBE2H_U32(s->abATAPICmd + 2); + cSectors = scsiBE2H_U24(s->abATAPICmd + 6); + break; + case SCSI_READ_CD_MSF: + iATAPILBA = scsiMSF2LBA(s->abATAPICmd + 3); + cSectors = scsiMSF2LBA(s->abATAPICmd + 6) - iATAPILBA; + break; + default: + AssertMsgFailed(("Don't know how to split command %#04x\n", s->abATAPICmd[0])); + if (s->cErrors++ < MAX_LOG_REL_ERRORS) + LogRel(("PIIX3 ATA: LUN#%d: CD-ROM passthrough split error\n", s->iLUN)); + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_ILLEGAL_OPCODE); + ataR3LockEnter(pDevIns, pCtl); + return false; + } + cSectorsMax = RT_MIN(cSectorsMax, cSectors); + memcpy(abATAPICmd, s->abATAPICmd, ATAPI_PACKET_SIZE); + cReqSectors = 0; + for (uint32_t i = cSectorsMax; i > 0; i -= cReqSectors) + { + if (i * cbATAPISector > SCSI_MAX_BUFFER_SIZE) + cReqSectors = SCSI_MAX_BUFFER_SIZE / cbATAPISector; + else + cReqSectors = i; + cbCurrTX = cbATAPISector * cReqSectors; + switch (s->abATAPICmd[0]) + { + case SCSI_READ_10: + case SCSI_WRITE_10: + case SCSI_WRITE_AND_VERIFY_10: + scsiH2BE_U32(abATAPICmd + 2, iATAPILBA); + scsiH2BE_U16(abATAPICmd + 7, cReqSectors); + break; + case SCSI_READ_12: + case SCSI_WRITE_12: + scsiH2BE_U32(abATAPICmd + 2, iATAPILBA); + scsiH2BE_U32(abATAPICmd + 6, cReqSectors); + break; + case SCSI_READ_CD: + scsiH2BE_U32(abATAPICmd + 2, iATAPILBA); + scsiH2BE_U24(abATAPICmd + 6, cReqSectors); + break; + case SCSI_READ_CD_MSF: + scsiLBA2MSF(abATAPICmd + 3, iATAPILBA); + scsiLBA2MSF(abATAPICmd + 6, iATAPILBA + cReqSectors); + break; + } + AssertLogRelReturn((uintptr_t)(pbBuf - &s->abIOBuffer[0]) + cbCurrTX <= sizeof(s->abIOBuffer), false); + rc = pDevR3->pDrvMedia->pfnSendCmd(pDevR3->pDrvMedia, abATAPICmd, ATAPI_PACKET_SIZE, (PDMMEDIATXDIR)s->uTxDir, + pbBuf, &cbCurrTX, abATAPISense, sizeof(abATAPISense), 30000 /**< @todo timeout */); + if (rc != VINF_SUCCESS) + break; + iATAPILBA += cReqSectors; + pbBuf += cbATAPISector * cReqSectors; + } + + if (RT_SUCCESS(rc)) + { + /* Adjust ATAPI command for the next call. */ + switch (s->abATAPICmd[0]) + { + case SCSI_READ_10: + case SCSI_WRITE_10: + case SCSI_WRITE_AND_VERIFY_10: + scsiH2BE_U32(s->abATAPICmd + 2, iATAPILBA); + scsiH2BE_U16(s->abATAPICmd + 7, cSectors - cSectorsMax); + break; + case SCSI_READ_12: + case SCSI_WRITE_12: + scsiH2BE_U32(s->abATAPICmd + 2, iATAPILBA); + scsiH2BE_U32(s->abATAPICmd + 6, cSectors - cSectorsMax); + break; + case SCSI_READ_CD: + scsiH2BE_U32(s->abATAPICmd + 2, iATAPILBA); + scsiH2BE_U24(s->abATAPICmd + 6, cSectors - cSectorsMax); + break; + case SCSI_READ_CD_MSF: + scsiLBA2MSF(s->abATAPICmd + 3, iATAPILBA); + scsiLBA2MSF(s->abATAPICmd + 6, iATAPILBA + cSectors - cSectorsMax); + break; + default: + AssertMsgFailed(("Don't know how to split command %#04x\n", s->abATAPICmd[0])); + if (s->cErrors++ < MAX_LOG_REL_ERRORS) + LogRel(("PIIX3 ATA: LUN#%d: CD-ROM passthrough split error\n", s->iLUN)); + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_ILLEGAL_OPCODE); + return false; + } + } + } + else + { + AssertLogRelReturn(cbTransfer <= sizeof(s->abIOBuffer), false); + rc = pDevR3->pDrvMedia->pfnSendCmd(pDevR3->pDrvMedia, s->abATAPICmd, ATAPI_PACKET_SIZE, (PDMMEDIATXDIR)s->uTxDir, + s->abIOBuffer, &cbTransfer, abATAPISense, sizeof(abATAPISense), 30000 /**< @todo timeout */); + } + if (pProf) { STAM_PROFILE_ADV_STOP(pProf, b); } + + ataR3LockEnter(pDevIns, pCtl); + + /* Update the LEDs and the read/write statistics. */ + if (cbTransfer >= 2048) + { + if (s->uTxDir != PDMMEDIATXDIR_TO_DEVICE) + { + s->Led.Actual.s.fReading = 0; + STAM_REL_COUNTER_ADD(&s->StatBytesRead, cbTransfer); + } + else + { + s->Led.Actual.s.fWriting = 0; + STAM_REL_COUNTER_ADD(&s->StatBytesWritten, cbTransfer); + } + } + + if (RT_SUCCESS(rc)) + { + /* Do post processing for certain commands. */ + switch (s->abATAPICmd[0]) + { + case SCSI_SEND_CUE_SHEET: + case SCSI_READ_TOC_PMA_ATIP: + { + if (!pDevR3->pTrackList) + rc = ATAPIPassthroughTrackListCreateEmpty(&pDevR3->pTrackList); + + if (RT_SUCCESS(rc)) + rc = ATAPIPassthroughTrackListUpdate(pDevR3->pTrackList, s->abATAPICmd, s->abIOBuffer, sizeof(s->abIOBuffer)); + + if ( RT_FAILURE(rc) + && s->cErrors++ < MAX_LOG_REL_ERRORS) + LogRel(("ATA: Error (%Rrc) while updating the tracklist during %s, burning the disc might fail\n", + rc, s->abATAPICmd[0] == SCSI_SEND_CUE_SHEET ? "SEND CUE SHEET" : "READ TOC/PMA/ATIP")); + break; + } + case SCSI_SYNCHRONIZE_CACHE: + { + if (pDevR3->pTrackList) + ATAPIPassthroughTrackListClear(pDevR3->pTrackList); + break; + } + } + + if (s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE) + { + /* + * Reply with the same amount of data as the real drive + * but only if the command wasn't split. + */ + if (s->cbAtapiPassthroughTransfer < cbIOBuffer) + s->cbTotalTransfer = cbTransfer; + + if ( s->abATAPICmd[0] == SCSI_INQUIRY + && s->fOverwriteInquiry) + { + /* Make sure that the real drive cannot be identified. + * Motivation: changing the VM configuration should be as + * invisible as possible to the guest. */ + Log3(("ATAPI PT inquiry data before (%d): %.*Rhxs\n", cbTransfer, cbTransfer, s->abIOBuffer)); + scsiPadStr(&s->abIOBuffer[8], "VBOX", 8); + scsiPadStr(&s->abIOBuffer[16], "CD-ROM", 16); + scsiPadStr(&s->abIOBuffer[32], "1.0", 4); + } + + if (cbTransfer) + Log3(("ATAPI PT data read (%d):\n%.*Rhxd\n", cbTransfer, cbTransfer, s->abIOBuffer)); + } + + /* The initial buffer end value has been set up based on the total + * transfer size. But the I/O buffer size limits what can actually be + * done in one transfer, so set the actual value of the buffer end. */ + Assert(cbTransfer <= s->cbAtapiPassthroughTransfer); + s->cbElementaryTransfer = cbTransfer; + s->cbAtapiPassthroughTransfer -= cbTransfer; + if (!s->cbAtapiPassthroughTransfer) + { + s->iSourceSink = ATAFN_SS_NULL; + atapiR3CmdOK(pCtl, s); + } + } + else + { + if (s->cErrors < MAX_LOG_REL_ERRORS) + { + uint8_t u8Cmd = s->abATAPICmd[0]; + do + { + /* don't log superfluous errors */ + if ( rc == VERR_DEV_IO_ERROR + && ( u8Cmd == SCSI_TEST_UNIT_READY + || u8Cmd == SCSI_READ_CAPACITY + || u8Cmd == SCSI_READ_DVD_STRUCTURE + || u8Cmd == SCSI_READ_TOC_PMA_ATIP)) + break; + s->cErrors++; + LogRel(("PIIX3 ATA: LUN#%d: CD-ROM passthrough cmd=%#04x sense=%d ASC=%#02x ASCQ=%#02x %Rrc\n", + s->iLUN, u8Cmd, abATAPISense[2] & 0x0f, abATAPISense[12], abATAPISense[13], rc)); + } while (0); + } + atapiR3CmdError(pCtl, s, abATAPISense, sizeof(abATAPISense)); + } + return false; +} + + +/** + * Begin Transfer: Read DVD structures + */ +static bool atapiR3ReadDVDStructureSS(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, PATADEVSTATER3 pDevR3) +{ + uint8_t *buf = s->abIOBuffer; + int media = s->abATAPICmd[1]; + int format = s->abATAPICmd[7]; + RT_NOREF(pDevIns, pDevR3); + + AssertCompile(sizeof(s->abIOBuffer) > UINT16_MAX /* want a RT_MIN() below, but clang takes offence at always false stuff */); + uint16_t max_len = scsiBE2H_U16(&s->abATAPICmd[8]); + memset(buf, 0, max_len); + + switch (format) { + case 0x00: + case 0x01: + case 0x02: + case 0x03: + case 0x04: + case 0x05: + case 0x06: + case 0x07: + case 0x08: + case 0x09: + case 0x0a: + case 0x0b: + case 0x0c: + case 0x0d: + case 0x0e: + case 0x0f: + case 0x10: + case 0x11: + case 0x30: + case 0x31: + case 0xff: + if (media == 0) + { + int uASC = SCSI_ASC_NONE; + + switch (format) + { + case 0x0: /* Physical format information */ + { + int layer = s->abATAPICmd[6]; + uint64_t total_sectors; + + if (layer != 0) + { + uASC = -SCSI_ASC_INV_FIELD_IN_CMD_PACKET; + break; + } + + total_sectors = s->cTotalSectors; + total_sectors >>= 2; + if (total_sectors == 0) + { + uASC = -SCSI_ASC_MEDIUM_NOT_PRESENT; + break; + } + + buf[4] = 1; /* DVD-ROM, part version 1 */ + buf[5] = 0xf; /* 120mm disc, minimum rate unspecified */ + buf[6] = 1; /* one layer, read-only (per MMC-2 spec) */ + buf[7] = 0; /* default densities */ + + /* FIXME: 0x30000 per spec? */ + scsiH2BE_U32(buf + 8, 0); /* start sector */ + scsiH2BE_U32(buf + 12, total_sectors - 1); /* end sector */ + scsiH2BE_U32(buf + 16, total_sectors - 1); /* l0 end sector */ + + /* Size of buffer, not including 2 byte size field */ + scsiH2BE_U32(&buf[0], 2048 + 2); + + /* 2k data + 4 byte header */ + uASC = (2048 + 4); + break; + } + case 0x01: /* DVD copyright information */ + buf[4] = 0; /* no copyright data */ + buf[5] = 0; /* no region restrictions */ + + /* Size of buffer, not including 2 byte size field */ + scsiH2BE_U16(buf, 4 + 2); + + /* 4 byte header + 4 byte data */ + uASC = (4 + 4); + break; + + case 0x03: /* BCA information - invalid field for no BCA info */ + uASC = -SCSI_ASC_INV_FIELD_IN_CMD_PACKET; + break; + + case 0x04: /* DVD disc manufacturing information */ + /* Size of buffer, not including 2 byte size field */ + scsiH2BE_U16(buf, 2048 + 2); + + /* 2k data + 4 byte header */ + uASC = (2048 + 4); + break; + case 0xff: + /* + * This lists all the command capabilities above. Add new ones + * in order and update the length and buffer return values. + */ + + buf[4] = 0x00; /* Physical format */ + buf[5] = 0x40; /* Not writable, is readable */ + scsiH2BE_U16((buf + 6), 2048 + 4); + + buf[8] = 0x01; /* Copyright info */ + buf[9] = 0x40; /* Not writable, is readable */ + scsiH2BE_U16((buf + 10), 4 + 4); + + buf[12] = 0x03; /* BCA info */ + buf[13] = 0x40; /* Not writable, is readable */ + scsiH2BE_U16((buf + 14), 188 + 4); + + buf[16] = 0x04; /* Manufacturing info */ + buf[17] = 0x40; /* Not writable, is readable */ + scsiH2BE_U16((buf + 18), 2048 + 4); + + /* Size of buffer, not including 2 byte size field */ + scsiH2BE_U16(buf, 16 + 2); + + /* data written + 4 byte header */ + uASC = (16 + 4); + break; + default: /** @todo formats beyond DVD-ROM requires */ + uASC = -SCSI_ASC_INV_FIELD_IN_CMD_PACKET; + } + + if (uASC < 0) + { + s->iSourceSink = ATAFN_SS_NULL; + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_ILLEGAL_REQUEST, -uASC); + return false; + } + break; + } + /** @todo BD support, fall through for now */ + RT_FALL_THRU(); + + /* Generic disk structures */ + case 0x80: /** @todo AACS volume identifier */ + case 0x81: /** @todo AACS media serial number */ + case 0x82: /** @todo AACS media identifier */ + case 0x83: /** @todo AACS media key block */ + case 0x90: /** @todo List of recognized format layers */ + case 0xc0: /** @todo Write protection status */ + default: + s->iSourceSink = ATAFN_SS_NULL; + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET); + return false; + } + + s->iSourceSink = ATAFN_SS_NULL; + atapiR3CmdOK(pCtl, s); + return false; +} + + +static bool atapiR3ReadSectors(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, + uint32_t iATAPILBA, uint32_t cSectors, uint32_t cbSector) +{ + Assert(cSectors > 0); + s->iCurLBA = iATAPILBA; + s->cbATAPISector = cbSector; + ataR3StartTransfer(pDevIns, pCtl, s, cSectors * cbSector, + PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ, true); + return false; +} + + +/** + * Sink/Source: ATAPI READ CAPACITY + */ +static bool atapiR3ReadCapacitySS(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, PATADEVSTATER3 pDevR3) +{ + uint8_t *pbBuf = s->abIOBuffer; + RT_NOREF(pDevIns, pDevR3); + + Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE); + Assert(s->cbElementaryTransfer <= 8); + scsiH2BE_U32(pbBuf, s->cTotalSectors - 1); + scsiH2BE_U32(pbBuf + 4, 2048); + s->iSourceSink = ATAFN_SS_NULL; + atapiR3CmdOK(pCtl, s); + return false; +} + + +/** + * Sink/Source: ATAPI READ DISCK INFORMATION + */ +static bool atapiR3ReadDiscInformationSS(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, PATADEVSTATER3 pDevR3) +{ + uint8_t *pbBuf = s->abIOBuffer; + RT_NOREF(pDevIns, pDevR3); + + Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE); + Assert(s->cbElementaryTransfer <= 34); + memset(pbBuf, '\0', 34); + scsiH2BE_U16(pbBuf, 32); + pbBuf[2] = (0 << 4) | (3 << 2) | (2 << 0); /* not erasable, complete session, complete disc */ + pbBuf[3] = 1; /* number of first track */ + pbBuf[4] = 1; /* number of sessions (LSB) */ + pbBuf[5] = 1; /* first track number in last session (LSB) */ + pbBuf[6] = (uint8_t)pDevR3->pDrvMedia->pfnGetRegionCount(pDevR3->pDrvMedia); /* last track number in last session (LSB) */ + pbBuf[7] = (0 << 7) | (0 << 6) | (1 << 5) | (0 << 2) | (0 << 0); /* disc id not valid, disc bar code not valid, unrestricted use, not dirty, not RW medium */ + pbBuf[8] = 0; /* disc type = CD-ROM */ + pbBuf[9] = 0; /* number of sessions (MSB) */ + pbBuf[10] = 0; /* number of sessions (MSB) */ + pbBuf[11] = 0; /* number of sessions (MSB) */ + scsiH2BE_U32(pbBuf + 16, 0xffffffff); /* last session lead-in start time is not available */ + scsiH2BE_U32(pbBuf + 20, 0xffffffff); /* last possible start time for lead-out is not available */ + s->iSourceSink = ATAFN_SS_NULL; + atapiR3CmdOK(pCtl, s); + return false; +} + + +/** + * Sink/Source: ATAPI READ TRACK INFORMATION + */ +static bool atapiR3ReadTrackInformationSS(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, PATADEVSTATER3 pDevR3) +{ + uint8_t *pbBuf = s->abIOBuffer; + uint32_t u32LogAddr = scsiBE2H_U32(&s->abATAPICmd[2]); + uint8_t u8LogAddrType = s->abATAPICmd[1] & 0x03; + RT_NOREF(pDevIns); + + int rc; + uint64_t u64LbaStart = 0; + uint32_t uRegion = 0; + uint64_t cBlocks = 0; + uint64_t cbBlock = 0; + uint8_t u8DataMode = 0xf; /* Unknown data mode. */ + uint8_t u8TrackMode = 0; + VDREGIONDATAFORM enmDataForm = VDREGIONDATAFORM_INVALID; + + Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE); + Assert(s->cbElementaryTransfer <= 36); + + switch (u8LogAddrType) + { + case 0x00: + rc = pDevR3->pDrvMedia->pfnQueryRegionPropertiesForLba(pDevR3->pDrvMedia, u32LogAddr, &uRegion, + NULL, NULL, NULL); + if (RT_SUCCESS(rc)) + rc = pDevR3->pDrvMedia->pfnQueryRegionProperties(pDevR3->pDrvMedia, uRegion, &u64LbaStart, + &cBlocks, &cbBlock, &enmDataForm); + break; + case 0x01: + { + if (u32LogAddr >= 1) + { + uRegion = u32LogAddr - 1; + rc = pDevR3->pDrvMedia->pfnQueryRegionProperties(pDevR3->pDrvMedia, uRegion, &u64LbaStart, + &cBlocks, &cbBlock, &enmDataForm); + } + else + rc = VERR_NOT_FOUND; /** @todo Return lead-in information. */ + break; + } + case 0x02: + default: + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET); + return false; + } + + if (RT_FAILURE(rc)) + { + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET); + return false; + } + + switch (enmDataForm) + { + case VDREGIONDATAFORM_MODE1_2048: + case VDREGIONDATAFORM_MODE1_2352: + case VDREGIONDATAFORM_MODE1_0: + u8DataMode = 1; + break; + case VDREGIONDATAFORM_XA_2336: + case VDREGIONDATAFORM_XA_2352: + case VDREGIONDATAFORM_XA_0: + case VDREGIONDATAFORM_MODE2_2336: + case VDREGIONDATAFORM_MODE2_2352: + case VDREGIONDATAFORM_MODE2_0: + u8DataMode = 2; + break; + default: + u8DataMode = 0xf; + } + + if (enmDataForm == VDREGIONDATAFORM_CDDA) + u8TrackMode = 0x0; + else + u8TrackMode = 0x4; + + memset(pbBuf, '\0', 36); + scsiH2BE_U16(pbBuf, 34); + pbBuf[2] = uRegion + 1; /* track number (LSB) */ + pbBuf[3] = 1; /* session number (LSB) */ + pbBuf[5] = (0 << 5) | (0 << 4) | u8TrackMode; /* not damaged, primary copy, data track */ + pbBuf[6] = (0 << 7) | (0 << 6) | (0 << 5) | (0 << 6) | u8DataMode; /* not reserved track, not blank, not packet writing, not fixed packet */ + pbBuf[7] = (0 << 1) | (0 << 0); /* last recorded address not valid, next recordable address not valid */ + scsiH2BE_U32(pbBuf + 8, (uint32_t)u64LbaStart); /* track start address is 0 */ + scsiH2BE_U32(pbBuf + 24, (uint32_t)cBlocks); /* track size */ + pbBuf[32] = 0; /* track number (MSB) */ + pbBuf[33] = 0; /* session number (MSB) */ + s->iSourceSink = ATAFN_SS_NULL; + atapiR3CmdOK(pCtl, s); + return false; +} + +static DECLCALLBACK(uint32_t) atapiR3GetConfigurationFillFeatureListProfiles(PATADEVSTATE s, uint8_t *pbBuf, size_t cbBuf) +{ + RT_NOREF(s); + if (cbBuf < 3*4) + return 0; + + scsiH2BE_U16(pbBuf, 0x0); /* feature 0: list of profiles supported */ + pbBuf[2] = (0 << 2) | (1 << 1) | (1 << 0); /* version 0, persistent, current */ + pbBuf[3] = 8; /* additional bytes for profiles */ + /* The MMC-3 spec says that DVD-ROM read capability should be reported + * before CD-ROM read capability. */ + scsiH2BE_U16(pbBuf + 4, 0x10); /* profile: read-only DVD */ + pbBuf[6] = (0 << 0); /* NOT current profile */ + scsiH2BE_U16(pbBuf + 8, 0x08); /* profile: read only CD */ + pbBuf[10] = (1 << 0); /* current profile */ + + return 3*4; /* Header + 2 profiles entries */ +} + +static DECLCALLBACK(uint32_t) atapiR3GetConfigurationFillFeatureCore(PATADEVSTATE s, uint8_t *pbBuf, size_t cbBuf) +{ + RT_NOREF(s); + if (cbBuf < 12) + return 0; + + scsiH2BE_U16(pbBuf, 0x1); /* feature 0001h: Core Feature */ + pbBuf[2] = (0x2 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */ + pbBuf[3] = 8; /* Additional length */ + scsiH2BE_U16(pbBuf + 4, 0x00000002); /* Physical interface ATAPI. */ + pbBuf[8] = RT_BIT(0); /* DBE */ + /* Rest is reserved. */ + + return 12; +} + +static DECLCALLBACK(uint32_t) atapiR3GetConfigurationFillFeatureMorphing(PATADEVSTATE s, uint8_t *pbBuf, size_t cbBuf) +{ + RT_NOREF(s); + if (cbBuf < 8) + return 0; + + scsiH2BE_U16(pbBuf, 0x2); /* feature 0002h: Morphing Feature */ + pbBuf[2] = (0x1 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */ + pbBuf[3] = 4; /* Additional length */ + pbBuf[4] = RT_BIT(1) | 0x0; /* OCEvent | !ASYNC */ + /* Rest is reserved. */ + + return 8; +} + +static DECLCALLBACK(uint32_t) atapiR3GetConfigurationFillFeatureRemovableMedium(PATADEVSTATE s, uint8_t *pbBuf, size_t cbBuf) +{ + RT_NOREF(s); + if (cbBuf < 8) + return 0; + + scsiH2BE_U16(pbBuf, 0x3); /* feature 0003h: Removable Medium Feature */ + pbBuf[2] = (0x2 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */ + pbBuf[3] = 4; /* Additional length */ + /* Tray type loading | Load | Eject | !Pvnt Jmpr | !DBML | Lock */ + pbBuf[4] = (0x2 << 5) | RT_BIT(4) | RT_BIT(3) | (0x0 << 2) | (0x0 << 1) | RT_BIT(0); + /* Rest is reserved. */ + + return 8; +} + +static DECLCALLBACK(uint32_t) atapiR3GetConfigurationFillFeatureRandomReadable (PATADEVSTATE s, uint8_t *pbBuf, size_t cbBuf) +{ + RT_NOREF(s); + if (cbBuf < 12) + return 0; + + scsiH2BE_U16(pbBuf, 0x10); /* feature 0010h: Random Readable Feature */ + pbBuf[2] = (0x0 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */ + pbBuf[3] = 8; /* Additional length */ + scsiH2BE_U32(pbBuf + 4, 2048); /* Logical block size. */ + scsiH2BE_U16(pbBuf + 8, 0x10); /* Blocking (0x10 for DVD, CD is not defined). */ + pbBuf[10] = 0; /* PP not present */ + /* Rest is reserved. */ + + return 12; +} + +static DECLCALLBACK(uint32_t) atapiR3GetConfigurationFillFeatureCDRead(PATADEVSTATE s, uint8_t *pbBuf, size_t cbBuf) +{ + RT_NOREF(s); + if (cbBuf < 8) + return 0; + + scsiH2BE_U16(pbBuf, 0x1e); /* feature 001Eh: CD Read Feature */ + pbBuf[2] = (0x2 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */ + pbBuf[3] = 0; /* Additional length */ + pbBuf[4] = (0x0 << 7) | (0x0 << 1) | 0x0; /* !DAP | !C2-Flags | !CD-Text. */ + /* Rest is reserved. */ + + return 8; +} + +static DECLCALLBACK(uint32_t) atapiR3GetConfigurationFillFeaturePowerManagement(PATADEVSTATE s, uint8_t *pbBuf, size_t cbBuf) +{ + RT_NOREF(s); + if (cbBuf < 4) + return 0; + + scsiH2BE_U16(pbBuf, 0x100); /* feature 0100h: Power Management Feature */ + pbBuf[2] = (0x0 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */ + pbBuf[3] = 0; /* Additional length */ + + return 4; +} + +static DECLCALLBACK(uint32_t) atapiR3GetConfigurationFillFeatureTimeout(PATADEVSTATE s, uint8_t *pbBuf, size_t cbBuf) +{ + RT_NOREF(s); + if (cbBuf < 8) + return 0; + + scsiH2BE_U16(pbBuf, 0x105); /* feature 0105h: Timeout Feature */ + pbBuf[2] = (0x0 << 2) | RT_BIT(1) | RT_BIT(0); /* Version | Persistent | Current */ + pbBuf[3] = 4; /* Additional length */ + pbBuf[4] = 0x0; /* !Group3 */ + + return 8; +} + +/** + * Callback to fill in the correct data for a feature. + * + * @returns Number of bytes written into the buffer. + * @param s The ATA device state. + * @param pbBuf The buffer to fill the data with. + * @param cbBuf Size of the buffer. + */ +typedef DECLCALLBACKTYPE(uint32_t, FNATAPIR3FEATUREFILL,(PATADEVSTATE s, uint8_t *pbBuf, size_t cbBuf)); +/** Pointer to a feature fill callback. */ +typedef FNATAPIR3FEATUREFILL *PFNATAPIR3FEATUREFILL; + +/** + * ATAPI feature descriptor. + */ +typedef struct ATAPIR3FEATDESC +{ + /** The feature number. */ + uint16_t u16Feat; + /** The callback to fill in the correct data. */ + PFNATAPIR3FEATUREFILL pfnFeatureFill; +} ATAPIR3FEATDESC; + +/** + * Array of known ATAPI feature descriptors. + */ +static const ATAPIR3FEATDESC s_aAtapiR3Features[] = +{ + { 0x0000, atapiR3GetConfigurationFillFeatureListProfiles}, + { 0x0001, atapiR3GetConfigurationFillFeatureCore}, + { 0x0002, atapiR3GetConfigurationFillFeatureMorphing}, + { 0x0003, atapiR3GetConfigurationFillFeatureRemovableMedium}, + { 0x0010, atapiR3GetConfigurationFillFeatureRandomReadable}, + { 0x001e, atapiR3GetConfigurationFillFeatureCDRead}, + { 0x0100, atapiR3GetConfigurationFillFeaturePowerManagement}, + { 0x0105, atapiR3GetConfigurationFillFeatureTimeout} +}; + +/** + * Sink/Source: ATAPI GET CONFIGURATION + */ +static bool atapiR3GetConfigurationSS(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, PATADEVSTATER3 pDevR3) +{ + uint32_t const cbIOBuffer = RT_MIN(s->cbIOBuffer, ATA_MAX_IO_BUFFER_SIZE); + uint8_t *pbBuf = s->abIOBuffer; + uint32_t cbBuf = cbIOBuffer; + uint32_t cbCopied = 0; + uint16_t u16Sfn = scsiBE2H_U16(&s->abATAPICmd[2]); + uint8_t u8Rt = s->abATAPICmd[1] & 0x03; + RT_NOREF(pDevIns, pDevR3); + + Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE); + Assert(s->cbElementaryTransfer <= 80); + /* Accept valid request types only. */ + if (u8Rt == 3) + { + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET); + return false; + } + memset(pbBuf, '\0', cbBuf); + /** @todo implement switching between CD-ROM and DVD-ROM profile (the only + * way to differentiate them right now is based on the image size). */ + if (s->cTotalSectors) + scsiH2BE_U16(pbBuf + 6, 0x08); /* current profile: read-only CD */ + else + scsiH2BE_U16(pbBuf + 6, 0x00); /* current profile: none -> no media */ + cbBuf -= 8; + pbBuf += 8; + + if (u8Rt == 0x2) + { + for (uint32_t i = 0; i < RT_ELEMENTS(s_aAtapiR3Features); i++) + { + if (s_aAtapiR3Features[i].u16Feat == u16Sfn) + { + cbCopied = s_aAtapiR3Features[i].pfnFeatureFill(s, pbBuf, cbBuf); + cbBuf -= cbCopied; + pbBuf += cbCopied; + break; + } + } + } + else + { + for (uint32_t i = 0; i < RT_ELEMENTS(s_aAtapiR3Features); i++) + { + if (s_aAtapiR3Features[i].u16Feat > u16Sfn) + { + cbCopied = s_aAtapiR3Features[i].pfnFeatureFill(s, pbBuf, cbBuf); + cbBuf -= cbCopied; + pbBuf += cbCopied; + } + } + } + + /* Set data length now - the field is not included in the final length. */ + scsiH2BE_U32(s->abIOBuffer, cbIOBuffer - cbBuf - 4); + + /* Other profiles we might want to add in the future: 0x40 (BD-ROM) and 0x50 (HDDVD-ROM) */ + s->iSourceSink = ATAFN_SS_NULL; + atapiR3CmdOK(pCtl, s); + return false; +} + + +/** + * Sink/Source: ATAPI GET EVENT STATUS NOTIFICATION + */ +static bool atapiR3GetEventStatusNotificationSS(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, PATADEVSTATER3 pDevR3) +{ + uint8_t *pbBuf = s->abIOBuffer; + RT_NOREF(pDevIns, pDevR3); + + Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE); + Assert(s->cbElementaryTransfer <= 8); + + if (!(s->abATAPICmd[1] & 1)) + { + /* no asynchronous operation supported */ + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET); + return false; + } + + uint32_t OldStatus, NewStatus; + do + { + OldStatus = ASMAtomicReadU32(&s->MediaEventStatus); + NewStatus = ATA_EVENT_STATUS_UNCHANGED; + switch (OldStatus) + { + case ATA_EVENT_STATUS_MEDIA_NEW: + /* mount */ + scsiH2BE_U16(pbBuf + 0, 6); + pbBuf[2] = 0x04; /* media */ + pbBuf[3] = 0x5e; /* supported = busy|media|external|power|operational */ + pbBuf[4] = 0x02; /* new medium */ + pbBuf[5] = 0x02; /* medium present / door closed */ + pbBuf[6] = 0x00; + pbBuf[7] = 0x00; + break; + + case ATA_EVENT_STATUS_MEDIA_CHANGED: + case ATA_EVENT_STATUS_MEDIA_REMOVED: + /* umount */ + scsiH2BE_U16(pbBuf + 0, 6); + pbBuf[2] = 0x04; /* media */ + pbBuf[3] = 0x5e; /* supported = busy|media|external|power|operational */ + pbBuf[4] = OldStatus == ATA_EVENT_STATUS_MEDIA_CHANGED ? 0x04 /* media changed */ : 0x03; /* media removed */ + pbBuf[5] = 0x00; /* medium absent / door closed */ + pbBuf[6] = 0x00; + pbBuf[7] = 0x00; + if (OldStatus == ATA_EVENT_STATUS_MEDIA_CHANGED) + NewStatus = ATA_EVENT_STATUS_MEDIA_NEW; + break; + + case ATA_EVENT_STATUS_MEDIA_EJECT_REQUESTED: /* currently unused */ + scsiH2BE_U16(pbBuf + 0, 6); + pbBuf[2] = 0x04; /* media */ + pbBuf[3] = 0x5e; /* supported = busy|media|external|power|operational */ + pbBuf[4] = 0x01; /* eject requested (eject button pressed) */ + pbBuf[5] = 0x02; /* medium present / door closed */ + pbBuf[6] = 0x00; + pbBuf[7] = 0x00; + break; + + case ATA_EVENT_STATUS_UNCHANGED: + default: + scsiH2BE_U16(pbBuf + 0, 6); + pbBuf[2] = 0x01; /* operational change request / notification */ + pbBuf[3] = 0x5e; /* supported = busy|media|external|power|operational */ + pbBuf[4] = 0x00; + pbBuf[5] = 0x00; + pbBuf[6] = 0x00; + pbBuf[7] = 0x00; + break; + } + } while (!ASMAtomicCmpXchgU32(&s->MediaEventStatus, NewStatus, OldStatus)); + + s->iSourceSink = ATAFN_SS_NULL; + atapiR3CmdOK(pCtl, s); + return false; +} + + +/** + * Sink/Source: ATAPI INQUIRY + */ +static bool atapiR3InquirySS(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, PATADEVSTATER3 pDevR3) +{ + uint8_t *pbBuf = s->abIOBuffer; + RT_NOREF(pDevIns, pDevR3); + + Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE); + Assert(s->cbElementaryTransfer <= 36); + pbBuf[0] = 0x05; /* CD-ROM */ + pbBuf[1] = 0x80; /* removable */ +# if 1/*ndef VBOX*/ /** @todo implement MESN + AENC. (async notification on removal and stuff.) */ + pbBuf[2] = 0x00; /* ISO */ + pbBuf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */ +# else + pbBuf[2] = 0x00; /* ISO */ + pbBuf[3] = 0x91; /* format 1, MESN=1, AENC=9 ??? */ +# endif + pbBuf[4] = 31; /* additional length */ + pbBuf[5] = 0; /* reserved */ + pbBuf[6] = 0; /* reserved */ + pbBuf[7] = 0; /* reserved */ + scsiPadStr(pbBuf + 8, s->szInquiryVendorId, 8); + scsiPadStr(pbBuf + 16, s->szInquiryProductId, 16); + scsiPadStr(pbBuf + 32, s->szInquiryRevision, 4); + s->iSourceSink = ATAFN_SS_NULL; + atapiR3CmdOK(pCtl, s); + return false; +} + + +/** + * Sink/Source: ATAPI MODE SENSE ERROR RECOVERY + */ +static bool atapiR3ModeSenseErrorRecoverySS(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, PATADEVSTATER3 pDevR3) +{ + uint8_t *pbBuf = s->abIOBuffer; + RT_NOREF(pDevIns, pDevR3); + + Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE); + Assert(s->cbElementaryTransfer <= 16); + scsiH2BE_U16(&pbBuf[0], 16 + 6); + pbBuf[2] = (uint8_t)s->MediaTrackType; + pbBuf[3] = 0; + pbBuf[4] = 0; + pbBuf[5] = 0; + pbBuf[6] = 0; + pbBuf[7] = 0; + + pbBuf[8] = 0x01; + pbBuf[9] = 0x06; + pbBuf[10] = 0x00; /* Maximum error recovery */ + pbBuf[11] = 0x05; /* 5 retries */ + pbBuf[12] = 0x00; + pbBuf[13] = 0x00; + pbBuf[14] = 0x00; + pbBuf[15] = 0x00; + s->iSourceSink = ATAFN_SS_NULL; + atapiR3CmdOK(pCtl, s); + return false; +} + + +/** + * Sink/Source: ATAPI MODE SENSE CD STATUS + */ +static bool atapiR3ModeSenseCDStatusSS(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, PATADEVSTATER3 pDevR3) +{ + uint8_t *pbBuf = s->abIOBuffer; + RT_NOREF(pDevIns); + + /* 28 bytes of total returned data corresponds to ATAPI 2.6. Note that at least some versions + * of NEC_IDE.SYS DOS driver (possibly other Oak Technology OTI-011 drivers) do not correctly + * handle cases where more than 28 bytes are returned due to bugs. See @bugref{5869}. + */ + Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE); + Assert(s->cbElementaryTransfer <= 28); + scsiH2BE_U16(&pbBuf[0], 26); + pbBuf[2] = (uint8_t)s->MediaTrackType; + pbBuf[3] = 0; + pbBuf[4] = 0; + pbBuf[5] = 0; + pbBuf[6] = 0; + pbBuf[7] = 0; + + pbBuf[8] = 0x2a; + pbBuf[9] = 18; /* page length */ + pbBuf[10] = 0x08; /* DVD-ROM read support */ + pbBuf[11] = 0x00; /* no write support */ + /* The following claims we support audio play. This is obviously false, + * but the Linux generic CDROM support makes many features depend on this + * capability. If it's not set, this causes many things to be disabled. */ + pbBuf[12] = 0x71; /* multisession support, mode 2 form 1/2 support, audio play */ + pbBuf[13] = 0x00; /* no subchannel reads supported */ + pbBuf[14] = (1 << 0) | (1 << 3) | (1 << 5); /* lock supported, eject supported, tray type loading mechanism */ + if (pDevR3->pDrvMount && pDevR3->pDrvMount->pfnIsLocked(pDevR3->pDrvMount)) + pbBuf[14] |= 1 << 1; /* report lock state */ + pbBuf[15] = 0; /* no subchannel reads supported, no separate audio volume control, no changer etc. */ + scsiH2BE_U16(&pbBuf[16], 5632); /* (obsolete) claim 32x speed support */ + scsiH2BE_U16(&pbBuf[18], 2); /* number of audio volume levels */ + scsiH2BE_U16(&pbBuf[20], RT_MIN(s->cbIOBuffer, ATA_MAX_IO_BUFFER_SIZE) / _1K); /* buffer size supported in Kbyte */ + scsiH2BE_U16(&pbBuf[22], 5632); /* (obsolete) current read speed 32x */ + pbBuf[24] = 0; /* reserved */ + pbBuf[25] = 0; /* reserved for digital audio (see idx 15) */ + pbBuf[26] = 0; /* reserved */ + pbBuf[27] = 0; /* reserved */ + s->iSourceSink = ATAFN_SS_NULL; + atapiR3CmdOK(pCtl, s); + return false; +} + + +/** + * Sink/Source: ATAPI REQUEST SENSE + */ +static bool atapiR3RequestSenseSS(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, PATADEVSTATER3 pDevR3) +{ + uint8_t *pbBuf = s->abIOBuffer; + RT_NOREF(pDevIns, pDevR3); + + Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE); + memset(pbBuf, '\0', RT_MIN(s->cbElementaryTransfer, sizeof(s->abIOBuffer))); + AssertCompile(sizeof(s->abIOBuffer) >= sizeof(s->abATAPISense)); + memcpy(pbBuf, s->abATAPISense, RT_MIN(s->cbElementaryTransfer, sizeof(s->abATAPISense))); + s->iSourceSink = ATAFN_SS_NULL; + atapiR3CmdOK(pCtl, s); + return false; +} + + +/** + * Sink/Source: ATAPI MECHANISM STATUS + */ +static bool atapiR3MechanismStatusSS(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, PATADEVSTATER3 pDevR3) +{ + uint8_t *pbBuf = s->abIOBuffer; + RT_NOREF(pDevIns, pDevR3); + + Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE); + Assert(s->cbElementaryTransfer <= 8); + scsiH2BE_U16(pbBuf, 0); + /* no current LBA */ + pbBuf[2] = 0; + pbBuf[3] = 0; + pbBuf[4] = 0; + pbBuf[5] = 1; + scsiH2BE_U16(pbBuf + 6, 0); + s->iSourceSink = ATAFN_SS_NULL; + atapiR3CmdOK(pCtl, s); + return false; +} + + +/** + * Sink/Source: ATAPI READ TOC NORMAL + */ +static bool atapiR3ReadTOCNormalSS(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, PATADEVSTATER3 pDevR3) +{ + uint8_t *pbBuf = s->abIOBuffer; + uint8_t *q; + uint8_t iStartTrack; + bool fMSF; + uint32_t cbSize; + RT_NOREF(pDevIns); + + /* Track fields are 8-bit and 1-based, so cut the track count at 255, + avoiding any potential buffer overflow issues below. */ + uint32_t cTracks = pDevR3->pDrvMedia->pfnGetRegionCount(pDevR3->pDrvMedia); + AssertStmt(cTracks <= UINT8_MAX, cTracks = UINT8_MAX); + AssertCompile(sizeof(s->abIOBuffer) >= 2 + 256 + 8); + + Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE); + fMSF = (s->abATAPICmd[1] >> 1) & 1; + iStartTrack = s->abATAPICmd[6]; + if (iStartTrack == 0) + iStartTrack = 1; + + if (iStartTrack > cTracks && iStartTrack != 0xaa) + { + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET); + return false; + } + q = pbBuf + 2; + *q++ = iStartTrack; /* first track number */ + *q++ = cTracks; /* last track number */ + for (uint32_t iTrack = iStartTrack; iTrack <= cTracks; iTrack++) + { + uint64_t uLbaStart = 0; + VDREGIONDATAFORM enmDataForm = VDREGIONDATAFORM_MODE1_2048; + + int rc = pDevR3->pDrvMedia->pfnQueryRegionProperties(pDevR3->pDrvMedia, iTrack - 1, &uLbaStart, + NULL, NULL, &enmDataForm); + AssertRC(rc); + + *q++ = 0; /* reserved */ + + if (enmDataForm == VDREGIONDATAFORM_CDDA) + *q++ = 0x10; /* ADR, control */ + else + *q++ = 0x14; /* ADR, control */ + + *q++ = (uint8_t)iTrack; /* track number */ + *q++ = 0; /* reserved */ + if (fMSF) + { + *q++ = 0; /* reserved */ + scsiLBA2MSF(q, (uint32_t)uLbaStart); + q += 3; + } + else + { + /* sector 0 */ + scsiH2BE_U32(q, (uint32_t)uLbaStart); + q += 4; + } + } + /* lead out track */ + *q++ = 0; /* reserved */ + *q++ = 0x14; /* ADR, control */ + *q++ = 0xaa; /* track number */ + *q++ = 0; /* reserved */ + + /* Query start and length of last track to get the start of the lead out track. */ + uint64_t uLbaStart = 0; + uint64_t cBlocks = 0; + + int rc = pDevR3->pDrvMedia->pfnQueryRegionProperties(pDevR3->pDrvMedia, cTracks - 1, &uLbaStart, + &cBlocks, NULL, NULL); + AssertRC(rc); + + uLbaStart += cBlocks; + if (fMSF) + { + *q++ = 0; /* reserved */ + scsiLBA2MSF(q, (uint32_t)uLbaStart); + q += 3; + } + else + { + scsiH2BE_U32(q, (uint32_t)uLbaStart); + q += 4; + } + cbSize = q - pbBuf; + scsiH2BE_U16(pbBuf, cbSize - 2); + if (cbSize < s->cbTotalTransfer) + s->cbTotalTransfer = cbSize; + s->iSourceSink = ATAFN_SS_NULL; + atapiR3CmdOK(pCtl, s); + return false; +} + + +/** + * Sink/Source: ATAPI READ TOC MULTI + */ +static bool atapiR3ReadTOCMultiSS(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, PATADEVSTATER3 pDevR3) +{ + uint8_t *pbBuf = s->abIOBuffer; + bool fMSF; + RT_NOREF(pDevIns); + + Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE); + Assert(s->cbElementaryTransfer <= 12); + fMSF = (s->abATAPICmd[1] >> 1) & 1; + /* multi session: only a single session defined */ + /** @todo double-check this stuff against what a real drive says for a CD-ROM (not a CD-R) + * with only a single data session. Maybe solve the problem with "cdrdao read-toc" not being + * able to figure out whether numbers are in BCD or hex. */ + memset(pbBuf, 0, 12); + pbBuf[1] = 0x0a; + pbBuf[2] = 0x01; + pbBuf[3] = 0x01; + + VDREGIONDATAFORM enmDataForm = VDREGIONDATAFORM_MODE1_2048; + int rc = pDevR3->pDrvMedia->pfnQueryRegionProperties(pDevR3->pDrvMedia, 0, NULL, NULL, NULL, &enmDataForm); + AssertRC(rc); + + if (enmDataForm == VDREGIONDATAFORM_CDDA) + pbBuf[5] = 0x10; /* ADR, control */ + else + pbBuf[5] = 0x14; /* ADR, control */ + + pbBuf[6] = 1; /* first track in last complete session */ + if (fMSF) + { + pbBuf[8] = 0; /* reserved */ + scsiLBA2MSF(&pbBuf[9], 0); + } + else + { + /* sector 0 */ + scsiH2BE_U32(pbBuf + 8, 0); + } + s->iSourceSink = ATAFN_SS_NULL; + atapiR3CmdOK(pCtl, s); + return false; +} + + +/** + * Sink/Source: ATAPI READ TOC RAW + */ +static bool atapiR3ReadTOCRawSS(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, PATADEVSTATER3 pDevR3) +{ + uint8_t *pbBuf = s->abIOBuffer; + uint8_t *q; + uint8_t iStartTrack; + bool fMSF; + uint32_t cbSize; + RT_NOREF(pDevIns, pDevR3); + + Assert(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE); + fMSF = (s->abATAPICmd[1] >> 1) & 1; + iStartTrack = s->abATAPICmd[6]; + + q = pbBuf + 2; + *q++ = 1; /* first session */ + *q++ = 1; /* last session */ + + *q++ = 1; /* session number */ + *q++ = 0x14; /* data track */ + *q++ = 0; /* track number */ + *q++ = 0xa0; /* first track in program area */ + *q++ = 0; /* min */ + *q++ = 0; /* sec */ + *q++ = 0; /* frame */ + *q++ = 0; + *q++ = 1; /* first track */ + *q++ = 0x00; /* disk type CD-DA or CD data */ + *q++ = 0; + + *q++ = 1; /* session number */ + *q++ = 0x14; /* data track */ + *q++ = 0; /* track number */ + *q++ = 0xa1; /* last track in program area */ + *q++ = 0; /* min */ + *q++ = 0; /* sec */ + *q++ = 0; /* frame */ + *q++ = 0; + *q++ = 1; /* last track */ + *q++ = 0; + *q++ = 0; + + *q++ = 1; /* session number */ + *q++ = 0x14; /* data track */ + *q++ = 0; /* track number */ + *q++ = 0xa2; /* lead-out */ + *q++ = 0; /* min */ + *q++ = 0; /* sec */ + *q++ = 0; /* frame */ + if (fMSF) + { + *q++ = 0; /* reserved */ + scsiLBA2MSF(q, s->cTotalSectors); + q += 3; + } + else + { + scsiH2BE_U32(q, s->cTotalSectors); + q += 4; + } + + *q++ = 1; /* session number */ + *q++ = 0x14; /* ADR, control */ + *q++ = 0; /* track number */ + *q++ = 1; /* point */ + *q++ = 0; /* min */ + *q++ = 0; /* sec */ + *q++ = 0; /* frame */ + if (fMSF) + { + *q++ = 0; /* reserved */ + scsiLBA2MSF(q, 0); + q += 3; + } + else + { + /* sector 0 */ + scsiH2BE_U32(q, 0); + q += 4; + } + + cbSize = q - pbBuf; + scsiH2BE_U16(pbBuf, cbSize - 2); + if (cbSize < s->cbTotalTransfer) + s->cbTotalTransfer = cbSize; + s->iSourceSink = ATAFN_SS_NULL; + atapiR3CmdOK(pCtl, s); + return false; +} + + +static void atapiR3ParseCmdVirtualATAPI(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, PATADEVSTATER3 pDevR3) +{ + const uint8_t *pbPacket = s->abATAPICmd; + uint32_t cbMax; + uint32_t cSectors, iATAPILBA; + + switch (pbPacket[0]) + { + case SCSI_TEST_UNIT_READY: + if (s->cNotifiedMediaChange > 0) + { + if (s->cNotifiedMediaChange-- > 2) + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT); + else + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */ + } + else + { + PPDMIMOUNT const pDrvMount = pDevR3->pDrvMount; + if (pDrvMount && pDrvMount->pfnIsMounted(pDrvMount)) + atapiR3CmdOK(pCtl, s); + else + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT); + } + break; + case SCSI_GET_EVENT_STATUS_NOTIFICATION: + cbMax = scsiBE2H_U16(pbPacket + 7); + ataR3StartTransfer(pDevIns, pCtl, s, RT_MIN(cbMax, 8), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_GET_EVENT_STATUS_NOTIFICATION, true); + break; + case SCSI_MODE_SENSE_10: + { + uint8_t uPageControl, uPageCode; + cbMax = scsiBE2H_U16(pbPacket + 7); + uPageControl = pbPacket[2] >> 6; + uPageCode = pbPacket[2] & 0x3f; + switch (uPageControl) + { + case SCSI_PAGECONTROL_CURRENT: + switch (uPageCode) + { + case SCSI_MODEPAGE_ERROR_RECOVERY: + ataR3StartTransfer(pDevIns, pCtl, s, RT_MIN(cbMax, 16), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_MODE_SENSE_ERROR_RECOVERY, true); + break; + case SCSI_MODEPAGE_CD_STATUS: + ataR3StartTransfer(pDevIns, pCtl, s, RT_MIN(cbMax, 28), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_MODE_SENSE_CD_STATUS, true); + break; + default: + goto error_cmd; + } + break; + case SCSI_PAGECONTROL_CHANGEABLE: + goto error_cmd; + case SCSI_PAGECONTROL_DEFAULT: + goto error_cmd; + default: + case SCSI_PAGECONTROL_SAVED: + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_SAVING_PARAMETERS_NOT_SUPPORTED); + break; + } + break; + } + case SCSI_REQUEST_SENSE: + cbMax = pbPacket[4]; + ataR3StartTransfer(pDevIns, pCtl, s, RT_MIN(cbMax, 18), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_REQUEST_SENSE, true); + break; + case SCSI_PREVENT_ALLOW_MEDIUM_REMOVAL: + { + PPDMIMOUNT const pDrvMount = pDevR3->pDrvMount; + if (pDrvMount && pDrvMount->pfnIsMounted(pDrvMount)) + { + if (pbPacket[4] & 1) + pDrvMount->pfnLock(pDrvMount); + else + pDrvMount->pfnUnlock(pDrvMount); + atapiR3CmdOK(pCtl, s); + } + else + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT); + break; + } + case SCSI_READ_10: + case SCSI_READ_12: + { + if (s->cNotifiedMediaChange > 0) + { + s->cNotifiedMediaChange-- ; + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */ + break; + } + if (!pDevR3->pDrvMount || !pDevR3->pDrvMount->pfnIsMounted(pDevR3->pDrvMount)) + { + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT); + break; + } + if (pbPacket[0] == SCSI_READ_10) + cSectors = scsiBE2H_U16(pbPacket + 7); + else + cSectors = scsiBE2H_U32(pbPacket + 6); + iATAPILBA = scsiBE2H_U32(pbPacket + 2); + + if (cSectors == 0) + { + atapiR3CmdOK(pCtl, s); + break; + } + + /* Check that the sector size is valid. */ + VDREGIONDATAFORM enmDataForm = VDREGIONDATAFORM_INVALID; + int rc = pDevR3->pDrvMedia->pfnQueryRegionPropertiesForLba(pDevR3->pDrvMedia, iATAPILBA, + NULL, NULL, NULL, &enmDataForm); + if (RT_UNLIKELY( rc == VERR_NOT_FOUND + || ((uint64_t)iATAPILBA + cSectors > s->cTotalSectors))) + { + /* Rate limited logging, one log line per second. For + * guests that insist on reading from places outside the + * valid area this often generates too many release log + * entries otherwise. */ + static uint64_t uLastLogTS = 0; + if (RTTimeMilliTS() >= uLastLogTS + 1000) + { + LogRel(("PIIX3 ATA: LUN#%d: CD-ROM block number %Ld invalid (READ)\n", s->iLUN, (uint64_t)iATAPILBA + cSectors)); + uLastLogTS = RTTimeMilliTS(); + } + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_LOGICAL_BLOCK_OOR); + break; + } + else if ( enmDataForm != VDREGIONDATAFORM_MODE1_2048 + && enmDataForm != VDREGIONDATAFORM_MODE1_2352 + && enmDataForm != VDREGIONDATAFORM_MODE2_2336 + && enmDataForm != VDREGIONDATAFORM_MODE2_2352 + && enmDataForm != VDREGIONDATAFORM_RAW) + { + uint8_t abATAPISense[ATAPI_SENSE_SIZE]; + RT_ZERO(abATAPISense); + + abATAPISense[0] = 0x70 | (1 << 7); + abATAPISense[2] = (SCSI_SENSE_ILLEGAL_REQUEST & 0x0f) | SCSI_SENSE_FLAG_ILI; + scsiH2BE_U32(&abATAPISense[3], iATAPILBA); + abATAPISense[7] = 10; + abATAPISense[12] = SCSI_ASC_ILLEGAL_MODE_FOR_THIS_TRACK; + atapiR3CmdError(pCtl, s, &abATAPISense[0], sizeof(abATAPISense)); + break; + } + atapiR3ReadSectors(pDevIns, pCtl, s, iATAPILBA, cSectors, 2048); + break; + } + case SCSI_READ_CD_MSF: + case SCSI_READ_CD: + { + if (s->cNotifiedMediaChange > 0) + { + s->cNotifiedMediaChange-- ; + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */ + break; + } + if (!pDevR3->pDrvMount || !pDevR3->pDrvMount->pfnIsMounted(pDevR3->pDrvMount)) + { + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT); + break; + } + if ((pbPacket[10] & 0x7) != 0) + { + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET); + break; + } + if (pbPacket[0] == SCSI_READ_CD) + { + cSectors = (pbPacket[6] << 16) | (pbPacket[7] << 8) | pbPacket[8]; + iATAPILBA = scsiBE2H_U32(pbPacket + 2); + } + else /* READ CD MSF */ + { + iATAPILBA = scsiMSF2LBA(pbPacket + 3); + if (iATAPILBA > scsiMSF2LBA(pbPacket + 6)) + { + Log2(("Start MSF %02u:%02u:%02u > end MSF %02u:%02u:%02u!\n", *(pbPacket + 3), *(pbPacket + 4), *(pbPacket + 5), + *(pbPacket + 6), *(pbPacket + 7), *(pbPacket + 8))); + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET); + break; + } + cSectors = scsiMSF2LBA(pbPacket + 6) - iATAPILBA; + Log2(("Start MSF %02u:%02u:%02u -> LBA %u\n", *(pbPacket + 3), *(pbPacket + 4), *(pbPacket + 5), iATAPILBA)); + Log2(("End MSF %02u:%02u:%02u -> %u sectors\n", *(pbPacket + 6), *(pbPacket + 7), *(pbPacket + 8), cSectors)); + } + if (cSectors == 0) + { + atapiR3CmdOK(pCtl, s); + break; + } + if ((uint64_t)iATAPILBA + cSectors > s->cTotalSectors) + { + /* Rate limited logging, one log line per second. For + * guests that insist on reading from places outside the + * valid area this often generates too many release log + * entries otherwise. */ + static uint64_t uLastLogTS = 0; + if (RTTimeMilliTS() >= uLastLogTS + 1000) + { + LogRel(("PIIX3 ATA: LUN#%d: CD-ROM block number %Ld invalid (READ CD)\n", s->iLUN, (uint64_t)iATAPILBA + cSectors)); + uLastLogTS = RTTimeMilliTS(); + } + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_LOGICAL_BLOCK_OOR); + break; + } + /* + * If the LBA is in an audio track we are required to ignore pretty much all + * of the channel selection values (except 0x00) and map everything to 0x10 + * which means read user data with a sector size of 2352 bytes. + * + * (MMC-6 chapter 6.19.2.6) + */ + uint8_t uChnSel = pbPacket[9] & 0xf8; + VDREGIONDATAFORM enmDataForm; + int rc = pDevR3->pDrvMedia->pfnQueryRegionPropertiesForLba(pDevR3->pDrvMedia, iATAPILBA, + NULL, NULL, NULL, &enmDataForm); + AssertRC(rc); + + if (enmDataForm == VDREGIONDATAFORM_CDDA) + { + if (uChnSel == 0) + { + /* nothing */ + atapiR3CmdOK(pCtl, s); + } + else + atapiR3ReadSectors(pDevIns, pCtl, s, iATAPILBA, cSectors, 2352); + } + else + { + switch (uChnSel) + { + case 0x00: + /* nothing */ + atapiR3CmdOK(pCtl, s); + break; + case 0x10: + /* normal read */ + atapiR3ReadSectors(pDevIns, pCtl, s, iATAPILBA, cSectors, 2048); + break; + case 0xf8: + /* read all data */ + atapiR3ReadSectors(pDevIns, pCtl, s, iATAPILBA, cSectors, 2352); + break; + default: + LogRel(("PIIX3 ATA: LUN#%d: CD-ROM sector format not supported (%#x)\n", s->iLUN, pbPacket[9] & 0xf8)); + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET); + break; + } + } + break; + } + case SCSI_SEEK_10: + { + if (s->cNotifiedMediaChange > 0) + { + s->cNotifiedMediaChange-- ; + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */ + break; + } + if (!pDevR3->pDrvMount || !pDevR3->pDrvMount->pfnIsMounted(pDevR3->pDrvMount)) + { + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT); + break; + } + iATAPILBA = scsiBE2H_U32(pbPacket + 2); + if (iATAPILBA > s->cTotalSectors) + { + /* Rate limited logging, one log line per second. For + * guests that insist on seeking to places outside the + * valid area this often generates too many release log + * entries otherwise. */ + static uint64_t uLastLogTS = 0; + if (RTTimeMilliTS() >= uLastLogTS + 1000) + { + LogRel(("PIIX3 ATA: LUN#%d: CD-ROM block number %Ld invalid (SEEK)\n", s->iLUN, (uint64_t)iATAPILBA)); + uLastLogTS = RTTimeMilliTS(); + } + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_LOGICAL_BLOCK_OOR); + break; + } + atapiR3CmdOK(pCtl, s); + ataSetStatus(pCtl, s, ATA_STAT_SEEK); /* Linux expects this. Required by ATAPI 2.x when seek completes. */ + break; + } + case SCSI_START_STOP_UNIT: + { + int rc = VINF_SUCCESS; + switch (pbPacket[4] & 3) + { + case 0: /* 00 - Stop motor */ + case 1: /* 01 - Start motor */ + break; + case 2: /* 10 - Eject media */ + { + /* This must be done from EMT. */ + PATASTATER3 pThisCC = PDMDEVINS_2_DATA_CC(pDevIns, PATASTATER3); + PPDMIMOUNT pDrvMount = pDevR3->pDrvMount; + if (pDrvMount) + { + ataR3LockLeave(pDevIns, pCtl); + + rc = PDMDevHlpVMReqPriorityCallWait(pDevIns, VMCPUID_ANY, + (PFNRT)pDrvMount->pfnUnmount, 3, + pDrvMount, false /*=fForce*/, true /*=fEject*/); + Assert(RT_SUCCESS(rc) || rc == VERR_PDM_MEDIA_LOCKED || rc == VERR_PDM_MEDIA_NOT_MOUNTED); + if (RT_SUCCESS(rc) && pThisCC->pMediaNotify) + { + rc = PDMDevHlpVMReqCallNoWait(pDevIns, VMCPUID_ANY, + (PFNRT)pThisCC->pMediaNotify->pfnEjected, 2, + pThisCC->pMediaNotify, s->iLUN); + AssertRC(rc); + } + + ataR3LockEnter(pDevIns, pCtl); + } + else + rc = VINF_SUCCESS; + break; + } + case 3: /* 11 - Load media */ + /** @todo rc = pDevR3->pDrvMount->pfnLoadMedia(pDevR3->pDrvMount) */ + break; + } + if (RT_SUCCESS(rc)) + { + atapiR3CmdOK(pCtl, s); + ataSetStatus(pCtl, s, ATA_STAT_SEEK); /* Needed by NT 3.51/4.0, see @bugref{5869}. */ + } + else + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIA_LOAD_OR_EJECT_FAILED); + break; + } + case SCSI_MECHANISM_STATUS: + { + cbMax = scsiBE2H_U16(pbPacket + 8); + ataR3StartTransfer(pDevIns, pCtl, s, RT_MIN(cbMax, 8), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_MECHANISM_STATUS, true); + break; + } + case SCSI_READ_TOC_PMA_ATIP: + { + uint8_t format; + + if (s->cNotifiedMediaChange > 0) + { + s->cNotifiedMediaChange-- ; + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */ + break; + } + if (!pDevR3->pDrvMount || !pDevR3->pDrvMount->pfnIsMounted(pDevR3->pDrvMount)) + { + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT); + break; + } + cbMax = scsiBE2H_U16(pbPacket + 7); + /* SCSI MMC-3 spec says format is at offset 2 (lower 4 bits), + * but Linux kernel uses offset 9 (topmost 2 bits). Hope that + * the other field is clear... */ + format = (pbPacket[2] & 0xf) | (pbPacket[9] >> 6); + switch (format) + { + case 0: + ataR3StartTransfer(pDevIns, pCtl, s, cbMax, PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_TOC_NORMAL, true); + break; + case 1: + ataR3StartTransfer(pDevIns, pCtl, s, RT_MIN(cbMax, 12), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_TOC_MULTI, true); + break; + case 2: + ataR3StartTransfer(pDevIns, pCtl, s, cbMax, PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_TOC_RAW, true); + break; + default: + error_cmd: + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_INV_FIELD_IN_CMD_PACKET); + break; + } + break; + } + case SCSI_READ_CAPACITY: + if (s->cNotifiedMediaChange > 0) + { + s->cNotifiedMediaChange-- ; + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */ + break; + } + if (!pDevR3->pDrvMount || !pDevR3->pDrvMount->pfnIsMounted(pDevR3->pDrvMount)) + { + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT); + break; + } + ataR3StartTransfer(pDevIns, pCtl, s, 8, PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_CAPACITY, true); + break; + case SCSI_READ_DISC_INFORMATION: + if (s->cNotifiedMediaChange > 0) + { + s->cNotifiedMediaChange-- ; + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */ + break; + } + if (!pDevR3->pDrvMount || !pDevR3->pDrvMount->pfnIsMounted(pDevR3->pDrvMount)) + { + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT); + break; + } + cbMax = scsiBE2H_U16(pbPacket + 7); + ataR3StartTransfer(pDevIns, pCtl, s, RT_MIN(cbMax, 34), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_DISC_INFORMATION, true); + break; + case SCSI_READ_TRACK_INFORMATION: + if (s->cNotifiedMediaChange > 0) + { + s->cNotifiedMediaChange-- ; + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_UNIT_ATTENTION, SCSI_ASC_MEDIUM_MAY_HAVE_CHANGED); /* media changed */ + break; + } + if (!pDevR3->pDrvMount || !pDevR3->pDrvMount->pfnIsMounted(pDevR3->pDrvMount)) + { + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_NOT_READY, SCSI_ASC_MEDIUM_NOT_PRESENT); + break; + } + cbMax = scsiBE2H_U16(pbPacket + 7); + ataR3StartTransfer(pDevIns, pCtl, s, RT_MIN(cbMax, 36), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_TRACK_INFORMATION, true); + break; + case SCSI_GET_CONFIGURATION: + /* No media change stuff here, it can confuse Linux guests. */ + cbMax = scsiBE2H_U16(pbPacket + 7); + ataR3StartTransfer(pDevIns, pCtl, s, RT_MIN(cbMax, 80), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_GET_CONFIGURATION, true); + break; + case SCSI_INQUIRY: + cbMax = scsiBE2H_U16(pbPacket + 3); + ataR3StartTransfer(pDevIns, pCtl, s, RT_MIN(cbMax, 36), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_INQUIRY, true); + break; + case SCSI_READ_DVD_STRUCTURE: + cbMax = scsiBE2H_U16(pbPacket + 8); + ataR3StartTransfer(pDevIns, pCtl, s, RT_MIN(cbMax, 4), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_READ_DVD_STRUCTURE, true); + break; + default: + atapiR3CmdErrorSimple(pCtl, s, SCSI_SENSE_ILLEGAL_REQUEST, SCSI_ASC_ILLEGAL_OPCODE); + break; + } +} + + +/* + * Parse ATAPI commands, passing them directly to the CD/DVD drive. + */ +static void atapiR3ParseCmdPassthrough(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, PATADEVSTATER3 pDevR3) +{ + const uint8_t *pbPacket = &s->abATAPICmd[0]; + + /* Some cases we have to handle here. */ + if ( pbPacket[0] == SCSI_GET_EVENT_STATUS_NOTIFICATION + && ASMAtomicReadU32(&s->MediaEventStatus) != ATA_EVENT_STATUS_UNCHANGED) + { + uint32_t cbTransfer = scsiBE2H_U16(pbPacket + 7); + ataR3StartTransfer(pDevIns, pCtl, s, RT_MIN(cbTransfer, 8), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_GET_EVENT_STATUS_NOTIFICATION, true); + } + else if ( pbPacket[0] == SCSI_REQUEST_SENSE + && (s->abATAPISense[2] & 0x0f) != SCSI_SENSE_NONE) + ataR3StartTransfer(pDevIns, pCtl, s, RT_MIN(pbPacket[4], 18), PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_ATAPI_CMD, ATAFN_SS_ATAPI_REQUEST_SENSE, true); + else + { + size_t cbBuf = 0; + size_t cbATAPISector = 0; + size_t cbTransfer = 0; + PDMMEDIATXDIR uTxDir = PDMMEDIATXDIR_NONE; + uint8_t u8ScsiSts = SCSI_STATUS_OK; + + if (pbPacket[0] == SCSI_FORMAT_UNIT || pbPacket[0] == SCSI_GET_PERFORMANCE) + cbBuf = s->uATARegLCyl | (s->uATARegHCyl << 8); /* use ATAPI transfer length */ + + bool fPassthrough = ATAPIPassthroughParseCdb(pbPacket, sizeof(s->abATAPICmd), cbBuf, pDevR3->pTrackList, + &s->abATAPISense[0], sizeof(s->abATAPISense), &uTxDir, &cbTransfer, + &cbATAPISector, &u8ScsiSts); + if (fPassthrough) + { + s->cbATAPISector = (uint32_t)cbATAPISector; + Assert(s->cbATAPISector == (uint32_t)cbATAPISector); + Assert(cbTransfer == (uint32_t)cbTransfer); + + /* + * Send a command to the drive, passing data in/out as required. + * Commands which exceed the I/O buffer size are split below + * or aborted if splitting is not implemented. + */ + Log2(("ATAPI PT: max size %d\n", cbTransfer)); + if (cbTransfer == 0) + uTxDir = PDMMEDIATXDIR_NONE; + ataR3StartTransfer(pDevIns, pCtl, s, (uint32_t)cbTransfer, uTxDir, ATAFN_BT_ATAPI_PASSTHROUGH_CMD, ATAFN_SS_ATAPI_PASSTHROUGH, true); + } + else if (u8ScsiSts == SCSI_STATUS_CHECK_CONDITION) + { + /* Sense data is already set, end the request and notify the guest. */ + Log(("%s: sense=%#x (%s) asc=%#x ascq=%#x (%s)\n", __FUNCTION__, s->abATAPISense[2] & 0x0f, SCSISenseText(s->abATAPISense[2] & 0x0f), + s->abATAPISense[12], s->abATAPISense[13], SCSISenseExtText(s->abATAPISense[12], s->abATAPISense[13]))); + s->uATARegError = s->abATAPISense[2] << 4; + ataSetStatusValue(pCtl, s, ATA_STAT_READY | ATA_STAT_ERR); + s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD; + Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector)); + s->cbTotalTransfer = 0; + s->cbElementaryTransfer = 0; + s->cbAtapiPassthroughTransfer = 0; + s->iIOBufferCur = 0; + s->iIOBufferEnd = 0; + s->uTxDir = PDMMEDIATXDIR_NONE; + s->iBeginTransfer = ATAFN_BT_NULL; + s->iSourceSink = ATAFN_SS_NULL; + } + else if (u8ScsiSts == SCSI_STATUS_OK) + atapiR3CmdOK(pCtl, s); + } +} + + +static void atapiR3ParseCmd(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, PATADEVSTATER3 pDevR3) +{ + const uint8_t *pbPacket; + + pbPacket = s->abATAPICmd; +# ifdef DEBUG + Log(("%s: LUN#%d DMA=%d CMD=%#04x \"%s\"\n", __FUNCTION__, s->iLUN, s->fDMA, pbPacket[0], SCSICmdText(pbPacket[0]))); +# else /* !DEBUG */ + Log(("%s: LUN#%d DMA=%d CMD=%#04x\n", __FUNCTION__, s->iLUN, s->fDMA, pbPacket[0])); +# endif /* !DEBUG */ + Log2(("%s: limit=%#x packet: %.*Rhxs\n", __FUNCTION__, s->uATARegLCyl | (s->uATARegHCyl << 8), ATAPI_PACKET_SIZE, pbPacket)); + + if (s->fATAPIPassthrough) + atapiR3ParseCmdPassthrough(pDevIns, pCtl, s, pDevR3); + else + atapiR3ParseCmdVirtualATAPI(pDevIns, pCtl, s, pDevR3); +} + + +/** + * Sink/Source: PACKET + */ +static bool ataR3PacketSS(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, PATADEVSTATER3 pDevR3) +{ + s->fDMA = !!(s->uATARegFeature & 1); + memcpy(s->abATAPICmd, s->abIOBuffer, ATAPI_PACKET_SIZE); + s->uTxDir = PDMMEDIATXDIR_NONE; + s->cbTotalTransfer = 0; + s->cbElementaryTransfer = 0; + s->cbAtapiPassthroughTransfer = 0; + atapiR3ParseCmd(pDevIns, pCtl, s, pDevR3); + return false; +} + + +/** + * SCSI_GET_EVENT_STATUS_NOTIFICATION should return "medium removed" event + * from now on, regardless if there was a medium inserted or not. + */ +static void ataR3MediumRemoved(PATADEVSTATE s) +{ + ASMAtomicWriteU32(&s->MediaEventStatus, ATA_EVENT_STATUS_MEDIA_REMOVED); +} + + +/** + * SCSI_GET_EVENT_STATUS_NOTIFICATION should return "medium inserted". If + * there was already a medium inserted, don't forget to send the "medium + * removed" event first. + */ +static void ataR3MediumInserted(PATADEVSTATE s) +{ + uint32_t OldStatus, NewStatus; + do + { + OldStatus = ASMAtomicReadU32(&s->MediaEventStatus); + switch (OldStatus) + { + case ATA_EVENT_STATUS_MEDIA_CHANGED: + case ATA_EVENT_STATUS_MEDIA_REMOVED: + /* no change, we will send "medium removed" + "medium inserted" */ + NewStatus = ATA_EVENT_STATUS_MEDIA_CHANGED; + break; + default: + NewStatus = ATA_EVENT_STATUS_MEDIA_NEW; + break; + } + } while (!ASMAtomicCmpXchgU32(&s->MediaEventStatus, NewStatus, OldStatus)); +} + + +/** + * @interface_method_impl{PDMIMOUNTNOTIFY,pfnMountNotify} + */ +static DECLCALLBACK(void) ataR3MountNotify(PPDMIMOUNTNOTIFY pInterface) +{ + PATADEVSTATER3 pIfR3 = RT_FROM_MEMBER(pInterface, ATADEVSTATER3, IMountNotify); + PATASTATE pThis = PDMDEVINS_2_DATA(pIfR3->pDevIns, PATASTATE); + PATADEVSTATE pIf = &RT_SAFE_SUBSCRIPT(RT_SAFE_SUBSCRIPT(pThis->aCts, pIfR3->iCtl).aIfs, pIfR3->iDev); + Log(("%s: changing LUN#%d\n", __FUNCTION__, pIfR3->iLUN)); + + /* Ignore the call if we're called while being attached. */ + if (!pIfR3->pDrvMedia) + return; + + uint32_t cRegions = pIfR3->pDrvMedia->pfnGetRegionCount(pIfR3->pDrvMedia); + for (uint32_t i = 0; i < cRegions; i++) + { + uint64_t cBlocks = 0; + int rc = pIfR3->pDrvMedia->pfnQueryRegionProperties(pIfR3->pDrvMedia, i, NULL, &cBlocks, NULL, NULL); + AssertRC(rc); + pIf->cTotalSectors += cBlocks; + } + + LogRel(("PIIX3 ATA: LUN#%d: CD/DVD, total number of sectors %Ld, passthrough unchanged\n", pIf->iLUN, pIf->cTotalSectors)); + + /* Report media changed in TEST UNIT and other (probably incorrect) places. */ + if (pIf->cNotifiedMediaChange < 2) + pIf->cNotifiedMediaChange = 1; + ataR3MediumInserted(pIf); + ataR3MediumTypeSet(pIf, ATA_MEDIA_TYPE_UNKNOWN); +} + +/** + * @interface_method_impl{PDMIMOUNTNOTIFY,pfnUnmountNotify} + */ +static DECLCALLBACK(void) ataR3UnmountNotify(PPDMIMOUNTNOTIFY pInterface) +{ + PATADEVSTATER3 pIfR3 = RT_FROM_MEMBER(pInterface, ATADEVSTATER3, IMountNotify); + PATASTATE pThis = PDMDEVINS_2_DATA(pIfR3->pDevIns, PATASTATE); + PATADEVSTATE pIf = &RT_SAFE_SUBSCRIPT(RT_SAFE_SUBSCRIPT(pThis->aCts, pIfR3->iCtl).aIfs, pIfR3->iDev); + Log(("%s:\n", __FUNCTION__)); + pIf->cTotalSectors = 0; + + /* + * Whatever I do, XP will not use the GET MEDIA STATUS nor the EVENT stuff. + * However, it will respond to TEST UNIT with a 0x6 0x28 (media changed) sense code. + * So, we'll give it 4 TEST UNIT command to catch up, two which the media is not + * present and 2 in which it is changed. + */ + pIf->cNotifiedMediaChange = 1; + ataR3MediumRemoved(pIf); + ataR3MediumTypeSet(pIf, ATA_MEDIA_NO_DISC); +} + +/** + * Begin Transfer: PACKET + */ +static void ataR3PacketBT(PATACONTROLLER pCtl, PATADEVSTATE s) +{ + s->cbElementaryTransfer = s->cbTotalTransfer; + s->cbAtapiPassthroughTransfer = s->cbTotalTransfer; + s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_CD; + Log2(("%s: interrupt reason %#04x\n", __FUNCTION__, s->uATARegNSector)); + ataSetStatusValue(pCtl, s, ATA_STAT_READY); +} + + +static void ataR3ResetDevice(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s) +{ + LogFlowFunc(("\n")); + s->cMultSectors = ATA_MAX_MULT_SECTORS; + s->cNotifiedMediaChange = 0; + ASMAtomicWriteU32(&s->MediaEventStatus, ATA_EVENT_STATUS_UNCHANGED); + ASMAtomicWriteU32(&s->MediaTrackType, ATA_MEDIA_TYPE_UNKNOWN); + ataUnsetIRQ(pDevIns, pCtl, s); + + s->uATARegSelect = 0x20; + ataSetStatusValue(pCtl, s, ATA_STAT_READY | ATA_STAT_SEEK); + ataR3SetSignature(s); + s->cbTotalTransfer = 0; + s->cbElementaryTransfer = 0; + s->cbAtapiPassthroughTransfer = 0; + s->iIOBufferPIODataStart = 0; + s->iIOBufferPIODataEnd = 0; + s->iBeginTransfer = ATAFN_BT_NULL; + s->iSourceSink = ATAFN_SS_NULL; + s->fDMA = false; + s->fATAPITransfer = false; + s->uATATransferMode = ATA_MODE_UDMA | 2; /* PIIX3 supports only up to UDMA2 */ + + s->XCHSGeometry = s->PCHSGeometry; /* Restore default CHS translation. */ + + s->uATARegFeature = 0; +} + + +static void ataR3DeviceDiag(PATACONTROLLER pCtl, PATADEVSTATE s) +{ + ataR3SetSignature(s); + if (s->fATAPI) + ataSetStatusValue(pCtl, s, 0); /* NOTE: READY is _not_ set */ + else + ataSetStatusValue(pCtl, s, ATA_STAT_READY | ATA_STAT_SEEK); + s->uATARegError = 0x01; +} + + +/** + * Sink/Source: EXECUTE DEVICE DIAGNOTIC + */ +static bool ataR3ExecuteDeviceDiagnosticSS(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, PATADEVSTATER3 pDevR3) +{ + RT_NOREF(pDevIns, s, pDevR3); + + /* EXECUTE DEVICE DIAGNOSTIC is a very special command which always + * gets executed, regardless of which device is selected. As a side + * effect, it always completes with device 0 selected. + */ + for (uint32_t i = 0; i < RT_ELEMENTS(pCtl->aIfs); i++) + ataR3DeviceDiag(pCtl, &pCtl->aIfs[i]); + + LogRel(("ATA: LUN#%d: EXECUTE DEVICE DIAGNOSTIC, status %02X\n", s->iLUN, s->uATARegStatus)); + pCtl->iSelectedIf = 0; + + return false; +} + + +/** + * Sink/Source: INITIALIZE DEVICE PARAMETERS + */ +static bool ataR3InitDevParmSS(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, PATADEVSTATER3 pDevR3) +{ + RT_NOREF(pDevR3); + LogFlowFunc(("\n")); + + /* Technical Note: + * On ST506 type drives with a separate controller, the INITIALIZE DRIVE PARAMETERS command was + * required to inform the controller of drive geometry. The controller needed to know the + * number of heads and sectors per track so that it could correctly advance to the next track + * or cylinder when executing multi-sector commands. Setting a geometry that didn't match the + * drive made very little sense because sectors had fixed CHS addresses. It was at best + * possible to reduce the drive's capacity by limiting the number of heads and/or sectors + * per track. + * + * IDE drives inherently have to know their true geometry, but most of them also support + * programmable translation that can be set through the INITIALIZE DEVICE PARAMETERS command. + * In fact most older IDE drives typically weren't operated using their default (native) geometry, + * and with newer IDE drives that's not even an option. + * + * Up to and including ATA-5, the standard defined a CHS to LBA translation (since ATA-6, CHS + * support is optional): + * + * LBA = (((cyl_num * heads_per_cyl) + head_num) * sectors_per_track) + sector_num - 1 + * + * The INITIALIZE DEVICE PARAMETERS command sets the heads_per_cyl and sectors_per_track + * values used in the above formula. + * + * Drives must obviously support an INITIALIZE DRIVE PARAMETERS command matching the drive's + * default CHS translation. Everything else is optional. + * + * We support any geometry with non-zero sectors per track because there's no reason not to; + * this behavior is common in many if not most IDE drives. + */ + + PDMMEDIAGEOMETRY Geom = { 0 }; + + Geom.cHeads = (s->uATARegSelect & 0x0f) + 1; /* Effective range 1-16. */ + Geom.cSectors = s->uATARegNSector; /* Range 0-255, zero is not valid. */ + + if (Geom.cSectors) + { + uint64_t cCylinders = s->cTotalSectors / (Geom.cHeads * Geom.cSectors); + Geom.cCylinders = RT_MAX(RT_MIN(cCylinders, 16383), 1); + + s->XCHSGeometry = Geom; + + ataR3LockLeave(pDevIns, pCtl); + LogRel(("ATA: LUN#%d: INITIALIZE DEVICE PARAMETERS: %u sectors per track, %u heads\n", + s->iLUN, s->uATARegNSector, (s->uATARegSelect & 0x0f) + 1)); + RTThreadSleep(pCtl->msDelayIRQ); + ataR3LockEnter(pDevIns, pCtl); + ataR3CmdOK(pCtl, s, ATA_STAT_SEEK); + } + else + { + ataR3LockLeave(pDevIns, pCtl); + LogRel(("ATA: LUN#%d: INITIALIZE DEVICE PARAMETERS error (zero sectors per track)!\n", s->iLUN)); + RTThreadSleep(pCtl->msDelayIRQ); + ataR3LockEnter(pDevIns, pCtl); + ataR3CmdError(pCtl, s, ABRT_ERR); + } + return false; +} + + +/** + * Sink/Source: RECALIBRATE + */ +static bool ataR3RecalibrateSS(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, PATADEVSTATER3 pDevR3) +{ + RT_NOREF(pDevR3); + LogFlowFunc(("\n")); + ataR3LockLeave(pDevIns, pCtl); + RTThreadSleep(pCtl->msDelayIRQ); + ataR3LockEnter(pDevIns, pCtl); + ataR3CmdOK(pCtl, s, ATA_STAT_SEEK); + return false; +} + + +static int ataR3TrimSectors(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, PATADEVSTATER3 pDevR3, + uint64_t u64Sector, uint32_t cSectors, bool *pfRedo) +{ + RTRANGE TrimRange; + int rc; + + ataR3LockLeave(pDevIns, pCtl); + + TrimRange.offStart = u64Sector * s->cbSector; + TrimRange.cbRange = cSectors * s->cbSector; + + s->Led.Asserted.s.fWriting = s->Led.Actual.s.fWriting = 1; + rc = pDevR3->pDrvMedia->pfnDiscard(pDevR3->pDrvMedia, &TrimRange, 1); + s->Led.Actual.s.fWriting = 0; + + if (RT_SUCCESS(rc)) + *pfRedo = false; + else + *pfRedo = ataR3IsRedoSetWarning(pDevIns, pCtl, rc); + + ataR3LockEnter(pDevIns, pCtl); + return rc; +} + + +/** + * Sink/Source: TRIM + */ +static bool ataR3TrimSS(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, PATADEVSTATER3 pDevR3) +{ + int rc = VERR_GENERAL_FAILURE; + uint32_t cRangesMax; + uint64_t *pu64Range = (uint64_t *)&s->abIOBuffer[0]; + bool fRedo = false; + + cRangesMax = RT_MIN(s->cbElementaryTransfer, sizeof(s->abIOBuffer)) / sizeof(uint64_t); + Assert(cRangesMax); + + while (cRangesMax-- > 0) + { + if (ATA_RANGE_LENGTH_GET(*pu64Range) == 0) + break; + + rc = ataR3TrimSectors(pDevIns, pCtl, s, pDevR3, *pu64Range & ATA_RANGE_LBA_MASK, + ATA_RANGE_LENGTH_GET(*pu64Range), &fRedo); + if (RT_FAILURE(rc)) + break; + + pu64Range++; + } + + if (RT_SUCCESS(rc)) + { + s->iSourceSink = ATAFN_SS_NULL; + ataR3CmdOK(pCtl, s, ATA_STAT_SEEK); + } + else + { + if (fRedo) + return fRedo; + if (s->cErrors++ < MAX_LOG_REL_ERRORS) + LogRel(("PIIX3 ATA: LUN#%d: disk trim error (rc=%Rrc iSector=%#RX64 cSectors=%#RX32)\n", + s->iLUN, rc, *pu64Range & ATA_RANGE_LBA_MASK, ATA_RANGE_LENGTH_GET(*pu64Range))); + + /* + * Check if we got interrupted. We don't need to set status variables + * because the request was aborted. + */ + if (rc != VERR_INTERRUPTED) + ataR3CmdError(pCtl, s, ID_ERR); + } + + return false; +} + + +static void ataR3ParseCmd(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s, PATADEVSTATER3 pDevR3, uint8_t cmd) +{ +# ifdef DEBUG + Log(("%s: LUN#%d CMD=%#04x \"%s\"\n", __FUNCTION__, s->iLUN, cmd, ATACmdText(cmd))); +# else /* !DEBUG */ + Log(("%s: LUN#%d CMD=%#04x\n", __FUNCTION__, s->iLUN, cmd)); +# endif /* !DEBUG */ + s->fLBA48 = false; + s->fDMA = false; + if (cmd == ATA_IDLE_IMMEDIATE) + { + /* Detect Linux timeout recovery, first tries IDLE IMMEDIATE (which + * would overwrite the failing command unfortunately), then RESET. */ + int32_t uCmdWait = -1; + uint64_t uNow = RTTimeNanoTS(); + if (s->u64CmdTS) + uCmdWait = (uNow - s->u64CmdTS) / 1000; + LogRel(("PIIX3 ATA: LUN#%d: IDLE IMMEDIATE, CmdIf=%#04x (%d usec ago)\n", + s->iLUN, s->uATARegCommand, uCmdWait)); + } + s->uATARegCommand = cmd; + switch (cmd) + { + case ATA_IDENTIFY_DEVICE: + if (pDevR3->pDrvMedia && !s->fATAPI) + ataR3StartTransfer(pDevIns, pCtl, s, 512, PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_NULL, ATAFN_SS_IDENTIFY, false); + else + { + if (s->fATAPI) + ataR3SetSignature(s); + ataR3CmdError(pCtl, s, ABRT_ERR); + ataUnsetStatus(pCtl, s, ATA_STAT_READY); + ataHCSetIRQ(pDevIns, pCtl, s); /* Shortcut, do not use AIO thread. */ + } + break; + case ATA_RECALIBRATE: + if (s->fATAPI) + goto abort_cmd; + ataR3StartTransfer(pDevIns, pCtl, s, 0, PDMMEDIATXDIR_NONE, ATAFN_BT_NULL, ATAFN_SS_RECALIBRATE, false); + break; + case ATA_INITIALIZE_DEVICE_PARAMETERS: + if (s->fATAPI) + goto abort_cmd; + ataR3StartTransfer(pDevIns, pCtl, s, 0, PDMMEDIATXDIR_NONE, ATAFN_BT_NULL, ATAFN_SS_INITIALIZE_DEVICE_PARAMETERS, false); + break; + case ATA_SET_MULTIPLE_MODE: + if ( s->uATARegNSector != 0 + && ( s->uATARegNSector > ATA_MAX_MULT_SECTORS + || (s->uATARegNSector & (s->uATARegNSector - 1)) != 0)) + { + ataR3CmdError(pCtl, s, ABRT_ERR); + } + else + { + Log2(("%s: set multi sector count to %d\n", __FUNCTION__, s->uATARegNSector)); + s->cMultSectors = s->uATARegNSector; + ataR3CmdOK(pCtl, s, ATA_STAT_SEEK); + } + ataHCSetIRQ(pDevIns, pCtl, s); /* Shortcut, do not use AIO thread. */ + break; + case ATA_READ_VERIFY_SECTORS_EXT: + s->fLBA48 = true; + RT_FALL_THRU(); + case ATA_READ_VERIFY_SECTORS: + case ATA_READ_VERIFY_SECTORS_WITHOUT_RETRIES: + /* do sector number check ? */ + ataR3CmdOK(pCtl, s, ATA_STAT_SEEK); + ataHCSetIRQ(pDevIns, pCtl, s); /* Shortcut, do not use AIO thread. */ + break; + case ATA_READ_SECTORS_EXT: + s->fLBA48 = true; + RT_FALL_THRU(); + case ATA_READ_SECTORS: + case ATA_READ_SECTORS_WITHOUT_RETRIES: + if (!pDevR3->pDrvMedia || s->fATAPI) + goto abort_cmd; + s->cSectorsPerIRQ = 1; + s->iCurLBA = ataR3GetSector(s); + ataR3StartTransfer(pDevIns, pCtl, s, ataR3GetNSectors(s) * s->cbSector, PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_READ_SECTORS, false); + break; + case ATA_WRITE_SECTORS_EXT: + s->fLBA48 = true; + RT_FALL_THRU(); + case ATA_WRITE_SECTORS: + case ATA_WRITE_SECTORS_WITHOUT_RETRIES: + if (!pDevR3->pDrvMedia || s->fATAPI) + goto abort_cmd; + s->cSectorsPerIRQ = 1; + s->iCurLBA = ataR3GetSector(s); + ataR3StartTransfer(pDevIns, pCtl, s, ataR3GetNSectors(s) * s->cbSector, PDMMEDIATXDIR_TO_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_WRITE_SECTORS, false); + break; + case ATA_READ_MULTIPLE_EXT: + s->fLBA48 = true; + RT_FALL_THRU(); + case ATA_READ_MULTIPLE: + if (!pDevR3->pDrvMedia || !s->cMultSectors || s->fATAPI) + goto abort_cmd; + s->cSectorsPerIRQ = s->cMultSectors; + s->iCurLBA = ataR3GetSector(s); + ataR3StartTransfer(pDevIns, pCtl, s, ataR3GetNSectors(s) * s->cbSector, PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_READ_SECTORS, false); + break; + case ATA_WRITE_MULTIPLE_EXT: + s->fLBA48 = true; + RT_FALL_THRU(); + case ATA_WRITE_MULTIPLE: + if (!pDevR3->pDrvMedia || !s->cMultSectors || s->fATAPI) + goto abort_cmd; + s->cSectorsPerIRQ = s->cMultSectors; + s->iCurLBA = ataR3GetSector(s); + ataR3StartTransfer(pDevIns, pCtl, s, ataR3GetNSectors(s) * s->cbSector, PDMMEDIATXDIR_TO_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_WRITE_SECTORS, false); + break; + case ATA_READ_DMA_EXT: + s->fLBA48 = true; + RT_FALL_THRU(); + case ATA_READ_DMA: + case ATA_READ_DMA_WITHOUT_RETRIES: + if (!pDevR3->pDrvMedia || s->fATAPI) + goto abort_cmd; + s->cSectorsPerIRQ = ATA_MAX_MULT_SECTORS; + s->iCurLBA = ataR3GetSector(s); + s->fDMA = true; + ataR3StartTransfer(pDevIns, pCtl, s, ataR3GetNSectors(s) * s->cbSector, PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_READ_SECTORS, false); + break; + case ATA_WRITE_DMA_EXT: + s->fLBA48 = true; + RT_FALL_THRU(); + case ATA_WRITE_DMA: + case ATA_WRITE_DMA_WITHOUT_RETRIES: + if (!pDevR3->pDrvMedia || s->fATAPI) + goto abort_cmd; + s->cSectorsPerIRQ = ATA_MAX_MULT_SECTORS; + s->iCurLBA = ataR3GetSector(s); + s->fDMA = true; + ataR3StartTransfer(pDevIns, pCtl, s, ataR3GetNSectors(s) * s->cbSector, PDMMEDIATXDIR_TO_DEVICE, ATAFN_BT_READ_WRITE_SECTORS, ATAFN_SS_WRITE_SECTORS, false); + break; + case ATA_READ_NATIVE_MAX_ADDRESS_EXT: + if (!pDevR3->pDrvMedia || s->fATAPI) + goto abort_cmd; + s->fLBA48 = true; + ataR3SetSector(s, s->cTotalSectors - 1); + ataR3CmdOK(pCtl, s, ATA_STAT_SEEK); + ataHCSetIRQ(pDevIns, pCtl, s); /* Shortcut, do not use AIO thread. */ + break; + case ATA_SEEK: /* Used by the SCO OpenServer. Command is marked as obsolete */ + ataR3CmdOK(pCtl, s, ATA_STAT_SEEK); + ataHCSetIRQ(pDevIns, pCtl, s); /* Shortcut, do not use AIO thread. */ + break; + case ATA_READ_NATIVE_MAX_ADDRESS: + if (!pDevR3->pDrvMedia || s->fATAPI) + goto abort_cmd; + ataR3SetSector(s, RT_MIN(s->cTotalSectors, 1 << 28) - 1); + ataR3CmdOK(pCtl, s, ATA_STAT_SEEK); + ataHCSetIRQ(pDevIns, pCtl, s); /* Shortcut, do not use AIO thread. */ + break; + case ATA_CHECK_POWER_MODE: + s->uATARegNSector = 0xff; /* drive active or idle */ + ataR3CmdOK(pCtl, s, 0); + ataHCSetIRQ(pDevIns, pCtl, s); /* Shortcut, do not use AIO thread. */ + break; + case ATA_SET_FEATURES: + Log2(("%s: feature=%#x\n", __FUNCTION__, s->uATARegFeature)); + if (!pDevR3->pDrvMedia) + goto abort_cmd; + switch (s->uATARegFeature) + { + case 0x02: /* write cache enable */ + Log2(("%s: write cache enable\n", __FUNCTION__)); + ataR3CmdOK(pCtl, s, ATA_STAT_SEEK); + ataHCSetIRQ(pDevIns, pCtl, s); /* Shortcut, do not use AIO thread. */ + break; + case 0xaa: /* read look-ahead enable */ + Log2(("%s: read look-ahead enable\n", __FUNCTION__)); + ataR3CmdOK(pCtl, s, ATA_STAT_SEEK); + ataHCSetIRQ(pDevIns, pCtl, s); /* Shortcut, do not use AIO thread. */ + break; + case 0x55: /* read look-ahead disable */ + Log2(("%s: read look-ahead disable\n", __FUNCTION__)); + ataR3CmdOK(pCtl, s, ATA_STAT_SEEK); + ataHCSetIRQ(pDevIns, pCtl, s); /* Shortcut, do not use AIO thread. */ + break; + case 0xcc: /* reverting to power-on defaults enable */ + Log2(("%s: revert to power-on defaults enable\n", __FUNCTION__)); + ataR3CmdOK(pCtl, s, ATA_STAT_SEEK); + ataHCSetIRQ(pDevIns, pCtl, s); /* Shortcut, do not use AIO thread. */ + break; + case 0x66: /* reverting to power-on defaults disable */ + Log2(("%s: revert to power-on defaults disable\n", __FUNCTION__)); + ataR3CmdOK(pCtl, s, ATA_STAT_SEEK); + ataHCSetIRQ(pDevIns, pCtl, s); /* Shortcut, do not use AIO thread. */ + break; + case 0x82: /* write cache disable */ + Log2(("%s: write cache disable\n", __FUNCTION__)); + /* As per the ATA/ATAPI-6 specs, a write cache disable + * command MUST flush the write buffers to disc. */ + ataR3StartTransfer(pDevIns, pCtl, s, 0, PDMMEDIATXDIR_NONE, ATAFN_BT_NULL, ATAFN_SS_FLUSH, false); + break; + case 0x03: { /* set transfer mode */ + Log2(("%s: transfer mode %#04x\n", __FUNCTION__, s->uATARegNSector)); + switch (s->uATARegNSector & 0xf8) + { + case 0x00: /* PIO default */ + case 0x08: /* PIO mode */ + break; + case ATA_MODE_MDMA: /* MDMA mode */ + s->uATATransferMode = (s->uATARegNSector & 0xf8) | RT_MIN(s->uATARegNSector & 0x07, ATA_MDMA_MODE_MAX); + break; + case ATA_MODE_UDMA: /* UDMA mode */ + s->uATATransferMode = (s->uATARegNSector & 0xf8) | RT_MIN(s->uATARegNSector & 0x07, ATA_UDMA_MODE_MAX); + break; + default: + goto abort_cmd; + } + ataR3CmdOK(pCtl, s, ATA_STAT_SEEK); + ataHCSetIRQ(pDevIns, pCtl, s); /* Shortcut, do not use AIO thread. */ + break; + } + default: + goto abort_cmd; + } + /* + * OS/2 workarond: + * The OS/2 IDE driver from MCP2 appears to rely on the feature register being + * reset here. According to the specification, this is a driver bug as the register + * contents are undefined after the call. This means we can just as well reset it. + */ + s->uATARegFeature = 0; + break; + case ATA_FLUSH_CACHE_EXT: + case ATA_FLUSH_CACHE: + if (!pDevR3->pDrvMedia || s->fATAPI) + goto abort_cmd; + ataR3StartTransfer(pDevIns, pCtl, s, 0, PDMMEDIATXDIR_NONE, ATAFN_BT_NULL, ATAFN_SS_FLUSH, false); + break; + case ATA_STANDBY_IMMEDIATE: + ataR3CmdOK(pCtl, s, 0); + ataHCSetIRQ(pDevIns, pCtl, s); /* Shortcut, do not use AIO thread. */ + break; + case ATA_IDLE_IMMEDIATE: + LogRel(("PIIX3 ATA: LUN#%d: aborting current command\n", s->iLUN)); + ataR3AbortCurrentCommand(pDevIns, pCtl, s, false); + break; + case ATA_SLEEP: + ataR3CmdOK(pCtl, s, 0); + ataHCSetIRQ(pDevIns, pCtl, s); + break; + /* ATAPI commands */ + case ATA_IDENTIFY_PACKET_DEVICE: + if (s->fATAPI) + ataR3StartTransfer(pDevIns, pCtl, s, 512, PDMMEDIATXDIR_FROM_DEVICE, ATAFN_BT_NULL, ATAFN_SS_ATAPI_IDENTIFY, false); + else + { + ataR3CmdError(pCtl, s, ABRT_ERR); + ataHCSetIRQ(pDevIns, pCtl, s); /* Shortcut, do not use AIO thread. */ + } + break; + case ATA_EXECUTE_DEVICE_DIAGNOSTIC: + ataR3StartTransfer(pDevIns, pCtl, s, 0, PDMMEDIATXDIR_NONE, ATAFN_BT_NULL, ATAFN_SS_EXECUTE_DEVICE_DIAGNOSTIC, false); + break; + case ATA_DEVICE_RESET: + if (!s->fATAPI) + goto abort_cmd; + LogRel(("PIIX3 ATA: LUN#%d: performing device RESET\n", s->iLUN)); + ataR3AbortCurrentCommand(pDevIns, pCtl, s, true); + break; + case ATA_PACKET: + if (!s->fATAPI) + goto abort_cmd; + /* overlapping commands not supported */ + if (s->uATARegFeature & 0x02) + goto abort_cmd; + ataR3StartTransfer(pDevIns, pCtl, s, ATAPI_PACKET_SIZE, PDMMEDIATXDIR_TO_DEVICE, ATAFN_BT_PACKET, ATAFN_SS_PACKET, false); + break; + case ATA_DATA_SET_MANAGEMENT: + if (!pDevR3->pDrvMedia || !pDevR3->pDrvMedia->pfnDiscard) + goto abort_cmd; + if ( !(s->uATARegFeature & UINT8_C(0x01)) + || (s->uATARegFeature & ~UINT8_C(0x01))) + goto abort_cmd; + s->fDMA = true; + ataR3StartTransfer(pDevIns, pCtl, s, (s->uATARegNSectorHOB << 8 | s->uATARegNSector) * s->cbSector, PDMMEDIATXDIR_TO_DEVICE, ATAFN_BT_NULL, ATAFN_SS_TRIM, false); + break; + default: + abort_cmd: + ataR3CmdError(pCtl, s, ABRT_ERR); + if (s->fATAPI) + ataUnsetStatus(pCtl, s, ATA_STAT_READY); + ataHCSetIRQ(pDevIns, pCtl, s); /* Shortcut, do not use AIO thread. */ + break; + } +} + +# endif /* IN_RING3 */ +#endif /* IN_RING0 || IN_RING3 */ + +/* + * Note: There are four distinct cases of port I/O handling depending on + * which devices (if any) are attached to an IDE channel: + * + * 1) No device attached. No response to writes or reads (i.e. reads return + * all bits set). + * + * 2) Both devices attached. Reads and writes are processed normally. + * + * 3) Device 0 only. If device 0 is selected, normal behavior applies. But + * if Device 1 is selected, writes are still directed to Device 0 (except + * commands are not executed), reads from control/command registers are + * directed to Device 0, but status/alt status reads return 0. If Device 1 + * is a PACKET device, all reads return 0. See ATAPI-6 clause 9.16.1 and + * Table 18 in clause 7.1. + * + * 4) Device 1 only - non-standard(!). Device 1 can't tell if Device 0 is + * present or not and behaves the same. That means if Device 0 is selected, + * Device 1 responds to writes (except commands are not executed) but does + * not respond to reads. If Device 1 selected, normal behavior applies. + * See ATAPI-6 clause 9.16.2 and Table 15 in clause 7.1. + */ + +static VBOXSTRICTRC ataIOPortWriteU8(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, uint32_t addr, uint32_t val, uintptr_t iCtl) +{ + RT_NOREF(iCtl); + Log2(("%s: LUN#%d write addr=%#x val=%#04x\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf & ATA_SELECTED_IF_MASK].iLUN, addr, val)); + addr &= 7; + switch (addr) + { + case 0: + break; + case 1: /* feature register */ + /* NOTE: data is written to the two drives */ + pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB; + pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB; + pCtl->aIfs[0].uATARegFeatureHOB = pCtl->aIfs[0].uATARegFeature; + pCtl->aIfs[1].uATARegFeatureHOB = pCtl->aIfs[1].uATARegFeature; + pCtl->aIfs[0].uATARegFeature = val; + pCtl->aIfs[1].uATARegFeature = val; + break; + case 2: /* sector count */ + pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB; + pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB; + pCtl->aIfs[0].uATARegNSectorHOB = pCtl->aIfs[0].uATARegNSector; + pCtl->aIfs[1].uATARegNSectorHOB = pCtl->aIfs[1].uATARegNSector; + pCtl->aIfs[0].uATARegNSector = val; + pCtl->aIfs[1].uATARegNSector = val; + break; + case 3: /* sector number */ + pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB; + pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB; + pCtl->aIfs[0].uATARegSectorHOB = pCtl->aIfs[0].uATARegSector; + pCtl->aIfs[1].uATARegSectorHOB = pCtl->aIfs[1].uATARegSector; + pCtl->aIfs[0].uATARegSector = val; + pCtl->aIfs[1].uATARegSector = val; + break; + case 4: /* cylinder low */ + pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB; + pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB; + pCtl->aIfs[0].uATARegLCylHOB = pCtl->aIfs[0].uATARegLCyl; + pCtl->aIfs[1].uATARegLCylHOB = pCtl->aIfs[1].uATARegLCyl; + pCtl->aIfs[0].uATARegLCyl = val; + pCtl->aIfs[1].uATARegLCyl = val; + break; + case 5: /* cylinder high */ + pCtl->aIfs[0].uATARegDevCtl &= ~ATA_DEVCTL_HOB; + pCtl->aIfs[1].uATARegDevCtl &= ~ATA_DEVCTL_HOB; + pCtl->aIfs[0].uATARegHCylHOB = pCtl->aIfs[0].uATARegHCyl; + pCtl->aIfs[1].uATARegHCylHOB = pCtl->aIfs[1].uATARegHCyl; + pCtl->aIfs[0].uATARegHCyl = val; + pCtl->aIfs[1].uATARegHCyl = val; + break; + case 6: /* drive/head */ + pCtl->aIfs[0].uATARegSelect = (val & ~0x10) | 0xa0; + pCtl->aIfs[1].uATARegSelect = (val | 0x10) | 0xa0; + if (((val >> 4) & ATA_SELECTED_IF_MASK) != pCtl->iSelectedIf) + { + /* select another drive */ + uintptr_t const iSelectedIf = (val >> 4) & ATA_SELECTED_IF_MASK; + pCtl->iSelectedIf = (uint8_t)iSelectedIf; + /* The IRQ line is multiplexed between the two drives, so + * update the state when switching to another drive. Only need + * to update interrupt line if it is enabled and there is a + * state change. */ + if ( !(pCtl->aIfs[iSelectedIf].uATARegDevCtl & ATA_DEVCTL_DISABLE_IRQ) + && pCtl->aIfs[iSelectedIf].fIrqPending != pCtl->aIfs[iSelectedIf ^ 1].fIrqPending) + { + if (pCtl->aIfs[iSelectedIf].fIrqPending) + { + Log2(("%s: LUN#%d asserting IRQ (drive select change)\n", __FUNCTION__, pCtl->aIfs[iSelectedIf].iLUN)); + /* The BMDMA unit unconditionally sets BM_STATUS_INT if + * the interrupt line is asserted. It monitors the line + * for a rising edge. */ + pCtl->BmDma.u8Status |= BM_STATUS_INT; + if (pCtl->irq == 16) + PDMDevHlpPCISetIrq(pDevIns, 0, 1); + else + PDMDevHlpISASetIrq(pDevIns, pCtl->irq, 1); + } + else + { + Log2(("%s: LUN#%d deasserting IRQ (drive select change)\n", __FUNCTION__, pCtl->aIfs[iSelectedIf].iLUN)); + if (pCtl->irq == 16) + PDMDevHlpPCISetIrq(pDevIns, 0, 0); + else + PDMDevHlpISASetIrq(pDevIns, pCtl->irq, 0); + } + } + } + break; + default: + case 7: /* command */ + { + /* ignore commands to non-existent device */ + uintptr_t iSelectedIf = pCtl->iSelectedIf & ATA_SELECTED_IF_MASK; + PATADEVSTATE pDev = &pCtl->aIfs[iSelectedIf]; + if (iSelectedIf && !pDev->fPresent) /** @todo r=bird the iSelectedIf test here looks bogus... explain. */ + break; +#ifndef IN_RING3 + /* Don't do anything complicated in GC */ + return VINF_IOM_R3_IOPORT_WRITE; +#else /* IN_RING3 */ + PATASTATER3 pThisCC = PDMDEVINS_2_DATA_CC(pDevIns, PATASTATER3); + ataUnsetIRQ(pDevIns, pCtl, &pCtl->aIfs[iSelectedIf]); + ataR3ParseCmd(pDevIns, pCtl, &pCtl->aIfs[iSelectedIf], &pThisCC->aCts[iCtl].aIfs[iSelectedIf], val); + break; +#endif /* !IN_RING3 */ + } + } + return VINF_SUCCESS; +} + + +static VBOXSTRICTRC ataIOPortReadU8(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, uint32_t addr, uint32_t *pu32) +{ + PATADEVSTATE s = &pCtl->aIfs[pCtl->iSelectedIf & ATA_SELECTED_IF_MASK]; + uint32_t val; + bool fHOB; + + /* Check if the guest is reading from a non-existent device. */ + if (RT_LIKELY(s->fPresent)) + { /* likely */ } + else + { + if (pCtl->iSelectedIf) /* Device 1 selected, Device 0 responding for it. */ + { + Assert(pCtl->aIfs[0].fPresent); + + /* When an ATAPI device 0 responds for non-present device 1, it generally + * returns zeros on reads. The Error register is an exception. See clause 7.1, + * table 16 in ATA-6 specification. + */ + if (((addr & 7) != 1) && pCtl->aIfs[0].fATAPI) + { + Log2(("%s: addr=%#x, val=0: LUN#%d not attached/LUN#%d ATAPI\n", __FUNCTION__, addr, s->iLUN, pCtl->aIfs[0].iLUN)); + *pu32 = 0; + return VINF_SUCCESS; + } + /* Else handle normally. */ + } + else /* Device 0 selected (but not present). */ + { + /* Because device 1 has no way to tell if there is device 0, the behavior is the same + * as for an empty bus; see comments in ataIOPortReadEmptyBus(). Note that EFI (TianoCore) + * relies on this behavior when detecting devices. + */ + *pu32 = ATA_EMPTY_BUS_DATA; + Log2(("%s: addr=%#x: LUN#%d not attached, val=%#02x\n", __FUNCTION__, addr, s->iLUN, *pu32)); + return VINF_SUCCESS; + } + } + + fHOB = !!(s->uATARegDevCtl & (1 << 7)); + switch (addr & 7) + { + case 0: /* data register */ + val = 0xff; + break; + case 1: /* error register */ + /* The ATA specification is very terse when it comes to specifying + * the precise effects of reading back the error/feature register. + * The error register (read-only) shares the register number with + * the feature register (write-only), so it seems that it's not + * necessary to support the usual HOB readback here. */ + if (!s->fPresent) + val = 0; + else + val = s->uATARegError; + break; + case 2: /* sector count */ + if (fHOB) + val = s->uATARegNSectorHOB; + else + val = s->uATARegNSector; + break; + case 3: /* sector number */ + if (fHOB) + val = s->uATARegSectorHOB; + else + val = s->uATARegSector; + break; + case 4: /* cylinder low */ + if (fHOB) + val = s->uATARegLCylHOB; + else + val = s->uATARegLCyl; + break; + case 5: /* cylinder high */ + if (fHOB) + val = s->uATARegHCylHOB; + else + val = s->uATARegHCyl; + break; + case 6: /* drive/head */ + /* This register must always work as long as there is at least + * one drive attached to the controller. It is common between + * both drives anyway (completely identical content). */ + if (!pCtl->aIfs[0].fPresent && !pCtl->aIfs[1].fPresent) + val = 0; + else + val = s->uATARegSelect; + break; + default: + case 7: /* primary status */ + { + if (!s->fPresent) + val = 0; + else + val = s->uATARegStatus; + + /* Give the async I/O thread an opportunity to make progress, + * don't let it starve by guests polling frequently. EMT has a + * lower priority than the async I/O thread, but sometimes the + * host OS doesn't care. With some guests we are only allowed to + * be busy for about 5 milliseconds in some situations. Note that + * this is no guarantee for any other VBox thread getting + * scheduled, so this just lowers the CPU load a bit when drives + * are busy. It cannot help with timing problems. */ + if (val & ATA_STAT_BUSY) + { +#ifdef IN_RING3 + /* @bugref{1960}: Don't yield all the time, unless it's a reset (can be tricky). */ + bool fYield = (s->cBusyStatusHackR3++ & s->cBusyStatusHackR3Rate) == 0 + || pCtl->fReset; + + ataR3LockLeave(pDevIns, pCtl); + + /* + * The thread might be stuck in an I/O operation due to a high I/O + * load on the host (see @bugref{3301}). To perform the reset + * successfully we interrupt the operation by sending a signal to + * the thread if the thread didn't responded in 10ms. + * + * This works only on POSIX hosts (Windows has a CancelSynchronousIo + * function which does the same but it was introduced with Vista) but + * so far this hang was only observed on Linux and Mac OS X. + * + * This is a workaround and needs to be solved properly. + */ + if (pCtl->fReset) + { + uint64_t u64ResetTimeStop = RTTimeMilliTS(); + if (u64ResetTimeStop - pCtl->u64ResetTime >= 10) + { + LogRel(("PIIX3 ATA LUN#%d: Async I/O thread probably stuck in operation, interrupting\n", s->iLUN)); + pCtl->u64ResetTime = u64ResetTimeStop; +# ifndef RT_OS_WINDOWS /* We've got this API on windows, but it doesn't necessarily interrupt I/O. */ + PATASTATER3 pThisCC = PDMDEVINS_2_DATA_CC(pDevIns, PATASTATER3); + PATACONTROLLERR3 pCtlR3 = &RT_SAFE_SUBSCRIPT(pThisCC->aCts, pCtl->iCtl); + RTThreadPoke(pCtlR3->hAsyncIOThread); +# endif + Assert(fYield); + } + } + + if (fYield) + { + STAM_REL_PROFILE_ADV_START(&s->StatStatusYields, a); + RTThreadYield(); + STAM_REL_PROFILE_ADV_STOP(&s->StatStatusYields, a); + } + ASMNopPause(); + + ataR3LockEnter(pDevIns, pCtl); + + val = s->uATARegStatus; +#else /* !IN_RING3 */ + /* Cannot yield CPU in raw-mode and ring-0 context. And switching + * to host context for each and every busy status is too costly, + * especially on SMP systems where we don't gain much by + * yielding the CPU to someone else. */ + if ((s->cBusyStatusHackRZ++ & s->cBusyStatusHackRZRate) == 1) + { + s->cBusyStatusHackR3 = 0; /* Forces a yield. */ + return VINF_IOM_R3_IOPORT_READ; + } +#endif /* !IN_RING3 */ + } + else + { + s->cBusyStatusHackRZ = 0; + s->cBusyStatusHackR3 = 0; + } + ataUnsetIRQ(pDevIns, pCtl, s); + break; + } + } + Log2(("%s: LUN#%d addr=%#x val=%#04x\n", __FUNCTION__, s->iLUN, addr, val)); + *pu32 = val; + return VINF_SUCCESS; +} + + +/* + * Read the Alternate status register. Does not affect interrupts. + */ +static uint32_t ataStatusRead(PATACONTROLLER pCtl, uint32_t uIoPortForLog) +{ + PATADEVSTATE s = &pCtl->aIfs[pCtl->iSelectedIf & ATA_SELECTED_IF_MASK]; + uint32_t val; + RT_NOREF(uIoPortForLog); + + Assert(pCtl->aIfs[0].fPresent || pCtl->aIfs[1].fPresent); /* Channel must not be empty. */ + if (pCtl->iSelectedIf == 1 && !s->fPresent) + val = 0; /* Device 1 selected, Device 0 responding for it. */ + else + val = s->uATARegStatus; + Log2(("%s: LUN#%d read addr=%#x val=%#04x\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf & ATA_SELECTED_IF_MASK].iLUN, uIoPortForLog, val)); + return val; +} + +static int ataControlWrite(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, uint32_t val, uint32_t uIoPortForLog) +{ + RT_NOREF(uIoPortForLog); +#ifndef IN_RING3 + if ((val ^ pCtl->aIfs[0].uATARegDevCtl) & ATA_DEVCTL_RESET) + return VINF_IOM_R3_IOPORT_WRITE; /* The RESET stuff is too complicated for RC+R0. */ +#endif /* !IN_RING3 */ + + Log2(("%s: LUN#%d write addr=%#x val=%#04x\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf & ATA_SELECTED_IF_MASK].iLUN, uIoPortForLog, val)); + /* RESET is common for both drives attached to a controller. */ + if ( !(pCtl->aIfs[0].uATARegDevCtl & ATA_DEVCTL_RESET) + && (val & ATA_DEVCTL_RESET)) + { +#ifdef IN_RING3 + /* Software RESET low to high */ + int32_t uCmdWait0 = -1; + int32_t uCmdWait1 = -1; + uint64_t uNow = RTTimeNanoTS(); + if (pCtl->aIfs[0].u64CmdTS) + uCmdWait0 = (uNow - pCtl->aIfs[0].u64CmdTS) / 1000; + if (pCtl->aIfs[1].u64CmdTS) + uCmdWait1 = (uNow - pCtl->aIfs[1].u64CmdTS) / 1000; + LogRel(("PIIX3 ATA: Ctl#%d: RESET, DevSel=%d AIOIf=%d CmdIf0=%#04x (%d usec ago) CmdIf1=%#04x (%d usec ago)\n", + pCtl->iCtl, pCtl->iSelectedIf, pCtl->iAIOIf, + pCtl->aIfs[0].uATARegCommand, uCmdWait0, + pCtl->aIfs[1].uATARegCommand, uCmdWait1)); + pCtl->fReset = true; + /* Everything must be done after the reset flag is set, otherwise + * there are unavoidable races with the currently executing request + * (which might just finish in the mean time). */ + pCtl->fChainedTransfer = false; + for (uint32_t i = 0; i < RT_ELEMENTS(pCtl->aIfs); i++) + { + ataR3ResetDevice(pDevIns, pCtl, &pCtl->aIfs[i]); + /* The following cannot be done using ataSetStatusValue() since the + * reset flag is already set, which suppresses all status changes. */ + pCtl->aIfs[i].uATARegStatus = ATA_STAT_BUSY | ATA_STAT_SEEK; + Log2(("%s: LUN#%d status %#04x\n", __FUNCTION__, pCtl->aIfs[i].iLUN, pCtl->aIfs[i].uATARegStatus)); + pCtl->aIfs[i].uATARegError = 0x01; + } + pCtl->iSelectedIf = 0; + ataR3AsyncIOClearRequests(pDevIns, pCtl); + Log2(("%s: Ctl#%d: message to async I/O thread, resetA\n", __FUNCTION__, pCtl->iCtl)); + if (val & ATA_DEVCTL_HOB) + { + val &= ~ATA_DEVCTL_HOB; + Log2(("%s: ignored setting HOB\n", __FUNCTION__)); + } + + /* Save the timestamp we started the reset. */ + pCtl->u64ResetTime = RTTimeMilliTS(); + + /* Issue the reset request now. */ + ataHCAsyncIOPutRequest(pDevIns, pCtl, &g_ataResetARequest); +#else /* !IN_RING3 */ + AssertMsgFailed(("RESET handling is too complicated for GC\n")); +#endif /* IN_RING3 */ + } + else if ( (pCtl->aIfs[0].uATARegDevCtl & ATA_DEVCTL_RESET) + && !(val & ATA_DEVCTL_RESET)) + { +#ifdef IN_RING3 + /* Software RESET high to low */ + Log(("%s: deasserting RESET\n", __FUNCTION__)); + Log2(("%s: Ctl#%d: message to async I/O thread, resetC\n", __FUNCTION__, pCtl->iCtl)); + if (val & ATA_DEVCTL_HOB) + { + val &= ~ATA_DEVCTL_HOB; + Log2(("%s: ignored setting HOB\n", __FUNCTION__)); + } + ataHCAsyncIOPutRequest(pDevIns, pCtl, &g_ataResetCRequest); +#else /* !IN_RING3 */ + AssertMsgFailed(("RESET handling is too complicated for GC\n")); +#endif /* IN_RING3 */ + } + + /* Change of interrupt disable flag. Update interrupt line if interrupt + * is pending on the current interface. */ + if ( ((val ^ pCtl->aIfs[0].uATARegDevCtl) & ATA_DEVCTL_DISABLE_IRQ) + && pCtl->aIfs[pCtl->iSelectedIf & ATA_SELECTED_IF_MASK].fIrqPending) + { + if (!(val & ATA_DEVCTL_DISABLE_IRQ)) + { + Log2(("%s: LUN#%d asserting IRQ (interrupt disable change)\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf & ATA_SELECTED_IF_MASK].iLUN)); + /* The BMDMA unit unconditionally sets BM_STATUS_INT if the + * interrupt line is asserted. It monitors the line for a rising + * edge. */ + pCtl->BmDma.u8Status |= BM_STATUS_INT; + if (pCtl->irq == 16) + PDMDevHlpPCISetIrq(pDevIns, 0, 1); + else + PDMDevHlpISASetIrq(pDevIns, pCtl->irq, 1); + } + else + { + Log2(("%s: LUN#%d deasserting IRQ (interrupt disable change)\n", __FUNCTION__, pCtl->aIfs[pCtl->iSelectedIf & ATA_SELECTED_IF_MASK].iLUN)); + if (pCtl->irq == 16) + PDMDevHlpPCISetIrq(pDevIns, 0, 0); + else + PDMDevHlpISASetIrq(pDevIns, pCtl->irq, 0); + } + } + + if (val & ATA_DEVCTL_HOB) + Log2(("%s: set HOB\n", __FUNCTION__)); + + pCtl->aIfs[0].uATARegDevCtl = val; + pCtl->aIfs[1].uATARegDevCtl = val; + + return VINF_SUCCESS; +} + +#if defined(IN_RING0) || defined(IN_RING3) + +static void ataHCPIOTransfer(PPDMDEVINS pDevIns, PATACONTROLLER pCtl) +{ + PATADEVSTATE s; + + s = &pCtl->aIfs[pCtl->iAIOIf & ATA_SELECTED_IF_MASK]; + Log3(("%s: if=%p\n", __FUNCTION__, s)); + + if (s->cbTotalTransfer && s->iIOBufferCur > s->iIOBufferEnd) + { +# ifdef IN_RING3 + LogRel(("PIIX3 ATA: LUN#%d: %s data in the middle of a PIO transfer - VERY SLOW\n", + s->iLUN, s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE ? "loading" : "storing")); + /* Any guest OS that triggers this case has a pathetic ATA driver. + * In a real system it would block the CPU via IORDY, here we do it + * very similarly by not continuing with the current instruction + * until the transfer to/from the storage medium is completed. */ + uint8_t const iSourceSink = s->iSourceSink; + if ( iSourceSink != ATAFN_SS_NULL + && iSourceSink < RT_ELEMENTS(g_apfnSourceSinkFuncs)) + { + bool fRedo; + uint8_t status = s->uATARegStatus; + PATASTATER3 pThisCC = PDMDEVINS_2_DATA_CC(pDevIns, PATASTATER3); + PATADEVSTATER3 pDevR3 = &RT_SAFE_SUBSCRIPT(RT_SAFE_SUBSCRIPT(pThisCC->aCts, pCtl->iCtl).aIfs, s->iDev); + + ataSetStatusValue(pCtl, s, ATA_STAT_BUSY); + Log2(("%s: calling source/sink function\n", __FUNCTION__)); + fRedo = g_apfnSourceSinkFuncs[iSourceSink](pDevIns, pCtl, s, pDevR3); + pCtl->fRedo = fRedo; + if (RT_UNLIKELY(fRedo)) + return; + ataSetStatusValue(pCtl, s, status); + s->iIOBufferCur = 0; + s->iIOBufferEnd = s->cbElementaryTransfer; + } + else + Assert(iSourceSink == ATAFN_SS_NULL); +# else + AssertReleaseFailed(); +# endif + } + if (s->cbTotalTransfer) + { + if (s->fATAPITransfer) + ataHCPIOTransferLimitATAPI(s); + + if (s->uTxDir == PDMMEDIATXDIR_TO_DEVICE && s->cbElementaryTransfer > s->cbTotalTransfer) + s->cbElementaryTransfer = s->cbTotalTransfer; + + Log2(("%s: %s tx_size=%d elem_tx_size=%d index=%d end=%d\n", + __FUNCTION__, s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE ? "T2I" : "I2T", + s->cbTotalTransfer, s->cbElementaryTransfer, + s->iIOBufferCur, s->iIOBufferEnd)); + ataHCPIOTransferStart(pCtl, s, s->iIOBufferCur, s->cbElementaryTransfer); + s->cbTotalTransfer -= s->cbElementaryTransfer; + s->iIOBufferCur += s->cbElementaryTransfer; + + if (s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE && s->cbElementaryTransfer > s->cbTotalTransfer) + s->cbElementaryTransfer = s->cbTotalTransfer; + } + else + ataHCPIOTransferStop(pDevIns, pCtl, s); +} + + +DECLINLINE(void) ataHCPIOTransferFinish(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATADEVSTATE s) +{ + /* Do not interfere with RESET processing if the PIO transfer finishes + * while the RESET line is asserted. */ + if (pCtl->fReset) + { + Log2(("%s: Ctl#%d: suppressed continuing PIO transfer as RESET is active\n", __FUNCTION__, pCtl->iCtl)); + return; + } + + if ( s->uTxDir == PDMMEDIATXDIR_TO_DEVICE + || ( s->iSourceSink != ATAFN_SS_NULL + && s->iIOBufferCur >= s->iIOBufferEnd)) + { + /* Need to continue the transfer in the async I/O thread. This is + * the case for write operations or generally for not yet finished + * transfers (some data might need to be read). */ + ataSetStatus(pCtl, s, ATA_STAT_BUSY); + ataUnsetStatus(pCtl, s, ATA_STAT_READY | ATA_STAT_DRQ); + + Log2(("%s: Ctl#%d: message to async I/O thread, continuing PIO transfer\n", __FUNCTION__, pCtl->iCtl)); + ataHCAsyncIOPutRequest(pDevIns, pCtl, &g_ataPIORequest); + } + else + { + /* Either everything finished (though some data might still be pending) + * or some data is pending before the next read is due. */ + + /* Continue a previously started transfer. */ + ataUnsetStatus(pCtl, s, ATA_STAT_DRQ); + ataSetStatus(pCtl, s, ATA_STAT_READY); + + if (s->cbTotalTransfer) + { + /* There is more to transfer, happens usually for large ATAPI + * reads - the protocol limits the chunk size to 65534 bytes. */ + ataHCPIOTransfer(pDevIns, pCtl); + ataHCSetIRQ(pDevIns, pCtl, s); + } + else + { + Log2(("%s: Ctl#%d: skipping message to async I/O thread, ending PIO transfer\n", __FUNCTION__, pCtl->iCtl)); + /* Finish PIO transfer. */ + ataHCPIOTransfer(pDevIns, pCtl); + Assert(!pCtl->fRedo); + } + } +} + +#endif /* IN_RING0 || IN_RING3 */ + +/** + * Fallback for ataCopyPioData124 that handles unaligned and out of bounds cases. + * + * @param pIf The device interface to work with. + * @param pbDst The destination buffer. + * @param pbSrc The source buffer. + * @param offStart The start offset (iIOBufferPIODataStart). + * @param cbCopy The number of bytes to copy, either 1, 2 or 4 bytes. + */ +DECL_NO_INLINE(static, void) ataCopyPioData124Slow(PATADEVSTATE pIf, uint8_t *pbDst, const uint8_t *pbSrc, + uint32_t offStart, uint32_t cbCopy) +{ + uint32_t const offNext = offStart + cbCopy; + uint32_t const cbIOBuffer = RT_MIN(pIf->cbIOBuffer, ATA_MAX_IO_BUFFER_SIZE); + + if (offStart + cbCopy > cbIOBuffer) + { + Log(("%s: cbCopy=%#x offStart=%#x cbIOBuffer=%#x offNext=%#x (iIOBufferPIODataEnd=%#x)\n", + __FUNCTION__, cbCopy, offStart, cbIOBuffer, offNext, pIf->iIOBufferPIODataEnd)); + if (offStart < cbIOBuffer) + cbCopy = cbIOBuffer - offStart; + else + cbCopy = 0; + } + + switch (cbCopy) + { + case 4: pbDst[3] = pbSrc[3]; RT_FALL_THRU(); + case 3: pbDst[2] = pbSrc[2]; RT_FALL_THRU(); + case 2: pbDst[1] = pbSrc[1]; RT_FALL_THRU(); + case 1: pbDst[0] = pbSrc[0]; RT_FALL_THRU(); + case 0: break; + default: AssertFailed(); /* impossible */ + } + + pIf->iIOBufferPIODataStart = offNext; + +} + + +/** + * Work for ataDataWrite & ataDataRead that copies data without using memcpy. + * + * This also updates pIf->iIOBufferPIODataStart. + * + * The two buffers are either stack (32-bit aligned) or somewhere within + * pIf->abIOBuffer. + * + * @param pIf The device interface to work with. + * @param pbDst The destination buffer. + * @param pbSrc The source buffer. + * @param offStart The start offset (iIOBufferPIODataStart). + * @param cbCopy The number of bytes to copy, either 1, 2 or 4 bytes. + */ +DECLINLINE(void) ataCopyPioData124(PATADEVSTATE pIf, uint8_t *pbDst, const uint8_t *pbSrc, uint32_t offStart, uint32_t cbCopy) +{ + /* + * Quick bounds checking can be done by checking that the abIOBuffer offset + * (iIOBufferPIODataStart) is aligned at the transfer size (which is ASSUMED + * to be 1, 2 or 4). However, since we're paranoid and don't currently + * trust iIOBufferPIODataEnd to be within bounds, we current check against the + * IO buffer size too. + */ + Assert(cbCopy == 1 || cbCopy == 2 || cbCopy == 4); + if (RT_LIKELY( !(offStart & (cbCopy - 1)) + && offStart + cbCopy <= RT_MIN(pIf->cbIOBuffer, ATA_MAX_IO_BUFFER_SIZE))) + { + switch (cbCopy) + { + case 4: *(uint32_t *)pbDst = *(uint32_t const *)pbSrc; break; + case 2: *(uint16_t *)pbDst = *(uint16_t const *)pbSrc; break; + case 1: *pbDst = *pbSrc; break; + } + pIf->iIOBufferPIODataStart = offStart + cbCopy; + } + else + ataCopyPioData124Slow(pIf, pbDst, pbSrc, offStart, cbCopy); +} + + +/** + * @callback_method_impl{FNIOMIOPORTNEWOUT, + * Port I/O Handler for primary port range OUT operations.} + * @note offPort is an absolute port number! + */ +static DECLCALLBACK(VBOXSTRICTRC) +ataIOPortWrite1Data(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT offPort, uint32_t u32, unsigned cb) +{ + PATASTATE pThis = PDMDEVINS_2_DATA(pDevIns, PATASTATE); + PATACONTROLLER pCtl = &RT_SAFE_SUBSCRIPT(pThis->aCts, (uintptr_t)pvUser); + RT_NOREF(offPort); + + Assert((uintptr_t)pvUser < 2); + Assert(offPort == pCtl->IOPortBase1); + Assert(cb == 2 || cb == 4); /* Writes to the data port may be 16-bit or 32-bit. */ + + VBOXSTRICTRC rc = PDMDevHlpCritSectEnter(pDevIns, &pCtl->lock, VINF_IOM_R3_IOPORT_WRITE); + if (rc == VINF_SUCCESS) + { + PATADEVSTATE s = &pCtl->aIfs[pCtl->iSelectedIf & ATA_SELECTED_IF_MASK]; + uint32_t const iIOBufferPIODataStart = RT_MIN(s->iIOBufferPIODataStart, sizeof(s->abIOBuffer)); + uint32_t const iIOBufferPIODataEnd = RT_MIN(s->iIOBufferPIODataEnd, sizeof(s->abIOBuffer)); + + if (iIOBufferPIODataStart < iIOBufferPIODataEnd) + { + Assert(s->uTxDir == PDMMEDIATXDIR_TO_DEVICE); + uint8_t *pbDst = &s->abIOBuffer[iIOBufferPIODataStart]; + uint8_t const *pbSrc = (uint8_t const *)&u32; + +#ifdef IN_RC + /* Raw-mode: The ataHCPIOTransfer following the last transfer unit + requires I/O thread signalling, we must go to ring-3 for that. */ + if (iIOBufferPIODataStart + cb < iIOBufferPIODataEnd) + ataCopyPioData124(s, pbDst, pbSrc, iIOBufferPIODataStart, cb); + else + rc = VINF_IOM_R3_IOPORT_WRITE; + +#elif defined(IN_RING0) + /* Ring-0: We can do I/O thread signalling here, however for paranoid reasons + triggered by a special case in ataHCPIOTransferFinish, we take extra care here. */ + if (iIOBufferPIODataStart + cb < iIOBufferPIODataEnd) + ataCopyPioData124(s, pbDst, pbSrc, iIOBufferPIODataStart, cb); + else if (s->uTxDir == PDMMEDIATXDIR_TO_DEVICE) /* paranoia */ + { + ataCopyPioData124(s, pbDst, pbSrc, iIOBufferPIODataStart, cb); + ataHCPIOTransferFinish(pDevIns, pCtl, s); + } + else + { + Log(("%s: Unexpected\n", __FUNCTION__)); + rc = VINF_IOM_R3_IOPORT_WRITE; + } + +#else /* IN_RING 3*/ + ataCopyPioData124(s, pbDst, pbSrc, iIOBufferPIODataStart, cb); + if (s->iIOBufferPIODataStart >= iIOBufferPIODataEnd) + ataHCPIOTransferFinish(pDevIns, pCtl, s); +#endif /* IN_RING 3*/ + } + else + Log2(("%s: DUMMY data\n", __FUNCTION__)); + + Log3(("%s: addr=%#x val=%.*Rhxs rc=%d\n", __FUNCTION__, offPort, cb, &u32, VBOXSTRICTRC_VAL(rc))); + PDMDevHlpCritSectLeave(pDevIns, &pCtl->lock); + } + else + Log3(("%s: addr=%#x -> %d\n", __FUNCTION__, offPort, VBOXSTRICTRC_VAL(rc))); + return rc; +} + + +/** + * @callback_method_impl{FNIOMIOPORTNEWIN, + * Port I/O Handler for primary port range IN operations.} + * @note offPort is an absolute port number! + */ +static DECLCALLBACK(VBOXSTRICTRC) +ataIOPortRead1Data(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT offPort, uint32_t *pu32, unsigned cb) +{ + PATASTATE pThis = PDMDEVINS_2_DATA(pDevIns, PATASTATE); + PATACONTROLLER pCtl = &RT_SAFE_SUBSCRIPT(pThis->aCts, (uintptr_t)pvUser); + RT_NOREF(offPort); + + Assert((uintptr_t)pvUser < 2); + Assert(offPort == pCtl->IOPortBase1); + + /* Reads from the data register may be 16-bit or 32-bit. Byte accesses are + upgraded to word. */ + Assert(cb == 1 || cb == 2 || cb == 4); + uint32_t cbActual = cb != 1 ? cb : 2; + *pu32 = 0; + + VBOXSTRICTRC rc = PDMDevHlpCritSectEnter(pDevIns, &pCtl->lock, VINF_IOM_R3_IOPORT_READ); + if (rc == VINF_SUCCESS) + { + PATADEVSTATE s = &pCtl->aIfs[pCtl->iSelectedIf & ATA_SELECTED_IF_MASK]; + + if (s->iIOBufferPIODataStart < s->iIOBufferPIODataEnd) + { + AssertMsg(s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE, ("%#x\n", s->uTxDir)); + uint32_t const iIOBufferPIODataStart = RT_MIN(s->iIOBufferPIODataStart, sizeof(s->abIOBuffer)); + uint32_t const iIOBufferPIODataEnd = RT_MIN(s->iIOBufferPIODataEnd, sizeof(s->abIOBuffer)); + uint8_t const *pbSrc = &s->abIOBuffer[iIOBufferPIODataStart]; + uint8_t *pbDst = (uint8_t *)pu32; + +#ifdef IN_RC + /* All but the last transfer unit is simple enough for RC, but + * sending a request to the async IO thread is too complicated. */ + if (iIOBufferPIODataStart + cbActual < iIOBufferPIODataEnd) + ataCopyPioData124(s, pbDst, pbSrc, iIOBufferPIODataStart, cbActual); + else + rc = VINF_IOM_R3_IOPORT_READ; + +#elif defined(IN_RING0) + /* Ring-0: We can do I/O thread signalling here. However there is one + case in ataHCPIOTransfer that does a LogRel and would (but not from + here) call directly into the driver code. We detect that odd case + here cand return to ring-3 to handle it. */ + if (iIOBufferPIODataStart + cbActual < iIOBufferPIODataEnd) + ataCopyPioData124(s, pbDst, pbSrc, iIOBufferPIODataStart, cbActual); + else if ( s->cbTotalTransfer == 0 + || s->iSourceSink != ATAFN_SS_NULL + || s->iIOBufferCur <= s->iIOBufferEnd) + { + ataCopyPioData124(s, pbDst, pbSrc, iIOBufferPIODataStart, cbActual); + ataHCPIOTransferFinish(pDevIns, pCtl, s); + } + else + { + Log(("%s: Unexpected\n",__FUNCTION__)); + rc = VINF_IOM_R3_IOPORT_READ; + } + +#else /* IN_RING3 */ + ataCopyPioData124(s, pbDst, pbSrc, iIOBufferPIODataStart, cbActual); + if (s->iIOBufferPIODataStart >= iIOBufferPIODataEnd) + ataHCPIOTransferFinish(pDevIns, pCtl, s); +#endif /* IN_RING3 */ + + /* Just to be on the safe side (caller takes care of this, really). */ + if (cb == 1) + *pu32 &= 0xff; + } + else + { + Log2(("%s: DUMMY data\n", __FUNCTION__)); + memset(pu32, 0xff, cb); + } + Log3(("%s: addr=%#x val=%.*Rhxs rc=%d\n", __FUNCTION__, offPort, cb, pu32, VBOXSTRICTRC_VAL(rc))); + + PDMDevHlpCritSectLeave(pDevIns, &pCtl->lock); + } + else + Log3(("%s: addr=%#x -> %d\n", __FUNCTION__, offPort, VBOXSTRICTRC_VAL(rc))); + + return rc; +} + + +/** + * @callback_method_impl{FNIOMIOPORTNEWINSTRING, + * Port I/O Handler for primary port range IN string operations.} + * @note offPort is an absolute port number! + */ +static DECLCALLBACK(VBOXSTRICTRC) +ataIOPortReadStr1Data(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT offPort, uint8_t *pbDst, uint32_t *pcTransfers, unsigned cb) +{ + PATASTATE pThis = PDMDEVINS_2_DATA(pDevIns, PATASTATE); + PATACONTROLLER pCtl = &RT_SAFE_SUBSCRIPT(pThis->aCts, (uintptr_t)pvUser); + RT_NOREF(offPort); + + Assert((uintptr_t)pvUser < 2); + Assert(offPort == pCtl->IOPortBase1); + Assert(*pcTransfers > 0); + + VBOXSTRICTRC rc; + if (cb == 2 || cb == 4) + { + rc = PDMDevHlpCritSectEnter(pDevIns, &pCtl->lock, VINF_IOM_R3_IOPORT_READ); + if (rc == VINF_SUCCESS) + { + PATADEVSTATE s = &pCtl->aIfs[pCtl->iSelectedIf & ATA_SELECTED_IF_MASK]; + + uint32_t const offStart = s->iIOBufferPIODataStart; + uint32_t const offEnd = s->iIOBufferPIODataEnd; + if (offStart < offEnd) + { + /* + * Figure how much we can copy. Usually it's the same as the request. + * The last transfer unit cannot be handled in RC, as it involves + * thread communication. In R0 we let the non-string callback handle it, + * and ditto for overflows/dummy data. + */ + uint32_t cAvailable = (offEnd - offStart) / cb; +#ifndef IN_RING3 + if (cAvailable > 0) + cAvailable--; +#endif + uint32_t const cRequested = *pcTransfers; + if (cAvailable > cRequested) + cAvailable = cRequested; + uint32_t const cbTransfer = cAvailable * cb; + uint32_t const offEndThisXfer = offStart + cbTransfer; + if ( offEndThisXfer <= RT_MIN(s->cbIOBuffer, ATA_MAX_IO_BUFFER_SIZE) + && offStart < RT_MIN(s->cbIOBuffer, ATA_MAX_IO_BUFFER_SIZE) /* paranoia */ + && cbTransfer > 0) + { + /* + * Do the transfer. + */ + uint8_t const *pbSrc = &s->abIOBuffer[offStart]; + memcpy(pbDst, pbSrc, cbTransfer); + Log3(("%s: addr=%#x cb=%#x cbTransfer=%#x val=%.*Rhxd\n", __FUNCTION__, offPort, cb, cbTransfer, cbTransfer, pbSrc)); + s->iIOBufferPIODataStart = offEndThisXfer; +#ifdef IN_RING3 + if (offEndThisXfer >= offEnd) + ataHCPIOTransferFinish(pDevIns, pCtl, s); +#endif + *pcTransfers = cRequested - cAvailable; + } + else + Log2(("ataIOPortReadStr1Data: DUMMY/Overflow!\n")); + } + else + { + /* + * Dummy read (shouldn't happen) return 0xff like the non-string handler. + */ + Log2(("ataIOPortReadStr1Data: DUMMY data (%#x bytes)\n", *pcTransfers * cb)); + memset(pbDst, 0xff, *pcTransfers * cb); + *pcTransfers = 0; + } + + PDMDevHlpCritSectLeave(pDevIns, &pCtl->lock); + } + } + /* + * Let the non-string I/O callback handle 1 byte reads. + */ + else + { + Log2(("ataIOPortReadStr1Data: 1 byte read (%#x transfers)\n", *pcTransfers)); + AssertFailed(); + rc = VINF_SUCCESS; + } + return rc; +} + + +/** + * @callback_method_impl{FNIOMIOPORTNEWOUTSTRING, + * Port I/O Handler for primary port range OUT string operations.} + * @note offPort is an absolute port number! + */ +static DECLCALLBACK(VBOXSTRICTRC) +ataIOPortWriteStr1Data(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT offPort, uint8_t const *pbSrc, uint32_t *pcTransfers, unsigned cb) +{ + PATASTATE pThis = PDMDEVINS_2_DATA(pDevIns, PATASTATE); + PATACONTROLLER pCtl = &RT_SAFE_SUBSCRIPT(pThis->aCts, (uintptr_t)pvUser); + RT_NOREF(offPort); + + Assert((uintptr_t)pvUser < 2); + Assert(offPort == pCtl->IOPortBase1); + Assert(*pcTransfers > 0); + + VBOXSTRICTRC rc; + if (cb == 2 || cb == 4) + { + rc = PDMDevHlpCritSectEnter(pDevIns, &pCtl->lock, VINF_IOM_R3_IOPORT_WRITE); + if (rc == VINF_SUCCESS) + { + PATADEVSTATE s = &pCtl->aIfs[pCtl->iSelectedIf & ATA_SELECTED_IF_MASK]; + + uint32_t const offStart = s->iIOBufferPIODataStart; + uint32_t const offEnd = s->iIOBufferPIODataEnd; + Log3Func(("offStart=%#x offEnd=%#x *pcTransfers=%d cb=%d\n", offStart, offEnd, *pcTransfers, cb)); + if (offStart < offEnd) + { + /* + * Figure how much we can copy. Usually it's the same as the request. + * The last transfer unit cannot be handled in RC, as it involves + * thread communication. In R0 we let the non-string callback handle it, + * and ditto for overflows/dummy data. + */ + uint32_t cAvailable = (offEnd - offStart) / cb; +#ifndef IN_RING3 + if (cAvailable) + cAvailable--; +#endif + uint32_t const cRequested = *pcTransfers; + if (cAvailable > cRequested) + cAvailable = cRequested; + uint32_t const cbTransfer = cAvailable * cb; + uint32_t const offEndThisXfer = offStart + cbTransfer; + if ( offEndThisXfer <= RT_MIN(s->cbIOBuffer, ATA_MAX_IO_BUFFER_SIZE) + && offStart < RT_MIN(s->cbIOBuffer, ATA_MAX_IO_BUFFER_SIZE) /* paranoia */ + && cbTransfer > 0) + { + /* + * Do the transfer. + */ + void *pvDst = &s->abIOBuffer[offStart]; + memcpy(pvDst, pbSrc, cbTransfer); + Log3(("%s: addr=%#x val=%.*Rhxs\n", __FUNCTION__, offPort, cbTransfer, pvDst)); + s->iIOBufferPIODataStart = offEndThisXfer; +#ifdef IN_RING3 + if (offEndThisXfer >= offEnd) + ataHCPIOTransferFinish(pDevIns, pCtl, s); +#endif + *pcTransfers = cRequested - cAvailable; + } + else + Log2(("ataIOPortWriteStr1Data: DUMMY/Overflow!\n")); + } + else + { + Log2(("ataIOPortWriteStr1Data: DUMMY data (%#x bytes)\n", *pcTransfers * cb)); + *pcTransfers = 0; + } + + PDMDevHlpCritSectLeave(pDevIns, &pCtl->lock); + } + } + /* + * Let the non-string I/O callback handle 1 byte reads. + */ + else + { + Log2(("ataIOPortWriteStr1Data: 1 byte write (%#x transfers)\n", *pcTransfers)); + AssertFailed(); + rc = VINF_SUCCESS; + } + + return rc; +} + + +#ifdef IN_RING3 + +static void ataR3DMATransferStop(PATADEVSTATE s) +{ + s->cbTotalTransfer = 0; + s->cbElementaryTransfer = 0; + s->iBeginTransfer = ATAFN_BT_NULL; + s->iSourceSink = ATAFN_SS_NULL; +} + + +/** + * Perform the entire DMA transfer in one go (unless a source/sink operation + * has to be redone or a RESET comes in between). Unlike the PIO counterpart + * this function cannot handle empty transfers. + * + * @param pDevIns The device instance. + * @param pCtl Controller for which to perform the transfer, shared bits. + * @param pCtlR3 The ring-3 controller state. + */ +static void ataR3DMATransfer(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATACONTROLLERR3 pCtlR3) +{ + uint8_t const iAIOIf = pCtl->iAIOIf & ATA_SELECTED_IF_MASK; + PATADEVSTATE s = &pCtl->aIfs[iAIOIf]; + PATADEVSTATER3 pDevR3 = &pCtlR3->aIfs[iAIOIf]; + bool fRedo; + RTGCPHYS32 GCPhysDesc; + uint32_t cbTotalTransfer, cbElementaryTransfer; + uint32_t iIOBufferCur, iIOBufferEnd; + PDMMEDIATXDIR uTxDir; + bool fLastDesc = false; + + Assert(sizeof(BMDMADesc) == 8); + + fRedo = pCtl->fRedo; + if (RT_LIKELY(!fRedo)) + Assert(s->cbTotalTransfer); + uTxDir = (PDMMEDIATXDIR)s->uTxDir; + cbTotalTransfer = s->cbTotalTransfer; + cbElementaryTransfer = RT_MIN(s->cbElementaryTransfer, sizeof(s->abIOBuffer)); + iIOBufferEnd = RT_MIN(s->iIOBufferEnd, sizeof(s->abIOBuffer)); + iIOBufferCur = RT_MIN(RT_MIN(s->iIOBufferCur, sizeof(s->abIOBuffer)), iIOBufferEnd); + + /* The DMA loop is designed to hold the lock only when absolutely + * necessary. This avoids long freezes should the guest access the + * ATA registers etc. for some reason. */ + ataR3LockLeave(pDevIns, pCtl); + + Log2(("%s: %s tx_size=%d elem_tx_size=%d index=%d end=%d\n", + __FUNCTION__, uTxDir == PDMMEDIATXDIR_FROM_DEVICE ? "T2I" : "I2T", + cbTotalTransfer, cbElementaryTransfer, + iIOBufferCur, iIOBufferEnd)); + for (GCPhysDesc = pCtl->GCPhysFirstDMADesc; + GCPhysDesc <= pCtl->GCPhysLastDMADesc; + GCPhysDesc += sizeof(BMDMADesc)) + { + BMDMADesc DMADesc; + RTGCPHYS32 GCPhysBuffer; + uint32_t cbBuffer; + + if (RT_UNLIKELY(fRedo)) + { + GCPhysBuffer = pCtl->GCPhysRedoDMABuffer; + cbBuffer = pCtl->cbRedoDMABuffer; + fLastDesc = pCtl->fRedoDMALastDesc; + DMADesc.GCPhysBuffer = DMADesc.cbBuffer = 0; /* Shut up MSC. */ + } + else + { + PDMDevHlpPCIPhysReadMeta(pDevIns, GCPhysDesc, &DMADesc, sizeof(BMDMADesc)); + GCPhysBuffer = RT_LE2H_U32(DMADesc.GCPhysBuffer); + cbBuffer = RT_LE2H_U32(DMADesc.cbBuffer); + fLastDesc = RT_BOOL(cbBuffer & UINT32_C(0x80000000)); + cbBuffer &= 0xfffe; + if (cbBuffer == 0) + cbBuffer = 0x10000; + if (cbBuffer > cbTotalTransfer) + cbBuffer = cbTotalTransfer; + } + + while (RT_UNLIKELY(fRedo) || (cbBuffer && cbTotalTransfer)) + { + if (RT_LIKELY(!fRedo)) + { + uint32_t cbXfer = RT_MIN(RT_MIN(cbBuffer, iIOBufferEnd - iIOBufferCur), + sizeof(s->abIOBuffer) - RT_MIN(iIOBufferCur, sizeof(s->abIOBuffer))); + Log2(("%s: DMA desc %#010x: addr=%#010x size=%#010x orig_size=%#010x\n", __FUNCTION__, + (int)GCPhysDesc, GCPhysBuffer, cbBuffer, RT_LE2H_U32(DMADesc.cbBuffer) & 0xfffe)); + + if (uTxDir == PDMMEDIATXDIR_FROM_DEVICE) + PDMDevHlpPCIPhysWriteUser(pDevIns, GCPhysBuffer, &s->abIOBuffer[iIOBufferCur], cbXfer); + else + PDMDevHlpPCIPhysReadUser(pDevIns, GCPhysBuffer, &s->abIOBuffer[iIOBufferCur], cbXfer); + + iIOBufferCur += cbXfer; + cbTotalTransfer -= cbXfer; + cbBuffer -= cbXfer; + GCPhysBuffer += cbXfer; + } + if ( iIOBufferCur == iIOBufferEnd + && (uTxDir == PDMMEDIATXDIR_TO_DEVICE || cbTotalTransfer)) + { + if (uTxDir == PDMMEDIATXDIR_FROM_DEVICE && cbElementaryTransfer > cbTotalTransfer) + cbElementaryTransfer = cbTotalTransfer; + + ataR3LockEnter(pDevIns, pCtl); + + /* The RESET handler could have cleared the DMA transfer + * state (since we didn't hold the lock until just now + * the guest can continue in parallel). If so, the state + * is already set up so the loop is exited immediately. */ + uint8_t const iSourceSink = s->iSourceSink; + if ( iSourceSink != ATAFN_SS_NULL + && iSourceSink < RT_ELEMENTS(g_apfnSourceSinkFuncs)) + { + s->iIOBufferCur = iIOBufferCur; + s->iIOBufferEnd = iIOBufferEnd; + s->cbElementaryTransfer = cbElementaryTransfer; + s->cbTotalTransfer = cbTotalTransfer; + Log2(("%s: calling source/sink function\n", __FUNCTION__)); + fRedo = g_apfnSourceSinkFuncs[iSourceSink](pDevIns, pCtl, s, pDevR3); + if (RT_UNLIKELY(fRedo)) + { + pCtl->GCPhysFirstDMADesc = GCPhysDesc; + pCtl->GCPhysRedoDMABuffer = GCPhysBuffer; + pCtl->cbRedoDMABuffer = cbBuffer; + pCtl->fRedoDMALastDesc = fLastDesc; + } + else + { + cbTotalTransfer = s->cbTotalTransfer; + cbElementaryTransfer = s->cbElementaryTransfer; + + if (uTxDir == PDMMEDIATXDIR_TO_DEVICE && cbElementaryTransfer > cbTotalTransfer) + cbElementaryTransfer = cbTotalTransfer; + iIOBufferCur = 0; + iIOBufferEnd = RT_MIN(cbElementaryTransfer, sizeof(s->abIOBuffer)); + } + pCtl->fRedo = fRedo; + } + else + { + /* This forces the loop to exit immediately. */ + Assert(iSourceSink == ATAFN_SS_NULL); + GCPhysDesc = pCtl->GCPhysLastDMADesc + 1; + } + + ataR3LockLeave(pDevIns, pCtl); + if (RT_UNLIKELY(fRedo)) + break; + } + } + + if (RT_UNLIKELY(fRedo)) + break; + + /* end of transfer */ + if (!cbTotalTransfer || fLastDesc) + break; + + ataR3LockEnter(pDevIns, pCtl); + + if (!(pCtl->BmDma.u8Cmd & BM_CMD_START) || pCtl->fReset) + { + LogRel(("PIIX3 ATA: Ctl#%d: ABORT DMA%s\n", pCtl->iCtl, pCtl->fReset ? " due to RESET" : "")); + if (!pCtl->fReset) + ataR3DMATransferStop(s); + /* This forces the loop to exit immediately. */ + GCPhysDesc = pCtl->GCPhysLastDMADesc + 1; + } + + ataR3LockLeave(pDevIns, pCtl); + } + + ataR3LockEnter(pDevIns, pCtl); + if (RT_UNLIKELY(fRedo)) + return; + + if (fLastDesc) + pCtl->BmDma.u8Status &= ~BM_STATUS_DMAING; + s->cbTotalTransfer = cbTotalTransfer; + s->cbElementaryTransfer = cbElementaryTransfer; + s->iIOBufferCur = iIOBufferCur; + s->iIOBufferEnd = iIOBufferEnd; +} + +/** + * Signal PDM that we're idle (if we actually are). + * + * @param pDevIns The device instance. + * @param pCtl The shared controller state. + * @param pCtlR3 The ring-3 controller state. + */ +static void ataR3AsyncSignalIdle(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, PATACONTROLLERR3 pCtlR3) +{ + /* + * Take the lock here and recheck the idle indicator to avoid + * unnecessary work and racing ataR3WaitForAsyncIOIsIdle. + */ + int rc = PDMDevHlpCritSectEnter(pDevIns, &pCtl->AsyncIORequestLock, VINF_SUCCESS); + PDM_CRITSECT_RELEASE_ASSERT_RC_DEV(pDevIns, &pCtl->AsyncIORequestLock, rc); + + if ( pCtlR3->fSignalIdle + && ataR3AsyncIOIsIdle(pDevIns, pCtl, false /*fStrict*/)) + { + PDMDevHlpAsyncNotificationCompleted(pDevIns); + RTThreadUserSignal(pCtlR3->hAsyncIOThread); /* for ataR3Construct/ataR3ResetCommon. */ + } + + rc = PDMDevHlpCritSectLeave(pDevIns, &pCtl->AsyncIORequestLock); + AssertRC(rc); +} + +/** + * Async I/O thread for an interface. + * + * Once upon a time this was readable code with several loops and a different + * semaphore for each purpose. But then came the "how can one save the state in + * the middle of a PIO transfer" question. The solution was to use an ASM, + * which is what's there now. + */ +static DECLCALLBACK(int) ataR3AsyncIOThread(RTTHREAD hThreadSelf, void *pvUser) +{ + PATACONTROLLERR3 const pCtlR3 = (PATACONTROLLERR3)pvUser; + PPDMDEVINSR3 const pDevIns = pCtlR3->pDevIns; + PATASTATE const pThis = PDMDEVINS_2_DATA(pDevIns, PATASTATE); + PATASTATER3 const pThisCC = PDMDEVINS_2_DATA_CC(pDevIns, PATASTATER3); + uintptr_t const iCtl = pCtlR3 - &pThisCC->aCts[0]; + PATACONTROLLER const pCtl = &RT_SAFE_SUBSCRIPT(pThis->aCts, iCtl); + int rc = VINF_SUCCESS; + uint64_t u64TS = 0; /* shut up gcc */ + uint64_t uWait; + const ATARequest *pReq; + RT_NOREF(hThreadSelf); + Assert(pCtl->iCtl == pCtlR3->iCtl); + + pReq = NULL; + pCtl->fChainedTransfer = false; + while (!pCtlR3->fShutdown) + { + /* Keep this thread from doing anything as long as EMT is suspended. */ + while (pCtl->fRedoIdle) + { + if (pCtlR3->fSignalIdle) + ataR3AsyncSignalIdle(pDevIns, pCtl, pCtlR3); + rc = RTSemEventWait(pCtlR3->hSuspendIOSem, RT_INDEFINITE_WAIT); + /* Continue if we got a signal by RTThreadPoke(). + * We will get notified if there is a request to process. + */ + if (RT_UNLIKELY(rc == VERR_INTERRUPTED)) + continue; + if (RT_FAILURE(rc) || pCtlR3->fShutdown) + break; + + pCtl->fRedoIdle = false; + } + + /* Wait for work. */ + while (pReq == NULL) + { + if (pCtlR3->fSignalIdle) + ataR3AsyncSignalIdle(pDevIns, pCtl, pCtlR3); + rc = PDMDevHlpSUPSemEventWaitNoResume(pDevIns, pCtl->hAsyncIOSem, RT_INDEFINITE_WAIT); + /* Continue if we got a signal by RTThreadPoke(). + * We will get notified if there is a request to process. + */ + if (RT_UNLIKELY(rc == VERR_INTERRUPTED)) + continue; + if (RT_FAILURE(rc) || RT_UNLIKELY(pCtlR3->fShutdown)) + break; + + pReq = ataR3AsyncIOGetCurrentRequest(pDevIns, pCtl); + } + + if (RT_FAILURE(rc) || pCtlR3->fShutdown) + break; + + if (pReq == NULL) + continue; + + ATAAIO ReqType = pReq->ReqType; + + Log2(("%s: Ctl#%d: state=%d, req=%d\n", __FUNCTION__, pCtl->iCtl, pCtl->uAsyncIOState, ReqType)); + if (pCtl->uAsyncIOState != ReqType) + { + /* The new state is not the state that was expected by the normal + * state changes. This is either a RESET/ABORT or there's something + * really strange going on. */ + if ( (pCtl->uAsyncIOState == ATA_AIO_PIO || pCtl->uAsyncIOState == ATA_AIO_DMA) + && (ReqType == ATA_AIO_PIO || ReqType == ATA_AIO_DMA)) + { + /* Incorrect sequence of PIO/DMA states. Dump request queue. */ + ataR3AsyncIODumpRequests(pDevIns, pCtl); + } + AssertReleaseMsg( ReqType == ATA_AIO_RESET_ASSERTED + || ReqType == ATA_AIO_RESET_CLEARED + || ReqType == ATA_AIO_ABORT + || pCtl->uAsyncIOState == ReqType, + ("I/O state inconsistent: state=%d request=%d\n", pCtl->uAsyncIOState, ReqType)); + } + + /* Do our work. */ + ataR3LockEnter(pDevIns, pCtl); + + if (pCtl->uAsyncIOState == ATA_AIO_NEW && !pCtl->fChainedTransfer) + { + u64TS = RTTimeNanoTS(); +#if defined(DEBUG) || defined(VBOX_WITH_STATISTICS) + STAM_PROFILE_ADV_START(&pCtl->StatAsyncTime, a); +#endif + } + + switch (ReqType) + { + case ATA_AIO_NEW: + { + uint8_t const iIf = pReq->u.t.iIf & ATA_SELECTED_IF_MASK; + pCtl->iAIOIf = iIf; + PATADEVSTATE s = &pCtl->aIfs[iIf]; + PATADEVSTATER3 pDevR3 = &pCtlR3->aIfs[iIf]; + + s->cbTotalTransfer = pReq->u.t.cbTotalTransfer; + s->uTxDir = pReq->u.t.uTxDir; + s->iBeginTransfer = pReq->u.t.iBeginTransfer; + s->iSourceSink = pReq->u.t.iSourceSink; + s->iIOBufferEnd = 0; + s->u64CmdTS = u64TS; + + if (s->fATAPI) + { + if (pCtl->fChainedTransfer) + { + /* Only count the actual transfers, not the PIO + * transfer of the ATAPI command bytes. */ + if (s->fDMA) + STAM_REL_COUNTER_INC(&s->StatATAPIDMA); + else + STAM_REL_COUNTER_INC(&s->StatATAPIPIO); + } + } + else + { + if (s->fDMA) + STAM_REL_COUNTER_INC(&s->StatATADMA); + else + STAM_REL_COUNTER_INC(&s->StatATAPIO); + } + + pCtl->fChainedTransfer = false; + + uint8_t const iBeginTransfer = s->iBeginTransfer; + if ( iBeginTransfer != ATAFN_BT_NULL + && iBeginTransfer < RT_ELEMENTS(g_apfnBeginTransFuncs)) + { + Log2(("%s: Ctl#%d: calling begin transfer function\n", __FUNCTION__, pCtl->iCtl)); + g_apfnBeginTransFuncs[iBeginTransfer](pCtl, s); + s->iBeginTransfer = ATAFN_BT_NULL; + if (s->uTxDir != PDMMEDIATXDIR_FROM_DEVICE) + s->iIOBufferEnd = s->cbElementaryTransfer; + } + else + { + Assert(iBeginTransfer == ATAFN_BT_NULL); + s->cbElementaryTransfer = s->cbTotalTransfer; + s->iIOBufferEnd = s->cbTotalTransfer; + } + s->iIOBufferCur = 0; + + if (s->uTxDir != PDMMEDIATXDIR_TO_DEVICE) + { + uint8_t const iSourceSink = s->iSourceSink; + if ( iSourceSink != ATAFN_SS_NULL + && iSourceSink < RT_ELEMENTS(g_apfnSourceSinkFuncs)) + { + bool fRedo; + Log2(("%s: Ctl#%d: calling source/sink function\n", __FUNCTION__, pCtl->iCtl)); + fRedo = g_apfnSourceSinkFuncs[iSourceSink](pDevIns, pCtl, s, pDevR3); + pCtl->fRedo = fRedo; + if (RT_UNLIKELY(fRedo && !pCtl->fReset)) + { + /* Operation failed at the initial transfer, restart + * everything from scratch by resending the current + * request. Occurs very rarely, not worth optimizing. */ + LogRel(("%s: Ctl#%d: redo entire operation\n", __FUNCTION__, pCtl->iCtl)); + ataHCAsyncIOPutRequest(pDevIns, pCtl, pReq); + break; + } + } + else + { + Assert(iSourceSink == ATAFN_SS_NULL); + ataR3CmdOK(pCtl, s, ATA_STAT_SEEK); + } + s->iIOBufferEnd = s->cbElementaryTransfer; + + } + + /* Do not go into the transfer phase if RESET is asserted. + * The CritSect is released while waiting for the host OS + * to finish the I/O, thus RESET is possible here. Most + * important: do not change uAsyncIOState. */ + if (pCtl->fReset) + break; + + if (s->fDMA) + { + if (s->cbTotalTransfer) + { + ataSetStatus(pCtl, s, ATA_STAT_DRQ); + + pCtl->uAsyncIOState = ATA_AIO_DMA; + /* If BMDMA is already started, do the transfer now. */ + if (pCtl->BmDma.u8Cmd & BM_CMD_START) + { + Log2(("%s: Ctl#%d: message to async I/O thread, continuing DMA transfer immediately\n", __FUNCTION__, pCtl->iCtl)); + ataHCAsyncIOPutRequest(pDevIns, pCtl, &g_ataDMARequest); + } + } + else + { + Assert(s->uTxDir == PDMMEDIATXDIR_NONE); /* Any transfer which has an initial transfer size of 0 must be marked as such. */ + /* Finish DMA transfer. */ + ataR3DMATransferStop(s); + ataHCSetIRQ(pDevIns, pCtl, s); + pCtl->uAsyncIOState = ATA_AIO_NEW; + } + } + else + { + if (s->cbTotalTransfer) + { + ataHCPIOTransfer(pDevIns, pCtl); + Assert(!pCtl->fRedo); + if (s->fATAPITransfer || s->uTxDir != PDMMEDIATXDIR_TO_DEVICE) + ataHCSetIRQ(pDevIns, pCtl, s); + + if (s->uTxDir == PDMMEDIATXDIR_TO_DEVICE || s->iSourceSink != ATAFN_SS_NULL) + { + /* Write operations and not yet finished transfers + * must be completed in the async I/O thread. */ + pCtl->uAsyncIOState = ATA_AIO_PIO; + } + else + { + /* Finished read operation can be handled inline + * in the end of PIO transfer handling code. Linux + * depends on this, as it waits only briefly for + * devices to become ready after incoming data + * transfer. Cannot find anything in the ATA spec + * that backs this assumption, but as all kernels + * are affected (though most of the time it does + * not cause any harm) this must work. */ + pCtl->uAsyncIOState = ATA_AIO_NEW; + } + } + else + { + Assert(s->uTxDir == PDMMEDIATXDIR_NONE); /* Any transfer which has an initial transfer size of 0 must be marked as such. */ + /* Finish PIO transfer. */ + ataHCPIOTransfer(pDevIns, pCtl); + Assert(!pCtl->fRedo); + if (!s->fATAPITransfer) + ataHCSetIRQ(pDevIns, pCtl, s); + pCtl->uAsyncIOState = ATA_AIO_NEW; + } + } + break; + } + + case ATA_AIO_DMA: + { + BMDMAState *bm = &pCtl->BmDma; + PATADEVSTATE s = &pCtl->aIfs[pCtl->iAIOIf & ATA_SELECTED_IF_MASK]; + ATAFNSS iOriginalSourceSink = (ATAFNSS)s->iSourceSink; /* Used by the hack below, but gets reset by then. */ + + if (s->uTxDir == PDMMEDIATXDIR_FROM_DEVICE) + AssertRelease(bm->u8Cmd & BM_CMD_WRITE); + else + AssertRelease(!(bm->u8Cmd & BM_CMD_WRITE)); + + if (RT_LIKELY(!pCtl->fRedo)) + { + /* The specs say that the descriptor table must not cross a + * 4K boundary. */ + pCtl->GCPhysFirstDMADesc = bm->GCPhysAddr; + pCtl->GCPhysLastDMADesc = RT_ALIGN_32(bm->GCPhysAddr + 1, _4K) - sizeof(BMDMADesc); + } + ataR3DMATransfer(pDevIns, pCtl, pCtlR3); + + if (RT_UNLIKELY(pCtl->fRedo && !pCtl->fReset)) + { + LogRel(("PIIX3 ATA: Ctl#%d: redo DMA operation\n", pCtl->iCtl)); + ataHCAsyncIOPutRequest(pDevIns, pCtl, &g_ataDMARequest); + break; + } + + /* The infamous delay IRQ hack. */ + if ( iOriginalSourceSink == ATAFN_SS_WRITE_SECTORS + && s->cbTotalTransfer == 0 + && pCtl->msDelayIRQ) + { + /* Delay IRQ for writing. Required to get the Win2K + * installation work reliably (otherwise it crashes, + * usually during component install). So far no better + * solution has been found. */ + Log(("%s: delay IRQ hack\n", __FUNCTION__)); + ataR3LockLeave(pDevIns, pCtl); + RTThreadSleep(pCtl->msDelayIRQ); + ataR3LockEnter(pDevIns, pCtl); + } + + ataUnsetStatus(pCtl, s, ATA_STAT_DRQ); + Assert(!pCtl->fChainedTransfer); + Assert(s->iSourceSink == ATAFN_SS_NULL); + if (s->fATAPITransfer) + { + s->uATARegNSector = (s->uATARegNSector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD; + Log2(("%s: Ctl#%d: interrupt reason %#04x\n", __FUNCTION__, pCtl->iCtl, s->uATARegNSector)); + s->fATAPITransfer = false; + } + ataHCSetIRQ(pDevIns, pCtl, s); + pCtl->uAsyncIOState = ATA_AIO_NEW; + break; + } + + case ATA_AIO_PIO: + { + uint8_t const iIf = pCtl->iAIOIf & ATA_SELECTED_IF_MASK; + pCtl->iAIOIf = iIf; + PATADEVSTATE s = &pCtl->aIfs[iIf]; + PATADEVSTATER3 pDevR3 = &pCtlR3->aIfs[iIf]; + + uint8_t const iSourceSink = s->iSourceSink; + if ( iSourceSink != ATAFN_SS_NULL + && iSourceSink < RT_ELEMENTS(g_apfnSourceSinkFuncs)) + { + bool fRedo; + Log2(("%s: Ctl#%d: calling source/sink function\n", __FUNCTION__, pCtl->iCtl)); + fRedo = g_apfnSourceSinkFuncs[iSourceSink](pDevIns, pCtl, s, pDevR3); + pCtl->fRedo = fRedo; + if (RT_UNLIKELY(fRedo && !pCtl->fReset)) + { + LogRel(("PIIX3 ATA: Ctl#%d: redo PIO operation\n", pCtl->iCtl)); + ataHCAsyncIOPutRequest(pDevIns, pCtl, &g_ataPIORequest); + break; + } + s->iIOBufferCur = 0; + s->iIOBufferEnd = s->cbElementaryTransfer; + } + else + { + /* Continue a previously started transfer. */ + Assert(iSourceSink == ATAFN_SS_NULL); + ataUnsetStatus(pCtl, s, ATA_STAT_BUSY); + ataSetStatus(pCtl, s, ATA_STAT_READY); + } + + /* It is possible that the drives on this controller get RESET + * during the above call to the source/sink function. If that's + * the case, don't restart the transfer and don't finish it the + * usual way. RESET handling took care of all that already. + * Most important: do not change uAsyncIOState. */ + if (pCtl->fReset) + break; + + if (s->cbTotalTransfer) + { + ataHCPIOTransfer(pDevIns, pCtl); + ataHCSetIRQ(pDevIns, pCtl, s); + + if (s->uTxDir == PDMMEDIATXDIR_TO_DEVICE || s->iSourceSink != ATAFN_SS_NULL) + { + /* Write operations and not yet finished transfers + * must be completed in the async I/O thread. */ + pCtl->uAsyncIOState = ATA_AIO_PIO; + } + else + { + /* Finished read operation can be handled inline + * in the end of PIO transfer handling code. Linux + * depends on this, as it waits only briefly for + * devices to become ready after incoming data + * transfer. Cannot find anything in the ATA spec + * that backs this assumption, but as all kernels + * are affected (though most of the time it does + * not cause any harm) this must work. */ + pCtl->uAsyncIOState = ATA_AIO_NEW; + } + } + else + { + /* The infamous delay IRQ hack. */ + if (RT_UNLIKELY(pCtl->msDelayIRQ)) + { + /* Various antique guests have buggy disk drivers silently + * assuming that disk operations take a relatively long time. + * Work around such bugs by holding off interrupts a bit. + */ + Log(("%s: delay IRQ hack (PIO)\n", __FUNCTION__)); + ataR3LockLeave(pDevIns, pCtl); + RTThreadSleep(pCtl->msDelayIRQ); + ataR3LockEnter(pDevIns, pCtl); + } + + /* Finish PIO transfer. */ + ataHCPIOTransfer(pDevIns, pCtl); + if ( !pCtl->fChainedTransfer + && !s->fATAPITransfer + && s->uTxDir != PDMMEDIATXDIR_FROM_DEVICE) + { + ataHCSetIRQ(pDevIns, pCtl, s); + } + pCtl->uAsyncIOState = ATA_AIO_NEW; + } + break; + } + + case ATA_AIO_RESET_ASSERTED: + pCtl->uAsyncIOState = ATA_AIO_RESET_CLEARED; + ataHCPIOTransferStop(pDevIns, pCtl, &pCtl->aIfs[0]); + ataHCPIOTransferStop(pDevIns, pCtl, &pCtl->aIfs[1]); + /* Do not change the DMA registers, they are not affected by the + * ATA controller reset logic. It should be sufficient to issue a + * new command, which is now possible as the state is cleared. */ + break; + + case ATA_AIO_RESET_CLEARED: + pCtl->uAsyncIOState = ATA_AIO_NEW; + pCtl->fReset = false; + /* Ensure that half-completed transfers are not redone. A reset + * cancels the entire transfer, so continuing is wrong. */ + pCtl->fRedo = false; + pCtl->fRedoDMALastDesc = false; + LogRel(("PIIX3 ATA: Ctl#%d: finished processing RESET\n", pCtl->iCtl)); + for (uint32_t i = 0; i < RT_ELEMENTS(pCtl->aIfs); i++) + { + ataR3SetSignature(&pCtl->aIfs[i]); + if (pCtl->aIfs[i].fATAPI) + ataSetStatusValue(pCtl, &pCtl->aIfs[i], 0); /* NOTE: READY is _not_ set */ + else + ataSetStatusValue(pCtl, &pCtl->aIfs[i], ATA_STAT_READY | ATA_STAT_SEEK); + } + break; + + case ATA_AIO_ABORT: + { + /* Abort the current command no matter what. There cannot be + * any command activity on the other drive otherwise using + * one thread per controller wouldn't work at all. */ + PATADEVSTATE s = &pCtl->aIfs[pReq->u.a.iIf & ATA_SELECTED_IF_MASK]; + + pCtl->uAsyncIOState = ATA_AIO_NEW; + /* Do not change the DMA registers, they are not affected by the + * ATA controller reset logic. It should be sufficient to issue a + * new command, which is now possible as the state is cleared. */ + if (pReq->u.a.fResetDrive) + { + ataR3ResetDevice(pDevIns, pCtl, s); + ataR3DeviceDiag(pCtl, s); + } + else + { + /* Stop any pending DMA transfer. */ + s->fDMA = false; + ataHCPIOTransferStop(pDevIns, pCtl, s); + ataUnsetStatus(pCtl, s, ATA_STAT_BUSY | ATA_STAT_DRQ | ATA_STAT_SEEK | ATA_STAT_ERR); + ataSetStatus(pCtl, s, ATA_STAT_READY); + ataHCSetIRQ(pDevIns, pCtl, s); + } + break; + } + + default: + AssertMsgFailed(("Undefined async I/O state %d\n", pCtl->uAsyncIOState)); + } + + ataR3AsyncIORemoveCurrentRequest(pDevIns, pCtl, ReqType); + pReq = ataR3AsyncIOGetCurrentRequest(pDevIns, pCtl); + + if (pCtl->uAsyncIOState == ATA_AIO_NEW && !pCtl->fChainedTransfer) + { +# if defined(DEBUG) || defined(VBOX_WITH_STATISTICS) + STAM_PROFILE_ADV_STOP(&pCtl->StatAsyncTime, a); +# endif + + u64TS = RTTimeNanoTS() - u64TS; + uWait = u64TS / 1000; + uintptr_t const iAIOIf = pCtl->iAIOIf & ATA_SELECTED_IF_MASK; + Log(("%s: Ctl#%d: LUN#%d finished I/O transaction in %d microseconds\n", + __FUNCTION__, pCtl->iCtl, pCtl->aIfs[iAIOIf].iLUN, (uint32_t)(uWait))); + /* Mark command as finished. */ + pCtl->aIfs[iAIOIf].u64CmdTS = 0; + + /* + * Release logging of command execution times depends on the + * command type. ATAPI commands often take longer (due to CD/DVD + * spin up time etc.) so the threshold is different. + */ + if (pCtl->aIfs[iAIOIf].uATARegCommand != ATA_PACKET) + { + if (uWait > 8 * 1000 * 1000) + { + /* + * Command took longer than 8 seconds. This is close + * enough or over the guest's command timeout, so place + * an entry in the release log to allow tracking such + * timing errors (which are often caused by the host). + */ + LogRel(("PIIX3 ATA: execution time for ATA command %#04x was %d seconds\n", + pCtl->aIfs[iAIOIf].uATARegCommand, uWait / (1000 * 1000))); + } + } + else + { + if (uWait > 20 * 1000 * 1000) + { + /* + * Command took longer than 20 seconds. This is close + * enough or over the guest's command timeout, so place + * an entry in the release log to allow tracking such + * timing errors (which are often caused by the host). + */ + LogRel(("PIIX3 ATA: execution time for ATAPI command %#04x was %d seconds\n", + pCtl->aIfs[iAIOIf].abATAPICmd[0], uWait / (1000 * 1000))); + } + } + +# if defined(DEBUG) || defined(VBOX_WITH_STATISTICS) + if (uWait < pCtl->StatAsyncMinWait || !pCtl->StatAsyncMinWait) + pCtl->StatAsyncMinWait = uWait; + if (uWait > pCtl->StatAsyncMaxWait) + pCtl->StatAsyncMaxWait = uWait; + + STAM_COUNTER_ADD(&pCtl->StatAsyncTimeUS, uWait); + STAM_COUNTER_INC(&pCtl->StatAsyncOps); +# endif /* DEBUG || VBOX_WITH_STATISTICS */ + } + + ataR3LockLeave(pDevIns, pCtl); + } + + /* Signal the ultimate idleness. */ + RTThreadUserSignal(pCtlR3->hAsyncIOThread); + if (pCtlR3->fSignalIdle) + PDMDevHlpAsyncNotificationCompleted(pDevIns); + + /* Cleanup the state. */ + /* Do not destroy request lock yet, still needed for proper shutdown. */ + pCtlR3->fShutdown = false; + + Log2(("%s: Ctl#%d: return %Rrc\n", __FUNCTION__, pCtl->iCtl, rc)); + return rc; +} + +#endif /* IN_RING3 */ + +static uint32_t ataBMDMACmdReadB(PATACONTROLLER pCtl, uint32_t addr) +{ + uint32_t val = pCtl->BmDma.u8Cmd; + RT_NOREF(addr); + Log2(("%s: addr=%#06x val=%#04x\n", __FUNCTION__, addr, val)); + return val; +} + + +static void ataBMDMACmdWriteB(PPDMDEVINS pDevIns, PATACONTROLLER pCtl, uint32_t addr, uint32_t val) +{ + RT_NOREF(pDevIns, addr); + Log2(("%s: addr=%#06x val=%#04x\n", __FUNCTION__, addr, val)); + if (!(val & BM_CMD_START)) + { + pCtl->BmDma.u8Status &= ~BM_STATUS_DMAING; + pCtl->BmDma.u8Cmd = val & (BM_CMD_START | BM_CMD_WRITE); + } + else + { +#ifndef IN_RC + /* Check whether the guest OS wants to change DMA direction in + * mid-flight. Not allowed, according to the PIIX3 specs. */ + Assert(!(pCtl->BmDma.u8Status & BM_STATUS_DMAING) || !((val ^ pCtl->BmDma.u8Cmd) & 0x04)); + uint8_t uOldBmDmaStatus = pCtl->BmDma.u8Status; + pCtl->BmDma.u8Status |= BM_STATUS_DMAING; + pCtl->BmDma.u8Cmd = val & (BM_CMD_START | BM_CMD_WRITE); + + /* Do not continue DMA transfers while the RESET line is asserted. */ + if (pCtl->fReset) + { + Log2(("%s: Ctl#%d: suppressed continuing DMA transfer as RESET is active\n", __FUNCTION__, pCtl->iCtl)); + return; + } + + /* Do not start DMA transfers if there's a PIO transfer going on, + * or if there is already a transfer started on this controller. */ + if ( !pCtl->aIfs[pCtl->iSelectedIf & ATA_SELECTED_IF_MASK].fDMA + || (uOldBmDmaStatus & BM_STATUS_DMAING)) + return; + + if (pCtl->aIfs[pCtl->iAIOIf & ATA_SELECTED_IF_MASK].uATARegStatus & ATA_STAT_DRQ) + { + Log2(("%s: Ctl#%d: message to async I/O thread, continuing DMA transfer\n", __FUNCTION__, pCtl->iCtl)); + ataHCAsyncIOPutRequest(pDevIns, pCtl, &g_ataDMARequest); + } +#else /* !IN_RING3 */ + AssertMsgFailed(("DMA START handling is too complicated for RC\n")); +#endif /* IN_RING3 */ + } +} + +static uint32_t ataBMDMAStatusReadB(PATACONTROLLER pCtl, uint32_t addr) +{ + uint32_t val = pCtl->BmDma.u8Status; + RT_NOREF(addr); + Log2(("%s: addr=%#06x val=%#04x\n", __FUNCTION__, addr, val)); + return val; +} + +static void ataBMDMAStatusWriteB(PATACONTROLLER pCtl, uint32_t addr, uint32_t val) +{ + RT_NOREF(addr); + Log2(("%s: addr=%#06x val=%#04x\n", __FUNCTION__, addr, val)); + pCtl->BmDma.u8Status = (val & (BM_STATUS_D0DMA | BM_STATUS_D1DMA)) + | (pCtl->BmDma.u8Status & BM_STATUS_DMAING) + | (pCtl->BmDma.u8Status & ~val & (BM_STATUS_ERROR | BM_STATUS_INT)); +} + +static uint32_t ataBMDMAAddrReadL(PATACONTROLLER pCtl, uint32_t addr) +{ + uint32_t val = (uint32_t)pCtl->BmDma.GCPhysAddr; + RT_NOREF(addr); + Log2(("%s: addr=%#06x val=%#010x\n", __FUNCTION__, addr, val)); + return val; +} + +static void ataBMDMAAddrWriteL(PATACONTROLLER pCtl, uint32_t addr, uint32_t val) +{ + RT_NOREF(addr); + Log2(("%s: addr=%#06x val=%#010x\n", __FUNCTION__, addr, val)); + pCtl->BmDma.GCPhysAddr = val & ~3; +} + +static void ataBMDMAAddrWriteLowWord(PATACONTROLLER pCtl, uint32_t addr, uint32_t val) +{ + RT_NOREF(addr); + Log2(("%s: addr=%#06x val=%#010x\n", __FUNCTION__, addr, val)); + pCtl->BmDma.GCPhysAddr = (pCtl->BmDma.GCPhysAddr & 0xFFFF0000) | RT_LOWORD(val & ~3); + +} + +static void ataBMDMAAddrWriteHighWord(PATACONTROLLER pCtl, uint32_t addr, uint32_t val) +{ + Log2(("%s: addr=%#06x val=%#010x\n", __FUNCTION__, addr, val)); + RT_NOREF(addr); + pCtl->BmDma.GCPhysAddr = (RT_LOWORD(val) << 16) | RT_LOWORD(pCtl->BmDma.GCPhysAddr); +} + +/** Helper for ataBMDMAIOPortRead and ataBMDMAIOPortWrite. */ +#define VAL(port, size) ( ((port) & BM_DMA_CTL_IOPORTS_MASK) | ((size) << BM_DMA_CTL_IOPORTS_SHIFT) ) + +/** + * @callback_method_impl{FNIOMIOPORTNEWOUT, + * Port I/O Handler for bus-master DMA IN operations - both controllers.} + */ +static DECLCALLBACK(VBOXSTRICTRC) +ataBMDMAIOPortRead(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT offPort, uint32_t *pu32, unsigned cb) +{ + PATASTATE pThis = PDMDEVINS_2_DATA(pDevIns, PATASTATE); + PATACONTROLLER pCtl = &RT_SAFE_SUBSCRIPT(pThis->aCts, (offPort >> BM_DMA_CTL_IOPORTS_SHIFT)); + RT_NOREF(pvUser); + + VBOXSTRICTRC rc = PDMDevHlpCritSectEnter(pDevIns, &pCtl->lock, VINF_IOM_R3_IOPORT_READ); + if (rc == VINF_SUCCESS) + { + switch (VAL(offPort, cb)) + { + case VAL(0, 1): *pu32 = ataBMDMACmdReadB(pCtl, offPort); break; + case VAL(0, 2): *pu32 = ataBMDMACmdReadB(pCtl, offPort); break; + case VAL(2, 1): *pu32 = ataBMDMAStatusReadB(pCtl, offPort); break; + case VAL(2, 2): *pu32 = ataBMDMAStatusReadB(pCtl, offPort); break; + case VAL(4, 4): *pu32 = ataBMDMAAddrReadL(pCtl, offPort); break; + case VAL(0, 4): + /* The SCO OpenServer tries to read 4 bytes starting from offset 0. */ + *pu32 = ataBMDMACmdReadB(pCtl, offPort) | (ataBMDMAStatusReadB(pCtl, offPort) << 16); + break; + default: + ASSERT_GUEST_MSG_FAILED(("Unsupported read from port %x size=%d\n", offPort, cb)); + rc = VERR_IOM_IOPORT_UNUSED; + break; + } + PDMDevHlpCritSectLeave(pDevIns, &pCtl->lock); + } + return rc; +} + +/** + * @callback_method_impl{FNIOMIOPORTNEWOUT, + * Port I/O Handler for bus-master DMA OUT operations - both controllers.} + */ +static DECLCALLBACK(VBOXSTRICTRC) +ataBMDMAIOPortWrite(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT offPort, uint32_t u32, unsigned cb) +{ + PATASTATE pThis = PDMDEVINS_2_DATA(pDevIns, PATASTATE); + PATACONTROLLER pCtl = &RT_SAFE_SUBSCRIPT(pThis->aCts, (offPort >> BM_DMA_CTL_IOPORTS_SHIFT)); + RT_NOREF(pvUser); + + VBOXSTRICTRC rc = PDMDevHlpCritSectEnter(pDevIns, &pCtl->lock, VINF_IOM_R3_IOPORT_WRITE); + if (rc == VINF_SUCCESS) + { + switch (VAL(offPort, cb)) + { + case VAL(0, 1): +#ifdef IN_RC + if (u32 & BM_CMD_START) + { + rc = VINF_IOM_R3_IOPORT_WRITE; + break; + } +#endif + ataBMDMACmdWriteB(pDevIns, pCtl, offPort, u32); + break; + case VAL(2, 1): ataBMDMAStatusWriteB(pCtl, offPort, u32); break; + case VAL(4, 4): ataBMDMAAddrWriteL(pCtl, offPort, u32); break; + case VAL(4, 2): ataBMDMAAddrWriteLowWord(pCtl, offPort, u32); break; + case VAL(6, 2): ataBMDMAAddrWriteHighWord(pCtl, offPort, u32); break; + default: + ASSERT_GUEST_MSG_FAILED(("Unsupported write to port %x size=%d val=%x\n", offPort, cb, u32)); + break; + } + PDMDevHlpCritSectLeave(pDevIns, &pCtl->lock); + } + return rc; +} + +#undef VAL + +#ifdef IN_RING3 + +/* -=-=-=-=-=- ATASTATE::IBase -=-=-=-=-=- */ + +/** + * @interface_method_impl{PDMIBASE,pfnQueryInterface} + */ +static DECLCALLBACK(void *) ataR3Status_QueryInterface(PPDMIBASE pInterface, const char *pszIID) +{ + PATASTATER3 pThisCC = RT_FROM_MEMBER(pInterface, ATASTATER3, IBase); + PDMIBASE_RETURN_INTERFACE(pszIID, PDMIBASE, &pThisCC->IBase); + PDMIBASE_RETURN_INTERFACE(pszIID, PDMILEDPORTS, &pThisCC->ILeds); + return NULL; +} + + +/* -=-=-=-=-=- ATASTATE::ILeds -=-=-=-=-=- */ + +/** + * Gets the pointer to the status LED of a unit. + * + * @returns VBox status code. + * @param pInterface Pointer to the interface structure containing the called function pointer. + * @param iLUN The unit which status LED we desire. + * @param ppLed Where to store the LED pointer. + */ +static DECLCALLBACK(int) ataR3Status_QueryStatusLed(PPDMILEDPORTS pInterface, unsigned iLUN, PPDMLED *ppLed) +{ + if (iLUN < 4) + { + PATASTATER3 pThisCC = RT_FROM_MEMBER(pInterface, ATASTATER3, ILeds); + PATASTATE pThis = PDMDEVINS_2_DATA(pThisCC->pDevIns, PATASTATE); + switch (iLUN) + { + case 0: *ppLed = &pThis->aCts[0].aIfs[0].Led; break; + case 1: *ppLed = &pThis->aCts[0].aIfs[1].Led; break; + case 2: *ppLed = &pThis->aCts[1].aIfs[0].Led; break; + case 3: *ppLed = &pThis->aCts[1].aIfs[1].Led; break; + } + Assert((*ppLed)->u32Magic == PDMLED_MAGIC); + return VINF_SUCCESS; + } + return VERR_PDM_LUN_NOT_FOUND; +} + + +/* -=-=-=-=-=- ATADEVSTATE::IBase -=-=-=-=-=- */ + +/** + * @interface_method_impl{PDMIBASE,pfnQueryInterface} + */ +static DECLCALLBACK(void *) ataR3QueryInterface(PPDMIBASE pInterface, const char *pszIID) +{ + PATADEVSTATER3 pIfR3 = RT_FROM_MEMBER(pInterface, ATADEVSTATER3, IBase); + PDMIBASE_RETURN_INTERFACE(pszIID, PDMIBASE, &pIfR3->IBase); + PDMIBASE_RETURN_INTERFACE(pszIID, PDMIMEDIAPORT, &pIfR3->IPort); + PDMIBASE_RETURN_INTERFACE(pszIID, PDMIMOUNTNOTIFY, &pIfR3->IMountNotify); + return NULL; +} + + +/* -=-=-=-=-=- ATADEVSTATE::IPort -=-=-=-=-=- */ + +/** + * @interface_method_impl{PDMIMEDIAPORT,pfnQueryDeviceLocation} + */ +static DECLCALLBACK(int) ataR3QueryDeviceLocation(PPDMIMEDIAPORT pInterface, const char **ppcszController, + uint32_t *piInstance, uint32_t *piLUN) +{ + PATADEVSTATER3 pIfR3 = RT_FROM_MEMBER(pInterface, ATADEVSTATER3, IPort); + PPDMDEVINS pDevIns = pIfR3->pDevIns; + + AssertPtrReturn(ppcszController, VERR_INVALID_POINTER); + AssertPtrReturn(piInstance, VERR_INVALID_POINTER); + AssertPtrReturn(piLUN, VERR_INVALID_POINTER); + + *ppcszController = pDevIns->pReg->szName; + *piInstance = pDevIns->iInstance; + *piLUN = pIfR3->iLUN; + + return VINF_SUCCESS; +} + +#endif /* IN_RING3 */ + +/* -=-=-=-=-=- Wrappers -=-=-=-=-=- */ + + +/** + * @callback_method_impl{FNIOMIOPORTNEWOUT, + * Port I/O Handler for OUT operations on unpopulated IDE channels.} + * @note offPort is an absolute port number! + */ +static DECLCALLBACK(VBOXSTRICTRC) +ataIOPortWriteEmptyBus(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT offPort, uint32_t u32, unsigned cb) +{ + RT_NOREF(pDevIns, pvUser, offPort, u32, cb); + +#ifdef VBOX_STRICT + PATASTATE pThis = PDMDEVINS_2_DATA(pDevIns, PATASTATE); + PATACONTROLLER pCtl = &RT_SAFE_SUBSCRIPT(pThis->aCts, (uintptr_t)pvUser); + Assert((uintptr_t)pvUser < 2); + Assert(!pCtl->aIfs[0].fPresent && !pCtl->aIfs[1].fPresent); +#endif + + /* This is simply a black hole, writes on unpopulated IDE channels elicit no response. */ + LogFunc(("Empty bus: Ignoring write to port %x val=%x size=%d\n", offPort, u32, cb)); + return VINF_SUCCESS; +} + + +/** + * @callback_method_impl{FNIOMIOPORTNEWIN, + * Port I/O Handler for IN operations on unpopulated IDE channels.} + * @note offPort is an absolute port number! + */ +static DECLCALLBACK(VBOXSTRICTRC) +ataIOPortReadEmptyBus(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT offPort, uint32_t *pu32, unsigned cb) +{ + RT_NOREF(pDevIns, offPort, pvUser); + +#ifdef VBOX_STRICT + PATASTATE pThis = PDMDEVINS_2_DATA(pDevIns, PATASTATE); + PATACONTROLLER pCtl = &RT_SAFE_SUBSCRIPT(pThis->aCts, (uintptr_t)pvUser); + Assert((uintptr_t)pvUser < 2); + Assert(cb <= 4); + Assert(!pCtl->aIfs[0].fPresent && !pCtl->aIfs[1].fPresent); +#endif + + /* + * Reads on unpopulated IDE channels behave in a unique way. Newer ATA specifications + * mandate that the host must have a pull-down resistor on signal DD7. As a consequence, + * bit 7 is always read as zero. This greatly aids in ATA device detection because + * the empty bus does not look to the host like a permanently busy drive, and no long + * timeouts (on the order of 30 seconds) are needed. + * + * The response is entirely static and does not require any locking or other fancy + * stuff. Breaking it out simplifies the I/O handling for non-empty IDE channels which + * is quite complicated enough already. + */ + *pu32 = ATA_EMPTY_BUS_DATA_32 >> ((4 - cb) * 8); + LogFunc(("Empty bus: port %x val=%x size=%d\n", offPort, *pu32, cb)); + return VINF_SUCCESS; +} + + +/** + * @callback_method_impl{FNIOMIOPORTNEWOUT, + * Port I/O Handler for primary port range OUT operations.} + * @note offPort is an absolute port number! + */ +static DECLCALLBACK(VBOXSTRICTRC) +ataIOPortWrite1Other(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT offPort, uint32_t u32, unsigned cb) +{ + PATASTATE pThis = PDMDEVINS_2_DATA(pDevIns, PATASTATE); + uintptr_t iCtl = (uintptr_t)pvUser % RT_ELEMENTS(pThis->aCts); + PATACONTROLLER pCtl = &pThis->aCts[iCtl]; + + Assert((uintptr_t)pvUser < 2); + + VBOXSTRICTRC rc = PDMDevHlpCritSectEnter(pDevIns, &pCtl->lock, VINF_IOM_R3_IOPORT_WRITE); + if (rc == VINF_SUCCESS) + { + /* Writes to the other command block ports should be 8-bit only. If they + * are not, the high bits are simply discarded. Undocumented, but observed + * on a real PIIX4 system. + */ + if (cb > 1) + Log(("ataIOPortWrite1: suspect write to port %x val=%x size=%d\n", offPort, u32, cb)); + + rc = ataIOPortWriteU8(pDevIns, pCtl, offPort, u32, iCtl); + + PDMDevHlpCritSectLeave(pDevIns, &pCtl->lock); + } + return rc; +} + + +/** + * @callback_method_impl{FNIOMIOPORTNEWIN, + * Port I/O Handler for primary port range IN operations.} + * @note offPort is an absolute port number! + */ +static DECLCALLBACK(VBOXSTRICTRC) +ataIOPortRead1Other(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT offPort, uint32_t *pu32, unsigned cb) +{ + PATASTATE pThis = PDMDEVINS_2_DATA(pDevIns, PATASTATE); + PATACONTROLLER pCtl = &RT_SAFE_SUBSCRIPT(pThis->aCts, (uintptr_t)pvUser); + + Assert((uintptr_t)pvUser < 2); + + VBOXSTRICTRC rc = PDMDevHlpCritSectEnter(pDevIns, &pCtl->lock, VINF_IOM_R3_IOPORT_READ); + if (rc == VINF_SUCCESS) + { + /* Reads from the other command block registers should be 8-bit only. + * If they are not, the low byte is propagated to the high bits. + * Undocumented, but observed on a real PIIX4 system. + */ + rc = ataIOPortReadU8(pDevIns, pCtl, offPort, pu32); + if (cb > 1) + { + uint32_t pad; + + /* Replicate the 8-bit result into the upper three bytes. */ + pad = *pu32 & 0xff; + pad = pad | (pad << 8); + pad = pad | (pad << 16); + *pu32 = pad; + Log(("ataIOPortRead1: suspect read from port %x size=%d\n", offPort, cb)); + } + PDMDevHlpCritSectLeave(pDevIns, &pCtl->lock); + } + return rc; +} + + +/** + * @callback_method_impl{FNIOMIOPORTNEWOUT, + * Port I/O Handler for secondary port range OUT operations.} + * @note offPort is an absolute port number! + */ +static DECLCALLBACK(VBOXSTRICTRC) +ataIOPortWrite2(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT offPort, uint32_t u32, unsigned cb) +{ + PATASTATE pThis = PDMDEVINS_2_DATA(pDevIns, PATASTATE); + PATACONTROLLER pCtl = &RT_SAFE_SUBSCRIPT(pThis->aCts, (uintptr_t)pvUser); + int rc; + + Assert((uintptr_t)pvUser < 2); + + if (cb == 1) + { + rc = PDMDevHlpCritSectEnter(pDevIns, &pCtl->lock, VINF_IOM_R3_IOPORT_WRITE); + if (rc == VINF_SUCCESS) + { + rc = ataControlWrite(pDevIns, pCtl, u32, offPort); + PDMDevHlpCritSectLeave(pDevIns, &pCtl->lock); + } + } + else + { + Log(("ataIOPortWrite2: ignoring write to port %x+%x size=%d!\n", offPort, pCtl->IOPortBase2, cb)); + rc = VINF_SUCCESS; + } + return rc; +} + + +/** + * @callback_method_impl{FNIOMIOPORTNEWIN, + * Port I/O Handler for secondary port range IN operations.} + * @note offPort is an absolute port number! + */ +static DECLCALLBACK(VBOXSTRICTRC) +ataIOPortRead2(PPDMDEVINS pDevIns, void *pvUser, RTIOPORT offPort, uint32_t *pu32, unsigned cb) +{ + PATASTATE pThis = PDMDEVINS_2_DATA(pDevIns, PATASTATE); + PATACONTROLLER pCtl = &RT_SAFE_SUBSCRIPT(pThis->aCts, (uintptr_t)pvUser); + int rc; + + Assert((uintptr_t)pvUser < 2); + + if (cb == 1) + { + rc = PDMDevHlpCritSectEnter(pDevIns, &pCtl->lock, VINF_IOM_R3_IOPORT_READ); + if (rc == VINF_SUCCESS) + { + *pu32 = ataStatusRead(pCtl, offPort); + PDMDevHlpCritSectLeave(pDevIns, &pCtl->lock); + } + } + else + { + Log(("ataIOPortRead2: ignoring read from port %x+%x size=%d!\n", offPort, pCtl->IOPortBase2, cb)); + rc = VERR_IOM_IOPORT_UNUSED; + } + return rc; +} + +#ifdef IN_RING3 + +/** + * Detach notification. + * + * The DVD drive has been unplugged. + * + * @param pDevIns The device instance. + * @param iLUN The logical unit which is being detached. + * @param fFlags Flags, combination of the PDMDEVATT_FLAGS_* \#defines. + */ +static DECLCALLBACK(void) ataR3Detach(PPDMDEVINS pDevIns, unsigned iLUN, uint32_t fFlags) +{ + PATASTATE pThis = PDMDEVINS_2_DATA(pDevIns, PATASTATE); + PATASTATER3 pThisCC = PDMDEVINS_2_DATA_CC(pDevIns, PATASTATECC); + AssertMsg(fFlags & PDM_TACH_FLAGS_NOT_HOT_PLUG, + ("PIIX3IDE: Device does not support hotplugging\n")); RT_NOREF(fFlags); + + /* + * Locate the controller and stuff. + */ + unsigned iController = iLUN / RT_ELEMENTS(pThis->aCts[0].aIfs); + AssertReleaseMsg(iController < RT_ELEMENTS(pThis->aCts), ("iController=%d iLUN=%d\n", iController, iLUN)); + PATACONTROLLER pCtl = &pThis->aCts[iController]; + PATACONTROLLERR3 pCtlR3 = &pThisCC->aCts[iController]; + + unsigned iInterface = iLUN % RT_ELEMENTS(pThis->aCts[0].aIfs); + PATADEVSTATE pIf = &pCtl->aIfs[iInterface]; + PATADEVSTATER3 pIfR3 = &pCtlR3->aIfs[iInterface]; + + /* + * Zero some important members. + */ + pIfR3->pDrvBase = NULL; + pIfR3->pDrvMedia = NULL; + pIfR3->pDrvMount = NULL; + pIf->fPresent = false; + + /* + * In case there was a medium inserted. + */ + ataR3MediumRemoved(pIf); +} + + +/** + * Configure a LUN. + * + * @returns VBox status code. + * @param pIf The ATA unit state, shared bits. + * @param pIfR3 The ATA unit state, ring-3 bits. + */ +static int ataR3ConfigLun(PATADEVSTATE pIf, PATADEVSTATER3 pIfR3) +{ + /* + * Query Block, Bios and Mount interfaces. + */ + pIfR3->pDrvMedia = PDMIBASE_QUERY_INTERFACE(pIfR3->pDrvBase, PDMIMEDIA); + if (!pIfR3->pDrvMedia) + { + AssertMsgFailed(("Configuration error: LUN#%d hasn't a block interface!\n", pIf->iLUN)); + return VERR_PDM_MISSING_INTERFACE; + } + + pIfR3->pDrvMount = PDMIBASE_QUERY_INTERFACE(pIfR3->pDrvBase, PDMIMOUNT); + pIf->fPresent = true; + + /* + * Validate type. + */ + PDMMEDIATYPE enmType = pIfR3->pDrvMedia->pfnGetType(pIfR3->pDrvMedia); + if ( enmType != PDMMEDIATYPE_CDROM + && enmType != PDMMEDIATYPE_DVD + && enmType != PDMMEDIATYPE_HARD_DISK) + { + AssertMsgFailed(("Configuration error: LUN#%d isn't a disk or cd/dvd-rom. enmType=%d\n", pIf->iLUN, enmType)); + return VERR_PDM_UNSUPPORTED_BLOCK_TYPE; + } + if ( ( enmType == PDMMEDIATYPE_DVD + || enmType == PDMMEDIATYPE_CDROM) + && !pIfR3->pDrvMount) + { + AssertMsgFailed(("Internal error: cdrom without a mountable interface, WTF???!\n")); + return VERR_INTERNAL_ERROR; + } + pIf->fATAPI = enmType == PDMMEDIATYPE_DVD || enmType == PDMMEDIATYPE_CDROM; + pIf->fATAPIPassthrough = pIf->fATAPI && pIfR3->pDrvMedia->pfnSendCmd != NULL; + + /* + * Allocate I/O buffer. + */ + if (pIf->fATAPI) + pIf->cbSector = 2048; /* Not required for ATAPI, one medium can have multiple sector sizes. */ + else + { + pIf->cbSector = pIfR3->pDrvMedia->pfnGetSectorSize(pIfR3->pDrvMedia); + AssertLogRelMsgReturn(pIf->cbSector > 0 && pIf->cbSector <= ATA_MAX_SECTOR_SIZE, + ("Unsupported sector size on LUN#%u: %#x (%d)\n", pIf->iLUN, pIf->cbSector, pIf->cbSector), + VERR_OUT_OF_RANGE); + } + + if (pIf->cbIOBuffer) + { + /* Buffer is (probably) already allocated. Validate the fields, + * because memory corruption can also overwrite pIf->cbIOBuffer. */ + if (pIf->fATAPI) + AssertLogRelReturn(pIf->cbIOBuffer == _128K, VERR_BUFFER_OVERFLOW); + else + AssertLogRelReturn(pIf->cbIOBuffer == ATA_MAX_MULT_SECTORS * pIf->cbSector, VERR_BUFFER_OVERFLOW); + } + else + { + if (pIf->fATAPI) + pIf->cbIOBuffer = _128K; + else + pIf->cbIOBuffer = ATA_MAX_MULT_SECTORS * pIf->cbSector; + } + AssertCompile(_128K <= ATA_MAX_IO_BUFFER_SIZE); + AssertCompileSize(pIf->abIOBuffer, ATA_MAX_IO_BUFFER_SIZE); + AssertLogRelMsgReturn(pIf->cbIOBuffer <= ATA_MAX_IO_BUFFER_SIZE, + ("LUN#%u: cbIOBuffer=%#x (%u)\n", pIf->iLUN, pIf->cbIOBuffer, pIf->cbIOBuffer), + VERR_BUFFER_OVERFLOW); + + /* + * Init geometry (only for non-CD/DVD media). + */ + int rc = VINF_SUCCESS; + uint32_t cRegions = pIfR3->pDrvMedia->pfnGetRegionCount(pIfR3->pDrvMedia); + pIf->cTotalSectors = 0; + for (uint32_t i = 0; i < cRegions; i++) + { + uint64_t cBlocks = 0; + rc = pIfR3->pDrvMedia->pfnQueryRegionProperties(pIfR3->pDrvMedia, i, NULL, &cBlocks, NULL, NULL); + AssertRC(rc); + pIf->cTotalSectors += cBlocks; + } + + if (pIf->fATAPI) + { + pIf->PCHSGeometry.cCylinders = 0; /* dummy */ + pIf->PCHSGeometry.cHeads = 0; /* dummy */ + pIf->PCHSGeometry.cSectors = 0; /* dummy */ + LogRel(("PIIX3 ATA: LUN#%d: CD/DVD, total number of sectors %Ld, passthrough %s\n", + pIf->iLUN, pIf->cTotalSectors, (pIf->fATAPIPassthrough ? "enabled" : "disabled"))); + } + else + { + rc = pIfR3->pDrvMedia->pfnBiosGetPCHSGeometry(pIfR3->pDrvMedia, &pIf->PCHSGeometry); + if (rc == VERR_PDM_MEDIA_NOT_MOUNTED) + { + pIf->PCHSGeometry.cCylinders = 0; + pIf->PCHSGeometry.cHeads = 16; /*??*/ + pIf->PCHSGeometry.cSectors = 63; /*??*/ + } + else if (rc == VERR_PDM_GEOMETRY_NOT_SET) + { + pIf->PCHSGeometry.cCylinders = 0; /* autodetect marker */ + rc = VINF_SUCCESS; + } + AssertRC(rc); + + if ( pIf->PCHSGeometry.cCylinders == 0 + || pIf->PCHSGeometry.cHeads == 0 + || pIf->PCHSGeometry.cSectors == 0 + ) + { + uint64_t cCylinders = pIf->cTotalSectors / (16 * 63); + pIf->PCHSGeometry.cCylinders = RT_MAX(RT_MIN(cCylinders, 16383), 1); + pIf->PCHSGeometry.cHeads = 16; + pIf->PCHSGeometry.cSectors = 63; + /* Set the disk geometry information. Ignore errors. */ + pIfR3->pDrvMedia->pfnBiosSetPCHSGeometry(pIfR3->pDrvMedia, &pIf->PCHSGeometry); + rc = VINF_SUCCESS; + } + LogRel(("PIIX3 ATA: LUN#%d: disk, PCHS=%u/%u/%u, total number of sectors %Ld\n", + pIf->iLUN, pIf->PCHSGeometry.cCylinders, pIf->PCHSGeometry.cHeads, pIf->PCHSGeometry.cSectors, + pIf->cTotalSectors)); + + if (pIfR3->pDrvMedia->pfnDiscard) + LogRel(("PIIX3 ATA: LUN#%d: TRIM enabled\n", pIf->iLUN)); + } + /* Initialize the translated geometry. */ + pIf->XCHSGeometry = pIf->PCHSGeometry; + + /* + * Check if SMP system to adjust the agressiveness of the busy yield hack (@bugref{1960}). + * + * The hack is an ancient (2006?) one for dealing with UNI CPU systems where EMT + * would potentially monopolise the CPU and starve I/O threads. It causes the EMT to + * yield it's timeslice if the guest polls the status register during I/O. On modern + * multicore and multithreaded systems, yielding EMT too often may have adverse + * effects (slow grub) so we aim at avoiding repeating the yield there too often. + */ + RTCPUID cCpus = RTMpGetOnlineCount(); + if (cCpus <= 1) + { + pIf->cBusyStatusHackR3Rate = 1; + pIf->cBusyStatusHackRZRate = 7; + } + else if (cCpus <= 2) + { + pIf->cBusyStatusHackR3Rate = 3; + pIf->cBusyStatusHackRZRate = 15; + } + else if (cCpus <= 4) + { + pIf->cBusyStatusHackR3Rate = 15; + pIf->cBusyStatusHackRZRate = 31; + } + else + { + pIf->cBusyStatusHackR3Rate = 127; + pIf->cBusyStatusHackRZRate = 127; + } + + return rc; +} + + +/** + * Attach command. + * + * This is called when we change block driver for the DVD drive. + * + * @returns VBox status code. + * @param pDevIns The device instance. + * @param iLUN The logical unit which is being detached. + * @param fFlags Flags, combination of the PDMDEVATT_FLAGS_* \#defines. + */ +static DECLCALLBACK(int) ataR3Attach(PPDMDEVINS pDevIns, unsigned iLUN, uint32_t fFlags) +{ + PATASTATE pThis = PDMDEVINS_2_DATA(pDevIns, PATASTATE); + PATASTATER3 pThisCC = PDMDEVINS_2_DATA_CC(pDevIns, PATASTATECC); + + AssertMsgReturn(fFlags & PDM_TACH_FLAGS_NOT_HOT_PLUG, + ("PIIX3IDE: Device does not support hotplugging\n"), + VERR_INVALID_PARAMETER); + + /* + * Locate the controller and stuff. + */ + unsigned const iController = iLUN / RT_ELEMENTS(pThis->aCts[0].aIfs); + AssertReleaseMsg(iController < RT_ELEMENTS(pThis->aCts), ("iController=%d iLUN=%d\n", iController, iLUN)); + PATACONTROLLER pCtl = &pThis->aCts[iController]; + PATACONTROLLERR3 pCtlR3 = &pThisCC->aCts[iController]; + + unsigned const iInterface = iLUN % RT_ELEMENTS(pThis->aCts[0].aIfs); + PATADEVSTATE pIf = &pCtl->aIfs[iInterface]; + PATADEVSTATER3 pIfR3 = &pCtlR3->aIfs[iInterface]; + + /* the usual paranoia */ + AssertRelease(!pIfR3->pDrvBase); + AssertRelease(!pIfR3->pDrvMedia); + Assert(pIf->iLUN == iLUN); + + /* + * Try attach the block device and get the interfaces, + * required as well as optional. + */ + int rc = PDMDevHlpDriverAttach(pDevIns, pIf->iLUN, &pIfR3->IBase, &pIfR3->pDrvBase, NULL); + if (RT_SUCCESS(rc)) + { + rc = ataR3ConfigLun(pIf, pIfR3); + /* + * In case there is a medium inserted. + */ + ataR3MediumInserted(pIf); + ataR3MediumTypeSet(pIf, ATA_MEDIA_TYPE_UNKNOWN); + } + else + AssertMsgFailed(("Failed to attach LUN#%d. rc=%Rrc\n", pIf->iLUN, rc)); + + if (RT_FAILURE(rc)) + { + pIfR3->pDrvBase = NULL; + pIfR3->pDrvMedia = NULL; + pIfR3->pDrvMount = NULL; + pIf->fPresent = false; + } + return rc; +} + + +/** + * Resume notification. + * + * @param pDevIns The device instance data. + */ +static DECLCALLBACK(void) ataR3Resume(PPDMDEVINS pDevIns) +{ + PATASTATE pThis = PDMDEVINS_2_DATA(pDevIns, PATASTATE); + PATASTATER3 pThisCC = PDMDEVINS_2_DATA_CC(pDevIns, PATASTATECC); + + Log(("%s:\n", __FUNCTION__)); + for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++) + { + if (pThis->aCts[i].fRedo && pThis->aCts[i].fRedoIdle) + { + int rc = RTSemEventSignal(pThisCC->aCts[i].hSuspendIOSem); + AssertRC(rc); + } + } + return; +} + + +/** + * Checks if all (both) the async I/O threads have quiesced. + * + * @returns true on success. + * @returns false when one or more threads is still processing. + * @param pDevIns Pointer to the PDM device instance. + */ +static bool ataR3AllAsyncIOIsIdle(PPDMDEVINS pDevIns) +{ + PATASTATE pThis = PDMDEVINS_2_DATA(pDevIns, PATASTATE); + PATASTATER3 pThisCC = PDMDEVINS_2_DATA_CC(pDevIns, PATASTATECC); + + for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++) + if (pThisCC->aCts[i].hAsyncIOThread != NIL_RTTHREAD) + { + bool fRc = ataR3AsyncIOIsIdle(pDevIns, &pThis->aCts[i], false /*fStrict*/); + if (!fRc) + { + /* Make it signal PDM & itself when its done */ + int const rcLock = PDMDevHlpCritSectEnter(pDevIns, &pThis->aCts[i].AsyncIORequestLock, VERR_IGNORED); + PDM_CRITSECT_RELEASE_ASSERT_RC_DEV(pDevIns, &pThis->aCts[i].AsyncIORequestLock, rcLock); + + ASMAtomicWriteBool(&pThisCC->aCts[i].fSignalIdle, true); + + PDMDevHlpCritSectLeave(pDevIns, &pThis->aCts[i].AsyncIORequestLock); + + fRc = ataR3AsyncIOIsIdle(pDevIns, &pThis->aCts[i], false /*fStrict*/); + if (!fRc) + { +#if 0 /** @todo Need to do some time tracking here... */ + LogRel(("PIIX3 ATA: Ctl#%u is still executing, DevSel=%d AIOIf=%d CmdIf0=%#04x CmdIf1=%#04x\n", + i, pThis->aCts[i].iSelectedIf, pThis->aCts[i].iAIOIf, + pThis->aCts[i].aIfs[0].uATARegCommand, pThis->aCts[i].aIfs[1].uATARegCommand)); +#endif + return false; + } + } + ASMAtomicWriteBool(&pThisCC->aCts[i].fSignalIdle, false); + } + return true; +} + +/** + * Prepare state save and load operation. + * + * @returns VBox status code. + * @param pDevIns Device instance of the device which registered the data unit. + * @param pSSM SSM operation handle. + */ +static DECLCALLBACK(int) ataR3SaveLoadPrep(PPDMDEVINS pDevIns, PSSMHANDLE pSSM) +{ + PATASTATE pThis = PDMDEVINS_2_DATA(pDevIns, PATASTATE); + RT_NOREF(pSSM); + + /* sanity - the suspend notification will wait on the async stuff. */ + for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++) + AssertLogRelMsgReturn(ataR3AsyncIOIsIdle(pDevIns, &pThis->aCts[i], false /*fStrict*/), + ("i=%u\n", i), + VERR_SSM_IDE_ASYNC_TIMEOUT); + return VINF_SUCCESS; +} + +/** + * @copydoc FNSSMDEVLIVEEXEC + */ +static DECLCALLBACK(int) ataR3LiveExec(PPDMDEVINS pDevIns, PSSMHANDLE pSSM, uint32_t uPass) +{ + PATASTATE pThis = PDMDEVINS_2_DATA(pDevIns, PATASTATE); + PATASTATER3 pThisCC = PDMDEVINS_2_DATA_CC(pDevIns, PATASTATECC); + PCPDMDEVHLPR3 pHlp = pDevIns->pHlpR3; + RT_NOREF(uPass); + + pHlp->pfnSSMPutU8(pSSM, (uint8_t)pThis->enmChipset); + for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++) + { + pHlp->pfnSSMPutBool(pSSM, true); /* For controller enabled / disabled. */ + for (uint32_t j = 0; j < RT_ELEMENTS(pThis->aCts[i].aIfs); j++) + { + pHlp->pfnSSMPutBool(pSSM, pThisCC->aCts[i].aIfs[j].pDrvBase != NULL); + pHlp->pfnSSMPutStrZ(pSSM, pThis->aCts[i].aIfs[j].szSerialNumber); + pHlp->pfnSSMPutStrZ(pSSM, pThis->aCts[i].aIfs[j].szFirmwareRevision); + pHlp->pfnSSMPutStrZ(pSSM, pThis->aCts[i].aIfs[j].szModelNumber); + } + } + + return VINF_SSM_DONT_CALL_AGAIN; +} + +/** + * @copydoc FNSSMDEVSAVEEXEC + */ +static DECLCALLBACK(int) ataR3SaveExec(PPDMDEVINS pDevIns, PSSMHANDLE pSSM) +{ + PATASTATE pThis = PDMDEVINS_2_DATA(pDevIns, PATASTATE); + PCPDMDEVHLPR3 pHlp = pDevIns->pHlpR3; + + ataR3LiveExec(pDevIns, pSSM, SSM_PASS_FINAL); + + for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++) + { + pHlp->pfnSSMPutU8(pSSM, pThis->aCts[i].iSelectedIf); + pHlp->pfnSSMPutU8(pSSM, pThis->aCts[i].iAIOIf); + pHlp->pfnSSMPutU8(pSSM, pThis->aCts[i].uAsyncIOState); + pHlp->pfnSSMPutBool(pSSM, pThis->aCts[i].fChainedTransfer); + pHlp->pfnSSMPutBool(pSSM, pThis->aCts[i].fReset); + pHlp->pfnSSMPutBool(pSSM, pThis->aCts[i].fRedo); + pHlp->pfnSSMPutBool(pSSM, pThis->aCts[i].fRedoIdle); + pHlp->pfnSSMPutBool(pSSM, pThis->aCts[i].fRedoDMALastDesc); + pHlp->pfnSSMPutMem(pSSM, &pThis->aCts[i].BmDma, sizeof(pThis->aCts[i].BmDma)); + pHlp->pfnSSMPutGCPhys32(pSSM, pThis->aCts[i].GCPhysFirstDMADesc); + pHlp->pfnSSMPutGCPhys32(pSSM, pThis->aCts[i].GCPhysLastDMADesc); + pHlp->pfnSSMPutGCPhys32(pSSM, pThis->aCts[i].GCPhysRedoDMABuffer); + pHlp->pfnSSMPutU32(pSSM, pThis->aCts[i].cbRedoDMABuffer); + + for (uint32_t j = 0; j < RT_ELEMENTS(pThis->aCts[i].aIfs); j++) + { + pHlp->pfnSSMPutBool(pSSM, pThis->aCts[i].aIfs[j].fLBA48); + pHlp->pfnSSMPutBool(pSSM, pThis->aCts[i].aIfs[j].fATAPI); + pHlp->pfnSSMPutBool(pSSM, pThis->aCts[i].aIfs[j].fIrqPending); + pHlp->pfnSSMPutU8(pSSM, pThis->aCts[i].aIfs[j].cMultSectors); + pHlp->pfnSSMPutU32(pSSM, pThis->aCts[i].aIfs[j].XCHSGeometry.cCylinders); + pHlp->pfnSSMPutU32(pSSM, pThis->aCts[i].aIfs[j].XCHSGeometry.cHeads); + pHlp->pfnSSMPutU32(pSSM, pThis->aCts[i].aIfs[j].XCHSGeometry.cSectors); + pHlp->pfnSSMPutU32(pSSM, pThis->aCts[i].aIfs[j].cSectorsPerIRQ); + pHlp->pfnSSMPutU64(pSSM, pThis->aCts[i].aIfs[j].cTotalSectors); + pHlp->pfnSSMPutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegFeature); + pHlp->pfnSSMPutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegFeatureHOB); + pHlp->pfnSSMPutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegError); + pHlp->pfnSSMPutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegNSector); + pHlp->pfnSSMPutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegNSectorHOB); + pHlp->pfnSSMPutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegSector); + pHlp->pfnSSMPutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegSectorHOB); + pHlp->pfnSSMPutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegLCyl); + pHlp->pfnSSMPutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegLCylHOB); + pHlp->pfnSSMPutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegHCyl); + pHlp->pfnSSMPutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegHCylHOB); + pHlp->pfnSSMPutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegSelect); + pHlp->pfnSSMPutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegStatus); + pHlp->pfnSSMPutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegCommand); + pHlp->pfnSSMPutU8(pSSM, pThis->aCts[i].aIfs[j].uATARegDevCtl); + pHlp->pfnSSMPutU8(pSSM, pThis->aCts[i].aIfs[j].uATATransferMode); + pHlp->pfnSSMPutU8(pSSM, pThis->aCts[i].aIfs[j].uTxDir); + pHlp->pfnSSMPutU8(pSSM, pThis->aCts[i].aIfs[j].iBeginTransfer); + pHlp->pfnSSMPutU8(pSSM, pThis->aCts[i].aIfs[j].iSourceSink); + pHlp->pfnSSMPutBool(pSSM, pThis->aCts[i].aIfs[j].fDMA); + pHlp->pfnSSMPutBool(pSSM, pThis->aCts[i].aIfs[j].fATAPITransfer); + pHlp->pfnSSMPutU32(pSSM, pThis->aCts[i].aIfs[j].cbTotalTransfer); + pHlp->pfnSSMPutU32(pSSM, pThis->aCts[i].aIfs[j].cbElementaryTransfer); + pHlp->pfnSSMPutU32(pSSM, pThis->aCts[i].aIfs[j].iIOBufferCur); + pHlp->pfnSSMPutU32(pSSM, pThis->aCts[i].aIfs[j].iIOBufferEnd); + pHlp->pfnSSMPutU32(pSSM, pThis->aCts[i].aIfs[j].iIOBufferPIODataStart); + pHlp->pfnSSMPutU32(pSSM, pThis->aCts[i].aIfs[j].iIOBufferPIODataEnd); + pHlp->pfnSSMPutU32(pSSM, pThis->aCts[i].aIfs[j].iCurLBA); + pHlp->pfnSSMPutU32(pSSM, pThis->aCts[i].aIfs[j].cbATAPISector); + pHlp->pfnSSMPutMem(pSSM, &pThis->aCts[i].aIfs[j].abATAPICmd, sizeof(pThis->aCts[i].aIfs[j].abATAPICmd)); + pHlp->pfnSSMPutMem(pSSM, &pThis->aCts[i].aIfs[j].abATAPISense, sizeof(pThis->aCts[i].aIfs[j].abATAPISense)); + pHlp->pfnSSMPutU8(pSSM, pThis->aCts[i].aIfs[j].cNotifiedMediaChange); + pHlp->pfnSSMPutU32(pSSM, pThis->aCts[i].aIfs[j].MediaEventStatus); + pHlp->pfnSSMPutMem(pSSM, &pThis->aCts[i].aIfs[j].Led, sizeof(pThis->aCts[i].aIfs[j].Led)); + pHlp->pfnSSMPutU32(pSSM, pThis->aCts[i].aIfs[j].cbIOBuffer); + if (pThis->aCts[i].aIfs[j].cbIOBuffer) + pHlp->pfnSSMPutMem(pSSM, pThis->aCts[i].aIfs[j].abIOBuffer, pThis->aCts[i].aIfs[j].cbIOBuffer); + } + } + + return pHlp->pfnSSMPutU32(pSSM, UINT32_MAX); /* sanity/terminator */ +} + +/** + * Converts the LUN number into a message string. + */ +static const char *ataR3StringifyLun(unsigned iLun) +{ + switch (iLun) + { + case 0: return "primary master"; + case 1: return "primary slave"; + case 2: return "secondary master"; + case 3: return "secondary slave"; + default: AssertFailedReturn("unknown lun"); + } +} + +/** + * FNSSMDEVLOADEXEC + */ +static DECLCALLBACK(int) ataR3LoadExec(PPDMDEVINS pDevIns, PSSMHANDLE pSSM, uint32_t uVersion, uint32_t uPass) +{ + PATASTATE pThis = PDMDEVINS_2_DATA(pDevIns, PATASTATE); + PATASTATER3 pThisCC = PDMDEVINS_2_DATA_CC(pDevIns, PATASTATECC); + PCPDMDEVHLPR3 pHlp = pDevIns->pHlpR3; + int rc; + uint32_t u32; + + if ( uVersion != ATA_SAVED_STATE_VERSION + && uVersion != ATA_SAVED_STATE_VERSION_WITHOUT_ATA_ILBA + && uVersion != ATA_SAVED_STATE_VERSION_VBOX_30 + && uVersion != ATA_SAVED_STATE_VERSION_WITHOUT_FULL_SENSE + && uVersion != ATA_SAVED_STATE_VERSION_WITHOUT_EVENT_STATUS + && uVersion != ATA_SAVED_STATE_VERSION_WITH_BOOL_TYPE) + { + AssertMsgFailed(("uVersion=%d\n", uVersion)); + return VERR_SSM_UNSUPPORTED_DATA_UNIT_VERSION; + } + + /* + * Verify the configuration. + */ + if (uVersion > ATA_SAVED_STATE_VERSION_VBOX_30) + { + uint8_t u8Type; + rc = pHlp->pfnSSMGetU8(pSSM, &u8Type); + AssertRCReturn(rc, rc); + if ((CHIPSET)u8Type != pThis->enmChipset) + return pHlp->pfnSSMSetCfgError(pSSM, RT_SRC_POS, N_("Config mismatch: enmChipset - saved=%u config=%u"), u8Type, pThis->enmChipset); + + for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++) + { + bool fEnabled; + rc = pHlp->pfnSSMGetBool(pSSM, &fEnabled); + AssertRCReturn(rc, rc); + if (!fEnabled) + return pHlp->pfnSSMSetCfgError(pSSM, RT_SRC_POS, N_("Ctr#%u onfig mismatch: fEnabled != true"), i); + + for (uint32_t j = 0; j < RT_ELEMENTS(pThis->aCts[i].aIfs); j++) + { + ATADEVSTATE const *pIf = &pThis->aCts[i].aIfs[j]; + ATADEVSTATER3 const *pIfR3 = &pThisCC->aCts[i].aIfs[j]; + + bool fInUse; + rc = pHlp->pfnSSMGetBool(pSSM, &fInUse); + AssertRCReturn(rc, rc); + if (fInUse != (pIfR3->pDrvBase != NULL)) + return pHlp->pfnSSMSetCfgError(pSSM, RT_SRC_POS, + N_("The %s VM is missing a %s device. Please make sure the source and target VMs have compatible storage configurations"), + fInUse ? "target" : "source", ataR3StringifyLun(pIf->iLUN) ); + + char szSerialNumber[ATA_SERIAL_NUMBER_LENGTH+1]; + rc = pHlp->pfnSSMGetStrZ(pSSM, szSerialNumber, sizeof(szSerialNumber)); + AssertRCReturn(rc, rc); + if (strcmp(szSerialNumber, pIf->szSerialNumber)) + LogRel(("PIIX3 ATA: LUN#%u config mismatch: Serial number - saved='%s' config='%s'\n", + pIf->iLUN, szSerialNumber, pIf->szSerialNumber)); + + char szFirmwareRevision[ATA_FIRMWARE_REVISION_LENGTH+1]; + rc = pHlp->pfnSSMGetStrZ(pSSM, szFirmwareRevision, sizeof(szFirmwareRevision)); + AssertRCReturn(rc, rc); + if (strcmp(szFirmwareRevision, pIf->szFirmwareRevision)) + LogRel(("PIIX3 ATA: LUN#%u config mismatch: Firmware revision - saved='%s' config='%s'\n", + pIf->iLUN, szFirmwareRevision, pIf->szFirmwareRevision)); + + char szModelNumber[ATA_MODEL_NUMBER_LENGTH+1]; + rc = pHlp->pfnSSMGetStrZ(pSSM, szModelNumber, sizeof(szModelNumber)); + AssertRCReturn(rc, rc); + if (strcmp(szModelNumber, pIf->szModelNumber)) + LogRel(("PIIX3 ATA: LUN#%u config mismatch: Model number - saved='%s' config='%s'\n", + pIf->iLUN, szModelNumber, pIf->szModelNumber)); + } + } + } + if (uPass != SSM_PASS_FINAL) + return VINF_SUCCESS; + + /* + * Restore valid parts of the ATASTATE structure + */ + for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++) + { + /* integrity check */ + if (!ataR3AsyncIOIsIdle(pDevIns, &pThis->aCts[i], false)) + { + AssertMsgFailed(("Async I/O for controller %d is active\n", i)); + return VERR_INTERNAL_ERROR_4; + } + + rc = pHlp->pfnSSMGetU8(pSSM, &pThis->aCts[i].iSelectedIf); + AssertRCReturn(rc, rc); + AssertLogRelMsgStmt(pThis->aCts[i].iSelectedIf == (pThis->aCts[i].iSelectedIf & ATA_SELECTED_IF_MASK), + ("iSelectedIf = %d\n", pThis->aCts[i].iSelectedIf), + pThis->aCts[i].iSelectedIf &= ATA_SELECTED_IF_MASK); + rc = pHlp->pfnSSMGetU8(pSSM, &pThis->aCts[i].iAIOIf); + AssertRCReturn(rc, rc); + AssertLogRelMsgStmt(pThis->aCts[i].iAIOIf == (pThis->aCts[i].iAIOIf & ATA_SELECTED_IF_MASK), + ("iAIOIf = %d\n", pThis->aCts[i].iAIOIf), + pThis->aCts[i].iAIOIf &= ATA_SELECTED_IF_MASK); + pHlp->pfnSSMGetU8(pSSM, &pThis->aCts[i].uAsyncIOState); + pHlp->pfnSSMGetBool(pSSM, &pThis->aCts[i].fChainedTransfer); + pHlp->pfnSSMGetBool(pSSM, &pThis->aCts[i].fReset); + pHlp->pfnSSMGetBool(pSSM, &pThis->aCts[i].fRedo); + pHlp->pfnSSMGetBool(pSSM, &pThis->aCts[i].fRedoIdle); + pHlp->pfnSSMGetBool(pSSM, &pThis->aCts[i].fRedoDMALastDesc); + pHlp->pfnSSMGetMem(pSSM, &pThis->aCts[i].BmDma, sizeof(pThis->aCts[i].BmDma)); + pHlp->pfnSSMGetGCPhys32(pSSM, &pThis->aCts[i].GCPhysFirstDMADesc); + pHlp->pfnSSMGetGCPhys32(pSSM, &pThis->aCts[i].GCPhysLastDMADesc); + pHlp->pfnSSMGetGCPhys32(pSSM, &pThis->aCts[i].GCPhysRedoDMABuffer); + pHlp->pfnSSMGetU32(pSSM, &pThis->aCts[i].cbRedoDMABuffer); + + for (uint32_t j = 0; j < RT_ELEMENTS(pThis->aCts[i].aIfs); j++) + { + pHlp->pfnSSMGetBool(pSSM, &pThis->aCts[i].aIfs[j].fLBA48); + pHlp->pfnSSMGetBool(pSSM, &pThis->aCts[i].aIfs[j].fATAPI); + pHlp->pfnSSMGetBool(pSSM, &pThis->aCts[i].aIfs[j].fIrqPending); + pHlp->pfnSSMGetU8(pSSM, &pThis->aCts[i].aIfs[j].cMultSectors); + pHlp->pfnSSMGetU32(pSSM, &pThis->aCts[i].aIfs[j].XCHSGeometry.cCylinders); + pHlp->pfnSSMGetU32(pSSM, &pThis->aCts[i].aIfs[j].XCHSGeometry.cHeads); + pHlp->pfnSSMGetU32(pSSM, &pThis->aCts[i].aIfs[j].XCHSGeometry.cSectors); + pHlp->pfnSSMGetU32(pSSM, &pThis->aCts[i].aIfs[j].cSectorsPerIRQ); + pHlp->pfnSSMGetU64(pSSM, &pThis->aCts[i].aIfs[j].cTotalSectors); + pHlp->pfnSSMGetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegFeature); + pHlp->pfnSSMGetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegFeatureHOB); + pHlp->pfnSSMGetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegError); + pHlp->pfnSSMGetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegNSector); + pHlp->pfnSSMGetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegNSectorHOB); + pHlp->pfnSSMGetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegSector); + pHlp->pfnSSMGetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegSectorHOB); + pHlp->pfnSSMGetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegLCyl); + pHlp->pfnSSMGetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegLCylHOB); + pHlp->pfnSSMGetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegHCyl); + pHlp->pfnSSMGetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegHCylHOB); + pHlp->pfnSSMGetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegSelect); + pHlp->pfnSSMGetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegStatus); + pHlp->pfnSSMGetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegCommand); + pHlp->pfnSSMGetU8(pSSM, &pThis->aCts[i].aIfs[j].uATARegDevCtl); + pHlp->pfnSSMGetU8(pSSM, &pThis->aCts[i].aIfs[j].uATATransferMode); + pHlp->pfnSSMGetU8(pSSM, &pThis->aCts[i].aIfs[j].uTxDir); + pHlp->pfnSSMGetU8(pSSM, &pThis->aCts[i].aIfs[j].iBeginTransfer); + pHlp->pfnSSMGetU8(pSSM, &pThis->aCts[i].aIfs[j].iSourceSink); + pHlp->pfnSSMGetBool(pSSM, &pThis->aCts[i].aIfs[j].fDMA); + pHlp->pfnSSMGetBool(pSSM, &pThis->aCts[i].aIfs[j].fATAPITransfer); + pHlp->pfnSSMGetU32(pSSM, &pThis->aCts[i].aIfs[j].cbTotalTransfer); + pHlp->pfnSSMGetU32(pSSM, &pThis->aCts[i].aIfs[j].cbElementaryTransfer); + /* NB: cbPIOTransferLimit could be saved/restored but it's sufficient + * to re-calculate it here, with a tiny risk that it could be + * unnecessarily low for the current transfer only. Could be changed + * when changing the saved state in the future. + */ + pThis->aCts[i].aIfs[j].cbPIOTransferLimit = (pThis->aCts[i].aIfs[j].uATARegHCyl << 8) | pThis->aCts[i].aIfs[j].uATARegLCyl; + pHlp->pfnSSMGetU32(pSSM, &pThis->aCts[i].aIfs[j].iIOBufferCur); + pHlp->pfnSSMGetU32(pSSM, &pThis->aCts[i].aIfs[j].iIOBufferEnd); + pHlp->pfnSSMGetU32(pSSM, &pThis->aCts[i].aIfs[j].iIOBufferPIODataStart); + pHlp->pfnSSMGetU32(pSSM, &pThis->aCts[i].aIfs[j].iIOBufferPIODataEnd); + pHlp->pfnSSMGetU32(pSSM, &pThis->aCts[i].aIfs[j].iCurLBA); + pHlp->pfnSSMGetU32(pSSM, &pThis->aCts[i].aIfs[j].cbATAPISector); + pHlp->pfnSSMGetMem(pSSM, &pThis->aCts[i].aIfs[j].abATAPICmd, sizeof(pThis->aCts[i].aIfs[j].abATAPICmd)); + if (uVersion > ATA_SAVED_STATE_VERSION_WITHOUT_FULL_SENSE) + pHlp->pfnSSMGetMem(pSSM, pThis->aCts[i].aIfs[j].abATAPISense, sizeof(pThis->aCts[i].aIfs[j].abATAPISense)); + else + { + uint8_t uATAPISenseKey, uATAPIASC; + memset(pThis->aCts[i].aIfs[j].abATAPISense, '\0', sizeof(pThis->aCts[i].aIfs[j].abATAPISense)); + pThis->aCts[i].aIfs[j].abATAPISense[0] = 0x70 | (1 << 7); + pThis->aCts[i].aIfs[j].abATAPISense[7] = 10; + pHlp->pfnSSMGetU8(pSSM, &uATAPISenseKey); + pHlp->pfnSSMGetU8(pSSM, &uATAPIASC); + pThis->aCts[i].aIfs[j].abATAPISense[2] = uATAPISenseKey & 0x0f; + pThis->aCts[i].aIfs[j].abATAPISense[12] = uATAPIASC; + } + /** @todo triple-check this hack after passthrough is working */ + pHlp->pfnSSMGetU8(pSSM, &pThis->aCts[i].aIfs[j].cNotifiedMediaChange); + if (uVersion > ATA_SAVED_STATE_VERSION_WITHOUT_EVENT_STATUS) + pHlp->pfnSSMGetU32V(pSSM, &pThis->aCts[i].aIfs[j].MediaEventStatus); + else + pThis->aCts[i].aIfs[j].MediaEventStatus = ATA_EVENT_STATUS_UNCHANGED; + pHlp->pfnSSMGetMem(pSSM, &pThis->aCts[i].aIfs[j].Led, sizeof(pThis->aCts[i].aIfs[j].Led)); + + uint32_t cbIOBuffer = 0; + rc = pHlp->pfnSSMGetU32(pSSM, &cbIOBuffer); + AssertRCReturn(rc, rc); + + if ( (uVersion <= ATA_SAVED_STATE_VERSION_WITHOUT_ATA_ILBA) + && !pThis->aCts[i].aIfs[j].fATAPI) + { + pThis->aCts[i].aIfs[j].iCurLBA = ataR3GetSector(&pThis->aCts[i].aIfs[j]); + } + + if (cbIOBuffer) + { + if (cbIOBuffer <= sizeof(pThis->aCts[i].aIfs[j].abIOBuffer)) + { + if (pThis->aCts[i].aIfs[j].cbIOBuffer != cbIOBuffer) + LogRel(("ATA: %u/%u: Restoring cbIOBuffer=%u; constructor set up %u!\n", i, j, cbIOBuffer, pThis->aCts[i].aIfs[j].cbIOBuffer)); + pThis->aCts[i].aIfs[j].cbIOBuffer = cbIOBuffer; + pHlp->pfnSSMGetMem(pSSM, pThis->aCts[i].aIfs[j].abIOBuffer, cbIOBuffer); + } + else + { + LogRel(("ATA: %u/%u: Restoring cbIOBuffer=%u, only prepared %u!\n", i, j, cbIOBuffer, pThis->aCts[i].aIfs[j].cbIOBuffer)); + if (pHlp->pfnSSMHandleGetAfter(pSSM) != SSMAFTER_DEBUG_IT) + return pHlp->pfnSSMSetCfgError(pSSM, RT_SRC_POS, + N_("ATA: %u/%u: Restoring cbIOBuffer=%u, only prepared %u"), + i, j, cbIOBuffer, pThis->aCts[i].aIfs[j].cbIOBuffer); + + /* skip the buffer if we're loading for the debugger / animator. */ + pHlp->pfnSSMSkip(pSSM, cbIOBuffer); + } + } + else + AssertLogRelMsgStmt(pThis->aCts[i].aIfs[j].cbIOBuffer == 0, + ("ATA: %u/%u: cbIOBuffer=%u restoring zero!\n", i, j, pThis->aCts[i].aIfs[j].cbIOBuffer), + pThis->aCts[i].aIfs[j].cbIOBuffer = 0); + } + } + if (uVersion <= ATA_SAVED_STATE_VERSION_VBOX_30) + PDMDEVHLP_SSM_GET_ENUM8_RET(pHlp, pSSM, pThis->enmChipset, CHIPSET); + + rc = pHlp->pfnSSMGetU32(pSSM, &u32); + if (RT_FAILURE(rc)) + return rc; + if (u32 != ~0U) + { + AssertMsgFailed(("u32=%#x expected ~0\n", u32)); + rc = VERR_SSM_DATA_UNIT_FORMAT_CHANGED; + return rc; + } + + return VINF_SUCCESS; +} + + +/** + * Callback employed by ataSuspend and ataR3PowerOff. + * + * @returns true if we've quiesced, false if we're still working. + * @param pDevIns The device instance. + */ +static DECLCALLBACK(bool) ataR3IsAsyncSuspendOrPowerOffDone(PPDMDEVINS pDevIns) +{ + return ataR3AllAsyncIOIsIdle(pDevIns); +} + + +/** + * Common worker for ataSuspend and ataR3PowerOff. + */ +static void ataR3SuspendOrPowerOff(PPDMDEVINS pDevIns) +{ + if (!ataR3AllAsyncIOIsIdle(pDevIns)) + PDMDevHlpSetAsyncNotification(pDevIns, ataR3IsAsyncSuspendOrPowerOffDone); +} + + +/** + * Power Off notification. + * + * @param pDevIns The device instance data. + */ +static DECLCALLBACK(void) ataR3PowerOff(PPDMDEVINS pDevIns) +{ + Log(("%s:\n", __FUNCTION__)); + ataR3SuspendOrPowerOff(pDevIns); +} + + +/** + * Suspend notification. + * + * @param pDevIns The device instance data. + */ +static DECLCALLBACK(void) ataR3Suspend(PPDMDEVINS pDevIns) +{ + Log(("%s:\n", __FUNCTION__)); + ataR3SuspendOrPowerOff(pDevIns); +} + + +/** + * Callback employed by ataR3Reset. + * + * @returns true if we've quiesced, false if we're still working. + * @param pDevIns The device instance. + */ +static DECLCALLBACK(bool) ataR3IsAsyncResetDone(PPDMDEVINS pDevIns) +{ + PATASTATE pThis = PDMDEVINS_2_DATA(pDevIns, PATASTATE); + + if (!ataR3AllAsyncIOIsIdle(pDevIns)) + return false; + + for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++) + { + int const rcLock = PDMDevHlpCritSectEnter(pDevIns, &pThis->aCts[i].lock, VERR_INTERNAL_ERROR); + PDM_CRITSECT_RELEASE_ASSERT_RC_DEV(pDevIns, &pThis->aCts[i].lock, rcLock); + + for (uint32_t j = 0; j < RT_ELEMENTS(pThis->aCts[i].aIfs); j++) + ataR3ResetDevice(pDevIns, &pThis->aCts[i], &pThis->aCts[i].aIfs[j]); + + PDMDevHlpCritSectLeave(pDevIns, &pThis->aCts[i].lock); + } + return true; +} + + +/** + * Common reset worker for ataR3Reset and ataR3Construct. + * + * @returns VBox status code. + * @param pDevIns The device instance data. + * @param fConstruct Indicates who is calling. + */ +static int ataR3ResetCommon(PPDMDEVINS pDevIns, bool fConstruct) +{ + PATASTATE pThis = PDMDEVINS_2_DATA(pDevIns, PATASTATE); + PATASTATER3 pThisCC = PDMDEVINS_2_DATA_CC(pDevIns, PATASTATECC); + + for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++) + { + int const rcLock = PDMDevHlpCritSectEnter(pDevIns, &pThis->aCts[i].lock, VERR_INTERNAL_ERROR); + PDM_CRITSECT_RELEASE_ASSERT_RC_DEV(pDevIns, &pThis->aCts[i].lock, rcLock); + + pThis->aCts[i].iSelectedIf = 0; + pThis->aCts[i].iAIOIf = 0; + pThis->aCts[i].BmDma.u8Cmd = 0; + /* Report that both drives present on the bus are in DMA mode. This + * pretends that there is a BIOS that has set it up. Normal reset + * default is 0x00. */ + pThis->aCts[i].BmDma.u8Status = (pThisCC->aCts[i].aIfs[0].pDrvBase != NULL ? BM_STATUS_D0DMA : 0) + | (pThisCC->aCts[i].aIfs[1].pDrvBase != NULL ? BM_STATUS_D1DMA : 0); + pThis->aCts[i].BmDma.GCPhysAddr = 0; + + pThis->aCts[i].fReset = true; + pThis->aCts[i].fRedo = false; + pThis->aCts[i].fRedoIdle = false; + ataR3AsyncIOClearRequests(pDevIns, &pThis->aCts[i]); + Log2(("%s: Ctl#%d: message to async I/O thread, reset controller\n", __FUNCTION__, i)); + ataHCAsyncIOPutRequest(pDevIns, &pThis->aCts[i], &g_ataResetARequest); + ataHCAsyncIOPutRequest(pDevIns, &pThis->aCts[i], &g_ataResetCRequest); + + PDMDevHlpCritSectLeave(pDevIns, &pThis->aCts[i].lock); + } + + int rcRet = VINF_SUCCESS; + if (!fConstruct) + { + /* + * Setup asynchronous notification completion if the requests haven't + * completed yet. + */ + if (!ataR3IsAsyncResetDone(pDevIns)) + PDMDevHlpSetAsyncNotification(pDevIns, ataR3IsAsyncResetDone); + } + else + { + /* + * Wait for the requests for complete. + * + * Would be real nice if we could do it all from EMT(0) and not + * involve the worker threads, then we could dispense with all the + * waiting and semaphore ping-pong here... + */ + for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++) + { + if (pThisCC->aCts[i].hAsyncIOThread != NIL_RTTHREAD) + { + int rc = PDMDevHlpCritSectEnter(pDevIns, &pThis->aCts[i].AsyncIORequestLock, VERR_IGNORED); + PDM_CRITSECT_RELEASE_ASSERT_RC_DEV(pDevIns, &pThis->aCts[i].AsyncIORequestLock, rc); + + ASMAtomicWriteBool(&pThisCC->aCts[i].fSignalIdle, true); + rc = RTThreadUserReset(pThisCC->aCts[i].hAsyncIOThread); + AssertRC(rc); + + rc = PDMDevHlpCritSectLeave(pDevIns, &pThis->aCts[i].AsyncIORequestLock); + AssertRC(rc); + + if (!ataR3AsyncIOIsIdle(pDevIns, &pThis->aCts[i], false /*fStrict*/)) + { + rc = RTThreadUserWait(pThisCC->aCts[i].hAsyncIOThread, 30*1000 /*ms*/); + if (RT_FAILURE(rc)) + rc = RTThreadUserWait(pThisCC->aCts[i].hAsyncIOThread, 1000 /*ms*/); + if (RT_FAILURE(rc)) + { + AssertRC(rc); + rcRet = rc; + } + } + } + ASMAtomicWriteBool(&pThisCC->aCts[i].fSignalIdle, false); + } + if (RT_SUCCESS(rcRet)) + { + rcRet = ataR3IsAsyncResetDone(pDevIns) ? VINF_SUCCESS : VERR_INTERNAL_ERROR; + AssertRC(rcRet); + } + } + return rcRet; +} + +/** + * Reset notification. + * + * @param pDevIns The device instance data. + */ +static DECLCALLBACK(void) ataR3Reset(PPDMDEVINS pDevIns) +{ + ataR3ResetCommon(pDevIns, false /*fConstruct*/); +} + +/** + * Destroy a driver instance. + * + * Most VM resources are freed by the VM. This callback is provided so that any non-VM + * resources can be freed correctly. + * + * @param pDevIns The device instance data. + */ +static DECLCALLBACK(int) ataR3Destruct(PPDMDEVINS pDevIns) +{ + PDMDEV_CHECK_VERSIONS_RETURN_QUIET(pDevIns); + PATASTATE pThis = PDMDEVINS_2_DATA(pDevIns, PATASTATE); + PATASTATER3 pThisCC = PDMDEVINS_2_DATA_CC(pDevIns, PATASTATECC); + int rc; + + Log(("ataR3Destruct\n")); + + /* + * Tell the async I/O threads to terminate. + */ + for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++) + { + if (pThisCC->aCts[i].hAsyncIOThread != NIL_RTTHREAD) + { + ASMAtomicWriteU32(&pThisCC->aCts[i].fShutdown, true); + rc = PDMDevHlpSUPSemEventSignal(pDevIns, pThis->aCts[i].hAsyncIOSem); + AssertRC(rc); + rc = RTSemEventSignal(pThisCC->aCts[i].hSuspendIOSem); + AssertRC(rc); + } + } + + /* + * Wait for the threads to terminate before destroying their resources. + */ + for (unsigned i = 0; i < RT_ELEMENTS(pThis->aCts); i++) + { + if (pThisCC->aCts[i].hAsyncIOThread != NIL_RTTHREAD) + { + rc = RTThreadWait(pThisCC->aCts[i].hAsyncIOThread, 30000 /* 30 s*/, NULL); + if (RT_SUCCESS(rc)) + pThisCC->aCts[i].hAsyncIOThread = NIL_RTTHREAD; + else + LogRel(("PIIX3 ATA Dtor: Ctl#%u is still executing, DevSel=%d AIOIf=%d CmdIf0=%#04x CmdIf1=%#04x rc=%Rrc\n", + i, pThis->aCts[i].iSelectedIf, pThis->aCts[i].iAIOIf, + pThis->aCts[i].aIfs[0].uATARegCommand, pThis->aCts[i].aIfs[1].uATARegCommand, rc)); + } + } + + /* + * Free resources. + */ + for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++) + { + if (PDMDevHlpCritSectIsInitialized(pDevIns, &pThis->aCts[i].AsyncIORequestLock)) + PDMDevHlpCritSectDelete(pDevIns, &pThis->aCts[i].AsyncIORequestLock); + if (pThis->aCts[i].hAsyncIOSem != NIL_SUPSEMEVENT) + { + PDMDevHlpSUPSemEventClose(pDevIns, pThis->aCts[i].hAsyncIOSem); + pThis->aCts[i].hAsyncIOSem = NIL_SUPSEMEVENT; + } + if (pThisCC->aCts[i].hSuspendIOSem != NIL_RTSEMEVENT) + { + RTSemEventDestroy(pThisCC->aCts[i].hSuspendIOSem); + pThisCC->aCts[i].hSuspendIOSem = NIL_RTSEMEVENT; + } + + /* try one final time */ + if (pThisCC->aCts[i].hAsyncIOThread != NIL_RTTHREAD) + { + rc = RTThreadWait(pThisCC->aCts[i].hAsyncIOThread, 1 /*ms*/, NULL); + if (RT_SUCCESS(rc)) + { + pThisCC->aCts[i].hAsyncIOThread = NIL_RTTHREAD; + LogRel(("PIIX3 ATA Dtor: Ctl#%u actually completed.\n", i)); + } + } + + for (uint32_t iIf = 0; iIf < RT_ELEMENTS(pThis->aCts[i].aIfs); iIf++) + { + if (pThisCC->aCts[i].aIfs[iIf].pTrackList) + { + ATAPIPassthroughTrackListDestroy(pThisCC->aCts[i].aIfs[iIf].pTrackList); + pThisCC->aCts[i].aIfs[iIf].pTrackList = NULL; + } + } + } + + return VINF_SUCCESS; +} + +/** + * Convert config value to DEVPCBIOSBOOT. + * + * @returns VBox status code. + * @param pDevIns The device instance data. + * @param pCfg Configuration handle. + * @param penmChipset Where to store the chipset type. + */ +static int ataR3ControllerFromCfg(PPDMDEVINS pDevIns, PCFGMNODE pCfg, CHIPSET *penmChipset) +{ + char szType[20]; + + int rc = pDevIns->pHlpR3->pfnCFGMQueryStringDef(pCfg, "Type", &szType[0], sizeof(szType), "PIIX4"); + if (RT_FAILURE(rc)) + return PDMDevHlpVMSetError(pDevIns, rc, RT_SRC_POS, + N_("Configuration error: Querying \"Type\" as a string failed")); + if (!strcmp(szType, "PIIX3")) + *penmChipset = CHIPSET_PIIX3; + else if (!strcmp(szType, "PIIX4")) + *penmChipset = CHIPSET_PIIX4; + else if (!strcmp(szType, "ICH6")) + *penmChipset = CHIPSET_ICH6; + else + { + PDMDevHlpVMSetError(pDevIns, rc, RT_SRC_POS, + N_("Configuration error: The \"Type\" value \"%s\" is unknown"), + szType); + rc = VERR_INTERNAL_ERROR; + } + return rc; +} + +/** + * @interface_method_impl{PDMDEVREG,pfnConstruct} + */ +static DECLCALLBACK(int) ataR3Construct(PPDMDEVINS pDevIns, int iInstance, PCFGMNODE pCfg) +{ + PDMDEV_CHECK_VERSIONS_RETURN(pDevIns); + PATASTATE pThis = PDMDEVINS_2_DATA(pDevIns, PATASTATE); + PATASTATER3 pThisCC = PDMDEVINS_2_DATA_CC(pDevIns, PATASTATER3); + PCPDMDEVHLPR3 pHlp = pDevIns->pHlpR3; + PPDMIBASE pBase; + int rc; + uint32_t msDelayIRQ; + + Assert(iInstance == 0); + + /* + * Initialize NIL handle values (for the destructor). + */ + for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++) + { + pThis->aCts[i].iCtl = i; + pThis->aCts[i].hAsyncIOSem = NIL_SUPSEMEVENT; + pThis->aCts[i].hIoPorts1First = NIL_IOMIOPORTHANDLE; + pThis->aCts[i].hIoPorts1Other = NIL_IOMIOPORTHANDLE; + pThis->aCts[i].hIoPorts2 = NIL_IOMIOPORTHANDLE; + pThis->aCts[i].hIoPortsEmpty1 = NIL_IOMIOPORTHANDLE; + pThis->aCts[i].hIoPortsEmpty2 = NIL_IOMIOPORTHANDLE; + + pThisCC->aCts[i].iCtl = i; + pThisCC->aCts[i].hSuspendIOSem = NIL_RTSEMEVENT; + pThisCC->aCts[i].hAsyncIOThread = NIL_RTTHREAD; + } + + /* + * Validate and read configuration. + */ + PDMDEV_VALIDATE_CONFIG_RETURN(pDevIns, "IRQDelay|Type", "PrimaryMaster|PrimarySlave|SecondaryMaster|SecondarySlave"); + + rc = pHlp->pfnCFGMQueryU32Def(pCfg, "IRQDelay", &msDelayIRQ, 0); + if (RT_FAILURE(rc)) + return PDMDEV_SET_ERROR(pDevIns, rc, N_("PIIX3 configuration error: failed to read IRQDelay as integer")); + Log(("%s: msDelayIRQ=%d\n", __FUNCTION__, msDelayIRQ)); + Assert(msDelayIRQ < 50); + + CHIPSET enmChipset = CHIPSET_PIIX3; + rc = ataR3ControllerFromCfg(pDevIns, pCfg, &enmChipset); + if (RT_FAILURE(rc)) + return rc; + pThis->enmChipset = enmChipset; + + /* + * Initialize data (most of it anyway). + */ + /* Status LUN. */ + pThisCC->IBase.pfnQueryInterface = ataR3Status_QueryInterface; + pThisCC->ILeds.pfnQueryStatusLed = ataR3Status_QueryStatusLed; + + /* PCI configuration space. */ + PPDMPCIDEV pPciDev = pDevIns->apPciDevs[0]; + PDMPCIDEV_ASSERT_VALID(pDevIns, pPciDev); + PDMPciDevSetVendorId(pPciDev, 0x8086); /* Intel */ + + /* + * When adding more IDE chipsets, don't forget to update pci_bios_init_device() + * as it explicitly checks for PCI id for IDE controllers. + */ + switch (enmChipset) + { + case CHIPSET_ICH6: + PDMPciDevSetDeviceId(pPciDev, 0x269e); /* ICH6 IDE */ + /** @todo do we need it? Do we need anything else? */ + PDMPciDevSetByte(pPciDev, 0x48, 0x00); /* UDMACTL */ + PDMPciDevSetByte(pPciDev, 0x4A, 0x00); /* UDMATIM */ + PDMPciDevSetByte(pPciDev, 0x4B, 0x00); + { + /* + * See www.intel.com/Assets/PDF/manual/298600.pdf p. 30 + * Report + * WR_Ping-Pong_EN: must be set + * PCR0, PCR1: 80-pin primary cable reporting for both disks + * SCR0, SCR1: 80-pin secondary cable reporting for both disks + */ + uint16_t u16Config = (1<<10) | (1<<7) | (1<<6) | (1<<5) | (1<<4); + PDMPciDevSetByte(pPciDev, 0x54, u16Config & 0xff); + PDMPciDevSetByte(pPciDev, 0x55, u16Config >> 8); + } + break; + case CHIPSET_PIIX4: + PDMPciDevSetDeviceId(pPciDev, 0x7111); /* PIIX4 IDE */ + PDMPciDevSetRevisionId(pPciDev, 0x01); /* PIIX4E */ + PDMPciDevSetByte(pPciDev, 0x48, 0x00); /* UDMACTL */ + PDMPciDevSetByte(pPciDev, 0x4A, 0x00); /* UDMATIM */ + PDMPciDevSetByte(pPciDev, 0x4B, 0x00); + break; + case CHIPSET_PIIX3: + PDMPciDevSetDeviceId(pPciDev, 0x7010); /* PIIX3 IDE */ + break; + default: + AssertMsgFailed(("Unsupported IDE chipset type: %d\n", enmChipset)); + } + + /** @todo + * This is the job of the BIOS / EFI! + * + * The same is done in DevPCI.cpp / pci_bios_init_device() but there is no + * corresponding function in DevPciIch9.cpp. The EFI has corresponding code + * in OvmfPkg/Library/PlatformBdsLib/BdsPlatform.c: NotifyDev() but this + * function assumes that the IDE controller is located at PCI 00:01.1 which + * is not true if the ICH9 chipset is used. + */ + PDMPciDevSetWord(pPciDev, 0x40, 0x8000); /* enable IDE0 */ + PDMPciDevSetWord(pPciDev, 0x42, 0x8000); /* enable IDE1 */ + + PDMPciDevSetCommand( pPciDev, PCI_COMMAND_IOACCESS | PCI_COMMAND_MEMACCESS | PCI_COMMAND_BUSMASTER); + PDMPciDevSetClassProg( pPciDev, 0x8a); /* programming interface = PCI_IDE bus-master is supported */ + PDMPciDevSetClassSub( pPciDev, 0x01); /* class_sub = PCI_IDE */ + PDMPciDevSetClassBase( pPciDev, 0x01); /* class_base = PCI_mass_storage */ + PDMPciDevSetHeaderType(pPciDev, 0x00); + + pThisCC->pDevIns = pDevIns; + for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++) + { + pThisCC->aCts[i].pDevIns = pDevIns; + pThisCC->aCts[i].iCtl = i; + pThis->aCts[i].iCtl = i; + pThis->aCts[i].msDelayIRQ = msDelayIRQ; + for (uint32_t j = 0; j < RT_ELEMENTS(pThis->aCts[i].aIfs); j++) + { + PATADEVSTATE pIf = &pThis->aCts[i].aIfs[j]; + PATADEVSTATER3 pIfR3 = &pThisCC->aCts[i].aIfs[j]; + + pIfR3->iLUN = pIf->iLUN = i * RT_ELEMENTS(pThis->aCts) + j; + pIfR3->iCtl = pIf->iCtl = i; + pIfR3->iDev = pIf->iDev = j; + pIfR3->pDevIns = pDevIns; + pIfR3->IBase.pfnQueryInterface = ataR3QueryInterface; + pIfR3->IMountNotify.pfnMountNotify = ataR3MountNotify; + pIfR3->IMountNotify.pfnUnmountNotify = ataR3UnmountNotify; + pIfR3->IPort.pfnQueryDeviceLocation = ataR3QueryDeviceLocation; + pIf->Led.u32Magic = PDMLED_MAGIC; + } + } + + Assert(RT_ELEMENTS(pThis->aCts) == 2); + pThis->aCts[0].irq = 14; + pThis->aCts[0].IOPortBase1 = 0x1f0; + pThis->aCts[0].IOPortBase2 = 0x3f6; + pThis->aCts[1].irq = 15; + pThis->aCts[1].IOPortBase1 = 0x170; + pThis->aCts[1].IOPortBase2 = 0x376; + + /* + * Set the default critical section to NOP as we lock on controller level. + */ + rc = PDMDevHlpSetDeviceCritSect(pDevIns, PDMDevHlpCritSectGetNop(pDevIns)); + AssertRCReturn(rc, rc); + + /* + * Register the PCI device. + */ + rc = PDMDevHlpPCIRegisterEx(pDevIns, pPciDev, PDMPCIDEVREG_F_NOT_MANDATORY_NO, 1 /*uPciDevNo*/, 1 /*uPciDevFn*/, "piix3ide"); + if (RT_FAILURE(rc)) + return PDMDEV_SET_ERROR(pDevIns, rc, N_("PIIX3 cannot register PCI device")); + + /* Region #4: I/O ports for the two bus-master DMA controllers. */ + rc = PDMDevHlpPCIIORegionCreateIo(pDevIns, 4 /*iPciRegion*/, 0x10 /*cPorts*/, + ataBMDMAIOPortWrite, ataBMDMAIOPortRead, NULL /*pvUser*/, "ATA Bus Master DMA", + NULL /*paExtDescs*/, &pThis->hIoPortsBmDma); + AssertRCReturn(rc, rc); + + /* + * Register stats, create critical sections. + */ + for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++) + { + for (uint32_t j = 0; j < RT_ELEMENTS(pThis->aCts[i].aIfs); j++) + { + PATADEVSTATE pIf = &pThis->aCts[i].aIfs[j]; + PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatATADMA, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_OCCURENCES, + "Number of ATA DMA transfers.", "/Devices/IDE%d/ATA%d/Unit%d/DMA", iInstance, i, j); + PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatATAPIO, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_OCCURENCES, + "Number of ATA PIO transfers.", "/Devices/IDE%d/ATA%d/Unit%d/PIO", iInstance, i, j); + PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatATAPIDMA, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_OCCURENCES, + "Number of ATAPI DMA transfers.", "/Devices/IDE%d/ATA%d/Unit%d/AtapiDMA", iInstance, i, j); + PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatATAPIPIO, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_OCCURENCES, + "Number of ATAPI PIO transfers.", "/Devices/IDE%d/ATA%d/Unit%d/AtapiPIO", iInstance, i, j); +#ifdef VBOX_WITH_STATISTICS /** @todo release too. */ + PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatReads, STAMTYPE_PROFILE_ADV, STAMVISIBILITY_ALWAYS, STAMUNIT_TICKS_PER_CALL, + "Profiling of the read operations.", "/Devices/IDE%d/ATA%d/Unit%d/Reads", iInstance, i, j); +#endif + PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatBytesRead, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_BYTES, + "Amount of data read.", "/Devices/IDE%d/ATA%d/Unit%d/ReadBytes", iInstance, i, j); +#ifdef VBOX_INSTRUMENT_DMA_WRITES + PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatInstrVDWrites,STAMTYPE_PROFILE_ADV, STAMVISIBILITY_ALWAYS, STAMUNIT_TICKS_PER_CALL, + "Profiling of the VD DMA write operations.", "/Devices/IDE%d/ATA%d/Unit%d/InstrVDWrites", iInstance, i, j); +#endif +#ifdef VBOX_WITH_STATISTICS + PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatWrites, STAMTYPE_PROFILE_ADV, STAMVISIBILITY_ALWAYS, STAMUNIT_TICKS_PER_CALL, + "Profiling of the write operations.", "/Devices/IDE%d/ATA%d/Unit%d/Writes", iInstance, i, j); +#endif + PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatBytesWritten, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_BYTES, + "Amount of data written.", "/Devices/IDE%d/ATA%d/Unit%d/WrittenBytes", iInstance, i, j); +#ifdef VBOX_WITH_STATISTICS + PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatFlushes, STAMTYPE_PROFILE, STAMVISIBILITY_ALWAYS, STAMUNIT_TICKS_PER_CALL, + "Profiling of the flush operations.", "/Devices/IDE%d/ATA%d/Unit%d/Flushes", iInstance, i, j); +#endif + PDMDevHlpSTAMRegisterF(pDevIns, &pIf->StatStatusYields, STAMTYPE_PROFILE, STAMVISIBILITY_ALWAYS, STAMUNIT_TICKS_PER_CALL, + "Profiling of status polling yields.", "/Devices/IDE%d/ATA%d/Unit%d/StatusYields", iInstance, i, j); + } +#ifdef VBOX_WITH_STATISTICS /** @todo release too. */ + PDMDevHlpSTAMRegisterF(pDevIns, &pThis->aCts[i].StatAsyncOps, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_OCCURENCES, + "The number of async operations.", "/Devices/IDE%d/ATA%d/Async/Operations", iInstance, i); + /** @todo STAMUNIT_MICROSECS */ + PDMDevHlpSTAMRegisterF(pDevIns, &pThis->aCts[i].StatAsyncMinWait, STAMTYPE_U64_RESET, STAMVISIBILITY_ALWAYS, STAMUNIT_NONE, + "Minimum wait in microseconds.", "/Devices/IDE%d/ATA%d/Async/MinWait", iInstance, i); + PDMDevHlpSTAMRegisterF(pDevIns, &pThis->aCts[i].StatAsyncMaxWait, STAMTYPE_U64_RESET, STAMVISIBILITY_ALWAYS, STAMUNIT_NONE, + "Maximum wait in microseconds.", "/Devices/IDE%d/ATA%d/Async/MaxWait", iInstance, i); + PDMDevHlpSTAMRegisterF(pDevIns, &pThis->aCts[i].StatAsyncTimeUS, STAMTYPE_COUNTER, STAMVISIBILITY_ALWAYS, STAMUNIT_NONE, + "Total time spent in microseconds.", "/Devices/IDE%d/ATA%d/Async/TotalTimeUS", iInstance, i); + PDMDevHlpSTAMRegisterF(pDevIns, &pThis->aCts[i].StatAsyncTime, STAMTYPE_PROFILE_ADV, STAMVISIBILITY_ALWAYS, STAMUNIT_TICKS_PER_CALL, + "Profiling of async operations.", "/Devices/IDE%d/ATA%d/Async/Time", iInstance, i); + PDMDevHlpSTAMRegisterF(pDevIns, &pThis->aCts[i].StatLockWait, STAMTYPE_PROFILE, STAMVISIBILITY_ALWAYS, STAMUNIT_TICKS_PER_CALL, + "Profiling of locks.", "/Devices/IDE%d/ATA%d/Async/LockWait", iInstance, i); +#endif /* VBOX_WITH_STATISTICS */ + + /* Initialize per-controller critical section. */ + rc = PDMDevHlpCritSectInit(pDevIns, &pThis->aCts[i].lock, RT_SRC_POS, "ATA#%u-Ctl", i); + AssertLogRelRCReturn(rc, rc); + + /* Initialize per-controller async I/O request critical section. */ + rc = PDMDevHlpCritSectInit(pDevIns, &pThis->aCts[i].AsyncIORequestLock, RT_SRC_POS, "ATA#%u-Req", i); + AssertLogRelRCReturn(rc, rc); + } + + /* + * Attach status driver (optional). + */ + rc = PDMDevHlpDriverAttach(pDevIns, PDM_STATUS_LUN, &pThisCC->IBase, &pBase, "Status Port"); + if (RT_SUCCESS(rc)) + { + pThisCC->pLedsConnector = PDMIBASE_QUERY_INTERFACE(pBase, PDMILEDCONNECTORS); + pThisCC->pMediaNotify = PDMIBASE_QUERY_INTERFACE(pBase, PDMIMEDIANOTIFY); + } + else if (rc != VERR_PDM_NO_ATTACHED_DRIVER) + { + AssertMsgFailed(("Failed to attach to status driver. rc=%Rrc\n", rc)); + return PDMDEV_SET_ERROR(pDevIns, rc, N_("PIIX3 cannot attach to status driver")); + } + + /* + * Attach the units. + */ + uint32_t cbTotalBuffer = 0; + for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++) + { + PATACONTROLLER pCtl = &pThis->aCts[i]; + PATACONTROLLERR3 pCtlR3 = &pThisCC->aCts[i]; + + /* + * Start the worker thread. + */ + pCtl->uAsyncIOState = ATA_AIO_NEW; + rc = PDMDevHlpSUPSemEventCreate(pDevIns, &pCtl->hAsyncIOSem); + AssertLogRelRCReturn(rc, rc); + rc = RTSemEventCreate(&pCtlR3->hSuspendIOSem); + AssertLogRelRCReturn(rc, rc); + + ataR3AsyncIOClearRequests(pDevIns, pCtl); + rc = RTThreadCreateF(&pCtlR3->hAsyncIOThread, ataR3AsyncIOThread, pCtlR3, 0, + RTTHREADTYPE_IO, RTTHREADFLAGS_WAITABLE, "ATA-%u", i); + AssertLogRelRCReturn(rc, rc); + Assert( pCtlR3->hAsyncIOThread != NIL_RTTHREAD && pCtl->hAsyncIOSem != NIL_SUPSEMEVENT + && pCtlR3->hSuspendIOSem != NIL_RTSEMEVENT && PDMDevHlpCritSectIsInitialized(pDevIns, &pCtl->AsyncIORequestLock)); + Log(("%s: controller %d AIO thread id %#x; sem %p susp_sem %p\n", __FUNCTION__, i, pCtlR3->hAsyncIOThread, pCtl->hAsyncIOSem, pCtlR3->hSuspendIOSem)); + + for (uint32_t j = 0; j < RT_ELEMENTS(pCtl->aIfs); j++) + { + static const char *s_apszDescs[RT_ELEMENTS(pThis->aCts)][RT_ELEMENTS(pCtl->aIfs)] = + { + { "Primary Master", "Primary Slave" }, + { "Secondary Master", "Secondary Slave" } + }; + + /* + * Try attach the block device and get the interfaces, + * required as well as optional. + */ + PATADEVSTATE pIf = &pCtl->aIfs[j]; + PATADEVSTATER3 pIfR3 = &pCtlR3->aIfs[j]; + + rc = PDMDevHlpDriverAttach(pDevIns, pIf->iLUN, &pIfR3->IBase, &pIfR3->pDrvBase, s_apszDescs[i][j]); + if (RT_SUCCESS(rc)) + { + rc = ataR3ConfigLun(pIf, pIfR3); + if (RT_SUCCESS(rc)) + { + /* + * Init vendor product data. + */ + static const char *s_apszCFGMKeys[RT_ELEMENTS(pThis->aCts)][RT_ELEMENTS(pCtl->aIfs)] = + { + { "PrimaryMaster", "PrimarySlave" }, + { "SecondaryMaster", "SecondarySlave" } + }; + + /* Generate a default serial number. */ + char szSerial[ATA_SERIAL_NUMBER_LENGTH+1]; + RTUUID Uuid; + if (pIfR3->pDrvMedia) + rc = pIfR3->pDrvMedia->pfnGetUuid(pIfR3->pDrvMedia, &Uuid); + else + RTUuidClear(&Uuid); + + if (RT_FAILURE(rc) || RTUuidIsNull(&Uuid)) + { + /* Generate a predictable serial for drives which don't have a UUID. */ + RTStrPrintf(szSerial, sizeof(szSerial), "VB%x-%04x%04x", + pIf->iLUN + pDevIns->iInstance * 32, + pThis->aCts[i].IOPortBase1, pThis->aCts[i].IOPortBase2); + } + else + RTStrPrintf(szSerial, sizeof(szSerial), "VB%08x-%08x", Uuid.au32[0], Uuid.au32[3]); + + /* Get user config if present using defaults otherwise. */ + PCFGMNODE pCfgNode = pHlp->pfnCFGMGetChild(pCfg, s_apszCFGMKeys[i][j]); + rc = pHlp->pfnCFGMQueryStringDef(pCfgNode, "SerialNumber", pIf->szSerialNumber, sizeof(pIf->szSerialNumber), + szSerial); + if (RT_FAILURE(rc)) + { + if (rc == VERR_CFGM_NOT_ENOUGH_SPACE) + return PDMDEV_SET_ERROR(pDevIns, VERR_INVALID_PARAMETER, + N_("PIIX3 configuration error: \"SerialNumber\" is longer than 20 bytes")); + return PDMDEV_SET_ERROR(pDevIns, rc, + N_("PIIX3 configuration error: failed to read \"SerialNumber\" as string")); + } + + rc = pHlp->pfnCFGMQueryStringDef(pCfgNode, "FirmwareRevision", pIf->szFirmwareRevision, + sizeof(pIf->szFirmwareRevision), "1.0"); + if (RT_FAILURE(rc)) + { + if (rc == VERR_CFGM_NOT_ENOUGH_SPACE) + return PDMDEV_SET_ERROR(pDevIns, VERR_INVALID_PARAMETER, + N_("PIIX3 configuration error: \"FirmwareRevision\" is longer than 8 bytes")); + return PDMDEV_SET_ERROR(pDevIns, rc, + N_("PIIX3 configuration error: failed to read \"FirmwareRevision\" as string")); + } + + rc = pHlp->pfnCFGMQueryStringDef(pCfgNode, "ModelNumber", pIf->szModelNumber, sizeof(pIf->szModelNumber), + pIf->fATAPI ? "VBOX CD-ROM" : "VBOX HARDDISK"); + if (RT_FAILURE(rc)) + { + if (rc == VERR_CFGM_NOT_ENOUGH_SPACE) + return PDMDEV_SET_ERROR(pDevIns, VERR_INVALID_PARAMETER, + N_("PIIX3 configuration error: \"ModelNumber\" is longer than 40 bytes")); + return PDMDEV_SET_ERROR(pDevIns, rc, + N_("PIIX3 configuration error: failed to read \"ModelNumber\" as string")); + } + + /* There are three other identification strings for CD drives used for INQUIRY */ + if (pIf->fATAPI) + { + rc = pHlp->pfnCFGMQueryStringDef(pCfgNode, "ATAPIVendorId", pIf->szInquiryVendorId, + sizeof(pIf->szInquiryVendorId), "VBOX"); + if (RT_FAILURE(rc)) + { + if (rc == VERR_CFGM_NOT_ENOUGH_SPACE) + return PDMDEV_SET_ERROR(pDevIns, VERR_INVALID_PARAMETER, + N_("PIIX3 configuration error: \"ATAPIVendorId\" is longer than 16 bytes")); + return PDMDEV_SET_ERROR(pDevIns, rc, + N_("PIIX3 configuration error: failed to read \"ATAPIVendorId\" as string")); + } + + rc = pHlp->pfnCFGMQueryStringDef(pCfgNode, "ATAPIProductId", pIf->szInquiryProductId, + sizeof(pIf->szInquiryProductId), "CD-ROM"); + if (RT_FAILURE(rc)) + { + if (rc == VERR_CFGM_NOT_ENOUGH_SPACE) + return PDMDEV_SET_ERROR(pDevIns, VERR_INVALID_PARAMETER, + N_("PIIX3 configuration error: \"ATAPIProductId\" is longer than 16 bytes")); + return PDMDEV_SET_ERROR(pDevIns, rc, + N_("PIIX3 configuration error: failed to read \"ATAPIProductId\" as string")); + } + + rc = pHlp->pfnCFGMQueryStringDef(pCfgNode, "ATAPIRevision", pIf->szInquiryRevision, + sizeof(pIf->szInquiryRevision), "1.0"); + if (RT_FAILURE(rc)) + { + if (rc == VERR_CFGM_NOT_ENOUGH_SPACE) + return PDMDEV_SET_ERROR(pDevIns, VERR_INVALID_PARAMETER, + N_("PIIX3 configuration error: \"ATAPIRevision\" is longer than 4 bytes")); + return PDMDEV_SET_ERROR(pDevIns, rc, + N_("PIIX3 configuration error: failed to read \"ATAPIRevision\" as string")); + } + + rc = pHlp->pfnCFGMQueryBoolDef(pCfgNode, "OverwriteInquiry", &pIf->fOverwriteInquiry, true); + if (RT_FAILURE(rc)) + return PDMDEV_SET_ERROR(pDevIns, rc, + N_("PIIX3 configuration error: failed to read \"OverwriteInquiry\" as boolean")); + } + } + } + else if (rc == VERR_PDM_NO_ATTACHED_DRIVER) + { + pIfR3->pDrvBase = NULL; + pIfR3->pDrvMedia = NULL; + pIf->cbIOBuffer = 0; + pIf->fPresent = false; + LogRel(("PIIX3 ATA: LUN#%d: no unit\n", pIf->iLUN)); + } + else + { + switch (rc) + { + case VERR_ACCESS_DENIED: + /* Error already cached by DrvHostBase */ + return rc; + default: + return PDMDevHlpVMSetError(pDevIns, rc, RT_SRC_POS, + N_("PIIX3 cannot attach drive to the %s"), + s_apszDescs[i][j]); + } + } + cbTotalBuffer += pIf->cbIOBuffer; + } + } + + /* + * Register the I/O ports. + * The ports are all hardcoded and enforced by the PIIX3 host bridge controller. + */ + for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++) + { + Assert(pThis->aCts[i].aIfs[0].fPresent == (pThisCC->aCts[i].aIfs[0].pDrvMedia != NULL)); + Assert(pThis->aCts[i].aIfs[1].fPresent == (pThisCC->aCts[i].aIfs[1].pDrvMedia != NULL)); + + if (!pThisCC->aCts[i].aIfs[0].pDrvMedia && !pThisCC->aCts[i].aIfs[1].pDrvMedia) + { + /* No device present on this ATA bus; requires special handling. */ + rc = PDMDevHlpIoPortCreateExAndMap(pDevIns, pThis->aCts[i].IOPortBase1, 8 /*cPorts*/, IOM_IOPORT_F_ABS, + ataIOPortWriteEmptyBus, ataIOPortReadEmptyBus, NULL, NULL, (RTHCPTR)(uintptr_t)i, + "ATA I/O Base 1 - Empty Bus", NULL /*paExtDescs*/, &pThis->aCts[i].hIoPortsEmpty1); + AssertLogRelRCReturn(rc, rc); + rc = PDMDevHlpIoPortCreateExAndMap(pDevIns, pThis->aCts[i].IOPortBase2, 1 /*cPorts*/, IOM_IOPORT_F_ABS, + ataIOPortWriteEmptyBus, ataIOPortReadEmptyBus, NULL, NULL, (RTHCPTR)(uintptr_t)i, + "ATA I/O Base 2 - Empty Bus", NULL /*paExtDescs*/, &pThis->aCts[i].hIoPortsEmpty2); + AssertLogRelRCReturn(rc, rc); + } + else + { + /* At least one device present, register regular handlers. */ + rc = PDMDevHlpIoPortCreateExAndMap(pDevIns, pThis->aCts[i].IOPortBase1, 1 /*cPorts*/, IOM_IOPORT_F_ABS, + ataIOPortWrite1Data, ataIOPortRead1Data, + ataIOPortWriteStr1Data, ataIOPortReadStr1Data, (RTHCPTR)(uintptr_t)i, + "ATA I/O Base 1 - Data", NULL /*paExtDescs*/, &pThis->aCts[i].hIoPorts1First); + AssertLogRelRCReturn(rc, rc); + rc = PDMDevHlpIoPortCreateExAndMap(pDevIns, pThis->aCts[i].IOPortBase1 + 1, 7 /*cPorts*/, IOM_IOPORT_F_ABS, + ataIOPortWrite1Other, ataIOPortRead1Other, NULL, NULL, (RTHCPTR)(uintptr_t)i, + "ATA I/O Base 1 - Other", NULL /*paExtDescs*/, &pThis->aCts[i].hIoPorts1Other); + AssertLogRelRCReturn(rc, rc); + + + rc = PDMDevHlpIoPortCreateExAndMap(pDevIns, pThis->aCts[i].IOPortBase2, 1 /*cPorts*/, IOM_IOPORT_F_ABS, + ataIOPortWrite2, ataIOPortRead2, NULL, NULL, (RTHCPTR)(uintptr_t)i, + "ATA I/O Base 2", NULL /*paExtDescs*/, &pThis->aCts[i].hIoPorts2); + AssertLogRelRCReturn(rc, rc); + } + } + + rc = PDMDevHlpSSMRegisterEx(pDevIns, ATA_SAVED_STATE_VERSION, sizeof(*pThis) + cbTotalBuffer, NULL, + NULL, ataR3LiveExec, NULL, + ataR3SaveLoadPrep, ataR3SaveExec, NULL, + ataR3SaveLoadPrep, ataR3LoadExec, NULL); + if (RT_FAILURE(rc)) + return PDMDEV_SET_ERROR(pDevIns, rc, N_("PIIX3 cannot register save state handlers")); + + /* + * Initialize the device state. + */ + return ataR3ResetCommon(pDevIns, true /*fConstruct*/); +} + +#else /* !IN_RING3 */ + +/** + * @callback_method_impl{PDMDEVREGR0,pfnConstruct} + */ +static DECLCALLBACK(int) ataRZConstruct(PPDMDEVINS pDevIns) +{ + PDMDEV_CHECK_VERSIONS_RETURN(pDevIns); + PATASTATE pThis = PDMDEVINS_2_DATA(pDevIns, PATASTATE); + + int rc = PDMDevHlpSetDeviceCritSect(pDevIns, PDMDevHlpCritSectGetNop(pDevIns)); + AssertRCReturn(rc, rc); + + rc = PDMDevHlpIoPortSetUpContext(pDevIns, pThis->hIoPortsBmDma, ataBMDMAIOPortWrite, ataBMDMAIOPortRead, NULL /*pvUser*/); + AssertRCReturn(rc, rc); + + for (uint32_t i = 0; i < RT_ELEMENTS(pThis->aCts); i++) + { + if (pThis->aCts[i].hIoPorts1First != NIL_IOMIOPORTHANDLE) + { + rc = PDMDevHlpIoPortSetUpContextEx(pDevIns, pThis->aCts[i].hIoPorts1First, + ataIOPortWrite1Data, ataIOPortRead1Data, + ataIOPortWriteStr1Data, ataIOPortReadStr1Data, (RTHCPTR)(uintptr_t)i); + AssertLogRelRCReturn(rc, rc); + rc = PDMDevHlpIoPortSetUpContext(pDevIns, pThis->aCts[i].hIoPorts1Other, + ataIOPortWrite1Other, ataIOPortRead1Other, (RTHCPTR)(uintptr_t)i); + AssertLogRelRCReturn(rc, rc); + rc = PDMDevHlpIoPortSetUpContext(pDevIns, pThis->aCts[i].hIoPorts2, + ataIOPortWrite2, ataIOPortRead2, (RTHCPTR)(uintptr_t)i); + AssertLogRelRCReturn(rc, rc); + } + else + { + rc = PDMDevHlpIoPortSetUpContext(pDevIns, pThis->aCts[i].hIoPortsEmpty1, + ataIOPortWriteEmptyBus, ataIOPortReadEmptyBus, (void *)(uintptr_t)i /*pvUser*/); + AssertRCReturn(rc, rc); + + rc = PDMDevHlpIoPortSetUpContext(pDevIns, pThis->aCts[i].hIoPortsEmpty2, + ataIOPortWriteEmptyBus, ataIOPortReadEmptyBus, (void *)(uintptr_t)i /*pvUser*/); + AssertRCReturn(rc, rc); + } + } + + return VINF_SUCCESS; +} + + +#endif /* !IN_RING3 */ + +/** + * The device registration structure. + */ +const PDMDEVREG g_DevicePIIX3IDE = +{ + /* .u32Version = */ PDM_DEVREG_VERSION, + /* .uReserved0 = */ 0, + /* .szName = */ "piix3ide", + /* .fFlags = */ PDM_DEVREG_FLAGS_DEFAULT_BITS | PDM_DEVREG_FLAGS_RZ | PDM_DEVREG_FLAGS_NEW_STYLE + | PDM_DEVREG_FLAGS_FIRST_SUSPEND_NOTIFICATION | PDM_DEVREG_FLAGS_FIRST_POWEROFF_NOTIFICATION + | PDM_DEVREG_FLAGS_FIRST_RESET_NOTIFICATION, + /* .fClass = */ PDM_DEVREG_CLASS_STORAGE, + /* .cMaxInstances = */ 1, + /* .uSharedVersion = */ 42, + /* .cbInstanceShared = */ sizeof(ATASTATE), + /* .cbInstanceCC = */ sizeof(ATASTATECC), + /* .cbInstanceRC = */ sizeof(ATASTATERC), + /* .cMaxPciDevices = */ 1, + /* .cMaxMsixVectors = */ 0, + /* .pszDescription = */ "Intel PIIX3 ATA controller.\n" + " LUN #0 is primary master.\n" + " LUN #1 is primary slave.\n" + " LUN #2 is secondary master.\n" + " LUN #3 is secondary slave.\n" + " LUN #999 is the LED/Status connector.", +#if defined(IN_RING3) + /* .pszRCMod = */ "VBoxDDRC.rc", + /* .pszR0Mod = */ "VBoxDDR0.r0", + /* .pfnConstruct = */ ataR3Construct, + /* .pfnDestruct = */ ataR3Destruct, + /* .pfnRelocate = */ NULL, + /* .pfnMemSetup = */ NULL, + /* .pfnPowerOn = */ NULL, + /* .pfnReset = */ ataR3Reset, + /* .pfnSuspend = */ ataR3Suspend, + /* .pfnResume = */ ataR3Resume, + /* .pfnAttach = */ ataR3Attach, + /* .pfnDetach = */ ataR3Detach, + /* .pfnQueryInterface = */ NULL, + /* .pfnInitComplete = */ NULL, + /* .pfnPowerOff = */ ataR3PowerOff, + /* .pfnSoftReset = */ NULL, + /* .pfnReserved0 = */ NULL, + /* .pfnReserved1 = */ NULL, + /* .pfnReserved2 = */ NULL, + /* .pfnReserved3 = */ NULL, + /* .pfnReserved4 = */ NULL, + /* .pfnReserved5 = */ NULL, + /* .pfnReserved6 = */ NULL, + /* .pfnReserved7 = */ NULL, +#elif defined(IN_RING0) + /* .pfnEarlyConstruct = */ NULL, + /* .pfnConstruct = */ ataRZConstruct, + /* .pfnDestruct = */ NULL, + /* .pfnFinalDestruct = */ NULL, + /* .pfnRequest = */ NULL, + /* .pfnReserved0 = */ NULL, + /* .pfnReserved1 = */ NULL, + /* .pfnReserved2 = */ NULL, + /* .pfnReserved3 = */ NULL, + /* .pfnReserved4 = */ NULL, + /* .pfnReserved5 = */ NULL, + /* .pfnReserved6 = */ NULL, + /* .pfnReserved7 = */ NULL, +#elif defined(IN_RC) + /* .pfnConstruct = */ ataRZConstruct, + /* .pfnReserved0 = */ NULL, + /* .pfnReserved1 = */ NULL, + /* .pfnReserved2 = */ NULL, + /* .pfnReserved3 = */ NULL, + /* .pfnReserved4 = */ NULL, + /* .pfnReserved5 = */ NULL, + /* .pfnReserved6 = */ NULL, + /* .pfnReserved7 = */ NULL, +#else +# error "Not in IN_RING3, IN_RING0 or IN_RC!" +#endif + /* .u32VersionEnd = */ PDM_DEVREG_VERSION +}; +#endif /* !VBOX_DEVICE_STRUCT_TESTCASE */ -- cgit v1.2.3