2 * libqos AHCI functions
4 * Copyright (c) 2014 John Snow <jsnow@redhat.com>
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
28 #include "libqos/ahci.h"
29 #include "libqos/pci-pc.h"
31 #include "qemu-common.h"
32 #include "qemu/host-utils.h"
34 #include "hw/pci/pci_ids.h"
35 #include "hw/pci/pci_regs.h"
37 typedef struct AHCICommandProp {
38 uint8_t cmd; /* Command Code */
39 bool data; /* Data transfer command? */
48 uint64_t size; /* Static transfer size, for commands like IDENTIFY. */
49 uint32_t interrupts; /* Expected interrupts for this command. */
52 AHCICommandProp ahci_command_properties[] = {
53 { .cmd = CMD_READ_PIO, .data = true, .pio = true,
54 .lba28 = true, .read = true },
55 { .cmd = CMD_WRITE_PIO, .data = true, .pio = true,
56 .lba28 = true, .write = true },
57 { .cmd = CMD_READ_PIO_EXT, .data = true, .pio = true,
58 .lba48 = true, .read = true },
59 { .cmd = CMD_WRITE_PIO_EXT, .data = true, .pio = true,
60 .lba48 = true, .write = true },
61 { .cmd = CMD_READ_DMA, .data = true, .dma = true,
62 .lba28 = true, .read = true },
63 { .cmd = CMD_WRITE_DMA, .data = true, .dma = true,
64 .lba28 = true, .write = true },
65 { .cmd = CMD_READ_DMA_EXT, .data = true, .dma = true,
66 .lba48 = true, .read = true },
67 { .cmd = CMD_WRITE_DMA_EXT, .data = true, .dma = true,
68 .lba48 = true, .write = true },
69 { .cmd = CMD_IDENTIFY, .data = true, .pio = true,
70 .size = 512, .read = true },
71 { .cmd = READ_FPDMA_QUEUED, .data = true, .dma = true,
72 .lba48 = true, .read = true, .ncq = true },
73 { .cmd = WRITE_FPDMA_QUEUED, .data = true, .dma = true,
74 .lba48 = true, .write = true, .ncq = true },
75 { .cmd = CMD_READ_MAX, .lba28 = true },
76 { .cmd = CMD_READ_MAX_EXT, .lba48 = true },
77 { .cmd = CMD_FLUSH_CACHE, .data = false }
81 /* Test Management Data */
89 AHCICommandProp *props;
90 /* Data to be transferred to the guest */
91 AHCICommandHeader header;
97 * Allocate space in the guest using information in the AHCIQState object.
99 uint64_t ahci_alloc(AHCIQState *ahci, size_t bytes)
102 g_assert(ahci->parent);
103 return qmalloc(ahci->parent, bytes);
106 void ahci_free(AHCIQState *ahci, uint64_t addr)
109 g_assert(ahci->parent);
110 qfree(ahci->parent, addr);
114 * Locate, verify, and return a handle to the AHCI device.
116 QPCIDevice *get_ahci_device(uint32_t *fingerprint)
119 uint32_t ahci_fingerprint;
122 pcibus = qpci_init_pc();
124 /* Find the AHCI PCI device and verify it's the right one. */
125 ahci = qpci_device_find(pcibus, QPCI_DEVFN(0x1F, 0x02));
126 g_assert(ahci != NULL);
128 ahci_fingerprint = qpci_config_readl(ahci, PCI_VENDOR_ID);
130 switch (ahci_fingerprint) {
131 case AHCI_INTEL_ICH9:
134 /* Unknown device. */
135 g_assert_not_reached();
139 *fingerprint = ahci_fingerprint;
144 void free_ahci_device(QPCIDevice *dev)
146 QPCIBus *pcibus = dev ? dev->bus : NULL;
148 /* libqos doesn't have a function for this, so free it manually */
150 qpci_free_pc(pcibus);
153 /* Free all memory in-use by the AHCI device. */
154 void ahci_clean_mem(AHCIQState *ahci)
158 for (port = 0; port < 32; ++port) {
159 if (ahci->port[port].fb) {
160 ahci_free(ahci, ahci->port[port].fb);
161 ahci->port[port].fb = 0;
163 if (ahci->port[port].clb) {
164 for (slot = 0; slot < 32; slot++) {
165 ahci_destroy_command(ahci, port, slot);
167 ahci_free(ahci, ahci->port[port].clb);
168 ahci->port[port].clb = 0;
173 /*** Logical Device Initialization ***/
176 * Start the PCI device and sanity-check default operation.
178 void ahci_pci_enable(AHCIQState *ahci)
182 start_ahci_device(ahci);
184 switch (ahci->fingerprint) {
185 case AHCI_INTEL_ICH9:
186 /* ICH9 has a register at PCI 0x92 that
187 * acts as a master port enabler mask. */
188 reg = qpci_config_readb(ahci->dev, 0x92);
190 qpci_config_writeb(ahci->dev, 0x92, reg);
191 /* 0...0111111b -- bit significant, ports 0-5 enabled. */
192 ASSERT_BIT_SET(qpci_config_readb(ahci->dev, 0x92), 0x3F);
199 * Map BAR5/ABAR, and engage the PCI device.
201 void start_ahci_device(AHCIQState *ahci)
203 /* Map AHCI's ABAR (BAR5) */
204 ahci->hba_base = qpci_iomap(ahci->dev, 5, &ahci->barsize);
205 g_assert(ahci->hba_base);
207 /* turns on pci.cmd.iose, pci.cmd.mse and pci.cmd.bme */
208 qpci_device_enable(ahci->dev);
212 * Test and initialize the AHCI's HBA memory areas.
213 * Initialize and start any ports with devices attached.
214 * Bring the HBA into the idle state.
216 void ahci_hba_enable(AHCIQState *ahci)
218 /* Bits of interest in this section:
219 * GHC.AE Global Host Control / AHCI Enable
220 * PxCMD.ST Port Command: Start
221 * PxCMD.SUD "Spin Up Device"
222 * PxCMD.POD "Power On Device"
223 * PxCMD.FRE "FIS Receive Enable"
224 * PxCMD.FR "FIS Receive Running"
225 * PxCMD.CR "Command List Running"
227 uint32_t reg, ports_impl;
229 uint8_t num_cmd_slots;
231 g_assert(ahci != NULL);
233 /* Set GHC.AE to 1 */
234 ahci_set(ahci, AHCI_GHC, AHCI_GHC_AE);
235 reg = ahci_rreg(ahci, AHCI_GHC);
236 ASSERT_BIT_SET(reg, AHCI_GHC_AE);
238 /* Cache CAP and CAP2. */
239 ahci->cap = ahci_rreg(ahci, AHCI_CAP);
240 ahci->cap2 = ahci_rreg(ahci, AHCI_CAP2);
242 /* Read CAP.NCS, how many command slots do we have? */
243 num_cmd_slots = ((ahci->cap & AHCI_CAP_NCS) >> ctzl(AHCI_CAP_NCS)) + 1;
244 g_test_message("Number of Command Slots: %u", num_cmd_slots);
246 /* Determine which ports are implemented. */
247 ports_impl = ahci_rreg(ahci, AHCI_PI);
249 for (i = 0; ports_impl; ports_impl >>= 1, ++i) {
250 if (!(ports_impl & 0x01)) {
254 g_test_message("Initializing port %u", i);
256 reg = ahci_px_rreg(ahci, i, AHCI_PX_CMD);
257 if (BITCLR(reg, AHCI_PX_CMD_ST | AHCI_PX_CMD_CR |
258 AHCI_PX_CMD_FRE | AHCI_PX_CMD_FR)) {
259 g_test_message("port is idle");
261 g_test_message("port needs to be idled");
262 ahci_px_clr(ahci, i, AHCI_PX_CMD,
263 (AHCI_PX_CMD_ST | AHCI_PX_CMD_FRE));
264 /* The port has 500ms to disengage. */
266 reg = ahci_px_rreg(ahci, i, AHCI_PX_CMD);
267 ASSERT_BIT_CLEAR(reg, AHCI_PX_CMD_CR);
268 ASSERT_BIT_CLEAR(reg, AHCI_PX_CMD_FR);
269 g_test_message("port is now idle");
270 /* The spec does allow for possibly needing a PORT RESET
271 * or HBA reset if we fail to idle the port. */
274 /* Allocate Memory for the Command List Buffer & FIS Buffer */
275 /* PxCLB space ... 0x20 per command, as in 4.2.2 p 36 */
276 ahci->port[i].clb = ahci_alloc(ahci, num_cmd_slots * 0x20);
277 qmemset(ahci->port[i].clb, 0x00, num_cmd_slots * 0x20);
278 g_test_message("CLB: 0x%08" PRIx64, ahci->port[i].clb);
279 ahci_px_wreg(ahci, i, AHCI_PX_CLB, ahci->port[i].clb);
280 g_assert_cmphex(ahci->port[i].clb, ==,
281 ahci_px_rreg(ahci, i, AHCI_PX_CLB));
283 /* PxFB space ... 0x100, as in 4.2.1 p 35 */
284 ahci->port[i].fb = ahci_alloc(ahci, 0x100);
285 qmemset(ahci->port[i].fb, 0x00, 0x100);
286 g_test_message("FB: 0x%08" PRIx64, ahci->port[i].fb);
287 ahci_px_wreg(ahci, i, AHCI_PX_FB, ahci->port[i].fb);
288 g_assert_cmphex(ahci->port[i].fb, ==,
289 ahci_px_rreg(ahci, i, AHCI_PX_FB));
291 /* Clear PxSERR, PxIS, then IS.IPS[x] by writing '1's. */
292 ahci_px_wreg(ahci, i, AHCI_PX_SERR, 0xFFFFFFFF);
293 ahci_px_wreg(ahci, i, AHCI_PX_IS, 0xFFFFFFFF);
294 ahci_wreg(ahci, AHCI_IS, (1 << i));
296 /* Verify Interrupts Cleared */
297 reg = ahci_px_rreg(ahci, i, AHCI_PX_SERR);
298 g_assert_cmphex(reg, ==, 0);
300 reg = ahci_px_rreg(ahci, i, AHCI_PX_IS);
301 g_assert_cmphex(reg, ==, 0);
303 reg = ahci_rreg(ahci, AHCI_IS);
304 ASSERT_BIT_CLEAR(reg, (1 << i));
306 /* Enable All Interrupts: */
307 ahci_px_wreg(ahci, i, AHCI_PX_IE, 0xFFFFFFFF);
308 reg = ahci_px_rreg(ahci, i, AHCI_PX_IE);
309 g_assert_cmphex(reg, ==, ~((uint32_t)AHCI_PX_IE_RESERVED));
311 /* Enable the FIS Receive Engine. */
312 ahci_px_set(ahci, i, AHCI_PX_CMD, AHCI_PX_CMD_FRE);
313 reg = ahci_px_rreg(ahci, i, AHCI_PX_CMD);
314 ASSERT_BIT_SET(reg, AHCI_PX_CMD_FR);
316 /* AHCI 1.3 spec: if !STS.BSY, !STS.DRQ and PxSSTS.DET indicates
317 * physical presence, a device is present and may be started. However,
318 * PxSERR.DIAG.X /may/ need to be cleared a priori. */
319 reg = ahci_px_rreg(ahci, i, AHCI_PX_SERR);
320 if (BITSET(reg, AHCI_PX_SERR_DIAG_X)) {
321 ahci_px_set(ahci, i, AHCI_PX_SERR, AHCI_PX_SERR_DIAG_X);
324 reg = ahci_px_rreg(ahci, i, AHCI_PX_TFD);
325 if (BITCLR(reg, AHCI_PX_TFD_STS_BSY | AHCI_PX_TFD_STS_DRQ)) {
326 reg = ahci_px_rreg(ahci, i, AHCI_PX_SSTS);
327 if ((reg & AHCI_PX_SSTS_DET) == SSTS_DET_ESTABLISHED) {
328 /* Device Found: set PxCMD.ST := 1 */
329 ahci_px_set(ahci, i, AHCI_PX_CMD, AHCI_PX_CMD_ST);
330 ASSERT_BIT_SET(ahci_px_rreg(ahci, i, AHCI_PX_CMD),
332 g_test_message("Started Device %u", i);
333 } else if ((reg & AHCI_PX_SSTS_DET)) {
334 /* Device present, but in some unknown state. */
335 g_assert_not_reached();
341 ahci_set(ahci, AHCI_GHC, AHCI_GHC_IE);
342 reg = ahci_rreg(ahci, AHCI_GHC);
343 ASSERT_BIT_SET(reg, AHCI_GHC_IE);
345 /* TODO: The device should now be idling and waiting for commands.
346 * In the future, a small test-case to inspect the Register D2H FIS
347 * and clear the initial interrupts might be good. */
351 * Pick the first implemented and running port
353 unsigned ahci_port_select(AHCIQState *ahci)
358 ports = ahci_rreg(ahci, AHCI_PI);
359 for (i = 0; i < 32; ports >>= 1, ++i) {
364 if (!(ports & 0x01)) {
368 reg = ahci_px_rreg(ahci, i, AHCI_PX_CMD);
369 if (BITSET(reg, AHCI_PX_CMD_ST)) {
378 * Clear a port's interrupts and status information prior to a test.
380 void ahci_port_clear(AHCIQState *ahci, uint8_t port)
384 /* Clear out this port's interrupts (ignore the init register d2h fis) */
385 reg = ahci_px_rreg(ahci, port, AHCI_PX_IS);
386 ahci_px_wreg(ahci, port, AHCI_PX_IS, reg);
387 g_assert_cmphex(ahci_px_rreg(ahci, port, AHCI_PX_IS), ==, 0);
389 /* Wipe the FIS-Receive Buffer */
390 qmemset(ahci->port[port].fb, 0x00, 0x100);
394 * Check a port for errors.
396 void ahci_port_check_error(AHCIQState *ahci, uint8_t port)
400 /* The upper 9 bits of the IS register all indicate errors. */
401 reg = ahci_px_rreg(ahci, port, AHCI_PX_IS);
403 g_assert_cmphex(reg, ==, 0);
405 /* The Sata Error Register should be empty. */
406 reg = ahci_px_rreg(ahci, port, AHCI_PX_SERR);
407 g_assert_cmphex(reg, ==, 0);
409 /* The TFD also has two error sections. */
410 reg = ahci_px_rreg(ahci, port, AHCI_PX_TFD);
411 ASSERT_BIT_CLEAR(reg, AHCI_PX_TFD_STS_ERR);
412 ASSERT_BIT_CLEAR(reg, AHCI_PX_TFD_ERR);
415 void ahci_port_check_interrupts(AHCIQState *ahci, uint8_t port,
420 /* Check for expected interrupts */
421 reg = ahci_px_rreg(ahci, port, AHCI_PX_IS);
422 ASSERT_BIT_SET(reg, intr_mask);
424 /* Clear expected interrupts and assert all interrupts now cleared. */
425 ahci_px_wreg(ahci, port, AHCI_PX_IS, intr_mask);
426 g_assert_cmphex(ahci_px_rreg(ahci, port, AHCI_PX_IS), ==, 0);
429 void ahci_port_check_nonbusy(AHCIQState *ahci, uint8_t port, uint8_t slot)
433 /* Assert that the command slot is no longer busy (NCQ) */
434 reg = ahci_px_rreg(ahci, port, AHCI_PX_SACT);
435 ASSERT_BIT_CLEAR(reg, (1 << slot));
438 reg = ahci_px_rreg(ahci, port, AHCI_PX_CI);
439 ASSERT_BIT_CLEAR(reg, (1 << slot));
441 /* And assert that we are generally not busy. */
442 reg = ahci_px_rreg(ahci, port, AHCI_PX_TFD);
443 ASSERT_BIT_CLEAR(reg, AHCI_PX_TFD_STS_BSY);
444 ASSERT_BIT_CLEAR(reg, AHCI_PX_TFD_STS_DRQ);
447 void ahci_port_check_d2h_sanity(AHCIQState *ahci, uint8_t port, uint8_t slot)
449 RegD2HFIS *d2h = g_malloc0(0x20);
452 memread(ahci->port[port].fb + 0x40, d2h, 0x20);
453 g_assert_cmphex(d2h->fis_type, ==, 0x34);
455 reg = ahci_px_rreg(ahci, port, AHCI_PX_TFD);
456 g_assert_cmphex((reg & AHCI_PX_TFD_ERR) >> 8, ==, d2h->error);
457 g_assert_cmphex((reg & AHCI_PX_TFD_STS), ==, d2h->status);
462 void ahci_port_check_pio_sanity(AHCIQState *ahci, uint8_t port,
463 uint8_t slot, size_t buffsize)
465 PIOSetupFIS *pio = g_malloc0(0x20);
467 /* We cannot check the Status or E_Status registers, because
468 * the status may have again changed between the PIO Setup FIS
469 * and the conclusion of the command with the D2H Register FIS. */
470 memread(ahci->port[port].fb + 0x20, pio, 0x20);
471 g_assert_cmphex(pio->fis_type, ==, 0x5f);
473 /* BUG: PIO Setup FIS as utilized by QEMU tries to fit the entire
474 * transfer size in a uint16_t field. The maximum transfer size can
475 * eclipse this; the field is meant to convey the size of data per
476 * each Data FIS, not the entire operation as a whole. For now,
477 * we will sanity check the broken case where applicable. */
478 if (buffsize <= UINT16_MAX) {
479 g_assert_cmphex(le16_to_cpu(pio->tx_count), ==, buffsize);
485 void ahci_port_check_cmd_sanity(AHCIQState *ahci, AHCICommand *cmd)
487 AHCICommandHeader cmdh;
489 ahci_get_command_header(ahci, cmd->port, cmd->slot, &cmdh);
490 /* Physical Region Descriptor Byte Count is not required to work for NCQ. */
491 if (!cmd->props->ncq) {
492 g_assert_cmphex(cmd->xbytes, ==, cmdh.prdbc);
496 /* Get the command in #slot of port #port. */
497 void ahci_get_command_header(AHCIQState *ahci, uint8_t port,
498 uint8_t slot, AHCICommandHeader *cmd)
500 uint64_t ba = ahci->port[port].clb;
501 ba += slot * sizeof(AHCICommandHeader);
502 memread(ba, cmd, sizeof(AHCICommandHeader));
504 cmd->flags = le16_to_cpu(cmd->flags);
505 cmd->prdtl = le16_to_cpu(cmd->prdtl);
506 cmd->prdbc = le32_to_cpu(cmd->prdbc);
507 cmd->ctba = le64_to_cpu(cmd->ctba);
510 /* Set the command in #slot of port #port. */
511 void ahci_set_command_header(AHCIQState *ahci, uint8_t port,
512 uint8_t slot, AHCICommandHeader *cmd)
514 AHCICommandHeader tmp = { .flags = 0 };
515 uint64_t ba = ahci->port[port].clb;
516 ba += slot * sizeof(AHCICommandHeader);
518 tmp.flags = cpu_to_le16(cmd->flags);
519 tmp.prdtl = cpu_to_le16(cmd->prdtl);
520 tmp.prdbc = cpu_to_le32(cmd->prdbc);
521 tmp.ctba = cpu_to_le64(cmd->ctba);
523 memwrite(ba, &tmp, sizeof(AHCICommandHeader));
526 void ahci_destroy_command(AHCIQState *ahci, uint8_t port, uint8_t slot)
528 AHCICommandHeader cmd;
530 /* Obtain the Nth Command Header */
531 ahci_get_command_header(ahci, port, slot, &cmd);
533 /* No address in it, so just return -- it's empty. */
538 ahci_free(ahci, cmd.ctba);
541 /* NULL the header. */
542 memset(&cmd, 0x00, sizeof(cmd));
543 ahci_set_command_header(ahci, port, slot, &cmd);
544 ahci->port[port].ctba[slot] = 0;
545 ahci->port[port].prdtl[slot] = 0;
548 void ahci_write_fis(AHCIQState *ahci, AHCICommand *cmd)
550 RegH2DFIS tmp = cmd->fis;
551 uint64_t addr = cmd->header.ctba;
553 /* NCQ commands use exclusively 8 bit fields and needs no adjustment.
554 * Only the count field needs to be adjusted for non-NCQ commands.
555 * The auxiliary FIS fields are defined per-command and are not currently
556 * implemented in libqos/ahci.o, but may or may not need to be flipped. */
557 if (!cmd->props->ncq) {
558 tmp.count = cpu_to_le16(tmp.count);
561 memwrite(addr, &tmp, sizeof(tmp));
564 unsigned ahci_pick_cmd(AHCIQState *ahci, uint8_t port)
570 reg = ahci_px_rreg(ahci, port, AHCI_PX_CI);
572 /* Pick the least recently used command slot that's available */
573 for (i = 0; i < 32; ++i) {
574 j = ((ahci->port[port].next + i) % 32);
575 if (reg & (1 << j)) {
578 ahci_destroy_command(ahci, port, j);
579 ahci->port[port].next = (j + 1) % 32;
583 g_test_message("All command slots were busy.");
584 g_assert_not_reached();
587 inline unsigned size_to_prdtl(unsigned bytes, unsigned bytes_per_prd)
589 /* Each PRD can describe up to 4MiB */
590 g_assert_cmphex(bytes_per_prd, <=, 4096 * 1024);
591 g_assert_cmphex(bytes_per_prd & 0x01, ==, 0x00);
592 return (bytes + bytes_per_prd - 1) / bytes_per_prd;
595 /* Issue a command, expecting it to fail and STOP the VM */
596 AHCICommand *ahci_guest_io_halt(AHCIQState *ahci, uint8_t port,
597 uint8_t ide_cmd, uint64_t buffer,
598 size_t bufsize, uint64_t sector)
602 cmd = ahci_command_create(ide_cmd);
603 ahci_command_adjust(cmd, sector, buffer, bufsize, 0);
604 ahci_command_commit(ahci, cmd, port);
605 ahci_command_issue_async(ahci, cmd);
606 qmp_eventwait("STOP");
611 /* Resume a previously failed command and verify/finalize */
612 void ahci_guest_io_resume(AHCIQState *ahci, AHCICommand *cmd)
614 /* Complete the command */
615 qmp_async("{'execute':'cont' }");
616 qmp_eventwait("RESUME");
617 ahci_command_wait(ahci, cmd);
618 ahci_command_verify(ahci, cmd);
619 ahci_command_free(cmd);
622 /* Given a guest buffer address, perform an IO operation */
623 void ahci_guest_io(AHCIQState *ahci, uint8_t port, uint8_t ide_cmd,
624 uint64_t buffer, size_t bufsize, uint64_t sector)
627 cmd = ahci_command_create(ide_cmd);
628 ahci_command_set_buffer(cmd, buffer);
629 ahci_command_set_size(cmd, bufsize);
631 ahci_command_set_offset(cmd, sector);
633 ahci_command_commit(ahci, cmd, port);
634 ahci_command_issue(ahci, cmd);
635 ahci_command_verify(ahci, cmd);
636 ahci_command_free(cmd);
639 static AHCICommandProp *ahci_command_find(uint8_t command_name)
643 for (i = 0; i < ARRAY_SIZE(ahci_command_properties); i++) {
644 if (ahci_command_properties[i].cmd == command_name) {
645 return &ahci_command_properties[i];
652 /* Given a HOST buffer, create a buffer address and perform an IO operation. */
653 void ahci_io(AHCIQState *ahci, uint8_t port, uint8_t ide_cmd,
654 void *buffer, size_t bufsize, uint64_t sector)
657 AHCICommandProp *props;
659 props = ahci_command_find(ide_cmd);
661 ptr = ahci_alloc(ahci, bufsize);
663 qmemset(ptr, 0x00, bufsize);
666 bufwrite(ptr, buffer, bufsize);
669 ahci_guest_io(ahci, port, ide_cmd, ptr, bufsize, sector);
672 bufread(ptr, buffer, bufsize);
675 ahci_free(ahci, ptr);
679 * Initializes a basic command header in memory.
680 * We assume that this is for an ATA command using RegH2DFIS.
682 static void command_header_init(AHCICommand *cmd)
684 AHCICommandHeader *hdr = &cmd->header;
685 AHCICommandProp *props = cmd->props;
687 hdr->flags = 5; /* RegH2DFIS is 5 DW long. Must be < 32 */
688 hdr->flags |= CMDH_CLR_BSY; /* Clear the BSY bit when done */
690 hdr->flags |= CMDH_WRITE;
693 hdr->flags |= CMDH_ATAPI;
695 /* Other flags: PREFETCH, RESET, and BIST */
696 hdr->prdtl = size_to_prdtl(cmd->xbytes, cmd->prd_size);
701 static void command_table_init(AHCICommand *cmd)
703 RegH2DFIS *fis = &(cmd->fis);
704 uint16_t sect_count = (cmd->xbytes / AHCI_SECTOR_SIZE);
706 fis->fis_type = REG_H2D_FIS;
707 fis->flags = REG_H2D_FIS_CMD; /* "Command" bit */
708 fis->command = cmd->name;
710 if (cmd->props->ncq) {
711 NCQFIS *ncqfis = (NCQFIS *)fis;
712 /* NCQ is weird and re-uses FIS frames for unrelated data.
713 * See SATA 3.2, 13.6.4.1 READ FPDMA QUEUED for an example. */
714 ncqfis->sector_low = sect_count & 0xFF;
715 ncqfis->sector_hi = (sect_count >> 8) & 0xFF;
716 ncqfis->device = NCQ_DEVICE_MAGIC;
717 /* Force Unit Access is bit 7 in the device register */
718 ncqfis->tag = 0; /* bits 3-7 are the NCQ tag */
719 ncqfis->prio = 0; /* bits 6,7 are a prio tag */
720 /* RARC bit is bit 0 of TAG field */
722 fis->feature_low = 0x00;
723 fis->feature_high = 0x00;
724 if (cmd->props->lba28 || cmd->props->lba48) {
725 fis->device = ATA_DEVICE_LBA;
727 fis->count = (cmd->xbytes / AHCI_SECTOR_SIZE);
731 memset(fis->aux, 0x00, ARRAY_SIZE(fis->aux));
734 AHCICommand *ahci_command_create(uint8_t command_name)
736 AHCICommandProp *props = ahci_command_find(command_name);
740 cmd = g_malloc0(sizeof(AHCICommand));
741 g_assert(!(props->dma && props->pio));
742 g_assert(!(props->lba28 && props->lba48));
743 g_assert(!(props->read && props->write));
744 g_assert(!props->size || props->data);
745 g_assert(!props->ncq || (props->ncq && props->lba48));
747 /* Defaults and book-keeping */
749 cmd->name = command_name;
750 cmd->xbytes = props->size;
751 cmd->prd_size = 4096;
752 cmd->buffer = 0xabad1dea;
754 if (!cmd->props->ncq) {
755 cmd->interrupts = AHCI_PX_IS_DHRS;
757 /* BUG: We expect the DPS interrupt for data commands */
758 /* cmd->interrupts |= props->data ? AHCI_PX_IS_DPS : 0; */
759 /* BUG: We expect the DMA Setup interrupt for DMA commands */
760 /* cmd->interrupts |= props->dma ? AHCI_PX_IS_DSS : 0; */
761 cmd->interrupts |= props->pio ? AHCI_PX_IS_PSS : 0;
762 cmd->interrupts |= props->ncq ? AHCI_PX_IS_SDBS : 0;
764 command_header_init(cmd);
765 command_table_init(cmd);
770 void ahci_command_free(AHCICommand *cmd)
775 void ahci_command_set_flags(AHCICommand *cmd, uint16_t cmdh_flags)
777 cmd->header.flags |= cmdh_flags;
780 void ahci_command_clr_flags(AHCICommand *cmd, uint16_t cmdh_flags)
782 cmd->header.flags &= ~cmdh_flags;
785 void ahci_command_set_offset(AHCICommand *cmd, uint64_t lba_sect)
787 RegH2DFIS *fis = &(cmd->fis);
788 if (cmd->props->lba28) {
789 g_assert_cmphex(lba_sect, <=, 0xFFFFFFF);
790 } else if (cmd->props->lba48 || cmd->props->ncq) {
791 g_assert_cmphex(lba_sect, <=, 0xFFFFFFFFFFFF);
793 /* Can't set offset if we don't know the format. */
794 g_assert_not_reached();
797 /* LBA28 uses the low nibble of the device/control register for LBA24:27 */
798 fis->lba_lo[0] = (lba_sect & 0xFF);
799 fis->lba_lo[1] = (lba_sect >> 8) & 0xFF;
800 fis->lba_lo[2] = (lba_sect >> 16) & 0xFF;
801 if (cmd->props->lba28) {
802 fis->device = (fis->device & 0xF0) | ((lba_sect >> 24) & 0x0F);
804 fis->lba_hi[0] = (lba_sect >> 24) & 0xFF;
805 fis->lba_hi[1] = (lba_sect >> 32) & 0xFF;
806 fis->lba_hi[2] = (lba_sect >> 40) & 0xFF;
809 void ahci_command_set_buffer(AHCICommand *cmd, uint64_t buffer)
811 cmd->buffer = buffer;
814 void ahci_command_set_sizes(AHCICommand *cmd, uint64_t xbytes,
819 /* Each PRD can describe up to 4MiB, and must not be odd. */
820 g_assert_cmphex(prd_size, <=, 4096 * 1024);
821 g_assert_cmphex(prd_size & 0x01, ==, 0x00);
823 cmd->prd_size = prd_size;
825 cmd->xbytes = xbytes;
826 sect_count = (cmd->xbytes / AHCI_SECTOR_SIZE);
828 if (cmd->props->ncq) {
829 NCQFIS *nfis = (NCQFIS *)&(cmd->fis);
830 nfis->sector_low = sect_count & 0xFF;
831 nfis->sector_hi = (sect_count >> 8) & 0xFF;
833 cmd->fis.count = sect_count;
835 cmd->header.prdtl = size_to_prdtl(cmd->xbytes, cmd->prd_size);
838 void ahci_command_set_size(AHCICommand *cmd, uint64_t xbytes)
840 ahci_command_set_sizes(cmd, xbytes, cmd->prd_size);
843 void ahci_command_set_prd_size(AHCICommand *cmd, unsigned prd_size)
845 ahci_command_set_sizes(cmd, cmd->xbytes, prd_size);
848 void ahci_command_adjust(AHCICommand *cmd, uint64_t offset, uint64_t buffer,
849 uint64_t xbytes, unsigned prd_size)
851 ahci_command_set_sizes(cmd, xbytes, prd_size);
852 ahci_command_set_buffer(cmd, buffer);
853 ahci_command_set_offset(cmd, offset);
856 void ahci_command_commit(AHCIQState *ahci, AHCICommand *cmd, uint8_t port)
859 uint64_t table_size, table_ptr, remaining;
862 /* This command is now tied to this port/command slot */
864 cmd->slot = ahci_pick_cmd(ahci, port);
866 if (cmd->props->ncq) {
867 NCQFIS *nfis = (NCQFIS *)&cmd->fis;
868 nfis->tag = (cmd->slot << 3) & 0xFC;
871 /* Create a buffer for the command table */
872 prdtl = size_to_prdtl(cmd->xbytes, cmd->prd_size);
873 table_size = CMD_TBL_SIZ(prdtl);
874 table_ptr = ahci_alloc(ahci, table_size);
876 /* AHCI 1.3: Must be aligned to 0x80 */
877 g_assert((table_ptr & 0x7F) == 0x00);
878 cmd->header.ctba = table_ptr;
880 /* Commit the command header and command FIS */
881 ahci_set_command_header(ahci, port, cmd->slot, &(cmd->header));
882 ahci_write_fis(ahci, cmd);
884 /* Construct and write the PRDs to the command table */
885 g_assert_cmphex(prdtl, ==, cmd->header.prdtl);
886 remaining = cmd->xbytes;
887 for (i = 0; i < prdtl; ++i) {
888 prd.dba = cpu_to_le64(cmd->buffer + (cmd->prd_size * i));
890 if (remaining > cmd->prd_size) {
891 /* Note that byte count is 0-based. */
892 prd.dbc = cpu_to_le32(cmd->prd_size - 1);
893 remaining -= cmd->prd_size;
895 /* Again, dbc is 0-based. */
896 prd.dbc = cpu_to_le32(remaining - 1);
899 prd.dbc |= cpu_to_le32(0x80000000); /* Request DPS Interrupt */
901 /* Commit the PRD entry to the Command Table */
902 memwrite(table_ptr + 0x80 + (i * sizeof(PRD)),
906 /* Bookmark the PRDTL and CTBA values */
907 ahci->port[port].ctba[cmd->slot] = table_ptr;
908 ahci->port[port].prdtl[cmd->slot] = prdtl;
911 void ahci_command_issue_async(AHCIQState *ahci, AHCICommand *cmd)
913 if (cmd->props->ncq) {
914 ahci_px_wreg(ahci, cmd->port, AHCI_PX_SACT, (1 << cmd->slot));
917 ahci_px_wreg(ahci, cmd->port, AHCI_PX_CI, (1 << cmd->slot));
920 void ahci_command_wait(AHCIQState *ahci, AHCICommand *cmd)
922 /* We can't rely on STS_BSY until the command has started processing.
923 * Therefore, we also use the Command Issue bit as indication of
924 * a command in-flight. */
926 #define RSET(REG, MASK) (BITSET(ahci_px_rreg(ahci, cmd->port, (REG)), (MASK)))
928 while (RSET(AHCI_PX_TFD, AHCI_PX_TFD_STS_BSY) ||
929 RSET(AHCI_PX_CI, 1 << cmd->slot) ||
930 (cmd->props->ncq && RSET(AHCI_PX_SACT, 1 << cmd->slot))) {
936 void ahci_command_issue(AHCIQState *ahci, AHCICommand *cmd)
938 ahci_command_issue_async(ahci, cmd);
939 ahci_command_wait(ahci, cmd);
942 void ahci_command_verify(AHCIQState *ahci, AHCICommand *cmd)
944 uint8_t slot = cmd->slot;
945 uint8_t port = cmd->port;
947 ahci_port_check_error(ahci, port);
948 ahci_port_check_interrupts(ahci, port, cmd->interrupts);
949 ahci_port_check_nonbusy(ahci, port, slot);
950 ahci_port_check_cmd_sanity(ahci, cmd);
951 if (cmd->interrupts & AHCI_PX_IS_DHRS) {
952 ahci_port_check_d2h_sanity(ahci, port, slot);
954 if (cmd->props->pio) {
955 ahci_port_check_pio_sanity(ahci, port, slot, cmd->xbytes);
959 uint8_t ahci_command_slot(AHCICommand *cmd)
Code Review / kvmfornfv.git / blob