ahci.c (39830B)
1/* 2 * libqos AHCI functions 3 * 4 * Copyright (c) 2014 John Snow <jsnow@redhat.com> 5 * 6 * Permission is hereby granted, free of charge, to any person obtaining a copy 7 * of this software and associated documentation files (the "Software"), to deal 8 * in the Software without restriction, including without limitation the rights 9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 10 * copies of the Software, and to permit persons to whom the Software is 11 * furnished to do so, subject to the following conditions: 12 * 13 * The above copyright notice and this permission notice shall be included in 14 * all copies or substantial portions of the Software. 15 * 16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 22 * THE SOFTWARE. 23 */ 24 25#include "qemu/osdep.h" 26 27#include "libqtest.h" 28#include "ahci.h" 29#include "pci-pc.h" 30 31#include "qemu-common.h" 32#include "qemu/host-utils.h" 33 34#include "hw/pci/pci_ids.h" 35#include "hw/pci/pci_regs.h" 36 37typedef struct AHCICommandProp { 38 uint8_t cmd; /* Command Code */ 39 bool data; /* Data transfer command? */ 40 bool pio; 41 bool dma; 42 bool lba28; 43 bool lba48; 44 bool read; 45 bool write; 46 bool atapi; 47 bool ncq; 48 uint64_t size; /* Static transfer size, for commands like IDENTIFY. */ 49 uint32_t interrupts; /* Expected interrupts for this command. */ 50} AHCICommandProp; 51 52AHCICommandProp ahci_command_properties[] = { 53 { .cmd = CMD_READ_PIO, .data = true, .pio = true, 54 .lba28 = true, .read = true }, 55 { .cmd = CMD_WRITE_PIO, .data = true, .pio = true, 56 .lba28 = true, .write = true }, 57 { .cmd = CMD_READ_PIO_EXT, .data = true, .pio = true, 58 .lba48 = true, .read = true }, 59 { .cmd = CMD_WRITE_PIO_EXT, .data = true, .pio = true, 60 .lba48 = true, .write = true }, 61 { .cmd = CMD_READ_DMA, .data = true, .dma = true, 62 .lba28 = true, .read = true }, 63 { .cmd = CMD_WRITE_DMA, .data = true, .dma = true, 64 .lba28 = true, .write = true }, 65 { .cmd = CMD_READ_DMA_EXT, .data = true, .dma = true, 66 .lba48 = true, .read = true }, 67 { .cmd = CMD_WRITE_DMA_EXT, .data = true, .dma = true, 68 .lba48 = true, .write = true }, 69 { .cmd = CMD_IDENTIFY, .data = true, .pio = true, 70 .size = 512, .read = true }, 71 { .cmd = READ_FPDMA_QUEUED, .data = true, .dma = true, 72 .lba48 = true, .read = true, .ncq = true }, 73 { .cmd = WRITE_FPDMA_QUEUED, .data = true, .dma = true, 74 .lba48 = true, .write = true, .ncq = true }, 75 { .cmd = CMD_READ_MAX, .lba28 = true }, 76 { .cmd = CMD_READ_MAX_EXT, .lba48 = true }, 77 { .cmd = CMD_FLUSH_CACHE, .data = false }, 78 { .cmd = CMD_PACKET, .data = true, .size = 16, 79 .atapi = true, .pio = true }, 80 { .cmd = CMD_PACKET_ID, .data = true, .pio = true, 81 .size = 512, .read = true } 82}; 83 84struct AHCICommand { 85 /* Test Management Data */ 86 uint8_t name; 87 uint8_t port; 88 uint8_t slot; 89 uint8_t errors; 90 uint32_t interrupts; 91 uint64_t xbytes; 92 uint32_t prd_size; 93 uint32_t sector_size; 94 uint64_t buffer; 95 AHCICommandProp *props; 96 /* Data to be transferred to the guest */ 97 AHCICommandHeader header; 98 RegH2DFIS fis; 99 unsigned char *atapi_cmd; 100}; 101 102/** 103 * Allocate space in the guest using information in the AHCIQState object. 104 */ 105uint64_t ahci_alloc(AHCIQState *ahci, size_t bytes) 106{ 107 g_assert(ahci); 108 g_assert(ahci->parent); 109 return qmalloc(ahci->parent, bytes); 110} 111 112void ahci_free(AHCIQState *ahci, uint64_t addr) 113{ 114 g_assert(ahci); 115 g_assert(ahci->parent); 116 qfree(ahci->parent, addr); 117} 118 119bool is_atapi(AHCIQState *ahci, uint8_t port) 120{ 121 return ahci_px_rreg(ahci, port, AHCI_PX_SIG) == AHCI_SIGNATURE_CDROM; 122} 123 124/** 125 * Locate, verify, and return a handle to the AHCI device. 126 */ 127QPCIDevice *get_ahci_device(QTestState *qts, uint32_t *fingerprint) 128{ 129 QPCIDevice *ahci; 130 uint32_t ahci_fingerprint; 131 QPCIBus *pcibus; 132 133 pcibus = qpci_new_pc(qts, NULL); 134 135 /* Find the AHCI PCI device and verify it's the right one. */ 136 ahci = qpci_device_find(pcibus, QPCI_DEVFN(0x1F, 0x02)); 137 g_assert(ahci != NULL); 138 139 ahci_fingerprint = qpci_config_readl(ahci, PCI_VENDOR_ID); 140 141 switch (ahci_fingerprint) { 142 case AHCI_INTEL_ICH9: 143 break; 144 default: 145 /* Unknown device. */ 146 g_assert_not_reached(); 147 } 148 149 if (fingerprint) { 150 *fingerprint = ahci_fingerprint; 151 } 152 return ahci; 153} 154 155void free_ahci_device(QPCIDevice *dev) 156{ 157 QPCIBus *pcibus = dev ? dev->bus : NULL; 158 159 /* libqos doesn't have a function for this, so free it manually */ 160 g_free(dev); 161 qpci_free_pc(pcibus); 162} 163 164/* Free all memory in-use by the AHCI device. */ 165void ahci_clean_mem(AHCIQState *ahci) 166{ 167 uint8_t port, slot; 168 169 for (port = 0; port < 32; ++port) { 170 if (ahci->port[port].fb) { 171 ahci_free(ahci, ahci->port[port].fb); 172 ahci->port[port].fb = 0; 173 } 174 if (ahci->port[port].clb) { 175 for (slot = 0; slot < 32; slot++) { 176 ahci_destroy_command(ahci, port, slot); 177 } 178 ahci_free(ahci, ahci->port[port].clb); 179 ahci->port[port].clb = 0; 180 } 181 } 182} 183 184/*** Logical Device Initialization ***/ 185 186/** 187 * Start the PCI device and sanity-check default operation. 188 */ 189void ahci_pci_enable(AHCIQState *ahci) 190{ 191 uint8_t reg; 192 193 start_ahci_device(ahci); 194 195 switch (ahci->fingerprint) { 196 case AHCI_INTEL_ICH9: 197 /* ICH9 has a register at PCI 0x92 that 198 * acts as a master port enabler mask. */ 199 reg = qpci_config_readb(ahci->dev, 0x92); 200 reg |= 0x3F; 201 qpci_config_writeb(ahci->dev, 0x92, reg); 202 /* 0...0111111b -- bit significant, ports 0-5 enabled. */ 203 ASSERT_BIT_SET(qpci_config_readb(ahci->dev, 0x92), 0x3F); 204 break; 205 } 206 207} 208 209/** 210 * Map BAR5/ABAR, and engage the PCI device. 211 */ 212void start_ahci_device(AHCIQState *ahci) 213{ 214 /* Map AHCI's ABAR (BAR5) */ 215 ahci->hba_bar = qpci_iomap(ahci->dev, 5, &ahci->barsize); 216 217 /* turns on pci.cmd.iose, pci.cmd.mse and pci.cmd.bme */ 218 qpci_device_enable(ahci->dev); 219} 220 221/** 222 * Test and initialize the AHCI's HBA memory areas. 223 * Initialize and start any ports with devices attached. 224 * Bring the HBA into the idle state. 225 */ 226void ahci_hba_enable(AHCIQState *ahci) 227{ 228 /* Bits of interest in this section: 229 * GHC.AE Global Host Control / AHCI Enable 230 * PxCMD.ST Port Command: Start 231 * PxCMD.SUD "Spin Up Device" 232 * PxCMD.POD "Power On Device" 233 * PxCMD.FRE "FIS Receive Enable" 234 * PxCMD.FR "FIS Receive Running" 235 * PxCMD.CR "Command List Running" 236 */ 237 uint32_t reg, ports_impl; 238 uint16_t i; 239 uint8_t num_cmd_slots; 240 241 g_assert(ahci != NULL); 242 243 /* Set GHC.AE to 1 */ 244 ahci_set(ahci, AHCI_GHC, AHCI_GHC_AE); 245 reg = ahci_rreg(ahci, AHCI_GHC); 246 ASSERT_BIT_SET(reg, AHCI_GHC_AE); 247 248 /* Cache CAP and CAP2. */ 249 ahci->cap = ahci_rreg(ahci, AHCI_CAP); 250 ahci->cap2 = ahci_rreg(ahci, AHCI_CAP2); 251 252 /* Read CAP.NCS, how many command slots do we have? */ 253 num_cmd_slots = ((ahci->cap & AHCI_CAP_NCS) >> ctzl(AHCI_CAP_NCS)) + 1; 254 g_test_message("Number of Command Slots: %u", num_cmd_slots); 255 256 /* Determine which ports are implemented. */ 257 ports_impl = ahci_rreg(ahci, AHCI_PI); 258 259 for (i = 0; ports_impl; ports_impl >>= 1, ++i) { 260 if (!(ports_impl & 0x01)) { 261 continue; 262 } 263 264 g_test_message("Initializing port %u", i); 265 266 reg = ahci_px_rreg(ahci, i, AHCI_PX_CMD); 267 if (BITCLR(reg, AHCI_PX_CMD_ST | AHCI_PX_CMD_CR | 268 AHCI_PX_CMD_FRE | AHCI_PX_CMD_FR)) { 269 g_test_message("port is idle"); 270 } else { 271 g_test_message("port needs to be idled"); 272 ahci_px_clr(ahci, i, AHCI_PX_CMD, 273 (AHCI_PX_CMD_ST | AHCI_PX_CMD_FRE)); 274 /* The port has 500ms to disengage. */ 275 usleep(500000); 276 reg = ahci_px_rreg(ahci, i, AHCI_PX_CMD); 277 ASSERT_BIT_CLEAR(reg, AHCI_PX_CMD_CR); 278 ASSERT_BIT_CLEAR(reg, AHCI_PX_CMD_FR); 279 g_test_message("port is now idle"); 280 /* The spec does allow for possibly needing a PORT RESET 281 * or HBA reset if we fail to idle the port. */ 282 } 283 284 /* Allocate Memory for the Command List Buffer & FIS Buffer */ 285 /* PxCLB space ... 0x20 per command, as in 4.2.2 p 36 */ 286 ahci->port[i].clb = ahci_alloc(ahci, num_cmd_slots * 0x20); 287 qtest_memset(ahci->parent->qts, ahci->port[i].clb, 0x00, 288 num_cmd_slots * 0x20); 289 g_test_message("CLB: 0x%08" PRIx64, ahci->port[i].clb); 290 ahci_px_wreg(ahci, i, AHCI_PX_CLB, ahci->port[i].clb); 291 g_assert_cmphex(ahci->port[i].clb, ==, 292 ahci_px_rreg(ahci, i, AHCI_PX_CLB)); 293 294 /* PxFB space ... 0x100, as in 4.2.1 p 35 */ 295 ahci->port[i].fb = ahci_alloc(ahci, 0x100); 296 qtest_memset(ahci->parent->qts, ahci->port[i].fb, 0x00, 0x100); 297 g_test_message("FB: 0x%08" PRIx64, ahci->port[i].fb); 298 ahci_px_wreg(ahci, i, AHCI_PX_FB, ahci->port[i].fb); 299 g_assert_cmphex(ahci->port[i].fb, ==, 300 ahci_px_rreg(ahci, i, AHCI_PX_FB)); 301 302 /* Clear PxSERR, PxIS, then IS.IPS[x] by writing '1's. */ 303 ahci_px_wreg(ahci, i, AHCI_PX_SERR, 0xFFFFFFFF); 304 ahci_px_wreg(ahci, i, AHCI_PX_IS, 0xFFFFFFFF); 305 ahci_wreg(ahci, AHCI_IS, (1 << i)); 306 307 /* Verify Interrupts Cleared */ 308 reg = ahci_px_rreg(ahci, i, AHCI_PX_SERR); 309 g_assert_cmphex(reg, ==, 0); 310 311 reg = ahci_px_rreg(ahci, i, AHCI_PX_IS); 312 g_assert_cmphex(reg, ==, 0); 313 314 reg = ahci_rreg(ahci, AHCI_IS); 315 ASSERT_BIT_CLEAR(reg, (1 << i)); 316 317 /* Enable All Interrupts: */ 318 ahci_px_wreg(ahci, i, AHCI_PX_IE, 0xFFFFFFFF); 319 reg = ahci_px_rreg(ahci, i, AHCI_PX_IE); 320 g_assert_cmphex(reg, ==, ~((uint32_t)AHCI_PX_IE_RESERVED)); 321 322 /* Enable the FIS Receive Engine. */ 323 ahci_px_set(ahci, i, AHCI_PX_CMD, AHCI_PX_CMD_FRE); 324 reg = ahci_px_rreg(ahci, i, AHCI_PX_CMD); 325 ASSERT_BIT_SET(reg, AHCI_PX_CMD_FR); 326 327 /* AHCI 1.3 spec: if !STS.BSY, !STS.DRQ and PxSSTS.DET indicates 328 * physical presence, a device is present and may be started. However, 329 * PxSERR.DIAG.X /may/ need to be cleared a priori. */ 330 reg = ahci_px_rreg(ahci, i, AHCI_PX_SERR); 331 if (BITSET(reg, AHCI_PX_SERR_DIAG_X)) { 332 ahci_px_set(ahci, i, AHCI_PX_SERR, AHCI_PX_SERR_DIAG_X); 333 } 334 335 reg = ahci_px_rreg(ahci, i, AHCI_PX_TFD); 336 if (BITCLR(reg, AHCI_PX_TFD_STS_BSY | AHCI_PX_TFD_STS_DRQ)) { 337 reg = ahci_px_rreg(ahci, i, AHCI_PX_SSTS); 338 if ((reg & AHCI_PX_SSTS_DET) == SSTS_DET_ESTABLISHED) { 339 /* Device Found: set PxCMD.ST := 1 */ 340 ahci_px_set(ahci, i, AHCI_PX_CMD, AHCI_PX_CMD_ST); 341 ASSERT_BIT_SET(ahci_px_rreg(ahci, i, AHCI_PX_CMD), 342 AHCI_PX_CMD_CR); 343 g_test_message("Started Device %u", i); 344 } else if ((reg & AHCI_PX_SSTS_DET)) { 345 /* Device present, but in some unknown state. */ 346 g_assert_not_reached(); 347 } 348 } 349 } 350 351 /* Enable GHC.IE */ 352 ahci_set(ahci, AHCI_GHC, AHCI_GHC_IE); 353 reg = ahci_rreg(ahci, AHCI_GHC); 354 ASSERT_BIT_SET(reg, AHCI_GHC_IE); 355 356 ahci->enabled = true; 357 /* TODO: The device should now be idling and waiting for commands. 358 * In the future, a small test-case to inspect the Register D2H FIS 359 * and clear the initial interrupts might be good. */ 360} 361 362/** 363 * Pick the first implemented and running port 364 */ 365unsigned ahci_port_select(AHCIQState *ahci) 366{ 367 uint32_t ports, reg; 368 unsigned i; 369 370 ports = ahci_rreg(ahci, AHCI_PI); 371 for (i = 0; i < 32; ports >>= 1, ++i) { 372 if (ports == 0) { 373 i = 32; 374 } 375 376 if (!(ports & 0x01)) { 377 continue; 378 } 379 380 reg = ahci_px_rreg(ahci, i, AHCI_PX_CMD); 381 if (BITSET(reg, AHCI_PX_CMD_ST)) { 382 break; 383 } 384 } 385 g_assert(i < 32); 386 return i; 387} 388 389/** 390 * Clear a port's interrupts and status information prior to a test. 391 */ 392void ahci_port_clear(AHCIQState *ahci, uint8_t port) 393{ 394 uint32_t reg; 395 396 /* Clear out this port's interrupts (ignore the init register d2h fis) */ 397 reg = ahci_px_rreg(ahci, port, AHCI_PX_IS); 398 ahci_px_wreg(ahci, port, AHCI_PX_IS, reg); 399 g_assert_cmphex(ahci_px_rreg(ahci, port, AHCI_PX_IS), ==, 0); 400 401 /* Wipe the FIS-Receive Buffer */ 402 qtest_memset(ahci->parent->qts, ahci->port[port].fb, 0x00, 0x100); 403} 404 405/** 406 * Check a port for errors. 407 */ 408void ahci_port_check_error(AHCIQState *ahci, uint8_t port, 409 uint32_t imask, uint8_t emask) 410{ 411 uint32_t reg; 412 413 /* The upper 9 bits of the IS register all indicate errors. */ 414 reg = ahci_px_rreg(ahci, port, AHCI_PX_IS); 415 reg &= ~imask; 416 reg >>= 23; 417 g_assert_cmphex(reg, ==, 0); 418 419 /* The Sata Error Register should be empty. */ 420 reg = ahci_px_rreg(ahci, port, AHCI_PX_SERR); 421 g_assert_cmphex(reg, ==, 0); 422 423 /* The TFD also has two error sections. */ 424 reg = ahci_px_rreg(ahci, port, AHCI_PX_TFD); 425 if (!emask) { 426 ASSERT_BIT_CLEAR(reg, AHCI_PX_TFD_STS_ERR); 427 } else { 428 ASSERT_BIT_SET(reg, AHCI_PX_TFD_STS_ERR); 429 } 430 ASSERT_BIT_CLEAR(reg, AHCI_PX_TFD_ERR & (~emask << 8)); 431 ASSERT_BIT_SET(reg, AHCI_PX_TFD_ERR & (emask << 8)); 432} 433 434void ahci_port_check_interrupts(AHCIQState *ahci, uint8_t port, 435 uint32_t intr_mask) 436{ 437 uint32_t reg; 438 439 /* Check for expected interrupts */ 440 reg = ahci_px_rreg(ahci, port, AHCI_PX_IS); 441 ASSERT_BIT_SET(reg, intr_mask); 442 443 /* Clear expected interrupts and assert all interrupts now cleared. */ 444 ahci_px_wreg(ahci, port, AHCI_PX_IS, intr_mask); 445 g_assert_cmphex(ahci_px_rreg(ahci, port, AHCI_PX_IS), ==, 0); 446} 447 448void ahci_port_check_nonbusy(AHCIQState *ahci, uint8_t port, uint8_t slot) 449{ 450 uint32_t reg; 451 452 /* Assert that the command slot is no longer busy (NCQ) */ 453 reg = ahci_px_rreg(ahci, port, AHCI_PX_SACT); 454 ASSERT_BIT_CLEAR(reg, (1 << slot)); 455 456 /* Non-NCQ */ 457 reg = ahci_px_rreg(ahci, port, AHCI_PX_CI); 458 ASSERT_BIT_CLEAR(reg, (1 << slot)); 459 460 /* And assert that we are generally not busy. */ 461 reg = ahci_px_rreg(ahci, port, AHCI_PX_TFD); 462 ASSERT_BIT_CLEAR(reg, AHCI_PX_TFD_STS_BSY); 463 ASSERT_BIT_CLEAR(reg, AHCI_PX_TFD_STS_DRQ); 464} 465 466void ahci_port_check_d2h_sanity(AHCIQState *ahci, uint8_t port, uint8_t slot) 467{ 468 RegD2HFIS *d2h = g_malloc0(0x20); 469 uint32_t reg; 470 471 qtest_memread(ahci->parent->qts, ahci->port[port].fb + 0x40, d2h, 0x20); 472 g_assert_cmphex(d2h->fis_type, ==, 0x34); 473 474 reg = ahci_px_rreg(ahci, port, AHCI_PX_TFD); 475 g_assert_cmphex((reg & AHCI_PX_TFD_ERR) >> 8, ==, d2h->error); 476 g_assert_cmphex((reg & AHCI_PX_TFD_STS), ==, d2h->status); 477 478 g_free(d2h); 479} 480 481void ahci_port_check_pio_sanity(AHCIQState *ahci, AHCICommand *cmd) 482{ 483 PIOSetupFIS *pio = g_malloc0(0x20); 484 uint8_t port = cmd->port; 485 486 /* We cannot check the Status or E_Status registers, because 487 * the status may have again changed between the PIO Setup FIS 488 * and the conclusion of the command with the D2H Register FIS. */ 489 qtest_memread(ahci->parent->qts, ahci->port[port].fb + 0x20, pio, 0x20); 490 g_assert_cmphex(pio->fis_type, ==, 0x5f); 491 492 /* Data transferred by PIO will either be: 493 * (1) 12 or 16 bytes for an ATAPI command packet (QEMU always uses 12), or 494 * (2) Actual data from the drive. 495 * If we do both, (2) winds up erasing any evidence of (1). 496 */ 497 if (cmd->props->atapi && (cmd->xbytes == 0 || cmd->props->dma)) { 498 g_assert(le16_to_cpu(pio->tx_count) == 12 || 499 le16_to_cpu(pio->tx_count) == 16); 500 } else { 501 /* The AHCI test suite here does not test any PIO command that specifies 502 * a DRQ block larger than one sector (like 0xC4), so this should always 503 * be one sector or less. */ 504 size_t pio_len = ((cmd->xbytes % cmd->sector_size) ? 505 (cmd->xbytes % cmd->sector_size) : cmd->sector_size); 506 g_assert_cmphex(le16_to_cpu(pio->tx_count), ==, pio_len); 507 } 508 g_free(pio); 509} 510 511void ahci_port_check_cmd_sanity(AHCIQState *ahci, AHCICommand *cmd) 512{ 513 AHCICommandHeader cmdh; 514 515 ahci_get_command_header(ahci, cmd->port, cmd->slot, &cmdh); 516 /* Physical Region Descriptor Byte Count is not required to work for NCQ. */ 517 if (!cmd->props->ncq) { 518 g_assert_cmphex(cmd->xbytes, ==, cmdh.prdbc); 519 } 520} 521 522/* Get the command in #slot of port #port. */ 523void ahci_get_command_header(AHCIQState *ahci, uint8_t port, 524 uint8_t slot, AHCICommandHeader *cmd) 525{ 526 uint64_t ba = ahci->port[port].clb; 527 ba += slot * sizeof(AHCICommandHeader); 528 qtest_memread(ahci->parent->qts, ba, cmd, sizeof(AHCICommandHeader)); 529 530 cmd->flags = le16_to_cpu(cmd->flags); 531 cmd->prdtl = le16_to_cpu(cmd->prdtl); 532 cmd->prdbc = le32_to_cpu(cmd->prdbc); 533 cmd->ctba = le64_to_cpu(cmd->ctba); 534} 535 536/* Set the command in #slot of port #port. */ 537void ahci_set_command_header(AHCIQState *ahci, uint8_t port, 538 uint8_t slot, AHCICommandHeader *cmd) 539{ 540 AHCICommandHeader tmp = { .flags = 0 }; 541 uint64_t ba = ahci->port[port].clb; 542 ba += slot * sizeof(AHCICommandHeader); 543 544 tmp.flags = cpu_to_le16(cmd->flags); 545 tmp.prdtl = cpu_to_le16(cmd->prdtl); 546 tmp.prdbc = cpu_to_le32(cmd->prdbc); 547 tmp.ctba = cpu_to_le64(cmd->ctba); 548 549 qtest_memwrite(ahci->parent->qts, ba, &tmp, sizeof(AHCICommandHeader)); 550} 551 552void ahci_destroy_command(AHCIQState *ahci, uint8_t port, uint8_t slot) 553{ 554 AHCICommandHeader cmd; 555 556 /* Obtain the Nth Command Header */ 557 ahci_get_command_header(ahci, port, slot, &cmd); 558 if (cmd.ctba == 0) { 559 /* No address in it, so just return -- it's empty. */ 560 goto tidy; 561 } 562 563 /* Free the Table */ 564 ahci_free(ahci, cmd.ctba); 565 566 tidy: 567 /* NULL the header. */ 568 memset(&cmd, 0x00, sizeof(cmd)); 569 ahci_set_command_header(ahci, port, slot, &cmd); 570 ahci->port[port].ctba[slot] = 0; 571 ahci->port[port].prdtl[slot] = 0; 572} 573 574void ahci_write_fis(AHCIQState *ahci, AHCICommand *cmd) 575{ 576 RegH2DFIS tmp = cmd->fis; 577 uint64_t addr = cmd->header.ctba; 578 579 /* NCQ commands use exclusively 8 bit fields and needs no adjustment. 580 * Only the count field needs to be adjusted for non-NCQ commands. 581 * The auxiliary FIS fields are defined per-command and are not currently 582 * implemented in ahci.o, but may or may not need to be flipped. */ 583 if (!cmd->props->ncq) { 584 tmp.count = cpu_to_le16(tmp.count); 585 } 586 587 qtest_memwrite(ahci->parent->qts, addr, &tmp, sizeof(tmp)); 588} 589 590unsigned ahci_pick_cmd(AHCIQState *ahci, uint8_t port) 591{ 592 unsigned i; 593 unsigned j; 594 uint32_t reg; 595 596 reg = ahci_px_rreg(ahci, port, AHCI_PX_CI); 597 598 /* Pick the least recently used command slot that's available */ 599 for (i = 0; i < 32; ++i) { 600 j = ((ahci->port[port].next + i) % 32); 601 if (reg & (1 << j)) { 602 continue; 603 } 604 ahci_destroy_command(ahci, port, j); 605 ahci->port[port].next = (j + 1) % 32; 606 return j; 607 } 608 609 g_test_message("All command slots were busy."); 610 g_assert_not_reached(); 611} 612 613inline unsigned size_to_prdtl(unsigned bytes, unsigned bytes_per_prd) 614{ 615 /* Each PRD can describe up to 4MiB */ 616 g_assert_cmphex(bytes_per_prd, <=, 4096 * 1024); 617 g_assert_cmphex(bytes_per_prd & 0x01, ==, 0x00); 618 return (bytes + bytes_per_prd - 1) / bytes_per_prd; 619} 620 621const AHCIOpts default_opts = { .size = 0 }; 622 623/** 624 * ahci_exec: execute a given command on a specific 625 * AHCI port. 626 * 627 * @ahci: The device to send the command to 628 * @port: The port number of the SATA device we wish 629 * to have execute this command 630 * @op: The S/ATA command to execute, or if opts.atapi 631 * is true, the SCSI command code. 632 * @opts: Optional arguments to modify execution behavior. 633 */ 634void ahci_exec(AHCIQState *ahci, uint8_t port, 635 uint8_t op, const AHCIOpts *opts_in) 636{ 637 AHCICommand *cmd; 638 int rc; 639 AHCIOpts *opts; 640 uint64_t buffer_in; 641 642 opts = g_memdup((opts_in == NULL ? &default_opts : opts_in), 643 sizeof(AHCIOpts)); 644 645 buffer_in = opts->buffer; 646 647 /* No guest buffer provided, create one. */ 648 if (opts->size && !opts->buffer) { 649 opts->buffer = ahci_alloc(ahci, opts->size); 650 g_assert(opts->buffer); 651 qtest_memset(ahci->parent->qts, opts->buffer, 0x00, opts->size); 652 } 653 654 /* Command creation */ 655 if (opts->atapi) { 656 uint16_t bcl = opts->set_bcl ? opts->bcl : ATAPI_SECTOR_SIZE; 657 cmd = ahci_atapi_command_create(op, bcl, opts->atapi_dma); 658 } else { 659 cmd = ahci_command_create(op); 660 } 661 ahci_command_adjust(cmd, opts->lba, opts->buffer, 662 opts->size, opts->prd_size); 663 664 if (opts->pre_cb) { 665 rc = opts->pre_cb(ahci, cmd, opts); 666 g_assert_cmpint(rc, ==, 0); 667 } 668 669 /* Write command to memory and issue it */ 670 ahci_command_commit(ahci, cmd, port); 671 ahci_command_issue_async(ahci, cmd); 672 if (opts->error) { 673 qtest_qmp_eventwait(ahci->parent->qts, "STOP"); 674 } 675 if (opts->mid_cb) { 676 rc = opts->mid_cb(ahci, cmd, opts); 677 g_assert_cmpint(rc, ==, 0); 678 } 679 if (opts->error) { 680 qtest_qmp_send(ahci->parent->qts, "{'execute':'cont' }"); 681 qtest_qmp_eventwait(ahci->parent->qts, "RESUME"); 682 } 683 684 /* Wait for command to complete and verify sanity */ 685 ahci_command_wait(ahci, cmd); 686 ahci_command_verify(ahci, cmd); 687 if (opts->post_cb) { 688 rc = opts->post_cb(ahci, cmd, opts); 689 g_assert_cmpint(rc, ==, 0); 690 } 691 ahci_command_free(cmd); 692 if (opts->buffer != buffer_in) { 693 ahci_free(ahci, opts->buffer); 694 } 695 g_free(opts); 696} 697 698/* Issue a command, expecting it to fail and STOP the VM */ 699AHCICommand *ahci_guest_io_halt(AHCIQState *ahci, uint8_t port, 700 uint8_t ide_cmd, uint64_t buffer, 701 size_t bufsize, uint64_t sector) 702{ 703 AHCICommand *cmd; 704 705 cmd = ahci_command_create(ide_cmd); 706 ahci_command_adjust(cmd, sector, buffer, bufsize, 0); 707 ahci_command_commit(ahci, cmd, port); 708 ahci_command_issue_async(ahci, cmd); 709 qtest_qmp_eventwait(ahci->parent->qts, "STOP"); 710 711 return cmd; 712} 713 714/* Resume a previously failed command and verify/finalize */ 715void ahci_guest_io_resume(AHCIQState *ahci, AHCICommand *cmd) 716{ 717 /* Complete the command */ 718 qtest_qmp_send(ahci->parent->qts, "{'execute':'cont' }"); 719 qtest_qmp_eventwait(ahci->parent->qts, "RESUME"); 720 ahci_command_wait(ahci, cmd); 721 ahci_command_verify(ahci, cmd); 722 ahci_command_free(cmd); 723} 724 725/* Given a guest buffer address, perform an IO operation */ 726void ahci_guest_io(AHCIQState *ahci, uint8_t port, uint8_t ide_cmd, 727 uint64_t buffer, size_t bufsize, uint64_t sector) 728{ 729 AHCICommand *cmd; 730 cmd = ahci_command_create(ide_cmd); 731 ahci_command_set_buffer(cmd, buffer); 732 ahci_command_set_size(cmd, bufsize); 733 if (sector) { 734 ahci_command_set_offset(cmd, sector); 735 } 736 ahci_command_commit(ahci, cmd, port); 737 ahci_command_issue(ahci, cmd); 738 ahci_command_verify(ahci, cmd); 739 ahci_command_free(cmd); 740} 741 742static AHCICommandProp *ahci_command_find(uint8_t command_name) 743{ 744 int i; 745 746 for (i = 0; i < ARRAY_SIZE(ahci_command_properties); i++) { 747 if (ahci_command_properties[i].cmd == command_name) { 748 return &ahci_command_properties[i]; 749 } 750 } 751 752 return NULL; 753} 754 755/* Given a HOST buffer, create a buffer address and perform an IO operation. */ 756void ahci_io(AHCIQState *ahci, uint8_t port, uint8_t ide_cmd, 757 void *buffer, size_t bufsize, uint64_t sector) 758{ 759 uint64_t ptr; 760 AHCICommandProp *props; 761 762 props = ahci_command_find(ide_cmd); 763 g_assert(props); 764 ptr = ahci_alloc(ahci, bufsize); 765 g_assert(!bufsize || ptr); 766 qtest_memset(ahci->parent->qts, ptr, 0x00, bufsize); 767 768 if (bufsize && props->write) { 769 qtest_bufwrite(ahci->parent->qts, ptr, buffer, bufsize); 770 } 771 772 ahci_guest_io(ahci, port, ide_cmd, ptr, bufsize, sector); 773 774 if (bufsize && props->read) { 775 qtest_bufread(ahci->parent->qts, ptr, buffer, bufsize); 776 } 777 778 ahci_free(ahci, ptr); 779} 780 781/** 782 * Initializes a basic command header in memory. 783 * We assume that this is for an ATA command using RegH2DFIS. 784 */ 785static void command_header_init(AHCICommand *cmd) 786{ 787 AHCICommandHeader *hdr = &cmd->header; 788 AHCICommandProp *props = cmd->props; 789 790 hdr->flags = 5; /* RegH2DFIS is 5 DW long. Must be < 32 */ 791 hdr->flags |= CMDH_CLR_BSY; /* Clear the BSY bit when done */ 792 if (props->write) { 793 hdr->flags |= CMDH_WRITE; 794 } 795 if (props->atapi) { 796 hdr->flags |= CMDH_ATAPI; 797 } 798 /* Other flags: PREFETCH, RESET, and BIST */ 799 hdr->prdtl = size_to_prdtl(cmd->xbytes, cmd->prd_size); 800 hdr->prdbc = 0; 801 hdr->ctba = 0; 802} 803 804static void command_table_init(AHCICommand *cmd) 805{ 806 RegH2DFIS *fis = &(cmd->fis); 807 uint16_t sect_count = (cmd->xbytes / cmd->sector_size); 808 809 fis->fis_type = REG_H2D_FIS; 810 fis->flags = REG_H2D_FIS_CMD; /* "Command" bit */ 811 fis->command = cmd->name; 812 813 if (cmd->props->ncq) { 814 NCQFIS *ncqfis = (NCQFIS *)fis; 815 /* NCQ is weird and re-uses FIS frames for unrelated data. 816 * See SATA 3.2, 13.6.4.1 READ FPDMA QUEUED for an example. */ 817 ncqfis->sector_low = sect_count & 0xFF; 818 ncqfis->sector_hi = (sect_count >> 8) & 0xFF; 819 ncqfis->device = NCQ_DEVICE_MAGIC; 820 /* Force Unit Access is bit 7 in the device register */ 821 ncqfis->tag = 0; /* bits 3-7 are the NCQ tag */ 822 ncqfis->prio = 0; /* bits 6,7 are a prio tag */ 823 /* RARC bit is bit 0 of TAG field */ 824 } else { 825 fis->feature_low = 0x00; 826 fis->feature_high = 0x00; 827 if (cmd->props->lba28 || cmd->props->lba48) { 828 fis->device = ATA_DEVICE_LBA; 829 } 830 fis->count = (cmd->xbytes / cmd->sector_size); 831 } 832 fis->icc = 0x00; 833 fis->control = 0x00; 834 memset(fis->aux, 0x00, ARRAY_SIZE(fis->aux)); 835} 836 837void ahci_command_enable_atapi_dma(AHCICommand *cmd) 838{ 839 RegH2DFIS *fis = &(cmd->fis); 840 g_assert(cmd->props->atapi); 841 fis->feature_low |= 0x01; 842 /* PIO is still used to transfer the ATAPI command */ 843 g_assert(cmd->props->pio); 844 cmd->props->dma = true; 845 /* BUG: We expect the DMA Setup interrupt for DMA commands */ 846 /* cmd->interrupts |= AHCI_PX_IS_DSS; */ 847} 848 849AHCICommand *ahci_command_create(uint8_t command_name) 850{ 851 AHCICommandProp *props = ahci_command_find(command_name); 852 AHCICommand *cmd; 853 854 g_assert(props); 855 cmd = g_new0(AHCICommand, 1); 856 g_assert(!(props->dma && props->pio) || props->atapi); 857 g_assert(!(props->lba28 && props->lba48)); 858 g_assert(!(props->read && props->write)); 859 g_assert(!props->size || props->data); 860 g_assert(!props->ncq || props->lba48); 861 862 /* Defaults and book-keeping */ 863 cmd->props = g_memdup(props, sizeof(AHCICommandProp)); 864 cmd->name = command_name; 865 cmd->xbytes = props->size; 866 cmd->prd_size = 4096; 867 cmd->buffer = 0xabad1dea; 868 cmd->sector_size = props->atapi ? ATAPI_SECTOR_SIZE : AHCI_SECTOR_SIZE; 869 870 if (!cmd->props->ncq) { 871 cmd->interrupts = AHCI_PX_IS_DHRS; 872 } 873 /* BUG: We expect the DPS interrupt for data commands */ 874 /* cmd->interrupts |= props->data ? AHCI_PX_IS_DPS : 0; */ 875 /* BUG: We expect the DMA Setup interrupt for DMA commands */ 876 /* cmd->interrupts |= props->dma ? AHCI_PX_IS_DSS : 0; */ 877 cmd->interrupts |= props->ncq ? AHCI_PX_IS_SDBS : 0; 878 879 command_header_init(cmd); 880 command_table_init(cmd); 881 882 return cmd; 883} 884 885AHCICommand *ahci_atapi_command_create(uint8_t scsi_cmd, uint16_t bcl, bool dma) 886{ 887 AHCICommand *cmd = ahci_command_create(CMD_PACKET); 888 cmd->atapi_cmd = g_malloc0(16); 889 cmd->atapi_cmd[0] = scsi_cmd; 890 stw_le_p(&cmd->fis.lba_lo[1], bcl); 891 if (dma) { 892 ahci_command_enable_atapi_dma(cmd); 893 } else { 894 cmd->interrupts |= bcl ? AHCI_PX_IS_PSS : 0; 895 } 896 return cmd; 897} 898 899void ahci_atapi_test_ready(AHCIQState *ahci, uint8_t port, 900 bool ready, uint8_t expected_sense) 901{ 902 AHCICommand *cmd = ahci_atapi_command_create(CMD_ATAPI_TEST_UNIT_READY, 0, false); 903 ahci_command_set_size(cmd, 0); 904 if (!ready) { 905 cmd->interrupts |= AHCI_PX_IS_TFES; 906 cmd->errors |= expected_sense << 4; 907 } 908 ahci_command_commit(ahci, cmd, port); 909 ahci_command_issue(ahci, cmd); 910 ahci_command_verify(ahci, cmd); 911 ahci_command_free(cmd); 912} 913 914static int copy_buffer(AHCIQState *ahci, AHCICommand *cmd, 915 const AHCIOpts *opts) 916{ 917 unsigned char *rx = opts->opaque; 918 qtest_bufread(ahci->parent->qts, opts->buffer, rx, opts->size); 919 return 0; 920} 921 922void ahci_atapi_get_sense(AHCIQState *ahci, uint8_t port, 923 uint8_t *sense, uint8_t *asc) 924{ 925 unsigned char *rx; 926 AHCIOpts opts = { 927 .size = 18, 928 .atapi = true, 929 .post_cb = copy_buffer, 930 }; 931 rx = g_malloc(18); 932 opts.opaque = rx; 933 934 ahci_exec(ahci, port, CMD_ATAPI_REQUEST_SENSE, &opts); 935 936 *sense = rx[2]; 937 *asc = rx[12]; 938 939 g_free(rx); 940} 941 942void ahci_atapi_eject(AHCIQState *ahci, uint8_t port) 943{ 944 AHCICommand *cmd = ahci_atapi_command_create(CMD_ATAPI_START_STOP_UNIT, 0, false); 945 ahci_command_set_size(cmd, 0); 946 947 cmd->atapi_cmd[4] = 0x02; /* loej = true */ 948 ahci_command_commit(ahci, cmd, port); 949 ahci_command_issue(ahci, cmd); 950 ahci_command_verify(ahci, cmd); 951 ahci_command_free(cmd); 952} 953 954void ahci_atapi_load(AHCIQState *ahci, uint8_t port) 955{ 956 AHCICommand *cmd = ahci_atapi_command_create(CMD_ATAPI_START_STOP_UNIT, 0, false); 957 ahci_command_set_size(cmd, 0); 958 959 cmd->atapi_cmd[4] = 0x03; /* loej,start = true */ 960 ahci_command_commit(ahci, cmd, port); 961 ahci_command_issue(ahci, cmd); 962 ahci_command_verify(ahci, cmd); 963 ahci_command_free(cmd); 964} 965 966void ahci_command_free(AHCICommand *cmd) 967{ 968 g_free(cmd->atapi_cmd); 969 g_free(cmd->props); 970 g_free(cmd); 971} 972 973void ahci_command_set_flags(AHCICommand *cmd, uint16_t cmdh_flags) 974{ 975 cmd->header.flags |= cmdh_flags; 976} 977 978void ahci_command_clr_flags(AHCICommand *cmd, uint16_t cmdh_flags) 979{ 980 cmd->header.flags &= ~cmdh_flags; 981} 982 983static void ahci_atapi_command_set_offset(AHCICommand *cmd, uint64_t lba) 984{ 985 unsigned char *cbd = cmd->atapi_cmd; 986 g_assert(cbd); 987 988 switch (cbd[0]) { 989 case CMD_ATAPI_READ_10: 990 case CMD_ATAPI_READ_CD: 991 g_assert_cmpuint(lba, <=, UINT32_MAX); 992 stl_be_p(&cbd[2], lba); 993 break; 994 case CMD_ATAPI_REQUEST_SENSE: 995 case CMD_ATAPI_TEST_UNIT_READY: 996 case CMD_ATAPI_START_STOP_UNIT: 997 g_assert_cmpuint(lba, ==, 0x00); 998 break; 999 default: 1000 /* SCSI doesn't have uniform packet formats, 1001 * so you have to add support for it manually. Sorry! */ 1002 fprintf(stderr, "The Libqos AHCI driver does not support the " 1003 "set_offset operation for ATAPI command 0x%02x, " 1004 "please add support.\n", 1005 cbd[0]); 1006 g_assert_not_reached(); 1007 } 1008} 1009 1010void ahci_command_set_offset(AHCICommand *cmd, uint64_t lba_sect) 1011{ 1012 RegH2DFIS *fis = &(cmd->fis); 1013 1014 if (cmd->props->atapi) { 1015 ahci_atapi_command_set_offset(cmd, lba_sect); 1016 return; 1017 } else if (!cmd->props->data && !lba_sect) { 1018 /* Not meaningful, ignore. */ 1019 return; 1020 } else if (cmd->props->lba28) { 1021 g_assert_cmphex(lba_sect, <=, 0xFFFFFFF); 1022 } else if (cmd->props->lba48 || cmd->props->ncq) { 1023 g_assert_cmphex(lba_sect, <=, 0xFFFFFFFFFFFF); 1024 } else { 1025 /* Can't set offset if we don't know the format. */ 1026 g_assert_not_reached(); 1027 } 1028 1029 /* LBA28 uses the low nibble of the device/control register for LBA24:27 */ 1030 fis->lba_lo[0] = (lba_sect & 0xFF); 1031 fis->lba_lo[1] = (lba_sect >> 8) & 0xFF; 1032 fis->lba_lo[2] = (lba_sect >> 16) & 0xFF; 1033 if (cmd->props->lba28) { 1034 fis->device = (fis->device & 0xF0) | ((lba_sect >> 24) & 0x0F); 1035 } 1036 fis->lba_hi[0] = (lba_sect >> 24) & 0xFF; 1037 fis->lba_hi[1] = (lba_sect >> 32) & 0xFF; 1038 fis->lba_hi[2] = (lba_sect >> 40) & 0xFF; 1039} 1040 1041void ahci_command_set_buffer(AHCICommand *cmd, uint64_t buffer) 1042{ 1043 cmd->buffer = buffer; 1044} 1045 1046static void ahci_atapi_set_size(AHCICommand *cmd, uint64_t xbytes) 1047{ 1048 unsigned char *cbd = cmd->atapi_cmd; 1049 uint64_t nsectors = xbytes / ATAPI_SECTOR_SIZE; 1050 uint32_t tmp; 1051 g_assert(cbd); 1052 1053 switch (cbd[0]) { 1054 case CMD_ATAPI_READ_10: 1055 g_assert_cmpuint(nsectors, <=, UINT16_MAX); 1056 stw_be_p(&cbd[7], nsectors); 1057 break; 1058 case CMD_ATAPI_READ_CD: 1059 /* 24bit BE store */ 1060 g_assert_cmpuint(nsectors, <, 1ULL << 24); 1061 tmp = nsectors; 1062 cbd[6] = (tmp & 0xFF0000) >> 16; 1063 cbd[7] = (tmp & 0xFF00) >> 8; 1064 cbd[8] = (tmp & 0xFF); 1065 break; 1066 case CMD_ATAPI_REQUEST_SENSE: 1067 g_assert_cmpuint(xbytes, <=, UINT8_MAX); 1068 cbd[4] = (uint8_t)xbytes; 1069 break; 1070 case CMD_ATAPI_TEST_UNIT_READY: 1071 case CMD_ATAPI_START_STOP_UNIT: 1072 g_assert_cmpuint(xbytes, ==, 0); 1073 break; 1074 default: 1075 /* SCSI doesn't have uniform packet formats, 1076 * so you have to add support for it manually. Sorry! */ 1077 fprintf(stderr, "The Libqos AHCI driver does not support the set_size " 1078 "operation for ATAPI command 0x%02x, please add support.\n", 1079 cbd[0]); 1080 g_assert_not_reached(); 1081 } 1082} 1083 1084void ahci_command_set_sizes(AHCICommand *cmd, uint64_t xbytes, 1085 unsigned prd_size) 1086{ 1087 uint16_t sect_count; 1088 1089 /* Each PRD can describe up to 4MiB, and must not be odd. */ 1090 g_assert_cmphex(prd_size, <=, 4096 * 1024); 1091 g_assert_cmphex(prd_size & 0x01, ==, 0x00); 1092 if (prd_size) { 1093 cmd->prd_size = prd_size; 1094 } 1095 cmd->xbytes = xbytes; 1096 sect_count = (cmd->xbytes / cmd->sector_size); 1097 1098 if (cmd->props->ncq) { 1099 NCQFIS *nfis = (NCQFIS *)&(cmd->fis); 1100 nfis->sector_low = sect_count & 0xFF; 1101 nfis->sector_hi = (sect_count >> 8) & 0xFF; 1102 } else if (cmd->props->atapi) { 1103 ahci_atapi_set_size(cmd, xbytes); 1104 } else { 1105 /* For writes, the PIO Setup FIS interrupt only comes from DRQs 1106 * after the first. 1107 */ 1108 if (cmd->props->pio && sect_count > (cmd->props->read ? 0 : 1)) { 1109 cmd->interrupts |= AHCI_PX_IS_PSS; 1110 } 1111 cmd->fis.count = sect_count; 1112 } 1113 cmd->header.prdtl = size_to_prdtl(cmd->xbytes, cmd->prd_size); 1114} 1115 1116void ahci_command_set_size(AHCICommand *cmd, uint64_t xbytes) 1117{ 1118 ahci_command_set_sizes(cmd, xbytes, cmd->prd_size); 1119} 1120 1121void ahci_command_set_prd_size(AHCICommand *cmd, unsigned prd_size) 1122{ 1123 ahci_command_set_sizes(cmd, cmd->xbytes, prd_size); 1124} 1125 1126void ahci_command_adjust(AHCICommand *cmd, uint64_t offset, uint64_t buffer, 1127 uint64_t xbytes, unsigned prd_size) 1128{ 1129 ahci_command_set_sizes(cmd, xbytes, prd_size); 1130 ahci_command_set_buffer(cmd, buffer); 1131 ahci_command_set_offset(cmd, offset); 1132} 1133 1134void ahci_command_commit(AHCIQState *ahci, AHCICommand *cmd, uint8_t port) 1135{ 1136 uint16_t i, prdtl; 1137 uint64_t table_size, table_ptr, remaining; 1138 PRD prd; 1139 1140 /* This command is now tied to this port/command slot */ 1141 cmd->port = port; 1142 cmd->slot = ahci_pick_cmd(ahci, port); 1143 1144 if (cmd->props->ncq) { 1145 NCQFIS *nfis = (NCQFIS *)&cmd->fis; 1146 nfis->tag = (cmd->slot << 3) & 0xFC; 1147 } 1148 1149 /* Create a buffer for the command table */ 1150 prdtl = size_to_prdtl(cmd->xbytes, cmd->prd_size); 1151 table_size = CMD_TBL_SIZ(prdtl); 1152 table_ptr = ahci_alloc(ahci, table_size); 1153 g_assert(table_ptr); 1154 /* AHCI 1.3: Must be aligned to 0x80 */ 1155 g_assert((table_ptr & 0x7F) == 0x00); 1156 cmd->header.ctba = table_ptr; 1157 1158 /* Commit the command header (part of the Command List Buffer) */ 1159 ahci_set_command_header(ahci, port, cmd->slot, &(cmd->header)); 1160 /* Now, write the command table (FIS, ACMD, and PRDT) -- FIS first, */ 1161 ahci_write_fis(ahci, cmd); 1162 /* Then ATAPI CMD, if needed */ 1163 if (cmd->props->atapi) { 1164 qtest_memwrite(ahci->parent->qts, table_ptr + 0x40, cmd->atapi_cmd, 16); 1165 } 1166 1167 /* Construct and write the PRDs to the command table */ 1168 g_assert_cmphex(prdtl, ==, cmd->header.prdtl); 1169 remaining = cmd->xbytes; 1170 for (i = 0; i < prdtl; ++i) { 1171 prd.dba = cpu_to_le64(cmd->buffer + (cmd->prd_size * i)); 1172 prd.res = 0; 1173 if (remaining > cmd->prd_size) { 1174 /* Note that byte count is 0-based. */ 1175 prd.dbc = cpu_to_le32(cmd->prd_size - 1); 1176 remaining -= cmd->prd_size; 1177 } else { 1178 /* Again, dbc is 0-based. */ 1179 prd.dbc = cpu_to_le32(remaining - 1); 1180 remaining = 0; 1181 } 1182 prd.dbc |= cpu_to_le32(0x80000000); /* Request DPS Interrupt */ 1183 1184 /* Commit the PRD entry to the Command Table */ 1185 qtest_memwrite(ahci->parent->qts, table_ptr + 0x80 + (i * sizeof(PRD)), 1186 &prd, sizeof(PRD)); 1187 } 1188 1189 /* Bookmark the PRDTL and CTBA values */ 1190 ahci->port[port].ctba[cmd->slot] = table_ptr; 1191 ahci->port[port].prdtl[cmd->slot] = prdtl; 1192} 1193 1194void ahci_command_issue_async(AHCIQState *ahci, AHCICommand *cmd) 1195{ 1196 if (cmd->props->ncq) { 1197 ahci_px_wreg(ahci, cmd->port, AHCI_PX_SACT, (1 << cmd->slot)); 1198 } 1199 1200 ahci_px_wreg(ahci, cmd->port, AHCI_PX_CI, (1 << cmd->slot)); 1201} 1202 1203void ahci_command_wait(AHCIQState *ahci, AHCICommand *cmd) 1204{ 1205 /* We can't rely on STS_BSY until the command has started processing. 1206 * Therefore, we also use the Command Issue bit as indication of 1207 * a command in-flight. */ 1208 1209#define RSET(REG, MASK) (BITSET(ahci_px_rreg(ahci, cmd->port, (REG)), (MASK))) 1210 1211 while (RSET(AHCI_PX_TFD, AHCI_PX_TFD_STS_BSY) || 1212 RSET(AHCI_PX_CI, 1 << cmd->slot) || 1213 (cmd->props->ncq && RSET(AHCI_PX_SACT, 1 << cmd->slot))) { 1214 usleep(50); 1215 } 1216 1217} 1218 1219void ahci_command_issue(AHCIQState *ahci, AHCICommand *cmd) 1220{ 1221 ahci_command_issue_async(ahci, cmd); 1222 ahci_command_wait(ahci, cmd); 1223} 1224 1225void ahci_command_verify(AHCIQState *ahci, AHCICommand *cmd) 1226{ 1227 uint8_t slot = cmd->slot; 1228 uint8_t port = cmd->port; 1229 1230 ahci_port_check_error(ahci, port, cmd->interrupts, cmd->errors); 1231 ahci_port_check_interrupts(ahci, port, cmd->interrupts); 1232 ahci_port_check_nonbusy(ahci, port, slot); 1233 ahci_port_check_cmd_sanity(ahci, cmd); 1234 if (cmd->interrupts & AHCI_PX_IS_DHRS) { 1235 ahci_port_check_d2h_sanity(ahci, port, slot); 1236 } 1237 if (cmd->props->pio) { 1238 ahci_port_check_pio_sanity(ahci, cmd); 1239 } 1240} 1241 1242uint8_t ahci_command_slot(AHCICommand *cmd) 1243{ 1244 return cmd->slot; 1245}