]> git.proxmox.com Git - qemu.git/blame - hw/ide/core.c
projects / qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
qemu-img: allow rebase to a NULL backing file when unsafe
[qemu.git] / hw / ide / core.c
CommitLineData
5391d806 1/*
38cdea7c 2 * QEMU IDE disk and CD/DVD-ROM Emulator
5fafdf24 3 *
5391d806 4 * Copyright (c) 2003 Fabrice Bellard
201a51fc 5 * Copyright (c) 2006 Openedhand Ltd.
5fafdf24 6 *
5391d806
FB		 7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
59f2a787
GH		 25#include <hw/hw.h>
26#include <hw/pc.h>
27#include <hw/pci.h>
43b443b6 28#include <hw/scsi.h>
c4d74df7 29#include "qemu-error.h"
87ecb68b
PB		 30#include "qemu-timer.h"
31#include "sysemu.h"
1fb8648d 32#include "dma.h"
2446333c 33#include "blockdev.h"
59f2a787
GH		 34
35#include <hw/ide/internal.h>
e8b54394 36
b93af93d
BW		 37/* These values were based on a Seagate ST3500418AS but have been modified
38 to make more sense in QEMU */
39static const int smart_attributes[][12] = {
40 /* id, flags, hflags, val, wrst, raw (6 bytes), threshold */
41 /* raw read error rate*/
42 { 0x01, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06},
43 /* spin up */
44 { 0x03, 0x03, 0x00, 0x64, 0x64, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
45 /* start stop count */
46 { 0x04, 0x02, 0x00, 0x64, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x14},
47 /* remapped sectors */
48 { 0x05, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x24},
49 /* power on hours */
50 { 0x09, 0x03, 0x00, 0x64, 0x64, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
51 /* power cycle count */
52 { 0x0c, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
53 /* airflow-temperature-celsius */
54 { 190, 0x03, 0x00, 0x45, 0x45, 0x1f, 0x00, 0x1f, 0x1f, 0x00, 0x00, 0x32},
55 /* end of list */
56 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}
e8b54394
BW		 57};
58
8114e9e8
TS		 59/* XXX: DVDs that could fit on a CD will be reported as a CD */
60static inline int media_present(IDEState *s)
61{
62 return (s->nb_sectors > 0);
63}
64
65static inline int media_is_dvd(IDEState *s)
66{
67 return (media_present(s) && s->nb_sectors > CD_MAX_SECTORS);
68}
69
70static inline int media_is_cd(IDEState *s)
71{
72 return (media_present(s) && s->nb_sectors <= CD_MAX_SECTORS);
73}
74
5f12ab4b 75static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
ce4b6522 76static int ide_handle_rw_error(IDEState *s, int error, int op);
98087450 77
5391d806
FB		 78static void padstr(char *str, const char *src, int len)
79{
80 int i, v;
81 for(i = 0; i < len; i++) {
82 if (*src)
83 v = *src++;
84 else
85 v = ' ';
69b34976 86 str[i^1] = v;
5391d806
FB		 87 }
88}
89
bd0d90b2
FB		 90static void padstr8(uint8_t *buf, int buf_size, const char *src)
91{
92 int i;
93 for(i = 0; i < buf_size; i++) {
94 if (*src)
95 buf[i] = *src++;
96 else
97 buf[i] = ' ';
98 }
99}
100
67b915a5
FB		 101static void put_le16(uint16_t *p, unsigned int v)
102{
0c4ad8dc 103 *p = cpu_to_le16(v);
67b915a5
FB		 104}
105
5391d806
FB		 106static void ide_identify(IDEState *s)
107{
108 uint16_t *p;
109 unsigned int oldsize;
57dac7ef 110 IDEDevice *dev;
5391d806 111
94458802
FB		 112 if (s->identify_set) {
113 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
114 return;
115 }
116
5391d806
FB		 117 memset(s->io_buffer, 0, 512);
118 p = (uint16_t *)s->io_buffer;
67b915a5 119 put_le16(p + 0, 0x0040);
5fafdf24 120 put_le16(p + 1, s->cylinders);
67b915a5
FB		 121 put_le16(p + 3, s->heads);
122 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
123 put_le16(p + 5, 512); /* XXX: retired, remove ? */
5fafdf24 124 put_le16(p + 6, s->sectors);
fa879c64 125 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
67b915a5
FB		 126 put_le16(p + 20, 3); /* XXX: retired, remove ? */
127 put_le16(p + 21, 512); /* cache size in sectors */
128 put_le16(p + 22, 4); /* ecc bytes */
47c06340 129 padstr((char *)(p + 23), s->version, 8); /* firmware version */
60fe76f3 130 padstr((char *)(p + 27), "QEMU HARDDISK", 40); /* model */
3b46e624 131#if MAX_MULT_SECTORS > 1
67b915a5 132 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
5391d806 133#endif
67b915a5 134 put_le16(p + 48, 1); /* dword I/O */
94458802 135 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
67b915a5
FB		 136 put_le16(p + 51, 0x200); /* PIO transfer cycle */
137 put_le16(p + 52, 0x200); /* DMA transfer cycle */
94458802 138 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
67b915a5
FB		 139 put_le16(p + 54, s->cylinders);
140 put_le16(p + 55, s->heads);
141 put_le16(p + 56, s->sectors);
5391d806 142 oldsize = s->cylinders * s->heads * s->sectors;
67b915a5
FB		 143 put_le16(p + 57, oldsize);
144 put_le16(p + 58, oldsize >> 16);
5391d806 145 if (s->mult_sectors)
67b915a5
FB		 146 put_le16(p + 59, 0x100 | s->mult_sectors);
147 put_le16(p + 60, s->nb_sectors);
148 put_le16(p + 61, s->nb_sectors >> 16);
d1b5c20d 149 put_le16(p + 62, 0x07); /* single word dma0-2 supported */
94458802 150 put_le16(p + 63, 0x07); /* mdma0-2 supported */
79d1d331 151 put_le16(p + 64, 0x03); /* pio3-4 supported */
94458802
FB		 152 put_le16(p + 65, 120);
153 put_le16(p + 66, 120);
154 put_le16(p + 67, 120);
155 put_le16(p + 68, 120);
ccf0fd8b
RE		 156
157 if (s->ncq_queues) {
158 put_le16(p + 75, s->ncq_queues - 1);
159 /* NCQ supported */
160 put_le16(p + 76, (1 << 8));
161 }
162
94458802
FB		 163 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
164 put_le16(p + 81, 0x16); /* conforms to ata5 */
a58b8d54
CH		 165 /* 14=NOP supported, 5=WCACHE supported, 0=SMART supported */
166 put_le16(p + 82, (1 << 14) | (1 << 5) | 1);
c2ff060f
FB		 167 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
168 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
e8b54394
BW		 169 /* 14=set to 1, 1=SMART self test, 0=SMART error logging */
170 put_le16(p + 84, (1 << 14) | 0);
e900a7b7
CH		 171 /* 14 = NOP supported, 5=WCACHE enabled, 0=SMART feature set enabled */
172 if (bdrv_enable_write_cache(s->bs))
173 put_le16(p + 85, (1 << 14) | (1 << 5) | 1);
174 else
175 put_le16(p + 85, (1 << 14) | 1);
c2ff060f
FB		 176 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
177 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
e8b54394
BW		 178 /* 14=set to 1, 1=smart self test, 0=smart error logging */
179 put_le16(p + 87, (1 << 14) | 0);
94458802
FB		 180 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
181 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
c2ff060f
FB		 182 put_le16(p + 100, s->nb_sectors);
183 put_le16(p + 101, s->nb_sectors >> 16);
184 put_le16(p + 102, s->nb_sectors >> 32);
185 put_le16(p + 103, s->nb_sectors >> 48);
57dac7ef
MA		 186 dev = s->unit ? s->bus->slave : s->bus->master;
187 if (dev && dev->conf.physical_block_size)
188 put_le16(p + 106, 0x6000 | get_physical_block_exp(&dev->conf));
94458802
FB		 189
190 memcpy(s->identify_data, p, sizeof(s->identify_data));
191 s->identify_set = 1;
5391d806
FB		 192}
193
194static void ide_atapi_identify(IDEState *s)
195{
196 uint16_t *p;
197
94458802
FB		 198 if (s->identify_set) {
199 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
200 return;
201 }
202
5391d806
FB		 203 memset(s->io_buffer, 0, 512);
204 p = (uint16_t *)s->io_buffer;
205 /* Removable CDROM, 50us response, 12 byte packets */
67b915a5 206 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
fa879c64 207 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
67b915a5
FB		 208 put_le16(p + 20, 3); /* buffer type */
209 put_le16(p + 21, 512); /* cache size in sectors */
210 put_le16(p + 22, 4); /* ecc bytes */
47c06340 211 padstr((char *)(p + 23), s->version, 8); /* firmware version */
38cdea7c 212 padstr((char *)(p + 27), "QEMU DVD-ROM", 40); /* model */
67b915a5 213 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
8ccad811
FB		 214#ifdef USE_DMA_CDROM
215 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
216 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
d1b5c20d 217 put_le16(p + 62, 7); /* single word dma0-2 supported */
8ccad811 218 put_le16(p + 63, 7); /* mdma0-2 supported */
8ccad811 219#else
67b915a5
FB		 220 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
221 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
222 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
8ccad811 223#endif
79d1d331 224 put_le16(p + 64, 3); /* pio3-4 supported */
67b915a5
FB		 225 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
226 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
227 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
228 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
94458802 229
67b915a5
FB		 230 put_le16(p + 71, 30); /* in ns */
231 put_le16(p + 72, 30); /* in ns */
5391d806 232
1bdaa28d
AG		 233 if (s->ncq_queues) {
234 put_le16(p + 75, s->ncq_queues - 1);
235 /* NCQ supported */
236 put_le16(p + 76, (1 << 8));
237 }
238
67b915a5 239 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
8ccad811
FB		 240#ifdef USE_DMA_CDROM
241 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
242#endif
94458802
FB		 243 memcpy(s->identify_data, p, sizeof(s->identify_data));
244 s->identify_set = 1;
5391d806
FB		 245}
246
201a51fc
AZ		 247static void ide_cfata_identify(IDEState *s)
248{
249 uint16_t *p;
250 uint32_t cur_sec;
201a51fc
AZ		 251
252 p = (uint16_t *) s->identify_data;
253 if (s->identify_set)
254 goto fill_buffer;
255
256 memset(p, 0, sizeof(s->identify_data));
257
258 cur_sec = s->cylinders * s->heads * s->sectors;
259
260 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
261 put_le16(p + 1, s->cylinders); /* Default cylinders */
262 put_le16(p + 3, s->heads); /* Default heads */
263 put_le16(p + 6, s->sectors); /* Default sectors per track */
264 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
265 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
fa879c64 266 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
201a51fc 267 put_le16(p + 22, 0x0004); /* ECC bytes */
47c06340 268 padstr((char *) (p + 23), s->version, 8); /* Firmware Revision */
60fe76f3 269 padstr((char *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */
201a51fc
AZ		 270#if MAX_MULT_SECTORS > 1
271 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
272#else
273 put_le16(p + 47, 0x0000);
274#endif
275 put_le16(p + 49, 0x0f00); /* Capabilities */
276 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
277 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
278 put_le16(p + 53, 0x0003); /* Translation params valid */
279 put_le16(p + 54, s->cylinders); /* Current cylinders */
280 put_le16(p + 55, s->heads); /* Current heads */
281 put_le16(p + 56, s->sectors); /* Current sectors */
282 put_le16(p + 57, cur_sec); /* Current capacity */
283 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
284 if (s->mult_sectors) /* Multiple sector setting */
285 put_le16(p + 59, 0x100 | s->mult_sectors);
286 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
287 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
288 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
289 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
290 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
291 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
292 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
293 put_le16(p + 82, 0x400c); /* Command Set supported */
294 put_le16(p + 83, 0x7068); /* Command Set supported */
295 put_le16(p + 84, 0x4000); /* Features supported */
296 put_le16(p + 85, 0x000c); /* Command Set enabled */
297 put_le16(p + 86, 0x7044); /* Command Set enabled */
298 put_le16(p + 87, 0x4000); /* Features enabled */
299 put_le16(p + 91, 0x4060); /* Current APM level */
300 put_le16(p + 129, 0x0002); /* Current features option */
301 put_le16(p + 130, 0x0005); /* Reassigned sectors */
302 put_le16(p + 131, 0x0001); /* Initial power mode */
303 put_le16(p + 132, 0x0000); /* User signature */
304 put_le16(p + 160, 0x8100); /* Power requirement */
305 put_le16(p + 161, 0x8001); /* CF command set */
306
307 s->identify_set = 1;
308
309fill_buffer:
310 memcpy(s->io_buffer, p, sizeof(s->identify_data));
311}
312
5391d806
FB		 313static void ide_set_signature(IDEState *s)
314{
315 s->select &= 0xf0; /* clear head */
316 /* put signature */
317 s->nsector = 1;
318 s->sector = 1;
cd8722bb 319 if (s->drive_kind == IDE_CD) {
5391d806
FB		 320 s->lcyl = 0x14;
321 s->hcyl = 0xeb;
322 } else if (s->bs) {
323 s->lcyl = 0;
324 s->hcyl = 0;
325 } else {
326 s->lcyl = 0xff;
327 s->hcyl = 0xff;
328 }
329}
330
331static inline void ide_abort_command(IDEState *s)
332{
333 s->status = READY_STAT | ERR_STAT;
334 s->error = ABRT_ERR;
335}
336
5391d806 337/* prepare data transfer and tell what to do after */
5fafdf24 338static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
5391d806
FB		 339 EndTransferFunc *end_transfer_func)
340{
341 s->end_transfer_func = end_transfer_func;
342 s->data_ptr = buf;
343 s->data_end = buf + size;
40a6238a 344 if (!(s->status & ERR_STAT)) {
7603d156 345 s->status |= DRQ_STAT;
40a6238a
AG		 346 }
347 s->bus->dma->ops->start_transfer(s->bus->dma);
5391d806
FB		 348}
349
350static void ide_transfer_stop(IDEState *s)
351{
352 s->end_transfer_func = ide_transfer_stop;
353 s->data_ptr = s->io_buffer;
354 s->data_end = s->io_buffer;
355 s->status &= ~DRQ_STAT;
356}
357
356721ae 358int64_t ide_get_sector(IDEState *s)
5391d806
FB		 359{
360 int64_t sector_num;
361 if (s->select & 0x40) {
362 /* lba */
c2ff060f
FB		 363 if (!s->lba48) {
364 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
365 (s->lcyl << 8) | s->sector;
366 } else {
367 sector_num = ((int64_t)s->hob_hcyl << 40) |
368 ((int64_t) s->hob_lcyl << 32) |
369 ((int64_t) s->hob_sector << 24) |
370 ((int64_t) s->hcyl << 16) |
371 ((int64_t) s->lcyl << 8) | s->sector;
372 }
5391d806
FB		 373 } else {
374 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
c2ff060f 375 (s->select & 0x0f) * s->sectors + (s->sector - 1);
5391d806
FB		 376 }
377 return sector_num;
378}
379
356721ae 380void ide_set_sector(IDEState *s, int64_t sector_num)
5391d806
FB		 381{
382 unsigned int cyl, r;
383 if (s->select & 0x40) {
c2ff060f
FB		 384 if (!s->lba48) {
385 s->select = (s->select & 0xf0) | (sector_num >> 24);
386 s->hcyl = (sector_num >> 16);
387 s->lcyl = (sector_num >> 8);
388 s->sector = (sector_num);
389 } else {
390 s->sector = sector_num;
391 s->lcyl = sector_num >> 8;
392 s->hcyl = sector_num >> 16;
393 s->hob_sector = sector_num >> 24;
394 s->hob_lcyl = sector_num >> 32;
395 s->hob_hcyl = sector_num >> 40;
396 }
5391d806
FB		 397 } else {
398 cyl = sector_num / (s->heads * s->sectors);
399 r = sector_num % (s->heads * s->sectors);
400 s->hcyl = cyl >> 8;
401 s->lcyl = cyl;
1b8eb456 402 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
5391d806
FB		 403 s->sector = (r % s->sectors) + 1;
404 }
405}
406
e162cfb0
AZ		 407static void ide_rw_error(IDEState *s) {
408 ide_abort_command(s);
9cdd03a7 409 ide_set_irq(s->bus);
e162cfb0
AZ		 410}
411
40a6238a 412void ide_sector_read(IDEState *s)
5391d806
FB		 413{
414 int64_t sector_num;
415 int ret, n;
416
417 s->status = READY_STAT | SEEK_STAT;
a136e5a8 418 s->error = 0; /* not needed by IDE spec, but needed by Windows */
5391d806
FB		 419 sector_num = ide_get_sector(s);
420 n = s->nsector;
421 if (n == 0) {
422 /* no more sector to read from disk */
423 ide_transfer_stop(s);
424 } else {
425#if defined(DEBUG_IDE)
18c5f8ea 426 printf("read sector=%" PRId64 "\n", sector_num);
5391d806
FB		 427#endif
428 if (n > s->req_nb_sectors)
429 n = s->req_nb_sectors;
430 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
e162cfb0 431 if (ret != 0) {
ce4b6522
KW		 432 if (ide_handle_rw_error(s, -ret,
433 BM_STATUS_PIO_RETRY | BM_STATUS_RETRY_READ))
434 {
435 return;
436 }
e162cfb0 437 }
5391d806 438 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
9cdd03a7 439 ide_set_irq(s->bus);
5391d806
FB		 440 ide_set_sector(s, sector_num + n);
441 s->nsector -= n;
442 }
443}
444
7aea4412
AL		 445static void dma_buf_commit(IDEState *s, int is_write)
446{
1fb8648d 447 qemu_sglist_destroy(&s->sg);
7aea4412
AL		 448}
449
40a6238a 450static void ide_set_inactive(IDEState *s)
8337606d 451{
40a6238a
AG		 452 s->bus->dma->aiocb = NULL;
453 s->bus->dma->ops->set_inactive(s->bus->dma);
8337606d
KW		 454}
455
356721ae 456void ide_dma_error(IDEState *s)
e162cfb0
AZ		 457{
458 ide_transfer_stop(s);
459 s->error = ABRT_ERR;
460 s->status = READY_STAT | ERR_STAT;
40a6238a
AG		 461 ide_set_inactive(s);
462 s->bus->dma->ops->add_status(s->bus->dma, BM_STATUS_INT);
9cdd03a7 463 ide_set_irq(s->bus);
e162cfb0
AZ		 464}
465
ce4b6522 466static int ide_handle_rw_error(IDEState *s, int error, int op)
428c5705 467{
ce4b6522 468 int is_read = (op & BM_STATUS_RETRY_READ);
abd7f68d 469 BlockErrorAction action = bdrv_get_on_error(s->bs, is_read);
428c5705 470
7ad7e3c3
LC		 471 if (action == BLOCK_ERR_IGNORE) {
472 bdrv_mon_event(s->bs, BDRV_ACTION_IGNORE, is_read);
428c5705 473 return 0;
7ad7e3c3 474 }
428c5705
AL		 475
476 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
477 || action == BLOCK_ERR_STOP_ANY) {
40a6238a
AG		 478 s->bus->dma->ops->set_unit(s->bus->dma, s->unit);
479 s->bus->dma->ops->add_status(s->bus->dma, op);
7ad7e3c3 480 bdrv_mon_event(s->bs, BDRV_ACTION_STOP, is_read);
e07bbac5 481 vm_stop(VMSTOP_DISKFULL);
428c5705 482 } else {
ce4b6522 483 if (op & BM_STATUS_DMA_RETRY) {
7aea4412 484 dma_buf_commit(s, 0);
428c5705 485 ide_dma_error(s);
7aea4412 486 } else {
428c5705 487 ide_rw_error(s);
7aea4412 488 }
7ad7e3c3 489 bdrv_mon_event(s->bs, BDRV_ACTION_REPORT, is_read);
428c5705
AL		 490 }
491
492 return 1;
493}
494
cd369c46 495void ide_dma_cb(void *opaque, int ret)
98087450 496{
40a6238a 497 IDEState *s = opaque;
8ccad811
FB		 498 int n;
499 int64_t sector_num;
500
c641483f 501handle_rw_error:
e162cfb0 502 if (ret < 0) {
cd369c46
CH		 503 int op = BM_STATUS_DMA_RETRY;
504
505 if (s->is_read)
506 op |= BM_STATUS_RETRY_READ;
507 if (ide_handle_rw_error(s, -ret, op)) {
ce4b6522
KW		 508 return;
509 }
e162cfb0
AZ		 510 }
511
8ccad811
FB		 512 n = s->io_buffer_size >> 9;
513 sector_num = ide_get_sector(s);
514 if (n > 0) {
cd369c46 515 dma_buf_commit(s, s->is_read);
8ccad811
FB		 516 sector_num += n;
517 ide_set_sector(s, sector_num);
518 s->nsector -= n;
8ccad811
FB		 519 }
520
521 /* end of transfer ? */
522 if (s->nsector == 0) {
98087450 523 s->status = READY_STAT | SEEK_STAT;
9cdd03a7 524 ide_set_irq(s->bus);
cd369c46 525 goto eot;
98087450 526 }
8ccad811
FB		 527
528 /* launch next transfer */
529 n = s->nsector;
596bb44d 530 s->io_buffer_index = 0;
8ccad811 531 s->io_buffer_size = n * 512;
cd369c46 532 if (s->bus->dma->ops->prepare_buf(s->bus->dma, s->is_read) == 0)
7aea4412 533 goto eot;
cd369c46 534
8ccad811 535#ifdef DEBUG_AIO
cd369c46
CH		 536 printf("ide_dma_cb: sector_num=%" PRId64 " n=%d, is_read=%d\n",
537 sector_num, n, s->is_read);
8ccad811 538#endif
cd369c46
CH		 539
540 if (s->is_read) {
541 s->bus->dma->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num,
542 ide_dma_cb, s);
543 } else {
544 s->bus->dma->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num,
545 ide_dma_cb, s);
546 }
c641483f
CH		 547
548 if (!s->bus->dma->aiocb) {
549 ret = -1;
550 goto handle_rw_error;
551 }
cd369c46
CH		 552 return;
553
554eot:
555 s->bus->dma->ops->add_status(s->bus->dma, BM_STATUS_INT);
556 ide_set_inactive(s);
98087450
FB		 557}
558
cd369c46 559static void ide_sector_start_dma(IDEState *s, int is_read)
98087450 560{
8ccad811 561 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
98087450
FB		 562 s->io_buffer_index = 0;
563 s->io_buffer_size = 0;
cd369c46
CH		 564 s->is_read = is_read;
565 s->bus->dma->ops->start_dma(s->bus->dma, s, ide_dma_cb);
98087450
FB		 566}
567
a09db21f
FB		 568static void ide_sector_write_timer_cb(void *opaque)
569{
570 IDEState *s = opaque;
9cdd03a7 571 ide_set_irq(s->bus);
a09db21f
FB		 572}
573
40a6238a 574void ide_sector_write(IDEState *s)
5391d806
FB		 575{
576 int64_t sector_num;
31c2a146 577 int ret, n, n1;
5391d806
FB		 578
579 s->status = READY_STAT | SEEK_STAT;
580 sector_num = ide_get_sector(s);
581#if defined(DEBUG_IDE)
18c5f8ea 582 printf("write sector=%" PRId64 "\n", sector_num);
5391d806
FB		 583#endif
584 n = s->nsector;
585 if (n > s->req_nb_sectors)
586 n = s->req_nb_sectors;
31c2a146 587 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
428c5705 588
e162cfb0 589 if (ret != 0) {
ce4b6522 590 if (ide_handle_rw_error(s, -ret, BM_STATUS_PIO_RETRY))
428c5705 591 return;
e162cfb0
AZ		 592 }
593
5391d806
FB		 594 s->nsector -= n;
595 if (s->nsector == 0) {
292eef5a 596 /* no more sectors to write */
5391d806
FB		 597 ide_transfer_stop(s);
598 } else {
599 n1 = s->nsector;
600 if (n1 > s->req_nb_sectors)
601 n1 = s->req_nb_sectors;
602 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
603 }
604 ide_set_sector(s, sector_num + n);
3b46e624 605
31c2a146
TS		 606 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
607 /* It seems there is a bug in the Windows 2000 installer HDD
608 IDE driver which fills the disk with empty logs when the
609 IDE write IRQ comes too early. This hack tries to correct
610 that at the expense of slower write performances. Use this
611 option _only_ to install Windows 2000. You must disable it
612 for normal use. */
f7736b91 613 qemu_mod_timer(s->sector_write_timer,
74475455 614 qemu_get_clock_ns(vm_clock) + (get_ticks_per_sec() / 1000));
f7736b91 615 } else {
9cdd03a7 616 ide_set_irq(s->bus);
31c2a146 617 }
5391d806
FB		 618}
619
356721ae 620void ide_atapi_cmd_ok(IDEState *s)
5391d806
FB		 621{
622 s->error = 0;
41a2b959 623 s->status = READY_STAT | SEEK_STAT;
5391d806 624 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
9cdd03a7 625 ide_set_irq(s->bus);
5391d806
FB		 626}
627
356721ae 628void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
5391d806
FB		 629{
630#ifdef DEBUG_IDE_ATAPI
631 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
632#endif
633 s->error = sense_key << 4;
634 s->status = READY_STAT | ERR_STAT;
635 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
636 s->sense_key = sense_key;
637 s->asc = asc;
9cdd03a7 638 ide_set_irq(s->bus);
5391d806
FB		 639}
640
9118e7f0
AL		 641static void ide_atapi_cmd_check_status(IDEState *s)
642{
643#ifdef DEBUG_IDE_ATAPI
644 printf("atapi_cmd_check_status\n");
645#endif
646 s->error = MC_ERR | (SENSE_UNIT_ATTENTION << 4);
647 s->status = ERR_STAT;
648 s->nsector = 0;
9cdd03a7 649 ide_set_irq(s->bus);
9118e7f0
AL		 650}
651
b0484ae4
CH		 652static void ide_flush_cb(void *opaque, int ret)
653{
654 IDEState *s = opaque;
655
e2bcadad
KW		 656 if (ret < 0) {
657 /* XXX: What sector number to set here? */
658 if (ide_handle_rw_error(s, -ret, BM_STATUS_RETRY_FLUSH)) {
659 return;
660 }
661 }
b0484ae4
CH		 662
663 s->status = READY_STAT | SEEK_STAT;
664 ide_set_irq(s->bus);
665}
666
40a6238a 667void ide_flush_cache(IDEState *s)
6bcb1a79 668{
b2df7531
KW		 669 BlockDriverAIOCB *acb;
670
671 if (s->bs == NULL) {
6bcb1a79 672 ide_flush_cb(s, 0);
b2df7531
KW		 673 return;
674 }
675
676 acb = bdrv_aio_flush(s->bs, ide_flush_cb, s);
677 if (acb == NULL) {
678 ide_flush_cb(s, -EIO);
6bcb1a79
KW		 679 }
680}
681
5391d806
FB		 682static inline void cpu_to_ube16(uint8_t *buf, int val)
683{
684 buf[0] = val >> 8;
9e622b15 685 buf[1] = val & 0xff;
5391d806
FB		 686}
687
688static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
689{
690 buf[0] = val >> 24;
691 buf[1] = val >> 16;
692 buf[2] = val >> 8;
9e622b15 693 buf[3] = val & 0xff;
5391d806
FB		 694}
695
696static inline int ube16_to_cpu(const uint8_t *buf)
697{
698 return (buf[0] << 8) | buf[1];
699}
700
701static inline int ube32_to_cpu(const uint8_t *buf)
702{
703 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
704}
705
98087450
FB		 706static void lba_to_msf(uint8_t *buf, int lba)
707{
708 lba += 150;
709 buf[0] = (lba / 75) / 60;
710 buf[1] = (lba / 75) % 60;
711 buf[2] = lba % 75;
712}
713
8ccad811
FB		 714static void cd_data_to_raw(uint8_t *buf, int lba)
715{
716 /* sync bytes */
717 buf[0] = 0x00;
718 memset(buf + 1, 0xff, 10);
719 buf[11] = 0x00;
720 buf += 12;
721 /* MSF */
722 lba_to_msf(buf, lba);
723 buf[3] = 0x01; /* mode 1 data */
724 buf += 4;
725 /* data */
726 buf += 2048;
727 /* XXX: ECC not computed */
728 memset(buf, 0, 288);
729}
730
5fafdf24 731static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
98087450
FB		 732 int sector_size)
733{
66c6ef76
FB		 734 int ret;
735
98087450
FB		 736 switch(sector_size) {
737 case 2048:
66c6ef76 738 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
98087450
FB		 739 break;
740 case 2352:
66c6ef76
FB		 741 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
742 if (ret < 0)
743 return ret;
8ccad811 744 cd_data_to_raw(buf, lba);
98087450
FB		 745 break;
746 default:
66c6ef76 747 ret = -EIO;
98087450
FB		 748 break;
749 }
66c6ef76
FB		 750 return ret;
751}
752
356721ae 753void ide_atapi_io_error(IDEState *s, int ret)
66c6ef76
FB		 754{
755 /* XXX: handle more errors */
756 if (ret == -ENOMEDIUM) {
5fafdf24 757 ide_atapi_cmd_error(s, SENSE_NOT_READY,
66c6ef76
FB		 758 ASC_MEDIUM_NOT_PRESENT);
759 } else {
5fafdf24 760 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
66c6ef76
FB		 761 ASC_LOGICAL_BLOCK_OOR);
762 }
98087450
FB		 763}
764
5391d806
FB		 765/* The whole ATAPI transfer logic is handled in this function */
766static void ide_atapi_cmd_reply_end(IDEState *s)
767{
66c6ef76 768 int byte_count_limit, size, ret;
5391d806 769#ifdef DEBUG_IDE_ATAPI
5fafdf24 770 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
5391d806
FB		 771 s->packet_transfer_size,
772 s->elementary_transfer_size,
773 s->io_buffer_index);
774#endif
775 if (s->packet_transfer_size <= 0) {
776 /* end of transfer */
777 ide_transfer_stop(s);
41a2b959 778 s->status = READY_STAT | SEEK_STAT;
5391d806 779 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
9cdd03a7 780 ide_set_irq(s->bus);
5391d806
FB		 781#ifdef DEBUG_IDE_ATAPI
782 printf("status=0x%x\n", s->status);
783#endif
784 } else {
785 /* see if a new sector must be read */
98087450 786 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
66c6ef76
FB		 787 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
788 if (ret < 0) {
789 ide_transfer_stop(s);
790 ide_atapi_io_error(s, ret);
791 return;
792 }
5391d806
FB		 793 s->lba++;
794 s->io_buffer_index = 0;
795 }
796 if (s->elementary_transfer_size > 0) {
797 /* there are some data left to transmit in this elementary
798 transfer */
98087450 799 size = s->cd_sector_size - s->io_buffer_index;
5391d806
FB		 800 if (size > s->elementary_transfer_size)
801 size = s->elementary_transfer_size;
5391d806
FB		 802 s->packet_transfer_size -= size;
803 s->elementary_transfer_size -= size;
804 s->io_buffer_index += size;
2ff61ff1
AG		 805 ide_transfer_start(s, s->io_buffer + s->io_buffer_index - size,
806 size, ide_atapi_cmd_reply_end);
5391d806
FB		 807 } else {
808 /* a new transfer is needed */
809 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
810 byte_count_limit = s->lcyl | (s->hcyl << 8);
811#ifdef DEBUG_IDE_ATAPI
812 printf("byte_count_limit=%d\n", byte_count_limit);
813#endif
814 if (byte_count_limit == 0xffff)
815 byte_count_limit--;
816 size = s->packet_transfer_size;
817 if (size > byte_count_limit) {
818 /* byte count limit must be even if this case */
819 if (byte_count_limit & 1)
820 byte_count_limit--;
821 size = byte_count_limit;
5391d806 822 }
a136e5a8
FB		 823 s->lcyl = size;
824 s->hcyl = size >> 8;
5391d806
FB		 825 s->elementary_transfer_size = size;
826 /* we cannot transmit more than one sector at a time */
827 if (s->lba != -1) {
98087450
FB		 828 if (size > (s->cd_sector_size - s->io_buffer_index))
829 size = (s->cd_sector_size - s->io_buffer_index);
5391d806 830 }
5391d806
FB		 831 s->packet_transfer_size -= size;
832 s->elementary_transfer_size -= size;
833 s->io_buffer_index += size;
2ff61ff1
AG		 834 ide_transfer_start(s, s->io_buffer + s->io_buffer_index - size,
835 size, ide_atapi_cmd_reply_end);
9cdd03a7 836 ide_set_irq(s->bus);
5391d806
FB		 837#ifdef DEBUG_IDE_ATAPI
838 printf("status=0x%x\n", s->status);
839#endif
840 }
841 }
842}
843
844/* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
845static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
846{
847 if (size > max_size)
848 size = max_size;
849 s->lba = -1; /* no sector read */
850 s->packet_transfer_size = size;
5f12ab4b 851 s->io_buffer_size = size; /* dma: send the reply data as one chunk */
5391d806
FB		 852 s->elementary_transfer_size = 0;
853 s->io_buffer_index = 0;
854
5f12ab4b 855 if (s->atapi_dma) {
41a2b959 856 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
40a6238a
AG		 857 s->bus->dma->ops->start_dma(s->bus->dma, s,
858 ide_atapi_cmd_read_dma_cb);
5f12ab4b 859 } else {
41a2b959 860 s->status = READY_STAT | SEEK_STAT;
5f12ab4b
TS		 861 ide_atapi_cmd_reply_end(s);
862 }
5391d806
FB		 863}
864
865/* start a CD-CDROM read command */
98087450
FB		 866static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
867 int sector_size)
5391d806 868{
5391d806 869 s->lba = lba;
98087450 870 s->packet_transfer_size = nb_sectors * sector_size;
5391d806 871 s->elementary_transfer_size = 0;
98087450
FB		 872 s->io_buffer_index = sector_size;
873 s->cd_sector_size = sector_size;
5391d806 874
41a2b959 875 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 876 ide_atapi_cmd_reply_end(s);
877}
878
98087450 879/* ATAPI DMA support */
8ccad811
FB		 880
881/* XXX: handle read errors */
882static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
98087450 883{
40a6238a 884 IDEState *s = opaque;
8ccad811
FB		 885 int data_offset, n;
886
66c6ef76
FB		 887 if (ret < 0) {
888 ide_atapi_io_error(s, ret);
889 goto eot;
890 }
891
8ccad811 892 if (s->io_buffer_size > 0) {
5f12ab4b
TS		 893 /*
894 * For a cdrom read sector command (s->lba != -1),
895 * adjust the lba for the next s->io_buffer_size chunk
896 * and dma the current chunk.
897 * For a command != read (s->lba == -1), just transfer
898 * the reply data.
899 */
900 if (s->lba != -1) {
901 if (s->cd_sector_size == 2352) {
902 n = 1;
903 cd_data_to_raw(s->io_buffer, s->lba);
904 } else {
905 n = s->io_buffer_size >> 11;
906 }
907 s->lba += n;
908 }
8ccad811 909 s->packet_transfer_size -= s->io_buffer_size;
40a6238a 910 if (s->bus->dma->ops->rw_buf(s->bus->dma, 1) == 0)
8ccad811 911 goto eot;
98087450 912 }
8ccad811 913
98087450 914 if (s->packet_transfer_size <= 0) {
41a2b959 915 s->status = READY_STAT | SEEK_STAT;
98087450 916 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
9cdd03a7 917 ide_set_irq(s->bus);
8ccad811 918 eot:
40a6238a
AG		 919 s->bus->dma->ops->add_status(s->bus->dma, BM_STATUS_INT);
920 ide_set_inactive(s);
8ccad811
FB		 921 return;
922 }
3b46e624 923
8ccad811
FB		 924 s->io_buffer_index = 0;
925 if (s->cd_sector_size == 2352) {
926 n = 1;
927 s->io_buffer_size = s->cd_sector_size;
928 data_offset = 16;
929 } else {
930 n = s->packet_transfer_size >> 11;
1d8cde5b
AJ		 931 if (n > (IDE_DMA_BUF_SECTORS / 4))
932 n = (IDE_DMA_BUF_SECTORS / 4);
8ccad811
FB		 933 s->io_buffer_size = n * 2048;
934 data_offset = 0;
98087450 935 }
8ccad811
FB		 936#ifdef DEBUG_AIO
937 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
938#endif
40a6238a
AG		 939 s->bus->dma->iov.iov_base = (void *)(s->io_buffer + data_offset);
940 s->bus->dma->iov.iov_len = n * 4 * 512;
941 qemu_iovec_init_external(&s->bus->dma->qiov, &s->bus->dma->iov, 1);
942 s->bus->dma->aiocb = bdrv_aio_readv(s->bs, (int64_t)s->lba << 2,
943 &s->bus->dma->qiov, n * 4,
944 ide_atapi_cmd_read_dma_cb, s);
945 if (!s->bus->dma->aiocb) {
66c6ef76 946 /* Note: media not present is the most likely case */
5fafdf24 947 ide_atapi_cmd_error(s, SENSE_NOT_READY,
66c6ef76
FB		 948 ASC_MEDIUM_NOT_PRESENT);
949 goto eot;
950 }
98087450
FB		 951}
952
953/* start a CD-CDROM read command with DMA */
954/* XXX: test if DMA is available */
955static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
956 int sector_size)
957{
958 s->lba = lba;
959 s->packet_transfer_size = nb_sectors * sector_size;
8ccad811
FB		 960 s->io_buffer_index = 0;
961 s->io_buffer_size = 0;
98087450
FB		 962 s->cd_sector_size = sector_size;
963
8ccad811 964 /* XXX: check if BUSY_STAT should be set */
41a2b959 965 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
40a6238a
AG		 966 s->bus->dma->ops->start_dma(s->bus->dma, s,
967 ide_atapi_cmd_read_dma_cb);
98087450
FB		 968}
969
5fafdf24 970static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
98087450
FB		 971 int sector_size)
972{
973#ifdef DEBUG_IDE_ATAPI
5f12ab4b
TS		 974 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
975 lba, nb_sectors);
98087450
FB		 976#endif
977 if (s->atapi_dma) {
978 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
979 } else {
980 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
981 }
982}
983
38cdea7c
AZ		 984static inline uint8_t ide_atapi_set_profile(uint8_t *buf, uint8_t *index,
985 uint16_t profile)
986{
987 uint8_t *buf_profile = buf + 12; /* start of profiles */
988
989 buf_profile += ((*index) * 4); /* start of indexed profile */
990 cpu_to_ube16 (buf_profile, profile);
991 buf_profile[2] = ((buf_profile[0] == buf[6]) && (buf_profile[1] == buf[7]));
992
993 /* each profile adds 4 bytes to the response */
994 (*index)++;
995 buf[11] += 4; /* Additional Length */
996
997 return 4;
998}
999
8114e9e8
TS		 1000static int ide_dvd_read_structure(IDEState *s, int format,
1001 const uint8_t *packet, uint8_t *buf)
1002{
1003 switch (format) {
1004 case 0x0: /* Physical format information */
1005 {
1006 int layer = packet[6];
1007 uint64_t total_sectors;
1008
1009 if (layer != 0)
1010 return -ASC_INV_FIELD_IN_CMD_PACKET;
1011
1012 bdrv_get_geometry(s->bs, &total_sectors);
1013 total_sectors >>= 2;
1014 if (total_sectors == 0)
1015 return -ASC_MEDIUM_NOT_PRESENT;
1016
1017 buf[4] = 1; /* DVD-ROM, part version 1 */
1018 buf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
1019 buf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
1020 buf[7] = 0; /* default densities */
1021
1022 /* FIXME: 0x30000 per spec? */
1023 cpu_to_ube32(buf + 8, 0); /* start sector */
1024 cpu_to_ube32(buf + 12, total_sectors - 1); /* end sector */
1025 cpu_to_ube32(buf + 16, total_sectors - 1); /* l0 end sector */
1026
1027 /* Size of buffer, not including 2 byte size field */
1028 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1029
1030 /* 2k data + 4 byte header */
1031 return (2048 + 4);
1032 }
1033
1034 case 0x01: /* DVD copyright information */
1035 buf[4] = 0; /* no copyright data */
1036 buf[5] = 0; /* no region restrictions */
1037
1038 /* Size of buffer, not including 2 byte size field */
1039 cpu_to_be16wu((uint16_t *)buf, 4 + 2);
1040
1041 /* 4 byte header + 4 byte data */
1042 return (4 + 4);
1043
1044 case 0x03: /* BCA information - invalid field for no BCA info */
1045 return -ASC_INV_FIELD_IN_CMD_PACKET;
1046
1047 case 0x04: /* DVD disc manufacturing information */
1048 /* Size of buffer, not including 2 byte size field */
1049 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1050
1051 /* 2k data + 4 byte header */
1052 return (2048 + 4);
1053
1054 case 0xff:
1055 /*
1056 * This lists all the command capabilities above. Add new ones
1057 * in order and update the length and buffer return values.
1058 */
1059
1060 buf[4] = 0x00; /* Physical format */
1061 buf[5] = 0x40; /* Not writable, is readable */
1062 cpu_to_be16wu((uint16_t *)(buf + 6), 2048 + 4);
1063
1064 buf[8] = 0x01; /* Copyright info */
1065 buf[9] = 0x40; /* Not writable, is readable */
1066 cpu_to_be16wu((uint16_t *)(buf + 10), 4 + 4);
1067
1068 buf[12] = 0x03; /* BCA info */
1069 buf[13] = 0x40; /* Not writable, is readable */
1070 cpu_to_be16wu((uint16_t *)(buf + 14), 188 + 4);
1071
1072 buf[16] = 0x04; /* Manufacturing info */
1073 buf[17] = 0x40; /* Not writable, is readable */
1074 cpu_to_be16wu((uint16_t *)(buf + 18), 2048 + 4);
1075
1076 /* Size of buffer, not including 2 byte size field */
1077 cpu_to_be16wu((uint16_t *)buf, 16 + 2);
1078
1079 /* data written + 4 byte header */
1080 return (16 + 4);
1081
1082 default: /* TODO: formats beyond DVD-ROM requires */
1083 return -ASC_INV_FIELD_IN_CMD_PACKET;
1084 }
1085}
1086
996faf1a
AS		 1087static unsigned int event_status_media(IDEState *s,
1088 uint8_t *buf)
1089{
1090 enum media_event_code {
1091 MEC_NO_CHANGE = 0, /* Status unchanged */
1092 MEC_EJECT_REQUESTED, /* received a request from user to eject */
1093 MEC_NEW_MEDIA, /* new media inserted and ready for access */
1094 MEC_MEDIA_REMOVAL, /* only for media changers */
1095 MEC_MEDIA_CHANGED, /* only for media changers */
1096 MEC_BG_FORMAT_COMPLETED, /* MRW or DVD+RW b/g format completed */
1097 MEC_BG_FORMAT_RESTARTED, /* MRW or DVD+RW b/g format restarted */
1098 };
1099 enum media_status {
1100 MS_TRAY_OPEN = 1,
1101 MS_MEDIA_PRESENT = 2,
1102 };
1103 uint8_t event_code, media_status;
1104
1105 media_status = 0;
1106 if (s->bs->tray_open) {
1107 media_status = MS_TRAY_OPEN;
1108 } else if (bdrv_is_inserted(s->bs)) {
1109 media_status = MS_MEDIA_PRESENT;
1110 }
1111
1112 /* Event notification descriptor */
1113 event_code = MEC_NO_CHANGE;
1114 if (media_status != MS_TRAY_OPEN && s->events.new_media) {
1115 event_code = MEC_NEW_MEDIA;
1116 s->events.new_media = false;
1117 }
1118
1119 buf[4] = event_code;
1120 buf[5] = media_status;
1121
1122 /* These fields are reserved, just clear them. */
1123 buf[6] = 0;
1124 buf[7] = 0;
1125
1126 return 8; /* We wrote to 4 extra bytes from the header */
1127}
1128
493accd6
AS		 1129static void handle_get_event_status_notification(IDEState *s,
1130 uint8_t *buf,
1131 const uint8_t *packet)
1132{
8f8e834d
AS		 1133 struct {
1134 uint8_t opcode;
1135 uint8_t polled; /* lsb bit is polled; others are reserved */
1136 uint8_t reserved2[2];
1137 uint8_t class;
1138 uint8_t reserved3[2];
1139 uint16_t len;
1140 uint8_t control;
1141 } __attribute__((packed)) *gesn_cdb;
1142
0af63ba3
AS		 1143 struct {
1144 uint16_t len;
1145 uint8_t notification_class;
1146 uint8_t supported_events;
1147 } __attribute((packed)) *gesn_event_header;
1148
996faf1a
AS		 1149 enum notification_class_request_type {
1150 NCR_RESERVED1 = 1 << 0,
1151 NCR_OPERATIONAL_CHANGE = 1 << 1,
1152 NCR_POWER_MANAGEMENT = 1 << 2,
1153 NCR_EXTERNAL_REQUEST = 1 << 3,
1154 NCR_MEDIA = 1 << 4,
1155 NCR_MULTI_HOST = 1 << 5,
1156 NCR_DEVICE_BUSY = 1 << 6,
1157 NCR_RESERVED2 = 1 << 7,
1158 };
1159 enum event_notification_class_field {
1160 ENC_NO_EVENTS = 0,
1161 ENC_OPERATIONAL_CHANGE,
1162 ENC_POWER_MANAGEMENT,
1163 ENC_EXTERNAL_REQUEST,
1164 ENC_MEDIA,
1165 ENC_MULTIPLE_HOSTS,
1166 ENC_DEVICE_BUSY,
1167 ENC_RESERVED,
1168 };
0af63ba3 1169 unsigned int max_len, used_len;
493accd6 1170
8f8e834d 1171 gesn_cdb = (void *)packet;
0af63ba3
AS		 1172 gesn_event_header = (void *)buf;
1173
8f8e834d 1174 max_len = be16_to_cpu(gesn_cdb->len);
493accd6 1175
8f8e834d
AS		 1176 /* It is fine by the MMC spec to not support async mode operations */
1177 if (!(gesn_cdb->polled & 0x01)) { /* asynchronous mode */
493accd6
AS		 1178 /* Only polling is supported, asynchronous mode is not. */
1179 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1180 ASC_INV_FIELD_IN_CMD_PACKET);
1181 return;
1182 }
1183
0af63ba3
AS		 1184 /* polling mode operation */
1185
996faf1a
AS		 1186 /*
1187 * These are the supported events.
1188 *
1189 * We currently only support requests of the 'media' type.
1190 */
1191 gesn_event_header->supported_events = NCR_MEDIA;
0af63ba3 1192
996faf1a
AS		 1193 /*
1194 * We use |= below to set the class field; other bits in this byte
1195 * are reserved now but this is useful to do if we have to use the
1196 * reserved fields later.
1197 */
1198 gesn_event_header->notification_class = 0;
0af63ba3 1199
996faf1a
AS		 1200 /*
1201 * Responses to requests are to be based on request priority. The
1202 * notification_class_request_type enum above specifies the
1203 * priority: upper elements are higher prio than lower ones.
1204 */
1205 if (gesn_cdb->class & NCR_MEDIA) {
1206 gesn_event_header->notification_class |= ENC_MEDIA;
1207 used_len = event_status_media(s, buf);
1208 } else {
1209 gesn_event_header->notification_class = 0x80; /* No event available */
1210 used_len = sizeof(*gesn_event_header);
1211 }
0af63ba3
AS		 1212 gesn_event_header->len = cpu_to_be16(used_len
1213 - sizeof(*gesn_event_header));
1214 ide_atapi_cmd_reply(s, used_len, max_len);
493accd6
AS		 1215}
1216
5391d806
FB		 1217static void ide_atapi_cmd(IDEState *s)
1218{
1219 const uint8_t *packet;
1220 uint8_t *buf;
1221 int max_len;
1222
1223 packet = s->io_buffer;
1224 buf = s->io_buffer;
1225#ifdef DEBUG_IDE_ATAPI
1226 {
1227 int i;
1228 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1229 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1230 printf(" %02x", packet[i]);
1231 }
1232 printf("\n");
1233 }
1234#endif
0c370a35
AS		 1235 /*
1236 * If there's a UNIT_ATTENTION condition pending, only
1237 * REQUEST_SENSE, INQUIRY, GET_CONFIGURATION and
1238 * GET_EVENT_STATUS_NOTIFICATION commands are allowed to complete.
1239 * MMC-5, section 4.1.6.1 lists only these commands being allowed
1240 * to complete, with other commands getting a CHECK condition
1241 * response unless a higher priority status, defined by the drive
1242 * here, is pending.
1243 */
9118e7f0 1244 if (s->sense_key == SENSE_UNIT_ATTENTION &&
0c370a35
AS		 1245 s->io_buffer[0] != GPCMD_REQUEST_SENSE &&
1246 s->io_buffer[0] != GPCMD_INQUIRY &&
1247 s->io_buffer[0] != GPCMD_GET_EVENT_STATUS_NOTIFICATION) {
1248 ide_atapi_cmd_check_status(s);
1249 return;
9118e7f0 1250 }
5391d806
FB		 1251 switch(s->io_buffer[0]) {
1252 case GPCMD_TEST_UNIT_READY:
93c8cfd9 1253 if (bdrv_is_inserted(s->bs) && !s->cdrom_changed) {
5391d806
FB		 1254 ide_atapi_cmd_ok(s);
1255 } else {
93c8cfd9 1256 s->cdrom_changed = 0;
5fafdf24 1257 ide_atapi_cmd_error(s, SENSE_NOT_READY,
5391d806
FB		 1258 ASC_MEDIUM_NOT_PRESENT);
1259 }
1260 break;
d14049ea 1261 case GPCMD_MODE_SENSE_6:
5391d806
FB		 1262 case GPCMD_MODE_SENSE_10:
1263 {
1264 int action, code;
d14049ea
TS		 1265 if (packet[0] == GPCMD_MODE_SENSE_10)
1266 max_len = ube16_to_cpu(packet + 7);
1267 else
1268 max_len = packet[4];
5391d806
FB		 1269 action = packet[2] >> 6;
1270 code = packet[2] & 0x3f;
1271 switch(action) {
1272 case 0: /* current values */
1273 switch(code) {
a70089ce 1274 case GPMODE_R_W_ERROR_PAGE: /* error recovery */
5391d806
FB		 1275 cpu_to_ube16(&buf[0], 16 + 6);
1276 buf[2] = 0x70;
1277 buf[3] = 0;
1278 buf[4] = 0;
1279 buf[5] = 0;
1280 buf[6] = 0;
1281 buf[7] = 0;
1282
1283 buf[8] = 0x01;
1284 buf[9] = 0x06;
1285 buf[10] = 0x00;
1286 buf[11] = 0x05;
1287 buf[12] = 0x00;
1288 buf[13] = 0x00;
1289 buf[14] = 0x00;
1290 buf[15] = 0x00;
1291 ide_atapi_cmd_reply(s, 16, max_len);
1292 break;
fe0d6123
TLSC		 1293 case GPMODE_AUDIO_CTL_PAGE:
1294 cpu_to_ube16(&buf[0], 24 + 6);
1295 buf[2] = 0x70;
1296 buf[3] = 0;
1297 buf[4] = 0;
1298 buf[5] = 0;
1299 buf[6] = 0;
1300 buf[7] = 0;
1301
1302 /* Fill with CDROM audio volume */
1303 buf[17] = 0;
1304 buf[19] = 0;
1305 buf[21] = 0;
1306 buf[23] = 0;
1307
1308 ide_atapi_cmd_reply(s, 24, max_len);
1309 break;
a70089ce 1310 case GPMODE_CAPABILITIES_PAGE:
5391d806
FB		 1311 cpu_to_ube16(&buf[0], 28 + 6);
1312 buf[2] = 0x70;
1313 buf[3] = 0;
1314 buf[4] = 0;
1315 buf[5] = 0;
1316 buf[6] = 0;
1317 buf[7] = 0;
1318
1319 buf[8] = 0x2a;
1320 buf[9] = 0x12;
0d4a05a1 1321 buf[10] = 0x00;
5391d806 1322 buf[11] = 0x00;
3b46e624 1323
d5b4eb40
AL		 1324 /* Claim PLAY_AUDIO capability (0x01) since some Linux
1325 code checks for this to automount media. */
1326 buf[12] = 0x71;
5391d806
FB		 1327 buf[13] = 3 << 5;
1328 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
caed8802 1329 if (bdrv_is_locked(s->bs))
5391d806
FB		 1330 buf[6] |= 1 << 1;
1331 buf[15] = 0x00;
1332 cpu_to_ube16(&buf[16], 706);
1333 buf[18] = 0;
1334 buf[19] = 2;
1335 cpu_to_ube16(&buf[20], 512);
1336 cpu_to_ube16(&buf[22], 706);
1337 buf[24] = 0;
1338 buf[25] = 0;
1339 buf[26] = 0;
1340 buf[27] = 0;
1341 ide_atapi_cmd_reply(s, 28, max_len);
1342 break;
1343 default:
1344 goto error_cmd;
1345 }
1346 break;
1347 case 1: /* changeable values */
1348 goto error_cmd;
1349 case 2: /* default values */
1350 goto error_cmd;
1351 default:
1352 case 3: /* saved values */
5fafdf24 1353 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
5391d806
FB		 1354 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1355 break;
1356 }
1357 }
1358 break;
1359 case GPCMD_REQUEST_SENSE:
1360 max_len = packet[4];
1361 memset(buf, 0, 18);
1362 buf[0] = 0x70 | (1 << 7);
1363 buf[2] = s->sense_key;
1364 buf[7] = 10;
1365 buf[12] = s->asc;
9118e7f0
AL		 1366 if (s->sense_key == SENSE_UNIT_ATTENTION)
1367 s->sense_key = SENSE_NONE;
5391d806
FB		 1368 ide_atapi_cmd_reply(s, 18, max_len);
1369 break;
1370 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
8aa71917
AS		 1371 bdrv_set_locked(s->bs, packet[4] & 1);
1372 ide_atapi_cmd_ok(s);
5391d806
FB		 1373 break;
1374 case GPCMD_READ_10:
1375 case GPCMD_READ_12:
1376 {
1377 int nb_sectors, lba;
1378
5391d806
FB		 1379 if (packet[0] == GPCMD_READ_10)
1380 nb_sectors = ube16_to_cpu(packet + 7);
1381 else
1382 nb_sectors = ube32_to_cpu(packet + 6);
1383 lba = ube32_to_cpu(packet + 2);
1384 if (nb_sectors == 0) {
1385 ide_atapi_cmd_ok(s);
1386 break;
1387 }
98087450
FB		 1388 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1389 }
1390 break;
1391 case GPCMD_READ_CD:
1392 {
1393 int nb_sectors, lba, transfer_request;
1394
98087450
FB		 1395 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1396 lba = ube32_to_cpu(packet + 2);
1397 if (nb_sectors == 0) {
1398 ide_atapi_cmd_ok(s);
1399 break;
1400 }
98087450
FB		 1401 transfer_request = packet[9];
1402 switch(transfer_request & 0xf8) {
1403 case 0x00:
1404 /* nothing */
1405 ide_atapi_cmd_ok(s);
1406 break;
1407 case 0x10:
1408 /* normal read */
1409 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1410 break;
1411 case 0xf8:
1412 /* read all data */
1413 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1414 break;
1415 default:
5fafdf24 1416 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
98087450
FB		 1417 ASC_INV_FIELD_IN_CMD_PACKET);
1418 break;
1419 }
5391d806
FB		 1420 }
1421 break;
1422 case GPCMD_SEEK:
1423 {
96b8f136
TS		 1424 unsigned int lba;
1425 uint64_t total_sectors;
66c6ef76
FB		 1426
1427 bdrv_get_geometry(s->bs, &total_sectors);
1428 total_sectors >>= 2;
96b8f136 1429 if (total_sectors == 0) {
5fafdf24 1430 ide_atapi_cmd_error(s, SENSE_NOT_READY,
5391d806
FB		 1431 ASC_MEDIUM_NOT_PRESENT);
1432 break;
1433 }
1434 lba = ube32_to_cpu(packet + 2);
66c6ef76 1435 if (lba >= total_sectors) {
5fafdf24 1436 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
5391d806
FB		 1437 ASC_LOGICAL_BLOCK_OOR);
1438 break;
1439 }
1440 ide_atapi_cmd_ok(s);
1441 }
1442 break;
1443 case GPCMD_START_STOP_UNIT:
1444 {
88f2bb58 1445 int start, eject, sense, err = 0;
5391d806
FB		 1446 start = packet[4] & 1;
1447 eject = (packet[4] >> 1) & 1;
3b46e624 1448
aea2a33c
MM		 1449 if (eject) {
1450 err = bdrv_eject(s->bs, !start);
1451 }
1452
1453 switch (err) {
1454 case 0:
1455 ide_atapi_cmd_ok(s);
1456 break;
1457 case -EBUSY:
88f2bb58
AS		 1458 sense = SENSE_NOT_READY;
1459 if (bdrv_is_inserted(s->bs)) {
1460 sense = SENSE_ILLEGAL_REQUEST;
1461 }
1462 ide_atapi_cmd_error(s, sense,
aea2a33c
MM		 1463 ASC_MEDIA_REMOVAL_PREVENTED);
1464 break;
1465 default:
1466 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1467 ASC_MEDIUM_NOT_PRESENT);
1468 break;
caed8802 1469 }
5391d806
FB		 1470 }
1471 break;
1472 case GPCMD_MECHANISM_STATUS:
1473 {
1474 max_len = ube16_to_cpu(packet + 8);
1475 cpu_to_ube16(buf, 0);
1476 /* no current LBA */
1477 buf[2] = 0;
1478 buf[3] = 0;
1479 buf[4] = 0;
1480 buf[5] = 1;
1481 cpu_to_ube16(buf + 6, 0);
1482 ide_atapi_cmd_reply(s, 8, max_len);
1483 }
1484 break;
1485 case GPCMD_READ_TOC_PMA_ATIP:
1486 {
1487 int format, msf, start_track, len;
96b8f136 1488 uint64_t total_sectors;
5391d806 1489
66c6ef76
FB		 1490 bdrv_get_geometry(s->bs, &total_sectors);
1491 total_sectors >>= 2;
96b8f136 1492 if (total_sectors == 0) {
5fafdf24 1493 ide_atapi_cmd_error(s, SENSE_NOT_READY,
5391d806
FB		 1494 ASC_MEDIUM_NOT_PRESENT);
1495 break;
1496 }
1497 max_len = ube16_to_cpu(packet + 7);
1498 format = packet[9] >> 6;
1499 msf = (packet[1] >> 1) & 1;
1500 start_track = packet[6];
1501 switch(format) {
1502 case 0:
66c6ef76 1503 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
5391d806
FB		 1504 if (len < 0)
1505 goto error_cmd;
1506 ide_atapi_cmd_reply(s, len, max_len);
1507 break;
1508 case 1:
1509 /* multi session : only a single session defined */
1510 memset(buf, 0, 12);
1511 buf[1] = 0x0a;
1512 buf[2] = 0x01;
1513 buf[3] = 0x01;
1514 ide_atapi_cmd_reply(s, 12, max_len);
1515 break;
98087450 1516 case 2:
66c6ef76 1517 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
98087450
FB		 1518 if (len < 0)
1519 goto error_cmd;
1520 ide_atapi_cmd_reply(s, len, max_len);
1521 break;
5391d806 1522 default:
7f777bf3 1523 error_cmd:
5fafdf24 1524 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
7f777bf3
FB		 1525 ASC_INV_FIELD_IN_CMD_PACKET);
1526 break;
5391d806
FB		 1527 }
1528 }
1529 break;
1530 case GPCMD_READ_CDVD_CAPACITY:
66c6ef76 1531 {
96b8f136 1532 uint64_t total_sectors;
66c6ef76
FB		 1533
1534 bdrv_get_geometry(s->bs, &total_sectors);
1535 total_sectors >>= 2;
96b8f136 1536 if (total_sectors == 0) {
5fafdf24 1537 ide_atapi_cmd_error(s, SENSE_NOT_READY,
66c6ef76
FB		 1538 ASC_MEDIUM_NOT_PRESENT);
1539 break;
1540 }
1541 /* NOTE: it is really the number of sectors minus 1 */
1542 cpu_to_ube32(buf, total_sectors - 1);
1543 cpu_to_ube32(buf + 4, 2048);
1544 ide_atapi_cmd_reply(s, 8, 8);
5391d806 1545 }
5391d806 1546 break;
d14049ea
TS		 1547 case GPCMD_READ_DVD_STRUCTURE:
1548 {
1549 int media = packet[1];
8114e9e8
TS		 1550 int format = packet[7];
1551 int ret;
d14049ea 1552
8114e9e8 1553 max_len = ube16_to_cpu(packet + 8);
d14049ea 1554
8114e9e8
TS		 1555 if (format < 0xff) {
1556 if (media_is_cd(s)) {
1557 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1558 ASC_INCOMPATIBLE_FORMAT);
1559 break;
1560 } else if (!media_present(s)) {
1561 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1562 ASC_INV_FIELD_IN_CMD_PACKET);
1563 break;
1564 }
1565 }
d14049ea 1566
8114e9e8
TS		 1567 memset(buf, 0, max_len > IDE_DMA_BUF_SECTORS * 512 + 4 ?
1568 IDE_DMA_BUF_SECTORS * 512 + 4 : max_len);
d14049ea 1569
8114e9e8
TS		 1570 switch (format) {
1571 case 0x00 ... 0x7f:
1572 case 0xff:
1573 if (media == 0) {
1574 ret = ide_dvd_read_structure(s, format, packet, buf);
d14049ea 1575
8114e9e8
TS		 1576 if (ret < 0)
1577 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, -ret);
1578 else
1579 ide_atapi_cmd_reply(s, ret, max_len);
d14049ea 1580
8114e9e8
TS		 1581 break;
1582 }
1583 /* TODO: BD support, fall through for now */
1584
1585 /* Generic disk structures */
1586 case 0x80: /* TODO: AACS volume identifier */
1587 case 0x81: /* TODO: AACS media serial number */
1588 case 0x82: /* TODO: AACS media identifier */
1589 case 0x83: /* TODO: AACS media key block */
1590 case 0x90: /* TODO: List of recognized format layers */
1591 case 0xc0: /* TODO: Write protection status */
d14049ea
TS		 1592 default:
1593 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1594 ASC_INV_FIELD_IN_CMD_PACKET);
1595 break;
1596 }
1597 }
1598 break;
1599 case GPCMD_SET_SPEED:
1600 ide_atapi_cmd_ok(s);
1601 break;
bd0d90b2
FB		 1602 case GPCMD_INQUIRY:
1603 max_len = packet[4];
1604 buf[0] = 0x05; /* CD-ROM */
1605 buf[1] = 0x80; /* removable */
1606 buf[2] = 0x00; /* ISO */
1607 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
aa1f17c1 1608 buf[4] = 31; /* additional length */
bd0d90b2
FB		 1609 buf[5] = 0; /* reserved */
1610 buf[6] = 0; /* reserved */
1611 buf[7] = 0; /* reserved */
1612 padstr8(buf + 8, 8, "QEMU");
38cdea7c 1613 padstr8(buf + 16, 16, "QEMU DVD-ROM");
47c06340 1614 padstr8(buf + 32, 4, s->version);
bd0d90b2
FB		 1615 ide_atapi_cmd_reply(s, 36, max_len);
1616 break;
d14049ea
TS		 1617 case GPCMD_GET_CONFIGURATION:
1618 {
38cdea7c 1619 uint32_t len;
091d055b 1620 uint8_t index = 0;
d14049ea
TS		 1621
1622 /* only feature 0 is supported */
1623 if (packet[2] != 0 || packet[3] != 0) {
1624 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1625 ASC_INV_FIELD_IN_CMD_PACKET);
1626 break;
1627 }
38cdea7c
AZ		 1628
1629 /* XXX: could result in alignment problems in some architectures */
1630 max_len = ube16_to_cpu(packet + 7);
091d055b 1631
38cdea7c 1632 /*
091d055b
AZ		 1633 * XXX: avoid overflow for io_buffer if max_len is bigger than
1634 * the size of that buffer (dimensioned to max number of
1635 * sectors to transfer at once)
38cdea7c 1636 *
091d055b 1637 * Only a problem if the feature/profiles grow.
38cdea7c
AZ		 1638 */
1639 if (max_len > 512) /* XXX: assume 1 sector */
1640 max_len = 512;
1641
1642 memset(buf, 0, max_len);
1643 /*
1644 * the number of sectors from the media tells us which profile
1645 * to use as current. 0 means there is no media
38cdea7c 1646 */
8114e9e8
TS		 1647 if (media_is_dvd(s))
1648 cpu_to_ube16(buf + 6, MMC_PROFILE_DVD_ROM);
1649 else if (media_is_cd(s))
1650 cpu_to_ube16(buf + 6, MMC_PROFILE_CD_ROM);
38cdea7c 1651
091d055b
AZ		 1652 buf[10] = 0x02 | 0x01; /* persistent and current */
1653 len = 12; /* headers: 8 + 4 */
1654 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_DVD_ROM);
1655 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_CD_ROM);
38cdea7c
AZ		 1656 cpu_to_ube32(buf, len - 4); /* data length */
1657
1658 ide_atapi_cmd_reply(s, len, max_len);
d14049ea
TS		 1659 break;
1660 }
253cb7b9 1661 case GPCMD_GET_EVENT_STATUS_NOTIFICATION:
493accd6 1662 handle_get_event_status_notification(s, buf, packet);
253cb7b9 1663 break;
5391d806 1664 default:
5fafdf24 1665 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
7f777bf3 1666 ASC_ILLEGAL_OPCODE);
5391d806
FB		 1667 break;
1668 }
1669}
1670
201a51fc
AZ		 1671static void ide_cfata_metadata_inquiry(IDEState *s)
1672{
1673 uint16_t *p;
1674 uint32_t spd;
1675
1676 p = (uint16_t *) s->io_buffer;
1677 memset(p, 0, 0x200);
1678 spd = ((s->mdata_size - 1) >> 9) + 1;
1679
1680 put_le16(p + 0, 0x0001); /* Data format revision */
1681 put_le16(p + 1, 0x0000); /* Media property: silicon */
1682 put_le16(p + 2, s->media_changed); /* Media status */
1683 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
1684 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
1685 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
1686 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
1687}
1688
1689static void ide_cfata_metadata_read(IDEState *s)
1690{
1691 uint16_t *p;
1692
1693 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1694 s->status = ERR_STAT;
1695 s->error = ABRT_ERR;
1696 return;
1697 }
1698
1699 p = (uint16_t *) s->io_buffer;
1700 memset(p, 0, 0x200);
1701
1702 put_le16(p + 0, s->media_changed); /* Media status */
1703 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1704 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1705 s->nsector << 9), 0x200 - 2));
1706}
1707
1708static void ide_cfata_metadata_write(IDEState *s)
1709{
1710 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1711 s->status = ERR_STAT;
1712 s->error = ABRT_ERR;
1713 return;
1714 }
1715
1716 s->media_changed = 0;
1717
1718 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1719 s->io_buffer + 2,
1720 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1721 s->nsector << 9), 0x200 - 2));
1722}
1723
bd491d6a 1724/* called when the inserted state of the media has changed */
db97ee6a 1725static void cdrom_change_cb(void *opaque, int reason)
bd491d6a
TS		 1726{
1727 IDEState *s = opaque;
96b8f136 1728 uint64_t nb_sectors;
bd491d6a 1729
db97ee6a
CH		 1730 if (!(reason & CHANGE_MEDIA)) {
1731 return;
1732 }
1733
bd491d6a
TS		 1734 bdrv_get_geometry(s->bs, &nb_sectors);
1735 s->nb_sectors = nb_sectors;
9118e7f0
AL		 1736
1737 s->sense_key = SENSE_UNIT_ATTENTION;
1738 s->asc = ASC_MEDIUM_MAY_HAVE_CHANGED;
93c8cfd9 1739 s->cdrom_changed = 1;
996faf1a 1740 s->events.new_media = true;
9cdd03a7 1741 ide_set_irq(s->bus);
bd491d6a
TS		 1742}
1743
c2ff060f
FB		 1744static void ide_cmd_lba48_transform(IDEState *s, int lba48)
1745{
1746 s->lba48 = lba48;
1747
1748 /* handle the 'magic' 0 nsector count conversion here. to avoid
1749 * fiddling with the rest of the read logic, we just store the
1750 * full sector count in ->nsector and ignore ->hob_nsector from now
1751 */
1752 if (!s->lba48) {
1753 if (!s->nsector)
1754 s->nsector = 256;
1755 } else {
1756 if (!s->nsector && !s->hob_nsector)
1757 s->nsector = 65536;
1758 else {
1759 int lo = s->nsector;
1760 int hi = s->hob_nsector;
1761
1762 s->nsector = (hi << 8) | lo;
1763 }
1764 }
1765}
1766
bcbdc4d3 1767static void ide_clear_hob(IDEBus *bus)
c2ff060f
FB		 1768{
1769 /* any write clears HOB high bit of device control register */
bcbdc4d3
GH		 1770 bus->ifs[0].select &= ~(1 << 7);
1771 bus->ifs[1].select &= ~(1 << 7);
c2ff060f
FB		 1772}
1773
356721ae 1774void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
caed8802 1775{
bcbdc4d3 1776 IDEBus *bus = opaque;
5391d806
FB		 1777
1778#ifdef DEBUG_IDE
1779 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1780#endif
c2ff060f 1781
5391d806 1782 addr &= 7;
fcdd25ab
AL		 1783
1784 /* ignore writes to command block while busy with previous command */
bcbdc4d3 1785 if (addr != 7 && (idebus_active_if(bus)->status & (BUSY_STAT|DRQ_STAT)))
fcdd25ab
AL		 1786 return;
1787
5391d806
FB		 1788 switch(addr) {
1789 case 0:
1790 break;
1791 case 1:
bcbdc4d3 1792 ide_clear_hob(bus);
c45c3d00 1793 /* NOTE: data is written to the two drives */
bcbdc4d3
GH		 1794 bus->ifs[0].hob_feature = bus->ifs[0].feature;
1795 bus->ifs[1].hob_feature = bus->ifs[1].feature;
1796 bus->ifs[0].feature = val;
1797 bus->ifs[1].feature = val;
5391d806
FB		 1798 break;
1799 case 2:
bcbdc4d3
GH		 1800 ide_clear_hob(bus);
1801 bus->ifs[0].hob_nsector = bus->ifs[0].nsector;
1802 bus->ifs[1].hob_nsector = bus->ifs[1].nsector;
1803 bus->ifs[0].nsector = val;
1804 bus->ifs[1].nsector = val;
5391d806
FB		 1805 break;
1806 case 3:
bcbdc4d3
GH		 1807 ide_clear_hob(bus);
1808 bus->ifs[0].hob_sector = bus->ifs[0].sector;
1809 bus->ifs[1].hob_sector = bus->ifs[1].sector;
1810 bus->ifs[0].sector = val;
1811 bus->ifs[1].sector = val;
5391d806
FB		 1812 break;
1813 case 4:
bcbdc4d3
GH		 1814 ide_clear_hob(bus);
1815 bus->ifs[0].hob_lcyl = bus->ifs[0].lcyl;
1816 bus->ifs[1].hob_lcyl = bus->ifs[1].lcyl;
1817 bus->ifs[0].lcyl = val;
1818 bus->ifs[1].lcyl = val;
5391d806
FB		 1819 break;
1820 case 5:
bcbdc4d3
GH		 1821 ide_clear_hob(bus);
1822 bus->ifs[0].hob_hcyl = bus->ifs[0].hcyl;
1823 bus->ifs[1].hob_hcyl = bus->ifs[1].hcyl;
1824 bus->ifs[0].hcyl = val;
1825 bus->ifs[1].hcyl = val;
5391d806
FB		 1826 break;
1827 case 6:
c2ff060f 1828 /* FIXME: HOB readback uses bit 7 */
bcbdc4d3
GH		 1829 bus->ifs[0].select = (val & ~0x10) | 0xa0;
1830 bus->ifs[1].select = (val | 0x10) | 0xa0;
5391d806 1831 /* select drive */
bcbdc4d3 1832 bus->unit = (val >> 4) & 1;
5391d806
FB		 1833 break;
1834 default:
1835 case 7:
1836 /* command */
7cff87ff
AG		 1837 ide_exec_cmd(bus, val);
1838 break;
1839 }
1840}
1841
1842
1843void ide_exec_cmd(IDEBus *bus, uint32_t val)
1844{
1845 IDEState *s;
1846 int n;
1847 int lba48 = 0;
1848
5391d806 1849#if defined(DEBUG_IDE)
6ef2ba5e 1850 printf("ide: CMD=%02x\n", val);
5391d806 1851#endif
6ef2ba5e
AG		 1852 s = idebus_active_if(bus);
1853 /* ignore commands to non existant slave */
1854 if (s != bus->ifs && !s->bs)
1855 return;
c2ff060f 1856
6ef2ba5e
AG		 1857 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */
1858 if ((s->status & (BUSY_STAT|DRQ_STAT)) && val != WIN_DEVICE_RESET)
1859 return;
fcdd25ab 1860
6ef2ba5e
AG		 1861 switch(val) {
1862 case WIN_IDENTIFY:
1863 if (s->bs && s->drive_kind != IDE_CD) {
1864 if (s->drive_kind != IDE_CFATA)
1865 ide_identify(s);
1866 else
1867 ide_cfata_identify(s);
769bec72 1868 s->status = READY_STAT | SEEK_STAT;
6ef2ba5e
AG		 1869 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1870 } else {
1871 if (s->drive_kind == IDE_CD) {
1872 ide_set_signature(s);
5391d806 1873 }
6ef2ba5e
AG		 1874 ide_abort_command(s);
1875 }
1876 ide_set_irq(s->bus);
1877 break;
1878 case WIN_SPECIFY:
1879 case WIN_RECAL:
1880 s->error = 0;
1881 s->status = READY_STAT | SEEK_STAT;
1882 ide_set_irq(s->bus);
1883 break;
1884 case WIN_SETMULT:
1885 if (s->drive_kind == IDE_CFATA && s->nsector == 0) {
1886 /* Disable Read and Write Multiple */
1887 s->mult_sectors = 0;
41a2b959 1888 s->status = READY_STAT | SEEK_STAT;
6ef2ba5e
AG		 1889 } else if ((s->nsector & 0xff) != 0 &&
1890 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
1891 (s->nsector & (s->nsector - 1)) != 0)) {
1892 ide_abort_command(s);
1893 } else {
1894 s->mult_sectors = s->nsector & 0xff;
1895 s->status = READY_STAT | SEEK_STAT;
1896 }
1897 ide_set_irq(s->bus);
1898 break;
1899 case WIN_VERIFY_EXT:
1900 lba48 = 1;
1901 case WIN_VERIFY:
1902 case WIN_VERIFY_ONCE:
1903 /* do sector number check ? */
1904 ide_cmd_lba48_transform(s, lba48);
1905 s->status = READY_STAT | SEEK_STAT;
1906 ide_set_irq(s->bus);
1907 break;
c2ff060f 1908 case WIN_READ_EXT:
6ef2ba5e
AG		 1909 lba48 = 1;
1910 case WIN_READ:
1911 case WIN_READ_ONCE:
1912 if (!s->bs)
1913 goto abort_cmd;
1914 ide_cmd_lba48_transform(s, lba48);
1915 s->req_nb_sectors = 1;
1916 ide_sector_read(s);
1917 break;
c2ff060f 1918 case WIN_WRITE_EXT:
6ef2ba5e
AG		 1919 lba48 = 1;
1920 case WIN_WRITE:
1921 case WIN_WRITE_ONCE:
1922 case CFA_WRITE_SECT_WO_ERASE:
1923 case WIN_WRITE_VERIFY:
1924 ide_cmd_lba48_transform(s, lba48);
1925 s->error = 0;
1926 s->status = SEEK_STAT | READY_STAT;
1927 s->req_nb_sectors = 1;
1928 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1929 s->media_changed = 1;
1930 break;
c2ff060f 1931 case WIN_MULTREAD_EXT:
6ef2ba5e
AG		 1932 lba48 = 1;
1933 case WIN_MULTREAD:
1934 if (!s->mult_sectors)
1935 goto abort_cmd;
1936 ide_cmd_lba48_transform(s, lba48);
1937 s->req_nb_sectors = s->mult_sectors;
1938 ide_sector_read(s);
1939 break;
1940 case WIN_MULTWRITE_EXT:
1941 lba48 = 1;
1942 case WIN_MULTWRITE:
1943 case CFA_WRITE_MULTI_WO_ERASE:
1944 if (!s->mult_sectors)
1945 goto abort_cmd;
1946 ide_cmd_lba48_transform(s, lba48);
1947 s->error = 0;
1948 s->status = SEEK_STAT | READY_STAT;
1949 s->req_nb_sectors = s->mult_sectors;
1950 n = s->nsector;
1951 if (n > s->req_nb_sectors)
1952 n = s->req_nb_sectors;
1953 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1954 s->media_changed = 1;
1955 break;
c2ff060f 1956 case WIN_READDMA_EXT:
6ef2ba5e
AG		 1957 lba48 = 1;
1958 case WIN_READDMA:
1959 case WIN_READDMA_ONCE:
1960 if (!s->bs)
1961 goto abort_cmd;
1962 ide_cmd_lba48_transform(s, lba48);
cd369c46 1963 ide_sector_start_dma(s, 1);
6ef2ba5e 1964 break;
c2ff060f 1965 case WIN_WRITEDMA_EXT:
6ef2ba5e
AG		 1966 lba48 = 1;
1967 case WIN_WRITEDMA:
1968 case WIN_WRITEDMA_ONCE:
1969 if (!s->bs)
1970 goto abort_cmd;
1971 ide_cmd_lba48_transform(s, lba48);
cd369c46 1972 ide_sector_start_dma(s, 0);
6ef2ba5e
AG		 1973 s->media_changed = 1;
1974 break;
1975 case WIN_READ_NATIVE_MAX_EXT:
1976 lba48 = 1;
1977 case WIN_READ_NATIVE_MAX:
1978 ide_cmd_lba48_transform(s, lba48);
1979 ide_set_sector(s, s->nb_sectors - 1);
1980 s->status = READY_STAT | SEEK_STAT;
1981 ide_set_irq(s->bus);
1982 break;
1983 case WIN_CHECKPOWERMODE1:
1984 case WIN_CHECKPOWERMODE2:
b93af93d 1985 s->error = 0;
6ef2ba5e
AG		 1986 s->nsector = 0xff; /* device active or idle */
1987 s->status = READY_STAT | SEEK_STAT;
1988 ide_set_irq(s->bus);
1989 break;
1990 case WIN_SETFEATURES:
1991 if (!s->bs)
1992 goto abort_cmd;
1993 /* XXX: valid for CDROM ? */
1994 switch(s->feature) {
1995 case 0xcc: /* reverting to power-on defaults enable */
1996 case 0x66: /* reverting to power-on defaults disable */
1997 case 0x02: /* write cache enable */
1998 case 0x82: /* write cache disable */
1999 case 0xaa: /* read look-ahead enable */
2000 case 0x55: /* read look-ahead disable */
2001 case 0x05: /* set advanced power management mode */
2002 case 0x85: /* disable advanced power management mode */
2003 case 0x69: /* NOP */
2004 case 0x67: /* NOP */
2005 case 0x96: /* NOP */
2006 case 0x9a: /* NOP */
2007 case 0x42: /* enable Automatic Acoustic Mode */
2008 case 0xc2: /* disable Automatic Acoustic Mode */
41a2b959 2009 s->status = READY_STAT | SEEK_STAT;
9cdd03a7 2010 ide_set_irq(s->bus);
a136e5a8 2011 break;
6ef2ba5e 2012 case 0x03: { /* set transfer mode */
94458802 2013 uint8_t val = s->nsector & 0x07;
6ef2ba5e 2014 uint16_t *identify_data = (uint16_t *)s->identify_data;
94458802
FB		 2015
2016 switch (s->nsector >> 3) {
6ef2ba5e
AG		 2017 case 0x00: /* pio default */
2018 case 0x01: /* pio mode */
96c35ceb
JQ		 2019 put_le16(identify_data + 62,0x07);
2020 put_le16(identify_data + 63,0x07);
2021 put_le16(identify_data + 88,0x3f);
d1b5c20d 2022 break;
6ef2ba5e 2023 case 0x02: /* sigle word dma mode*/
96c35ceb
JQ		 2024 put_le16(identify_data + 62,0x07 | (1 << (val + 8)));
2025 put_le16(identify_data + 63,0x07);
2026 put_le16(identify_data + 88,0x3f);
94458802 2027 break;
6ef2ba5e 2028 case 0x04: /* mdma mode */
96c35ceb
JQ		 2029 put_le16(identify_data + 62,0x07);
2030 put_le16(identify_data + 63,0x07 | (1 << (val + 8)));
2031 put_le16(identify_data + 88,0x3f);
94458802 2032 break;
6ef2ba5e 2033 case 0x08: /* udma mode */
96c35ceb
JQ		 2034 put_le16(identify_data + 62,0x07);
2035 put_le16(identify_data + 63,0x07);
2036 put_le16(identify_data + 88,0x3f | (1 << (val + 8)));
94458802 2037 break;
6ef2ba5e 2038 default:
94458802
FB		 2039 goto abort_cmd;
2040 }
4fbfcd6d 2041 s->status = READY_STAT | SEEK_STAT;
9cdd03a7 2042 ide_set_irq(s->bus);
4fbfcd6d 2043 break;
6ef2ba5e
AG		 2044 }
2045 default:
2046 goto abort_cmd;
2047 }
2048 break;
2049 case WIN_FLUSH_CACHE:
2050 case WIN_FLUSH_CACHE_EXT:
2051 ide_flush_cache(s);
2052 break;
2053 case WIN_STANDBY:
2054 case WIN_STANDBY2:
2055 case WIN_STANDBYNOW1:
2056 case WIN_STANDBYNOW2:
2057 case WIN_IDLEIMMEDIATE:
2058 case CFA_IDLEIMMEDIATE:
2059 case WIN_SETIDLE1:
2060 case WIN_SETIDLE2:
2061 case WIN_SLEEPNOW1:
2062 case WIN_SLEEPNOW2:
2063 s->status = READY_STAT;
2064 ide_set_irq(s->bus);
2065 break;
2066 case WIN_SEEK:
2067 if(s->drive_kind == IDE_CD)
2068 goto abort_cmd;
2069 /* XXX: Check that seek is within bounds */
2070 s->status = READY_STAT | SEEK_STAT;
2071 ide_set_irq(s->bus);
2072 break;
2073 /* ATAPI commands */
2074 case WIN_PIDENTIFY:
2075 if (s->drive_kind == IDE_CD) {
2076 ide_atapi_identify(s);
41a2b959 2077 s->status = READY_STAT | SEEK_STAT;
6ef2ba5e
AG		 2078 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2079 } else {
2080 ide_abort_command(s);
2081 }
2082 ide_set_irq(s->bus);
2083 break;
2084 case WIN_DIAGNOSE:
2085 ide_set_signature(s);
2086 if (s->drive_kind == IDE_CD)
2087 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet
2088 * devices to return a clear status register
2089 * with READY_STAT *not* set. */
2090 else
41a2b959 2091 s->status = READY_STAT | SEEK_STAT;
6ef2ba5e
AG		 2092 s->error = 0x01; /* Device 0 passed, Device 1 passed or not
2093 * present.
2094 */
2095 ide_set_irq(s->bus);
2096 break;
2097 case WIN_SRST:
2098 if (s->drive_kind != IDE_CD)
2099 goto abort_cmd;
2100 ide_set_signature(s);
2101 s->status = 0x00; /* NOTE: READY is _not_ set */
2102 s->error = 0x01;
2103 break;
2104 case WIN_PACKETCMD:
2105 if (s->drive_kind != IDE_CD)
2106 goto abort_cmd;
2107 /* overlapping commands not supported */
2108 if (s->feature & 0x02)
2109 goto abort_cmd;
2110 s->status = READY_STAT | SEEK_STAT;
2111 s->atapi_dma = s->feature & 1;
2112 s->nsector = 1;
2113 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
2114 ide_atapi_cmd);
2115 break;
2116 /* CF-ATA commands */
2117 case CFA_REQ_EXT_ERROR_CODE:
2118 if (s->drive_kind != IDE_CFATA)
2119 goto abort_cmd;
2120 s->error = 0x09; /* miscellaneous error */
2121 s->status = READY_STAT | SEEK_STAT;
2122 ide_set_irq(s->bus);
2123 break;
2124 case CFA_ERASE_SECTORS:
2125 case CFA_WEAR_LEVEL:
2126 if (s->drive_kind != IDE_CFATA)
2127 goto abort_cmd;
2128 if (val == CFA_WEAR_LEVEL)
2129 s->nsector = 0;
2130 if (val == CFA_ERASE_SECTORS)
2131 s->media_changed = 1;
2132 s->error = 0x00;
2133 s->status = READY_STAT | SEEK_STAT;
2134 ide_set_irq(s->bus);
2135 break;
2136 case CFA_TRANSLATE_SECTOR:
2137 if (s->drive_kind != IDE_CFATA)
2138 goto abort_cmd;
2139 s->error = 0x00;
2140 s->status = READY_STAT | SEEK_STAT;
2141 memset(s->io_buffer, 0, 0x200);
2142 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
2143 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
2144 s->io_buffer[0x02] = s->select; /* Head */
2145 s->io_buffer[0x03] = s->sector; /* Sector */
2146 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
2147 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
2148 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
2149 s->io_buffer[0x13] = 0x00; /* Erase flag */
2150 s->io_buffer[0x18] = 0x00; /* Hot count */
2151 s->io_buffer[0x19] = 0x00; /* Hot count */
2152 s->io_buffer[0x1a] = 0x01; /* Hot count */
2153 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2154 ide_set_irq(s->bus);
2155 break;
2156 case CFA_ACCESS_METADATA_STORAGE:
2157 if (s->drive_kind != IDE_CFATA)
2158 goto abort_cmd;
2159 switch (s->feature) {
2160 case 0x02: /* Inquiry Metadata Storage */
2161 ide_cfata_metadata_inquiry(s);
201a51fc 2162 break;
6ef2ba5e
AG		 2163 case 0x03: /* Read Metadata Storage */
2164 ide_cfata_metadata_read(s);
201a51fc 2165 break;
6ef2ba5e
AG		 2166 case 0x04: /* Write Metadata Storage */
2167 ide_cfata_metadata_write(s);
201a51fc 2168 break;
6ef2ba5e
AG		 2169 default:
2170 goto abort_cmd;
2171 }
2172 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2173 s->status = 0x00; /* NOTE: READY is _not_ set */
2174 ide_set_irq(s->bus);
2175 break;
2176 case IBM_SENSE_CONDITION:
2177 if (s->drive_kind != IDE_CFATA)
2178 goto abort_cmd;
2179 switch (s->feature) {
2180 case 0x01: /* sense temperature in device */
2181 s->nsector = 0x50; /* +20 C */
201a51fc 2182 break;
6ef2ba5e
AG		 2183 default:
2184 goto abort_cmd;
2185 }
2186 s->status = READY_STAT | SEEK_STAT;
2187 ide_set_irq(s->bus);
2188 break;
e8b54394
BW		 2189
2190 case WIN_SMART:
6ef2ba5e 2191 if (s->drive_kind == IDE_CD)
e8b54394 2192 goto abort_cmd;
6ef2ba5e 2193 if (s->hcyl != 0xc2 || s->lcyl != 0x4f)
e8b54394 2194 goto abort_cmd;
6ef2ba5e 2195 if (!s->smart_enabled && s->feature != SMART_ENABLE)
e8b54394 2196 goto abort_cmd;
6ef2ba5e
AG		 2197 switch (s->feature) {
2198 case SMART_DISABLE:
e8b54394
BW		 2199 s->smart_enabled = 0;
2200 s->status = READY_STAT | SEEK_STAT;
9cdd03a7 2201 ide_set_irq(s->bus);
e8b54394 2202 break;
6ef2ba5e 2203 case SMART_ENABLE:
e8b54394
BW		 2204 s->smart_enabled = 1;
2205 s->status = READY_STAT | SEEK_STAT;
9cdd03a7 2206 ide_set_irq(s->bus);
e8b54394 2207 break;
6ef2ba5e 2208 case SMART_ATTR_AUTOSAVE:
e8b54394
BW		 2209 switch (s->sector) {
2210 case 0x00:
6ef2ba5e
AG		 2211 s->smart_autosave = 0;
2212 break;
e8b54394 2213 case 0xf1:
6ef2ba5e
AG		 2214 s->smart_autosave = 1;
2215 break;
e8b54394 2216 default:
6ef2ba5e 2217 goto abort_cmd;
e8b54394
BW		 2218 }
2219 s->status = READY_STAT | SEEK_STAT;
9cdd03a7 2220 ide_set_irq(s->bus);
e8b54394 2221 break;
6ef2ba5e 2222 case SMART_STATUS:
e8b54394 2223 if (!s->smart_errors) {
6ef2ba5e
AG		 2224 s->hcyl = 0xc2;
2225 s->lcyl = 0x4f;
e8b54394 2226 } else {
6ef2ba5e
AG		 2227 s->hcyl = 0x2c;
2228 s->lcyl = 0xf4;
e8b54394
BW		 2229 }
2230 s->status = READY_STAT | SEEK_STAT;
9cdd03a7 2231 ide_set_irq(s->bus);
e8b54394 2232 break;
6ef2ba5e 2233 case SMART_READ_THRESH:
e8b54394
BW		 2234 memset(s->io_buffer, 0, 0x200);
2235 s->io_buffer[0] = 0x01; /* smart struct version */
2236 for (n=0; n<30; n++) {
6ef2ba5e 2237 if (smart_attributes[n][0] == 0)
e8b54394 2238 break;
6ef2ba5e 2239 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0];
b93af93d 2240 s->io_buffer[2+1+(n*12)] = smart_attributes[n][11];
e8b54394
BW		 2241 }
2242 for (n=0; n<511; n++) /* checksum */
6ef2ba5e 2243 s->io_buffer[511] += s->io_buffer[n];
e8b54394
BW		 2244 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2245 s->status = READY_STAT | SEEK_STAT;
2246 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
9cdd03a7 2247 ide_set_irq(s->bus);
e8b54394 2248 break;
6ef2ba5e 2249 case SMART_READ_DATA:
e8b54394
BW		 2250 memset(s->io_buffer, 0, 0x200);
2251 s->io_buffer[0] = 0x01; /* smart struct version */
2252 for (n=0; n<30; n++) {
b93af93d 2253 if (smart_attributes[n][0] == 0) {
e8b54394 2254 break;
b93af93d
BW		 2255 }
2256 int i;
2257 for(i = 0; i < 11; i++) {
2258 s->io_buffer[2+i+(n*12)] = smart_attributes[n][i];
2259 }
e8b54394
BW		 2260 }
2261 s->io_buffer[362] = 0x02 | (s->smart_autosave?0x80:0x00);
2262 if (s->smart_selftest_count == 0) {
6ef2ba5e 2263 s->io_buffer[363] = 0;
e8b54394 2264 } else {
6ef2ba5e 2265 s->io_buffer[363] =
e8b54394 2266 s->smart_selftest_data[3 +
6ef2ba5e
AG		 2267 (s->smart_selftest_count - 1) *
2268 24];
e8b54394
BW		 2269 }
2270 s->io_buffer[364] = 0x20;
2271 s->io_buffer[365] = 0x01;
2272 /* offline data collection capacity: execute + self-test*/
2273 s->io_buffer[367] = (1<<4 | 1<<3 | 1);
2274 s->io_buffer[368] = 0x03; /* smart capability (1) */
2275 s->io_buffer[369] = 0x00; /* smart capability (2) */
2276 s->io_buffer[370] = 0x01; /* error logging supported */
2277 s->io_buffer[372] = 0x02; /* minutes for poll short test */
2278 s->io_buffer[373] = 0x36; /* minutes for poll ext test */
2279 s->io_buffer[374] = 0x01; /* minutes for poll conveyance */
2280
2281 for (n=0; n<511; n++)
6ef2ba5e 2282 s->io_buffer[511] += s->io_buffer[n];
e8b54394
BW		 2283 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2284 s->status = READY_STAT | SEEK_STAT;
2285 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
9cdd03a7 2286 ide_set_irq(s->bus);
e8b54394 2287 break;
6ef2ba5e 2288 case SMART_READ_LOG:
e8b54394
BW		 2289 switch (s->sector) {
2290 case 0x01: /* summary smart error log */
6ef2ba5e
AG		 2291 memset(s->io_buffer, 0, 0x200);
2292 s->io_buffer[0] = 0x01;
2293 s->io_buffer[1] = 0x00; /* no error entries */
2294 s->io_buffer[452] = s->smart_errors & 0xff;
2295 s->io_buffer[453] = (s->smart_errors & 0xff00) >> 8;
e8b54394 2296
6ef2ba5e 2297 for (n=0; n<511; n++)
e8b54394 2298 s->io_buffer[511] += s->io_buffer[n];
6ef2ba5e
AG		 2299 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2300 break;
e8b54394 2301 case 0x06: /* smart self test log */
6ef2ba5e
AG		 2302 memset(s->io_buffer, 0, 0x200);
2303 s->io_buffer[0] = 0x01;
2304 if (s->smart_selftest_count == 0) {
e8b54394 2305 s->io_buffer[508] = 0;
6ef2ba5e 2306 } else {
e8b54394
BW		 2307 s->io_buffer[508] = s->smart_selftest_count;
2308 for (n=2; n<506; n++)
6ef2ba5e
AG		 2309 s->io_buffer[n] = s->smart_selftest_data[n];
2310 }
2311 for (n=0; n<511; n++)
e8b54394 2312 s->io_buffer[511] += s->io_buffer[n];
6ef2ba5e
AG		 2313 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2314 break;
e8b54394 2315 default:
6ef2ba5e 2316 goto abort_cmd;
e8b54394
BW		 2317 }
2318 s->status = READY_STAT | SEEK_STAT;
2319 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
9cdd03a7 2320 ide_set_irq(s->bus);
e8b54394 2321 break;
6ef2ba5e 2322 case SMART_EXECUTE_OFFLINE:
e8b54394
BW		 2323 switch (s->sector) {
2324 case 0: /* off-line routine */
2325 case 1: /* short self test */
2326 case 2: /* extended self test */
6ef2ba5e
AG		 2327 s->smart_selftest_count++;
2328 if(s->smart_selftest_count > 21)
e8b54394 2329 s->smart_selftest_count = 0;
6ef2ba5e
AG		 2330 n = 2 + (s->smart_selftest_count - 1) * 24;
2331 s->smart_selftest_data[n] = s->sector;
2332 s->smart_selftest_data[n+1] = 0x00; /* OK and finished */
2333 s->smart_selftest_data[n+2] = 0x34; /* hour count lsb */
2334 s->smart_selftest_data[n+3] = 0x12; /* hour count msb */
2335 s->status = READY_STAT | SEEK_STAT;
2336 ide_set_irq(s->bus);
2337 break;
e8b54394 2338 default:
6ef2ba5e 2339 goto abort_cmd;
e8b54394
BW		 2340 }
2341 break;
6ef2ba5e 2342 default:
e8b54394 2343 goto abort_cmd;
6ef2ba5e
AG		 2344 }
2345 break;
2346 default:
2347 abort_cmd:
2348 ide_abort_command(s);
2349 ide_set_irq(s->bus);
2350 break;
2351 }
5391d806
FB		 2352}
2353
356721ae 2354uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
5391d806 2355{
bcbdc4d3
GH		 2356 IDEBus *bus = opaque;
2357 IDEState *s = idebus_active_if(bus);
5391d806 2358 uint32_t addr;
c2ff060f 2359 int ret, hob;
5391d806
FB		 2360
2361 addr = addr1 & 7;
c2ff060f
FB		 2362 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2363 //hob = s->select & (1 << 7);
2364 hob = 0;
5391d806
FB		 2365 switch(addr) {
2366 case 0:
2367 ret = 0xff;
2368 break;
2369 case 1:
bcbdc4d3
GH		 2370 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2371 (s != bus->ifs && !s->bs))
c45c3d00 2372 ret = 0;
c2ff060f 2373 else if (!hob)
c45c3d00 2374 ret = s->error;
c2ff060f
FB		 2375 else
2376 ret = s->hob_feature;
5391d806
FB		 2377 break;
2378 case 2:
bcbdc4d3 2379 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
c45c3d00 2380 ret = 0;
c2ff060f 2381 else if (!hob)
c45c3d00 2382 ret = s->nsector & 0xff;
c2ff060f
FB		 2383 else
2384 ret = s->hob_nsector;
5391d806
FB		 2385 break;
2386 case 3:
bcbdc4d3 2387 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
c45c3d00 2388 ret = 0;
c2ff060f 2389 else if (!hob)
c45c3d00 2390 ret = s->sector;
c2ff060f
FB		 2391 else
2392 ret = s->hob_sector;
5391d806
FB		 2393 break;
2394 case 4:
bcbdc4d3 2395 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
c45c3d00 2396 ret = 0;
c2ff060f 2397 else if (!hob)
c45c3d00 2398 ret = s->lcyl;
c2ff060f
FB		 2399 else
2400 ret = s->hob_lcyl;
5391d806
FB		 2401 break;
2402 case 5:
bcbdc4d3 2403 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
c45c3d00 2404 ret = 0;
c2ff060f 2405 else if (!hob)
c45c3d00 2406 ret = s->hcyl;
c2ff060f
FB		 2407 else
2408 ret = s->hob_hcyl;
5391d806
FB		 2409 break;
2410 case 6:
bcbdc4d3 2411 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
c45c3d00
FB		 2412 ret = 0;
2413 else
7ae98627 2414 ret = s->select;
5391d806
FB		 2415 break;
2416 default:
2417 case 7:
bcbdc4d3
GH		 2418 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2419 (s != bus->ifs && !s->bs))
c45c3d00
FB		 2420 ret = 0;
2421 else
2422 ret = s->status;
9cdd03a7 2423 qemu_irq_lower(bus->irq);
5391d806
FB		 2424 break;
2425 }
2426#ifdef DEBUG_IDE
2427 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
2428#endif
2429 return ret;
2430}
2431
356721ae 2432uint32_t ide_status_read(void *opaque, uint32_t addr)
5391d806 2433{
bcbdc4d3
GH		 2434 IDEBus *bus = opaque;
2435 IDEState *s = idebus_active_if(bus);
5391d806 2436 int ret;
7ae98627 2437
bcbdc4d3
GH		 2438 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2439 (s != bus->ifs && !s->bs))
7ae98627
FB		 2440 ret = 0;
2441 else
2442 ret = s->status;
5391d806
FB		 2443#ifdef DEBUG_IDE
2444 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
2445#endif
2446 return ret;
2447}
2448
356721ae 2449void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
5391d806 2450{
bcbdc4d3 2451 IDEBus *bus = opaque;
5391d806
FB		 2452 IDEState *s;
2453 int i;
2454
2455#ifdef DEBUG_IDE
2456 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
2457#endif
2458 /* common for both drives */
9cdd03a7 2459 if (!(bus->cmd & IDE_CMD_RESET) &&
5391d806
FB		 2460 (val & IDE_CMD_RESET)) {
2461 /* reset low to high */
2462 for(i = 0;i < 2; i++) {
bcbdc4d3 2463 s = &bus->ifs[i];
5391d806
FB		 2464 s->status = BUSY_STAT | SEEK_STAT;
2465 s->error = 0x01;
2466 }
9cdd03a7 2467 } else if ((bus->cmd & IDE_CMD_RESET) &&
5391d806
FB		 2468 !(val & IDE_CMD_RESET)) {
2469 /* high to low */
2470 for(i = 0;i < 2; i++) {
bcbdc4d3 2471 s = &bus->ifs[i];
cd8722bb 2472 if (s->drive_kind == IDE_CD)
6b136f9e
FB		 2473 s->status = 0x00; /* NOTE: READY is _not_ set */
2474 else
56bf1d37 2475 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 2476 ide_set_signature(s);
2477 }
2478 }
2479
9cdd03a7 2480 bus->cmd = val;
5391d806
FB		 2481}
2482
356721ae 2483void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
5391d806 2484{
bcbdc4d3
GH		 2485 IDEBus *bus = opaque;
2486 IDEState *s = idebus_active_if(bus);
5391d806
FB		 2487 uint8_t *p;
2488
fcdd25ab
AL		 2489 /* PIO data access allowed only when DRQ bit is set */
2490 if (!(s->status & DRQ_STAT))
2491 return;
2492
5391d806 2493 p = s->data_ptr;
0c4ad8dc 2494 *(uint16_t *)p = le16_to_cpu(val);
5391d806
FB		 2495 p += 2;
2496 s->data_ptr = p;
2497 if (p >= s->data_end)
2498 s->end_transfer_func(s);
2499}
2500
356721ae 2501uint32_t ide_data_readw(void *opaque, uint32_t addr)
5391d806 2502{
bcbdc4d3
GH		 2503 IDEBus *bus = opaque;
2504 IDEState *s = idebus_active_if(bus);
5391d806
FB		 2505 uint8_t *p;
2506 int ret;
fcdd25ab
AL		 2507
2508 /* PIO data access allowed only when DRQ bit is set */
2509 if (!(s->status & DRQ_STAT))
2510 return 0;
2511
5391d806 2512 p = s->data_ptr;
0c4ad8dc 2513 ret = cpu_to_le16(*(uint16_t *)p);
5391d806
FB		 2514 p += 2;
2515 s->data_ptr = p;
2516 if (p >= s->data_end)
2517 s->end_transfer_func(s);
2518 return ret;
2519}
2520
356721ae 2521void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
5391d806 2522{
bcbdc4d3
GH		 2523 IDEBus *bus = opaque;
2524 IDEState *s = idebus_active_if(bus);
5391d806
FB		 2525 uint8_t *p;
2526
fcdd25ab
AL		 2527 /* PIO data access allowed only when DRQ bit is set */
2528 if (!(s->status & DRQ_STAT))
2529 return;
2530
5391d806 2531 p = s->data_ptr;
0c4ad8dc 2532 *(uint32_t *)p = le32_to_cpu(val);
5391d806
FB		 2533 p += 4;
2534 s->data_ptr = p;
2535 if (p >= s->data_end)
2536 s->end_transfer_func(s);
2537}
2538
356721ae 2539uint32_t ide_data_readl(void *opaque, uint32_t addr)
5391d806 2540{
bcbdc4d3
GH		 2541 IDEBus *bus = opaque;
2542 IDEState *s = idebus_active_if(bus);
5391d806
FB		 2543 uint8_t *p;
2544 int ret;
3b46e624 2545
fcdd25ab
AL		 2546 /* PIO data access allowed only when DRQ bit is set */
2547 if (!(s->status & DRQ_STAT))
2548 return 0;
2549
5391d806 2550 p = s->data_ptr;
0c4ad8dc 2551 ret = cpu_to_le32(*(uint32_t *)p);
5391d806
FB		 2552 p += 4;
2553 s->data_ptr = p;
2554 if (p >= s->data_end)
2555 s->end_transfer_func(s);
2556 return ret;
2557}
2558
a7dfe172
FB		 2559static void ide_dummy_transfer_stop(IDEState *s)
2560{
2561 s->data_ptr = s->io_buffer;
2562 s->data_end = s->io_buffer;
2563 s->io_buffer[0] = 0xff;
2564 s->io_buffer[1] = 0xff;
2565 s->io_buffer[2] = 0xff;
2566 s->io_buffer[3] = 0xff;
2567}
2568
4a643563 2569static void ide_reset(IDEState *s)
5391d806 2570{
4a643563
BS		 2571#ifdef DEBUG_IDE
2572 printf("ide: reset\n");
2573#endif
cd8722bb 2574 if (s->drive_kind == IDE_CFATA)
201a51fc
AZ		 2575 s->mult_sectors = 0;
2576 else
2577 s->mult_sectors = MAX_MULT_SECTORS;
4a643563
BS		 2578 /* ide regs */
2579 s->feature = 0;
2580 s->error = 0;
2581 s->nsector = 0;
2582 s->sector = 0;
2583 s->lcyl = 0;
2584 s->hcyl = 0;
2585
2586 /* lba48 */
2587 s->hob_feature = 0;
2588 s->hob_sector = 0;
2589 s->hob_nsector = 0;
2590 s->hob_lcyl = 0;
2591 s->hob_hcyl = 0;
2592
5391d806 2593 s->select = 0xa0;
41a2b959 2594 s->status = READY_STAT | SEEK_STAT;
4a643563
BS		 2595
2596 s->lba48 = 0;
2597
2598 /* ATAPI specific */
2599 s->sense_key = 0;
2600 s->asc = 0;
2601 s->cdrom_changed = 0;
2602 s->packet_transfer_size = 0;
2603 s->elementary_transfer_size = 0;
2604 s->io_buffer_index = 0;
2605 s->cd_sector_size = 0;
2606 s->atapi_dma = 0;
2607 /* ATA DMA state */
2608 s->io_buffer_size = 0;
2609 s->req_nb_sectors = 0;
2610
5391d806 2611 ide_set_signature(s);
a7dfe172
FB		 2612 /* init the transfer handler so that 0xffff is returned on data
2613 accesses */
2614 s->end_transfer_func = ide_dummy_transfer_stop;
2615 ide_dummy_transfer_stop(s);
201a51fc 2616 s->media_changed = 0;
5391d806
FB		 2617}
2618
4a643563
BS		 2619void ide_bus_reset(IDEBus *bus)
2620{
2621 bus->unit = 0;
2622 bus->cmd = 0;
2623 ide_reset(&bus->ifs[0]);
2624 ide_reset(&bus->ifs[1]);
2625 ide_clear_hob(bus);
40a6238a
AG		 2626
2627 /* pending async DMA */
2628 if (bus->dma->aiocb) {
2629#ifdef DEBUG_AIO
2630 printf("aio_cancel\n");
2631#endif
2632 bdrv_aio_cancel(bus->dma->aiocb);
2633 bus->dma->aiocb = NULL;
2634 }
2635
2636 /* reset dma provider too */
2637 bus->dma->ops->reset(bus->dma);
4a643563
BS		 2638}
2639
c4d74df7
MA		 2640int ide_init_drive(IDEState *s, BlockDriverState *bs,
2641 const char *version, const char *serial)
88804180
GH		 2642{
2643 int cylinders, heads, secs;
2644 uint64_t nb_sectors;
2645
f8b6cc00
MA		 2646 s->bs = bs;
2647 bdrv_get_geometry(bs, &nb_sectors);
2648 bdrv_guess_geometry(bs, &cylinders, &heads, &secs);
dce9e928
MA		 2649 if (cylinders < 1 || cylinders > 16383) {
2650 error_report("cyls must be between 1 and 16383");
2651 return -1;
2652 }
2653 if (heads < 1 || heads > 16) {
2654 error_report("heads must be between 1 and 16");
2655 return -1;
2656 }
2657 if (secs < 1 || secs > 63) {
2658 error_report("secs must be between 1 and 63");
2659 return -1;
2660 }
870111c8
MA		 2661 s->cylinders = cylinders;
2662 s->heads = heads;
2663 s->sectors = secs;
2664 s->nb_sectors = nb_sectors;
2665 /* The SMART values should be preserved across power cycles
2666 but they aren't. */
2667 s->smart_enabled = 1;
2668 s->smart_autosave = 1;
2669 s->smart_errors = 0;
2670 s->smart_selftest_count = 0;
f8b6cc00 2671 if (bdrv_get_type_hint(bs) == BDRV_TYPE_CDROM) {
cd8722bb 2672 s->drive_kind = IDE_CD;
f8b6cc00 2673 bdrv_set_change_cb(bs, cdrom_change_cb, s);
1b2adf28 2674 bs->buffer_alignment = 2048;
7aa9c811 2675 } else {
98f28ad7
MA		 2676 if (!bdrv_is_inserted(s->bs)) {
2677 error_report("Device needs media, but drive is empty");
2678 return -1;
2679 }
7aa9c811
MA		 2680 if (bdrv_is_read_only(bs)) {
2681 error_report("Can't use a read-only drive");
2682 return -1;
2683 }
88804180 2684 }
f8b6cc00 2685 if (serial) {
6ced55a5
MA		 2686 strncpy(s->drive_serial_str, serial, sizeof(s->drive_serial_str));
2687 } else {
88804180
GH		 2688 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str),
2689 "QM%05d", s->drive_serial);
870111c8 2690 }
47c06340
GH		 2691 if (version) {
2692 pstrcpy(s->version, sizeof(s->version), version);
2693 } else {
2694 pstrcpy(s->version, sizeof(s->version), QEMU_VERSION);
2695 }
40a6238a 2696
88804180 2697 ide_reset(s);
cd8722bb 2698 bdrv_set_removable(bs, s->drive_kind == IDE_CD);
c4d74df7 2699 return 0;
88804180
GH		 2700}
2701
57234ee4 2702static void ide_init1(IDEBus *bus, int unit)
d459da0e
MA		 2703{
2704 static int drive_serial = 1;
2705 IDEState *s = &bus->ifs[unit];
2706
2707 s->bus = bus;
2708 s->unit = unit;
2709 s->drive_serial = drive_serial++;
1b2adf28
CH		 2710 /* we need at least 2k alignment for accessing CDROMs using O_DIRECT */
2711 s->io_buffer = qemu_memalign(2048, IDE_DMA_BUF_SECTORS*512 + 4);
50641c5c 2712 s->io_buffer_total_len = IDE_DMA_BUF_SECTORS*512 + 4;
d459da0e 2713 s->smart_selftest_data = qemu_blockalign(s->bs, 512);
74475455 2714 s->sector_write_timer = qemu_new_timer_ns(vm_clock,
d459da0e 2715 ide_sector_write_timer_cb, s);
57234ee4
MA		 2716}
2717
40a6238a
AG		 2718static void ide_nop_start(IDEDMA *dma, IDEState *s,
2719 BlockDriverCompletionFunc *cb)
2720{
2721}
2722
2723static int ide_nop(IDEDMA *dma)
2724{
2725 return 0;
2726}
2727
2728static int ide_nop_int(IDEDMA *dma, int x)
2729{
2730 return 0;
2731}
2732
2733static void ide_nop_restart(void *opaque, int x, int y)
2734{
2735}
2736
2737static const IDEDMAOps ide_dma_nop_ops = {
2738 .start_dma = ide_nop_start,
2739 .start_transfer = ide_nop,
2740 .prepare_buf = ide_nop_int,
2741 .rw_buf = ide_nop_int,
2742 .set_unit = ide_nop_int,
2743 .add_status = ide_nop_int,
2744 .set_inactive = ide_nop,
2745 .restart_cb = ide_nop_restart,
2746 .reset = ide_nop,
2747};
2748
2749static IDEDMA ide_dma_nop = {
2750 .ops = &ide_dma_nop_ops,
2751 .aiocb = NULL,
2752};
2753
57234ee4
MA		 2754void ide_init2(IDEBus *bus, qemu_irq irq)
2755{
2756 int i;
2757
2758 for(i = 0; i < 2; i++) {
2759 ide_init1(bus, i);
2760 ide_reset(&bus->ifs[i]);
870111c8 2761 }
57234ee4 2762 bus->irq = irq;
40a6238a 2763 bus->dma = &ide_dma_nop;
d459da0e
MA		 2764}
2765
57234ee4
MA		 2766/* TODO convert users to qdev and remove */
2767void ide_init2_with_non_qdev_drives(IDEBus *bus, DriveInfo *hd0,
2768 DriveInfo *hd1, qemu_irq irq)
5391d806 2769{
88804180 2770 int i;
57234ee4 2771 DriveInfo *dinfo;
5391d806 2772
caed8802 2773 for(i = 0; i < 2; i++) {
57234ee4
MA		 2774 dinfo = i == 0 ? hd0 : hd1;
2775 ide_init1(bus, i);
2776 if (dinfo) {
c4d74df7
MA		 2777 if (ide_init_drive(&bus->ifs[i], dinfo->bdrv, NULL,
2778 *dinfo->serial ? dinfo->serial : NULL) < 0) {
2779 error_report("Can't set up IDE drive %s", dinfo->id);
2780 exit(1);
2781 }
57234ee4
MA		 2782 } else {
2783 ide_reset(&bus->ifs[i]);
2784 }
5391d806 2785 }
9cdd03a7 2786 bus->irq = irq;
40a6238a 2787 bus->dma = &ide_dma_nop;
69b91039
FB		 2788}
2789
356721ae 2790void ide_init_ioport(IDEBus *bus, int iobase, int iobase2)
69b91039 2791{
bcbdc4d3
GH		 2792 register_ioport_write(iobase, 8, 1, ide_ioport_write, bus);
2793 register_ioport_read(iobase, 8, 1, ide_ioport_read, bus);
caed8802 2794 if (iobase2) {
bcbdc4d3
GH		 2795 register_ioport_read(iobase2, 1, 1, ide_status_read, bus);
2796 register_ioport_write(iobase2, 1, 1, ide_cmd_write, bus);
5391d806 2797 }
3b46e624 2798
caed8802 2799 /* data ports */
bcbdc4d3
GH		 2800 register_ioport_write(iobase, 2, 2, ide_data_writew, bus);
2801 register_ioport_read(iobase, 2, 2, ide_data_readw, bus);
2802 register_ioport_write(iobase, 4, 4, ide_data_writel, bus);
2803 register_ioport_read(iobase, 4, 4, ide_data_readl, bus);
5391d806 2804}
69b91039 2805
37159f13 2806static bool is_identify_set(void *opaque, int version_id)
aa941b94 2807{
37159f13
JQ		 2808 IDEState *s = opaque;
2809
2810 return s->identify_set != 0;
2811}
2812
50641c5c
JQ		 2813static EndTransferFunc* transfer_end_table[] = {
2814 ide_sector_read,
2815 ide_sector_write,
2816 ide_transfer_stop,
2817 ide_atapi_cmd_reply_end,
2818 ide_atapi_cmd,
2819 ide_dummy_transfer_stop,
2820};
2821
2822static int transfer_end_table_idx(EndTransferFunc *fn)
2823{
2824 int i;
2825
2826 for (i = 0; i < ARRAY_SIZE(transfer_end_table); i++)
2827 if (transfer_end_table[i] == fn)
2828 return i;
2829
2830 return -1;
2831}
2832
37159f13 2833static int ide_drive_post_load(void *opaque, int version_id)
aa941b94 2834{
37159f13
JQ		 2835 IDEState *s = opaque;
2836
2837 if (version_id < 3) {
93c8cfd9 2838 if (s->sense_key == SENSE_UNIT_ATTENTION &&
37159f13 2839 s->asc == ASC_MEDIUM_MAY_HAVE_CHANGED) {
93c8cfd9 2840 s->cdrom_changed = 1;
37159f13 2841 }
93c8cfd9 2842 }
37159f13 2843 return 0;
aa941b94
AZ		 2844}
2845
50641c5c
JQ		 2846static int ide_drive_pio_post_load(void *opaque, int version_id)
2847{
2848 IDEState *s = opaque;
2849
7bccf573 2850 if (s->end_transfer_fn_idx > ARRAY_SIZE(transfer_end_table)) {
50641c5c
JQ		 2851 return -EINVAL;
2852 }
2853 s->end_transfer_func = transfer_end_table[s->end_transfer_fn_idx];
2854 s->data_ptr = s->io_buffer + s->cur_io_buffer_offset;
2855 s->data_end = s->data_ptr + s->cur_io_buffer_len;
2856
2857 return 0;
2858}
2859
2860static void ide_drive_pio_pre_save(void *opaque)
2861{
2862 IDEState *s = opaque;
2863 int idx;
2864
2865 s->cur_io_buffer_offset = s->data_ptr - s->io_buffer;
2866 s->cur_io_buffer_len = s->data_end - s->data_ptr;
2867
2868 idx = transfer_end_table_idx(s->end_transfer_func);
2869 if (idx == -1) {
2870 fprintf(stderr, "%s: invalid end_transfer_func for DRQ_STAT\n",
2871 __func__);
2872 s->end_transfer_fn_idx = 2;
2873 } else {
2874 s->end_transfer_fn_idx = idx;
2875 }
2876}
2877
2878static bool ide_drive_pio_state_needed(void *opaque)
2879{
2880 IDEState *s = opaque;
2881
2882 return (s->status & DRQ_STAT) != 0;
2883}
2884
996faf1a
AS		 2885static bool ide_atapi_gesn_needed(void *opaque)
2886{
2887 IDEState *s = opaque;
2888
2889 return s->events.new_media || s->events.eject_request;
2890}
2891
2892/* Fields for GET_EVENT_STATUS_NOTIFICATION ATAPI command */
2893const VMStateDescription vmstate_ide_atapi_gesn_state = {
2894 .name ="ide_drive/atapi/gesn_state",
2895 .version_id = 1,
2896 .minimum_version_id = 1,
2897 .minimum_version_id_old = 1,
2898 .fields = (VMStateField []) {
2899 VMSTATE_BOOL(events.new_media, IDEState),
2900 VMSTATE_BOOL(events.eject_request, IDEState),
2901 }
2902};
2903
50641c5c
JQ		 2904const VMStateDescription vmstate_ide_drive_pio_state = {
2905 .name = "ide_drive/pio_state",
2906 .version_id = 1,
2907 .minimum_version_id = 1,
2908 .minimum_version_id_old = 1,
2909 .pre_save = ide_drive_pio_pre_save,
2910 .post_load = ide_drive_pio_post_load,
2911 .fields = (VMStateField []) {
2912 VMSTATE_INT32(req_nb_sectors, IDEState),
2913 VMSTATE_VARRAY_INT32(io_buffer, IDEState, io_buffer_total_len, 1,
2914 vmstate_info_uint8, uint8_t),
2915 VMSTATE_INT32(cur_io_buffer_offset, IDEState),
2916 VMSTATE_INT32(cur_io_buffer_len, IDEState),
2917 VMSTATE_UINT8(end_transfer_fn_idx, IDEState),
2918 VMSTATE_INT32(elementary_transfer_size, IDEState),
2919 VMSTATE_INT32(packet_transfer_size, IDEState),
2920 VMSTATE_END_OF_LIST()
2921 }
2922};
2923
37159f13
JQ		 2924const VMStateDescription vmstate_ide_drive = {
2925 .name = "ide_drive",
3abb6260 2926 .version_id = 3,
37159f13
JQ		 2927 .minimum_version_id = 0,
2928 .minimum_version_id_old = 0,
2929 .post_load = ide_drive_post_load,
2930 .fields = (VMStateField []) {
2931 VMSTATE_INT32(mult_sectors, IDEState),
2932 VMSTATE_INT32(identify_set, IDEState),
2933 VMSTATE_BUFFER_TEST(identify_data, IDEState, is_identify_set),
2934 VMSTATE_UINT8(feature, IDEState),
2935 VMSTATE_UINT8(error, IDEState),
2936 VMSTATE_UINT32(nsector, IDEState),
2937 VMSTATE_UINT8(sector, IDEState),
2938 VMSTATE_UINT8(lcyl, IDEState),
2939 VMSTATE_UINT8(hcyl, IDEState),
2940 VMSTATE_UINT8(hob_feature, IDEState),
2941 VMSTATE_UINT8(hob_sector, IDEState),
2942 VMSTATE_UINT8(hob_nsector, IDEState),
2943 VMSTATE_UINT8(hob_lcyl, IDEState),
2944 VMSTATE_UINT8(hob_hcyl, IDEState),
2945 VMSTATE_UINT8(select, IDEState),
2946 VMSTATE_UINT8(status, IDEState),
2947 VMSTATE_UINT8(lba48, IDEState),
2948 VMSTATE_UINT8(sense_key, IDEState),
2949 VMSTATE_UINT8(asc, IDEState),
2950 VMSTATE_UINT8_V(cdrom_changed, IDEState, 3),
37159f13 2951 VMSTATE_END_OF_LIST()
50641c5c
JQ		 2952 },
2953 .subsections = (VMStateSubsection []) {
2954 {
2955 .vmsd = &vmstate_ide_drive_pio_state,
2956 .needed = ide_drive_pio_state_needed,
996faf1a
AS		 2957 }, {
2958 .vmsd = &vmstate_ide_atapi_gesn_state,
2959 .needed = ide_atapi_gesn_needed,
50641c5c
JQ		 2960 }, {
2961 /* empty */
2962 }
37159f13
JQ		 2963 }
2964};
2965
6521dc62
JQ		 2966const VMStateDescription vmstate_ide_bus = {
2967 .name = "ide_bus",
2968 .version_id = 1,
2969 .minimum_version_id = 1,
2970 .minimum_version_id_old = 1,
2971 .fields = (VMStateField []) {
2972 VMSTATE_UINT8(cmd, IDEBus),
2973 VMSTATE_UINT8(unit, IDEBus),
2974 VMSTATE_END_OF_LIST()
2975 }
2976};
75717903
IY		 2977
2978void ide_drive_get(DriveInfo **hd, int max_bus)
2979{
2980 int i;
2981
2982 if (drive_get_max_bus(IF_IDE) >= max_bus) {
2983 fprintf(stderr, "qemu: too many IDE bus: %d\n", max_bus);
2984 exit(1);
2985 }
2986
2987 for(i = 0; i < max_bus * MAX_IDE_DEVS; i++) {
2988 hd[i] = drive_get(IF_IDE, i / MAX_IDE_DEVS, i % MAX_IDE_DEVS);
2989 }
2990}
Qemu copy for testing