]> git.proxmox.com Git - qemu.git/blame - hw/ide.c
projects / qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge NBD client/server, by Laurent Vivier.
[qemu.git] / hw / ide.c
CommitLineData
5391d806 1/*
38cdea7c 2 * QEMU IDE disk and CD/DVD-ROM Emulator
5fafdf24 3 *
5391d806 4 * Copyright (c) 2003 Fabrice Bellard
201a51fc 5 * Copyright (c) 2006 Openedhand Ltd.
5fafdf24 6 *
5391d806
FB		 7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
87ecb68b
PB		 25#include "hw.h"
26#include "pc.h"
27#include "pci.h"
28#include "scsi-disk.h"
29#include "pcmcia.h"
30#include "block.h"
31#include "qemu-timer.h"
32#include "sysemu.h"
9596ebb7 33#include "ppc_mac.h"
5391d806 34
5391d806
FB		 35/* debug IDE devices */
36//#define DEBUG_IDE
37//#define DEBUG_IDE_ATAPI
8ccad811
FB		 38//#define DEBUG_AIO
39#define USE_DMA_CDROM
5391d806
FB		 40
41/* Bits of HD_STATUS */
42#define ERR_STAT 0x01
43#define INDEX_STAT 0x02
44#define ECC_STAT 0x04 /* Corrected error */
45#define DRQ_STAT 0x08
46#define SEEK_STAT 0x10
47#define SRV_STAT 0x10
48#define WRERR_STAT 0x20
49#define READY_STAT 0x40
50#define BUSY_STAT 0x80
51
52/* Bits for HD_ERROR */
53#define MARK_ERR 0x01 /* Bad address mark */
54#define TRK0_ERR 0x02 /* couldn't find track 0 */
55#define ABRT_ERR 0x04 /* Command aborted */
56#define MCR_ERR 0x08 /* media change request */
57#define ID_ERR 0x10 /* ID field not found */
58#define MC_ERR 0x20 /* media changed */
59#define ECC_ERR 0x40 /* Uncorrectable ECC error */
60#define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
61#define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
62
63/* Bits of HD_NSECTOR */
64#define CD 0x01
65#define IO 0x02
66#define REL 0x04
67#define TAG_MASK 0xf8
68
69#define IDE_CMD_RESET 0x04
70#define IDE_CMD_DISABLE_IRQ 0x02
71
72/* ATA/ATAPI Commands pre T13 Spec */
73#define WIN_NOP 0x00
74/*
75 * 0x01->0x02 Reserved
76 */
77#define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
78/*
79 * 0x04->0x07 Reserved
80 */
81#define WIN_SRST 0x08 /* ATAPI soft reset command */
82#define WIN_DEVICE_RESET 0x08
83/*
84 * 0x09->0x0F Reserved
85 */
86#define WIN_RECAL 0x10
87#define WIN_RESTORE WIN_RECAL
88/*
89 * 0x10->0x1F Reserved
90 */
91#define WIN_READ 0x20 /* 28-Bit */
92#define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
93#define WIN_READ_LONG 0x22 /* 28-Bit */
94#define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
95#define WIN_READ_EXT 0x24 /* 48-Bit */
96#define WIN_READDMA_EXT 0x25 /* 48-Bit */
97#define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
98#define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
99/*
100 * 0x28
101 */
102#define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
103/*
104 * 0x2A->0x2F Reserved
105 */
106#define WIN_WRITE 0x30 /* 28-Bit */
107#define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
108#define WIN_WRITE_LONG 0x32 /* 28-Bit */
109#define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
110#define WIN_WRITE_EXT 0x34 /* 48-Bit */
111#define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
112#define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
113#define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
114#define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
115#define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
116/*
117 * 0x3A->0x3B Reserved
118 */
119#define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
120/*
121 * 0x3D->0x3F Reserved
122 */
123#define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
124#define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
125#define WIN_VERIFY_EXT 0x42 /* 48-Bit */
126/*
127 * 0x43->0x4F Reserved
128 */
129#define WIN_FORMAT 0x50
130/*
131 * 0x51->0x5F Reserved
132 */
133#define WIN_INIT 0x60
134/*
135 * 0x61->0x5F Reserved
136 */
137#define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
138#define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
139#define WIN_DIAGNOSE 0x90
140#define WIN_SPECIFY 0x91 /* set drive geometry translation */
141#define WIN_DOWNLOAD_MICROCODE 0x92
142#define WIN_STANDBYNOW2 0x94
201a51fc 143#define CFA_IDLEIMMEDIATE 0x95 /* force drive to become "ready" */
5391d806
FB		 144#define WIN_STANDBY2 0x96
145#define WIN_SETIDLE2 0x97
146#define WIN_CHECKPOWERMODE2 0x98
147#define WIN_SLEEPNOW2 0x99
148/*
149 * 0x9A VENDOR
150 */
151#define WIN_PACKETCMD 0xA0 /* Send a packet command. */
152#define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
153#define WIN_QUEUED_SERVICE 0xA2
154#define WIN_SMART 0xB0 /* self-monitoring and reporting */
201a51fc
AZ		 155#define CFA_ACCESS_METADATA_STORAGE 0xB8
156#define CFA_ERASE_SECTORS 0xC0 /* microdrives implement as NOP */
5391d806
FB		 157#define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
158#define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
159#define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
160#define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
161#define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
162#define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
163#define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
164#define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
165#define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
166#define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
5fafdf24 167#define WIN_GETMEDIASTATUS 0xDA
5391d806
FB		 168#define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
169#define WIN_POSTBOOT 0xDC
170#define WIN_PREBOOT 0xDD
171#define WIN_DOORLOCK 0xDE /* lock door on removable drives */
172#define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
173#define WIN_STANDBYNOW1 0xE0
174#define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
175#define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
176#define WIN_SETIDLE1 0xE3
177#define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
178#define WIN_CHECKPOWERMODE1 0xE5
179#define WIN_SLEEPNOW1 0xE6
180#define WIN_FLUSH_CACHE 0xE7
181#define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
182#define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
183 /* SET_FEATURES 0x22 or 0xDD */
184#define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
185#define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
186#define WIN_MEDIAEJECT 0xED
187#define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
188#define WIN_SETFEATURES 0xEF /* set special drive features */
189#define EXABYTE_ENABLE_NEST 0xF0
201a51fc 190#define IBM_SENSE_CONDITION 0xF0 /* measure disk temperature */
5391d806
FB		 191#define WIN_SECURITY_SET_PASS 0xF1
192#define WIN_SECURITY_UNLOCK 0xF2
193#define WIN_SECURITY_ERASE_PREPARE 0xF3
194#define WIN_SECURITY_ERASE_UNIT 0xF4
195#define WIN_SECURITY_FREEZE_LOCK 0xF5
201a51fc 196#define CFA_WEAR_LEVEL 0xF5 /* microdrives implement as NOP */
5391d806
FB		 197#define WIN_SECURITY_DISABLE 0xF6
198#define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
199#define WIN_SET_MAX 0xF9
200#define DISABLE_SEAGATE 0xFB
201
202/* set to 1 set disable mult support */
f66723fa 203#define MAX_MULT_SECTORS 16
5391d806 204
1d8cde5b
AJ		 205#define IDE_DMA_BUF_SECTORS 256
206
207#if (IDE_DMA_BUF_SECTORS < MAX_MULT_SECTORS)
208#error "IDE_DMA_BUF_SECTORS must be bigger or equal to MAX_MULT_SECTORS"
209#endif
210
5391d806
FB		 211/* ATAPI defines */
212
213#define ATAPI_PACKET_SIZE 12
214
215/* The generic packet command opcodes for CD/DVD Logical Units,
216 * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
217#define GPCMD_BLANK 0xa1
218#define GPCMD_CLOSE_TRACK 0x5b
219#define GPCMD_FLUSH_CACHE 0x35
220#define GPCMD_FORMAT_UNIT 0x04
221#define GPCMD_GET_CONFIGURATION 0x46
222#define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
223#define GPCMD_GET_PERFORMANCE 0xac
224#define GPCMD_INQUIRY 0x12
225#define GPCMD_LOAD_UNLOAD 0xa6
226#define GPCMD_MECHANISM_STATUS 0xbd
227#define GPCMD_MODE_SELECT_10 0x55
228#define GPCMD_MODE_SENSE_10 0x5a
229#define GPCMD_PAUSE_RESUME 0x4b
230#define GPCMD_PLAY_AUDIO_10 0x45
231#define GPCMD_PLAY_AUDIO_MSF 0x47
232#define GPCMD_PLAY_AUDIO_TI 0x48
233#define GPCMD_PLAY_CD 0xbc
234#define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
235#define GPCMD_READ_10 0x28
236#define GPCMD_READ_12 0xa8
237#define GPCMD_READ_CDVD_CAPACITY 0x25
238#define GPCMD_READ_CD 0xbe
239#define GPCMD_READ_CD_MSF 0xb9
240#define GPCMD_READ_DISC_INFO 0x51
241#define GPCMD_READ_DVD_STRUCTURE 0xad
242#define GPCMD_READ_FORMAT_CAPACITIES 0x23
243#define GPCMD_READ_HEADER 0x44
244#define GPCMD_READ_TRACK_RZONE_INFO 0x52
245#define GPCMD_READ_SUBCHANNEL 0x42
246#define GPCMD_READ_TOC_PMA_ATIP 0x43
247#define GPCMD_REPAIR_RZONE_TRACK 0x58
248#define GPCMD_REPORT_KEY 0xa4
249#define GPCMD_REQUEST_SENSE 0x03
250#define GPCMD_RESERVE_RZONE_TRACK 0x53
251#define GPCMD_SCAN 0xba
252#define GPCMD_SEEK 0x2b
253#define GPCMD_SEND_DVD_STRUCTURE 0xad
254#define GPCMD_SEND_EVENT 0xa2
255#define GPCMD_SEND_KEY 0xa3
256#define GPCMD_SEND_OPC 0x54
257#define GPCMD_SET_READ_AHEAD 0xa7
258#define GPCMD_SET_STREAMING 0xb6
259#define GPCMD_START_STOP_UNIT 0x1b
260#define GPCMD_STOP_PLAY_SCAN 0x4e
261#define GPCMD_TEST_UNIT_READY 0x00
262#define GPCMD_VERIFY_10 0x2f
263#define GPCMD_WRITE_10 0x2a
264#define GPCMD_WRITE_AND_VERIFY_10 0x2e
5fafdf24 265/* This is listed as optional in ATAPI 2.6, but is (curiously)
5391d806
FB		 266 * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
267 * Table 377 as an MMC command for SCSi devices though... Most ATAPI
268 * drives support it. */
269#define GPCMD_SET_SPEED 0xbb
5fafdf24 270/* This seems to be a SCSI specific CD-ROM opcode
5391d806
FB		 271 * to play data at track/index */
272#define GPCMD_PLAYAUDIO_TI 0x48
273/*
274 * From MS Media Status Notification Support Specification. For
275 * older drives only.
276 */
277#define GPCMD_GET_MEDIA_STATUS 0xda
d14049ea 278#define GPCMD_MODE_SENSE_6 0x1a
5391d806
FB		 279
280/* Mode page codes for mode sense/set */
281#define GPMODE_R_W_ERROR_PAGE 0x01
282#define GPMODE_WRITE_PARMS_PAGE 0x05
283#define GPMODE_AUDIO_CTL_PAGE 0x0e
284#define GPMODE_POWER_PAGE 0x1a
285#define GPMODE_FAULT_FAIL_PAGE 0x1c
286#define GPMODE_TO_PROTECT_PAGE 0x1d
287#define GPMODE_CAPABILITIES_PAGE 0x2a
288#define GPMODE_ALL_PAGES 0x3f
289/* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
290 * of MODE_SENSE_POWER_PAGE */
291#define GPMODE_CDROM_PAGE 0x0d
292
38cdea7c
AZ		 293/*
294 * Based on values from <linux/cdrom.h> but extending CD_MINS
295 * to the maximum common size allowed by the Orange's Book ATIP
296 *
297 * 90 and 99 min CDs are also available but using them as the
298 * upper limit reduces the effectiveness of the heuristic to
299 * detect DVDs burned to less than 25% of their maximum capacity
300 */
301
302/* Some generally useful CD-ROM information */
303#define CD_MINS 80 /* max. minutes per CD */
304#define CD_SECS 60 /* seconds per minute */
305#define CD_FRAMES 75 /* frames per second */
306#define CD_FRAMESIZE 2048 /* bytes per frame, "cooked" mode */
307#define CD_MAX_BYTES (CD_MINS * CD_SECS * CD_FRAMES * CD_FRAMESIZE)
308#define CD_MAX_SECTORS (CD_MAX_BYTES / 512)
309
310/*
311 * The MMC values are not IDE specific and might need to be moved
312 * to a common header if they are also needed for the SCSI emulation
313 */
314
315/* Profile list from MMC-6 revision 1 table 91 */
316#define MMC_PROFILE_NONE 0x0000
317#define MMC_PROFILE_CD_ROM 0x0008
318#define MMC_PROFILE_CD_R 0x0009
319#define MMC_PROFILE_CD_RW 0x000A
320#define MMC_PROFILE_DVD_ROM 0x0010
321#define MMC_PROFILE_DVD_R_SR 0x0011
322#define MMC_PROFILE_DVD_RAM 0x0012
323#define MMC_PROFILE_DVD_RW_RO 0x0013
324#define MMC_PROFILE_DVD_RW_SR 0x0014
325#define MMC_PROFILE_DVD_R_DL_SR 0x0015
326#define MMC_PROFILE_DVD_R_DL_JR 0x0016
327#define MMC_PROFILE_DVD_RW_DL 0x0017
328#define MMC_PROFILE_DVD_DDR 0x0018
329#define MMC_PROFILE_DVD_PLUS_RW 0x001A
330#define MMC_PROFILE_DVD_PLUS_R 0x001B
331#define MMC_PROFILE_DVD_PLUS_RW_DL 0x002A
332#define MMC_PROFILE_DVD_PLUS_R_DL 0x002B
333#define MMC_PROFILE_BD_ROM 0x0040
334#define MMC_PROFILE_BD_R_SRM 0x0041
335#define MMC_PROFILE_BD_R_RRM 0x0042
336#define MMC_PROFILE_BD_RE 0x0043
337#define MMC_PROFILE_HDDVD_ROM 0x0050
338#define MMC_PROFILE_HDDVD_R 0x0051
339#define MMC_PROFILE_HDDVD_RAM 0x0052
340#define MMC_PROFILE_HDDVD_RW 0x0053
341#define MMC_PROFILE_HDDVD_R_DL 0x0058
342#define MMC_PROFILE_HDDVD_RW_DL 0x005A
343#define MMC_PROFILE_INVALID 0xFFFF
344
5391d806
FB		 345#define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
346#define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
347#define ATAPI_INT_REASON_REL 0x04
348#define ATAPI_INT_REASON_TAG 0xf8
349
350/* same constants as bochs */
7f777bf3 351#define ASC_ILLEGAL_OPCODE 0x20
5391d806
FB		 352#define ASC_LOGICAL_BLOCK_OOR 0x21
353#define ASC_INV_FIELD_IN_CMD_PACKET 0x24
8114e9e8 354#define ASC_INCOMPATIBLE_FORMAT 0x30
5391d806
FB		 355#define ASC_MEDIUM_NOT_PRESENT 0x3a
356#define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
357
201a51fc
AZ		 358#define CFA_NO_ERROR 0x00
359#define CFA_MISC_ERROR 0x09
360#define CFA_INVALID_COMMAND 0x20
361#define CFA_INVALID_ADDRESS 0x21
362#define CFA_ADDRESS_OVERFLOW 0x2f
363
5391d806
FB		 364#define SENSE_NONE 0
365#define SENSE_NOT_READY 2
366#define SENSE_ILLEGAL_REQUEST 5
367#define SENSE_UNIT_ATTENTION 6
368
369struct IDEState;
370
371typedef void EndTransferFunc(struct IDEState *);
372
caed8802 373/* NOTE: IDEState represents in fact one drive */
5391d806
FB		 374typedef struct IDEState {
375 /* ide config */
376 int is_cdrom;
201a51fc 377 int is_cf;
5391d806
FB		 378 int cylinders, heads, sectors;
379 int64_t nb_sectors;
380 int mult_sectors;
94458802
FB		 381 int identify_set;
382 uint16_t identify_data[256];
d537cf6c 383 qemu_irq irq;
34e538ae 384 PCIDevice *pci_dev;
98087450 385 struct BMDMAState *bmdma;
aedf5382 386 int drive_serial;
5391d806
FB		 387 /* ide regs */
388 uint8_t feature;
389 uint8_t error;
c2ff060f 390 uint32_t nsector;
5391d806
FB		 391 uint8_t sector;
392 uint8_t lcyl;
393 uint8_t hcyl;
c2ff060f
FB		 394 /* other part of tf for lba48 support */
395 uint8_t hob_feature;
396 uint8_t hob_nsector;
397 uint8_t hob_sector;
398 uint8_t hob_lcyl;
399 uint8_t hob_hcyl;
400
5391d806
FB		 401 uint8_t select;
402 uint8_t status;
c2ff060f 403
5391d806
FB		 404 /* 0x3f6 command, only meaningful for drive 0 */
405 uint8_t cmd;
c2ff060f
FB		 406 /* set for lba48 access */
407 uint8_t lba48;
5391d806 408 /* depends on bit 4 in select, only meaningful for drive 0 */
5fafdf24 409 struct IDEState *cur_drive;
5391d806
FB		 410 BlockDriverState *bs;
411 /* ATAPI specific */
412 uint8_t sense_key;
413 uint8_t asc;
414 int packet_transfer_size;
415 int elementary_transfer_size;
416 int io_buffer_index;
417 int lba;
98087450
FB		 418 int cd_sector_size;
419 int atapi_dma; /* true if dma is requested for the packet cmd */
420 /* ATA DMA state */
421 int io_buffer_size;
422 /* PIO transfer handling */
5391d806
FB		 423 int req_nb_sectors; /* number of sectors per interrupt */
424 EndTransferFunc *end_transfer_func;
425 uint8_t *data_ptr;
426 uint8_t *data_end;
33f00271 427 uint8_t *io_buffer;
31c2a146 428 QEMUTimer *sector_write_timer; /* only used for win2k install hack */
e774a278 429 uint32_t irq_count; /* counts IRQs when using win2k install hack */
201a51fc
AZ		 430 /* CF-ATA extended error */
431 uint8_t ext_error;
432 /* CF-ATA metadata storage */
433 uint32_t mdata_size;
434 uint8_t *mdata_storage;
435 int media_changed;
5391d806
FB		 436} IDEState;
437
8114e9e8
TS		 438/* XXX: DVDs that could fit on a CD will be reported as a CD */
439static inline int media_present(IDEState *s)
440{
441 return (s->nb_sectors > 0);
442}
443
444static inline int media_is_dvd(IDEState *s)
445{
446 return (media_present(s) && s->nb_sectors > CD_MAX_SECTORS);
447}
448
449static inline int media_is_cd(IDEState *s)
450{
451 return (media_present(s) && s->nb_sectors <= CD_MAX_SECTORS);
452}
453
98087450
FB		 454#define BM_STATUS_DMAING 0x01
455#define BM_STATUS_ERROR 0x02
456#define BM_STATUS_INT 0x04
457
458#define BM_CMD_START 0x01
459#define BM_CMD_READ 0x08
460
5457c8ce
FB		 461#define IDE_TYPE_PIIX3 0
462#define IDE_TYPE_CMD646 1
afcc3cdf 463#define IDE_TYPE_PIIX4 2
5457c8ce
FB		 464
465/* CMD646 specific */
466#define MRDMODE 0x71
467#define MRDMODE_INTR_CH0 0x04
468#define MRDMODE_INTR_CH1 0x08
469#define MRDMODE_BLK_CH0 0x10
470#define MRDMODE_BLK_CH1 0x20
471#define UDIDETCR0 0x73
472#define UDIDETCR1 0x7B
473
98087450
FB		 474typedef struct BMDMAState {
475 uint8_t cmd;
476 uint8_t status;
477 uint32_t addr;
3b46e624 478
5457c8ce 479 struct PCIIDEState *pci_dev;
98087450 480 /* current transfer state */
8ccad811
FB		 481 uint32_t cur_addr;
482 uint32_t cur_prd_last;
483 uint32_t cur_prd_addr;
484 uint32_t cur_prd_len;
98087450 485 IDEState *ide_if;
8ccad811
FB		 486 BlockDriverCompletionFunc *dma_cb;
487 BlockDriverAIOCB *aiocb;
98087450
FB		 488} BMDMAState;
489
490typedef struct PCIIDEState {
491 PCIDevice dev;
492 IDEState ide_if[4];
493 BMDMAState bmdma[2];
5457c8ce 494 int type; /* see IDE_TYPE_xxx */
98087450
FB		 495} PCIIDEState;
496
8ccad811 497static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb);
5f12ab4b 498static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
98087450 499
5391d806
FB		 500static void padstr(char *str, const char *src, int len)
501{
502 int i, v;
503 for(i = 0; i < len; i++) {
504 if (*src)
505 v = *src++;
506 else
507 v = ' ';
69b34976 508 str[i^1] = v;
5391d806
FB		 509 }
510}
511
bd0d90b2
FB		 512static void padstr8(uint8_t *buf, int buf_size, const char *src)
513{
514 int i;
515 for(i = 0; i < buf_size; i++) {
516 if (*src)
517 buf[i] = *src++;
518 else
519 buf[i] = ' ';
520 }
521}
522
67b915a5
FB		 523static void put_le16(uint16_t *p, unsigned int v)
524{
0c4ad8dc 525 *p = cpu_to_le16(v);
67b915a5
FB		 526}
527
5391d806
FB		 528static void ide_identify(IDEState *s)
529{
530 uint16_t *p;
531 unsigned int oldsize;
aedf5382 532 char buf[20];
5391d806 533
94458802
FB		 534 if (s->identify_set) {
535 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
536 return;
537 }
538
5391d806
FB		 539 memset(s->io_buffer, 0, 512);
540 p = (uint16_t *)s->io_buffer;
67b915a5 541 put_le16(p + 0, 0x0040);
5fafdf24 542 put_le16(p + 1, s->cylinders);
67b915a5
FB		 543 put_le16(p + 3, s->heads);
544 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
545 put_le16(p + 5, 512); /* XXX: retired, remove ? */
5fafdf24 546 put_le16(p + 6, s->sectors);
aedf5382 547 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
60fe76f3 548 padstr((char *)(p + 10), buf, 20); /* serial number */
67b915a5
FB		 549 put_le16(p + 20, 3); /* XXX: retired, remove ? */
550 put_le16(p + 21, 512); /* cache size in sectors */
551 put_le16(p + 22, 4); /* ecc bytes */
60fe76f3
TS		 552 padstr((char *)(p + 23), QEMU_VERSION, 8); /* firmware version */
553 padstr((char *)(p + 27), "QEMU HARDDISK", 40); /* model */
3b46e624 554#if MAX_MULT_SECTORS > 1
67b915a5 555 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
5391d806 556#endif
67b915a5 557 put_le16(p + 48, 1); /* dword I/O */
94458802 558 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
67b915a5
FB		 559 put_le16(p + 51, 0x200); /* PIO transfer cycle */
560 put_le16(p + 52, 0x200); /* DMA transfer cycle */
94458802 561 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
67b915a5
FB		 562 put_le16(p + 54, s->cylinders);
563 put_le16(p + 55, s->heads);
564 put_le16(p + 56, s->sectors);
5391d806 565 oldsize = s->cylinders * s->heads * s->sectors;
67b915a5
FB		 566 put_le16(p + 57, oldsize);
567 put_le16(p + 58, oldsize >> 16);
5391d806 568 if (s->mult_sectors)
67b915a5
FB		 569 put_le16(p + 59, 0x100 | s->mult_sectors);
570 put_le16(p + 60, s->nb_sectors);
571 put_le16(p + 61, s->nb_sectors >> 16);
94458802
FB		 572 put_le16(p + 63, 0x07); /* mdma0-2 supported */
573 put_le16(p + 65, 120);
574 put_le16(p + 66, 120);
575 put_le16(p + 67, 120);
576 put_le16(p + 68, 120);
577 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
578 put_le16(p + 81, 0x16); /* conforms to ata5 */
67b915a5 579 put_le16(p + 82, (1 << 14));
c2ff060f
FB		 580 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
581 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
67b915a5
FB		 582 put_le16(p + 84, (1 << 14));
583 put_le16(p + 85, (1 << 14));
c2ff060f
FB		 584 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
585 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
67b915a5 586 put_le16(p + 87, (1 << 14));
94458802
FB		 587 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
588 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
c2ff060f
FB		 589 put_le16(p + 100, s->nb_sectors);
590 put_le16(p + 101, s->nb_sectors >> 16);
591 put_le16(p + 102, s->nb_sectors >> 32);
592 put_le16(p + 103, s->nb_sectors >> 48);
94458802
FB		 593
594 memcpy(s->identify_data, p, sizeof(s->identify_data));
595 s->identify_set = 1;
5391d806
FB		 596}
597
598static void ide_atapi_identify(IDEState *s)
599{
600 uint16_t *p;
aedf5382 601 char buf[20];
5391d806 602
94458802
FB		 603 if (s->identify_set) {
604 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
605 return;
606 }
607
5391d806
FB		 608 memset(s->io_buffer, 0, 512);
609 p = (uint16_t *)s->io_buffer;
610 /* Removable CDROM, 50us response, 12 byte packets */
67b915a5 611 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
aedf5382 612 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
60fe76f3 613 padstr((char *)(p + 10), buf, 20); /* serial number */
67b915a5
FB		 614 put_le16(p + 20, 3); /* buffer type */
615 put_le16(p + 21, 512); /* cache size in sectors */
616 put_le16(p + 22, 4); /* ecc bytes */
60fe76f3 617 padstr((char *)(p + 23), QEMU_VERSION, 8); /* firmware version */
38cdea7c 618 padstr((char *)(p + 27), "QEMU DVD-ROM", 40); /* model */
67b915a5 619 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
8ccad811
FB		 620#ifdef USE_DMA_CDROM
621 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
622 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
623 put_le16(p + 63, 7); /* mdma0-2 supported */
624 put_le16(p + 64, 0x3f); /* PIO modes supported */
625#else
67b915a5
FB		 626 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
627 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
628 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
629 put_le16(p + 64, 1); /* PIO modes */
8ccad811 630#endif
67b915a5
FB		 631 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
632 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
633 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
634 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
94458802 635
67b915a5
FB		 636 put_le16(p + 71, 30); /* in ns */
637 put_le16(p + 72, 30); /* in ns */
5391d806 638
67b915a5 639 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
8ccad811
FB		 640#ifdef USE_DMA_CDROM
641 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
642#endif
94458802
FB		 643 memcpy(s->identify_data, p, sizeof(s->identify_data));
644 s->identify_set = 1;
5391d806
FB		 645}
646
201a51fc
AZ		 647static void ide_cfata_identify(IDEState *s)
648{
649 uint16_t *p;
650 uint32_t cur_sec;
651 char buf[20];
652
653 p = (uint16_t *) s->identify_data;
654 if (s->identify_set)
655 goto fill_buffer;
656
657 memset(p, 0, sizeof(s->identify_data));
658
659 cur_sec = s->cylinders * s->heads * s->sectors;
660
661 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
662 put_le16(p + 1, s->cylinders); /* Default cylinders */
663 put_le16(p + 3, s->heads); /* Default heads */
664 put_le16(p + 6, s->sectors); /* Default sectors per track */
665 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
666 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
667 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
60fe76f3 668 padstr((char *)(p + 10), buf, 20); /* Serial number in ASCII */
201a51fc 669 put_le16(p + 22, 0x0004); /* ECC bytes */
60fe76f3
TS		 670 padstr((char *) (p + 23), QEMU_VERSION, 8); /* Firmware Revision */
671 padstr((char *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */
201a51fc
AZ		 672#if MAX_MULT_SECTORS > 1
673 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
674#else
675 put_le16(p + 47, 0x0000);
676#endif
677 put_le16(p + 49, 0x0f00); /* Capabilities */
678 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
679 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
680 put_le16(p + 53, 0x0003); /* Translation params valid */
681 put_le16(p + 54, s->cylinders); /* Current cylinders */
682 put_le16(p + 55, s->heads); /* Current heads */
683 put_le16(p + 56, s->sectors); /* Current sectors */
684 put_le16(p + 57, cur_sec); /* Current capacity */
685 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
686 if (s->mult_sectors) /* Multiple sector setting */
687 put_le16(p + 59, 0x100 | s->mult_sectors);
688 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
689 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
690 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
691 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
692 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
693 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
694 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
695 put_le16(p + 82, 0x400c); /* Command Set supported */
696 put_le16(p + 83, 0x7068); /* Command Set supported */
697 put_le16(p + 84, 0x4000); /* Features supported */
698 put_le16(p + 85, 0x000c); /* Command Set enabled */
699 put_le16(p + 86, 0x7044); /* Command Set enabled */
700 put_le16(p + 87, 0x4000); /* Features enabled */
701 put_le16(p + 91, 0x4060); /* Current APM level */
702 put_le16(p + 129, 0x0002); /* Current features option */
703 put_le16(p + 130, 0x0005); /* Reassigned sectors */
704 put_le16(p + 131, 0x0001); /* Initial power mode */
705 put_le16(p + 132, 0x0000); /* User signature */
706 put_le16(p + 160, 0x8100); /* Power requirement */
707 put_le16(p + 161, 0x8001); /* CF command set */
708
709 s->identify_set = 1;
710
711fill_buffer:
712 memcpy(s->io_buffer, p, sizeof(s->identify_data));
713}
714
5391d806
FB		 715static void ide_set_signature(IDEState *s)
716{
717 s->select &= 0xf0; /* clear head */
718 /* put signature */
719 s->nsector = 1;
720 s->sector = 1;
721 if (s->is_cdrom) {
722 s->lcyl = 0x14;
723 s->hcyl = 0xeb;
724 } else if (s->bs) {
725 s->lcyl = 0;
726 s->hcyl = 0;
727 } else {
728 s->lcyl = 0xff;
729 s->hcyl = 0xff;
730 }
731}
732
733static inline void ide_abort_command(IDEState *s)
734{
735 s->status = READY_STAT | ERR_STAT;
736 s->error = ABRT_ERR;
737}
738
739static inline void ide_set_irq(IDEState *s)
740{
98ff7d30 741 BMDMAState *bm = s->bmdma;
5391d806 742 if (!(s->cmd & IDE_CMD_DISABLE_IRQ)) {
5457c8ce 743 if (bm) {
98ff7d30 744 bm->status |= BM_STATUS_INT;
5457c8ce 745 }
d537cf6c 746 qemu_irq_raise(s->irq);
5391d806
FB		 747 }
748}
749
750/* prepare data transfer and tell what to do after */
5fafdf24 751static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
5391d806
FB		 752 EndTransferFunc *end_transfer_func)
753{
754 s->end_transfer_func = end_transfer_func;
755 s->data_ptr = buf;
756 s->data_end = buf + size;
7603d156
TS		 757 if (!(s->status & ERR_STAT))
758 s->status |= DRQ_STAT;
5391d806
FB		 759}
760
761static void ide_transfer_stop(IDEState *s)
762{
763 s->end_transfer_func = ide_transfer_stop;
764 s->data_ptr = s->io_buffer;
765 s->data_end = s->io_buffer;
766 s->status &= ~DRQ_STAT;
767}
768
769static int64_t ide_get_sector(IDEState *s)
770{
771 int64_t sector_num;
772 if (s->select & 0x40) {
773 /* lba */
c2ff060f
FB		 774 if (!s->lba48) {
775 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
776 (s->lcyl << 8) | s->sector;
777 } else {
778 sector_num = ((int64_t)s->hob_hcyl << 40) |
779 ((int64_t) s->hob_lcyl << 32) |
780 ((int64_t) s->hob_sector << 24) |
781 ((int64_t) s->hcyl << 16) |
782 ((int64_t) s->lcyl << 8) | s->sector;
783 }
5391d806
FB		 784 } else {
785 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
c2ff060f 786 (s->select & 0x0f) * s->sectors + (s->sector - 1);
5391d806
FB		 787 }
788 return sector_num;
789}
790
791static void ide_set_sector(IDEState *s, int64_t sector_num)
792{
793 unsigned int cyl, r;
794 if (s->select & 0x40) {
c2ff060f
FB		 795 if (!s->lba48) {
796 s->select = (s->select & 0xf0) | (sector_num >> 24);
797 s->hcyl = (sector_num >> 16);
798 s->lcyl = (sector_num >> 8);
799 s->sector = (sector_num);
800 } else {
801 s->sector = sector_num;
802 s->lcyl = sector_num >> 8;
803 s->hcyl = sector_num >> 16;
804 s->hob_sector = sector_num >> 24;
805 s->hob_lcyl = sector_num >> 32;
806 s->hob_hcyl = sector_num >> 40;
807 }
5391d806
FB		 808 } else {
809 cyl = sector_num / (s->heads * s->sectors);
810 r = sector_num % (s->heads * s->sectors);
811 s->hcyl = cyl >> 8;
812 s->lcyl = cyl;
1b8eb456 813 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
5391d806
FB		 814 s->sector = (r % s->sectors) + 1;
815 }
816}
817
818static void ide_sector_read(IDEState *s)
819{
820 int64_t sector_num;
821 int ret, n;
822
823 s->status = READY_STAT | SEEK_STAT;
a136e5a8 824 s->error = 0; /* not needed by IDE spec, but needed by Windows */
5391d806
FB		 825 sector_num = ide_get_sector(s);
826 n = s->nsector;
827 if (n == 0) {
828 /* no more sector to read from disk */
829 ide_transfer_stop(s);
830 } else {
831#if defined(DEBUG_IDE)
832 printf("read sector=%Ld\n", sector_num);
833#endif
834 if (n > s->req_nb_sectors)
835 n = s->req_nb_sectors;
836 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
837 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
838 ide_set_irq(s);
839 ide_set_sector(s, sector_num + n);
840 s->nsector -= n;
841 }
842}
843
8ccad811
FB		 844/* return 0 if buffer completed */
845static int dma_buf_rw(BMDMAState *bm, int is_write)
98087450 846{
8ccad811
FB		 847 IDEState *s = bm->ide_if;
848 struct {
849 uint32_t addr;
850 uint32_t size;
851 } prd;
852 int l, len;
98087450 853
8ccad811
FB		 854 for(;;) {
855 l = s->io_buffer_size - s->io_buffer_index;
5fafdf24 856 if (l <= 0)
8ccad811
FB		 857 break;
858 if (bm->cur_prd_len == 0) {
859 /* end of table (with a fail safe of one page) */
860 if (bm->cur_prd_last ||
861 (bm->cur_addr - bm->addr) >= 4096)
862 return 0;
863 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
864 bm->cur_addr += 8;
865 prd.addr = le32_to_cpu(prd.addr);
866 prd.size = le32_to_cpu(prd.size);
867 len = prd.size & 0xfffe;
868 if (len == 0)
869 len = 0x10000;
870 bm->cur_prd_len = len;
871 bm->cur_prd_addr = prd.addr;
872 bm->cur_prd_last = (prd.size & 0x80000000);
873 }
874 if (l > bm->cur_prd_len)
875 l = bm->cur_prd_len;
876 if (l > 0) {
877 if (is_write) {
5fafdf24 878 cpu_physical_memory_write(bm->cur_prd_addr,
8ccad811
FB		 879 s->io_buffer + s->io_buffer_index, l);
880 } else {
5fafdf24 881 cpu_physical_memory_read(bm->cur_prd_addr,
8ccad811
FB		 882 s->io_buffer + s->io_buffer_index, l);
883 }
884 bm->cur_prd_addr += l;
885 bm->cur_prd_len -= l;
886 s->io_buffer_index += l;
98087450 887 }
98087450 888 }
8ccad811
FB		 889 return 1;
890}
891
892/* XXX: handle errors */
893static void ide_read_dma_cb(void *opaque, int ret)
894{
895 BMDMAState *bm = opaque;
896 IDEState *s = bm->ide_if;
897 int n;
898 int64_t sector_num;
899
900 n = s->io_buffer_size >> 9;
901 sector_num = ide_get_sector(s);
902 if (n > 0) {
903 sector_num += n;
904 ide_set_sector(s, sector_num);
905 s->nsector -= n;
906 if (dma_buf_rw(bm, 1) == 0)
907 goto eot;
908 }
909
910 /* end of transfer ? */
911 if (s->nsector == 0) {
98087450
FB		 912 s->status = READY_STAT | SEEK_STAT;
913 ide_set_irq(s);
8ccad811
FB		 914 eot:
915 bm->status &= ~BM_STATUS_DMAING;
916 bm->status |= BM_STATUS_INT;
917 bm->dma_cb = NULL;
918 bm->ide_if = NULL;
919 bm->aiocb = NULL;
920 return;
98087450 921 }
8ccad811
FB		 922
923 /* launch next transfer */
924 n = s->nsector;
1d8cde5b
AJ		 925 if (n > IDE_DMA_BUF_SECTORS)
926 n = IDE_DMA_BUF_SECTORS;
8ccad811
FB		 927 s->io_buffer_index = 0;
928 s->io_buffer_size = n * 512;
929#ifdef DEBUG_AIO
930 printf("aio_read: sector_num=%lld n=%d\n", sector_num, n);
931#endif
5fafdf24 932 bm->aiocb = bdrv_aio_read(s->bs, sector_num, s->io_buffer, n,
8ccad811 933 ide_read_dma_cb, bm);
98087450
FB		 934}
935
936static void ide_sector_read_dma(IDEState *s)
937{
8ccad811 938 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
98087450
FB		 939 s->io_buffer_index = 0;
940 s->io_buffer_size = 0;
941 ide_dma_start(s, ide_read_dma_cb);
942}
943
a09db21f
FB		 944static void ide_sector_write_timer_cb(void *opaque)
945{
946 IDEState *s = opaque;
947 ide_set_irq(s);
948}
949
5391d806
FB		 950static void ide_sector_write(IDEState *s)
951{
952 int64_t sector_num;
31c2a146 953 int ret, n, n1;
5391d806
FB		 954
955 s->status = READY_STAT | SEEK_STAT;
956 sector_num = ide_get_sector(s);
957#if defined(DEBUG_IDE)
958 printf("write sector=%Ld\n", sector_num);
959#endif
960 n = s->nsector;
961 if (n > s->req_nb_sectors)
962 n = s->req_nb_sectors;
31c2a146 963 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
5391d806
FB		 964 s->nsector -= n;
965 if (s->nsector == 0) {
292eef5a 966 /* no more sectors to write */
5391d806
FB		 967 ide_transfer_stop(s);
968 } else {
969 n1 = s->nsector;
970 if (n1 > s->req_nb_sectors)
971 n1 = s->req_nb_sectors;
972 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
973 }
974 ide_set_sector(s, sector_num + n);
3b46e624 975
31c2a146
TS		 976#ifdef TARGET_I386
977 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
978 /* It seems there is a bug in the Windows 2000 installer HDD
979 IDE driver which fills the disk with empty logs when the
980 IDE write IRQ comes too early. This hack tries to correct
981 that at the expense of slower write performances. Use this
982 option _only_ to install Windows 2000. You must disable it
983 for normal use. */
984 qemu_mod_timer(s->sector_write_timer,
985 qemu_get_clock(vm_clock) + (ticks_per_sec / 1000));
986 } else
987#endif
988 {
989 ide_set_irq(s);
990 }
5391d806
FB		 991}
992
8ccad811
FB		 993/* XXX: handle errors */
994static void ide_write_dma_cb(void *opaque, int ret)
98087450 995{
8ccad811
FB		 996 BMDMAState *bm = opaque;
997 IDEState *s = bm->ide_if;
998 int n;
98087450
FB		 999 int64_t sector_num;
1000
8ccad811
FB		 1001 n = s->io_buffer_size >> 9;
1002 sector_num = ide_get_sector(s);
1003 if (n > 0) {
1004 sector_num += n;
1005 ide_set_sector(s, sector_num);
1006 s->nsector -= n;
98087450 1007 }
98087450 1008
8ccad811
FB		 1009 /* end of transfer ? */
1010 if (s->nsector == 0) {
1011 s->status = READY_STAT | SEEK_STAT;
1012 ide_set_irq(s);
1013 eot:
1014 bm->status &= ~BM_STATUS_DMAING;
1015 bm->status |= BM_STATUS_INT;
1016 bm->dma_cb = NULL;
1017 bm->ide_if = NULL;
1018 bm->aiocb = NULL;
1019 return;
1020 }
1021
1022 /* launch next transfer */
98087450 1023 n = s->nsector;
1d8cde5b
AJ		 1024 if (n > IDE_DMA_BUF_SECTORS)
1025 n = IDE_DMA_BUF_SECTORS;
98087450
FB		 1026 s->io_buffer_index = 0;
1027 s->io_buffer_size = n * 512;
8ccad811
FB		 1028
1029 if (dma_buf_rw(bm, 0) == 0)
1030 goto eot;
1031#ifdef DEBUG_AIO
1032 printf("aio_write: sector_num=%lld n=%d\n", sector_num, n);
1033#endif
5fafdf24 1034 bm->aiocb = bdrv_aio_write(s->bs, sector_num, s->io_buffer, n,
8ccad811
FB		 1035 ide_write_dma_cb, bm);
1036}
1037
1038static void ide_sector_write_dma(IDEState *s)
1039{
1040 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
1041 s->io_buffer_index = 0;
1042 s->io_buffer_size = 0;
98087450
FB		 1043 ide_dma_start(s, ide_write_dma_cb);
1044}
1045
5391d806
FB		 1046static void ide_atapi_cmd_ok(IDEState *s)
1047{
1048 s->error = 0;
1049 s->status = READY_STAT;
1050 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1051 ide_set_irq(s);
1052}
1053
1054static void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
1055{
1056#ifdef DEBUG_IDE_ATAPI
1057 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
1058#endif
1059 s->error = sense_key << 4;
1060 s->status = READY_STAT | ERR_STAT;
1061 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1062 s->sense_key = sense_key;
1063 s->asc = asc;
1064 ide_set_irq(s);
1065}
1066
1067static inline void cpu_to_ube16(uint8_t *buf, int val)
1068{
1069 buf[0] = val >> 8;
1070 buf[1] = val;
1071}
1072
1073static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
1074{
1075 buf[0] = val >> 24;
1076 buf[1] = val >> 16;
1077 buf[2] = val >> 8;
1078 buf[3] = val;
1079}
1080
1081static inline int ube16_to_cpu(const uint8_t *buf)
1082{
1083 return (buf[0] << 8) | buf[1];
1084}
1085
1086static inline int ube32_to_cpu(const uint8_t *buf)
1087{
1088 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
1089}
1090
98087450
FB		 1091static void lba_to_msf(uint8_t *buf, int lba)
1092{
1093 lba += 150;
1094 buf[0] = (lba / 75) / 60;
1095 buf[1] = (lba / 75) % 60;
1096 buf[2] = lba % 75;
1097}
1098
8ccad811
FB		 1099static void cd_data_to_raw(uint8_t *buf, int lba)
1100{
1101 /* sync bytes */
1102 buf[0] = 0x00;
1103 memset(buf + 1, 0xff, 10);
1104 buf[11] = 0x00;
1105 buf += 12;
1106 /* MSF */
1107 lba_to_msf(buf, lba);
1108 buf[3] = 0x01; /* mode 1 data */
1109 buf += 4;
1110 /* data */
1111 buf += 2048;
1112 /* XXX: ECC not computed */
1113 memset(buf, 0, 288);
1114}
1115
5fafdf24 1116static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
98087450
FB		 1117 int sector_size)
1118{
66c6ef76
FB		 1119 int ret;
1120
98087450
FB		 1121 switch(sector_size) {
1122 case 2048:
66c6ef76 1123 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
98087450
FB		 1124 break;
1125 case 2352:
66c6ef76
FB		 1126 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
1127 if (ret < 0)
1128 return ret;
8ccad811 1129 cd_data_to_raw(buf, lba);
98087450
FB		 1130 break;
1131 default:
66c6ef76 1132 ret = -EIO;
98087450
FB		 1133 break;
1134 }
66c6ef76
FB		 1135 return ret;
1136}
1137
1138static void ide_atapi_io_error(IDEState *s, int ret)
1139{
1140 /* XXX: handle more errors */
1141 if (ret == -ENOMEDIUM) {
5fafdf24 1142 ide_atapi_cmd_error(s, SENSE_NOT_READY,
66c6ef76
FB		 1143 ASC_MEDIUM_NOT_PRESENT);
1144 } else {
5fafdf24 1145 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
66c6ef76
FB		 1146 ASC_LOGICAL_BLOCK_OOR);
1147 }
98087450
FB		 1148}
1149
5391d806
FB		 1150/* The whole ATAPI transfer logic is handled in this function */
1151static void ide_atapi_cmd_reply_end(IDEState *s)
1152{
66c6ef76 1153 int byte_count_limit, size, ret;
5391d806 1154#ifdef DEBUG_IDE_ATAPI
5fafdf24 1155 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
5391d806
FB		 1156 s->packet_transfer_size,
1157 s->elementary_transfer_size,
1158 s->io_buffer_index);
1159#endif
1160 if (s->packet_transfer_size <= 0) {
1161 /* end of transfer */
1162 ide_transfer_stop(s);
1163 s->status = READY_STAT;
1164 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1165 ide_set_irq(s);
1166#ifdef DEBUG_IDE_ATAPI
1167 printf("status=0x%x\n", s->status);
1168#endif
1169 } else {
1170 /* see if a new sector must be read */
98087450 1171 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
66c6ef76
FB		 1172 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
1173 if (ret < 0) {
1174 ide_transfer_stop(s);
1175 ide_atapi_io_error(s, ret);
1176 return;
1177 }
5391d806
FB		 1178 s->lba++;
1179 s->io_buffer_index = 0;
1180 }
1181 if (s->elementary_transfer_size > 0) {
1182 /* there are some data left to transmit in this elementary
1183 transfer */
98087450 1184 size = s->cd_sector_size - s->io_buffer_index;
5391d806
FB		 1185 if (size > s->elementary_transfer_size)
1186 size = s->elementary_transfer_size;
5fafdf24 1187 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
5391d806
FB		 1188 size, ide_atapi_cmd_reply_end);
1189 s->packet_transfer_size -= size;
1190 s->elementary_transfer_size -= size;
1191 s->io_buffer_index += size;
1192 } else {
1193 /* a new transfer is needed */
1194 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
1195 byte_count_limit = s->lcyl | (s->hcyl << 8);
1196#ifdef DEBUG_IDE_ATAPI
1197 printf("byte_count_limit=%d\n", byte_count_limit);
1198#endif
1199 if (byte_count_limit == 0xffff)
1200 byte_count_limit--;
1201 size = s->packet_transfer_size;
1202 if (size > byte_count_limit) {
1203 /* byte count limit must be even if this case */
1204 if (byte_count_limit & 1)
1205 byte_count_limit--;
1206 size = byte_count_limit;
5391d806 1207 }
a136e5a8
FB		 1208 s->lcyl = size;
1209 s->hcyl = size >> 8;
5391d806
FB		 1210 s->elementary_transfer_size = size;
1211 /* we cannot transmit more than one sector at a time */
1212 if (s->lba != -1) {
98087450
FB		 1213 if (size > (s->cd_sector_size - s->io_buffer_index))
1214 size = (s->cd_sector_size - s->io_buffer_index);
5391d806 1215 }
5fafdf24 1216 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
5391d806
FB		 1217 size, ide_atapi_cmd_reply_end);
1218 s->packet_transfer_size -= size;
1219 s->elementary_transfer_size -= size;
1220 s->io_buffer_index += size;
1221 ide_set_irq(s);
1222#ifdef DEBUG_IDE_ATAPI
1223 printf("status=0x%x\n", s->status);
1224#endif
1225 }
1226 }
1227}
1228
1229/* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
1230static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
1231{
1232 if (size > max_size)
1233 size = max_size;
1234 s->lba = -1; /* no sector read */
1235 s->packet_transfer_size = size;
5f12ab4b 1236 s->io_buffer_size = size; /* dma: send the reply data as one chunk */
5391d806
FB		 1237 s->elementary_transfer_size = 0;
1238 s->io_buffer_index = 0;
1239
5f12ab4b
TS		 1240 if (s->atapi_dma) {
1241 s->status = READY_STAT | DRQ_STAT;
1242 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1243 } else {
1244 s->status = READY_STAT;
1245 ide_atapi_cmd_reply_end(s);
1246 }
5391d806
FB		 1247}
1248
1249/* start a CD-CDROM read command */
98087450
FB		 1250static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
1251 int sector_size)
5391d806 1252{
5391d806 1253 s->lba = lba;
98087450 1254 s->packet_transfer_size = nb_sectors * sector_size;
5391d806 1255 s->elementary_transfer_size = 0;
98087450
FB		 1256 s->io_buffer_index = sector_size;
1257 s->cd_sector_size = sector_size;
5391d806
FB		 1258
1259 s->status = READY_STAT;
1260 ide_atapi_cmd_reply_end(s);
1261}
1262
98087450 1263/* ATAPI DMA support */
8ccad811
FB		 1264
1265/* XXX: handle read errors */
1266static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
98087450 1267{
8ccad811
FB		 1268 BMDMAState *bm = opaque;
1269 IDEState *s = bm->ide_if;
1270 int data_offset, n;
1271
66c6ef76
FB		 1272 if (ret < 0) {
1273 ide_atapi_io_error(s, ret);
1274 goto eot;
1275 }
1276
8ccad811 1277 if (s->io_buffer_size > 0) {
5f12ab4b
TS		 1278 /*
1279 * For a cdrom read sector command (s->lba != -1),
1280 * adjust the lba for the next s->io_buffer_size chunk
1281 * and dma the current chunk.
1282 * For a command != read (s->lba == -1), just transfer
1283 * the reply data.
1284 */
1285 if (s->lba != -1) {
1286 if (s->cd_sector_size == 2352) {
1287 n = 1;
1288 cd_data_to_raw(s->io_buffer, s->lba);
1289 } else {
1290 n = s->io_buffer_size >> 11;
1291 }
1292 s->lba += n;
1293 }
8ccad811 1294 s->packet_transfer_size -= s->io_buffer_size;
8ccad811
FB		 1295 if (dma_buf_rw(bm, 1) == 0)
1296 goto eot;
98087450 1297 }
8ccad811 1298
98087450
FB		 1299 if (s->packet_transfer_size <= 0) {
1300 s->status = READY_STAT;
1301 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1302 ide_set_irq(s);
8ccad811
FB		 1303 eot:
1304 bm->status &= ~BM_STATUS_DMAING;
1305 bm->status |= BM_STATUS_INT;
1306 bm->dma_cb = NULL;
1307 bm->ide_if = NULL;
1308 bm->aiocb = NULL;
1309 return;
1310 }
3b46e624 1311
8ccad811
FB		 1312 s->io_buffer_index = 0;
1313 if (s->cd_sector_size == 2352) {
1314 n = 1;
1315 s->io_buffer_size = s->cd_sector_size;
1316 data_offset = 16;
1317 } else {
1318 n = s->packet_transfer_size >> 11;
1d8cde5b
AJ		 1319 if (n > (IDE_DMA_BUF_SECTORS / 4))
1320 n = (IDE_DMA_BUF_SECTORS / 4);
8ccad811
FB		 1321 s->io_buffer_size = n * 2048;
1322 data_offset = 0;
98087450 1323 }
8ccad811
FB		 1324#ifdef DEBUG_AIO
1325 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
1326#endif
5fafdf24
TS		 1327 bm->aiocb = bdrv_aio_read(s->bs, (int64_t)s->lba << 2,
1328 s->io_buffer + data_offset, n * 4,
8ccad811 1329 ide_atapi_cmd_read_dma_cb, bm);
66c6ef76
FB		 1330 if (!bm->aiocb) {
1331 /* Note: media not present is the most likely case */
5fafdf24 1332 ide_atapi_cmd_error(s, SENSE_NOT_READY,
66c6ef76
FB		 1333 ASC_MEDIUM_NOT_PRESENT);
1334 goto eot;
1335 }
98087450
FB		 1336}
1337
1338/* start a CD-CDROM read command with DMA */
1339/* XXX: test if DMA is available */
1340static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1341 int sector_size)
1342{
1343 s->lba = lba;
1344 s->packet_transfer_size = nb_sectors * sector_size;
8ccad811
FB		 1345 s->io_buffer_index = 0;
1346 s->io_buffer_size = 0;
98087450
FB		 1347 s->cd_sector_size = sector_size;
1348
8ccad811
FB		 1349 /* XXX: check if BUSY_STAT should be set */
1350 s->status = READY_STAT | DRQ_STAT | BUSY_STAT;
98087450
FB		 1351 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1352}
1353
5fafdf24 1354static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
98087450
FB		 1355 int sector_size)
1356{
1357#ifdef DEBUG_IDE_ATAPI
5f12ab4b
TS		 1358 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
1359 lba, nb_sectors);
98087450
FB		 1360#endif
1361 if (s->atapi_dma) {
1362 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1363 } else {
1364 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1365 }
1366}
1367
38cdea7c
AZ		 1368static inline uint8_t ide_atapi_set_profile(uint8_t *buf, uint8_t *index,
1369 uint16_t profile)
1370{
1371 uint8_t *buf_profile = buf + 12; /* start of profiles */
1372
1373 buf_profile += ((*index) * 4); /* start of indexed profile */
1374 cpu_to_ube16 (buf_profile, profile);
1375 buf_profile[2] = ((buf_profile[0] == buf[6]) && (buf_profile[1] == buf[7]));
1376
1377 /* each profile adds 4 bytes to the response */
1378 (*index)++;
1379 buf[11] += 4; /* Additional Length */
1380
1381 return 4;
1382}
1383
8114e9e8
TS		 1384static int ide_dvd_read_structure(IDEState *s, int format,
1385 const uint8_t *packet, uint8_t *buf)
1386{
1387 switch (format) {
1388 case 0x0: /* Physical format information */
1389 {
1390 int layer = packet[6];
1391 uint64_t total_sectors;
1392
1393 if (layer != 0)
1394 return -ASC_INV_FIELD_IN_CMD_PACKET;
1395
1396 bdrv_get_geometry(s->bs, &total_sectors);
1397 total_sectors >>= 2;
1398 if (total_sectors == 0)
1399 return -ASC_MEDIUM_NOT_PRESENT;
1400
1401 buf[4] = 1; /* DVD-ROM, part version 1 */
1402 buf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
1403 buf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
1404 buf[7] = 0; /* default densities */
1405
1406 /* FIXME: 0x30000 per spec? */
1407 cpu_to_ube32(buf + 8, 0); /* start sector */
1408 cpu_to_ube32(buf + 12, total_sectors - 1); /* end sector */
1409 cpu_to_ube32(buf + 16, total_sectors - 1); /* l0 end sector */
1410
1411 /* Size of buffer, not including 2 byte size field */
1412 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1413
1414 /* 2k data + 4 byte header */
1415 return (2048 + 4);
1416 }
1417
1418 case 0x01: /* DVD copyright information */
1419 buf[4] = 0; /* no copyright data */
1420 buf[5] = 0; /* no region restrictions */
1421
1422 /* Size of buffer, not including 2 byte size field */
1423 cpu_to_be16wu((uint16_t *)buf, 4 + 2);
1424
1425 /* 4 byte header + 4 byte data */
1426 return (4 + 4);
1427
1428 case 0x03: /* BCA information - invalid field for no BCA info */
1429 return -ASC_INV_FIELD_IN_CMD_PACKET;
1430
1431 case 0x04: /* DVD disc manufacturing information */
1432 /* Size of buffer, not including 2 byte size field */
1433 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1434
1435 /* 2k data + 4 byte header */
1436 return (2048 + 4);
1437
1438 case 0xff:
1439 /*
1440 * This lists all the command capabilities above. Add new ones
1441 * in order and update the length and buffer return values.
1442 */
1443
1444 buf[4] = 0x00; /* Physical format */
1445 buf[5] = 0x40; /* Not writable, is readable */
1446 cpu_to_be16wu((uint16_t *)(buf + 6), 2048 + 4);
1447
1448 buf[8] = 0x01; /* Copyright info */
1449 buf[9] = 0x40; /* Not writable, is readable */
1450 cpu_to_be16wu((uint16_t *)(buf + 10), 4 + 4);
1451
1452 buf[12] = 0x03; /* BCA info */
1453 buf[13] = 0x40; /* Not writable, is readable */
1454 cpu_to_be16wu((uint16_t *)(buf + 14), 188 + 4);
1455
1456 buf[16] = 0x04; /* Manufacturing info */
1457 buf[17] = 0x40; /* Not writable, is readable */
1458 cpu_to_be16wu((uint16_t *)(buf + 18), 2048 + 4);
1459
1460 /* Size of buffer, not including 2 byte size field */
1461 cpu_to_be16wu((uint16_t *)buf, 16 + 2);
1462
1463 /* data written + 4 byte header */
1464 return (16 + 4);
1465
1466 default: /* TODO: formats beyond DVD-ROM requires */
1467 return -ASC_INV_FIELD_IN_CMD_PACKET;
1468 }
1469}
1470
5391d806
FB		 1471static void ide_atapi_cmd(IDEState *s)
1472{
1473 const uint8_t *packet;
1474 uint8_t *buf;
1475 int max_len;
1476
1477 packet = s->io_buffer;
1478 buf = s->io_buffer;
1479#ifdef DEBUG_IDE_ATAPI
1480 {
1481 int i;
1482 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1483 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1484 printf(" %02x", packet[i]);
1485 }
1486 printf("\n");
1487 }
1488#endif
1489 switch(s->io_buffer[0]) {
1490 case GPCMD_TEST_UNIT_READY:
caed8802 1491 if (bdrv_is_inserted(s->bs)) {
5391d806
FB		 1492 ide_atapi_cmd_ok(s);
1493 } else {
5fafdf24 1494 ide_atapi_cmd_error(s, SENSE_NOT_READY,
5391d806
FB		 1495 ASC_MEDIUM_NOT_PRESENT);
1496 }
1497 break;
d14049ea 1498 case GPCMD_MODE_SENSE_6:
5391d806
FB		 1499 case GPCMD_MODE_SENSE_10:
1500 {
1501 int action, code;
d14049ea
TS		 1502 if (packet[0] == GPCMD_MODE_SENSE_10)
1503 max_len = ube16_to_cpu(packet + 7);
1504 else
1505 max_len = packet[4];
5391d806
FB		 1506 action = packet[2] >> 6;
1507 code = packet[2] & 0x3f;
1508 switch(action) {
1509 case 0: /* current values */
1510 switch(code) {
1511 case 0x01: /* error recovery */
1512 cpu_to_ube16(&buf[0], 16 + 6);
1513 buf[2] = 0x70;
1514 buf[3] = 0;
1515 buf[4] = 0;
1516 buf[5] = 0;
1517 buf[6] = 0;
1518 buf[7] = 0;
1519
1520 buf[8] = 0x01;
1521 buf[9] = 0x06;
1522 buf[10] = 0x00;
1523 buf[11] = 0x05;
1524 buf[12] = 0x00;
1525 buf[13] = 0x00;
1526 buf[14] = 0x00;
1527 buf[15] = 0x00;
1528 ide_atapi_cmd_reply(s, 16, max_len);
1529 break;
1530 case 0x2a:
1531 cpu_to_ube16(&buf[0], 28 + 6);
1532 buf[2] = 0x70;
1533 buf[3] = 0;
1534 buf[4] = 0;
1535 buf[5] = 0;
1536 buf[6] = 0;
1537 buf[7] = 0;
1538
1539 buf[8] = 0x2a;
1540 buf[9] = 0x12;
0d4a05a1 1541 buf[10] = 0x00;
5391d806 1542 buf[11] = 0x00;
3b46e624 1543
5391d806
FB		 1544 buf[12] = 0x70;
1545 buf[13] = 3 << 5;
1546 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
caed8802 1547 if (bdrv_is_locked(s->bs))
5391d806
FB		 1548 buf[6] |= 1 << 1;
1549 buf[15] = 0x00;
1550 cpu_to_ube16(&buf[16], 706);
1551 buf[18] = 0;
1552 buf[19] = 2;
1553 cpu_to_ube16(&buf[20], 512);
1554 cpu_to_ube16(&buf[22], 706);
1555 buf[24] = 0;
1556 buf[25] = 0;
1557 buf[26] = 0;
1558 buf[27] = 0;
1559 ide_atapi_cmd_reply(s, 28, max_len);
1560 break;
1561 default:
1562 goto error_cmd;
1563 }
1564 break;
1565 case 1: /* changeable values */
1566 goto error_cmd;
1567 case 2: /* default values */
1568 goto error_cmd;
1569 default:
1570 case 3: /* saved values */
5fafdf24 1571 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
5391d806
FB		 1572 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1573 break;
1574 }
1575 }
1576 break;
1577 case GPCMD_REQUEST_SENSE:
1578 max_len = packet[4];
1579 memset(buf, 0, 18);
1580 buf[0] = 0x70 | (1 << 7);
1581 buf[2] = s->sense_key;
1582 buf[7] = 10;
1583 buf[12] = s->asc;
1584 ide_atapi_cmd_reply(s, 18, max_len);
1585 break;
1586 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
caed8802
FB		 1587 if (bdrv_is_inserted(s->bs)) {
1588 bdrv_set_locked(s->bs, packet[4] & 1);
5391d806
FB		 1589 ide_atapi_cmd_ok(s);
1590 } else {
5fafdf24 1591 ide_atapi_cmd_error(s, SENSE_NOT_READY,
5391d806
FB		 1592 ASC_MEDIUM_NOT_PRESENT);
1593 }
1594 break;
1595 case GPCMD_READ_10:
1596 case GPCMD_READ_12:
1597 {
1598 int nb_sectors, lba;
1599
5391d806
FB		 1600 if (packet[0] == GPCMD_READ_10)
1601 nb_sectors = ube16_to_cpu(packet + 7);
1602 else
1603 nb_sectors = ube32_to_cpu(packet + 6);
1604 lba = ube32_to_cpu(packet + 2);
1605 if (nb_sectors == 0) {
1606 ide_atapi_cmd_ok(s);
1607 break;
1608 }
98087450
FB		 1609 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1610 }
1611 break;
1612 case GPCMD_READ_CD:
1613 {
1614 int nb_sectors, lba, transfer_request;
1615
98087450
FB		 1616 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1617 lba = ube32_to_cpu(packet + 2);
1618 if (nb_sectors == 0) {
1619 ide_atapi_cmd_ok(s);
1620 break;
1621 }
98087450
FB		 1622 transfer_request = packet[9];
1623 switch(transfer_request & 0xf8) {
1624 case 0x00:
1625 /* nothing */
1626 ide_atapi_cmd_ok(s);
1627 break;
1628 case 0x10:
1629 /* normal read */
1630 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1631 break;
1632 case 0xf8:
1633 /* read all data */
1634 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1635 break;
1636 default:
5fafdf24 1637 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
98087450
FB		 1638 ASC_INV_FIELD_IN_CMD_PACKET);
1639 break;
1640 }
5391d806
FB		 1641 }
1642 break;
1643 case GPCMD_SEEK:
1644 {
96b8f136
TS		 1645 unsigned int lba;
1646 uint64_t total_sectors;
66c6ef76
FB		 1647
1648 bdrv_get_geometry(s->bs, &total_sectors);
1649 total_sectors >>= 2;
96b8f136 1650 if (total_sectors == 0) {
5fafdf24 1651 ide_atapi_cmd_error(s, SENSE_NOT_READY,
5391d806
FB		 1652 ASC_MEDIUM_NOT_PRESENT);
1653 break;
1654 }
1655 lba = ube32_to_cpu(packet + 2);
66c6ef76 1656 if (lba >= total_sectors) {
5fafdf24 1657 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
5391d806
FB		 1658 ASC_LOGICAL_BLOCK_OOR);
1659 break;
1660 }
1661 ide_atapi_cmd_ok(s);
1662 }
1663 break;
1664 case GPCMD_START_STOP_UNIT:
1665 {
1666 int start, eject;
1667 start = packet[4] & 1;
1668 eject = (packet[4] >> 1) & 1;
3b46e624 1669
caed8802
FB		 1670 if (eject && !start) {
1671 /* eject the disk */
66c6ef76
FB		 1672 bdrv_eject(s->bs, 1);
1673 } else if (eject && start) {
1674 /* close the tray */
1675 bdrv_eject(s->bs, 0);
caed8802 1676 }
5391d806
FB		 1677 ide_atapi_cmd_ok(s);
1678 }
1679 break;
1680 case GPCMD_MECHANISM_STATUS:
1681 {
1682 max_len = ube16_to_cpu(packet + 8);
1683 cpu_to_ube16(buf, 0);
1684 /* no current LBA */
1685 buf[2] = 0;
1686 buf[3] = 0;
1687 buf[4] = 0;
1688 buf[5] = 1;
1689 cpu_to_ube16(buf + 6, 0);
1690 ide_atapi_cmd_reply(s, 8, max_len);
1691 }
1692 break;
1693 case GPCMD_READ_TOC_PMA_ATIP:
1694 {
1695 int format, msf, start_track, len;
96b8f136 1696 uint64_t total_sectors;
5391d806 1697
66c6ef76
FB		 1698 bdrv_get_geometry(s->bs, &total_sectors);
1699 total_sectors >>= 2;
96b8f136 1700 if (total_sectors == 0) {
5fafdf24 1701 ide_atapi_cmd_error(s, SENSE_NOT_READY,
5391d806
FB		 1702 ASC_MEDIUM_NOT_PRESENT);
1703 break;
1704 }
1705 max_len = ube16_to_cpu(packet + 7);
1706 format = packet[9] >> 6;
1707 msf = (packet[1] >> 1) & 1;
1708 start_track = packet[6];
1709 switch(format) {
1710 case 0:
66c6ef76 1711 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
5391d806
FB		 1712 if (len < 0)
1713 goto error_cmd;
1714 ide_atapi_cmd_reply(s, len, max_len);
1715 break;
1716 case 1:
1717 /* multi session : only a single session defined */
1718 memset(buf, 0, 12);
1719 buf[1] = 0x0a;
1720 buf[2] = 0x01;
1721 buf[3] = 0x01;
1722 ide_atapi_cmd_reply(s, 12, max_len);
1723 break;
98087450 1724 case 2:
66c6ef76 1725 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
98087450
FB		 1726 if (len < 0)
1727 goto error_cmd;
1728 ide_atapi_cmd_reply(s, len, max_len);
1729 break;
5391d806 1730 default:
7f777bf3 1731 error_cmd:
5fafdf24 1732 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
7f777bf3
FB		 1733 ASC_INV_FIELD_IN_CMD_PACKET);
1734 break;
5391d806
FB		 1735 }
1736 }
1737 break;
1738 case GPCMD_READ_CDVD_CAPACITY:
66c6ef76 1739 {
96b8f136 1740 uint64_t total_sectors;
66c6ef76
FB		 1741
1742 bdrv_get_geometry(s->bs, &total_sectors);
1743 total_sectors >>= 2;
96b8f136 1744 if (total_sectors == 0) {
5fafdf24 1745 ide_atapi_cmd_error(s, SENSE_NOT_READY,
66c6ef76
FB		 1746 ASC_MEDIUM_NOT_PRESENT);
1747 break;
1748 }
1749 /* NOTE: it is really the number of sectors minus 1 */
1750 cpu_to_ube32(buf, total_sectors - 1);
1751 cpu_to_ube32(buf + 4, 2048);
1752 ide_atapi_cmd_reply(s, 8, 8);
5391d806 1753 }
5391d806 1754 break;
d14049ea
TS		 1755 case GPCMD_READ_DVD_STRUCTURE:
1756 {
1757 int media = packet[1];
8114e9e8
TS		 1758 int format = packet[7];
1759 int ret;
d14049ea 1760
8114e9e8 1761 max_len = ube16_to_cpu(packet + 8);
d14049ea 1762
8114e9e8
TS		 1763 if (format < 0xff) {
1764 if (media_is_cd(s)) {
1765 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1766 ASC_INCOMPATIBLE_FORMAT);
1767 break;
1768 } else if (!media_present(s)) {
1769 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1770 ASC_INV_FIELD_IN_CMD_PACKET);
1771 break;
1772 }
1773 }
d14049ea 1774
8114e9e8
TS		 1775 memset(buf, 0, max_len > IDE_DMA_BUF_SECTORS * 512 + 4 ?
1776 IDE_DMA_BUF_SECTORS * 512 + 4 : max_len);
d14049ea 1777
8114e9e8
TS		 1778 switch (format) {
1779 case 0x00 ... 0x7f:
1780 case 0xff:
1781 if (media == 0) {
1782 ret = ide_dvd_read_structure(s, format, packet, buf);
d14049ea 1783
8114e9e8
TS		 1784 if (ret < 0)
1785 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, -ret);
1786 else
1787 ide_atapi_cmd_reply(s, ret, max_len);
d14049ea 1788
8114e9e8
TS		 1789 break;
1790 }
1791 /* TODO: BD support, fall through for now */
1792
1793 /* Generic disk structures */
1794 case 0x80: /* TODO: AACS volume identifier */
1795 case 0x81: /* TODO: AACS media serial number */
1796 case 0x82: /* TODO: AACS media identifier */
1797 case 0x83: /* TODO: AACS media key block */
1798 case 0x90: /* TODO: List of recognized format layers */
1799 case 0xc0: /* TODO: Write protection status */
d14049ea
TS		 1800 default:
1801 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1802 ASC_INV_FIELD_IN_CMD_PACKET);
1803 break;
1804 }
1805 }
1806 break;
1807 case GPCMD_SET_SPEED:
1808 ide_atapi_cmd_ok(s);
1809 break;
bd0d90b2
FB		 1810 case GPCMD_INQUIRY:
1811 max_len = packet[4];
1812 buf[0] = 0x05; /* CD-ROM */
1813 buf[1] = 0x80; /* removable */
1814 buf[2] = 0x00; /* ISO */
1815 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
aa1f17c1 1816 buf[4] = 31; /* additional length */
bd0d90b2
FB		 1817 buf[5] = 0; /* reserved */
1818 buf[6] = 0; /* reserved */
1819 buf[7] = 0; /* reserved */
1820 padstr8(buf + 8, 8, "QEMU");
38cdea7c 1821 padstr8(buf + 16, 16, "QEMU DVD-ROM");
bd0d90b2
FB		 1822 padstr8(buf + 32, 4, QEMU_VERSION);
1823 ide_atapi_cmd_reply(s, 36, max_len);
1824 break;
d14049ea
TS		 1825 case GPCMD_GET_CONFIGURATION:
1826 {
38cdea7c 1827 uint32_t len;
091d055b 1828 uint8_t index = 0;
d14049ea
TS		 1829
1830 /* only feature 0 is supported */
1831 if (packet[2] != 0 || packet[3] != 0) {
1832 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1833 ASC_INV_FIELD_IN_CMD_PACKET);
1834 break;
1835 }
38cdea7c
AZ		 1836
1837 /* XXX: could result in alignment problems in some architectures */
1838 max_len = ube16_to_cpu(packet + 7);
091d055b 1839
38cdea7c 1840 /*
091d055b
AZ		 1841 * XXX: avoid overflow for io_buffer if max_len is bigger than
1842 * the size of that buffer (dimensioned to max number of
1843 * sectors to transfer at once)
38cdea7c 1844 *
091d055b 1845 * Only a problem if the feature/profiles grow.
38cdea7c
AZ		 1846 */
1847 if (max_len > 512) /* XXX: assume 1 sector */
1848 max_len = 512;
1849
1850 memset(buf, 0, max_len);
1851 /*
1852 * the number of sectors from the media tells us which profile
1853 * to use as current. 0 means there is no media
38cdea7c 1854 */
8114e9e8
TS		 1855 if (media_is_dvd(s))
1856 cpu_to_ube16(buf + 6, MMC_PROFILE_DVD_ROM);
1857 else if (media_is_cd(s))
1858 cpu_to_ube16(buf + 6, MMC_PROFILE_CD_ROM);
38cdea7c 1859
091d055b
AZ		 1860 buf[10] = 0x02 | 0x01; /* persistent and current */
1861 len = 12; /* headers: 8 + 4 */
1862 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_DVD_ROM);
1863 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_CD_ROM);
38cdea7c
AZ		 1864 cpu_to_ube32(buf, len - 4); /* data length */
1865
1866 ide_atapi_cmd_reply(s, len, max_len);
d14049ea
TS		 1867 break;
1868 }
5391d806 1869 default:
5fafdf24 1870 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
7f777bf3 1871 ASC_ILLEGAL_OPCODE);
5391d806
FB		 1872 break;
1873 }
1874}
1875
201a51fc
AZ		 1876static void ide_cfata_metadata_inquiry(IDEState *s)
1877{
1878 uint16_t *p;
1879 uint32_t spd;
1880
1881 p = (uint16_t *) s->io_buffer;
1882 memset(p, 0, 0x200);
1883 spd = ((s->mdata_size - 1) >> 9) + 1;
1884
1885 put_le16(p + 0, 0x0001); /* Data format revision */
1886 put_le16(p + 1, 0x0000); /* Media property: silicon */
1887 put_le16(p + 2, s->media_changed); /* Media status */
1888 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
1889 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
1890 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
1891 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
1892}
1893
1894static void ide_cfata_metadata_read(IDEState *s)
1895{
1896 uint16_t *p;
1897
1898 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1899 s->status = ERR_STAT;
1900 s->error = ABRT_ERR;
1901 return;
1902 }
1903
1904 p = (uint16_t *) s->io_buffer;
1905 memset(p, 0, 0x200);
1906
1907 put_le16(p + 0, s->media_changed); /* Media status */
1908 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1909 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1910 s->nsector << 9), 0x200 - 2));
1911}
1912
1913static void ide_cfata_metadata_write(IDEState *s)
1914{
1915 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1916 s->status = ERR_STAT;
1917 s->error = ABRT_ERR;
1918 return;
1919 }
1920
1921 s->media_changed = 0;
1922
1923 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1924 s->io_buffer + 2,
1925 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1926 s->nsector << 9), 0x200 - 2));
1927}
1928
bd491d6a
TS		 1929/* called when the inserted state of the media has changed */
1930static void cdrom_change_cb(void *opaque)
1931{
1932 IDEState *s = opaque;
96b8f136 1933 uint64_t nb_sectors;
bd491d6a
TS		 1934
1935 /* XXX: send interrupt too */
1936 bdrv_get_geometry(s->bs, &nb_sectors);
1937 s->nb_sectors = nb_sectors;
1938}
1939
c2ff060f
FB		 1940static void ide_cmd_lba48_transform(IDEState *s, int lba48)
1941{
1942 s->lba48 = lba48;
1943
1944 /* handle the 'magic' 0 nsector count conversion here. to avoid
1945 * fiddling with the rest of the read logic, we just store the
1946 * full sector count in ->nsector and ignore ->hob_nsector from now
1947 */
1948 if (!s->lba48) {
1949 if (!s->nsector)
1950 s->nsector = 256;
1951 } else {
1952 if (!s->nsector && !s->hob_nsector)
1953 s->nsector = 65536;
1954 else {
1955 int lo = s->nsector;
1956 int hi = s->hob_nsector;
1957
1958 s->nsector = (hi << 8) | lo;
1959 }
1960 }
1961}
1962
1963static void ide_clear_hob(IDEState *ide_if)
1964{
1965 /* any write clears HOB high bit of device control register */
1966 ide_if[0].select &= ~(1 << 7);
1967 ide_if[1].select &= ~(1 << 7);
1968}
1969
caed8802
FB		 1970static void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
1971{
1972 IDEState *ide_if = opaque;
c45c3d00 1973 IDEState *s;
5391d806 1974 int unit, n;
c2ff060f 1975 int lba48 = 0;
5391d806
FB		 1976
1977#ifdef DEBUG_IDE
1978 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1979#endif
c2ff060f 1980
5391d806
FB		 1981 addr &= 7;
1982 switch(addr) {
1983 case 0:
1984 break;
1985 case 1:
c2ff060f 1986 ide_clear_hob(ide_if);
c45c3d00 1987 /* NOTE: data is written to the two drives */
c2ff060f
FB		 1988 ide_if[0].hob_feature = ide_if[0].feature;
1989 ide_if[1].hob_feature = ide_if[1].feature;
c45c3d00
FB		 1990 ide_if[0].feature = val;
1991 ide_if[1].feature = val;
5391d806
FB		 1992 break;
1993 case 2:
c2ff060f
FB		 1994 ide_clear_hob(ide_if);
1995 ide_if[0].hob_nsector = ide_if[0].nsector;
1996 ide_if[1].hob_nsector = ide_if[1].nsector;
c45c3d00
FB		 1997 ide_if[0].nsector = val;
1998 ide_if[1].nsector = val;
5391d806
FB		 1999 break;
2000 case 3:
c2ff060f
FB		 2001 ide_clear_hob(ide_if);
2002 ide_if[0].hob_sector = ide_if[0].sector;
2003 ide_if[1].hob_sector = ide_if[1].sector;
c45c3d00
FB		 2004 ide_if[0].sector = val;
2005 ide_if[1].sector = val;
5391d806
FB		 2006 break;
2007 case 4:
c2ff060f
FB		 2008 ide_clear_hob(ide_if);
2009 ide_if[0].hob_lcyl = ide_if[0].lcyl;
2010 ide_if[1].hob_lcyl = ide_if[1].lcyl;
c45c3d00
FB		 2011 ide_if[0].lcyl = val;
2012 ide_if[1].lcyl = val;
5391d806
FB		 2013 break;
2014 case 5:
c2ff060f
FB		 2015 ide_clear_hob(ide_if);
2016 ide_if[0].hob_hcyl = ide_if[0].hcyl;
2017 ide_if[1].hob_hcyl = ide_if[1].hcyl;
c45c3d00
FB		 2018 ide_if[0].hcyl = val;
2019 ide_if[1].hcyl = val;
5391d806
FB		 2020 break;
2021 case 6:
c2ff060f 2022 /* FIXME: HOB readback uses bit 7 */
7ae98627
FB		 2023 ide_if[0].select = (val & ~0x10) | 0xa0;
2024 ide_if[1].select = (val | 0x10) | 0xa0;
5391d806
FB		 2025 /* select drive */
2026 unit = (val >> 4) & 1;
2027 s = ide_if + unit;
2028 ide_if->cur_drive = s;
5391d806
FB		 2029 break;
2030 default:
2031 case 7:
2032 /* command */
2033#if defined(DEBUG_IDE)
2034 printf("ide: CMD=%02x\n", val);
2035#endif
c45c3d00 2036 s = ide_if->cur_drive;
66201e2d 2037 /* ignore commands to non existant slave */
5fafdf24 2038 if (s != ide_if && !s->bs)
66201e2d 2039 break;
c2ff060f 2040
5391d806
FB		 2041 switch(val) {
2042 case WIN_IDENTIFY:
2043 if (s->bs && !s->is_cdrom) {
201a51fc
AZ		 2044 if (!s->is_cf)
2045 ide_identify(s);
2046 else
2047 ide_cfata_identify(s);
2a282056 2048 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 2049 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2050 } else {
2051 if (s->is_cdrom) {
2052 ide_set_signature(s);
2053 }
2054 ide_abort_command(s);
2055 }
2056 ide_set_irq(s);
2057 break;
2058 case WIN_SPECIFY:
2059 case WIN_RECAL:
a136e5a8 2060 s->error = 0;
769bec72 2061 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 2062 ide_set_irq(s);
2063 break;
2064 case WIN_SETMULT:
201a51fc
AZ		 2065 if (s->is_cf && s->nsector == 0) {
2066 /* Disable Read and Write Multiple */
2067 s->mult_sectors = 0;
2068 s->status = READY_STAT;
2069 } else if ((s->nsector & 0xff) != 0 &&
39dfc926
TS		 2070 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
2071 (s->nsector & (s->nsector - 1)) != 0)) {
5391d806
FB		 2072 ide_abort_command(s);
2073 } else {
292eef5a 2074 s->mult_sectors = s->nsector & 0xff;
5391d806
FB		 2075 s->status = READY_STAT;
2076 }
2077 ide_set_irq(s);
2078 break;
c2ff060f
FB		 2079 case WIN_VERIFY_EXT:
2080 lba48 = 1;
4ce900b4
FB		 2081 case WIN_VERIFY:
2082 case WIN_VERIFY_ONCE:
2083 /* do sector number check ? */
c2ff060f 2084 ide_cmd_lba48_transform(s, lba48);
4ce900b4
FB		 2085 s->status = READY_STAT;
2086 ide_set_irq(s);
2087 break;
c2ff060f
FB		 2088 case WIN_READ_EXT:
2089 lba48 = 1;
5391d806
FB		 2090 case WIN_READ:
2091 case WIN_READ_ONCE:
5fafdf24 2092 if (!s->bs)
6b136f9e 2093 goto abort_cmd;
c2ff060f 2094 ide_cmd_lba48_transform(s, lba48);
5391d806
FB		 2095 s->req_nb_sectors = 1;
2096 ide_sector_read(s);
2097 break;
c2ff060f
FB		 2098 case WIN_WRITE_EXT:
2099 lba48 = 1;
5391d806
FB		 2100 case WIN_WRITE:
2101 case WIN_WRITE_ONCE:
201a51fc
AZ		 2102 case CFA_WRITE_SECT_WO_ERASE:
2103 case WIN_WRITE_VERIFY:
c2ff060f 2104 ide_cmd_lba48_transform(s, lba48);
a136e5a8 2105 s->error = 0;
f66723fa 2106 s->status = SEEK_STAT | READY_STAT;
5391d806
FB		 2107 s->req_nb_sectors = 1;
2108 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
201a51fc 2109 s->media_changed = 1;
5391d806 2110 break;
c2ff060f
FB		 2111 case WIN_MULTREAD_EXT:
2112 lba48 = 1;
5391d806
FB		 2113 case WIN_MULTREAD:
2114 if (!s->mult_sectors)
2115 goto abort_cmd;
c2ff060f 2116 ide_cmd_lba48_transform(s, lba48);
5391d806
FB		 2117 s->req_nb_sectors = s->mult_sectors;
2118 ide_sector_read(s);
2119 break;
c2ff060f
FB		 2120 case WIN_MULTWRITE_EXT:
2121 lba48 = 1;
5391d806 2122 case WIN_MULTWRITE:
201a51fc 2123 case CFA_WRITE_MULTI_WO_ERASE:
5391d806
FB		 2124 if (!s->mult_sectors)
2125 goto abort_cmd;
c2ff060f 2126 ide_cmd_lba48_transform(s, lba48);
a136e5a8 2127 s->error = 0;
f66723fa 2128 s->status = SEEK_STAT | READY_STAT;
5391d806
FB		 2129 s->req_nb_sectors = s->mult_sectors;
2130 n = s->nsector;
2131 if (n > s->req_nb_sectors)
2132 n = s->req_nb_sectors;
2133 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
201a51fc 2134 s->media_changed = 1;
5391d806 2135 break;
c2ff060f
FB		 2136 case WIN_READDMA_EXT:
2137 lba48 = 1;
98087450
FB		 2138 case WIN_READDMA:
2139 case WIN_READDMA_ONCE:
5fafdf24 2140 if (!s->bs)
98087450 2141 goto abort_cmd;
c2ff060f 2142 ide_cmd_lba48_transform(s, lba48);
98087450
FB		 2143 ide_sector_read_dma(s);
2144 break;
c2ff060f
FB		 2145 case WIN_WRITEDMA_EXT:
2146 lba48 = 1;
98087450
FB		 2147 case WIN_WRITEDMA:
2148 case WIN_WRITEDMA_ONCE:
5fafdf24 2149 if (!s->bs)
98087450 2150 goto abort_cmd;
c2ff060f 2151 ide_cmd_lba48_transform(s, lba48);
98087450 2152 ide_sector_write_dma(s);
201a51fc 2153 s->media_changed = 1;
98087450 2154 break;
c2ff060f
FB		 2155 case WIN_READ_NATIVE_MAX_EXT:
2156 lba48 = 1;
5391d806 2157 case WIN_READ_NATIVE_MAX:
c2ff060f 2158 ide_cmd_lba48_transform(s, lba48);
5391d806
FB		 2159 ide_set_sector(s, s->nb_sectors - 1);
2160 s->status = READY_STAT;
2161 ide_set_irq(s);
2162 break;
a136e5a8 2163 case WIN_CHECKPOWERMODE1:
201a51fc 2164 case WIN_CHECKPOWERMODE2:
a136e5a8
FB		 2165 s->nsector = 0xff; /* device active or idle */
2166 s->status = READY_STAT;
2167 ide_set_irq(s);
2168 break;
34e538ae
FB		 2169 case WIN_SETFEATURES:
2170 if (!s->bs)
2171 goto abort_cmd;
2172 /* XXX: valid for CDROM ? */
2173 switch(s->feature) {
e1f63470
TS		 2174 case 0xcc: /* reverting to power-on defaults enable */
2175 case 0x66: /* reverting to power-on defaults disable */
34e538ae
FB		 2176 case 0x02: /* write cache enable */
2177 case 0x82: /* write cache disable */
2178 case 0xaa: /* read look-ahead enable */
2179 case 0x55: /* read look-ahead disable */
201a51fc
AZ		 2180 case 0x05: /* set advanced power management mode */
2181 case 0x85: /* disable advanced power management mode */
2182 case 0x69: /* NOP */
2183 case 0x67: /* NOP */
2184 case 0x96: /* NOP */
2185 case 0x9a: /* NOP */
c3e88d8c
TS		 2186 case 0x42: /* enable Automatic Acoustic Mode */
2187 case 0xc2: /* disable Automatic Acoustic Mode */
e0fe67aa 2188 s->status = READY_STAT | SEEK_STAT;
34e538ae
FB		 2189 ide_set_irq(s);
2190 break;
94458802
FB		 2191 case 0x03: { /* set transfer mode */
2192 uint8_t val = s->nsector & 0x07;
2193
2194 switch (s->nsector >> 3) {
2195 case 0x00: /* pio default */
2196 case 0x01: /* pio mode */
2197 put_le16(s->identify_data + 63,0x07);
2198 put_le16(s->identify_data + 88,0x3f);
2199 break;
2200 case 0x04: /* mdma mode */
2201 put_le16(s->identify_data + 63,0x07 | (1 << (val + 8)));
2202 put_le16(s->identify_data + 88,0x3f);
2203 break;
2204 case 0x08: /* udma mode */
2205 put_le16(s->identify_data + 63,0x07);
2206 put_le16(s->identify_data + 88,0x3f | (1 << (val + 8)));
2207 break;
2208 default:
2209 goto abort_cmd;
2210 }
2211 s->status = READY_STAT | SEEK_STAT;
2212 ide_set_irq(s);
2213 break;
2214 }
34e538ae
FB		 2215 default:
2216 goto abort_cmd;
2217 }
2218 break;
c2ff060f
FB		 2219 case WIN_FLUSH_CACHE:
2220 case WIN_FLUSH_CACHE_EXT:
7a6cba61
PB		 2221 if (s->bs)
2222 bdrv_flush(s->bs);
2223 s->status = READY_STAT;
2224 ide_set_irq(s);
2225 break;
c3e88d8c
TS		 2226 case WIN_STANDBY:
2227 case WIN_STANDBY2:
2228 case WIN_STANDBYNOW1:
201a51fc 2229 case WIN_STANDBYNOW2:
c451ee71 2230 case WIN_IDLEIMMEDIATE:
201a51fc
AZ		 2231 case CFA_IDLEIMMEDIATE:
2232 case WIN_SETIDLE1:
2233 case WIN_SETIDLE2:
c3e88d8c
TS		 2234 case WIN_SLEEPNOW1:
2235 case WIN_SLEEPNOW2:
2236 s->status = READY_STAT;
a7dfe172
FB		 2237 ide_set_irq(s);
2238 break;
5391d806
FB		 2239 /* ATAPI commands */
2240 case WIN_PIDENTIFY:
2241 if (s->is_cdrom) {
2242 ide_atapi_identify(s);
1298fe63 2243 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 2244 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2245 } else {
2246 ide_abort_command(s);
2247 }
2248 ide_set_irq(s);
2249 break;
c451ee71
FB		 2250 case WIN_DIAGNOSE:
2251 ide_set_signature(s);
38453b93 2252 s->status = READY_STAT;
c451ee71 2253 s->error = 0x01;
f5fdd0a8 2254 ide_set_irq(s);
c451ee71 2255 break;
5391d806
FB		 2256 case WIN_SRST:
2257 if (!s->is_cdrom)
2258 goto abort_cmd;
2259 ide_set_signature(s);
6b136f9e 2260 s->status = 0x00; /* NOTE: READY is _not_ set */
5391d806
FB		 2261 s->error = 0x01;
2262 break;
2263 case WIN_PACKETCMD:
2264 if (!s->is_cdrom)
2265 goto abort_cmd;
98087450
FB		 2266 /* overlapping commands not supported */
2267 if (s->feature & 0x02)
5391d806 2268 goto abort_cmd;
7603d156 2269 s->status = READY_STAT;
98087450 2270 s->atapi_dma = s->feature & 1;
5391d806 2271 s->nsector = 1;
5fafdf24 2272 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
5391d806
FB		 2273 ide_atapi_cmd);
2274 break;
201a51fc
AZ		 2275 /* CF-ATA commands */
2276 case CFA_REQ_EXT_ERROR_CODE:
2277 if (!s->is_cf)
2278 goto abort_cmd;
2279 s->error = 0x09; /* miscellaneous error */
2280 s->status = READY_STAT;
2281 ide_set_irq(s);
2282 break;
2283 case CFA_ERASE_SECTORS:
2284 case CFA_WEAR_LEVEL:
2285 if (!s->is_cf)
2286 goto abort_cmd;
2287 if (val == CFA_WEAR_LEVEL)
2288 s->nsector = 0;
2289 if (val == CFA_ERASE_SECTORS)
2290 s->media_changed = 1;
2291 s->error = 0x00;
2292 s->status = READY_STAT;
2293 ide_set_irq(s);
2294 break;
2295 case CFA_TRANSLATE_SECTOR:
2296 if (!s->is_cf)
2297 goto abort_cmd;
2298 s->error = 0x00;
2299 s->status = READY_STAT;
2300 memset(s->io_buffer, 0, 0x200);
2301 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
2302 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
2303 s->io_buffer[0x02] = s->select; /* Head */
2304 s->io_buffer[0x03] = s->sector; /* Sector */
2305 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
2306 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
2307 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
2308 s->io_buffer[0x13] = 0x00; /* Erase flag */
2309 s->io_buffer[0x18] = 0x00; /* Hot count */
2310 s->io_buffer[0x19] = 0x00; /* Hot count */
2311 s->io_buffer[0x1a] = 0x01; /* Hot count */
2312 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2313 ide_set_irq(s);
2314 break;
2315 case CFA_ACCESS_METADATA_STORAGE:
2316 if (!s->is_cf)
2317 goto abort_cmd;
2318 switch (s->feature) {
2319 case 0x02: /* Inquiry Metadata Storage */
2320 ide_cfata_metadata_inquiry(s);
2321 break;
2322 case 0x03: /* Read Metadata Storage */
2323 ide_cfata_metadata_read(s);
2324 break;
2325 case 0x04: /* Write Metadata Storage */
2326 ide_cfata_metadata_write(s);
2327 break;
2328 default:
2329 goto abort_cmd;
2330 }
2331 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2332 s->status = 0x00; /* NOTE: READY is _not_ set */
2333 ide_set_irq(s);
2334 break;
2335 case IBM_SENSE_CONDITION:
2336 if (!s->is_cf)
2337 goto abort_cmd;
2338 switch (s->feature) {
2339 case 0x01: /* sense temperature in device */
2340 s->nsector = 0x50; /* +20 C */
2341 break;
2342 default:
2343 goto abort_cmd;
2344 }
2345 s->status = READY_STAT;
2346 ide_set_irq(s);
2347 break;
5391d806
FB		 2348 default:
2349 abort_cmd:
2350 ide_abort_command(s);
2351 ide_set_irq(s);
2352 break;
2353 }
2354 }
2355}
2356
caed8802 2357static uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
5391d806 2358{
7ae98627
FB		 2359 IDEState *ide_if = opaque;
2360 IDEState *s = ide_if->cur_drive;
5391d806 2361 uint32_t addr;
c2ff060f 2362 int ret, hob;
5391d806
FB		 2363
2364 addr = addr1 & 7;
c2ff060f
FB		 2365 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2366 //hob = s->select & (1 << 7);
2367 hob = 0;
5391d806
FB		 2368 switch(addr) {
2369 case 0:
2370 ret = 0xff;
2371 break;
2372 case 1:
7ae98627 2373 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00 2374 ret = 0;
c2ff060f 2375 else if (!hob)
c45c3d00 2376 ret = s->error;
c2ff060f
FB		 2377 else
2378 ret = s->hob_feature;
5391d806
FB		 2379 break;
2380 case 2:
7ae98627 2381 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00 2382 ret = 0;
c2ff060f 2383 else if (!hob)
c45c3d00 2384 ret = s->nsector & 0xff;
c2ff060f
FB		 2385 else
2386 ret = s->hob_nsector;
5391d806
FB		 2387 break;
2388 case 3:
7ae98627 2389 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00 2390 ret = 0;
c2ff060f 2391 else if (!hob)
c45c3d00 2392 ret = s->sector;
c2ff060f
FB		 2393 else
2394 ret = s->hob_sector;
5391d806
FB		 2395 break;
2396 case 4:
7ae98627 2397 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00 2398 ret = 0;
c2ff060f 2399 else if (!hob)
c45c3d00 2400 ret = s->lcyl;
c2ff060f
FB		 2401 else
2402 ret = s->hob_lcyl;
5391d806
FB		 2403 break;
2404 case 5:
7ae98627 2405 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00 2406 ret = 0;
c2ff060f 2407 else if (!hob)
c45c3d00 2408 ret = s->hcyl;
c2ff060f
FB		 2409 else
2410 ret = s->hob_hcyl;
5391d806
FB		 2411 break;
2412 case 6:
7ae98627 2413 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00
FB		 2414 ret = 0;
2415 else
7ae98627 2416 ret = s->select;
5391d806
FB		 2417 break;
2418 default:
2419 case 7:
66201e2d
FB		 2420 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2421 (s != ide_if && !s->bs))
c45c3d00
FB		 2422 ret = 0;
2423 else
2424 ret = s->status;
d537cf6c 2425 qemu_irq_lower(s->irq);
5391d806
FB		 2426 break;
2427 }
2428#ifdef DEBUG_IDE
2429 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
2430#endif
2431 return ret;
2432}
2433
caed8802 2434static uint32_t ide_status_read(void *opaque, uint32_t addr)
5391d806 2435{
7ae98627
FB		 2436 IDEState *ide_if = opaque;
2437 IDEState *s = ide_if->cur_drive;
5391d806 2438 int ret;
7ae98627 2439
66201e2d
FB		 2440 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2441 (s != ide_if && !s->bs))
7ae98627
FB		 2442 ret = 0;
2443 else
2444 ret = s->status;
5391d806
FB		 2445#ifdef DEBUG_IDE
2446 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
2447#endif
2448 return ret;
2449}
2450
caed8802 2451static void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
5391d806 2452{
caed8802 2453 IDEState *ide_if = opaque;
5391d806
FB		 2454 IDEState *s;
2455 int i;
2456
2457#ifdef DEBUG_IDE
2458 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
2459#endif
2460 /* common for both drives */
2461 if (!(ide_if[0].cmd & IDE_CMD_RESET) &&
2462 (val & IDE_CMD_RESET)) {
2463 /* reset low to high */
2464 for(i = 0;i < 2; i++) {
2465 s = &ide_if[i];
2466 s->status = BUSY_STAT | SEEK_STAT;
2467 s->error = 0x01;
2468 }
2469 } else if ((ide_if[0].cmd & IDE_CMD_RESET) &&
2470 !(val & IDE_CMD_RESET)) {
2471 /* high to low */
2472 for(i = 0;i < 2; i++) {
2473 s = &ide_if[i];
6b136f9e
FB		 2474 if (s->is_cdrom)
2475 s->status = 0x00; /* NOTE: READY is _not_ set */
2476 else
56bf1d37 2477 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 2478 ide_set_signature(s);
2479 }
2480 }
2481
2482 ide_if[0].cmd = val;
2483 ide_if[1].cmd = val;
2484}
2485
caed8802 2486static void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
5391d806 2487{
caed8802 2488 IDEState *s = ((IDEState *)opaque)->cur_drive;
5391d806
FB		 2489 uint8_t *p;
2490
2491 p = s->data_ptr;
0c4ad8dc 2492 *(uint16_t *)p = le16_to_cpu(val);
5391d806
FB		 2493 p += 2;
2494 s->data_ptr = p;
2495 if (p >= s->data_end)
2496 s->end_transfer_func(s);
2497}
2498
caed8802 2499static uint32_t ide_data_readw(void *opaque, uint32_t addr)
5391d806 2500{
caed8802 2501 IDEState *s = ((IDEState *)opaque)->cur_drive;
5391d806
FB		 2502 uint8_t *p;
2503 int ret;
2504 p = s->data_ptr;
0c4ad8dc 2505 ret = cpu_to_le16(*(uint16_t *)p);
5391d806
FB		 2506 p += 2;
2507 s->data_ptr = p;
2508 if (p >= s->data_end)
2509 s->end_transfer_func(s);
2510 return ret;
2511}
2512
caed8802 2513static void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
5391d806 2514{
caed8802 2515 IDEState *s = ((IDEState *)opaque)->cur_drive;
5391d806
FB		 2516 uint8_t *p;
2517
2518 p = s->data_ptr;
0c4ad8dc 2519 *(uint32_t *)p = le32_to_cpu(val);
5391d806
FB		 2520 p += 4;
2521 s->data_ptr = p;
2522 if (p >= s->data_end)
2523 s->end_transfer_func(s);
2524}
2525
caed8802 2526static uint32_t ide_data_readl(void *opaque, uint32_t addr)
5391d806 2527{
caed8802 2528 IDEState *s = ((IDEState *)opaque)->cur_drive;
5391d806
FB		 2529 uint8_t *p;
2530 int ret;
3b46e624 2531
5391d806 2532 p = s->data_ptr;
0c4ad8dc 2533 ret = cpu_to_le32(*(uint32_t *)p);
5391d806
FB		 2534 p += 4;
2535 s->data_ptr = p;
2536 if (p >= s->data_end)
2537 s->end_transfer_func(s);
2538 return ret;
2539}
2540
a7dfe172
FB		 2541static void ide_dummy_transfer_stop(IDEState *s)
2542{
2543 s->data_ptr = s->io_buffer;
2544 s->data_end = s->io_buffer;
2545 s->io_buffer[0] = 0xff;
2546 s->io_buffer[1] = 0xff;
2547 s->io_buffer[2] = 0xff;
2548 s->io_buffer[3] = 0xff;
2549}
2550
5391d806
FB		 2551static void ide_reset(IDEState *s)
2552{
201a51fc
AZ		 2553 if (s->is_cf)
2554 s->mult_sectors = 0;
2555 else
2556 s->mult_sectors = MAX_MULT_SECTORS;
5391d806
FB		 2557 s->cur_drive = s;
2558 s->select = 0xa0;
2559 s->status = READY_STAT;
2560 ide_set_signature(s);
a7dfe172
FB		 2561 /* init the transfer handler so that 0xffff is returned on data
2562 accesses */
2563 s->end_transfer_func = ide_dummy_transfer_stop;
2564 ide_dummy_transfer_stop(s);
201a51fc 2565 s->media_changed = 0;
5391d806
FB		 2566}
2567
2568struct partition {
2569 uint8_t boot_ind; /* 0x80 - active */
2570 uint8_t head; /* starting head */
2571 uint8_t sector; /* starting sector */
2572 uint8_t cyl; /* starting cylinder */
2573 uint8_t sys_ind; /* What partition type */
2574 uint8_t end_head; /* end head */
2575 uint8_t end_sector; /* end sector */
2576 uint8_t end_cyl; /* end cylinder */
2577 uint32_t start_sect; /* starting sector counting from 0 */
2578 uint32_t nr_sects; /* nr of sectors in partition */
2579} __attribute__((packed));
2580
bf1b938f 2581/* try to guess the disk logical geometry from the MSDOS partition table. Return 0 if OK, -1 if could not guess */
5fafdf24 2582static int guess_disk_lchs(IDEState *s,
bf1b938f 2583 int *pcylinders, int *pheads, int *psectors)
5391d806 2584{
c717d8bf 2585 uint8_t *buf = s->io_buffer;
46d4767d 2586 int ret, i, heads, sectors, cylinders;
5391d806
FB		 2587 struct partition *p;
2588 uint32_t nr_sects;
2589
5391d806 2590 ret = bdrv_read(s->bs, 0, buf, 1);
33f00271 2591 if (ret < 0) {
bf1b938f 2592 return -1;
33f00271 2593 }
5391d806 2594 /* test msdos magic */
33f00271 2595 if (buf[510] != 0x55 || buf[511] != 0xaa) {
bf1b938f 2596 return -1;
33f00271 2597 }
5391d806
FB		 2598 for(i = 0; i < 4; i++) {
2599 p = ((struct partition *)(buf + 0x1be)) + i;
0c4ad8dc 2600 nr_sects = le32_to_cpu(p->nr_sects);
5391d806
FB		 2601 if (nr_sects && p->end_head) {
2602 /* We make the assumption that the partition terminates on
2603 a cylinder boundary */
46d4767d 2604 heads = p->end_head + 1;
46d4767d
FB		 2605 sectors = p->end_sector & 63;
2606 if (sectors == 0)
2607 continue;
2608 cylinders = s->nb_sectors / (heads * sectors);
2609 if (cylinders < 1 || cylinders > 16383)
2610 continue;
bf1b938f
FB		 2611 *pheads = heads;
2612 *psectors = sectors;
2613 *pcylinders = cylinders;
5391d806 2614#if 0
5fafdf24 2615 printf("guessed geometry: LCHS=%d %d %d\n",
bf1b938f 2616 cylinders, heads, sectors);
5391d806 2617#endif
bf1b938f 2618 return 0;
5391d806
FB		 2619 }
2620 }
bf1b938f 2621 return -1;
5391d806
FB		 2622}
2623
5457c8ce
FB		 2624static void ide_init2(IDEState *ide_state,
2625 BlockDriverState *hd0, BlockDriverState *hd1,
d537cf6c 2626 qemu_irq irq)
5391d806 2627{
69b91039 2628 IDEState *s;
aedf5382 2629 static int drive_serial = 1;
4dbb0f50 2630 int i, cylinders, heads, secs, translation, lba_detected = 0;
96b8f136 2631 uint64_t nb_sectors;
5391d806 2632
caed8802
FB		 2633 for(i = 0; i < 2; i++) {
2634 s = ide_state + i;
1d8cde5b 2635 s->io_buffer = qemu_memalign(512, IDE_DMA_BUF_SECTORS*512 + 4);
caed8802
FB		 2636 if (i == 0)
2637 s->bs = hd0;
2638 else
2639 s->bs = hd1;
5391d806
FB		 2640 if (s->bs) {
2641 bdrv_get_geometry(s->bs, &nb_sectors);
2642 s->nb_sectors = nb_sectors;
caed8802
FB		 2643 /* if a geometry hint is available, use it */
2644 bdrv_get_geometry_hint(s->bs, &cylinders, &heads, &secs);
4dbb0f50 2645 translation = bdrv_get_translation_hint(s->bs);
caed8802 2646 if (cylinders != 0) {
5391d806 2647 s->cylinders = cylinders;
caed8802
FB		 2648 s->heads = heads;
2649 s->sectors = secs;
2650 } else {
bf1b938f
FB		 2651 if (guess_disk_lchs(s, &cylinders, &heads, &secs) == 0) {
2652 if (heads > 16) {
2653 /* if heads > 16, it means that a BIOS LBA
2654 translation was active, so the default
2655 hardware geometry is OK */
4dbb0f50 2656 lba_detected = 1;
bf1b938f
FB		 2657 goto default_geometry;
2658 } else {
2659 s->cylinders = cylinders;
2660 s->heads = heads;
2661 s->sectors = secs;
2662 /* disable any translation to be in sync with
2663 the logical geometry */
bf1b938f
FB		 2664 if (translation == BIOS_ATA_TRANSLATION_AUTO) {
2665 bdrv_set_translation_hint(s->bs,
2666 BIOS_ATA_TRANSLATION_NONE);
2667 }
2668 }
2669 } else {
2670 default_geometry:
46d4767d 2671 /* if no geometry, use a standard physical disk geometry */
caed8802
FB		 2672 cylinders = nb_sectors / (16 * 63);
2673 if (cylinders > 16383)
2674 cylinders = 16383;
2675 else if (cylinders < 2)
2676 cylinders = 2;
2677 s->cylinders = cylinders;
2678 s->heads = 16;
2679 s->sectors = 63;
4dbb0f50
TS		 2680 if ((lba_detected == 1) && (translation == BIOS_ATA_TRANSLATION_AUTO)) {
2681 if ((s->cylinders * s->heads) <= 131072) {
2682 bdrv_set_translation_hint(s->bs,
2683 BIOS_ATA_TRANSLATION_LARGE);
2684 } else {
2685 bdrv_set_translation_hint(s->bs,
2686 BIOS_ATA_TRANSLATION_LBA);
2687 }
2688 }
caed8802 2689 }
769bec72 2690 bdrv_set_geometry_hint(s->bs, s->cylinders, s->heads, s->sectors);
caed8802
FB		 2691 }
2692 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
2693 s->is_cdrom = 1;
bd491d6a 2694 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
5391d806
FB		 2695 }
2696 }
aedf5382 2697 s->drive_serial = drive_serial++;
caed8802 2698 s->irq = irq;
5fafdf24 2699 s->sector_write_timer = qemu_new_timer(vm_clock,
a09db21f 2700 ide_sector_write_timer_cb, s);
5391d806
FB		 2701 ide_reset(s);
2702 }
69b91039
FB		 2703}
2704
34e538ae 2705static void ide_init_ioport(IDEState *ide_state, int iobase, int iobase2)
69b91039 2706{
caed8802
FB		 2707 register_ioport_write(iobase, 8, 1, ide_ioport_write, ide_state);
2708 register_ioport_read(iobase, 8, 1, ide_ioport_read, ide_state);
2709 if (iobase2) {
2710 register_ioport_read(iobase2, 1, 1, ide_status_read, ide_state);
2711 register_ioport_write(iobase2, 1, 1, ide_cmd_write, ide_state);
5391d806 2712 }
3b46e624 2713
caed8802
FB		 2714 /* data ports */
2715 register_ioport_write(iobase, 2, 2, ide_data_writew, ide_state);
2716 register_ioport_read(iobase, 2, 2, ide_data_readw, ide_state);
2717 register_ioport_write(iobase, 4, 4, ide_data_writel, ide_state);
2718 register_ioport_read(iobase, 4, 4, ide_data_readl, ide_state);
5391d806 2719}
69b91039 2720
aa941b94
AZ		 2721/* save per IDE drive data */
2722static void ide_save(QEMUFile* f, IDEState *s)
2723{
bee8d684
TS		 2724 qemu_put_be32(f, s->mult_sectors);
2725 qemu_put_be32(f, s->identify_set);
aa941b94
AZ		 2726 if (s->identify_set) {
2727 qemu_put_buffer(f, (const uint8_t *)s->identify_data, 512);
2728 }
2729 qemu_put_8s(f, &s->feature);
2730 qemu_put_8s(f, &s->error);
2731 qemu_put_be32s(f, &s->nsector);
2732 qemu_put_8s(f, &s->sector);
2733 qemu_put_8s(f, &s->lcyl);
2734 qemu_put_8s(f, &s->hcyl);
2735 qemu_put_8s(f, &s->hob_feature);
2736 qemu_put_8s(f, &s->hob_nsector);
2737 qemu_put_8s(f, &s->hob_sector);
2738 qemu_put_8s(f, &s->hob_lcyl);
2739 qemu_put_8s(f, &s->hob_hcyl);
2740 qemu_put_8s(f, &s->select);
2741 qemu_put_8s(f, &s->status);
2742 qemu_put_8s(f, &s->lba48);
2743
2744 qemu_put_8s(f, &s->sense_key);
2745 qemu_put_8s(f, &s->asc);
2746 /* XXX: if a transfer is pending, we do not save it yet */
2747}
2748
2749/* load per IDE drive data */
2750static void ide_load(QEMUFile* f, IDEState *s)
2751{
bee8d684
TS		 2752 s->mult_sectors=qemu_get_be32(f);
2753 s->identify_set=qemu_get_be32(f);
aa941b94
AZ		 2754 if (s->identify_set) {
2755 qemu_get_buffer(f, (uint8_t *)s->identify_data, 512);
2756 }
2757 qemu_get_8s(f, &s->feature);
2758 qemu_get_8s(f, &s->error);
2759 qemu_get_be32s(f, &s->nsector);
2760 qemu_get_8s(f, &s->sector);
2761 qemu_get_8s(f, &s->lcyl);
2762 qemu_get_8s(f, &s->hcyl);
2763 qemu_get_8s(f, &s->hob_feature);
2764 qemu_get_8s(f, &s->hob_nsector);
2765 qemu_get_8s(f, &s->hob_sector);
2766 qemu_get_8s(f, &s->hob_lcyl);
2767 qemu_get_8s(f, &s->hob_hcyl);
2768 qemu_get_8s(f, &s->select);
2769 qemu_get_8s(f, &s->status);
2770 qemu_get_8s(f, &s->lba48);
2771
2772 qemu_get_8s(f, &s->sense_key);
2773 qemu_get_8s(f, &s->asc);
2774 /* XXX: if a transfer is pending, we do not save it yet */
2775}
2776
34e538ae
FB		 2777/***********************************************************/
2778/* ISA IDE definitions */
2779
d537cf6c 2780void isa_ide_init(int iobase, int iobase2, qemu_irq irq,
34e538ae
FB		 2781 BlockDriverState *hd0, BlockDriverState *hd1)
2782{
2783 IDEState *ide_state;
2784
2785 ide_state = qemu_mallocz(sizeof(IDEState) * 2);
2786 if (!ide_state)
2787 return;
3b46e624 2788
d537cf6c 2789 ide_init2(ide_state, hd0, hd1, irq);
34e538ae
FB		 2790 ide_init_ioport(ide_state, iobase, iobase2);
2791}
2792
69b91039
FB		 2793/***********************************************************/
2794/* PCI IDE definitions */
2795
5457c8ce
FB		 2796static void cmd646_update_irq(PCIIDEState *d);
2797
5fafdf24 2798static void ide_map(PCIDevice *pci_dev, int region_num,
69b91039
FB		 2799 uint32_t addr, uint32_t size, int type)
2800{
2801 PCIIDEState *d = (PCIIDEState *)pci_dev;
2802 IDEState *ide_state;
2803
2804 if (region_num <= 3) {
2805 ide_state = &d->ide_if[(region_num >> 1) * 2];
2806 if (region_num & 1) {
2807 register_ioport_read(addr + 2, 1, 1, ide_status_read, ide_state);
2808 register_ioport_write(addr + 2, 1, 1, ide_cmd_write, ide_state);
2809 } else {
2810 register_ioport_write(addr, 8, 1, ide_ioport_write, ide_state);
2811 register_ioport_read(addr, 8, 1, ide_ioport_read, ide_state);
2812
2813 /* data ports */
2814 register_ioport_write(addr, 2, 2, ide_data_writew, ide_state);
2815 register_ioport_read(addr, 2, 2, ide_data_readw, ide_state);
2816 register_ioport_write(addr, 4, 4, ide_data_writel, ide_state);
2817 register_ioport_read(addr, 4, 4, ide_data_readl, ide_state);
2818 }
2819 }
2820}
2821
8ccad811 2822static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb)
98087450
FB		 2823{
2824 BMDMAState *bm = s->bmdma;
2825 if(!bm)
2826 return;
2827 bm->ide_if = s;
2828 bm->dma_cb = dma_cb;
8ccad811
FB		 2829 bm->cur_prd_last = 0;
2830 bm->cur_prd_addr = 0;
2831 bm->cur_prd_len = 0;
98087450 2832 if (bm->status & BM_STATUS_DMAING) {
8ccad811 2833 bm->dma_cb(bm, 0);
98087450
FB		 2834 }
2835}
2836
98087450
FB		 2837static void bmdma_cmd_writeb(void *opaque, uint32_t addr, uint32_t val)
2838{
2839 BMDMAState *bm = opaque;
2840#ifdef DEBUG_IDE
2841 printf("%s: 0x%08x\n", __func__, val);
2842#endif
2843 if (!(val & BM_CMD_START)) {
2844 /* XXX: do it better */
8ccad811
FB		 2845 if (bm->status & BM_STATUS_DMAING) {
2846 bm->status &= ~BM_STATUS_DMAING;
2847 /* cancel DMA request */
2848 bm->ide_if = NULL;
2849 bm->dma_cb = NULL;
2850 if (bm->aiocb) {
2851#ifdef DEBUG_AIO
2852 printf("aio_cancel\n");
2853#endif
2854 bdrv_aio_cancel(bm->aiocb);
2855 bm->aiocb = NULL;
2856 }
2857 }
98087450
FB		 2858 bm->cmd = val & 0x09;
2859 } else {
8ccad811
FB		 2860 if (!(bm->status & BM_STATUS_DMAING)) {
2861 bm->status |= BM_STATUS_DMAING;
2862 /* start dma transfer if possible */
2863 if (bm->dma_cb)
2864 bm->dma_cb(bm, 0);
2865 }
98087450 2866 bm->cmd = val & 0x09;
98087450
FB		 2867 }
2868}
2869
5457c8ce 2870static uint32_t bmdma_readb(void *opaque, uint32_t addr)
98087450
FB		 2871{
2872 BMDMAState *bm = opaque;
5457c8ce 2873 PCIIDEState *pci_dev;
98087450 2874 uint32_t val;
3b46e624 2875
5457c8ce 2876 switch(addr & 3) {
5fafdf24 2877 case 0:
5457c8ce
FB		 2878 val = bm->cmd;
2879 break;
2880 case 1:
2881 pci_dev = bm->pci_dev;
2882 if (pci_dev->type == IDE_TYPE_CMD646) {
2883 val = pci_dev->dev.config[MRDMODE];
2884 } else {
2885 val = 0xff;
2886 }
2887 break;
2888 case 2:
2889 val = bm->status;
2890 break;
2891 case 3:
2892 pci_dev = bm->pci_dev;
2893 if (pci_dev->type == IDE_TYPE_CMD646) {
2894 if (bm == &pci_dev->bmdma[0])
2895 val = pci_dev->dev.config[UDIDETCR0];
2896 else
2897 val = pci_dev->dev.config[UDIDETCR1];
2898 } else {
2899 val = 0xff;
2900 }
2901 break;
2902 default:
2903 val = 0xff;
2904 break;
2905 }
98087450 2906#ifdef DEBUG_IDE
5457c8ce 2907 printf("bmdma: readb 0x%02x : 0x%02x\n", addr, val);
98087450
FB		 2908#endif
2909 return val;
2910}
2911
5457c8ce 2912static void bmdma_writeb(void *opaque, uint32_t addr, uint32_t val)
98087450
FB		 2913{
2914 BMDMAState *bm = opaque;
5457c8ce 2915 PCIIDEState *pci_dev;
98087450 2916#ifdef DEBUG_IDE
5457c8ce 2917 printf("bmdma: writeb 0x%02x : 0x%02x\n", addr, val);
98087450 2918#endif
5457c8ce
FB		 2919 switch(addr & 3) {
2920 case 1:
2921 pci_dev = bm->pci_dev;
2922 if (pci_dev->type == IDE_TYPE_CMD646) {
5fafdf24 2923 pci_dev->dev.config[MRDMODE] =
5457c8ce
FB		 2924 (pci_dev->dev.config[MRDMODE] & ~0x30) | (val & 0x30);
2925 cmd646_update_irq(pci_dev);
2926 }
2927 break;
2928 case 2:
2929 bm->status = (val & 0x60) | (bm->status & 1) | (bm->status & ~val & 0x06);
2930 break;
2931 case 3:
2932 pci_dev = bm->pci_dev;
2933 if (pci_dev->type == IDE_TYPE_CMD646) {
2934 if (bm == &pci_dev->bmdma[0])
2935 pci_dev->dev.config[UDIDETCR0] = val;
2936 else
2937 pci_dev->dev.config[UDIDETCR1] = val;
2938 }
2939 break;
2940 }
98087450
FB		 2941}
2942
5b9a1293
AJ		 2943static uint32_t bmdma_addr_readb(void *opaque, uint32_t addr)
2944{
2945 BMDMAState *bm = opaque;
2946 uint32_t val;
2947 val = (bm->addr >> ((addr & 3) * 8)) & 0xff;
2948#ifdef DEBUG_IDE
2949 printf("%s: 0x%08x\n", __func__, val);
2950#endif
2951 return val;
2952}
2953
2954static void bmdma_addr_writeb(void *opaque, uint32_t addr, uint32_t val)
2955{
2956 BMDMAState *bm = opaque;
2957 int shift = (addr & 3) * 8;
2958#ifdef DEBUG_IDE
2959 printf("%s: 0x%08x\n", __func__, val);
2960#endif
2961 bm->addr &= ~(0xFF << shift);
2962 bm->addr |= ((val & 0xFF) << shift) & ~3;
2963 bm->cur_addr = bm->addr;
2964}
2965
2966static uint32_t bmdma_addr_readw(void *opaque, uint32_t addr)
2967{
2968 BMDMAState *bm = opaque;
2969 uint32_t val;
2970 val = (bm->addr >> ((addr & 3) * 8)) & 0xffff;
2971#ifdef DEBUG_IDE
2972 printf("%s: 0x%08x\n", __func__, val);
2973#endif
2974 return val;
2975}
2976
2977static void bmdma_addr_writew(void *opaque, uint32_t addr, uint32_t val)
2978{
2979 BMDMAState *bm = opaque;
2980 int shift = (addr & 3) * 8;
2981#ifdef DEBUG_IDE
2982 printf("%s: 0x%08x\n", __func__, val);
2983#endif
2984 bm->addr &= ~(0xFFFF << shift);
2985 bm->addr |= ((val & 0xFFFF) << shift) & ~3;
2986 bm->cur_addr = bm->addr;
2987}
2988
98087450
FB		 2989static uint32_t bmdma_addr_readl(void *opaque, uint32_t addr)
2990{
2991 BMDMAState *bm = opaque;
2992 uint32_t val;
2993 val = bm->addr;
2994#ifdef DEBUG_IDE
2995 printf("%s: 0x%08x\n", __func__, val);
2996#endif
2997 return val;
2998}
2999
3000static void bmdma_addr_writel(void *opaque, uint32_t addr, uint32_t val)
3001{
3002 BMDMAState *bm = opaque;
3003#ifdef DEBUG_IDE
3004 printf("%s: 0x%08x\n", __func__, val);
3005#endif
3006 bm->addr = val & ~3;
30c4bbac 3007 bm->cur_addr = bm->addr;
98087450
FB		 3008}
3009
5fafdf24 3010static void bmdma_map(PCIDevice *pci_dev, int region_num,
98087450
FB		 3011 uint32_t addr, uint32_t size, int type)
3012{
3013 PCIIDEState *d = (PCIIDEState *)pci_dev;
3014 int i;
3015
3016 for(i = 0;i < 2; i++) {
3017 BMDMAState *bm = &d->bmdma[i];
3018 d->ide_if[2 * i].bmdma = bm;
3019 d->ide_if[2 * i + 1].bmdma = bm;
5457c8ce
FB		 3020 bm->pci_dev = (PCIIDEState *)pci_dev;
3021
98087450 3022 register_ioport_write(addr, 1, 1, bmdma_cmd_writeb, bm);
98087450 3023
5457c8ce
FB		 3024 register_ioport_write(addr + 1, 3, 1, bmdma_writeb, bm);
3025 register_ioport_read(addr, 4, 1, bmdma_readb, bm);
98087450 3026
5b9a1293
AJ		 3027 register_ioport_write(addr + 4, 4, 1, bmdma_addr_writeb, bm);
3028 register_ioport_read(addr + 4, 4, 1, bmdma_addr_readb, bm);
3029 register_ioport_write(addr + 4, 4, 2, bmdma_addr_writew, bm);
3030 register_ioport_read(addr + 4, 4, 2, bmdma_addr_readw, bm);
98087450
FB		 3031 register_ioport_write(addr + 4, 4, 4, bmdma_addr_writel, bm);
3032 register_ioport_read(addr + 4, 4, 4, bmdma_addr_readl, bm);
3033 addr += 8;
3034 }
3035}
3036
5457c8ce
FB		 3037/* XXX: call it also when the MRDMODE is changed from the PCI config
3038 registers */
3039static void cmd646_update_irq(PCIIDEState *d)
3040{
3041 int pci_level;
3042 pci_level = ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH0) &&
3043 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH0)) ||
3044 ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH1) &&
3045 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH1));
d537cf6c 3046 qemu_set_irq(d->dev.irq[0], pci_level);
5457c8ce
FB		 3047}
3048
3049/* the PCI irq level is the logical OR of the two channels */
3050static void cmd646_set_irq(void *opaque, int channel, int level)
3051{
3052 PCIIDEState *d = opaque;
3053 int irq_mask;
3054
3055 irq_mask = MRDMODE_INTR_CH0 << channel;
3056 if (level)
3057 d->dev.config[MRDMODE] |= irq_mask;
3058 else
3059 d->dev.config[MRDMODE] &= ~irq_mask;
3060 cmd646_update_irq(d);
3061}
3062
3063/* CMD646 PCI IDE controller */
3064void pci_cmd646_ide_init(PCIBus *bus, BlockDriverState **hd_table,
3065 int secondary_ide_enabled)
69b91039
FB		 3066{
3067 PCIIDEState *d;
3068 uint8_t *pci_conf;
34e538ae 3069 int i;
d537cf6c 3070 qemu_irq *irq;
34e538ae 3071
5fafdf24 3072 d = (PCIIDEState *)pci_register_device(bus, "CMD646 IDE",
5457c8ce 3073 sizeof(PCIIDEState),
5fafdf24 3074 -1,
73c11f63 3075 NULL, NULL);
5457c8ce 3076 d->type = IDE_TYPE_CMD646;
69b91039 3077 pci_conf = d->dev.config;
5457c8ce
FB		 3078 pci_conf[0x00] = 0x95; // CMD646
3079 pci_conf[0x01] = 0x10;
3080 pci_conf[0x02] = 0x46;
3081 pci_conf[0x03] = 0x06;
3082
3083 pci_conf[0x08] = 0x07; // IDE controller revision
5fafdf24 3084 pci_conf[0x09] = 0x8f;
5457c8ce 3085
69b91039
FB		 3086 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
3087 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
5457c8ce 3088 pci_conf[0x0e] = 0x00; // header_type
3b46e624 3089
5457c8ce
FB		 3090 if (secondary_ide_enabled) {
3091 /* XXX: if not enabled, really disable the seconday IDE controller */
3092 pci_conf[0x51] = 0x80; /* enable IDE1 */
3093 }
69b91039 3094
5fafdf24 3095 pci_register_io_region((PCIDevice *)d, 0, 0x8,
69b91039 3096 PCI_ADDRESS_SPACE_IO, ide_map);
5fafdf24 3097 pci_register_io_region((PCIDevice *)d, 1, 0x4,
69b91039 3098 PCI_ADDRESS_SPACE_IO, ide_map);
5fafdf24 3099 pci_register_io_region((PCIDevice *)d, 2, 0x8,
69b91039 3100 PCI_ADDRESS_SPACE_IO, ide_map);
5fafdf24 3101 pci_register_io_region((PCIDevice *)d, 3, 0x4,
69b91039 3102 PCI_ADDRESS_SPACE_IO, ide_map);
5fafdf24 3103 pci_register_io_region((PCIDevice *)d, 4, 0x10,
98087450 3104 PCI_ADDRESS_SPACE_IO, bmdma_map);
69b91039 3105
34e538ae 3106 pci_conf[0x3d] = 0x01; // interrupt on pin 1
3b46e624 3107
34e538ae
FB		 3108 for(i = 0; i < 4; i++)
3109 d->ide_if[i].pci_dev = (PCIDevice *)d;
d537cf6c
PB		 3110
3111 irq = qemu_allocate_irqs(cmd646_set_irq, d, 2);
3112 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], irq[0]);
3113 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], irq[1]);
34e538ae
FB		 3114}
3115
c3d78997
FB		 3116static void pci_ide_save(QEMUFile* f, void *opaque)
3117{
3118 PCIIDEState *d = opaque;
3119 int i;
3120
3121 pci_device_save(&d->dev, f);
3122
3123 for(i = 0; i < 2; i++) {
3124 BMDMAState *bm = &d->bmdma[i];
3125 qemu_put_8s(f, &bm->cmd);
3126 qemu_put_8s(f, &bm->status);
3127 qemu_put_be32s(f, &bm->addr);
3128 /* XXX: if a transfer is pending, we do not save it yet */
3129 }
3130
3131 /* per IDE interface data */
3132 for(i = 0; i < 2; i++) {
3133 IDEState *s = &d->ide_if[i * 2];
3134 uint8_t drive1_selected;
3135 qemu_put_8s(f, &s->cmd);
3136 drive1_selected = (s->cur_drive != s);
3137 qemu_put_8s(f, &drive1_selected);
3138 }
3139
3140 /* per IDE drive data */
3141 for(i = 0; i < 4; i++) {
aa941b94 3142 ide_save(f, &d->ide_if[i]);
c3d78997
FB		 3143 }
3144}
3145
3146static int pci_ide_load(QEMUFile* f, void *opaque, int version_id)
3147{
3148 PCIIDEState *d = opaque;
3149 int ret, i;
3150
3151 if (version_id != 1)
3152 return -EINVAL;
3153 ret = pci_device_load(&d->dev, f);
3154 if (ret < 0)
3155 return ret;
3156
3157 for(i = 0; i < 2; i++) {
3158 BMDMAState *bm = &d->bmdma[i];
3159 qemu_get_8s(f, &bm->cmd);
3160 qemu_get_8s(f, &bm->status);
3161 qemu_get_be32s(f, &bm->addr);
3162 /* XXX: if a transfer is pending, we do not save it yet */
3163 }
3164
3165 /* per IDE interface data */
3166 for(i = 0; i < 2; i++) {
3167 IDEState *s = &d->ide_if[i * 2];
3168 uint8_t drive1_selected;
3169 qemu_get_8s(f, &s->cmd);
3170 qemu_get_8s(f, &drive1_selected);
3171 s->cur_drive = &d->ide_if[i * 2 + (drive1_selected != 0)];
3172 }
3173
3174 /* per IDE drive data */
3175 for(i = 0; i < 4; i++) {
aa941b94 3176 ide_load(f, &d->ide_if[i]);
c3d78997
FB		 3177 }
3178 return 0;
3179}
3180
e6a71ae3
TS		 3181static void piix3_reset(PCIIDEState *d)
3182{
3183 uint8_t *pci_conf = d->dev.config;
3184
3185 pci_conf[0x04] = 0x00;
3186 pci_conf[0x05] = 0x00;
3187 pci_conf[0x06] = 0x80; /* FBC */
3188 pci_conf[0x07] = 0x02; // PCI_status_devsel_medium
3189 pci_conf[0x20] = 0x01; /* BMIBA: 20-23h */
3190}
3191
34e538ae
FB		 3192/* hd_table must contain 4 block drivers */
3193/* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
d537cf6c
PB		 3194void pci_piix3_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
3195 qemu_irq *pic)
34e538ae
FB		 3196{
3197 PCIIDEState *d;
3198 uint8_t *pci_conf;
3b46e624 3199
34e538ae 3200 /* register a function 1 of PIIX3 */
5fafdf24 3201 d = (PCIIDEState *)pci_register_device(bus, "PIIX3 IDE",
46e50e9d 3202 sizeof(PCIIDEState),
502a5395 3203 devfn,
34e538ae 3204 NULL, NULL);
5457c8ce
FB		 3205 d->type = IDE_TYPE_PIIX3;
3206
34e538ae
FB		 3207 pci_conf = d->dev.config;
3208 pci_conf[0x00] = 0x86; // Intel
3209 pci_conf[0x01] = 0x80;
3210 pci_conf[0x02] = 0x10;
3211 pci_conf[0x03] = 0x70;
92510b8c 3212 pci_conf[0x09] = 0x80; // legacy ATA mode
34e538ae
FB		 3213 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
3214 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
3215 pci_conf[0x0e] = 0x00; // header_type
3216
e6a71ae3
TS		 3217 piix3_reset(d);
3218
5fafdf24 3219 pci_register_io_region((PCIDevice *)d, 4, 0x10,
98087450 3220 PCI_ADDRESS_SPACE_IO, bmdma_map);
34e538ae 3221
d537cf6c
PB		 3222 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
3223 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
34e538ae
FB		 3224 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
3225 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
c3d78997
FB		 3226
3227 register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
69b91039 3228}
1ade1de2 3229
afcc3cdf
TS		 3230/* hd_table must contain 4 block drivers */
3231/* NOTE: for the PIIX4, the IRQs and IOports are hardcoded */
3232void pci_piix4_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
3233 qemu_irq *pic)
3234{
3235 PCIIDEState *d;
3236 uint8_t *pci_conf;
3237
3238 /* register a function 1 of PIIX4 */
3239 d = (PCIIDEState *)pci_register_device(bus, "PIIX4 IDE",
3240 sizeof(PCIIDEState),
3241 devfn,
3242 NULL, NULL);
3243 d->type = IDE_TYPE_PIIX4;
3244
3245 pci_conf = d->dev.config;
3246 pci_conf[0x00] = 0x86; // Intel
3247 pci_conf[0x01] = 0x80;
3248 pci_conf[0x02] = 0x11;
3249 pci_conf[0x03] = 0x71;
3250 pci_conf[0x09] = 0x80; // legacy ATA mode
3251 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
3252 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
3253 pci_conf[0x0e] = 0x00; // header_type
3254
3255 piix3_reset(d);
3256
3257 pci_register_io_region((PCIDevice *)d, 4, 0x10,
3258 PCI_ADDRESS_SPACE_IO, bmdma_map);
3259
3260 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
3261 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
3262 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
3263 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
3264
3265 register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
3266}
3267
1ade1de2
FB		 3268/***********************************************************/
3269/* MacIO based PowerPC IDE */
3270
3271/* PowerMac IDE memory IO */
3272static void pmac_ide_writeb (void *opaque,
3273 target_phys_addr_t addr, uint32_t val)
3274{
5fafdf24 3275 addr = (addr & 0xFFF) >> 4;
1ade1de2
FB		 3276 switch (addr) {
3277 case 1 ... 7:
3278 ide_ioport_write(opaque, addr, val);
3279 break;
3280 case 8:
3281 case 22:
3282 ide_cmd_write(opaque, 0, val);
3283 break;
3284 default:
3285 break;
3286 }
3287}
3288
3289static uint32_t pmac_ide_readb (void *opaque,target_phys_addr_t addr)
3290{
3291 uint8_t retval;
3292
3293 addr = (addr & 0xFFF) >> 4;
3294 switch (addr) {
3295 case 1 ... 7:
3296 retval = ide_ioport_read(opaque, addr);
3297 break;
3298 case 8:
3299 case 22:
3300 retval = ide_status_read(opaque, 0);
3301 break;
3302 default:
3303 retval = 0xFF;
3304 break;
3305 }
3306 return retval;
3307}
3308
3309static void pmac_ide_writew (void *opaque,
3310 target_phys_addr_t addr, uint32_t val)
3311{
5fafdf24 3312 addr = (addr & 0xFFF) >> 4;
1ade1de2
FB		 3313#ifdef TARGET_WORDS_BIGENDIAN
3314 val = bswap16(val);
3315#endif
3316 if (addr == 0) {
3317 ide_data_writew(opaque, 0, val);
3318 }
3319}
3320
3321static uint32_t pmac_ide_readw (void *opaque,target_phys_addr_t addr)
3322{
3323 uint16_t retval;
3324
5fafdf24 3325 addr = (addr & 0xFFF) >> 4;
1ade1de2
FB		 3326 if (addr == 0) {
3327 retval = ide_data_readw(opaque, 0);
3328 } else {
3329 retval = 0xFFFF;
3330 }
3331#ifdef TARGET_WORDS_BIGENDIAN
3332 retval = bswap16(retval);
3333#endif
3334 return retval;
3335}
3336
3337static void pmac_ide_writel (void *opaque,
3338 target_phys_addr_t addr, uint32_t val)
3339{
5fafdf24 3340 addr = (addr & 0xFFF) >> 4;
1ade1de2
FB		 3341#ifdef TARGET_WORDS_BIGENDIAN
3342 val = bswap32(val);
3343#endif
3344 if (addr == 0) {
3345 ide_data_writel(opaque, 0, val);
3346 }
3347}
3348
3349static uint32_t pmac_ide_readl (void *opaque,target_phys_addr_t addr)
3350{
3351 uint32_t retval;
3352
5fafdf24 3353 addr = (addr & 0xFFF) >> 4;
1ade1de2
FB		 3354 if (addr == 0) {
3355 retval = ide_data_readl(opaque, 0);
3356 } else {
3357 retval = 0xFFFFFFFF;
3358 }
3359#ifdef TARGET_WORDS_BIGENDIAN
3360 retval = bswap32(retval);
3361#endif
3362 return retval;
3363}
3364
3365static CPUWriteMemoryFunc *pmac_ide_write[] = {
3366 pmac_ide_writeb,
3367 pmac_ide_writew,
3368 pmac_ide_writel,
3369};
3370
3371static CPUReadMemoryFunc *pmac_ide_read[] = {
3372 pmac_ide_readb,
3373 pmac_ide_readw,
3374 pmac_ide_readl,
3375};
3376
3377/* hd_table must contain 4 block drivers */
3378/* PowerMac uses memory mapped registers, not I/O. Return the memory
3379 I/O index to access the ide. */
d537cf6c 3380int pmac_ide_init (BlockDriverState **hd_table, qemu_irq irq)
1ade1de2
FB		 3381{
3382 IDEState *ide_if;
3383 int pmac_ide_memory;
3384
3385 ide_if = qemu_mallocz(sizeof(IDEState) * 2);
d537cf6c 3386 ide_init2(&ide_if[0], hd_table[0], hd_table[1], irq);
3b46e624 3387
1ade1de2
FB		 3388 pmac_ide_memory = cpu_register_io_memory(0, pmac_ide_read,
3389 pmac_ide_write, &ide_if[0]);
3390 return pmac_ide_memory;
3391}
201a51fc
AZ		 3392
3393/***********************************************************/
3394/* CF-ATA Microdrive */
3395
3396#define METADATA_SIZE 0x20
3397
3398/* DSCM-1XXXX Microdrive hard disk with CF+ II / PCMCIA interface. */
3399struct md_s {
3400 IDEState ide[2];
3401 struct pcmcia_card_s card;
3402 uint32_t attr_base;
3403 uint32_t io_base;
3404
3405 /* Card state */
3406 uint8_t opt;
3407 uint8_t stat;
3408 uint8_t pins;
3409
3410 uint8_t ctrl;
3411 uint16_t io;
3412 int cycle;
3413};
3414
3415/* Register bitfields */
3416enum md_opt {
3417 OPT_MODE_MMAP = 0,
3418 OPT_MODE_IOMAP16 = 1,
3419 OPT_MODE_IOMAP1 = 2,
3420 OPT_MODE_IOMAP2 = 3,
3421 OPT_MODE = 0x3f,
3422 OPT_LEVIREQ = 0x40,
3423 OPT_SRESET = 0x80,
3424};
3425enum md_cstat {
3426 STAT_INT = 0x02,
3427 STAT_PWRDWN = 0x04,
3428 STAT_XE = 0x10,
3429 STAT_IOIS8 = 0x20,
3430 STAT_SIGCHG = 0x40,
3431 STAT_CHANGED = 0x80,
3432};
3433enum md_pins {
3434 PINS_MRDY = 0x02,
3435 PINS_CRDY = 0x20,
3436};
3437enum md_ctrl {
3438 CTRL_IEN = 0x02,
3439 CTRL_SRST = 0x04,
3440};
3441
3442static inline void md_interrupt_update(struct md_s *s)
3443{
3444 if (!s->card.slot)
3445 return;
3446
3447 qemu_set_irq(s->card.slot->irq,
3448 !(s->stat & STAT_INT) && /* Inverted */
3449 !(s->ctrl & (CTRL_IEN | CTRL_SRST)) &&
3450 !(s->opt & OPT_SRESET));
3451}
3452
3453static void md_set_irq(void *opaque, int irq, int level)
3454{
3455 struct md_s *s = (struct md_s *) opaque;
3456 if (level)
3457 s->stat |= STAT_INT;
3458 else
3459 s->stat &= ~STAT_INT;
3460
3461 md_interrupt_update(s);
3462}
3463
3464static void md_reset(struct md_s *s)
3465{
3466 s->opt = OPT_MODE_MMAP;
3467 s->stat = 0;
3468 s->pins = 0;
3469 s->cycle = 0;
3470 s->ctrl = 0;
3471 ide_reset(s->ide);
3472}
3473
9e315fa9 3474static uint8_t md_attr_read(void *opaque, uint32_t at)
201a51fc
AZ		 3475{
3476 struct md_s *s = (struct md_s *) opaque;
3477 if (at < s->attr_base) {
3478 if (at < s->card.cis_len)
3479 return s->card.cis[at];
3480 else
3481 return 0x00;
3482 }
3483
3484 at -= s->attr_base;
3485
3486 switch (at) {
3487 case 0x00: /* Configuration Option Register */
3488 return s->opt;
3489 case 0x02: /* Card Configuration Status Register */
3490 if (s->ctrl & CTRL_IEN)
3491 return s->stat & ~STAT_INT;
3492 else
3493 return s->stat;
3494 case 0x04: /* Pin Replacement Register */
3495 return (s->pins & PINS_CRDY) | 0x0c;
3496 case 0x06: /* Socket and Copy Register */
3497 return 0x00;
3498#ifdef VERBOSE
3499 default:
3500 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3501#endif
3502 }
3503
3504 return 0;
3505}
3506
9e315fa9 3507static void md_attr_write(void *opaque, uint32_t at, uint8_t value)
201a51fc
AZ		 3508{
3509 struct md_s *s = (struct md_s *) opaque;
3510 at -= s->attr_base;
3511
3512 switch (at) {
3513 case 0x00: /* Configuration Option Register */
3514 s->opt = value & 0xcf;
3515 if (value & OPT_SRESET)
3516 md_reset(s);
3517 md_interrupt_update(s);
3518 break;
3519 case 0x02: /* Card Configuration Status Register */
3520 if ((s->stat ^ value) & STAT_PWRDWN)
3521 s->pins |= PINS_CRDY;
3522 s->stat &= 0x82;
3523 s->stat |= value & 0x74;
3524 md_interrupt_update(s);
3525 /* Word 170 in Identify Device must be equal to STAT_XE */
3526 break;
3527 case 0x04: /* Pin Replacement Register */
3528 s->pins &= PINS_CRDY;
3529 s->pins |= value & PINS_MRDY;
3530 break;
3531 case 0x06: /* Socket and Copy Register */
3532 break;
3533 default:
3534 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3535 }
3536}
3537
9e315fa9 3538static uint16_t md_common_read(void *opaque, uint32_t at)
201a51fc
AZ		 3539{
3540 struct md_s *s = (struct md_s *) opaque;
3541 uint16_t ret;
3542 at -= s->io_base;
3543
3544 switch (s->opt & OPT_MODE) {
3545 case OPT_MODE_MMAP:
3546 if ((at & ~0x3ff) == 0x400)
3547 at = 0;
3548 break;
3549 case OPT_MODE_IOMAP16:
3550 at &= 0xf;
3551 break;
3552 case OPT_MODE_IOMAP1:
3553 if ((at & ~0xf) == 0x3f0)
3554 at -= 0x3e8;
3555 else if ((at & ~0xf) == 0x1f0)
3556 at -= 0x1f0;
3557 break;
3558 case OPT_MODE_IOMAP2:
3559 if ((at & ~0xf) == 0x370)
3560 at -= 0x368;
3561 else if ((at & ~0xf) == 0x170)
3562 at -= 0x170;
3563 }
3564
3565 switch (at) {
3566 case 0x0: /* Even RD Data */
3567 case 0x8:
3568 return ide_data_readw(s->ide, 0);
3569
3570 /* TODO: 8-bit accesses */
3571 if (s->cycle)
3572 ret = s->io >> 8;
3573 else {
3574 s->io = ide_data_readw(s->ide, 0);
3575 ret = s->io & 0xff;
3576 }
3577 s->cycle = !s->cycle;
3578 return ret;
3579 case 0x9: /* Odd RD Data */
3580 return s->io >> 8;
3581 case 0xd: /* Error */
3582 return ide_ioport_read(s->ide, 0x1);
3583 case 0xe: /* Alternate Status */
3584 if (s->ide->cur_drive->bs)
3585 return s->ide->cur_drive->status;
3586 else
3587 return 0;
3588 case 0xf: /* Device Address */
3589 return 0xc2 | ((~s->ide->select << 2) & 0x3c);
3590 default:
3591 return ide_ioport_read(s->ide, at);
3592 }
3593
3594 return 0;
3595}
3596
9e315fa9 3597static void md_common_write(void *opaque, uint32_t at, uint16_t value)
201a51fc
AZ		 3598{
3599 struct md_s *s = (struct md_s *) opaque;
3600 at -= s->io_base;
3601
3602 switch (s->opt & OPT_MODE) {
3603 case OPT_MODE_MMAP:
3604 if ((at & ~0x3ff) == 0x400)
3605 at = 0;
3606 break;
3607 case OPT_MODE_IOMAP16:
3608 at &= 0xf;
3609 break;
3610 case OPT_MODE_IOMAP1:
3611 if ((at & ~0xf) == 0x3f0)
3612 at -= 0x3e8;
3613 else if ((at & ~0xf) == 0x1f0)
3614 at -= 0x1f0;
3615 break;
3616 case OPT_MODE_IOMAP2:
3617 if ((at & ~0xf) == 0x370)
3618 at -= 0x368;
3619 else if ((at & ~0xf) == 0x170)
3620 at -= 0x170;
3621 }
3622
3623 switch (at) {
3624 case 0x0: /* Even WR Data */
3625 case 0x8:
3626 ide_data_writew(s->ide, 0, value);
3627 break;
3628
3629 /* TODO: 8-bit accesses */
3630 if (s->cycle)
3631 ide_data_writew(s->ide, 0, s->io | (value << 8));
3632 else
3633 s->io = value & 0xff;
3634 s->cycle = !s->cycle;
3635 break;
3636 case 0x9:
3637 s->io = value & 0xff;
3638 s->cycle = !s->cycle;
3639 break;
3640 case 0xd: /* Features */
3641 ide_ioport_write(s->ide, 0x1, value);
3642 break;
3643 case 0xe: /* Device Control */
3644 s->ctrl = value;
3645 if (value & CTRL_SRST)
3646 md_reset(s);
3647 md_interrupt_update(s);
3648 break;
3649 default:
3650 if (s->stat & STAT_PWRDWN) {
3651 s->pins |= PINS_CRDY;
3652 s->stat &= ~STAT_PWRDWN;
3653 }
3654 ide_ioport_write(s->ide, at, value);
3655 }
3656}
3657
aa941b94
AZ		 3658static void md_save(QEMUFile *f, void *opaque)
3659{
3660 struct md_s *s = (struct md_s *) opaque;
3661 int i;
3662 uint8_t drive1_selected;
3663
3664 qemu_put_8s(f, &s->opt);
3665 qemu_put_8s(f, &s->stat);
3666 qemu_put_8s(f, &s->pins);
3667
3668 qemu_put_8s(f, &s->ctrl);
3669 qemu_put_be16s(f, &s->io);
3670 qemu_put_byte(f, s->cycle);
3671
3672 drive1_selected = (s->ide->cur_drive != s->ide);
3673 qemu_put_8s(f, &s->ide->cmd);
3674 qemu_put_8s(f, &drive1_selected);
3675
3676 for (i = 0; i < 2; i ++)
3677 ide_save(f, &s->ide[i]);
3678}
3679
3680static int md_load(QEMUFile *f, void *opaque, int version_id)
3681{
3682 struct md_s *s = (struct md_s *) opaque;
3683 int i;
3684 uint8_t drive1_selected;
3685
3686 qemu_get_8s(f, &s->opt);
3687 qemu_get_8s(f, &s->stat);
3688 qemu_get_8s(f, &s->pins);
3689
3690 qemu_get_8s(f, &s->ctrl);
3691 qemu_get_be16s(f, &s->io);
3692 s->cycle = qemu_get_byte(f);
3693
3694 qemu_get_8s(f, &s->ide->cmd);
3695 qemu_get_8s(f, &drive1_selected);
3696 s->ide->cur_drive = &s->ide[(drive1_selected != 0)];
3697
3698 for (i = 0; i < 2; i ++)
3699 ide_load(f, &s->ide[i]);
3700
3701 return 0;
3702}
3703
201a51fc
AZ		 3704static const uint8_t dscm1xxxx_cis[0x14a] = {
3705 [0x000] = CISTPL_DEVICE, /* 5V Device Information */
3706 [0x002] = 0x03, /* Tuple length = 4 bytes */
3707 [0x004] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3708 [0x006] = 0x01, /* Size = 2K bytes */
3709 [0x008] = CISTPL_ENDMARK,
3710
3711 [0x00a] = CISTPL_DEVICE_OC, /* Additional Device Information */
3712 [0x00c] = 0x04, /* Tuple length = 4 byest */
3713 [0x00e] = 0x03, /* Conditions: Ext = 0, Vcc 3.3V, MWAIT = 1 */
3714 [0x010] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3715 [0x012] = 0x01, /* Size = 2K bytes */
3716 [0x014] = CISTPL_ENDMARK,
3717
3718 [0x016] = CISTPL_JEDEC_C, /* JEDEC ID */
3719 [0x018] = 0x02, /* Tuple length = 2 bytes */
3720 [0x01a] = 0xdf, /* PC Card ATA with no Vpp required */
3721 [0x01c] = 0x01,
3722
3723 [0x01e] = CISTPL_MANFID, /* Manufacture ID */
3724 [0x020] = 0x04, /* Tuple length = 4 bytes */
3725 [0x022] = 0xa4, /* TPLMID_MANF = 00a4 (IBM) */
3726 [0x024] = 0x00,
3727 [0x026] = 0x00, /* PLMID_CARD = 0000 */
3728 [0x028] = 0x00,
3729
3730 [0x02a] = CISTPL_VERS_1, /* Level 1 Version */
3731 [0x02c] = 0x12, /* Tuple length = 23 bytes */
3732 [0x02e] = 0x04, /* Major Version = JEIDA 4.2 / PCMCIA 2.1 */
3733 [0x030] = 0x01, /* Minor Version = 1 */
3734 [0x032] = 'I',
3735 [0x034] = 'B',
3736 [0x036] = 'M',
3737 [0x038] = 0x00,
3738 [0x03a] = 'm',
3739 [0x03c] = 'i',
3740 [0x03e] = 'c',
3741 [0x040] = 'r',
3742 [0x042] = 'o',
3743 [0x044] = 'd',
3744 [0x046] = 'r',
3745 [0x048] = 'i',
3746 [0x04a] = 'v',
3747 [0x04c] = 'e',
3748 [0x04e] = 0x00,
3749 [0x050] = CISTPL_ENDMARK,
3750
3751 [0x052] = CISTPL_FUNCID, /* Function ID */
3752 [0x054] = 0x02, /* Tuple length = 2 bytes */
3753 [0x056] = 0x04, /* TPLFID_FUNCTION = Fixed Disk */
3754 [0x058] = 0x01, /* TPLFID_SYSINIT: POST = 1, ROM = 0 */
3755
3756 [0x05a] = CISTPL_FUNCE, /* Function Extension */
3757 [0x05c] = 0x02, /* Tuple length = 2 bytes */
3758 [0x05e] = 0x01, /* TPLFE_TYPE = Disk Device Interface */
3759 [0x060] = 0x01, /* TPLFE_DATA = PC Card ATA Interface */
3760
3761 [0x062] = CISTPL_FUNCE, /* Function Extension */
3762 [0x064] = 0x03, /* Tuple length = 3 bytes */
3763 [0x066] = 0x02, /* TPLFE_TYPE = Basic PC Card ATA Interface */
3764 [0x068] = 0x08, /* TPLFE_DATA: Rotating, Unique, Single */
3765 [0x06a] = 0x0f, /* TPLFE_DATA: Sleep, Standby, Idle, Auto */
3766
3767 [0x06c] = CISTPL_CONFIG, /* Configuration */
3768 [0x06e] = 0x05, /* Tuple length = 5 bytes */
3769 [0x070] = 0x01, /* TPCC_RASZ = 2 bytes, TPCC_RMSZ = 1 byte */
3770 [0x072] = 0x07, /* TPCC_LAST = 7 */
3771 [0x074] = 0x00, /* TPCC_RADR = 0200 */
3772 [0x076] = 0x02,
3773 [0x078] = 0x0f, /* TPCC_RMSK = 200, 202, 204, 206 */
3774
3775 [0x07a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3776 [0x07c] = 0x0b, /* Tuple length = 11 bytes */
3777 [0x07e] = 0xc0, /* TPCE_INDX = Memory Mode, Default, Iface */
3778 [0x080] = 0xc0, /* TPCE_IF = Memory, no BVDs, no WP, READY */
3779 [0x082] = 0xa1, /* TPCE_FS = Vcc only, no I/O, Memory, Misc */
3780 [0x084] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3781 [0x086] = 0x55, /* NomV: 5.0 V */
3782 [0x088] = 0x4d, /* MinV: 4.5 V */
3783 [0x08a] = 0x5d, /* MaxV: 5.5 V */
3784 [0x08c] = 0x4e, /* Peakl: 450 mA */
3785 [0x08e] = 0x08, /* TPCE_MS = 1 window, 1 byte, Host address */
3786 [0x090] = 0x00, /* Window descriptor: Window length = 0 */
3787 [0x092] = 0x20, /* TPCE_MI: support power down mode, RW */
3788
3789 [0x094] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3790 [0x096] = 0x06, /* Tuple length = 6 bytes */
3791 [0x098] = 0x00, /* TPCE_INDX = Memory Mode, no Default */
3792 [0x09a] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3793 [0x09c] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3794 [0x09e] = 0xb5, /* NomV: 3.3 V */
3795 [0x0a0] = 0x1e,
3796 [0x0a2] = 0x3e, /* Peakl: 350 mA */
3797
3798 [0x0a4] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3799 [0x0a6] = 0x0d, /* Tuple length = 13 bytes */
3800 [0x0a8] = 0xc1, /* TPCE_INDX = I/O and Memory Mode, Default */
3801 [0x0aa] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3802 [0x0ac] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3803 [0x0ae] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3804 [0x0b0] = 0x55, /* NomV: 5.0 V */
3805 [0x0b2] = 0x4d, /* MinV: 4.5 V */
3806 [0x0b4] = 0x5d, /* MaxV: 5.5 V */
3807 [0x0b6] = 0x4e, /* Peakl: 450 mA */
3808 [0x0b8] = 0x64, /* TPCE_IO = 16-byte boundary, 16/8 accesses */
3809 [0x0ba] = 0xf0, /* TPCE_IR = MASK, Level, Pulse, Share */
3810 [0x0bc] = 0xff, /* IRQ0..IRQ7 supported */
3811 [0x0be] = 0xff, /* IRQ8..IRQ15 supported */
3812 [0x0c0] = 0x20, /* TPCE_MI = support power down mode */
3813
3814 [0x0c2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3815 [0x0c4] = 0x06, /* Tuple length = 6 bytes */
3816 [0x0c6] = 0x01, /* TPCE_INDX = I/O and Memory Mode */
3817 [0x0c8] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3818 [0x0ca] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3819 [0x0cc] = 0xb5, /* NomV: 3.3 V */
3820 [0x0ce] = 0x1e,
3821 [0x0d0] = 0x3e, /* Peakl: 350 mA */
3822
3823 [0x0d2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3824 [0x0d4] = 0x12, /* Tuple length = 18 bytes */
3825 [0x0d6] = 0xc2, /* TPCE_INDX = I/O Primary Mode */
3826 [0x0d8] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3827 [0x0da] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3828 [0x0dc] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3829 [0x0de] = 0x55, /* NomV: 5.0 V */
3830 [0x0e0] = 0x4d, /* MinV: 4.5 V */
3831 [0x0e2] = 0x5d, /* MaxV: 5.5 V */
3832 [0x0e4] = 0x4e, /* Peakl: 450 mA */
3833 [0x0e6] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3834 [0x0e8] = 0x61, /* Range: 2 fields, 2 bytes addr, 1 byte len */
3835 [0x0ea] = 0xf0, /* Field 1 address = 0x01f0 */
3836 [0x0ec] = 0x01,
3837 [0x0ee] = 0x07, /* Address block length = 8 */
3838 [0x0f0] = 0xf6, /* Field 2 address = 0x03f6 */
3839 [0x0f2] = 0x03,
3840 [0x0f4] = 0x01, /* Address block length = 2 */
3841 [0x0f6] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3842 [0x0f8] = 0x20, /* TPCE_MI = support power down mode */
3843
3844 [0x0fa] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3845 [0x0fc] = 0x06, /* Tuple length = 6 bytes */
3846 [0x0fe] = 0x02, /* TPCE_INDX = I/O Primary Mode, no Default */
3847 [0x100] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3848 [0x102] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3849 [0x104] = 0xb5, /* NomV: 3.3 V */
3850 [0x106] = 0x1e,
3851 [0x108] = 0x3e, /* Peakl: 350 mA */
3852
3853 [0x10a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3854 [0x10c] = 0x12, /* Tuple length = 18 bytes */
3855 [0x10e] = 0xc3, /* TPCE_INDX = I/O Secondary Mode, Default */
3856 [0x110] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3857 [0x112] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3858 [0x114] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3859 [0x116] = 0x55, /* NomV: 5.0 V */
3860 [0x118] = 0x4d, /* MinV: 4.5 V */
3861 [0x11a] = 0x5d, /* MaxV: 5.5 V */
3862 [0x11c] = 0x4e, /* Peakl: 450 mA */
3863 [0x11e] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3864 [0x120] = 0x61, /* Range: 2 fields, 2 byte addr, 1 byte len */
3865 [0x122] = 0x70, /* Field 1 address = 0x0170 */
3866 [0x124] = 0x01,
3867 [0x126] = 0x07, /* Address block length = 8 */
3868 [0x128] = 0x76, /* Field 2 address = 0x0376 */
3869 [0x12a] = 0x03,
3870 [0x12c] = 0x01, /* Address block length = 2 */
3871 [0x12e] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3872 [0x130] = 0x20, /* TPCE_MI = support power down mode */
3873
3874 [0x132] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3875 [0x134] = 0x06, /* Tuple length = 6 bytes */
3876 [0x136] = 0x03, /* TPCE_INDX = I/O Secondary Mode */
3877 [0x138] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3878 [0x13a] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3879 [0x13c] = 0xb5, /* NomV: 3.3 V */
3880 [0x13e] = 0x1e,
3881 [0x140] = 0x3e, /* Peakl: 350 mA */
3882
3883 [0x142] = CISTPL_NO_LINK, /* No Link */
3884 [0x144] = 0x00, /* Tuple length = 0 bytes */
3885
3886 [0x146] = CISTPL_END, /* Tuple End */
3887};
3888
3889static int dscm1xxxx_attach(void *opaque)
3890{
3891 struct md_s *md = (struct md_s *) opaque;
3892 md->card.attr_read = md_attr_read;
3893 md->card.attr_write = md_attr_write;
3894 md->card.common_read = md_common_read;
3895 md->card.common_write = md_common_write;
3896 md->card.io_read = md_common_read;
3897 md->card.io_write = md_common_write;
3898
3899 md->attr_base = md->card.cis[0x74] | (md->card.cis[0x76] << 8);
3900 md->io_base = 0x0;
3901
3902 md_reset(md);
3903 md_interrupt_update(md);
3904
3905 md->card.slot->card_string = "DSCM-1xxxx Hitachi Microdrive";
3906 return 0;
3907}
3908
3909static int dscm1xxxx_detach(void *opaque)
3910{
3911 struct md_s *md = (struct md_s *) opaque;
3912 md_reset(md);
3913 return 0;
3914}
3915
3916struct pcmcia_card_s *dscm1xxxx_init(BlockDriverState *bdrv)
3917{
3918 struct md_s *md = (struct md_s *) qemu_mallocz(sizeof(struct md_s));
3919 md->card.state = md;
3920 md->card.attach = dscm1xxxx_attach;
3921 md->card.detach = dscm1xxxx_detach;
3922 md->card.cis = dscm1xxxx_cis;
3923 md->card.cis_len = sizeof(dscm1xxxx_cis);
3924
3925 ide_init2(md->ide, bdrv, 0, qemu_allocate_irqs(md_set_irq, md, 1)[0]);
3926 md->ide->is_cf = 1;
3927 md->ide->mdata_size = METADATA_SIZE;
3928 md->ide->mdata_storage = (uint8_t *) qemu_mallocz(METADATA_SIZE);
aa941b94 3929
18be5187 3930 register_savevm("microdrive", -1, 0, md_save, md_load, md);
aa941b94 3931
201a51fc
AZ		 3932 return &md->card;
3933}
Qemu copy for testing