]> git.proxmox.com Git - qemu.git/blame - hw/ide.c
projects / qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
update
[qemu.git] / hw / ide.c
CommitLineData
5391d806
FB		 1/*
2 * QEMU IDE disk and CD-ROM Emulator
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 *
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
12 *
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
15 *
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
22 * THE SOFTWARE.
23 */
5391d806
FB		 24#include "vl.h"
25
5391d806
FB		 26/* debug IDE devices */
27//#define DEBUG_IDE
28//#define DEBUG_IDE_ATAPI
29
30/* Bits of HD_STATUS */
31#define ERR_STAT 0x01
32#define INDEX_STAT 0x02
33#define ECC_STAT 0x04 /* Corrected error */
34#define DRQ_STAT 0x08
35#define SEEK_STAT 0x10
36#define SRV_STAT 0x10
37#define WRERR_STAT 0x20
38#define READY_STAT 0x40
39#define BUSY_STAT 0x80
40
41/* Bits for HD_ERROR */
42#define MARK_ERR 0x01 /* Bad address mark */
43#define TRK0_ERR 0x02 /* couldn't find track 0 */
44#define ABRT_ERR 0x04 /* Command aborted */
45#define MCR_ERR 0x08 /* media change request */
46#define ID_ERR 0x10 /* ID field not found */
47#define MC_ERR 0x20 /* media changed */
48#define ECC_ERR 0x40 /* Uncorrectable ECC error */
49#define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
50#define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
51
52/* Bits of HD_NSECTOR */
53#define CD 0x01
54#define IO 0x02
55#define REL 0x04
56#define TAG_MASK 0xf8
57
58#define IDE_CMD_RESET 0x04
59#define IDE_CMD_DISABLE_IRQ 0x02
60
61/* ATA/ATAPI Commands pre T13 Spec */
62#define WIN_NOP 0x00
63/*
64 * 0x01->0x02 Reserved
65 */
66#define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
67/*
68 * 0x04->0x07 Reserved
69 */
70#define WIN_SRST 0x08 /* ATAPI soft reset command */
71#define WIN_DEVICE_RESET 0x08
72/*
73 * 0x09->0x0F Reserved
74 */
75#define WIN_RECAL 0x10
76#define WIN_RESTORE WIN_RECAL
77/*
78 * 0x10->0x1F Reserved
79 */
80#define WIN_READ 0x20 /* 28-Bit */
81#define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
82#define WIN_READ_LONG 0x22 /* 28-Bit */
83#define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
84#define WIN_READ_EXT 0x24 /* 48-Bit */
85#define WIN_READDMA_EXT 0x25 /* 48-Bit */
86#define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
87#define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
88/*
89 * 0x28
90 */
91#define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
92/*
93 * 0x2A->0x2F Reserved
94 */
95#define WIN_WRITE 0x30 /* 28-Bit */
96#define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
97#define WIN_WRITE_LONG 0x32 /* 28-Bit */
98#define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
99#define WIN_WRITE_EXT 0x34 /* 48-Bit */
100#define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
101#define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
102#define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
103#define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
104#define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
105/*
106 * 0x3A->0x3B Reserved
107 */
108#define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
109/*
110 * 0x3D->0x3F Reserved
111 */
112#define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
113#define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
114#define WIN_VERIFY_EXT 0x42 /* 48-Bit */
115/*
116 * 0x43->0x4F Reserved
117 */
118#define WIN_FORMAT 0x50
119/*
120 * 0x51->0x5F Reserved
121 */
122#define WIN_INIT 0x60
123/*
124 * 0x61->0x5F Reserved
125 */
126#define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
127#define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
128#define WIN_DIAGNOSE 0x90
129#define WIN_SPECIFY 0x91 /* set drive geometry translation */
130#define WIN_DOWNLOAD_MICROCODE 0x92
131#define WIN_STANDBYNOW2 0x94
132#define WIN_STANDBY2 0x96
133#define WIN_SETIDLE2 0x97
134#define WIN_CHECKPOWERMODE2 0x98
135#define WIN_SLEEPNOW2 0x99
136/*
137 * 0x9A VENDOR
138 */
139#define WIN_PACKETCMD 0xA0 /* Send a packet command. */
140#define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
141#define WIN_QUEUED_SERVICE 0xA2
142#define WIN_SMART 0xB0 /* self-monitoring and reporting */
143#define CFA_ERASE_SECTORS 0xC0
144#define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
145#define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
146#define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
147#define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
148#define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
149#define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
150#define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
151#define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
152#define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
153#define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
154#define WIN_GETMEDIASTATUS 0xDA
155#define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
156#define WIN_POSTBOOT 0xDC
157#define WIN_PREBOOT 0xDD
158#define WIN_DOORLOCK 0xDE /* lock door on removable drives */
159#define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
160#define WIN_STANDBYNOW1 0xE0
161#define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
162#define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
163#define WIN_SETIDLE1 0xE3
164#define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
165#define WIN_CHECKPOWERMODE1 0xE5
166#define WIN_SLEEPNOW1 0xE6
167#define WIN_FLUSH_CACHE 0xE7
168#define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
169#define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
170 /* SET_FEATURES 0x22 or 0xDD */
171#define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
172#define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
173#define WIN_MEDIAEJECT 0xED
174#define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
175#define WIN_SETFEATURES 0xEF /* set special drive features */
176#define EXABYTE_ENABLE_NEST 0xF0
177#define WIN_SECURITY_SET_PASS 0xF1
178#define WIN_SECURITY_UNLOCK 0xF2
179#define WIN_SECURITY_ERASE_PREPARE 0xF3
180#define WIN_SECURITY_ERASE_UNIT 0xF4
181#define WIN_SECURITY_FREEZE_LOCK 0xF5
182#define WIN_SECURITY_DISABLE 0xF6
183#define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
184#define WIN_SET_MAX 0xF9
185#define DISABLE_SEAGATE 0xFB
186
187/* set to 1 set disable mult support */
f66723fa 188#define MAX_MULT_SECTORS 16
5391d806
FB		 189
190/* ATAPI defines */
191
192#define ATAPI_PACKET_SIZE 12
193
194/* The generic packet command opcodes for CD/DVD Logical Units,
195 * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
196#define GPCMD_BLANK 0xa1
197#define GPCMD_CLOSE_TRACK 0x5b
198#define GPCMD_FLUSH_CACHE 0x35
199#define GPCMD_FORMAT_UNIT 0x04
200#define GPCMD_GET_CONFIGURATION 0x46
201#define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
202#define GPCMD_GET_PERFORMANCE 0xac
203#define GPCMD_INQUIRY 0x12
204#define GPCMD_LOAD_UNLOAD 0xa6
205#define GPCMD_MECHANISM_STATUS 0xbd
206#define GPCMD_MODE_SELECT_10 0x55
207#define GPCMD_MODE_SENSE_10 0x5a
208#define GPCMD_PAUSE_RESUME 0x4b
209#define GPCMD_PLAY_AUDIO_10 0x45
210#define GPCMD_PLAY_AUDIO_MSF 0x47
211#define GPCMD_PLAY_AUDIO_TI 0x48
212#define GPCMD_PLAY_CD 0xbc
213#define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
214#define GPCMD_READ_10 0x28
215#define GPCMD_READ_12 0xa8
216#define GPCMD_READ_CDVD_CAPACITY 0x25
217#define GPCMD_READ_CD 0xbe
218#define GPCMD_READ_CD_MSF 0xb9
219#define GPCMD_READ_DISC_INFO 0x51
220#define GPCMD_READ_DVD_STRUCTURE 0xad
221#define GPCMD_READ_FORMAT_CAPACITIES 0x23
222#define GPCMD_READ_HEADER 0x44
223#define GPCMD_READ_TRACK_RZONE_INFO 0x52
224#define GPCMD_READ_SUBCHANNEL 0x42
225#define GPCMD_READ_TOC_PMA_ATIP 0x43
226#define GPCMD_REPAIR_RZONE_TRACK 0x58
227#define GPCMD_REPORT_KEY 0xa4
228#define GPCMD_REQUEST_SENSE 0x03
229#define GPCMD_RESERVE_RZONE_TRACK 0x53
230#define GPCMD_SCAN 0xba
231#define GPCMD_SEEK 0x2b
232#define GPCMD_SEND_DVD_STRUCTURE 0xad
233#define GPCMD_SEND_EVENT 0xa2
234#define GPCMD_SEND_KEY 0xa3
235#define GPCMD_SEND_OPC 0x54
236#define GPCMD_SET_READ_AHEAD 0xa7
237#define GPCMD_SET_STREAMING 0xb6
238#define GPCMD_START_STOP_UNIT 0x1b
239#define GPCMD_STOP_PLAY_SCAN 0x4e
240#define GPCMD_TEST_UNIT_READY 0x00
241#define GPCMD_VERIFY_10 0x2f
242#define GPCMD_WRITE_10 0x2a
243#define GPCMD_WRITE_AND_VERIFY_10 0x2e
244/* This is listed as optional in ATAPI 2.6, but is (curiously)
245 * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
246 * Table 377 as an MMC command for SCSi devices though... Most ATAPI
247 * drives support it. */
248#define GPCMD_SET_SPEED 0xbb
249/* This seems to be a SCSI specific CD-ROM opcode
250 * to play data at track/index */
251#define GPCMD_PLAYAUDIO_TI 0x48
252/*
253 * From MS Media Status Notification Support Specification. For
254 * older drives only.
255 */
256#define GPCMD_GET_MEDIA_STATUS 0xda
257
258/* Mode page codes for mode sense/set */
259#define GPMODE_R_W_ERROR_PAGE 0x01
260#define GPMODE_WRITE_PARMS_PAGE 0x05
261#define GPMODE_AUDIO_CTL_PAGE 0x0e
262#define GPMODE_POWER_PAGE 0x1a
263#define GPMODE_FAULT_FAIL_PAGE 0x1c
264#define GPMODE_TO_PROTECT_PAGE 0x1d
265#define GPMODE_CAPABILITIES_PAGE 0x2a
266#define GPMODE_ALL_PAGES 0x3f
267/* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
268 * of MODE_SENSE_POWER_PAGE */
269#define GPMODE_CDROM_PAGE 0x0d
270
271#define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
272#define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
273#define ATAPI_INT_REASON_REL 0x04
274#define ATAPI_INT_REASON_TAG 0xf8
275
276/* same constants as bochs */
7f777bf3 277#define ASC_ILLEGAL_OPCODE 0x20
5391d806
FB		 278#define ASC_LOGICAL_BLOCK_OOR 0x21
279#define ASC_INV_FIELD_IN_CMD_PACKET 0x24
280#define ASC_MEDIUM_NOT_PRESENT 0x3a
281#define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
282
283#define SENSE_NONE 0
284#define SENSE_NOT_READY 2
285#define SENSE_ILLEGAL_REQUEST 5
286#define SENSE_UNIT_ATTENTION 6
287
288struct IDEState;
289
290typedef void EndTransferFunc(struct IDEState *);
291
caed8802 292/* NOTE: IDEState represents in fact one drive */
5391d806
FB		 293typedef struct IDEState {
294 /* ide config */
295 int is_cdrom;
5391d806
FB		 296 int cylinders, heads, sectors;
297 int64_t nb_sectors;
298 int mult_sectors;
299 int irq;
1ade1de2 300 openpic_t *openpic;
34e538ae 301 PCIDevice *pci_dev;
98087450 302 struct BMDMAState *bmdma;
aedf5382 303 int drive_serial;
5391d806
FB		 304 /* ide regs */
305 uint8_t feature;
306 uint8_t error;
307 uint16_t nsector; /* 0 is 256 to ease computations */
308 uint8_t sector;
309 uint8_t lcyl;
310 uint8_t hcyl;
311 uint8_t select;
312 uint8_t status;
313 /* 0x3f6 command, only meaningful for drive 0 */
314 uint8_t cmd;
315 /* depends on bit 4 in select, only meaningful for drive 0 */
316 struct IDEState *cur_drive;
317 BlockDriverState *bs;
318 /* ATAPI specific */
319 uint8_t sense_key;
320 uint8_t asc;
321 int packet_transfer_size;
322 int elementary_transfer_size;
323 int io_buffer_index;
324 int lba;
98087450
FB		 325 int cd_sector_size;
326 int atapi_dma; /* true if dma is requested for the packet cmd */
327 /* ATA DMA state */
328 int io_buffer_size;
329 /* PIO transfer handling */
5391d806
FB		 330 int req_nb_sectors; /* number of sectors per interrupt */
331 EndTransferFunc *end_transfer_func;
332 uint8_t *data_ptr;
333 uint8_t *data_end;
334 uint8_t io_buffer[MAX_MULT_SECTORS*512 + 4];
335} IDEState;
336
98087450
FB		 337#define BM_STATUS_DMAING 0x01
338#define BM_STATUS_ERROR 0x02
339#define BM_STATUS_INT 0x04
340
341#define BM_CMD_START 0x01
342#define BM_CMD_READ 0x08
343
344typedef int IDEDMAFunc(IDEState *s,
345 target_phys_addr_t phys_addr,
346 int transfer_size1);
347
348typedef struct BMDMAState {
349 uint8_t cmd;
350 uint8_t status;
351 uint32_t addr;
352 /* current transfer state */
353 IDEState *ide_if;
354 IDEDMAFunc *dma_cb;
355} BMDMAState;
356
357typedef struct PCIIDEState {
358 PCIDevice dev;
359 IDEState ide_if[4];
360 BMDMAState bmdma[2];
361} PCIIDEState;
362
363static void ide_dma_start(IDEState *s, IDEDMAFunc *dma_cb);
364
5391d806
FB		 365static void padstr(char *str, const char *src, int len)
366{
367 int i, v;
368 for(i = 0; i < len; i++) {
369 if (*src)
370 v = *src++;
371 else
372 v = ' ';
373 *(char *)((long)str ^ 1) = v;
374 str++;
375 }
376}
377
bd0d90b2
FB		 378static void padstr8(uint8_t *buf, int buf_size, const char *src)
379{
380 int i;
381 for(i = 0; i < buf_size; i++) {
382 if (*src)
383 buf[i] = *src++;
384 else
385 buf[i] = ' ';
386 }
387}
388
67b915a5
FB		 389static void put_le16(uint16_t *p, unsigned int v)
390{
0c4ad8dc 391 *p = cpu_to_le16(v);
67b915a5
FB		 392}
393
5391d806
FB		 394static void ide_identify(IDEState *s)
395{
396 uint16_t *p;
397 unsigned int oldsize;
aedf5382 398 char buf[20];
5391d806
FB		 399
400 memset(s->io_buffer, 0, 512);
401 p = (uint16_t *)s->io_buffer;
67b915a5
FB		 402 put_le16(p + 0, 0x0040);
403 put_le16(p + 1, s->cylinders);
404 put_le16(p + 3, s->heads);
405 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
406 put_le16(p + 5, 512); /* XXX: retired, remove ? */
407 put_le16(p + 6, s->sectors);
aedf5382
FB		 408 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
409 padstr((uint8_t *)(p + 10), buf, 20); /* serial number */
67b915a5
FB		 410 put_le16(p + 20, 3); /* XXX: retired, remove ? */
411 put_le16(p + 21, 512); /* cache size in sectors */
412 put_le16(p + 22, 4); /* ecc bytes */
5391d806
FB		 413 padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */
414 padstr((uint8_t *)(p + 27), "QEMU HARDDISK", 40); /* model */
415#if MAX_MULT_SECTORS > 1
67b915a5 416 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
5391d806 417#endif
67b915a5
FB		 418 put_le16(p + 48, 1); /* dword I/O */
419 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
420 put_le16(p + 51, 0x200); /* PIO transfer cycle */
421 put_le16(p + 52, 0x200); /* DMA transfer cycle */
422 put_le16(p + 53, 1); /* words 54-58 are valid */
423 put_le16(p + 54, s->cylinders);
424 put_le16(p + 55, s->heads);
425 put_le16(p + 56, s->sectors);
5391d806 426 oldsize = s->cylinders * s->heads * s->sectors;
67b915a5
FB		 427 put_le16(p + 57, oldsize);
428 put_le16(p + 58, oldsize >> 16);
5391d806 429 if (s->mult_sectors)
67b915a5
FB		 430 put_le16(p + 59, 0x100 | s->mult_sectors);
431 put_le16(p + 60, s->nb_sectors);
432 put_le16(p + 61, s->nb_sectors >> 16);
433 put_le16(p + 80, (1 << 1) | (1 << 2));
434 put_le16(p + 82, (1 << 14));
435 put_le16(p + 83, (1 << 14));
436 put_le16(p + 84, (1 << 14));
437 put_le16(p + 85, (1 << 14));
438 put_le16(p + 86, 0);
439 put_le16(p + 87, (1 << 14));
5391d806
FB		 440}
441
442static void ide_atapi_identify(IDEState *s)
443{
444 uint16_t *p;
aedf5382 445 char buf[20];
5391d806
FB		 446
447 memset(s->io_buffer, 0, 512);
448 p = (uint16_t *)s->io_buffer;
449 /* Removable CDROM, 50us response, 12 byte packets */
67b915a5 450 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
aedf5382
FB		 451 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
452 padstr((uint8_t *)(p + 10), buf, 20); /* serial number */
67b915a5
FB		 453 put_le16(p + 20, 3); /* buffer type */
454 put_le16(p + 21, 512); /* cache size in sectors */
455 put_le16(p + 22, 4); /* ecc bytes */
5391d806
FB		 456 padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */
457 padstr((uint8_t *)(p + 27), "QEMU CD-ROM", 40); /* model */
67b915a5
FB		 458 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
459 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
460 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
461 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
462 put_le16(p + 64, 1); /* PIO modes */
463 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
464 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
465 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
466 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
5391d806 467
67b915a5
FB		 468 put_le16(p + 71, 30); /* in ns */
469 put_le16(p + 72, 30); /* in ns */
5391d806 470
67b915a5 471 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
5391d806
FB		 472}
473
474static void ide_set_signature(IDEState *s)
475{
476 s->select &= 0xf0; /* clear head */
477 /* put signature */
478 s->nsector = 1;
479 s->sector = 1;
480 if (s->is_cdrom) {
481 s->lcyl = 0x14;
482 s->hcyl = 0xeb;
483 } else if (s->bs) {
484 s->lcyl = 0;
485 s->hcyl = 0;
486 } else {
487 s->lcyl = 0xff;
488 s->hcyl = 0xff;
489 }
490}
491
492static inline void ide_abort_command(IDEState *s)
493{
494 s->status = READY_STAT | ERR_STAT;
495 s->error = ABRT_ERR;
496}
497
498static inline void ide_set_irq(IDEState *s)
499{
500 if (!(s->cmd & IDE_CMD_DISABLE_IRQ)) {
1ade1de2
FB		 501#ifdef TARGET_PPC
502 if (s->openpic)
503 openpic_set_irq(s->openpic, s->irq, 1);
504 else
505#endif
34e538ae
FB		 506 if (s->irq == 16)
507 pci_set_irq(s->pci_dev, 0, 1);
508 else
509 pic_set_irq(s->irq, 1);
5391d806
FB		 510 }
511}
512
513/* prepare data transfer and tell what to do after */
514static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
515 EndTransferFunc *end_transfer_func)
516{
517 s->end_transfer_func = end_transfer_func;
518 s->data_ptr = buf;
519 s->data_end = buf + size;
520 s->status |= DRQ_STAT;
521}
522
523static void ide_transfer_stop(IDEState *s)
524{
525 s->end_transfer_func = ide_transfer_stop;
526 s->data_ptr = s->io_buffer;
527 s->data_end = s->io_buffer;
528 s->status &= ~DRQ_STAT;
529}
530
531static int64_t ide_get_sector(IDEState *s)
532{
533 int64_t sector_num;
534 if (s->select & 0x40) {
535 /* lba */
536 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
537 (s->lcyl << 8) | s->sector;
538 } else {
539 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
540 (s->select & 0x0f) * s->sectors +
541 (s->sector - 1);
542 }
543 return sector_num;
544}
545
546static void ide_set_sector(IDEState *s, int64_t sector_num)
547{
548 unsigned int cyl, r;
549 if (s->select & 0x40) {
550 s->select = (s->select & 0xf0) | (sector_num >> 24);
551 s->hcyl = (sector_num >> 16);
552 s->lcyl = (sector_num >> 8);
553 s->sector = (sector_num);
554 } else {
555 cyl = sector_num / (s->heads * s->sectors);
556 r = sector_num % (s->heads * s->sectors);
557 s->hcyl = cyl >> 8;
558 s->lcyl = cyl;
1b8eb456 559 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
5391d806
FB		 560 s->sector = (r % s->sectors) + 1;
561 }
562}
563
564static void ide_sector_read(IDEState *s)
565{
566 int64_t sector_num;
567 int ret, n;
568
569 s->status = READY_STAT | SEEK_STAT;
a136e5a8 570 s->error = 0; /* not needed by IDE spec, but needed by Windows */
5391d806
FB		 571 sector_num = ide_get_sector(s);
572 n = s->nsector;
573 if (n == 0) {
574 /* no more sector to read from disk */
575 ide_transfer_stop(s);
576 } else {
577#if defined(DEBUG_IDE)
578 printf("read sector=%Ld\n", sector_num);
579#endif
580 if (n > s->req_nb_sectors)
581 n = s->req_nb_sectors;
582 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
583 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
584 ide_set_irq(s);
585 ide_set_sector(s, sector_num + n);
586 s->nsector -= n;
587 }
588}
589
98087450
FB		 590static int ide_read_dma_cb(IDEState *s,
591 target_phys_addr_t phys_addr,
592 int transfer_size1)
593{
594 int len, transfer_size, n;
595 int64_t sector_num;
596
597 transfer_size = transfer_size1;
598 while (transfer_size > 0) {
599 len = s->io_buffer_size - s->io_buffer_index;
600 if (len <= 0) {
601 /* transfert next data */
602 n = s->nsector;
603 if (n == 0)
604 break;
605 if (n > MAX_MULT_SECTORS)
606 n = MAX_MULT_SECTORS;
607 sector_num = ide_get_sector(s);
608 bdrv_read(s->bs, sector_num, s->io_buffer, n);
609 s->io_buffer_index = 0;
610 s->io_buffer_size = n * 512;
611 len = s->io_buffer_size;
612 sector_num += n;
613 ide_set_sector(s, sector_num);
614 s->nsector -= n;
615 }
616 if (len > transfer_size)
617 len = transfer_size;
618 cpu_physical_memory_write(phys_addr,
619 s->io_buffer + s->io_buffer_index, len);
620 s->io_buffer_index += len;
621 transfer_size -= len;
622 phys_addr += len;
623 }
624 if (s->io_buffer_index >= s->io_buffer_size && s->nsector == 0) {
625 s->status = READY_STAT | SEEK_STAT;
626 ide_set_irq(s);
627#ifdef DEBUG_IDE_ATAPI
628 printf("dma status=0x%x\n", s->status);
629#endif
630 return 0;
631 }
632 return transfer_size1 - transfer_size;
633}
634
635static void ide_sector_read_dma(IDEState *s)
636{
637 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
638 s->io_buffer_index = 0;
639 s->io_buffer_size = 0;
640 ide_dma_start(s, ide_read_dma_cb);
641}
642
5391d806
FB		 643static void ide_sector_write(IDEState *s)
644{
645 int64_t sector_num;
646 int ret, n, n1;
647
648 s->status = READY_STAT | SEEK_STAT;
649 sector_num = ide_get_sector(s);
650#if defined(DEBUG_IDE)
651 printf("write sector=%Ld\n", sector_num);
652#endif
653 n = s->nsector;
654 if (n > s->req_nb_sectors)
655 n = s->req_nb_sectors;
656 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
657 s->nsector -= n;
658 if (s->nsector == 0) {
659 /* no more sector to write */
660 ide_transfer_stop(s);
661 } else {
662 n1 = s->nsector;
663 if (n1 > s->req_nb_sectors)
664 n1 = s->req_nb_sectors;
665 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
666 }
667 ide_set_sector(s, sector_num + n);
668 ide_set_irq(s);
669}
670
98087450
FB		 671static int ide_write_dma_cb(IDEState *s,
672 target_phys_addr_t phys_addr,
673 int transfer_size1)
674{
675 int len, transfer_size, n;
676 int64_t sector_num;
677
678 transfer_size = transfer_size1;
679 for(;;) {
680 len = s->io_buffer_size - s->io_buffer_index;
681 if (len == 0) {
682 n = s->io_buffer_size >> 9;
683 sector_num = ide_get_sector(s);
684 bdrv_write(s->bs, sector_num, s->io_buffer,
685 s->io_buffer_size >> 9);
686 sector_num += n;
687 ide_set_sector(s, sector_num);
688 s->nsector -= n;
689 n = s->nsector;
690 if (n == 0) {
691 /* end of transfer */
692 s->status = READY_STAT | SEEK_STAT;
693 ide_set_irq(s);
694 return 0;
695 }
696 if (n > MAX_MULT_SECTORS)
697 n = MAX_MULT_SECTORS;
698 s->io_buffer_index = 0;
699 s->io_buffer_size = n * 512;
700 len = s->io_buffer_size;
701 }
702 if (transfer_size <= 0)
703 break;
704 if (len > transfer_size)
705 len = transfer_size;
706 cpu_physical_memory_read(phys_addr,
707 s->io_buffer + s->io_buffer_index, len);
708 s->io_buffer_index += len;
709 transfer_size -= len;
710 phys_addr += len;
711 }
712 return transfer_size1 - transfer_size;
713}
714
715static void ide_sector_write_dma(IDEState *s)
716{
717 int n;
718 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
719 n = s->nsector;
720 if (n > MAX_MULT_SECTORS)
721 n = MAX_MULT_SECTORS;
722 s->io_buffer_index = 0;
723 s->io_buffer_size = n * 512;
724 ide_dma_start(s, ide_write_dma_cb);
725}
726
5391d806
FB		 727static void ide_atapi_cmd_ok(IDEState *s)
728{
729 s->error = 0;
730 s->status = READY_STAT;
731 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
732 ide_set_irq(s);
733}
734
735static void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
736{
737#ifdef DEBUG_IDE_ATAPI
738 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
739#endif
740 s->error = sense_key << 4;
741 s->status = READY_STAT | ERR_STAT;
742 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
743 s->sense_key = sense_key;
744 s->asc = asc;
745 ide_set_irq(s);
746}
747
748static inline void cpu_to_ube16(uint8_t *buf, int val)
749{
750 buf[0] = val >> 8;
751 buf[1] = val;
752}
753
754static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
755{
756 buf[0] = val >> 24;
757 buf[1] = val >> 16;
758 buf[2] = val >> 8;
759 buf[3] = val;
760}
761
762static inline int ube16_to_cpu(const uint8_t *buf)
763{
764 return (buf[0] << 8) | buf[1];
765}
766
767static inline int ube32_to_cpu(const uint8_t *buf)
768{
769 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
770}
771
98087450
FB		 772static void lba_to_msf(uint8_t *buf, int lba)
773{
774 lba += 150;
775 buf[0] = (lba / 75) / 60;
776 buf[1] = (lba / 75) % 60;
777 buf[2] = lba % 75;
778}
779
780static void cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
781 int sector_size)
782{
783 switch(sector_size) {
784 case 2048:
785 bdrv_read(bs, (int64_t)lba << 2, buf, 4);
786 break;
787 case 2352:
788 /* sync bytes */
789 buf[0] = 0x00;
790 memset(buf + 1, 0xff, 11);
791 buf += 12;
792 /* MSF */
793 lba_to_msf(buf, lba);
794 buf[3] = 0x01; /* mode 1 data */
795 buf += 4;
796 /* data */
797 bdrv_read(bs, (int64_t)lba << 2, buf, 4);
798 buf += 2048;
799 /* ECC */
800 memset(buf, 0, 288);
801 break;
802 default:
803 break;
804 }
805}
806
5391d806
FB		 807/* The whole ATAPI transfer logic is handled in this function */
808static void ide_atapi_cmd_reply_end(IDEState *s)
809{
810 int byte_count_limit, size;
811#ifdef DEBUG_IDE_ATAPI
812 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
813 s->packet_transfer_size,
814 s->elementary_transfer_size,
815 s->io_buffer_index);
816#endif
817 if (s->packet_transfer_size <= 0) {
818 /* end of transfer */
819 ide_transfer_stop(s);
820 s->status = READY_STAT;
821 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
822 ide_set_irq(s);
823#ifdef DEBUG_IDE_ATAPI
824 printf("status=0x%x\n", s->status);
825#endif
826 } else {
827 /* see if a new sector must be read */
98087450
FB		 828 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
829 cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
5391d806
FB		 830 s->lba++;
831 s->io_buffer_index = 0;
832 }
833 if (s->elementary_transfer_size > 0) {
834 /* there are some data left to transmit in this elementary
835 transfer */
98087450 836 size = s->cd_sector_size - s->io_buffer_index;
5391d806
FB		 837 if (size > s->elementary_transfer_size)
838 size = s->elementary_transfer_size;
839 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
840 size, ide_atapi_cmd_reply_end);
841 s->packet_transfer_size -= size;
842 s->elementary_transfer_size -= size;
843 s->io_buffer_index += size;
844 } else {
845 /* a new transfer is needed */
846 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
847 byte_count_limit = s->lcyl | (s->hcyl << 8);
848#ifdef DEBUG_IDE_ATAPI
849 printf("byte_count_limit=%d\n", byte_count_limit);
850#endif
851 if (byte_count_limit == 0xffff)
852 byte_count_limit--;
853 size = s->packet_transfer_size;
854 if (size > byte_count_limit) {
855 /* byte count limit must be even if this case */
856 if (byte_count_limit & 1)
857 byte_count_limit--;
858 size = byte_count_limit;
5391d806 859 }
a136e5a8
FB		 860 s->lcyl = size;
861 s->hcyl = size >> 8;
5391d806
FB		 862 s->elementary_transfer_size = size;
863 /* we cannot transmit more than one sector at a time */
864 if (s->lba != -1) {
98087450
FB		 865 if (size > (s->cd_sector_size - s->io_buffer_index))
866 size = (s->cd_sector_size - s->io_buffer_index);
5391d806
FB		 867 }
868 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
869 size, ide_atapi_cmd_reply_end);
870 s->packet_transfer_size -= size;
871 s->elementary_transfer_size -= size;
872 s->io_buffer_index += size;
873 ide_set_irq(s);
874#ifdef DEBUG_IDE_ATAPI
875 printf("status=0x%x\n", s->status);
876#endif
877 }
878 }
879}
880
881/* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
882static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
883{
884 if (size > max_size)
885 size = max_size;
886 s->lba = -1; /* no sector read */
887 s->packet_transfer_size = size;
888 s->elementary_transfer_size = 0;
889 s->io_buffer_index = 0;
890
891 s->status = READY_STAT;
892 ide_atapi_cmd_reply_end(s);
893}
894
895/* start a CD-CDROM read command */
98087450
FB		 896static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
897 int sector_size)
5391d806 898{
5391d806 899 s->lba = lba;
98087450 900 s->packet_transfer_size = nb_sectors * sector_size;
5391d806 901 s->elementary_transfer_size = 0;
98087450
FB		 902 s->io_buffer_index = sector_size;
903 s->cd_sector_size = sector_size;
5391d806
FB		 904
905 s->status = READY_STAT;
906 ide_atapi_cmd_reply_end(s);
907}
908
98087450
FB		 909/* ATAPI DMA support */
910static int ide_atapi_cmd_read_dma_cb(IDEState *s,
911 target_phys_addr_t phys_addr,
912 int transfer_size1)
913{
914 int len, transfer_size;
915
916 transfer_size = transfer_size1;
917 while (transfer_size > 0) {
918 if (s->packet_transfer_size <= 0)
919 break;
920 len = s->cd_sector_size - s->io_buffer_index;
921 if (len <= 0) {
922 /* transfert next data */
923 cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
924 s->lba++;
925 s->io_buffer_index = 0;
926 len = s->cd_sector_size;
927 }
928 if (len > transfer_size)
929 len = transfer_size;
930 cpu_physical_memory_write(phys_addr,
931 s->io_buffer + s->io_buffer_index, len);
932 s->packet_transfer_size -= len;
933 s->io_buffer_index += len;
934 transfer_size -= len;
935 phys_addr += len;
936 }
937 if (s->packet_transfer_size <= 0) {
938 s->status = READY_STAT;
939 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
940 ide_set_irq(s);
941#ifdef DEBUG_IDE_ATAPI
942 printf("dma status=0x%x\n", s->status);
943#endif
944 return 0;
945 }
946 return transfer_size1 - transfer_size;
947}
948
949/* start a CD-CDROM read command with DMA */
950/* XXX: test if DMA is available */
951static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
952 int sector_size)
953{
954 s->lba = lba;
955 s->packet_transfer_size = nb_sectors * sector_size;
956 s->io_buffer_index = sector_size;
957 s->cd_sector_size = sector_size;
958
959 s->status = READY_STAT | DRQ_STAT;
960 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
961}
962
963static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
964 int sector_size)
965{
966#ifdef DEBUG_IDE_ATAPI
967 printf("read: LBA=%d nb_sectors=%d\n", lba, nb_sectors);
968#endif
969 if (s->atapi_dma) {
970 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
971 } else {
972 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
973 }
974}
975
5391d806 976/* same toc as bochs. Return -1 if error or the toc length */
98087450 977/* XXX: check this */
5391d806
FB		 978static int cdrom_read_toc(IDEState *s, uint8_t *buf, int msf, int start_track)
979{
980 uint8_t *q;
981 int nb_sectors, len;
982
983 if (start_track > 1 && start_track != 0xaa)
984 return -1;
985 q = buf + 2;
98087450
FB		 986 *q++ = 1; /* first session */
987 *q++ = 1; /* last session */
5391d806
FB		 988 if (start_track <= 1) {
989 *q++ = 0; /* reserved */
990 *q++ = 0x14; /* ADR, control */
991 *q++ = 1; /* track number */
992 *q++ = 0; /* reserved */
993 if (msf) {
994 *q++ = 0; /* reserved */
995 *q++ = 0; /* minute */
996 *q++ = 2; /* second */
997 *q++ = 0; /* frame */
998 } else {
999 /* sector 0 */
1000 cpu_to_ube32(q, 0);
1001 q += 4;
1002 }
1003 }
1004 /* lead out track */
1005 *q++ = 0; /* reserved */
1006 *q++ = 0x16; /* ADR, control */
1007 *q++ = 0xaa; /* track number */
1008 *q++ = 0; /* reserved */
1009 nb_sectors = s->nb_sectors >> 2;
1010 if (msf) {
1011 *q++ = 0; /* reserved */
98087450
FB		 1012 lba_to_msf(q, nb_sectors);
1013 q += 3;
1014 } else {
1015 cpu_to_ube32(q, nb_sectors);
1016 q += 4;
1017 }
1018 len = q - buf;
1019 cpu_to_ube16(buf, len - 2);
1020 return len;
1021}
1022
1023/* mostly same info as PearPc */
1024static int cdrom_read_toc_raw(IDEState *s, uint8_t *buf, int msf,
1025 int session_num)
1026{
1027 uint8_t *q;
1028 int nb_sectors, len;
1029
1030 q = buf + 2;
1031 *q++ = 1; /* first session */
1032 *q++ = 1; /* last session */
1033
1034 *q++ = 1; /* session number */
1035 *q++ = 0x14; /* data track */
1036 *q++ = 0; /* track number */
1037 *q++ = 0xa0; /* lead-in */
1038 *q++ = 0; /* min */
1039 *q++ = 0; /* sec */
1040 *q++ = 0; /* frame */
1041 *q++ = 0;
1042 *q++ = 1; /* first track */
1043 *q++ = 0x00; /* disk type */
1044 *q++ = 0x00;
1045
1046 *q++ = 1; /* session number */
1047 *q++ = 0x14; /* data track */
1048 *q++ = 0; /* track number */
1049 *q++ = 0xa1;
1050 *q++ = 0; /* min */
1051 *q++ = 0; /* sec */
1052 *q++ = 0; /* frame */
1053 *q++ = 0;
1054 *q++ = 1; /* last track */
1055 *q++ = 0x00;
1056 *q++ = 0x00;
1057
1058 *q++ = 1; /* session number */
1059 *q++ = 0x14; /* data track */
1060 *q++ = 0; /* track number */
1061 *q++ = 0xa2; /* lead-out */
1062 *q++ = 0; /* min */
1063 *q++ = 0; /* sec */
1064 *q++ = 0; /* frame */
1065 nb_sectors = s->nb_sectors >> 2;
1066 if (msf) {
1067 *q++ = 0; /* reserved */
1068 lba_to_msf(q, nb_sectors);
1069 q += 3;
5391d806
FB		 1070 } else {
1071 cpu_to_ube32(q, nb_sectors);
1072 q += 4;
1073 }
98087450
FB		 1074
1075 *q++ = 1; /* session number */
1076 *q++ = 0x14; /* ADR, control */
1077 *q++ = 0; /* track number */
1078 *q++ = 1; /* point */
1079 *q++ = 0; /* min */
1080 *q++ = 0; /* sec */
1081 *q++ = 0; /* frame */
1082 *q++ = 0;
1083 *q++ = 0;
1084 *q++ = 0;
1085 *q++ = 0;
1086
5391d806
FB		 1087 len = q - buf;
1088 cpu_to_ube16(buf, len - 2);
1089 return len;
1090}
1091
1092static void ide_atapi_cmd(IDEState *s)
1093{
1094 const uint8_t *packet;
1095 uint8_t *buf;
1096 int max_len;
1097
1098 packet = s->io_buffer;
1099 buf = s->io_buffer;
1100#ifdef DEBUG_IDE_ATAPI
1101 {
1102 int i;
1103 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1104 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1105 printf(" %02x", packet[i]);
1106 }
1107 printf("\n");
1108 }
1109#endif
1110 switch(s->io_buffer[0]) {
1111 case GPCMD_TEST_UNIT_READY:
caed8802 1112 if (bdrv_is_inserted(s->bs)) {
5391d806
FB		 1113 ide_atapi_cmd_ok(s);
1114 } else {
1115 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1116 ASC_MEDIUM_NOT_PRESENT);
1117 }
1118 break;
1119 case GPCMD_MODE_SENSE_10:
1120 {
1121 int action, code;
1122 max_len = ube16_to_cpu(packet + 7);
1123 action = packet[2] >> 6;
1124 code = packet[2] & 0x3f;
1125 switch(action) {
1126 case 0: /* current values */
1127 switch(code) {
1128 case 0x01: /* error recovery */
1129 cpu_to_ube16(&buf[0], 16 + 6);
1130 buf[2] = 0x70;
1131 buf[3] = 0;
1132 buf[4] = 0;
1133 buf[5] = 0;
1134 buf[6] = 0;
1135 buf[7] = 0;
1136
1137 buf[8] = 0x01;
1138 buf[9] = 0x06;
1139 buf[10] = 0x00;
1140 buf[11] = 0x05;
1141 buf[12] = 0x00;
1142 buf[13] = 0x00;
1143 buf[14] = 0x00;
1144 buf[15] = 0x00;
1145 ide_atapi_cmd_reply(s, 16, max_len);
1146 break;
1147 case 0x2a:
1148 cpu_to_ube16(&buf[0], 28 + 6);
1149 buf[2] = 0x70;
1150 buf[3] = 0;
1151 buf[4] = 0;
1152 buf[5] = 0;
1153 buf[6] = 0;
1154 buf[7] = 0;
1155
1156 buf[8] = 0x2a;
1157 buf[9] = 0x12;
1158 buf[10] = 0x00;
1159 buf[11] = 0x00;
1160
1161 buf[12] = 0x70;
1162 buf[13] = 3 << 5;
1163 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
caed8802 1164 if (bdrv_is_locked(s->bs))
5391d806
FB		 1165 buf[6] |= 1 << 1;
1166 buf[15] = 0x00;
1167 cpu_to_ube16(&buf[16], 706);
1168 buf[18] = 0;
1169 buf[19] = 2;
1170 cpu_to_ube16(&buf[20], 512);
1171 cpu_to_ube16(&buf[22], 706);
1172 buf[24] = 0;
1173 buf[25] = 0;
1174 buf[26] = 0;
1175 buf[27] = 0;
1176 ide_atapi_cmd_reply(s, 28, max_len);
1177 break;
1178 default:
1179 goto error_cmd;
1180 }
1181 break;
1182 case 1: /* changeable values */
1183 goto error_cmd;
1184 case 2: /* default values */
1185 goto error_cmd;
1186 default:
1187 case 3: /* saved values */
1188 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1189 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1190 break;
1191 }
1192 }
1193 break;
1194 case GPCMD_REQUEST_SENSE:
1195 max_len = packet[4];
1196 memset(buf, 0, 18);
1197 buf[0] = 0x70 | (1 << 7);
1198 buf[2] = s->sense_key;
1199 buf[7] = 10;
1200 buf[12] = s->asc;
1201 ide_atapi_cmd_reply(s, 18, max_len);
1202 break;
1203 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
caed8802
FB		 1204 if (bdrv_is_inserted(s->bs)) {
1205 bdrv_set_locked(s->bs, packet[4] & 1);
5391d806
FB		 1206 ide_atapi_cmd_ok(s);
1207 } else {
1208 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1209 ASC_MEDIUM_NOT_PRESENT);
1210 }
1211 break;
1212 case GPCMD_READ_10:
1213 case GPCMD_READ_12:
1214 {
1215 int nb_sectors, lba;
1216
caed8802 1217 if (!bdrv_is_inserted(s->bs)) {
5391d806
FB		 1218 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1219 ASC_MEDIUM_NOT_PRESENT);
1220 break;
1221 }
1222 if (packet[0] == GPCMD_READ_10)
1223 nb_sectors = ube16_to_cpu(packet + 7);
1224 else
1225 nb_sectors = ube32_to_cpu(packet + 6);
1226 lba = ube32_to_cpu(packet + 2);
1227 if (nb_sectors == 0) {
1228 ide_atapi_cmd_ok(s);
1229 break;
1230 }
1231 if (((int64_t)(lba + nb_sectors) << 2) > s->nb_sectors) {
1232 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1233 ASC_LOGICAL_BLOCK_OOR);
1234 break;
1235 }
98087450
FB		 1236 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1237 }
1238 break;
1239 case GPCMD_READ_CD:
1240 {
1241 int nb_sectors, lba, transfer_request;
1242
1243 if (!bdrv_is_inserted(s->bs)) {
1244 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1245 ASC_MEDIUM_NOT_PRESENT);
1246 break;
1247 }
1248 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1249 lba = ube32_to_cpu(packet + 2);
1250 if (nb_sectors == 0) {
1251 ide_atapi_cmd_ok(s);
1252 break;
1253 }
1254 if (((int64_t)(lba + nb_sectors) << 2) > s->nb_sectors) {
1255 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1256 ASC_LOGICAL_BLOCK_OOR);
1257 break;
1258 }
1259 transfer_request = packet[9];
1260 switch(transfer_request & 0xf8) {
1261 case 0x00:
1262 /* nothing */
1263 ide_atapi_cmd_ok(s);
1264 break;
1265 case 0x10:
1266 /* normal read */
1267 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1268 break;
1269 case 0xf8:
1270 /* read all data */
1271 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1272 break;
1273 default:
1274 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1275 ASC_INV_FIELD_IN_CMD_PACKET);
1276 break;
1277 }
5391d806
FB		 1278 }
1279 break;
1280 case GPCMD_SEEK:
1281 {
1282 int lba;
caed8802 1283 if (!bdrv_is_inserted(s->bs)) {
5391d806
FB		 1284 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1285 ASC_MEDIUM_NOT_PRESENT);
1286 break;
1287 }
1288 lba = ube32_to_cpu(packet + 2);
1289 if (((int64_t)lba << 2) > s->nb_sectors) {
1290 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1291 ASC_LOGICAL_BLOCK_OOR);
1292 break;
1293 }
1294 ide_atapi_cmd_ok(s);
1295 }
1296 break;
1297 case GPCMD_START_STOP_UNIT:
1298 {
1299 int start, eject;
1300 start = packet[4] & 1;
1301 eject = (packet[4] >> 1) & 1;
1302
caed8802
FB		 1303 if (eject && !start) {
1304 /* eject the disk */
1305 bdrv_close(s->bs);
1306 }
5391d806
FB		 1307 ide_atapi_cmd_ok(s);
1308 }
1309 break;
1310 case GPCMD_MECHANISM_STATUS:
1311 {
1312 max_len = ube16_to_cpu(packet + 8);
1313 cpu_to_ube16(buf, 0);
1314 /* no current LBA */
1315 buf[2] = 0;
1316 buf[3] = 0;
1317 buf[4] = 0;
1318 buf[5] = 1;
1319 cpu_to_ube16(buf + 6, 0);
1320 ide_atapi_cmd_reply(s, 8, max_len);
1321 }
1322 break;
1323 case GPCMD_READ_TOC_PMA_ATIP:
1324 {
1325 int format, msf, start_track, len;
1326
caed8802 1327 if (!bdrv_is_inserted(s->bs)) {
5391d806
FB		 1328 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1329 ASC_MEDIUM_NOT_PRESENT);
1330 break;
1331 }
1332 max_len = ube16_to_cpu(packet + 7);
1333 format = packet[9] >> 6;
1334 msf = (packet[1] >> 1) & 1;
1335 start_track = packet[6];
1336 switch(format) {
1337 case 0:
1338 len = cdrom_read_toc(s, buf, msf, start_track);
1339 if (len < 0)
1340 goto error_cmd;
1341 ide_atapi_cmd_reply(s, len, max_len);
1342 break;
1343 case 1:
1344 /* multi session : only a single session defined */
1345 memset(buf, 0, 12);
1346 buf[1] = 0x0a;
1347 buf[2] = 0x01;
1348 buf[3] = 0x01;
1349 ide_atapi_cmd_reply(s, 12, max_len);
1350 break;
98087450
FB		 1351 case 2:
1352 len = cdrom_read_toc_raw(s, buf, msf, start_track);
1353 if (len < 0)
1354 goto error_cmd;
1355 ide_atapi_cmd_reply(s, len, max_len);
1356 break;
5391d806 1357 default:
7f777bf3
FB		 1358 error_cmd:
1359 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1360 ASC_INV_FIELD_IN_CMD_PACKET);
1361 break;
5391d806
FB		 1362 }
1363 }
1364 break;
1365 case GPCMD_READ_CDVD_CAPACITY:
caed8802 1366 if (!bdrv_is_inserted(s->bs)) {
5391d806
FB		 1367 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1368 ASC_MEDIUM_NOT_PRESENT);
1369 break;
1370 }
1371 /* NOTE: it is really the number of sectors minus 1 */
1372 cpu_to_ube32(buf, (s->nb_sectors >> 2) - 1);
1373 cpu_to_ube32(buf + 4, 2048);
1374 ide_atapi_cmd_reply(s, 8, 8);
1375 break;
bd0d90b2
FB		 1376 case GPCMD_INQUIRY:
1377 max_len = packet[4];
1378 buf[0] = 0x05; /* CD-ROM */
1379 buf[1] = 0x80; /* removable */
1380 buf[2] = 0x00; /* ISO */
1381 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1382 buf[4] = 31; /* additionnal length */
1383 buf[5] = 0; /* reserved */
1384 buf[6] = 0; /* reserved */
1385 buf[7] = 0; /* reserved */
1386 padstr8(buf + 8, 8, "QEMU");
1387 padstr8(buf + 16, 16, "QEMU CD-ROM");
1388 padstr8(buf + 32, 4, QEMU_VERSION);
1389 ide_atapi_cmd_reply(s, 36, max_len);
1390 break;
5391d806 1391 default:
5391d806 1392 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
7f777bf3 1393 ASC_ILLEGAL_OPCODE);
5391d806
FB		 1394 break;
1395 }
1396}
1397
caed8802
FB		 1398/* called when the inserted state of the media has changed */
1399static void cdrom_change_cb(void *opaque)
5391d806 1400{
caed8802
FB		 1401 IDEState *s = opaque;
1402 int64_t nb_sectors;
1403
1404 /* XXX: send interrupt too */
1405 bdrv_get_geometry(s->bs, &nb_sectors);
1406 s->nb_sectors = nb_sectors;
1407}
1408
1409static void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
1410{
1411 IDEState *ide_if = opaque;
c45c3d00 1412 IDEState *s;
5391d806
FB		 1413 int unit, n;
1414
1415#ifdef DEBUG_IDE
1416 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1417#endif
1418 addr &= 7;
1419 switch(addr) {
1420 case 0:
1421 break;
1422 case 1:
c45c3d00
FB		 1423 /* NOTE: data is written to the two drives */
1424 ide_if[0].feature = val;
1425 ide_if[1].feature = val;
5391d806
FB		 1426 break;
1427 case 2:
1428 if (val == 0)
1429 val = 256;
c45c3d00
FB		 1430 ide_if[0].nsector = val;
1431 ide_if[1].nsector = val;
5391d806
FB		 1432 break;
1433 case 3:
c45c3d00
FB		 1434 ide_if[0].sector = val;
1435 ide_if[1].sector = val;
5391d806
FB		 1436 break;
1437 case 4:
c45c3d00
FB		 1438 ide_if[0].lcyl = val;
1439 ide_if[1].lcyl = val;
5391d806
FB		 1440 break;
1441 case 5:
c45c3d00
FB		 1442 ide_if[0].hcyl = val;
1443 ide_if[1].hcyl = val;
5391d806
FB		 1444 break;
1445 case 6:
7ae98627
FB		 1446 ide_if[0].select = (val & ~0x10) | 0xa0;
1447 ide_if[1].select = (val | 0x10) | 0xa0;
5391d806
FB		 1448 /* select drive */
1449 unit = (val >> 4) & 1;
1450 s = ide_if + unit;
1451 ide_if->cur_drive = s;
5391d806
FB		 1452 break;
1453 default:
1454 case 7:
1455 /* command */
1456#if defined(DEBUG_IDE)
1457 printf("ide: CMD=%02x\n", val);
1458#endif
c45c3d00 1459 s = ide_if->cur_drive;
66201e2d
FB		 1460 /* ignore commands to non existant slave */
1461 if (s != ide_if && !s->bs)
1462 break;
5391d806
FB		 1463 switch(val) {
1464 case WIN_IDENTIFY:
1465 if (s->bs && !s->is_cdrom) {
1466 ide_identify(s);
2a282056 1467 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 1468 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1469 } else {
1470 if (s->is_cdrom) {
1471 ide_set_signature(s);
1472 }
1473 ide_abort_command(s);
1474 }
1475 ide_set_irq(s);
1476 break;
1477 case WIN_SPECIFY:
1478 case WIN_RECAL:
a136e5a8 1479 s->error = 0;
5391d806
FB		 1480 s->status = READY_STAT;
1481 ide_set_irq(s);
1482 break;
1483 case WIN_SETMULT:
1484 if (s->nsector > MAX_MULT_SECTORS ||
1485 s->nsector == 0 ||
1486 (s->nsector & (s->nsector - 1)) != 0) {
1487 ide_abort_command(s);
1488 } else {
1489 s->mult_sectors = s->nsector;
1490 s->status = READY_STAT;
1491 }
1492 ide_set_irq(s);
1493 break;
4ce900b4
FB		 1494 case WIN_VERIFY:
1495 case WIN_VERIFY_ONCE:
1496 /* do sector number check ? */
1497 s->status = READY_STAT;
1498 ide_set_irq(s);
1499 break;
5391d806
FB		 1500 case WIN_READ:
1501 case WIN_READ_ONCE:
6b136f9e
FB		 1502 if (!s->bs)
1503 goto abort_cmd;
5391d806
FB		 1504 s->req_nb_sectors = 1;
1505 ide_sector_read(s);
1506 break;
1507 case WIN_WRITE:
1508 case WIN_WRITE_ONCE:
a136e5a8 1509 s->error = 0;
f66723fa 1510 s->status = SEEK_STAT | READY_STAT;
5391d806
FB		 1511 s->req_nb_sectors = 1;
1512 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1513 break;
1514 case WIN_MULTREAD:
1515 if (!s->mult_sectors)
1516 goto abort_cmd;
1517 s->req_nb_sectors = s->mult_sectors;
1518 ide_sector_read(s);
1519 break;
1520 case WIN_MULTWRITE:
1521 if (!s->mult_sectors)
1522 goto abort_cmd;
a136e5a8 1523 s->error = 0;
f66723fa 1524 s->status = SEEK_STAT | READY_STAT;
5391d806
FB		 1525 s->req_nb_sectors = s->mult_sectors;
1526 n = s->nsector;
1527 if (n > s->req_nb_sectors)
1528 n = s->req_nb_sectors;
1529 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1530 break;
98087450
FB		 1531 case WIN_READDMA:
1532 case WIN_READDMA_ONCE:
1533 if (!s->bs)
1534 goto abort_cmd;
1535 ide_sector_read_dma(s);
1536 break;
1537 case WIN_WRITEDMA:
1538 case WIN_WRITEDMA_ONCE:
1539 if (!s->bs)
1540 goto abort_cmd;
1541 ide_sector_write_dma(s);
1542 break;
5391d806
FB		 1543 case WIN_READ_NATIVE_MAX:
1544 ide_set_sector(s, s->nb_sectors - 1);
1545 s->status = READY_STAT;
1546 ide_set_irq(s);
1547 break;
a136e5a8
FB		 1548 case WIN_CHECKPOWERMODE1:
1549 s->nsector = 0xff; /* device active or idle */
1550 s->status = READY_STAT;
1551 ide_set_irq(s);
1552 break;
34e538ae
FB		 1553 case WIN_SETFEATURES:
1554 if (!s->bs)
1555 goto abort_cmd;
1556 /* XXX: valid for CDROM ? */
1557 switch(s->feature) {
1558 case 0x02: /* write cache enable */
98087450 1559 case 0x03: /* set transfer mode */
34e538ae
FB		 1560 case 0x82: /* write cache disable */
1561 case 0xaa: /* read look-ahead enable */
1562 case 0x55: /* read look-ahead disable */
1563 s->status = READY_STAT;
1564 ide_set_irq(s);
1565 break;
1566 default:
1567 goto abort_cmd;
1568 }
1569 break;
5391d806
FB		 1570 /* ATAPI commands */
1571 case WIN_PIDENTIFY:
1572 if (s->is_cdrom) {
1573 ide_atapi_identify(s);
1574 s->status = READY_STAT;
1575 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1576 } else {
1577 ide_abort_command(s);
1578 }
1579 ide_set_irq(s);
1580 break;
1581 case WIN_SRST:
1582 if (!s->is_cdrom)
1583 goto abort_cmd;
1584 ide_set_signature(s);
6b136f9e 1585 s->status = 0x00; /* NOTE: READY is _not_ set */
5391d806
FB		 1586 s->error = 0x01;
1587 break;
1588 case WIN_PACKETCMD:
1589 if (!s->is_cdrom)
1590 goto abort_cmd;
98087450
FB		 1591 /* overlapping commands not supported */
1592 if (s->feature & 0x02)
5391d806 1593 goto abort_cmd;
98087450 1594 s->atapi_dma = s->feature & 1;
5391d806
FB		 1595 s->nsector = 1;
1596 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
1597 ide_atapi_cmd);
1598 break;
1599 default:
1600 abort_cmd:
1601 ide_abort_command(s);
1602 ide_set_irq(s);
1603 break;
1604 }
1605 }
1606}
1607
caed8802 1608static uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
5391d806 1609{
7ae98627
FB		 1610 IDEState *ide_if = opaque;
1611 IDEState *s = ide_if->cur_drive;
5391d806
FB		 1612 uint32_t addr;
1613 int ret;
1614
1615 addr = addr1 & 7;
1616 switch(addr) {
1617 case 0:
1618 ret = 0xff;
1619 break;
1620 case 1:
7ae98627 1621 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00
FB		 1622 ret = 0;
1623 else
1624 ret = s->error;
5391d806
FB		 1625 break;
1626 case 2:
7ae98627 1627 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00
FB		 1628 ret = 0;
1629 else
1630 ret = s->nsector & 0xff;
5391d806
FB		 1631 break;
1632 case 3:
7ae98627 1633 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00
FB		 1634 ret = 0;
1635 else
1636 ret = s->sector;
5391d806
FB		 1637 break;
1638 case 4:
7ae98627 1639 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00
FB		 1640 ret = 0;
1641 else
1642 ret = s->lcyl;
5391d806
FB		 1643 break;
1644 case 5:
7ae98627 1645 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00
FB		 1646 ret = 0;
1647 else
1648 ret = s->hcyl;
5391d806
FB		 1649 break;
1650 case 6:
7ae98627 1651 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00
FB		 1652 ret = 0;
1653 else
7ae98627 1654 ret = s->select;
5391d806
FB		 1655 break;
1656 default:
1657 case 7:
66201e2d
FB		 1658 if ((!ide_if[0].bs && !ide_if[1].bs) ||
1659 (s != ide_if && !s->bs))
c45c3d00
FB		 1660 ret = 0;
1661 else
1662 ret = s->status;
1ade1de2
FB		 1663#ifdef TARGET_PPC
1664 if (s->openpic)
1665 openpic_set_irq(s->openpic, s->irq, 0);
1666 else
1667#endif
34e538ae
FB		 1668 if (s->irq == 16)
1669 pci_set_irq(s->pci_dev, 0, 0);
1670 else
1671 pic_set_irq(s->irq, 0);
5391d806
FB		 1672 break;
1673 }
1674#ifdef DEBUG_IDE
1675 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
1676#endif
1677 return ret;
1678}
1679
caed8802 1680static uint32_t ide_status_read(void *opaque, uint32_t addr)
5391d806 1681{
7ae98627
FB		 1682 IDEState *ide_if = opaque;
1683 IDEState *s = ide_if->cur_drive;
5391d806 1684 int ret;
7ae98627 1685
66201e2d
FB		 1686 if ((!ide_if[0].bs && !ide_if[1].bs) ||
1687 (s != ide_if && !s->bs))
7ae98627
FB		 1688 ret = 0;
1689 else
1690 ret = s->status;
5391d806
FB		 1691#ifdef DEBUG_IDE
1692 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
1693#endif
1694 return ret;
1695}
1696
caed8802 1697static void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
5391d806 1698{
caed8802 1699 IDEState *ide_if = opaque;
5391d806
FB		 1700 IDEState *s;
1701 int i;
1702
1703#ifdef DEBUG_IDE
1704 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
1705#endif
1706 /* common for both drives */
1707 if (!(ide_if[0].cmd & IDE_CMD_RESET) &&
1708 (val & IDE_CMD_RESET)) {
1709 /* reset low to high */
1710 for(i = 0;i < 2; i++) {
1711 s = &ide_if[i];
1712 s->status = BUSY_STAT | SEEK_STAT;
1713 s->error = 0x01;
1714 }
1715 } else if ((ide_if[0].cmd & IDE_CMD_RESET) &&
1716 !(val & IDE_CMD_RESET)) {
1717 /* high to low */
1718 for(i = 0;i < 2; i++) {
1719 s = &ide_if[i];
6b136f9e
FB		 1720 if (s->is_cdrom)
1721 s->status = 0x00; /* NOTE: READY is _not_ set */
1722 else
56bf1d37 1723 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 1724 ide_set_signature(s);
1725 }
1726 }
1727
1728 ide_if[0].cmd = val;
1729 ide_if[1].cmd = val;
1730}
1731
caed8802 1732static void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
5391d806 1733{
caed8802 1734 IDEState *s = ((IDEState *)opaque)->cur_drive;
5391d806
FB		 1735 uint8_t *p;
1736
1737 p = s->data_ptr;
0c4ad8dc 1738 *(uint16_t *)p = le16_to_cpu(val);
5391d806
FB		 1739 p += 2;
1740 s->data_ptr = p;
1741 if (p >= s->data_end)
1742 s->end_transfer_func(s);
1743}
1744
caed8802 1745static uint32_t ide_data_readw(void *opaque, uint32_t addr)
5391d806 1746{
caed8802 1747 IDEState *s = ((IDEState *)opaque)->cur_drive;
5391d806
FB		 1748 uint8_t *p;
1749 int ret;
1750 p = s->data_ptr;
0c4ad8dc 1751 ret = cpu_to_le16(*(uint16_t *)p);
5391d806
FB		 1752 p += 2;
1753 s->data_ptr = p;
1754 if (p >= s->data_end)
1755 s->end_transfer_func(s);
1756 return ret;
1757}
1758
caed8802 1759static void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
5391d806 1760{
caed8802 1761 IDEState *s = ((IDEState *)opaque)->cur_drive;
5391d806
FB		 1762 uint8_t *p;
1763
1764 p = s->data_ptr;
0c4ad8dc 1765 *(uint32_t *)p = le32_to_cpu(val);
5391d806
FB		 1766 p += 4;
1767 s->data_ptr = p;
1768 if (p >= s->data_end)
1769 s->end_transfer_func(s);
1770}
1771
caed8802 1772static uint32_t ide_data_readl(void *opaque, uint32_t addr)
5391d806 1773{
caed8802 1774 IDEState *s = ((IDEState *)opaque)->cur_drive;
5391d806
FB		 1775 uint8_t *p;
1776 int ret;
1777
1778 p = s->data_ptr;
0c4ad8dc 1779 ret = cpu_to_le32(*(uint32_t *)p);
5391d806
FB		 1780 p += 4;
1781 s->data_ptr = p;
1782 if (p >= s->data_end)
1783 s->end_transfer_func(s);
1784 return ret;
1785}
1786
1787static void ide_reset(IDEState *s)
1788{
1789 s->mult_sectors = MAX_MULT_SECTORS;
1790 s->cur_drive = s;
1791 s->select = 0xa0;
1792 s->status = READY_STAT;
1793 ide_set_signature(s);
1794}
1795
1796struct partition {
1797 uint8_t boot_ind; /* 0x80 - active */
1798 uint8_t head; /* starting head */
1799 uint8_t sector; /* starting sector */
1800 uint8_t cyl; /* starting cylinder */
1801 uint8_t sys_ind; /* What partition type */
1802 uint8_t end_head; /* end head */
1803 uint8_t end_sector; /* end sector */
1804 uint8_t end_cyl; /* end cylinder */
1805 uint32_t start_sect; /* starting sector counting from 0 */
1806 uint32_t nr_sects; /* nr of sectors in partition */
1807} __attribute__((packed));
1808
1809/* try to guess the IDE geometry from the MSDOS partition table */
1810static void ide_guess_geometry(IDEState *s)
1811{
1812 uint8_t buf[512];
1813 int ret, i;
1814 struct partition *p;
1815 uint32_t nr_sects;
1816
1817 if (s->cylinders != 0)
1818 return;
1819 ret = bdrv_read(s->bs, 0, buf, 1);
1820 if (ret < 0)
1821 return;
1822 /* test msdos magic */
1823 if (buf[510] != 0x55 || buf[511] != 0xaa)
1824 return;
1825 for(i = 0; i < 4; i++) {
1826 p = ((struct partition *)(buf + 0x1be)) + i;
0c4ad8dc 1827 nr_sects = le32_to_cpu(p->nr_sects);
5391d806
FB		 1828 if (nr_sects && p->end_head) {
1829 /* We make the assumption that the partition terminates on
1830 a cylinder boundary */
1831 s->heads = p->end_head + 1;
1832 s->sectors = p->end_sector & 63;
1833 s->cylinders = s->nb_sectors / (s->heads * s->sectors);
1834#if 0
1835 printf("guessed partition: CHS=%d %d %d\n",
1836 s->cylinders, s->heads, s->sectors);
1837#endif
1838 }
1839 }
1840}
1841
69b91039
FB		 1842static void ide_init2(IDEState *ide_state, int irq,
1843 BlockDriverState *hd0, BlockDriverState *hd1)
5391d806 1844{
69b91039 1845 IDEState *s;
aedf5382 1846 static int drive_serial = 1;
caed8802 1847 int i, cylinders, heads, secs;
5391d806 1848 int64_t nb_sectors;
5391d806 1849
caed8802
FB		 1850 for(i = 0; i < 2; i++) {
1851 s = ide_state + i;
1852 if (i == 0)
1853 s->bs = hd0;
1854 else
1855 s->bs = hd1;
5391d806
FB		 1856 if (s->bs) {
1857 bdrv_get_geometry(s->bs, &nb_sectors);
1858 s->nb_sectors = nb_sectors;
caed8802
FB		 1859 /* if a geometry hint is available, use it */
1860 bdrv_get_geometry_hint(s->bs, &cylinders, &heads, &secs);
1861 if (cylinders != 0) {
5391d806 1862 s->cylinders = cylinders;
caed8802
FB		 1863 s->heads = heads;
1864 s->sectors = secs;
1865 } else {
1866 ide_guess_geometry(s);
1867 if (s->cylinders == 0) {
1868 /* if no geometry, use a LBA compatible one */
1869 cylinders = nb_sectors / (16 * 63);
1870 if (cylinders > 16383)
1871 cylinders = 16383;
1872 else if (cylinders < 2)
1873 cylinders = 2;
1874 s->cylinders = cylinders;
1875 s->heads = 16;
1876 s->sectors = 63;
1877 }
1878 }
1879 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
1880 s->is_cdrom = 1;
1881 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
5391d806
FB		 1882 }
1883 }
aedf5382 1884 s->drive_serial = drive_serial++;
caed8802 1885 s->irq = irq;
5391d806
FB		 1886 ide_reset(s);
1887 }
69b91039
FB		 1888}
1889
34e538ae 1890static void ide_init_ioport(IDEState *ide_state, int iobase, int iobase2)
69b91039 1891{
caed8802
FB		 1892 register_ioport_write(iobase, 8, 1, ide_ioport_write, ide_state);
1893 register_ioport_read(iobase, 8, 1, ide_ioport_read, ide_state);
1894 if (iobase2) {
1895 register_ioport_read(iobase2, 1, 1, ide_status_read, ide_state);
1896 register_ioport_write(iobase2, 1, 1, ide_cmd_write, ide_state);
5391d806 1897 }
caed8802
FB		 1898
1899 /* data ports */
1900 register_ioport_write(iobase, 2, 2, ide_data_writew, ide_state);
1901 register_ioport_read(iobase, 2, 2, ide_data_readw, ide_state);
1902 register_ioport_write(iobase, 4, 4, ide_data_writel, ide_state);
1903 register_ioport_read(iobase, 4, 4, ide_data_readl, ide_state);
5391d806 1904}
69b91039 1905
34e538ae
FB		 1906/***********************************************************/
1907/* ISA IDE definitions */
1908
1909void isa_ide_init(int iobase, int iobase2, int irq,
1910 BlockDriverState *hd0, BlockDriverState *hd1)
1911{
1912 IDEState *ide_state;
1913
1914 ide_state = qemu_mallocz(sizeof(IDEState) * 2);
1915 if (!ide_state)
1916 return;
1917
1918 ide_init2(ide_state, irq, hd0, hd1);
1919 ide_init_ioport(ide_state, iobase, iobase2);
1920}
1921
69b91039
FB		 1922/***********************************************************/
1923/* PCI IDE definitions */
1924
69b91039
FB		 1925static void ide_map(PCIDevice *pci_dev, int region_num,
1926 uint32_t addr, uint32_t size, int type)
1927{
1928 PCIIDEState *d = (PCIIDEState *)pci_dev;
1929 IDEState *ide_state;
1930
1931 if (region_num <= 3) {
1932 ide_state = &d->ide_if[(region_num >> 1) * 2];
1933 if (region_num & 1) {
1934 register_ioport_read(addr + 2, 1, 1, ide_status_read, ide_state);
1935 register_ioport_write(addr + 2, 1, 1, ide_cmd_write, ide_state);
1936 } else {
1937 register_ioport_write(addr, 8, 1, ide_ioport_write, ide_state);
1938 register_ioport_read(addr, 8, 1, ide_ioport_read, ide_state);
1939
1940 /* data ports */
1941 register_ioport_write(addr, 2, 2, ide_data_writew, ide_state);
1942 register_ioport_read(addr, 2, 2, ide_data_readw, ide_state);
1943 register_ioport_write(addr, 4, 4, ide_data_writel, ide_state);
1944 register_ioport_read(addr, 4, 4, ide_data_readl, ide_state);
1945 }
1946 }
1947}
1948
98087450
FB		 1949/* XXX: full callback usage to prepare non blocking I/Os support -
1950 error handling */
1951static void ide_dma_loop(BMDMAState *bm)
1952{
1953 struct {
1954 uint32_t addr;
1955 uint32_t size;
1956 } prd;
1957 target_phys_addr_t cur_addr;
1958 int len, i, len1;
1959
1960 cur_addr = bm->addr;
1961 /* at most one page to avoid hanging if erroneous parameters */
1962 for(i = 0; i < 512; i++) {
1963 cpu_physical_memory_read(cur_addr, (uint8_t *)&prd, 8);
1964 prd.addr = le32_to_cpu(prd.addr);
1965 prd.size = le32_to_cpu(prd.size);
1966#ifdef DEBUG_IDE
1967 printf("ide: dma: prd: %08x: addr=0x%08x size=0x%08x\n",
1968 (int)cur_addr, prd.addr, prd.size);
1969#endif
1970 len = prd.size & 0xfffe;
1971 if (len == 0)
1972 len = 0x10000;
1973 while (len > 0) {
1974 len1 = bm->dma_cb(bm->ide_if, prd.addr, len);
1975 if (len1 == 0)
1976 goto the_end;
1977 prd.addr += len1;
1978 len -= len1;
1979 }
1980 /* end of transfer */
1981 if (prd.size & 0x80000000)
1982 break;
1983 cur_addr += 8;
1984 }
1985 /* end of transfer */
1986 the_end:
1987 bm->status &= ~BM_STATUS_DMAING;
1988 bm->status |= BM_STATUS_INT;
1989 bm->dma_cb = NULL;
1990 bm->ide_if = NULL;
1991}
1992
1993static void ide_dma_start(IDEState *s, IDEDMAFunc *dma_cb)
1994{
1995 BMDMAState *bm = s->bmdma;
1996 if(!bm)
1997 return;
1998 bm->ide_if = s;
1999 bm->dma_cb = dma_cb;
2000 if (bm->status & BM_STATUS_DMAING) {
2001 ide_dma_loop(bm);
2002 }
2003}
2004
2005static uint32_t bmdma_cmd_readb(void *opaque, uint32_t addr)
2006{
2007 BMDMAState *bm = opaque;
2008 uint32_t val;
2009 val = bm->cmd;
2010#ifdef DEBUG_IDE
2011 printf("%s: 0x%08x\n", __func__, val);
2012#endif
2013 return val;
2014}
2015
2016static void bmdma_cmd_writeb(void *opaque, uint32_t addr, uint32_t val)
2017{
2018 BMDMAState *bm = opaque;
2019#ifdef DEBUG_IDE
2020 printf("%s: 0x%08x\n", __func__, val);
2021#endif
2022 if (!(val & BM_CMD_START)) {
2023 /* XXX: do it better */
2024 bm->status &= ~BM_STATUS_DMAING;
2025 bm->cmd = val & 0x09;
2026 } else {
2027 bm->status |= BM_STATUS_DMAING;
2028 bm->cmd = val & 0x09;
2029 /* start dma transfer if possible */
2030 if (bm->dma_cb)
2031 ide_dma_loop(bm);
2032 }
2033}
2034
2035static uint32_t bmdma_status_readb(void *opaque, uint32_t addr)
2036{
2037 BMDMAState *bm = opaque;
2038 uint32_t val;
2039 val = bm->status;
2040#ifdef DEBUG_IDE
2041 printf("%s: 0x%08x\n", __func__, val);
2042#endif
2043 return val;
2044}
2045
2046static void bmdma_status_writeb(void *opaque, uint32_t addr, uint32_t val)
2047{
2048 BMDMAState *bm = opaque;
2049#ifdef DEBUG_IDE
2050 printf("%s: 0x%08x\n", __func__, val);
2051#endif
2052 bm->status = (val & 0x60) | (bm->status & 1) | (bm->status & ~val & 0x06);
2053}
2054
2055static uint32_t bmdma_addr_readl(void *opaque, uint32_t addr)
2056{
2057 BMDMAState *bm = opaque;
2058 uint32_t val;
2059 val = bm->addr;
2060#ifdef DEBUG_IDE
2061 printf("%s: 0x%08x\n", __func__, val);
2062#endif
2063 return val;
2064}
2065
2066static void bmdma_addr_writel(void *opaque, uint32_t addr, uint32_t val)
2067{
2068 BMDMAState *bm = opaque;
2069#ifdef DEBUG_IDE
2070 printf("%s: 0x%08x\n", __func__, val);
2071#endif
2072 bm->addr = val & ~3;
2073}
2074
2075static void bmdma_map(PCIDevice *pci_dev, int region_num,
2076 uint32_t addr, uint32_t size, int type)
2077{
2078 PCIIDEState *d = (PCIIDEState *)pci_dev;
2079 int i;
2080
2081 for(i = 0;i < 2; i++) {
2082 BMDMAState *bm = &d->bmdma[i];
2083 d->ide_if[2 * i].bmdma = bm;
2084 d->ide_if[2 * i + 1].bmdma = bm;
2085
2086 register_ioport_write(addr, 1, 1, bmdma_cmd_writeb, bm);
2087 register_ioport_read(addr, 1, 1, bmdma_cmd_readb, bm);
2088
2089 register_ioport_write(addr + 2, 1, 1, bmdma_status_writeb, bm);
2090 register_ioport_read(addr + 2, 1, 1, bmdma_status_readb, bm);
2091
2092 register_ioport_write(addr + 4, 4, 4, bmdma_addr_writel, bm);
2093 register_ioport_read(addr + 4, 4, 4, bmdma_addr_readl, bm);
2094 addr += 8;
2095 }
2096}
2097
69b91039 2098/* hd_table must contain 4 block drivers */
46e50e9d 2099void pci_ide_init(PCIBus *bus, BlockDriverState **hd_table)
69b91039
FB		 2100{
2101 PCIIDEState *d;
2102 uint8_t *pci_conf;
34e538ae
FB		 2103 int i;
2104
46e50e9d
FB		 2105 d = (PCIIDEState *)pci_register_device(bus, "IDE", sizeof(PCIIDEState),
2106 -1,
73c11f63 2107 NULL, NULL);
69b91039
FB		 2108 pci_conf = d->dev.config;
2109 pci_conf[0x00] = 0x86; // Intel
2110 pci_conf[0x01] = 0x80;
2111 pci_conf[0x02] = 0x00; // fake
2112 pci_conf[0x03] = 0x01; // fake
2113 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2114 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2115 pci_conf[0x0e] = 0x80; // header_type = PCI_multifunction, generic
2116
2117 pci_conf[0x2c] = 0x86; // subsys vendor
2118 pci_conf[0x2d] = 0x80; // subsys vendor
2119 pci_conf[0x2e] = 0x00; // fake
2120 pci_conf[0x2f] = 0x01; // fake
2121
2122 pci_register_io_region((PCIDevice *)d, 0, 0x8,
2123 PCI_ADDRESS_SPACE_IO, ide_map);
2124 pci_register_io_region((PCIDevice *)d, 1, 0x4,
2125 PCI_ADDRESS_SPACE_IO, ide_map);
2126 pci_register_io_region((PCIDevice *)d, 2, 0x8,
2127 PCI_ADDRESS_SPACE_IO, ide_map);
2128 pci_register_io_region((PCIDevice *)d, 3, 0x4,
2129 PCI_ADDRESS_SPACE_IO, ide_map);
98087450
FB		 2130 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2131 PCI_ADDRESS_SPACE_IO, bmdma_map);
69b91039 2132
34e538ae
FB		 2133 pci_conf[0x3d] = 0x01; // interrupt on pin 1
2134
2135 for(i = 0; i < 4; i++)
2136 d->ide_if[i].pci_dev = (PCIDevice *)d;
2137 ide_init2(&d->ide_if[0], 16, hd_table[0], hd_table[1]);
2138 ide_init2(&d->ide_if[2], 16, hd_table[2], hd_table[3]);
2139}
2140
2141/* hd_table must contain 4 block drivers */
2142/* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
46e50e9d 2143void pci_piix3_ide_init(PCIBus *bus, BlockDriverState **hd_table)
34e538ae
FB		 2144{
2145 PCIIDEState *d;
2146 uint8_t *pci_conf;
2147
2148 /* register a function 1 of PIIX3 */
46e50e9d
FB		 2149 d = (PCIIDEState *)pci_register_device(bus, "PIIX3 IDE",
2150 sizeof(PCIIDEState),
2151 ((PCIDevice *)piix3_state)->devfn + 1,
34e538ae
FB		 2152 NULL, NULL);
2153 pci_conf = d->dev.config;
2154 pci_conf[0x00] = 0x86; // Intel
2155 pci_conf[0x01] = 0x80;
2156 pci_conf[0x02] = 0x10;
2157 pci_conf[0x03] = 0x70;
2158 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2159 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2160 pci_conf[0x0e] = 0x00; // header_type
2161
98087450
FB		 2162 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2163 PCI_ADDRESS_SPACE_IO, bmdma_map);
34e538ae 2164
69b91039
FB		 2165 ide_init2(&d->ide_if[0], 14, hd_table[0], hd_table[1]);
2166 ide_init2(&d->ide_if[2], 15, hd_table[2], hd_table[3]);
34e538ae
FB		 2167 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
2168 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
69b91039 2169}
1ade1de2
FB		 2170
2171/***********************************************************/
2172/* MacIO based PowerPC IDE */
2173
2174/* PowerMac IDE memory IO */
2175static void pmac_ide_writeb (void *opaque,
2176 target_phys_addr_t addr, uint32_t val)
2177{
2178 addr = (addr & 0xFFF) >> 4;
2179 switch (addr) {
2180 case 1 ... 7:
2181 ide_ioport_write(opaque, addr, val);
2182 break;
2183 case 8:
2184 case 22:
2185 ide_cmd_write(opaque, 0, val);
2186 break;
2187 default:
2188 break;
2189 }
2190}
2191
2192static uint32_t pmac_ide_readb (void *opaque,target_phys_addr_t addr)
2193{
2194 uint8_t retval;
2195
2196 addr = (addr & 0xFFF) >> 4;
2197 switch (addr) {
2198 case 1 ... 7:
2199 retval = ide_ioport_read(opaque, addr);
2200 break;
2201 case 8:
2202 case 22:
2203 retval = ide_status_read(opaque, 0);
2204 break;
2205 default:
2206 retval = 0xFF;
2207 break;
2208 }
2209 return retval;
2210}
2211
2212static void pmac_ide_writew (void *opaque,
2213 target_phys_addr_t addr, uint32_t val)
2214{
2215 addr = (addr & 0xFFF) >> 4;
2216#ifdef TARGET_WORDS_BIGENDIAN
2217 val = bswap16(val);
2218#endif
2219 if (addr == 0) {
2220 ide_data_writew(opaque, 0, val);
2221 }
2222}
2223
2224static uint32_t pmac_ide_readw (void *opaque,target_phys_addr_t addr)
2225{
2226 uint16_t retval;
2227
2228 addr = (addr & 0xFFF) >> 4;
2229 if (addr == 0) {
2230 retval = ide_data_readw(opaque, 0);
2231 } else {
2232 retval = 0xFFFF;
2233 }
2234#ifdef TARGET_WORDS_BIGENDIAN
2235 retval = bswap16(retval);
2236#endif
2237 return retval;
2238}
2239
2240static void pmac_ide_writel (void *opaque,
2241 target_phys_addr_t addr, uint32_t val)
2242{
2243 addr = (addr & 0xFFF) >> 4;
2244#ifdef TARGET_WORDS_BIGENDIAN
2245 val = bswap32(val);
2246#endif
2247 if (addr == 0) {
2248 ide_data_writel(opaque, 0, val);
2249 }
2250}
2251
2252static uint32_t pmac_ide_readl (void *opaque,target_phys_addr_t addr)
2253{
2254 uint32_t retval;
2255
2256 addr = (addr & 0xFFF) >> 4;
2257 if (addr == 0) {
2258 retval = ide_data_readl(opaque, 0);
2259 } else {
2260 retval = 0xFFFFFFFF;
2261 }
2262#ifdef TARGET_WORDS_BIGENDIAN
2263 retval = bswap32(retval);
2264#endif
2265 return retval;
2266}
2267
2268static CPUWriteMemoryFunc *pmac_ide_write[] = {
2269 pmac_ide_writeb,
2270 pmac_ide_writew,
2271 pmac_ide_writel,
2272};
2273
2274static CPUReadMemoryFunc *pmac_ide_read[] = {
2275 pmac_ide_readb,
2276 pmac_ide_readw,
2277 pmac_ide_readl,
2278};
2279
2280/* hd_table must contain 4 block drivers */
2281/* PowerMac uses memory mapped registers, not I/O. Return the memory
2282 I/O index to access the ide. */
2283int pmac_ide_init (BlockDriverState **hd_table,
2284 openpic_t *openpic, int irq)
2285{
2286 IDEState *ide_if;
2287 int pmac_ide_memory;
2288
2289 ide_if = qemu_mallocz(sizeof(IDEState) * 2);
2290 ide_init2(&ide_if[0], irq, hd_table[0], hd_table[1]);
2291 ide_if[0].openpic = openpic;
2292 ide_if[1].openpic = openpic;
2293
2294 pmac_ide_memory = cpu_register_io_memory(0, pmac_ide_read,
2295 pmac_ide_write, &ide_if[0]);
2296 return pmac_ide_memory;
2297}
Qemu copy for testing