]> git.proxmox.com Git - mirror_qemu.git/blame - hw/ide.c
projects / mirror_qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Move interrupt_request and user_mode_only to common cpu state.
[mirror_qemu.git] / hw / ide.c
CommitLineData
5391d806 1/*
38cdea7c 2 * QEMU IDE disk and CD/DVD-ROM Emulator
5fafdf24 3 *
5391d806 4 * Copyright (c) 2003 Fabrice Bellard
201a51fc 5 * Copyright (c) 2006 Openedhand Ltd.
5fafdf24 6 *
5391d806
FB		 7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
87ecb68b
PB		 25#include "hw.h"
26#include "pc.h"
27#include "pci.h"
28#include "scsi-disk.h"
29#include "pcmcia.h"
30#include "block.h"
31#include "qemu-timer.h"
32#include "sysemu.h"
9596ebb7 33#include "ppc_mac.h"
5391d806 34
5391d806
FB		 35/* debug IDE devices */
36//#define DEBUG_IDE
37//#define DEBUG_IDE_ATAPI
8ccad811
FB		 38//#define DEBUG_AIO
39#define USE_DMA_CDROM
5391d806
FB		 40
41/* Bits of HD_STATUS */
42#define ERR_STAT 0x01
43#define INDEX_STAT 0x02
44#define ECC_STAT 0x04 /* Corrected error */
45#define DRQ_STAT 0x08
46#define SEEK_STAT 0x10
47#define SRV_STAT 0x10
48#define WRERR_STAT 0x20
49#define READY_STAT 0x40
50#define BUSY_STAT 0x80
51
52/* Bits for HD_ERROR */
53#define MARK_ERR 0x01 /* Bad address mark */
54#define TRK0_ERR 0x02 /* couldn't find track 0 */
55#define ABRT_ERR 0x04 /* Command aborted */
56#define MCR_ERR 0x08 /* media change request */
57#define ID_ERR 0x10 /* ID field not found */
58#define MC_ERR 0x20 /* media changed */
59#define ECC_ERR 0x40 /* Uncorrectable ECC error */
60#define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
61#define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
62
63/* Bits of HD_NSECTOR */
64#define CD 0x01
65#define IO 0x02
66#define REL 0x04
67#define TAG_MASK 0xf8
68
69#define IDE_CMD_RESET 0x04
70#define IDE_CMD_DISABLE_IRQ 0x02
71
72/* ATA/ATAPI Commands pre T13 Spec */
73#define WIN_NOP 0x00
74/*
75 * 0x01->0x02 Reserved
76 */
77#define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
78/*
79 * 0x04->0x07 Reserved
80 */
81#define WIN_SRST 0x08 /* ATAPI soft reset command */
82#define WIN_DEVICE_RESET 0x08
83/*
84 * 0x09->0x0F Reserved
85 */
86#define WIN_RECAL 0x10
87#define WIN_RESTORE WIN_RECAL
88/*
89 * 0x10->0x1F Reserved
90 */
91#define WIN_READ 0x20 /* 28-Bit */
92#define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
93#define WIN_READ_LONG 0x22 /* 28-Bit */
94#define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
95#define WIN_READ_EXT 0x24 /* 48-Bit */
96#define WIN_READDMA_EXT 0x25 /* 48-Bit */
97#define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
98#define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
99/*
100 * 0x28
101 */
102#define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
103/*
104 * 0x2A->0x2F Reserved
105 */
106#define WIN_WRITE 0x30 /* 28-Bit */
107#define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
108#define WIN_WRITE_LONG 0x32 /* 28-Bit */
109#define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
110#define WIN_WRITE_EXT 0x34 /* 48-Bit */
111#define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
112#define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
113#define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
114#define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
115#define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
116/*
117 * 0x3A->0x3B Reserved
118 */
119#define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
120/*
121 * 0x3D->0x3F Reserved
122 */
123#define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
124#define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
125#define WIN_VERIFY_EXT 0x42 /* 48-Bit */
126/*
127 * 0x43->0x4F Reserved
128 */
129#define WIN_FORMAT 0x50
130/*
131 * 0x51->0x5F Reserved
132 */
133#define WIN_INIT 0x60
134/*
135 * 0x61->0x5F Reserved
136 */
137#define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
138#define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
139#define WIN_DIAGNOSE 0x90
140#define WIN_SPECIFY 0x91 /* set drive geometry translation */
141#define WIN_DOWNLOAD_MICROCODE 0x92
142#define WIN_STANDBYNOW2 0x94
201a51fc 143#define CFA_IDLEIMMEDIATE 0x95 /* force drive to become "ready" */
5391d806
FB		 144#define WIN_STANDBY2 0x96
145#define WIN_SETIDLE2 0x97
146#define WIN_CHECKPOWERMODE2 0x98
147#define WIN_SLEEPNOW2 0x99
148/*
149 * 0x9A VENDOR
150 */
151#define WIN_PACKETCMD 0xA0 /* Send a packet command. */
152#define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
153#define WIN_QUEUED_SERVICE 0xA2
154#define WIN_SMART 0xB0 /* self-monitoring and reporting */
201a51fc
AZ		 155#define CFA_ACCESS_METADATA_STORAGE 0xB8
156#define CFA_ERASE_SECTORS 0xC0 /* microdrives implement as NOP */
5391d806
FB		 157#define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
158#define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
159#define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
160#define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
161#define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
162#define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
163#define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
164#define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
165#define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
166#define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
5fafdf24 167#define WIN_GETMEDIASTATUS 0xDA
5391d806
FB		 168#define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
169#define WIN_POSTBOOT 0xDC
170#define WIN_PREBOOT 0xDD
171#define WIN_DOORLOCK 0xDE /* lock door on removable drives */
172#define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
173#define WIN_STANDBYNOW1 0xE0
174#define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
175#define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
176#define WIN_SETIDLE1 0xE3
177#define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
178#define WIN_CHECKPOWERMODE1 0xE5
179#define WIN_SLEEPNOW1 0xE6
180#define WIN_FLUSH_CACHE 0xE7
181#define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
182#define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
183 /* SET_FEATURES 0x22 or 0xDD */
184#define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
185#define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
186#define WIN_MEDIAEJECT 0xED
187#define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
188#define WIN_SETFEATURES 0xEF /* set special drive features */
189#define EXABYTE_ENABLE_NEST 0xF0
201a51fc 190#define IBM_SENSE_CONDITION 0xF0 /* measure disk temperature */
5391d806
FB		 191#define WIN_SECURITY_SET_PASS 0xF1
192#define WIN_SECURITY_UNLOCK 0xF2
193#define WIN_SECURITY_ERASE_PREPARE 0xF3
194#define WIN_SECURITY_ERASE_UNIT 0xF4
195#define WIN_SECURITY_FREEZE_LOCK 0xF5
201a51fc 196#define CFA_WEAR_LEVEL 0xF5 /* microdrives implement as NOP */
5391d806
FB		 197#define WIN_SECURITY_DISABLE 0xF6
198#define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
199#define WIN_SET_MAX 0xF9
200#define DISABLE_SEAGATE 0xFB
201
202/* set to 1 set disable mult support */
f66723fa 203#define MAX_MULT_SECTORS 16
5391d806 204
1d8cde5b
AJ		 205#define IDE_DMA_BUF_SECTORS 256
206
207#if (IDE_DMA_BUF_SECTORS < MAX_MULT_SECTORS)
208#error "IDE_DMA_BUF_SECTORS must be bigger or equal to MAX_MULT_SECTORS"
209#endif
210
5391d806
FB		 211/* ATAPI defines */
212
213#define ATAPI_PACKET_SIZE 12
214
215/* The generic packet command opcodes for CD/DVD Logical Units,
216 * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
217#define GPCMD_BLANK 0xa1
218#define GPCMD_CLOSE_TRACK 0x5b
219#define GPCMD_FLUSH_CACHE 0x35
220#define GPCMD_FORMAT_UNIT 0x04
221#define GPCMD_GET_CONFIGURATION 0x46
222#define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
223#define GPCMD_GET_PERFORMANCE 0xac
224#define GPCMD_INQUIRY 0x12
225#define GPCMD_LOAD_UNLOAD 0xa6
226#define GPCMD_MECHANISM_STATUS 0xbd
227#define GPCMD_MODE_SELECT_10 0x55
228#define GPCMD_MODE_SENSE_10 0x5a
229#define GPCMD_PAUSE_RESUME 0x4b
230#define GPCMD_PLAY_AUDIO_10 0x45
231#define GPCMD_PLAY_AUDIO_MSF 0x47
232#define GPCMD_PLAY_AUDIO_TI 0x48
233#define GPCMD_PLAY_CD 0xbc
234#define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
235#define GPCMD_READ_10 0x28
236#define GPCMD_READ_12 0xa8
237#define GPCMD_READ_CDVD_CAPACITY 0x25
238#define GPCMD_READ_CD 0xbe
239#define GPCMD_READ_CD_MSF 0xb9
240#define GPCMD_READ_DISC_INFO 0x51
241#define GPCMD_READ_DVD_STRUCTURE 0xad
242#define GPCMD_READ_FORMAT_CAPACITIES 0x23
243#define GPCMD_READ_HEADER 0x44
244#define GPCMD_READ_TRACK_RZONE_INFO 0x52
245#define GPCMD_READ_SUBCHANNEL 0x42
246#define GPCMD_READ_TOC_PMA_ATIP 0x43
247#define GPCMD_REPAIR_RZONE_TRACK 0x58
248#define GPCMD_REPORT_KEY 0xa4
249#define GPCMD_REQUEST_SENSE 0x03
250#define GPCMD_RESERVE_RZONE_TRACK 0x53
251#define GPCMD_SCAN 0xba
252#define GPCMD_SEEK 0x2b
253#define GPCMD_SEND_DVD_STRUCTURE 0xad
254#define GPCMD_SEND_EVENT 0xa2
255#define GPCMD_SEND_KEY 0xa3
256#define GPCMD_SEND_OPC 0x54
257#define GPCMD_SET_READ_AHEAD 0xa7
258#define GPCMD_SET_STREAMING 0xb6
259#define GPCMD_START_STOP_UNIT 0x1b
260#define GPCMD_STOP_PLAY_SCAN 0x4e
261#define GPCMD_TEST_UNIT_READY 0x00
262#define GPCMD_VERIFY_10 0x2f
263#define GPCMD_WRITE_10 0x2a
264#define GPCMD_WRITE_AND_VERIFY_10 0x2e
5fafdf24 265/* This is listed as optional in ATAPI 2.6, but is (curiously)
5391d806
FB		 266 * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
267 * Table 377 as an MMC command for SCSi devices though... Most ATAPI
268 * drives support it. */
269#define GPCMD_SET_SPEED 0xbb
5fafdf24 270/* This seems to be a SCSI specific CD-ROM opcode
5391d806
FB		 271 * to play data at track/index */
272#define GPCMD_PLAYAUDIO_TI 0x48
273/*
274 * From MS Media Status Notification Support Specification. For
275 * older drives only.
276 */
277#define GPCMD_GET_MEDIA_STATUS 0xda
d14049ea 278#define GPCMD_MODE_SENSE_6 0x1a
5391d806
FB		 279
280/* Mode page codes for mode sense/set */
281#define GPMODE_R_W_ERROR_PAGE 0x01
282#define GPMODE_WRITE_PARMS_PAGE 0x05
283#define GPMODE_AUDIO_CTL_PAGE 0x0e
284#define GPMODE_POWER_PAGE 0x1a
285#define GPMODE_FAULT_FAIL_PAGE 0x1c
286#define GPMODE_TO_PROTECT_PAGE 0x1d
287#define GPMODE_CAPABILITIES_PAGE 0x2a
288#define GPMODE_ALL_PAGES 0x3f
289/* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
290 * of MODE_SENSE_POWER_PAGE */
291#define GPMODE_CDROM_PAGE 0x0d
292
38cdea7c
AZ		 293/*
294 * Based on values from <linux/cdrom.h> but extending CD_MINS
295 * to the maximum common size allowed by the Orange's Book ATIP
296 *
297 * 90 and 99 min CDs are also available but using them as the
298 * upper limit reduces the effectiveness of the heuristic to
299 * detect DVDs burned to less than 25% of their maximum capacity
300 */
301
302/* Some generally useful CD-ROM information */
303#define CD_MINS 80 /* max. minutes per CD */
304#define CD_SECS 60 /* seconds per minute */
305#define CD_FRAMES 75 /* frames per second */
306#define CD_FRAMESIZE 2048 /* bytes per frame, "cooked" mode */
307#define CD_MAX_BYTES (CD_MINS * CD_SECS * CD_FRAMES * CD_FRAMESIZE)
308#define CD_MAX_SECTORS (CD_MAX_BYTES / 512)
309
310/*
311 * The MMC values are not IDE specific and might need to be moved
312 * to a common header if they are also needed for the SCSI emulation
313 */
314
315/* Profile list from MMC-6 revision 1 table 91 */
316#define MMC_PROFILE_NONE 0x0000
317#define MMC_PROFILE_CD_ROM 0x0008
318#define MMC_PROFILE_CD_R 0x0009
319#define MMC_PROFILE_CD_RW 0x000A
320#define MMC_PROFILE_DVD_ROM 0x0010
321#define MMC_PROFILE_DVD_R_SR 0x0011
322#define MMC_PROFILE_DVD_RAM 0x0012
323#define MMC_PROFILE_DVD_RW_RO 0x0013
324#define MMC_PROFILE_DVD_RW_SR 0x0014
325#define MMC_PROFILE_DVD_R_DL_SR 0x0015
326#define MMC_PROFILE_DVD_R_DL_JR 0x0016
327#define MMC_PROFILE_DVD_RW_DL 0x0017
328#define MMC_PROFILE_DVD_DDR 0x0018
329#define MMC_PROFILE_DVD_PLUS_RW 0x001A
330#define MMC_PROFILE_DVD_PLUS_R 0x001B
331#define MMC_PROFILE_DVD_PLUS_RW_DL 0x002A
332#define MMC_PROFILE_DVD_PLUS_R_DL 0x002B
333#define MMC_PROFILE_BD_ROM 0x0040
334#define MMC_PROFILE_BD_R_SRM 0x0041
335#define MMC_PROFILE_BD_R_RRM 0x0042
336#define MMC_PROFILE_BD_RE 0x0043
337#define MMC_PROFILE_HDDVD_ROM 0x0050
338#define MMC_PROFILE_HDDVD_R 0x0051
339#define MMC_PROFILE_HDDVD_RAM 0x0052
340#define MMC_PROFILE_HDDVD_RW 0x0053
341#define MMC_PROFILE_HDDVD_R_DL 0x0058
342#define MMC_PROFILE_HDDVD_RW_DL 0x005A
343#define MMC_PROFILE_INVALID 0xFFFF
344
5391d806
FB		 345#define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
346#define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
347#define ATAPI_INT_REASON_REL 0x04
348#define ATAPI_INT_REASON_TAG 0xf8
349
350/* same constants as bochs */
7f777bf3 351#define ASC_ILLEGAL_OPCODE 0x20
5391d806
FB		 352#define ASC_LOGICAL_BLOCK_OOR 0x21
353#define ASC_INV_FIELD_IN_CMD_PACKET 0x24
354#define ASC_MEDIUM_NOT_PRESENT 0x3a
355#define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
356
201a51fc
AZ		 357#define CFA_NO_ERROR 0x00
358#define CFA_MISC_ERROR 0x09
359#define CFA_INVALID_COMMAND 0x20
360#define CFA_INVALID_ADDRESS 0x21
361#define CFA_ADDRESS_OVERFLOW 0x2f
362
5391d806
FB		 363#define SENSE_NONE 0
364#define SENSE_NOT_READY 2
365#define SENSE_ILLEGAL_REQUEST 5
366#define SENSE_UNIT_ATTENTION 6
367
368struct IDEState;
369
370typedef void EndTransferFunc(struct IDEState *);
371
caed8802 372/* NOTE: IDEState represents in fact one drive */
5391d806
FB		 373typedef struct IDEState {
374 /* ide config */
375 int is_cdrom;
201a51fc 376 int is_cf;
5391d806
FB		 377 int cylinders, heads, sectors;
378 int64_t nb_sectors;
379 int mult_sectors;
94458802
FB		 380 int identify_set;
381 uint16_t identify_data[256];
d537cf6c 382 qemu_irq irq;
34e538ae 383 PCIDevice *pci_dev;
98087450 384 struct BMDMAState *bmdma;
aedf5382 385 int drive_serial;
5391d806
FB		 386 /* ide regs */
387 uint8_t feature;
388 uint8_t error;
c2ff060f 389 uint32_t nsector;
5391d806
FB		 390 uint8_t sector;
391 uint8_t lcyl;
392 uint8_t hcyl;
c2ff060f
FB		 393 /* other part of tf for lba48 support */
394 uint8_t hob_feature;
395 uint8_t hob_nsector;
396 uint8_t hob_sector;
397 uint8_t hob_lcyl;
398 uint8_t hob_hcyl;
399
5391d806
FB		 400 uint8_t select;
401 uint8_t status;
c2ff060f 402
5391d806
FB		 403 /* 0x3f6 command, only meaningful for drive 0 */
404 uint8_t cmd;
c2ff060f
FB		 405 /* set for lba48 access */
406 uint8_t lba48;
5391d806 407 /* depends on bit 4 in select, only meaningful for drive 0 */
5fafdf24 408 struct IDEState *cur_drive;
5391d806
FB		 409 BlockDriverState *bs;
410 /* ATAPI specific */
411 uint8_t sense_key;
412 uint8_t asc;
413 int packet_transfer_size;
414 int elementary_transfer_size;
415 int io_buffer_index;
416 int lba;
98087450
FB		 417 int cd_sector_size;
418 int atapi_dma; /* true if dma is requested for the packet cmd */
419 /* ATA DMA state */
420 int io_buffer_size;
421 /* PIO transfer handling */
5391d806
FB		 422 int req_nb_sectors; /* number of sectors per interrupt */
423 EndTransferFunc *end_transfer_func;
424 uint8_t *data_ptr;
425 uint8_t *data_end;
33f00271 426 uint8_t *io_buffer;
31c2a146 427 QEMUTimer *sector_write_timer; /* only used for win2k install hack */
e774a278 428 uint32_t irq_count; /* counts IRQs when using win2k install hack */
201a51fc
AZ		 429 /* CF-ATA extended error */
430 uint8_t ext_error;
431 /* CF-ATA metadata storage */
432 uint32_t mdata_size;
433 uint8_t *mdata_storage;
434 int media_changed;
5391d806
FB		 435} IDEState;
436
98087450
FB		 437#define BM_STATUS_DMAING 0x01
438#define BM_STATUS_ERROR 0x02
439#define BM_STATUS_INT 0x04
440
441#define BM_CMD_START 0x01
442#define BM_CMD_READ 0x08
443
5457c8ce
FB		 444#define IDE_TYPE_PIIX3 0
445#define IDE_TYPE_CMD646 1
afcc3cdf 446#define IDE_TYPE_PIIX4 2
5457c8ce
FB		 447
448/* CMD646 specific */
449#define MRDMODE 0x71
450#define MRDMODE_INTR_CH0 0x04
451#define MRDMODE_INTR_CH1 0x08
452#define MRDMODE_BLK_CH0 0x10
453#define MRDMODE_BLK_CH1 0x20
454#define UDIDETCR0 0x73
455#define UDIDETCR1 0x7B
456
98087450
FB		 457typedef struct BMDMAState {
458 uint8_t cmd;
459 uint8_t status;
460 uint32_t addr;
3b46e624 461
5457c8ce 462 struct PCIIDEState *pci_dev;
98087450 463 /* current transfer state */
8ccad811
FB		 464 uint32_t cur_addr;
465 uint32_t cur_prd_last;
466 uint32_t cur_prd_addr;
467 uint32_t cur_prd_len;
98087450 468 IDEState *ide_if;
8ccad811
FB		 469 BlockDriverCompletionFunc *dma_cb;
470 BlockDriverAIOCB *aiocb;
98087450
FB		 471} BMDMAState;
472
473typedef struct PCIIDEState {
474 PCIDevice dev;
475 IDEState ide_if[4];
476 BMDMAState bmdma[2];
5457c8ce 477 int type; /* see IDE_TYPE_xxx */
98087450
FB		 478} PCIIDEState;
479
8ccad811 480static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb);
5f12ab4b 481static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
98087450 482
5391d806
FB		 483static void padstr(char *str, const char *src, int len)
484{
485 int i, v;
486 for(i = 0; i < len; i++) {
487 if (*src)
488 v = *src++;
489 else
490 v = ' ';
69b34976 491 str[i^1] = v;
5391d806
FB		 492 }
493}
494
bd0d90b2
FB		 495static void padstr8(uint8_t *buf, int buf_size, const char *src)
496{
497 int i;
498 for(i = 0; i < buf_size; i++) {
499 if (*src)
500 buf[i] = *src++;
501 else
502 buf[i] = ' ';
503 }
504}
505
67b915a5
FB		 506static void put_le16(uint16_t *p, unsigned int v)
507{
0c4ad8dc 508 *p = cpu_to_le16(v);
67b915a5
FB		 509}
510
5391d806
FB		 511static void ide_identify(IDEState *s)
512{
513 uint16_t *p;
514 unsigned int oldsize;
aedf5382 515 char buf[20];
5391d806 516
94458802
FB		 517 if (s->identify_set) {
518 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
519 return;
520 }
521
5391d806
FB		 522 memset(s->io_buffer, 0, 512);
523 p = (uint16_t *)s->io_buffer;
67b915a5 524 put_le16(p + 0, 0x0040);
5fafdf24 525 put_le16(p + 1, s->cylinders);
67b915a5
FB		 526 put_le16(p + 3, s->heads);
527 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
528 put_le16(p + 5, 512); /* XXX: retired, remove ? */
5fafdf24 529 put_le16(p + 6, s->sectors);
aedf5382 530 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
60fe76f3 531 padstr((char *)(p + 10), buf, 20); /* serial number */
67b915a5
FB		 532 put_le16(p + 20, 3); /* XXX: retired, remove ? */
533 put_le16(p + 21, 512); /* cache size in sectors */
534 put_le16(p + 22, 4); /* ecc bytes */
60fe76f3
TS		 535 padstr((char *)(p + 23), QEMU_VERSION, 8); /* firmware version */
536 padstr((char *)(p + 27), "QEMU HARDDISK", 40); /* model */
3b46e624 537#if MAX_MULT_SECTORS > 1
67b915a5 538 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
5391d806 539#endif
67b915a5 540 put_le16(p + 48, 1); /* dword I/O */
94458802 541 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
67b915a5
FB		 542 put_le16(p + 51, 0x200); /* PIO transfer cycle */
543 put_le16(p + 52, 0x200); /* DMA transfer cycle */
94458802 544 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
67b915a5
FB		 545 put_le16(p + 54, s->cylinders);
546 put_le16(p + 55, s->heads);
547 put_le16(p + 56, s->sectors);
5391d806 548 oldsize = s->cylinders * s->heads * s->sectors;
67b915a5
FB		 549 put_le16(p + 57, oldsize);
550 put_le16(p + 58, oldsize >> 16);
5391d806 551 if (s->mult_sectors)
67b915a5
FB		 552 put_le16(p + 59, 0x100 | s->mult_sectors);
553 put_le16(p + 60, s->nb_sectors);
554 put_le16(p + 61, s->nb_sectors >> 16);
94458802
FB		 555 put_le16(p + 63, 0x07); /* mdma0-2 supported */
556 put_le16(p + 65, 120);
557 put_le16(p + 66, 120);
558 put_le16(p + 67, 120);
559 put_le16(p + 68, 120);
560 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
561 put_le16(p + 81, 0x16); /* conforms to ata5 */
67b915a5 562 put_le16(p + 82, (1 << 14));
c2ff060f
FB		 563 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
564 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
67b915a5
FB		 565 put_le16(p + 84, (1 << 14));
566 put_le16(p + 85, (1 << 14));
c2ff060f
FB		 567 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
568 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
67b915a5 569 put_le16(p + 87, (1 << 14));
94458802
FB		 570 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
571 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
c2ff060f
FB		 572 put_le16(p + 100, s->nb_sectors);
573 put_le16(p + 101, s->nb_sectors >> 16);
574 put_le16(p + 102, s->nb_sectors >> 32);
575 put_le16(p + 103, s->nb_sectors >> 48);
94458802
FB		 576
577 memcpy(s->identify_data, p, sizeof(s->identify_data));
578 s->identify_set = 1;
5391d806
FB		 579}
580
581static void ide_atapi_identify(IDEState *s)
582{
583 uint16_t *p;
aedf5382 584 char buf[20];
5391d806 585
94458802
FB		 586 if (s->identify_set) {
587 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
588 return;
589 }
590
5391d806
FB		 591 memset(s->io_buffer, 0, 512);
592 p = (uint16_t *)s->io_buffer;
593 /* Removable CDROM, 50us response, 12 byte packets */
67b915a5 594 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
aedf5382 595 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
60fe76f3 596 padstr((char *)(p + 10), buf, 20); /* serial number */
67b915a5
FB		 597 put_le16(p + 20, 3); /* buffer type */
598 put_le16(p + 21, 512); /* cache size in sectors */
599 put_le16(p + 22, 4); /* ecc bytes */
60fe76f3 600 padstr((char *)(p + 23), QEMU_VERSION, 8); /* firmware version */
38cdea7c 601 padstr((char *)(p + 27), "QEMU DVD-ROM", 40); /* model */
67b915a5 602 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
8ccad811
FB		 603#ifdef USE_DMA_CDROM
604 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
605 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
606 put_le16(p + 63, 7); /* mdma0-2 supported */
607 put_le16(p + 64, 0x3f); /* PIO modes supported */
608#else
67b915a5
FB		 609 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
610 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
611 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
612 put_le16(p + 64, 1); /* PIO modes */
8ccad811 613#endif
67b915a5
FB		 614 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
615 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
616 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
617 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
94458802 618
67b915a5
FB		 619 put_le16(p + 71, 30); /* in ns */
620 put_le16(p + 72, 30); /* in ns */
5391d806 621
67b915a5 622 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
8ccad811
FB		 623#ifdef USE_DMA_CDROM
624 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
625#endif
94458802
FB		 626 memcpy(s->identify_data, p, sizeof(s->identify_data));
627 s->identify_set = 1;
5391d806
FB		 628}
629
201a51fc
AZ		 630static void ide_cfata_identify(IDEState *s)
631{
632 uint16_t *p;
633 uint32_t cur_sec;
634 char buf[20];
635
636 p = (uint16_t *) s->identify_data;
637 if (s->identify_set)
638 goto fill_buffer;
639
640 memset(p, 0, sizeof(s->identify_data));
641
642 cur_sec = s->cylinders * s->heads * s->sectors;
643
644 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
645 put_le16(p + 1, s->cylinders); /* Default cylinders */
646 put_le16(p + 3, s->heads); /* Default heads */
647 put_le16(p + 6, s->sectors); /* Default sectors per track */
648 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
649 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
650 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
60fe76f3 651 padstr((char *)(p + 10), buf, 20); /* Serial number in ASCII */
201a51fc 652 put_le16(p + 22, 0x0004); /* ECC bytes */
60fe76f3
TS		 653 padstr((char *) (p + 23), QEMU_VERSION, 8); /* Firmware Revision */
654 padstr((char *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */
201a51fc
AZ		 655#if MAX_MULT_SECTORS > 1
656 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
657#else
658 put_le16(p + 47, 0x0000);
659#endif
660 put_le16(p + 49, 0x0f00); /* Capabilities */
661 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
662 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
663 put_le16(p + 53, 0x0003); /* Translation params valid */
664 put_le16(p + 54, s->cylinders); /* Current cylinders */
665 put_le16(p + 55, s->heads); /* Current heads */
666 put_le16(p + 56, s->sectors); /* Current sectors */
667 put_le16(p + 57, cur_sec); /* Current capacity */
668 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
669 if (s->mult_sectors) /* Multiple sector setting */
670 put_le16(p + 59, 0x100 | s->mult_sectors);
671 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
672 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
673 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
674 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
675 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
676 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
677 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
678 put_le16(p + 82, 0x400c); /* Command Set supported */
679 put_le16(p + 83, 0x7068); /* Command Set supported */
680 put_le16(p + 84, 0x4000); /* Features supported */
681 put_le16(p + 85, 0x000c); /* Command Set enabled */
682 put_le16(p + 86, 0x7044); /* Command Set enabled */
683 put_le16(p + 87, 0x4000); /* Features enabled */
684 put_le16(p + 91, 0x4060); /* Current APM level */
685 put_le16(p + 129, 0x0002); /* Current features option */
686 put_le16(p + 130, 0x0005); /* Reassigned sectors */
687 put_le16(p + 131, 0x0001); /* Initial power mode */
688 put_le16(p + 132, 0x0000); /* User signature */
689 put_le16(p + 160, 0x8100); /* Power requirement */
690 put_le16(p + 161, 0x8001); /* CF command set */
691
692 s->identify_set = 1;
693
694fill_buffer:
695 memcpy(s->io_buffer, p, sizeof(s->identify_data));
696}
697
5391d806
FB		 698static void ide_set_signature(IDEState *s)
699{
700 s->select &= 0xf0; /* clear head */
701 /* put signature */
702 s->nsector = 1;
703 s->sector = 1;
704 if (s->is_cdrom) {
705 s->lcyl = 0x14;
706 s->hcyl = 0xeb;
707 } else if (s->bs) {
708 s->lcyl = 0;
709 s->hcyl = 0;
710 } else {
711 s->lcyl = 0xff;
712 s->hcyl = 0xff;
713 }
714}
715
716static inline void ide_abort_command(IDEState *s)
717{
718 s->status = READY_STAT | ERR_STAT;
719 s->error = ABRT_ERR;
720}
721
722static inline void ide_set_irq(IDEState *s)
723{
98ff7d30 724 BMDMAState *bm = s->bmdma;
5391d806 725 if (!(s->cmd & IDE_CMD_DISABLE_IRQ)) {
5457c8ce 726 if (bm) {
98ff7d30 727 bm->status |= BM_STATUS_INT;
5457c8ce 728 }
d537cf6c 729 qemu_irq_raise(s->irq);
5391d806
FB		 730 }
731}
732
733/* prepare data transfer and tell what to do after */
5fafdf24 734static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
5391d806
FB		 735 EndTransferFunc *end_transfer_func)
736{
737 s->end_transfer_func = end_transfer_func;
738 s->data_ptr = buf;
739 s->data_end = buf + size;
7603d156
TS		 740 if (!(s->status & ERR_STAT))
741 s->status |= DRQ_STAT;
5391d806
FB		 742}
743
744static void ide_transfer_stop(IDEState *s)
745{
746 s->end_transfer_func = ide_transfer_stop;
747 s->data_ptr = s->io_buffer;
748 s->data_end = s->io_buffer;
749 s->status &= ~DRQ_STAT;
750}
751
752static int64_t ide_get_sector(IDEState *s)
753{
754 int64_t sector_num;
755 if (s->select & 0x40) {
756 /* lba */
c2ff060f
FB		 757 if (!s->lba48) {
758 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
759 (s->lcyl << 8) | s->sector;
760 } else {
761 sector_num = ((int64_t)s->hob_hcyl << 40) |
762 ((int64_t) s->hob_lcyl << 32) |
763 ((int64_t) s->hob_sector << 24) |
764 ((int64_t) s->hcyl << 16) |
765 ((int64_t) s->lcyl << 8) | s->sector;
766 }
5391d806
FB		 767 } else {
768 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
c2ff060f 769 (s->select & 0x0f) * s->sectors + (s->sector - 1);
5391d806
FB		 770 }
771 return sector_num;
772}
773
774static void ide_set_sector(IDEState *s, int64_t sector_num)
775{
776 unsigned int cyl, r;
777 if (s->select & 0x40) {
c2ff060f
FB		 778 if (!s->lba48) {
779 s->select = (s->select & 0xf0) | (sector_num >> 24);
780 s->hcyl = (sector_num >> 16);
781 s->lcyl = (sector_num >> 8);
782 s->sector = (sector_num);
783 } else {
784 s->sector = sector_num;
785 s->lcyl = sector_num >> 8;
786 s->hcyl = sector_num >> 16;
787 s->hob_sector = sector_num >> 24;
788 s->hob_lcyl = sector_num >> 32;
789 s->hob_hcyl = sector_num >> 40;
790 }
5391d806
FB		 791 } else {
792 cyl = sector_num / (s->heads * s->sectors);
793 r = sector_num % (s->heads * s->sectors);
794 s->hcyl = cyl >> 8;
795 s->lcyl = cyl;
1b8eb456 796 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
5391d806
FB		 797 s->sector = (r % s->sectors) + 1;
798 }
799}
800
801static void ide_sector_read(IDEState *s)
802{
803 int64_t sector_num;
804 int ret, n;
805
806 s->status = READY_STAT | SEEK_STAT;
a136e5a8 807 s->error = 0; /* not needed by IDE spec, but needed by Windows */
5391d806
FB		 808 sector_num = ide_get_sector(s);
809 n = s->nsector;
810 if (n == 0) {
811 /* no more sector to read from disk */
812 ide_transfer_stop(s);
813 } else {
814#if defined(DEBUG_IDE)
815 printf("read sector=%Ld\n", sector_num);
816#endif
817 if (n > s->req_nb_sectors)
818 n = s->req_nb_sectors;
819 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
820 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
821 ide_set_irq(s);
822 ide_set_sector(s, sector_num + n);
823 s->nsector -= n;
824 }
825}
826
8ccad811
FB		 827/* return 0 if buffer completed */
828static int dma_buf_rw(BMDMAState *bm, int is_write)
98087450 829{
8ccad811
FB		 830 IDEState *s = bm->ide_if;
831 struct {
832 uint32_t addr;
833 uint32_t size;
834 } prd;
835 int l, len;
98087450 836
8ccad811
FB		 837 for(;;) {
838 l = s->io_buffer_size - s->io_buffer_index;
5fafdf24 839 if (l <= 0)
8ccad811
FB		 840 break;
841 if (bm->cur_prd_len == 0) {
842 /* end of table (with a fail safe of one page) */
843 if (bm->cur_prd_last ||
844 (bm->cur_addr - bm->addr) >= 4096)
845 return 0;
846 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
847 bm->cur_addr += 8;
848 prd.addr = le32_to_cpu(prd.addr);
849 prd.size = le32_to_cpu(prd.size);
850 len = prd.size & 0xfffe;
851 if (len == 0)
852 len = 0x10000;
853 bm->cur_prd_len = len;
854 bm->cur_prd_addr = prd.addr;
855 bm->cur_prd_last = (prd.size & 0x80000000);
856 }
857 if (l > bm->cur_prd_len)
858 l = bm->cur_prd_len;
859 if (l > 0) {
860 if (is_write) {
5fafdf24 861 cpu_physical_memory_write(bm->cur_prd_addr,
8ccad811
FB		 862 s->io_buffer + s->io_buffer_index, l);
863 } else {
5fafdf24 864 cpu_physical_memory_read(bm->cur_prd_addr,
8ccad811
FB		 865 s->io_buffer + s->io_buffer_index, l);
866 }
867 bm->cur_prd_addr += l;
868 bm->cur_prd_len -= l;
869 s->io_buffer_index += l;
98087450 870 }
98087450 871 }
8ccad811
FB		 872 return 1;
873}
874
875/* XXX: handle errors */
876static void ide_read_dma_cb(void *opaque, int ret)
877{
878 BMDMAState *bm = opaque;
879 IDEState *s = bm->ide_if;
880 int n;
881 int64_t sector_num;
882
883 n = s->io_buffer_size >> 9;
884 sector_num = ide_get_sector(s);
885 if (n > 0) {
886 sector_num += n;
887 ide_set_sector(s, sector_num);
888 s->nsector -= n;
889 if (dma_buf_rw(bm, 1) == 0)
890 goto eot;
891 }
892
893 /* end of transfer ? */
894 if (s->nsector == 0) {
98087450
FB		 895 s->status = READY_STAT | SEEK_STAT;
896 ide_set_irq(s);
8ccad811
FB		 897 eot:
898 bm->status &= ~BM_STATUS_DMAING;
899 bm->status |= BM_STATUS_INT;
900 bm->dma_cb = NULL;
901 bm->ide_if = NULL;
902 bm->aiocb = NULL;
903 return;
98087450 904 }
8ccad811
FB		 905
906 /* launch next transfer */
907 n = s->nsector;
1d8cde5b
AJ		 908 if (n > IDE_DMA_BUF_SECTORS)
909 n = IDE_DMA_BUF_SECTORS;
8ccad811
FB		 910 s->io_buffer_index = 0;
911 s->io_buffer_size = n * 512;
912#ifdef DEBUG_AIO
913 printf("aio_read: sector_num=%lld n=%d\n", sector_num, n);
914#endif
5fafdf24 915 bm->aiocb = bdrv_aio_read(s->bs, sector_num, s->io_buffer, n,
8ccad811 916 ide_read_dma_cb, bm);
98087450
FB		 917}
918
919static void ide_sector_read_dma(IDEState *s)
920{
8ccad811 921 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
98087450
FB		 922 s->io_buffer_index = 0;
923 s->io_buffer_size = 0;
924 ide_dma_start(s, ide_read_dma_cb);
925}
926
a09db21f
FB		 927static void ide_sector_write_timer_cb(void *opaque)
928{
929 IDEState *s = opaque;
930 ide_set_irq(s);
931}
932
5391d806
FB		 933static void ide_sector_write(IDEState *s)
934{
935 int64_t sector_num;
31c2a146 936 int ret, n, n1;
5391d806
FB		 937
938 s->status = READY_STAT | SEEK_STAT;
939 sector_num = ide_get_sector(s);
940#if defined(DEBUG_IDE)
941 printf("write sector=%Ld\n", sector_num);
942#endif
943 n = s->nsector;
944 if (n > s->req_nb_sectors)
945 n = s->req_nb_sectors;
31c2a146 946 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
5391d806
FB		 947 s->nsector -= n;
948 if (s->nsector == 0) {
292eef5a 949 /* no more sectors to write */
5391d806
FB		 950 ide_transfer_stop(s);
951 } else {
952 n1 = s->nsector;
953 if (n1 > s->req_nb_sectors)
954 n1 = s->req_nb_sectors;
955 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
956 }
957 ide_set_sector(s, sector_num + n);
3b46e624 958
31c2a146
TS		 959#ifdef TARGET_I386
960 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
961 /* It seems there is a bug in the Windows 2000 installer HDD
962 IDE driver which fills the disk with empty logs when the
963 IDE write IRQ comes too early. This hack tries to correct
964 that at the expense of slower write performances. Use this
965 option _only_ to install Windows 2000. You must disable it
966 for normal use. */
967 qemu_mod_timer(s->sector_write_timer,
968 qemu_get_clock(vm_clock) + (ticks_per_sec / 1000));
969 } else
970#endif
971 {
972 ide_set_irq(s);
973 }
5391d806
FB		 974}
975
8ccad811
FB		 976/* XXX: handle errors */
977static void ide_write_dma_cb(void *opaque, int ret)
98087450 978{
8ccad811
FB		 979 BMDMAState *bm = opaque;
980 IDEState *s = bm->ide_if;
981 int n;
98087450
FB		 982 int64_t sector_num;
983
8ccad811
FB		 984 n = s->io_buffer_size >> 9;
985 sector_num = ide_get_sector(s);
986 if (n > 0) {
987 sector_num += n;
988 ide_set_sector(s, sector_num);
989 s->nsector -= n;
98087450 990 }
98087450 991
8ccad811
FB		 992 /* end of transfer ? */
993 if (s->nsector == 0) {
994 s->status = READY_STAT | SEEK_STAT;
995 ide_set_irq(s);
996 eot:
997 bm->status &= ~BM_STATUS_DMAING;
998 bm->status |= BM_STATUS_INT;
999 bm->dma_cb = NULL;
1000 bm->ide_if = NULL;
1001 bm->aiocb = NULL;
1002 return;
1003 }
1004
1005 /* launch next transfer */
98087450 1006 n = s->nsector;
1d8cde5b
AJ		 1007 if (n > IDE_DMA_BUF_SECTORS)
1008 n = IDE_DMA_BUF_SECTORS;
98087450
FB		 1009 s->io_buffer_index = 0;
1010 s->io_buffer_size = n * 512;
8ccad811
FB		 1011
1012 if (dma_buf_rw(bm, 0) == 0)
1013 goto eot;
1014#ifdef DEBUG_AIO
1015 printf("aio_write: sector_num=%lld n=%d\n", sector_num, n);
1016#endif
5fafdf24 1017 bm->aiocb = bdrv_aio_write(s->bs, sector_num, s->io_buffer, n,
8ccad811
FB		 1018 ide_write_dma_cb, bm);
1019}
1020
1021static void ide_sector_write_dma(IDEState *s)
1022{
1023 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
1024 s->io_buffer_index = 0;
1025 s->io_buffer_size = 0;
98087450
FB		 1026 ide_dma_start(s, ide_write_dma_cb);
1027}
1028
5391d806
FB		 1029static void ide_atapi_cmd_ok(IDEState *s)
1030{
1031 s->error = 0;
1032 s->status = READY_STAT;
1033 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1034 ide_set_irq(s);
1035}
1036
1037static void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
1038{
1039#ifdef DEBUG_IDE_ATAPI
1040 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
1041#endif
1042 s->error = sense_key << 4;
1043 s->status = READY_STAT | ERR_STAT;
1044 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1045 s->sense_key = sense_key;
1046 s->asc = asc;
1047 ide_set_irq(s);
1048}
1049
1050static inline void cpu_to_ube16(uint8_t *buf, int val)
1051{
1052 buf[0] = val >> 8;
1053 buf[1] = val;
1054}
1055
1056static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
1057{
1058 buf[0] = val >> 24;
1059 buf[1] = val >> 16;
1060 buf[2] = val >> 8;
1061 buf[3] = val;
1062}
1063
1064static inline int ube16_to_cpu(const uint8_t *buf)
1065{
1066 return (buf[0] << 8) | buf[1];
1067}
1068
1069static inline int ube32_to_cpu(const uint8_t *buf)
1070{
1071 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
1072}
1073
98087450
FB		 1074static void lba_to_msf(uint8_t *buf, int lba)
1075{
1076 lba += 150;
1077 buf[0] = (lba / 75) / 60;
1078 buf[1] = (lba / 75) % 60;
1079 buf[2] = lba % 75;
1080}
1081
8ccad811
FB		 1082static void cd_data_to_raw(uint8_t *buf, int lba)
1083{
1084 /* sync bytes */
1085 buf[0] = 0x00;
1086 memset(buf + 1, 0xff, 10);
1087 buf[11] = 0x00;
1088 buf += 12;
1089 /* MSF */
1090 lba_to_msf(buf, lba);
1091 buf[3] = 0x01; /* mode 1 data */
1092 buf += 4;
1093 /* data */
1094 buf += 2048;
1095 /* XXX: ECC not computed */
1096 memset(buf, 0, 288);
1097}
1098
5fafdf24 1099static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
98087450
FB		 1100 int sector_size)
1101{
66c6ef76
FB		 1102 int ret;
1103
98087450
FB		 1104 switch(sector_size) {
1105 case 2048:
66c6ef76 1106 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
98087450
FB		 1107 break;
1108 case 2352:
66c6ef76
FB		 1109 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
1110 if (ret < 0)
1111 return ret;
8ccad811 1112 cd_data_to_raw(buf, lba);
98087450
FB		 1113 break;
1114 default:
66c6ef76 1115 ret = -EIO;
98087450
FB		 1116 break;
1117 }
66c6ef76
FB		 1118 return ret;
1119}
1120
1121static void ide_atapi_io_error(IDEState *s, int ret)
1122{
1123 /* XXX: handle more errors */
1124 if (ret == -ENOMEDIUM) {
5fafdf24 1125 ide_atapi_cmd_error(s, SENSE_NOT_READY,
66c6ef76
FB		 1126 ASC_MEDIUM_NOT_PRESENT);
1127 } else {
5fafdf24 1128 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
66c6ef76
FB		 1129 ASC_LOGICAL_BLOCK_OOR);
1130 }
98087450
FB		 1131}
1132
5391d806
FB		 1133/* The whole ATAPI transfer logic is handled in this function */
1134static void ide_atapi_cmd_reply_end(IDEState *s)
1135{
66c6ef76 1136 int byte_count_limit, size, ret;
5391d806 1137#ifdef DEBUG_IDE_ATAPI
5fafdf24 1138 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
5391d806
FB		 1139 s->packet_transfer_size,
1140 s->elementary_transfer_size,
1141 s->io_buffer_index);
1142#endif
1143 if (s->packet_transfer_size <= 0) {
1144 /* end of transfer */
1145 ide_transfer_stop(s);
1146 s->status = READY_STAT;
1147 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1148 ide_set_irq(s);
1149#ifdef DEBUG_IDE_ATAPI
1150 printf("status=0x%x\n", s->status);
1151#endif
1152 } else {
1153 /* see if a new sector must be read */
98087450 1154 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
66c6ef76
FB		 1155 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
1156 if (ret < 0) {
1157 ide_transfer_stop(s);
1158 ide_atapi_io_error(s, ret);
1159 return;
1160 }
5391d806
FB		 1161 s->lba++;
1162 s->io_buffer_index = 0;
1163 }
1164 if (s->elementary_transfer_size > 0) {
1165 /* there are some data left to transmit in this elementary
1166 transfer */
98087450 1167 size = s->cd_sector_size - s->io_buffer_index;
5391d806
FB		 1168 if (size > s->elementary_transfer_size)
1169 size = s->elementary_transfer_size;
5fafdf24 1170 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
5391d806
FB		 1171 size, ide_atapi_cmd_reply_end);
1172 s->packet_transfer_size -= size;
1173 s->elementary_transfer_size -= size;
1174 s->io_buffer_index += size;
1175 } else {
1176 /* a new transfer is needed */
1177 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
1178 byte_count_limit = s->lcyl | (s->hcyl << 8);
1179#ifdef DEBUG_IDE_ATAPI
1180 printf("byte_count_limit=%d\n", byte_count_limit);
1181#endif
1182 if (byte_count_limit == 0xffff)
1183 byte_count_limit--;
1184 size = s->packet_transfer_size;
1185 if (size > byte_count_limit) {
1186 /* byte count limit must be even if this case */
1187 if (byte_count_limit & 1)
1188 byte_count_limit--;
1189 size = byte_count_limit;
5391d806 1190 }
a136e5a8
FB		 1191 s->lcyl = size;
1192 s->hcyl = size >> 8;
5391d806
FB		 1193 s->elementary_transfer_size = size;
1194 /* we cannot transmit more than one sector at a time */
1195 if (s->lba != -1) {
98087450
FB		 1196 if (size > (s->cd_sector_size - s->io_buffer_index))
1197 size = (s->cd_sector_size - s->io_buffer_index);
5391d806 1198 }
5fafdf24 1199 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
5391d806
FB		 1200 size, ide_atapi_cmd_reply_end);
1201 s->packet_transfer_size -= size;
1202 s->elementary_transfer_size -= size;
1203 s->io_buffer_index += size;
1204 ide_set_irq(s);
1205#ifdef DEBUG_IDE_ATAPI
1206 printf("status=0x%x\n", s->status);
1207#endif
1208 }
1209 }
1210}
1211
1212/* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
1213static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
1214{
1215 if (size > max_size)
1216 size = max_size;
1217 s->lba = -1; /* no sector read */
1218 s->packet_transfer_size = size;
5f12ab4b 1219 s->io_buffer_size = size; /* dma: send the reply data as one chunk */
5391d806
FB		 1220 s->elementary_transfer_size = 0;
1221 s->io_buffer_index = 0;
1222
5f12ab4b
TS		 1223 if (s->atapi_dma) {
1224 s->status = READY_STAT | DRQ_STAT;
1225 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1226 } else {
1227 s->status = READY_STAT;
1228 ide_atapi_cmd_reply_end(s);
1229 }
5391d806
FB		 1230}
1231
1232/* start a CD-CDROM read command */
98087450
FB		 1233static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
1234 int sector_size)
5391d806 1235{
5391d806 1236 s->lba = lba;
98087450 1237 s->packet_transfer_size = nb_sectors * sector_size;
5391d806 1238 s->elementary_transfer_size = 0;
98087450
FB		 1239 s->io_buffer_index = sector_size;
1240 s->cd_sector_size = sector_size;
5391d806
FB		 1241
1242 s->status = READY_STAT;
1243 ide_atapi_cmd_reply_end(s);
1244}
1245
98087450 1246/* ATAPI DMA support */
8ccad811
FB		 1247
1248/* XXX: handle read errors */
1249static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
98087450 1250{
8ccad811
FB		 1251 BMDMAState *bm = opaque;
1252 IDEState *s = bm->ide_if;
1253 int data_offset, n;
1254
66c6ef76
FB		 1255 if (ret < 0) {
1256 ide_atapi_io_error(s, ret);
1257 goto eot;
1258 }
1259
8ccad811 1260 if (s->io_buffer_size > 0) {
5f12ab4b
TS		 1261 /*
1262 * For a cdrom read sector command (s->lba != -1),
1263 * adjust the lba for the next s->io_buffer_size chunk
1264 * and dma the current chunk.
1265 * For a command != read (s->lba == -1), just transfer
1266 * the reply data.
1267 */
1268 if (s->lba != -1) {
1269 if (s->cd_sector_size == 2352) {
1270 n = 1;
1271 cd_data_to_raw(s->io_buffer, s->lba);
1272 } else {
1273 n = s->io_buffer_size >> 11;
1274 }
1275 s->lba += n;
1276 }
8ccad811 1277 s->packet_transfer_size -= s->io_buffer_size;
8ccad811
FB		 1278 if (dma_buf_rw(bm, 1) == 0)
1279 goto eot;
98087450 1280 }
8ccad811 1281
98087450
FB		 1282 if (s->packet_transfer_size <= 0) {
1283 s->status = READY_STAT;
1284 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1285 ide_set_irq(s);
8ccad811
FB		 1286 eot:
1287 bm->status &= ~BM_STATUS_DMAING;
1288 bm->status |= BM_STATUS_INT;
1289 bm->dma_cb = NULL;
1290 bm->ide_if = NULL;
1291 bm->aiocb = NULL;
1292 return;
1293 }
3b46e624 1294
8ccad811
FB		 1295 s->io_buffer_index = 0;
1296 if (s->cd_sector_size == 2352) {
1297 n = 1;
1298 s->io_buffer_size = s->cd_sector_size;
1299 data_offset = 16;
1300 } else {
1301 n = s->packet_transfer_size >> 11;
1d8cde5b
AJ		 1302 if (n > (IDE_DMA_BUF_SECTORS / 4))
1303 n = (IDE_DMA_BUF_SECTORS / 4);
8ccad811
FB		 1304 s->io_buffer_size = n * 2048;
1305 data_offset = 0;
98087450 1306 }
8ccad811
FB		 1307#ifdef DEBUG_AIO
1308 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
1309#endif
5fafdf24
TS		 1310 bm->aiocb = bdrv_aio_read(s->bs, (int64_t)s->lba << 2,
1311 s->io_buffer + data_offset, n * 4,
8ccad811 1312 ide_atapi_cmd_read_dma_cb, bm);
66c6ef76
FB		 1313 if (!bm->aiocb) {
1314 /* Note: media not present is the most likely case */
5fafdf24 1315 ide_atapi_cmd_error(s, SENSE_NOT_READY,
66c6ef76
FB		 1316 ASC_MEDIUM_NOT_PRESENT);
1317 goto eot;
1318 }
98087450
FB		 1319}
1320
1321/* start a CD-CDROM read command with DMA */
1322/* XXX: test if DMA is available */
1323static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1324 int sector_size)
1325{
1326 s->lba = lba;
1327 s->packet_transfer_size = nb_sectors * sector_size;
8ccad811
FB		 1328 s->io_buffer_index = 0;
1329 s->io_buffer_size = 0;
98087450
FB		 1330 s->cd_sector_size = sector_size;
1331
8ccad811
FB		 1332 /* XXX: check if BUSY_STAT should be set */
1333 s->status = READY_STAT | DRQ_STAT | BUSY_STAT;
98087450
FB		 1334 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1335}
1336
5fafdf24 1337static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
98087450
FB		 1338 int sector_size)
1339{
1340#ifdef DEBUG_IDE_ATAPI
5f12ab4b
TS		 1341 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
1342 lba, nb_sectors);
98087450
FB		 1343#endif
1344 if (s->atapi_dma) {
1345 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1346 } else {
1347 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1348 }
1349}
1350
38cdea7c
AZ		 1351static inline uint8_t ide_atapi_set_profile(uint8_t *buf, uint8_t *index,
1352 uint16_t profile)
1353{
1354 uint8_t *buf_profile = buf + 12; /* start of profiles */
1355
1356 buf_profile += ((*index) * 4); /* start of indexed profile */
1357 cpu_to_ube16 (buf_profile, profile);
1358 buf_profile[2] = ((buf_profile[0] == buf[6]) && (buf_profile[1] == buf[7]));
1359
1360 /* each profile adds 4 bytes to the response */
1361 (*index)++;
1362 buf[11] += 4; /* Additional Length */
1363
1364 return 4;
1365}
1366
5391d806
FB		 1367static void ide_atapi_cmd(IDEState *s)
1368{
1369 const uint8_t *packet;
1370 uint8_t *buf;
1371 int max_len;
1372
1373 packet = s->io_buffer;
1374 buf = s->io_buffer;
1375#ifdef DEBUG_IDE_ATAPI
1376 {
1377 int i;
1378 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1379 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1380 printf(" %02x", packet[i]);
1381 }
1382 printf("\n");
1383 }
1384#endif
1385 switch(s->io_buffer[0]) {
1386 case GPCMD_TEST_UNIT_READY:
caed8802 1387 if (bdrv_is_inserted(s->bs)) {
5391d806
FB		 1388 ide_atapi_cmd_ok(s);
1389 } else {
5fafdf24 1390 ide_atapi_cmd_error(s, SENSE_NOT_READY,
5391d806
FB		 1391 ASC_MEDIUM_NOT_PRESENT);
1392 }
1393 break;
d14049ea 1394 case GPCMD_MODE_SENSE_6:
5391d806
FB		 1395 case GPCMD_MODE_SENSE_10:
1396 {
1397 int action, code;
d14049ea
TS		 1398 if (packet[0] == GPCMD_MODE_SENSE_10)
1399 max_len = ube16_to_cpu(packet + 7);
1400 else
1401 max_len = packet[4];
5391d806
FB		 1402 action = packet[2] >> 6;
1403 code = packet[2] & 0x3f;
1404 switch(action) {
1405 case 0: /* current values */
1406 switch(code) {
1407 case 0x01: /* error recovery */
1408 cpu_to_ube16(&buf[0], 16 + 6);
1409 buf[2] = 0x70;
1410 buf[3] = 0;
1411 buf[4] = 0;
1412 buf[5] = 0;
1413 buf[6] = 0;
1414 buf[7] = 0;
1415
1416 buf[8] = 0x01;
1417 buf[9] = 0x06;
1418 buf[10] = 0x00;
1419 buf[11] = 0x05;
1420 buf[12] = 0x00;
1421 buf[13] = 0x00;
1422 buf[14] = 0x00;
1423 buf[15] = 0x00;
1424 ide_atapi_cmd_reply(s, 16, max_len);
1425 break;
1426 case 0x2a:
1427 cpu_to_ube16(&buf[0], 28 + 6);
1428 buf[2] = 0x70;
1429 buf[3] = 0;
1430 buf[4] = 0;
1431 buf[5] = 0;
1432 buf[6] = 0;
1433 buf[7] = 0;
1434
1435 buf[8] = 0x2a;
1436 buf[9] = 0x12;
0d4a05a1 1437 buf[10] = 0x00;
5391d806 1438 buf[11] = 0x00;
3b46e624 1439
5391d806
FB		 1440 buf[12] = 0x70;
1441 buf[13] = 3 << 5;
1442 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
caed8802 1443 if (bdrv_is_locked(s->bs))
5391d806
FB		 1444 buf[6] |= 1 << 1;
1445 buf[15] = 0x00;
1446 cpu_to_ube16(&buf[16], 706);
1447 buf[18] = 0;
1448 buf[19] = 2;
1449 cpu_to_ube16(&buf[20], 512);
1450 cpu_to_ube16(&buf[22], 706);
1451 buf[24] = 0;
1452 buf[25] = 0;
1453 buf[26] = 0;
1454 buf[27] = 0;
1455 ide_atapi_cmd_reply(s, 28, max_len);
1456 break;
1457 default:
1458 goto error_cmd;
1459 }
1460 break;
1461 case 1: /* changeable values */
1462 goto error_cmd;
1463 case 2: /* default values */
1464 goto error_cmd;
1465 default:
1466 case 3: /* saved values */
5fafdf24 1467 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
5391d806
FB		 1468 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1469 break;
1470 }
1471 }
1472 break;
1473 case GPCMD_REQUEST_SENSE:
1474 max_len = packet[4];
1475 memset(buf, 0, 18);
1476 buf[0] = 0x70 | (1 << 7);
1477 buf[2] = s->sense_key;
1478 buf[7] = 10;
1479 buf[12] = s->asc;
1480 ide_atapi_cmd_reply(s, 18, max_len);
1481 break;
1482 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
caed8802
FB		 1483 if (bdrv_is_inserted(s->bs)) {
1484 bdrv_set_locked(s->bs, packet[4] & 1);
5391d806
FB		 1485 ide_atapi_cmd_ok(s);
1486 } else {
5fafdf24 1487 ide_atapi_cmd_error(s, SENSE_NOT_READY,
5391d806
FB		 1488 ASC_MEDIUM_NOT_PRESENT);
1489 }
1490 break;
1491 case GPCMD_READ_10:
1492 case GPCMD_READ_12:
1493 {
1494 int nb_sectors, lba;
1495
5391d806
FB		 1496 if (packet[0] == GPCMD_READ_10)
1497 nb_sectors = ube16_to_cpu(packet + 7);
1498 else
1499 nb_sectors = ube32_to_cpu(packet + 6);
1500 lba = ube32_to_cpu(packet + 2);
1501 if (nb_sectors == 0) {
1502 ide_atapi_cmd_ok(s);
1503 break;
1504 }
98087450
FB		 1505 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1506 }
1507 break;
1508 case GPCMD_READ_CD:
1509 {
1510 int nb_sectors, lba, transfer_request;
1511
98087450
FB		 1512 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1513 lba = ube32_to_cpu(packet + 2);
1514 if (nb_sectors == 0) {
1515 ide_atapi_cmd_ok(s);
1516 break;
1517 }
98087450
FB		 1518 transfer_request = packet[9];
1519 switch(transfer_request & 0xf8) {
1520 case 0x00:
1521 /* nothing */
1522 ide_atapi_cmd_ok(s);
1523 break;
1524 case 0x10:
1525 /* normal read */
1526 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1527 break;
1528 case 0xf8:
1529 /* read all data */
1530 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1531 break;
1532 default:
5fafdf24 1533 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
98087450
FB		 1534 ASC_INV_FIELD_IN_CMD_PACKET);
1535 break;
1536 }
5391d806
FB		 1537 }
1538 break;
1539 case GPCMD_SEEK:
1540 {
96b8f136
TS		 1541 unsigned int lba;
1542 uint64_t total_sectors;
66c6ef76
FB		 1543
1544 bdrv_get_geometry(s->bs, &total_sectors);
1545 total_sectors >>= 2;
96b8f136 1546 if (total_sectors == 0) {
5fafdf24 1547 ide_atapi_cmd_error(s, SENSE_NOT_READY,
5391d806
FB		 1548 ASC_MEDIUM_NOT_PRESENT);
1549 break;
1550 }
1551 lba = ube32_to_cpu(packet + 2);
66c6ef76 1552 if (lba >= total_sectors) {
5fafdf24 1553 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
5391d806
FB		 1554 ASC_LOGICAL_BLOCK_OOR);
1555 break;
1556 }
1557 ide_atapi_cmd_ok(s);
1558 }
1559 break;
1560 case GPCMD_START_STOP_UNIT:
1561 {
1562 int start, eject;
1563 start = packet[4] & 1;
1564 eject = (packet[4] >> 1) & 1;
3b46e624 1565
caed8802
FB		 1566 if (eject && !start) {
1567 /* eject the disk */
66c6ef76
FB		 1568 bdrv_eject(s->bs, 1);
1569 } else if (eject && start) {
1570 /* close the tray */
1571 bdrv_eject(s->bs, 0);
caed8802 1572 }
5391d806
FB		 1573 ide_atapi_cmd_ok(s);
1574 }
1575 break;
1576 case GPCMD_MECHANISM_STATUS:
1577 {
1578 max_len = ube16_to_cpu(packet + 8);
1579 cpu_to_ube16(buf, 0);
1580 /* no current LBA */
1581 buf[2] = 0;
1582 buf[3] = 0;
1583 buf[4] = 0;
1584 buf[5] = 1;
1585 cpu_to_ube16(buf + 6, 0);
1586 ide_atapi_cmd_reply(s, 8, max_len);
1587 }
1588 break;
1589 case GPCMD_READ_TOC_PMA_ATIP:
1590 {
1591 int format, msf, start_track, len;
96b8f136 1592 uint64_t total_sectors;
5391d806 1593
66c6ef76
FB		 1594 bdrv_get_geometry(s->bs, &total_sectors);
1595 total_sectors >>= 2;
96b8f136 1596 if (total_sectors == 0) {
5fafdf24 1597 ide_atapi_cmd_error(s, SENSE_NOT_READY,
5391d806
FB		 1598 ASC_MEDIUM_NOT_PRESENT);
1599 break;
1600 }
1601 max_len = ube16_to_cpu(packet + 7);
1602 format = packet[9] >> 6;
1603 msf = (packet[1] >> 1) & 1;
1604 start_track = packet[6];
1605 switch(format) {
1606 case 0:
66c6ef76 1607 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
5391d806
FB		 1608 if (len < 0)
1609 goto error_cmd;
1610 ide_atapi_cmd_reply(s, len, max_len);
1611 break;
1612 case 1:
1613 /* multi session : only a single session defined */
1614 memset(buf, 0, 12);
1615 buf[1] = 0x0a;
1616 buf[2] = 0x01;
1617 buf[3] = 0x01;
1618 ide_atapi_cmd_reply(s, 12, max_len);
1619 break;
98087450 1620 case 2:
66c6ef76 1621 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
98087450
FB		 1622 if (len < 0)
1623 goto error_cmd;
1624 ide_atapi_cmd_reply(s, len, max_len);
1625 break;
5391d806 1626 default:
7f777bf3 1627 error_cmd:
5fafdf24 1628 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
7f777bf3
FB		 1629 ASC_INV_FIELD_IN_CMD_PACKET);
1630 break;
5391d806
FB		 1631 }
1632 }
1633 break;
1634 case GPCMD_READ_CDVD_CAPACITY:
66c6ef76 1635 {
96b8f136 1636 uint64_t total_sectors;
66c6ef76
FB		 1637
1638 bdrv_get_geometry(s->bs, &total_sectors);
1639 total_sectors >>= 2;
96b8f136 1640 if (total_sectors == 0) {
5fafdf24 1641 ide_atapi_cmd_error(s, SENSE_NOT_READY,
66c6ef76
FB		 1642 ASC_MEDIUM_NOT_PRESENT);
1643 break;
1644 }
1645 /* NOTE: it is really the number of sectors minus 1 */
1646 cpu_to_ube32(buf, total_sectors - 1);
1647 cpu_to_ube32(buf + 4, 2048);
1648 ide_atapi_cmd_reply(s, 8, 8);
5391d806 1649 }
5391d806 1650 break;
d14049ea
TS		 1651 case GPCMD_READ_DVD_STRUCTURE:
1652 {
1653 int media = packet[1];
1654 int layer = packet[6];
1655 int format = packet[2];
96b8f136 1656 uint64_t total_sectors;
d14049ea
TS		 1657
1658 if (media != 0 || layer != 0)
1659 {
1660 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1661 ASC_INV_FIELD_IN_CMD_PACKET);
1662 }
1663
1664 switch (format) {
1665 case 0:
1666 bdrv_get_geometry(s->bs, &total_sectors);
1667 total_sectors >>= 2;
96b8f136
TS		 1668 if (total_sectors == 0) {
1669 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1670 ASC_MEDIUM_NOT_PRESENT);
1671 break;
1672 }
d14049ea
TS		 1673
1674 memset(buf, 0, 2052);
1675
1676 buf[4] = 1; // DVD-ROM, part version 1
1677 buf[5] = 0xf; // 120mm disc, maximum rate unspecified
1678 buf[6] = 0; // one layer, embossed data
1679 buf[7] = 0;
1680
1681 cpu_to_ube32(buf + 8, 0);
1682 cpu_to_ube32(buf + 12, total_sectors - 1);
1683 cpu_to_ube32(buf + 16, total_sectors - 1);
1684
1685 cpu_to_be16wu((uint16_t *)buf, 2048 + 4);
1686
1687 ide_atapi_cmd_reply(s, 2048 + 3, 2048 + 4);
1688 break;
1689
1690 default:
1691 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1692 ASC_INV_FIELD_IN_CMD_PACKET);
1693 break;
1694 }
1695 }
1696 break;
1697 case GPCMD_SET_SPEED:
1698 ide_atapi_cmd_ok(s);
1699 break;
bd0d90b2
FB		 1700 case GPCMD_INQUIRY:
1701 max_len = packet[4];
1702 buf[0] = 0x05; /* CD-ROM */
1703 buf[1] = 0x80; /* removable */
1704 buf[2] = 0x00; /* ISO */
1705 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
aa1f17c1 1706 buf[4] = 31; /* additional length */
bd0d90b2
FB		 1707 buf[5] = 0; /* reserved */
1708 buf[6] = 0; /* reserved */
1709 buf[7] = 0; /* reserved */
1710 padstr8(buf + 8, 8, "QEMU");
38cdea7c 1711 padstr8(buf + 16, 16, "QEMU DVD-ROM");
bd0d90b2
FB		 1712 padstr8(buf + 32, 4, QEMU_VERSION);
1713 ide_atapi_cmd_reply(s, 36, max_len);
1714 break;
d14049ea
TS		 1715 case GPCMD_GET_CONFIGURATION:
1716 {
38cdea7c 1717 uint32_t len;
091d055b 1718 uint8_t index = 0;
d14049ea
TS		 1719
1720 /* only feature 0 is supported */
1721 if (packet[2] != 0 || packet[3] != 0) {
1722 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1723 ASC_INV_FIELD_IN_CMD_PACKET);
1724 break;
1725 }
38cdea7c
AZ		 1726
1727 /* XXX: could result in alignment problems in some architectures */
1728 max_len = ube16_to_cpu(packet + 7);
091d055b 1729
38cdea7c 1730 /*
091d055b
AZ		 1731 * XXX: avoid overflow for io_buffer if max_len is bigger than
1732 * the size of that buffer (dimensioned to max number of
1733 * sectors to transfer at once)
38cdea7c 1734 *
091d055b 1735 * Only a problem if the feature/profiles grow.
38cdea7c
AZ		 1736 */
1737 if (max_len > 512) /* XXX: assume 1 sector */
1738 max_len = 512;
1739
1740 memset(buf, 0, max_len);
1741 /*
1742 * the number of sectors from the media tells us which profile
1743 * to use as current. 0 means there is no media
1744 *
1745 * XXX: fails to detect correctly DVDs with less data burned
1746 * than what a CD can hold
1747 */
091d055b
AZ		 1748 if (s -> nb_sectors) {
1749 if (s -> nb_sectors > CD_MAX_SECTORS)
38cdea7c
AZ		 1750 cpu_to_ube16(buf + 6, MMC_PROFILE_DVD_ROM);
1751 else
1752 cpu_to_ube16(buf + 6, MMC_PROFILE_CD_ROM);
1753 }
1754
091d055b
AZ		 1755 buf[10] = 0x02 | 0x01; /* persistent and current */
1756 len = 12; /* headers: 8 + 4 */
1757 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_DVD_ROM);
1758 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_CD_ROM);
38cdea7c
AZ		 1759 cpu_to_ube32(buf, len - 4); /* data length */
1760
1761 ide_atapi_cmd_reply(s, len, max_len);
d14049ea
TS		 1762 break;
1763 }
5391d806 1764 default:
5fafdf24 1765 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
7f777bf3 1766 ASC_ILLEGAL_OPCODE);
5391d806
FB		 1767 break;
1768 }
1769}
1770
201a51fc
AZ		 1771static void ide_cfata_metadata_inquiry(IDEState *s)
1772{
1773 uint16_t *p;
1774 uint32_t spd;
1775
1776 p = (uint16_t *) s->io_buffer;
1777 memset(p, 0, 0x200);
1778 spd = ((s->mdata_size - 1) >> 9) + 1;
1779
1780 put_le16(p + 0, 0x0001); /* Data format revision */
1781 put_le16(p + 1, 0x0000); /* Media property: silicon */
1782 put_le16(p + 2, s->media_changed); /* Media status */
1783 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
1784 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
1785 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
1786 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
1787}
1788
1789static void ide_cfata_metadata_read(IDEState *s)
1790{
1791 uint16_t *p;
1792
1793 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1794 s->status = ERR_STAT;
1795 s->error = ABRT_ERR;
1796 return;
1797 }
1798
1799 p = (uint16_t *) s->io_buffer;
1800 memset(p, 0, 0x200);
1801
1802 put_le16(p + 0, s->media_changed); /* Media status */
1803 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1804 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1805 s->nsector << 9), 0x200 - 2));
1806}
1807
1808static void ide_cfata_metadata_write(IDEState *s)
1809{
1810 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1811 s->status = ERR_STAT;
1812 s->error = ABRT_ERR;
1813 return;
1814 }
1815
1816 s->media_changed = 0;
1817
1818 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1819 s->io_buffer + 2,
1820 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1821 s->nsector << 9), 0x200 - 2));
1822}
1823
bd491d6a
TS		 1824/* called when the inserted state of the media has changed */
1825static void cdrom_change_cb(void *opaque)
1826{
1827 IDEState *s = opaque;
96b8f136 1828 uint64_t nb_sectors;
bd491d6a
TS		 1829
1830 /* XXX: send interrupt too */
1831 bdrv_get_geometry(s->bs, &nb_sectors);
1832 s->nb_sectors = nb_sectors;
1833}
1834
c2ff060f
FB		 1835static void ide_cmd_lba48_transform(IDEState *s, int lba48)
1836{
1837 s->lba48 = lba48;
1838
1839 /* handle the 'magic' 0 nsector count conversion here. to avoid
1840 * fiddling with the rest of the read logic, we just store the
1841 * full sector count in ->nsector and ignore ->hob_nsector from now
1842 */
1843 if (!s->lba48) {
1844 if (!s->nsector)
1845 s->nsector = 256;
1846 } else {
1847 if (!s->nsector && !s->hob_nsector)
1848 s->nsector = 65536;
1849 else {
1850 int lo = s->nsector;
1851 int hi = s->hob_nsector;
1852
1853 s->nsector = (hi << 8) | lo;
1854 }
1855 }
1856}
1857
1858static void ide_clear_hob(IDEState *ide_if)
1859{
1860 /* any write clears HOB high bit of device control register */
1861 ide_if[0].select &= ~(1 << 7);
1862 ide_if[1].select &= ~(1 << 7);
1863}
1864
caed8802
FB		 1865static void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
1866{
1867 IDEState *ide_if = opaque;
c45c3d00 1868 IDEState *s;
5391d806 1869 int unit, n;
c2ff060f 1870 int lba48 = 0;
5391d806
FB		 1871
1872#ifdef DEBUG_IDE
1873 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1874#endif
c2ff060f 1875
5391d806
FB		 1876 addr &= 7;
1877 switch(addr) {
1878 case 0:
1879 break;
1880 case 1:
c2ff060f 1881 ide_clear_hob(ide_if);
c45c3d00 1882 /* NOTE: data is written to the two drives */
c2ff060f
FB		 1883 ide_if[0].hob_feature = ide_if[0].feature;
1884 ide_if[1].hob_feature = ide_if[1].feature;
c45c3d00
FB		 1885 ide_if[0].feature = val;
1886 ide_if[1].feature = val;
5391d806
FB		 1887 break;
1888 case 2:
c2ff060f
FB		 1889 ide_clear_hob(ide_if);
1890 ide_if[0].hob_nsector = ide_if[0].nsector;
1891 ide_if[1].hob_nsector = ide_if[1].nsector;
c45c3d00
FB		 1892 ide_if[0].nsector = val;
1893 ide_if[1].nsector = val;
5391d806
FB		 1894 break;
1895 case 3:
c2ff060f
FB		 1896 ide_clear_hob(ide_if);
1897 ide_if[0].hob_sector = ide_if[0].sector;
1898 ide_if[1].hob_sector = ide_if[1].sector;
c45c3d00
FB		 1899 ide_if[0].sector = val;
1900 ide_if[1].sector = val;
5391d806
FB		 1901 break;
1902 case 4:
c2ff060f
FB		 1903 ide_clear_hob(ide_if);
1904 ide_if[0].hob_lcyl = ide_if[0].lcyl;
1905 ide_if[1].hob_lcyl = ide_if[1].lcyl;
c45c3d00
FB		 1906 ide_if[0].lcyl = val;
1907 ide_if[1].lcyl = val;
5391d806
FB		 1908 break;
1909 case 5:
c2ff060f
FB		 1910 ide_clear_hob(ide_if);
1911 ide_if[0].hob_hcyl = ide_if[0].hcyl;
1912 ide_if[1].hob_hcyl = ide_if[1].hcyl;
c45c3d00
FB		 1913 ide_if[0].hcyl = val;
1914 ide_if[1].hcyl = val;
5391d806
FB		 1915 break;
1916 case 6:
c2ff060f 1917 /* FIXME: HOB readback uses bit 7 */
7ae98627
FB		 1918 ide_if[0].select = (val & ~0x10) | 0xa0;
1919 ide_if[1].select = (val | 0x10) | 0xa0;
5391d806
FB		 1920 /* select drive */
1921 unit = (val >> 4) & 1;
1922 s = ide_if + unit;
1923 ide_if->cur_drive = s;
5391d806
FB		 1924 break;
1925 default:
1926 case 7:
1927 /* command */
1928#if defined(DEBUG_IDE)
1929 printf("ide: CMD=%02x\n", val);
1930#endif
c45c3d00 1931 s = ide_if->cur_drive;
66201e2d 1932 /* ignore commands to non existant slave */
5fafdf24 1933 if (s != ide_if && !s->bs)
66201e2d 1934 break;
c2ff060f 1935
5391d806
FB		 1936 switch(val) {
1937 case WIN_IDENTIFY:
1938 if (s->bs && !s->is_cdrom) {
201a51fc
AZ		 1939 if (!s->is_cf)
1940 ide_identify(s);
1941 else
1942 ide_cfata_identify(s);
2a282056 1943 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 1944 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1945 } else {
1946 if (s->is_cdrom) {
1947 ide_set_signature(s);
1948 }
1949 ide_abort_command(s);
1950 }
1951 ide_set_irq(s);
1952 break;
1953 case WIN_SPECIFY:
1954 case WIN_RECAL:
a136e5a8 1955 s->error = 0;
769bec72 1956 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 1957 ide_set_irq(s);
1958 break;
1959 case WIN_SETMULT:
201a51fc
AZ		 1960 if (s->is_cf && s->nsector == 0) {
1961 /* Disable Read and Write Multiple */
1962 s->mult_sectors = 0;
1963 s->status = READY_STAT;
1964 } else if ((s->nsector & 0xff) != 0 &&
39dfc926
TS		 1965 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
1966 (s->nsector & (s->nsector - 1)) != 0)) {
5391d806
FB		 1967 ide_abort_command(s);
1968 } else {
292eef5a 1969 s->mult_sectors = s->nsector & 0xff;
5391d806
FB		 1970 s->status = READY_STAT;
1971 }
1972 ide_set_irq(s);
1973 break;
c2ff060f
FB		 1974 case WIN_VERIFY_EXT:
1975 lba48 = 1;
4ce900b4
FB		 1976 case WIN_VERIFY:
1977 case WIN_VERIFY_ONCE:
1978 /* do sector number check ? */
c2ff060f 1979 ide_cmd_lba48_transform(s, lba48);
4ce900b4
FB		 1980 s->status = READY_STAT;
1981 ide_set_irq(s);
1982 break;
c2ff060f
FB		 1983 case WIN_READ_EXT:
1984 lba48 = 1;
5391d806
FB		 1985 case WIN_READ:
1986 case WIN_READ_ONCE:
5fafdf24 1987 if (!s->bs)
6b136f9e 1988 goto abort_cmd;
c2ff060f 1989 ide_cmd_lba48_transform(s, lba48);
5391d806
FB		 1990 s->req_nb_sectors = 1;
1991 ide_sector_read(s);
1992 break;
c2ff060f
FB		 1993 case WIN_WRITE_EXT:
1994 lba48 = 1;
5391d806
FB		 1995 case WIN_WRITE:
1996 case WIN_WRITE_ONCE:
201a51fc
AZ		 1997 case CFA_WRITE_SECT_WO_ERASE:
1998 case WIN_WRITE_VERIFY:
c2ff060f 1999 ide_cmd_lba48_transform(s, lba48);
a136e5a8 2000 s->error = 0;
f66723fa 2001 s->status = SEEK_STAT | READY_STAT;
5391d806
FB		 2002 s->req_nb_sectors = 1;
2003 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
201a51fc 2004 s->media_changed = 1;
5391d806 2005 break;
c2ff060f
FB		 2006 case WIN_MULTREAD_EXT:
2007 lba48 = 1;
5391d806
FB		 2008 case WIN_MULTREAD:
2009 if (!s->mult_sectors)
2010 goto abort_cmd;
c2ff060f 2011 ide_cmd_lba48_transform(s, lba48);
5391d806
FB		 2012 s->req_nb_sectors = s->mult_sectors;
2013 ide_sector_read(s);
2014 break;
c2ff060f
FB		 2015 case WIN_MULTWRITE_EXT:
2016 lba48 = 1;
5391d806 2017 case WIN_MULTWRITE:
201a51fc 2018 case CFA_WRITE_MULTI_WO_ERASE:
5391d806
FB		 2019 if (!s->mult_sectors)
2020 goto abort_cmd;
c2ff060f 2021 ide_cmd_lba48_transform(s, lba48);
a136e5a8 2022 s->error = 0;
f66723fa 2023 s->status = SEEK_STAT | READY_STAT;
5391d806
FB		 2024 s->req_nb_sectors = s->mult_sectors;
2025 n = s->nsector;
2026 if (n > s->req_nb_sectors)
2027 n = s->req_nb_sectors;
2028 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
201a51fc 2029 s->media_changed = 1;
5391d806 2030 break;
c2ff060f
FB		 2031 case WIN_READDMA_EXT:
2032 lba48 = 1;
98087450
FB		 2033 case WIN_READDMA:
2034 case WIN_READDMA_ONCE:
5fafdf24 2035 if (!s->bs)
98087450 2036 goto abort_cmd;
c2ff060f 2037 ide_cmd_lba48_transform(s, lba48);
98087450
FB		 2038 ide_sector_read_dma(s);
2039 break;
c2ff060f
FB		 2040 case WIN_WRITEDMA_EXT:
2041 lba48 = 1;
98087450
FB		 2042 case WIN_WRITEDMA:
2043 case WIN_WRITEDMA_ONCE:
5fafdf24 2044 if (!s->bs)
98087450 2045 goto abort_cmd;
c2ff060f 2046 ide_cmd_lba48_transform(s, lba48);
98087450 2047 ide_sector_write_dma(s);
201a51fc 2048 s->media_changed = 1;
98087450 2049 break;
c2ff060f
FB		 2050 case WIN_READ_NATIVE_MAX_EXT:
2051 lba48 = 1;
5391d806 2052 case WIN_READ_NATIVE_MAX:
c2ff060f 2053 ide_cmd_lba48_transform(s, lba48);
5391d806
FB		 2054 ide_set_sector(s, s->nb_sectors - 1);
2055 s->status = READY_STAT;
2056 ide_set_irq(s);
2057 break;
a136e5a8 2058 case WIN_CHECKPOWERMODE1:
201a51fc 2059 case WIN_CHECKPOWERMODE2:
a136e5a8
FB		 2060 s->nsector = 0xff; /* device active or idle */
2061 s->status = READY_STAT;
2062 ide_set_irq(s);
2063 break;
34e538ae
FB		 2064 case WIN_SETFEATURES:
2065 if (!s->bs)
2066 goto abort_cmd;
2067 /* XXX: valid for CDROM ? */
2068 switch(s->feature) {
e1f63470
TS		 2069 case 0xcc: /* reverting to power-on defaults enable */
2070 case 0x66: /* reverting to power-on defaults disable */
34e538ae
FB		 2071 case 0x02: /* write cache enable */
2072 case 0x82: /* write cache disable */
2073 case 0xaa: /* read look-ahead enable */
2074 case 0x55: /* read look-ahead disable */
201a51fc
AZ		 2075 case 0x05: /* set advanced power management mode */
2076 case 0x85: /* disable advanced power management mode */
2077 case 0x69: /* NOP */
2078 case 0x67: /* NOP */
2079 case 0x96: /* NOP */
2080 case 0x9a: /* NOP */
c3e88d8c
TS		 2081 case 0x42: /* enable Automatic Acoustic Mode */
2082 case 0xc2: /* disable Automatic Acoustic Mode */
e0fe67aa 2083 s->status = READY_STAT | SEEK_STAT;
34e538ae
FB		 2084 ide_set_irq(s);
2085 break;
94458802
FB		 2086 case 0x03: { /* set transfer mode */
2087 uint8_t val = s->nsector & 0x07;
2088
2089 switch (s->nsector >> 3) {
2090 case 0x00: /* pio default */
2091 case 0x01: /* pio mode */
2092 put_le16(s->identify_data + 63,0x07);
2093 put_le16(s->identify_data + 88,0x3f);
2094 break;
2095 case 0x04: /* mdma mode */
2096 put_le16(s->identify_data + 63,0x07 | (1 << (val + 8)));
2097 put_le16(s->identify_data + 88,0x3f);
2098 break;
2099 case 0x08: /* udma mode */
2100 put_le16(s->identify_data + 63,0x07);
2101 put_le16(s->identify_data + 88,0x3f | (1 << (val + 8)));
2102 break;
2103 default:
2104 goto abort_cmd;
2105 }
2106 s->status = READY_STAT | SEEK_STAT;
2107 ide_set_irq(s);
2108 break;
2109 }
34e538ae
FB		 2110 default:
2111 goto abort_cmd;
2112 }
2113 break;
c2ff060f
FB		 2114 case WIN_FLUSH_CACHE:
2115 case WIN_FLUSH_CACHE_EXT:
7a6cba61
PB		 2116 if (s->bs)
2117 bdrv_flush(s->bs);
2118 s->status = READY_STAT;
2119 ide_set_irq(s);
2120 break;
c3e88d8c
TS		 2121 case WIN_STANDBY:
2122 case WIN_STANDBY2:
2123 case WIN_STANDBYNOW1:
201a51fc 2124 case WIN_STANDBYNOW2:
c451ee71 2125 case WIN_IDLEIMMEDIATE:
201a51fc
AZ		 2126 case CFA_IDLEIMMEDIATE:
2127 case WIN_SETIDLE1:
2128 case WIN_SETIDLE2:
c3e88d8c
TS		 2129 case WIN_SLEEPNOW1:
2130 case WIN_SLEEPNOW2:
2131 s->status = READY_STAT;
a7dfe172
FB		 2132 ide_set_irq(s);
2133 break;
5391d806
FB		 2134 /* ATAPI commands */
2135 case WIN_PIDENTIFY:
2136 if (s->is_cdrom) {
2137 ide_atapi_identify(s);
1298fe63 2138 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 2139 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2140 } else {
2141 ide_abort_command(s);
2142 }
2143 ide_set_irq(s);
2144 break;
c451ee71
FB		 2145 case WIN_DIAGNOSE:
2146 ide_set_signature(s);
38453b93 2147 s->status = READY_STAT;
c451ee71 2148 s->error = 0x01;
f5fdd0a8 2149 ide_set_irq(s);
c451ee71 2150 break;
5391d806
FB		 2151 case WIN_SRST:
2152 if (!s->is_cdrom)
2153 goto abort_cmd;
2154 ide_set_signature(s);
6b136f9e 2155 s->status = 0x00; /* NOTE: READY is _not_ set */
5391d806
FB		 2156 s->error = 0x01;
2157 break;
2158 case WIN_PACKETCMD:
2159 if (!s->is_cdrom)
2160 goto abort_cmd;
98087450
FB		 2161 /* overlapping commands not supported */
2162 if (s->feature & 0x02)
5391d806 2163 goto abort_cmd;
7603d156 2164 s->status = READY_STAT;
98087450 2165 s->atapi_dma = s->feature & 1;
5391d806 2166 s->nsector = 1;
5fafdf24 2167 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
5391d806
FB		 2168 ide_atapi_cmd);
2169 break;
201a51fc
AZ		 2170 /* CF-ATA commands */
2171 case CFA_REQ_EXT_ERROR_CODE:
2172 if (!s->is_cf)
2173 goto abort_cmd;
2174 s->error = 0x09; /* miscellaneous error */
2175 s->status = READY_STAT;
2176 ide_set_irq(s);
2177 break;
2178 case CFA_ERASE_SECTORS:
2179 case CFA_WEAR_LEVEL:
2180 if (!s->is_cf)
2181 goto abort_cmd;
2182 if (val == CFA_WEAR_LEVEL)
2183 s->nsector = 0;
2184 if (val == CFA_ERASE_SECTORS)
2185 s->media_changed = 1;
2186 s->error = 0x00;
2187 s->status = READY_STAT;
2188 ide_set_irq(s);
2189 break;
2190 case CFA_TRANSLATE_SECTOR:
2191 if (!s->is_cf)
2192 goto abort_cmd;
2193 s->error = 0x00;
2194 s->status = READY_STAT;
2195 memset(s->io_buffer, 0, 0x200);
2196 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
2197 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
2198 s->io_buffer[0x02] = s->select; /* Head */
2199 s->io_buffer[0x03] = s->sector; /* Sector */
2200 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
2201 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
2202 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
2203 s->io_buffer[0x13] = 0x00; /* Erase flag */
2204 s->io_buffer[0x18] = 0x00; /* Hot count */
2205 s->io_buffer[0x19] = 0x00; /* Hot count */
2206 s->io_buffer[0x1a] = 0x01; /* Hot count */
2207 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2208 ide_set_irq(s);
2209 break;
2210 case CFA_ACCESS_METADATA_STORAGE:
2211 if (!s->is_cf)
2212 goto abort_cmd;
2213 switch (s->feature) {
2214 case 0x02: /* Inquiry Metadata Storage */
2215 ide_cfata_metadata_inquiry(s);
2216 break;
2217 case 0x03: /* Read Metadata Storage */
2218 ide_cfata_metadata_read(s);
2219 break;
2220 case 0x04: /* Write Metadata Storage */
2221 ide_cfata_metadata_write(s);
2222 break;
2223 default:
2224 goto abort_cmd;
2225 }
2226 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2227 s->status = 0x00; /* NOTE: READY is _not_ set */
2228 ide_set_irq(s);
2229 break;
2230 case IBM_SENSE_CONDITION:
2231 if (!s->is_cf)
2232 goto abort_cmd;
2233 switch (s->feature) {
2234 case 0x01: /* sense temperature in device */
2235 s->nsector = 0x50; /* +20 C */
2236 break;
2237 default:
2238 goto abort_cmd;
2239 }
2240 s->status = READY_STAT;
2241 ide_set_irq(s);
2242 break;
5391d806
FB		 2243 default:
2244 abort_cmd:
2245 ide_abort_command(s);
2246 ide_set_irq(s);
2247 break;
2248 }
2249 }
2250}
2251
caed8802 2252static uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
5391d806 2253{
7ae98627
FB		 2254 IDEState *ide_if = opaque;
2255 IDEState *s = ide_if->cur_drive;
5391d806 2256 uint32_t addr;
c2ff060f 2257 int ret, hob;
5391d806
FB		 2258
2259 addr = addr1 & 7;
c2ff060f
FB		 2260 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2261 //hob = s->select & (1 << 7);
2262 hob = 0;
5391d806
FB		 2263 switch(addr) {
2264 case 0:
2265 ret = 0xff;
2266 break;
2267 case 1:
7ae98627 2268 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00 2269 ret = 0;
c2ff060f 2270 else if (!hob)
c45c3d00 2271 ret = s->error;
c2ff060f
FB		 2272 else
2273 ret = s->hob_feature;
5391d806
FB		 2274 break;
2275 case 2:
7ae98627 2276 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00 2277 ret = 0;
c2ff060f 2278 else if (!hob)
c45c3d00 2279 ret = s->nsector & 0xff;
c2ff060f
FB		 2280 else
2281 ret = s->hob_nsector;
5391d806
FB		 2282 break;
2283 case 3:
7ae98627 2284 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00 2285 ret = 0;
c2ff060f 2286 else if (!hob)
c45c3d00 2287 ret = s->sector;
c2ff060f
FB		 2288 else
2289 ret = s->hob_sector;
5391d806
FB		 2290 break;
2291 case 4:
7ae98627 2292 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00 2293 ret = 0;
c2ff060f 2294 else if (!hob)
c45c3d00 2295 ret = s->lcyl;
c2ff060f
FB		 2296 else
2297 ret = s->hob_lcyl;
5391d806
FB		 2298 break;
2299 case 5:
7ae98627 2300 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00 2301 ret = 0;
c2ff060f 2302 else if (!hob)
c45c3d00 2303 ret = s->hcyl;
c2ff060f
FB		 2304 else
2305 ret = s->hob_hcyl;
5391d806
FB		 2306 break;
2307 case 6:
7ae98627 2308 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00
FB		 2309 ret = 0;
2310 else
7ae98627 2311 ret = s->select;
5391d806
FB		 2312 break;
2313 default:
2314 case 7:
66201e2d
FB		 2315 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2316 (s != ide_if && !s->bs))
c45c3d00
FB		 2317 ret = 0;
2318 else
2319 ret = s->status;
d537cf6c 2320 qemu_irq_lower(s->irq);
5391d806
FB		 2321 break;
2322 }
2323#ifdef DEBUG_IDE
2324 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
2325#endif
2326 return ret;
2327}
2328
caed8802 2329static uint32_t ide_status_read(void *opaque, uint32_t addr)
5391d806 2330{
7ae98627
FB		 2331 IDEState *ide_if = opaque;
2332 IDEState *s = ide_if->cur_drive;
5391d806 2333 int ret;
7ae98627 2334
66201e2d
FB		 2335 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2336 (s != ide_if && !s->bs))
7ae98627
FB		 2337 ret = 0;
2338 else
2339 ret = s->status;
5391d806
FB		 2340#ifdef DEBUG_IDE
2341 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
2342#endif
2343 return ret;
2344}
2345
caed8802 2346static void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
5391d806 2347{
caed8802 2348 IDEState *ide_if = opaque;
5391d806
FB		 2349 IDEState *s;
2350 int i;
2351
2352#ifdef DEBUG_IDE
2353 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
2354#endif
2355 /* common for both drives */
2356 if (!(ide_if[0].cmd & IDE_CMD_RESET) &&
2357 (val & IDE_CMD_RESET)) {
2358 /* reset low to high */
2359 for(i = 0;i < 2; i++) {
2360 s = &ide_if[i];
2361 s->status = BUSY_STAT | SEEK_STAT;
2362 s->error = 0x01;
2363 }
2364 } else if ((ide_if[0].cmd & IDE_CMD_RESET) &&
2365 !(val & IDE_CMD_RESET)) {
2366 /* high to low */
2367 for(i = 0;i < 2; i++) {
2368 s = &ide_if[i];
6b136f9e
FB		 2369 if (s->is_cdrom)
2370 s->status = 0x00; /* NOTE: READY is _not_ set */
2371 else
56bf1d37 2372 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 2373 ide_set_signature(s);
2374 }
2375 }
2376
2377 ide_if[0].cmd = val;
2378 ide_if[1].cmd = val;
2379}
2380
caed8802 2381static void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
5391d806 2382{
caed8802 2383 IDEState *s = ((IDEState *)opaque)->cur_drive;
5391d806
FB		 2384 uint8_t *p;
2385
2386 p = s->data_ptr;
0c4ad8dc 2387 *(uint16_t *)p = le16_to_cpu(val);
5391d806
FB		 2388 p += 2;
2389 s->data_ptr = p;
2390 if (p >= s->data_end)
2391 s->end_transfer_func(s);
2392}
2393
caed8802 2394static uint32_t ide_data_readw(void *opaque, uint32_t addr)
5391d806 2395{
caed8802 2396 IDEState *s = ((IDEState *)opaque)->cur_drive;
5391d806
FB		 2397 uint8_t *p;
2398 int ret;
2399 p = s->data_ptr;
0c4ad8dc 2400 ret = cpu_to_le16(*(uint16_t *)p);
5391d806
FB		 2401 p += 2;
2402 s->data_ptr = p;
2403 if (p >= s->data_end)
2404 s->end_transfer_func(s);
2405 return ret;
2406}
2407
caed8802 2408static void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
5391d806 2409{
caed8802 2410 IDEState *s = ((IDEState *)opaque)->cur_drive;
5391d806
FB		 2411 uint8_t *p;
2412
2413 p = s->data_ptr;
0c4ad8dc 2414 *(uint32_t *)p = le32_to_cpu(val);
5391d806
FB		 2415 p += 4;
2416 s->data_ptr = p;
2417 if (p >= s->data_end)
2418 s->end_transfer_func(s);
2419}
2420
caed8802 2421static uint32_t ide_data_readl(void *opaque, uint32_t addr)
5391d806 2422{
caed8802 2423 IDEState *s = ((IDEState *)opaque)->cur_drive;
5391d806
FB		 2424 uint8_t *p;
2425 int ret;
3b46e624 2426
5391d806 2427 p = s->data_ptr;
0c4ad8dc 2428 ret = cpu_to_le32(*(uint32_t *)p);
5391d806
FB		 2429 p += 4;
2430 s->data_ptr = p;
2431 if (p >= s->data_end)
2432 s->end_transfer_func(s);
2433 return ret;
2434}
2435
a7dfe172
FB		 2436static void ide_dummy_transfer_stop(IDEState *s)
2437{
2438 s->data_ptr = s->io_buffer;
2439 s->data_end = s->io_buffer;
2440 s->io_buffer[0] = 0xff;
2441 s->io_buffer[1] = 0xff;
2442 s->io_buffer[2] = 0xff;
2443 s->io_buffer[3] = 0xff;
2444}
2445
5391d806
FB		 2446static void ide_reset(IDEState *s)
2447{
201a51fc
AZ		 2448 if (s->is_cf)
2449 s->mult_sectors = 0;
2450 else
2451 s->mult_sectors = MAX_MULT_SECTORS;
5391d806
FB		 2452 s->cur_drive = s;
2453 s->select = 0xa0;
2454 s->status = READY_STAT;
2455 ide_set_signature(s);
a7dfe172
FB		 2456 /* init the transfer handler so that 0xffff is returned on data
2457 accesses */
2458 s->end_transfer_func = ide_dummy_transfer_stop;
2459 ide_dummy_transfer_stop(s);
201a51fc 2460 s->media_changed = 0;
5391d806
FB		 2461}
2462
2463struct partition {
2464 uint8_t boot_ind; /* 0x80 - active */
2465 uint8_t head; /* starting head */
2466 uint8_t sector; /* starting sector */
2467 uint8_t cyl; /* starting cylinder */
2468 uint8_t sys_ind; /* What partition type */
2469 uint8_t end_head; /* end head */
2470 uint8_t end_sector; /* end sector */
2471 uint8_t end_cyl; /* end cylinder */
2472 uint32_t start_sect; /* starting sector counting from 0 */
2473 uint32_t nr_sects; /* nr of sectors in partition */
2474} __attribute__((packed));
2475
bf1b938f 2476/* try to guess the disk logical geometry from the MSDOS partition table. Return 0 if OK, -1 if could not guess */
5fafdf24 2477static int guess_disk_lchs(IDEState *s,
bf1b938f 2478 int *pcylinders, int *pheads, int *psectors)
5391d806 2479{
c717d8bf 2480 uint8_t *buf = s->io_buffer;
46d4767d 2481 int ret, i, heads, sectors, cylinders;
5391d806
FB		 2482 struct partition *p;
2483 uint32_t nr_sects;
2484
5391d806 2485 ret = bdrv_read(s->bs, 0, buf, 1);
33f00271 2486 if (ret < 0) {
bf1b938f 2487 return -1;
33f00271 2488 }
5391d806 2489 /* test msdos magic */
33f00271 2490 if (buf[510] != 0x55 || buf[511] != 0xaa) {
bf1b938f 2491 return -1;
33f00271 2492 }
5391d806
FB		 2493 for(i = 0; i < 4; i++) {
2494 p = ((struct partition *)(buf + 0x1be)) + i;
0c4ad8dc 2495 nr_sects = le32_to_cpu(p->nr_sects);
5391d806
FB		 2496 if (nr_sects && p->end_head) {
2497 /* We make the assumption that the partition terminates on
2498 a cylinder boundary */
46d4767d 2499 heads = p->end_head + 1;
46d4767d
FB		 2500 sectors = p->end_sector & 63;
2501 if (sectors == 0)
2502 continue;
2503 cylinders = s->nb_sectors / (heads * sectors);
2504 if (cylinders < 1 || cylinders > 16383)
2505 continue;
bf1b938f
FB		 2506 *pheads = heads;
2507 *psectors = sectors;
2508 *pcylinders = cylinders;
5391d806 2509#if 0
5fafdf24 2510 printf("guessed geometry: LCHS=%d %d %d\n",
bf1b938f 2511 cylinders, heads, sectors);
5391d806 2512#endif
bf1b938f 2513 return 0;
5391d806
FB		 2514 }
2515 }
bf1b938f 2516 return -1;
5391d806
FB		 2517}
2518
5457c8ce
FB		 2519static void ide_init2(IDEState *ide_state,
2520 BlockDriverState *hd0, BlockDriverState *hd1,
d537cf6c 2521 qemu_irq irq)
5391d806 2522{
69b91039 2523 IDEState *s;
aedf5382 2524 static int drive_serial = 1;
4dbb0f50 2525 int i, cylinders, heads, secs, translation, lba_detected = 0;
96b8f136 2526 uint64_t nb_sectors;
5391d806 2527
caed8802
FB		 2528 for(i = 0; i < 2; i++) {
2529 s = ide_state + i;
1d8cde5b 2530 s->io_buffer = qemu_memalign(512, IDE_DMA_BUF_SECTORS*512 + 4);
caed8802
FB		 2531 if (i == 0)
2532 s->bs = hd0;
2533 else
2534 s->bs = hd1;
5391d806
FB		 2535 if (s->bs) {
2536 bdrv_get_geometry(s->bs, &nb_sectors);
2537 s->nb_sectors = nb_sectors;
caed8802
FB		 2538 /* if a geometry hint is available, use it */
2539 bdrv_get_geometry_hint(s->bs, &cylinders, &heads, &secs);
4dbb0f50 2540 translation = bdrv_get_translation_hint(s->bs);
caed8802 2541 if (cylinders != 0) {
5391d806 2542 s->cylinders = cylinders;
caed8802
FB		 2543 s->heads = heads;
2544 s->sectors = secs;
2545 } else {
bf1b938f
FB		 2546 if (guess_disk_lchs(s, &cylinders, &heads, &secs) == 0) {
2547 if (heads > 16) {
2548 /* if heads > 16, it means that a BIOS LBA
2549 translation was active, so the default
2550 hardware geometry is OK */
4dbb0f50 2551 lba_detected = 1;
bf1b938f
FB		 2552 goto default_geometry;
2553 } else {
2554 s->cylinders = cylinders;
2555 s->heads = heads;
2556 s->sectors = secs;
2557 /* disable any translation to be in sync with
2558 the logical geometry */
bf1b938f
FB		 2559 if (translation == BIOS_ATA_TRANSLATION_AUTO) {
2560 bdrv_set_translation_hint(s->bs,
2561 BIOS_ATA_TRANSLATION_NONE);
2562 }
2563 }
2564 } else {
2565 default_geometry:
46d4767d 2566 /* if no geometry, use a standard physical disk geometry */
caed8802
FB		 2567 cylinders = nb_sectors / (16 * 63);
2568 if (cylinders > 16383)
2569 cylinders = 16383;
2570 else if (cylinders < 2)
2571 cylinders = 2;
2572 s->cylinders = cylinders;
2573 s->heads = 16;
2574 s->sectors = 63;
4dbb0f50
TS		 2575 if ((lba_detected == 1) && (translation == BIOS_ATA_TRANSLATION_AUTO)) {
2576 if ((s->cylinders * s->heads) <= 131072) {
2577 bdrv_set_translation_hint(s->bs,
2578 BIOS_ATA_TRANSLATION_LARGE);
2579 } else {
2580 bdrv_set_translation_hint(s->bs,
2581 BIOS_ATA_TRANSLATION_LBA);
2582 }
2583 }
caed8802 2584 }
769bec72 2585 bdrv_set_geometry_hint(s->bs, s->cylinders, s->heads, s->sectors);
caed8802
FB		 2586 }
2587 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
2588 s->is_cdrom = 1;
bd491d6a 2589 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
5391d806
FB		 2590 }
2591 }
aedf5382 2592 s->drive_serial = drive_serial++;
caed8802 2593 s->irq = irq;
5fafdf24 2594 s->sector_write_timer = qemu_new_timer(vm_clock,
a09db21f 2595 ide_sector_write_timer_cb, s);
5391d806
FB		 2596 ide_reset(s);
2597 }
69b91039
FB		 2598}
2599
34e538ae 2600static void ide_init_ioport(IDEState *ide_state, int iobase, int iobase2)
69b91039 2601{
caed8802
FB		 2602 register_ioport_write(iobase, 8, 1, ide_ioport_write, ide_state);
2603 register_ioport_read(iobase, 8, 1, ide_ioport_read, ide_state);
2604 if (iobase2) {
2605 register_ioport_read(iobase2, 1, 1, ide_status_read, ide_state);
2606 register_ioport_write(iobase2, 1, 1, ide_cmd_write, ide_state);
5391d806 2607 }
3b46e624 2608
caed8802
FB		 2609 /* data ports */
2610 register_ioport_write(iobase, 2, 2, ide_data_writew, ide_state);
2611 register_ioport_read(iobase, 2, 2, ide_data_readw, ide_state);
2612 register_ioport_write(iobase, 4, 4, ide_data_writel, ide_state);
2613 register_ioport_read(iobase, 4, 4, ide_data_readl, ide_state);
5391d806 2614}
69b91039 2615
aa941b94
AZ		 2616/* save per IDE drive data */
2617static void ide_save(QEMUFile* f, IDEState *s)
2618{
bee8d684
TS		 2619 qemu_put_be32(f, s->mult_sectors);
2620 qemu_put_be32(f, s->identify_set);
aa941b94
AZ		 2621 if (s->identify_set) {
2622 qemu_put_buffer(f, (const uint8_t *)s->identify_data, 512);
2623 }
2624 qemu_put_8s(f, &s->feature);
2625 qemu_put_8s(f, &s->error);
2626 qemu_put_be32s(f, &s->nsector);
2627 qemu_put_8s(f, &s->sector);
2628 qemu_put_8s(f, &s->lcyl);
2629 qemu_put_8s(f, &s->hcyl);
2630 qemu_put_8s(f, &s->hob_feature);
2631 qemu_put_8s(f, &s->hob_nsector);
2632 qemu_put_8s(f, &s->hob_sector);
2633 qemu_put_8s(f, &s->hob_lcyl);
2634 qemu_put_8s(f, &s->hob_hcyl);
2635 qemu_put_8s(f, &s->select);
2636 qemu_put_8s(f, &s->status);
2637 qemu_put_8s(f, &s->lba48);
2638
2639 qemu_put_8s(f, &s->sense_key);
2640 qemu_put_8s(f, &s->asc);
2641 /* XXX: if a transfer is pending, we do not save it yet */
2642}
2643
2644/* load per IDE drive data */
2645static void ide_load(QEMUFile* f, IDEState *s)
2646{
bee8d684
TS		 2647 s->mult_sectors=qemu_get_be32(f);
2648 s->identify_set=qemu_get_be32(f);
aa941b94
AZ		 2649 if (s->identify_set) {
2650 qemu_get_buffer(f, (uint8_t *)s->identify_data, 512);
2651 }
2652 qemu_get_8s(f, &s->feature);
2653 qemu_get_8s(f, &s->error);
2654 qemu_get_be32s(f, &s->nsector);
2655 qemu_get_8s(f, &s->sector);
2656 qemu_get_8s(f, &s->lcyl);
2657 qemu_get_8s(f, &s->hcyl);
2658 qemu_get_8s(f, &s->hob_feature);
2659 qemu_get_8s(f, &s->hob_nsector);
2660 qemu_get_8s(f, &s->hob_sector);
2661 qemu_get_8s(f, &s->hob_lcyl);
2662 qemu_get_8s(f, &s->hob_hcyl);
2663 qemu_get_8s(f, &s->select);
2664 qemu_get_8s(f, &s->status);
2665 qemu_get_8s(f, &s->lba48);
2666
2667 qemu_get_8s(f, &s->sense_key);
2668 qemu_get_8s(f, &s->asc);
2669 /* XXX: if a transfer is pending, we do not save it yet */
2670}
2671
34e538ae
FB		 2672/***********************************************************/
2673/* ISA IDE definitions */
2674
d537cf6c 2675void isa_ide_init(int iobase, int iobase2, qemu_irq irq,
34e538ae
FB		 2676 BlockDriverState *hd0, BlockDriverState *hd1)
2677{
2678 IDEState *ide_state;
2679
2680 ide_state = qemu_mallocz(sizeof(IDEState) * 2);
2681 if (!ide_state)
2682 return;
3b46e624 2683
d537cf6c 2684 ide_init2(ide_state, hd0, hd1, irq);
34e538ae
FB		 2685 ide_init_ioport(ide_state, iobase, iobase2);
2686}
2687
69b91039
FB		 2688/***********************************************************/
2689/* PCI IDE definitions */
2690
5457c8ce
FB		 2691static void cmd646_update_irq(PCIIDEState *d);
2692
5fafdf24 2693static void ide_map(PCIDevice *pci_dev, int region_num,
69b91039
FB		 2694 uint32_t addr, uint32_t size, int type)
2695{
2696 PCIIDEState *d = (PCIIDEState *)pci_dev;
2697 IDEState *ide_state;
2698
2699 if (region_num <= 3) {
2700 ide_state = &d->ide_if[(region_num >> 1) * 2];
2701 if (region_num & 1) {
2702 register_ioport_read(addr + 2, 1, 1, ide_status_read, ide_state);
2703 register_ioport_write(addr + 2, 1, 1, ide_cmd_write, ide_state);
2704 } else {
2705 register_ioport_write(addr, 8, 1, ide_ioport_write, ide_state);
2706 register_ioport_read(addr, 8, 1, ide_ioport_read, ide_state);
2707
2708 /* data ports */
2709 register_ioport_write(addr, 2, 2, ide_data_writew, ide_state);
2710 register_ioport_read(addr, 2, 2, ide_data_readw, ide_state);
2711 register_ioport_write(addr, 4, 4, ide_data_writel, ide_state);
2712 register_ioport_read(addr, 4, 4, ide_data_readl, ide_state);
2713 }
2714 }
2715}
2716
8ccad811 2717static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb)
98087450
FB		 2718{
2719 BMDMAState *bm = s->bmdma;
2720 if(!bm)
2721 return;
2722 bm->ide_if = s;
2723 bm->dma_cb = dma_cb;
8ccad811
FB		 2724 bm->cur_prd_last = 0;
2725 bm->cur_prd_addr = 0;
2726 bm->cur_prd_len = 0;
98087450 2727 if (bm->status & BM_STATUS_DMAING) {
8ccad811 2728 bm->dma_cb(bm, 0);
98087450
FB		 2729 }
2730}
2731
98087450
FB		 2732static void bmdma_cmd_writeb(void *opaque, uint32_t addr, uint32_t val)
2733{
2734 BMDMAState *bm = opaque;
2735#ifdef DEBUG_IDE
2736 printf("%s: 0x%08x\n", __func__, val);
2737#endif
2738 if (!(val & BM_CMD_START)) {
2739 /* XXX: do it better */
8ccad811
FB		 2740 if (bm->status & BM_STATUS_DMAING) {
2741 bm->status &= ~BM_STATUS_DMAING;
2742 /* cancel DMA request */
2743 bm->ide_if = NULL;
2744 bm->dma_cb = NULL;
2745 if (bm->aiocb) {
2746#ifdef DEBUG_AIO
2747 printf("aio_cancel\n");
2748#endif
2749 bdrv_aio_cancel(bm->aiocb);
2750 bm->aiocb = NULL;
2751 }
2752 }
98087450
FB		 2753 bm->cmd = val & 0x09;
2754 } else {
8ccad811
FB		 2755 if (!(bm->status & BM_STATUS_DMAING)) {
2756 bm->status |= BM_STATUS_DMAING;
2757 /* start dma transfer if possible */
2758 if (bm->dma_cb)
2759 bm->dma_cb(bm, 0);
2760 }
98087450 2761 bm->cmd = val & 0x09;
98087450
FB		 2762 }
2763}
2764
5457c8ce 2765static uint32_t bmdma_readb(void *opaque, uint32_t addr)
98087450
FB		 2766{
2767 BMDMAState *bm = opaque;
5457c8ce 2768 PCIIDEState *pci_dev;
98087450 2769 uint32_t val;
3b46e624 2770
5457c8ce 2771 switch(addr & 3) {
5fafdf24 2772 case 0:
5457c8ce
FB		 2773 val = bm->cmd;
2774 break;
2775 case 1:
2776 pci_dev = bm->pci_dev;
2777 if (pci_dev->type == IDE_TYPE_CMD646) {
2778 val = pci_dev->dev.config[MRDMODE];
2779 } else {
2780 val = 0xff;
2781 }
2782 break;
2783 case 2:
2784 val = bm->status;
2785 break;
2786 case 3:
2787 pci_dev = bm->pci_dev;
2788 if (pci_dev->type == IDE_TYPE_CMD646) {
2789 if (bm == &pci_dev->bmdma[0])
2790 val = pci_dev->dev.config[UDIDETCR0];
2791 else
2792 val = pci_dev->dev.config[UDIDETCR1];
2793 } else {
2794 val = 0xff;
2795 }
2796 break;
2797 default:
2798 val = 0xff;
2799 break;
2800 }
98087450 2801#ifdef DEBUG_IDE
5457c8ce 2802 printf("bmdma: readb 0x%02x : 0x%02x\n", addr, val);
98087450
FB		 2803#endif
2804 return val;
2805}
2806
5457c8ce 2807static void bmdma_writeb(void *opaque, uint32_t addr, uint32_t val)
98087450
FB		 2808{
2809 BMDMAState *bm = opaque;
5457c8ce 2810 PCIIDEState *pci_dev;
98087450 2811#ifdef DEBUG_IDE
5457c8ce 2812 printf("bmdma: writeb 0x%02x : 0x%02x\n", addr, val);
98087450 2813#endif
5457c8ce
FB		 2814 switch(addr & 3) {
2815 case 1:
2816 pci_dev = bm->pci_dev;
2817 if (pci_dev->type == IDE_TYPE_CMD646) {
5fafdf24 2818 pci_dev->dev.config[MRDMODE] =
5457c8ce
FB		 2819 (pci_dev->dev.config[MRDMODE] & ~0x30) | (val & 0x30);
2820 cmd646_update_irq(pci_dev);
2821 }
2822 break;
2823 case 2:
2824 bm->status = (val & 0x60) | (bm->status & 1) | (bm->status & ~val & 0x06);
2825 break;
2826 case 3:
2827 pci_dev = bm->pci_dev;
2828 if (pci_dev->type == IDE_TYPE_CMD646) {
2829 if (bm == &pci_dev->bmdma[0])
2830 pci_dev->dev.config[UDIDETCR0] = val;
2831 else
2832 pci_dev->dev.config[UDIDETCR1] = val;
2833 }
2834 break;
2835 }
98087450
FB		 2836}
2837
5b9a1293
AJ		 2838static uint32_t bmdma_addr_readb(void *opaque, uint32_t addr)
2839{
2840 BMDMAState *bm = opaque;
2841 uint32_t val;
2842 val = (bm->addr >> ((addr & 3) * 8)) & 0xff;
2843#ifdef DEBUG_IDE
2844 printf("%s: 0x%08x\n", __func__, val);
2845#endif
2846 return val;
2847}
2848
2849static void bmdma_addr_writeb(void *opaque, uint32_t addr, uint32_t val)
2850{
2851 BMDMAState *bm = opaque;
2852 int shift = (addr & 3) * 8;
2853#ifdef DEBUG_IDE
2854 printf("%s: 0x%08x\n", __func__, val);
2855#endif
2856 bm->addr &= ~(0xFF << shift);
2857 bm->addr |= ((val & 0xFF) << shift) & ~3;
2858 bm->cur_addr = bm->addr;
2859}
2860
2861static uint32_t bmdma_addr_readw(void *opaque, uint32_t addr)
2862{
2863 BMDMAState *bm = opaque;
2864 uint32_t val;
2865 val = (bm->addr >> ((addr & 3) * 8)) & 0xffff;
2866#ifdef DEBUG_IDE
2867 printf("%s: 0x%08x\n", __func__, val);
2868#endif
2869 return val;
2870}
2871
2872static void bmdma_addr_writew(void *opaque, uint32_t addr, uint32_t val)
2873{
2874 BMDMAState *bm = opaque;
2875 int shift = (addr & 3) * 8;
2876#ifdef DEBUG_IDE
2877 printf("%s: 0x%08x\n", __func__, val);
2878#endif
2879 bm->addr &= ~(0xFFFF << shift);
2880 bm->addr |= ((val & 0xFFFF) << shift) & ~3;
2881 bm->cur_addr = bm->addr;
2882}
2883
98087450
FB		 2884static uint32_t bmdma_addr_readl(void *opaque, uint32_t addr)
2885{
2886 BMDMAState *bm = opaque;
2887 uint32_t val;
2888 val = bm->addr;
2889#ifdef DEBUG_IDE
2890 printf("%s: 0x%08x\n", __func__, val);
2891#endif
2892 return val;
2893}
2894
2895static void bmdma_addr_writel(void *opaque, uint32_t addr, uint32_t val)
2896{
2897 BMDMAState *bm = opaque;
2898#ifdef DEBUG_IDE
2899 printf("%s: 0x%08x\n", __func__, val);
2900#endif
2901 bm->addr = val & ~3;
30c4bbac 2902 bm->cur_addr = bm->addr;
98087450
FB		 2903}
2904
5fafdf24 2905static void bmdma_map(PCIDevice *pci_dev, int region_num,
98087450
FB		 2906 uint32_t addr, uint32_t size, int type)
2907{
2908 PCIIDEState *d = (PCIIDEState *)pci_dev;
2909 int i;
2910
2911 for(i = 0;i < 2; i++) {
2912 BMDMAState *bm = &d->bmdma[i];
2913 d->ide_if[2 * i].bmdma = bm;
2914 d->ide_if[2 * i + 1].bmdma = bm;
5457c8ce
FB		 2915 bm->pci_dev = (PCIIDEState *)pci_dev;
2916
98087450 2917 register_ioport_write(addr, 1, 1, bmdma_cmd_writeb, bm);
98087450 2918
5457c8ce
FB		 2919 register_ioport_write(addr + 1, 3, 1, bmdma_writeb, bm);
2920 register_ioport_read(addr, 4, 1, bmdma_readb, bm);
98087450 2921
5b9a1293
AJ		 2922 register_ioport_write(addr + 4, 4, 1, bmdma_addr_writeb, bm);
2923 register_ioport_read(addr + 4, 4, 1, bmdma_addr_readb, bm);
2924 register_ioport_write(addr + 4, 4, 2, bmdma_addr_writew, bm);
2925 register_ioport_read(addr + 4, 4, 2, bmdma_addr_readw, bm);
98087450
FB		 2926 register_ioport_write(addr + 4, 4, 4, bmdma_addr_writel, bm);
2927 register_ioport_read(addr + 4, 4, 4, bmdma_addr_readl, bm);
2928 addr += 8;
2929 }
2930}
2931
5457c8ce
FB		 2932/* XXX: call it also when the MRDMODE is changed from the PCI config
2933 registers */
2934static void cmd646_update_irq(PCIIDEState *d)
2935{
2936 int pci_level;
2937 pci_level = ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH0) &&
2938 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH0)) ||
2939 ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH1) &&
2940 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH1));
d537cf6c 2941 qemu_set_irq(d->dev.irq[0], pci_level);
5457c8ce
FB		 2942}
2943
2944/* the PCI irq level is the logical OR of the two channels */
2945static void cmd646_set_irq(void *opaque, int channel, int level)
2946{
2947 PCIIDEState *d = opaque;
2948 int irq_mask;
2949
2950 irq_mask = MRDMODE_INTR_CH0 << channel;
2951 if (level)
2952 d->dev.config[MRDMODE] |= irq_mask;
2953 else
2954 d->dev.config[MRDMODE] &= ~irq_mask;
2955 cmd646_update_irq(d);
2956}
2957
2958/* CMD646 PCI IDE controller */
2959void pci_cmd646_ide_init(PCIBus *bus, BlockDriverState **hd_table,
2960 int secondary_ide_enabled)
69b91039
FB		 2961{
2962 PCIIDEState *d;
2963 uint8_t *pci_conf;
34e538ae 2964 int i;
d537cf6c 2965 qemu_irq *irq;
34e538ae 2966
5fafdf24 2967 d = (PCIIDEState *)pci_register_device(bus, "CMD646 IDE",
5457c8ce 2968 sizeof(PCIIDEState),
5fafdf24 2969 -1,
73c11f63 2970 NULL, NULL);
5457c8ce 2971 d->type = IDE_TYPE_CMD646;
69b91039 2972 pci_conf = d->dev.config;
5457c8ce
FB		 2973 pci_conf[0x00] = 0x95; // CMD646
2974 pci_conf[0x01] = 0x10;
2975 pci_conf[0x02] = 0x46;
2976 pci_conf[0x03] = 0x06;
2977
2978 pci_conf[0x08] = 0x07; // IDE controller revision
5fafdf24 2979 pci_conf[0x09] = 0x8f;
5457c8ce 2980
69b91039
FB		 2981 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2982 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
5457c8ce 2983 pci_conf[0x0e] = 0x00; // header_type
3b46e624 2984
5457c8ce
FB		 2985 if (secondary_ide_enabled) {
2986 /* XXX: if not enabled, really disable the seconday IDE controller */
2987 pci_conf[0x51] = 0x80; /* enable IDE1 */
2988 }
69b91039 2989
5fafdf24 2990 pci_register_io_region((PCIDevice *)d, 0, 0x8,
69b91039 2991 PCI_ADDRESS_SPACE_IO, ide_map);
5fafdf24 2992 pci_register_io_region((PCIDevice *)d, 1, 0x4,
69b91039 2993 PCI_ADDRESS_SPACE_IO, ide_map);
5fafdf24 2994 pci_register_io_region((PCIDevice *)d, 2, 0x8,
69b91039 2995 PCI_ADDRESS_SPACE_IO, ide_map);
5fafdf24 2996 pci_register_io_region((PCIDevice *)d, 3, 0x4,
69b91039 2997 PCI_ADDRESS_SPACE_IO, ide_map);
5fafdf24 2998 pci_register_io_region((PCIDevice *)d, 4, 0x10,
98087450 2999 PCI_ADDRESS_SPACE_IO, bmdma_map);
69b91039 3000
34e538ae 3001 pci_conf[0x3d] = 0x01; // interrupt on pin 1
3b46e624 3002
34e538ae
FB		 3003 for(i = 0; i < 4; i++)
3004 d->ide_if[i].pci_dev = (PCIDevice *)d;
d537cf6c
PB		 3005
3006 irq = qemu_allocate_irqs(cmd646_set_irq, d, 2);
3007 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], irq[0]);
3008 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], irq[1]);
34e538ae
FB		 3009}
3010
c3d78997
FB		 3011static void pci_ide_save(QEMUFile* f, void *opaque)
3012{
3013 PCIIDEState *d = opaque;
3014 int i;
3015
3016 pci_device_save(&d->dev, f);
3017
3018 for(i = 0; i < 2; i++) {
3019 BMDMAState *bm = &d->bmdma[i];
3020 qemu_put_8s(f, &bm->cmd);
3021 qemu_put_8s(f, &bm->status);
3022 qemu_put_be32s(f, &bm->addr);
3023 /* XXX: if a transfer is pending, we do not save it yet */
3024 }
3025
3026 /* per IDE interface data */
3027 for(i = 0; i < 2; i++) {
3028 IDEState *s = &d->ide_if[i * 2];
3029 uint8_t drive1_selected;
3030 qemu_put_8s(f, &s->cmd);
3031 drive1_selected = (s->cur_drive != s);
3032 qemu_put_8s(f, &drive1_selected);
3033 }
3034
3035 /* per IDE drive data */
3036 for(i = 0; i < 4; i++) {
aa941b94 3037 ide_save(f, &d->ide_if[i]);
c3d78997
FB		 3038 }
3039}
3040
3041static int pci_ide_load(QEMUFile* f, void *opaque, int version_id)
3042{
3043 PCIIDEState *d = opaque;
3044 int ret, i;
3045
3046 if (version_id != 1)
3047 return -EINVAL;
3048 ret = pci_device_load(&d->dev, f);
3049 if (ret < 0)
3050 return ret;
3051
3052 for(i = 0; i < 2; i++) {
3053 BMDMAState *bm = &d->bmdma[i];
3054 qemu_get_8s(f, &bm->cmd);
3055 qemu_get_8s(f, &bm->status);
3056 qemu_get_be32s(f, &bm->addr);
3057 /* XXX: if a transfer is pending, we do not save it yet */
3058 }
3059
3060 /* per IDE interface data */
3061 for(i = 0; i < 2; i++) {
3062 IDEState *s = &d->ide_if[i * 2];
3063 uint8_t drive1_selected;
3064 qemu_get_8s(f, &s->cmd);
3065 qemu_get_8s(f, &drive1_selected);
3066 s->cur_drive = &d->ide_if[i * 2 + (drive1_selected != 0)];
3067 }
3068
3069 /* per IDE drive data */
3070 for(i = 0; i < 4; i++) {
aa941b94 3071 ide_load(f, &d->ide_if[i]);
c3d78997
FB		 3072 }
3073 return 0;
3074}
3075
e6a71ae3
TS		 3076static void piix3_reset(PCIIDEState *d)
3077{
3078 uint8_t *pci_conf = d->dev.config;
3079
3080 pci_conf[0x04] = 0x00;
3081 pci_conf[0x05] = 0x00;
3082 pci_conf[0x06] = 0x80; /* FBC */
3083 pci_conf[0x07] = 0x02; // PCI_status_devsel_medium
3084 pci_conf[0x20] = 0x01; /* BMIBA: 20-23h */
3085}
3086
34e538ae
FB		 3087/* hd_table must contain 4 block drivers */
3088/* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
d537cf6c
PB		 3089void pci_piix3_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
3090 qemu_irq *pic)
34e538ae
FB		 3091{
3092 PCIIDEState *d;
3093 uint8_t *pci_conf;
3b46e624 3094
34e538ae 3095 /* register a function 1 of PIIX3 */
5fafdf24 3096 d = (PCIIDEState *)pci_register_device(bus, "PIIX3 IDE",
46e50e9d 3097 sizeof(PCIIDEState),
502a5395 3098 devfn,
34e538ae 3099 NULL, NULL);
5457c8ce
FB		 3100 d->type = IDE_TYPE_PIIX3;
3101
34e538ae
FB		 3102 pci_conf = d->dev.config;
3103 pci_conf[0x00] = 0x86; // Intel
3104 pci_conf[0x01] = 0x80;
3105 pci_conf[0x02] = 0x10;
3106 pci_conf[0x03] = 0x70;
92510b8c 3107 pci_conf[0x09] = 0x80; // legacy ATA mode
34e538ae
FB		 3108 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
3109 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
3110 pci_conf[0x0e] = 0x00; // header_type
3111
e6a71ae3
TS		 3112 piix3_reset(d);
3113
5fafdf24 3114 pci_register_io_region((PCIDevice *)d, 4, 0x10,
98087450 3115 PCI_ADDRESS_SPACE_IO, bmdma_map);
34e538ae 3116
d537cf6c
PB		 3117 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
3118 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
34e538ae
FB		 3119 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
3120 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
c3d78997
FB		 3121
3122 register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
69b91039 3123}
1ade1de2 3124
afcc3cdf
TS		 3125/* hd_table must contain 4 block drivers */
3126/* NOTE: for the PIIX4, the IRQs and IOports are hardcoded */
3127void pci_piix4_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
3128 qemu_irq *pic)
3129{
3130 PCIIDEState *d;
3131 uint8_t *pci_conf;
3132
3133 /* register a function 1 of PIIX4 */
3134 d = (PCIIDEState *)pci_register_device(bus, "PIIX4 IDE",
3135 sizeof(PCIIDEState),
3136 devfn,
3137 NULL, NULL);
3138 d->type = IDE_TYPE_PIIX4;
3139
3140 pci_conf = d->dev.config;
3141 pci_conf[0x00] = 0x86; // Intel
3142 pci_conf[0x01] = 0x80;
3143 pci_conf[0x02] = 0x11;
3144 pci_conf[0x03] = 0x71;
3145 pci_conf[0x09] = 0x80; // legacy ATA mode
3146 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
3147 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
3148 pci_conf[0x0e] = 0x00; // header_type
3149
3150 piix3_reset(d);
3151
3152 pci_register_io_region((PCIDevice *)d, 4, 0x10,
3153 PCI_ADDRESS_SPACE_IO, bmdma_map);
3154
3155 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
3156 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
3157 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
3158 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
3159
3160 register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
3161}
3162
1ade1de2
FB		 3163/***********************************************************/
3164/* MacIO based PowerPC IDE */
3165
3166/* PowerMac IDE memory IO */
3167static void pmac_ide_writeb (void *opaque,
3168 target_phys_addr_t addr, uint32_t val)
3169{
5fafdf24 3170 addr = (addr & 0xFFF) >> 4;
1ade1de2
FB		 3171 switch (addr) {
3172 case 1 ... 7:
3173 ide_ioport_write(opaque, addr, val);
3174 break;
3175 case 8:
3176 case 22:
3177 ide_cmd_write(opaque, 0, val);
3178 break;
3179 default:
3180 break;
3181 }
3182}
3183
3184static uint32_t pmac_ide_readb (void *opaque,target_phys_addr_t addr)
3185{
3186 uint8_t retval;
3187
3188 addr = (addr & 0xFFF) >> 4;
3189 switch (addr) {
3190 case 1 ... 7:
3191 retval = ide_ioport_read(opaque, addr);
3192 break;
3193 case 8:
3194 case 22:
3195 retval = ide_status_read(opaque, 0);
3196 break;
3197 default:
3198 retval = 0xFF;
3199 break;
3200 }
3201 return retval;
3202}
3203
3204static void pmac_ide_writew (void *opaque,
3205 target_phys_addr_t addr, uint32_t val)
3206{
5fafdf24 3207 addr = (addr & 0xFFF) >> 4;
1ade1de2
FB		 3208#ifdef TARGET_WORDS_BIGENDIAN
3209 val = bswap16(val);
3210#endif
3211 if (addr == 0) {
3212 ide_data_writew(opaque, 0, val);
3213 }
3214}
3215
3216static uint32_t pmac_ide_readw (void *opaque,target_phys_addr_t addr)
3217{
3218 uint16_t retval;
3219
5fafdf24 3220 addr = (addr & 0xFFF) >> 4;
1ade1de2
FB		 3221 if (addr == 0) {
3222 retval = ide_data_readw(opaque, 0);
3223 } else {
3224 retval = 0xFFFF;
3225 }
3226#ifdef TARGET_WORDS_BIGENDIAN
3227 retval = bswap16(retval);
3228#endif
3229 return retval;
3230}
3231
3232static void pmac_ide_writel (void *opaque,
3233 target_phys_addr_t addr, uint32_t val)
3234{
5fafdf24 3235 addr = (addr & 0xFFF) >> 4;
1ade1de2
FB		 3236#ifdef TARGET_WORDS_BIGENDIAN
3237 val = bswap32(val);
3238#endif
3239 if (addr == 0) {
3240 ide_data_writel(opaque, 0, val);
3241 }
3242}
3243
3244static uint32_t pmac_ide_readl (void *opaque,target_phys_addr_t addr)
3245{
3246 uint32_t retval;
3247
5fafdf24 3248 addr = (addr & 0xFFF) >> 4;
1ade1de2
FB		 3249 if (addr == 0) {
3250 retval = ide_data_readl(opaque, 0);
3251 } else {
3252 retval = 0xFFFFFFFF;
3253 }
3254#ifdef TARGET_WORDS_BIGENDIAN
3255 retval = bswap32(retval);
3256#endif
3257 return retval;
3258}
3259
3260static CPUWriteMemoryFunc *pmac_ide_write[] = {
3261 pmac_ide_writeb,
3262 pmac_ide_writew,
3263 pmac_ide_writel,
3264};
3265
3266static CPUReadMemoryFunc *pmac_ide_read[] = {
3267 pmac_ide_readb,
3268 pmac_ide_readw,
3269 pmac_ide_readl,
3270};
3271
3272/* hd_table must contain 4 block drivers */
3273/* PowerMac uses memory mapped registers, not I/O. Return the memory
3274 I/O index to access the ide. */
d537cf6c 3275int pmac_ide_init (BlockDriverState **hd_table, qemu_irq irq)
1ade1de2
FB		 3276{
3277 IDEState *ide_if;
3278 int pmac_ide_memory;
3279
3280 ide_if = qemu_mallocz(sizeof(IDEState) * 2);
d537cf6c 3281 ide_init2(&ide_if[0], hd_table[0], hd_table[1], irq);
3b46e624 3282
1ade1de2
FB		 3283 pmac_ide_memory = cpu_register_io_memory(0, pmac_ide_read,
3284 pmac_ide_write, &ide_if[0]);
3285 return pmac_ide_memory;
3286}
201a51fc
AZ		 3287
3288/***********************************************************/
3289/* CF-ATA Microdrive */
3290
3291#define METADATA_SIZE 0x20
3292
3293/* DSCM-1XXXX Microdrive hard disk with CF+ II / PCMCIA interface. */
3294struct md_s {
3295 IDEState ide[2];
3296 struct pcmcia_card_s card;
3297 uint32_t attr_base;
3298 uint32_t io_base;
3299
3300 /* Card state */
3301 uint8_t opt;
3302 uint8_t stat;
3303 uint8_t pins;
3304
3305 uint8_t ctrl;
3306 uint16_t io;
3307 int cycle;
3308};
3309
3310/* Register bitfields */
3311enum md_opt {
3312 OPT_MODE_MMAP = 0,
3313 OPT_MODE_IOMAP16 = 1,
3314 OPT_MODE_IOMAP1 = 2,
3315 OPT_MODE_IOMAP2 = 3,
3316 OPT_MODE = 0x3f,
3317 OPT_LEVIREQ = 0x40,
3318 OPT_SRESET = 0x80,
3319};
3320enum md_cstat {
3321 STAT_INT = 0x02,
3322 STAT_PWRDWN = 0x04,
3323 STAT_XE = 0x10,
3324 STAT_IOIS8 = 0x20,
3325 STAT_SIGCHG = 0x40,
3326 STAT_CHANGED = 0x80,
3327};
3328enum md_pins {
3329 PINS_MRDY = 0x02,
3330 PINS_CRDY = 0x20,
3331};
3332enum md_ctrl {
3333 CTRL_IEN = 0x02,
3334 CTRL_SRST = 0x04,
3335};
3336
3337static inline void md_interrupt_update(struct md_s *s)
3338{
3339 if (!s->card.slot)
3340 return;
3341
3342 qemu_set_irq(s->card.slot->irq,
3343 !(s->stat & STAT_INT) && /* Inverted */
3344 !(s->ctrl & (CTRL_IEN | CTRL_SRST)) &&
3345 !(s->opt & OPT_SRESET));
3346}
3347
3348static void md_set_irq(void *opaque, int irq, int level)
3349{
3350 struct md_s *s = (struct md_s *) opaque;
3351 if (level)
3352 s->stat |= STAT_INT;
3353 else
3354 s->stat &= ~STAT_INT;
3355
3356 md_interrupt_update(s);
3357}
3358
3359static void md_reset(struct md_s *s)
3360{
3361 s->opt = OPT_MODE_MMAP;
3362 s->stat = 0;
3363 s->pins = 0;
3364 s->cycle = 0;
3365 s->ctrl = 0;
3366 ide_reset(s->ide);
3367}
3368
9e315fa9 3369static uint8_t md_attr_read(void *opaque, uint32_t at)
201a51fc
AZ		 3370{
3371 struct md_s *s = (struct md_s *) opaque;
3372 if (at < s->attr_base) {
3373 if (at < s->card.cis_len)
3374 return s->card.cis[at];
3375 else
3376 return 0x00;
3377 }
3378
3379 at -= s->attr_base;
3380
3381 switch (at) {
3382 case 0x00: /* Configuration Option Register */
3383 return s->opt;
3384 case 0x02: /* Card Configuration Status Register */
3385 if (s->ctrl & CTRL_IEN)
3386 return s->stat & ~STAT_INT;
3387 else
3388 return s->stat;
3389 case 0x04: /* Pin Replacement Register */
3390 return (s->pins & PINS_CRDY) | 0x0c;
3391 case 0x06: /* Socket and Copy Register */
3392 return 0x00;
3393#ifdef VERBOSE
3394 default:
3395 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3396#endif
3397 }
3398
3399 return 0;
3400}
3401
9e315fa9 3402static void md_attr_write(void *opaque, uint32_t at, uint8_t value)
201a51fc
AZ		 3403{
3404 struct md_s *s = (struct md_s *) opaque;
3405 at -= s->attr_base;
3406
3407 switch (at) {
3408 case 0x00: /* Configuration Option Register */
3409 s->opt = value & 0xcf;
3410 if (value & OPT_SRESET)
3411 md_reset(s);
3412 md_interrupt_update(s);
3413 break;
3414 case 0x02: /* Card Configuration Status Register */
3415 if ((s->stat ^ value) & STAT_PWRDWN)
3416 s->pins |= PINS_CRDY;
3417 s->stat &= 0x82;
3418 s->stat |= value & 0x74;
3419 md_interrupt_update(s);
3420 /* Word 170 in Identify Device must be equal to STAT_XE */
3421 break;
3422 case 0x04: /* Pin Replacement Register */
3423 s->pins &= PINS_CRDY;
3424 s->pins |= value & PINS_MRDY;
3425 break;
3426 case 0x06: /* Socket and Copy Register */
3427 break;
3428 default:
3429 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3430 }
3431}
3432
9e315fa9 3433static uint16_t md_common_read(void *opaque, uint32_t at)
201a51fc
AZ		 3434{
3435 struct md_s *s = (struct md_s *) opaque;
3436 uint16_t ret;
3437 at -= s->io_base;
3438
3439 switch (s->opt & OPT_MODE) {
3440 case OPT_MODE_MMAP:
3441 if ((at & ~0x3ff) == 0x400)
3442 at = 0;
3443 break;
3444 case OPT_MODE_IOMAP16:
3445 at &= 0xf;
3446 break;
3447 case OPT_MODE_IOMAP1:
3448 if ((at & ~0xf) == 0x3f0)
3449 at -= 0x3e8;
3450 else if ((at & ~0xf) == 0x1f0)
3451 at -= 0x1f0;
3452 break;
3453 case OPT_MODE_IOMAP2:
3454 if ((at & ~0xf) == 0x370)
3455 at -= 0x368;
3456 else if ((at & ~0xf) == 0x170)
3457 at -= 0x170;
3458 }
3459
3460 switch (at) {
3461 case 0x0: /* Even RD Data */
3462 case 0x8:
3463 return ide_data_readw(s->ide, 0);
3464
3465 /* TODO: 8-bit accesses */
3466 if (s->cycle)
3467 ret = s->io >> 8;
3468 else {
3469 s->io = ide_data_readw(s->ide, 0);
3470 ret = s->io & 0xff;
3471 }
3472 s->cycle = !s->cycle;
3473 return ret;
3474 case 0x9: /* Odd RD Data */
3475 return s->io >> 8;
3476 case 0xd: /* Error */
3477 return ide_ioport_read(s->ide, 0x1);
3478 case 0xe: /* Alternate Status */
3479 if (s->ide->cur_drive->bs)
3480 return s->ide->cur_drive->status;
3481 else
3482 return 0;
3483 case 0xf: /* Device Address */
3484 return 0xc2 | ((~s->ide->select << 2) & 0x3c);
3485 default:
3486 return ide_ioport_read(s->ide, at);
3487 }
3488
3489 return 0;
3490}
3491
9e315fa9 3492static void md_common_write(void *opaque, uint32_t at, uint16_t value)
201a51fc
AZ		 3493{
3494 struct md_s *s = (struct md_s *) opaque;
3495 at -= s->io_base;
3496
3497 switch (s->opt & OPT_MODE) {
3498 case OPT_MODE_MMAP:
3499 if ((at & ~0x3ff) == 0x400)
3500 at = 0;
3501 break;
3502 case OPT_MODE_IOMAP16:
3503 at &= 0xf;
3504 break;
3505 case OPT_MODE_IOMAP1:
3506 if ((at & ~0xf) == 0x3f0)
3507 at -= 0x3e8;
3508 else if ((at & ~0xf) == 0x1f0)
3509 at -= 0x1f0;
3510 break;
3511 case OPT_MODE_IOMAP2:
3512 if ((at & ~0xf) == 0x370)
3513 at -= 0x368;
3514 else if ((at & ~0xf) == 0x170)
3515 at -= 0x170;
3516 }
3517
3518 switch (at) {
3519 case 0x0: /* Even WR Data */
3520 case 0x8:
3521 ide_data_writew(s->ide, 0, value);
3522 break;
3523
3524 /* TODO: 8-bit accesses */
3525 if (s->cycle)
3526 ide_data_writew(s->ide, 0, s->io | (value << 8));
3527 else
3528 s->io = value & 0xff;
3529 s->cycle = !s->cycle;
3530 break;
3531 case 0x9:
3532 s->io = value & 0xff;
3533 s->cycle = !s->cycle;
3534 break;
3535 case 0xd: /* Features */
3536 ide_ioport_write(s->ide, 0x1, value);
3537 break;
3538 case 0xe: /* Device Control */
3539 s->ctrl = value;
3540 if (value & CTRL_SRST)
3541 md_reset(s);
3542 md_interrupt_update(s);
3543 break;
3544 default:
3545 if (s->stat & STAT_PWRDWN) {
3546 s->pins |= PINS_CRDY;
3547 s->stat &= ~STAT_PWRDWN;
3548 }
3549 ide_ioport_write(s->ide, at, value);
3550 }
3551}
3552
aa941b94
AZ		 3553static void md_save(QEMUFile *f, void *opaque)
3554{
3555 struct md_s *s = (struct md_s *) opaque;
3556 int i;
3557 uint8_t drive1_selected;
3558
3559 qemu_put_8s(f, &s->opt);
3560 qemu_put_8s(f, &s->stat);
3561 qemu_put_8s(f, &s->pins);
3562
3563 qemu_put_8s(f, &s->ctrl);
3564 qemu_put_be16s(f, &s->io);
3565 qemu_put_byte(f, s->cycle);
3566
3567 drive1_selected = (s->ide->cur_drive != s->ide);
3568 qemu_put_8s(f, &s->ide->cmd);
3569 qemu_put_8s(f, &drive1_selected);
3570
3571 for (i = 0; i < 2; i ++)
3572 ide_save(f, &s->ide[i]);
3573}
3574
3575static int md_load(QEMUFile *f, void *opaque, int version_id)
3576{
3577 struct md_s *s = (struct md_s *) opaque;
3578 int i;
3579 uint8_t drive1_selected;
3580
3581 qemu_get_8s(f, &s->opt);
3582 qemu_get_8s(f, &s->stat);
3583 qemu_get_8s(f, &s->pins);
3584
3585 qemu_get_8s(f, &s->ctrl);
3586 qemu_get_be16s(f, &s->io);
3587 s->cycle = qemu_get_byte(f);
3588
3589 qemu_get_8s(f, &s->ide->cmd);
3590 qemu_get_8s(f, &drive1_selected);
3591 s->ide->cur_drive = &s->ide[(drive1_selected != 0)];
3592
3593 for (i = 0; i < 2; i ++)
3594 ide_load(f, &s->ide[i]);
3595
3596 return 0;
3597}
3598
3599static int md_iid = 0;
3600
201a51fc
AZ		 3601static const uint8_t dscm1xxxx_cis[0x14a] = {
3602 [0x000] = CISTPL_DEVICE, /* 5V Device Information */
3603 [0x002] = 0x03, /* Tuple length = 4 bytes */
3604 [0x004] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3605 [0x006] = 0x01, /* Size = 2K bytes */
3606 [0x008] = CISTPL_ENDMARK,
3607
3608 [0x00a] = CISTPL_DEVICE_OC, /* Additional Device Information */
3609 [0x00c] = 0x04, /* Tuple length = 4 byest */
3610 [0x00e] = 0x03, /* Conditions: Ext = 0, Vcc 3.3V, MWAIT = 1 */
3611 [0x010] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3612 [0x012] = 0x01, /* Size = 2K bytes */
3613 [0x014] = CISTPL_ENDMARK,
3614
3615 [0x016] = CISTPL_JEDEC_C, /* JEDEC ID */
3616 [0x018] = 0x02, /* Tuple length = 2 bytes */
3617 [0x01a] = 0xdf, /* PC Card ATA with no Vpp required */
3618 [0x01c] = 0x01,
3619
3620 [0x01e] = CISTPL_MANFID, /* Manufacture ID */
3621 [0x020] = 0x04, /* Tuple length = 4 bytes */
3622 [0x022] = 0xa4, /* TPLMID_MANF = 00a4 (IBM) */
3623 [0x024] = 0x00,
3624 [0x026] = 0x00, /* PLMID_CARD = 0000 */
3625 [0x028] = 0x00,
3626
3627 [0x02a] = CISTPL_VERS_1, /* Level 1 Version */
3628 [0x02c] = 0x12, /* Tuple length = 23 bytes */
3629 [0x02e] = 0x04, /* Major Version = JEIDA 4.2 / PCMCIA 2.1 */
3630 [0x030] = 0x01, /* Minor Version = 1 */
3631 [0x032] = 'I',
3632 [0x034] = 'B',
3633 [0x036] = 'M',
3634 [0x038] = 0x00,
3635 [0x03a] = 'm',
3636 [0x03c] = 'i',
3637 [0x03e] = 'c',
3638 [0x040] = 'r',
3639 [0x042] = 'o',
3640 [0x044] = 'd',
3641 [0x046] = 'r',
3642 [0x048] = 'i',
3643 [0x04a] = 'v',
3644 [0x04c] = 'e',
3645 [0x04e] = 0x00,
3646 [0x050] = CISTPL_ENDMARK,
3647
3648 [0x052] = CISTPL_FUNCID, /* Function ID */
3649 [0x054] = 0x02, /* Tuple length = 2 bytes */
3650 [0x056] = 0x04, /* TPLFID_FUNCTION = Fixed Disk */
3651 [0x058] = 0x01, /* TPLFID_SYSINIT: POST = 1, ROM = 0 */
3652
3653 [0x05a] = CISTPL_FUNCE, /* Function Extension */
3654 [0x05c] = 0x02, /* Tuple length = 2 bytes */
3655 [0x05e] = 0x01, /* TPLFE_TYPE = Disk Device Interface */
3656 [0x060] = 0x01, /* TPLFE_DATA = PC Card ATA Interface */
3657
3658 [0x062] = CISTPL_FUNCE, /* Function Extension */
3659 [0x064] = 0x03, /* Tuple length = 3 bytes */
3660 [0x066] = 0x02, /* TPLFE_TYPE = Basic PC Card ATA Interface */
3661 [0x068] = 0x08, /* TPLFE_DATA: Rotating, Unique, Single */
3662 [0x06a] = 0x0f, /* TPLFE_DATA: Sleep, Standby, Idle, Auto */
3663
3664 [0x06c] = CISTPL_CONFIG, /* Configuration */
3665 [0x06e] = 0x05, /* Tuple length = 5 bytes */
3666 [0x070] = 0x01, /* TPCC_RASZ = 2 bytes, TPCC_RMSZ = 1 byte */
3667 [0x072] = 0x07, /* TPCC_LAST = 7 */
3668 [0x074] = 0x00, /* TPCC_RADR = 0200 */
3669 [0x076] = 0x02,
3670 [0x078] = 0x0f, /* TPCC_RMSK = 200, 202, 204, 206 */
3671
3672 [0x07a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3673 [0x07c] = 0x0b, /* Tuple length = 11 bytes */
3674 [0x07e] = 0xc0, /* TPCE_INDX = Memory Mode, Default, Iface */
3675 [0x080] = 0xc0, /* TPCE_IF = Memory, no BVDs, no WP, READY */
3676 [0x082] = 0xa1, /* TPCE_FS = Vcc only, no I/O, Memory, Misc */
3677 [0x084] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3678 [0x086] = 0x55, /* NomV: 5.0 V */
3679 [0x088] = 0x4d, /* MinV: 4.5 V */
3680 [0x08a] = 0x5d, /* MaxV: 5.5 V */
3681 [0x08c] = 0x4e, /* Peakl: 450 mA */
3682 [0x08e] = 0x08, /* TPCE_MS = 1 window, 1 byte, Host address */
3683 [0x090] = 0x00, /* Window descriptor: Window length = 0 */
3684 [0x092] = 0x20, /* TPCE_MI: support power down mode, RW */
3685
3686 [0x094] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3687 [0x096] = 0x06, /* Tuple length = 6 bytes */
3688 [0x098] = 0x00, /* TPCE_INDX = Memory Mode, no Default */
3689 [0x09a] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3690 [0x09c] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3691 [0x09e] = 0xb5, /* NomV: 3.3 V */
3692 [0x0a0] = 0x1e,
3693 [0x0a2] = 0x3e, /* Peakl: 350 mA */
3694
3695 [0x0a4] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3696 [0x0a6] = 0x0d, /* Tuple length = 13 bytes */
3697 [0x0a8] = 0xc1, /* TPCE_INDX = I/O and Memory Mode, Default */
3698 [0x0aa] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3699 [0x0ac] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3700 [0x0ae] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3701 [0x0b0] = 0x55, /* NomV: 5.0 V */
3702 [0x0b2] = 0x4d, /* MinV: 4.5 V */
3703 [0x0b4] = 0x5d, /* MaxV: 5.5 V */
3704 [0x0b6] = 0x4e, /* Peakl: 450 mA */
3705 [0x0b8] = 0x64, /* TPCE_IO = 16-byte boundary, 16/8 accesses */
3706 [0x0ba] = 0xf0, /* TPCE_IR = MASK, Level, Pulse, Share */
3707 [0x0bc] = 0xff, /* IRQ0..IRQ7 supported */
3708 [0x0be] = 0xff, /* IRQ8..IRQ15 supported */
3709 [0x0c0] = 0x20, /* TPCE_MI = support power down mode */
3710
3711 [0x0c2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3712 [0x0c4] = 0x06, /* Tuple length = 6 bytes */
3713 [0x0c6] = 0x01, /* TPCE_INDX = I/O and Memory Mode */
3714 [0x0c8] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3715 [0x0ca] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3716 [0x0cc] = 0xb5, /* NomV: 3.3 V */
3717 [0x0ce] = 0x1e,
3718 [0x0d0] = 0x3e, /* Peakl: 350 mA */
3719
3720 [0x0d2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3721 [0x0d4] = 0x12, /* Tuple length = 18 bytes */
3722 [0x0d6] = 0xc2, /* TPCE_INDX = I/O Primary Mode */
3723 [0x0d8] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3724 [0x0da] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3725 [0x0dc] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3726 [0x0de] = 0x55, /* NomV: 5.0 V */
3727 [0x0e0] = 0x4d, /* MinV: 4.5 V */
3728 [0x0e2] = 0x5d, /* MaxV: 5.5 V */
3729 [0x0e4] = 0x4e, /* Peakl: 450 mA */
3730 [0x0e6] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3731 [0x0e8] = 0x61, /* Range: 2 fields, 2 bytes addr, 1 byte len */
3732 [0x0ea] = 0xf0, /* Field 1 address = 0x01f0 */
3733 [0x0ec] = 0x01,
3734 [0x0ee] = 0x07, /* Address block length = 8 */
3735 [0x0f0] = 0xf6, /* Field 2 address = 0x03f6 */
3736 [0x0f2] = 0x03,
3737 [0x0f4] = 0x01, /* Address block length = 2 */
3738 [0x0f6] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3739 [0x0f8] = 0x20, /* TPCE_MI = support power down mode */
3740
3741 [0x0fa] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3742 [0x0fc] = 0x06, /* Tuple length = 6 bytes */
3743 [0x0fe] = 0x02, /* TPCE_INDX = I/O Primary Mode, no Default */
3744 [0x100] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3745 [0x102] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3746 [0x104] = 0xb5, /* NomV: 3.3 V */
3747 [0x106] = 0x1e,
3748 [0x108] = 0x3e, /* Peakl: 350 mA */
3749
3750 [0x10a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3751 [0x10c] = 0x12, /* Tuple length = 18 bytes */
3752 [0x10e] = 0xc3, /* TPCE_INDX = I/O Secondary Mode, Default */
3753 [0x110] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3754 [0x112] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3755 [0x114] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3756 [0x116] = 0x55, /* NomV: 5.0 V */
3757 [0x118] = 0x4d, /* MinV: 4.5 V */
3758 [0x11a] = 0x5d, /* MaxV: 5.5 V */
3759 [0x11c] = 0x4e, /* Peakl: 450 mA */
3760 [0x11e] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3761 [0x120] = 0x61, /* Range: 2 fields, 2 byte addr, 1 byte len */
3762 [0x122] = 0x70, /* Field 1 address = 0x0170 */
3763 [0x124] = 0x01,
3764 [0x126] = 0x07, /* Address block length = 8 */
3765 [0x128] = 0x76, /* Field 2 address = 0x0376 */
3766 [0x12a] = 0x03,
3767 [0x12c] = 0x01, /* Address block length = 2 */
3768 [0x12e] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3769 [0x130] = 0x20, /* TPCE_MI = support power down mode */
3770
3771 [0x132] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3772 [0x134] = 0x06, /* Tuple length = 6 bytes */
3773 [0x136] = 0x03, /* TPCE_INDX = I/O Secondary Mode */
3774 [0x138] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3775 [0x13a] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3776 [0x13c] = 0xb5, /* NomV: 3.3 V */
3777 [0x13e] = 0x1e,
3778 [0x140] = 0x3e, /* Peakl: 350 mA */
3779
3780 [0x142] = CISTPL_NO_LINK, /* No Link */
3781 [0x144] = 0x00, /* Tuple length = 0 bytes */
3782
3783 [0x146] = CISTPL_END, /* Tuple End */
3784};
3785
3786static int dscm1xxxx_attach(void *opaque)
3787{
3788 struct md_s *md = (struct md_s *) opaque;
3789 md->card.attr_read = md_attr_read;
3790 md->card.attr_write = md_attr_write;
3791 md->card.common_read = md_common_read;
3792 md->card.common_write = md_common_write;
3793 md->card.io_read = md_common_read;
3794 md->card.io_write = md_common_write;
3795
3796 md->attr_base = md->card.cis[0x74] | (md->card.cis[0x76] << 8);
3797 md->io_base = 0x0;
3798
3799 md_reset(md);
3800 md_interrupt_update(md);
3801
3802 md->card.slot->card_string = "DSCM-1xxxx Hitachi Microdrive";
3803 return 0;
3804}
3805
3806static int dscm1xxxx_detach(void *opaque)
3807{
3808 struct md_s *md = (struct md_s *) opaque;
3809 md_reset(md);
3810 return 0;
3811}
3812
3813struct pcmcia_card_s *dscm1xxxx_init(BlockDriverState *bdrv)
3814{
3815 struct md_s *md = (struct md_s *) qemu_mallocz(sizeof(struct md_s));
3816 md->card.state = md;
3817 md->card.attach = dscm1xxxx_attach;
3818 md->card.detach = dscm1xxxx_detach;
3819 md->card.cis = dscm1xxxx_cis;
3820 md->card.cis_len = sizeof(dscm1xxxx_cis);
3821
3822 ide_init2(md->ide, bdrv, 0, qemu_allocate_irqs(md_set_irq, md, 1)[0]);
3823 md->ide->is_cf = 1;
3824 md->ide->mdata_size = METADATA_SIZE;
3825 md->ide->mdata_storage = (uint8_t *) qemu_mallocz(METADATA_SIZE);
aa941b94
AZ		 3826
3827 register_savevm("microdrive", md_iid ++, 0, md_save, md_load, md);
3828
201a51fc
AZ		 3829 return &md->card;
3830}
QEMU mirror