]> git.proxmox.com Git - qemu.git/blame - hw/ide.c
projects / qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
typos
[qemu.git] / hw / ide.c
CommitLineData
5391d806
FB		 1/*
2 * QEMU IDE disk and CD-ROM Emulator
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 *
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
12 *
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
15 *
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
22 * THE SOFTWARE.
23 */
5391d806
FB		 24#include "vl.h"
25
5391d806
FB		 26/* debug IDE devices */
27//#define DEBUG_IDE
28//#define DEBUG_IDE_ATAPI
29
30/* Bits of HD_STATUS */
31#define ERR_STAT 0x01
32#define INDEX_STAT 0x02
33#define ECC_STAT 0x04 /* Corrected error */
34#define DRQ_STAT 0x08
35#define SEEK_STAT 0x10
36#define SRV_STAT 0x10
37#define WRERR_STAT 0x20
38#define READY_STAT 0x40
39#define BUSY_STAT 0x80
40
41/* Bits for HD_ERROR */
42#define MARK_ERR 0x01 /* Bad address mark */
43#define TRK0_ERR 0x02 /* couldn't find track 0 */
44#define ABRT_ERR 0x04 /* Command aborted */
45#define MCR_ERR 0x08 /* media change request */
46#define ID_ERR 0x10 /* ID field not found */
47#define MC_ERR 0x20 /* media changed */
48#define ECC_ERR 0x40 /* Uncorrectable ECC error */
49#define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
50#define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
51
52/* Bits of HD_NSECTOR */
53#define CD 0x01
54#define IO 0x02
55#define REL 0x04
56#define TAG_MASK 0xf8
57
58#define IDE_CMD_RESET 0x04
59#define IDE_CMD_DISABLE_IRQ 0x02
60
61/* ATA/ATAPI Commands pre T13 Spec */
62#define WIN_NOP 0x00
63/*
64 * 0x01->0x02 Reserved
65 */
66#define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
67/*
68 * 0x04->0x07 Reserved
69 */
70#define WIN_SRST 0x08 /* ATAPI soft reset command */
71#define WIN_DEVICE_RESET 0x08
72/*
73 * 0x09->0x0F Reserved
74 */
75#define WIN_RECAL 0x10
76#define WIN_RESTORE WIN_RECAL
77/*
78 * 0x10->0x1F Reserved
79 */
80#define WIN_READ 0x20 /* 28-Bit */
81#define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
82#define WIN_READ_LONG 0x22 /* 28-Bit */
83#define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
84#define WIN_READ_EXT 0x24 /* 48-Bit */
85#define WIN_READDMA_EXT 0x25 /* 48-Bit */
86#define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
87#define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
88/*
89 * 0x28
90 */
91#define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
92/*
93 * 0x2A->0x2F Reserved
94 */
95#define WIN_WRITE 0x30 /* 28-Bit */
96#define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
97#define WIN_WRITE_LONG 0x32 /* 28-Bit */
98#define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
99#define WIN_WRITE_EXT 0x34 /* 48-Bit */
100#define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
101#define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
102#define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
103#define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
104#define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
105/*
106 * 0x3A->0x3B Reserved
107 */
108#define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
109/*
110 * 0x3D->0x3F Reserved
111 */
112#define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
113#define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
114#define WIN_VERIFY_EXT 0x42 /* 48-Bit */
115/*
116 * 0x43->0x4F Reserved
117 */
118#define WIN_FORMAT 0x50
119/*
120 * 0x51->0x5F Reserved
121 */
122#define WIN_INIT 0x60
123/*
124 * 0x61->0x5F Reserved
125 */
126#define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
127#define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
128#define WIN_DIAGNOSE 0x90
129#define WIN_SPECIFY 0x91 /* set drive geometry translation */
130#define WIN_DOWNLOAD_MICROCODE 0x92
131#define WIN_STANDBYNOW2 0x94
132#define WIN_STANDBY2 0x96
133#define WIN_SETIDLE2 0x97
134#define WIN_CHECKPOWERMODE2 0x98
135#define WIN_SLEEPNOW2 0x99
136/*
137 * 0x9A VENDOR
138 */
139#define WIN_PACKETCMD 0xA0 /* Send a packet command. */
140#define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
141#define WIN_QUEUED_SERVICE 0xA2
142#define WIN_SMART 0xB0 /* self-monitoring and reporting */
143#define CFA_ERASE_SECTORS 0xC0
144#define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
145#define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
146#define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
147#define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
148#define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
149#define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
150#define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
151#define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
152#define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
153#define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
154#define WIN_GETMEDIASTATUS 0xDA
155#define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
156#define WIN_POSTBOOT 0xDC
157#define WIN_PREBOOT 0xDD
158#define WIN_DOORLOCK 0xDE /* lock door on removable drives */
159#define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
160#define WIN_STANDBYNOW1 0xE0
161#define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
162#define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
163#define WIN_SETIDLE1 0xE3
164#define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
165#define WIN_CHECKPOWERMODE1 0xE5
166#define WIN_SLEEPNOW1 0xE6
167#define WIN_FLUSH_CACHE 0xE7
168#define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
169#define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
170 /* SET_FEATURES 0x22 or 0xDD */
171#define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
172#define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
173#define WIN_MEDIAEJECT 0xED
174#define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
175#define WIN_SETFEATURES 0xEF /* set special drive features */
176#define EXABYTE_ENABLE_NEST 0xF0
177#define WIN_SECURITY_SET_PASS 0xF1
178#define WIN_SECURITY_UNLOCK 0xF2
179#define WIN_SECURITY_ERASE_PREPARE 0xF3
180#define WIN_SECURITY_ERASE_UNIT 0xF4
181#define WIN_SECURITY_FREEZE_LOCK 0xF5
182#define WIN_SECURITY_DISABLE 0xF6
183#define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
184#define WIN_SET_MAX 0xF9
185#define DISABLE_SEAGATE 0xFB
186
187/* set to 1 set disable mult support */
f66723fa 188#define MAX_MULT_SECTORS 16
5391d806
FB		 189
190/* ATAPI defines */
191
192#define ATAPI_PACKET_SIZE 12
193
194/* The generic packet command opcodes for CD/DVD Logical Units,
195 * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
196#define GPCMD_BLANK 0xa1
197#define GPCMD_CLOSE_TRACK 0x5b
198#define GPCMD_FLUSH_CACHE 0x35
199#define GPCMD_FORMAT_UNIT 0x04
200#define GPCMD_GET_CONFIGURATION 0x46
201#define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
202#define GPCMD_GET_PERFORMANCE 0xac
203#define GPCMD_INQUIRY 0x12
204#define GPCMD_LOAD_UNLOAD 0xa6
205#define GPCMD_MECHANISM_STATUS 0xbd
206#define GPCMD_MODE_SELECT_10 0x55
207#define GPCMD_MODE_SENSE_10 0x5a
208#define GPCMD_PAUSE_RESUME 0x4b
209#define GPCMD_PLAY_AUDIO_10 0x45
210#define GPCMD_PLAY_AUDIO_MSF 0x47
211#define GPCMD_PLAY_AUDIO_TI 0x48
212#define GPCMD_PLAY_CD 0xbc
213#define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
214#define GPCMD_READ_10 0x28
215#define GPCMD_READ_12 0xa8
216#define GPCMD_READ_CDVD_CAPACITY 0x25
217#define GPCMD_READ_CD 0xbe
218#define GPCMD_READ_CD_MSF 0xb9
219#define GPCMD_READ_DISC_INFO 0x51
220#define GPCMD_READ_DVD_STRUCTURE 0xad
221#define GPCMD_READ_FORMAT_CAPACITIES 0x23
222#define GPCMD_READ_HEADER 0x44
223#define GPCMD_READ_TRACK_RZONE_INFO 0x52
224#define GPCMD_READ_SUBCHANNEL 0x42
225#define GPCMD_READ_TOC_PMA_ATIP 0x43
226#define GPCMD_REPAIR_RZONE_TRACK 0x58
227#define GPCMD_REPORT_KEY 0xa4
228#define GPCMD_REQUEST_SENSE 0x03
229#define GPCMD_RESERVE_RZONE_TRACK 0x53
230#define GPCMD_SCAN 0xba
231#define GPCMD_SEEK 0x2b
232#define GPCMD_SEND_DVD_STRUCTURE 0xad
233#define GPCMD_SEND_EVENT 0xa2
234#define GPCMD_SEND_KEY 0xa3
235#define GPCMD_SEND_OPC 0x54
236#define GPCMD_SET_READ_AHEAD 0xa7
237#define GPCMD_SET_STREAMING 0xb6
238#define GPCMD_START_STOP_UNIT 0x1b
239#define GPCMD_STOP_PLAY_SCAN 0x4e
240#define GPCMD_TEST_UNIT_READY 0x00
241#define GPCMD_VERIFY_10 0x2f
242#define GPCMD_WRITE_10 0x2a
243#define GPCMD_WRITE_AND_VERIFY_10 0x2e
244/* This is listed as optional in ATAPI 2.6, but is (curiously)
245 * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
246 * Table 377 as an MMC command for SCSi devices though... Most ATAPI
247 * drives support it. */
248#define GPCMD_SET_SPEED 0xbb
249/* This seems to be a SCSI specific CD-ROM opcode
250 * to play data at track/index */
251#define GPCMD_PLAYAUDIO_TI 0x48
252/*
253 * From MS Media Status Notification Support Specification. For
254 * older drives only.
255 */
256#define GPCMD_GET_MEDIA_STATUS 0xda
257
258/* Mode page codes for mode sense/set */
259#define GPMODE_R_W_ERROR_PAGE 0x01
260#define GPMODE_WRITE_PARMS_PAGE 0x05
261#define GPMODE_AUDIO_CTL_PAGE 0x0e
262#define GPMODE_POWER_PAGE 0x1a
263#define GPMODE_FAULT_FAIL_PAGE 0x1c
264#define GPMODE_TO_PROTECT_PAGE 0x1d
265#define GPMODE_CAPABILITIES_PAGE 0x2a
266#define GPMODE_ALL_PAGES 0x3f
267/* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
268 * of MODE_SENSE_POWER_PAGE */
269#define GPMODE_CDROM_PAGE 0x0d
270
271#define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
272#define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
273#define ATAPI_INT_REASON_REL 0x04
274#define ATAPI_INT_REASON_TAG 0xf8
275
276/* same constants as bochs */
7f777bf3 277#define ASC_ILLEGAL_OPCODE 0x20
5391d806
FB		 278#define ASC_LOGICAL_BLOCK_OOR 0x21
279#define ASC_INV_FIELD_IN_CMD_PACKET 0x24
280#define ASC_MEDIUM_NOT_PRESENT 0x3a
281#define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
282
283#define SENSE_NONE 0
284#define SENSE_NOT_READY 2
285#define SENSE_ILLEGAL_REQUEST 5
286#define SENSE_UNIT_ATTENTION 6
287
288struct IDEState;
289
290typedef void EndTransferFunc(struct IDEState *);
291
caed8802 292/* NOTE: IDEState represents in fact one drive */
5391d806
FB		 293typedef struct IDEState {
294 /* ide config */
295 int is_cdrom;
5391d806
FB		 296 int cylinders, heads, sectors;
297 int64_t nb_sectors;
298 int mult_sectors;
299 int irq;
1ade1de2 300 openpic_t *openpic;
34e538ae 301 PCIDevice *pci_dev;
98087450 302 struct BMDMAState *bmdma;
aedf5382 303 int drive_serial;
5391d806
FB		 304 /* ide regs */
305 uint8_t feature;
306 uint8_t error;
307 uint16_t nsector; /* 0 is 256 to ease computations */
308 uint8_t sector;
309 uint8_t lcyl;
310 uint8_t hcyl;
311 uint8_t select;
312 uint8_t status;
313 /* 0x3f6 command, only meaningful for drive 0 */
314 uint8_t cmd;
315 /* depends on bit 4 in select, only meaningful for drive 0 */
316 struct IDEState *cur_drive;
317 BlockDriverState *bs;
318 /* ATAPI specific */
319 uint8_t sense_key;
320 uint8_t asc;
321 int packet_transfer_size;
322 int elementary_transfer_size;
323 int io_buffer_index;
324 int lba;
98087450
FB		 325 int cd_sector_size;
326 int atapi_dma; /* true if dma is requested for the packet cmd */
327 /* ATA DMA state */
328 int io_buffer_size;
329 /* PIO transfer handling */
5391d806
FB		 330 int req_nb_sectors; /* number of sectors per interrupt */
331 EndTransferFunc *end_transfer_func;
332 uint8_t *data_ptr;
333 uint8_t *data_end;
334 uint8_t io_buffer[MAX_MULT_SECTORS*512 + 4];
335} IDEState;
336
98087450
FB		 337#define BM_STATUS_DMAING 0x01
338#define BM_STATUS_ERROR 0x02
339#define BM_STATUS_INT 0x04
340
341#define BM_CMD_START 0x01
342#define BM_CMD_READ 0x08
343
344typedef int IDEDMAFunc(IDEState *s,
345 target_phys_addr_t phys_addr,
346 int transfer_size1);
347
348typedef struct BMDMAState {
349 uint8_t cmd;
350 uint8_t status;
351 uint32_t addr;
352 /* current transfer state */
353 IDEState *ide_if;
354 IDEDMAFunc *dma_cb;
355} BMDMAState;
356
357typedef struct PCIIDEState {
358 PCIDevice dev;
359 IDEState ide_if[4];
360 BMDMAState bmdma[2];
361} PCIIDEState;
362
363static void ide_dma_start(IDEState *s, IDEDMAFunc *dma_cb);
364
5391d806
FB		 365static void padstr(char *str, const char *src, int len)
366{
367 int i, v;
368 for(i = 0; i < len; i++) {
369 if (*src)
370 v = *src++;
371 else
372 v = ' ';
373 *(char *)((long)str ^ 1) = v;
374 str++;
375 }
376}
377
bd0d90b2
FB		 378static void padstr8(uint8_t *buf, int buf_size, const char *src)
379{
380 int i;
381 for(i = 0; i < buf_size; i++) {
382 if (*src)
383 buf[i] = *src++;
384 else
385 buf[i] = ' ';
386 }
387}
388
67b915a5
FB		 389static void put_le16(uint16_t *p, unsigned int v)
390{
0c4ad8dc 391 *p = cpu_to_le16(v);
67b915a5
FB		 392}
393
5391d806
FB		 394static void ide_identify(IDEState *s)
395{
396 uint16_t *p;
397 unsigned int oldsize;
aedf5382 398 char buf[20];
5391d806
FB		 399
400 memset(s->io_buffer, 0, 512);
401 p = (uint16_t *)s->io_buffer;
67b915a5
FB		 402 put_le16(p + 0, 0x0040);
403 put_le16(p + 1, s->cylinders);
404 put_le16(p + 3, s->heads);
405 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
406 put_le16(p + 5, 512); /* XXX: retired, remove ? */
407 put_le16(p + 6, s->sectors);
aedf5382
FB		 408 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
409 padstr((uint8_t *)(p + 10), buf, 20); /* serial number */
67b915a5
FB		 410 put_le16(p + 20, 3); /* XXX: retired, remove ? */
411 put_le16(p + 21, 512); /* cache size in sectors */
412 put_le16(p + 22, 4); /* ecc bytes */
5391d806
FB		 413 padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */
414 padstr((uint8_t *)(p + 27), "QEMU HARDDISK", 40); /* model */
415#if MAX_MULT_SECTORS > 1
67b915a5 416 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
5391d806 417#endif
67b915a5 418 put_le16(p + 48, 1); /* dword I/O */
e0fe67aa 419 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
67b915a5
FB		 420 put_le16(p + 51, 0x200); /* PIO transfer cycle */
421 put_le16(p + 52, 0x200); /* DMA transfer cycle */
e0fe67aa 422 put_le16(p + 53, 1 | 1 << 2); /* words 54-58,88 are valid */
67b915a5
FB		 423 put_le16(p + 54, s->cylinders);
424 put_le16(p + 55, s->heads);
425 put_le16(p + 56, s->sectors);
5391d806 426 oldsize = s->cylinders * s->heads * s->sectors;
67b915a5
FB		 427 put_le16(p + 57, oldsize);
428 put_le16(p + 58, oldsize >> 16);
5391d806 429 if (s->mult_sectors)
67b915a5
FB		 430 put_le16(p + 59, 0x100 | s->mult_sectors);
431 put_le16(p + 60, s->nb_sectors);
432 put_le16(p + 61, s->nb_sectors >> 16);
433 put_le16(p + 80, (1 << 1) | (1 << 2));
434 put_le16(p + 82, (1 << 14));
435 put_le16(p + 83, (1 << 14));
436 put_le16(p + 84, (1 << 14));
437 put_le16(p + 85, (1 << 14));
438 put_le16(p + 86, 0);
439 put_le16(p + 87, (1 << 14));
e0fe67aa
FB		 440 put_le16(p + 88, 0x1f | (1 << 13));
441 put_le16(p + 93, 1 | (1 << 14) | 0x2000 | 0x4000);
5391d806
FB		 442}
443
444static void ide_atapi_identify(IDEState *s)
445{
446 uint16_t *p;
aedf5382 447 char buf[20];
5391d806
FB		 448
449 memset(s->io_buffer, 0, 512);
450 p = (uint16_t *)s->io_buffer;
451 /* Removable CDROM, 50us response, 12 byte packets */
67b915a5 452 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
aedf5382
FB		 453 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
454 padstr((uint8_t *)(p + 10), buf, 20); /* serial number */
67b915a5
FB		 455 put_le16(p + 20, 3); /* buffer type */
456 put_le16(p + 21, 512); /* cache size in sectors */
457 put_le16(p + 22, 4); /* ecc bytes */
5391d806
FB		 458 padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */
459 padstr((uint8_t *)(p + 27), "QEMU CD-ROM", 40); /* model */
67b915a5
FB		 460 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
461 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
462 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
463 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
464 put_le16(p + 64, 1); /* PIO modes */
465 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
466 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
467 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
468 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
5391d806 469
67b915a5
FB		 470 put_le16(p + 71, 30); /* in ns */
471 put_le16(p + 72, 30); /* in ns */
5391d806 472
67b915a5 473 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
5391d806
FB		 474}
475
476static void ide_set_signature(IDEState *s)
477{
478 s->select &= 0xf0; /* clear head */
479 /* put signature */
480 s->nsector = 1;
481 s->sector = 1;
482 if (s->is_cdrom) {
483 s->lcyl = 0x14;
484 s->hcyl = 0xeb;
485 } else if (s->bs) {
486 s->lcyl = 0;
487 s->hcyl = 0;
488 } else {
489 s->lcyl = 0xff;
490 s->hcyl = 0xff;
491 }
492}
493
494static inline void ide_abort_command(IDEState *s)
495{
496 s->status = READY_STAT | ERR_STAT;
497 s->error = ABRT_ERR;
498}
499
500static inline void ide_set_irq(IDEState *s)
501{
98ff7d30 502 BMDMAState *bm = s->bmdma;
5391d806 503 if (!(s->cmd & IDE_CMD_DISABLE_IRQ)) {
98ff7d30
FB		 504 if (bm)
505 bm->status |= BM_STATUS_INT;
1ade1de2
FB		 506#ifdef TARGET_PPC
507 if (s->openpic)
508 openpic_set_irq(s->openpic, s->irq, 1);
509 else
510#endif
34e538ae
FB		 511 if (s->irq == 16)
512 pci_set_irq(s->pci_dev, 0, 1);
513 else
514 pic_set_irq(s->irq, 1);
5391d806
FB		 515 }
516}
517
518/* prepare data transfer and tell what to do after */
519static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
520 EndTransferFunc *end_transfer_func)
521{
522 s->end_transfer_func = end_transfer_func;
523 s->data_ptr = buf;
524 s->data_end = buf + size;
525 s->status |= DRQ_STAT;
526}
527
528static void ide_transfer_stop(IDEState *s)
529{
530 s->end_transfer_func = ide_transfer_stop;
531 s->data_ptr = s->io_buffer;
532 s->data_end = s->io_buffer;
533 s->status &= ~DRQ_STAT;
534}
535
536static int64_t ide_get_sector(IDEState *s)
537{
538 int64_t sector_num;
539 if (s->select & 0x40) {
540 /* lba */
541 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
542 (s->lcyl << 8) | s->sector;
543 } else {
544 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
545 (s->select & 0x0f) * s->sectors +
546 (s->sector - 1);
547 }
548 return sector_num;
549}
550
551static void ide_set_sector(IDEState *s, int64_t sector_num)
552{
553 unsigned int cyl, r;
554 if (s->select & 0x40) {
555 s->select = (s->select & 0xf0) | (sector_num >> 24);
556 s->hcyl = (sector_num >> 16);
557 s->lcyl = (sector_num >> 8);
558 s->sector = (sector_num);
559 } else {
560 cyl = sector_num / (s->heads * s->sectors);
561 r = sector_num % (s->heads * s->sectors);
562 s->hcyl = cyl >> 8;
563 s->lcyl = cyl;
1b8eb456 564 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
5391d806
FB		 565 s->sector = (r % s->sectors) + 1;
566 }
567}
568
569static void ide_sector_read(IDEState *s)
570{
571 int64_t sector_num;
572 int ret, n;
573
574 s->status = READY_STAT | SEEK_STAT;
a136e5a8 575 s->error = 0; /* not needed by IDE spec, but needed by Windows */
5391d806
FB		 576 sector_num = ide_get_sector(s);
577 n = s->nsector;
578 if (n == 0) {
579 /* no more sector to read from disk */
580 ide_transfer_stop(s);
581 } else {
582#if defined(DEBUG_IDE)
583 printf("read sector=%Ld\n", sector_num);
584#endif
585 if (n > s->req_nb_sectors)
586 n = s->req_nb_sectors;
587 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
588 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
589 ide_set_irq(s);
590 ide_set_sector(s, sector_num + n);
591 s->nsector -= n;
592 }
593}
594
98087450
FB		 595static int ide_read_dma_cb(IDEState *s,
596 target_phys_addr_t phys_addr,
597 int transfer_size1)
598{
599 int len, transfer_size, n;
600 int64_t sector_num;
601
602 transfer_size = transfer_size1;
603 while (transfer_size > 0) {
604 len = s->io_buffer_size - s->io_buffer_index;
605 if (len <= 0) {
606 /* transfert next data */
607 n = s->nsector;
608 if (n == 0)
609 break;
610 if (n > MAX_MULT_SECTORS)
611 n = MAX_MULT_SECTORS;
612 sector_num = ide_get_sector(s);
613 bdrv_read(s->bs, sector_num, s->io_buffer, n);
614 s->io_buffer_index = 0;
615 s->io_buffer_size = n * 512;
616 len = s->io_buffer_size;
617 sector_num += n;
618 ide_set_sector(s, sector_num);
619 s->nsector -= n;
620 }
621 if (len > transfer_size)
622 len = transfer_size;
623 cpu_physical_memory_write(phys_addr,
624 s->io_buffer + s->io_buffer_index, len);
625 s->io_buffer_index += len;
626 transfer_size -= len;
627 phys_addr += len;
628 }
629 if (s->io_buffer_index >= s->io_buffer_size && s->nsector == 0) {
630 s->status = READY_STAT | SEEK_STAT;
631 ide_set_irq(s);
632#ifdef DEBUG_IDE_ATAPI
633 printf("dma status=0x%x\n", s->status);
634#endif
635 return 0;
636 }
637 return transfer_size1 - transfer_size;
638}
639
640static void ide_sector_read_dma(IDEState *s)
641{
642 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
643 s->io_buffer_index = 0;
644 s->io_buffer_size = 0;
645 ide_dma_start(s, ide_read_dma_cb);
646}
647
5391d806
FB		 648static void ide_sector_write(IDEState *s)
649{
650 int64_t sector_num;
651 int ret, n, n1;
652
653 s->status = READY_STAT | SEEK_STAT;
654 sector_num = ide_get_sector(s);
655#if defined(DEBUG_IDE)
656 printf("write sector=%Ld\n", sector_num);
657#endif
658 n = s->nsector;
659 if (n > s->req_nb_sectors)
660 n = s->req_nb_sectors;
661 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
662 s->nsector -= n;
663 if (s->nsector == 0) {
664 /* no more sector to write */
665 ide_transfer_stop(s);
666 } else {
667 n1 = s->nsector;
668 if (n1 > s->req_nb_sectors)
669 n1 = s->req_nb_sectors;
670 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
671 }
672 ide_set_sector(s, sector_num + n);
673 ide_set_irq(s);
674}
675
98087450
FB		 676static int ide_write_dma_cb(IDEState *s,
677 target_phys_addr_t phys_addr,
678 int transfer_size1)
679{
680 int len, transfer_size, n;
681 int64_t sector_num;
682
683 transfer_size = transfer_size1;
684 for(;;) {
685 len = s->io_buffer_size - s->io_buffer_index;
686 if (len == 0) {
687 n = s->io_buffer_size >> 9;
688 sector_num = ide_get_sector(s);
689 bdrv_write(s->bs, sector_num, s->io_buffer,
690 s->io_buffer_size >> 9);
691 sector_num += n;
692 ide_set_sector(s, sector_num);
693 s->nsector -= n;
694 n = s->nsector;
695 if (n == 0) {
696 /* end of transfer */
697 s->status = READY_STAT | SEEK_STAT;
698 ide_set_irq(s);
699 return 0;
700 }
701 if (n > MAX_MULT_SECTORS)
702 n = MAX_MULT_SECTORS;
703 s->io_buffer_index = 0;
704 s->io_buffer_size = n * 512;
705 len = s->io_buffer_size;
706 }
707 if (transfer_size <= 0)
708 break;
709 if (len > transfer_size)
710 len = transfer_size;
711 cpu_physical_memory_read(phys_addr,
712 s->io_buffer + s->io_buffer_index, len);
713 s->io_buffer_index += len;
714 transfer_size -= len;
715 phys_addr += len;
716 }
717 return transfer_size1 - transfer_size;
718}
719
720static void ide_sector_write_dma(IDEState *s)
721{
722 int n;
723 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
724 n = s->nsector;
725 if (n > MAX_MULT_SECTORS)
726 n = MAX_MULT_SECTORS;
727 s->io_buffer_index = 0;
728 s->io_buffer_size = n * 512;
729 ide_dma_start(s, ide_write_dma_cb);
730}
731
5391d806
FB		 732static void ide_atapi_cmd_ok(IDEState *s)
733{
734 s->error = 0;
735 s->status = READY_STAT;
736 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
737 ide_set_irq(s);
738}
739
740static void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
741{
742#ifdef DEBUG_IDE_ATAPI
743 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
744#endif
745 s->error = sense_key << 4;
746 s->status = READY_STAT | ERR_STAT;
747 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
748 s->sense_key = sense_key;
749 s->asc = asc;
750 ide_set_irq(s);
751}
752
753static inline void cpu_to_ube16(uint8_t *buf, int val)
754{
755 buf[0] = val >> 8;
756 buf[1] = val;
757}
758
759static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
760{
761 buf[0] = val >> 24;
762 buf[1] = val >> 16;
763 buf[2] = val >> 8;
764 buf[3] = val;
765}
766
767static inline int ube16_to_cpu(const uint8_t *buf)
768{
769 return (buf[0] << 8) | buf[1];
770}
771
772static inline int ube32_to_cpu(const uint8_t *buf)
773{
774 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
775}
776
98087450
FB		 777static void lba_to_msf(uint8_t *buf, int lba)
778{
779 lba += 150;
780 buf[0] = (lba / 75) / 60;
781 buf[1] = (lba / 75) % 60;
782 buf[2] = lba % 75;
783}
784
785static void cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
786 int sector_size)
787{
788 switch(sector_size) {
789 case 2048:
790 bdrv_read(bs, (int64_t)lba << 2, buf, 4);
791 break;
792 case 2352:
793 /* sync bytes */
794 buf[0] = 0x00;
795 memset(buf + 1, 0xff, 11);
796 buf += 12;
797 /* MSF */
798 lba_to_msf(buf, lba);
799 buf[3] = 0x01; /* mode 1 data */
800 buf += 4;
801 /* data */
802 bdrv_read(bs, (int64_t)lba << 2, buf, 4);
803 buf += 2048;
804 /* ECC */
805 memset(buf, 0, 288);
806 break;
807 default:
808 break;
809 }
810}
811
5391d806
FB		 812/* The whole ATAPI transfer logic is handled in this function */
813static void ide_atapi_cmd_reply_end(IDEState *s)
814{
815 int byte_count_limit, size;
816#ifdef DEBUG_IDE_ATAPI
817 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
818 s->packet_transfer_size,
819 s->elementary_transfer_size,
820 s->io_buffer_index);
821#endif
822 if (s->packet_transfer_size <= 0) {
823 /* end of transfer */
824 ide_transfer_stop(s);
825 s->status = READY_STAT;
826 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
827 ide_set_irq(s);
828#ifdef DEBUG_IDE_ATAPI
829 printf("status=0x%x\n", s->status);
830#endif
831 } else {
832 /* see if a new sector must be read */
98087450
FB		 833 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
834 cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
5391d806
FB		 835 s->lba++;
836 s->io_buffer_index = 0;
837 }
838 if (s->elementary_transfer_size > 0) {
839 /* there are some data left to transmit in this elementary
840 transfer */
98087450 841 size = s->cd_sector_size - s->io_buffer_index;
5391d806
FB		 842 if (size > s->elementary_transfer_size)
843 size = s->elementary_transfer_size;
844 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
845 size, ide_atapi_cmd_reply_end);
846 s->packet_transfer_size -= size;
847 s->elementary_transfer_size -= size;
848 s->io_buffer_index += size;
849 } else {
850 /* a new transfer is needed */
851 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
852 byte_count_limit = s->lcyl | (s->hcyl << 8);
853#ifdef DEBUG_IDE_ATAPI
854 printf("byte_count_limit=%d\n", byte_count_limit);
855#endif
856 if (byte_count_limit == 0xffff)
857 byte_count_limit--;
858 size = s->packet_transfer_size;
859 if (size > byte_count_limit) {
860 /* byte count limit must be even if this case */
861 if (byte_count_limit & 1)
862 byte_count_limit--;
863 size = byte_count_limit;
5391d806 864 }
a136e5a8
FB		 865 s->lcyl = size;
866 s->hcyl = size >> 8;
5391d806
FB		 867 s->elementary_transfer_size = size;
868 /* we cannot transmit more than one sector at a time */
869 if (s->lba != -1) {
98087450
FB		 870 if (size > (s->cd_sector_size - s->io_buffer_index))
871 size = (s->cd_sector_size - s->io_buffer_index);
5391d806
FB		 872 }
873 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
874 size, ide_atapi_cmd_reply_end);
875 s->packet_transfer_size -= size;
876 s->elementary_transfer_size -= size;
877 s->io_buffer_index += size;
878 ide_set_irq(s);
879#ifdef DEBUG_IDE_ATAPI
880 printf("status=0x%x\n", s->status);
881#endif
882 }
883 }
884}
885
886/* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
887static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
888{
889 if (size > max_size)
890 size = max_size;
891 s->lba = -1; /* no sector read */
892 s->packet_transfer_size = size;
893 s->elementary_transfer_size = 0;
894 s->io_buffer_index = 0;
895
896 s->status = READY_STAT;
897 ide_atapi_cmd_reply_end(s);
898}
899
900/* start a CD-CDROM read command */
98087450
FB		 901static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
902 int sector_size)
5391d806 903{
5391d806 904 s->lba = lba;
98087450 905 s->packet_transfer_size = nb_sectors * sector_size;
5391d806 906 s->elementary_transfer_size = 0;
98087450
FB		 907 s->io_buffer_index = sector_size;
908 s->cd_sector_size = sector_size;
5391d806
FB		 909
910 s->status = READY_STAT;
911 ide_atapi_cmd_reply_end(s);
912}
913
98087450
FB		 914/* ATAPI DMA support */
915static int ide_atapi_cmd_read_dma_cb(IDEState *s,
916 target_phys_addr_t phys_addr,
917 int transfer_size1)
918{
919 int len, transfer_size;
920
921 transfer_size = transfer_size1;
922 while (transfer_size > 0) {
923 if (s->packet_transfer_size <= 0)
924 break;
925 len = s->cd_sector_size - s->io_buffer_index;
926 if (len <= 0) {
927 /* transfert next data */
928 cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
929 s->lba++;
930 s->io_buffer_index = 0;
931 len = s->cd_sector_size;
932 }
933 if (len > transfer_size)
934 len = transfer_size;
935 cpu_physical_memory_write(phys_addr,
936 s->io_buffer + s->io_buffer_index, len);
937 s->packet_transfer_size -= len;
938 s->io_buffer_index += len;
939 transfer_size -= len;
940 phys_addr += len;
941 }
942 if (s->packet_transfer_size <= 0) {
943 s->status = READY_STAT;
944 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
945 ide_set_irq(s);
946#ifdef DEBUG_IDE_ATAPI
947 printf("dma status=0x%x\n", s->status);
948#endif
949 return 0;
950 }
951 return transfer_size1 - transfer_size;
952}
953
954/* start a CD-CDROM read command with DMA */
955/* XXX: test if DMA is available */
956static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
957 int sector_size)
958{
959 s->lba = lba;
960 s->packet_transfer_size = nb_sectors * sector_size;
961 s->io_buffer_index = sector_size;
962 s->cd_sector_size = sector_size;
963
964 s->status = READY_STAT | DRQ_STAT;
965 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
966}
967
968static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
969 int sector_size)
970{
971#ifdef DEBUG_IDE_ATAPI
972 printf("read: LBA=%d nb_sectors=%d\n", lba, nb_sectors);
973#endif
974 if (s->atapi_dma) {
975 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
976 } else {
977 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
978 }
979}
980
5391d806 981/* same toc as bochs. Return -1 if error or the toc length */
98087450 982/* XXX: check this */
5391d806
FB		 983static int cdrom_read_toc(IDEState *s, uint8_t *buf, int msf, int start_track)
984{
985 uint8_t *q;
986 int nb_sectors, len;
987
988 if (start_track > 1 && start_track != 0xaa)
989 return -1;
990 q = buf + 2;
98087450
FB		 991 *q++ = 1; /* first session */
992 *q++ = 1; /* last session */
5391d806
FB		 993 if (start_track <= 1) {
994 *q++ = 0; /* reserved */
995 *q++ = 0x14; /* ADR, control */
996 *q++ = 1; /* track number */
997 *q++ = 0; /* reserved */
998 if (msf) {
999 *q++ = 0; /* reserved */
1000 *q++ = 0; /* minute */
1001 *q++ = 2; /* second */
1002 *q++ = 0; /* frame */
1003 } else {
1004 /* sector 0 */
1005 cpu_to_ube32(q, 0);
1006 q += 4;
1007 }
1008 }
1009 /* lead out track */
1010 *q++ = 0; /* reserved */
1011 *q++ = 0x16; /* ADR, control */
1012 *q++ = 0xaa; /* track number */
1013 *q++ = 0; /* reserved */
1014 nb_sectors = s->nb_sectors >> 2;
1015 if (msf) {
1016 *q++ = 0; /* reserved */
98087450
FB		 1017 lba_to_msf(q, nb_sectors);
1018 q += 3;
1019 } else {
1020 cpu_to_ube32(q, nb_sectors);
1021 q += 4;
1022 }
1023 len = q - buf;
1024 cpu_to_ube16(buf, len - 2);
1025 return len;
1026}
1027
1028/* mostly same info as PearPc */
1029static int cdrom_read_toc_raw(IDEState *s, uint8_t *buf, int msf,
1030 int session_num)
1031{
1032 uint8_t *q;
1033 int nb_sectors, len;
1034
1035 q = buf + 2;
1036 *q++ = 1; /* first session */
1037 *q++ = 1; /* last session */
1038
1039 *q++ = 1; /* session number */
1040 *q++ = 0x14; /* data track */
1041 *q++ = 0; /* track number */
1042 *q++ = 0xa0; /* lead-in */
1043 *q++ = 0; /* min */
1044 *q++ = 0; /* sec */
1045 *q++ = 0; /* frame */
1046 *q++ = 0;
1047 *q++ = 1; /* first track */
1048 *q++ = 0x00; /* disk type */
1049 *q++ = 0x00;
1050
1051 *q++ = 1; /* session number */
1052 *q++ = 0x14; /* data track */
1053 *q++ = 0; /* track number */
1054 *q++ = 0xa1;
1055 *q++ = 0; /* min */
1056 *q++ = 0; /* sec */
1057 *q++ = 0; /* frame */
1058 *q++ = 0;
1059 *q++ = 1; /* last track */
1060 *q++ = 0x00;
1061 *q++ = 0x00;
1062
1063 *q++ = 1; /* session number */
1064 *q++ = 0x14; /* data track */
1065 *q++ = 0; /* track number */
1066 *q++ = 0xa2; /* lead-out */
1067 *q++ = 0; /* min */
1068 *q++ = 0; /* sec */
1069 *q++ = 0; /* frame */
1070 nb_sectors = s->nb_sectors >> 2;
1071 if (msf) {
1072 *q++ = 0; /* reserved */
1073 lba_to_msf(q, nb_sectors);
1074 q += 3;
5391d806
FB		 1075 } else {
1076 cpu_to_ube32(q, nb_sectors);
1077 q += 4;
1078 }
98087450
FB		 1079
1080 *q++ = 1; /* session number */
1081 *q++ = 0x14; /* ADR, control */
1082 *q++ = 0; /* track number */
1083 *q++ = 1; /* point */
1084 *q++ = 0; /* min */
1085 *q++ = 0; /* sec */
1086 *q++ = 0; /* frame */
1087 *q++ = 0;
1088 *q++ = 0;
1089 *q++ = 0;
1090 *q++ = 0;
1091
5391d806
FB		 1092 len = q - buf;
1093 cpu_to_ube16(buf, len - 2);
1094 return len;
1095}
1096
1097static void ide_atapi_cmd(IDEState *s)
1098{
1099 const uint8_t *packet;
1100 uint8_t *buf;
1101 int max_len;
1102
1103 packet = s->io_buffer;
1104 buf = s->io_buffer;
1105#ifdef DEBUG_IDE_ATAPI
1106 {
1107 int i;
1108 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1109 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1110 printf(" %02x", packet[i]);
1111 }
1112 printf("\n");
1113 }
1114#endif
1115 switch(s->io_buffer[0]) {
1116 case GPCMD_TEST_UNIT_READY:
caed8802 1117 if (bdrv_is_inserted(s->bs)) {
5391d806
FB		 1118 ide_atapi_cmd_ok(s);
1119 } else {
1120 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1121 ASC_MEDIUM_NOT_PRESENT);
1122 }
1123 break;
1124 case GPCMD_MODE_SENSE_10:
1125 {
1126 int action, code;
1127 max_len = ube16_to_cpu(packet + 7);
1128 action = packet[2] >> 6;
1129 code = packet[2] & 0x3f;
1130 switch(action) {
1131 case 0: /* current values */
1132 switch(code) {
1133 case 0x01: /* error recovery */
1134 cpu_to_ube16(&buf[0], 16 + 6);
1135 buf[2] = 0x70;
1136 buf[3] = 0;
1137 buf[4] = 0;
1138 buf[5] = 0;
1139 buf[6] = 0;
1140 buf[7] = 0;
1141
1142 buf[8] = 0x01;
1143 buf[9] = 0x06;
1144 buf[10] = 0x00;
1145 buf[11] = 0x05;
1146 buf[12] = 0x00;
1147 buf[13] = 0x00;
1148 buf[14] = 0x00;
1149 buf[15] = 0x00;
1150 ide_atapi_cmd_reply(s, 16, max_len);
1151 break;
1152 case 0x2a:
1153 cpu_to_ube16(&buf[0], 28 + 6);
1154 buf[2] = 0x70;
1155 buf[3] = 0;
1156 buf[4] = 0;
1157 buf[5] = 0;
1158 buf[6] = 0;
1159 buf[7] = 0;
1160
1161 buf[8] = 0x2a;
1162 buf[9] = 0x12;
1163 buf[10] = 0x00;
1164 buf[11] = 0x00;
1165
1166 buf[12] = 0x70;
1167 buf[13] = 3 << 5;
1168 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
caed8802 1169 if (bdrv_is_locked(s->bs))
5391d806
FB		 1170 buf[6] |= 1 << 1;
1171 buf[15] = 0x00;
1172 cpu_to_ube16(&buf[16], 706);
1173 buf[18] = 0;
1174 buf[19] = 2;
1175 cpu_to_ube16(&buf[20], 512);
1176 cpu_to_ube16(&buf[22], 706);
1177 buf[24] = 0;
1178 buf[25] = 0;
1179 buf[26] = 0;
1180 buf[27] = 0;
1181 ide_atapi_cmd_reply(s, 28, max_len);
1182 break;
1183 default:
1184 goto error_cmd;
1185 }
1186 break;
1187 case 1: /* changeable values */
1188 goto error_cmd;
1189 case 2: /* default values */
1190 goto error_cmd;
1191 default:
1192 case 3: /* saved values */
1193 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1194 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1195 break;
1196 }
1197 }
1198 break;
1199 case GPCMD_REQUEST_SENSE:
1200 max_len = packet[4];
1201 memset(buf, 0, 18);
1202 buf[0] = 0x70 | (1 << 7);
1203 buf[2] = s->sense_key;
1204 buf[7] = 10;
1205 buf[12] = s->asc;
1206 ide_atapi_cmd_reply(s, 18, max_len);
1207 break;
1208 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
caed8802
FB		 1209 if (bdrv_is_inserted(s->bs)) {
1210 bdrv_set_locked(s->bs, packet[4] & 1);
5391d806
FB		 1211 ide_atapi_cmd_ok(s);
1212 } else {
1213 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1214 ASC_MEDIUM_NOT_PRESENT);
1215 }
1216 break;
1217 case GPCMD_READ_10:
1218 case GPCMD_READ_12:
1219 {
1220 int nb_sectors, lba;
1221
caed8802 1222 if (!bdrv_is_inserted(s->bs)) {
5391d806
FB		 1223 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1224 ASC_MEDIUM_NOT_PRESENT);
1225 break;
1226 }
1227 if (packet[0] == GPCMD_READ_10)
1228 nb_sectors = ube16_to_cpu(packet + 7);
1229 else
1230 nb_sectors = ube32_to_cpu(packet + 6);
1231 lba = ube32_to_cpu(packet + 2);
1232 if (nb_sectors == 0) {
1233 ide_atapi_cmd_ok(s);
1234 break;
1235 }
1236 if (((int64_t)(lba + nb_sectors) << 2) > s->nb_sectors) {
1237 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1238 ASC_LOGICAL_BLOCK_OOR);
1239 break;
1240 }
98087450
FB		 1241 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1242 }
1243 break;
1244 case GPCMD_READ_CD:
1245 {
1246 int nb_sectors, lba, transfer_request;
1247
1248 if (!bdrv_is_inserted(s->bs)) {
1249 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1250 ASC_MEDIUM_NOT_PRESENT);
1251 break;
1252 }
1253 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1254 lba = ube32_to_cpu(packet + 2);
1255 if (nb_sectors == 0) {
1256 ide_atapi_cmd_ok(s);
1257 break;
1258 }
1259 if (((int64_t)(lba + nb_sectors) << 2) > s->nb_sectors) {
1260 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1261 ASC_LOGICAL_BLOCK_OOR);
1262 break;
1263 }
1264 transfer_request = packet[9];
1265 switch(transfer_request & 0xf8) {
1266 case 0x00:
1267 /* nothing */
1268 ide_atapi_cmd_ok(s);
1269 break;
1270 case 0x10:
1271 /* normal read */
1272 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1273 break;
1274 case 0xf8:
1275 /* read all data */
1276 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1277 break;
1278 default:
1279 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1280 ASC_INV_FIELD_IN_CMD_PACKET);
1281 break;
1282 }
5391d806
FB		 1283 }
1284 break;
1285 case GPCMD_SEEK:
1286 {
1287 int lba;
caed8802 1288 if (!bdrv_is_inserted(s->bs)) {
5391d806
FB		 1289 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1290 ASC_MEDIUM_NOT_PRESENT);
1291 break;
1292 }
1293 lba = ube32_to_cpu(packet + 2);
1294 if (((int64_t)lba << 2) > s->nb_sectors) {
1295 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1296 ASC_LOGICAL_BLOCK_OOR);
1297 break;
1298 }
1299 ide_atapi_cmd_ok(s);
1300 }
1301 break;
1302 case GPCMD_START_STOP_UNIT:
1303 {
1304 int start, eject;
1305 start = packet[4] & 1;
1306 eject = (packet[4] >> 1) & 1;
1307
caed8802
FB		 1308 if (eject && !start) {
1309 /* eject the disk */
1310 bdrv_close(s->bs);
1311 }
5391d806
FB		 1312 ide_atapi_cmd_ok(s);
1313 }
1314 break;
1315 case GPCMD_MECHANISM_STATUS:
1316 {
1317 max_len = ube16_to_cpu(packet + 8);
1318 cpu_to_ube16(buf, 0);
1319 /* no current LBA */
1320 buf[2] = 0;
1321 buf[3] = 0;
1322 buf[4] = 0;
1323 buf[5] = 1;
1324 cpu_to_ube16(buf + 6, 0);
1325 ide_atapi_cmd_reply(s, 8, max_len);
1326 }
1327 break;
1328 case GPCMD_READ_TOC_PMA_ATIP:
1329 {
1330 int format, msf, start_track, len;
1331
caed8802 1332 if (!bdrv_is_inserted(s->bs)) {
5391d806
FB		 1333 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1334 ASC_MEDIUM_NOT_PRESENT);
1335 break;
1336 }
1337 max_len = ube16_to_cpu(packet + 7);
1338 format = packet[9] >> 6;
1339 msf = (packet[1] >> 1) & 1;
1340 start_track = packet[6];
1341 switch(format) {
1342 case 0:
1343 len = cdrom_read_toc(s, buf, msf, start_track);
1344 if (len < 0)
1345 goto error_cmd;
1346 ide_atapi_cmd_reply(s, len, max_len);
1347 break;
1348 case 1:
1349 /* multi session : only a single session defined */
1350 memset(buf, 0, 12);
1351 buf[1] = 0x0a;
1352 buf[2] = 0x01;
1353 buf[3] = 0x01;
1354 ide_atapi_cmd_reply(s, 12, max_len);
1355 break;
98087450
FB		 1356 case 2:
1357 len = cdrom_read_toc_raw(s, buf, msf, start_track);
1358 if (len < 0)
1359 goto error_cmd;
1360 ide_atapi_cmd_reply(s, len, max_len);
1361 break;
5391d806 1362 default:
7f777bf3
FB		 1363 error_cmd:
1364 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1365 ASC_INV_FIELD_IN_CMD_PACKET);
1366 break;
5391d806
FB		 1367 }
1368 }
1369 break;
1370 case GPCMD_READ_CDVD_CAPACITY:
caed8802 1371 if (!bdrv_is_inserted(s->bs)) {
5391d806
FB		 1372 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1373 ASC_MEDIUM_NOT_PRESENT);
1374 break;
1375 }
1376 /* NOTE: it is really the number of sectors minus 1 */
1377 cpu_to_ube32(buf, (s->nb_sectors >> 2) - 1);
1378 cpu_to_ube32(buf + 4, 2048);
1379 ide_atapi_cmd_reply(s, 8, 8);
1380 break;
bd0d90b2
FB		 1381 case GPCMD_INQUIRY:
1382 max_len = packet[4];
1383 buf[0] = 0x05; /* CD-ROM */
1384 buf[1] = 0x80; /* removable */
1385 buf[2] = 0x00; /* ISO */
1386 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1387 buf[4] = 31; /* additionnal length */
1388 buf[5] = 0; /* reserved */
1389 buf[6] = 0; /* reserved */
1390 buf[7] = 0; /* reserved */
1391 padstr8(buf + 8, 8, "QEMU");
1392 padstr8(buf + 16, 16, "QEMU CD-ROM");
1393 padstr8(buf + 32, 4, QEMU_VERSION);
1394 ide_atapi_cmd_reply(s, 36, max_len);
1395 break;
5391d806 1396 default:
5391d806 1397 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
7f777bf3 1398 ASC_ILLEGAL_OPCODE);
5391d806
FB		 1399 break;
1400 }
1401}
1402
caed8802
FB		 1403/* called when the inserted state of the media has changed */
1404static void cdrom_change_cb(void *opaque)
5391d806 1405{
caed8802
FB		 1406 IDEState *s = opaque;
1407 int64_t nb_sectors;
1408
1409 /* XXX: send interrupt too */
1410 bdrv_get_geometry(s->bs, &nb_sectors);
1411 s->nb_sectors = nb_sectors;
1412}
1413
1414static void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
1415{
1416 IDEState *ide_if = opaque;
c45c3d00 1417 IDEState *s;
5391d806
FB		 1418 int unit, n;
1419
1420#ifdef DEBUG_IDE
1421 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1422#endif
1423 addr &= 7;
1424 switch(addr) {
1425 case 0:
1426 break;
1427 case 1:
c45c3d00
FB		 1428 /* NOTE: data is written to the two drives */
1429 ide_if[0].feature = val;
1430 ide_if[1].feature = val;
5391d806
FB		 1431 break;
1432 case 2:
1433 if (val == 0)
1434 val = 256;
c45c3d00
FB		 1435 ide_if[0].nsector = val;
1436 ide_if[1].nsector = val;
5391d806
FB		 1437 break;
1438 case 3:
c45c3d00
FB		 1439 ide_if[0].sector = val;
1440 ide_if[1].sector = val;
5391d806
FB		 1441 break;
1442 case 4:
c45c3d00
FB		 1443 ide_if[0].lcyl = val;
1444 ide_if[1].lcyl = val;
5391d806
FB		 1445 break;
1446 case 5:
c45c3d00
FB		 1447 ide_if[0].hcyl = val;
1448 ide_if[1].hcyl = val;
5391d806
FB		 1449 break;
1450 case 6:
7ae98627
FB		 1451 ide_if[0].select = (val & ~0x10) | 0xa0;
1452 ide_if[1].select = (val | 0x10) | 0xa0;
5391d806
FB		 1453 /* select drive */
1454 unit = (val >> 4) & 1;
1455 s = ide_if + unit;
1456 ide_if->cur_drive = s;
5391d806
FB		 1457 break;
1458 default:
1459 case 7:
1460 /* command */
1461#if defined(DEBUG_IDE)
1462 printf("ide: CMD=%02x\n", val);
1463#endif
c45c3d00 1464 s = ide_if->cur_drive;
66201e2d
FB		 1465 /* ignore commands to non existant slave */
1466 if (s != ide_if && !s->bs)
1467 break;
5391d806
FB		 1468 switch(val) {
1469 case WIN_IDENTIFY:
1470 if (s->bs && !s->is_cdrom) {
1471 ide_identify(s);
2a282056 1472 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 1473 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1474 } else {
1475 if (s->is_cdrom) {
1476 ide_set_signature(s);
1477 }
1478 ide_abort_command(s);
1479 }
1480 ide_set_irq(s);
1481 break;
1482 case WIN_SPECIFY:
1483 case WIN_RECAL:
a136e5a8 1484 s->error = 0;
769bec72 1485 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 1486 ide_set_irq(s);
1487 break;
1488 case WIN_SETMULT:
1489 if (s->nsector > MAX_MULT_SECTORS ||
1490 s->nsector == 0 ||
1491 (s->nsector & (s->nsector - 1)) != 0) {
1492 ide_abort_command(s);
1493 } else {
1494 s->mult_sectors = s->nsector;
1495 s->status = READY_STAT;
1496 }
1497 ide_set_irq(s);
1498 break;
4ce900b4
FB		 1499 case WIN_VERIFY:
1500 case WIN_VERIFY_ONCE:
1501 /* do sector number check ? */
1502 s->status = READY_STAT;
1503 ide_set_irq(s);
1504 break;
5391d806
FB		 1505 case WIN_READ:
1506 case WIN_READ_ONCE:
6b136f9e
FB		 1507 if (!s->bs)
1508 goto abort_cmd;
5391d806
FB		 1509 s->req_nb_sectors = 1;
1510 ide_sector_read(s);
1511 break;
1512 case WIN_WRITE:
1513 case WIN_WRITE_ONCE:
a136e5a8 1514 s->error = 0;
f66723fa 1515 s->status = SEEK_STAT | READY_STAT;
5391d806
FB		 1516 s->req_nb_sectors = 1;
1517 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1518 break;
1519 case WIN_MULTREAD:
1520 if (!s->mult_sectors)
1521 goto abort_cmd;
1522 s->req_nb_sectors = s->mult_sectors;
1523 ide_sector_read(s);
1524 break;
1525 case WIN_MULTWRITE:
1526 if (!s->mult_sectors)
1527 goto abort_cmd;
a136e5a8 1528 s->error = 0;
f66723fa 1529 s->status = SEEK_STAT | READY_STAT;
5391d806
FB		 1530 s->req_nb_sectors = s->mult_sectors;
1531 n = s->nsector;
1532 if (n > s->req_nb_sectors)
1533 n = s->req_nb_sectors;
1534 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1535 break;
98087450
FB		 1536 case WIN_READDMA:
1537 case WIN_READDMA_ONCE:
1538 if (!s->bs)
1539 goto abort_cmd;
1540 ide_sector_read_dma(s);
1541 break;
1542 case WIN_WRITEDMA:
1543 case WIN_WRITEDMA_ONCE:
1544 if (!s->bs)
1545 goto abort_cmd;
1546 ide_sector_write_dma(s);
1547 break;
5391d806
FB		 1548 case WIN_READ_NATIVE_MAX:
1549 ide_set_sector(s, s->nb_sectors - 1);
1550 s->status = READY_STAT;
1551 ide_set_irq(s);
1552 break;
a136e5a8
FB		 1553 case WIN_CHECKPOWERMODE1:
1554 s->nsector = 0xff; /* device active or idle */
1555 s->status = READY_STAT;
1556 ide_set_irq(s);
1557 break;
34e538ae
FB		 1558 case WIN_SETFEATURES:
1559 if (!s->bs)
1560 goto abort_cmd;
1561 /* XXX: valid for CDROM ? */
1562 switch(s->feature) {
1563 case 0x02: /* write cache enable */
98087450 1564 case 0x03: /* set transfer mode */
34e538ae
FB		 1565 case 0x82: /* write cache disable */
1566 case 0xaa: /* read look-ahead enable */
1567 case 0x55: /* read look-ahead disable */
e0fe67aa 1568 s->status = READY_STAT | SEEK_STAT;
34e538ae
FB		 1569 ide_set_irq(s);
1570 break;
1571 default:
1572 goto abort_cmd;
1573 }
1574 break;
a7dfe172 1575 case WIN_STANDBYNOW1:
c451ee71 1576 case WIN_IDLEIMMEDIATE:
a7dfe172
FB		 1577 s->status = READY_STAT;
1578 ide_set_irq(s);
1579 break;
5391d806
FB		 1580 /* ATAPI commands */
1581 case WIN_PIDENTIFY:
1582 if (s->is_cdrom) {
1583 ide_atapi_identify(s);
1584 s->status = READY_STAT;
1585 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1586 } else {
1587 ide_abort_command(s);
1588 }
1589 ide_set_irq(s);
1590 break;
c451ee71
FB		 1591 case WIN_DIAGNOSE:
1592 ide_set_signature(s);
1593 s->status = 0x00; /* NOTE: READY is _not_ set */
1594 s->error = 0x01;
1595 break;
5391d806
FB		 1596 case WIN_SRST:
1597 if (!s->is_cdrom)
1598 goto abort_cmd;
1599 ide_set_signature(s);
6b136f9e 1600 s->status = 0x00; /* NOTE: READY is _not_ set */
5391d806
FB		 1601 s->error = 0x01;
1602 break;
1603 case WIN_PACKETCMD:
1604 if (!s->is_cdrom)
1605 goto abort_cmd;
98087450
FB		 1606 /* overlapping commands not supported */
1607 if (s->feature & 0x02)
5391d806 1608 goto abort_cmd;
98087450 1609 s->atapi_dma = s->feature & 1;
5391d806
FB		 1610 s->nsector = 1;
1611 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
1612 ide_atapi_cmd);
1613 break;
1614 default:
1615 abort_cmd:
1616 ide_abort_command(s);
1617 ide_set_irq(s);
1618 break;
1619 }
1620 }
1621}
1622
caed8802 1623static uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
5391d806 1624{
7ae98627
FB		 1625 IDEState *ide_if = opaque;
1626 IDEState *s = ide_if->cur_drive;
5391d806
FB		 1627 uint32_t addr;
1628 int ret;
1629
1630 addr = addr1 & 7;
1631 switch(addr) {
1632 case 0:
1633 ret = 0xff;
1634 break;
1635 case 1:
7ae98627 1636 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00
FB		 1637 ret = 0;
1638 else
1639 ret = s->error;
5391d806
FB		 1640 break;
1641 case 2:
7ae98627 1642 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00
FB		 1643 ret = 0;
1644 else
1645 ret = s->nsector & 0xff;
5391d806
FB		 1646 break;
1647 case 3:
7ae98627 1648 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00
FB		 1649 ret = 0;
1650 else
1651 ret = s->sector;
5391d806
FB		 1652 break;
1653 case 4:
7ae98627 1654 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00
FB		 1655 ret = 0;
1656 else
1657 ret = s->lcyl;
5391d806
FB		 1658 break;
1659 case 5:
7ae98627 1660 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00
FB		 1661 ret = 0;
1662 else
1663 ret = s->hcyl;
5391d806
FB		 1664 break;
1665 case 6:
7ae98627 1666 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00
FB		 1667 ret = 0;
1668 else
7ae98627 1669 ret = s->select;
5391d806
FB		 1670 break;
1671 default:
1672 case 7:
66201e2d
FB		 1673 if ((!ide_if[0].bs && !ide_if[1].bs) ||
1674 (s != ide_if && !s->bs))
c45c3d00
FB		 1675 ret = 0;
1676 else
1677 ret = s->status;
1ade1de2
FB		 1678#ifdef TARGET_PPC
1679 if (s->openpic)
1680 openpic_set_irq(s->openpic, s->irq, 0);
1681 else
1682#endif
34e538ae
FB		 1683 if (s->irq == 16)
1684 pci_set_irq(s->pci_dev, 0, 0);
1685 else
1686 pic_set_irq(s->irq, 0);
5391d806
FB		 1687 break;
1688 }
1689#ifdef DEBUG_IDE
1690 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
1691#endif
1692 return ret;
1693}
1694
caed8802 1695static uint32_t ide_status_read(void *opaque, uint32_t addr)
5391d806 1696{
7ae98627
FB		 1697 IDEState *ide_if = opaque;
1698 IDEState *s = ide_if->cur_drive;
5391d806 1699 int ret;
7ae98627 1700
66201e2d
FB		 1701 if ((!ide_if[0].bs && !ide_if[1].bs) ||
1702 (s != ide_if && !s->bs))
7ae98627
FB		 1703 ret = 0;
1704 else
1705 ret = s->status;
5391d806
FB		 1706#ifdef DEBUG_IDE
1707 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
1708#endif
1709 return ret;
1710}
1711
caed8802 1712static void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
5391d806 1713{
caed8802 1714 IDEState *ide_if = opaque;
5391d806
FB		 1715 IDEState *s;
1716 int i;
1717
1718#ifdef DEBUG_IDE
1719 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
1720#endif
1721 /* common for both drives */
1722 if (!(ide_if[0].cmd & IDE_CMD_RESET) &&
1723 (val & IDE_CMD_RESET)) {
1724 /* reset low to high */
1725 for(i = 0;i < 2; i++) {
1726 s = &ide_if[i];
1727 s->status = BUSY_STAT | SEEK_STAT;
1728 s->error = 0x01;
1729 }
1730 } else if ((ide_if[0].cmd & IDE_CMD_RESET) &&
1731 !(val & IDE_CMD_RESET)) {
1732 /* high to low */
1733 for(i = 0;i < 2; i++) {
1734 s = &ide_if[i];
6b136f9e
FB		 1735 if (s->is_cdrom)
1736 s->status = 0x00; /* NOTE: READY is _not_ set */
1737 else
56bf1d37 1738 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 1739 ide_set_signature(s);
1740 }
1741 }
1742
1743 ide_if[0].cmd = val;
1744 ide_if[1].cmd = val;
1745}
1746
caed8802 1747static void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
5391d806 1748{
caed8802 1749 IDEState *s = ((IDEState *)opaque)->cur_drive;
5391d806
FB		 1750 uint8_t *p;
1751
1752 p = s->data_ptr;
0c4ad8dc 1753 *(uint16_t *)p = le16_to_cpu(val);
5391d806
FB		 1754 p += 2;
1755 s->data_ptr = p;
1756 if (p >= s->data_end)
1757 s->end_transfer_func(s);
1758}
1759
caed8802 1760static uint32_t ide_data_readw(void *opaque, uint32_t addr)
5391d806 1761{
caed8802 1762 IDEState *s = ((IDEState *)opaque)->cur_drive;
5391d806
FB		 1763 uint8_t *p;
1764 int ret;
1765 p = s->data_ptr;
0c4ad8dc 1766 ret = cpu_to_le16(*(uint16_t *)p);
5391d806
FB		 1767 p += 2;
1768 s->data_ptr = p;
1769 if (p >= s->data_end)
1770 s->end_transfer_func(s);
1771 return ret;
1772}
1773
caed8802 1774static void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
5391d806 1775{
caed8802 1776 IDEState *s = ((IDEState *)opaque)->cur_drive;
5391d806
FB		 1777 uint8_t *p;
1778
1779 p = s->data_ptr;
0c4ad8dc 1780 *(uint32_t *)p = le32_to_cpu(val);
5391d806
FB		 1781 p += 4;
1782 s->data_ptr = p;
1783 if (p >= s->data_end)
1784 s->end_transfer_func(s);
1785}
1786
caed8802 1787static uint32_t ide_data_readl(void *opaque, uint32_t addr)
5391d806 1788{
caed8802 1789 IDEState *s = ((IDEState *)opaque)->cur_drive;
5391d806
FB		 1790 uint8_t *p;
1791 int ret;
1792
1793 p = s->data_ptr;
0c4ad8dc 1794 ret = cpu_to_le32(*(uint32_t *)p);
5391d806
FB		 1795 p += 4;
1796 s->data_ptr = p;
1797 if (p >= s->data_end)
1798 s->end_transfer_func(s);
1799 return ret;
1800}
1801
a7dfe172
FB		 1802static void ide_dummy_transfer_stop(IDEState *s)
1803{
1804 s->data_ptr = s->io_buffer;
1805 s->data_end = s->io_buffer;
1806 s->io_buffer[0] = 0xff;
1807 s->io_buffer[1] = 0xff;
1808 s->io_buffer[2] = 0xff;
1809 s->io_buffer[3] = 0xff;
1810}
1811
5391d806
FB		 1812static void ide_reset(IDEState *s)
1813{
1814 s->mult_sectors = MAX_MULT_SECTORS;
1815 s->cur_drive = s;
1816 s->select = 0xa0;
1817 s->status = READY_STAT;
1818 ide_set_signature(s);
a7dfe172
FB		 1819 /* init the transfer handler so that 0xffff is returned on data
1820 accesses */
1821 s->end_transfer_func = ide_dummy_transfer_stop;
1822 ide_dummy_transfer_stop(s);
5391d806
FB		 1823}
1824
1825struct partition {
1826 uint8_t boot_ind; /* 0x80 - active */
1827 uint8_t head; /* starting head */
1828 uint8_t sector; /* starting sector */
1829 uint8_t cyl; /* starting cylinder */
1830 uint8_t sys_ind; /* What partition type */
1831 uint8_t end_head; /* end head */
1832 uint8_t end_sector; /* end sector */
1833 uint8_t end_cyl; /* end cylinder */
1834 uint32_t start_sect; /* starting sector counting from 0 */
1835 uint32_t nr_sects; /* nr of sectors in partition */
1836} __attribute__((packed));
1837
bf1b938f
FB		 1838/* try to guess the disk logical geometry from the MSDOS partition table. Return 0 if OK, -1 if could not guess */
1839static int guess_disk_lchs(IDEState *s,
1840 int *pcylinders, int *pheads, int *psectors)
5391d806
FB		 1841{
1842 uint8_t buf[512];
46d4767d 1843 int ret, i, heads, sectors, cylinders;
5391d806
FB		 1844 struct partition *p;
1845 uint32_t nr_sects;
1846
5391d806
FB		 1847 ret = bdrv_read(s->bs, 0, buf, 1);
1848 if (ret < 0)
bf1b938f 1849 return -1;
5391d806
FB		 1850 /* test msdos magic */
1851 if (buf[510] != 0x55 || buf[511] != 0xaa)
bf1b938f 1852 return -1;
5391d806
FB		 1853 for(i = 0; i < 4; i++) {
1854 p = ((struct partition *)(buf + 0x1be)) + i;
0c4ad8dc 1855 nr_sects = le32_to_cpu(p->nr_sects);
5391d806
FB		 1856 if (nr_sects && p->end_head) {
1857 /* We make the assumption that the partition terminates on
1858 a cylinder boundary */
46d4767d 1859 heads = p->end_head + 1;
46d4767d
FB		 1860 sectors = p->end_sector & 63;
1861 if (sectors == 0)
1862 continue;
1863 cylinders = s->nb_sectors / (heads * sectors);
1864 if (cylinders < 1 || cylinders > 16383)
1865 continue;
bf1b938f
FB		 1866 *pheads = heads;
1867 *psectors = sectors;
1868 *pcylinders = cylinders;
5391d806 1869#if 0
bf1b938f
FB		 1870 printf("guessed geometry: LCHS=%d %d %d\n",
1871 cylinders, heads, sectors);
5391d806 1872#endif
bf1b938f 1873 return 0;
5391d806
FB		 1874 }
1875 }
bf1b938f 1876 return -1;
5391d806
FB		 1877}
1878
69b91039
FB		 1879static void ide_init2(IDEState *ide_state, int irq,
1880 BlockDriverState *hd0, BlockDriverState *hd1)
5391d806 1881{
69b91039 1882 IDEState *s;
aedf5382 1883 static int drive_serial = 1;
bf1b938f 1884 int i, cylinders, heads, secs, translation;
5391d806 1885 int64_t nb_sectors;
5391d806 1886
caed8802
FB		 1887 for(i = 0; i < 2; i++) {
1888 s = ide_state + i;
1889 if (i == 0)
1890 s->bs = hd0;
1891 else
1892 s->bs = hd1;
5391d806
FB		 1893 if (s->bs) {
1894 bdrv_get_geometry(s->bs, &nb_sectors);
1895 s->nb_sectors = nb_sectors;
caed8802
FB		 1896 /* if a geometry hint is available, use it */
1897 bdrv_get_geometry_hint(s->bs, &cylinders, &heads, &secs);
1898 if (cylinders != 0) {
5391d806 1899 s->cylinders = cylinders;
caed8802
FB		 1900 s->heads = heads;
1901 s->sectors = secs;
1902 } else {
bf1b938f
FB		 1903 if (guess_disk_lchs(s, &cylinders, &heads, &secs) == 0) {
1904 if (heads > 16) {
1905 /* if heads > 16, it means that a BIOS LBA
1906 translation was active, so the default
1907 hardware geometry is OK */
1908 goto default_geometry;
1909 } else {
1910 s->cylinders = cylinders;
1911 s->heads = heads;
1912 s->sectors = secs;
1913 /* disable any translation to be in sync with
1914 the logical geometry */
1915 translation = bdrv_get_translation_hint(s->bs);
1916 if (translation == BIOS_ATA_TRANSLATION_AUTO) {
1917 bdrv_set_translation_hint(s->bs,
1918 BIOS_ATA_TRANSLATION_NONE);
1919 }
1920 }
1921 } else {
1922 default_geometry:
46d4767d 1923 /* if no geometry, use a standard physical disk geometry */
caed8802
FB		 1924 cylinders = nb_sectors / (16 * 63);
1925 if (cylinders > 16383)
1926 cylinders = 16383;
1927 else if (cylinders < 2)
1928 cylinders = 2;
1929 s->cylinders = cylinders;
1930 s->heads = 16;
1931 s->sectors = 63;
1932 }
769bec72 1933 bdrv_set_geometry_hint(s->bs, s->cylinders, s->heads, s->sectors);
caed8802
FB		 1934 }
1935 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
1936 s->is_cdrom = 1;
1937 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
5391d806
FB		 1938 }
1939 }
aedf5382 1940 s->drive_serial = drive_serial++;
caed8802 1941 s->irq = irq;
5391d806
FB		 1942 ide_reset(s);
1943 }
69b91039
FB		 1944}
1945
34e538ae 1946static void ide_init_ioport(IDEState *ide_state, int iobase, int iobase2)
69b91039 1947{
caed8802
FB		 1948 register_ioport_write(iobase, 8, 1, ide_ioport_write, ide_state);
1949 register_ioport_read(iobase, 8, 1, ide_ioport_read, ide_state);
1950 if (iobase2) {
1951 register_ioport_read(iobase2, 1, 1, ide_status_read, ide_state);
1952 register_ioport_write(iobase2, 1, 1, ide_cmd_write, ide_state);
5391d806 1953 }
caed8802
FB		 1954
1955 /* data ports */
1956 register_ioport_write(iobase, 2, 2, ide_data_writew, ide_state);
1957 register_ioport_read(iobase, 2, 2, ide_data_readw, ide_state);
1958 register_ioport_write(iobase, 4, 4, ide_data_writel, ide_state);
1959 register_ioport_read(iobase, 4, 4, ide_data_readl, ide_state);
5391d806 1960}
69b91039 1961
34e538ae
FB		 1962/***********************************************************/
1963/* ISA IDE definitions */
1964
1965void isa_ide_init(int iobase, int iobase2, int irq,
1966 BlockDriverState *hd0, BlockDriverState *hd1)
1967{
1968 IDEState *ide_state;
1969
1970 ide_state = qemu_mallocz(sizeof(IDEState) * 2);
1971 if (!ide_state)
1972 return;
1973
1974 ide_init2(ide_state, irq, hd0, hd1);
1975 ide_init_ioport(ide_state, iobase, iobase2);
1976}
1977
69b91039
FB		 1978/***********************************************************/
1979/* PCI IDE definitions */
1980
69b91039
FB		 1981static void ide_map(PCIDevice *pci_dev, int region_num,
1982 uint32_t addr, uint32_t size, int type)
1983{
1984 PCIIDEState *d = (PCIIDEState *)pci_dev;
1985 IDEState *ide_state;
1986
1987 if (region_num <= 3) {
1988 ide_state = &d->ide_if[(region_num >> 1) * 2];
1989 if (region_num & 1) {
1990 register_ioport_read(addr + 2, 1, 1, ide_status_read, ide_state);
1991 register_ioport_write(addr + 2, 1, 1, ide_cmd_write, ide_state);
1992 } else {
1993 register_ioport_write(addr, 8, 1, ide_ioport_write, ide_state);
1994 register_ioport_read(addr, 8, 1, ide_ioport_read, ide_state);
1995
1996 /* data ports */
1997 register_ioport_write(addr, 2, 2, ide_data_writew, ide_state);
1998 register_ioport_read(addr, 2, 2, ide_data_readw, ide_state);
1999 register_ioport_write(addr, 4, 4, ide_data_writel, ide_state);
2000 register_ioport_read(addr, 4, 4, ide_data_readl, ide_state);
2001 }
2002 }
2003}
2004
98087450
FB		 2005/* XXX: full callback usage to prepare non blocking I/Os support -
2006 error handling */
2007static void ide_dma_loop(BMDMAState *bm)
2008{
2009 struct {
2010 uint32_t addr;
2011 uint32_t size;
2012 } prd;
2013 target_phys_addr_t cur_addr;
2014 int len, i, len1;
2015
2016 cur_addr = bm->addr;
2017 /* at most one page to avoid hanging if erroneous parameters */
2018 for(i = 0; i < 512; i++) {
2019 cpu_physical_memory_read(cur_addr, (uint8_t *)&prd, 8);
2020 prd.addr = le32_to_cpu(prd.addr);
2021 prd.size = le32_to_cpu(prd.size);
2022#ifdef DEBUG_IDE
2023 printf("ide: dma: prd: %08x: addr=0x%08x size=0x%08x\n",
2024 (int)cur_addr, prd.addr, prd.size);
2025#endif
2026 len = prd.size & 0xfffe;
2027 if (len == 0)
2028 len = 0x10000;
2029 while (len > 0) {
2030 len1 = bm->dma_cb(bm->ide_if, prd.addr, len);
2031 if (len1 == 0)
2032 goto the_end;
2033 prd.addr += len1;
2034 len -= len1;
2035 }
2036 /* end of transfer */
2037 if (prd.size & 0x80000000)
2038 break;
2039 cur_addr += 8;
2040 }
2041 /* end of transfer */
2042 the_end:
2043 bm->status &= ~BM_STATUS_DMAING;
2044 bm->status |= BM_STATUS_INT;
2045 bm->dma_cb = NULL;
2046 bm->ide_if = NULL;
2047}
2048
2049static void ide_dma_start(IDEState *s, IDEDMAFunc *dma_cb)
2050{
2051 BMDMAState *bm = s->bmdma;
2052 if(!bm)
2053 return;
2054 bm->ide_if = s;
2055 bm->dma_cb = dma_cb;
2056 if (bm->status & BM_STATUS_DMAING) {
2057 ide_dma_loop(bm);
2058 }
2059}
2060
2061static uint32_t bmdma_cmd_readb(void *opaque, uint32_t addr)
2062{
2063 BMDMAState *bm = opaque;
2064 uint32_t val;
2065 val = bm->cmd;
2066#ifdef DEBUG_IDE
2067 printf("%s: 0x%08x\n", __func__, val);
2068#endif
2069 return val;
2070}
2071
2072static void bmdma_cmd_writeb(void *opaque, uint32_t addr, uint32_t val)
2073{
2074 BMDMAState *bm = opaque;
2075#ifdef DEBUG_IDE
2076 printf("%s: 0x%08x\n", __func__, val);
2077#endif
2078 if (!(val & BM_CMD_START)) {
2079 /* XXX: do it better */
2080 bm->status &= ~BM_STATUS_DMAING;
2081 bm->cmd = val & 0x09;
2082 } else {
2083 bm->status |= BM_STATUS_DMAING;
2084 bm->cmd = val & 0x09;
2085 /* start dma transfer if possible */
2086 if (bm->dma_cb)
2087 ide_dma_loop(bm);
2088 }
2089}
2090
2091static uint32_t bmdma_status_readb(void *opaque, uint32_t addr)
2092{
2093 BMDMAState *bm = opaque;
2094 uint32_t val;
2095 val = bm->status;
2096#ifdef DEBUG_IDE
2097 printf("%s: 0x%08x\n", __func__, val);
2098#endif
2099 return val;
2100}
2101
2102static void bmdma_status_writeb(void *opaque, uint32_t addr, uint32_t val)
2103{
2104 BMDMAState *bm = opaque;
2105#ifdef DEBUG_IDE
2106 printf("%s: 0x%08x\n", __func__, val);
2107#endif
2108 bm->status = (val & 0x60) | (bm->status & 1) | (bm->status & ~val & 0x06);
2109}
2110
2111static uint32_t bmdma_addr_readl(void *opaque, uint32_t addr)
2112{
2113 BMDMAState *bm = opaque;
2114 uint32_t val;
2115 val = bm->addr;
2116#ifdef DEBUG_IDE
2117 printf("%s: 0x%08x\n", __func__, val);
2118#endif
2119 return val;
2120}
2121
2122static void bmdma_addr_writel(void *opaque, uint32_t addr, uint32_t val)
2123{
2124 BMDMAState *bm = opaque;
2125#ifdef DEBUG_IDE
2126 printf("%s: 0x%08x\n", __func__, val);
2127#endif
2128 bm->addr = val & ~3;
2129}
2130
2131static void bmdma_map(PCIDevice *pci_dev, int region_num,
2132 uint32_t addr, uint32_t size, int type)
2133{
2134 PCIIDEState *d = (PCIIDEState *)pci_dev;
2135 int i;
2136
2137 for(i = 0;i < 2; i++) {
2138 BMDMAState *bm = &d->bmdma[i];
2139 d->ide_if[2 * i].bmdma = bm;
2140 d->ide_if[2 * i + 1].bmdma = bm;
2141
2142 register_ioport_write(addr, 1, 1, bmdma_cmd_writeb, bm);
2143 register_ioport_read(addr, 1, 1, bmdma_cmd_readb, bm);
2144
2145 register_ioport_write(addr + 2, 1, 1, bmdma_status_writeb, bm);
2146 register_ioport_read(addr + 2, 1, 1, bmdma_status_readb, bm);
2147
2148 register_ioport_write(addr + 4, 4, 4, bmdma_addr_writel, bm);
2149 register_ioport_read(addr + 4, 4, 4, bmdma_addr_readl, bm);
2150 addr += 8;
2151 }
2152}
2153
69b91039 2154/* hd_table must contain 4 block drivers */
46e50e9d 2155void pci_ide_init(PCIBus *bus, BlockDriverState **hd_table)
69b91039
FB		 2156{
2157 PCIIDEState *d;
2158 uint8_t *pci_conf;
34e538ae
FB		 2159 int i;
2160
46e50e9d
FB		 2161 d = (PCIIDEState *)pci_register_device(bus, "IDE", sizeof(PCIIDEState),
2162 -1,
73c11f63 2163 NULL, NULL);
69b91039
FB		 2164 pci_conf = d->dev.config;
2165 pci_conf[0x00] = 0x86; // Intel
2166 pci_conf[0x01] = 0x80;
2167 pci_conf[0x02] = 0x00; // fake
2168 pci_conf[0x03] = 0x01; // fake
2169 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2170 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2171 pci_conf[0x0e] = 0x80; // header_type = PCI_multifunction, generic
2172
2173 pci_conf[0x2c] = 0x86; // subsys vendor
2174 pci_conf[0x2d] = 0x80; // subsys vendor
2175 pci_conf[0x2e] = 0x00; // fake
2176 pci_conf[0x2f] = 0x01; // fake
2177
2178 pci_register_io_region((PCIDevice *)d, 0, 0x8,
2179 PCI_ADDRESS_SPACE_IO, ide_map);
2180 pci_register_io_region((PCIDevice *)d, 1, 0x4,
2181 PCI_ADDRESS_SPACE_IO, ide_map);
2182 pci_register_io_region((PCIDevice *)d, 2, 0x8,
2183 PCI_ADDRESS_SPACE_IO, ide_map);
2184 pci_register_io_region((PCIDevice *)d, 3, 0x4,
2185 PCI_ADDRESS_SPACE_IO, ide_map);
98087450
FB		 2186 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2187 PCI_ADDRESS_SPACE_IO, bmdma_map);
69b91039 2188
34e538ae
FB		 2189 pci_conf[0x3d] = 0x01; // interrupt on pin 1
2190
2191 for(i = 0; i < 4; i++)
2192 d->ide_if[i].pci_dev = (PCIDevice *)d;
2193 ide_init2(&d->ide_if[0], 16, hd_table[0], hd_table[1]);
2194 ide_init2(&d->ide_if[2], 16, hd_table[2], hd_table[3]);
2195}
2196
2197/* hd_table must contain 4 block drivers */
2198/* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
46e50e9d 2199void pci_piix3_ide_init(PCIBus *bus, BlockDriverState **hd_table)
34e538ae
FB		 2200{
2201 PCIIDEState *d;
2202 uint8_t *pci_conf;
2203
2204 /* register a function 1 of PIIX3 */
46e50e9d
FB		 2205 d = (PCIIDEState *)pci_register_device(bus, "PIIX3 IDE",
2206 sizeof(PCIIDEState),
2207 ((PCIDevice *)piix3_state)->devfn + 1,
34e538ae
FB		 2208 NULL, NULL);
2209 pci_conf = d->dev.config;
2210 pci_conf[0x00] = 0x86; // Intel
2211 pci_conf[0x01] = 0x80;
2212 pci_conf[0x02] = 0x10;
2213 pci_conf[0x03] = 0x70;
2214 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2215 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2216 pci_conf[0x0e] = 0x00; // header_type
2217
98087450
FB		 2218 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2219 PCI_ADDRESS_SPACE_IO, bmdma_map);
34e538ae 2220
69b91039
FB		 2221 ide_init2(&d->ide_if[0], 14, hd_table[0], hd_table[1]);
2222 ide_init2(&d->ide_if[2], 15, hd_table[2], hd_table[3]);
34e538ae
FB		 2223 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
2224 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
69b91039 2225}
1ade1de2
FB		 2226
2227/***********************************************************/
2228/* MacIO based PowerPC IDE */
2229
2230/* PowerMac IDE memory IO */
2231static void pmac_ide_writeb (void *opaque,
2232 target_phys_addr_t addr, uint32_t val)
2233{
2234 addr = (addr & 0xFFF) >> 4;
2235 switch (addr) {
2236 case 1 ... 7:
2237 ide_ioport_write(opaque, addr, val);
2238 break;
2239 case 8:
2240 case 22:
2241 ide_cmd_write(opaque, 0, val);
2242 break;
2243 default:
2244 break;
2245 }
2246}
2247
2248static uint32_t pmac_ide_readb (void *opaque,target_phys_addr_t addr)
2249{
2250 uint8_t retval;
2251
2252 addr = (addr & 0xFFF) >> 4;
2253 switch (addr) {
2254 case 1 ... 7:
2255 retval = ide_ioport_read(opaque, addr);
2256 break;
2257 case 8:
2258 case 22:
2259 retval = ide_status_read(opaque, 0);
2260 break;
2261 default:
2262 retval = 0xFF;
2263 break;
2264 }
2265 return retval;
2266}
2267
2268static void pmac_ide_writew (void *opaque,
2269 target_phys_addr_t addr, uint32_t val)
2270{
2271 addr = (addr & 0xFFF) >> 4;
2272#ifdef TARGET_WORDS_BIGENDIAN
2273 val = bswap16(val);
2274#endif
2275 if (addr == 0) {
2276 ide_data_writew(opaque, 0, val);
2277 }
2278}
2279
2280static uint32_t pmac_ide_readw (void *opaque,target_phys_addr_t addr)
2281{
2282 uint16_t retval;
2283
2284 addr = (addr & 0xFFF) >> 4;
2285 if (addr == 0) {
2286 retval = ide_data_readw(opaque, 0);
2287 } else {
2288 retval = 0xFFFF;
2289 }
2290#ifdef TARGET_WORDS_BIGENDIAN
2291 retval = bswap16(retval);
2292#endif
2293 return retval;
2294}
2295
2296static void pmac_ide_writel (void *opaque,
2297 target_phys_addr_t addr, uint32_t val)
2298{
2299 addr = (addr & 0xFFF) >> 4;
2300#ifdef TARGET_WORDS_BIGENDIAN
2301 val = bswap32(val);
2302#endif
2303 if (addr == 0) {
2304 ide_data_writel(opaque, 0, val);
2305 }
2306}
2307
2308static uint32_t pmac_ide_readl (void *opaque,target_phys_addr_t addr)
2309{
2310 uint32_t retval;
2311
2312 addr = (addr & 0xFFF) >> 4;
2313 if (addr == 0) {
2314 retval = ide_data_readl(opaque, 0);
2315 } else {
2316 retval = 0xFFFFFFFF;
2317 }
2318#ifdef TARGET_WORDS_BIGENDIAN
2319 retval = bswap32(retval);
2320#endif
2321 return retval;
2322}
2323
2324static CPUWriteMemoryFunc *pmac_ide_write[] = {
2325 pmac_ide_writeb,
2326 pmac_ide_writew,
2327 pmac_ide_writel,
2328};
2329
2330static CPUReadMemoryFunc *pmac_ide_read[] = {
2331 pmac_ide_readb,
2332 pmac_ide_readw,
2333 pmac_ide_readl,
2334};
2335
2336/* hd_table must contain 4 block drivers */
2337/* PowerMac uses memory mapped registers, not I/O. Return the memory
2338 I/O index to access the ide. */
2339int pmac_ide_init (BlockDriverState **hd_table,
2340 openpic_t *openpic, int irq)
2341{
2342 IDEState *ide_if;
2343 int pmac_ide_memory;
2344
2345 ide_if = qemu_mallocz(sizeof(IDEState) * 2);
2346 ide_init2(&ide_if[0], irq, hd_table[0], hd_table[1]);
2347 ide_if[0].openpic = openpic;
2348 ide_if[1].openpic = openpic;
2349
2350 pmac_ide_memory = cpu_register_io_memory(0, pmac_ide_read,
2351 pmac_ide_write, &ide_if[0]);
2352 return pmac_ide_memory;
2353}
Qemu copy for testing