]> git.proxmox.com Git - mirror_qemu.git/blame - hw/ide.c
projects / mirror_qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Remove FORCE_RET() and RETURN()
[mirror_qemu.git] / hw / ide.c
CommitLineData
5391d806 1/*
38cdea7c 2 * QEMU IDE disk and CD/DVD-ROM Emulator
5fafdf24 3 *
5391d806 4 * Copyright (c) 2003 Fabrice Bellard
201a51fc 5 * Copyright (c) 2006 Openedhand Ltd.
5fafdf24 6 *
5391d806
FB		 7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
87ecb68b
PB		 25#include "hw.h"
26#include "pc.h"
27#include "pci.h"
28#include "scsi-disk.h"
29#include "pcmcia.h"
30#include "block.h"
31#include "qemu-timer.h"
32#include "sysemu.h"
9596ebb7 33#include "ppc_mac.h"
5391d806 34
5391d806
FB		 35/* debug IDE devices */
36//#define DEBUG_IDE
37//#define DEBUG_IDE_ATAPI
8ccad811
FB		 38//#define DEBUG_AIO
39#define USE_DMA_CDROM
5391d806
FB		 40
41/* Bits of HD_STATUS */
42#define ERR_STAT 0x01
43#define INDEX_STAT 0x02
44#define ECC_STAT 0x04 /* Corrected error */
45#define DRQ_STAT 0x08
46#define SEEK_STAT 0x10
47#define SRV_STAT 0x10
48#define WRERR_STAT 0x20
49#define READY_STAT 0x40
50#define BUSY_STAT 0x80
51
52/* Bits for HD_ERROR */
53#define MARK_ERR 0x01 /* Bad address mark */
54#define TRK0_ERR 0x02 /* couldn't find track 0 */
55#define ABRT_ERR 0x04 /* Command aborted */
56#define MCR_ERR 0x08 /* media change request */
57#define ID_ERR 0x10 /* ID field not found */
58#define MC_ERR 0x20 /* media changed */
59#define ECC_ERR 0x40 /* Uncorrectable ECC error */
60#define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
61#define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
62
63/* Bits of HD_NSECTOR */
64#define CD 0x01
65#define IO 0x02
66#define REL 0x04
67#define TAG_MASK 0xf8
68
69#define IDE_CMD_RESET 0x04
70#define IDE_CMD_DISABLE_IRQ 0x02
71
72/* ATA/ATAPI Commands pre T13 Spec */
73#define WIN_NOP 0x00
74/*
75 * 0x01->0x02 Reserved
76 */
77#define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
78/*
79 * 0x04->0x07 Reserved
80 */
81#define WIN_SRST 0x08 /* ATAPI soft reset command */
82#define WIN_DEVICE_RESET 0x08
83/*
84 * 0x09->0x0F Reserved
85 */
86#define WIN_RECAL 0x10
87#define WIN_RESTORE WIN_RECAL
88/*
89 * 0x10->0x1F Reserved
90 */
91#define WIN_READ 0x20 /* 28-Bit */
92#define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
93#define WIN_READ_LONG 0x22 /* 28-Bit */
94#define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
95#define WIN_READ_EXT 0x24 /* 48-Bit */
96#define WIN_READDMA_EXT 0x25 /* 48-Bit */
97#define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
98#define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
99/*
100 * 0x28
101 */
102#define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
103/*
104 * 0x2A->0x2F Reserved
105 */
106#define WIN_WRITE 0x30 /* 28-Bit */
107#define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
108#define WIN_WRITE_LONG 0x32 /* 28-Bit */
109#define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
110#define WIN_WRITE_EXT 0x34 /* 48-Bit */
111#define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
112#define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
113#define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
114#define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
115#define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
116/*
117 * 0x3A->0x3B Reserved
118 */
119#define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
120/*
121 * 0x3D->0x3F Reserved
122 */
123#define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
124#define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
125#define WIN_VERIFY_EXT 0x42 /* 48-Bit */
126/*
127 * 0x43->0x4F Reserved
128 */
129#define WIN_FORMAT 0x50
130/*
131 * 0x51->0x5F Reserved
132 */
133#define WIN_INIT 0x60
134/*
135 * 0x61->0x5F Reserved
136 */
137#define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
138#define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
139#define WIN_DIAGNOSE 0x90
140#define WIN_SPECIFY 0x91 /* set drive geometry translation */
141#define WIN_DOWNLOAD_MICROCODE 0x92
142#define WIN_STANDBYNOW2 0x94
201a51fc 143#define CFA_IDLEIMMEDIATE 0x95 /* force drive to become "ready" */
5391d806
FB		 144#define WIN_STANDBY2 0x96
145#define WIN_SETIDLE2 0x97
146#define WIN_CHECKPOWERMODE2 0x98
147#define WIN_SLEEPNOW2 0x99
148/*
149 * 0x9A VENDOR
150 */
151#define WIN_PACKETCMD 0xA0 /* Send a packet command. */
152#define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
153#define WIN_QUEUED_SERVICE 0xA2
154#define WIN_SMART 0xB0 /* self-monitoring and reporting */
201a51fc
AZ		 155#define CFA_ACCESS_METADATA_STORAGE 0xB8
156#define CFA_ERASE_SECTORS 0xC0 /* microdrives implement as NOP */
5391d806
FB		 157#define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
158#define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
159#define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
160#define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
161#define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
162#define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
163#define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
164#define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
165#define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
166#define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
5fafdf24 167#define WIN_GETMEDIASTATUS 0xDA
5391d806
FB		 168#define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
169#define WIN_POSTBOOT 0xDC
170#define WIN_PREBOOT 0xDD
171#define WIN_DOORLOCK 0xDE /* lock door on removable drives */
172#define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
173#define WIN_STANDBYNOW1 0xE0
174#define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
175#define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
176#define WIN_SETIDLE1 0xE3
177#define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
178#define WIN_CHECKPOWERMODE1 0xE5
179#define WIN_SLEEPNOW1 0xE6
180#define WIN_FLUSH_CACHE 0xE7
181#define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
182#define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
183 /* SET_FEATURES 0x22 or 0xDD */
184#define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
185#define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
186#define WIN_MEDIAEJECT 0xED
187#define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
188#define WIN_SETFEATURES 0xEF /* set special drive features */
189#define EXABYTE_ENABLE_NEST 0xF0
201a51fc 190#define IBM_SENSE_CONDITION 0xF0 /* measure disk temperature */
5391d806
FB		 191#define WIN_SECURITY_SET_PASS 0xF1
192#define WIN_SECURITY_UNLOCK 0xF2
193#define WIN_SECURITY_ERASE_PREPARE 0xF3
194#define WIN_SECURITY_ERASE_UNIT 0xF4
195#define WIN_SECURITY_FREEZE_LOCK 0xF5
201a51fc 196#define CFA_WEAR_LEVEL 0xF5 /* microdrives implement as NOP */
5391d806
FB		 197#define WIN_SECURITY_DISABLE 0xF6
198#define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
199#define WIN_SET_MAX 0xF9
200#define DISABLE_SEAGATE 0xFB
201
202/* set to 1 set disable mult support */
f66723fa 203#define MAX_MULT_SECTORS 16
5391d806 204
1d8cde5b
AJ		 205#define IDE_DMA_BUF_SECTORS 256
206
207#if (IDE_DMA_BUF_SECTORS < MAX_MULT_SECTORS)
208#error "IDE_DMA_BUF_SECTORS must be bigger or equal to MAX_MULT_SECTORS"
209#endif
210
5391d806
FB		 211/* ATAPI defines */
212
213#define ATAPI_PACKET_SIZE 12
214
215/* The generic packet command opcodes for CD/DVD Logical Units,
216 * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
217#define GPCMD_BLANK 0xa1
218#define GPCMD_CLOSE_TRACK 0x5b
219#define GPCMD_FLUSH_CACHE 0x35
220#define GPCMD_FORMAT_UNIT 0x04
221#define GPCMD_GET_CONFIGURATION 0x46
222#define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
223#define GPCMD_GET_PERFORMANCE 0xac
224#define GPCMD_INQUIRY 0x12
225#define GPCMD_LOAD_UNLOAD 0xa6
226#define GPCMD_MECHANISM_STATUS 0xbd
227#define GPCMD_MODE_SELECT_10 0x55
228#define GPCMD_MODE_SENSE_10 0x5a
229#define GPCMD_PAUSE_RESUME 0x4b
230#define GPCMD_PLAY_AUDIO_10 0x45
231#define GPCMD_PLAY_AUDIO_MSF 0x47
232#define GPCMD_PLAY_AUDIO_TI 0x48
233#define GPCMD_PLAY_CD 0xbc
234#define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
235#define GPCMD_READ_10 0x28
236#define GPCMD_READ_12 0xa8
237#define GPCMD_READ_CDVD_CAPACITY 0x25
238#define GPCMD_READ_CD 0xbe
239#define GPCMD_READ_CD_MSF 0xb9
240#define GPCMD_READ_DISC_INFO 0x51
241#define GPCMD_READ_DVD_STRUCTURE 0xad
242#define GPCMD_READ_FORMAT_CAPACITIES 0x23
243#define GPCMD_READ_HEADER 0x44
244#define GPCMD_READ_TRACK_RZONE_INFO 0x52
245#define GPCMD_READ_SUBCHANNEL 0x42
246#define GPCMD_READ_TOC_PMA_ATIP 0x43
247#define GPCMD_REPAIR_RZONE_TRACK 0x58
248#define GPCMD_REPORT_KEY 0xa4
249#define GPCMD_REQUEST_SENSE 0x03
250#define GPCMD_RESERVE_RZONE_TRACK 0x53
251#define GPCMD_SCAN 0xba
252#define GPCMD_SEEK 0x2b
253#define GPCMD_SEND_DVD_STRUCTURE 0xad
254#define GPCMD_SEND_EVENT 0xa2
255#define GPCMD_SEND_KEY 0xa3
256#define GPCMD_SEND_OPC 0x54
257#define GPCMD_SET_READ_AHEAD 0xa7
258#define GPCMD_SET_STREAMING 0xb6
259#define GPCMD_START_STOP_UNIT 0x1b
260#define GPCMD_STOP_PLAY_SCAN 0x4e
261#define GPCMD_TEST_UNIT_READY 0x00
262#define GPCMD_VERIFY_10 0x2f
263#define GPCMD_WRITE_10 0x2a
264#define GPCMD_WRITE_AND_VERIFY_10 0x2e
5fafdf24 265/* This is listed as optional in ATAPI 2.6, but is (curiously)
5391d806
FB		 266 * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
267 * Table 377 as an MMC command for SCSi devices though... Most ATAPI
268 * drives support it. */
269#define GPCMD_SET_SPEED 0xbb
5fafdf24 270/* This seems to be a SCSI specific CD-ROM opcode
5391d806
FB		 271 * to play data at track/index */
272#define GPCMD_PLAYAUDIO_TI 0x48
273/*
274 * From MS Media Status Notification Support Specification. For
275 * older drives only.
276 */
277#define GPCMD_GET_MEDIA_STATUS 0xda
d14049ea 278#define GPCMD_MODE_SENSE_6 0x1a
5391d806
FB		 279
280/* Mode page codes for mode sense/set */
281#define GPMODE_R_W_ERROR_PAGE 0x01
282#define GPMODE_WRITE_PARMS_PAGE 0x05
283#define GPMODE_AUDIO_CTL_PAGE 0x0e
284#define GPMODE_POWER_PAGE 0x1a
285#define GPMODE_FAULT_FAIL_PAGE 0x1c
286#define GPMODE_TO_PROTECT_PAGE 0x1d
287#define GPMODE_CAPABILITIES_PAGE 0x2a
288#define GPMODE_ALL_PAGES 0x3f
289/* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
290 * of MODE_SENSE_POWER_PAGE */
291#define GPMODE_CDROM_PAGE 0x0d
292
38cdea7c
AZ		 293/*
294 * Based on values from <linux/cdrom.h> but extending CD_MINS
295 * to the maximum common size allowed by the Orange's Book ATIP
296 *
297 * 90 and 99 min CDs are also available but using them as the
298 * upper limit reduces the effectiveness of the heuristic to
299 * detect DVDs burned to less than 25% of their maximum capacity
300 */
301
302/* Some generally useful CD-ROM information */
303#define CD_MINS 80 /* max. minutes per CD */
304#define CD_SECS 60 /* seconds per minute */
305#define CD_FRAMES 75 /* frames per second */
306#define CD_FRAMESIZE 2048 /* bytes per frame, "cooked" mode */
307#define CD_MAX_BYTES (CD_MINS * CD_SECS * CD_FRAMES * CD_FRAMESIZE)
308#define CD_MAX_SECTORS (CD_MAX_BYTES / 512)
309
310/*
311 * The MMC values are not IDE specific and might need to be moved
312 * to a common header if they are also needed for the SCSI emulation
313 */
314
315/* Profile list from MMC-6 revision 1 table 91 */
316#define MMC_PROFILE_NONE 0x0000
317#define MMC_PROFILE_CD_ROM 0x0008
318#define MMC_PROFILE_CD_R 0x0009
319#define MMC_PROFILE_CD_RW 0x000A
320#define MMC_PROFILE_DVD_ROM 0x0010
321#define MMC_PROFILE_DVD_R_SR 0x0011
322#define MMC_PROFILE_DVD_RAM 0x0012
323#define MMC_PROFILE_DVD_RW_RO 0x0013
324#define MMC_PROFILE_DVD_RW_SR 0x0014
325#define MMC_PROFILE_DVD_R_DL_SR 0x0015
326#define MMC_PROFILE_DVD_R_DL_JR 0x0016
327#define MMC_PROFILE_DVD_RW_DL 0x0017
328#define MMC_PROFILE_DVD_DDR 0x0018
329#define MMC_PROFILE_DVD_PLUS_RW 0x001A
330#define MMC_PROFILE_DVD_PLUS_R 0x001B
331#define MMC_PROFILE_DVD_PLUS_RW_DL 0x002A
332#define MMC_PROFILE_DVD_PLUS_R_DL 0x002B
333#define MMC_PROFILE_BD_ROM 0x0040
334#define MMC_PROFILE_BD_R_SRM 0x0041
335#define MMC_PROFILE_BD_R_RRM 0x0042
336#define MMC_PROFILE_BD_RE 0x0043
337#define MMC_PROFILE_HDDVD_ROM 0x0050
338#define MMC_PROFILE_HDDVD_R 0x0051
339#define MMC_PROFILE_HDDVD_RAM 0x0052
340#define MMC_PROFILE_HDDVD_RW 0x0053
341#define MMC_PROFILE_HDDVD_R_DL 0x0058
342#define MMC_PROFILE_HDDVD_RW_DL 0x005A
343#define MMC_PROFILE_INVALID 0xFFFF
344
5391d806
FB		 345#define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
346#define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
347#define ATAPI_INT_REASON_REL 0x04
348#define ATAPI_INT_REASON_TAG 0xf8
349
350/* same constants as bochs */
7f777bf3 351#define ASC_ILLEGAL_OPCODE 0x20
5391d806
FB		 352#define ASC_LOGICAL_BLOCK_OOR 0x21
353#define ASC_INV_FIELD_IN_CMD_PACKET 0x24
9118e7f0 354#define ASC_MEDIUM_MAY_HAVE_CHANGED 0x28
8114e9e8 355#define ASC_INCOMPATIBLE_FORMAT 0x30
5391d806
FB		 356#define ASC_MEDIUM_NOT_PRESENT 0x3a
357#define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
358
201a51fc
AZ		 359#define CFA_NO_ERROR 0x00
360#define CFA_MISC_ERROR 0x09
361#define CFA_INVALID_COMMAND 0x20
362#define CFA_INVALID_ADDRESS 0x21
363#define CFA_ADDRESS_OVERFLOW 0x2f
364
5391d806
FB		 365#define SENSE_NONE 0
366#define SENSE_NOT_READY 2
367#define SENSE_ILLEGAL_REQUEST 5
368#define SENSE_UNIT_ATTENTION 6
369
370struct IDEState;
371
372typedef void EndTransferFunc(struct IDEState *);
373
caed8802 374/* NOTE: IDEState represents in fact one drive */
5391d806
FB		 375typedef struct IDEState {
376 /* ide config */
377 int is_cdrom;
201a51fc 378 int is_cf;
5391d806
FB		 379 int cylinders, heads, sectors;
380 int64_t nb_sectors;
381 int mult_sectors;
94458802
FB		 382 int identify_set;
383 uint16_t identify_data[256];
d537cf6c 384 qemu_irq irq;
34e538ae 385 PCIDevice *pci_dev;
98087450 386 struct BMDMAState *bmdma;
aedf5382 387 int drive_serial;
5391d806
FB		 388 /* ide regs */
389 uint8_t feature;
390 uint8_t error;
c2ff060f 391 uint32_t nsector;
5391d806
FB		 392 uint8_t sector;
393 uint8_t lcyl;
394 uint8_t hcyl;
c2ff060f
FB		 395 /* other part of tf for lba48 support */
396 uint8_t hob_feature;
397 uint8_t hob_nsector;
398 uint8_t hob_sector;
399 uint8_t hob_lcyl;
400 uint8_t hob_hcyl;
401
5391d806
FB		 402 uint8_t select;
403 uint8_t status;
c2ff060f 404
5391d806
FB		 405 /* 0x3f6 command, only meaningful for drive 0 */
406 uint8_t cmd;
c2ff060f
FB		 407 /* set for lba48 access */
408 uint8_t lba48;
5391d806 409 /* depends on bit 4 in select, only meaningful for drive 0 */
5fafdf24 410 struct IDEState *cur_drive;
5391d806
FB		 411 BlockDriverState *bs;
412 /* ATAPI specific */
413 uint8_t sense_key;
414 uint8_t asc;
415 int packet_transfer_size;
416 int elementary_transfer_size;
417 int io_buffer_index;
418 int lba;
98087450
FB		 419 int cd_sector_size;
420 int atapi_dma; /* true if dma is requested for the packet cmd */
421 /* ATA DMA state */
422 int io_buffer_size;
423 /* PIO transfer handling */
5391d806
FB		 424 int req_nb_sectors; /* number of sectors per interrupt */
425 EndTransferFunc *end_transfer_func;
426 uint8_t *data_ptr;
427 uint8_t *data_end;
33f00271 428 uint8_t *io_buffer;
31c2a146 429 QEMUTimer *sector_write_timer; /* only used for win2k install hack */
e774a278 430 uint32_t irq_count; /* counts IRQs when using win2k install hack */
201a51fc
AZ		 431 /* CF-ATA extended error */
432 uint8_t ext_error;
433 /* CF-ATA metadata storage */
434 uint32_t mdata_size;
435 uint8_t *mdata_storage;
436 int media_changed;
5391d806
FB		 437} IDEState;
438
8114e9e8
TS		 439/* XXX: DVDs that could fit on a CD will be reported as a CD */
440static inline int media_present(IDEState *s)
441{
442 return (s->nb_sectors > 0);
443}
444
445static inline int media_is_dvd(IDEState *s)
446{
447 return (media_present(s) && s->nb_sectors > CD_MAX_SECTORS);
448}
449
450static inline int media_is_cd(IDEState *s)
451{
452 return (media_present(s) && s->nb_sectors <= CD_MAX_SECTORS);
453}
454
98087450
FB		 455#define BM_STATUS_DMAING 0x01
456#define BM_STATUS_ERROR 0x02
457#define BM_STATUS_INT 0x04
458
459#define BM_CMD_START 0x01
460#define BM_CMD_READ 0x08
461
5457c8ce
FB		 462#define IDE_TYPE_PIIX3 0
463#define IDE_TYPE_CMD646 1
afcc3cdf 464#define IDE_TYPE_PIIX4 2
5457c8ce
FB		 465
466/* CMD646 specific */
467#define MRDMODE 0x71
468#define MRDMODE_INTR_CH0 0x04
469#define MRDMODE_INTR_CH1 0x08
470#define MRDMODE_BLK_CH0 0x10
471#define MRDMODE_BLK_CH1 0x20
472#define UDIDETCR0 0x73
473#define UDIDETCR1 0x7B
474
98087450
FB		 475typedef struct BMDMAState {
476 uint8_t cmd;
477 uint8_t status;
478 uint32_t addr;
3b46e624 479
5457c8ce 480 struct PCIIDEState *pci_dev;
98087450 481 /* current transfer state */
8ccad811
FB		 482 uint32_t cur_addr;
483 uint32_t cur_prd_last;
484 uint32_t cur_prd_addr;
485 uint32_t cur_prd_len;
98087450 486 IDEState *ide_if;
8ccad811
FB		 487 BlockDriverCompletionFunc *dma_cb;
488 BlockDriverAIOCB *aiocb;
98087450
FB		 489} BMDMAState;
490
491typedef struct PCIIDEState {
492 PCIDevice dev;
493 IDEState ide_if[4];
494 BMDMAState bmdma[2];
5457c8ce 495 int type; /* see IDE_TYPE_xxx */
98087450
FB		 496} PCIIDEState;
497
8ccad811 498static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb);
5f12ab4b 499static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
98087450 500
5391d806
FB		 501static void padstr(char *str, const char *src, int len)
502{
503 int i, v;
504 for(i = 0; i < len; i++) {
505 if (*src)
506 v = *src++;
507 else
508 v = ' ';
69b34976 509 str[i^1] = v;
5391d806
FB		 510 }
511}
512
bd0d90b2
FB		 513static void padstr8(uint8_t *buf, int buf_size, const char *src)
514{
515 int i;
516 for(i = 0; i < buf_size; i++) {
517 if (*src)
518 buf[i] = *src++;
519 else
520 buf[i] = ' ';
521 }
522}
523
67b915a5
FB		 524static void put_le16(uint16_t *p, unsigned int v)
525{
0c4ad8dc 526 *p = cpu_to_le16(v);
67b915a5
FB		 527}
528
5391d806
FB		 529static void ide_identify(IDEState *s)
530{
531 uint16_t *p;
532 unsigned int oldsize;
aedf5382 533 char buf[20];
5391d806 534
94458802
FB		 535 if (s->identify_set) {
536 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
537 return;
538 }
539
5391d806
FB		 540 memset(s->io_buffer, 0, 512);
541 p = (uint16_t *)s->io_buffer;
67b915a5 542 put_le16(p + 0, 0x0040);
5fafdf24 543 put_le16(p + 1, s->cylinders);
67b915a5
FB		 544 put_le16(p + 3, s->heads);
545 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
546 put_le16(p + 5, 512); /* XXX: retired, remove ? */
5fafdf24 547 put_le16(p + 6, s->sectors);
aedf5382 548 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
60fe76f3 549 padstr((char *)(p + 10), buf, 20); /* serial number */
67b915a5
FB		 550 put_le16(p + 20, 3); /* XXX: retired, remove ? */
551 put_le16(p + 21, 512); /* cache size in sectors */
552 put_le16(p + 22, 4); /* ecc bytes */
60fe76f3
TS		 553 padstr((char *)(p + 23), QEMU_VERSION, 8); /* firmware version */
554 padstr((char *)(p + 27), "QEMU HARDDISK", 40); /* model */
3b46e624 555#if MAX_MULT_SECTORS > 1
67b915a5 556 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
5391d806 557#endif
67b915a5 558 put_le16(p + 48, 1); /* dword I/O */
94458802 559 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
67b915a5
FB		 560 put_le16(p + 51, 0x200); /* PIO transfer cycle */
561 put_le16(p + 52, 0x200); /* DMA transfer cycle */
94458802 562 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
67b915a5
FB		 563 put_le16(p + 54, s->cylinders);
564 put_le16(p + 55, s->heads);
565 put_le16(p + 56, s->sectors);
5391d806 566 oldsize = s->cylinders * s->heads * s->sectors;
67b915a5
FB		 567 put_le16(p + 57, oldsize);
568 put_le16(p + 58, oldsize >> 16);
5391d806 569 if (s->mult_sectors)
67b915a5
FB		 570 put_le16(p + 59, 0x100 | s->mult_sectors);
571 put_le16(p + 60, s->nb_sectors);
572 put_le16(p + 61, s->nb_sectors >> 16);
d1b5c20d 573 put_le16(p + 62, 0x07); /* single word dma0-2 supported */
94458802
FB		 574 put_le16(p + 63, 0x07); /* mdma0-2 supported */
575 put_le16(p + 65, 120);
576 put_le16(p + 66, 120);
577 put_le16(p + 67, 120);
578 put_le16(p + 68, 120);
579 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
580 put_le16(p + 81, 0x16); /* conforms to ata5 */
67b915a5 581 put_le16(p + 82, (1 << 14));
c2ff060f
FB		 582 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
583 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
67b915a5
FB		 584 put_le16(p + 84, (1 << 14));
585 put_le16(p + 85, (1 << 14));
c2ff060f
FB		 586 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
587 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
67b915a5 588 put_le16(p + 87, (1 << 14));
94458802
FB		 589 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
590 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
c2ff060f
FB		 591 put_le16(p + 100, s->nb_sectors);
592 put_le16(p + 101, s->nb_sectors >> 16);
593 put_le16(p + 102, s->nb_sectors >> 32);
594 put_le16(p + 103, s->nb_sectors >> 48);
94458802
FB		 595
596 memcpy(s->identify_data, p, sizeof(s->identify_data));
597 s->identify_set = 1;
5391d806
FB		 598}
599
600static void ide_atapi_identify(IDEState *s)
601{
602 uint16_t *p;
aedf5382 603 char buf[20];
5391d806 604
94458802
FB		 605 if (s->identify_set) {
606 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
607 return;
608 }
609
5391d806
FB		 610 memset(s->io_buffer, 0, 512);
611 p = (uint16_t *)s->io_buffer;
612 /* Removable CDROM, 50us response, 12 byte packets */
67b915a5 613 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
aedf5382 614 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
60fe76f3 615 padstr((char *)(p + 10), buf, 20); /* serial number */
67b915a5
FB		 616 put_le16(p + 20, 3); /* buffer type */
617 put_le16(p + 21, 512); /* cache size in sectors */
618 put_le16(p + 22, 4); /* ecc bytes */
60fe76f3 619 padstr((char *)(p + 23), QEMU_VERSION, 8); /* firmware version */
38cdea7c 620 padstr((char *)(p + 27), "QEMU DVD-ROM", 40); /* model */
67b915a5 621 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
8ccad811
FB		 622#ifdef USE_DMA_CDROM
623 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
624 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
d1b5c20d 625 put_le16(p + 62, 7); /* single word dma0-2 supported */
8ccad811
FB		 626 put_le16(p + 63, 7); /* mdma0-2 supported */
627 put_le16(p + 64, 0x3f); /* PIO modes supported */
628#else
67b915a5
FB		 629 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
630 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
631 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
632 put_le16(p + 64, 1); /* PIO modes */
8ccad811 633#endif
67b915a5
FB		 634 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
635 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
636 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
637 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
94458802 638
67b915a5
FB		 639 put_le16(p + 71, 30); /* in ns */
640 put_le16(p + 72, 30); /* in ns */
5391d806 641
67b915a5 642 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
8ccad811
FB		 643#ifdef USE_DMA_CDROM
644 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
645#endif
94458802
FB		 646 memcpy(s->identify_data, p, sizeof(s->identify_data));
647 s->identify_set = 1;
5391d806
FB		 648}
649
201a51fc
AZ		 650static void ide_cfata_identify(IDEState *s)
651{
652 uint16_t *p;
653 uint32_t cur_sec;
654 char buf[20];
655
656 p = (uint16_t *) s->identify_data;
657 if (s->identify_set)
658 goto fill_buffer;
659
660 memset(p, 0, sizeof(s->identify_data));
661
662 cur_sec = s->cylinders * s->heads * s->sectors;
663
664 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
665 put_le16(p + 1, s->cylinders); /* Default cylinders */
666 put_le16(p + 3, s->heads); /* Default heads */
667 put_le16(p + 6, s->sectors); /* Default sectors per track */
668 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
669 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
670 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
60fe76f3 671 padstr((char *)(p + 10), buf, 20); /* Serial number in ASCII */
201a51fc 672 put_le16(p + 22, 0x0004); /* ECC bytes */
60fe76f3
TS		 673 padstr((char *) (p + 23), QEMU_VERSION, 8); /* Firmware Revision */
674 padstr((char *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */
201a51fc
AZ		 675#if MAX_MULT_SECTORS > 1
676 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
677#else
678 put_le16(p + 47, 0x0000);
679#endif
680 put_le16(p + 49, 0x0f00); /* Capabilities */
681 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
682 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
683 put_le16(p + 53, 0x0003); /* Translation params valid */
684 put_le16(p + 54, s->cylinders); /* Current cylinders */
685 put_le16(p + 55, s->heads); /* Current heads */
686 put_le16(p + 56, s->sectors); /* Current sectors */
687 put_le16(p + 57, cur_sec); /* Current capacity */
688 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
689 if (s->mult_sectors) /* Multiple sector setting */
690 put_le16(p + 59, 0x100 | s->mult_sectors);
691 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
692 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
693 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
694 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
695 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
696 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
697 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
698 put_le16(p + 82, 0x400c); /* Command Set supported */
699 put_le16(p + 83, 0x7068); /* Command Set supported */
700 put_le16(p + 84, 0x4000); /* Features supported */
701 put_le16(p + 85, 0x000c); /* Command Set enabled */
702 put_le16(p + 86, 0x7044); /* Command Set enabled */
703 put_le16(p + 87, 0x4000); /* Features enabled */
704 put_le16(p + 91, 0x4060); /* Current APM level */
705 put_le16(p + 129, 0x0002); /* Current features option */
706 put_le16(p + 130, 0x0005); /* Reassigned sectors */
707 put_le16(p + 131, 0x0001); /* Initial power mode */
708 put_le16(p + 132, 0x0000); /* User signature */
709 put_le16(p + 160, 0x8100); /* Power requirement */
710 put_le16(p + 161, 0x8001); /* CF command set */
711
712 s->identify_set = 1;
713
714fill_buffer:
715 memcpy(s->io_buffer, p, sizeof(s->identify_data));
716}
717
5391d806
FB		 718static void ide_set_signature(IDEState *s)
719{
720 s->select &= 0xf0; /* clear head */
721 /* put signature */
722 s->nsector = 1;
723 s->sector = 1;
724 if (s->is_cdrom) {
725 s->lcyl = 0x14;
726 s->hcyl = 0xeb;
727 } else if (s->bs) {
728 s->lcyl = 0;
729 s->hcyl = 0;
730 } else {
731 s->lcyl = 0xff;
732 s->hcyl = 0xff;
733 }
734}
735
736static inline void ide_abort_command(IDEState *s)
737{
738 s->status = READY_STAT | ERR_STAT;
739 s->error = ABRT_ERR;
740}
741
5604e090
AZ		 742static inline void ide_dma_submit_check(IDEState *s,
743 BlockDriverCompletionFunc *dma_cb, BMDMAState *bm)
744{
745 if (bm->aiocb)
746 return;
747 dma_cb(bm, -1);
748}
749
5391d806
FB		 750static inline void ide_set_irq(IDEState *s)
751{
98ff7d30 752 BMDMAState *bm = s->bmdma;
5391d806 753 if (!(s->cmd & IDE_CMD_DISABLE_IRQ)) {
5457c8ce 754 if (bm) {
98ff7d30 755 bm->status |= BM_STATUS_INT;
5457c8ce 756 }
d537cf6c 757 qemu_irq_raise(s->irq);
5391d806
FB		 758 }
759}
760
761/* prepare data transfer and tell what to do after */
5fafdf24 762static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
5391d806
FB		 763 EndTransferFunc *end_transfer_func)
764{
765 s->end_transfer_func = end_transfer_func;
766 s->data_ptr = buf;
767 s->data_end = buf + size;
7603d156
TS		 768 if (!(s->status & ERR_STAT))
769 s->status |= DRQ_STAT;
5391d806
FB		 770}
771
772static void ide_transfer_stop(IDEState *s)
773{
774 s->end_transfer_func = ide_transfer_stop;
775 s->data_ptr = s->io_buffer;
776 s->data_end = s->io_buffer;
777 s->status &= ~DRQ_STAT;
778}
779
780static int64_t ide_get_sector(IDEState *s)
781{
782 int64_t sector_num;
783 if (s->select & 0x40) {
784 /* lba */
c2ff060f
FB		 785 if (!s->lba48) {
786 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
787 (s->lcyl << 8) | s->sector;
788 } else {
789 sector_num = ((int64_t)s->hob_hcyl << 40) |
790 ((int64_t) s->hob_lcyl << 32) |
791 ((int64_t) s->hob_sector << 24) |
792 ((int64_t) s->hcyl << 16) |
793 ((int64_t) s->lcyl << 8) | s->sector;
794 }
5391d806
FB		 795 } else {
796 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
c2ff060f 797 (s->select & 0x0f) * s->sectors + (s->sector - 1);
5391d806
FB		 798 }
799 return sector_num;
800}
801
802static void ide_set_sector(IDEState *s, int64_t sector_num)
803{
804 unsigned int cyl, r;
805 if (s->select & 0x40) {
c2ff060f
FB		 806 if (!s->lba48) {
807 s->select = (s->select & 0xf0) | (sector_num >> 24);
808 s->hcyl = (sector_num >> 16);
809 s->lcyl = (sector_num >> 8);
810 s->sector = (sector_num);
811 } else {
812 s->sector = sector_num;
813 s->lcyl = sector_num >> 8;
814 s->hcyl = sector_num >> 16;
815 s->hob_sector = sector_num >> 24;
816 s->hob_lcyl = sector_num >> 32;
817 s->hob_hcyl = sector_num >> 40;
818 }
5391d806
FB		 819 } else {
820 cyl = sector_num / (s->heads * s->sectors);
821 r = sector_num % (s->heads * s->sectors);
822 s->hcyl = cyl >> 8;
823 s->lcyl = cyl;
1b8eb456 824 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
5391d806
FB		 825 s->sector = (r % s->sectors) + 1;
826 }
827}
828
e162cfb0
AZ		 829static void ide_rw_error(IDEState *s) {
830 ide_abort_command(s);
831 ide_set_irq(s);
832}
833
5391d806
FB		 834static void ide_sector_read(IDEState *s)
835{
836 int64_t sector_num;
837 int ret, n;
838
839 s->status = READY_STAT | SEEK_STAT;
a136e5a8 840 s->error = 0; /* not needed by IDE spec, but needed by Windows */
5391d806
FB		 841 sector_num = ide_get_sector(s);
842 n = s->nsector;
843 if (n == 0) {
844 /* no more sector to read from disk */
845 ide_transfer_stop(s);
846 } else {
847#if defined(DEBUG_IDE)
18c5f8ea 848 printf("read sector=%" PRId64 "\n", sector_num);
5391d806
FB		 849#endif
850 if (n > s->req_nb_sectors)
851 n = s->req_nb_sectors;
852 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
e162cfb0
AZ		 853 if (ret != 0) {
854 ide_rw_error(s);
855 return;
856 }
5391d806
FB		 857 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
858 ide_set_irq(s);
859 ide_set_sector(s, sector_num + n);
860 s->nsector -= n;
861 }
862}
863
e162cfb0
AZ		 864static void ide_dma_error(IDEState *s)
865{
866 ide_transfer_stop(s);
867 s->error = ABRT_ERR;
868 s->status = READY_STAT | ERR_STAT;
869 ide_set_irq(s);
870}
871
8ccad811
FB		 872/* return 0 if buffer completed */
873static int dma_buf_rw(BMDMAState *bm, int is_write)
98087450 874{
8ccad811
FB		 875 IDEState *s = bm->ide_if;
876 struct {
877 uint32_t addr;
878 uint32_t size;
879 } prd;
880 int l, len;
98087450 881
8ccad811
FB		 882 for(;;) {
883 l = s->io_buffer_size - s->io_buffer_index;
5fafdf24 884 if (l <= 0)
8ccad811
FB		 885 break;
886 if (bm->cur_prd_len == 0) {
887 /* end of table (with a fail safe of one page) */
888 if (bm->cur_prd_last ||
889 (bm->cur_addr - bm->addr) >= 4096)
890 return 0;
891 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
892 bm->cur_addr += 8;
893 prd.addr = le32_to_cpu(prd.addr);
894 prd.size = le32_to_cpu(prd.size);
895 len = prd.size & 0xfffe;
896 if (len == 0)
897 len = 0x10000;
898 bm->cur_prd_len = len;
899 bm->cur_prd_addr = prd.addr;
900 bm->cur_prd_last = (prd.size & 0x80000000);
901 }
902 if (l > bm->cur_prd_len)
903 l = bm->cur_prd_len;
904 if (l > 0) {
905 if (is_write) {
5fafdf24 906 cpu_physical_memory_write(bm->cur_prd_addr,
8ccad811
FB		 907 s->io_buffer + s->io_buffer_index, l);
908 } else {
5fafdf24 909 cpu_physical_memory_read(bm->cur_prd_addr,
8ccad811
FB		 910 s->io_buffer + s->io_buffer_index, l);
911 }
912 bm->cur_prd_addr += l;
913 bm->cur_prd_len -= l;
914 s->io_buffer_index += l;
98087450 915 }
98087450 916 }
8ccad811
FB		 917 return 1;
918}
919
8ccad811
FB		 920static void ide_read_dma_cb(void *opaque, int ret)
921{
922 BMDMAState *bm = opaque;
923 IDEState *s = bm->ide_if;
924 int n;
925 int64_t sector_num;
926
e162cfb0
AZ		 927 if (ret < 0) {
928 ide_dma_error(s);
929 return;
930 }
931
8ccad811
FB		 932 n = s->io_buffer_size >> 9;
933 sector_num = ide_get_sector(s);
934 if (n > 0) {
935 sector_num += n;
936 ide_set_sector(s, sector_num);
937 s->nsector -= n;
938 if (dma_buf_rw(bm, 1) == 0)
939 goto eot;
940 }
941
942 /* end of transfer ? */
943 if (s->nsector == 0) {
98087450
FB		 944 s->status = READY_STAT | SEEK_STAT;
945 ide_set_irq(s);
8ccad811
FB		 946 eot:
947 bm->status &= ~BM_STATUS_DMAING;
948 bm->status |= BM_STATUS_INT;
949 bm->dma_cb = NULL;
950 bm->ide_if = NULL;
951 bm->aiocb = NULL;
952 return;
98087450 953 }
8ccad811
FB		 954
955 /* launch next transfer */
956 n = s->nsector;
1d8cde5b
AJ		 957 if (n > IDE_DMA_BUF_SECTORS)
958 n = IDE_DMA_BUF_SECTORS;
8ccad811
FB		 959 s->io_buffer_index = 0;
960 s->io_buffer_size = n * 512;
961#ifdef DEBUG_AIO
962 printf("aio_read: sector_num=%lld n=%d\n", sector_num, n);
963#endif
5fafdf24 964 bm->aiocb = bdrv_aio_read(s->bs, sector_num, s->io_buffer, n,
8ccad811 965 ide_read_dma_cb, bm);
5604e090 966 ide_dma_submit_check(s, ide_read_dma_cb, bm);
98087450
FB		 967}
968
969static void ide_sector_read_dma(IDEState *s)
970{
8ccad811 971 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
98087450
FB		 972 s->io_buffer_index = 0;
973 s->io_buffer_size = 0;
974 ide_dma_start(s, ide_read_dma_cb);
975}
976
a09db21f
FB		 977static void ide_sector_write_timer_cb(void *opaque)
978{
979 IDEState *s = opaque;
980 ide_set_irq(s);
981}
982
5391d806
FB		 983static void ide_sector_write(IDEState *s)
984{
985 int64_t sector_num;
31c2a146 986 int ret, n, n1;
5391d806
FB		 987
988 s->status = READY_STAT | SEEK_STAT;
989 sector_num = ide_get_sector(s);
990#if defined(DEBUG_IDE)
18c5f8ea 991 printf("write sector=%" PRId64 "\n", sector_num);
5391d806
FB		 992#endif
993 n = s->nsector;
994 if (n > s->req_nb_sectors)
995 n = s->req_nb_sectors;
31c2a146 996 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
e162cfb0
AZ		 997 if (ret != 0) {
998 ide_rw_error(s);
999 return;
1000 }
1001
5391d806
FB		 1002 s->nsector -= n;
1003 if (s->nsector == 0) {
292eef5a 1004 /* no more sectors to write */
5391d806
FB		 1005 ide_transfer_stop(s);
1006 } else {
1007 n1 = s->nsector;
1008 if (n1 > s->req_nb_sectors)
1009 n1 = s->req_nb_sectors;
1010 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
1011 }
1012 ide_set_sector(s, sector_num + n);
3b46e624 1013
31c2a146
TS		 1014#ifdef TARGET_I386
1015 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
1016 /* It seems there is a bug in the Windows 2000 installer HDD
1017 IDE driver which fills the disk with empty logs when the
1018 IDE write IRQ comes too early. This hack tries to correct
1019 that at the expense of slower write performances. Use this
1020 option _only_ to install Windows 2000. You must disable it
1021 for normal use. */
1022 qemu_mod_timer(s->sector_write_timer,
1023 qemu_get_clock(vm_clock) + (ticks_per_sec / 1000));
1024 } else
1025#endif
1026 {
1027 ide_set_irq(s);
1028 }
5391d806
FB		 1029}
1030
8ccad811 1031static void ide_write_dma_cb(void *opaque, int ret)
98087450 1032{
8ccad811
FB		 1033 BMDMAState *bm = opaque;
1034 IDEState *s = bm->ide_if;
1035 int n;
98087450
FB		 1036 int64_t sector_num;
1037
e162cfb0
AZ		 1038 if (ret < 0) {
1039 ide_dma_error(s);
1040 return;
1041 }
1042
8ccad811
FB		 1043 n = s->io_buffer_size >> 9;
1044 sector_num = ide_get_sector(s);
1045 if (n > 0) {
1046 sector_num += n;
1047 ide_set_sector(s, sector_num);
1048 s->nsector -= n;
98087450 1049 }
98087450 1050
8ccad811
FB		 1051 /* end of transfer ? */
1052 if (s->nsector == 0) {
1053 s->status = READY_STAT | SEEK_STAT;
1054 ide_set_irq(s);
1055 eot:
1056 bm->status &= ~BM_STATUS_DMAING;
1057 bm->status |= BM_STATUS_INT;
1058 bm->dma_cb = NULL;
1059 bm->ide_if = NULL;
1060 bm->aiocb = NULL;
1061 return;
1062 }
1063
1064 /* launch next transfer */
98087450 1065 n = s->nsector;
1d8cde5b
AJ		 1066 if (n > IDE_DMA_BUF_SECTORS)
1067 n = IDE_DMA_BUF_SECTORS;
98087450
FB		 1068 s->io_buffer_index = 0;
1069 s->io_buffer_size = n * 512;
8ccad811
FB		 1070
1071 if (dma_buf_rw(bm, 0) == 0)
1072 goto eot;
1073#ifdef DEBUG_AIO
1074 printf("aio_write: sector_num=%lld n=%d\n", sector_num, n);
1075#endif
5fafdf24 1076 bm->aiocb = bdrv_aio_write(s->bs, sector_num, s->io_buffer, n,
8ccad811 1077 ide_write_dma_cb, bm);
5604e090 1078 ide_dma_submit_check(s, ide_write_dma_cb, bm);
8ccad811
FB		 1079}
1080
1081static void ide_sector_write_dma(IDEState *s)
1082{
1083 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
1084 s->io_buffer_index = 0;
1085 s->io_buffer_size = 0;
98087450
FB		 1086 ide_dma_start(s, ide_write_dma_cb);
1087}
1088
5391d806
FB		 1089static void ide_atapi_cmd_ok(IDEState *s)
1090{
1091 s->error = 0;
41a2b959 1092 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 1093 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1094 ide_set_irq(s);
1095}
1096
1097static void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
1098{
1099#ifdef DEBUG_IDE_ATAPI
1100 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
1101#endif
1102 s->error = sense_key << 4;
1103 s->status = READY_STAT | ERR_STAT;
1104 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1105 s->sense_key = sense_key;
1106 s->asc = asc;
1107 ide_set_irq(s);
1108}
1109
9118e7f0
AL		 1110static void ide_atapi_cmd_check_status(IDEState *s)
1111{
1112#ifdef DEBUG_IDE_ATAPI
1113 printf("atapi_cmd_check_status\n");
1114#endif
1115 s->error = MC_ERR | (SENSE_UNIT_ATTENTION << 4);
1116 s->status = ERR_STAT;
1117 s->nsector = 0;
1118 ide_set_irq(s);
1119}
1120
5391d806
FB		 1121static inline void cpu_to_ube16(uint8_t *buf, int val)
1122{
1123 buf[0] = val >> 8;
1124 buf[1] = val;
1125}
1126
1127static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
1128{
1129 buf[0] = val >> 24;
1130 buf[1] = val >> 16;
1131 buf[2] = val >> 8;
1132 buf[3] = val;
1133}
1134
1135static inline int ube16_to_cpu(const uint8_t *buf)
1136{
1137 return (buf[0] << 8) | buf[1];
1138}
1139
1140static inline int ube32_to_cpu(const uint8_t *buf)
1141{
1142 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
1143}
1144
98087450
FB		 1145static void lba_to_msf(uint8_t *buf, int lba)
1146{
1147 lba += 150;
1148 buf[0] = (lba / 75) / 60;
1149 buf[1] = (lba / 75) % 60;
1150 buf[2] = lba % 75;
1151}
1152
8ccad811
FB		 1153static void cd_data_to_raw(uint8_t *buf, int lba)
1154{
1155 /* sync bytes */
1156 buf[0] = 0x00;
1157 memset(buf + 1, 0xff, 10);
1158 buf[11] = 0x00;
1159 buf += 12;
1160 /* MSF */
1161 lba_to_msf(buf, lba);
1162 buf[3] = 0x01; /* mode 1 data */
1163 buf += 4;
1164 /* data */
1165 buf += 2048;
1166 /* XXX: ECC not computed */
1167 memset(buf, 0, 288);
1168}
1169
5fafdf24 1170static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
98087450
FB		 1171 int sector_size)
1172{
66c6ef76
FB		 1173 int ret;
1174
98087450
FB		 1175 switch(sector_size) {
1176 case 2048:
66c6ef76 1177 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
98087450
FB		 1178 break;
1179 case 2352:
66c6ef76
FB		 1180 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
1181 if (ret < 0)
1182 return ret;
8ccad811 1183 cd_data_to_raw(buf, lba);
98087450
FB		 1184 break;
1185 default:
66c6ef76 1186 ret = -EIO;
98087450
FB		 1187 break;
1188 }
66c6ef76
FB		 1189 return ret;
1190}
1191
1192static void ide_atapi_io_error(IDEState *s, int ret)
1193{
1194 /* XXX: handle more errors */
1195 if (ret == -ENOMEDIUM) {
5fafdf24 1196 ide_atapi_cmd_error(s, SENSE_NOT_READY,
66c6ef76
FB		 1197 ASC_MEDIUM_NOT_PRESENT);
1198 } else {
5fafdf24 1199 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
66c6ef76
FB		 1200 ASC_LOGICAL_BLOCK_OOR);
1201 }
98087450
FB		 1202}
1203
5391d806
FB		 1204/* The whole ATAPI transfer logic is handled in this function */
1205static void ide_atapi_cmd_reply_end(IDEState *s)
1206{
66c6ef76 1207 int byte_count_limit, size, ret;
5391d806 1208#ifdef DEBUG_IDE_ATAPI
5fafdf24 1209 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
5391d806
FB		 1210 s->packet_transfer_size,
1211 s->elementary_transfer_size,
1212 s->io_buffer_index);
1213#endif
1214 if (s->packet_transfer_size <= 0) {
1215 /* end of transfer */
1216 ide_transfer_stop(s);
41a2b959 1217 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 1218 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1219 ide_set_irq(s);
1220#ifdef DEBUG_IDE_ATAPI
1221 printf("status=0x%x\n", s->status);
1222#endif
1223 } else {
1224 /* see if a new sector must be read */
98087450 1225 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
66c6ef76
FB		 1226 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
1227 if (ret < 0) {
1228 ide_transfer_stop(s);
1229 ide_atapi_io_error(s, ret);
1230 return;
1231 }
5391d806
FB		 1232 s->lba++;
1233 s->io_buffer_index = 0;
1234 }
1235 if (s->elementary_transfer_size > 0) {
1236 /* there are some data left to transmit in this elementary
1237 transfer */
98087450 1238 size = s->cd_sector_size - s->io_buffer_index;
5391d806
FB		 1239 if (size > s->elementary_transfer_size)
1240 size = s->elementary_transfer_size;
5fafdf24 1241 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
5391d806
FB		 1242 size, ide_atapi_cmd_reply_end);
1243 s->packet_transfer_size -= size;
1244 s->elementary_transfer_size -= size;
1245 s->io_buffer_index += size;
1246 } else {
1247 /* a new transfer is needed */
1248 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
1249 byte_count_limit = s->lcyl | (s->hcyl << 8);
1250#ifdef DEBUG_IDE_ATAPI
1251 printf("byte_count_limit=%d\n", byte_count_limit);
1252#endif
1253 if (byte_count_limit == 0xffff)
1254 byte_count_limit--;
1255 size = s->packet_transfer_size;
1256 if (size > byte_count_limit) {
1257 /* byte count limit must be even if this case */
1258 if (byte_count_limit & 1)
1259 byte_count_limit--;
1260 size = byte_count_limit;
5391d806 1261 }
a136e5a8
FB		 1262 s->lcyl = size;
1263 s->hcyl = size >> 8;
5391d806
FB		 1264 s->elementary_transfer_size = size;
1265 /* we cannot transmit more than one sector at a time */
1266 if (s->lba != -1) {
98087450
FB		 1267 if (size > (s->cd_sector_size - s->io_buffer_index))
1268 size = (s->cd_sector_size - s->io_buffer_index);
5391d806 1269 }
5fafdf24 1270 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
5391d806
FB		 1271 size, ide_atapi_cmd_reply_end);
1272 s->packet_transfer_size -= size;
1273 s->elementary_transfer_size -= size;
1274 s->io_buffer_index += size;
1275 ide_set_irq(s);
1276#ifdef DEBUG_IDE_ATAPI
1277 printf("status=0x%x\n", s->status);
1278#endif
1279 }
1280 }
1281}
1282
1283/* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
1284static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
1285{
1286 if (size > max_size)
1287 size = max_size;
1288 s->lba = -1; /* no sector read */
1289 s->packet_transfer_size = size;
5f12ab4b 1290 s->io_buffer_size = size; /* dma: send the reply data as one chunk */
5391d806
FB		 1291 s->elementary_transfer_size = 0;
1292 s->io_buffer_index = 0;
1293
5f12ab4b 1294 if (s->atapi_dma) {
41a2b959 1295 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
5f12ab4b
TS		 1296 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1297 } else {
41a2b959 1298 s->status = READY_STAT | SEEK_STAT;
5f12ab4b
TS		 1299 ide_atapi_cmd_reply_end(s);
1300 }
5391d806
FB		 1301}
1302
1303/* start a CD-CDROM read command */
98087450
FB		 1304static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
1305 int sector_size)
5391d806 1306{
5391d806 1307 s->lba = lba;
98087450 1308 s->packet_transfer_size = nb_sectors * sector_size;
5391d806 1309 s->elementary_transfer_size = 0;
98087450
FB		 1310 s->io_buffer_index = sector_size;
1311 s->cd_sector_size = sector_size;
5391d806 1312
41a2b959 1313 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 1314 ide_atapi_cmd_reply_end(s);
1315}
1316
98087450 1317/* ATAPI DMA support */
8ccad811
FB		 1318
1319/* XXX: handle read errors */
1320static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
98087450 1321{
8ccad811
FB		 1322 BMDMAState *bm = opaque;
1323 IDEState *s = bm->ide_if;
1324 int data_offset, n;
1325
66c6ef76
FB		 1326 if (ret < 0) {
1327 ide_atapi_io_error(s, ret);
1328 goto eot;
1329 }
1330
8ccad811 1331 if (s->io_buffer_size > 0) {
5f12ab4b
TS		 1332 /*
1333 * For a cdrom read sector command (s->lba != -1),
1334 * adjust the lba for the next s->io_buffer_size chunk
1335 * and dma the current chunk.
1336 * For a command != read (s->lba == -1), just transfer
1337 * the reply data.
1338 */
1339 if (s->lba != -1) {
1340 if (s->cd_sector_size == 2352) {
1341 n = 1;
1342 cd_data_to_raw(s->io_buffer, s->lba);
1343 } else {
1344 n = s->io_buffer_size >> 11;
1345 }
1346 s->lba += n;
1347 }
8ccad811 1348 s->packet_transfer_size -= s->io_buffer_size;
8ccad811
FB		 1349 if (dma_buf_rw(bm, 1) == 0)
1350 goto eot;
98087450 1351 }
8ccad811 1352
98087450 1353 if (s->packet_transfer_size <= 0) {
41a2b959 1354 s->status = READY_STAT | SEEK_STAT;
98087450
FB		 1355 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1356 ide_set_irq(s);
8ccad811
FB		 1357 eot:
1358 bm->status &= ~BM_STATUS_DMAING;
1359 bm->status |= BM_STATUS_INT;
1360 bm->dma_cb = NULL;
1361 bm->ide_if = NULL;
1362 bm->aiocb = NULL;
1363 return;
1364 }
3b46e624 1365
8ccad811
FB		 1366 s->io_buffer_index = 0;
1367 if (s->cd_sector_size == 2352) {
1368 n = 1;
1369 s->io_buffer_size = s->cd_sector_size;
1370 data_offset = 16;
1371 } else {
1372 n = s->packet_transfer_size >> 11;
1d8cde5b
AJ		 1373 if (n > (IDE_DMA_BUF_SECTORS / 4))
1374 n = (IDE_DMA_BUF_SECTORS / 4);
8ccad811
FB		 1375 s->io_buffer_size = n * 2048;
1376 data_offset = 0;
98087450 1377 }
8ccad811
FB		 1378#ifdef DEBUG_AIO
1379 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
1380#endif
5fafdf24
TS		 1381 bm->aiocb = bdrv_aio_read(s->bs, (int64_t)s->lba << 2,
1382 s->io_buffer + data_offset, n * 4,
8ccad811 1383 ide_atapi_cmd_read_dma_cb, bm);
66c6ef76
FB		 1384 if (!bm->aiocb) {
1385 /* Note: media not present is the most likely case */
5fafdf24 1386 ide_atapi_cmd_error(s, SENSE_NOT_READY,
66c6ef76
FB		 1387 ASC_MEDIUM_NOT_PRESENT);
1388 goto eot;
1389 }
98087450
FB		 1390}
1391
1392/* start a CD-CDROM read command with DMA */
1393/* XXX: test if DMA is available */
1394static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1395 int sector_size)
1396{
1397 s->lba = lba;
1398 s->packet_transfer_size = nb_sectors * sector_size;
8ccad811
FB		 1399 s->io_buffer_index = 0;
1400 s->io_buffer_size = 0;
98087450
FB		 1401 s->cd_sector_size = sector_size;
1402
8ccad811 1403 /* XXX: check if BUSY_STAT should be set */
41a2b959 1404 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
98087450
FB		 1405 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1406}
1407
5fafdf24 1408static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
98087450
FB		 1409 int sector_size)
1410{
1411#ifdef DEBUG_IDE_ATAPI
5f12ab4b
TS		 1412 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
1413 lba, nb_sectors);
98087450
FB		 1414#endif
1415 if (s->atapi_dma) {
1416 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1417 } else {
1418 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1419 }
1420}
1421
38cdea7c
AZ		 1422static inline uint8_t ide_atapi_set_profile(uint8_t *buf, uint8_t *index,
1423 uint16_t profile)
1424{
1425 uint8_t *buf_profile = buf + 12; /* start of profiles */
1426
1427 buf_profile += ((*index) * 4); /* start of indexed profile */
1428 cpu_to_ube16 (buf_profile, profile);
1429 buf_profile[2] = ((buf_profile[0] == buf[6]) && (buf_profile[1] == buf[7]));
1430
1431 /* each profile adds 4 bytes to the response */
1432 (*index)++;
1433 buf[11] += 4; /* Additional Length */
1434
1435 return 4;
1436}
1437
8114e9e8
TS		 1438static int ide_dvd_read_structure(IDEState *s, int format,
1439 const uint8_t *packet, uint8_t *buf)
1440{
1441 switch (format) {
1442 case 0x0: /* Physical format information */
1443 {
1444 int layer = packet[6];
1445 uint64_t total_sectors;
1446
1447 if (layer != 0)
1448 return -ASC_INV_FIELD_IN_CMD_PACKET;
1449
1450 bdrv_get_geometry(s->bs, &total_sectors);
1451 total_sectors >>= 2;
1452 if (total_sectors == 0)
1453 return -ASC_MEDIUM_NOT_PRESENT;
1454
1455 buf[4] = 1; /* DVD-ROM, part version 1 */
1456 buf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
1457 buf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
1458 buf[7] = 0; /* default densities */
1459
1460 /* FIXME: 0x30000 per spec? */
1461 cpu_to_ube32(buf + 8, 0); /* start sector */
1462 cpu_to_ube32(buf + 12, total_sectors - 1); /* end sector */
1463 cpu_to_ube32(buf + 16, total_sectors - 1); /* l0 end sector */
1464
1465 /* Size of buffer, not including 2 byte size field */
1466 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1467
1468 /* 2k data + 4 byte header */
1469 return (2048 + 4);
1470 }
1471
1472 case 0x01: /* DVD copyright information */
1473 buf[4] = 0; /* no copyright data */
1474 buf[5] = 0; /* no region restrictions */
1475
1476 /* Size of buffer, not including 2 byte size field */
1477 cpu_to_be16wu((uint16_t *)buf, 4 + 2);
1478
1479 /* 4 byte header + 4 byte data */
1480 return (4 + 4);
1481
1482 case 0x03: /* BCA information - invalid field for no BCA info */
1483 return -ASC_INV_FIELD_IN_CMD_PACKET;
1484
1485 case 0x04: /* DVD disc manufacturing information */
1486 /* Size of buffer, not including 2 byte size field */
1487 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1488
1489 /* 2k data + 4 byte header */
1490 return (2048 + 4);
1491
1492 case 0xff:
1493 /*
1494 * This lists all the command capabilities above. Add new ones
1495 * in order and update the length and buffer return values.
1496 */
1497
1498 buf[4] = 0x00; /* Physical format */
1499 buf[5] = 0x40; /* Not writable, is readable */
1500 cpu_to_be16wu((uint16_t *)(buf + 6), 2048 + 4);
1501
1502 buf[8] = 0x01; /* Copyright info */
1503 buf[9] = 0x40; /* Not writable, is readable */
1504 cpu_to_be16wu((uint16_t *)(buf + 10), 4 + 4);
1505
1506 buf[12] = 0x03; /* BCA info */
1507 buf[13] = 0x40; /* Not writable, is readable */
1508 cpu_to_be16wu((uint16_t *)(buf + 14), 188 + 4);
1509
1510 buf[16] = 0x04; /* Manufacturing info */
1511 buf[17] = 0x40; /* Not writable, is readable */
1512 cpu_to_be16wu((uint16_t *)(buf + 18), 2048 + 4);
1513
1514 /* Size of buffer, not including 2 byte size field */
1515 cpu_to_be16wu((uint16_t *)buf, 16 + 2);
1516
1517 /* data written + 4 byte header */
1518 return (16 + 4);
1519
1520 default: /* TODO: formats beyond DVD-ROM requires */
1521 return -ASC_INV_FIELD_IN_CMD_PACKET;
1522 }
1523}
1524
5391d806
FB		 1525static void ide_atapi_cmd(IDEState *s)
1526{
1527 const uint8_t *packet;
1528 uint8_t *buf;
1529 int max_len;
1530
1531 packet = s->io_buffer;
1532 buf = s->io_buffer;
1533#ifdef DEBUG_IDE_ATAPI
1534 {
1535 int i;
1536 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1537 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1538 printf(" %02x", packet[i]);
1539 }
1540 printf("\n");
1541 }
1542#endif
9118e7f0
AL		 1543 /* If there's a UNIT_ATTENTION condition pending, only
1544 REQUEST_SENSE and INQUIRY commands are allowed to complete. */
1545 if (s->sense_key == SENSE_UNIT_ATTENTION &&
1546 s->io_buffer[0] != GPCMD_REQUEST_SENSE &&
1547 s->io_buffer[0] != GPCMD_INQUIRY) {
1548 ide_atapi_cmd_check_status(s);
1549 return;
1550 }
5391d806
FB		 1551 switch(s->io_buffer[0]) {
1552 case GPCMD_TEST_UNIT_READY:
caed8802 1553 if (bdrv_is_inserted(s->bs)) {
5391d806
FB		 1554 ide_atapi_cmd_ok(s);
1555 } else {
5fafdf24 1556 ide_atapi_cmd_error(s, SENSE_NOT_READY,
5391d806
FB		 1557 ASC_MEDIUM_NOT_PRESENT);
1558 }
1559 break;
d14049ea 1560 case GPCMD_MODE_SENSE_6:
5391d806
FB		 1561 case GPCMD_MODE_SENSE_10:
1562 {
1563 int action, code;
d14049ea
TS		 1564 if (packet[0] == GPCMD_MODE_SENSE_10)
1565 max_len = ube16_to_cpu(packet + 7);
1566 else
1567 max_len = packet[4];
5391d806
FB		 1568 action = packet[2] >> 6;
1569 code = packet[2] & 0x3f;
1570 switch(action) {
1571 case 0: /* current values */
1572 switch(code) {
1573 case 0x01: /* error recovery */
1574 cpu_to_ube16(&buf[0], 16 + 6);
1575 buf[2] = 0x70;
1576 buf[3] = 0;
1577 buf[4] = 0;
1578 buf[5] = 0;
1579 buf[6] = 0;
1580 buf[7] = 0;
1581
1582 buf[8] = 0x01;
1583 buf[9] = 0x06;
1584 buf[10] = 0x00;
1585 buf[11] = 0x05;
1586 buf[12] = 0x00;
1587 buf[13] = 0x00;
1588 buf[14] = 0x00;
1589 buf[15] = 0x00;
1590 ide_atapi_cmd_reply(s, 16, max_len);
1591 break;
1592 case 0x2a:
1593 cpu_to_ube16(&buf[0], 28 + 6);
1594 buf[2] = 0x70;
1595 buf[3] = 0;
1596 buf[4] = 0;
1597 buf[5] = 0;
1598 buf[6] = 0;
1599 buf[7] = 0;
1600
1601 buf[8] = 0x2a;
1602 buf[9] = 0x12;
0d4a05a1 1603 buf[10] = 0x00;
5391d806 1604 buf[11] = 0x00;
3b46e624 1605
d5b4eb40
AL		 1606 /* Claim PLAY_AUDIO capability (0x01) since some Linux
1607 code checks for this to automount media. */
1608 buf[12] = 0x71;
5391d806
FB		 1609 buf[13] = 3 << 5;
1610 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
caed8802 1611 if (bdrv_is_locked(s->bs))
5391d806
FB		 1612 buf[6] |= 1 << 1;
1613 buf[15] = 0x00;
1614 cpu_to_ube16(&buf[16], 706);
1615 buf[18] = 0;
1616 buf[19] = 2;
1617 cpu_to_ube16(&buf[20], 512);
1618 cpu_to_ube16(&buf[22], 706);
1619 buf[24] = 0;
1620 buf[25] = 0;
1621 buf[26] = 0;
1622 buf[27] = 0;
1623 ide_atapi_cmd_reply(s, 28, max_len);
1624 break;
1625 default:
1626 goto error_cmd;
1627 }
1628 break;
1629 case 1: /* changeable values */
1630 goto error_cmd;
1631 case 2: /* default values */
1632 goto error_cmd;
1633 default:
1634 case 3: /* saved values */
5fafdf24 1635 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
5391d806
FB		 1636 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1637 break;
1638 }
1639 }
1640 break;
1641 case GPCMD_REQUEST_SENSE:
1642 max_len = packet[4];
1643 memset(buf, 0, 18);
1644 buf[0] = 0x70 | (1 << 7);
1645 buf[2] = s->sense_key;
1646 buf[7] = 10;
1647 buf[12] = s->asc;
9118e7f0
AL		 1648 if (s->sense_key == SENSE_UNIT_ATTENTION)
1649 s->sense_key = SENSE_NONE;
5391d806
FB		 1650 ide_atapi_cmd_reply(s, 18, max_len);
1651 break;
1652 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
caed8802
FB		 1653 if (bdrv_is_inserted(s->bs)) {
1654 bdrv_set_locked(s->bs, packet[4] & 1);
5391d806
FB		 1655 ide_atapi_cmd_ok(s);
1656 } else {
5fafdf24 1657 ide_atapi_cmd_error(s, SENSE_NOT_READY,
5391d806
FB		 1658 ASC_MEDIUM_NOT_PRESENT);
1659 }
1660 break;
1661 case GPCMD_READ_10:
1662 case GPCMD_READ_12:
1663 {
1664 int nb_sectors, lba;
1665
5391d806
FB		 1666 if (packet[0] == GPCMD_READ_10)
1667 nb_sectors = ube16_to_cpu(packet + 7);
1668 else
1669 nb_sectors = ube32_to_cpu(packet + 6);
1670 lba = ube32_to_cpu(packet + 2);
1671 if (nb_sectors == 0) {
1672 ide_atapi_cmd_ok(s);
1673 break;
1674 }
98087450
FB		 1675 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1676 }
1677 break;
1678 case GPCMD_READ_CD:
1679 {
1680 int nb_sectors, lba, transfer_request;
1681
98087450
FB		 1682 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1683 lba = ube32_to_cpu(packet + 2);
1684 if (nb_sectors == 0) {
1685 ide_atapi_cmd_ok(s);
1686 break;
1687 }
98087450
FB		 1688 transfer_request = packet[9];
1689 switch(transfer_request & 0xf8) {
1690 case 0x00:
1691 /* nothing */
1692 ide_atapi_cmd_ok(s);
1693 break;
1694 case 0x10:
1695 /* normal read */
1696 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1697 break;
1698 case 0xf8:
1699 /* read all data */
1700 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1701 break;
1702 default:
5fafdf24 1703 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
98087450
FB		 1704 ASC_INV_FIELD_IN_CMD_PACKET);
1705 break;
1706 }
5391d806
FB		 1707 }
1708 break;
1709 case GPCMD_SEEK:
1710 {
96b8f136
TS		 1711 unsigned int lba;
1712 uint64_t total_sectors;
66c6ef76
FB		 1713
1714 bdrv_get_geometry(s->bs, &total_sectors);
1715 total_sectors >>= 2;
96b8f136 1716 if (total_sectors == 0) {
5fafdf24 1717 ide_atapi_cmd_error(s, SENSE_NOT_READY,
5391d806
FB		 1718 ASC_MEDIUM_NOT_PRESENT);
1719 break;
1720 }
1721 lba = ube32_to_cpu(packet + 2);
66c6ef76 1722 if (lba >= total_sectors) {
5fafdf24 1723 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
5391d806
FB		 1724 ASC_LOGICAL_BLOCK_OOR);
1725 break;
1726 }
1727 ide_atapi_cmd_ok(s);
1728 }
1729 break;
1730 case GPCMD_START_STOP_UNIT:
1731 {
1732 int start, eject;
1733 start = packet[4] & 1;
1734 eject = (packet[4] >> 1) & 1;
3b46e624 1735
caed8802
FB		 1736 if (eject && !start) {
1737 /* eject the disk */
66c6ef76
FB		 1738 bdrv_eject(s->bs, 1);
1739 } else if (eject && start) {
1740 /* close the tray */
1741 bdrv_eject(s->bs, 0);
caed8802 1742 }
5391d806
FB		 1743 ide_atapi_cmd_ok(s);
1744 }
1745 break;
1746 case GPCMD_MECHANISM_STATUS:
1747 {
1748 max_len = ube16_to_cpu(packet + 8);
1749 cpu_to_ube16(buf, 0);
1750 /* no current LBA */
1751 buf[2] = 0;
1752 buf[3] = 0;
1753 buf[4] = 0;
1754 buf[5] = 1;
1755 cpu_to_ube16(buf + 6, 0);
1756 ide_atapi_cmd_reply(s, 8, max_len);
1757 }
1758 break;
1759 case GPCMD_READ_TOC_PMA_ATIP:
1760 {
1761 int format, msf, start_track, len;
96b8f136 1762 uint64_t total_sectors;
5391d806 1763
66c6ef76
FB		 1764 bdrv_get_geometry(s->bs, &total_sectors);
1765 total_sectors >>= 2;
96b8f136 1766 if (total_sectors == 0) {
5fafdf24 1767 ide_atapi_cmd_error(s, SENSE_NOT_READY,
5391d806
FB		 1768 ASC_MEDIUM_NOT_PRESENT);
1769 break;
1770 }
1771 max_len = ube16_to_cpu(packet + 7);
1772 format = packet[9] >> 6;
1773 msf = (packet[1] >> 1) & 1;
1774 start_track = packet[6];
1775 switch(format) {
1776 case 0:
66c6ef76 1777 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
5391d806
FB		 1778 if (len < 0)
1779 goto error_cmd;
1780 ide_atapi_cmd_reply(s, len, max_len);
1781 break;
1782 case 1:
1783 /* multi session : only a single session defined */
1784 memset(buf, 0, 12);
1785 buf[1] = 0x0a;
1786 buf[2] = 0x01;
1787 buf[3] = 0x01;
1788 ide_atapi_cmd_reply(s, 12, max_len);
1789 break;
98087450 1790 case 2:
66c6ef76 1791 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
98087450
FB		 1792 if (len < 0)
1793 goto error_cmd;
1794 ide_atapi_cmd_reply(s, len, max_len);
1795 break;
5391d806 1796 default:
7f777bf3 1797 error_cmd:
5fafdf24 1798 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
7f777bf3
FB		 1799 ASC_INV_FIELD_IN_CMD_PACKET);
1800 break;
5391d806
FB		 1801 }
1802 }
1803 break;
1804 case GPCMD_READ_CDVD_CAPACITY:
66c6ef76 1805 {
96b8f136 1806 uint64_t total_sectors;
66c6ef76
FB		 1807
1808 bdrv_get_geometry(s->bs, &total_sectors);
1809 total_sectors >>= 2;
96b8f136 1810 if (total_sectors == 0) {
5fafdf24 1811 ide_atapi_cmd_error(s, SENSE_NOT_READY,
66c6ef76
FB		 1812 ASC_MEDIUM_NOT_PRESENT);
1813 break;
1814 }
1815 /* NOTE: it is really the number of sectors minus 1 */
1816 cpu_to_ube32(buf, total_sectors - 1);
1817 cpu_to_ube32(buf + 4, 2048);
1818 ide_atapi_cmd_reply(s, 8, 8);
5391d806 1819 }
5391d806 1820 break;
d14049ea
TS		 1821 case GPCMD_READ_DVD_STRUCTURE:
1822 {
1823 int media = packet[1];
8114e9e8
TS		 1824 int format = packet[7];
1825 int ret;
d14049ea 1826
8114e9e8 1827 max_len = ube16_to_cpu(packet + 8);
d14049ea 1828
8114e9e8
TS		 1829 if (format < 0xff) {
1830 if (media_is_cd(s)) {
1831 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1832 ASC_INCOMPATIBLE_FORMAT);
1833 break;
1834 } else if (!media_present(s)) {
1835 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1836 ASC_INV_FIELD_IN_CMD_PACKET);
1837 break;
1838 }
1839 }
d14049ea 1840
8114e9e8
TS		 1841 memset(buf, 0, max_len > IDE_DMA_BUF_SECTORS * 512 + 4 ?
1842 IDE_DMA_BUF_SECTORS * 512 + 4 : max_len);
d14049ea 1843
8114e9e8
TS		 1844 switch (format) {
1845 case 0x00 ... 0x7f:
1846 case 0xff:
1847 if (media == 0) {
1848 ret = ide_dvd_read_structure(s, format, packet, buf);
d14049ea 1849
8114e9e8
TS		 1850 if (ret < 0)
1851 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, -ret);
1852 else
1853 ide_atapi_cmd_reply(s, ret, max_len);
d14049ea 1854
8114e9e8
TS		 1855 break;
1856 }
1857 /* TODO: BD support, fall through for now */
1858
1859 /* Generic disk structures */
1860 case 0x80: /* TODO: AACS volume identifier */
1861 case 0x81: /* TODO: AACS media serial number */
1862 case 0x82: /* TODO: AACS media identifier */
1863 case 0x83: /* TODO: AACS media key block */
1864 case 0x90: /* TODO: List of recognized format layers */
1865 case 0xc0: /* TODO: Write protection status */
d14049ea
TS		 1866 default:
1867 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1868 ASC_INV_FIELD_IN_CMD_PACKET);
1869 break;
1870 }
1871 }
1872 break;
1873 case GPCMD_SET_SPEED:
1874 ide_atapi_cmd_ok(s);
1875 break;
bd0d90b2
FB		 1876 case GPCMD_INQUIRY:
1877 max_len = packet[4];
1878 buf[0] = 0x05; /* CD-ROM */
1879 buf[1] = 0x80; /* removable */
1880 buf[2] = 0x00; /* ISO */
1881 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
aa1f17c1 1882 buf[4] = 31; /* additional length */
bd0d90b2
FB		 1883 buf[5] = 0; /* reserved */
1884 buf[6] = 0; /* reserved */
1885 buf[7] = 0; /* reserved */
1886 padstr8(buf + 8, 8, "QEMU");
38cdea7c 1887 padstr8(buf + 16, 16, "QEMU DVD-ROM");
bd0d90b2
FB		 1888 padstr8(buf + 32, 4, QEMU_VERSION);
1889 ide_atapi_cmd_reply(s, 36, max_len);
1890 break;
d14049ea
TS		 1891 case GPCMD_GET_CONFIGURATION:
1892 {
38cdea7c 1893 uint32_t len;
091d055b 1894 uint8_t index = 0;
d14049ea
TS		 1895
1896 /* only feature 0 is supported */
1897 if (packet[2] != 0 || packet[3] != 0) {
1898 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1899 ASC_INV_FIELD_IN_CMD_PACKET);
1900 break;
1901 }
38cdea7c
AZ		 1902
1903 /* XXX: could result in alignment problems in some architectures */
1904 max_len = ube16_to_cpu(packet + 7);
091d055b 1905
38cdea7c 1906 /*
091d055b
AZ		 1907 * XXX: avoid overflow for io_buffer if max_len is bigger than
1908 * the size of that buffer (dimensioned to max number of
1909 * sectors to transfer at once)
38cdea7c 1910 *
091d055b 1911 * Only a problem if the feature/profiles grow.
38cdea7c
AZ		 1912 */
1913 if (max_len > 512) /* XXX: assume 1 sector */
1914 max_len = 512;
1915
1916 memset(buf, 0, max_len);
1917 /*
1918 * the number of sectors from the media tells us which profile
1919 * to use as current. 0 means there is no media
38cdea7c 1920 */
8114e9e8
TS		 1921 if (media_is_dvd(s))
1922 cpu_to_ube16(buf + 6, MMC_PROFILE_DVD_ROM);
1923 else if (media_is_cd(s))
1924 cpu_to_ube16(buf + 6, MMC_PROFILE_CD_ROM);
38cdea7c 1925
091d055b
AZ		 1926 buf[10] = 0x02 | 0x01; /* persistent and current */
1927 len = 12; /* headers: 8 + 4 */
1928 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_DVD_ROM);
1929 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_CD_ROM);
38cdea7c
AZ		 1930 cpu_to_ube32(buf, len - 4); /* data length */
1931
1932 ide_atapi_cmd_reply(s, len, max_len);
d14049ea
TS		 1933 break;
1934 }
5391d806 1935 default:
5fafdf24 1936 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
7f777bf3 1937 ASC_ILLEGAL_OPCODE);
5391d806
FB		 1938 break;
1939 }
1940}
1941
201a51fc
AZ		 1942static void ide_cfata_metadata_inquiry(IDEState *s)
1943{
1944 uint16_t *p;
1945 uint32_t spd;
1946
1947 p = (uint16_t *) s->io_buffer;
1948 memset(p, 0, 0x200);
1949 spd = ((s->mdata_size - 1) >> 9) + 1;
1950
1951 put_le16(p + 0, 0x0001); /* Data format revision */
1952 put_le16(p + 1, 0x0000); /* Media property: silicon */
1953 put_le16(p + 2, s->media_changed); /* Media status */
1954 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
1955 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
1956 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
1957 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
1958}
1959
1960static void ide_cfata_metadata_read(IDEState *s)
1961{
1962 uint16_t *p;
1963
1964 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1965 s->status = ERR_STAT;
1966 s->error = ABRT_ERR;
1967 return;
1968 }
1969
1970 p = (uint16_t *) s->io_buffer;
1971 memset(p, 0, 0x200);
1972
1973 put_le16(p + 0, s->media_changed); /* Media status */
1974 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1975 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1976 s->nsector << 9), 0x200 - 2));
1977}
1978
1979static void ide_cfata_metadata_write(IDEState *s)
1980{
1981 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1982 s->status = ERR_STAT;
1983 s->error = ABRT_ERR;
1984 return;
1985 }
1986
1987 s->media_changed = 0;
1988
1989 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1990 s->io_buffer + 2,
1991 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1992 s->nsector << 9), 0x200 - 2));
1993}
1994
bd491d6a
TS		 1995/* called when the inserted state of the media has changed */
1996static void cdrom_change_cb(void *opaque)
1997{
1998 IDEState *s = opaque;
96b8f136 1999 uint64_t nb_sectors;
bd491d6a 2000
bd491d6a
TS		 2001 bdrv_get_geometry(s->bs, &nb_sectors);
2002 s->nb_sectors = nb_sectors;
9118e7f0
AL		 2003
2004 s->sense_key = SENSE_UNIT_ATTENTION;
2005 s->asc = ASC_MEDIUM_MAY_HAVE_CHANGED;
2006
2007 ide_set_irq(s);
bd491d6a
TS		 2008}
2009
c2ff060f
FB		 2010static void ide_cmd_lba48_transform(IDEState *s, int lba48)
2011{
2012 s->lba48 = lba48;
2013
2014 /* handle the 'magic' 0 nsector count conversion here. to avoid
2015 * fiddling with the rest of the read logic, we just store the
2016 * full sector count in ->nsector and ignore ->hob_nsector from now
2017 */
2018 if (!s->lba48) {
2019 if (!s->nsector)
2020 s->nsector = 256;
2021 } else {
2022 if (!s->nsector && !s->hob_nsector)
2023 s->nsector = 65536;
2024 else {
2025 int lo = s->nsector;
2026 int hi = s->hob_nsector;
2027
2028 s->nsector = (hi << 8) | lo;
2029 }
2030 }
2031}
2032
2033static void ide_clear_hob(IDEState *ide_if)
2034{
2035 /* any write clears HOB high bit of device control register */
2036 ide_if[0].select &= ~(1 << 7);
2037 ide_if[1].select &= ~(1 << 7);
2038}
2039
caed8802
FB		 2040static void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
2041{
2042 IDEState *ide_if = opaque;
c45c3d00 2043 IDEState *s;
5391d806 2044 int unit, n;
c2ff060f 2045 int lba48 = 0;
5391d806
FB		 2046
2047#ifdef DEBUG_IDE
2048 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
2049#endif
c2ff060f 2050
5391d806 2051 addr &= 7;
fcdd25ab
AL		 2052
2053 /* ignore writes to command block while busy with previous command */
2054 if (addr != 7 && (ide_if->cur_drive->status & (BUSY_STAT|DRQ_STAT)))
2055 return;
2056
5391d806
FB		 2057 switch(addr) {
2058 case 0:
2059 break;
2060 case 1:
c2ff060f 2061 ide_clear_hob(ide_if);
c45c3d00 2062 /* NOTE: data is written to the two drives */
c2ff060f
FB		 2063 ide_if[0].hob_feature = ide_if[0].feature;
2064 ide_if[1].hob_feature = ide_if[1].feature;
c45c3d00
FB		 2065 ide_if[0].feature = val;
2066 ide_if[1].feature = val;
5391d806
FB		 2067 break;
2068 case 2:
c2ff060f
FB		 2069 ide_clear_hob(ide_if);
2070 ide_if[0].hob_nsector = ide_if[0].nsector;
2071 ide_if[1].hob_nsector = ide_if[1].nsector;
c45c3d00
FB		 2072 ide_if[0].nsector = val;
2073 ide_if[1].nsector = val;
5391d806
FB		 2074 break;
2075 case 3:
c2ff060f
FB		 2076 ide_clear_hob(ide_if);
2077 ide_if[0].hob_sector = ide_if[0].sector;
2078 ide_if[1].hob_sector = ide_if[1].sector;
c45c3d00
FB		 2079 ide_if[0].sector = val;
2080 ide_if[1].sector = val;
5391d806
FB		 2081 break;
2082 case 4:
c2ff060f
FB		 2083 ide_clear_hob(ide_if);
2084 ide_if[0].hob_lcyl = ide_if[0].lcyl;
2085 ide_if[1].hob_lcyl = ide_if[1].lcyl;
c45c3d00
FB		 2086 ide_if[0].lcyl = val;
2087 ide_if[1].lcyl = val;
5391d806
FB		 2088 break;
2089 case 5:
c2ff060f
FB		 2090 ide_clear_hob(ide_if);
2091 ide_if[0].hob_hcyl = ide_if[0].hcyl;
2092 ide_if[1].hob_hcyl = ide_if[1].hcyl;
c45c3d00
FB		 2093 ide_if[0].hcyl = val;
2094 ide_if[1].hcyl = val;
5391d806
FB		 2095 break;
2096 case 6:
c2ff060f 2097 /* FIXME: HOB readback uses bit 7 */
7ae98627
FB		 2098 ide_if[0].select = (val & ~0x10) | 0xa0;
2099 ide_if[1].select = (val | 0x10) | 0xa0;
5391d806
FB		 2100 /* select drive */
2101 unit = (val >> 4) & 1;
2102 s = ide_if + unit;
2103 ide_if->cur_drive = s;
5391d806
FB		 2104 break;
2105 default:
2106 case 7:
2107 /* command */
2108#if defined(DEBUG_IDE)
2109 printf("ide: CMD=%02x\n", val);
2110#endif
c45c3d00 2111 s = ide_if->cur_drive;
66201e2d 2112 /* ignore commands to non existant slave */
5fafdf24 2113 if (s != ide_if && !s->bs)
66201e2d 2114 break;
c2ff060f 2115
fcdd25ab
AL		 2116 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */
2117 if ((s->status & (BUSY_STAT|DRQ_STAT)) && val != WIN_DEVICE_RESET)
2118 break;
2119
5391d806
FB		 2120 switch(val) {
2121 case WIN_IDENTIFY:
2122 if (s->bs && !s->is_cdrom) {
201a51fc
AZ		 2123 if (!s->is_cf)
2124 ide_identify(s);
2125 else
2126 ide_cfata_identify(s);
2a282056 2127 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 2128 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2129 } else {
2130 if (s->is_cdrom) {
2131 ide_set_signature(s);
2132 }
2133 ide_abort_command(s);
2134 }
2135 ide_set_irq(s);
2136 break;
2137 case WIN_SPECIFY:
2138 case WIN_RECAL:
a136e5a8 2139 s->error = 0;
769bec72 2140 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 2141 ide_set_irq(s);
2142 break;
2143 case WIN_SETMULT:
201a51fc
AZ		 2144 if (s->is_cf && s->nsector == 0) {
2145 /* Disable Read and Write Multiple */
2146 s->mult_sectors = 0;
41a2b959 2147 s->status = READY_STAT | SEEK_STAT;
201a51fc 2148 } else if ((s->nsector & 0xff) != 0 &&
39dfc926
TS		 2149 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
2150 (s->nsector & (s->nsector - 1)) != 0)) {
5391d806
FB		 2151 ide_abort_command(s);
2152 } else {
292eef5a 2153 s->mult_sectors = s->nsector & 0xff;
41a2b959 2154 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 2155 }
2156 ide_set_irq(s);
2157 break;
c2ff060f
FB		 2158 case WIN_VERIFY_EXT:
2159 lba48 = 1;
4ce900b4
FB		 2160 case WIN_VERIFY:
2161 case WIN_VERIFY_ONCE:
2162 /* do sector number check ? */
c2ff060f 2163 ide_cmd_lba48_transform(s, lba48);
41a2b959 2164 s->status = READY_STAT | SEEK_STAT;
4ce900b4
FB		 2165 ide_set_irq(s);
2166 break;
c2ff060f
FB		 2167 case WIN_READ_EXT:
2168 lba48 = 1;
5391d806
FB		 2169 case WIN_READ:
2170 case WIN_READ_ONCE:
5fafdf24 2171 if (!s->bs)
6b136f9e 2172 goto abort_cmd;
c2ff060f 2173 ide_cmd_lba48_transform(s, lba48);
5391d806
FB		 2174 s->req_nb_sectors = 1;
2175 ide_sector_read(s);
2176 break;
c2ff060f
FB		 2177 case WIN_WRITE_EXT:
2178 lba48 = 1;
5391d806
FB		 2179 case WIN_WRITE:
2180 case WIN_WRITE_ONCE:
201a51fc
AZ		 2181 case CFA_WRITE_SECT_WO_ERASE:
2182 case WIN_WRITE_VERIFY:
c2ff060f 2183 ide_cmd_lba48_transform(s, lba48);
a136e5a8 2184 s->error = 0;
f66723fa 2185 s->status = SEEK_STAT | READY_STAT;
5391d806
FB		 2186 s->req_nb_sectors = 1;
2187 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
201a51fc 2188 s->media_changed = 1;
5391d806 2189 break;
c2ff060f
FB		 2190 case WIN_MULTREAD_EXT:
2191 lba48 = 1;
5391d806
FB		 2192 case WIN_MULTREAD:
2193 if (!s->mult_sectors)
2194 goto abort_cmd;
c2ff060f 2195 ide_cmd_lba48_transform(s, lba48);
5391d806
FB		 2196 s->req_nb_sectors = s->mult_sectors;
2197 ide_sector_read(s);
2198 break;
c2ff060f
FB		 2199 case WIN_MULTWRITE_EXT:
2200 lba48 = 1;
5391d806 2201 case WIN_MULTWRITE:
201a51fc 2202 case CFA_WRITE_MULTI_WO_ERASE:
5391d806
FB		 2203 if (!s->mult_sectors)
2204 goto abort_cmd;
c2ff060f 2205 ide_cmd_lba48_transform(s, lba48);
a136e5a8 2206 s->error = 0;
f66723fa 2207 s->status = SEEK_STAT | READY_STAT;
5391d806
FB		 2208 s->req_nb_sectors = s->mult_sectors;
2209 n = s->nsector;
2210 if (n > s->req_nb_sectors)
2211 n = s->req_nb_sectors;
2212 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
201a51fc 2213 s->media_changed = 1;
5391d806 2214 break;
c2ff060f
FB		 2215 case WIN_READDMA_EXT:
2216 lba48 = 1;
98087450
FB		 2217 case WIN_READDMA:
2218 case WIN_READDMA_ONCE:
5fafdf24 2219 if (!s->bs)
98087450 2220 goto abort_cmd;
c2ff060f 2221 ide_cmd_lba48_transform(s, lba48);
98087450
FB		 2222 ide_sector_read_dma(s);
2223 break;
c2ff060f
FB		 2224 case WIN_WRITEDMA_EXT:
2225 lba48 = 1;
98087450
FB		 2226 case WIN_WRITEDMA:
2227 case WIN_WRITEDMA_ONCE:
5fafdf24 2228 if (!s->bs)
98087450 2229 goto abort_cmd;
c2ff060f 2230 ide_cmd_lba48_transform(s, lba48);
98087450 2231 ide_sector_write_dma(s);
201a51fc 2232 s->media_changed = 1;
98087450 2233 break;
c2ff060f
FB		 2234 case WIN_READ_NATIVE_MAX_EXT:
2235 lba48 = 1;
5391d806 2236 case WIN_READ_NATIVE_MAX:
c2ff060f 2237 ide_cmd_lba48_transform(s, lba48);
5391d806 2238 ide_set_sector(s, s->nb_sectors - 1);
41a2b959 2239 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 2240 ide_set_irq(s);
2241 break;
a136e5a8 2242 case WIN_CHECKPOWERMODE1:
201a51fc 2243 case WIN_CHECKPOWERMODE2:
a136e5a8 2244 s->nsector = 0xff; /* device active or idle */
41a2b959 2245 s->status = READY_STAT | SEEK_STAT;
a136e5a8
FB		 2246 ide_set_irq(s);
2247 break;
34e538ae
FB		 2248 case WIN_SETFEATURES:
2249 if (!s->bs)
2250 goto abort_cmd;
2251 /* XXX: valid for CDROM ? */
2252 switch(s->feature) {
e1f63470
TS		 2253 case 0xcc: /* reverting to power-on defaults enable */
2254 case 0x66: /* reverting to power-on defaults disable */
34e538ae
FB		 2255 case 0x02: /* write cache enable */
2256 case 0x82: /* write cache disable */
2257 case 0xaa: /* read look-ahead enable */
2258 case 0x55: /* read look-ahead disable */
201a51fc
AZ		 2259 case 0x05: /* set advanced power management mode */
2260 case 0x85: /* disable advanced power management mode */
2261 case 0x69: /* NOP */
2262 case 0x67: /* NOP */
2263 case 0x96: /* NOP */
2264 case 0x9a: /* NOP */
c3e88d8c
TS		 2265 case 0x42: /* enable Automatic Acoustic Mode */
2266 case 0xc2: /* disable Automatic Acoustic Mode */
e0fe67aa 2267 s->status = READY_STAT | SEEK_STAT;
34e538ae
FB		 2268 ide_set_irq(s);
2269 break;
94458802
FB		 2270 case 0x03: { /* set transfer mode */
2271 uint8_t val = s->nsector & 0x07;
2272
2273 switch (s->nsector >> 3) {
2274 case 0x00: /* pio default */
2275 case 0x01: /* pio mode */
d1b5c20d
TS		 2276 put_le16(s->identify_data + 62,0x07);
2277 put_le16(s->identify_data + 63,0x07);
2278 put_le16(s->identify_data + 88,0x3f);
2279 break;
2280 case 0x02: /* sigle word dma mode*/
2281 put_le16(s->identify_data + 62,0x07 | (1 << (val + 8)));
94458802
FB		 2282 put_le16(s->identify_data + 63,0x07);
2283 put_le16(s->identify_data + 88,0x3f);
2284 break;
2285 case 0x04: /* mdma mode */
d1b5c20d 2286 put_le16(s->identify_data + 62,0x07);
94458802
FB		 2287 put_le16(s->identify_data + 63,0x07 | (1 << (val + 8)));
2288 put_le16(s->identify_data + 88,0x3f);
2289 break;
2290 case 0x08: /* udma mode */
d1b5c20d 2291 put_le16(s->identify_data + 62,0x07);
94458802
FB		 2292 put_le16(s->identify_data + 63,0x07);
2293 put_le16(s->identify_data + 88,0x3f | (1 << (val + 8)));
2294 break;
2295 default:
2296 goto abort_cmd;
2297 }
2298 s->status = READY_STAT | SEEK_STAT;
2299 ide_set_irq(s);
2300 break;
2301 }
34e538ae
FB		 2302 default:
2303 goto abort_cmd;
2304 }
2305 break;
c2ff060f
FB		 2306 case WIN_FLUSH_CACHE:
2307 case WIN_FLUSH_CACHE_EXT:
7a6cba61
PB		 2308 if (s->bs)
2309 bdrv_flush(s->bs);
41a2b959 2310 s->status = READY_STAT | SEEK_STAT;
7a6cba61
PB		 2311 ide_set_irq(s);
2312 break;
c3e88d8c
TS		 2313 case WIN_STANDBY:
2314 case WIN_STANDBY2:
2315 case WIN_STANDBYNOW1:
201a51fc 2316 case WIN_STANDBYNOW2:
c451ee71 2317 case WIN_IDLEIMMEDIATE:
201a51fc
AZ		 2318 case CFA_IDLEIMMEDIATE:
2319 case WIN_SETIDLE1:
2320 case WIN_SETIDLE2:
c3e88d8c
TS		 2321 case WIN_SLEEPNOW1:
2322 case WIN_SLEEPNOW2:
2323 s->status = READY_STAT;
a7dfe172
FB		 2324 ide_set_irq(s);
2325 break;
5391d806
FB		 2326 /* ATAPI commands */
2327 case WIN_PIDENTIFY:
2328 if (s->is_cdrom) {
2329 ide_atapi_identify(s);
1298fe63 2330 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 2331 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2332 } else {
2333 ide_abort_command(s);
2334 }
2335 ide_set_irq(s);
2336 break;
c451ee71
FB		 2337 case WIN_DIAGNOSE:
2338 ide_set_signature(s);
33256a25
AL		 2339 if (s->is_cdrom)
2340 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet
2341 * devices to return a clear status register
2342 * with READY_STAT *not* set. */
2343 else
2344 s->status = READY_STAT | SEEK_STAT;
2345 s->error = 0x01; /* Device 0 passed, Device 1 passed or not
2346 * present.
2347 */
f5fdd0a8 2348 ide_set_irq(s);
c451ee71 2349 break;
5391d806
FB		 2350 case WIN_SRST:
2351 if (!s->is_cdrom)
2352 goto abort_cmd;
2353 ide_set_signature(s);
6b136f9e 2354 s->status = 0x00; /* NOTE: READY is _not_ set */
5391d806
FB		 2355 s->error = 0x01;
2356 break;
2357 case WIN_PACKETCMD:
2358 if (!s->is_cdrom)
2359 goto abort_cmd;
98087450
FB		 2360 /* overlapping commands not supported */
2361 if (s->feature & 0x02)
5391d806 2362 goto abort_cmd;
41a2b959 2363 s->status = READY_STAT | SEEK_STAT;
98087450 2364 s->atapi_dma = s->feature & 1;
5391d806 2365 s->nsector = 1;
5fafdf24 2366 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
5391d806
FB		 2367 ide_atapi_cmd);
2368 break;
201a51fc
AZ		 2369 /* CF-ATA commands */
2370 case CFA_REQ_EXT_ERROR_CODE:
2371 if (!s->is_cf)
2372 goto abort_cmd;
2373 s->error = 0x09; /* miscellaneous error */
41a2b959 2374 s->status = READY_STAT | SEEK_STAT;
201a51fc
AZ		 2375 ide_set_irq(s);
2376 break;
2377 case CFA_ERASE_SECTORS:
2378 case CFA_WEAR_LEVEL:
2379 if (!s->is_cf)
2380 goto abort_cmd;
2381 if (val == CFA_WEAR_LEVEL)
2382 s->nsector = 0;
2383 if (val == CFA_ERASE_SECTORS)
2384 s->media_changed = 1;
2385 s->error = 0x00;
41a2b959 2386 s->status = READY_STAT | SEEK_STAT;
201a51fc
AZ		 2387 ide_set_irq(s);
2388 break;
2389 case CFA_TRANSLATE_SECTOR:
2390 if (!s->is_cf)
2391 goto abort_cmd;
2392 s->error = 0x00;
41a2b959 2393 s->status = READY_STAT | SEEK_STAT;
201a51fc
AZ		 2394 memset(s->io_buffer, 0, 0x200);
2395 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
2396 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
2397 s->io_buffer[0x02] = s->select; /* Head */
2398 s->io_buffer[0x03] = s->sector; /* Sector */
2399 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
2400 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
2401 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
2402 s->io_buffer[0x13] = 0x00; /* Erase flag */
2403 s->io_buffer[0x18] = 0x00; /* Hot count */
2404 s->io_buffer[0x19] = 0x00; /* Hot count */
2405 s->io_buffer[0x1a] = 0x01; /* Hot count */
2406 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2407 ide_set_irq(s);
2408 break;
2409 case CFA_ACCESS_METADATA_STORAGE:
2410 if (!s->is_cf)
2411 goto abort_cmd;
2412 switch (s->feature) {
2413 case 0x02: /* Inquiry Metadata Storage */
2414 ide_cfata_metadata_inquiry(s);
2415 break;
2416 case 0x03: /* Read Metadata Storage */
2417 ide_cfata_metadata_read(s);
2418 break;
2419 case 0x04: /* Write Metadata Storage */
2420 ide_cfata_metadata_write(s);
2421 break;
2422 default:
2423 goto abort_cmd;
2424 }
2425 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2426 s->status = 0x00; /* NOTE: READY is _not_ set */
2427 ide_set_irq(s);
2428 break;
2429 case IBM_SENSE_CONDITION:
2430 if (!s->is_cf)
2431 goto abort_cmd;
2432 switch (s->feature) {
2433 case 0x01: /* sense temperature in device */
2434 s->nsector = 0x50; /* +20 C */
2435 break;
2436 default:
2437 goto abort_cmd;
2438 }
41a2b959 2439 s->status = READY_STAT | SEEK_STAT;
201a51fc
AZ		 2440 ide_set_irq(s);
2441 break;
5391d806
FB		 2442 default:
2443 abort_cmd:
2444 ide_abort_command(s);
2445 ide_set_irq(s);
2446 break;
2447 }
2448 }
2449}
2450
caed8802 2451static uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
5391d806 2452{
7ae98627
FB		 2453 IDEState *ide_if = opaque;
2454 IDEState *s = ide_if->cur_drive;
5391d806 2455 uint32_t addr;
c2ff060f 2456 int ret, hob;
5391d806
FB		 2457
2458 addr = addr1 & 7;
c2ff060f
FB		 2459 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2460 //hob = s->select & (1 << 7);
2461 hob = 0;
5391d806
FB		 2462 switch(addr) {
2463 case 0:
2464 ret = 0xff;
2465 break;
2466 case 1:
7ae98627 2467 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00 2468 ret = 0;
c2ff060f 2469 else if (!hob)
c45c3d00 2470 ret = s->error;
c2ff060f
FB		 2471 else
2472 ret = s->hob_feature;
5391d806
FB		 2473 break;
2474 case 2:
7ae98627 2475 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00 2476 ret = 0;
c2ff060f 2477 else if (!hob)
c45c3d00 2478 ret = s->nsector & 0xff;
c2ff060f
FB		 2479 else
2480 ret = s->hob_nsector;
5391d806
FB		 2481 break;
2482 case 3:
7ae98627 2483 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00 2484 ret = 0;
c2ff060f 2485 else if (!hob)
c45c3d00 2486 ret = s->sector;
c2ff060f
FB		 2487 else
2488 ret = s->hob_sector;
5391d806
FB		 2489 break;
2490 case 4:
7ae98627 2491 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00 2492 ret = 0;
c2ff060f 2493 else if (!hob)
c45c3d00 2494 ret = s->lcyl;
c2ff060f
FB		 2495 else
2496 ret = s->hob_lcyl;
5391d806
FB		 2497 break;
2498 case 5:
7ae98627 2499 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00 2500 ret = 0;
c2ff060f 2501 else if (!hob)
c45c3d00 2502 ret = s->hcyl;
c2ff060f
FB		 2503 else
2504 ret = s->hob_hcyl;
5391d806
FB		 2505 break;
2506 case 6:
7ae98627 2507 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00
FB		 2508 ret = 0;
2509 else
7ae98627 2510 ret = s->select;
5391d806
FB		 2511 break;
2512 default:
2513 case 7:
66201e2d
FB		 2514 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2515 (s != ide_if && !s->bs))
c45c3d00
FB		 2516 ret = 0;
2517 else
2518 ret = s->status;
d537cf6c 2519 qemu_irq_lower(s->irq);
5391d806
FB		 2520 break;
2521 }
2522#ifdef DEBUG_IDE
2523 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
2524#endif
2525 return ret;
2526}
2527
caed8802 2528static uint32_t ide_status_read(void *opaque, uint32_t addr)
5391d806 2529{
7ae98627
FB		 2530 IDEState *ide_if = opaque;
2531 IDEState *s = ide_if->cur_drive;
5391d806 2532 int ret;
7ae98627 2533
66201e2d
FB		 2534 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2535 (s != ide_if && !s->bs))
7ae98627
FB		 2536 ret = 0;
2537 else
2538 ret = s->status;
5391d806
FB		 2539#ifdef DEBUG_IDE
2540 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
2541#endif
2542 return ret;
2543}
2544
caed8802 2545static void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
5391d806 2546{
caed8802 2547 IDEState *ide_if = opaque;
5391d806
FB		 2548 IDEState *s;
2549 int i;
2550
2551#ifdef DEBUG_IDE
2552 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
2553#endif
2554 /* common for both drives */
2555 if (!(ide_if[0].cmd & IDE_CMD_RESET) &&
2556 (val & IDE_CMD_RESET)) {
2557 /* reset low to high */
2558 for(i = 0;i < 2; i++) {
2559 s = &ide_if[i];
2560 s->status = BUSY_STAT | SEEK_STAT;
2561 s->error = 0x01;
2562 }
2563 } else if ((ide_if[0].cmd & IDE_CMD_RESET) &&
2564 !(val & IDE_CMD_RESET)) {
2565 /* high to low */
2566 for(i = 0;i < 2; i++) {
2567 s = &ide_if[i];
6b136f9e
FB		 2568 if (s->is_cdrom)
2569 s->status = 0x00; /* NOTE: READY is _not_ set */
2570 else
56bf1d37 2571 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 2572 ide_set_signature(s);
2573 }
2574 }
2575
2576 ide_if[0].cmd = val;
2577 ide_if[1].cmd = val;
2578}
2579
caed8802 2580static void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
5391d806 2581{
caed8802 2582 IDEState *s = ((IDEState *)opaque)->cur_drive;
5391d806
FB		 2583 uint8_t *p;
2584
fcdd25ab
AL		 2585 /* PIO data access allowed only when DRQ bit is set */
2586 if (!(s->status & DRQ_STAT))
2587 return;
2588
5391d806 2589 p = s->data_ptr;
0c4ad8dc 2590 *(uint16_t *)p = le16_to_cpu(val);
5391d806
FB		 2591 p += 2;
2592 s->data_ptr = p;
2593 if (p >= s->data_end)
2594 s->end_transfer_func(s);
2595}
2596
caed8802 2597static uint32_t ide_data_readw(void *opaque, uint32_t addr)
5391d806 2598{
caed8802 2599 IDEState *s = ((IDEState *)opaque)->cur_drive;
5391d806
FB		 2600 uint8_t *p;
2601 int ret;
fcdd25ab
AL		 2602
2603 /* PIO data access allowed only when DRQ bit is set */
2604 if (!(s->status & DRQ_STAT))
2605 return 0;
2606
5391d806 2607 p = s->data_ptr;
0c4ad8dc 2608 ret = cpu_to_le16(*(uint16_t *)p);
5391d806
FB		 2609 p += 2;
2610 s->data_ptr = p;
2611 if (p >= s->data_end)
2612 s->end_transfer_func(s);
2613 return ret;
2614}
2615
caed8802 2616static void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
5391d806 2617{
caed8802 2618 IDEState *s = ((IDEState *)opaque)->cur_drive;
5391d806
FB		 2619 uint8_t *p;
2620
fcdd25ab
AL		 2621 /* PIO data access allowed only when DRQ bit is set */
2622 if (!(s->status & DRQ_STAT))
2623 return;
2624
5391d806 2625 p = s->data_ptr;
0c4ad8dc 2626 *(uint32_t *)p = le32_to_cpu(val);
5391d806
FB		 2627 p += 4;
2628 s->data_ptr = p;
2629 if (p >= s->data_end)
2630 s->end_transfer_func(s);
2631}
2632
caed8802 2633static uint32_t ide_data_readl(void *opaque, uint32_t addr)
5391d806 2634{
caed8802 2635 IDEState *s = ((IDEState *)opaque)->cur_drive;
5391d806
FB		 2636 uint8_t *p;
2637 int ret;
3b46e624 2638
fcdd25ab
AL		 2639 /* PIO data access allowed only when DRQ bit is set */
2640 if (!(s->status & DRQ_STAT))
2641 return 0;
2642
5391d806 2643 p = s->data_ptr;
0c4ad8dc 2644 ret = cpu_to_le32(*(uint32_t *)p);
5391d806
FB		 2645 p += 4;
2646 s->data_ptr = p;
2647 if (p >= s->data_end)
2648 s->end_transfer_func(s);
2649 return ret;
2650}
2651
a7dfe172
FB		 2652static void ide_dummy_transfer_stop(IDEState *s)
2653{
2654 s->data_ptr = s->io_buffer;
2655 s->data_end = s->io_buffer;
2656 s->io_buffer[0] = 0xff;
2657 s->io_buffer[1] = 0xff;
2658 s->io_buffer[2] = 0xff;
2659 s->io_buffer[3] = 0xff;
2660}
2661
5391d806
FB		 2662static void ide_reset(IDEState *s)
2663{
201a51fc
AZ		 2664 if (s->is_cf)
2665 s->mult_sectors = 0;
2666 else
2667 s->mult_sectors = MAX_MULT_SECTORS;
5391d806
FB		 2668 s->cur_drive = s;
2669 s->select = 0xa0;
41a2b959 2670 s->status = READY_STAT | SEEK_STAT;
5391d806 2671 ide_set_signature(s);
a7dfe172
FB		 2672 /* init the transfer handler so that 0xffff is returned on data
2673 accesses */
2674 s->end_transfer_func = ide_dummy_transfer_stop;
2675 ide_dummy_transfer_stop(s);
201a51fc 2676 s->media_changed = 0;
5391d806
FB		 2677}
2678
5457c8ce
FB		 2679static void ide_init2(IDEState *ide_state,
2680 BlockDriverState *hd0, BlockDriverState *hd1,
d537cf6c 2681 qemu_irq irq)
5391d806 2682{
69b91039 2683 IDEState *s;
aedf5382 2684 static int drive_serial = 1;
f3d54fc4 2685 int i, cylinders, heads, secs;
96b8f136 2686 uint64_t nb_sectors;
5391d806 2687
caed8802
FB		 2688 for(i = 0; i < 2; i++) {
2689 s = ide_state + i;
1d8cde5b 2690 s->io_buffer = qemu_memalign(512, IDE_DMA_BUF_SECTORS*512 + 4);
caed8802
FB		 2691 if (i == 0)
2692 s->bs = hd0;
2693 else
2694 s->bs = hd1;
5391d806
FB		 2695 if (s->bs) {
2696 bdrv_get_geometry(s->bs, &nb_sectors);
f3d54fc4
AL		 2697 bdrv_guess_geometry(s->bs, &cylinders, &heads, &secs);
2698 s->cylinders = cylinders;
2699 s->heads = heads;
2700 s->sectors = secs;
5391d806 2701 s->nb_sectors = nb_sectors;
f3d54fc4 2702
caed8802
FB		 2703 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
2704 s->is_cdrom = 1;
bd491d6a 2705 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
5391d806
FB		 2706 }
2707 }
aedf5382 2708 s->drive_serial = drive_serial++;
caed8802 2709 s->irq = irq;
5fafdf24 2710 s->sector_write_timer = qemu_new_timer(vm_clock,
a09db21f 2711 ide_sector_write_timer_cb, s);
5391d806
FB		 2712 ide_reset(s);
2713 }
69b91039
FB		 2714}
2715
34e538ae 2716static void ide_init_ioport(IDEState *ide_state, int iobase, int iobase2)
69b91039 2717{
caed8802
FB		 2718 register_ioport_write(iobase, 8, 1, ide_ioport_write, ide_state);
2719 register_ioport_read(iobase, 8, 1, ide_ioport_read, ide_state);
2720 if (iobase2) {
2721 register_ioport_read(iobase2, 1, 1, ide_status_read, ide_state);
2722 register_ioport_write(iobase2, 1, 1, ide_cmd_write, ide_state);
5391d806 2723 }
3b46e624 2724
caed8802
FB		 2725 /* data ports */
2726 register_ioport_write(iobase, 2, 2, ide_data_writew, ide_state);
2727 register_ioport_read(iobase, 2, 2, ide_data_readw, ide_state);
2728 register_ioport_write(iobase, 4, 4, ide_data_writel, ide_state);
2729 register_ioport_read(iobase, 4, 4, ide_data_readl, ide_state);
5391d806 2730}
69b91039 2731
aa941b94
AZ		 2732/* save per IDE drive data */
2733static void ide_save(QEMUFile* f, IDEState *s)
2734{
bee8d684
TS		 2735 qemu_put_be32(f, s->mult_sectors);
2736 qemu_put_be32(f, s->identify_set);
aa941b94
AZ		 2737 if (s->identify_set) {
2738 qemu_put_buffer(f, (const uint8_t *)s->identify_data, 512);
2739 }
2740 qemu_put_8s(f, &s->feature);
2741 qemu_put_8s(f, &s->error);
2742 qemu_put_be32s(f, &s->nsector);
2743 qemu_put_8s(f, &s->sector);
2744 qemu_put_8s(f, &s->lcyl);
2745 qemu_put_8s(f, &s->hcyl);
2746 qemu_put_8s(f, &s->hob_feature);
2747 qemu_put_8s(f, &s->hob_nsector);
2748 qemu_put_8s(f, &s->hob_sector);
2749 qemu_put_8s(f, &s->hob_lcyl);
2750 qemu_put_8s(f, &s->hob_hcyl);
2751 qemu_put_8s(f, &s->select);
2752 qemu_put_8s(f, &s->status);
2753 qemu_put_8s(f, &s->lba48);
2754
2755 qemu_put_8s(f, &s->sense_key);
2756 qemu_put_8s(f, &s->asc);
2757 /* XXX: if a transfer is pending, we do not save it yet */
2758}
2759
2760/* load per IDE drive data */
2761static void ide_load(QEMUFile* f, IDEState *s)
2762{
bee8d684
TS		 2763 s->mult_sectors=qemu_get_be32(f);
2764 s->identify_set=qemu_get_be32(f);
aa941b94
AZ		 2765 if (s->identify_set) {
2766 qemu_get_buffer(f, (uint8_t *)s->identify_data, 512);
2767 }
2768 qemu_get_8s(f, &s->feature);
2769 qemu_get_8s(f, &s->error);
2770 qemu_get_be32s(f, &s->nsector);
2771 qemu_get_8s(f, &s->sector);
2772 qemu_get_8s(f, &s->lcyl);
2773 qemu_get_8s(f, &s->hcyl);
2774 qemu_get_8s(f, &s->hob_feature);
2775 qemu_get_8s(f, &s->hob_nsector);
2776 qemu_get_8s(f, &s->hob_sector);
2777 qemu_get_8s(f, &s->hob_lcyl);
2778 qemu_get_8s(f, &s->hob_hcyl);
2779 qemu_get_8s(f, &s->select);
2780 qemu_get_8s(f, &s->status);
2781 qemu_get_8s(f, &s->lba48);
2782
2783 qemu_get_8s(f, &s->sense_key);
2784 qemu_get_8s(f, &s->asc);
2785 /* XXX: if a transfer is pending, we do not save it yet */
2786}
2787
34e538ae
FB		 2788/***********************************************************/
2789/* ISA IDE definitions */
2790
d537cf6c 2791void isa_ide_init(int iobase, int iobase2, qemu_irq irq,
34e538ae
FB		 2792 BlockDriverState *hd0, BlockDriverState *hd1)
2793{
2794 IDEState *ide_state;
2795
2796 ide_state = qemu_mallocz(sizeof(IDEState) * 2);
2797 if (!ide_state)
2798 return;
3b46e624 2799
d537cf6c 2800 ide_init2(ide_state, hd0, hd1, irq);
34e538ae
FB		 2801 ide_init_ioport(ide_state, iobase, iobase2);
2802}
2803
69b91039
FB		 2804/***********************************************************/
2805/* PCI IDE definitions */
2806
5457c8ce
FB		 2807static void cmd646_update_irq(PCIIDEState *d);
2808
5fafdf24 2809static void ide_map(PCIDevice *pci_dev, int region_num,
69b91039
FB		 2810 uint32_t addr, uint32_t size, int type)
2811{
2812 PCIIDEState *d = (PCIIDEState *)pci_dev;
2813 IDEState *ide_state;
2814
2815 if (region_num <= 3) {
2816 ide_state = &d->ide_if[(region_num >> 1) * 2];
2817 if (region_num & 1) {
2818 register_ioport_read(addr + 2, 1, 1, ide_status_read, ide_state);
2819 register_ioport_write(addr + 2, 1, 1, ide_cmd_write, ide_state);
2820 } else {
2821 register_ioport_write(addr, 8, 1, ide_ioport_write, ide_state);
2822 register_ioport_read(addr, 8, 1, ide_ioport_read, ide_state);
2823
2824 /* data ports */
2825 register_ioport_write(addr, 2, 2, ide_data_writew, ide_state);
2826 register_ioport_read(addr, 2, 2, ide_data_readw, ide_state);
2827 register_ioport_write(addr, 4, 4, ide_data_writel, ide_state);
2828 register_ioport_read(addr, 4, 4, ide_data_readl, ide_state);
2829 }
2830 }
2831}
2832
8ccad811 2833static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb)
98087450
FB		 2834{
2835 BMDMAState *bm = s->bmdma;
2836 if(!bm)
2837 return;
2838 bm->ide_if = s;
2839 bm->dma_cb = dma_cb;
8ccad811
FB		 2840 bm->cur_prd_last = 0;
2841 bm->cur_prd_addr = 0;
2842 bm->cur_prd_len = 0;
98087450 2843 if (bm->status & BM_STATUS_DMAING) {
8ccad811 2844 bm->dma_cb(bm, 0);
98087450
FB		 2845 }
2846}
2847
72c7b06c
AL		 2848static void ide_dma_cancel(BMDMAState *bm)
2849{
2850 if (bm->status & BM_STATUS_DMAING) {
2851 bm->status &= ~BM_STATUS_DMAING;
2852 /* cancel DMA request */
2853 bm->ide_if = NULL;
2854 bm->dma_cb = NULL;
2855 if (bm->aiocb) {
2856#ifdef DEBUG_AIO
2857 printf("aio_cancel\n");
2858#endif
2859 bdrv_aio_cancel(bm->aiocb);
2860 bm->aiocb = NULL;
2861 }
2862 }
2863}
2864
98087450
FB		 2865static void bmdma_cmd_writeb(void *opaque, uint32_t addr, uint32_t val)
2866{
2867 BMDMAState *bm = opaque;
2868#ifdef DEBUG_IDE
2869 printf("%s: 0x%08x\n", __func__, val);
2870#endif
2871 if (!(val & BM_CMD_START)) {
2872 /* XXX: do it better */
72c7b06c 2873 ide_dma_cancel(bm);
98087450
FB		 2874 bm->cmd = val & 0x09;
2875 } else {
8ccad811
FB		 2876 if (!(bm->status & BM_STATUS_DMAING)) {
2877 bm->status |= BM_STATUS_DMAING;
2878 /* start dma transfer if possible */
2879 if (bm->dma_cb)
2880 bm->dma_cb(bm, 0);
2881 }
98087450 2882 bm->cmd = val & 0x09;
98087450
FB		 2883 }
2884}
2885
5457c8ce 2886static uint32_t bmdma_readb(void *opaque, uint32_t addr)
98087450
FB		 2887{
2888 BMDMAState *bm = opaque;
5457c8ce 2889 PCIIDEState *pci_dev;
98087450 2890 uint32_t val;
3b46e624 2891
5457c8ce 2892 switch(addr & 3) {
5fafdf24 2893 case 0:
5457c8ce
FB		 2894 val = bm->cmd;
2895 break;
2896 case 1:
2897 pci_dev = bm->pci_dev;
2898 if (pci_dev->type == IDE_TYPE_CMD646) {
2899 val = pci_dev->dev.config[MRDMODE];
2900 } else {
2901 val = 0xff;
2902 }
2903 break;
2904 case 2:
2905 val = bm->status;
2906 break;
2907 case 3:
2908 pci_dev = bm->pci_dev;
2909 if (pci_dev->type == IDE_TYPE_CMD646) {
2910 if (bm == &pci_dev->bmdma[0])
2911 val = pci_dev->dev.config[UDIDETCR0];
2912 else
2913 val = pci_dev->dev.config[UDIDETCR1];
2914 } else {
2915 val = 0xff;
2916 }
2917 break;
2918 default:
2919 val = 0xff;
2920 break;
2921 }
98087450 2922#ifdef DEBUG_IDE
5457c8ce 2923 printf("bmdma: readb 0x%02x : 0x%02x\n", addr, val);
98087450
FB		 2924#endif
2925 return val;
2926}
2927
5457c8ce 2928static void bmdma_writeb(void *opaque, uint32_t addr, uint32_t val)
98087450
FB		 2929{
2930 BMDMAState *bm = opaque;
5457c8ce 2931 PCIIDEState *pci_dev;
98087450 2932#ifdef DEBUG_IDE
5457c8ce 2933 printf("bmdma: writeb 0x%02x : 0x%02x\n", addr, val);
98087450 2934#endif
5457c8ce
FB		 2935 switch(addr & 3) {
2936 case 1:
2937 pci_dev = bm->pci_dev;
2938 if (pci_dev->type == IDE_TYPE_CMD646) {
5fafdf24 2939 pci_dev->dev.config[MRDMODE] =
5457c8ce
FB		 2940 (pci_dev->dev.config[MRDMODE] & ~0x30) | (val & 0x30);
2941 cmd646_update_irq(pci_dev);
2942 }
2943 break;
2944 case 2:
2945 bm->status = (val & 0x60) | (bm->status & 1) | (bm->status & ~val & 0x06);
2946 break;
2947 case 3:
2948 pci_dev = bm->pci_dev;
2949 if (pci_dev->type == IDE_TYPE_CMD646) {
2950 if (bm == &pci_dev->bmdma[0])
2951 pci_dev->dev.config[UDIDETCR0] = val;
2952 else
2953 pci_dev->dev.config[UDIDETCR1] = val;
2954 }
2955 break;
2956 }
98087450
FB		 2957}
2958
5b9a1293
AJ		 2959static uint32_t bmdma_addr_readb(void *opaque, uint32_t addr)
2960{
2961 BMDMAState *bm = opaque;
2962 uint32_t val;
2963 val = (bm->addr >> ((addr & 3) * 8)) & 0xff;
2964#ifdef DEBUG_IDE
2965 printf("%s: 0x%08x\n", __func__, val);
2966#endif
2967 return val;
2968}
2969
2970static void bmdma_addr_writeb(void *opaque, uint32_t addr, uint32_t val)
2971{
2972 BMDMAState *bm = opaque;
2973 int shift = (addr & 3) * 8;
2974#ifdef DEBUG_IDE
2975 printf("%s: 0x%08x\n", __func__, val);
2976#endif
2977 bm->addr &= ~(0xFF << shift);
2978 bm->addr |= ((val & 0xFF) << shift) & ~3;
2979 bm->cur_addr = bm->addr;
2980}
2981
2982static uint32_t bmdma_addr_readw(void *opaque, uint32_t addr)
2983{
2984 BMDMAState *bm = opaque;
2985 uint32_t val;
2986 val = (bm->addr >> ((addr & 3) * 8)) & 0xffff;
2987#ifdef DEBUG_IDE
2988 printf("%s: 0x%08x\n", __func__, val);
2989#endif
2990 return val;
2991}
2992
2993static void bmdma_addr_writew(void *opaque, uint32_t addr, uint32_t val)
2994{
2995 BMDMAState *bm = opaque;
2996 int shift = (addr & 3) * 8;
2997#ifdef DEBUG_IDE
2998 printf("%s: 0x%08x\n", __func__, val);
2999#endif
3000 bm->addr &= ~(0xFFFF << shift);
3001 bm->addr |= ((val & 0xFFFF) << shift) & ~3;
3002 bm->cur_addr = bm->addr;
3003}
3004
98087450
FB		 3005static uint32_t bmdma_addr_readl(void *opaque, uint32_t addr)
3006{
3007 BMDMAState *bm = opaque;
3008 uint32_t val;
3009 val = bm->addr;
3010#ifdef DEBUG_IDE
3011 printf("%s: 0x%08x\n", __func__, val);
3012#endif
3013 return val;
3014}
3015
3016static void bmdma_addr_writel(void *opaque, uint32_t addr, uint32_t val)
3017{
3018 BMDMAState *bm = opaque;
3019#ifdef DEBUG_IDE
3020 printf("%s: 0x%08x\n", __func__, val);
3021#endif
3022 bm->addr = val & ~3;
30c4bbac 3023 bm->cur_addr = bm->addr;
98087450
FB		 3024}
3025
5fafdf24 3026static void bmdma_map(PCIDevice *pci_dev, int region_num,
98087450
FB		 3027 uint32_t addr, uint32_t size, int type)
3028{
3029 PCIIDEState *d = (PCIIDEState *)pci_dev;
3030 int i;
3031
3032 for(i = 0;i < 2; i++) {
3033 BMDMAState *bm = &d->bmdma[i];
3034 d->ide_if[2 * i].bmdma = bm;
3035 d->ide_if[2 * i + 1].bmdma = bm;
5457c8ce
FB		 3036 bm->pci_dev = (PCIIDEState *)pci_dev;
3037
98087450 3038 register_ioport_write(addr, 1, 1, bmdma_cmd_writeb, bm);
98087450 3039
5457c8ce
FB		 3040 register_ioport_write(addr + 1, 3, 1, bmdma_writeb, bm);
3041 register_ioport_read(addr, 4, 1, bmdma_readb, bm);
98087450 3042
5b9a1293
AJ		 3043 register_ioport_write(addr + 4, 4, 1, bmdma_addr_writeb, bm);
3044 register_ioport_read(addr + 4, 4, 1, bmdma_addr_readb, bm);
3045 register_ioport_write(addr + 4, 4, 2, bmdma_addr_writew, bm);
3046 register_ioport_read(addr + 4, 4, 2, bmdma_addr_readw, bm);
98087450
FB		 3047 register_ioport_write(addr + 4, 4, 4, bmdma_addr_writel, bm);
3048 register_ioport_read(addr + 4, 4, 4, bmdma_addr_readl, bm);
3049 addr += 8;
3050 }
3051}
3052
5457c8ce
FB		 3053/* XXX: call it also when the MRDMODE is changed from the PCI config
3054 registers */
3055static void cmd646_update_irq(PCIIDEState *d)
3056{
3057 int pci_level;
3058 pci_level = ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH0) &&
3059 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH0)) ||
3060 ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH1) &&
3061 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH1));
d537cf6c 3062 qemu_set_irq(d->dev.irq[0], pci_level);
5457c8ce
FB		 3063}
3064
3065/* the PCI irq level is the logical OR of the two channels */
3066static void cmd646_set_irq(void *opaque, int channel, int level)
3067{
3068 PCIIDEState *d = opaque;
3069 int irq_mask;
3070
3071 irq_mask = MRDMODE_INTR_CH0 << channel;
3072 if (level)
3073 d->dev.config[MRDMODE] |= irq_mask;
3074 else
3075 d->dev.config[MRDMODE] &= ~irq_mask;
3076 cmd646_update_irq(d);
3077}
3078
3079/* CMD646 PCI IDE controller */
3080void pci_cmd646_ide_init(PCIBus *bus, BlockDriverState **hd_table,
3081 int secondary_ide_enabled)
69b91039
FB		 3082{
3083 PCIIDEState *d;
3084 uint8_t *pci_conf;
34e538ae 3085 int i;
d537cf6c 3086 qemu_irq *irq;
34e538ae 3087
5fafdf24 3088 d = (PCIIDEState *)pci_register_device(bus, "CMD646 IDE",
5457c8ce 3089 sizeof(PCIIDEState),
5fafdf24 3090 -1,
73c11f63 3091 NULL, NULL);
5457c8ce 3092 d->type = IDE_TYPE_CMD646;
69b91039 3093 pci_conf = d->dev.config;
5457c8ce
FB		 3094 pci_conf[0x00] = 0x95; // CMD646
3095 pci_conf[0x01] = 0x10;
3096 pci_conf[0x02] = 0x46;
3097 pci_conf[0x03] = 0x06;
3098
3099 pci_conf[0x08] = 0x07; // IDE controller revision
5fafdf24 3100 pci_conf[0x09] = 0x8f;
5457c8ce 3101
69b91039
FB		 3102 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
3103 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
5457c8ce 3104 pci_conf[0x0e] = 0x00; // header_type
3b46e624 3105
5457c8ce
FB		 3106 if (secondary_ide_enabled) {
3107 /* XXX: if not enabled, really disable the seconday IDE controller */
3108 pci_conf[0x51] = 0x80; /* enable IDE1 */
3109 }
69b91039 3110
5fafdf24 3111 pci_register_io_region((PCIDevice *)d, 0, 0x8,
69b91039 3112 PCI_ADDRESS_SPACE_IO, ide_map);
5fafdf24 3113 pci_register_io_region((PCIDevice *)d, 1, 0x4,
69b91039 3114 PCI_ADDRESS_SPACE_IO, ide_map);
5fafdf24 3115 pci_register_io_region((PCIDevice *)d, 2, 0x8,
69b91039 3116 PCI_ADDRESS_SPACE_IO, ide_map);
5fafdf24 3117 pci_register_io_region((PCIDevice *)d, 3, 0x4,
69b91039 3118 PCI_ADDRESS_SPACE_IO, ide_map);
5fafdf24 3119 pci_register_io_region((PCIDevice *)d, 4, 0x10,
98087450 3120 PCI_ADDRESS_SPACE_IO, bmdma_map);
69b91039 3121
34e538ae 3122 pci_conf[0x3d] = 0x01; // interrupt on pin 1
3b46e624 3123
34e538ae
FB		 3124 for(i = 0; i < 4; i++)
3125 d->ide_if[i].pci_dev = (PCIDevice *)d;
d537cf6c
PB		 3126
3127 irq = qemu_allocate_irqs(cmd646_set_irq, d, 2);
3128 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], irq[0]);
3129 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], irq[1]);
34e538ae
FB		 3130}
3131
c3d78997
FB		 3132static void pci_ide_save(QEMUFile* f, void *opaque)
3133{
3134 PCIIDEState *d = opaque;
3135 int i;
3136
3137 pci_device_save(&d->dev, f);
3138
3139 for(i = 0; i < 2; i++) {
3140 BMDMAState *bm = &d->bmdma[i];
3141 qemu_put_8s(f, &bm->cmd);
3142 qemu_put_8s(f, &bm->status);
3143 qemu_put_be32s(f, &bm->addr);
3144 /* XXX: if a transfer is pending, we do not save it yet */
3145 }
3146
3147 /* per IDE interface data */
3148 for(i = 0; i < 2; i++) {
3149 IDEState *s = &d->ide_if[i * 2];
3150 uint8_t drive1_selected;
3151 qemu_put_8s(f, &s->cmd);
3152 drive1_selected = (s->cur_drive != s);
3153 qemu_put_8s(f, &drive1_selected);
3154 }
3155
3156 /* per IDE drive data */
3157 for(i = 0; i < 4; i++) {
aa941b94 3158 ide_save(f, &d->ide_if[i]);
c3d78997
FB		 3159 }
3160}
3161
3162static int pci_ide_load(QEMUFile* f, void *opaque, int version_id)
3163{
3164 PCIIDEState *d = opaque;
3165 int ret, i;
3166
3167 if (version_id != 1)
3168 return -EINVAL;
3169 ret = pci_device_load(&d->dev, f);
3170 if (ret < 0)
3171 return ret;
3172
3173 for(i = 0; i < 2; i++) {
3174 BMDMAState *bm = &d->bmdma[i];
3175 qemu_get_8s(f, &bm->cmd);
3176 qemu_get_8s(f, &bm->status);
3177 qemu_get_be32s(f, &bm->addr);
3178 /* XXX: if a transfer is pending, we do not save it yet */
3179 }
3180
3181 /* per IDE interface data */
3182 for(i = 0; i < 2; i++) {
3183 IDEState *s = &d->ide_if[i * 2];
3184 uint8_t drive1_selected;
3185 qemu_get_8s(f, &s->cmd);
3186 qemu_get_8s(f, &drive1_selected);
3187 s->cur_drive = &d->ide_if[i * 2 + (drive1_selected != 0)];
3188 }
3189
3190 /* per IDE drive data */
3191 for(i = 0; i < 4; i++) {
aa941b94 3192 ide_load(f, &d->ide_if[i]);
c3d78997
FB		 3193 }
3194 return 0;
3195}
3196
72c7b06c 3197static void piix3_reset(void *opaque)
e6a71ae3 3198{
72c7b06c 3199 PCIIDEState *d = opaque;
e6a71ae3 3200 uint8_t *pci_conf = d->dev.config;
72c7b06c
AL		 3201 int i;
3202
3203 for (i = 0; i < 2; i++)
3204 ide_dma_cancel(&d->bmdma[i]);
e6a71ae3
TS		 3205
3206 pci_conf[0x04] = 0x00;
3207 pci_conf[0x05] = 0x00;
3208 pci_conf[0x06] = 0x80; /* FBC */
3209 pci_conf[0x07] = 0x02; // PCI_status_devsel_medium
3210 pci_conf[0x20] = 0x01; /* BMIBA: 20-23h */
3211}
3212
34e538ae
FB		 3213/* hd_table must contain 4 block drivers */
3214/* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
d537cf6c
PB		 3215void pci_piix3_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
3216 qemu_irq *pic)
34e538ae
FB		 3217{
3218 PCIIDEState *d;
3219 uint8_t *pci_conf;
3b46e624 3220
34e538ae 3221 /* register a function 1 of PIIX3 */
5fafdf24 3222 d = (PCIIDEState *)pci_register_device(bus, "PIIX3 IDE",
46e50e9d 3223 sizeof(PCIIDEState),
502a5395 3224 devfn,
34e538ae 3225 NULL, NULL);
5457c8ce
FB		 3226 d->type = IDE_TYPE_PIIX3;
3227
34e538ae
FB		 3228 pci_conf = d->dev.config;
3229 pci_conf[0x00] = 0x86; // Intel
3230 pci_conf[0x01] = 0x80;
3231 pci_conf[0x02] = 0x10;
3232 pci_conf[0x03] = 0x70;
92510b8c 3233 pci_conf[0x09] = 0x80; // legacy ATA mode
34e538ae
FB		 3234 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
3235 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
3236 pci_conf[0x0e] = 0x00; // header_type
3237
72c7b06c 3238 qemu_register_reset(piix3_reset, d);
e6a71ae3
TS		 3239 piix3_reset(d);
3240
5fafdf24 3241 pci_register_io_region((PCIDevice *)d, 4, 0x10,
98087450 3242 PCI_ADDRESS_SPACE_IO, bmdma_map);
34e538ae 3243
d537cf6c
PB		 3244 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
3245 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
34e538ae
FB		 3246 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
3247 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
c3d78997
FB		 3248
3249 register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
69b91039 3250}
1ade1de2 3251
afcc3cdf
TS		 3252/* hd_table must contain 4 block drivers */
3253/* NOTE: for the PIIX4, the IRQs and IOports are hardcoded */
3254void pci_piix4_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
3255 qemu_irq *pic)
3256{
3257 PCIIDEState *d;
3258 uint8_t *pci_conf;
3259
3260 /* register a function 1 of PIIX4 */
3261 d = (PCIIDEState *)pci_register_device(bus, "PIIX4 IDE",
3262 sizeof(PCIIDEState),
3263 devfn,
3264 NULL, NULL);
3265 d->type = IDE_TYPE_PIIX4;
3266
3267 pci_conf = d->dev.config;
3268 pci_conf[0x00] = 0x86; // Intel
3269 pci_conf[0x01] = 0x80;
3270 pci_conf[0x02] = 0x11;
3271 pci_conf[0x03] = 0x71;
3272 pci_conf[0x09] = 0x80; // legacy ATA mode
3273 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
3274 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
3275 pci_conf[0x0e] = 0x00; // header_type
3276
72c7b06c 3277 qemu_register_reset(piix3_reset, d);
afcc3cdf
TS		 3278 piix3_reset(d);
3279
3280 pci_register_io_region((PCIDevice *)d, 4, 0x10,
3281 PCI_ADDRESS_SPACE_IO, bmdma_map);
3282
3283 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
3284 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
3285 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
3286 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
3287
3288 register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
3289}
3290
1ade1de2
FB		 3291/***********************************************************/
3292/* MacIO based PowerPC IDE */
3293
3294/* PowerMac IDE memory IO */
3295static void pmac_ide_writeb (void *opaque,
3296 target_phys_addr_t addr, uint32_t val)
3297{
5fafdf24 3298 addr = (addr & 0xFFF) >> 4;
1ade1de2
FB		 3299 switch (addr) {
3300 case 1 ... 7:
3301 ide_ioport_write(opaque, addr, val);
3302 break;
3303 case 8:
3304 case 22:
3305 ide_cmd_write(opaque, 0, val);
3306 break;
3307 default:
3308 break;
3309 }
3310}
3311
3312static uint32_t pmac_ide_readb (void *opaque,target_phys_addr_t addr)
3313{
3314 uint8_t retval;
3315
3316 addr = (addr & 0xFFF) >> 4;
3317 switch (addr) {
3318 case 1 ... 7:
3319 retval = ide_ioport_read(opaque, addr);
3320 break;
3321 case 8:
3322 case 22:
3323 retval = ide_status_read(opaque, 0);
3324 break;
3325 default:
3326 retval = 0xFF;
3327 break;
3328 }
3329 return retval;
3330}
3331
3332static void pmac_ide_writew (void *opaque,
3333 target_phys_addr_t addr, uint32_t val)
3334{
5fafdf24 3335 addr = (addr & 0xFFF) >> 4;
1ade1de2
FB		 3336#ifdef TARGET_WORDS_BIGENDIAN
3337 val = bswap16(val);
3338#endif
3339 if (addr == 0) {
3340 ide_data_writew(opaque, 0, val);
3341 }
3342}
3343
3344static uint32_t pmac_ide_readw (void *opaque,target_phys_addr_t addr)
3345{
3346 uint16_t retval;
3347
5fafdf24 3348 addr = (addr & 0xFFF) >> 4;
1ade1de2
FB		 3349 if (addr == 0) {
3350 retval = ide_data_readw(opaque, 0);
3351 } else {
3352 retval = 0xFFFF;
3353 }
3354#ifdef TARGET_WORDS_BIGENDIAN
3355 retval = bswap16(retval);
3356#endif
3357 return retval;
3358}
3359
3360static void pmac_ide_writel (void *opaque,
3361 target_phys_addr_t addr, uint32_t val)
3362{
5fafdf24 3363 addr = (addr & 0xFFF) >> 4;
1ade1de2
FB		 3364#ifdef TARGET_WORDS_BIGENDIAN
3365 val = bswap32(val);
3366#endif
3367 if (addr == 0) {
3368 ide_data_writel(opaque, 0, val);
3369 }
3370}
3371
3372static uint32_t pmac_ide_readl (void *opaque,target_phys_addr_t addr)
3373{
3374 uint32_t retval;
3375
5fafdf24 3376 addr = (addr & 0xFFF) >> 4;
1ade1de2
FB		 3377 if (addr == 0) {
3378 retval = ide_data_readl(opaque, 0);
3379 } else {
3380 retval = 0xFFFFFFFF;
3381 }
3382#ifdef TARGET_WORDS_BIGENDIAN
3383 retval = bswap32(retval);
3384#endif
3385 return retval;
3386}
3387
3388static CPUWriteMemoryFunc *pmac_ide_write[] = {
3389 pmac_ide_writeb,
3390 pmac_ide_writew,
3391 pmac_ide_writel,
3392};
3393
3394static CPUReadMemoryFunc *pmac_ide_read[] = {
3395 pmac_ide_readb,
3396 pmac_ide_readw,
3397 pmac_ide_readl,
3398};
3399
3400/* hd_table must contain 4 block drivers */
3401/* PowerMac uses memory mapped registers, not I/O. Return the memory
3402 I/O index to access the ide. */
d537cf6c 3403int pmac_ide_init (BlockDriverState **hd_table, qemu_irq irq)
1ade1de2
FB		 3404{
3405 IDEState *ide_if;
3406 int pmac_ide_memory;
3407
3408 ide_if = qemu_mallocz(sizeof(IDEState) * 2);
d537cf6c 3409 ide_init2(&ide_if[0], hd_table[0], hd_table[1], irq);
3b46e624 3410
1ade1de2
FB		 3411 pmac_ide_memory = cpu_register_io_memory(0, pmac_ide_read,
3412 pmac_ide_write, &ide_if[0]);
3413 return pmac_ide_memory;
3414}
201a51fc
AZ		 3415
3416/***********************************************************/
3417/* CF-ATA Microdrive */
3418
3419#define METADATA_SIZE 0x20
3420
3421/* DSCM-1XXXX Microdrive hard disk with CF+ II / PCMCIA interface. */
3422struct md_s {
3423 IDEState ide[2];
3424 struct pcmcia_card_s card;
3425 uint32_t attr_base;
3426 uint32_t io_base;
3427
3428 /* Card state */
3429 uint8_t opt;
3430 uint8_t stat;
3431 uint8_t pins;
3432
3433 uint8_t ctrl;
3434 uint16_t io;
3435 int cycle;
3436};
3437
3438/* Register bitfields */
3439enum md_opt {
3440 OPT_MODE_MMAP = 0,
3441 OPT_MODE_IOMAP16 = 1,
3442 OPT_MODE_IOMAP1 = 2,
3443 OPT_MODE_IOMAP2 = 3,
3444 OPT_MODE = 0x3f,
3445 OPT_LEVIREQ = 0x40,
3446 OPT_SRESET = 0x80,
3447};
3448enum md_cstat {
3449 STAT_INT = 0x02,
3450 STAT_PWRDWN = 0x04,
3451 STAT_XE = 0x10,
3452 STAT_IOIS8 = 0x20,
3453 STAT_SIGCHG = 0x40,
3454 STAT_CHANGED = 0x80,
3455};
3456enum md_pins {
3457 PINS_MRDY = 0x02,
3458 PINS_CRDY = 0x20,
3459};
3460enum md_ctrl {
3461 CTRL_IEN = 0x02,
3462 CTRL_SRST = 0x04,
3463};
3464
3465static inline void md_interrupt_update(struct md_s *s)
3466{
3467 if (!s->card.slot)
3468 return;
3469
3470 qemu_set_irq(s->card.slot->irq,
3471 !(s->stat & STAT_INT) && /* Inverted */
3472 !(s->ctrl & (CTRL_IEN | CTRL_SRST)) &&
3473 !(s->opt & OPT_SRESET));
3474}
3475
3476static void md_set_irq(void *opaque, int irq, int level)
3477{
3478 struct md_s *s = (struct md_s *) opaque;
3479 if (level)
3480 s->stat |= STAT_INT;
3481 else
3482 s->stat &= ~STAT_INT;
3483
3484 md_interrupt_update(s);
3485}
3486
3487static void md_reset(struct md_s *s)
3488{
3489 s->opt = OPT_MODE_MMAP;
3490 s->stat = 0;
3491 s->pins = 0;
3492 s->cycle = 0;
3493 s->ctrl = 0;
3494 ide_reset(s->ide);
3495}
3496
9e315fa9 3497static uint8_t md_attr_read(void *opaque, uint32_t at)
201a51fc
AZ		 3498{
3499 struct md_s *s = (struct md_s *) opaque;
3500 if (at < s->attr_base) {
3501 if (at < s->card.cis_len)
3502 return s->card.cis[at];
3503 else
3504 return 0x00;
3505 }
3506
3507 at -= s->attr_base;
3508
3509 switch (at) {
3510 case 0x00: /* Configuration Option Register */
3511 return s->opt;
3512 case 0x02: /* Card Configuration Status Register */
3513 if (s->ctrl & CTRL_IEN)
3514 return s->stat & ~STAT_INT;
3515 else
3516 return s->stat;
3517 case 0x04: /* Pin Replacement Register */
3518 return (s->pins & PINS_CRDY) | 0x0c;
3519 case 0x06: /* Socket and Copy Register */
3520 return 0x00;
3521#ifdef VERBOSE
3522 default:
3523 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3524#endif
3525 }
3526
3527 return 0;
3528}
3529
9e315fa9 3530static void md_attr_write(void *opaque, uint32_t at, uint8_t value)
201a51fc
AZ		 3531{
3532 struct md_s *s = (struct md_s *) opaque;
3533 at -= s->attr_base;
3534
3535 switch (at) {
3536 case 0x00: /* Configuration Option Register */
3537 s->opt = value & 0xcf;
3538 if (value & OPT_SRESET)
3539 md_reset(s);
3540 md_interrupt_update(s);
3541 break;
3542 case 0x02: /* Card Configuration Status Register */
3543 if ((s->stat ^ value) & STAT_PWRDWN)
3544 s->pins |= PINS_CRDY;
3545 s->stat &= 0x82;
3546 s->stat |= value & 0x74;
3547 md_interrupt_update(s);
3548 /* Word 170 in Identify Device must be equal to STAT_XE */
3549 break;
3550 case 0x04: /* Pin Replacement Register */
3551 s->pins &= PINS_CRDY;
3552 s->pins |= value & PINS_MRDY;
3553 break;
3554 case 0x06: /* Socket and Copy Register */
3555 break;
3556 default:
3557 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3558 }
3559}
3560
9e315fa9 3561static uint16_t md_common_read(void *opaque, uint32_t at)
201a51fc
AZ		 3562{
3563 struct md_s *s = (struct md_s *) opaque;
3564 uint16_t ret;
3565 at -= s->io_base;
3566
3567 switch (s->opt & OPT_MODE) {
3568 case OPT_MODE_MMAP:
3569 if ((at & ~0x3ff) == 0x400)
3570 at = 0;
3571 break;
3572 case OPT_MODE_IOMAP16:
3573 at &= 0xf;
3574 break;
3575 case OPT_MODE_IOMAP1:
3576 if ((at & ~0xf) == 0x3f0)
3577 at -= 0x3e8;
3578 else if ((at & ~0xf) == 0x1f0)
3579 at -= 0x1f0;
3580 break;
3581 case OPT_MODE_IOMAP2:
3582 if ((at & ~0xf) == 0x370)
3583 at -= 0x368;
3584 else if ((at & ~0xf) == 0x170)
3585 at -= 0x170;
3586 }
3587
3588 switch (at) {
3589 case 0x0: /* Even RD Data */
3590 case 0x8:
3591 return ide_data_readw(s->ide, 0);
3592
3593 /* TODO: 8-bit accesses */
3594 if (s->cycle)
3595 ret = s->io >> 8;
3596 else {
3597 s->io = ide_data_readw(s->ide, 0);
3598 ret = s->io & 0xff;
3599 }
3600 s->cycle = !s->cycle;
3601 return ret;
3602 case 0x9: /* Odd RD Data */
3603 return s->io >> 8;
3604 case 0xd: /* Error */
3605 return ide_ioport_read(s->ide, 0x1);
3606 case 0xe: /* Alternate Status */
3607 if (s->ide->cur_drive->bs)
3608 return s->ide->cur_drive->status;
3609 else
3610 return 0;
3611 case 0xf: /* Device Address */
3612 return 0xc2 | ((~s->ide->select << 2) & 0x3c);
3613 default:
3614 return ide_ioport_read(s->ide, at);
3615 }
3616
3617 return 0;
3618}
3619
9e315fa9 3620static void md_common_write(void *opaque, uint32_t at, uint16_t value)
201a51fc
AZ		 3621{
3622 struct md_s *s = (struct md_s *) opaque;
3623 at -= s->io_base;
3624
3625 switch (s->opt & OPT_MODE) {
3626 case OPT_MODE_MMAP:
3627 if ((at & ~0x3ff) == 0x400)
3628 at = 0;
3629 break;
3630 case OPT_MODE_IOMAP16:
3631 at &= 0xf;
3632 break;
3633 case OPT_MODE_IOMAP1:
3634 if ((at & ~0xf) == 0x3f0)
3635 at -= 0x3e8;
3636 else if ((at & ~0xf) == 0x1f0)
3637 at -= 0x1f0;
3638 break;
3639 case OPT_MODE_IOMAP2:
3640 if ((at & ~0xf) == 0x370)
3641 at -= 0x368;
3642 else if ((at & ~0xf) == 0x170)
3643 at -= 0x170;
3644 }
3645
3646 switch (at) {
3647 case 0x0: /* Even WR Data */
3648 case 0x8:
3649 ide_data_writew(s->ide, 0, value);
3650 break;
3651
3652 /* TODO: 8-bit accesses */
3653 if (s->cycle)
3654 ide_data_writew(s->ide, 0, s->io | (value << 8));
3655 else
3656 s->io = value & 0xff;
3657 s->cycle = !s->cycle;
3658 break;
3659 case 0x9:
3660 s->io = value & 0xff;
3661 s->cycle = !s->cycle;
3662 break;
3663 case 0xd: /* Features */
3664 ide_ioport_write(s->ide, 0x1, value);
3665 break;
3666 case 0xe: /* Device Control */
3667 s->ctrl = value;
3668 if (value & CTRL_SRST)
3669 md_reset(s);
3670 md_interrupt_update(s);
3671 break;
3672 default:
3673 if (s->stat & STAT_PWRDWN) {
3674 s->pins |= PINS_CRDY;
3675 s->stat &= ~STAT_PWRDWN;
3676 }
3677 ide_ioport_write(s->ide, at, value);
3678 }
3679}
3680
aa941b94
AZ		 3681static void md_save(QEMUFile *f, void *opaque)
3682{
3683 struct md_s *s = (struct md_s *) opaque;
3684 int i;
3685 uint8_t drive1_selected;
3686
3687 qemu_put_8s(f, &s->opt);
3688 qemu_put_8s(f, &s->stat);
3689 qemu_put_8s(f, &s->pins);
3690
3691 qemu_put_8s(f, &s->ctrl);
3692 qemu_put_be16s(f, &s->io);
3693 qemu_put_byte(f, s->cycle);
3694
3695 drive1_selected = (s->ide->cur_drive != s->ide);
3696 qemu_put_8s(f, &s->ide->cmd);
3697 qemu_put_8s(f, &drive1_selected);
3698
3699 for (i = 0; i < 2; i ++)
3700 ide_save(f, &s->ide[i]);
3701}
3702
3703static int md_load(QEMUFile *f, void *opaque, int version_id)
3704{
3705 struct md_s *s = (struct md_s *) opaque;
3706 int i;
3707 uint8_t drive1_selected;
3708
3709 qemu_get_8s(f, &s->opt);
3710 qemu_get_8s(f, &s->stat);
3711 qemu_get_8s(f, &s->pins);
3712
3713 qemu_get_8s(f, &s->ctrl);
3714 qemu_get_be16s(f, &s->io);
3715 s->cycle = qemu_get_byte(f);
3716
3717 qemu_get_8s(f, &s->ide->cmd);
3718 qemu_get_8s(f, &drive1_selected);
3719 s->ide->cur_drive = &s->ide[(drive1_selected != 0)];
3720
3721 for (i = 0; i < 2; i ++)
3722 ide_load(f, &s->ide[i]);
3723
3724 return 0;
3725}
3726
201a51fc
AZ		 3727static const uint8_t dscm1xxxx_cis[0x14a] = {
3728 [0x000] = CISTPL_DEVICE, /* 5V Device Information */
3729 [0x002] = 0x03, /* Tuple length = 4 bytes */
3730 [0x004] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3731 [0x006] = 0x01, /* Size = 2K bytes */
3732 [0x008] = CISTPL_ENDMARK,
3733
3734 [0x00a] = CISTPL_DEVICE_OC, /* Additional Device Information */
3735 [0x00c] = 0x04, /* Tuple length = 4 byest */
3736 [0x00e] = 0x03, /* Conditions: Ext = 0, Vcc 3.3V, MWAIT = 1 */
3737 [0x010] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3738 [0x012] = 0x01, /* Size = 2K bytes */
3739 [0x014] = CISTPL_ENDMARK,
3740
3741 [0x016] = CISTPL_JEDEC_C, /* JEDEC ID */
3742 [0x018] = 0x02, /* Tuple length = 2 bytes */
3743 [0x01a] = 0xdf, /* PC Card ATA with no Vpp required */
3744 [0x01c] = 0x01,
3745
3746 [0x01e] = CISTPL_MANFID, /* Manufacture ID */
3747 [0x020] = 0x04, /* Tuple length = 4 bytes */
3748 [0x022] = 0xa4, /* TPLMID_MANF = 00a4 (IBM) */
3749 [0x024] = 0x00,
3750 [0x026] = 0x00, /* PLMID_CARD = 0000 */
3751 [0x028] = 0x00,
3752
3753 [0x02a] = CISTPL_VERS_1, /* Level 1 Version */
3754 [0x02c] = 0x12, /* Tuple length = 23 bytes */
3755 [0x02e] = 0x04, /* Major Version = JEIDA 4.2 / PCMCIA 2.1 */
3756 [0x030] = 0x01, /* Minor Version = 1 */
3757 [0x032] = 'I',
3758 [0x034] = 'B',
3759 [0x036] = 'M',
3760 [0x038] = 0x00,
3761 [0x03a] = 'm',
3762 [0x03c] = 'i',
3763 [0x03e] = 'c',
3764 [0x040] = 'r',
3765 [0x042] = 'o',
3766 [0x044] = 'd',
3767 [0x046] = 'r',
3768 [0x048] = 'i',
3769 [0x04a] = 'v',
3770 [0x04c] = 'e',
3771 [0x04e] = 0x00,
3772 [0x050] = CISTPL_ENDMARK,
3773
3774 [0x052] = CISTPL_FUNCID, /* Function ID */
3775 [0x054] = 0x02, /* Tuple length = 2 bytes */
3776 [0x056] = 0x04, /* TPLFID_FUNCTION = Fixed Disk */
3777 [0x058] = 0x01, /* TPLFID_SYSINIT: POST = 1, ROM = 0 */
3778
3779 [0x05a] = CISTPL_FUNCE, /* Function Extension */
3780 [0x05c] = 0x02, /* Tuple length = 2 bytes */
3781 [0x05e] = 0x01, /* TPLFE_TYPE = Disk Device Interface */
3782 [0x060] = 0x01, /* TPLFE_DATA = PC Card ATA Interface */
3783
3784 [0x062] = CISTPL_FUNCE, /* Function Extension */
3785 [0x064] = 0x03, /* Tuple length = 3 bytes */
3786 [0x066] = 0x02, /* TPLFE_TYPE = Basic PC Card ATA Interface */
3787 [0x068] = 0x08, /* TPLFE_DATA: Rotating, Unique, Single */
3788 [0x06a] = 0x0f, /* TPLFE_DATA: Sleep, Standby, Idle, Auto */
3789
3790 [0x06c] = CISTPL_CONFIG, /* Configuration */
3791 [0x06e] = 0x05, /* Tuple length = 5 bytes */
3792 [0x070] = 0x01, /* TPCC_RASZ = 2 bytes, TPCC_RMSZ = 1 byte */
3793 [0x072] = 0x07, /* TPCC_LAST = 7 */
3794 [0x074] = 0x00, /* TPCC_RADR = 0200 */
3795 [0x076] = 0x02,
3796 [0x078] = 0x0f, /* TPCC_RMSK = 200, 202, 204, 206 */
3797
3798 [0x07a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3799 [0x07c] = 0x0b, /* Tuple length = 11 bytes */
3800 [0x07e] = 0xc0, /* TPCE_INDX = Memory Mode, Default, Iface */
3801 [0x080] = 0xc0, /* TPCE_IF = Memory, no BVDs, no WP, READY */
3802 [0x082] = 0xa1, /* TPCE_FS = Vcc only, no I/O, Memory, Misc */
3803 [0x084] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3804 [0x086] = 0x55, /* NomV: 5.0 V */
3805 [0x088] = 0x4d, /* MinV: 4.5 V */
3806 [0x08a] = 0x5d, /* MaxV: 5.5 V */
3807 [0x08c] = 0x4e, /* Peakl: 450 mA */
3808 [0x08e] = 0x08, /* TPCE_MS = 1 window, 1 byte, Host address */
3809 [0x090] = 0x00, /* Window descriptor: Window length = 0 */
3810 [0x092] = 0x20, /* TPCE_MI: support power down mode, RW */
3811
3812 [0x094] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3813 [0x096] = 0x06, /* Tuple length = 6 bytes */
3814 [0x098] = 0x00, /* TPCE_INDX = Memory Mode, no Default */
3815 [0x09a] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3816 [0x09c] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3817 [0x09e] = 0xb5, /* NomV: 3.3 V */
3818 [0x0a0] = 0x1e,
3819 [0x0a2] = 0x3e, /* Peakl: 350 mA */
3820
3821 [0x0a4] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3822 [0x0a6] = 0x0d, /* Tuple length = 13 bytes */
3823 [0x0a8] = 0xc1, /* TPCE_INDX = I/O and Memory Mode, Default */
3824 [0x0aa] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3825 [0x0ac] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3826 [0x0ae] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3827 [0x0b0] = 0x55, /* NomV: 5.0 V */
3828 [0x0b2] = 0x4d, /* MinV: 4.5 V */
3829 [0x0b4] = 0x5d, /* MaxV: 5.5 V */
3830 [0x0b6] = 0x4e, /* Peakl: 450 mA */
3831 [0x0b8] = 0x64, /* TPCE_IO = 16-byte boundary, 16/8 accesses */
3832 [0x0ba] = 0xf0, /* TPCE_IR = MASK, Level, Pulse, Share */
3833 [0x0bc] = 0xff, /* IRQ0..IRQ7 supported */
3834 [0x0be] = 0xff, /* IRQ8..IRQ15 supported */
3835 [0x0c0] = 0x20, /* TPCE_MI = support power down mode */
3836
3837 [0x0c2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3838 [0x0c4] = 0x06, /* Tuple length = 6 bytes */
3839 [0x0c6] = 0x01, /* TPCE_INDX = I/O and Memory Mode */
3840 [0x0c8] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3841 [0x0ca] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3842 [0x0cc] = 0xb5, /* NomV: 3.3 V */
3843 [0x0ce] = 0x1e,
3844 [0x0d0] = 0x3e, /* Peakl: 350 mA */
3845
3846 [0x0d2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3847 [0x0d4] = 0x12, /* Tuple length = 18 bytes */
3848 [0x0d6] = 0xc2, /* TPCE_INDX = I/O Primary Mode */
3849 [0x0d8] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3850 [0x0da] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3851 [0x0dc] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3852 [0x0de] = 0x55, /* NomV: 5.0 V */
3853 [0x0e0] = 0x4d, /* MinV: 4.5 V */
3854 [0x0e2] = 0x5d, /* MaxV: 5.5 V */
3855 [0x0e4] = 0x4e, /* Peakl: 450 mA */
3856 [0x0e6] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3857 [0x0e8] = 0x61, /* Range: 2 fields, 2 bytes addr, 1 byte len */
3858 [0x0ea] = 0xf0, /* Field 1 address = 0x01f0 */
3859 [0x0ec] = 0x01,
3860 [0x0ee] = 0x07, /* Address block length = 8 */
3861 [0x0f0] = 0xf6, /* Field 2 address = 0x03f6 */
3862 [0x0f2] = 0x03,
3863 [0x0f4] = 0x01, /* Address block length = 2 */
3864 [0x0f6] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3865 [0x0f8] = 0x20, /* TPCE_MI = support power down mode */
3866
3867 [0x0fa] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3868 [0x0fc] = 0x06, /* Tuple length = 6 bytes */
3869 [0x0fe] = 0x02, /* TPCE_INDX = I/O Primary Mode, no Default */
3870 [0x100] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3871 [0x102] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3872 [0x104] = 0xb5, /* NomV: 3.3 V */
3873 [0x106] = 0x1e,
3874 [0x108] = 0x3e, /* Peakl: 350 mA */
3875
3876 [0x10a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3877 [0x10c] = 0x12, /* Tuple length = 18 bytes */
3878 [0x10e] = 0xc3, /* TPCE_INDX = I/O Secondary Mode, Default */
3879 [0x110] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3880 [0x112] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3881 [0x114] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3882 [0x116] = 0x55, /* NomV: 5.0 V */
3883 [0x118] = 0x4d, /* MinV: 4.5 V */
3884 [0x11a] = 0x5d, /* MaxV: 5.5 V */
3885 [0x11c] = 0x4e, /* Peakl: 450 mA */
3886 [0x11e] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3887 [0x120] = 0x61, /* Range: 2 fields, 2 byte addr, 1 byte len */
3888 [0x122] = 0x70, /* Field 1 address = 0x0170 */
3889 [0x124] = 0x01,
3890 [0x126] = 0x07, /* Address block length = 8 */
3891 [0x128] = 0x76, /* Field 2 address = 0x0376 */
3892 [0x12a] = 0x03,
3893 [0x12c] = 0x01, /* Address block length = 2 */
3894 [0x12e] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3895 [0x130] = 0x20, /* TPCE_MI = support power down mode */
3896
3897 [0x132] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3898 [0x134] = 0x06, /* Tuple length = 6 bytes */
3899 [0x136] = 0x03, /* TPCE_INDX = I/O Secondary Mode */
3900 [0x138] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3901 [0x13a] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3902 [0x13c] = 0xb5, /* NomV: 3.3 V */
3903 [0x13e] = 0x1e,
3904 [0x140] = 0x3e, /* Peakl: 350 mA */
3905
3906 [0x142] = CISTPL_NO_LINK, /* No Link */
3907 [0x144] = 0x00, /* Tuple length = 0 bytes */
3908
3909 [0x146] = CISTPL_END, /* Tuple End */
3910};
3911
3912static int dscm1xxxx_attach(void *opaque)
3913{
3914 struct md_s *md = (struct md_s *) opaque;
3915 md->card.attr_read = md_attr_read;
3916 md->card.attr_write = md_attr_write;
3917 md->card.common_read = md_common_read;
3918 md->card.common_write = md_common_write;
3919 md->card.io_read = md_common_read;
3920 md->card.io_write = md_common_write;
3921
3922 md->attr_base = md->card.cis[0x74] | (md->card.cis[0x76] << 8);
3923 md->io_base = 0x0;
3924
3925 md_reset(md);
3926 md_interrupt_update(md);
3927
3928 md->card.slot->card_string = "DSCM-1xxxx Hitachi Microdrive";
3929 return 0;
3930}
3931
3932static int dscm1xxxx_detach(void *opaque)
3933{
3934 struct md_s *md = (struct md_s *) opaque;
3935 md_reset(md);
3936 return 0;
3937}
3938
3939struct pcmcia_card_s *dscm1xxxx_init(BlockDriverState *bdrv)
3940{
3941 struct md_s *md = (struct md_s *) qemu_mallocz(sizeof(struct md_s));
3942 md->card.state = md;
3943 md->card.attach = dscm1xxxx_attach;
3944 md->card.detach = dscm1xxxx_detach;
3945 md->card.cis = dscm1xxxx_cis;
3946 md->card.cis_len = sizeof(dscm1xxxx_cis);
3947
3948 ide_init2(md->ide, bdrv, 0, qemu_allocate_irqs(md_set_irq, md, 1)[0]);
3949 md->ide->is_cf = 1;
3950 md->ide->mdata_size = METADATA_SIZE;
3951 md->ide->mdata_storage = (uint8_t *) qemu_mallocz(METADATA_SIZE);
aa941b94 3952
18be5187 3953 register_savevm("microdrive", -1, 0, md_save, md_load, md);
aa941b94 3954
201a51fc
AZ		 3955 return &md->card;
3956}
QEMU mirror