]> git.proxmox.com Git - mirror_qemu.git/blame - hw/ide.c
projects / mirror_qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
windows install fix
[mirror_qemu.git] / hw / ide.c
CommitLineData
5391d806
FB		 1/*
2 * QEMU IDE disk and CD-ROM Emulator
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 *
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
12 *
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
15 *
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
22 * THE SOFTWARE.
23 */
5391d806
FB		 24#include "vl.h"
25
5391d806
FB		 26/* debug IDE devices */
27//#define DEBUG_IDE
28//#define DEBUG_IDE_ATAPI
29
30/* Bits of HD_STATUS */
31#define ERR_STAT 0x01
32#define INDEX_STAT 0x02
33#define ECC_STAT 0x04 /* Corrected error */
34#define DRQ_STAT 0x08
35#define SEEK_STAT 0x10
36#define SRV_STAT 0x10
37#define WRERR_STAT 0x20
38#define READY_STAT 0x40
39#define BUSY_STAT 0x80
40
41/* Bits for HD_ERROR */
42#define MARK_ERR 0x01 /* Bad address mark */
43#define TRK0_ERR 0x02 /* couldn't find track 0 */
44#define ABRT_ERR 0x04 /* Command aborted */
45#define MCR_ERR 0x08 /* media change request */
46#define ID_ERR 0x10 /* ID field not found */
47#define MC_ERR 0x20 /* media changed */
48#define ECC_ERR 0x40 /* Uncorrectable ECC error */
49#define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
50#define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
51
52/* Bits of HD_NSECTOR */
53#define CD 0x01
54#define IO 0x02
55#define REL 0x04
56#define TAG_MASK 0xf8
57
58#define IDE_CMD_RESET 0x04
59#define IDE_CMD_DISABLE_IRQ 0x02
60
61/* ATA/ATAPI Commands pre T13 Spec */
62#define WIN_NOP 0x00
63/*
64 * 0x01->0x02 Reserved
65 */
66#define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
67/*
68 * 0x04->0x07 Reserved
69 */
70#define WIN_SRST 0x08 /* ATAPI soft reset command */
71#define WIN_DEVICE_RESET 0x08
72/*
73 * 0x09->0x0F Reserved
74 */
75#define WIN_RECAL 0x10
76#define WIN_RESTORE WIN_RECAL
77/*
78 * 0x10->0x1F Reserved
79 */
80#define WIN_READ 0x20 /* 28-Bit */
81#define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
82#define WIN_READ_LONG 0x22 /* 28-Bit */
83#define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
84#define WIN_READ_EXT 0x24 /* 48-Bit */
85#define WIN_READDMA_EXT 0x25 /* 48-Bit */
86#define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
87#define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
88/*
89 * 0x28
90 */
91#define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
92/*
93 * 0x2A->0x2F Reserved
94 */
95#define WIN_WRITE 0x30 /* 28-Bit */
96#define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
97#define WIN_WRITE_LONG 0x32 /* 28-Bit */
98#define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
99#define WIN_WRITE_EXT 0x34 /* 48-Bit */
100#define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
101#define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
102#define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
103#define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
104#define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
105/*
106 * 0x3A->0x3B Reserved
107 */
108#define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
109/*
110 * 0x3D->0x3F Reserved
111 */
112#define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
113#define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
114#define WIN_VERIFY_EXT 0x42 /* 48-Bit */
115/*
116 * 0x43->0x4F Reserved
117 */
118#define WIN_FORMAT 0x50
119/*
120 * 0x51->0x5F Reserved
121 */
122#define WIN_INIT 0x60
123/*
124 * 0x61->0x5F Reserved
125 */
126#define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
127#define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
128#define WIN_DIAGNOSE 0x90
129#define WIN_SPECIFY 0x91 /* set drive geometry translation */
130#define WIN_DOWNLOAD_MICROCODE 0x92
131#define WIN_STANDBYNOW2 0x94
132#define WIN_STANDBY2 0x96
133#define WIN_SETIDLE2 0x97
134#define WIN_CHECKPOWERMODE2 0x98
135#define WIN_SLEEPNOW2 0x99
136/*
137 * 0x9A VENDOR
138 */
139#define WIN_PACKETCMD 0xA0 /* Send a packet command. */
140#define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
141#define WIN_QUEUED_SERVICE 0xA2
142#define WIN_SMART 0xB0 /* self-monitoring and reporting */
143#define CFA_ERASE_SECTORS 0xC0
144#define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
145#define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
146#define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
147#define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
148#define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
149#define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
150#define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
151#define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
152#define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
153#define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
154#define WIN_GETMEDIASTATUS 0xDA
155#define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
156#define WIN_POSTBOOT 0xDC
157#define WIN_PREBOOT 0xDD
158#define WIN_DOORLOCK 0xDE /* lock door on removable drives */
159#define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
160#define WIN_STANDBYNOW1 0xE0
161#define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
162#define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
163#define WIN_SETIDLE1 0xE3
164#define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
165#define WIN_CHECKPOWERMODE1 0xE5
166#define WIN_SLEEPNOW1 0xE6
167#define WIN_FLUSH_CACHE 0xE7
168#define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
169#define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
170 /* SET_FEATURES 0x22 or 0xDD */
171#define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
172#define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
173#define WIN_MEDIAEJECT 0xED
174#define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
175#define WIN_SETFEATURES 0xEF /* set special drive features */
176#define EXABYTE_ENABLE_NEST 0xF0
177#define WIN_SECURITY_SET_PASS 0xF1
178#define WIN_SECURITY_UNLOCK 0xF2
179#define WIN_SECURITY_ERASE_PREPARE 0xF3
180#define WIN_SECURITY_ERASE_UNIT 0xF4
181#define WIN_SECURITY_FREEZE_LOCK 0xF5
182#define WIN_SECURITY_DISABLE 0xF6
183#define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
184#define WIN_SET_MAX 0xF9
185#define DISABLE_SEAGATE 0xFB
186
187/* set to 1 set disable mult support */
f66723fa 188#define MAX_MULT_SECTORS 16
5391d806
FB		 189
190/* ATAPI defines */
191
192#define ATAPI_PACKET_SIZE 12
193
194/* The generic packet command opcodes for CD/DVD Logical Units,
195 * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
196#define GPCMD_BLANK 0xa1
197#define GPCMD_CLOSE_TRACK 0x5b
198#define GPCMD_FLUSH_CACHE 0x35
199#define GPCMD_FORMAT_UNIT 0x04
200#define GPCMD_GET_CONFIGURATION 0x46
201#define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
202#define GPCMD_GET_PERFORMANCE 0xac
203#define GPCMD_INQUIRY 0x12
204#define GPCMD_LOAD_UNLOAD 0xa6
205#define GPCMD_MECHANISM_STATUS 0xbd
206#define GPCMD_MODE_SELECT_10 0x55
207#define GPCMD_MODE_SENSE_10 0x5a
208#define GPCMD_PAUSE_RESUME 0x4b
209#define GPCMD_PLAY_AUDIO_10 0x45
210#define GPCMD_PLAY_AUDIO_MSF 0x47
211#define GPCMD_PLAY_AUDIO_TI 0x48
212#define GPCMD_PLAY_CD 0xbc
213#define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
214#define GPCMD_READ_10 0x28
215#define GPCMD_READ_12 0xa8
216#define GPCMD_READ_CDVD_CAPACITY 0x25
217#define GPCMD_READ_CD 0xbe
218#define GPCMD_READ_CD_MSF 0xb9
219#define GPCMD_READ_DISC_INFO 0x51
220#define GPCMD_READ_DVD_STRUCTURE 0xad
221#define GPCMD_READ_FORMAT_CAPACITIES 0x23
222#define GPCMD_READ_HEADER 0x44
223#define GPCMD_READ_TRACK_RZONE_INFO 0x52
224#define GPCMD_READ_SUBCHANNEL 0x42
225#define GPCMD_READ_TOC_PMA_ATIP 0x43
226#define GPCMD_REPAIR_RZONE_TRACK 0x58
227#define GPCMD_REPORT_KEY 0xa4
228#define GPCMD_REQUEST_SENSE 0x03
229#define GPCMD_RESERVE_RZONE_TRACK 0x53
230#define GPCMD_SCAN 0xba
231#define GPCMD_SEEK 0x2b
232#define GPCMD_SEND_DVD_STRUCTURE 0xad
233#define GPCMD_SEND_EVENT 0xa2
234#define GPCMD_SEND_KEY 0xa3
235#define GPCMD_SEND_OPC 0x54
236#define GPCMD_SET_READ_AHEAD 0xa7
237#define GPCMD_SET_STREAMING 0xb6
238#define GPCMD_START_STOP_UNIT 0x1b
239#define GPCMD_STOP_PLAY_SCAN 0x4e
240#define GPCMD_TEST_UNIT_READY 0x00
241#define GPCMD_VERIFY_10 0x2f
242#define GPCMD_WRITE_10 0x2a
243#define GPCMD_WRITE_AND_VERIFY_10 0x2e
244/* This is listed as optional in ATAPI 2.6, but is (curiously)
245 * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
246 * Table 377 as an MMC command for SCSi devices though... Most ATAPI
247 * drives support it. */
248#define GPCMD_SET_SPEED 0xbb
249/* This seems to be a SCSI specific CD-ROM opcode
250 * to play data at track/index */
251#define GPCMD_PLAYAUDIO_TI 0x48
252/*
253 * From MS Media Status Notification Support Specification. For
254 * older drives only.
255 */
256#define GPCMD_GET_MEDIA_STATUS 0xda
257
258/* Mode page codes for mode sense/set */
259#define GPMODE_R_W_ERROR_PAGE 0x01
260#define GPMODE_WRITE_PARMS_PAGE 0x05
261#define GPMODE_AUDIO_CTL_PAGE 0x0e
262#define GPMODE_POWER_PAGE 0x1a
263#define GPMODE_FAULT_FAIL_PAGE 0x1c
264#define GPMODE_TO_PROTECT_PAGE 0x1d
265#define GPMODE_CAPABILITIES_PAGE 0x2a
266#define GPMODE_ALL_PAGES 0x3f
267/* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
268 * of MODE_SENSE_POWER_PAGE */
269#define GPMODE_CDROM_PAGE 0x0d
270
271#define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
272#define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
273#define ATAPI_INT_REASON_REL 0x04
274#define ATAPI_INT_REASON_TAG 0xf8
275
276/* same constants as bochs */
7f777bf3 277#define ASC_ILLEGAL_OPCODE 0x20
5391d806
FB		 278#define ASC_LOGICAL_BLOCK_OOR 0x21
279#define ASC_INV_FIELD_IN_CMD_PACKET 0x24
280#define ASC_MEDIUM_NOT_PRESENT 0x3a
281#define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
282
283#define SENSE_NONE 0
284#define SENSE_NOT_READY 2
285#define SENSE_ILLEGAL_REQUEST 5
286#define SENSE_UNIT_ATTENTION 6
287
288struct IDEState;
289
290typedef void EndTransferFunc(struct IDEState *);
291
caed8802 292/* NOTE: IDEState represents in fact one drive */
5391d806
FB		 293typedef struct IDEState {
294 /* ide config */
295 int is_cdrom;
5391d806
FB		 296 int cylinders, heads, sectors;
297 int64_t nb_sectors;
298 int mult_sectors;
299 int irq;
1ade1de2 300 openpic_t *openpic;
34e538ae 301 PCIDevice *pci_dev;
98087450 302 struct BMDMAState *bmdma;
aedf5382 303 int drive_serial;
5391d806
FB		 304 /* ide regs */
305 uint8_t feature;
306 uint8_t error;
307 uint16_t nsector; /* 0 is 256 to ease computations */
308 uint8_t sector;
309 uint8_t lcyl;
310 uint8_t hcyl;
311 uint8_t select;
312 uint8_t status;
313 /* 0x3f6 command, only meaningful for drive 0 */
314 uint8_t cmd;
315 /* depends on bit 4 in select, only meaningful for drive 0 */
316 struct IDEState *cur_drive;
317 BlockDriverState *bs;
318 /* ATAPI specific */
319 uint8_t sense_key;
320 uint8_t asc;
321 int packet_transfer_size;
322 int elementary_transfer_size;
323 int io_buffer_index;
324 int lba;
98087450
FB		 325 int cd_sector_size;
326 int atapi_dma; /* true if dma is requested for the packet cmd */
327 /* ATA DMA state */
328 int io_buffer_size;
329 /* PIO transfer handling */
5391d806
FB		 330 int req_nb_sectors; /* number of sectors per interrupt */
331 EndTransferFunc *end_transfer_func;
332 uint8_t *data_ptr;
333 uint8_t *data_end;
334 uint8_t io_buffer[MAX_MULT_SECTORS*512 + 4];
335} IDEState;
336
98087450
FB		 337#define BM_STATUS_DMAING 0x01
338#define BM_STATUS_ERROR 0x02
339#define BM_STATUS_INT 0x04
340
341#define BM_CMD_START 0x01
342#define BM_CMD_READ 0x08
343
344typedef int IDEDMAFunc(IDEState *s,
345 target_phys_addr_t phys_addr,
346 int transfer_size1);
347
348typedef struct BMDMAState {
349 uint8_t cmd;
350 uint8_t status;
351 uint32_t addr;
352 /* current transfer state */
353 IDEState *ide_if;
354 IDEDMAFunc *dma_cb;
355} BMDMAState;
356
357typedef struct PCIIDEState {
358 PCIDevice dev;
359 IDEState ide_if[4];
360 BMDMAState bmdma[2];
361} PCIIDEState;
362
363static void ide_dma_start(IDEState *s, IDEDMAFunc *dma_cb);
364
5391d806
FB		 365static void padstr(char *str, const char *src, int len)
366{
367 int i, v;
368 for(i = 0; i < len; i++) {
369 if (*src)
370 v = *src++;
371 else
372 v = ' ';
373 *(char *)((long)str ^ 1) = v;
374 str++;
375 }
376}
377
bd0d90b2
FB		 378static void padstr8(uint8_t *buf, int buf_size, const char *src)
379{
380 int i;
381 for(i = 0; i < buf_size; i++) {
382 if (*src)
383 buf[i] = *src++;
384 else
385 buf[i] = ' ';
386 }
387}
388
67b915a5
FB		 389static void put_le16(uint16_t *p, unsigned int v)
390{
0c4ad8dc 391 *p = cpu_to_le16(v);
67b915a5
FB		 392}
393
5391d806
FB		 394static void ide_identify(IDEState *s)
395{
396 uint16_t *p;
397 unsigned int oldsize;
aedf5382 398 char buf[20];
5391d806
FB		 399
400 memset(s->io_buffer, 0, 512);
401 p = (uint16_t *)s->io_buffer;
67b915a5
FB		 402 put_le16(p + 0, 0x0040);
403 put_le16(p + 1, s->cylinders);
404 put_le16(p + 3, s->heads);
405 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
406 put_le16(p + 5, 512); /* XXX: retired, remove ? */
407 put_le16(p + 6, s->sectors);
aedf5382
FB		 408 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
409 padstr((uint8_t *)(p + 10), buf, 20); /* serial number */
67b915a5
FB		 410 put_le16(p + 20, 3); /* XXX: retired, remove ? */
411 put_le16(p + 21, 512); /* cache size in sectors */
412 put_le16(p + 22, 4); /* ecc bytes */
5391d806
FB		 413 padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */
414 padstr((uint8_t *)(p + 27), "QEMU HARDDISK", 40); /* model */
415#if MAX_MULT_SECTORS > 1
67b915a5 416 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
5391d806 417#endif
67b915a5 418 put_le16(p + 48, 1); /* dword I/O */
e0fe67aa 419 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
67b915a5
FB		 420 put_le16(p + 51, 0x200); /* PIO transfer cycle */
421 put_le16(p + 52, 0x200); /* DMA transfer cycle */
e0fe67aa 422 put_le16(p + 53, 1 | 1 << 2); /* words 54-58,88 are valid */
67b915a5
FB		 423 put_le16(p + 54, s->cylinders);
424 put_le16(p + 55, s->heads);
425 put_le16(p + 56, s->sectors);
5391d806 426 oldsize = s->cylinders * s->heads * s->sectors;
67b915a5
FB		 427 put_le16(p + 57, oldsize);
428 put_le16(p + 58, oldsize >> 16);
5391d806 429 if (s->mult_sectors)
67b915a5
FB		 430 put_le16(p + 59, 0x100 | s->mult_sectors);
431 put_le16(p + 60, s->nb_sectors);
432 put_le16(p + 61, s->nb_sectors >> 16);
433 put_le16(p + 80, (1 << 1) | (1 << 2));
434 put_le16(p + 82, (1 << 14));
435 put_le16(p + 83, (1 << 14));
436 put_le16(p + 84, (1 << 14));
437 put_le16(p + 85, (1 << 14));
438 put_le16(p + 86, 0);
439 put_le16(p + 87, (1 << 14));
e0fe67aa
FB		 440 put_le16(p + 88, 0x1f | (1 << 13));
441 put_le16(p + 93, 1 | (1 << 14) | 0x2000 | 0x4000);
5391d806
FB		 442}
443
444static void ide_atapi_identify(IDEState *s)
445{
446 uint16_t *p;
aedf5382 447 char buf[20];
5391d806
FB		 448
449 memset(s->io_buffer, 0, 512);
450 p = (uint16_t *)s->io_buffer;
451 /* Removable CDROM, 50us response, 12 byte packets */
67b915a5 452 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
aedf5382
FB		 453 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
454 padstr((uint8_t *)(p + 10), buf, 20); /* serial number */
67b915a5
FB		 455 put_le16(p + 20, 3); /* buffer type */
456 put_le16(p + 21, 512); /* cache size in sectors */
457 put_le16(p + 22, 4); /* ecc bytes */
5391d806
FB		 458 padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */
459 padstr((uint8_t *)(p + 27), "QEMU CD-ROM", 40); /* model */
67b915a5
FB		 460 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
461 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
462 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
463 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
464 put_le16(p + 64, 1); /* PIO modes */
465 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
466 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
467 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
468 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
5391d806 469
67b915a5
FB		 470 put_le16(p + 71, 30); /* in ns */
471 put_le16(p + 72, 30); /* in ns */
5391d806 472
67b915a5 473 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
5391d806
FB		 474}
475
476static void ide_set_signature(IDEState *s)
477{
478 s->select &= 0xf0; /* clear head */
479 /* put signature */
480 s->nsector = 1;
481 s->sector = 1;
482 if (s->is_cdrom) {
483 s->lcyl = 0x14;
484 s->hcyl = 0xeb;
485 } else if (s->bs) {
486 s->lcyl = 0;
487 s->hcyl = 0;
488 } else {
489 s->lcyl = 0xff;
490 s->hcyl = 0xff;
491 }
492}
493
494static inline void ide_abort_command(IDEState *s)
495{
496 s->status = READY_STAT | ERR_STAT;
497 s->error = ABRT_ERR;
498}
499
500static inline void ide_set_irq(IDEState *s)
501{
502 if (!(s->cmd & IDE_CMD_DISABLE_IRQ)) {
1ade1de2
FB		 503#ifdef TARGET_PPC
504 if (s->openpic)
505 openpic_set_irq(s->openpic, s->irq, 1);
506 else
507#endif
34e538ae
FB		 508 if (s->irq == 16)
509 pci_set_irq(s->pci_dev, 0, 1);
510 else
511 pic_set_irq(s->irq, 1);
5391d806
FB		 512 }
513}
514
515/* prepare data transfer and tell what to do after */
516static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
517 EndTransferFunc *end_transfer_func)
518{
519 s->end_transfer_func = end_transfer_func;
520 s->data_ptr = buf;
521 s->data_end = buf + size;
522 s->status |= DRQ_STAT;
523}
524
525static void ide_transfer_stop(IDEState *s)
526{
527 s->end_transfer_func = ide_transfer_stop;
528 s->data_ptr = s->io_buffer;
529 s->data_end = s->io_buffer;
530 s->status &= ~DRQ_STAT;
531}
532
533static int64_t ide_get_sector(IDEState *s)
534{
535 int64_t sector_num;
536 if (s->select & 0x40) {
537 /* lba */
538 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
539 (s->lcyl << 8) | s->sector;
540 } else {
541 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
542 (s->select & 0x0f) * s->sectors +
543 (s->sector - 1);
544 }
545 return sector_num;
546}
547
548static void ide_set_sector(IDEState *s, int64_t sector_num)
549{
550 unsigned int cyl, r;
551 if (s->select & 0x40) {
552 s->select = (s->select & 0xf0) | (sector_num >> 24);
553 s->hcyl = (sector_num >> 16);
554 s->lcyl = (sector_num >> 8);
555 s->sector = (sector_num);
556 } else {
557 cyl = sector_num / (s->heads * s->sectors);
558 r = sector_num % (s->heads * s->sectors);
559 s->hcyl = cyl >> 8;
560 s->lcyl = cyl;
1b8eb456 561 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
5391d806
FB		 562 s->sector = (r % s->sectors) + 1;
563 }
564}
565
566static void ide_sector_read(IDEState *s)
567{
568 int64_t sector_num;
569 int ret, n;
570
571 s->status = READY_STAT | SEEK_STAT;
a136e5a8 572 s->error = 0; /* not needed by IDE spec, but needed by Windows */
5391d806
FB		 573 sector_num = ide_get_sector(s);
574 n = s->nsector;
575 if (n == 0) {
576 /* no more sector to read from disk */
577 ide_transfer_stop(s);
578 } else {
579#if defined(DEBUG_IDE)
580 printf("read sector=%Ld\n", sector_num);
581#endif
582 if (n > s->req_nb_sectors)
583 n = s->req_nb_sectors;
584 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
585 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
586 ide_set_irq(s);
587 ide_set_sector(s, sector_num + n);
588 s->nsector -= n;
589 }
590}
591
98087450
FB		 592static int ide_read_dma_cb(IDEState *s,
593 target_phys_addr_t phys_addr,
594 int transfer_size1)
595{
596 int len, transfer_size, n;
597 int64_t sector_num;
598
599 transfer_size = transfer_size1;
600 while (transfer_size > 0) {
601 len = s->io_buffer_size - s->io_buffer_index;
602 if (len <= 0) {
603 /* transfert next data */
604 n = s->nsector;
605 if (n == 0)
606 break;
607 if (n > MAX_MULT_SECTORS)
608 n = MAX_MULT_SECTORS;
609 sector_num = ide_get_sector(s);
610 bdrv_read(s->bs, sector_num, s->io_buffer, n);
611 s->io_buffer_index = 0;
612 s->io_buffer_size = n * 512;
613 len = s->io_buffer_size;
614 sector_num += n;
615 ide_set_sector(s, sector_num);
616 s->nsector -= n;
617 }
618 if (len > transfer_size)
619 len = transfer_size;
620 cpu_physical_memory_write(phys_addr,
621 s->io_buffer + s->io_buffer_index, len);
622 s->io_buffer_index += len;
623 transfer_size -= len;
624 phys_addr += len;
625 }
626 if (s->io_buffer_index >= s->io_buffer_size && s->nsector == 0) {
627 s->status = READY_STAT | SEEK_STAT;
628 ide_set_irq(s);
629#ifdef DEBUG_IDE_ATAPI
630 printf("dma status=0x%x\n", s->status);
631#endif
632 return 0;
633 }
634 return transfer_size1 - transfer_size;
635}
636
637static void ide_sector_read_dma(IDEState *s)
638{
639 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
640 s->io_buffer_index = 0;
641 s->io_buffer_size = 0;
642 ide_dma_start(s, ide_read_dma_cb);
643}
644
5391d806
FB		 645static void ide_sector_write(IDEState *s)
646{
647 int64_t sector_num;
648 int ret, n, n1;
649
650 s->status = READY_STAT | SEEK_STAT;
651 sector_num = ide_get_sector(s);
652#if defined(DEBUG_IDE)
653 printf("write sector=%Ld\n", sector_num);
654#endif
655 n = s->nsector;
656 if (n > s->req_nb_sectors)
657 n = s->req_nb_sectors;
658 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
659 s->nsector -= n;
660 if (s->nsector == 0) {
661 /* no more sector to write */
662 ide_transfer_stop(s);
663 } else {
664 n1 = s->nsector;
665 if (n1 > s->req_nb_sectors)
666 n1 = s->req_nb_sectors;
667 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
668 }
669 ide_set_sector(s, sector_num + n);
670 ide_set_irq(s);
671}
672
98087450
FB		 673static int ide_write_dma_cb(IDEState *s,
674 target_phys_addr_t phys_addr,
675 int transfer_size1)
676{
677 int len, transfer_size, n;
678 int64_t sector_num;
679
680 transfer_size = transfer_size1;
681 for(;;) {
682 len = s->io_buffer_size - s->io_buffer_index;
683 if (len == 0) {
684 n = s->io_buffer_size >> 9;
685 sector_num = ide_get_sector(s);
686 bdrv_write(s->bs, sector_num, s->io_buffer,
687 s->io_buffer_size >> 9);
688 sector_num += n;
689 ide_set_sector(s, sector_num);
690 s->nsector -= n;
691 n = s->nsector;
692 if (n == 0) {
693 /* end of transfer */
694 s->status = READY_STAT | SEEK_STAT;
695 ide_set_irq(s);
696 return 0;
697 }
698 if (n > MAX_MULT_SECTORS)
699 n = MAX_MULT_SECTORS;
700 s->io_buffer_index = 0;
701 s->io_buffer_size = n * 512;
702 len = s->io_buffer_size;
703 }
704 if (transfer_size <= 0)
705 break;
706 if (len > transfer_size)
707 len = transfer_size;
708 cpu_physical_memory_read(phys_addr,
709 s->io_buffer + s->io_buffer_index, len);
710 s->io_buffer_index += len;
711 transfer_size -= len;
712 phys_addr += len;
713 }
714 return transfer_size1 - transfer_size;
715}
716
717static void ide_sector_write_dma(IDEState *s)
718{
719 int n;
720 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
721 n = s->nsector;
722 if (n > MAX_MULT_SECTORS)
723 n = MAX_MULT_SECTORS;
724 s->io_buffer_index = 0;
725 s->io_buffer_size = n * 512;
726 ide_dma_start(s, ide_write_dma_cb);
727}
728
5391d806
FB		 729static void ide_atapi_cmd_ok(IDEState *s)
730{
731 s->error = 0;
732 s->status = READY_STAT;
733 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
734 ide_set_irq(s);
735}
736
737static void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
738{
739#ifdef DEBUG_IDE_ATAPI
740 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
741#endif
742 s->error = sense_key << 4;
743 s->status = READY_STAT | ERR_STAT;
744 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
745 s->sense_key = sense_key;
746 s->asc = asc;
747 ide_set_irq(s);
748}
749
750static inline void cpu_to_ube16(uint8_t *buf, int val)
751{
752 buf[0] = val >> 8;
753 buf[1] = val;
754}
755
756static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
757{
758 buf[0] = val >> 24;
759 buf[1] = val >> 16;
760 buf[2] = val >> 8;
761 buf[3] = val;
762}
763
764static inline int ube16_to_cpu(const uint8_t *buf)
765{
766 return (buf[0] << 8) | buf[1];
767}
768
769static inline int ube32_to_cpu(const uint8_t *buf)
770{
771 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
772}
773
98087450
FB		 774static void lba_to_msf(uint8_t *buf, int lba)
775{
776 lba += 150;
777 buf[0] = (lba / 75) / 60;
778 buf[1] = (lba / 75) % 60;
779 buf[2] = lba % 75;
780}
781
782static void cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
783 int sector_size)
784{
785 switch(sector_size) {
786 case 2048:
787 bdrv_read(bs, (int64_t)lba << 2, buf, 4);
788 break;
789 case 2352:
790 /* sync bytes */
791 buf[0] = 0x00;
792 memset(buf + 1, 0xff, 11);
793 buf += 12;
794 /* MSF */
795 lba_to_msf(buf, lba);
796 buf[3] = 0x01; /* mode 1 data */
797 buf += 4;
798 /* data */
799 bdrv_read(bs, (int64_t)lba << 2, buf, 4);
800 buf += 2048;
801 /* ECC */
802 memset(buf, 0, 288);
803 break;
804 default:
805 break;
806 }
807}
808
5391d806
FB		 809/* The whole ATAPI transfer logic is handled in this function */
810static void ide_atapi_cmd_reply_end(IDEState *s)
811{
812 int byte_count_limit, size;
813#ifdef DEBUG_IDE_ATAPI
814 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
815 s->packet_transfer_size,
816 s->elementary_transfer_size,
817 s->io_buffer_index);
818#endif
819 if (s->packet_transfer_size <= 0) {
820 /* end of transfer */
821 ide_transfer_stop(s);
822 s->status = READY_STAT;
823 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
824 ide_set_irq(s);
825#ifdef DEBUG_IDE_ATAPI
826 printf("status=0x%x\n", s->status);
827#endif
828 } else {
829 /* see if a new sector must be read */
98087450
FB		 830 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
831 cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
5391d806
FB		 832 s->lba++;
833 s->io_buffer_index = 0;
834 }
835 if (s->elementary_transfer_size > 0) {
836 /* there are some data left to transmit in this elementary
837 transfer */
98087450 838 size = s->cd_sector_size - s->io_buffer_index;
5391d806
FB		 839 if (size > s->elementary_transfer_size)
840 size = s->elementary_transfer_size;
841 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
842 size, ide_atapi_cmd_reply_end);
843 s->packet_transfer_size -= size;
844 s->elementary_transfer_size -= size;
845 s->io_buffer_index += size;
846 } else {
847 /* a new transfer is needed */
848 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
849 byte_count_limit = s->lcyl | (s->hcyl << 8);
850#ifdef DEBUG_IDE_ATAPI
851 printf("byte_count_limit=%d\n", byte_count_limit);
852#endif
853 if (byte_count_limit == 0xffff)
854 byte_count_limit--;
855 size = s->packet_transfer_size;
856 if (size > byte_count_limit) {
857 /* byte count limit must be even if this case */
858 if (byte_count_limit & 1)
859 byte_count_limit--;
860 size = byte_count_limit;
5391d806 861 }
a136e5a8
FB		 862 s->lcyl = size;
863 s->hcyl = size >> 8;
5391d806
FB		 864 s->elementary_transfer_size = size;
865 /* we cannot transmit more than one sector at a time */
866 if (s->lba != -1) {
98087450
FB		 867 if (size > (s->cd_sector_size - s->io_buffer_index))
868 size = (s->cd_sector_size - s->io_buffer_index);
5391d806
FB		 869 }
870 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
871 size, ide_atapi_cmd_reply_end);
872 s->packet_transfer_size -= size;
873 s->elementary_transfer_size -= size;
874 s->io_buffer_index += size;
875 ide_set_irq(s);
876#ifdef DEBUG_IDE_ATAPI
877 printf("status=0x%x\n", s->status);
878#endif
879 }
880 }
881}
882
883/* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
884static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
885{
886 if (size > max_size)
887 size = max_size;
888 s->lba = -1; /* no sector read */
889 s->packet_transfer_size = size;
890 s->elementary_transfer_size = 0;
891 s->io_buffer_index = 0;
892
893 s->status = READY_STAT;
894 ide_atapi_cmd_reply_end(s);
895}
896
897/* start a CD-CDROM read command */
98087450
FB		 898static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
899 int sector_size)
5391d806 900{
5391d806 901 s->lba = lba;
98087450 902 s->packet_transfer_size = nb_sectors * sector_size;
5391d806 903 s->elementary_transfer_size = 0;
98087450
FB		 904 s->io_buffer_index = sector_size;
905 s->cd_sector_size = sector_size;
5391d806
FB		 906
907 s->status = READY_STAT;
908 ide_atapi_cmd_reply_end(s);
909}
910
98087450
FB		 911/* ATAPI DMA support */
912static int ide_atapi_cmd_read_dma_cb(IDEState *s,
913 target_phys_addr_t phys_addr,
914 int transfer_size1)
915{
916 int len, transfer_size;
917
918 transfer_size = transfer_size1;
919 while (transfer_size > 0) {
920 if (s->packet_transfer_size <= 0)
921 break;
922 len = s->cd_sector_size - s->io_buffer_index;
923 if (len <= 0) {
924 /* transfert next data */
925 cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
926 s->lba++;
927 s->io_buffer_index = 0;
928 len = s->cd_sector_size;
929 }
930 if (len > transfer_size)
931 len = transfer_size;
932 cpu_physical_memory_write(phys_addr,
933 s->io_buffer + s->io_buffer_index, len);
934 s->packet_transfer_size -= len;
935 s->io_buffer_index += len;
936 transfer_size -= len;
937 phys_addr += len;
938 }
939 if (s->packet_transfer_size <= 0) {
940 s->status = READY_STAT;
941 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
942 ide_set_irq(s);
943#ifdef DEBUG_IDE_ATAPI
944 printf("dma status=0x%x\n", s->status);
945#endif
946 return 0;
947 }
948 return transfer_size1 - transfer_size;
949}
950
951/* start a CD-CDROM read command with DMA */
952/* XXX: test if DMA is available */
953static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
954 int sector_size)
955{
956 s->lba = lba;
957 s->packet_transfer_size = nb_sectors * sector_size;
958 s->io_buffer_index = sector_size;
959 s->cd_sector_size = sector_size;
960
961 s->status = READY_STAT | DRQ_STAT;
962 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
963}
964
965static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
966 int sector_size)
967{
968#ifdef DEBUG_IDE_ATAPI
969 printf("read: LBA=%d nb_sectors=%d\n", lba, nb_sectors);
970#endif
971 if (s->atapi_dma) {
972 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
973 } else {
974 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
975 }
976}
977
5391d806 978/* same toc as bochs. Return -1 if error or the toc length */
98087450 979/* XXX: check this */
5391d806
FB		 980static int cdrom_read_toc(IDEState *s, uint8_t *buf, int msf, int start_track)
981{
982 uint8_t *q;
983 int nb_sectors, len;
984
985 if (start_track > 1 && start_track != 0xaa)
986 return -1;
987 q = buf + 2;
98087450
FB		 988 *q++ = 1; /* first session */
989 *q++ = 1; /* last session */
5391d806
FB		 990 if (start_track <= 1) {
991 *q++ = 0; /* reserved */
992 *q++ = 0x14; /* ADR, control */
993 *q++ = 1; /* track number */
994 *q++ = 0; /* reserved */
995 if (msf) {
996 *q++ = 0; /* reserved */
997 *q++ = 0; /* minute */
998 *q++ = 2; /* second */
999 *q++ = 0; /* frame */
1000 } else {
1001 /* sector 0 */
1002 cpu_to_ube32(q, 0);
1003 q += 4;
1004 }
1005 }
1006 /* lead out track */
1007 *q++ = 0; /* reserved */
1008 *q++ = 0x16; /* ADR, control */
1009 *q++ = 0xaa; /* track number */
1010 *q++ = 0; /* reserved */
1011 nb_sectors = s->nb_sectors >> 2;
1012 if (msf) {
1013 *q++ = 0; /* reserved */
98087450
FB		 1014 lba_to_msf(q, nb_sectors);
1015 q += 3;
1016 } else {
1017 cpu_to_ube32(q, nb_sectors);
1018 q += 4;
1019 }
1020 len = q - buf;
1021 cpu_to_ube16(buf, len - 2);
1022 return len;
1023}
1024
1025/* mostly same info as PearPc */
1026static int cdrom_read_toc_raw(IDEState *s, uint8_t *buf, int msf,
1027 int session_num)
1028{
1029 uint8_t *q;
1030 int nb_sectors, len;
1031
1032 q = buf + 2;
1033 *q++ = 1; /* first session */
1034 *q++ = 1; /* last session */
1035
1036 *q++ = 1; /* session number */
1037 *q++ = 0x14; /* data track */
1038 *q++ = 0; /* track number */
1039 *q++ = 0xa0; /* lead-in */
1040 *q++ = 0; /* min */
1041 *q++ = 0; /* sec */
1042 *q++ = 0; /* frame */
1043 *q++ = 0;
1044 *q++ = 1; /* first track */
1045 *q++ = 0x00; /* disk type */
1046 *q++ = 0x00;
1047
1048 *q++ = 1; /* session number */
1049 *q++ = 0x14; /* data track */
1050 *q++ = 0; /* track number */
1051 *q++ = 0xa1;
1052 *q++ = 0; /* min */
1053 *q++ = 0; /* sec */
1054 *q++ = 0; /* frame */
1055 *q++ = 0;
1056 *q++ = 1; /* last track */
1057 *q++ = 0x00;
1058 *q++ = 0x00;
1059
1060 *q++ = 1; /* session number */
1061 *q++ = 0x14; /* data track */
1062 *q++ = 0; /* track number */
1063 *q++ = 0xa2; /* lead-out */
1064 *q++ = 0; /* min */
1065 *q++ = 0; /* sec */
1066 *q++ = 0; /* frame */
1067 nb_sectors = s->nb_sectors >> 2;
1068 if (msf) {
1069 *q++ = 0; /* reserved */
1070 lba_to_msf(q, nb_sectors);
1071 q += 3;
5391d806
FB		 1072 } else {
1073 cpu_to_ube32(q, nb_sectors);
1074 q += 4;
1075 }
98087450
FB		 1076
1077 *q++ = 1; /* session number */
1078 *q++ = 0x14; /* ADR, control */
1079 *q++ = 0; /* track number */
1080 *q++ = 1; /* point */
1081 *q++ = 0; /* min */
1082 *q++ = 0; /* sec */
1083 *q++ = 0; /* frame */
1084 *q++ = 0;
1085 *q++ = 0;
1086 *q++ = 0;
1087 *q++ = 0;
1088
5391d806
FB		 1089 len = q - buf;
1090 cpu_to_ube16(buf, len - 2);
1091 return len;
1092}
1093
1094static void ide_atapi_cmd(IDEState *s)
1095{
1096 const uint8_t *packet;
1097 uint8_t *buf;
1098 int max_len;
1099
1100 packet = s->io_buffer;
1101 buf = s->io_buffer;
1102#ifdef DEBUG_IDE_ATAPI
1103 {
1104 int i;
1105 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1106 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1107 printf(" %02x", packet[i]);
1108 }
1109 printf("\n");
1110 }
1111#endif
1112 switch(s->io_buffer[0]) {
1113 case GPCMD_TEST_UNIT_READY:
caed8802 1114 if (bdrv_is_inserted(s->bs)) {
5391d806
FB		 1115 ide_atapi_cmd_ok(s);
1116 } else {
1117 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1118 ASC_MEDIUM_NOT_PRESENT);
1119 }
1120 break;
1121 case GPCMD_MODE_SENSE_10:
1122 {
1123 int action, code;
1124 max_len = ube16_to_cpu(packet + 7);
1125 action = packet[2] >> 6;
1126 code = packet[2] & 0x3f;
1127 switch(action) {
1128 case 0: /* current values */
1129 switch(code) {
1130 case 0x01: /* error recovery */
1131 cpu_to_ube16(&buf[0], 16 + 6);
1132 buf[2] = 0x70;
1133 buf[3] = 0;
1134 buf[4] = 0;
1135 buf[5] = 0;
1136 buf[6] = 0;
1137 buf[7] = 0;
1138
1139 buf[8] = 0x01;
1140 buf[9] = 0x06;
1141 buf[10] = 0x00;
1142 buf[11] = 0x05;
1143 buf[12] = 0x00;
1144 buf[13] = 0x00;
1145 buf[14] = 0x00;
1146 buf[15] = 0x00;
1147 ide_atapi_cmd_reply(s, 16, max_len);
1148 break;
1149 case 0x2a:
1150 cpu_to_ube16(&buf[0], 28 + 6);
1151 buf[2] = 0x70;
1152 buf[3] = 0;
1153 buf[4] = 0;
1154 buf[5] = 0;
1155 buf[6] = 0;
1156 buf[7] = 0;
1157
1158 buf[8] = 0x2a;
1159 buf[9] = 0x12;
1160 buf[10] = 0x00;
1161 buf[11] = 0x00;
1162
1163 buf[12] = 0x70;
1164 buf[13] = 3 << 5;
1165 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
caed8802 1166 if (bdrv_is_locked(s->bs))
5391d806
FB		 1167 buf[6] |= 1 << 1;
1168 buf[15] = 0x00;
1169 cpu_to_ube16(&buf[16], 706);
1170 buf[18] = 0;
1171 buf[19] = 2;
1172 cpu_to_ube16(&buf[20], 512);
1173 cpu_to_ube16(&buf[22], 706);
1174 buf[24] = 0;
1175 buf[25] = 0;
1176 buf[26] = 0;
1177 buf[27] = 0;
1178 ide_atapi_cmd_reply(s, 28, max_len);
1179 break;
1180 default:
1181 goto error_cmd;
1182 }
1183 break;
1184 case 1: /* changeable values */
1185 goto error_cmd;
1186 case 2: /* default values */
1187 goto error_cmd;
1188 default:
1189 case 3: /* saved values */
1190 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1191 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1192 break;
1193 }
1194 }
1195 break;
1196 case GPCMD_REQUEST_SENSE:
1197 max_len = packet[4];
1198 memset(buf, 0, 18);
1199 buf[0] = 0x70 | (1 << 7);
1200 buf[2] = s->sense_key;
1201 buf[7] = 10;
1202 buf[12] = s->asc;
1203 ide_atapi_cmd_reply(s, 18, max_len);
1204 break;
1205 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
caed8802
FB		 1206 if (bdrv_is_inserted(s->bs)) {
1207 bdrv_set_locked(s->bs, packet[4] & 1);
5391d806
FB		 1208 ide_atapi_cmd_ok(s);
1209 } else {
1210 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1211 ASC_MEDIUM_NOT_PRESENT);
1212 }
1213 break;
1214 case GPCMD_READ_10:
1215 case GPCMD_READ_12:
1216 {
1217 int nb_sectors, lba;
1218
caed8802 1219 if (!bdrv_is_inserted(s->bs)) {
5391d806
FB		 1220 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1221 ASC_MEDIUM_NOT_PRESENT);
1222 break;
1223 }
1224 if (packet[0] == GPCMD_READ_10)
1225 nb_sectors = ube16_to_cpu(packet + 7);
1226 else
1227 nb_sectors = ube32_to_cpu(packet + 6);
1228 lba = ube32_to_cpu(packet + 2);
1229 if (nb_sectors == 0) {
1230 ide_atapi_cmd_ok(s);
1231 break;
1232 }
1233 if (((int64_t)(lba + nb_sectors) << 2) > s->nb_sectors) {
1234 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1235 ASC_LOGICAL_BLOCK_OOR);
1236 break;
1237 }
98087450
FB		 1238 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1239 }
1240 break;
1241 case GPCMD_READ_CD:
1242 {
1243 int nb_sectors, lba, transfer_request;
1244
1245 if (!bdrv_is_inserted(s->bs)) {
1246 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1247 ASC_MEDIUM_NOT_PRESENT);
1248 break;
1249 }
1250 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1251 lba = ube32_to_cpu(packet + 2);
1252 if (nb_sectors == 0) {
1253 ide_atapi_cmd_ok(s);
1254 break;
1255 }
1256 if (((int64_t)(lba + nb_sectors) << 2) > s->nb_sectors) {
1257 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1258 ASC_LOGICAL_BLOCK_OOR);
1259 break;
1260 }
1261 transfer_request = packet[9];
1262 switch(transfer_request & 0xf8) {
1263 case 0x00:
1264 /* nothing */
1265 ide_atapi_cmd_ok(s);
1266 break;
1267 case 0x10:
1268 /* normal read */
1269 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1270 break;
1271 case 0xf8:
1272 /* read all data */
1273 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1274 break;
1275 default:
1276 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1277 ASC_INV_FIELD_IN_CMD_PACKET);
1278 break;
1279 }
5391d806
FB		 1280 }
1281 break;
1282 case GPCMD_SEEK:
1283 {
1284 int lba;
caed8802 1285 if (!bdrv_is_inserted(s->bs)) {
5391d806
FB		 1286 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1287 ASC_MEDIUM_NOT_PRESENT);
1288 break;
1289 }
1290 lba = ube32_to_cpu(packet + 2);
1291 if (((int64_t)lba << 2) > s->nb_sectors) {
1292 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1293 ASC_LOGICAL_BLOCK_OOR);
1294 break;
1295 }
1296 ide_atapi_cmd_ok(s);
1297 }
1298 break;
1299 case GPCMD_START_STOP_UNIT:
1300 {
1301 int start, eject;
1302 start = packet[4] & 1;
1303 eject = (packet[4] >> 1) & 1;
1304
caed8802
FB		 1305 if (eject && !start) {
1306 /* eject the disk */
1307 bdrv_close(s->bs);
1308 }
5391d806
FB		 1309 ide_atapi_cmd_ok(s);
1310 }
1311 break;
1312 case GPCMD_MECHANISM_STATUS:
1313 {
1314 max_len = ube16_to_cpu(packet + 8);
1315 cpu_to_ube16(buf, 0);
1316 /* no current LBA */
1317 buf[2] = 0;
1318 buf[3] = 0;
1319 buf[4] = 0;
1320 buf[5] = 1;
1321 cpu_to_ube16(buf + 6, 0);
1322 ide_atapi_cmd_reply(s, 8, max_len);
1323 }
1324 break;
1325 case GPCMD_READ_TOC_PMA_ATIP:
1326 {
1327 int format, msf, start_track, len;
1328
caed8802 1329 if (!bdrv_is_inserted(s->bs)) {
5391d806
FB		 1330 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1331 ASC_MEDIUM_NOT_PRESENT);
1332 break;
1333 }
1334 max_len = ube16_to_cpu(packet + 7);
1335 format = packet[9] >> 6;
1336 msf = (packet[1] >> 1) & 1;
1337 start_track = packet[6];
1338 switch(format) {
1339 case 0:
1340 len = cdrom_read_toc(s, buf, msf, start_track);
1341 if (len < 0)
1342 goto error_cmd;
1343 ide_atapi_cmd_reply(s, len, max_len);
1344 break;
1345 case 1:
1346 /* multi session : only a single session defined */
1347 memset(buf, 0, 12);
1348 buf[1] = 0x0a;
1349 buf[2] = 0x01;
1350 buf[3] = 0x01;
1351 ide_atapi_cmd_reply(s, 12, max_len);
1352 break;
98087450
FB		 1353 case 2:
1354 len = cdrom_read_toc_raw(s, buf, msf, start_track);
1355 if (len < 0)
1356 goto error_cmd;
1357 ide_atapi_cmd_reply(s, len, max_len);
1358 break;
5391d806 1359 default:
7f777bf3
FB		 1360 error_cmd:
1361 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1362 ASC_INV_FIELD_IN_CMD_PACKET);
1363 break;
5391d806
FB		 1364 }
1365 }
1366 break;
1367 case GPCMD_READ_CDVD_CAPACITY:
caed8802 1368 if (!bdrv_is_inserted(s->bs)) {
5391d806
FB		 1369 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1370 ASC_MEDIUM_NOT_PRESENT);
1371 break;
1372 }
1373 /* NOTE: it is really the number of sectors minus 1 */
1374 cpu_to_ube32(buf, (s->nb_sectors >> 2) - 1);
1375 cpu_to_ube32(buf + 4, 2048);
1376 ide_atapi_cmd_reply(s, 8, 8);
1377 break;
bd0d90b2
FB		 1378 case GPCMD_INQUIRY:
1379 max_len = packet[4];
1380 buf[0] = 0x05; /* CD-ROM */
1381 buf[1] = 0x80; /* removable */
1382 buf[2] = 0x00; /* ISO */
1383 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1384 buf[4] = 31; /* additionnal length */
1385 buf[5] = 0; /* reserved */
1386 buf[6] = 0; /* reserved */
1387 buf[7] = 0; /* reserved */
1388 padstr8(buf + 8, 8, "QEMU");
1389 padstr8(buf + 16, 16, "QEMU CD-ROM");
1390 padstr8(buf + 32, 4, QEMU_VERSION);
1391 ide_atapi_cmd_reply(s, 36, max_len);
1392 break;
5391d806 1393 default:
5391d806 1394 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
7f777bf3 1395 ASC_ILLEGAL_OPCODE);
5391d806
FB		 1396 break;
1397 }
1398}
1399
caed8802
FB		 1400/* called when the inserted state of the media has changed */
1401static void cdrom_change_cb(void *opaque)
5391d806 1402{
caed8802
FB		 1403 IDEState *s = opaque;
1404 int64_t nb_sectors;
1405
1406 /* XXX: send interrupt too */
1407 bdrv_get_geometry(s->bs, &nb_sectors);
1408 s->nb_sectors = nb_sectors;
1409}
1410
1411static void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
1412{
1413 IDEState *ide_if = opaque;
c45c3d00 1414 IDEState *s;
5391d806
FB		 1415 int unit, n;
1416
1417#ifdef DEBUG_IDE
1418 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1419#endif
1420 addr &= 7;
1421 switch(addr) {
1422 case 0:
1423 break;
1424 case 1:
c45c3d00
FB		 1425 /* NOTE: data is written to the two drives */
1426 ide_if[0].feature = val;
1427 ide_if[1].feature = val;
5391d806
FB		 1428 break;
1429 case 2:
1430 if (val == 0)
1431 val = 256;
c45c3d00
FB		 1432 ide_if[0].nsector = val;
1433 ide_if[1].nsector = val;
5391d806
FB		 1434 break;
1435 case 3:
c45c3d00
FB		 1436 ide_if[0].sector = val;
1437 ide_if[1].sector = val;
5391d806
FB		 1438 break;
1439 case 4:
c45c3d00
FB		 1440 ide_if[0].lcyl = val;
1441 ide_if[1].lcyl = val;
5391d806
FB		 1442 break;
1443 case 5:
c45c3d00
FB		 1444 ide_if[0].hcyl = val;
1445 ide_if[1].hcyl = val;
5391d806
FB		 1446 break;
1447 case 6:
7ae98627
FB		 1448 ide_if[0].select = (val & ~0x10) | 0xa0;
1449 ide_if[1].select = (val | 0x10) | 0xa0;
5391d806
FB		 1450 /* select drive */
1451 unit = (val >> 4) & 1;
1452 s = ide_if + unit;
1453 ide_if->cur_drive = s;
5391d806
FB		 1454 break;
1455 default:
1456 case 7:
1457 /* command */
1458#if defined(DEBUG_IDE)
1459 printf("ide: CMD=%02x\n", val);
1460#endif
c45c3d00 1461 s = ide_if->cur_drive;
66201e2d
FB		 1462 /* ignore commands to non existant slave */
1463 if (s != ide_if && !s->bs)
1464 break;
5391d806
FB		 1465 switch(val) {
1466 case WIN_IDENTIFY:
1467 if (s->bs && !s->is_cdrom) {
1468 ide_identify(s);
2a282056 1469 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 1470 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1471 } else {
1472 if (s->is_cdrom) {
1473 ide_set_signature(s);
1474 }
1475 ide_abort_command(s);
1476 }
1477 ide_set_irq(s);
1478 break;
1479 case WIN_SPECIFY:
1480 case WIN_RECAL:
a136e5a8 1481 s->error = 0;
769bec72 1482 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 1483 ide_set_irq(s);
1484 break;
1485 case WIN_SETMULT:
1486 if (s->nsector > MAX_MULT_SECTORS ||
1487 s->nsector == 0 ||
1488 (s->nsector & (s->nsector - 1)) != 0) {
1489 ide_abort_command(s);
1490 } else {
1491 s->mult_sectors = s->nsector;
1492 s->status = READY_STAT;
1493 }
1494 ide_set_irq(s);
1495 break;
4ce900b4
FB		 1496 case WIN_VERIFY:
1497 case WIN_VERIFY_ONCE:
1498 /* do sector number check ? */
1499 s->status = READY_STAT;
1500 ide_set_irq(s);
1501 break;
5391d806
FB		 1502 case WIN_READ:
1503 case WIN_READ_ONCE:
6b136f9e
FB		 1504 if (!s->bs)
1505 goto abort_cmd;
5391d806
FB		 1506 s->req_nb_sectors = 1;
1507 ide_sector_read(s);
1508 break;
1509 case WIN_WRITE:
1510 case WIN_WRITE_ONCE:
a136e5a8 1511 s->error = 0;
f66723fa 1512 s->status = SEEK_STAT | READY_STAT;
5391d806
FB		 1513 s->req_nb_sectors = 1;
1514 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1515 break;
1516 case WIN_MULTREAD:
1517 if (!s->mult_sectors)
1518 goto abort_cmd;
1519 s->req_nb_sectors = s->mult_sectors;
1520 ide_sector_read(s);
1521 break;
1522 case WIN_MULTWRITE:
1523 if (!s->mult_sectors)
1524 goto abort_cmd;
a136e5a8 1525 s->error = 0;
f66723fa 1526 s->status = SEEK_STAT | READY_STAT;
5391d806
FB		 1527 s->req_nb_sectors = s->mult_sectors;
1528 n = s->nsector;
1529 if (n > s->req_nb_sectors)
1530 n = s->req_nb_sectors;
1531 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1532 break;
98087450
FB		 1533 case WIN_READDMA:
1534 case WIN_READDMA_ONCE:
1535 if (!s->bs)
1536 goto abort_cmd;
1537 ide_sector_read_dma(s);
1538 break;
1539 case WIN_WRITEDMA:
1540 case WIN_WRITEDMA_ONCE:
1541 if (!s->bs)
1542 goto abort_cmd;
1543 ide_sector_write_dma(s);
1544 break;
5391d806
FB		 1545 case WIN_READ_NATIVE_MAX:
1546 ide_set_sector(s, s->nb_sectors - 1);
1547 s->status = READY_STAT;
1548 ide_set_irq(s);
1549 break;
a136e5a8
FB		 1550 case WIN_CHECKPOWERMODE1:
1551 s->nsector = 0xff; /* device active or idle */
1552 s->status = READY_STAT;
1553 ide_set_irq(s);
1554 break;
34e538ae
FB		 1555 case WIN_SETFEATURES:
1556 if (!s->bs)
1557 goto abort_cmd;
1558 /* XXX: valid for CDROM ? */
1559 switch(s->feature) {
1560 case 0x02: /* write cache enable */
98087450 1561 case 0x03: /* set transfer mode */
34e538ae
FB		 1562 case 0x82: /* write cache disable */
1563 case 0xaa: /* read look-ahead enable */
1564 case 0x55: /* read look-ahead disable */
e0fe67aa 1565 s->status = READY_STAT | SEEK_STAT;
34e538ae
FB		 1566 ide_set_irq(s);
1567 break;
1568 default:
1569 goto abort_cmd;
1570 }
1571 break;
a7dfe172
FB		 1572 case WIN_STANDBYNOW1:
1573 s->status = READY_STAT;
1574 ide_set_irq(s);
1575 break;
5391d806
FB		 1576 /* ATAPI commands */
1577 case WIN_PIDENTIFY:
1578 if (s->is_cdrom) {
1579 ide_atapi_identify(s);
1580 s->status = READY_STAT;
1581 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1582 } else {
1583 ide_abort_command(s);
1584 }
1585 ide_set_irq(s);
1586 break;
1587 case WIN_SRST:
1588 if (!s->is_cdrom)
1589 goto abort_cmd;
1590 ide_set_signature(s);
6b136f9e 1591 s->status = 0x00; /* NOTE: READY is _not_ set */
5391d806
FB		 1592 s->error = 0x01;
1593 break;
1594 case WIN_PACKETCMD:
1595 if (!s->is_cdrom)
1596 goto abort_cmd;
98087450
FB		 1597 /* overlapping commands not supported */
1598 if (s->feature & 0x02)
5391d806 1599 goto abort_cmd;
98087450 1600 s->atapi_dma = s->feature & 1;
5391d806
FB		 1601 s->nsector = 1;
1602 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
1603 ide_atapi_cmd);
1604 break;
1605 default:
1606 abort_cmd:
1607 ide_abort_command(s);
1608 ide_set_irq(s);
1609 break;
1610 }
1611 }
1612}
1613
caed8802 1614static uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
5391d806 1615{
7ae98627
FB		 1616 IDEState *ide_if = opaque;
1617 IDEState *s = ide_if->cur_drive;
5391d806
FB		 1618 uint32_t addr;
1619 int ret;
1620
1621 addr = addr1 & 7;
1622 switch(addr) {
1623 case 0:
1624 ret = 0xff;
1625 break;
1626 case 1:
7ae98627 1627 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00
FB		 1628 ret = 0;
1629 else
1630 ret = s->error;
5391d806
FB		 1631 break;
1632 case 2:
7ae98627 1633 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00
FB		 1634 ret = 0;
1635 else
1636 ret = s->nsector & 0xff;
5391d806
FB		 1637 break;
1638 case 3:
7ae98627 1639 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00
FB		 1640 ret = 0;
1641 else
1642 ret = s->sector;
5391d806
FB		 1643 break;
1644 case 4:
7ae98627 1645 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00
FB		 1646 ret = 0;
1647 else
1648 ret = s->lcyl;
5391d806
FB		 1649 break;
1650 case 5:
7ae98627 1651 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00
FB		 1652 ret = 0;
1653 else
1654 ret = s->hcyl;
5391d806
FB		 1655 break;
1656 case 6:
7ae98627 1657 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00
FB		 1658 ret = 0;
1659 else
7ae98627 1660 ret = s->select;
5391d806
FB		 1661 break;
1662 default:
1663 case 7:
66201e2d
FB		 1664 if ((!ide_if[0].bs && !ide_if[1].bs) ||
1665 (s != ide_if && !s->bs))
c45c3d00
FB		 1666 ret = 0;
1667 else
1668 ret = s->status;
1ade1de2
FB		 1669#ifdef TARGET_PPC
1670 if (s->openpic)
1671 openpic_set_irq(s->openpic, s->irq, 0);
1672 else
1673#endif
34e538ae
FB		 1674 if (s->irq == 16)
1675 pci_set_irq(s->pci_dev, 0, 0);
1676 else
1677 pic_set_irq(s->irq, 0);
5391d806
FB		 1678 break;
1679 }
1680#ifdef DEBUG_IDE
1681 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
1682#endif
1683 return ret;
1684}
1685
caed8802 1686static uint32_t ide_status_read(void *opaque, uint32_t addr)
5391d806 1687{
7ae98627
FB		 1688 IDEState *ide_if = opaque;
1689 IDEState *s = ide_if->cur_drive;
5391d806 1690 int ret;
7ae98627 1691
66201e2d
FB		 1692 if ((!ide_if[0].bs && !ide_if[1].bs) ||
1693 (s != ide_if && !s->bs))
7ae98627
FB		 1694 ret = 0;
1695 else
1696 ret = s->status;
5391d806
FB		 1697#ifdef DEBUG_IDE
1698 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
1699#endif
1700 return ret;
1701}
1702
caed8802 1703static void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
5391d806 1704{
caed8802 1705 IDEState *ide_if = opaque;
5391d806
FB		 1706 IDEState *s;
1707 int i;
1708
1709#ifdef DEBUG_IDE
1710 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
1711#endif
1712 /* common for both drives */
1713 if (!(ide_if[0].cmd & IDE_CMD_RESET) &&
1714 (val & IDE_CMD_RESET)) {
1715 /* reset low to high */
1716 for(i = 0;i < 2; i++) {
1717 s = &ide_if[i];
1718 s->status = BUSY_STAT | SEEK_STAT;
1719 s->error = 0x01;
1720 }
1721 } else if ((ide_if[0].cmd & IDE_CMD_RESET) &&
1722 !(val & IDE_CMD_RESET)) {
1723 /* high to low */
1724 for(i = 0;i < 2; i++) {
1725 s = &ide_if[i];
6b136f9e
FB		 1726 if (s->is_cdrom)
1727 s->status = 0x00; /* NOTE: READY is _not_ set */
1728 else
56bf1d37 1729 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 1730 ide_set_signature(s);
1731 }
1732 }
1733
1734 ide_if[0].cmd = val;
1735 ide_if[1].cmd = val;
1736}
1737
caed8802 1738static void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
5391d806 1739{
caed8802 1740 IDEState *s = ((IDEState *)opaque)->cur_drive;
5391d806
FB		 1741 uint8_t *p;
1742
1743 p = s->data_ptr;
0c4ad8dc 1744 *(uint16_t *)p = le16_to_cpu(val);
5391d806
FB		 1745 p += 2;
1746 s->data_ptr = p;
1747 if (p >= s->data_end)
1748 s->end_transfer_func(s);
1749}
1750
caed8802 1751static uint32_t ide_data_readw(void *opaque, uint32_t addr)
5391d806 1752{
caed8802 1753 IDEState *s = ((IDEState *)opaque)->cur_drive;
5391d806
FB		 1754 uint8_t *p;
1755 int ret;
1756 p = s->data_ptr;
0c4ad8dc 1757 ret = cpu_to_le16(*(uint16_t *)p);
5391d806
FB		 1758 p += 2;
1759 s->data_ptr = p;
1760 if (p >= s->data_end)
1761 s->end_transfer_func(s);
1762 return ret;
1763}
1764
caed8802 1765static void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
5391d806 1766{
caed8802 1767 IDEState *s = ((IDEState *)opaque)->cur_drive;
5391d806
FB		 1768 uint8_t *p;
1769
1770 p = s->data_ptr;
0c4ad8dc 1771 *(uint32_t *)p = le32_to_cpu(val);
5391d806
FB		 1772 p += 4;
1773 s->data_ptr = p;
1774 if (p >= s->data_end)
1775 s->end_transfer_func(s);
1776}
1777
caed8802 1778static uint32_t ide_data_readl(void *opaque, uint32_t addr)
5391d806 1779{
caed8802 1780 IDEState *s = ((IDEState *)opaque)->cur_drive;
5391d806
FB		 1781 uint8_t *p;
1782 int ret;
1783
1784 p = s->data_ptr;
0c4ad8dc 1785 ret = cpu_to_le32(*(uint32_t *)p);
5391d806
FB		 1786 p += 4;
1787 s->data_ptr = p;
1788 if (p >= s->data_end)
1789 s->end_transfer_func(s);
1790 return ret;
1791}
1792
a7dfe172
FB		 1793static void ide_dummy_transfer_stop(IDEState *s)
1794{
1795 s->data_ptr = s->io_buffer;
1796 s->data_end = s->io_buffer;
1797 s->io_buffer[0] = 0xff;
1798 s->io_buffer[1] = 0xff;
1799 s->io_buffer[2] = 0xff;
1800 s->io_buffer[3] = 0xff;
1801}
1802
5391d806
FB		 1803static void ide_reset(IDEState *s)
1804{
1805 s->mult_sectors = MAX_MULT_SECTORS;
1806 s->cur_drive = s;
1807 s->select = 0xa0;
1808 s->status = READY_STAT;
1809 ide_set_signature(s);
a7dfe172
FB		 1810 /* init the transfer handler so that 0xffff is returned on data
1811 accesses */
1812 s->end_transfer_func = ide_dummy_transfer_stop;
1813 ide_dummy_transfer_stop(s);
5391d806
FB		 1814}
1815
1816struct partition {
1817 uint8_t boot_ind; /* 0x80 - active */
1818 uint8_t head; /* starting head */
1819 uint8_t sector; /* starting sector */
1820 uint8_t cyl; /* starting cylinder */
1821 uint8_t sys_ind; /* What partition type */
1822 uint8_t end_head; /* end head */
1823 uint8_t end_sector; /* end sector */
1824 uint8_t end_cyl; /* end cylinder */
1825 uint32_t start_sect; /* starting sector counting from 0 */
1826 uint32_t nr_sects; /* nr of sectors in partition */
1827} __attribute__((packed));
1828
1829/* try to guess the IDE geometry from the MSDOS partition table */
1830static void ide_guess_geometry(IDEState *s)
1831{
1832 uint8_t buf[512];
1833 int ret, i;
1834 struct partition *p;
1835 uint32_t nr_sects;
1836
1837 if (s->cylinders != 0)
1838 return;
1839 ret = bdrv_read(s->bs, 0, buf, 1);
1840 if (ret < 0)
1841 return;
1842 /* test msdos magic */
1843 if (buf[510] != 0x55 || buf[511] != 0xaa)
1844 return;
1845 for(i = 0; i < 4; i++) {
1846 p = ((struct partition *)(buf + 0x1be)) + i;
0c4ad8dc 1847 nr_sects = le32_to_cpu(p->nr_sects);
5391d806
FB		 1848 if (nr_sects && p->end_head) {
1849 /* We make the assumption that the partition terminates on
1850 a cylinder boundary */
1851 s->heads = p->end_head + 1;
1852 s->sectors = p->end_sector & 63;
1853 s->cylinders = s->nb_sectors / (s->heads * s->sectors);
1854#if 0
1855 printf("guessed partition: CHS=%d %d %d\n",
1856 s->cylinders, s->heads, s->sectors);
1857#endif
1858 }
1859 }
1860}
1861
69b91039
FB		 1862static void ide_init2(IDEState *ide_state, int irq,
1863 BlockDriverState *hd0, BlockDriverState *hd1)
5391d806 1864{
69b91039 1865 IDEState *s;
aedf5382 1866 static int drive_serial = 1;
caed8802 1867 int i, cylinders, heads, secs;
5391d806 1868 int64_t nb_sectors;
5391d806 1869
caed8802
FB		 1870 for(i = 0; i < 2; i++) {
1871 s = ide_state + i;
1872 if (i == 0)
1873 s->bs = hd0;
1874 else
1875 s->bs = hd1;
5391d806
FB		 1876 if (s->bs) {
1877 bdrv_get_geometry(s->bs, &nb_sectors);
1878 s->nb_sectors = nb_sectors;
caed8802
FB		 1879 /* if a geometry hint is available, use it */
1880 bdrv_get_geometry_hint(s->bs, &cylinders, &heads, &secs);
1881 if (cylinders != 0) {
5391d806 1882 s->cylinders = cylinders;
caed8802
FB		 1883 s->heads = heads;
1884 s->sectors = secs;
1885 } else {
1886 ide_guess_geometry(s);
1887 if (s->cylinders == 0) {
1888 /* if no geometry, use a LBA compatible one */
1889 cylinders = nb_sectors / (16 * 63);
1890 if (cylinders > 16383)
1891 cylinders = 16383;
1892 else if (cylinders < 2)
1893 cylinders = 2;
1894 s->cylinders = cylinders;
1895 s->heads = 16;
1896 s->sectors = 63;
1897 }
769bec72 1898 bdrv_set_geometry_hint(s->bs, s->cylinders, s->heads, s->sectors);
caed8802
FB		 1899 }
1900 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
1901 s->is_cdrom = 1;
1902 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
5391d806
FB		 1903 }
1904 }
aedf5382 1905 s->drive_serial = drive_serial++;
caed8802 1906 s->irq = irq;
5391d806
FB		 1907 ide_reset(s);
1908 }
69b91039
FB		 1909}
1910
34e538ae 1911static void ide_init_ioport(IDEState *ide_state, int iobase, int iobase2)
69b91039 1912{
caed8802
FB		 1913 register_ioport_write(iobase, 8, 1, ide_ioport_write, ide_state);
1914 register_ioport_read(iobase, 8, 1, ide_ioport_read, ide_state);
1915 if (iobase2) {
1916 register_ioport_read(iobase2, 1, 1, ide_status_read, ide_state);
1917 register_ioport_write(iobase2, 1, 1, ide_cmd_write, ide_state);
5391d806 1918 }
caed8802
FB		 1919
1920 /* data ports */
1921 register_ioport_write(iobase, 2, 2, ide_data_writew, ide_state);
1922 register_ioport_read(iobase, 2, 2, ide_data_readw, ide_state);
1923 register_ioport_write(iobase, 4, 4, ide_data_writel, ide_state);
1924 register_ioport_read(iobase, 4, 4, ide_data_readl, ide_state);
5391d806 1925}
69b91039 1926
34e538ae
FB		 1927/***********************************************************/
1928/* ISA IDE definitions */
1929
1930void isa_ide_init(int iobase, int iobase2, int irq,
1931 BlockDriverState *hd0, BlockDriverState *hd1)
1932{
1933 IDEState *ide_state;
1934
1935 ide_state = qemu_mallocz(sizeof(IDEState) * 2);
1936 if (!ide_state)
1937 return;
1938
1939 ide_init2(ide_state, irq, hd0, hd1);
1940 ide_init_ioport(ide_state, iobase, iobase2);
1941}
1942
69b91039
FB		 1943/***********************************************************/
1944/* PCI IDE definitions */
1945
69b91039
FB		 1946static void ide_map(PCIDevice *pci_dev, int region_num,
1947 uint32_t addr, uint32_t size, int type)
1948{
1949 PCIIDEState *d = (PCIIDEState *)pci_dev;
1950 IDEState *ide_state;
1951
1952 if (region_num <= 3) {
1953 ide_state = &d->ide_if[(region_num >> 1) * 2];
1954 if (region_num & 1) {
1955 register_ioport_read(addr + 2, 1, 1, ide_status_read, ide_state);
1956 register_ioport_write(addr + 2, 1, 1, ide_cmd_write, ide_state);
1957 } else {
1958 register_ioport_write(addr, 8, 1, ide_ioport_write, ide_state);
1959 register_ioport_read(addr, 8, 1, ide_ioport_read, ide_state);
1960
1961 /* data ports */
1962 register_ioport_write(addr, 2, 2, ide_data_writew, ide_state);
1963 register_ioport_read(addr, 2, 2, ide_data_readw, ide_state);
1964 register_ioport_write(addr, 4, 4, ide_data_writel, ide_state);
1965 register_ioport_read(addr, 4, 4, ide_data_readl, ide_state);
1966 }
1967 }
1968}
1969
98087450
FB		 1970/* XXX: full callback usage to prepare non blocking I/Os support -
1971 error handling */
1972static void ide_dma_loop(BMDMAState *bm)
1973{
1974 struct {
1975 uint32_t addr;
1976 uint32_t size;
1977 } prd;
1978 target_phys_addr_t cur_addr;
1979 int len, i, len1;
1980
1981 cur_addr = bm->addr;
1982 /* at most one page to avoid hanging if erroneous parameters */
1983 for(i = 0; i < 512; i++) {
1984 cpu_physical_memory_read(cur_addr, (uint8_t *)&prd, 8);
1985 prd.addr = le32_to_cpu(prd.addr);
1986 prd.size = le32_to_cpu(prd.size);
1987#ifdef DEBUG_IDE
1988 printf("ide: dma: prd: %08x: addr=0x%08x size=0x%08x\n",
1989 (int)cur_addr, prd.addr, prd.size);
1990#endif
1991 len = prd.size & 0xfffe;
1992 if (len == 0)
1993 len = 0x10000;
1994 while (len > 0) {
1995 len1 = bm->dma_cb(bm->ide_if, prd.addr, len);
1996 if (len1 == 0)
1997 goto the_end;
1998 prd.addr += len1;
1999 len -= len1;
2000 }
2001 /* end of transfer */
2002 if (prd.size & 0x80000000)
2003 break;
2004 cur_addr += 8;
2005 }
2006 /* end of transfer */
2007 the_end:
2008 bm->status &= ~BM_STATUS_DMAING;
2009 bm->status |= BM_STATUS_INT;
2010 bm->dma_cb = NULL;
2011 bm->ide_if = NULL;
2012}
2013
2014static void ide_dma_start(IDEState *s, IDEDMAFunc *dma_cb)
2015{
2016 BMDMAState *bm = s->bmdma;
2017 if(!bm)
2018 return;
2019 bm->ide_if = s;
2020 bm->dma_cb = dma_cb;
2021 if (bm->status & BM_STATUS_DMAING) {
2022 ide_dma_loop(bm);
2023 }
2024}
2025
2026static uint32_t bmdma_cmd_readb(void *opaque, uint32_t addr)
2027{
2028 BMDMAState *bm = opaque;
2029 uint32_t val;
2030 val = bm->cmd;
2031#ifdef DEBUG_IDE
2032 printf("%s: 0x%08x\n", __func__, val);
2033#endif
2034 return val;
2035}
2036
2037static void bmdma_cmd_writeb(void *opaque, uint32_t addr, uint32_t val)
2038{
2039 BMDMAState *bm = opaque;
2040#ifdef DEBUG_IDE
2041 printf("%s: 0x%08x\n", __func__, val);
2042#endif
2043 if (!(val & BM_CMD_START)) {
2044 /* XXX: do it better */
2045 bm->status &= ~BM_STATUS_DMAING;
2046 bm->cmd = val & 0x09;
2047 } else {
2048 bm->status |= BM_STATUS_DMAING;
2049 bm->cmd = val & 0x09;
2050 /* start dma transfer if possible */
2051 if (bm->dma_cb)
2052 ide_dma_loop(bm);
2053 }
2054}
2055
2056static uint32_t bmdma_status_readb(void *opaque, uint32_t addr)
2057{
2058 BMDMAState *bm = opaque;
2059 uint32_t val;
2060 val = bm->status;
2061#ifdef DEBUG_IDE
2062 printf("%s: 0x%08x\n", __func__, val);
2063#endif
2064 return val;
2065}
2066
2067static void bmdma_status_writeb(void *opaque, uint32_t addr, uint32_t val)
2068{
2069 BMDMAState *bm = opaque;
2070#ifdef DEBUG_IDE
2071 printf("%s: 0x%08x\n", __func__, val);
2072#endif
2073 bm->status = (val & 0x60) | (bm->status & 1) | (bm->status & ~val & 0x06);
2074}
2075
2076static uint32_t bmdma_addr_readl(void *opaque, uint32_t addr)
2077{
2078 BMDMAState *bm = opaque;
2079 uint32_t val;
2080 val = bm->addr;
2081#ifdef DEBUG_IDE
2082 printf("%s: 0x%08x\n", __func__, val);
2083#endif
2084 return val;
2085}
2086
2087static void bmdma_addr_writel(void *opaque, uint32_t addr, uint32_t val)
2088{
2089 BMDMAState *bm = opaque;
2090#ifdef DEBUG_IDE
2091 printf("%s: 0x%08x\n", __func__, val);
2092#endif
2093 bm->addr = val & ~3;
2094}
2095
2096static void bmdma_map(PCIDevice *pci_dev, int region_num,
2097 uint32_t addr, uint32_t size, int type)
2098{
2099 PCIIDEState *d = (PCIIDEState *)pci_dev;
2100 int i;
2101
2102 for(i = 0;i < 2; i++) {
2103 BMDMAState *bm = &d->bmdma[i];
2104 d->ide_if[2 * i].bmdma = bm;
2105 d->ide_if[2 * i + 1].bmdma = bm;
2106
2107 register_ioport_write(addr, 1, 1, bmdma_cmd_writeb, bm);
2108 register_ioport_read(addr, 1, 1, bmdma_cmd_readb, bm);
2109
2110 register_ioport_write(addr + 2, 1, 1, bmdma_status_writeb, bm);
2111 register_ioport_read(addr + 2, 1, 1, bmdma_status_readb, bm);
2112
2113 register_ioport_write(addr + 4, 4, 4, bmdma_addr_writel, bm);
2114 register_ioport_read(addr + 4, 4, 4, bmdma_addr_readl, bm);
2115 addr += 8;
2116 }
2117}
2118
69b91039 2119/* hd_table must contain 4 block drivers */
46e50e9d 2120void pci_ide_init(PCIBus *bus, BlockDriverState **hd_table)
69b91039
FB		 2121{
2122 PCIIDEState *d;
2123 uint8_t *pci_conf;
34e538ae
FB		 2124 int i;
2125
46e50e9d
FB		 2126 d = (PCIIDEState *)pci_register_device(bus, "IDE", sizeof(PCIIDEState),
2127 -1,
73c11f63 2128 NULL, NULL);
69b91039
FB		 2129 pci_conf = d->dev.config;
2130 pci_conf[0x00] = 0x86; // Intel
2131 pci_conf[0x01] = 0x80;
2132 pci_conf[0x02] = 0x00; // fake
2133 pci_conf[0x03] = 0x01; // fake
2134 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2135 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2136 pci_conf[0x0e] = 0x80; // header_type = PCI_multifunction, generic
2137
2138 pci_conf[0x2c] = 0x86; // subsys vendor
2139 pci_conf[0x2d] = 0x80; // subsys vendor
2140 pci_conf[0x2e] = 0x00; // fake
2141 pci_conf[0x2f] = 0x01; // fake
2142
2143 pci_register_io_region((PCIDevice *)d, 0, 0x8,
2144 PCI_ADDRESS_SPACE_IO, ide_map);
2145 pci_register_io_region((PCIDevice *)d, 1, 0x4,
2146 PCI_ADDRESS_SPACE_IO, ide_map);
2147 pci_register_io_region((PCIDevice *)d, 2, 0x8,
2148 PCI_ADDRESS_SPACE_IO, ide_map);
2149 pci_register_io_region((PCIDevice *)d, 3, 0x4,
2150 PCI_ADDRESS_SPACE_IO, ide_map);
98087450
FB		 2151 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2152 PCI_ADDRESS_SPACE_IO, bmdma_map);
69b91039 2153
34e538ae
FB		 2154 pci_conf[0x3d] = 0x01; // interrupt on pin 1
2155
2156 for(i = 0; i < 4; i++)
2157 d->ide_if[i].pci_dev = (PCIDevice *)d;
2158 ide_init2(&d->ide_if[0], 16, hd_table[0], hd_table[1]);
2159 ide_init2(&d->ide_if[2], 16, hd_table[2], hd_table[3]);
2160}
2161
2162/* hd_table must contain 4 block drivers */
2163/* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
46e50e9d 2164void pci_piix3_ide_init(PCIBus *bus, BlockDriverState **hd_table)
34e538ae
FB		 2165{
2166 PCIIDEState *d;
2167 uint8_t *pci_conf;
2168
2169 /* register a function 1 of PIIX3 */
46e50e9d
FB		 2170 d = (PCIIDEState *)pci_register_device(bus, "PIIX3 IDE",
2171 sizeof(PCIIDEState),
2172 ((PCIDevice *)piix3_state)->devfn + 1,
34e538ae
FB		 2173 NULL, NULL);
2174 pci_conf = d->dev.config;
2175 pci_conf[0x00] = 0x86; // Intel
2176 pci_conf[0x01] = 0x80;
2177 pci_conf[0x02] = 0x10;
2178 pci_conf[0x03] = 0x70;
2179 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2180 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2181 pci_conf[0x0e] = 0x00; // header_type
2182
98087450
FB		 2183 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2184 PCI_ADDRESS_SPACE_IO, bmdma_map);
34e538ae 2185
69b91039
FB		 2186 ide_init2(&d->ide_if[0], 14, hd_table[0], hd_table[1]);
2187 ide_init2(&d->ide_if[2], 15, hd_table[2], hd_table[3]);
34e538ae
FB		 2188 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
2189 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
69b91039 2190}
1ade1de2
FB		 2191
2192/***********************************************************/
2193/* MacIO based PowerPC IDE */
2194
2195/* PowerMac IDE memory IO */
2196static void pmac_ide_writeb (void *opaque,
2197 target_phys_addr_t addr, uint32_t val)
2198{
2199 addr = (addr & 0xFFF) >> 4;
2200 switch (addr) {
2201 case 1 ... 7:
2202 ide_ioport_write(opaque, addr, val);
2203 break;
2204 case 8:
2205 case 22:
2206 ide_cmd_write(opaque, 0, val);
2207 break;
2208 default:
2209 break;
2210 }
2211}
2212
2213static uint32_t pmac_ide_readb (void *opaque,target_phys_addr_t addr)
2214{
2215 uint8_t retval;
2216
2217 addr = (addr & 0xFFF) >> 4;
2218 switch (addr) {
2219 case 1 ... 7:
2220 retval = ide_ioport_read(opaque, addr);
2221 break;
2222 case 8:
2223 case 22:
2224 retval = ide_status_read(opaque, 0);
2225 break;
2226 default:
2227 retval = 0xFF;
2228 break;
2229 }
2230 return retval;
2231}
2232
2233static void pmac_ide_writew (void *opaque,
2234 target_phys_addr_t addr, uint32_t val)
2235{
2236 addr = (addr & 0xFFF) >> 4;
2237#ifdef TARGET_WORDS_BIGENDIAN
2238 val = bswap16(val);
2239#endif
2240 if (addr == 0) {
2241 ide_data_writew(opaque, 0, val);
2242 }
2243}
2244
2245static uint32_t pmac_ide_readw (void *opaque,target_phys_addr_t addr)
2246{
2247 uint16_t retval;
2248
2249 addr = (addr & 0xFFF) >> 4;
2250 if (addr == 0) {
2251 retval = ide_data_readw(opaque, 0);
2252 } else {
2253 retval = 0xFFFF;
2254 }
2255#ifdef TARGET_WORDS_BIGENDIAN
2256 retval = bswap16(retval);
2257#endif
2258 return retval;
2259}
2260
2261static void pmac_ide_writel (void *opaque,
2262 target_phys_addr_t addr, uint32_t val)
2263{
2264 addr = (addr & 0xFFF) >> 4;
2265#ifdef TARGET_WORDS_BIGENDIAN
2266 val = bswap32(val);
2267#endif
2268 if (addr == 0) {
2269 ide_data_writel(opaque, 0, val);
2270 }
2271}
2272
2273static uint32_t pmac_ide_readl (void *opaque,target_phys_addr_t addr)
2274{
2275 uint32_t retval;
2276
2277 addr = (addr & 0xFFF) >> 4;
2278 if (addr == 0) {
2279 retval = ide_data_readl(opaque, 0);
2280 } else {
2281 retval = 0xFFFFFFFF;
2282 }
2283#ifdef TARGET_WORDS_BIGENDIAN
2284 retval = bswap32(retval);
2285#endif
2286 return retval;
2287}
2288
2289static CPUWriteMemoryFunc *pmac_ide_write[] = {
2290 pmac_ide_writeb,
2291 pmac_ide_writew,
2292 pmac_ide_writel,
2293};
2294
2295static CPUReadMemoryFunc *pmac_ide_read[] = {
2296 pmac_ide_readb,
2297 pmac_ide_readw,
2298 pmac_ide_readl,
2299};
2300
2301/* hd_table must contain 4 block drivers */
2302/* PowerMac uses memory mapped registers, not I/O. Return the memory
2303 I/O index to access the ide. */
2304int pmac_ide_init (BlockDriverState **hd_table,
2305 openpic_t *openpic, int irq)
2306{
2307 IDEState *ide_if;
2308 int pmac_ide_memory;
2309
2310 ide_if = qemu_mallocz(sizeof(IDEState) * 2);
2311 ide_init2(&ide_if[0], irq, hd_table[0], hd_table[1]);
2312 ide_if[0].openpic = openpic;
2313 ide_if[1].openpic = openpic;
2314
2315 pmac_ide_memory = cpu_register_io_memory(0, pmac_ide_read,
2316 pmac_ide_write, &ide_if[0]);
2317 return pmac_ide_memory;
2318}
QEMU mirror