]> git.proxmox.com Git - qemu.git/blame - hw/ide.c
projects / qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
sockets: switch over tcp/telnet/unix serial line to new helper functions (Gerd Hoffman)
[qemu.git] / hw / ide.c
CommitLineData
5391d806 1/*
38cdea7c 2 * QEMU IDE disk and CD/DVD-ROM Emulator
5fafdf24 3 *
5391d806 4 * Copyright (c) 2003 Fabrice Bellard
201a51fc 5 * Copyright (c) 2006 Openedhand Ltd.
5fafdf24 6 *
5391d806
FB		 7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
87ecb68b
PB		 25#include "hw.h"
26#include "pc.h"
27#include "pci.h"
28#include "scsi-disk.h"
29#include "pcmcia.h"
30#include "block.h"
31#include "qemu-timer.h"
32#include "sysemu.h"
9596ebb7 33#include "ppc_mac.h"
5391d806 34
5391d806
FB		 35/* debug IDE devices */
36//#define DEBUG_IDE
37//#define DEBUG_IDE_ATAPI
8ccad811
FB		 38//#define DEBUG_AIO
39#define USE_DMA_CDROM
5391d806
FB		 40
41/* Bits of HD_STATUS */
42#define ERR_STAT 0x01
43#define INDEX_STAT 0x02
44#define ECC_STAT 0x04 /* Corrected error */
45#define DRQ_STAT 0x08
46#define SEEK_STAT 0x10
47#define SRV_STAT 0x10
48#define WRERR_STAT 0x20
49#define READY_STAT 0x40
50#define BUSY_STAT 0x80
51
52/* Bits for HD_ERROR */
53#define MARK_ERR 0x01 /* Bad address mark */
54#define TRK0_ERR 0x02 /* couldn't find track 0 */
55#define ABRT_ERR 0x04 /* Command aborted */
56#define MCR_ERR 0x08 /* media change request */
57#define ID_ERR 0x10 /* ID field not found */
58#define MC_ERR 0x20 /* media changed */
59#define ECC_ERR 0x40 /* Uncorrectable ECC error */
60#define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
61#define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
62
63/* Bits of HD_NSECTOR */
64#define CD 0x01
65#define IO 0x02
66#define REL 0x04
67#define TAG_MASK 0xf8
68
69#define IDE_CMD_RESET 0x04
70#define IDE_CMD_DISABLE_IRQ 0x02
71
72/* ATA/ATAPI Commands pre T13 Spec */
73#define WIN_NOP 0x00
74/*
75 * 0x01->0x02 Reserved
76 */
77#define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
78/*
79 * 0x04->0x07 Reserved
80 */
81#define WIN_SRST 0x08 /* ATAPI soft reset command */
82#define WIN_DEVICE_RESET 0x08
83/*
84 * 0x09->0x0F Reserved
85 */
86#define WIN_RECAL 0x10
87#define WIN_RESTORE WIN_RECAL
88/*
89 * 0x10->0x1F Reserved
90 */
91#define WIN_READ 0x20 /* 28-Bit */
92#define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
93#define WIN_READ_LONG 0x22 /* 28-Bit */
94#define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
95#define WIN_READ_EXT 0x24 /* 48-Bit */
96#define WIN_READDMA_EXT 0x25 /* 48-Bit */
97#define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
98#define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
99/*
100 * 0x28
101 */
102#define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
103/*
104 * 0x2A->0x2F Reserved
105 */
106#define WIN_WRITE 0x30 /* 28-Bit */
107#define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
108#define WIN_WRITE_LONG 0x32 /* 28-Bit */
109#define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
110#define WIN_WRITE_EXT 0x34 /* 48-Bit */
111#define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
112#define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
113#define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
114#define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
115#define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
116/*
117 * 0x3A->0x3B Reserved
118 */
119#define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
120/*
121 * 0x3D->0x3F Reserved
122 */
123#define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
124#define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
125#define WIN_VERIFY_EXT 0x42 /* 48-Bit */
126/*
127 * 0x43->0x4F Reserved
128 */
129#define WIN_FORMAT 0x50
130/*
131 * 0x51->0x5F Reserved
132 */
133#define WIN_INIT 0x60
134/*
135 * 0x61->0x5F Reserved
136 */
137#define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
138#define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
139#define WIN_DIAGNOSE 0x90
140#define WIN_SPECIFY 0x91 /* set drive geometry translation */
141#define WIN_DOWNLOAD_MICROCODE 0x92
142#define WIN_STANDBYNOW2 0x94
201a51fc 143#define CFA_IDLEIMMEDIATE 0x95 /* force drive to become "ready" */
5391d806
FB		 144#define WIN_STANDBY2 0x96
145#define WIN_SETIDLE2 0x97
146#define WIN_CHECKPOWERMODE2 0x98
147#define WIN_SLEEPNOW2 0x99
148/*
149 * 0x9A VENDOR
150 */
151#define WIN_PACKETCMD 0xA0 /* Send a packet command. */
152#define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
153#define WIN_QUEUED_SERVICE 0xA2
154#define WIN_SMART 0xB0 /* self-monitoring and reporting */
201a51fc
AZ		 155#define CFA_ACCESS_METADATA_STORAGE 0xB8
156#define CFA_ERASE_SECTORS 0xC0 /* microdrives implement as NOP */
5391d806
FB		 157#define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
158#define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
159#define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
160#define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
161#define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
162#define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
163#define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
164#define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
165#define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
166#define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
5fafdf24 167#define WIN_GETMEDIASTATUS 0xDA
5391d806
FB		 168#define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
169#define WIN_POSTBOOT 0xDC
170#define WIN_PREBOOT 0xDD
171#define WIN_DOORLOCK 0xDE /* lock door on removable drives */
172#define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
173#define WIN_STANDBYNOW1 0xE0
174#define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
175#define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
176#define WIN_SETIDLE1 0xE3
177#define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
178#define WIN_CHECKPOWERMODE1 0xE5
179#define WIN_SLEEPNOW1 0xE6
180#define WIN_FLUSH_CACHE 0xE7
181#define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
182#define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
183 /* SET_FEATURES 0x22 or 0xDD */
184#define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
185#define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
186#define WIN_MEDIAEJECT 0xED
187#define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
188#define WIN_SETFEATURES 0xEF /* set special drive features */
189#define EXABYTE_ENABLE_NEST 0xF0
201a51fc 190#define IBM_SENSE_CONDITION 0xF0 /* measure disk temperature */
5391d806
FB		 191#define WIN_SECURITY_SET_PASS 0xF1
192#define WIN_SECURITY_UNLOCK 0xF2
193#define WIN_SECURITY_ERASE_PREPARE 0xF3
194#define WIN_SECURITY_ERASE_UNIT 0xF4
195#define WIN_SECURITY_FREEZE_LOCK 0xF5
201a51fc 196#define CFA_WEAR_LEVEL 0xF5 /* microdrives implement as NOP */
5391d806
FB		 197#define WIN_SECURITY_DISABLE 0xF6
198#define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
199#define WIN_SET_MAX 0xF9
200#define DISABLE_SEAGATE 0xFB
201
202/* set to 1 set disable mult support */
f66723fa 203#define MAX_MULT_SECTORS 16
5391d806 204
1d8cde5b
AJ		 205#define IDE_DMA_BUF_SECTORS 256
206
207#if (IDE_DMA_BUF_SECTORS < MAX_MULT_SECTORS)
208#error "IDE_DMA_BUF_SECTORS must be bigger or equal to MAX_MULT_SECTORS"
209#endif
210
5391d806
FB		 211/* ATAPI defines */
212
213#define ATAPI_PACKET_SIZE 12
214
215/* The generic packet command opcodes for CD/DVD Logical Units,
216 * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
217#define GPCMD_BLANK 0xa1
218#define GPCMD_CLOSE_TRACK 0x5b
219#define GPCMD_FLUSH_CACHE 0x35
220#define GPCMD_FORMAT_UNIT 0x04
221#define GPCMD_GET_CONFIGURATION 0x46
222#define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
223#define GPCMD_GET_PERFORMANCE 0xac
224#define GPCMD_INQUIRY 0x12
225#define GPCMD_LOAD_UNLOAD 0xa6
226#define GPCMD_MECHANISM_STATUS 0xbd
227#define GPCMD_MODE_SELECT_10 0x55
228#define GPCMD_MODE_SENSE_10 0x5a
229#define GPCMD_PAUSE_RESUME 0x4b
230#define GPCMD_PLAY_AUDIO_10 0x45
231#define GPCMD_PLAY_AUDIO_MSF 0x47
232#define GPCMD_PLAY_AUDIO_TI 0x48
233#define GPCMD_PLAY_CD 0xbc
234#define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
235#define GPCMD_READ_10 0x28
236#define GPCMD_READ_12 0xa8
237#define GPCMD_READ_CDVD_CAPACITY 0x25
238#define GPCMD_READ_CD 0xbe
239#define GPCMD_READ_CD_MSF 0xb9
240#define GPCMD_READ_DISC_INFO 0x51
241#define GPCMD_READ_DVD_STRUCTURE 0xad
242#define GPCMD_READ_FORMAT_CAPACITIES 0x23
243#define GPCMD_READ_HEADER 0x44
244#define GPCMD_READ_TRACK_RZONE_INFO 0x52
245#define GPCMD_READ_SUBCHANNEL 0x42
246#define GPCMD_READ_TOC_PMA_ATIP 0x43
247#define GPCMD_REPAIR_RZONE_TRACK 0x58
248#define GPCMD_REPORT_KEY 0xa4
249#define GPCMD_REQUEST_SENSE 0x03
250#define GPCMD_RESERVE_RZONE_TRACK 0x53
251#define GPCMD_SCAN 0xba
252#define GPCMD_SEEK 0x2b
253#define GPCMD_SEND_DVD_STRUCTURE 0xad
254#define GPCMD_SEND_EVENT 0xa2
255#define GPCMD_SEND_KEY 0xa3
256#define GPCMD_SEND_OPC 0x54
257#define GPCMD_SET_READ_AHEAD 0xa7
258#define GPCMD_SET_STREAMING 0xb6
259#define GPCMD_START_STOP_UNIT 0x1b
260#define GPCMD_STOP_PLAY_SCAN 0x4e
261#define GPCMD_TEST_UNIT_READY 0x00
262#define GPCMD_VERIFY_10 0x2f
263#define GPCMD_WRITE_10 0x2a
264#define GPCMD_WRITE_AND_VERIFY_10 0x2e
5fafdf24 265/* This is listed as optional in ATAPI 2.6, but is (curiously)
5391d806
FB		 266 * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
267 * Table 377 as an MMC command for SCSi devices though... Most ATAPI
268 * drives support it. */
269#define GPCMD_SET_SPEED 0xbb
5fafdf24 270/* This seems to be a SCSI specific CD-ROM opcode
5391d806
FB		 271 * to play data at track/index */
272#define GPCMD_PLAYAUDIO_TI 0x48
273/*
274 * From MS Media Status Notification Support Specification. For
275 * older drives only.
276 */
277#define GPCMD_GET_MEDIA_STATUS 0xda
d14049ea 278#define GPCMD_MODE_SENSE_6 0x1a
5391d806
FB		 279
280/* Mode page codes for mode sense/set */
281#define GPMODE_R_W_ERROR_PAGE 0x01
282#define GPMODE_WRITE_PARMS_PAGE 0x05
283#define GPMODE_AUDIO_CTL_PAGE 0x0e
284#define GPMODE_POWER_PAGE 0x1a
285#define GPMODE_FAULT_FAIL_PAGE 0x1c
286#define GPMODE_TO_PROTECT_PAGE 0x1d
287#define GPMODE_CAPABILITIES_PAGE 0x2a
288#define GPMODE_ALL_PAGES 0x3f
289/* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
290 * of MODE_SENSE_POWER_PAGE */
291#define GPMODE_CDROM_PAGE 0x0d
292
38cdea7c
AZ		 293/*
294 * Based on values from <linux/cdrom.h> but extending CD_MINS
295 * to the maximum common size allowed by the Orange's Book ATIP
296 *
297 * 90 and 99 min CDs are also available but using them as the
298 * upper limit reduces the effectiveness of the heuristic to
299 * detect DVDs burned to less than 25% of their maximum capacity
300 */
301
302/* Some generally useful CD-ROM information */
303#define CD_MINS 80 /* max. minutes per CD */
304#define CD_SECS 60 /* seconds per minute */
305#define CD_FRAMES 75 /* frames per second */
306#define CD_FRAMESIZE 2048 /* bytes per frame, "cooked" mode */
307#define CD_MAX_BYTES (CD_MINS * CD_SECS * CD_FRAMES * CD_FRAMESIZE)
308#define CD_MAX_SECTORS (CD_MAX_BYTES / 512)
309
310/*
311 * The MMC values are not IDE specific and might need to be moved
312 * to a common header if they are also needed for the SCSI emulation
313 */
314
315/* Profile list from MMC-6 revision 1 table 91 */
316#define MMC_PROFILE_NONE 0x0000
317#define MMC_PROFILE_CD_ROM 0x0008
318#define MMC_PROFILE_CD_R 0x0009
319#define MMC_PROFILE_CD_RW 0x000A
320#define MMC_PROFILE_DVD_ROM 0x0010
321#define MMC_PROFILE_DVD_R_SR 0x0011
322#define MMC_PROFILE_DVD_RAM 0x0012
323#define MMC_PROFILE_DVD_RW_RO 0x0013
324#define MMC_PROFILE_DVD_RW_SR 0x0014
325#define MMC_PROFILE_DVD_R_DL_SR 0x0015
326#define MMC_PROFILE_DVD_R_DL_JR 0x0016
327#define MMC_PROFILE_DVD_RW_DL 0x0017
328#define MMC_PROFILE_DVD_DDR 0x0018
329#define MMC_PROFILE_DVD_PLUS_RW 0x001A
330#define MMC_PROFILE_DVD_PLUS_R 0x001B
331#define MMC_PROFILE_DVD_PLUS_RW_DL 0x002A
332#define MMC_PROFILE_DVD_PLUS_R_DL 0x002B
333#define MMC_PROFILE_BD_ROM 0x0040
334#define MMC_PROFILE_BD_R_SRM 0x0041
335#define MMC_PROFILE_BD_R_RRM 0x0042
336#define MMC_PROFILE_BD_RE 0x0043
337#define MMC_PROFILE_HDDVD_ROM 0x0050
338#define MMC_PROFILE_HDDVD_R 0x0051
339#define MMC_PROFILE_HDDVD_RAM 0x0052
340#define MMC_PROFILE_HDDVD_RW 0x0053
341#define MMC_PROFILE_HDDVD_R_DL 0x0058
342#define MMC_PROFILE_HDDVD_RW_DL 0x005A
343#define MMC_PROFILE_INVALID 0xFFFF
344
5391d806
FB		 345#define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
346#define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
347#define ATAPI_INT_REASON_REL 0x04
348#define ATAPI_INT_REASON_TAG 0xf8
349
350/* same constants as bochs */
7f777bf3 351#define ASC_ILLEGAL_OPCODE 0x20
5391d806
FB		 352#define ASC_LOGICAL_BLOCK_OOR 0x21
353#define ASC_INV_FIELD_IN_CMD_PACKET 0x24
8114e9e8 354#define ASC_INCOMPATIBLE_FORMAT 0x30
5391d806
FB		 355#define ASC_MEDIUM_NOT_PRESENT 0x3a
356#define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
357
201a51fc
AZ		 358#define CFA_NO_ERROR 0x00
359#define CFA_MISC_ERROR 0x09
360#define CFA_INVALID_COMMAND 0x20
361#define CFA_INVALID_ADDRESS 0x21
362#define CFA_ADDRESS_OVERFLOW 0x2f
363
5391d806
FB		 364#define SENSE_NONE 0
365#define SENSE_NOT_READY 2
366#define SENSE_ILLEGAL_REQUEST 5
367#define SENSE_UNIT_ATTENTION 6
368
369struct IDEState;
370
371typedef void EndTransferFunc(struct IDEState *);
372
caed8802 373/* NOTE: IDEState represents in fact one drive */
5391d806
FB		 374typedef struct IDEState {
375 /* ide config */
376 int is_cdrom;
201a51fc 377 int is_cf;
5391d806
FB		 378 int cylinders, heads, sectors;
379 int64_t nb_sectors;
380 int mult_sectors;
94458802
FB		 381 int identify_set;
382 uint16_t identify_data[256];
d537cf6c 383 qemu_irq irq;
34e538ae 384 PCIDevice *pci_dev;
98087450 385 struct BMDMAState *bmdma;
aedf5382 386 int drive_serial;
5391d806
FB		 387 /* ide regs */
388 uint8_t feature;
389 uint8_t error;
c2ff060f 390 uint32_t nsector;
5391d806
FB		 391 uint8_t sector;
392 uint8_t lcyl;
393 uint8_t hcyl;
c2ff060f
FB		 394 /* other part of tf for lba48 support */
395 uint8_t hob_feature;
396 uint8_t hob_nsector;
397 uint8_t hob_sector;
398 uint8_t hob_lcyl;
399 uint8_t hob_hcyl;
400
5391d806
FB		 401 uint8_t select;
402 uint8_t status;
c2ff060f 403
5391d806
FB		 404 /* 0x3f6 command, only meaningful for drive 0 */
405 uint8_t cmd;
c2ff060f
FB		 406 /* set for lba48 access */
407 uint8_t lba48;
5391d806 408 /* depends on bit 4 in select, only meaningful for drive 0 */
5fafdf24 409 struct IDEState *cur_drive;
5391d806
FB		 410 BlockDriverState *bs;
411 /* ATAPI specific */
412 uint8_t sense_key;
413 uint8_t asc;
414 int packet_transfer_size;
415 int elementary_transfer_size;
416 int io_buffer_index;
417 int lba;
98087450
FB		 418 int cd_sector_size;
419 int atapi_dma; /* true if dma is requested for the packet cmd */
420 /* ATA DMA state */
421 int io_buffer_size;
422 /* PIO transfer handling */
5391d806
FB		 423 int req_nb_sectors; /* number of sectors per interrupt */
424 EndTransferFunc *end_transfer_func;
425 uint8_t *data_ptr;
426 uint8_t *data_end;
33f00271 427 uint8_t *io_buffer;
31c2a146 428 QEMUTimer *sector_write_timer; /* only used for win2k install hack */
e774a278 429 uint32_t irq_count; /* counts IRQs when using win2k install hack */
201a51fc
AZ		 430 /* CF-ATA extended error */
431 uint8_t ext_error;
432 /* CF-ATA metadata storage */
433 uint32_t mdata_size;
434 uint8_t *mdata_storage;
435 int media_changed;
5391d806
FB		 436} IDEState;
437
8114e9e8
TS		 438/* XXX: DVDs that could fit on a CD will be reported as a CD */
439static inline int media_present(IDEState *s)
440{
441 return (s->nb_sectors > 0);
442}
443
444static inline int media_is_dvd(IDEState *s)
445{
446 return (media_present(s) && s->nb_sectors > CD_MAX_SECTORS);
447}
448
449static inline int media_is_cd(IDEState *s)
450{
451 return (media_present(s) && s->nb_sectors <= CD_MAX_SECTORS);
452}
453
98087450
FB		 454#define BM_STATUS_DMAING 0x01
455#define BM_STATUS_ERROR 0x02
456#define BM_STATUS_INT 0x04
457
458#define BM_CMD_START 0x01
459#define BM_CMD_READ 0x08
460
5457c8ce
FB		 461#define IDE_TYPE_PIIX3 0
462#define IDE_TYPE_CMD646 1
afcc3cdf 463#define IDE_TYPE_PIIX4 2
5457c8ce
FB		 464
465/* CMD646 specific */
466#define MRDMODE 0x71
467#define MRDMODE_INTR_CH0 0x04
468#define MRDMODE_INTR_CH1 0x08
469#define MRDMODE_BLK_CH0 0x10
470#define MRDMODE_BLK_CH1 0x20
471#define UDIDETCR0 0x73
472#define UDIDETCR1 0x7B
473
98087450
FB		 474typedef struct BMDMAState {
475 uint8_t cmd;
476 uint8_t status;
477 uint32_t addr;
3b46e624 478
5457c8ce 479 struct PCIIDEState *pci_dev;
98087450 480 /* current transfer state */
8ccad811
FB		 481 uint32_t cur_addr;
482 uint32_t cur_prd_last;
483 uint32_t cur_prd_addr;
484 uint32_t cur_prd_len;
98087450 485 IDEState *ide_if;
8ccad811
FB		 486 BlockDriverCompletionFunc *dma_cb;
487 BlockDriverAIOCB *aiocb;
98087450
FB		 488} BMDMAState;
489
490typedef struct PCIIDEState {
491 PCIDevice dev;
492 IDEState ide_if[4];
493 BMDMAState bmdma[2];
5457c8ce 494 int type; /* see IDE_TYPE_xxx */
98087450
FB		 495} PCIIDEState;
496
8ccad811 497static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb);
5f12ab4b 498static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
98087450 499
5391d806
FB		 500static void padstr(char *str, const char *src, int len)
501{
502 int i, v;
503 for(i = 0; i < len; i++) {
504 if (*src)
505 v = *src++;
506 else
507 v = ' ';
69b34976 508 str[i^1] = v;
5391d806
FB		 509 }
510}
511
bd0d90b2
FB		 512static void padstr8(uint8_t *buf, int buf_size, const char *src)
513{
514 int i;
515 for(i = 0; i < buf_size; i++) {
516 if (*src)
517 buf[i] = *src++;
518 else
519 buf[i] = ' ';
520 }
521}
522
67b915a5
FB		 523static void put_le16(uint16_t *p, unsigned int v)
524{
0c4ad8dc 525 *p = cpu_to_le16(v);
67b915a5
FB		 526}
527
5391d806
FB		 528static void ide_identify(IDEState *s)
529{
530 uint16_t *p;
531 unsigned int oldsize;
aedf5382 532 char buf[20];
5391d806 533
94458802
FB		 534 if (s->identify_set) {
535 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
536 return;
537 }
538
5391d806
FB		 539 memset(s->io_buffer, 0, 512);
540 p = (uint16_t *)s->io_buffer;
67b915a5 541 put_le16(p + 0, 0x0040);
5fafdf24 542 put_le16(p + 1, s->cylinders);
67b915a5
FB		 543 put_le16(p + 3, s->heads);
544 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
545 put_le16(p + 5, 512); /* XXX: retired, remove ? */
5fafdf24 546 put_le16(p + 6, s->sectors);
aedf5382 547 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
60fe76f3 548 padstr((char *)(p + 10), buf, 20); /* serial number */
67b915a5
FB		 549 put_le16(p + 20, 3); /* XXX: retired, remove ? */
550 put_le16(p + 21, 512); /* cache size in sectors */
551 put_le16(p + 22, 4); /* ecc bytes */
60fe76f3
TS		 552 padstr((char *)(p + 23), QEMU_VERSION, 8); /* firmware version */
553 padstr((char *)(p + 27), "QEMU HARDDISK", 40); /* model */
3b46e624 554#if MAX_MULT_SECTORS > 1
67b915a5 555 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
5391d806 556#endif
67b915a5 557 put_le16(p + 48, 1); /* dword I/O */
94458802 558 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
67b915a5
FB		 559 put_le16(p + 51, 0x200); /* PIO transfer cycle */
560 put_le16(p + 52, 0x200); /* DMA transfer cycle */
94458802 561 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
67b915a5
FB		 562 put_le16(p + 54, s->cylinders);
563 put_le16(p + 55, s->heads);
564 put_le16(p + 56, s->sectors);
5391d806 565 oldsize = s->cylinders * s->heads * s->sectors;
67b915a5
FB		 566 put_le16(p + 57, oldsize);
567 put_le16(p + 58, oldsize >> 16);
5391d806 568 if (s->mult_sectors)
67b915a5
FB		 569 put_le16(p + 59, 0x100 | s->mult_sectors);
570 put_le16(p + 60, s->nb_sectors);
571 put_le16(p + 61, s->nb_sectors >> 16);
d1b5c20d 572 put_le16(p + 62, 0x07); /* single word dma0-2 supported */
94458802
FB		 573 put_le16(p + 63, 0x07); /* mdma0-2 supported */
574 put_le16(p + 65, 120);
575 put_le16(p + 66, 120);
576 put_le16(p + 67, 120);
577 put_le16(p + 68, 120);
578 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
579 put_le16(p + 81, 0x16); /* conforms to ata5 */
67b915a5 580 put_le16(p + 82, (1 << 14));
c2ff060f
FB		 581 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
582 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
67b915a5
FB		 583 put_le16(p + 84, (1 << 14));
584 put_le16(p + 85, (1 << 14));
c2ff060f
FB		 585 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
586 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
67b915a5 587 put_le16(p + 87, (1 << 14));
94458802
FB		 588 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
589 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
c2ff060f
FB		 590 put_le16(p + 100, s->nb_sectors);
591 put_le16(p + 101, s->nb_sectors >> 16);
592 put_le16(p + 102, s->nb_sectors >> 32);
593 put_le16(p + 103, s->nb_sectors >> 48);
94458802
FB		 594
595 memcpy(s->identify_data, p, sizeof(s->identify_data));
596 s->identify_set = 1;
5391d806
FB		 597}
598
599static void ide_atapi_identify(IDEState *s)
600{
601 uint16_t *p;
aedf5382 602 char buf[20];
5391d806 603
94458802
FB		 604 if (s->identify_set) {
605 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
606 return;
607 }
608
5391d806
FB		 609 memset(s->io_buffer, 0, 512);
610 p = (uint16_t *)s->io_buffer;
611 /* Removable CDROM, 50us response, 12 byte packets */
67b915a5 612 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
aedf5382 613 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
60fe76f3 614 padstr((char *)(p + 10), buf, 20); /* serial number */
67b915a5
FB		 615 put_le16(p + 20, 3); /* buffer type */
616 put_le16(p + 21, 512); /* cache size in sectors */
617 put_le16(p + 22, 4); /* ecc bytes */
60fe76f3 618 padstr((char *)(p + 23), QEMU_VERSION, 8); /* firmware version */
38cdea7c 619 padstr((char *)(p + 27), "QEMU DVD-ROM", 40); /* model */
67b915a5 620 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
8ccad811
FB		 621#ifdef USE_DMA_CDROM
622 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
623 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
d1b5c20d 624 put_le16(p + 62, 7); /* single word dma0-2 supported */
8ccad811
FB		 625 put_le16(p + 63, 7); /* mdma0-2 supported */
626 put_le16(p + 64, 0x3f); /* PIO modes supported */
627#else
67b915a5
FB		 628 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
629 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
630 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
631 put_le16(p + 64, 1); /* PIO modes */
8ccad811 632#endif
67b915a5
FB		 633 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
634 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
635 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
636 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
94458802 637
67b915a5
FB		 638 put_le16(p + 71, 30); /* in ns */
639 put_le16(p + 72, 30); /* in ns */
5391d806 640
67b915a5 641 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
8ccad811
FB		 642#ifdef USE_DMA_CDROM
643 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
644#endif
94458802
FB		 645 memcpy(s->identify_data, p, sizeof(s->identify_data));
646 s->identify_set = 1;
5391d806
FB		 647}
648
201a51fc
AZ		 649static void ide_cfata_identify(IDEState *s)
650{
651 uint16_t *p;
652 uint32_t cur_sec;
653 char buf[20];
654
655 p = (uint16_t *) s->identify_data;
656 if (s->identify_set)
657 goto fill_buffer;
658
659 memset(p, 0, sizeof(s->identify_data));
660
661 cur_sec = s->cylinders * s->heads * s->sectors;
662
663 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
664 put_le16(p + 1, s->cylinders); /* Default cylinders */
665 put_le16(p + 3, s->heads); /* Default heads */
666 put_le16(p + 6, s->sectors); /* Default sectors per track */
667 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
668 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
669 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
60fe76f3 670 padstr((char *)(p + 10), buf, 20); /* Serial number in ASCII */
201a51fc 671 put_le16(p + 22, 0x0004); /* ECC bytes */
60fe76f3
TS		 672 padstr((char *) (p + 23), QEMU_VERSION, 8); /* Firmware Revision */
673 padstr((char *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */
201a51fc
AZ		 674#if MAX_MULT_SECTORS > 1
675 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
676#else
677 put_le16(p + 47, 0x0000);
678#endif
679 put_le16(p + 49, 0x0f00); /* Capabilities */
680 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
681 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
682 put_le16(p + 53, 0x0003); /* Translation params valid */
683 put_le16(p + 54, s->cylinders); /* Current cylinders */
684 put_le16(p + 55, s->heads); /* Current heads */
685 put_le16(p + 56, s->sectors); /* Current sectors */
686 put_le16(p + 57, cur_sec); /* Current capacity */
687 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
688 if (s->mult_sectors) /* Multiple sector setting */
689 put_le16(p + 59, 0x100 | s->mult_sectors);
690 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
691 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
692 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
693 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
694 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
695 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
696 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
697 put_le16(p + 82, 0x400c); /* Command Set supported */
698 put_le16(p + 83, 0x7068); /* Command Set supported */
699 put_le16(p + 84, 0x4000); /* Features supported */
700 put_le16(p + 85, 0x000c); /* Command Set enabled */
701 put_le16(p + 86, 0x7044); /* Command Set enabled */
702 put_le16(p + 87, 0x4000); /* Features enabled */
703 put_le16(p + 91, 0x4060); /* Current APM level */
704 put_le16(p + 129, 0x0002); /* Current features option */
705 put_le16(p + 130, 0x0005); /* Reassigned sectors */
706 put_le16(p + 131, 0x0001); /* Initial power mode */
707 put_le16(p + 132, 0x0000); /* User signature */
708 put_le16(p + 160, 0x8100); /* Power requirement */
709 put_le16(p + 161, 0x8001); /* CF command set */
710
711 s->identify_set = 1;
712
713fill_buffer:
714 memcpy(s->io_buffer, p, sizeof(s->identify_data));
715}
716
5391d806
FB		 717static void ide_set_signature(IDEState *s)
718{
719 s->select &= 0xf0; /* clear head */
720 /* put signature */
721 s->nsector = 1;
722 s->sector = 1;
723 if (s->is_cdrom) {
724 s->lcyl = 0x14;
725 s->hcyl = 0xeb;
726 } else if (s->bs) {
727 s->lcyl = 0;
728 s->hcyl = 0;
729 } else {
730 s->lcyl = 0xff;
731 s->hcyl = 0xff;
732 }
733}
734
735static inline void ide_abort_command(IDEState *s)
736{
737 s->status = READY_STAT | ERR_STAT;
738 s->error = ABRT_ERR;
739}
740
5604e090
AZ		 741static inline void ide_dma_submit_check(IDEState *s,
742 BlockDriverCompletionFunc *dma_cb, BMDMAState *bm)
743{
744 if (bm->aiocb)
745 return;
746 dma_cb(bm, -1);
747}
748
5391d806
FB		 749static inline void ide_set_irq(IDEState *s)
750{
98ff7d30 751 BMDMAState *bm = s->bmdma;
5391d806 752 if (!(s->cmd & IDE_CMD_DISABLE_IRQ)) {
5457c8ce 753 if (bm) {
98ff7d30 754 bm->status |= BM_STATUS_INT;
5457c8ce 755 }
d537cf6c 756 qemu_irq_raise(s->irq);
5391d806
FB		 757 }
758}
759
760/* prepare data transfer and tell what to do after */
5fafdf24 761static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
5391d806
FB		 762 EndTransferFunc *end_transfer_func)
763{
764 s->end_transfer_func = end_transfer_func;
765 s->data_ptr = buf;
766 s->data_end = buf + size;
7603d156
TS		 767 if (!(s->status & ERR_STAT))
768 s->status |= DRQ_STAT;
5391d806
FB		 769}
770
771static void ide_transfer_stop(IDEState *s)
772{
773 s->end_transfer_func = ide_transfer_stop;
774 s->data_ptr = s->io_buffer;
775 s->data_end = s->io_buffer;
776 s->status &= ~DRQ_STAT;
777}
778
779static int64_t ide_get_sector(IDEState *s)
780{
781 int64_t sector_num;
782 if (s->select & 0x40) {
783 /* lba */
c2ff060f
FB		 784 if (!s->lba48) {
785 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
786 (s->lcyl << 8) | s->sector;
787 } else {
788 sector_num = ((int64_t)s->hob_hcyl << 40) |
789 ((int64_t) s->hob_lcyl << 32) |
790 ((int64_t) s->hob_sector << 24) |
791 ((int64_t) s->hcyl << 16) |
792 ((int64_t) s->lcyl << 8) | s->sector;
793 }
5391d806
FB		 794 } else {
795 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
c2ff060f 796 (s->select & 0x0f) * s->sectors + (s->sector - 1);
5391d806
FB		 797 }
798 return sector_num;
799}
800
801static void ide_set_sector(IDEState *s, int64_t sector_num)
802{
803 unsigned int cyl, r;
804 if (s->select & 0x40) {
c2ff060f
FB		 805 if (!s->lba48) {
806 s->select = (s->select & 0xf0) | (sector_num >> 24);
807 s->hcyl = (sector_num >> 16);
808 s->lcyl = (sector_num >> 8);
809 s->sector = (sector_num);
810 } else {
811 s->sector = sector_num;
812 s->lcyl = sector_num >> 8;
813 s->hcyl = sector_num >> 16;
814 s->hob_sector = sector_num >> 24;
815 s->hob_lcyl = sector_num >> 32;
816 s->hob_hcyl = sector_num >> 40;
817 }
5391d806
FB		 818 } else {
819 cyl = sector_num / (s->heads * s->sectors);
820 r = sector_num % (s->heads * s->sectors);
821 s->hcyl = cyl >> 8;
822 s->lcyl = cyl;
1b8eb456 823 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
5391d806
FB		 824 s->sector = (r % s->sectors) + 1;
825 }
826}
827
e162cfb0
AZ		 828static void ide_rw_error(IDEState *s) {
829 ide_abort_command(s);
830 ide_set_irq(s);
831}
832
5391d806
FB		 833static void ide_sector_read(IDEState *s)
834{
835 int64_t sector_num;
836 int ret, n;
837
838 s->status = READY_STAT | SEEK_STAT;
a136e5a8 839 s->error = 0; /* not needed by IDE spec, but needed by Windows */
5391d806
FB		 840 sector_num = ide_get_sector(s);
841 n = s->nsector;
842 if (n == 0) {
843 /* no more sector to read from disk */
844 ide_transfer_stop(s);
845 } else {
846#if defined(DEBUG_IDE)
18c5f8ea 847 printf("read sector=%" PRId64 "\n", sector_num);
5391d806
FB		 848#endif
849 if (n > s->req_nb_sectors)
850 n = s->req_nb_sectors;
851 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
e162cfb0
AZ		 852 if (ret != 0) {
853 ide_rw_error(s);
854 return;
855 }
5391d806
FB		 856 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
857 ide_set_irq(s);
858 ide_set_sector(s, sector_num + n);
859 s->nsector -= n;
860 }
861}
862
e162cfb0
AZ		 863static void ide_dma_error(IDEState *s)
864{
865 ide_transfer_stop(s);
866 s->error = ABRT_ERR;
867 s->status = READY_STAT | ERR_STAT;
868 ide_set_irq(s);
869}
870
8ccad811
FB		 871/* return 0 if buffer completed */
872static int dma_buf_rw(BMDMAState *bm, int is_write)
98087450 873{
8ccad811
FB		 874 IDEState *s = bm->ide_if;
875 struct {
876 uint32_t addr;
877 uint32_t size;
878 } prd;
879 int l, len;
98087450 880
8ccad811
FB		 881 for(;;) {
882 l = s->io_buffer_size - s->io_buffer_index;
5fafdf24 883 if (l <= 0)
8ccad811
FB		 884 break;
885 if (bm->cur_prd_len == 0) {
886 /* end of table (with a fail safe of one page) */
887 if (bm->cur_prd_last ||
888 (bm->cur_addr - bm->addr) >= 4096)
889 return 0;
890 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
891 bm->cur_addr += 8;
892 prd.addr = le32_to_cpu(prd.addr);
893 prd.size = le32_to_cpu(prd.size);
894 len = prd.size & 0xfffe;
895 if (len == 0)
896 len = 0x10000;
897 bm->cur_prd_len = len;
898 bm->cur_prd_addr = prd.addr;
899 bm->cur_prd_last = (prd.size & 0x80000000);
900 }
901 if (l > bm->cur_prd_len)
902 l = bm->cur_prd_len;
903 if (l > 0) {
904 if (is_write) {
5fafdf24 905 cpu_physical_memory_write(bm->cur_prd_addr,
8ccad811
FB		 906 s->io_buffer + s->io_buffer_index, l);
907 } else {
5fafdf24 908 cpu_physical_memory_read(bm->cur_prd_addr,
8ccad811
FB		 909 s->io_buffer + s->io_buffer_index, l);
910 }
911 bm->cur_prd_addr += l;
912 bm->cur_prd_len -= l;
913 s->io_buffer_index += l;
98087450 914 }
98087450 915 }
8ccad811
FB		 916 return 1;
917}
918
8ccad811
FB		 919static void ide_read_dma_cb(void *opaque, int ret)
920{
921 BMDMAState *bm = opaque;
922 IDEState *s = bm->ide_if;
923 int n;
924 int64_t sector_num;
925
e162cfb0
AZ		 926 if (ret < 0) {
927 ide_dma_error(s);
928 return;
929 }
930
8ccad811
FB		 931 n = s->io_buffer_size >> 9;
932 sector_num = ide_get_sector(s);
933 if (n > 0) {
934 sector_num += n;
935 ide_set_sector(s, sector_num);
936 s->nsector -= n;
937 if (dma_buf_rw(bm, 1) == 0)
938 goto eot;
939 }
940
941 /* end of transfer ? */
942 if (s->nsector == 0) {
98087450
FB		 943 s->status = READY_STAT | SEEK_STAT;
944 ide_set_irq(s);
8ccad811
FB		 945 eot:
946 bm->status &= ~BM_STATUS_DMAING;
947 bm->status |= BM_STATUS_INT;
948 bm->dma_cb = NULL;
949 bm->ide_if = NULL;
950 bm->aiocb = NULL;
951 return;
98087450 952 }
8ccad811
FB		 953
954 /* launch next transfer */
955 n = s->nsector;
1d8cde5b
AJ		 956 if (n > IDE_DMA_BUF_SECTORS)
957 n = IDE_DMA_BUF_SECTORS;
8ccad811
FB		 958 s->io_buffer_index = 0;
959 s->io_buffer_size = n * 512;
960#ifdef DEBUG_AIO
961 printf("aio_read: sector_num=%lld n=%d\n", sector_num, n);
962#endif
5fafdf24 963 bm->aiocb = bdrv_aio_read(s->bs, sector_num, s->io_buffer, n,
8ccad811 964 ide_read_dma_cb, bm);
5604e090 965 ide_dma_submit_check(s, ide_read_dma_cb, bm);
98087450
FB		 966}
967
968static void ide_sector_read_dma(IDEState *s)
969{
8ccad811 970 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
98087450
FB		 971 s->io_buffer_index = 0;
972 s->io_buffer_size = 0;
973 ide_dma_start(s, ide_read_dma_cb);
974}
975
a09db21f
FB		 976static void ide_sector_write_timer_cb(void *opaque)
977{
978 IDEState *s = opaque;
979 ide_set_irq(s);
980}
981
5391d806
FB		 982static void ide_sector_write(IDEState *s)
983{
984 int64_t sector_num;
31c2a146 985 int ret, n, n1;
5391d806
FB		 986
987 s->status = READY_STAT | SEEK_STAT;
988 sector_num = ide_get_sector(s);
989#if defined(DEBUG_IDE)
18c5f8ea 990 printf("write sector=%" PRId64 "\n", sector_num);
5391d806
FB		 991#endif
992 n = s->nsector;
993 if (n > s->req_nb_sectors)
994 n = s->req_nb_sectors;
31c2a146 995 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
e162cfb0
AZ		 996 if (ret != 0) {
997 ide_rw_error(s);
998 return;
999 }
1000
5391d806
FB		 1001 s->nsector -= n;
1002 if (s->nsector == 0) {
292eef5a 1003 /* no more sectors to write */
5391d806
FB		 1004 ide_transfer_stop(s);
1005 } else {
1006 n1 = s->nsector;
1007 if (n1 > s->req_nb_sectors)
1008 n1 = s->req_nb_sectors;
1009 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
1010 }
1011 ide_set_sector(s, sector_num + n);
3b46e624 1012
31c2a146
TS		 1013#ifdef TARGET_I386
1014 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
1015 /* It seems there is a bug in the Windows 2000 installer HDD
1016 IDE driver which fills the disk with empty logs when the
1017 IDE write IRQ comes too early. This hack tries to correct
1018 that at the expense of slower write performances. Use this
1019 option _only_ to install Windows 2000. You must disable it
1020 for normal use. */
1021 qemu_mod_timer(s->sector_write_timer,
1022 qemu_get_clock(vm_clock) + (ticks_per_sec / 1000));
1023 } else
1024#endif
1025 {
1026 ide_set_irq(s);
1027 }
5391d806
FB		 1028}
1029
8ccad811 1030static void ide_write_dma_cb(void *opaque, int ret)
98087450 1031{
8ccad811
FB		 1032 BMDMAState *bm = opaque;
1033 IDEState *s = bm->ide_if;
1034 int n;
98087450
FB		 1035 int64_t sector_num;
1036
e162cfb0
AZ		 1037 if (ret < 0) {
1038 ide_dma_error(s);
1039 return;
1040 }
1041
8ccad811
FB		 1042 n = s->io_buffer_size >> 9;
1043 sector_num = ide_get_sector(s);
1044 if (n > 0) {
1045 sector_num += n;
1046 ide_set_sector(s, sector_num);
1047 s->nsector -= n;
98087450 1048 }
98087450 1049
8ccad811
FB		 1050 /* end of transfer ? */
1051 if (s->nsector == 0) {
1052 s->status = READY_STAT | SEEK_STAT;
1053 ide_set_irq(s);
1054 eot:
1055 bm->status &= ~BM_STATUS_DMAING;
1056 bm->status |= BM_STATUS_INT;
1057 bm->dma_cb = NULL;
1058 bm->ide_if = NULL;
1059 bm->aiocb = NULL;
1060 return;
1061 }
1062
1063 /* launch next transfer */
98087450 1064 n = s->nsector;
1d8cde5b
AJ		 1065 if (n > IDE_DMA_BUF_SECTORS)
1066 n = IDE_DMA_BUF_SECTORS;
98087450
FB		 1067 s->io_buffer_index = 0;
1068 s->io_buffer_size = n * 512;
8ccad811
FB		 1069
1070 if (dma_buf_rw(bm, 0) == 0)
1071 goto eot;
1072#ifdef DEBUG_AIO
1073 printf("aio_write: sector_num=%lld n=%d\n", sector_num, n);
1074#endif
5fafdf24 1075 bm->aiocb = bdrv_aio_write(s->bs, sector_num, s->io_buffer, n,
8ccad811 1076 ide_write_dma_cb, bm);
5604e090 1077 ide_dma_submit_check(s, ide_write_dma_cb, bm);
8ccad811
FB		 1078}
1079
1080static void ide_sector_write_dma(IDEState *s)
1081{
1082 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
1083 s->io_buffer_index = 0;
1084 s->io_buffer_size = 0;
98087450
FB		 1085 ide_dma_start(s, ide_write_dma_cb);
1086}
1087
5391d806
FB		 1088static void ide_atapi_cmd_ok(IDEState *s)
1089{
1090 s->error = 0;
41a2b959 1091 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 1092 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1093 ide_set_irq(s);
1094}
1095
1096static void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
1097{
1098#ifdef DEBUG_IDE_ATAPI
1099 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
1100#endif
1101 s->error = sense_key << 4;
1102 s->status = READY_STAT | ERR_STAT;
1103 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1104 s->sense_key = sense_key;
1105 s->asc = asc;
1106 ide_set_irq(s);
1107}
1108
1109static inline void cpu_to_ube16(uint8_t *buf, int val)
1110{
1111 buf[0] = val >> 8;
1112 buf[1] = val;
1113}
1114
1115static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
1116{
1117 buf[0] = val >> 24;
1118 buf[1] = val >> 16;
1119 buf[2] = val >> 8;
1120 buf[3] = val;
1121}
1122
1123static inline int ube16_to_cpu(const uint8_t *buf)
1124{
1125 return (buf[0] << 8) | buf[1];
1126}
1127
1128static inline int ube32_to_cpu(const uint8_t *buf)
1129{
1130 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
1131}
1132
98087450
FB		 1133static void lba_to_msf(uint8_t *buf, int lba)
1134{
1135 lba += 150;
1136 buf[0] = (lba / 75) / 60;
1137 buf[1] = (lba / 75) % 60;
1138 buf[2] = lba % 75;
1139}
1140
8ccad811
FB		 1141static void cd_data_to_raw(uint8_t *buf, int lba)
1142{
1143 /* sync bytes */
1144 buf[0] = 0x00;
1145 memset(buf + 1, 0xff, 10);
1146 buf[11] = 0x00;
1147 buf += 12;
1148 /* MSF */
1149 lba_to_msf(buf, lba);
1150 buf[3] = 0x01; /* mode 1 data */
1151 buf += 4;
1152 /* data */
1153 buf += 2048;
1154 /* XXX: ECC not computed */
1155 memset(buf, 0, 288);
1156}
1157
5fafdf24 1158static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
98087450
FB		 1159 int sector_size)
1160{
66c6ef76
FB		 1161 int ret;
1162
98087450
FB		 1163 switch(sector_size) {
1164 case 2048:
66c6ef76 1165 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
98087450
FB		 1166 break;
1167 case 2352:
66c6ef76
FB		 1168 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
1169 if (ret < 0)
1170 return ret;
8ccad811 1171 cd_data_to_raw(buf, lba);
98087450
FB		 1172 break;
1173 default:
66c6ef76 1174 ret = -EIO;
98087450
FB		 1175 break;
1176 }
66c6ef76
FB		 1177 return ret;
1178}
1179
1180static void ide_atapi_io_error(IDEState *s, int ret)
1181{
1182 /* XXX: handle more errors */
1183 if (ret == -ENOMEDIUM) {
5fafdf24 1184 ide_atapi_cmd_error(s, SENSE_NOT_READY,
66c6ef76
FB		 1185 ASC_MEDIUM_NOT_PRESENT);
1186 } else {
5fafdf24 1187 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
66c6ef76
FB		 1188 ASC_LOGICAL_BLOCK_OOR);
1189 }
98087450
FB		 1190}
1191
5391d806
FB		 1192/* The whole ATAPI transfer logic is handled in this function */
1193static void ide_atapi_cmd_reply_end(IDEState *s)
1194{
66c6ef76 1195 int byte_count_limit, size, ret;
5391d806 1196#ifdef DEBUG_IDE_ATAPI
5fafdf24 1197 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
5391d806
FB		 1198 s->packet_transfer_size,
1199 s->elementary_transfer_size,
1200 s->io_buffer_index);
1201#endif
1202 if (s->packet_transfer_size <= 0) {
1203 /* end of transfer */
1204 ide_transfer_stop(s);
41a2b959 1205 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 1206 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1207 ide_set_irq(s);
1208#ifdef DEBUG_IDE_ATAPI
1209 printf("status=0x%x\n", s->status);
1210#endif
1211 } else {
1212 /* see if a new sector must be read */
98087450 1213 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
66c6ef76
FB		 1214 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
1215 if (ret < 0) {
1216 ide_transfer_stop(s);
1217 ide_atapi_io_error(s, ret);
1218 return;
1219 }
5391d806
FB		 1220 s->lba++;
1221 s->io_buffer_index = 0;
1222 }
1223 if (s->elementary_transfer_size > 0) {
1224 /* there are some data left to transmit in this elementary
1225 transfer */
98087450 1226 size = s->cd_sector_size - s->io_buffer_index;
5391d806
FB		 1227 if (size > s->elementary_transfer_size)
1228 size = s->elementary_transfer_size;
5fafdf24 1229 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
5391d806
FB		 1230 size, ide_atapi_cmd_reply_end);
1231 s->packet_transfer_size -= size;
1232 s->elementary_transfer_size -= size;
1233 s->io_buffer_index += size;
1234 } else {
1235 /* a new transfer is needed */
1236 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
1237 byte_count_limit = s->lcyl | (s->hcyl << 8);
1238#ifdef DEBUG_IDE_ATAPI
1239 printf("byte_count_limit=%d\n", byte_count_limit);
1240#endif
1241 if (byte_count_limit == 0xffff)
1242 byte_count_limit--;
1243 size = s->packet_transfer_size;
1244 if (size > byte_count_limit) {
1245 /* byte count limit must be even if this case */
1246 if (byte_count_limit & 1)
1247 byte_count_limit--;
1248 size = byte_count_limit;
5391d806 1249 }
a136e5a8
FB		 1250 s->lcyl = size;
1251 s->hcyl = size >> 8;
5391d806
FB		 1252 s->elementary_transfer_size = size;
1253 /* we cannot transmit more than one sector at a time */
1254 if (s->lba != -1) {
98087450
FB		 1255 if (size > (s->cd_sector_size - s->io_buffer_index))
1256 size = (s->cd_sector_size - s->io_buffer_index);
5391d806 1257 }
5fafdf24 1258 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
5391d806
FB		 1259 size, ide_atapi_cmd_reply_end);
1260 s->packet_transfer_size -= size;
1261 s->elementary_transfer_size -= size;
1262 s->io_buffer_index += size;
1263 ide_set_irq(s);
1264#ifdef DEBUG_IDE_ATAPI
1265 printf("status=0x%x\n", s->status);
1266#endif
1267 }
1268 }
1269}
1270
1271/* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
1272static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
1273{
1274 if (size > max_size)
1275 size = max_size;
1276 s->lba = -1; /* no sector read */
1277 s->packet_transfer_size = size;
5f12ab4b 1278 s->io_buffer_size = size; /* dma: send the reply data as one chunk */
5391d806
FB		 1279 s->elementary_transfer_size = 0;
1280 s->io_buffer_index = 0;
1281
5f12ab4b 1282 if (s->atapi_dma) {
41a2b959 1283 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
5f12ab4b
TS		 1284 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1285 } else {
41a2b959 1286 s->status = READY_STAT | SEEK_STAT;
5f12ab4b
TS		 1287 ide_atapi_cmd_reply_end(s);
1288 }
5391d806
FB		 1289}
1290
1291/* start a CD-CDROM read command */
98087450
FB		 1292static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
1293 int sector_size)
5391d806 1294{
5391d806 1295 s->lba = lba;
98087450 1296 s->packet_transfer_size = nb_sectors * sector_size;
5391d806 1297 s->elementary_transfer_size = 0;
98087450
FB		 1298 s->io_buffer_index = sector_size;
1299 s->cd_sector_size = sector_size;
5391d806 1300
41a2b959 1301 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 1302 ide_atapi_cmd_reply_end(s);
1303}
1304
98087450 1305/* ATAPI DMA support */
8ccad811
FB		 1306
1307/* XXX: handle read errors */
1308static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
98087450 1309{
8ccad811
FB		 1310 BMDMAState *bm = opaque;
1311 IDEState *s = bm->ide_if;
1312 int data_offset, n;
1313
66c6ef76
FB		 1314 if (ret < 0) {
1315 ide_atapi_io_error(s, ret);
1316 goto eot;
1317 }
1318
8ccad811 1319 if (s->io_buffer_size > 0) {
5f12ab4b
TS		 1320 /*
1321 * For a cdrom read sector command (s->lba != -1),
1322 * adjust the lba for the next s->io_buffer_size chunk
1323 * and dma the current chunk.
1324 * For a command != read (s->lba == -1), just transfer
1325 * the reply data.
1326 */
1327 if (s->lba != -1) {
1328 if (s->cd_sector_size == 2352) {
1329 n = 1;
1330 cd_data_to_raw(s->io_buffer, s->lba);
1331 } else {
1332 n = s->io_buffer_size >> 11;
1333 }
1334 s->lba += n;
1335 }
8ccad811 1336 s->packet_transfer_size -= s->io_buffer_size;
8ccad811
FB		 1337 if (dma_buf_rw(bm, 1) == 0)
1338 goto eot;
98087450 1339 }
8ccad811 1340
98087450 1341 if (s->packet_transfer_size <= 0) {
41a2b959 1342 s->status = READY_STAT | SEEK_STAT;
98087450
FB		 1343 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1344 ide_set_irq(s);
8ccad811
FB		 1345 eot:
1346 bm->status &= ~BM_STATUS_DMAING;
1347 bm->status |= BM_STATUS_INT;
1348 bm->dma_cb = NULL;
1349 bm->ide_if = NULL;
1350 bm->aiocb = NULL;
1351 return;
1352 }
3b46e624 1353
8ccad811
FB		 1354 s->io_buffer_index = 0;
1355 if (s->cd_sector_size == 2352) {
1356 n = 1;
1357 s->io_buffer_size = s->cd_sector_size;
1358 data_offset = 16;
1359 } else {
1360 n = s->packet_transfer_size >> 11;
1d8cde5b
AJ		 1361 if (n > (IDE_DMA_BUF_SECTORS / 4))
1362 n = (IDE_DMA_BUF_SECTORS / 4);
8ccad811
FB		 1363 s->io_buffer_size = n * 2048;
1364 data_offset = 0;
98087450 1365 }
8ccad811
FB		 1366#ifdef DEBUG_AIO
1367 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
1368#endif
5fafdf24
TS		 1369 bm->aiocb = bdrv_aio_read(s->bs, (int64_t)s->lba << 2,
1370 s->io_buffer + data_offset, n * 4,
8ccad811 1371 ide_atapi_cmd_read_dma_cb, bm);
66c6ef76
FB		 1372 if (!bm->aiocb) {
1373 /* Note: media not present is the most likely case */
5fafdf24 1374 ide_atapi_cmd_error(s, SENSE_NOT_READY,
66c6ef76
FB		 1375 ASC_MEDIUM_NOT_PRESENT);
1376 goto eot;
1377 }
98087450
FB		 1378}
1379
1380/* start a CD-CDROM read command with DMA */
1381/* XXX: test if DMA is available */
1382static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1383 int sector_size)
1384{
1385 s->lba = lba;
1386 s->packet_transfer_size = nb_sectors * sector_size;
8ccad811
FB		 1387 s->io_buffer_index = 0;
1388 s->io_buffer_size = 0;
98087450
FB		 1389 s->cd_sector_size = sector_size;
1390
8ccad811 1391 /* XXX: check if BUSY_STAT should be set */
41a2b959 1392 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
98087450
FB		 1393 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1394}
1395
5fafdf24 1396static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
98087450
FB		 1397 int sector_size)
1398{
1399#ifdef DEBUG_IDE_ATAPI
5f12ab4b
TS		 1400 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
1401 lba, nb_sectors);
98087450
FB		 1402#endif
1403 if (s->atapi_dma) {
1404 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1405 } else {
1406 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1407 }
1408}
1409
38cdea7c
AZ		 1410static inline uint8_t ide_atapi_set_profile(uint8_t *buf, uint8_t *index,
1411 uint16_t profile)
1412{
1413 uint8_t *buf_profile = buf + 12; /* start of profiles */
1414
1415 buf_profile += ((*index) * 4); /* start of indexed profile */
1416 cpu_to_ube16 (buf_profile, profile);
1417 buf_profile[2] = ((buf_profile[0] == buf[6]) && (buf_profile[1] == buf[7]));
1418
1419 /* each profile adds 4 bytes to the response */
1420 (*index)++;
1421 buf[11] += 4; /* Additional Length */
1422
1423 return 4;
1424}
1425
8114e9e8
TS		 1426static int ide_dvd_read_structure(IDEState *s, int format,
1427 const uint8_t *packet, uint8_t *buf)
1428{
1429 switch (format) {
1430 case 0x0: /* Physical format information */
1431 {
1432 int layer = packet[6];
1433 uint64_t total_sectors;
1434
1435 if (layer != 0)
1436 return -ASC_INV_FIELD_IN_CMD_PACKET;
1437
1438 bdrv_get_geometry(s->bs, &total_sectors);
1439 total_sectors >>= 2;
1440 if (total_sectors == 0)
1441 return -ASC_MEDIUM_NOT_PRESENT;
1442
1443 buf[4] = 1; /* DVD-ROM, part version 1 */
1444 buf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
1445 buf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
1446 buf[7] = 0; /* default densities */
1447
1448 /* FIXME: 0x30000 per spec? */
1449 cpu_to_ube32(buf + 8, 0); /* start sector */
1450 cpu_to_ube32(buf + 12, total_sectors - 1); /* end sector */
1451 cpu_to_ube32(buf + 16, total_sectors - 1); /* l0 end sector */
1452
1453 /* Size of buffer, not including 2 byte size field */
1454 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1455
1456 /* 2k data + 4 byte header */
1457 return (2048 + 4);
1458 }
1459
1460 case 0x01: /* DVD copyright information */
1461 buf[4] = 0; /* no copyright data */
1462 buf[5] = 0; /* no region restrictions */
1463
1464 /* Size of buffer, not including 2 byte size field */
1465 cpu_to_be16wu((uint16_t *)buf, 4 + 2);
1466
1467 /* 4 byte header + 4 byte data */
1468 return (4 + 4);
1469
1470 case 0x03: /* BCA information - invalid field for no BCA info */
1471 return -ASC_INV_FIELD_IN_CMD_PACKET;
1472
1473 case 0x04: /* DVD disc manufacturing information */
1474 /* Size of buffer, not including 2 byte size field */
1475 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1476
1477 /* 2k data + 4 byte header */
1478 return (2048 + 4);
1479
1480 case 0xff:
1481 /*
1482 * This lists all the command capabilities above. Add new ones
1483 * in order and update the length and buffer return values.
1484 */
1485
1486 buf[4] = 0x00; /* Physical format */
1487 buf[5] = 0x40; /* Not writable, is readable */
1488 cpu_to_be16wu((uint16_t *)(buf + 6), 2048 + 4);
1489
1490 buf[8] = 0x01; /* Copyright info */
1491 buf[9] = 0x40; /* Not writable, is readable */
1492 cpu_to_be16wu((uint16_t *)(buf + 10), 4 + 4);
1493
1494 buf[12] = 0x03; /* BCA info */
1495 buf[13] = 0x40; /* Not writable, is readable */
1496 cpu_to_be16wu((uint16_t *)(buf + 14), 188 + 4);
1497
1498 buf[16] = 0x04; /* Manufacturing info */
1499 buf[17] = 0x40; /* Not writable, is readable */
1500 cpu_to_be16wu((uint16_t *)(buf + 18), 2048 + 4);
1501
1502 /* Size of buffer, not including 2 byte size field */
1503 cpu_to_be16wu((uint16_t *)buf, 16 + 2);
1504
1505 /* data written + 4 byte header */
1506 return (16 + 4);
1507
1508 default: /* TODO: formats beyond DVD-ROM requires */
1509 return -ASC_INV_FIELD_IN_CMD_PACKET;
1510 }
1511}
1512
5391d806
FB		 1513static void ide_atapi_cmd(IDEState *s)
1514{
1515 const uint8_t *packet;
1516 uint8_t *buf;
1517 int max_len;
1518
1519 packet = s->io_buffer;
1520 buf = s->io_buffer;
1521#ifdef DEBUG_IDE_ATAPI
1522 {
1523 int i;
1524 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1525 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1526 printf(" %02x", packet[i]);
1527 }
1528 printf("\n");
1529 }
1530#endif
1531 switch(s->io_buffer[0]) {
1532 case GPCMD_TEST_UNIT_READY:
caed8802 1533 if (bdrv_is_inserted(s->bs)) {
5391d806
FB		 1534 ide_atapi_cmd_ok(s);
1535 } else {
5fafdf24 1536 ide_atapi_cmd_error(s, SENSE_NOT_READY,
5391d806
FB		 1537 ASC_MEDIUM_NOT_PRESENT);
1538 }
1539 break;
d14049ea 1540 case GPCMD_MODE_SENSE_6:
5391d806
FB		 1541 case GPCMD_MODE_SENSE_10:
1542 {
1543 int action, code;
d14049ea
TS		 1544 if (packet[0] == GPCMD_MODE_SENSE_10)
1545 max_len = ube16_to_cpu(packet + 7);
1546 else
1547 max_len = packet[4];
5391d806
FB		 1548 action = packet[2] >> 6;
1549 code = packet[2] & 0x3f;
1550 switch(action) {
1551 case 0: /* current values */
1552 switch(code) {
1553 case 0x01: /* error recovery */
1554 cpu_to_ube16(&buf[0], 16 + 6);
1555 buf[2] = 0x70;
1556 buf[3] = 0;
1557 buf[4] = 0;
1558 buf[5] = 0;
1559 buf[6] = 0;
1560 buf[7] = 0;
1561
1562 buf[8] = 0x01;
1563 buf[9] = 0x06;
1564 buf[10] = 0x00;
1565 buf[11] = 0x05;
1566 buf[12] = 0x00;
1567 buf[13] = 0x00;
1568 buf[14] = 0x00;
1569 buf[15] = 0x00;
1570 ide_atapi_cmd_reply(s, 16, max_len);
1571 break;
1572 case 0x2a:
1573 cpu_to_ube16(&buf[0], 28 + 6);
1574 buf[2] = 0x70;
1575 buf[3] = 0;
1576 buf[4] = 0;
1577 buf[5] = 0;
1578 buf[6] = 0;
1579 buf[7] = 0;
1580
1581 buf[8] = 0x2a;
1582 buf[9] = 0x12;
0d4a05a1 1583 buf[10] = 0x00;
5391d806 1584 buf[11] = 0x00;
3b46e624 1585
5391d806
FB		 1586 buf[12] = 0x70;
1587 buf[13] = 3 << 5;
1588 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
caed8802 1589 if (bdrv_is_locked(s->bs))
5391d806
FB		 1590 buf[6] |= 1 << 1;
1591 buf[15] = 0x00;
1592 cpu_to_ube16(&buf[16], 706);
1593 buf[18] = 0;
1594 buf[19] = 2;
1595 cpu_to_ube16(&buf[20], 512);
1596 cpu_to_ube16(&buf[22], 706);
1597 buf[24] = 0;
1598 buf[25] = 0;
1599 buf[26] = 0;
1600 buf[27] = 0;
1601 ide_atapi_cmd_reply(s, 28, max_len);
1602 break;
1603 default:
1604 goto error_cmd;
1605 }
1606 break;
1607 case 1: /* changeable values */
1608 goto error_cmd;
1609 case 2: /* default values */
1610 goto error_cmd;
1611 default:
1612 case 3: /* saved values */
5fafdf24 1613 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
5391d806
FB		 1614 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1615 break;
1616 }
1617 }
1618 break;
1619 case GPCMD_REQUEST_SENSE:
1620 max_len = packet[4];
1621 memset(buf, 0, 18);
1622 buf[0] = 0x70 | (1 << 7);
1623 buf[2] = s->sense_key;
1624 buf[7] = 10;
1625 buf[12] = s->asc;
1626 ide_atapi_cmd_reply(s, 18, max_len);
1627 break;
1628 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
caed8802
FB		 1629 if (bdrv_is_inserted(s->bs)) {
1630 bdrv_set_locked(s->bs, packet[4] & 1);
5391d806
FB		 1631 ide_atapi_cmd_ok(s);
1632 } else {
5fafdf24 1633 ide_atapi_cmd_error(s, SENSE_NOT_READY,
5391d806
FB		 1634 ASC_MEDIUM_NOT_PRESENT);
1635 }
1636 break;
1637 case GPCMD_READ_10:
1638 case GPCMD_READ_12:
1639 {
1640 int nb_sectors, lba;
1641
5391d806
FB		 1642 if (packet[0] == GPCMD_READ_10)
1643 nb_sectors = ube16_to_cpu(packet + 7);
1644 else
1645 nb_sectors = ube32_to_cpu(packet + 6);
1646 lba = ube32_to_cpu(packet + 2);
1647 if (nb_sectors == 0) {
1648 ide_atapi_cmd_ok(s);
1649 break;
1650 }
98087450
FB		 1651 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1652 }
1653 break;
1654 case GPCMD_READ_CD:
1655 {
1656 int nb_sectors, lba, transfer_request;
1657
98087450
FB		 1658 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1659 lba = ube32_to_cpu(packet + 2);
1660 if (nb_sectors == 0) {
1661 ide_atapi_cmd_ok(s);
1662 break;
1663 }
98087450
FB		 1664 transfer_request = packet[9];
1665 switch(transfer_request & 0xf8) {
1666 case 0x00:
1667 /* nothing */
1668 ide_atapi_cmd_ok(s);
1669 break;
1670 case 0x10:
1671 /* normal read */
1672 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1673 break;
1674 case 0xf8:
1675 /* read all data */
1676 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1677 break;
1678 default:
5fafdf24 1679 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
98087450
FB		 1680 ASC_INV_FIELD_IN_CMD_PACKET);
1681 break;
1682 }
5391d806
FB		 1683 }
1684 break;
1685 case GPCMD_SEEK:
1686 {
96b8f136
TS		 1687 unsigned int lba;
1688 uint64_t total_sectors;
66c6ef76
FB		 1689
1690 bdrv_get_geometry(s->bs, &total_sectors);
1691 total_sectors >>= 2;
96b8f136 1692 if (total_sectors == 0) {
5fafdf24 1693 ide_atapi_cmd_error(s, SENSE_NOT_READY,
5391d806
FB		 1694 ASC_MEDIUM_NOT_PRESENT);
1695 break;
1696 }
1697 lba = ube32_to_cpu(packet + 2);
66c6ef76 1698 if (lba >= total_sectors) {
5fafdf24 1699 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
5391d806
FB		 1700 ASC_LOGICAL_BLOCK_OOR);
1701 break;
1702 }
1703 ide_atapi_cmd_ok(s);
1704 }
1705 break;
1706 case GPCMD_START_STOP_UNIT:
1707 {
1708 int start, eject;
1709 start = packet[4] & 1;
1710 eject = (packet[4] >> 1) & 1;
3b46e624 1711
caed8802
FB		 1712 if (eject && !start) {
1713 /* eject the disk */
66c6ef76
FB		 1714 bdrv_eject(s->bs, 1);
1715 } else if (eject && start) {
1716 /* close the tray */
1717 bdrv_eject(s->bs, 0);
caed8802 1718 }
5391d806
FB		 1719 ide_atapi_cmd_ok(s);
1720 }
1721 break;
1722 case GPCMD_MECHANISM_STATUS:
1723 {
1724 max_len = ube16_to_cpu(packet + 8);
1725 cpu_to_ube16(buf, 0);
1726 /* no current LBA */
1727 buf[2] = 0;
1728 buf[3] = 0;
1729 buf[4] = 0;
1730 buf[5] = 1;
1731 cpu_to_ube16(buf + 6, 0);
1732 ide_atapi_cmd_reply(s, 8, max_len);
1733 }
1734 break;
1735 case GPCMD_READ_TOC_PMA_ATIP:
1736 {
1737 int format, msf, start_track, len;
96b8f136 1738 uint64_t total_sectors;
5391d806 1739
66c6ef76
FB		 1740 bdrv_get_geometry(s->bs, &total_sectors);
1741 total_sectors >>= 2;
96b8f136 1742 if (total_sectors == 0) {
5fafdf24 1743 ide_atapi_cmd_error(s, SENSE_NOT_READY,
5391d806
FB		 1744 ASC_MEDIUM_NOT_PRESENT);
1745 break;
1746 }
1747 max_len = ube16_to_cpu(packet + 7);
1748 format = packet[9] >> 6;
1749 msf = (packet[1] >> 1) & 1;
1750 start_track = packet[6];
1751 switch(format) {
1752 case 0:
66c6ef76 1753 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
5391d806
FB		 1754 if (len < 0)
1755 goto error_cmd;
1756 ide_atapi_cmd_reply(s, len, max_len);
1757 break;
1758 case 1:
1759 /* multi session : only a single session defined */
1760 memset(buf, 0, 12);
1761 buf[1] = 0x0a;
1762 buf[2] = 0x01;
1763 buf[3] = 0x01;
1764 ide_atapi_cmd_reply(s, 12, max_len);
1765 break;
98087450 1766 case 2:
66c6ef76 1767 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
98087450
FB		 1768 if (len < 0)
1769 goto error_cmd;
1770 ide_atapi_cmd_reply(s, len, max_len);
1771 break;
5391d806 1772 default:
7f777bf3 1773 error_cmd:
5fafdf24 1774 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
7f777bf3
FB		 1775 ASC_INV_FIELD_IN_CMD_PACKET);
1776 break;
5391d806
FB		 1777 }
1778 }
1779 break;
1780 case GPCMD_READ_CDVD_CAPACITY:
66c6ef76 1781 {
96b8f136 1782 uint64_t total_sectors;
66c6ef76
FB		 1783
1784 bdrv_get_geometry(s->bs, &total_sectors);
1785 total_sectors >>= 2;
96b8f136 1786 if (total_sectors == 0) {
5fafdf24 1787 ide_atapi_cmd_error(s, SENSE_NOT_READY,
66c6ef76
FB		 1788 ASC_MEDIUM_NOT_PRESENT);
1789 break;
1790 }
1791 /* NOTE: it is really the number of sectors minus 1 */
1792 cpu_to_ube32(buf, total_sectors - 1);
1793 cpu_to_ube32(buf + 4, 2048);
1794 ide_atapi_cmd_reply(s, 8, 8);
5391d806 1795 }
5391d806 1796 break;
d14049ea
TS		 1797 case GPCMD_READ_DVD_STRUCTURE:
1798 {
1799 int media = packet[1];
8114e9e8
TS		 1800 int format = packet[7];
1801 int ret;
d14049ea 1802
8114e9e8 1803 max_len = ube16_to_cpu(packet + 8);
d14049ea 1804
8114e9e8
TS		 1805 if (format < 0xff) {
1806 if (media_is_cd(s)) {
1807 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1808 ASC_INCOMPATIBLE_FORMAT);
1809 break;
1810 } else if (!media_present(s)) {
1811 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1812 ASC_INV_FIELD_IN_CMD_PACKET);
1813 break;
1814 }
1815 }
d14049ea 1816
8114e9e8
TS		 1817 memset(buf, 0, max_len > IDE_DMA_BUF_SECTORS * 512 + 4 ?
1818 IDE_DMA_BUF_SECTORS * 512 + 4 : max_len);
d14049ea 1819
8114e9e8
TS		 1820 switch (format) {
1821 case 0x00 ... 0x7f:
1822 case 0xff:
1823 if (media == 0) {
1824 ret = ide_dvd_read_structure(s, format, packet, buf);
d14049ea 1825
8114e9e8
TS		 1826 if (ret < 0)
1827 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, -ret);
1828 else
1829 ide_atapi_cmd_reply(s, ret, max_len);
d14049ea 1830
8114e9e8
TS		 1831 break;
1832 }
1833 /* TODO: BD support, fall through for now */
1834
1835 /* Generic disk structures */
1836 case 0x80: /* TODO: AACS volume identifier */
1837 case 0x81: /* TODO: AACS media serial number */
1838 case 0x82: /* TODO: AACS media identifier */
1839 case 0x83: /* TODO: AACS media key block */
1840 case 0x90: /* TODO: List of recognized format layers */
1841 case 0xc0: /* TODO: Write protection status */
d14049ea
TS		 1842 default:
1843 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1844 ASC_INV_FIELD_IN_CMD_PACKET);
1845 break;
1846 }
1847 }
1848 break;
1849 case GPCMD_SET_SPEED:
1850 ide_atapi_cmd_ok(s);
1851 break;
bd0d90b2
FB		 1852 case GPCMD_INQUIRY:
1853 max_len = packet[4];
1854 buf[0] = 0x05; /* CD-ROM */
1855 buf[1] = 0x80; /* removable */
1856 buf[2] = 0x00; /* ISO */
1857 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
aa1f17c1 1858 buf[4] = 31; /* additional length */
bd0d90b2
FB		 1859 buf[5] = 0; /* reserved */
1860 buf[6] = 0; /* reserved */
1861 buf[7] = 0; /* reserved */
1862 padstr8(buf + 8, 8, "QEMU");
38cdea7c 1863 padstr8(buf + 16, 16, "QEMU DVD-ROM");
bd0d90b2
FB		 1864 padstr8(buf + 32, 4, QEMU_VERSION);
1865 ide_atapi_cmd_reply(s, 36, max_len);
1866 break;
d14049ea
TS		 1867 case GPCMD_GET_CONFIGURATION:
1868 {
38cdea7c 1869 uint32_t len;
091d055b 1870 uint8_t index = 0;
d14049ea
TS		 1871
1872 /* only feature 0 is supported */
1873 if (packet[2] != 0 || packet[3] != 0) {
1874 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1875 ASC_INV_FIELD_IN_CMD_PACKET);
1876 break;
1877 }
38cdea7c
AZ		 1878
1879 /* XXX: could result in alignment problems in some architectures */
1880 max_len = ube16_to_cpu(packet + 7);
091d055b 1881
38cdea7c 1882 /*
091d055b
AZ		 1883 * XXX: avoid overflow for io_buffer if max_len is bigger than
1884 * the size of that buffer (dimensioned to max number of
1885 * sectors to transfer at once)
38cdea7c 1886 *
091d055b 1887 * Only a problem if the feature/profiles grow.
38cdea7c
AZ		 1888 */
1889 if (max_len > 512) /* XXX: assume 1 sector */
1890 max_len = 512;
1891
1892 memset(buf, 0, max_len);
1893 /*
1894 * the number of sectors from the media tells us which profile
1895 * to use as current. 0 means there is no media
38cdea7c 1896 */
8114e9e8
TS		 1897 if (media_is_dvd(s))
1898 cpu_to_ube16(buf + 6, MMC_PROFILE_DVD_ROM);
1899 else if (media_is_cd(s))
1900 cpu_to_ube16(buf + 6, MMC_PROFILE_CD_ROM);
38cdea7c 1901
091d055b
AZ		 1902 buf[10] = 0x02 | 0x01; /* persistent and current */
1903 len = 12; /* headers: 8 + 4 */
1904 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_DVD_ROM);
1905 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_CD_ROM);
38cdea7c
AZ		 1906 cpu_to_ube32(buf, len - 4); /* data length */
1907
1908 ide_atapi_cmd_reply(s, len, max_len);
d14049ea
TS		 1909 break;
1910 }
5391d806 1911 default:
5fafdf24 1912 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
7f777bf3 1913 ASC_ILLEGAL_OPCODE);
5391d806
FB		 1914 break;
1915 }
1916}
1917
201a51fc
AZ		 1918static void ide_cfata_metadata_inquiry(IDEState *s)
1919{
1920 uint16_t *p;
1921 uint32_t spd;
1922
1923 p = (uint16_t *) s->io_buffer;
1924 memset(p, 0, 0x200);
1925 spd = ((s->mdata_size - 1) >> 9) + 1;
1926
1927 put_le16(p + 0, 0x0001); /* Data format revision */
1928 put_le16(p + 1, 0x0000); /* Media property: silicon */
1929 put_le16(p + 2, s->media_changed); /* Media status */
1930 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
1931 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
1932 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
1933 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
1934}
1935
1936static void ide_cfata_metadata_read(IDEState *s)
1937{
1938 uint16_t *p;
1939
1940 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1941 s->status = ERR_STAT;
1942 s->error = ABRT_ERR;
1943 return;
1944 }
1945
1946 p = (uint16_t *) s->io_buffer;
1947 memset(p, 0, 0x200);
1948
1949 put_le16(p + 0, s->media_changed); /* Media status */
1950 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1951 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1952 s->nsector << 9), 0x200 - 2));
1953}
1954
1955static void ide_cfata_metadata_write(IDEState *s)
1956{
1957 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1958 s->status = ERR_STAT;
1959 s->error = ABRT_ERR;
1960 return;
1961 }
1962
1963 s->media_changed = 0;
1964
1965 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1966 s->io_buffer + 2,
1967 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1968 s->nsector << 9), 0x200 - 2));
1969}
1970
bd491d6a
TS		 1971/* called when the inserted state of the media has changed */
1972static void cdrom_change_cb(void *opaque)
1973{
1974 IDEState *s = opaque;
96b8f136 1975 uint64_t nb_sectors;
bd491d6a
TS		 1976
1977 /* XXX: send interrupt too */
1978 bdrv_get_geometry(s->bs, &nb_sectors);
1979 s->nb_sectors = nb_sectors;
1980}
1981
c2ff060f
FB		 1982static void ide_cmd_lba48_transform(IDEState *s, int lba48)
1983{
1984 s->lba48 = lba48;
1985
1986 /* handle the 'magic' 0 nsector count conversion here. to avoid
1987 * fiddling with the rest of the read logic, we just store the
1988 * full sector count in ->nsector and ignore ->hob_nsector from now
1989 */
1990 if (!s->lba48) {
1991 if (!s->nsector)
1992 s->nsector = 256;
1993 } else {
1994 if (!s->nsector && !s->hob_nsector)
1995 s->nsector = 65536;
1996 else {
1997 int lo = s->nsector;
1998 int hi = s->hob_nsector;
1999
2000 s->nsector = (hi << 8) | lo;
2001 }
2002 }
2003}
2004
2005static void ide_clear_hob(IDEState *ide_if)
2006{
2007 /* any write clears HOB high bit of device control register */
2008 ide_if[0].select &= ~(1 << 7);
2009 ide_if[1].select &= ~(1 << 7);
2010}
2011
caed8802
FB		 2012static void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
2013{
2014 IDEState *ide_if = opaque;
c45c3d00 2015 IDEState *s;
5391d806 2016 int unit, n;
c2ff060f 2017 int lba48 = 0;
5391d806
FB		 2018
2019#ifdef DEBUG_IDE
2020 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
2021#endif
c2ff060f 2022
5391d806 2023 addr &= 7;
fcdd25ab
AL		 2024
2025 /* ignore writes to command block while busy with previous command */
2026 if (addr != 7 && (ide_if->cur_drive->status & (BUSY_STAT|DRQ_STAT)))
2027 return;
2028
5391d806
FB		 2029 switch(addr) {
2030 case 0:
2031 break;
2032 case 1:
c2ff060f 2033 ide_clear_hob(ide_if);
c45c3d00 2034 /* NOTE: data is written to the two drives */
c2ff060f
FB		 2035 ide_if[0].hob_feature = ide_if[0].feature;
2036 ide_if[1].hob_feature = ide_if[1].feature;
c45c3d00
FB		 2037 ide_if[0].feature = val;
2038 ide_if[1].feature = val;
5391d806
FB		 2039 break;
2040 case 2:
c2ff060f
FB		 2041 ide_clear_hob(ide_if);
2042 ide_if[0].hob_nsector = ide_if[0].nsector;
2043 ide_if[1].hob_nsector = ide_if[1].nsector;
c45c3d00
FB		 2044 ide_if[0].nsector = val;
2045 ide_if[1].nsector = val;
5391d806
FB		 2046 break;
2047 case 3:
c2ff060f
FB		 2048 ide_clear_hob(ide_if);
2049 ide_if[0].hob_sector = ide_if[0].sector;
2050 ide_if[1].hob_sector = ide_if[1].sector;
c45c3d00
FB		 2051 ide_if[0].sector = val;
2052 ide_if[1].sector = val;
5391d806
FB		 2053 break;
2054 case 4:
c2ff060f
FB		 2055 ide_clear_hob(ide_if);
2056 ide_if[0].hob_lcyl = ide_if[0].lcyl;
2057 ide_if[1].hob_lcyl = ide_if[1].lcyl;
c45c3d00
FB		 2058 ide_if[0].lcyl = val;
2059 ide_if[1].lcyl = val;
5391d806
FB		 2060 break;
2061 case 5:
c2ff060f
FB		 2062 ide_clear_hob(ide_if);
2063 ide_if[0].hob_hcyl = ide_if[0].hcyl;
2064 ide_if[1].hob_hcyl = ide_if[1].hcyl;
c45c3d00
FB		 2065 ide_if[0].hcyl = val;
2066 ide_if[1].hcyl = val;
5391d806
FB		 2067 break;
2068 case 6:
c2ff060f 2069 /* FIXME: HOB readback uses bit 7 */
7ae98627
FB		 2070 ide_if[0].select = (val & ~0x10) | 0xa0;
2071 ide_if[1].select = (val | 0x10) | 0xa0;
5391d806
FB		 2072 /* select drive */
2073 unit = (val >> 4) & 1;
2074 s = ide_if + unit;
2075 ide_if->cur_drive = s;
5391d806
FB		 2076 break;
2077 default:
2078 case 7:
2079 /* command */
2080#if defined(DEBUG_IDE)
2081 printf("ide: CMD=%02x\n", val);
2082#endif
c45c3d00 2083 s = ide_if->cur_drive;
66201e2d 2084 /* ignore commands to non existant slave */
5fafdf24 2085 if (s != ide_if && !s->bs)
66201e2d 2086 break;
c2ff060f 2087
fcdd25ab
AL		 2088 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */
2089 if ((s->status & (BUSY_STAT|DRQ_STAT)) && val != WIN_DEVICE_RESET)
2090 break;
2091
5391d806
FB		 2092 switch(val) {
2093 case WIN_IDENTIFY:
2094 if (s->bs && !s->is_cdrom) {
201a51fc
AZ		 2095 if (!s->is_cf)
2096 ide_identify(s);
2097 else
2098 ide_cfata_identify(s);
2a282056 2099 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 2100 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2101 } else {
2102 if (s->is_cdrom) {
2103 ide_set_signature(s);
2104 }
2105 ide_abort_command(s);
2106 }
2107 ide_set_irq(s);
2108 break;
2109 case WIN_SPECIFY:
2110 case WIN_RECAL:
a136e5a8 2111 s->error = 0;
769bec72 2112 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 2113 ide_set_irq(s);
2114 break;
2115 case WIN_SETMULT:
201a51fc
AZ		 2116 if (s->is_cf && s->nsector == 0) {
2117 /* Disable Read and Write Multiple */
2118 s->mult_sectors = 0;
41a2b959 2119 s->status = READY_STAT | SEEK_STAT;
201a51fc 2120 } else if ((s->nsector & 0xff) != 0 &&
39dfc926
TS		 2121 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
2122 (s->nsector & (s->nsector - 1)) != 0)) {
5391d806
FB		 2123 ide_abort_command(s);
2124 } else {
292eef5a 2125 s->mult_sectors = s->nsector & 0xff;
41a2b959 2126 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 2127 }
2128 ide_set_irq(s);
2129 break;
c2ff060f
FB		 2130 case WIN_VERIFY_EXT:
2131 lba48 = 1;
4ce900b4
FB		 2132 case WIN_VERIFY:
2133 case WIN_VERIFY_ONCE:
2134 /* do sector number check ? */
c2ff060f 2135 ide_cmd_lba48_transform(s, lba48);
41a2b959 2136 s->status = READY_STAT | SEEK_STAT;
4ce900b4
FB		 2137 ide_set_irq(s);
2138 break;
c2ff060f
FB		 2139 case WIN_READ_EXT:
2140 lba48 = 1;
5391d806
FB		 2141 case WIN_READ:
2142 case WIN_READ_ONCE:
5fafdf24 2143 if (!s->bs)
6b136f9e 2144 goto abort_cmd;
c2ff060f 2145 ide_cmd_lba48_transform(s, lba48);
5391d806
FB		 2146 s->req_nb_sectors = 1;
2147 ide_sector_read(s);
2148 break;
c2ff060f
FB		 2149 case WIN_WRITE_EXT:
2150 lba48 = 1;
5391d806
FB		 2151 case WIN_WRITE:
2152 case WIN_WRITE_ONCE:
201a51fc
AZ		 2153 case CFA_WRITE_SECT_WO_ERASE:
2154 case WIN_WRITE_VERIFY:
c2ff060f 2155 ide_cmd_lba48_transform(s, lba48);
a136e5a8 2156 s->error = 0;
f66723fa 2157 s->status = SEEK_STAT | READY_STAT;
5391d806
FB		 2158 s->req_nb_sectors = 1;
2159 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
201a51fc 2160 s->media_changed = 1;
5391d806 2161 break;
c2ff060f
FB		 2162 case WIN_MULTREAD_EXT:
2163 lba48 = 1;
5391d806
FB		 2164 case WIN_MULTREAD:
2165 if (!s->mult_sectors)
2166 goto abort_cmd;
c2ff060f 2167 ide_cmd_lba48_transform(s, lba48);
5391d806
FB		 2168 s->req_nb_sectors = s->mult_sectors;
2169 ide_sector_read(s);
2170 break;
c2ff060f
FB		 2171 case WIN_MULTWRITE_EXT:
2172 lba48 = 1;
5391d806 2173 case WIN_MULTWRITE:
201a51fc 2174 case CFA_WRITE_MULTI_WO_ERASE:
5391d806
FB		 2175 if (!s->mult_sectors)
2176 goto abort_cmd;
c2ff060f 2177 ide_cmd_lba48_transform(s, lba48);
a136e5a8 2178 s->error = 0;
f66723fa 2179 s->status = SEEK_STAT | READY_STAT;
5391d806
FB		 2180 s->req_nb_sectors = s->mult_sectors;
2181 n = s->nsector;
2182 if (n > s->req_nb_sectors)
2183 n = s->req_nb_sectors;
2184 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
201a51fc 2185 s->media_changed = 1;
5391d806 2186 break;
c2ff060f
FB		 2187 case WIN_READDMA_EXT:
2188 lba48 = 1;
98087450
FB		 2189 case WIN_READDMA:
2190 case WIN_READDMA_ONCE:
5fafdf24 2191 if (!s->bs)
98087450 2192 goto abort_cmd;
c2ff060f 2193 ide_cmd_lba48_transform(s, lba48);
98087450
FB		 2194 ide_sector_read_dma(s);
2195 break;
c2ff060f
FB		 2196 case WIN_WRITEDMA_EXT:
2197 lba48 = 1;
98087450
FB		 2198 case WIN_WRITEDMA:
2199 case WIN_WRITEDMA_ONCE:
5fafdf24 2200 if (!s->bs)
98087450 2201 goto abort_cmd;
c2ff060f 2202 ide_cmd_lba48_transform(s, lba48);
98087450 2203 ide_sector_write_dma(s);
201a51fc 2204 s->media_changed = 1;
98087450 2205 break;
c2ff060f
FB		 2206 case WIN_READ_NATIVE_MAX_EXT:
2207 lba48 = 1;
5391d806 2208 case WIN_READ_NATIVE_MAX:
c2ff060f 2209 ide_cmd_lba48_transform(s, lba48);
5391d806 2210 ide_set_sector(s, s->nb_sectors - 1);
41a2b959 2211 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 2212 ide_set_irq(s);
2213 break;
a136e5a8 2214 case WIN_CHECKPOWERMODE1:
201a51fc 2215 case WIN_CHECKPOWERMODE2:
a136e5a8 2216 s->nsector = 0xff; /* device active or idle */
41a2b959 2217 s->status = READY_STAT | SEEK_STAT;
a136e5a8
FB		 2218 ide_set_irq(s);
2219 break;
34e538ae
FB		 2220 case WIN_SETFEATURES:
2221 if (!s->bs)
2222 goto abort_cmd;
2223 /* XXX: valid for CDROM ? */
2224 switch(s->feature) {
e1f63470
TS		 2225 case 0xcc: /* reverting to power-on defaults enable */
2226 case 0x66: /* reverting to power-on defaults disable */
34e538ae
FB		 2227 case 0x02: /* write cache enable */
2228 case 0x82: /* write cache disable */
2229 case 0xaa: /* read look-ahead enable */
2230 case 0x55: /* read look-ahead disable */
201a51fc
AZ		 2231 case 0x05: /* set advanced power management mode */
2232 case 0x85: /* disable advanced power management mode */
2233 case 0x69: /* NOP */
2234 case 0x67: /* NOP */
2235 case 0x96: /* NOP */
2236 case 0x9a: /* NOP */
c3e88d8c
TS		 2237 case 0x42: /* enable Automatic Acoustic Mode */
2238 case 0xc2: /* disable Automatic Acoustic Mode */
e0fe67aa 2239 s->status = READY_STAT | SEEK_STAT;
34e538ae
FB		 2240 ide_set_irq(s);
2241 break;
94458802
FB		 2242 case 0x03: { /* set transfer mode */
2243 uint8_t val = s->nsector & 0x07;
2244
2245 switch (s->nsector >> 3) {
2246 case 0x00: /* pio default */
2247 case 0x01: /* pio mode */
d1b5c20d
TS		 2248 put_le16(s->identify_data + 62,0x07);
2249 put_le16(s->identify_data + 63,0x07);
2250 put_le16(s->identify_data + 88,0x3f);
2251 break;
2252 case 0x02: /* sigle word dma mode*/
2253 put_le16(s->identify_data + 62,0x07 | (1 << (val + 8)));
94458802
FB		 2254 put_le16(s->identify_data + 63,0x07);
2255 put_le16(s->identify_data + 88,0x3f);
2256 break;
2257 case 0x04: /* mdma mode */
d1b5c20d 2258 put_le16(s->identify_data + 62,0x07);
94458802
FB		 2259 put_le16(s->identify_data + 63,0x07 | (1 << (val + 8)));
2260 put_le16(s->identify_data + 88,0x3f);
2261 break;
2262 case 0x08: /* udma mode */
d1b5c20d 2263 put_le16(s->identify_data + 62,0x07);
94458802
FB		 2264 put_le16(s->identify_data + 63,0x07);
2265 put_le16(s->identify_data + 88,0x3f | (1 << (val + 8)));
2266 break;
2267 default:
2268 goto abort_cmd;
2269 }
2270 s->status = READY_STAT | SEEK_STAT;
2271 ide_set_irq(s);
2272 break;
2273 }
34e538ae
FB		 2274 default:
2275 goto abort_cmd;
2276 }
2277 break;
c2ff060f
FB		 2278 case WIN_FLUSH_CACHE:
2279 case WIN_FLUSH_CACHE_EXT:
7a6cba61
PB		 2280 if (s->bs)
2281 bdrv_flush(s->bs);
41a2b959 2282 s->status = READY_STAT | SEEK_STAT;
7a6cba61
PB		 2283 ide_set_irq(s);
2284 break;
c3e88d8c
TS		 2285 case WIN_STANDBY:
2286 case WIN_STANDBY2:
2287 case WIN_STANDBYNOW1:
201a51fc 2288 case WIN_STANDBYNOW2:
c451ee71 2289 case WIN_IDLEIMMEDIATE:
201a51fc
AZ		 2290 case CFA_IDLEIMMEDIATE:
2291 case WIN_SETIDLE1:
2292 case WIN_SETIDLE2:
c3e88d8c
TS		 2293 case WIN_SLEEPNOW1:
2294 case WIN_SLEEPNOW2:
2295 s->status = READY_STAT;
a7dfe172
FB		 2296 ide_set_irq(s);
2297 break;
5391d806
FB		 2298 /* ATAPI commands */
2299 case WIN_PIDENTIFY:
2300 if (s->is_cdrom) {
2301 ide_atapi_identify(s);
1298fe63 2302 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 2303 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2304 } else {
2305 ide_abort_command(s);
2306 }
2307 ide_set_irq(s);
2308 break;
c451ee71
FB		 2309 case WIN_DIAGNOSE:
2310 ide_set_signature(s);
33256a25
AL		 2311 if (s->is_cdrom)
2312 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet
2313 * devices to return a clear status register
2314 * with READY_STAT *not* set. */
2315 else
2316 s->status = READY_STAT | SEEK_STAT;
2317 s->error = 0x01; /* Device 0 passed, Device 1 passed or not
2318 * present.
2319 */
f5fdd0a8 2320 ide_set_irq(s);
c451ee71 2321 break;
5391d806
FB		 2322 case WIN_SRST:
2323 if (!s->is_cdrom)
2324 goto abort_cmd;
2325 ide_set_signature(s);
6b136f9e 2326 s->status = 0x00; /* NOTE: READY is _not_ set */
5391d806
FB		 2327 s->error = 0x01;
2328 break;
2329 case WIN_PACKETCMD:
2330 if (!s->is_cdrom)
2331 goto abort_cmd;
98087450
FB		 2332 /* overlapping commands not supported */
2333 if (s->feature & 0x02)
5391d806 2334 goto abort_cmd;
41a2b959 2335 s->status = READY_STAT | SEEK_STAT;
98087450 2336 s->atapi_dma = s->feature & 1;
5391d806 2337 s->nsector = 1;
5fafdf24 2338 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
5391d806
FB		 2339 ide_atapi_cmd);
2340 break;
201a51fc
AZ		 2341 /* CF-ATA commands */
2342 case CFA_REQ_EXT_ERROR_CODE:
2343 if (!s->is_cf)
2344 goto abort_cmd;
2345 s->error = 0x09; /* miscellaneous error */
41a2b959 2346 s->status = READY_STAT | SEEK_STAT;
201a51fc
AZ		 2347 ide_set_irq(s);
2348 break;
2349 case CFA_ERASE_SECTORS:
2350 case CFA_WEAR_LEVEL:
2351 if (!s->is_cf)
2352 goto abort_cmd;
2353 if (val == CFA_WEAR_LEVEL)
2354 s->nsector = 0;
2355 if (val == CFA_ERASE_SECTORS)
2356 s->media_changed = 1;
2357 s->error = 0x00;
41a2b959 2358 s->status = READY_STAT | SEEK_STAT;
201a51fc
AZ		 2359 ide_set_irq(s);
2360 break;
2361 case CFA_TRANSLATE_SECTOR:
2362 if (!s->is_cf)
2363 goto abort_cmd;
2364 s->error = 0x00;
41a2b959 2365 s->status = READY_STAT | SEEK_STAT;
201a51fc
AZ		 2366 memset(s->io_buffer, 0, 0x200);
2367 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
2368 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
2369 s->io_buffer[0x02] = s->select; /* Head */
2370 s->io_buffer[0x03] = s->sector; /* Sector */
2371 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
2372 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
2373 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
2374 s->io_buffer[0x13] = 0x00; /* Erase flag */
2375 s->io_buffer[0x18] = 0x00; /* Hot count */
2376 s->io_buffer[0x19] = 0x00; /* Hot count */
2377 s->io_buffer[0x1a] = 0x01; /* Hot count */
2378 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2379 ide_set_irq(s);
2380 break;
2381 case CFA_ACCESS_METADATA_STORAGE:
2382 if (!s->is_cf)
2383 goto abort_cmd;
2384 switch (s->feature) {
2385 case 0x02: /* Inquiry Metadata Storage */
2386 ide_cfata_metadata_inquiry(s);
2387 break;
2388 case 0x03: /* Read Metadata Storage */
2389 ide_cfata_metadata_read(s);
2390 break;
2391 case 0x04: /* Write Metadata Storage */
2392 ide_cfata_metadata_write(s);
2393 break;
2394 default:
2395 goto abort_cmd;
2396 }
2397 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2398 s->status = 0x00; /* NOTE: READY is _not_ set */
2399 ide_set_irq(s);
2400 break;
2401 case IBM_SENSE_CONDITION:
2402 if (!s->is_cf)
2403 goto abort_cmd;
2404 switch (s->feature) {
2405 case 0x01: /* sense temperature in device */
2406 s->nsector = 0x50; /* +20 C */
2407 break;
2408 default:
2409 goto abort_cmd;
2410 }
41a2b959 2411 s->status = READY_STAT | SEEK_STAT;
201a51fc
AZ		 2412 ide_set_irq(s);
2413 break;
5391d806
FB		 2414 default:
2415 abort_cmd:
2416 ide_abort_command(s);
2417 ide_set_irq(s);
2418 break;
2419 }
2420 }
2421}
2422
caed8802 2423static uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
5391d806 2424{
7ae98627
FB		 2425 IDEState *ide_if = opaque;
2426 IDEState *s = ide_if->cur_drive;
5391d806 2427 uint32_t addr;
c2ff060f 2428 int ret, hob;
5391d806
FB		 2429
2430 addr = addr1 & 7;
c2ff060f
FB		 2431 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2432 //hob = s->select & (1 << 7);
2433 hob = 0;
5391d806
FB		 2434 switch(addr) {
2435 case 0:
2436 ret = 0xff;
2437 break;
2438 case 1:
7ae98627 2439 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00 2440 ret = 0;
c2ff060f 2441 else if (!hob)
c45c3d00 2442 ret = s->error;
c2ff060f
FB		 2443 else
2444 ret = s->hob_feature;
5391d806
FB		 2445 break;
2446 case 2:
7ae98627 2447 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00 2448 ret = 0;
c2ff060f 2449 else if (!hob)
c45c3d00 2450 ret = s->nsector & 0xff;
c2ff060f
FB		 2451 else
2452 ret = s->hob_nsector;
5391d806
FB		 2453 break;
2454 case 3:
7ae98627 2455 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00 2456 ret = 0;
c2ff060f 2457 else if (!hob)
c45c3d00 2458 ret = s->sector;
c2ff060f
FB		 2459 else
2460 ret = s->hob_sector;
5391d806
FB		 2461 break;
2462 case 4:
7ae98627 2463 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00 2464 ret = 0;
c2ff060f 2465 else if (!hob)
c45c3d00 2466 ret = s->lcyl;
c2ff060f
FB		 2467 else
2468 ret = s->hob_lcyl;
5391d806
FB		 2469 break;
2470 case 5:
7ae98627 2471 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00 2472 ret = 0;
c2ff060f 2473 else if (!hob)
c45c3d00 2474 ret = s->hcyl;
c2ff060f
FB		 2475 else
2476 ret = s->hob_hcyl;
5391d806
FB		 2477 break;
2478 case 6:
7ae98627 2479 if (!ide_if[0].bs && !ide_if[1].bs)
c45c3d00
FB		 2480 ret = 0;
2481 else
7ae98627 2482 ret = s->select;
5391d806
FB		 2483 break;
2484 default:
2485 case 7:
66201e2d
FB		 2486 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2487 (s != ide_if && !s->bs))
c45c3d00
FB		 2488 ret = 0;
2489 else
2490 ret = s->status;
d537cf6c 2491 qemu_irq_lower(s->irq);
5391d806
FB		 2492 break;
2493 }
2494#ifdef DEBUG_IDE
2495 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
2496#endif
2497 return ret;
2498}
2499
caed8802 2500static uint32_t ide_status_read(void *opaque, uint32_t addr)
5391d806 2501{
7ae98627
FB		 2502 IDEState *ide_if = opaque;
2503 IDEState *s = ide_if->cur_drive;
5391d806 2504 int ret;
7ae98627 2505
66201e2d
FB		 2506 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2507 (s != ide_if && !s->bs))
7ae98627
FB		 2508 ret = 0;
2509 else
2510 ret = s->status;
5391d806
FB		 2511#ifdef DEBUG_IDE
2512 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
2513#endif
2514 return ret;
2515}
2516
caed8802 2517static void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
5391d806 2518{
caed8802 2519 IDEState *ide_if = opaque;
5391d806
FB		 2520 IDEState *s;
2521 int i;
2522
2523#ifdef DEBUG_IDE
2524 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
2525#endif
2526 /* common for both drives */
2527 if (!(ide_if[0].cmd & IDE_CMD_RESET) &&
2528 (val & IDE_CMD_RESET)) {
2529 /* reset low to high */
2530 for(i = 0;i < 2; i++) {
2531 s = &ide_if[i];
2532 s->status = BUSY_STAT | SEEK_STAT;
2533 s->error = 0x01;
2534 }
2535 } else if ((ide_if[0].cmd & IDE_CMD_RESET) &&
2536 !(val & IDE_CMD_RESET)) {
2537 /* high to low */
2538 for(i = 0;i < 2; i++) {
2539 s = &ide_if[i];
6b136f9e
FB		 2540 if (s->is_cdrom)
2541 s->status = 0x00; /* NOTE: READY is _not_ set */
2542 else
56bf1d37 2543 s->status = READY_STAT | SEEK_STAT;
5391d806
FB		 2544 ide_set_signature(s);
2545 }
2546 }
2547
2548 ide_if[0].cmd = val;
2549 ide_if[1].cmd = val;
2550}
2551
caed8802 2552static void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
5391d806 2553{
caed8802 2554 IDEState *s = ((IDEState *)opaque)->cur_drive;
5391d806
FB		 2555 uint8_t *p;
2556
fcdd25ab
AL		 2557 /* PIO data access allowed only when DRQ bit is set */
2558 if (!(s->status & DRQ_STAT))
2559 return;
2560
5391d806 2561 p = s->data_ptr;
0c4ad8dc 2562 *(uint16_t *)p = le16_to_cpu(val);
5391d806
FB		 2563 p += 2;
2564 s->data_ptr = p;
2565 if (p >= s->data_end)
2566 s->end_transfer_func(s);
2567}
2568
caed8802 2569static uint32_t ide_data_readw(void *opaque, uint32_t addr)
5391d806 2570{
caed8802 2571 IDEState *s = ((IDEState *)opaque)->cur_drive;
5391d806
FB		 2572 uint8_t *p;
2573 int ret;
fcdd25ab
AL		 2574
2575 /* PIO data access allowed only when DRQ bit is set */
2576 if (!(s->status & DRQ_STAT))
2577 return 0;
2578
5391d806 2579 p = s->data_ptr;
0c4ad8dc 2580 ret = cpu_to_le16(*(uint16_t *)p);
5391d806
FB		 2581 p += 2;
2582 s->data_ptr = p;
2583 if (p >= s->data_end)
2584 s->end_transfer_func(s);
2585 return ret;
2586}
2587
caed8802 2588static void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
5391d806 2589{
caed8802 2590 IDEState *s = ((IDEState *)opaque)->cur_drive;
5391d806
FB		 2591 uint8_t *p;
2592
fcdd25ab
AL		 2593 /* PIO data access allowed only when DRQ bit is set */
2594 if (!(s->status & DRQ_STAT))
2595 return;
2596
5391d806 2597 p = s->data_ptr;
0c4ad8dc 2598 *(uint32_t *)p = le32_to_cpu(val);
5391d806
FB		 2599 p += 4;
2600 s->data_ptr = p;
2601 if (p >= s->data_end)
2602 s->end_transfer_func(s);
2603}
2604
caed8802 2605static uint32_t ide_data_readl(void *opaque, uint32_t addr)
5391d806 2606{
caed8802 2607 IDEState *s = ((IDEState *)opaque)->cur_drive;
5391d806
FB		 2608 uint8_t *p;
2609 int ret;
3b46e624 2610
fcdd25ab
AL		 2611 /* PIO data access allowed only when DRQ bit is set */
2612 if (!(s->status & DRQ_STAT))
2613 return 0;
2614
5391d806 2615 p = s->data_ptr;
0c4ad8dc 2616 ret = cpu_to_le32(*(uint32_t *)p);
5391d806
FB		 2617 p += 4;
2618 s->data_ptr = p;
2619 if (p >= s->data_end)
2620 s->end_transfer_func(s);
2621 return ret;
2622}
2623
a7dfe172
FB		 2624static void ide_dummy_transfer_stop(IDEState *s)
2625{
2626 s->data_ptr = s->io_buffer;
2627 s->data_end = s->io_buffer;
2628 s->io_buffer[0] = 0xff;
2629 s->io_buffer[1] = 0xff;
2630 s->io_buffer[2] = 0xff;
2631 s->io_buffer[3] = 0xff;
2632}
2633
5391d806
FB		 2634static void ide_reset(IDEState *s)
2635{
201a51fc
AZ		 2636 if (s->is_cf)
2637 s->mult_sectors = 0;
2638 else
2639 s->mult_sectors = MAX_MULT_SECTORS;
5391d806
FB		 2640 s->cur_drive = s;
2641 s->select = 0xa0;
41a2b959 2642 s->status = READY_STAT | SEEK_STAT;
5391d806 2643 ide_set_signature(s);
a7dfe172
FB		 2644 /* init the transfer handler so that 0xffff is returned on data
2645 accesses */
2646 s->end_transfer_func = ide_dummy_transfer_stop;
2647 ide_dummy_transfer_stop(s);
201a51fc 2648 s->media_changed = 0;
5391d806
FB		 2649}
2650
2651struct partition {
2652 uint8_t boot_ind; /* 0x80 - active */
2653 uint8_t head; /* starting head */
2654 uint8_t sector; /* starting sector */
2655 uint8_t cyl; /* starting cylinder */
2656 uint8_t sys_ind; /* What partition type */
2657 uint8_t end_head; /* end head */
2658 uint8_t end_sector; /* end sector */
2659 uint8_t end_cyl; /* end cylinder */
2660 uint32_t start_sect; /* starting sector counting from 0 */
2661 uint32_t nr_sects; /* nr of sectors in partition */
2662} __attribute__((packed));
2663
bf1b938f 2664/* try to guess the disk logical geometry from the MSDOS partition table. Return 0 if OK, -1 if could not guess */
5fafdf24 2665static int guess_disk_lchs(IDEState *s,
bf1b938f 2666 int *pcylinders, int *pheads, int *psectors)
5391d806 2667{
c717d8bf 2668 uint8_t *buf = s->io_buffer;
46d4767d 2669 int ret, i, heads, sectors, cylinders;
5391d806
FB		 2670 struct partition *p;
2671 uint32_t nr_sects;
2672
5391d806 2673 ret = bdrv_read(s->bs, 0, buf, 1);
33f00271 2674 if (ret < 0) {
bf1b938f 2675 return -1;
33f00271 2676 }
5391d806 2677 /* test msdos magic */
33f00271 2678 if (buf[510] != 0x55 || buf[511] != 0xaa) {
bf1b938f 2679 return -1;
33f00271 2680 }
5391d806
FB		 2681 for(i = 0; i < 4; i++) {
2682 p = ((struct partition *)(buf + 0x1be)) + i;
0c4ad8dc 2683 nr_sects = le32_to_cpu(p->nr_sects);
5391d806
FB		 2684 if (nr_sects && p->end_head) {
2685 /* We make the assumption that the partition terminates on
2686 a cylinder boundary */
46d4767d 2687 heads = p->end_head + 1;
46d4767d
FB		 2688 sectors = p->end_sector & 63;
2689 if (sectors == 0)
2690 continue;
2691 cylinders = s->nb_sectors / (heads * sectors);
2692 if (cylinders < 1 || cylinders > 16383)
2693 continue;
bf1b938f
FB		 2694 *pheads = heads;
2695 *psectors = sectors;
2696 *pcylinders = cylinders;
5391d806 2697#if 0
5fafdf24 2698 printf("guessed geometry: LCHS=%d %d %d\n",
bf1b938f 2699 cylinders, heads, sectors);
5391d806 2700#endif
bf1b938f 2701 return 0;
5391d806
FB		 2702 }
2703 }
bf1b938f 2704 return -1;
5391d806
FB		 2705}
2706
5457c8ce
FB		 2707static void ide_init2(IDEState *ide_state,
2708 BlockDriverState *hd0, BlockDriverState *hd1,
d537cf6c 2709 qemu_irq irq)
5391d806 2710{
69b91039 2711 IDEState *s;
aedf5382 2712 static int drive_serial = 1;
4dbb0f50 2713 int i, cylinders, heads, secs, translation, lba_detected = 0;
96b8f136 2714 uint64_t nb_sectors;
5391d806 2715
caed8802
FB		 2716 for(i = 0; i < 2; i++) {
2717 s = ide_state + i;
1d8cde5b 2718 s->io_buffer = qemu_memalign(512, IDE_DMA_BUF_SECTORS*512 + 4);
caed8802
FB		 2719 if (i == 0)
2720 s->bs = hd0;
2721 else
2722 s->bs = hd1;
5391d806
FB		 2723 if (s->bs) {
2724 bdrv_get_geometry(s->bs, &nb_sectors);
2725 s->nb_sectors = nb_sectors;
caed8802
FB		 2726 /* if a geometry hint is available, use it */
2727 bdrv_get_geometry_hint(s->bs, &cylinders, &heads, &secs);
4dbb0f50 2728 translation = bdrv_get_translation_hint(s->bs);
caed8802 2729 if (cylinders != 0) {
5391d806 2730 s->cylinders = cylinders;
caed8802
FB		 2731 s->heads = heads;
2732 s->sectors = secs;
2733 } else {
bf1b938f
FB		 2734 if (guess_disk_lchs(s, &cylinders, &heads, &secs) == 0) {
2735 if (heads > 16) {
2736 /* if heads > 16, it means that a BIOS LBA
2737 translation was active, so the default
2738 hardware geometry is OK */
4dbb0f50 2739 lba_detected = 1;
bf1b938f
FB		 2740 goto default_geometry;
2741 } else {
2742 s->cylinders = cylinders;
2743 s->heads = heads;
2744 s->sectors = secs;
2745 /* disable any translation to be in sync with
2746 the logical geometry */
bf1b938f
FB		 2747 if (translation == BIOS_ATA_TRANSLATION_AUTO) {
2748 bdrv_set_translation_hint(s->bs,
2749 BIOS_ATA_TRANSLATION_NONE);
2750 }
2751 }
2752 } else {
2753 default_geometry:
46d4767d 2754 /* if no geometry, use a standard physical disk geometry */
caed8802
FB		 2755 cylinders = nb_sectors / (16 * 63);
2756 if (cylinders > 16383)
2757 cylinders = 16383;
2758 else if (cylinders < 2)
2759 cylinders = 2;
2760 s->cylinders = cylinders;
2761 s->heads = 16;
2762 s->sectors = 63;
4dbb0f50
TS		 2763 if ((lba_detected == 1) && (translation == BIOS_ATA_TRANSLATION_AUTO)) {
2764 if ((s->cylinders * s->heads) <= 131072) {
2765 bdrv_set_translation_hint(s->bs,
2766 BIOS_ATA_TRANSLATION_LARGE);
2767 } else {
2768 bdrv_set_translation_hint(s->bs,
2769 BIOS_ATA_TRANSLATION_LBA);
2770 }
2771 }
caed8802 2772 }
769bec72 2773 bdrv_set_geometry_hint(s->bs, s->cylinders, s->heads, s->sectors);
caed8802
FB		 2774 }
2775 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
2776 s->is_cdrom = 1;
bd491d6a 2777 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
5391d806
FB		 2778 }
2779 }
aedf5382 2780 s->drive_serial = drive_serial++;
caed8802 2781 s->irq = irq;
5fafdf24 2782 s->sector_write_timer = qemu_new_timer(vm_clock,
a09db21f 2783 ide_sector_write_timer_cb, s);
5391d806
FB		 2784 ide_reset(s);
2785 }
69b91039
FB		 2786}
2787
34e538ae 2788static void ide_init_ioport(IDEState *ide_state, int iobase, int iobase2)
69b91039 2789{
caed8802
FB		 2790 register_ioport_write(iobase, 8, 1, ide_ioport_write, ide_state);
2791 register_ioport_read(iobase, 8, 1, ide_ioport_read, ide_state);
2792 if (iobase2) {
2793 register_ioport_read(iobase2, 1, 1, ide_status_read, ide_state);
2794 register_ioport_write(iobase2, 1, 1, ide_cmd_write, ide_state);
5391d806 2795 }
3b46e624 2796
caed8802
FB		 2797 /* data ports */
2798 register_ioport_write(iobase, 2, 2, ide_data_writew, ide_state);
2799 register_ioport_read(iobase, 2, 2, ide_data_readw, ide_state);
2800 register_ioport_write(iobase, 4, 4, ide_data_writel, ide_state);
2801 register_ioport_read(iobase, 4, 4, ide_data_readl, ide_state);
5391d806 2802}
69b91039 2803
aa941b94
AZ		 2804/* save per IDE drive data */
2805static void ide_save(QEMUFile* f, IDEState *s)
2806{
bee8d684
TS		 2807 qemu_put_be32(f, s->mult_sectors);
2808 qemu_put_be32(f, s->identify_set);
aa941b94
AZ		 2809 if (s->identify_set) {
2810 qemu_put_buffer(f, (const uint8_t *)s->identify_data, 512);
2811 }
2812 qemu_put_8s(f, &s->feature);
2813 qemu_put_8s(f, &s->error);
2814 qemu_put_be32s(f, &s->nsector);
2815 qemu_put_8s(f, &s->sector);
2816 qemu_put_8s(f, &s->lcyl);
2817 qemu_put_8s(f, &s->hcyl);
2818 qemu_put_8s(f, &s->hob_feature);
2819 qemu_put_8s(f, &s->hob_nsector);
2820 qemu_put_8s(f, &s->hob_sector);
2821 qemu_put_8s(f, &s->hob_lcyl);
2822 qemu_put_8s(f, &s->hob_hcyl);
2823 qemu_put_8s(f, &s->select);
2824 qemu_put_8s(f, &s->status);
2825 qemu_put_8s(f, &s->lba48);
2826
2827 qemu_put_8s(f, &s->sense_key);
2828 qemu_put_8s(f, &s->asc);
2829 /* XXX: if a transfer is pending, we do not save it yet */
2830}
2831
2832/* load per IDE drive data */
2833static void ide_load(QEMUFile* f, IDEState *s)
2834{
bee8d684
TS		 2835 s->mult_sectors=qemu_get_be32(f);
2836 s->identify_set=qemu_get_be32(f);
aa941b94
AZ		 2837 if (s->identify_set) {
2838 qemu_get_buffer(f, (uint8_t *)s->identify_data, 512);
2839 }
2840 qemu_get_8s(f, &s->feature);
2841 qemu_get_8s(f, &s->error);
2842 qemu_get_be32s(f, &s->nsector);
2843 qemu_get_8s(f, &s->sector);
2844 qemu_get_8s(f, &s->lcyl);
2845 qemu_get_8s(f, &s->hcyl);
2846 qemu_get_8s(f, &s->hob_feature);
2847 qemu_get_8s(f, &s->hob_nsector);
2848 qemu_get_8s(f, &s->hob_sector);
2849 qemu_get_8s(f, &s->hob_lcyl);
2850 qemu_get_8s(f, &s->hob_hcyl);
2851 qemu_get_8s(f, &s->select);
2852 qemu_get_8s(f, &s->status);
2853 qemu_get_8s(f, &s->lba48);
2854
2855 qemu_get_8s(f, &s->sense_key);
2856 qemu_get_8s(f, &s->asc);
2857 /* XXX: if a transfer is pending, we do not save it yet */
2858}
2859
34e538ae
FB		 2860/***********************************************************/
2861/* ISA IDE definitions */
2862
d537cf6c 2863void isa_ide_init(int iobase, int iobase2, qemu_irq irq,
34e538ae
FB		 2864 BlockDriverState *hd0, BlockDriverState *hd1)
2865{
2866 IDEState *ide_state;
2867
2868 ide_state = qemu_mallocz(sizeof(IDEState) * 2);
2869 if (!ide_state)
2870 return;
3b46e624 2871
d537cf6c 2872 ide_init2(ide_state, hd0, hd1, irq);
34e538ae
FB		 2873 ide_init_ioport(ide_state, iobase, iobase2);
2874}
2875
69b91039
FB		 2876/***********************************************************/
2877/* PCI IDE definitions */
2878
5457c8ce
FB		 2879static void cmd646_update_irq(PCIIDEState *d);
2880
5fafdf24 2881static void ide_map(PCIDevice *pci_dev, int region_num,
69b91039
FB		 2882 uint32_t addr, uint32_t size, int type)
2883{
2884 PCIIDEState *d = (PCIIDEState *)pci_dev;
2885 IDEState *ide_state;
2886
2887 if (region_num <= 3) {
2888 ide_state = &d->ide_if[(region_num >> 1) * 2];
2889 if (region_num & 1) {
2890 register_ioport_read(addr + 2, 1, 1, ide_status_read, ide_state);
2891 register_ioport_write(addr + 2, 1, 1, ide_cmd_write, ide_state);
2892 } else {
2893 register_ioport_write(addr, 8, 1, ide_ioport_write, ide_state);
2894 register_ioport_read(addr, 8, 1, ide_ioport_read, ide_state);
2895
2896 /* data ports */
2897 register_ioport_write(addr, 2, 2, ide_data_writew, ide_state);
2898 register_ioport_read(addr, 2, 2, ide_data_readw, ide_state);
2899 register_ioport_write(addr, 4, 4, ide_data_writel, ide_state);
2900 register_ioport_read(addr, 4, 4, ide_data_readl, ide_state);
2901 }
2902 }
2903}
2904
8ccad811 2905static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb)
98087450
FB		 2906{
2907 BMDMAState *bm = s->bmdma;
2908 if(!bm)
2909 return;
2910 bm->ide_if = s;
2911 bm->dma_cb = dma_cb;
8ccad811
FB		 2912 bm->cur_prd_last = 0;
2913 bm->cur_prd_addr = 0;
2914 bm->cur_prd_len = 0;
98087450 2915 if (bm->status & BM_STATUS_DMAING) {
8ccad811 2916 bm->dma_cb(bm, 0);
98087450
FB		 2917 }
2918}
2919
72c7b06c
AL		 2920static void ide_dma_cancel(BMDMAState *bm)
2921{
2922 if (bm->status & BM_STATUS_DMAING) {
2923 bm->status &= ~BM_STATUS_DMAING;
2924 /* cancel DMA request */
2925 bm->ide_if = NULL;
2926 bm->dma_cb = NULL;
2927 if (bm->aiocb) {
2928#ifdef DEBUG_AIO
2929 printf("aio_cancel\n");
2930#endif
2931 bdrv_aio_cancel(bm->aiocb);
2932 bm->aiocb = NULL;
2933 }
2934 }
2935}
2936
98087450
FB		 2937static void bmdma_cmd_writeb(void *opaque, uint32_t addr, uint32_t val)
2938{
2939 BMDMAState *bm = opaque;
2940#ifdef DEBUG_IDE
2941 printf("%s: 0x%08x\n", __func__, val);
2942#endif
2943 if (!(val & BM_CMD_START)) {
2944 /* XXX: do it better */
72c7b06c 2945 ide_dma_cancel(bm);
98087450
FB		 2946 bm->cmd = val & 0x09;
2947 } else {
8ccad811
FB		 2948 if (!(bm->status & BM_STATUS_DMAING)) {
2949 bm->status |= BM_STATUS_DMAING;
2950 /* start dma transfer if possible */
2951 if (bm->dma_cb)
2952 bm->dma_cb(bm, 0);
2953 }
98087450 2954 bm->cmd = val & 0x09;
98087450
FB		 2955 }
2956}
2957
5457c8ce 2958static uint32_t bmdma_readb(void *opaque, uint32_t addr)
98087450
FB		 2959{
2960 BMDMAState *bm = opaque;
5457c8ce 2961 PCIIDEState *pci_dev;
98087450 2962 uint32_t val;
3b46e624 2963
5457c8ce 2964 switch(addr & 3) {
5fafdf24 2965 case 0:
5457c8ce
FB		 2966 val = bm->cmd;
2967 break;
2968 case 1:
2969 pci_dev = bm->pci_dev;
2970 if (pci_dev->type == IDE_TYPE_CMD646) {
2971 val = pci_dev->dev.config[MRDMODE];
2972 } else {
2973 val = 0xff;
2974 }
2975 break;
2976 case 2:
2977 val = bm->status;
2978 break;
2979 case 3:
2980 pci_dev = bm->pci_dev;
2981 if (pci_dev->type == IDE_TYPE_CMD646) {
2982 if (bm == &pci_dev->bmdma[0])
2983 val = pci_dev->dev.config[UDIDETCR0];
2984 else
2985 val = pci_dev->dev.config[UDIDETCR1];
2986 } else {
2987 val = 0xff;
2988 }
2989 break;
2990 default:
2991 val = 0xff;
2992 break;
2993 }
98087450 2994#ifdef DEBUG_IDE
5457c8ce 2995 printf("bmdma: readb 0x%02x : 0x%02x\n", addr, val);
98087450
FB		 2996#endif
2997 return val;
2998}
2999
5457c8ce 3000static void bmdma_writeb(void *opaque, uint32_t addr, uint32_t val)
98087450
FB		 3001{
3002 BMDMAState *bm = opaque;
5457c8ce 3003 PCIIDEState *pci_dev;
98087450 3004#ifdef DEBUG_IDE
5457c8ce 3005 printf("bmdma: writeb 0x%02x : 0x%02x\n", addr, val);
98087450 3006#endif
5457c8ce
FB		 3007 switch(addr & 3) {
3008 case 1:
3009 pci_dev = bm->pci_dev;
3010 if (pci_dev->type == IDE_TYPE_CMD646) {
5fafdf24 3011 pci_dev->dev.config[MRDMODE] =
5457c8ce
FB		 3012 (pci_dev->dev.config[MRDMODE] & ~0x30) | (val & 0x30);
3013 cmd646_update_irq(pci_dev);
3014 }
3015 break;
3016 case 2:
3017 bm->status = (val & 0x60) | (bm->status & 1) | (bm->status & ~val & 0x06);
3018 break;
3019 case 3:
3020 pci_dev = bm->pci_dev;
3021 if (pci_dev->type == IDE_TYPE_CMD646) {
3022 if (bm == &pci_dev->bmdma[0])
3023 pci_dev->dev.config[UDIDETCR0] = val;
3024 else
3025 pci_dev->dev.config[UDIDETCR1] = val;
3026 }
3027 break;
3028 }
98087450
FB		 3029}
3030
5b9a1293
AJ		 3031static uint32_t bmdma_addr_readb(void *opaque, uint32_t addr)
3032{
3033 BMDMAState *bm = opaque;
3034 uint32_t val;
3035 val = (bm->addr >> ((addr & 3) * 8)) & 0xff;
3036#ifdef DEBUG_IDE
3037 printf("%s: 0x%08x\n", __func__, val);
3038#endif
3039 return val;
3040}
3041
3042static void bmdma_addr_writeb(void *opaque, uint32_t addr, uint32_t val)
3043{
3044 BMDMAState *bm = opaque;
3045 int shift = (addr & 3) * 8;
3046#ifdef DEBUG_IDE
3047 printf("%s: 0x%08x\n", __func__, val);
3048#endif
3049 bm->addr &= ~(0xFF << shift);
3050 bm->addr |= ((val & 0xFF) << shift) & ~3;
3051 bm->cur_addr = bm->addr;
3052}
3053
3054static uint32_t bmdma_addr_readw(void *opaque, uint32_t addr)
3055{
3056 BMDMAState *bm = opaque;
3057 uint32_t val;
3058 val = (bm->addr >> ((addr & 3) * 8)) & 0xffff;
3059#ifdef DEBUG_IDE
3060 printf("%s: 0x%08x\n", __func__, val);
3061#endif
3062 return val;
3063}
3064
3065static void bmdma_addr_writew(void *opaque, uint32_t addr, uint32_t val)
3066{
3067 BMDMAState *bm = opaque;
3068 int shift = (addr & 3) * 8;
3069#ifdef DEBUG_IDE
3070 printf("%s: 0x%08x\n", __func__, val);
3071#endif
3072 bm->addr &= ~(0xFFFF << shift);
3073 bm->addr |= ((val & 0xFFFF) << shift) & ~3;
3074 bm->cur_addr = bm->addr;
3075}
3076
98087450
FB		 3077static uint32_t bmdma_addr_readl(void *opaque, uint32_t addr)
3078{
3079 BMDMAState *bm = opaque;
3080 uint32_t val;
3081 val = bm->addr;
3082#ifdef DEBUG_IDE
3083 printf("%s: 0x%08x\n", __func__, val);
3084#endif
3085 return val;
3086}
3087
3088static void bmdma_addr_writel(void *opaque, uint32_t addr, uint32_t val)
3089{
3090 BMDMAState *bm = opaque;
3091#ifdef DEBUG_IDE
3092 printf("%s: 0x%08x\n", __func__, val);
3093#endif
3094 bm->addr = val & ~3;
30c4bbac 3095 bm->cur_addr = bm->addr;
98087450
FB		 3096}
3097
5fafdf24 3098static void bmdma_map(PCIDevice *pci_dev, int region_num,
98087450
FB		 3099 uint32_t addr, uint32_t size, int type)
3100{
3101 PCIIDEState *d = (PCIIDEState *)pci_dev;
3102 int i;
3103
3104 for(i = 0;i < 2; i++) {
3105 BMDMAState *bm = &d->bmdma[i];
3106 d->ide_if[2 * i].bmdma = bm;
3107 d->ide_if[2 * i + 1].bmdma = bm;
5457c8ce
FB		 3108 bm->pci_dev = (PCIIDEState *)pci_dev;
3109
98087450 3110 register_ioport_write(addr, 1, 1, bmdma_cmd_writeb, bm);
98087450 3111
5457c8ce
FB		 3112 register_ioport_write(addr + 1, 3, 1, bmdma_writeb, bm);
3113 register_ioport_read(addr, 4, 1, bmdma_readb, bm);
98087450 3114
5b9a1293
AJ		 3115 register_ioport_write(addr + 4, 4, 1, bmdma_addr_writeb, bm);
3116 register_ioport_read(addr + 4, 4, 1, bmdma_addr_readb, bm);
3117 register_ioport_write(addr + 4, 4, 2, bmdma_addr_writew, bm);
3118 register_ioport_read(addr + 4, 4, 2, bmdma_addr_readw, bm);
98087450
FB		 3119 register_ioport_write(addr + 4, 4, 4, bmdma_addr_writel, bm);
3120 register_ioport_read(addr + 4, 4, 4, bmdma_addr_readl, bm);
3121 addr += 8;
3122 }
3123}
3124
5457c8ce
FB		 3125/* XXX: call it also when the MRDMODE is changed from the PCI config
3126 registers */
3127static void cmd646_update_irq(PCIIDEState *d)
3128{
3129 int pci_level;
3130 pci_level = ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH0) &&
3131 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH0)) ||
3132 ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH1) &&
3133 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH1));
d537cf6c 3134 qemu_set_irq(d->dev.irq[0], pci_level);
5457c8ce
FB		 3135}
3136
3137/* the PCI irq level is the logical OR of the two channels */
3138static void cmd646_set_irq(void *opaque, int channel, int level)
3139{
3140 PCIIDEState *d = opaque;
3141 int irq_mask;
3142
3143 irq_mask = MRDMODE_INTR_CH0 << channel;
3144 if (level)
3145 d->dev.config[MRDMODE] |= irq_mask;
3146 else
3147 d->dev.config[MRDMODE] &= ~irq_mask;
3148 cmd646_update_irq(d);
3149}
3150
3151/* CMD646 PCI IDE controller */
3152void pci_cmd646_ide_init(PCIBus *bus, BlockDriverState **hd_table,
3153 int secondary_ide_enabled)
69b91039
FB		 3154{
3155 PCIIDEState *d;
3156 uint8_t *pci_conf;
34e538ae 3157 int i;
d537cf6c 3158 qemu_irq *irq;
34e538ae 3159
5fafdf24 3160 d = (PCIIDEState *)pci_register_device(bus, "CMD646 IDE",
5457c8ce 3161 sizeof(PCIIDEState),
5fafdf24 3162 -1,
73c11f63 3163 NULL, NULL);
5457c8ce 3164 d->type = IDE_TYPE_CMD646;
69b91039 3165 pci_conf = d->dev.config;
5457c8ce
FB		 3166 pci_conf[0x00] = 0x95; // CMD646
3167 pci_conf[0x01] = 0x10;
3168 pci_conf[0x02] = 0x46;
3169 pci_conf[0x03] = 0x06;
3170
3171 pci_conf[0x08] = 0x07; // IDE controller revision
5fafdf24 3172 pci_conf[0x09] = 0x8f;
5457c8ce 3173
69b91039
FB		 3174 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
3175 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
5457c8ce 3176 pci_conf[0x0e] = 0x00; // header_type
3b46e624 3177
5457c8ce
FB		 3178 if (secondary_ide_enabled) {
3179 /* XXX: if not enabled, really disable the seconday IDE controller */
3180 pci_conf[0x51] = 0x80; /* enable IDE1 */
3181 }
69b91039 3182
5fafdf24 3183 pci_register_io_region((PCIDevice *)d, 0, 0x8,
69b91039 3184 PCI_ADDRESS_SPACE_IO, ide_map);
5fafdf24 3185 pci_register_io_region((PCIDevice *)d, 1, 0x4,
69b91039 3186 PCI_ADDRESS_SPACE_IO, ide_map);
5fafdf24 3187 pci_register_io_region((PCIDevice *)d, 2, 0x8,
69b91039 3188 PCI_ADDRESS_SPACE_IO, ide_map);
5fafdf24 3189 pci_register_io_region((PCIDevice *)d, 3, 0x4,
69b91039 3190 PCI_ADDRESS_SPACE_IO, ide_map);
5fafdf24 3191 pci_register_io_region((PCIDevice *)d, 4, 0x10,
98087450 3192 PCI_ADDRESS_SPACE_IO, bmdma_map);
69b91039 3193
34e538ae 3194 pci_conf[0x3d] = 0x01; // interrupt on pin 1
3b46e624 3195
34e538ae
FB		 3196 for(i = 0; i < 4; i++)
3197 d->ide_if[i].pci_dev = (PCIDevice *)d;
d537cf6c
PB		 3198
3199 irq = qemu_allocate_irqs(cmd646_set_irq, d, 2);
3200 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], irq[0]);
3201 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], irq[1]);
34e538ae
FB		 3202}
3203
c3d78997
FB		 3204static void pci_ide_save(QEMUFile* f, void *opaque)
3205{
3206 PCIIDEState *d = opaque;
3207 int i;
3208
3209 pci_device_save(&d->dev, f);
3210
3211 for(i = 0; i < 2; i++) {
3212 BMDMAState *bm = &d->bmdma[i];
3213 qemu_put_8s(f, &bm->cmd);
3214 qemu_put_8s(f, &bm->status);
3215 qemu_put_be32s(f, &bm->addr);
3216 /* XXX: if a transfer is pending, we do not save it yet */
3217 }
3218
3219 /* per IDE interface data */
3220 for(i = 0; i < 2; i++) {
3221 IDEState *s = &d->ide_if[i * 2];
3222 uint8_t drive1_selected;
3223 qemu_put_8s(f, &s->cmd);
3224 drive1_selected = (s->cur_drive != s);
3225 qemu_put_8s(f, &drive1_selected);
3226 }
3227
3228 /* per IDE drive data */
3229 for(i = 0; i < 4; i++) {
aa941b94 3230 ide_save(f, &d->ide_if[i]);
c3d78997
FB		 3231 }
3232}
3233
3234static int pci_ide_load(QEMUFile* f, void *opaque, int version_id)
3235{
3236 PCIIDEState *d = opaque;
3237 int ret, i;
3238
3239 if (version_id != 1)
3240 return -EINVAL;
3241 ret = pci_device_load(&d->dev, f);
3242 if (ret < 0)
3243 return ret;
3244
3245 for(i = 0; i < 2; i++) {
3246 BMDMAState *bm = &d->bmdma[i];
3247 qemu_get_8s(f, &bm->cmd);
3248 qemu_get_8s(f, &bm->status);
3249 qemu_get_be32s(f, &bm->addr);
3250 /* XXX: if a transfer is pending, we do not save it yet */
3251 }
3252
3253 /* per IDE interface data */
3254 for(i = 0; i < 2; i++) {
3255 IDEState *s = &d->ide_if[i * 2];
3256 uint8_t drive1_selected;
3257 qemu_get_8s(f, &s->cmd);
3258 qemu_get_8s(f, &drive1_selected);
3259 s->cur_drive = &d->ide_if[i * 2 + (drive1_selected != 0)];
3260 }
3261
3262 /* per IDE drive data */
3263 for(i = 0; i < 4; i++) {
aa941b94 3264 ide_load(f, &d->ide_if[i]);
c3d78997
FB		 3265 }
3266 return 0;
3267}
3268
72c7b06c 3269static void piix3_reset(void *opaque)
e6a71ae3 3270{
72c7b06c 3271 PCIIDEState *d = opaque;
e6a71ae3 3272 uint8_t *pci_conf = d->dev.config;
72c7b06c
AL		 3273 int i;
3274
3275 for (i = 0; i < 2; i++)
3276 ide_dma_cancel(&d->bmdma[i]);
e6a71ae3
TS		 3277
3278 pci_conf[0x04] = 0x00;
3279 pci_conf[0x05] = 0x00;
3280 pci_conf[0x06] = 0x80; /* FBC */
3281 pci_conf[0x07] = 0x02; // PCI_status_devsel_medium
3282 pci_conf[0x20] = 0x01; /* BMIBA: 20-23h */
3283}
3284
34e538ae
FB		 3285/* hd_table must contain 4 block drivers */
3286/* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
d537cf6c
PB		 3287void pci_piix3_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
3288 qemu_irq *pic)
34e538ae
FB		 3289{
3290 PCIIDEState *d;
3291 uint8_t *pci_conf;
3b46e624 3292
34e538ae 3293 /* register a function 1 of PIIX3 */
5fafdf24 3294 d = (PCIIDEState *)pci_register_device(bus, "PIIX3 IDE",
46e50e9d 3295 sizeof(PCIIDEState),
502a5395 3296 devfn,
34e538ae 3297 NULL, NULL);
5457c8ce
FB		 3298 d->type = IDE_TYPE_PIIX3;
3299
34e538ae
FB		 3300 pci_conf = d->dev.config;
3301 pci_conf[0x00] = 0x86; // Intel
3302 pci_conf[0x01] = 0x80;
3303 pci_conf[0x02] = 0x10;
3304 pci_conf[0x03] = 0x70;
92510b8c 3305 pci_conf[0x09] = 0x80; // legacy ATA mode
34e538ae
FB		 3306 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
3307 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
3308 pci_conf[0x0e] = 0x00; // header_type
3309
72c7b06c 3310 qemu_register_reset(piix3_reset, d);
e6a71ae3
TS		 3311 piix3_reset(d);
3312
5fafdf24 3313 pci_register_io_region((PCIDevice *)d, 4, 0x10,
98087450 3314 PCI_ADDRESS_SPACE_IO, bmdma_map);
34e538ae 3315
d537cf6c
PB		 3316 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
3317 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
34e538ae
FB		 3318 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
3319 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
c3d78997
FB		 3320
3321 register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
69b91039 3322}
1ade1de2 3323
afcc3cdf
TS		 3324/* hd_table must contain 4 block drivers */
3325/* NOTE: for the PIIX4, the IRQs and IOports are hardcoded */
3326void pci_piix4_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
3327 qemu_irq *pic)
3328{
3329 PCIIDEState *d;
3330 uint8_t *pci_conf;
3331
3332 /* register a function 1 of PIIX4 */
3333 d = (PCIIDEState *)pci_register_device(bus, "PIIX4 IDE",
3334 sizeof(PCIIDEState),
3335 devfn,
3336 NULL, NULL);
3337 d->type = IDE_TYPE_PIIX4;
3338
3339 pci_conf = d->dev.config;
3340 pci_conf[0x00] = 0x86; // Intel
3341 pci_conf[0x01] = 0x80;
3342 pci_conf[0x02] = 0x11;
3343 pci_conf[0x03] = 0x71;
3344 pci_conf[0x09] = 0x80; // legacy ATA mode
3345 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
3346 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
3347 pci_conf[0x0e] = 0x00; // header_type
3348
72c7b06c 3349 qemu_register_reset(piix3_reset, d);
afcc3cdf
TS		 3350 piix3_reset(d);
3351
3352 pci_register_io_region((PCIDevice *)d, 4, 0x10,
3353 PCI_ADDRESS_SPACE_IO, bmdma_map);
3354
3355 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
3356 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
3357 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
3358 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
3359
3360 register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
3361}
3362
1ade1de2
FB		 3363/***********************************************************/
3364/* MacIO based PowerPC IDE */
3365
3366/* PowerMac IDE memory IO */
3367static void pmac_ide_writeb (void *opaque,
3368 target_phys_addr_t addr, uint32_t val)
3369{
5fafdf24 3370 addr = (addr & 0xFFF) >> 4;
1ade1de2
FB		 3371 switch (addr) {
3372 case 1 ... 7:
3373 ide_ioport_write(opaque, addr, val);
3374 break;
3375 case 8:
3376 case 22:
3377 ide_cmd_write(opaque, 0, val);
3378 break;
3379 default:
3380 break;
3381 }
3382}
3383
3384static uint32_t pmac_ide_readb (void *opaque,target_phys_addr_t addr)
3385{
3386 uint8_t retval;
3387
3388 addr = (addr & 0xFFF) >> 4;
3389 switch (addr) {
3390 case 1 ... 7:
3391 retval = ide_ioport_read(opaque, addr);
3392 break;
3393 case 8:
3394 case 22:
3395 retval = ide_status_read(opaque, 0);
3396 break;
3397 default:
3398 retval = 0xFF;
3399 break;
3400 }
3401 return retval;
3402}
3403
3404static void pmac_ide_writew (void *opaque,
3405 target_phys_addr_t addr, uint32_t val)
3406{
5fafdf24 3407 addr = (addr & 0xFFF) >> 4;
1ade1de2
FB		 3408#ifdef TARGET_WORDS_BIGENDIAN
3409 val = bswap16(val);
3410#endif
3411 if (addr == 0) {
3412 ide_data_writew(opaque, 0, val);
3413 }
3414}
3415
3416static uint32_t pmac_ide_readw (void *opaque,target_phys_addr_t addr)
3417{
3418 uint16_t retval;
3419
5fafdf24 3420 addr = (addr & 0xFFF) >> 4;
1ade1de2
FB		 3421 if (addr == 0) {
3422 retval = ide_data_readw(opaque, 0);
3423 } else {
3424 retval = 0xFFFF;
3425 }
3426#ifdef TARGET_WORDS_BIGENDIAN
3427 retval = bswap16(retval);
3428#endif
3429 return retval;
3430}
3431
3432static void pmac_ide_writel (void *opaque,
3433 target_phys_addr_t addr, uint32_t val)
3434{
5fafdf24 3435 addr = (addr & 0xFFF) >> 4;
1ade1de2
FB		 3436#ifdef TARGET_WORDS_BIGENDIAN
3437 val = bswap32(val);
3438#endif
3439 if (addr == 0) {
3440 ide_data_writel(opaque, 0, val);
3441 }
3442}
3443
3444static uint32_t pmac_ide_readl (void *opaque,target_phys_addr_t addr)
3445{
3446 uint32_t retval;
3447
5fafdf24 3448 addr = (addr & 0xFFF) >> 4;
1ade1de2
FB		 3449 if (addr == 0) {
3450 retval = ide_data_readl(opaque, 0);
3451 } else {
3452 retval = 0xFFFFFFFF;
3453 }
3454#ifdef TARGET_WORDS_BIGENDIAN
3455 retval = bswap32(retval);
3456#endif
3457 return retval;
3458}
3459
3460static CPUWriteMemoryFunc *pmac_ide_write[] = {
3461 pmac_ide_writeb,
3462 pmac_ide_writew,
3463 pmac_ide_writel,
3464};
3465
3466static CPUReadMemoryFunc *pmac_ide_read[] = {
3467 pmac_ide_readb,
3468 pmac_ide_readw,
3469 pmac_ide_readl,
3470};
3471
3472/* hd_table must contain 4 block drivers */
3473/* PowerMac uses memory mapped registers, not I/O. Return the memory
3474 I/O index to access the ide. */
d537cf6c 3475int pmac_ide_init (BlockDriverState **hd_table, qemu_irq irq)
1ade1de2
FB		 3476{
3477 IDEState *ide_if;
3478 int pmac_ide_memory;
3479
3480 ide_if = qemu_mallocz(sizeof(IDEState) * 2);
d537cf6c 3481 ide_init2(&ide_if[0], hd_table[0], hd_table[1], irq);
3b46e624 3482
1ade1de2
FB		 3483 pmac_ide_memory = cpu_register_io_memory(0, pmac_ide_read,
3484 pmac_ide_write, &ide_if[0]);
3485 return pmac_ide_memory;
3486}
201a51fc
AZ		 3487
3488/***********************************************************/
3489/* CF-ATA Microdrive */
3490
3491#define METADATA_SIZE 0x20
3492
3493/* DSCM-1XXXX Microdrive hard disk with CF+ II / PCMCIA interface. */
3494struct md_s {
3495 IDEState ide[2];
3496 struct pcmcia_card_s card;
3497 uint32_t attr_base;
3498 uint32_t io_base;
3499
3500 /* Card state */
3501 uint8_t opt;
3502 uint8_t stat;
3503 uint8_t pins;
3504
3505 uint8_t ctrl;
3506 uint16_t io;
3507 int cycle;
3508};
3509
3510/* Register bitfields */
3511enum md_opt {
3512 OPT_MODE_MMAP = 0,
3513 OPT_MODE_IOMAP16 = 1,
3514 OPT_MODE_IOMAP1 = 2,
3515 OPT_MODE_IOMAP2 = 3,
3516 OPT_MODE = 0x3f,
3517 OPT_LEVIREQ = 0x40,
3518 OPT_SRESET = 0x80,
3519};
3520enum md_cstat {
3521 STAT_INT = 0x02,
3522 STAT_PWRDWN = 0x04,
3523 STAT_XE = 0x10,
3524 STAT_IOIS8 = 0x20,
3525 STAT_SIGCHG = 0x40,
3526 STAT_CHANGED = 0x80,
3527};
3528enum md_pins {
3529 PINS_MRDY = 0x02,
3530 PINS_CRDY = 0x20,
3531};
3532enum md_ctrl {
3533 CTRL_IEN = 0x02,
3534 CTRL_SRST = 0x04,
3535};
3536
3537static inline void md_interrupt_update(struct md_s *s)
3538{
3539 if (!s->card.slot)
3540 return;
3541
3542 qemu_set_irq(s->card.slot->irq,
3543 !(s->stat & STAT_INT) && /* Inverted */
3544 !(s->ctrl & (CTRL_IEN | CTRL_SRST)) &&
3545 !(s->opt & OPT_SRESET));
3546}
3547
3548static void md_set_irq(void *opaque, int irq, int level)
3549{
3550 struct md_s *s = (struct md_s *) opaque;
3551 if (level)
3552 s->stat |= STAT_INT;
3553 else
3554 s->stat &= ~STAT_INT;
3555
3556 md_interrupt_update(s);
3557}
3558
3559static void md_reset(struct md_s *s)
3560{
3561 s->opt = OPT_MODE_MMAP;
3562 s->stat = 0;
3563 s->pins = 0;
3564 s->cycle = 0;
3565 s->ctrl = 0;
3566 ide_reset(s->ide);
3567}
3568
9e315fa9 3569static uint8_t md_attr_read(void *opaque, uint32_t at)
201a51fc
AZ		 3570{
3571 struct md_s *s = (struct md_s *) opaque;
3572 if (at < s->attr_base) {
3573 if (at < s->card.cis_len)
3574 return s->card.cis[at];
3575 else
3576 return 0x00;
3577 }
3578
3579 at -= s->attr_base;
3580
3581 switch (at) {
3582 case 0x00: /* Configuration Option Register */
3583 return s->opt;
3584 case 0x02: /* Card Configuration Status Register */
3585 if (s->ctrl & CTRL_IEN)
3586 return s->stat & ~STAT_INT;
3587 else
3588 return s->stat;
3589 case 0x04: /* Pin Replacement Register */
3590 return (s->pins & PINS_CRDY) | 0x0c;
3591 case 0x06: /* Socket and Copy Register */
3592 return 0x00;
3593#ifdef VERBOSE
3594 default:
3595 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3596#endif
3597 }
3598
3599 return 0;
3600}
3601
9e315fa9 3602static void md_attr_write(void *opaque, uint32_t at, uint8_t value)
201a51fc
AZ		 3603{
3604 struct md_s *s = (struct md_s *) opaque;
3605 at -= s->attr_base;
3606
3607 switch (at) {
3608 case 0x00: /* Configuration Option Register */
3609 s->opt = value & 0xcf;
3610 if (value & OPT_SRESET)
3611 md_reset(s);
3612 md_interrupt_update(s);
3613 break;
3614 case 0x02: /* Card Configuration Status Register */
3615 if ((s->stat ^ value) & STAT_PWRDWN)
3616 s->pins |= PINS_CRDY;
3617 s->stat &= 0x82;
3618 s->stat |= value & 0x74;
3619 md_interrupt_update(s);
3620 /* Word 170 in Identify Device must be equal to STAT_XE */
3621 break;
3622 case 0x04: /* Pin Replacement Register */
3623 s->pins &= PINS_CRDY;
3624 s->pins |= value & PINS_MRDY;
3625 break;
3626 case 0x06: /* Socket and Copy Register */
3627 break;
3628 default:
3629 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3630 }
3631}
3632
9e315fa9 3633static uint16_t md_common_read(void *opaque, uint32_t at)
201a51fc
AZ		 3634{
3635 struct md_s *s = (struct md_s *) opaque;
3636 uint16_t ret;
3637 at -= s->io_base;
3638
3639 switch (s->opt & OPT_MODE) {
3640 case OPT_MODE_MMAP:
3641 if ((at & ~0x3ff) == 0x400)
3642 at = 0;
3643 break;
3644 case OPT_MODE_IOMAP16:
3645 at &= 0xf;
3646 break;
3647 case OPT_MODE_IOMAP1:
3648 if ((at & ~0xf) == 0x3f0)
3649 at -= 0x3e8;
3650 else if ((at & ~0xf) == 0x1f0)
3651 at -= 0x1f0;
3652 break;
3653 case OPT_MODE_IOMAP2:
3654 if ((at & ~0xf) == 0x370)
3655 at -= 0x368;
3656 else if ((at & ~0xf) == 0x170)
3657 at -= 0x170;
3658 }
3659
3660 switch (at) {
3661 case 0x0: /* Even RD Data */
3662 case 0x8:
3663 return ide_data_readw(s->ide, 0);
3664
3665 /* TODO: 8-bit accesses */
3666 if (s->cycle)
3667 ret = s->io >> 8;
3668 else {
3669 s->io = ide_data_readw(s->ide, 0);
3670 ret = s->io & 0xff;
3671 }
3672 s->cycle = !s->cycle;
3673 return ret;
3674 case 0x9: /* Odd RD Data */
3675 return s->io >> 8;
3676 case 0xd: /* Error */
3677 return ide_ioport_read(s->ide, 0x1);
3678 case 0xe: /* Alternate Status */
3679 if (s->ide->cur_drive->bs)
3680 return s->ide->cur_drive->status;
3681 else
3682 return 0;
3683 case 0xf: /* Device Address */
3684 return 0xc2 | ((~s->ide->select << 2) & 0x3c);
3685 default:
3686 return ide_ioport_read(s->ide, at);
3687 }
3688
3689 return 0;
3690}
3691
9e315fa9 3692static void md_common_write(void *opaque, uint32_t at, uint16_t value)
201a51fc
AZ		 3693{
3694 struct md_s *s = (struct md_s *) opaque;
3695 at -= s->io_base;
3696
3697 switch (s->opt & OPT_MODE) {
3698 case OPT_MODE_MMAP:
3699 if ((at & ~0x3ff) == 0x400)
3700 at = 0;
3701 break;
3702 case OPT_MODE_IOMAP16:
3703 at &= 0xf;
3704 break;
3705 case OPT_MODE_IOMAP1:
3706 if ((at & ~0xf) == 0x3f0)
3707 at -= 0x3e8;
3708 else if ((at & ~0xf) == 0x1f0)
3709 at -= 0x1f0;
3710 break;
3711 case OPT_MODE_IOMAP2:
3712 if ((at & ~0xf) == 0x370)
3713 at -= 0x368;
3714 else if ((at & ~0xf) == 0x170)
3715 at -= 0x170;
3716 }
3717
3718 switch (at) {
3719 case 0x0: /* Even WR Data */
3720 case 0x8:
3721 ide_data_writew(s->ide, 0, value);
3722 break;
3723
3724 /* TODO: 8-bit accesses */
3725 if (s->cycle)
3726 ide_data_writew(s->ide, 0, s->io | (value << 8));
3727 else
3728 s->io = value & 0xff;
3729 s->cycle = !s->cycle;
3730 break;
3731 case 0x9:
3732 s->io = value & 0xff;
3733 s->cycle = !s->cycle;
3734 break;
3735 case 0xd: /* Features */
3736 ide_ioport_write(s->ide, 0x1, value);
3737 break;
3738 case 0xe: /* Device Control */
3739 s->ctrl = value;
3740 if (value & CTRL_SRST)
3741 md_reset(s);
3742 md_interrupt_update(s);
3743 break;
3744 default:
3745 if (s->stat & STAT_PWRDWN) {
3746 s->pins |= PINS_CRDY;
3747 s->stat &= ~STAT_PWRDWN;
3748 }
3749 ide_ioport_write(s->ide, at, value);
3750 }
3751}
3752
aa941b94
AZ		 3753static void md_save(QEMUFile *f, void *opaque)
3754{
3755 struct md_s *s = (struct md_s *) opaque;
3756 int i;
3757 uint8_t drive1_selected;
3758
3759 qemu_put_8s(f, &s->opt);
3760 qemu_put_8s(f, &s->stat);
3761 qemu_put_8s(f, &s->pins);
3762
3763 qemu_put_8s(f, &s->ctrl);
3764 qemu_put_be16s(f, &s->io);
3765 qemu_put_byte(f, s->cycle);
3766
3767 drive1_selected = (s->ide->cur_drive != s->ide);
3768 qemu_put_8s(f, &s->ide->cmd);
3769 qemu_put_8s(f, &drive1_selected);
3770
3771 for (i = 0; i < 2; i ++)
3772 ide_save(f, &s->ide[i]);
3773}
3774
3775static int md_load(QEMUFile *f, void *opaque, int version_id)
3776{
3777 struct md_s *s = (struct md_s *) opaque;
3778 int i;
3779 uint8_t drive1_selected;
3780
3781 qemu_get_8s(f, &s->opt);
3782 qemu_get_8s(f, &s->stat);
3783 qemu_get_8s(f, &s->pins);
3784
3785 qemu_get_8s(f, &s->ctrl);
3786 qemu_get_be16s(f, &s->io);
3787 s->cycle = qemu_get_byte(f);
3788
3789 qemu_get_8s(f, &s->ide->cmd);
3790 qemu_get_8s(f, &drive1_selected);
3791 s->ide->cur_drive = &s->ide[(drive1_selected != 0)];
3792
3793 for (i = 0; i < 2; i ++)
3794 ide_load(f, &s->ide[i]);
3795
3796 return 0;
3797}
3798
201a51fc
AZ		 3799static const uint8_t dscm1xxxx_cis[0x14a] = {
3800 [0x000] = CISTPL_DEVICE, /* 5V Device Information */
3801 [0x002] = 0x03, /* Tuple length = 4 bytes */
3802 [0x004] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3803 [0x006] = 0x01, /* Size = 2K bytes */
3804 [0x008] = CISTPL_ENDMARK,
3805
3806 [0x00a] = CISTPL_DEVICE_OC, /* Additional Device Information */
3807 [0x00c] = 0x04, /* Tuple length = 4 byest */
3808 [0x00e] = 0x03, /* Conditions: Ext = 0, Vcc 3.3V, MWAIT = 1 */
3809 [0x010] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3810 [0x012] = 0x01, /* Size = 2K bytes */
3811 [0x014] = CISTPL_ENDMARK,
3812
3813 [0x016] = CISTPL_JEDEC_C, /* JEDEC ID */
3814 [0x018] = 0x02, /* Tuple length = 2 bytes */
3815 [0x01a] = 0xdf, /* PC Card ATA with no Vpp required */
3816 [0x01c] = 0x01,
3817
3818 [0x01e] = CISTPL_MANFID, /* Manufacture ID */
3819 [0x020] = 0x04, /* Tuple length = 4 bytes */
3820 [0x022] = 0xa4, /* TPLMID_MANF = 00a4 (IBM) */
3821 [0x024] = 0x00,
3822 [0x026] = 0x00, /* PLMID_CARD = 0000 */
3823 [0x028] = 0x00,
3824
3825 [0x02a] = CISTPL_VERS_1, /* Level 1 Version */
3826 [0x02c] = 0x12, /* Tuple length = 23 bytes */
3827 [0x02e] = 0x04, /* Major Version = JEIDA 4.2 / PCMCIA 2.1 */
3828 [0x030] = 0x01, /* Minor Version = 1 */
3829 [0x032] = 'I',
3830 [0x034] = 'B',
3831 [0x036] = 'M',
3832 [0x038] = 0x00,
3833 [0x03a] = 'm',
3834 [0x03c] = 'i',
3835 [0x03e] = 'c',
3836 [0x040] = 'r',
3837 [0x042] = 'o',
3838 [0x044] = 'd',
3839 [0x046] = 'r',
3840 [0x048] = 'i',
3841 [0x04a] = 'v',
3842 [0x04c] = 'e',
3843 [0x04e] = 0x00,
3844 [0x050] = CISTPL_ENDMARK,
3845
3846 [0x052] = CISTPL_FUNCID, /* Function ID */
3847 [0x054] = 0x02, /* Tuple length = 2 bytes */
3848 [0x056] = 0x04, /* TPLFID_FUNCTION = Fixed Disk */
3849 [0x058] = 0x01, /* TPLFID_SYSINIT: POST = 1, ROM = 0 */
3850
3851 [0x05a] = CISTPL_FUNCE, /* Function Extension */
3852 [0x05c] = 0x02, /* Tuple length = 2 bytes */
3853 [0x05e] = 0x01, /* TPLFE_TYPE = Disk Device Interface */
3854 [0x060] = 0x01, /* TPLFE_DATA = PC Card ATA Interface */
3855
3856 [0x062] = CISTPL_FUNCE, /* Function Extension */
3857 [0x064] = 0x03, /* Tuple length = 3 bytes */
3858 [0x066] = 0x02, /* TPLFE_TYPE = Basic PC Card ATA Interface */
3859 [0x068] = 0x08, /* TPLFE_DATA: Rotating, Unique, Single */
3860 [0x06a] = 0x0f, /* TPLFE_DATA: Sleep, Standby, Idle, Auto */
3861
3862 [0x06c] = CISTPL_CONFIG, /* Configuration */
3863 [0x06e] = 0x05, /* Tuple length = 5 bytes */
3864 [0x070] = 0x01, /* TPCC_RASZ = 2 bytes, TPCC_RMSZ = 1 byte */
3865 [0x072] = 0x07, /* TPCC_LAST = 7 */
3866 [0x074] = 0x00, /* TPCC_RADR = 0200 */
3867 [0x076] = 0x02,
3868 [0x078] = 0x0f, /* TPCC_RMSK = 200, 202, 204, 206 */
3869
3870 [0x07a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3871 [0x07c] = 0x0b, /* Tuple length = 11 bytes */
3872 [0x07e] = 0xc0, /* TPCE_INDX = Memory Mode, Default, Iface */
3873 [0x080] = 0xc0, /* TPCE_IF = Memory, no BVDs, no WP, READY */
3874 [0x082] = 0xa1, /* TPCE_FS = Vcc only, no I/O, Memory, Misc */
3875 [0x084] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3876 [0x086] = 0x55, /* NomV: 5.0 V */
3877 [0x088] = 0x4d, /* MinV: 4.5 V */
3878 [0x08a] = 0x5d, /* MaxV: 5.5 V */
3879 [0x08c] = 0x4e, /* Peakl: 450 mA */
3880 [0x08e] = 0x08, /* TPCE_MS = 1 window, 1 byte, Host address */
3881 [0x090] = 0x00, /* Window descriptor: Window length = 0 */
3882 [0x092] = 0x20, /* TPCE_MI: support power down mode, RW */
3883
3884 [0x094] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3885 [0x096] = 0x06, /* Tuple length = 6 bytes */
3886 [0x098] = 0x00, /* TPCE_INDX = Memory Mode, no Default */
3887 [0x09a] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3888 [0x09c] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3889 [0x09e] = 0xb5, /* NomV: 3.3 V */
3890 [0x0a0] = 0x1e,
3891 [0x0a2] = 0x3e, /* Peakl: 350 mA */
3892
3893 [0x0a4] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3894 [0x0a6] = 0x0d, /* Tuple length = 13 bytes */
3895 [0x0a8] = 0xc1, /* TPCE_INDX = I/O and Memory Mode, Default */
3896 [0x0aa] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3897 [0x0ac] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3898 [0x0ae] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3899 [0x0b0] = 0x55, /* NomV: 5.0 V */
3900 [0x0b2] = 0x4d, /* MinV: 4.5 V */
3901 [0x0b4] = 0x5d, /* MaxV: 5.5 V */
3902 [0x0b6] = 0x4e, /* Peakl: 450 mA */
3903 [0x0b8] = 0x64, /* TPCE_IO = 16-byte boundary, 16/8 accesses */
3904 [0x0ba] = 0xf0, /* TPCE_IR = MASK, Level, Pulse, Share */
3905 [0x0bc] = 0xff, /* IRQ0..IRQ7 supported */
3906 [0x0be] = 0xff, /* IRQ8..IRQ15 supported */
3907 [0x0c0] = 0x20, /* TPCE_MI = support power down mode */
3908
3909 [0x0c2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3910 [0x0c4] = 0x06, /* Tuple length = 6 bytes */
3911 [0x0c6] = 0x01, /* TPCE_INDX = I/O and Memory Mode */
3912 [0x0c8] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3913 [0x0ca] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3914 [0x0cc] = 0xb5, /* NomV: 3.3 V */
3915 [0x0ce] = 0x1e,
3916 [0x0d0] = 0x3e, /* Peakl: 350 mA */
3917
3918 [0x0d2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3919 [0x0d4] = 0x12, /* Tuple length = 18 bytes */
3920 [0x0d6] = 0xc2, /* TPCE_INDX = I/O Primary Mode */
3921 [0x0d8] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3922 [0x0da] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3923 [0x0dc] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3924 [0x0de] = 0x55, /* NomV: 5.0 V */
3925 [0x0e0] = 0x4d, /* MinV: 4.5 V */
3926 [0x0e2] = 0x5d, /* MaxV: 5.5 V */
3927 [0x0e4] = 0x4e, /* Peakl: 450 mA */
3928 [0x0e6] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3929 [0x0e8] = 0x61, /* Range: 2 fields, 2 bytes addr, 1 byte len */
3930 [0x0ea] = 0xf0, /* Field 1 address = 0x01f0 */
3931 [0x0ec] = 0x01,
3932 [0x0ee] = 0x07, /* Address block length = 8 */
3933 [0x0f0] = 0xf6, /* Field 2 address = 0x03f6 */
3934 [0x0f2] = 0x03,
3935 [0x0f4] = 0x01, /* Address block length = 2 */
3936 [0x0f6] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3937 [0x0f8] = 0x20, /* TPCE_MI = support power down mode */
3938
3939 [0x0fa] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3940 [0x0fc] = 0x06, /* Tuple length = 6 bytes */
3941 [0x0fe] = 0x02, /* TPCE_INDX = I/O Primary Mode, no Default */
3942 [0x100] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3943 [0x102] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3944 [0x104] = 0xb5, /* NomV: 3.3 V */
3945 [0x106] = 0x1e,
3946 [0x108] = 0x3e, /* Peakl: 350 mA */
3947
3948 [0x10a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3949 [0x10c] = 0x12, /* Tuple length = 18 bytes */
3950 [0x10e] = 0xc3, /* TPCE_INDX = I/O Secondary Mode, Default */
3951 [0x110] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3952 [0x112] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3953 [0x114] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3954 [0x116] = 0x55, /* NomV: 5.0 V */
3955 [0x118] = 0x4d, /* MinV: 4.5 V */
3956 [0x11a] = 0x5d, /* MaxV: 5.5 V */
3957 [0x11c] = 0x4e, /* Peakl: 450 mA */
3958 [0x11e] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3959 [0x120] = 0x61, /* Range: 2 fields, 2 byte addr, 1 byte len */
3960 [0x122] = 0x70, /* Field 1 address = 0x0170 */
3961 [0x124] = 0x01,
3962 [0x126] = 0x07, /* Address block length = 8 */
3963 [0x128] = 0x76, /* Field 2 address = 0x0376 */
3964 [0x12a] = 0x03,
3965 [0x12c] = 0x01, /* Address block length = 2 */
3966 [0x12e] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3967 [0x130] = 0x20, /* TPCE_MI = support power down mode */
3968
3969 [0x132] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3970 [0x134] = 0x06, /* Tuple length = 6 bytes */
3971 [0x136] = 0x03, /* TPCE_INDX = I/O Secondary Mode */
3972 [0x138] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3973 [0x13a] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3974 [0x13c] = 0xb5, /* NomV: 3.3 V */
3975 [0x13e] = 0x1e,
3976 [0x140] = 0x3e, /* Peakl: 350 mA */
3977
3978 [0x142] = CISTPL_NO_LINK, /* No Link */
3979 [0x144] = 0x00, /* Tuple length = 0 bytes */
3980
3981 [0x146] = CISTPL_END, /* Tuple End */
3982};
3983
3984static int dscm1xxxx_attach(void *opaque)
3985{
3986 struct md_s *md = (struct md_s *) opaque;
3987 md->card.attr_read = md_attr_read;
3988 md->card.attr_write = md_attr_write;
3989 md->card.common_read = md_common_read;
3990 md->card.common_write = md_common_write;
3991 md->card.io_read = md_common_read;
3992 md->card.io_write = md_common_write;
3993
3994 md->attr_base = md->card.cis[0x74] | (md->card.cis[0x76] << 8);
3995 md->io_base = 0x0;
3996
3997 md_reset(md);
3998 md_interrupt_update(md);
3999
4000 md->card.slot->card_string = "DSCM-1xxxx Hitachi Microdrive";
4001 return 0;
4002}
4003
4004static int dscm1xxxx_detach(void *opaque)
4005{
4006 struct md_s *md = (struct md_s *) opaque;
4007 md_reset(md);
4008 return 0;
4009}
4010
4011struct pcmcia_card_s *dscm1xxxx_init(BlockDriverState *bdrv)
4012{
4013 struct md_s *md = (struct md_s *) qemu_mallocz(sizeof(struct md_s));
4014 md->card.state = md;
4015 md->card.attach = dscm1xxxx_attach;
4016 md->card.detach = dscm1xxxx_detach;
4017 md->card.cis = dscm1xxxx_cis;
4018 md->card.cis_len = sizeof(dscm1xxxx_cis);
4019
4020 ide_init2(md->ide, bdrv, 0, qemu_allocate_irqs(md_set_irq, md, 1)[0]);
4021 md->ide->is_cf = 1;
4022 md->ide->mdata_size = METADATA_SIZE;
4023 md->ide->mdata_storage = (uint8_t *) qemu_mallocz(METADATA_SIZE);
aa941b94 4024
18be5187 4025 register_savevm("microdrive", -1, 0, md_save, md_load, md);
aa941b94 4026
201a51fc
AZ		 4027 return &md->card;
4028}
Qemu copy for testing