]> git.proxmox.com Git - qemu.git/blame_incremental - hw/ide/core.c
projects / qemu.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
ide: Make ide_init_drive() return success
[qemu.git] / hw / ide / core.c
... / ...
CommitLineData
1/*
2 * QEMU IDE disk and CD/DVD-ROM Emulator
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
25#include <hw/hw.h>
26#include <hw/pc.h>
27#include <hw/pci.h>
28#include <hw/scsi.h>
29#include "qemu-error.h"
30#include "qemu-timer.h"
31#include "sysemu.h"
32#include "dma.h"
33
34#include <hw/ide/internal.h>
35
36#define IDE_PAGE_SIZE 4096
37
38static const int smart_attributes[][5] = {
39 /* id, flags, val, wrst, thrsh */
40 { 0x01, 0x03, 0x64, 0x64, 0x06}, /* raw read */
41 { 0x03, 0x03, 0x64, 0x64, 0x46}, /* spin up */
42 { 0x04, 0x02, 0x64, 0x64, 0x14}, /* start stop count */
43 { 0x05, 0x03, 0x64, 0x64, 0x36}, /* remapped sectors */
44 { 0x00, 0x00, 0x00, 0x00, 0x00}
45};
46
47/* XXX: DVDs that could fit on a CD will be reported as a CD */
48static inline int media_present(IDEState *s)
49{
50 return (s->nb_sectors > 0);
51}
52
53static inline int media_is_dvd(IDEState *s)
54{
55 return (media_present(s) && s->nb_sectors > CD_MAX_SECTORS);
56}
57
58static inline int media_is_cd(IDEState *s)
59{
60 return (media_present(s) && s->nb_sectors <= CD_MAX_SECTORS);
61}
62
63static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb);
64static void ide_dma_restart(IDEState *s, int is_read);
65static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
66static int ide_handle_rw_error(IDEState *s, int error, int op);
67
68static void padstr(char *str, const char *src, int len)
69{
70 int i, v;
71 for(i = 0; i < len; i++) {
72 if (*src)
73 v = *src++;
74 else
75 v = ' ';
76 str[i^1] = v;
77 }
78}
79
80static void padstr8(uint8_t *buf, int buf_size, const char *src)
81{
82 int i;
83 for(i = 0; i < buf_size; i++) {
84 if (*src)
85 buf[i] = *src++;
86 else
87 buf[i] = ' ';
88 }
89}
90
91static void put_le16(uint16_t *p, unsigned int v)
92{
93 *p = cpu_to_le16(v);
94}
95
96static void ide_identify(IDEState *s)
97{
98 uint16_t *p;
99 unsigned int oldsize;
100 IDEDevice *dev;
101
102 if (s->identify_set) {
103 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
104 return;
105 }
106
107 memset(s->io_buffer, 0, 512);
108 p = (uint16_t *)s->io_buffer;
109 put_le16(p + 0, 0x0040);
110 put_le16(p + 1, s->cylinders);
111 put_le16(p + 3, s->heads);
112 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
113 put_le16(p + 5, 512); /* XXX: retired, remove ? */
114 put_le16(p + 6, s->sectors);
115 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
116 put_le16(p + 20, 3); /* XXX: retired, remove ? */
117 put_le16(p + 21, 512); /* cache size in sectors */
118 put_le16(p + 22, 4); /* ecc bytes */
119 padstr((char *)(p + 23), s->version, 8); /* firmware version */
120 padstr((char *)(p + 27), "QEMU HARDDISK", 40); /* model */
121#if MAX_MULT_SECTORS > 1
122 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
123#endif
124 put_le16(p + 48, 1); /* dword I/O */
125 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
126 put_le16(p + 51, 0x200); /* PIO transfer cycle */
127 put_le16(p + 52, 0x200); /* DMA transfer cycle */
128 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
129 put_le16(p + 54, s->cylinders);
130 put_le16(p + 55, s->heads);
131 put_le16(p + 56, s->sectors);
132 oldsize = s->cylinders * s->heads * s->sectors;
133 put_le16(p + 57, oldsize);
134 put_le16(p + 58, oldsize >> 16);
135 if (s->mult_sectors)
136 put_le16(p + 59, 0x100 | s->mult_sectors);
137 put_le16(p + 60, s->nb_sectors);
138 put_le16(p + 61, s->nb_sectors >> 16);
139 put_le16(p + 62, 0x07); /* single word dma0-2 supported */
140 put_le16(p + 63, 0x07); /* mdma0-2 supported */
141 put_le16(p + 65, 120);
142 put_le16(p + 66, 120);
143 put_le16(p + 67, 120);
144 put_le16(p + 68, 120);
145 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
146 put_le16(p + 81, 0x16); /* conforms to ata5 */
147 /* 14=NOP supported, 0=SMART supported */
148 put_le16(p + 82, (1 << 14) | 1);
149 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
150 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
151 /* 14=set to 1, 1=SMART self test, 0=SMART error logging */
152 put_le16(p + 84, (1 << 14) | 0);
153 /* 14 = NOP supported, 5=WCACHE enabled, 0=SMART feature set enabled */
154 if (bdrv_enable_write_cache(s->bs))
155 put_le16(p + 85, (1 << 14) | (1 << 5) | 1);
156 else
157 put_le16(p + 85, (1 << 14) | 1);
158 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
159 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
160 /* 14=set to 1, 1=smart self test, 0=smart error logging */
161 put_le16(p + 87, (1 << 14) | 0);
162 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
163 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
164 put_le16(p + 100, s->nb_sectors);
165 put_le16(p + 101, s->nb_sectors >> 16);
166 put_le16(p + 102, s->nb_sectors >> 32);
167 put_le16(p + 103, s->nb_sectors >> 48);
168 dev = s->unit ? s->bus->slave : s->bus->master;
169 if (dev && dev->conf.physical_block_size)
170 put_le16(p + 106, 0x6000 | get_physical_block_exp(&dev->conf));
171
172 memcpy(s->identify_data, p, sizeof(s->identify_data));
173 s->identify_set = 1;
174}
175
176static void ide_atapi_identify(IDEState *s)
177{
178 uint16_t *p;
179
180 if (s->identify_set) {
181 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
182 return;
183 }
184
185 memset(s->io_buffer, 0, 512);
186 p = (uint16_t *)s->io_buffer;
187 /* Removable CDROM, 50us response, 12 byte packets */
188 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
189 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
190 put_le16(p + 20, 3); /* buffer type */
191 put_le16(p + 21, 512); /* cache size in sectors */
192 put_le16(p + 22, 4); /* ecc bytes */
193 padstr((char *)(p + 23), s->version, 8); /* firmware version */
194 padstr((char *)(p + 27), "QEMU DVD-ROM", 40); /* model */
195 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
196#ifdef USE_DMA_CDROM
197 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
198 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
199 put_le16(p + 62, 7); /* single word dma0-2 supported */
200 put_le16(p + 63, 7); /* mdma0-2 supported */
201 put_le16(p + 64, 0x3f); /* PIO modes supported */
202#else
203 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
204 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
205 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
206 put_le16(p + 64, 1); /* PIO modes */
207#endif
208 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
209 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
210 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
211 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
212
213 put_le16(p + 71, 30); /* in ns */
214 put_le16(p + 72, 30); /* in ns */
215
216 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
217#ifdef USE_DMA_CDROM
218 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
219#endif
220 memcpy(s->identify_data, p, sizeof(s->identify_data));
221 s->identify_set = 1;
222}
223
224static void ide_cfata_identify(IDEState *s)
225{
226 uint16_t *p;
227 uint32_t cur_sec;
228
229 p = (uint16_t *) s->identify_data;
230 if (s->identify_set)
231 goto fill_buffer;
232
233 memset(p, 0, sizeof(s->identify_data));
234
235 cur_sec = s->cylinders * s->heads * s->sectors;
236
237 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
238 put_le16(p + 1, s->cylinders); /* Default cylinders */
239 put_le16(p + 3, s->heads); /* Default heads */
240 put_le16(p + 6, s->sectors); /* Default sectors per track */
241 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
242 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
243 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
244 put_le16(p + 22, 0x0004); /* ECC bytes */
245 padstr((char *) (p + 23), s->version, 8); /* Firmware Revision */
246 padstr((char *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */
247#if MAX_MULT_SECTORS > 1
248 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
249#else
250 put_le16(p + 47, 0x0000);
251#endif
252 put_le16(p + 49, 0x0f00); /* Capabilities */
253 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
254 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
255 put_le16(p + 53, 0x0003); /* Translation params valid */
256 put_le16(p + 54, s->cylinders); /* Current cylinders */
257 put_le16(p + 55, s->heads); /* Current heads */
258 put_le16(p + 56, s->sectors); /* Current sectors */
259 put_le16(p + 57, cur_sec); /* Current capacity */
260 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
261 if (s->mult_sectors) /* Multiple sector setting */
262 put_le16(p + 59, 0x100 | s->mult_sectors);
263 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
264 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
265 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
266 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
267 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
268 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
269 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
270 put_le16(p + 82, 0x400c); /* Command Set supported */
271 put_le16(p + 83, 0x7068); /* Command Set supported */
272 put_le16(p + 84, 0x4000); /* Features supported */
273 put_le16(p + 85, 0x000c); /* Command Set enabled */
274 put_le16(p + 86, 0x7044); /* Command Set enabled */
275 put_le16(p + 87, 0x4000); /* Features enabled */
276 put_le16(p + 91, 0x4060); /* Current APM level */
277 put_le16(p + 129, 0x0002); /* Current features option */
278 put_le16(p + 130, 0x0005); /* Reassigned sectors */
279 put_le16(p + 131, 0x0001); /* Initial power mode */
280 put_le16(p + 132, 0x0000); /* User signature */
281 put_le16(p + 160, 0x8100); /* Power requirement */
282 put_le16(p + 161, 0x8001); /* CF command set */
283
284 s->identify_set = 1;
285
286fill_buffer:
287 memcpy(s->io_buffer, p, sizeof(s->identify_data));
288}
289
290static void ide_set_signature(IDEState *s)
291{
292 s->select &= 0xf0; /* clear head */
293 /* put signature */
294 s->nsector = 1;
295 s->sector = 1;
296 if (s->drive_kind == IDE_CD) {
297 s->lcyl = 0x14;
298 s->hcyl = 0xeb;
299 } else if (s->bs) {
300 s->lcyl = 0;
301 s->hcyl = 0;
302 } else {
303 s->lcyl = 0xff;
304 s->hcyl = 0xff;
305 }
306}
307
308static inline void ide_abort_command(IDEState *s)
309{
310 s->status = READY_STAT | ERR_STAT;
311 s->error = ABRT_ERR;
312}
313
314static inline void ide_dma_submit_check(IDEState *s,
315 BlockDriverCompletionFunc *dma_cb, BMDMAState *bm)
316{
317 if (bm->aiocb)
318 return;
319 dma_cb(bm, -1);
320}
321
322/* prepare data transfer and tell what to do after */
323static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
324 EndTransferFunc *end_transfer_func)
325{
326 s->end_transfer_func = end_transfer_func;
327 s->data_ptr = buf;
328 s->data_end = buf + size;
329 if (!(s->status & ERR_STAT))
330 s->status |= DRQ_STAT;
331}
332
333static void ide_transfer_stop(IDEState *s)
334{
335 s->end_transfer_func = ide_transfer_stop;
336 s->data_ptr = s->io_buffer;
337 s->data_end = s->io_buffer;
338 s->status &= ~DRQ_STAT;
339}
340
341int64_t ide_get_sector(IDEState *s)
342{
343 int64_t sector_num;
344 if (s->select & 0x40) {
345 /* lba */
346 if (!s->lba48) {
347 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
348 (s->lcyl << 8) | s->sector;
349 } else {
350 sector_num = ((int64_t)s->hob_hcyl << 40) |
351 ((int64_t) s->hob_lcyl << 32) |
352 ((int64_t) s->hob_sector << 24) |
353 ((int64_t) s->hcyl << 16) |
354 ((int64_t) s->lcyl << 8) | s->sector;
355 }
356 } else {
357 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
358 (s->select & 0x0f) * s->sectors + (s->sector - 1);
359 }
360 return sector_num;
361}
362
363void ide_set_sector(IDEState *s, int64_t sector_num)
364{
365 unsigned int cyl, r;
366 if (s->select & 0x40) {
367 if (!s->lba48) {
368 s->select = (s->select & 0xf0) | (sector_num >> 24);
369 s->hcyl = (sector_num >> 16);
370 s->lcyl = (sector_num >> 8);
371 s->sector = (sector_num);
372 } else {
373 s->sector = sector_num;
374 s->lcyl = sector_num >> 8;
375 s->hcyl = sector_num >> 16;
376 s->hob_sector = sector_num >> 24;
377 s->hob_lcyl = sector_num >> 32;
378 s->hob_hcyl = sector_num >> 40;
379 }
380 } else {
381 cyl = sector_num / (s->heads * s->sectors);
382 r = sector_num % (s->heads * s->sectors);
383 s->hcyl = cyl >> 8;
384 s->lcyl = cyl;
385 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
386 s->sector = (r % s->sectors) + 1;
387 }
388}
389
390static void ide_rw_error(IDEState *s) {
391 ide_abort_command(s);
392 ide_set_irq(s->bus);
393}
394
395static void ide_sector_read(IDEState *s)
396{
397 int64_t sector_num;
398 int ret, n;
399
400 s->status = READY_STAT | SEEK_STAT;
401 s->error = 0; /* not needed by IDE spec, but needed by Windows */
402 sector_num = ide_get_sector(s);
403 n = s->nsector;
404 if (n == 0) {
405 /* no more sector to read from disk */
406 ide_transfer_stop(s);
407 } else {
408#if defined(DEBUG_IDE)
409 printf("read sector=%" PRId64 "\n", sector_num);
410#endif
411 if (n > s->req_nb_sectors)
412 n = s->req_nb_sectors;
413 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
414 if (ret != 0) {
415 if (ide_handle_rw_error(s, -ret,
416 BM_STATUS_PIO_RETRY | BM_STATUS_RETRY_READ))
417 {
418 return;
419 }
420 }
421 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
422 ide_set_irq(s->bus);
423 ide_set_sector(s, sector_num + n);
424 s->nsector -= n;
425 }
426}
427
428
429/* return 0 if buffer completed */
430static int dma_buf_prepare(BMDMAState *bm, int is_write)
431{
432 IDEState *s = bmdma_active_if(bm);
433 struct {
434 uint32_t addr;
435 uint32_t size;
436 } prd;
437 int l, len;
438
439 qemu_sglist_init(&s->sg, s->nsector / (IDE_PAGE_SIZE / 512) + 1);
440 s->io_buffer_size = 0;
441 for(;;) {
442 if (bm->cur_prd_len == 0) {
443 /* end of table (with a fail safe of one page) */
444 if (bm->cur_prd_last ||
445 (bm->cur_addr - bm->addr) >= IDE_PAGE_SIZE)
446 return s->io_buffer_size != 0;
447 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
448 bm->cur_addr += 8;
449 prd.addr = le32_to_cpu(prd.addr);
450 prd.size = le32_to_cpu(prd.size);
451 len = prd.size & 0xfffe;
452 if (len == 0)
453 len = 0x10000;
454 bm->cur_prd_len = len;
455 bm->cur_prd_addr = prd.addr;
456 bm->cur_prd_last = (prd.size & 0x80000000);
457 }
458 l = bm->cur_prd_len;
459 if (l > 0) {
460 qemu_sglist_add(&s->sg, bm->cur_prd_addr, l);
461 bm->cur_prd_addr += l;
462 bm->cur_prd_len -= l;
463 s->io_buffer_size += l;
464 }
465 }
466 return 1;
467}
468
469static void dma_buf_commit(IDEState *s, int is_write)
470{
471 qemu_sglist_destroy(&s->sg);
472}
473
474void ide_dma_error(IDEState *s)
475{
476 ide_transfer_stop(s);
477 s->error = ABRT_ERR;
478 s->status = READY_STAT | ERR_STAT;
479 ide_set_irq(s->bus);
480}
481
482static int ide_handle_rw_error(IDEState *s, int error, int op)
483{
484 int is_read = (op & BM_STATUS_RETRY_READ);
485 BlockErrorAction action = bdrv_get_on_error(s->bs, is_read);
486
487 if (action == BLOCK_ERR_IGNORE) {
488 bdrv_mon_event(s->bs, BDRV_ACTION_IGNORE, is_read);
489 return 0;
490 }
491
492 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
493 || action == BLOCK_ERR_STOP_ANY) {
494 s->bus->bmdma->unit = s->unit;
495 s->bus->bmdma->status |= op;
496 bdrv_mon_event(s->bs, BDRV_ACTION_STOP, is_read);
497 vm_stop(0);
498 } else {
499 if (op & BM_STATUS_DMA_RETRY) {
500 dma_buf_commit(s, 0);
501 ide_dma_error(s);
502 } else {
503 ide_rw_error(s);
504 }
505 bdrv_mon_event(s->bs, BDRV_ACTION_REPORT, is_read);
506 }
507
508 return 1;
509}
510
511/* return 0 if buffer completed */
512static int dma_buf_rw(BMDMAState *bm, int is_write)
513{
514 IDEState *s = bmdma_active_if(bm);
515 struct {
516 uint32_t addr;
517 uint32_t size;
518 } prd;
519 int l, len;
520
521 for(;;) {
522 l = s->io_buffer_size - s->io_buffer_index;
523 if (l <= 0)
524 break;
525 if (bm->cur_prd_len == 0) {
526 /* end of table (with a fail safe of one page) */
527 if (bm->cur_prd_last ||
528 (bm->cur_addr - bm->addr) >= IDE_PAGE_SIZE)
529 return 0;
530 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
531 bm->cur_addr += 8;
532 prd.addr = le32_to_cpu(prd.addr);
533 prd.size = le32_to_cpu(prd.size);
534 len = prd.size & 0xfffe;
535 if (len == 0)
536 len = 0x10000;
537 bm->cur_prd_len = len;
538 bm->cur_prd_addr = prd.addr;
539 bm->cur_prd_last = (prd.size & 0x80000000);
540 }
541 if (l > bm->cur_prd_len)
542 l = bm->cur_prd_len;
543 if (l > 0) {
544 if (is_write) {
545 cpu_physical_memory_write(bm->cur_prd_addr,
546 s->io_buffer + s->io_buffer_index, l);
547 } else {
548 cpu_physical_memory_read(bm->cur_prd_addr,
549 s->io_buffer + s->io_buffer_index, l);
550 }
551 bm->cur_prd_addr += l;
552 bm->cur_prd_len -= l;
553 s->io_buffer_index += l;
554 }
555 }
556 return 1;
557}
558
559static void ide_read_dma_cb(void *opaque, int ret)
560{
561 BMDMAState *bm = opaque;
562 IDEState *s = bmdma_active_if(bm);
563 int n;
564 int64_t sector_num;
565
566 if (ret < 0) {
567 if (ide_handle_rw_error(s, -ret,
568 BM_STATUS_DMA_RETRY | BM_STATUS_RETRY_READ))
569 {
570 return;
571 }
572 }
573
574 n = s->io_buffer_size >> 9;
575 sector_num = ide_get_sector(s);
576 if (n > 0) {
577 dma_buf_commit(s, 1);
578 sector_num += n;
579 ide_set_sector(s, sector_num);
580 s->nsector -= n;
581 }
582
583 /* end of transfer ? */
584 if (s->nsector == 0) {
585 s->status = READY_STAT | SEEK_STAT;
586 ide_set_irq(s->bus);
587 eot:
588 bm->status &= ~BM_STATUS_DMAING;
589 bm->status |= BM_STATUS_INT;
590 bm->dma_cb = NULL;
591 bm->unit = -1;
592 bm->aiocb = NULL;
593 return;
594 }
595
596 /* launch next transfer */
597 n = s->nsector;
598 s->io_buffer_index = 0;
599 s->io_buffer_size = n * 512;
600 if (dma_buf_prepare(bm, 1) == 0)
601 goto eot;
602#ifdef DEBUG_AIO
603 printf("aio_read: sector_num=%" PRId64 " n=%d\n", sector_num, n);
604#endif
605 bm->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num, ide_read_dma_cb, bm);
606 ide_dma_submit_check(s, ide_read_dma_cb, bm);
607}
608
609static void ide_sector_read_dma(IDEState *s)
610{
611 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
612 s->io_buffer_index = 0;
613 s->io_buffer_size = 0;
614 s->is_read = 1;
615 ide_dma_start(s, ide_read_dma_cb);
616}
617
618static void ide_sector_write_timer_cb(void *opaque)
619{
620 IDEState *s = opaque;
621 ide_set_irq(s->bus);
622}
623
624static void ide_sector_write(IDEState *s)
625{
626 int64_t sector_num;
627 int ret, n, n1;
628
629 s->status = READY_STAT | SEEK_STAT;
630 sector_num = ide_get_sector(s);
631#if defined(DEBUG_IDE)
632 printf("write sector=%" PRId64 "\n", sector_num);
633#endif
634 n = s->nsector;
635 if (n > s->req_nb_sectors)
636 n = s->req_nb_sectors;
637 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
638
639 if (ret != 0) {
640 if (ide_handle_rw_error(s, -ret, BM_STATUS_PIO_RETRY))
641 return;
642 }
643
644 s->nsector -= n;
645 if (s->nsector == 0) {
646 /* no more sectors to write */
647 ide_transfer_stop(s);
648 } else {
649 n1 = s->nsector;
650 if (n1 > s->req_nb_sectors)
651 n1 = s->req_nb_sectors;
652 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
653 }
654 ide_set_sector(s, sector_num + n);
655
656 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
657 /* It seems there is a bug in the Windows 2000 installer HDD
658 IDE driver which fills the disk with empty logs when the
659 IDE write IRQ comes too early. This hack tries to correct
660 that at the expense of slower write performances. Use this
661 option _only_ to install Windows 2000. You must disable it
662 for normal use. */
663 qemu_mod_timer(s->sector_write_timer,
664 qemu_get_clock(vm_clock) + (get_ticks_per_sec() / 1000));
665 } else {
666 ide_set_irq(s->bus);
667 }
668}
669
670static void ide_dma_restart_bh(void *opaque)
671{
672 BMDMAState *bm = opaque;
673 int is_read;
674
675 qemu_bh_delete(bm->bh);
676 bm->bh = NULL;
677
678 is_read = !!(bm->status & BM_STATUS_RETRY_READ);
679
680 if (bm->status & BM_STATUS_DMA_RETRY) {
681 bm->status &= ~(BM_STATUS_DMA_RETRY | BM_STATUS_RETRY_READ);
682 ide_dma_restart(bmdma_active_if(bm), is_read);
683 } else if (bm->status & BM_STATUS_PIO_RETRY) {
684 bm->status &= ~(BM_STATUS_PIO_RETRY | BM_STATUS_RETRY_READ);
685 if (is_read) {
686 ide_sector_read(bmdma_active_if(bm));
687 } else {
688 ide_sector_write(bmdma_active_if(bm));
689 }
690 }
691}
692
693void ide_dma_restart_cb(void *opaque, int running, int reason)
694{
695 BMDMAState *bm = opaque;
696
697 if (!running)
698 return;
699
700 if (!bm->bh) {
701 bm->bh = qemu_bh_new(ide_dma_restart_bh, bm);
702 qemu_bh_schedule(bm->bh);
703 }
704}
705
706static void ide_write_dma_cb(void *opaque, int ret)
707{
708 BMDMAState *bm = opaque;
709 IDEState *s = bmdma_active_if(bm);
710 int n;
711 int64_t sector_num;
712
713 if (ret < 0) {
714 if (ide_handle_rw_error(s, -ret, BM_STATUS_DMA_RETRY))
715 return;
716 }
717
718 n = s->io_buffer_size >> 9;
719 sector_num = ide_get_sector(s);
720 if (n > 0) {
721 dma_buf_commit(s, 0);
722 sector_num += n;
723 ide_set_sector(s, sector_num);
724 s->nsector -= n;
725 }
726
727 /* end of transfer ? */
728 if (s->nsector == 0) {
729 s->status = READY_STAT | SEEK_STAT;
730 ide_set_irq(s->bus);
731 eot:
732 bm->status &= ~BM_STATUS_DMAING;
733 bm->status |= BM_STATUS_INT;
734 bm->dma_cb = NULL;
735 bm->unit = -1;
736 bm->aiocb = NULL;
737 return;
738 }
739
740 n = s->nsector;
741 s->io_buffer_size = n * 512;
742 /* launch next transfer */
743 if (dma_buf_prepare(bm, 0) == 0)
744 goto eot;
745#ifdef DEBUG_AIO
746 printf("aio_write: sector_num=%" PRId64 " n=%d\n", sector_num, n);
747#endif
748 bm->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num, ide_write_dma_cb, bm);
749 ide_dma_submit_check(s, ide_write_dma_cb, bm);
750}
751
752static void ide_sector_write_dma(IDEState *s)
753{
754 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
755 s->io_buffer_index = 0;
756 s->io_buffer_size = 0;
757 s->is_read = 0;
758 ide_dma_start(s, ide_write_dma_cb);
759}
760
761void ide_atapi_cmd_ok(IDEState *s)
762{
763 s->error = 0;
764 s->status = READY_STAT | SEEK_STAT;
765 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
766 ide_set_irq(s->bus);
767}
768
769void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
770{
771#ifdef DEBUG_IDE_ATAPI
772 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
773#endif
774 s->error = sense_key << 4;
775 s->status = READY_STAT | ERR_STAT;
776 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
777 s->sense_key = sense_key;
778 s->asc = asc;
779 ide_set_irq(s->bus);
780}
781
782static void ide_atapi_cmd_check_status(IDEState *s)
783{
784#ifdef DEBUG_IDE_ATAPI
785 printf("atapi_cmd_check_status\n");
786#endif
787 s->error = MC_ERR | (SENSE_UNIT_ATTENTION << 4);
788 s->status = ERR_STAT;
789 s->nsector = 0;
790 ide_set_irq(s->bus);
791}
792
793static void ide_flush_cb(void *opaque, int ret)
794{
795 IDEState *s = opaque;
796
797 /* XXX: how do we signal I/O errors here? */
798
799 s->status = READY_STAT | SEEK_STAT;
800 ide_set_irq(s->bus);
801}
802
803static inline void cpu_to_ube16(uint8_t *buf, int val)
804{
805 buf[0] = val >> 8;
806 buf[1] = val & 0xff;
807}
808
809static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
810{
811 buf[0] = val >> 24;
812 buf[1] = val >> 16;
813 buf[2] = val >> 8;
814 buf[3] = val & 0xff;
815}
816
817static inline int ube16_to_cpu(const uint8_t *buf)
818{
819 return (buf[0] << 8) | buf[1];
820}
821
822static inline int ube32_to_cpu(const uint8_t *buf)
823{
824 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
825}
826
827static void lba_to_msf(uint8_t *buf, int lba)
828{
829 lba += 150;
830 buf[0] = (lba / 75) / 60;
831 buf[1] = (lba / 75) % 60;
832 buf[2] = lba % 75;
833}
834
835static void cd_data_to_raw(uint8_t *buf, int lba)
836{
837 /* sync bytes */
838 buf[0] = 0x00;
839 memset(buf + 1, 0xff, 10);
840 buf[11] = 0x00;
841 buf += 12;
842 /* MSF */
843 lba_to_msf(buf, lba);
844 buf[3] = 0x01; /* mode 1 data */
845 buf += 4;
846 /* data */
847 buf += 2048;
848 /* XXX: ECC not computed */
849 memset(buf, 0, 288);
850}
851
852static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
853 int sector_size)
854{
855 int ret;
856
857 switch(sector_size) {
858 case 2048:
859 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
860 break;
861 case 2352:
862 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
863 if (ret < 0)
864 return ret;
865 cd_data_to_raw(buf, lba);
866 break;
867 default:
868 ret = -EIO;
869 break;
870 }
871 return ret;
872}
873
874void ide_atapi_io_error(IDEState *s, int ret)
875{
876 /* XXX: handle more errors */
877 if (ret == -ENOMEDIUM) {
878 ide_atapi_cmd_error(s, SENSE_NOT_READY,
879 ASC_MEDIUM_NOT_PRESENT);
880 } else {
881 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
882 ASC_LOGICAL_BLOCK_OOR);
883 }
884}
885
886/* The whole ATAPI transfer logic is handled in this function */
887static void ide_atapi_cmd_reply_end(IDEState *s)
888{
889 int byte_count_limit, size, ret;
890#ifdef DEBUG_IDE_ATAPI
891 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
892 s->packet_transfer_size,
893 s->elementary_transfer_size,
894 s->io_buffer_index);
895#endif
896 if (s->packet_transfer_size <= 0) {
897 /* end of transfer */
898 ide_transfer_stop(s);
899 s->status = READY_STAT | SEEK_STAT;
900 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
901 ide_set_irq(s->bus);
902#ifdef DEBUG_IDE_ATAPI
903 printf("status=0x%x\n", s->status);
904#endif
905 } else {
906 /* see if a new sector must be read */
907 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
908 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
909 if (ret < 0) {
910 ide_transfer_stop(s);
911 ide_atapi_io_error(s, ret);
912 return;
913 }
914 s->lba++;
915 s->io_buffer_index = 0;
916 }
917 if (s->elementary_transfer_size > 0) {
918 /* there are some data left to transmit in this elementary
919 transfer */
920 size = s->cd_sector_size - s->io_buffer_index;
921 if (size > s->elementary_transfer_size)
922 size = s->elementary_transfer_size;
923 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
924 size, ide_atapi_cmd_reply_end);
925 s->packet_transfer_size -= size;
926 s->elementary_transfer_size -= size;
927 s->io_buffer_index += size;
928 } else {
929 /* a new transfer is needed */
930 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
931 byte_count_limit = s->lcyl | (s->hcyl << 8);
932#ifdef DEBUG_IDE_ATAPI
933 printf("byte_count_limit=%d\n", byte_count_limit);
934#endif
935 if (byte_count_limit == 0xffff)
936 byte_count_limit--;
937 size = s->packet_transfer_size;
938 if (size > byte_count_limit) {
939 /* byte count limit must be even if this case */
940 if (byte_count_limit & 1)
941 byte_count_limit--;
942 size = byte_count_limit;
943 }
944 s->lcyl = size;
945 s->hcyl = size >> 8;
946 s->elementary_transfer_size = size;
947 /* we cannot transmit more than one sector at a time */
948 if (s->lba != -1) {
949 if (size > (s->cd_sector_size - s->io_buffer_index))
950 size = (s->cd_sector_size - s->io_buffer_index);
951 }
952 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
953 size, ide_atapi_cmd_reply_end);
954 s->packet_transfer_size -= size;
955 s->elementary_transfer_size -= size;
956 s->io_buffer_index += size;
957 ide_set_irq(s->bus);
958#ifdef DEBUG_IDE_ATAPI
959 printf("status=0x%x\n", s->status);
960#endif
961 }
962 }
963}
964
965/* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
966static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
967{
968 if (size > max_size)
969 size = max_size;
970 s->lba = -1; /* no sector read */
971 s->packet_transfer_size = size;
972 s->io_buffer_size = size; /* dma: send the reply data as one chunk */
973 s->elementary_transfer_size = 0;
974 s->io_buffer_index = 0;
975
976 if (s->atapi_dma) {
977 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
978 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
979 } else {
980 s->status = READY_STAT | SEEK_STAT;
981 ide_atapi_cmd_reply_end(s);
982 }
983}
984
985/* start a CD-CDROM read command */
986static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
987 int sector_size)
988{
989 s->lba = lba;
990 s->packet_transfer_size = nb_sectors * sector_size;
991 s->elementary_transfer_size = 0;
992 s->io_buffer_index = sector_size;
993 s->cd_sector_size = sector_size;
994
995 s->status = READY_STAT | SEEK_STAT;
996 ide_atapi_cmd_reply_end(s);
997}
998
999/* ATAPI DMA support */
1000
1001/* XXX: handle read errors */
1002static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
1003{
1004 BMDMAState *bm = opaque;
1005 IDEState *s = bmdma_active_if(bm);
1006 int data_offset, n;
1007
1008 if (ret < 0) {
1009 ide_atapi_io_error(s, ret);
1010 goto eot;
1011 }
1012
1013 if (s->io_buffer_size > 0) {
1014 /*
1015 * For a cdrom read sector command (s->lba != -1),
1016 * adjust the lba for the next s->io_buffer_size chunk
1017 * and dma the current chunk.
1018 * For a command != read (s->lba == -1), just transfer
1019 * the reply data.
1020 */
1021 if (s->lba != -1) {
1022 if (s->cd_sector_size == 2352) {
1023 n = 1;
1024 cd_data_to_raw(s->io_buffer, s->lba);
1025 } else {
1026 n = s->io_buffer_size >> 11;
1027 }
1028 s->lba += n;
1029 }
1030 s->packet_transfer_size -= s->io_buffer_size;
1031 if (dma_buf_rw(bm, 1) == 0)
1032 goto eot;
1033 }
1034
1035 if (s->packet_transfer_size <= 0) {
1036 s->status = READY_STAT | SEEK_STAT;
1037 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1038 ide_set_irq(s->bus);
1039 eot:
1040 bm->status &= ~BM_STATUS_DMAING;
1041 bm->status |= BM_STATUS_INT;
1042 bm->dma_cb = NULL;
1043 bm->unit = -1;
1044 bm->aiocb = NULL;
1045 return;
1046 }
1047
1048 s->io_buffer_index = 0;
1049 if (s->cd_sector_size == 2352) {
1050 n = 1;
1051 s->io_buffer_size = s->cd_sector_size;
1052 data_offset = 16;
1053 } else {
1054 n = s->packet_transfer_size >> 11;
1055 if (n > (IDE_DMA_BUF_SECTORS / 4))
1056 n = (IDE_DMA_BUF_SECTORS / 4);
1057 s->io_buffer_size = n * 2048;
1058 data_offset = 0;
1059 }
1060#ifdef DEBUG_AIO
1061 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
1062#endif
1063 bm->iov.iov_base = (void *)(s->io_buffer + data_offset);
1064 bm->iov.iov_len = n * 4 * 512;
1065 qemu_iovec_init_external(&bm->qiov, &bm->iov, 1);
1066 bm->aiocb = bdrv_aio_readv(s->bs, (int64_t)s->lba << 2, &bm->qiov,
1067 n * 4, ide_atapi_cmd_read_dma_cb, bm);
1068 if (!bm->aiocb) {
1069 /* Note: media not present is the most likely case */
1070 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1071 ASC_MEDIUM_NOT_PRESENT);
1072 goto eot;
1073 }
1074}
1075
1076/* start a CD-CDROM read command with DMA */
1077/* XXX: test if DMA is available */
1078static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1079 int sector_size)
1080{
1081 s->lba = lba;
1082 s->packet_transfer_size = nb_sectors * sector_size;
1083 s->io_buffer_index = 0;
1084 s->io_buffer_size = 0;
1085 s->cd_sector_size = sector_size;
1086
1087 /* XXX: check if BUSY_STAT should be set */
1088 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
1089 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1090}
1091
1092static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
1093 int sector_size)
1094{
1095#ifdef DEBUG_IDE_ATAPI
1096 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
1097 lba, nb_sectors);
1098#endif
1099 if (s->atapi_dma) {
1100 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1101 } else {
1102 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1103 }
1104}
1105
1106static inline uint8_t ide_atapi_set_profile(uint8_t *buf, uint8_t *index,
1107 uint16_t profile)
1108{
1109 uint8_t *buf_profile = buf + 12; /* start of profiles */
1110
1111 buf_profile += ((*index) * 4); /* start of indexed profile */
1112 cpu_to_ube16 (buf_profile, profile);
1113 buf_profile[2] = ((buf_profile[0] == buf[6]) && (buf_profile[1] == buf[7]));
1114
1115 /* each profile adds 4 bytes to the response */
1116 (*index)++;
1117 buf[11] += 4; /* Additional Length */
1118
1119 return 4;
1120}
1121
1122static int ide_dvd_read_structure(IDEState *s, int format,
1123 const uint8_t *packet, uint8_t *buf)
1124{
1125 switch (format) {
1126 case 0x0: /* Physical format information */
1127 {
1128 int layer = packet[6];
1129 uint64_t total_sectors;
1130
1131 if (layer != 0)
1132 return -ASC_INV_FIELD_IN_CMD_PACKET;
1133
1134 bdrv_get_geometry(s->bs, &total_sectors);
1135 total_sectors >>= 2;
1136 if (total_sectors == 0)
1137 return -ASC_MEDIUM_NOT_PRESENT;
1138
1139 buf[4] = 1; /* DVD-ROM, part version 1 */
1140 buf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
1141 buf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
1142 buf[7] = 0; /* default densities */
1143
1144 /* FIXME: 0x30000 per spec? */
1145 cpu_to_ube32(buf + 8, 0); /* start sector */
1146 cpu_to_ube32(buf + 12, total_sectors - 1); /* end sector */
1147 cpu_to_ube32(buf + 16, total_sectors - 1); /* l0 end sector */
1148
1149 /* Size of buffer, not including 2 byte size field */
1150 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1151
1152 /* 2k data + 4 byte header */
1153 return (2048 + 4);
1154 }
1155
1156 case 0x01: /* DVD copyright information */
1157 buf[4] = 0; /* no copyright data */
1158 buf[5] = 0; /* no region restrictions */
1159
1160 /* Size of buffer, not including 2 byte size field */
1161 cpu_to_be16wu((uint16_t *)buf, 4 + 2);
1162
1163 /* 4 byte header + 4 byte data */
1164 return (4 + 4);
1165
1166 case 0x03: /* BCA information - invalid field for no BCA info */
1167 return -ASC_INV_FIELD_IN_CMD_PACKET;
1168
1169 case 0x04: /* DVD disc manufacturing information */
1170 /* Size of buffer, not including 2 byte size field */
1171 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1172
1173 /* 2k data + 4 byte header */
1174 return (2048 + 4);
1175
1176 case 0xff:
1177 /*
1178 * This lists all the command capabilities above. Add new ones
1179 * in order and update the length and buffer return values.
1180 */
1181
1182 buf[4] = 0x00; /* Physical format */
1183 buf[5] = 0x40; /* Not writable, is readable */
1184 cpu_to_be16wu((uint16_t *)(buf + 6), 2048 + 4);
1185
1186 buf[8] = 0x01; /* Copyright info */
1187 buf[9] = 0x40; /* Not writable, is readable */
1188 cpu_to_be16wu((uint16_t *)(buf + 10), 4 + 4);
1189
1190 buf[12] = 0x03; /* BCA info */
1191 buf[13] = 0x40; /* Not writable, is readable */
1192 cpu_to_be16wu((uint16_t *)(buf + 14), 188 + 4);
1193
1194 buf[16] = 0x04; /* Manufacturing info */
1195 buf[17] = 0x40; /* Not writable, is readable */
1196 cpu_to_be16wu((uint16_t *)(buf + 18), 2048 + 4);
1197
1198 /* Size of buffer, not including 2 byte size field */
1199 cpu_to_be16wu((uint16_t *)buf, 16 + 2);
1200
1201 /* data written + 4 byte header */
1202 return (16 + 4);
1203
1204 default: /* TODO: formats beyond DVD-ROM requires */
1205 return -ASC_INV_FIELD_IN_CMD_PACKET;
1206 }
1207}
1208
1209static void ide_atapi_cmd(IDEState *s)
1210{
1211 const uint8_t *packet;
1212 uint8_t *buf;
1213 int max_len;
1214
1215 packet = s->io_buffer;
1216 buf = s->io_buffer;
1217#ifdef DEBUG_IDE_ATAPI
1218 {
1219 int i;
1220 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1221 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1222 printf(" %02x", packet[i]);
1223 }
1224 printf("\n");
1225 }
1226#endif
1227 /* If there's a UNIT_ATTENTION condition pending, only
1228 REQUEST_SENSE and INQUIRY commands are allowed to complete. */
1229 if (s->sense_key == SENSE_UNIT_ATTENTION &&
1230 s->io_buffer[0] != GPCMD_REQUEST_SENSE &&
1231 s->io_buffer[0] != GPCMD_INQUIRY) {
1232 ide_atapi_cmd_check_status(s);
1233 return;
1234 }
1235 switch(s->io_buffer[0]) {
1236 case GPCMD_TEST_UNIT_READY:
1237 if (bdrv_is_inserted(s->bs) && !s->cdrom_changed) {
1238 ide_atapi_cmd_ok(s);
1239 } else {
1240 s->cdrom_changed = 0;
1241 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1242 ASC_MEDIUM_NOT_PRESENT);
1243 }
1244 break;
1245 case GPCMD_MODE_SENSE_6:
1246 case GPCMD_MODE_SENSE_10:
1247 {
1248 int action, code;
1249 if (packet[0] == GPCMD_MODE_SENSE_10)
1250 max_len = ube16_to_cpu(packet + 7);
1251 else
1252 max_len = packet[4];
1253 action = packet[2] >> 6;
1254 code = packet[2] & 0x3f;
1255 switch(action) {
1256 case 0: /* current values */
1257 switch(code) {
1258 case GPMODE_R_W_ERROR_PAGE: /* error recovery */
1259 cpu_to_ube16(&buf[0], 16 + 6);
1260 buf[2] = 0x70;
1261 buf[3] = 0;
1262 buf[4] = 0;
1263 buf[5] = 0;
1264 buf[6] = 0;
1265 buf[7] = 0;
1266
1267 buf[8] = 0x01;
1268 buf[9] = 0x06;
1269 buf[10] = 0x00;
1270 buf[11] = 0x05;
1271 buf[12] = 0x00;
1272 buf[13] = 0x00;
1273 buf[14] = 0x00;
1274 buf[15] = 0x00;
1275 ide_atapi_cmd_reply(s, 16, max_len);
1276 break;
1277 case GPMODE_AUDIO_CTL_PAGE:
1278 cpu_to_ube16(&buf[0], 24 + 6);
1279 buf[2] = 0x70;
1280 buf[3] = 0;
1281 buf[4] = 0;
1282 buf[5] = 0;
1283 buf[6] = 0;
1284 buf[7] = 0;
1285
1286 /* Fill with CDROM audio volume */
1287 buf[17] = 0;
1288 buf[19] = 0;
1289 buf[21] = 0;
1290 buf[23] = 0;
1291
1292 ide_atapi_cmd_reply(s, 24, max_len);
1293 break;
1294 case GPMODE_CAPABILITIES_PAGE:
1295 cpu_to_ube16(&buf[0], 28 + 6);
1296 buf[2] = 0x70;
1297 buf[3] = 0;
1298 buf[4] = 0;
1299 buf[5] = 0;
1300 buf[6] = 0;
1301 buf[7] = 0;
1302
1303 buf[8] = 0x2a;
1304 buf[9] = 0x12;
1305 buf[10] = 0x00;
1306 buf[11] = 0x00;
1307
1308 /* Claim PLAY_AUDIO capability (0x01) since some Linux
1309 code checks for this to automount media. */
1310 buf[12] = 0x71;
1311 buf[13] = 3 << 5;
1312 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
1313 if (bdrv_is_locked(s->bs))
1314 buf[6] |= 1 << 1;
1315 buf[15] = 0x00;
1316 cpu_to_ube16(&buf[16], 706);
1317 buf[18] = 0;
1318 buf[19] = 2;
1319 cpu_to_ube16(&buf[20], 512);
1320 cpu_to_ube16(&buf[22], 706);
1321 buf[24] = 0;
1322 buf[25] = 0;
1323 buf[26] = 0;
1324 buf[27] = 0;
1325 ide_atapi_cmd_reply(s, 28, max_len);
1326 break;
1327 default:
1328 goto error_cmd;
1329 }
1330 break;
1331 case 1: /* changeable values */
1332 goto error_cmd;
1333 case 2: /* default values */
1334 goto error_cmd;
1335 default:
1336 case 3: /* saved values */
1337 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1338 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1339 break;
1340 }
1341 }
1342 break;
1343 case GPCMD_REQUEST_SENSE:
1344 max_len = packet[4];
1345 memset(buf, 0, 18);
1346 buf[0] = 0x70 | (1 << 7);
1347 buf[2] = s->sense_key;
1348 buf[7] = 10;
1349 buf[12] = s->asc;
1350 if (s->sense_key == SENSE_UNIT_ATTENTION)
1351 s->sense_key = SENSE_NONE;
1352 ide_atapi_cmd_reply(s, 18, max_len);
1353 break;
1354 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
1355 if (bdrv_is_inserted(s->bs)) {
1356 bdrv_set_locked(s->bs, packet[4] & 1);
1357 ide_atapi_cmd_ok(s);
1358 } else {
1359 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1360 ASC_MEDIUM_NOT_PRESENT);
1361 }
1362 break;
1363 case GPCMD_READ_10:
1364 case GPCMD_READ_12:
1365 {
1366 int nb_sectors, lba;
1367
1368 if (packet[0] == GPCMD_READ_10)
1369 nb_sectors = ube16_to_cpu(packet + 7);
1370 else
1371 nb_sectors = ube32_to_cpu(packet + 6);
1372 lba = ube32_to_cpu(packet + 2);
1373 if (nb_sectors == 0) {
1374 ide_atapi_cmd_ok(s);
1375 break;
1376 }
1377 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1378 }
1379 break;
1380 case GPCMD_READ_CD:
1381 {
1382 int nb_sectors, lba, transfer_request;
1383
1384 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1385 lba = ube32_to_cpu(packet + 2);
1386 if (nb_sectors == 0) {
1387 ide_atapi_cmd_ok(s);
1388 break;
1389 }
1390 transfer_request = packet[9];
1391 switch(transfer_request & 0xf8) {
1392 case 0x00:
1393 /* nothing */
1394 ide_atapi_cmd_ok(s);
1395 break;
1396 case 0x10:
1397 /* normal read */
1398 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1399 break;
1400 case 0xf8:
1401 /* read all data */
1402 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1403 break;
1404 default:
1405 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1406 ASC_INV_FIELD_IN_CMD_PACKET);
1407 break;
1408 }
1409 }
1410 break;
1411 case GPCMD_SEEK:
1412 {
1413 unsigned int lba;
1414 uint64_t total_sectors;
1415
1416 bdrv_get_geometry(s->bs, &total_sectors);
1417 total_sectors >>= 2;
1418 if (total_sectors == 0) {
1419 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1420 ASC_MEDIUM_NOT_PRESENT);
1421 break;
1422 }
1423 lba = ube32_to_cpu(packet + 2);
1424 if (lba >= total_sectors) {
1425 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1426 ASC_LOGICAL_BLOCK_OOR);
1427 break;
1428 }
1429 ide_atapi_cmd_ok(s);
1430 }
1431 break;
1432 case GPCMD_START_STOP_UNIT:
1433 {
1434 int start, eject, err = 0;
1435 start = packet[4] & 1;
1436 eject = (packet[4] >> 1) & 1;
1437
1438 if (eject) {
1439 err = bdrv_eject(s->bs, !start);
1440 }
1441
1442 switch (err) {
1443 case 0:
1444 ide_atapi_cmd_ok(s);
1445 break;
1446 case -EBUSY:
1447 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1448 ASC_MEDIA_REMOVAL_PREVENTED);
1449 break;
1450 default:
1451 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1452 ASC_MEDIUM_NOT_PRESENT);
1453 break;
1454 }
1455 }
1456 break;
1457 case GPCMD_MECHANISM_STATUS:
1458 {
1459 max_len = ube16_to_cpu(packet + 8);
1460 cpu_to_ube16(buf, 0);
1461 /* no current LBA */
1462 buf[2] = 0;
1463 buf[3] = 0;
1464 buf[4] = 0;
1465 buf[5] = 1;
1466 cpu_to_ube16(buf + 6, 0);
1467 ide_atapi_cmd_reply(s, 8, max_len);
1468 }
1469 break;
1470 case GPCMD_READ_TOC_PMA_ATIP:
1471 {
1472 int format, msf, start_track, len;
1473 uint64_t total_sectors;
1474
1475 bdrv_get_geometry(s->bs, &total_sectors);
1476 total_sectors >>= 2;
1477 if (total_sectors == 0) {
1478 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1479 ASC_MEDIUM_NOT_PRESENT);
1480 break;
1481 }
1482 max_len = ube16_to_cpu(packet + 7);
1483 format = packet[9] >> 6;
1484 msf = (packet[1] >> 1) & 1;
1485 start_track = packet[6];
1486 switch(format) {
1487 case 0:
1488 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
1489 if (len < 0)
1490 goto error_cmd;
1491 ide_atapi_cmd_reply(s, len, max_len);
1492 break;
1493 case 1:
1494 /* multi session : only a single session defined */
1495 memset(buf, 0, 12);
1496 buf[1] = 0x0a;
1497 buf[2] = 0x01;
1498 buf[3] = 0x01;
1499 ide_atapi_cmd_reply(s, 12, max_len);
1500 break;
1501 case 2:
1502 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
1503 if (len < 0)
1504 goto error_cmd;
1505 ide_atapi_cmd_reply(s, len, max_len);
1506 break;
1507 default:
1508 error_cmd:
1509 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1510 ASC_INV_FIELD_IN_CMD_PACKET);
1511 break;
1512 }
1513 }
1514 break;
1515 case GPCMD_READ_CDVD_CAPACITY:
1516 {
1517 uint64_t total_sectors;
1518
1519 bdrv_get_geometry(s->bs, &total_sectors);
1520 total_sectors >>= 2;
1521 if (total_sectors == 0) {
1522 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1523 ASC_MEDIUM_NOT_PRESENT);
1524 break;
1525 }
1526 /* NOTE: it is really the number of sectors minus 1 */
1527 cpu_to_ube32(buf, total_sectors - 1);
1528 cpu_to_ube32(buf + 4, 2048);
1529 ide_atapi_cmd_reply(s, 8, 8);
1530 }
1531 break;
1532 case GPCMD_READ_DVD_STRUCTURE:
1533 {
1534 int media = packet[1];
1535 int format = packet[7];
1536 int ret;
1537
1538 max_len = ube16_to_cpu(packet + 8);
1539
1540 if (format < 0xff) {
1541 if (media_is_cd(s)) {
1542 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1543 ASC_INCOMPATIBLE_FORMAT);
1544 break;
1545 } else if (!media_present(s)) {
1546 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1547 ASC_INV_FIELD_IN_CMD_PACKET);
1548 break;
1549 }
1550 }
1551
1552 memset(buf, 0, max_len > IDE_DMA_BUF_SECTORS * 512 + 4 ?
1553 IDE_DMA_BUF_SECTORS * 512 + 4 : max_len);
1554
1555 switch (format) {
1556 case 0x00 ... 0x7f:
1557 case 0xff:
1558 if (media == 0) {
1559 ret = ide_dvd_read_structure(s, format, packet, buf);
1560
1561 if (ret < 0)
1562 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, -ret);
1563 else
1564 ide_atapi_cmd_reply(s, ret, max_len);
1565
1566 break;
1567 }
1568 /* TODO: BD support, fall through for now */
1569
1570 /* Generic disk structures */
1571 case 0x80: /* TODO: AACS volume identifier */
1572 case 0x81: /* TODO: AACS media serial number */
1573 case 0x82: /* TODO: AACS media identifier */
1574 case 0x83: /* TODO: AACS media key block */
1575 case 0x90: /* TODO: List of recognized format layers */
1576 case 0xc0: /* TODO: Write protection status */
1577 default:
1578 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1579 ASC_INV_FIELD_IN_CMD_PACKET);
1580 break;
1581 }
1582 }
1583 break;
1584 case GPCMD_SET_SPEED:
1585 ide_atapi_cmd_ok(s);
1586 break;
1587 case GPCMD_INQUIRY:
1588 max_len = packet[4];
1589 buf[0] = 0x05; /* CD-ROM */
1590 buf[1] = 0x80; /* removable */
1591 buf[2] = 0x00; /* ISO */
1592 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1593 buf[4] = 31; /* additional length */
1594 buf[5] = 0; /* reserved */
1595 buf[6] = 0; /* reserved */
1596 buf[7] = 0; /* reserved */
1597 padstr8(buf + 8, 8, "QEMU");
1598 padstr8(buf + 16, 16, "QEMU DVD-ROM");
1599 padstr8(buf + 32, 4, s->version);
1600 ide_atapi_cmd_reply(s, 36, max_len);
1601 break;
1602 case GPCMD_GET_CONFIGURATION:
1603 {
1604 uint32_t len;
1605 uint8_t index = 0;
1606
1607 /* only feature 0 is supported */
1608 if (packet[2] != 0 || packet[3] != 0) {
1609 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1610 ASC_INV_FIELD_IN_CMD_PACKET);
1611 break;
1612 }
1613
1614 /* XXX: could result in alignment problems in some architectures */
1615 max_len = ube16_to_cpu(packet + 7);
1616
1617 /*
1618 * XXX: avoid overflow for io_buffer if max_len is bigger than
1619 * the size of that buffer (dimensioned to max number of
1620 * sectors to transfer at once)
1621 *
1622 * Only a problem if the feature/profiles grow.
1623 */
1624 if (max_len > 512) /* XXX: assume 1 sector */
1625 max_len = 512;
1626
1627 memset(buf, 0, max_len);
1628 /*
1629 * the number of sectors from the media tells us which profile
1630 * to use as current. 0 means there is no media
1631 */
1632 if (media_is_dvd(s))
1633 cpu_to_ube16(buf + 6, MMC_PROFILE_DVD_ROM);
1634 else if (media_is_cd(s))
1635 cpu_to_ube16(buf + 6, MMC_PROFILE_CD_ROM);
1636
1637 buf[10] = 0x02 | 0x01; /* persistent and current */
1638 len = 12; /* headers: 8 + 4 */
1639 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_DVD_ROM);
1640 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_CD_ROM);
1641 cpu_to_ube32(buf, len - 4); /* data length */
1642
1643 ide_atapi_cmd_reply(s, len, max_len);
1644 break;
1645 }
1646 default:
1647 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1648 ASC_ILLEGAL_OPCODE);
1649 break;
1650 }
1651}
1652
1653static void ide_cfata_metadata_inquiry(IDEState *s)
1654{
1655 uint16_t *p;
1656 uint32_t spd;
1657
1658 p = (uint16_t *) s->io_buffer;
1659 memset(p, 0, 0x200);
1660 spd = ((s->mdata_size - 1) >> 9) + 1;
1661
1662 put_le16(p + 0, 0x0001); /* Data format revision */
1663 put_le16(p + 1, 0x0000); /* Media property: silicon */
1664 put_le16(p + 2, s->media_changed); /* Media status */
1665 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
1666 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
1667 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
1668 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
1669}
1670
1671static void ide_cfata_metadata_read(IDEState *s)
1672{
1673 uint16_t *p;
1674
1675 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1676 s->status = ERR_STAT;
1677 s->error = ABRT_ERR;
1678 return;
1679 }
1680
1681 p = (uint16_t *) s->io_buffer;
1682 memset(p, 0, 0x200);
1683
1684 put_le16(p + 0, s->media_changed); /* Media status */
1685 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1686 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1687 s->nsector << 9), 0x200 - 2));
1688}
1689
1690static void ide_cfata_metadata_write(IDEState *s)
1691{
1692 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1693 s->status = ERR_STAT;
1694 s->error = ABRT_ERR;
1695 return;
1696 }
1697
1698 s->media_changed = 0;
1699
1700 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1701 s->io_buffer + 2,
1702 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1703 s->nsector << 9), 0x200 - 2));
1704}
1705
1706/* called when the inserted state of the media has changed */
1707static void cdrom_change_cb(void *opaque)
1708{
1709 IDEState *s = opaque;
1710 uint64_t nb_sectors;
1711
1712 bdrv_get_geometry(s->bs, &nb_sectors);
1713 s->nb_sectors = nb_sectors;
1714
1715 s->sense_key = SENSE_UNIT_ATTENTION;
1716 s->asc = ASC_MEDIUM_MAY_HAVE_CHANGED;
1717 s->cdrom_changed = 1;
1718 ide_set_irq(s->bus);
1719}
1720
1721static void ide_cmd_lba48_transform(IDEState *s, int lba48)
1722{
1723 s->lba48 = lba48;
1724
1725 /* handle the 'magic' 0 nsector count conversion here. to avoid
1726 * fiddling with the rest of the read logic, we just store the
1727 * full sector count in ->nsector and ignore ->hob_nsector from now
1728 */
1729 if (!s->lba48) {
1730 if (!s->nsector)
1731 s->nsector = 256;
1732 } else {
1733 if (!s->nsector && !s->hob_nsector)
1734 s->nsector = 65536;
1735 else {
1736 int lo = s->nsector;
1737 int hi = s->hob_nsector;
1738
1739 s->nsector = (hi << 8) | lo;
1740 }
1741 }
1742}
1743
1744static void ide_clear_hob(IDEBus *bus)
1745{
1746 /* any write clears HOB high bit of device control register */
1747 bus->ifs[0].select &= ~(1 << 7);
1748 bus->ifs[1].select &= ~(1 << 7);
1749}
1750
1751void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
1752{
1753 IDEBus *bus = opaque;
1754 IDEState *s;
1755 int n;
1756 int lba48 = 0;
1757
1758#ifdef DEBUG_IDE
1759 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1760#endif
1761
1762 addr &= 7;
1763
1764 /* ignore writes to command block while busy with previous command */
1765 if (addr != 7 && (idebus_active_if(bus)->status & (BUSY_STAT|DRQ_STAT)))
1766 return;
1767
1768 switch(addr) {
1769 case 0:
1770 break;
1771 case 1:
1772 ide_clear_hob(bus);
1773 /* NOTE: data is written to the two drives */
1774 bus->ifs[0].hob_feature = bus->ifs[0].feature;
1775 bus->ifs[1].hob_feature = bus->ifs[1].feature;
1776 bus->ifs[0].feature = val;
1777 bus->ifs[1].feature = val;
1778 break;
1779 case 2:
1780 ide_clear_hob(bus);
1781 bus->ifs[0].hob_nsector = bus->ifs[0].nsector;
1782 bus->ifs[1].hob_nsector = bus->ifs[1].nsector;
1783 bus->ifs[0].nsector = val;
1784 bus->ifs[1].nsector = val;
1785 break;
1786 case 3:
1787 ide_clear_hob(bus);
1788 bus->ifs[0].hob_sector = bus->ifs[0].sector;
1789 bus->ifs[1].hob_sector = bus->ifs[1].sector;
1790 bus->ifs[0].sector = val;
1791 bus->ifs[1].sector = val;
1792 break;
1793 case 4:
1794 ide_clear_hob(bus);
1795 bus->ifs[0].hob_lcyl = bus->ifs[0].lcyl;
1796 bus->ifs[1].hob_lcyl = bus->ifs[1].lcyl;
1797 bus->ifs[0].lcyl = val;
1798 bus->ifs[1].lcyl = val;
1799 break;
1800 case 5:
1801 ide_clear_hob(bus);
1802 bus->ifs[0].hob_hcyl = bus->ifs[0].hcyl;
1803 bus->ifs[1].hob_hcyl = bus->ifs[1].hcyl;
1804 bus->ifs[0].hcyl = val;
1805 bus->ifs[1].hcyl = val;
1806 break;
1807 case 6:
1808 /* FIXME: HOB readback uses bit 7 */
1809 bus->ifs[0].select = (val & ~0x10) | 0xa0;
1810 bus->ifs[1].select = (val | 0x10) | 0xa0;
1811 /* select drive */
1812 bus->unit = (val >> 4) & 1;
1813 break;
1814 default:
1815 case 7:
1816 /* command */
1817#if defined(DEBUG_IDE)
1818 printf("ide: CMD=%02x\n", val);
1819#endif
1820 s = idebus_active_if(bus);
1821 /* ignore commands to non existant slave */
1822 if (s != bus->ifs && !s->bs)
1823 break;
1824
1825 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */
1826 if ((s->status & (BUSY_STAT|DRQ_STAT)) && val != WIN_DEVICE_RESET)
1827 break;
1828
1829 switch(val) {
1830 case WIN_IDENTIFY:
1831 if (s->bs && s->drive_kind != IDE_CD) {
1832 if (s->drive_kind != IDE_CFATA)
1833 ide_identify(s);
1834 else
1835 ide_cfata_identify(s);
1836 s->status = READY_STAT | SEEK_STAT;
1837 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1838 } else {
1839 if (s->drive_kind == IDE_CD) {
1840 ide_set_signature(s);
1841 }
1842 ide_abort_command(s);
1843 }
1844 ide_set_irq(s->bus);
1845 break;
1846 case WIN_SPECIFY:
1847 case WIN_RECAL:
1848 s->error = 0;
1849 s->status = READY_STAT | SEEK_STAT;
1850 ide_set_irq(s->bus);
1851 break;
1852 case WIN_SETMULT:
1853 if (s->drive_kind == IDE_CFATA && s->nsector == 0) {
1854 /* Disable Read and Write Multiple */
1855 s->mult_sectors = 0;
1856 s->status = READY_STAT | SEEK_STAT;
1857 } else if ((s->nsector & 0xff) != 0 &&
1858 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
1859 (s->nsector & (s->nsector - 1)) != 0)) {
1860 ide_abort_command(s);
1861 } else {
1862 s->mult_sectors = s->nsector & 0xff;
1863 s->status = READY_STAT | SEEK_STAT;
1864 }
1865 ide_set_irq(s->bus);
1866 break;
1867 case WIN_VERIFY_EXT:
1868 lba48 = 1;
1869 case WIN_VERIFY:
1870 case WIN_VERIFY_ONCE:
1871 /* do sector number check ? */
1872 ide_cmd_lba48_transform(s, lba48);
1873 s->status = READY_STAT | SEEK_STAT;
1874 ide_set_irq(s->bus);
1875 break;
1876 case WIN_READ_EXT:
1877 lba48 = 1;
1878 case WIN_READ:
1879 case WIN_READ_ONCE:
1880 if (!s->bs)
1881 goto abort_cmd;
1882 ide_cmd_lba48_transform(s, lba48);
1883 s->req_nb_sectors = 1;
1884 ide_sector_read(s);
1885 break;
1886 case WIN_WRITE_EXT:
1887 lba48 = 1;
1888 case WIN_WRITE:
1889 case WIN_WRITE_ONCE:
1890 case CFA_WRITE_SECT_WO_ERASE:
1891 case WIN_WRITE_VERIFY:
1892 ide_cmd_lba48_transform(s, lba48);
1893 s->error = 0;
1894 s->status = SEEK_STAT | READY_STAT;
1895 s->req_nb_sectors = 1;
1896 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1897 s->media_changed = 1;
1898 break;
1899 case WIN_MULTREAD_EXT:
1900 lba48 = 1;
1901 case WIN_MULTREAD:
1902 if (!s->mult_sectors)
1903 goto abort_cmd;
1904 ide_cmd_lba48_transform(s, lba48);
1905 s->req_nb_sectors = s->mult_sectors;
1906 ide_sector_read(s);
1907 break;
1908 case WIN_MULTWRITE_EXT:
1909 lba48 = 1;
1910 case WIN_MULTWRITE:
1911 case CFA_WRITE_MULTI_WO_ERASE:
1912 if (!s->mult_sectors)
1913 goto abort_cmd;
1914 ide_cmd_lba48_transform(s, lba48);
1915 s->error = 0;
1916 s->status = SEEK_STAT | READY_STAT;
1917 s->req_nb_sectors = s->mult_sectors;
1918 n = s->nsector;
1919 if (n > s->req_nb_sectors)
1920 n = s->req_nb_sectors;
1921 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1922 s->media_changed = 1;
1923 break;
1924 case WIN_READDMA_EXT:
1925 lba48 = 1;
1926 case WIN_READDMA:
1927 case WIN_READDMA_ONCE:
1928 if (!s->bs)
1929 goto abort_cmd;
1930 ide_cmd_lba48_transform(s, lba48);
1931 ide_sector_read_dma(s);
1932 break;
1933 case WIN_WRITEDMA_EXT:
1934 lba48 = 1;
1935 case WIN_WRITEDMA:
1936 case WIN_WRITEDMA_ONCE:
1937 if (!s->bs)
1938 goto abort_cmd;
1939 ide_cmd_lba48_transform(s, lba48);
1940 ide_sector_write_dma(s);
1941 s->media_changed = 1;
1942 break;
1943 case WIN_READ_NATIVE_MAX_EXT:
1944 lba48 = 1;
1945 case WIN_READ_NATIVE_MAX:
1946 ide_cmd_lba48_transform(s, lba48);
1947 ide_set_sector(s, s->nb_sectors - 1);
1948 s->status = READY_STAT | SEEK_STAT;
1949 ide_set_irq(s->bus);
1950 break;
1951 case WIN_CHECKPOWERMODE1:
1952 case WIN_CHECKPOWERMODE2:
1953 s->nsector = 0xff; /* device active or idle */
1954 s->status = READY_STAT | SEEK_STAT;
1955 ide_set_irq(s->bus);
1956 break;
1957 case WIN_SETFEATURES:
1958 if (!s->bs)
1959 goto abort_cmd;
1960 /* XXX: valid for CDROM ? */
1961 switch(s->feature) {
1962 case 0xcc: /* reverting to power-on defaults enable */
1963 case 0x66: /* reverting to power-on defaults disable */
1964 case 0x02: /* write cache enable */
1965 case 0x82: /* write cache disable */
1966 case 0xaa: /* read look-ahead enable */
1967 case 0x55: /* read look-ahead disable */
1968 case 0x05: /* set advanced power management mode */
1969 case 0x85: /* disable advanced power management mode */
1970 case 0x69: /* NOP */
1971 case 0x67: /* NOP */
1972 case 0x96: /* NOP */
1973 case 0x9a: /* NOP */
1974 case 0x42: /* enable Automatic Acoustic Mode */
1975 case 0xc2: /* disable Automatic Acoustic Mode */
1976 s->status = READY_STAT | SEEK_STAT;
1977 ide_set_irq(s->bus);
1978 break;
1979 case 0x03: { /* set transfer mode */
1980 uint8_t val = s->nsector & 0x07;
1981 uint16_t *identify_data = (uint16_t *)s->identify_data;
1982
1983 switch (s->nsector >> 3) {
1984 case 0x00: /* pio default */
1985 case 0x01: /* pio mode */
1986 put_le16(identify_data + 62,0x07);
1987 put_le16(identify_data + 63,0x07);
1988 put_le16(identify_data + 88,0x3f);
1989 break;
1990 case 0x02: /* sigle word dma mode*/
1991 put_le16(identify_data + 62,0x07 | (1 << (val + 8)));
1992 put_le16(identify_data + 63,0x07);
1993 put_le16(identify_data + 88,0x3f);
1994 break;
1995 case 0x04: /* mdma mode */
1996 put_le16(identify_data + 62,0x07);
1997 put_le16(identify_data + 63,0x07 | (1 << (val + 8)));
1998 put_le16(identify_data + 88,0x3f);
1999 break;
2000 case 0x08: /* udma mode */
2001 put_le16(identify_data + 62,0x07);
2002 put_le16(identify_data + 63,0x07);
2003 put_le16(identify_data + 88,0x3f | (1 << (val + 8)));
2004 break;
2005 default:
2006 goto abort_cmd;
2007 }
2008 s->status = READY_STAT | SEEK_STAT;
2009 ide_set_irq(s->bus);
2010 break;
2011 }
2012 default:
2013 goto abort_cmd;
2014 }
2015 break;
2016 case WIN_FLUSH_CACHE:
2017 case WIN_FLUSH_CACHE_EXT:
2018 if (s->bs)
2019 bdrv_aio_flush(s->bs, ide_flush_cb, s);
2020 else
2021 ide_flush_cb(s, 0);
2022 break;
2023 case WIN_STANDBY:
2024 case WIN_STANDBY2:
2025 case WIN_STANDBYNOW1:
2026 case WIN_STANDBYNOW2:
2027 case WIN_IDLEIMMEDIATE:
2028 case CFA_IDLEIMMEDIATE:
2029 case WIN_SETIDLE1:
2030 case WIN_SETIDLE2:
2031 case WIN_SLEEPNOW1:
2032 case WIN_SLEEPNOW2:
2033 s->status = READY_STAT;
2034 ide_set_irq(s->bus);
2035 break;
2036 case WIN_SEEK:
2037 if(s->drive_kind == IDE_CD)
2038 goto abort_cmd;
2039 /* XXX: Check that seek is within bounds */
2040 s->status = READY_STAT | SEEK_STAT;
2041 ide_set_irq(s->bus);
2042 break;
2043 /* ATAPI commands */
2044 case WIN_PIDENTIFY:
2045 if (s->drive_kind == IDE_CD) {
2046 ide_atapi_identify(s);
2047 s->status = READY_STAT | SEEK_STAT;
2048 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2049 } else {
2050 ide_abort_command(s);
2051 }
2052 ide_set_irq(s->bus);
2053 break;
2054 case WIN_DIAGNOSE:
2055 ide_set_signature(s);
2056 if (s->drive_kind == IDE_CD)
2057 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet
2058 * devices to return a clear status register
2059 * with READY_STAT *not* set. */
2060 else
2061 s->status = READY_STAT | SEEK_STAT;
2062 s->error = 0x01; /* Device 0 passed, Device 1 passed or not
2063 * present.
2064 */
2065 ide_set_irq(s->bus);
2066 break;
2067 case WIN_SRST:
2068 if (s->drive_kind != IDE_CD)
2069 goto abort_cmd;
2070 ide_set_signature(s);
2071 s->status = 0x00; /* NOTE: READY is _not_ set */
2072 s->error = 0x01;
2073 break;
2074 case WIN_PACKETCMD:
2075 if (s->drive_kind != IDE_CD)
2076 goto abort_cmd;
2077 /* overlapping commands not supported */
2078 if (s->feature & 0x02)
2079 goto abort_cmd;
2080 s->status = READY_STAT | SEEK_STAT;
2081 s->atapi_dma = s->feature & 1;
2082 s->nsector = 1;
2083 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
2084 ide_atapi_cmd);
2085 break;
2086 /* CF-ATA commands */
2087 case CFA_REQ_EXT_ERROR_CODE:
2088 if (s->drive_kind != IDE_CFATA)
2089 goto abort_cmd;
2090 s->error = 0x09; /* miscellaneous error */
2091 s->status = READY_STAT | SEEK_STAT;
2092 ide_set_irq(s->bus);
2093 break;
2094 case CFA_ERASE_SECTORS:
2095 case CFA_WEAR_LEVEL:
2096 if (s->drive_kind != IDE_CFATA)
2097 goto abort_cmd;
2098 if (val == CFA_WEAR_LEVEL)
2099 s->nsector = 0;
2100 if (val == CFA_ERASE_SECTORS)
2101 s->media_changed = 1;
2102 s->error = 0x00;
2103 s->status = READY_STAT | SEEK_STAT;
2104 ide_set_irq(s->bus);
2105 break;
2106 case CFA_TRANSLATE_SECTOR:
2107 if (s->drive_kind != IDE_CFATA)
2108 goto abort_cmd;
2109 s->error = 0x00;
2110 s->status = READY_STAT | SEEK_STAT;
2111 memset(s->io_buffer, 0, 0x200);
2112 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
2113 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
2114 s->io_buffer[0x02] = s->select; /* Head */
2115 s->io_buffer[0x03] = s->sector; /* Sector */
2116 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
2117 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
2118 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
2119 s->io_buffer[0x13] = 0x00; /* Erase flag */
2120 s->io_buffer[0x18] = 0x00; /* Hot count */
2121 s->io_buffer[0x19] = 0x00; /* Hot count */
2122 s->io_buffer[0x1a] = 0x01; /* Hot count */
2123 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2124 ide_set_irq(s->bus);
2125 break;
2126 case CFA_ACCESS_METADATA_STORAGE:
2127 if (s->drive_kind != IDE_CFATA)
2128 goto abort_cmd;
2129 switch (s->feature) {
2130 case 0x02: /* Inquiry Metadata Storage */
2131 ide_cfata_metadata_inquiry(s);
2132 break;
2133 case 0x03: /* Read Metadata Storage */
2134 ide_cfata_metadata_read(s);
2135 break;
2136 case 0x04: /* Write Metadata Storage */
2137 ide_cfata_metadata_write(s);
2138 break;
2139 default:
2140 goto abort_cmd;
2141 }
2142 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2143 s->status = 0x00; /* NOTE: READY is _not_ set */
2144 ide_set_irq(s->bus);
2145 break;
2146 case IBM_SENSE_CONDITION:
2147 if (s->drive_kind != IDE_CFATA)
2148 goto abort_cmd;
2149 switch (s->feature) {
2150 case 0x01: /* sense temperature in device */
2151 s->nsector = 0x50; /* +20 C */
2152 break;
2153 default:
2154 goto abort_cmd;
2155 }
2156 s->status = READY_STAT | SEEK_STAT;
2157 ide_set_irq(s->bus);
2158 break;
2159
2160 case WIN_SMART:
2161 if (s->drive_kind == IDE_CD)
2162 goto abort_cmd;
2163 if (s->hcyl != 0xc2 || s->lcyl != 0x4f)
2164 goto abort_cmd;
2165 if (!s->smart_enabled && s->feature != SMART_ENABLE)
2166 goto abort_cmd;
2167 switch (s->feature) {
2168 case SMART_DISABLE:
2169 s->smart_enabled = 0;
2170 s->status = READY_STAT | SEEK_STAT;
2171 ide_set_irq(s->bus);
2172 break;
2173 case SMART_ENABLE:
2174 s->smart_enabled = 1;
2175 s->status = READY_STAT | SEEK_STAT;
2176 ide_set_irq(s->bus);
2177 break;
2178 case SMART_ATTR_AUTOSAVE:
2179 switch (s->sector) {
2180 case 0x00:
2181 s->smart_autosave = 0;
2182 break;
2183 case 0xf1:
2184 s->smart_autosave = 1;
2185 break;
2186 default:
2187 goto abort_cmd;
2188 }
2189 s->status = READY_STAT | SEEK_STAT;
2190 ide_set_irq(s->bus);
2191 break;
2192 case SMART_STATUS:
2193 if (!s->smart_errors) {
2194 s->hcyl = 0xc2;
2195 s->lcyl = 0x4f;
2196 } else {
2197 s->hcyl = 0x2c;
2198 s->lcyl = 0xf4;
2199 }
2200 s->status = READY_STAT | SEEK_STAT;
2201 ide_set_irq(s->bus);
2202 break;
2203 case SMART_READ_THRESH:
2204 memset(s->io_buffer, 0, 0x200);
2205 s->io_buffer[0] = 0x01; /* smart struct version */
2206 for (n=0; n<30; n++) {
2207 if (smart_attributes[n][0] == 0)
2208 break;
2209 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0];
2210 s->io_buffer[2+1+(n*12)] = smart_attributes[n][4];
2211 }
2212 for (n=0; n<511; n++) /* checksum */
2213 s->io_buffer[511] += s->io_buffer[n];
2214 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2215 s->status = READY_STAT | SEEK_STAT;
2216 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2217 ide_set_irq(s->bus);
2218 break;
2219 case SMART_READ_DATA:
2220 memset(s->io_buffer, 0, 0x200);
2221 s->io_buffer[0] = 0x01; /* smart struct version */
2222 for (n=0; n<30; n++) {
2223 if (smart_attributes[n][0] == 0)
2224 break;
2225 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0];
2226 s->io_buffer[2+1+(n*12)] = smart_attributes[n][1];
2227 s->io_buffer[2+3+(n*12)] = smart_attributes[n][2];
2228 s->io_buffer[2+4+(n*12)] = smart_attributes[n][3];
2229 }
2230 s->io_buffer[362] = 0x02 | (s->smart_autosave?0x80:0x00);
2231 if (s->smart_selftest_count == 0) {
2232 s->io_buffer[363] = 0;
2233 } else {
2234 s->io_buffer[363] =
2235 s->smart_selftest_data[3 +
2236 (s->smart_selftest_count - 1) *
2237 24];
2238 }
2239 s->io_buffer[364] = 0x20;
2240 s->io_buffer[365] = 0x01;
2241 /* offline data collection capacity: execute + self-test*/
2242 s->io_buffer[367] = (1<<4 | 1<<3 | 1);
2243 s->io_buffer[368] = 0x03; /* smart capability (1) */
2244 s->io_buffer[369] = 0x00; /* smart capability (2) */
2245 s->io_buffer[370] = 0x01; /* error logging supported */
2246 s->io_buffer[372] = 0x02; /* minutes for poll short test */
2247 s->io_buffer[373] = 0x36; /* minutes for poll ext test */
2248 s->io_buffer[374] = 0x01; /* minutes for poll conveyance */
2249
2250 for (n=0; n<511; n++)
2251 s->io_buffer[511] += s->io_buffer[n];
2252 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2253 s->status = READY_STAT | SEEK_STAT;
2254 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2255 ide_set_irq(s->bus);
2256 break;
2257 case SMART_READ_LOG:
2258 switch (s->sector) {
2259 case 0x01: /* summary smart error log */
2260 memset(s->io_buffer, 0, 0x200);
2261 s->io_buffer[0] = 0x01;
2262 s->io_buffer[1] = 0x00; /* no error entries */
2263 s->io_buffer[452] = s->smart_errors & 0xff;
2264 s->io_buffer[453] = (s->smart_errors & 0xff00) >> 8;
2265
2266 for (n=0; n<511; n++)
2267 s->io_buffer[511] += s->io_buffer[n];
2268 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2269 break;
2270 case 0x06: /* smart self test log */
2271 memset(s->io_buffer, 0, 0x200);
2272 s->io_buffer[0] = 0x01;
2273 if (s->smart_selftest_count == 0) {
2274 s->io_buffer[508] = 0;
2275 } else {
2276 s->io_buffer[508] = s->smart_selftest_count;
2277 for (n=2; n<506; n++)
2278 s->io_buffer[n] = s->smart_selftest_data[n];
2279 }
2280 for (n=0; n<511; n++)
2281 s->io_buffer[511] += s->io_buffer[n];
2282 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2283 break;
2284 default:
2285 goto abort_cmd;
2286 }
2287 s->status = READY_STAT | SEEK_STAT;
2288 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2289 ide_set_irq(s->bus);
2290 break;
2291 case SMART_EXECUTE_OFFLINE:
2292 switch (s->sector) {
2293 case 0: /* off-line routine */
2294 case 1: /* short self test */
2295 case 2: /* extended self test */
2296 s->smart_selftest_count++;
2297 if(s->smart_selftest_count > 21)
2298 s->smart_selftest_count = 0;
2299 n = 2 + (s->smart_selftest_count - 1) * 24;
2300 s->smart_selftest_data[n] = s->sector;
2301 s->smart_selftest_data[n+1] = 0x00; /* OK and finished */
2302 s->smart_selftest_data[n+2] = 0x34; /* hour count lsb */
2303 s->smart_selftest_data[n+3] = 0x12; /* hour count msb */
2304 s->status = READY_STAT | SEEK_STAT;
2305 ide_set_irq(s->bus);
2306 break;
2307 default:
2308 goto abort_cmd;
2309 }
2310 break;
2311 default:
2312 goto abort_cmd;
2313 }
2314 break;
2315 default:
2316 abort_cmd:
2317 ide_abort_command(s);
2318 ide_set_irq(s->bus);
2319 break;
2320 }
2321 }
2322}
2323
2324uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
2325{
2326 IDEBus *bus = opaque;
2327 IDEState *s = idebus_active_if(bus);
2328 uint32_t addr;
2329 int ret, hob;
2330
2331 addr = addr1 & 7;
2332 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2333 //hob = s->select & (1 << 7);
2334 hob = 0;
2335 switch(addr) {
2336 case 0:
2337 ret = 0xff;
2338 break;
2339 case 1:
2340 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2341 (s != bus->ifs && !s->bs))
2342 ret = 0;
2343 else if (!hob)
2344 ret = s->error;
2345 else
2346 ret = s->hob_feature;
2347 break;
2348 case 2:
2349 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2350 ret = 0;
2351 else if (!hob)
2352 ret = s->nsector & 0xff;
2353 else
2354 ret = s->hob_nsector;
2355 break;
2356 case 3:
2357 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2358 ret = 0;
2359 else if (!hob)
2360 ret = s->sector;
2361 else
2362 ret = s->hob_sector;
2363 break;
2364 case 4:
2365 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2366 ret = 0;
2367 else if (!hob)
2368 ret = s->lcyl;
2369 else
2370 ret = s->hob_lcyl;
2371 break;
2372 case 5:
2373 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2374 ret = 0;
2375 else if (!hob)
2376 ret = s->hcyl;
2377 else
2378 ret = s->hob_hcyl;
2379 break;
2380 case 6:
2381 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2382 ret = 0;
2383 else
2384 ret = s->select;
2385 break;
2386 default:
2387 case 7:
2388 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2389 (s != bus->ifs && !s->bs))
2390 ret = 0;
2391 else
2392 ret = s->status;
2393 qemu_irq_lower(bus->irq);
2394 break;
2395 }
2396#ifdef DEBUG_IDE
2397 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
2398#endif
2399 return ret;
2400}
2401
2402uint32_t ide_status_read(void *opaque, uint32_t addr)
2403{
2404 IDEBus *bus = opaque;
2405 IDEState *s = idebus_active_if(bus);
2406 int ret;
2407
2408 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2409 (s != bus->ifs && !s->bs))
2410 ret = 0;
2411 else
2412 ret = s->status;
2413#ifdef DEBUG_IDE
2414 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
2415#endif
2416 return ret;
2417}
2418
2419void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
2420{
2421 IDEBus *bus = opaque;
2422 IDEState *s;
2423 int i;
2424
2425#ifdef DEBUG_IDE
2426 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
2427#endif
2428 /* common for both drives */
2429 if (!(bus->cmd & IDE_CMD_RESET) &&
2430 (val & IDE_CMD_RESET)) {
2431 /* reset low to high */
2432 for(i = 0;i < 2; i++) {
2433 s = &bus->ifs[i];
2434 s->status = BUSY_STAT | SEEK_STAT;
2435 s->error = 0x01;
2436 }
2437 } else if ((bus->cmd & IDE_CMD_RESET) &&
2438 !(val & IDE_CMD_RESET)) {
2439 /* high to low */
2440 for(i = 0;i < 2; i++) {
2441 s = &bus->ifs[i];
2442 if (s->drive_kind == IDE_CD)
2443 s->status = 0x00; /* NOTE: READY is _not_ set */
2444 else
2445 s->status = READY_STAT | SEEK_STAT;
2446 ide_set_signature(s);
2447 }
2448 }
2449
2450 bus->cmd = val;
2451}
2452
2453void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
2454{
2455 IDEBus *bus = opaque;
2456 IDEState *s = idebus_active_if(bus);
2457 uint8_t *p;
2458
2459 /* PIO data access allowed only when DRQ bit is set */
2460 if (!(s->status & DRQ_STAT))
2461 return;
2462
2463 p = s->data_ptr;
2464 *(uint16_t *)p = le16_to_cpu(val);
2465 p += 2;
2466 s->data_ptr = p;
2467 if (p >= s->data_end)
2468 s->end_transfer_func(s);
2469}
2470
2471uint32_t ide_data_readw(void *opaque, uint32_t addr)
2472{
2473 IDEBus *bus = opaque;
2474 IDEState *s = idebus_active_if(bus);
2475 uint8_t *p;
2476 int ret;
2477
2478 /* PIO data access allowed only when DRQ bit is set */
2479 if (!(s->status & DRQ_STAT))
2480 return 0;
2481
2482 p = s->data_ptr;
2483 ret = cpu_to_le16(*(uint16_t *)p);
2484 p += 2;
2485 s->data_ptr = p;
2486 if (p >= s->data_end)
2487 s->end_transfer_func(s);
2488 return ret;
2489}
2490
2491void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
2492{
2493 IDEBus *bus = opaque;
2494 IDEState *s = idebus_active_if(bus);
2495 uint8_t *p;
2496
2497 /* PIO data access allowed only when DRQ bit is set */
2498 if (!(s->status & DRQ_STAT))
2499 return;
2500
2501 p = s->data_ptr;
2502 *(uint32_t *)p = le32_to_cpu(val);
2503 p += 4;
2504 s->data_ptr = p;
2505 if (p >= s->data_end)
2506 s->end_transfer_func(s);
2507}
2508
2509uint32_t ide_data_readl(void *opaque, uint32_t addr)
2510{
2511 IDEBus *bus = opaque;
2512 IDEState *s = idebus_active_if(bus);
2513 uint8_t *p;
2514 int ret;
2515
2516 /* PIO data access allowed only when DRQ bit is set */
2517 if (!(s->status & DRQ_STAT))
2518 return 0;
2519
2520 p = s->data_ptr;
2521 ret = cpu_to_le32(*(uint32_t *)p);
2522 p += 4;
2523 s->data_ptr = p;
2524 if (p >= s->data_end)
2525 s->end_transfer_func(s);
2526 return ret;
2527}
2528
2529static void ide_dummy_transfer_stop(IDEState *s)
2530{
2531 s->data_ptr = s->io_buffer;
2532 s->data_end = s->io_buffer;
2533 s->io_buffer[0] = 0xff;
2534 s->io_buffer[1] = 0xff;
2535 s->io_buffer[2] = 0xff;
2536 s->io_buffer[3] = 0xff;
2537}
2538
2539static void ide_reset(IDEState *s)
2540{
2541#ifdef DEBUG_IDE
2542 printf("ide: reset\n");
2543#endif
2544 if (s->drive_kind == IDE_CFATA)
2545 s->mult_sectors = 0;
2546 else
2547 s->mult_sectors = MAX_MULT_SECTORS;
2548 /* ide regs */
2549 s->feature = 0;
2550 s->error = 0;
2551 s->nsector = 0;
2552 s->sector = 0;
2553 s->lcyl = 0;
2554 s->hcyl = 0;
2555
2556 /* lba48 */
2557 s->hob_feature = 0;
2558 s->hob_sector = 0;
2559 s->hob_nsector = 0;
2560 s->hob_lcyl = 0;
2561 s->hob_hcyl = 0;
2562
2563 s->select = 0xa0;
2564 s->status = READY_STAT | SEEK_STAT;
2565
2566 s->lba48 = 0;
2567
2568 /* ATAPI specific */
2569 s->sense_key = 0;
2570 s->asc = 0;
2571 s->cdrom_changed = 0;
2572 s->packet_transfer_size = 0;
2573 s->elementary_transfer_size = 0;
2574 s->io_buffer_index = 0;
2575 s->cd_sector_size = 0;
2576 s->atapi_dma = 0;
2577 /* ATA DMA state */
2578 s->io_buffer_size = 0;
2579 s->req_nb_sectors = 0;
2580
2581 ide_set_signature(s);
2582 /* init the transfer handler so that 0xffff is returned on data
2583 accesses */
2584 s->end_transfer_func = ide_dummy_transfer_stop;
2585 ide_dummy_transfer_stop(s);
2586 s->media_changed = 0;
2587}
2588
2589void ide_bus_reset(IDEBus *bus)
2590{
2591 bus->unit = 0;
2592 bus->cmd = 0;
2593 ide_reset(&bus->ifs[0]);
2594 ide_reset(&bus->ifs[1]);
2595 ide_clear_hob(bus);
2596}
2597
2598int ide_init_drive(IDEState *s, BlockDriverState *bs,
2599 const char *version, const char *serial)
2600{
2601 int cylinders, heads, secs;
2602 uint64_t nb_sectors;
2603
2604 s->bs = bs;
2605 bdrv_get_geometry(bs, &nb_sectors);
2606 bdrv_guess_geometry(bs, &cylinders, &heads, &secs);
2607 s->cylinders = cylinders;
2608 s->heads = heads;
2609 s->sectors = secs;
2610 s->nb_sectors = nb_sectors;
2611 /* The SMART values should be preserved across power cycles
2612 but they aren't. */
2613 s->smart_enabled = 1;
2614 s->smart_autosave = 1;
2615 s->smart_errors = 0;
2616 s->smart_selftest_count = 0;
2617 if (bdrv_get_type_hint(bs) == BDRV_TYPE_CDROM) {
2618 s->drive_kind = IDE_CD;
2619 bdrv_set_change_cb(bs, cdrom_change_cb, s);
2620 }
2621 if (serial) {
2622 strncpy(s->drive_serial_str, serial, sizeof(s->drive_serial_str));
2623 } else {
2624 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str),
2625 "QM%05d", s->drive_serial);
2626 }
2627 if (version) {
2628 pstrcpy(s->version, sizeof(s->version), version);
2629 } else {
2630 pstrcpy(s->version, sizeof(s->version), QEMU_VERSION);
2631 }
2632 ide_reset(s);
2633 bdrv_set_removable(bs, s->drive_kind == IDE_CD);
2634 return 0;
2635}
2636
2637static void ide_init1(IDEBus *bus, int unit)
2638{
2639 static int drive_serial = 1;
2640 IDEState *s = &bus->ifs[unit];
2641
2642 s->bus = bus;
2643 s->unit = unit;
2644 s->drive_serial = drive_serial++;
2645 s->io_buffer = qemu_blockalign(s->bs, IDE_DMA_BUF_SECTORS*512 + 4);
2646 s->io_buffer_total_len = IDE_DMA_BUF_SECTORS*512 + 4;
2647 s->smart_selftest_data = qemu_blockalign(s->bs, 512);
2648 s->sector_write_timer = qemu_new_timer(vm_clock,
2649 ide_sector_write_timer_cb, s);
2650}
2651
2652void ide_init2(IDEBus *bus, qemu_irq irq)
2653{
2654 int i;
2655
2656 for(i = 0; i < 2; i++) {
2657 ide_init1(bus, i);
2658 ide_reset(&bus->ifs[i]);
2659 }
2660 bus->irq = irq;
2661}
2662
2663/* TODO convert users to qdev and remove */
2664void ide_init2_with_non_qdev_drives(IDEBus *bus, DriveInfo *hd0,
2665 DriveInfo *hd1, qemu_irq irq)
2666{
2667 int i;
2668 DriveInfo *dinfo;
2669
2670 for(i = 0; i < 2; i++) {
2671 dinfo = i == 0 ? hd0 : hd1;
2672 ide_init1(bus, i);
2673 if (dinfo) {
2674 if (ide_init_drive(&bus->ifs[i], dinfo->bdrv, NULL,
2675 *dinfo->serial ? dinfo->serial : NULL) < 0) {
2676 error_report("Can't set up IDE drive %s", dinfo->id);
2677 exit(1);
2678 }
2679 } else {
2680 ide_reset(&bus->ifs[i]);
2681 }
2682 }
2683 bus->irq = irq;
2684}
2685
2686void ide_init_ioport(IDEBus *bus, int iobase, int iobase2)
2687{
2688 register_ioport_write(iobase, 8, 1, ide_ioport_write, bus);
2689 register_ioport_read(iobase, 8, 1, ide_ioport_read, bus);
2690 if (iobase2) {
2691 register_ioport_read(iobase2, 1, 1, ide_status_read, bus);
2692 register_ioport_write(iobase2, 1, 1, ide_cmd_write, bus);
2693 }
2694
2695 /* data ports */
2696 register_ioport_write(iobase, 2, 2, ide_data_writew, bus);
2697 register_ioport_read(iobase, 2, 2, ide_data_readw, bus);
2698 register_ioport_write(iobase, 4, 4, ide_data_writel, bus);
2699 register_ioport_read(iobase, 4, 4, ide_data_readl, bus);
2700}
2701
2702static bool is_identify_set(void *opaque, int version_id)
2703{
2704 IDEState *s = opaque;
2705
2706 return s->identify_set != 0;
2707}
2708
2709static EndTransferFunc* transfer_end_table[] = {
2710 ide_sector_read,
2711 ide_sector_write,
2712 ide_transfer_stop,
2713 ide_atapi_cmd_reply_end,
2714 ide_atapi_cmd,
2715};
2716
2717static int transfer_end_table_idx(EndTransferFunc *fn)
2718{
2719 int i;
2720
2721 for (i = 0; i < ARRAY_SIZE(transfer_end_table); i++)
2722 if (transfer_end_table[i] == fn)
2723 return i;
2724
2725 return -1;
2726}
2727
2728static int ide_drive_post_load(void *opaque, int version_id)
2729{
2730 IDEState *s = opaque;
2731
2732 if (version_id < 3) {
2733 if (s->sense_key == SENSE_UNIT_ATTENTION &&
2734 s->asc == ASC_MEDIUM_MAY_HAVE_CHANGED) {
2735 s->cdrom_changed = 1;
2736 }
2737 }
2738
2739 if (s->cur_io_buffer_len) {
2740 s->end_transfer_func = transfer_end_table[s->end_transfer_fn_idx];
2741 s->data_ptr = s->io_buffer + s->cur_io_buffer_offset;
2742 s->data_end = s->data_ptr + s->cur_io_buffer_len;
2743 }
2744
2745 return 0;
2746}
2747
2748static void ide_drive_pre_save(void *opaque)
2749{
2750 IDEState *s = opaque;
2751 int idx;
2752
2753 s->cur_io_buffer_len = 0;
2754
2755 if (!(s->status & DRQ_STAT))
2756 return;
2757
2758 s->cur_io_buffer_offset = s->data_ptr - s->io_buffer;
2759 s->cur_io_buffer_len = s->data_end - s->data_ptr;
2760
2761 idx = transfer_end_table_idx(s->end_transfer_func);
2762 if (idx == -1) {
2763 fprintf(stderr, "%s: invalid end_transfer_func for DRQ_STAT\n",
2764 __func__);
2765 s->end_transfer_fn_idx = 2;
2766 } else {
2767 s->end_transfer_fn_idx = idx;
2768 }
2769}
2770
2771const VMStateDescription vmstate_ide_drive = {
2772 .name = "ide_drive",
2773 .version_id = 4,
2774 .minimum_version_id = 0,
2775 .minimum_version_id_old = 0,
2776 .pre_save = ide_drive_pre_save,
2777 .post_load = ide_drive_post_load,
2778 .fields = (VMStateField []) {
2779 VMSTATE_INT32(mult_sectors, IDEState),
2780 VMSTATE_INT32(identify_set, IDEState),
2781 VMSTATE_BUFFER_TEST(identify_data, IDEState, is_identify_set),
2782 VMSTATE_UINT8(feature, IDEState),
2783 VMSTATE_UINT8(error, IDEState),
2784 VMSTATE_UINT32(nsector, IDEState),
2785 VMSTATE_UINT8(sector, IDEState),
2786 VMSTATE_UINT8(lcyl, IDEState),
2787 VMSTATE_UINT8(hcyl, IDEState),
2788 VMSTATE_UINT8(hob_feature, IDEState),
2789 VMSTATE_UINT8(hob_sector, IDEState),
2790 VMSTATE_UINT8(hob_nsector, IDEState),
2791 VMSTATE_UINT8(hob_lcyl, IDEState),
2792 VMSTATE_UINT8(hob_hcyl, IDEState),
2793 VMSTATE_UINT8(select, IDEState),
2794 VMSTATE_UINT8(status, IDEState),
2795 VMSTATE_UINT8(lba48, IDEState),
2796 VMSTATE_UINT8(sense_key, IDEState),
2797 VMSTATE_UINT8(asc, IDEState),
2798 VMSTATE_UINT8_V(cdrom_changed, IDEState, 3),
2799 VMSTATE_INT32_V(req_nb_sectors, IDEState, 4),
2800 VMSTATE_VARRAY_INT32(io_buffer, IDEState, io_buffer_total_len, 4,
2801 vmstate_info_uint8, uint8_t),
2802 VMSTATE_INT32_V(cur_io_buffer_offset, IDEState, 4),
2803 VMSTATE_INT32_V(cur_io_buffer_len, IDEState, 4),
2804 VMSTATE_UINT8_V(end_transfer_fn_idx, IDEState, 4),
2805 VMSTATE_INT32_V(elementary_transfer_size, IDEState, 4),
2806 VMSTATE_INT32_V(packet_transfer_size, IDEState, 4),
2807 VMSTATE_END_OF_LIST()
2808 }
2809};
2810
2811const VMStateDescription vmstate_ide_bus = {
2812 .name = "ide_bus",
2813 .version_id = 1,
2814 .minimum_version_id = 1,
2815 .minimum_version_id_old = 1,
2816 .fields = (VMStateField []) {
2817 VMSTATE_UINT8(cmd, IDEBus),
2818 VMSTATE_UINT8(unit, IDEBus),
2819 VMSTATE_END_OF_LIST()
2820 }
2821};
2822
2823/***********************************************************/
2824/* PCI IDE definitions */
2825
2826static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb)
2827{
2828 BMDMAState *bm = s->bus->bmdma;
2829 if(!bm)
2830 return;
2831 bm->unit = s->unit;
2832 bm->dma_cb = dma_cb;
2833 bm->cur_prd_last = 0;
2834 bm->cur_prd_addr = 0;
2835 bm->cur_prd_len = 0;
2836 bm->sector_num = ide_get_sector(s);
2837 bm->nsector = s->nsector;
2838 if (bm->status & BM_STATUS_DMAING) {
2839 bm->dma_cb(bm, 0);
2840 }
2841}
2842
2843static void ide_dma_restart(IDEState *s, int is_read)
2844{
2845 BMDMAState *bm = s->bus->bmdma;
2846 ide_set_sector(s, bm->sector_num);
2847 s->io_buffer_index = 0;
2848 s->io_buffer_size = 0;
2849 s->nsector = bm->nsector;
2850 bm->cur_addr = bm->addr;
2851
2852 if (is_read) {
2853 bm->dma_cb = ide_read_dma_cb;
2854 } else {
2855 bm->dma_cb = ide_write_dma_cb;
2856 }
2857
2858 ide_dma_start(s, bm->dma_cb);
2859}
2860
2861void ide_dma_cancel(BMDMAState *bm)
2862{
2863 if (bm->status & BM_STATUS_DMAING) {
2864 if (bm->aiocb) {
2865#ifdef DEBUG_AIO
2866 printf("aio_cancel\n");
2867#endif
2868 bdrv_aio_cancel(bm->aiocb);
2869 bm->aiocb = NULL;
2870 }
2871 bm->status &= ~BM_STATUS_DMAING;
2872 /* cancel DMA request */
2873 bm->unit = -1;
2874 bm->dma_cb = NULL;
2875 }
2876}
2877
2878void ide_dma_reset(BMDMAState *bm)
2879{
2880#ifdef DEBUG_IDE
2881 printf("ide: dma_reset\n");
2882#endif
2883 ide_dma_cancel(bm);
2884 bm->cmd = 0;
2885 bm->status = 0;
2886 bm->addr = 0;
2887 bm->cur_addr = 0;
2888 bm->cur_prd_last = 0;
2889 bm->cur_prd_addr = 0;
2890 bm->cur_prd_len = 0;
2891 bm->sector_num = 0;
2892 bm->nsector = 0;
2893}
Qemu copy for testing