]> git.proxmox.com Git - mirror_qemu.git/blame_incremental - hw/ide.c
projects / mirror_qemu.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
sd.c build fix.
[mirror_qemu.git] / hw / ide.c
... / ...
CommitLineData
1/*
2 * QEMU IDE disk and CD-ROM Emulator
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
25#include "vl.h"
26
27/* debug IDE devices */
28//#define DEBUG_IDE
29//#define DEBUG_IDE_ATAPI
30//#define DEBUG_AIO
31#define USE_DMA_CDROM
32
33/* Bits of HD_STATUS */
34#define ERR_STAT 0x01
35#define INDEX_STAT 0x02
36#define ECC_STAT 0x04 /* Corrected error */
37#define DRQ_STAT 0x08
38#define SEEK_STAT 0x10
39#define SRV_STAT 0x10
40#define WRERR_STAT 0x20
41#define READY_STAT 0x40
42#define BUSY_STAT 0x80
43
44/* Bits for HD_ERROR */
45#define MARK_ERR 0x01 /* Bad address mark */
46#define TRK0_ERR 0x02 /* couldn't find track 0 */
47#define ABRT_ERR 0x04 /* Command aborted */
48#define MCR_ERR 0x08 /* media change request */
49#define ID_ERR 0x10 /* ID field not found */
50#define MC_ERR 0x20 /* media changed */
51#define ECC_ERR 0x40 /* Uncorrectable ECC error */
52#define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
53#define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
54
55/* Bits of HD_NSECTOR */
56#define CD 0x01
57#define IO 0x02
58#define REL 0x04
59#define TAG_MASK 0xf8
60
61#define IDE_CMD_RESET 0x04
62#define IDE_CMD_DISABLE_IRQ 0x02
63
64/* ATA/ATAPI Commands pre T13 Spec */
65#define WIN_NOP 0x00
66/*
67 * 0x01->0x02 Reserved
68 */
69#define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
70/*
71 * 0x04->0x07 Reserved
72 */
73#define WIN_SRST 0x08 /* ATAPI soft reset command */
74#define WIN_DEVICE_RESET 0x08
75/*
76 * 0x09->0x0F Reserved
77 */
78#define WIN_RECAL 0x10
79#define WIN_RESTORE WIN_RECAL
80/*
81 * 0x10->0x1F Reserved
82 */
83#define WIN_READ 0x20 /* 28-Bit */
84#define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
85#define WIN_READ_LONG 0x22 /* 28-Bit */
86#define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
87#define WIN_READ_EXT 0x24 /* 48-Bit */
88#define WIN_READDMA_EXT 0x25 /* 48-Bit */
89#define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
90#define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
91/*
92 * 0x28
93 */
94#define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
95/*
96 * 0x2A->0x2F Reserved
97 */
98#define WIN_WRITE 0x30 /* 28-Bit */
99#define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
100#define WIN_WRITE_LONG 0x32 /* 28-Bit */
101#define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
102#define WIN_WRITE_EXT 0x34 /* 48-Bit */
103#define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
104#define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
105#define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
106#define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
107#define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
108/*
109 * 0x3A->0x3B Reserved
110 */
111#define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
112/*
113 * 0x3D->0x3F Reserved
114 */
115#define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
116#define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
117#define WIN_VERIFY_EXT 0x42 /* 48-Bit */
118/*
119 * 0x43->0x4F Reserved
120 */
121#define WIN_FORMAT 0x50
122/*
123 * 0x51->0x5F Reserved
124 */
125#define WIN_INIT 0x60
126/*
127 * 0x61->0x5F Reserved
128 */
129#define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
130#define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
131#define WIN_DIAGNOSE 0x90
132#define WIN_SPECIFY 0x91 /* set drive geometry translation */
133#define WIN_DOWNLOAD_MICROCODE 0x92
134#define WIN_STANDBYNOW2 0x94
135#define CFA_IDLEIMMEDIATE 0x95 /* force drive to become "ready" */
136#define WIN_STANDBY2 0x96
137#define WIN_SETIDLE2 0x97
138#define WIN_CHECKPOWERMODE2 0x98
139#define WIN_SLEEPNOW2 0x99
140/*
141 * 0x9A VENDOR
142 */
143#define WIN_PACKETCMD 0xA0 /* Send a packet command. */
144#define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
145#define WIN_QUEUED_SERVICE 0xA2
146#define WIN_SMART 0xB0 /* self-monitoring and reporting */
147#define CFA_ACCESS_METADATA_STORAGE 0xB8
148#define CFA_ERASE_SECTORS 0xC0 /* microdrives implement as NOP */
149#define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
150#define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
151#define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
152#define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
153#define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
154#define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
155#define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
156#define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
157#define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
158#define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
159#define WIN_GETMEDIASTATUS 0xDA
160#define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
161#define WIN_POSTBOOT 0xDC
162#define WIN_PREBOOT 0xDD
163#define WIN_DOORLOCK 0xDE /* lock door on removable drives */
164#define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
165#define WIN_STANDBYNOW1 0xE0
166#define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
167#define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
168#define WIN_SETIDLE1 0xE3
169#define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
170#define WIN_CHECKPOWERMODE1 0xE5
171#define WIN_SLEEPNOW1 0xE6
172#define WIN_FLUSH_CACHE 0xE7
173#define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
174#define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
175 /* SET_FEATURES 0x22 or 0xDD */
176#define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
177#define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
178#define WIN_MEDIAEJECT 0xED
179#define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
180#define WIN_SETFEATURES 0xEF /* set special drive features */
181#define EXABYTE_ENABLE_NEST 0xF0
182#define IBM_SENSE_CONDITION 0xF0 /* measure disk temperature */
183#define WIN_SECURITY_SET_PASS 0xF1
184#define WIN_SECURITY_UNLOCK 0xF2
185#define WIN_SECURITY_ERASE_PREPARE 0xF3
186#define WIN_SECURITY_ERASE_UNIT 0xF4
187#define WIN_SECURITY_FREEZE_LOCK 0xF5
188#define CFA_WEAR_LEVEL 0xF5 /* microdrives implement as NOP */
189#define WIN_SECURITY_DISABLE 0xF6
190#define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
191#define WIN_SET_MAX 0xF9
192#define DISABLE_SEAGATE 0xFB
193
194/* set to 1 set disable mult support */
195#define MAX_MULT_SECTORS 16
196
197/* ATAPI defines */
198
199#define ATAPI_PACKET_SIZE 12
200
201/* The generic packet command opcodes for CD/DVD Logical Units,
202 * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
203#define GPCMD_BLANK 0xa1
204#define GPCMD_CLOSE_TRACK 0x5b
205#define GPCMD_FLUSH_CACHE 0x35
206#define GPCMD_FORMAT_UNIT 0x04
207#define GPCMD_GET_CONFIGURATION 0x46
208#define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
209#define GPCMD_GET_PERFORMANCE 0xac
210#define GPCMD_INQUIRY 0x12
211#define GPCMD_LOAD_UNLOAD 0xa6
212#define GPCMD_MECHANISM_STATUS 0xbd
213#define GPCMD_MODE_SELECT_10 0x55
214#define GPCMD_MODE_SENSE_10 0x5a
215#define GPCMD_PAUSE_RESUME 0x4b
216#define GPCMD_PLAY_AUDIO_10 0x45
217#define GPCMD_PLAY_AUDIO_MSF 0x47
218#define GPCMD_PLAY_AUDIO_TI 0x48
219#define GPCMD_PLAY_CD 0xbc
220#define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
221#define GPCMD_READ_10 0x28
222#define GPCMD_READ_12 0xa8
223#define GPCMD_READ_CDVD_CAPACITY 0x25
224#define GPCMD_READ_CD 0xbe
225#define GPCMD_READ_CD_MSF 0xb9
226#define GPCMD_READ_DISC_INFO 0x51
227#define GPCMD_READ_DVD_STRUCTURE 0xad
228#define GPCMD_READ_FORMAT_CAPACITIES 0x23
229#define GPCMD_READ_HEADER 0x44
230#define GPCMD_READ_TRACK_RZONE_INFO 0x52
231#define GPCMD_READ_SUBCHANNEL 0x42
232#define GPCMD_READ_TOC_PMA_ATIP 0x43
233#define GPCMD_REPAIR_RZONE_TRACK 0x58
234#define GPCMD_REPORT_KEY 0xa4
235#define GPCMD_REQUEST_SENSE 0x03
236#define GPCMD_RESERVE_RZONE_TRACK 0x53
237#define GPCMD_SCAN 0xba
238#define GPCMD_SEEK 0x2b
239#define GPCMD_SEND_DVD_STRUCTURE 0xad
240#define GPCMD_SEND_EVENT 0xa2
241#define GPCMD_SEND_KEY 0xa3
242#define GPCMD_SEND_OPC 0x54
243#define GPCMD_SET_READ_AHEAD 0xa7
244#define GPCMD_SET_STREAMING 0xb6
245#define GPCMD_START_STOP_UNIT 0x1b
246#define GPCMD_STOP_PLAY_SCAN 0x4e
247#define GPCMD_TEST_UNIT_READY 0x00
248#define GPCMD_VERIFY_10 0x2f
249#define GPCMD_WRITE_10 0x2a
250#define GPCMD_WRITE_AND_VERIFY_10 0x2e
251/* This is listed as optional in ATAPI 2.6, but is (curiously)
252 * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
253 * Table 377 as an MMC command for SCSi devices though... Most ATAPI
254 * drives support it. */
255#define GPCMD_SET_SPEED 0xbb
256/* This seems to be a SCSI specific CD-ROM opcode
257 * to play data at track/index */
258#define GPCMD_PLAYAUDIO_TI 0x48
259/*
260 * From MS Media Status Notification Support Specification. For
261 * older drives only.
262 */
263#define GPCMD_GET_MEDIA_STATUS 0xda
264#define GPCMD_MODE_SENSE_6 0x1a
265
266/* Mode page codes for mode sense/set */
267#define GPMODE_R_W_ERROR_PAGE 0x01
268#define GPMODE_WRITE_PARMS_PAGE 0x05
269#define GPMODE_AUDIO_CTL_PAGE 0x0e
270#define GPMODE_POWER_PAGE 0x1a
271#define GPMODE_FAULT_FAIL_PAGE 0x1c
272#define GPMODE_TO_PROTECT_PAGE 0x1d
273#define GPMODE_CAPABILITIES_PAGE 0x2a
274#define GPMODE_ALL_PAGES 0x3f
275/* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
276 * of MODE_SENSE_POWER_PAGE */
277#define GPMODE_CDROM_PAGE 0x0d
278
279#define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
280#define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
281#define ATAPI_INT_REASON_REL 0x04
282#define ATAPI_INT_REASON_TAG 0xf8
283
284/* same constants as bochs */
285#define ASC_ILLEGAL_OPCODE 0x20
286#define ASC_LOGICAL_BLOCK_OOR 0x21
287#define ASC_INV_FIELD_IN_CMD_PACKET 0x24
288#define ASC_MEDIUM_NOT_PRESENT 0x3a
289#define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
290
291#define CFA_NO_ERROR 0x00
292#define CFA_MISC_ERROR 0x09
293#define CFA_INVALID_COMMAND 0x20
294#define CFA_INVALID_ADDRESS 0x21
295#define CFA_ADDRESS_OVERFLOW 0x2f
296
297#define SENSE_NONE 0
298#define SENSE_NOT_READY 2
299#define SENSE_ILLEGAL_REQUEST 5
300#define SENSE_UNIT_ATTENTION 6
301
302struct IDEState;
303
304typedef void EndTransferFunc(struct IDEState *);
305
306/* NOTE: IDEState represents in fact one drive */
307typedef struct IDEState {
308 /* ide config */
309 int is_cdrom;
310 int is_cf;
311 int cylinders, heads, sectors;
312 int64_t nb_sectors;
313 int mult_sectors;
314 int identify_set;
315 uint16_t identify_data[256];
316 qemu_irq irq;
317 PCIDevice *pci_dev;
318 struct BMDMAState *bmdma;
319 int drive_serial;
320 /* ide regs */
321 uint8_t feature;
322 uint8_t error;
323 uint32_t nsector;
324 uint8_t sector;
325 uint8_t lcyl;
326 uint8_t hcyl;
327 /* other part of tf for lba48 support */
328 uint8_t hob_feature;
329 uint8_t hob_nsector;
330 uint8_t hob_sector;
331 uint8_t hob_lcyl;
332 uint8_t hob_hcyl;
333
334 uint8_t select;
335 uint8_t status;
336
337 /* 0x3f6 command, only meaningful for drive 0 */
338 uint8_t cmd;
339 /* set for lba48 access */
340 uint8_t lba48;
341 /* depends on bit 4 in select, only meaningful for drive 0 */
342 struct IDEState *cur_drive;
343 BlockDriverState *bs;
344 /* ATAPI specific */
345 uint8_t sense_key;
346 uint8_t asc;
347 int packet_transfer_size;
348 int elementary_transfer_size;
349 int io_buffer_index;
350 int lba;
351 int cd_sector_size;
352 int atapi_dma; /* true if dma is requested for the packet cmd */
353 /* ATA DMA state */
354 int io_buffer_size;
355 /* PIO transfer handling */
356 int req_nb_sectors; /* number of sectors per interrupt */
357 EndTransferFunc *end_transfer_func;
358 uint8_t *data_ptr;
359 uint8_t *data_end;
360 uint8_t io_buffer[MAX_MULT_SECTORS*512 + 4];
361 QEMUTimer *sector_write_timer; /* only used for win2k install hack */
362 uint32_t irq_count; /* counts IRQs when using win2k install hack */
363 /* CF-ATA extended error */
364 uint8_t ext_error;
365 /* CF-ATA metadata storage */
366 uint32_t mdata_size;
367 uint8_t *mdata_storage;
368 int media_changed;
369} IDEState;
370
371#define BM_STATUS_DMAING 0x01
372#define BM_STATUS_ERROR 0x02
373#define BM_STATUS_INT 0x04
374
375#define BM_CMD_START 0x01
376#define BM_CMD_READ 0x08
377
378#define IDE_TYPE_PIIX3 0
379#define IDE_TYPE_CMD646 1
380#define IDE_TYPE_PIIX4 2
381
382/* CMD646 specific */
383#define MRDMODE 0x71
384#define MRDMODE_INTR_CH0 0x04
385#define MRDMODE_INTR_CH1 0x08
386#define MRDMODE_BLK_CH0 0x10
387#define MRDMODE_BLK_CH1 0x20
388#define UDIDETCR0 0x73
389#define UDIDETCR1 0x7B
390
391typedef struct BMDMAState {
392 uint8_t cmd;
393 uint8_t status;
394 uint32_t addr;
395
396 struct PCIIDEState *pci_dev;
397 /* current transfer state */
398 uint32_t cur_addr;
399 uint32_t cur_prd_last;
400 uint32_t cur_prd_addr;
401 uint32_t cur_prd_len;
402 IDEState *ide_if;
403 BlockDriverCompletionFunc *dma_cb;
404 BlockDriverAIOCB *aiocb;
405} BMDMAState;
406
407typedef struct PCIIDEState {
408 PCIDevice dev;
409 IDEState ide_if[4];
410 BMDMAState bmdma[2];
411 int type; /* see IDE_TYPE_xxx */
412} PCIIDEState;
413
414static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb);
415static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
416
417static void padstr(char *str, const char *src, int len)
418{
419 int i, v;
420 for(i = 0; i < len; i++) {
421 if (*src)
422 v = *src++;
423 else
424 v = ' ';
425 *(char *)((long)str ^ 1) = v;
426 str++;
427 }
428}
429
430static void padstr8(uint8_t *buf, int buf_size, const char *src)
431{
432 int i;
433 for(i = 0; i < buf_size; i++) {
434 if (*src)
435 buf[i] = *src++;
436 else
437 buf[i] = ' ';
438 }
439}
440
441static void put_le16(uint16_t *p, unsigned int v)
442{
443 *p = cpu_to_le16(v);
444}
445
446static void ide_identify(IDEState *s)
447{
448 uint16_t *p;
449 unsigned int oldsize;
450 char buf[20];
451
452 if (s->identify_set) {
453 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
454 return;
455 }
456
457 memset(s->io_buffer, 0, 512);
458 p = (uint16_t *)s->io_buffer;
459 put_le16(p + 0, 0x0040);
460 put_le16(p + 1, s->cylinders);
461 put_le16(p + 3, s->heads);
462 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
463 put_le16(p + 5, 512); /* XXX: retired, remove ? */
464 put_le16(p + 6, s->sectors);
465 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
466 padstr((uint8_t *)(p + 10), buf, 20); /* serial number */
467 put_le16(p + 20, 3); /* XXX: retired, remove ? */
468 put_le16(p + 21, 512); /* cache size in sectors */
469 put_le16(p + 22, 4); /* ecc bytes */
470 padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */
471 padstr((uint8_t *)(p + 27), "QEMU HARDDISK", 40); /* model */
472#if MAX_MULT_SECTORS > 1
473 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
474#endif
475 put_le16(p + 48, 1); /* dword I/O */
476 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
477 put_le16(p + 51, 0x200); /* PIO transfer cycle */
478 put_le16(p + 52, 0x200); /* DMA transfer cycle */
479 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
480 put_le16(p + 54, s->cylinders);
481 put_le16(p + 55, s->heads);
482 put_le16(p + 56, s->sectors);
483 oldsize = s->cylinders * s->heads * s->sectors;
484 put_le16(p + 57, oldsize);
485 put_le16(p + 58, oldsize >> 16);
486 if (s->mult_sectors)
487 put_le16(p + 59, 0x100 | s->mult_sectors);
488 put_le16(p + 60, s->nb_sectors);
489 put_le16(p + 61, s->nb_sectors >> 16);
490 put_le16(p + 63, 0x07); /* mdma0-2 supported */
491 put_le16(p + 65, 120);
492 put_le16(p + 66, 120);
493 put_le16(p + 67, 120);
494 put_le16(p + 68, 120);
495 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
496 put_le16(p + 81, 0x16); /* conforms to ata5 */
497 put_le16(p + 82, (1 << 14));
498 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
499 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
500 put_le16(p + 84, (1 << 14));
501 put_le16(p + 85, (1 << 14));
502 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
503 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
504 put_le16(p + 87, (1 << 14));
505 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
506 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
507 put_le16(p + 100, s->nb_sectors);
508 put_le16(p + 101, s->nb_sectors >> 16);
509 put_le16(p + 102, s->nb_sectors >> 32);
510 put_le16(p + 103, s->nb_sectors >> 48);
511
512 memcpy(s->identify_data, p, sizeof(s->identify_data));
513 s->identify_set = 1;
514}
515
516static void ide_atapi_identify(IDEState *s)
517{
518 uint16_t *p;
519 char buf[20];
520
521 if (s->identify_set) {
522 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
523 return;
524 }
525
526 memset(s->io_buffer, 0, 512);
527 p = (uint16_t *)s->io_buffer;
528 /* Removable CDROM, 50us response, 12 byte packets */
529 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
530 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
531 padstr((uint8_t *)(p + 10), buf, 20); /* serial number */
532 put_le16(p + 20, 3); /* buffer type */
533 put_le16(p + 21, 512); /* cache size in sectors */
534 put_le16(p + 22, 4); /* ecc bytes */
535 padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */
536 padstr((uint8_t *)(p + 27), "QEMU CD-ROM", 40); /* model */
537 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
538#ifdef USE_DMA_CDROM
539 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
540 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
541 put_le16(p + 63, 7); /* mdma0-2 supported */
542 put_le16(p + 64, 0x3f); /* PIO modes supported */
543#else
544 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
545 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
546 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
547 put_le16(p + 64, 1); /* PIO modes */
548#endif
549 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
550 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
551 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
552 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
553
554 put_le16(p + 71, 30); /* in ns */
555 put_le16(p + 72, 30); /* in ns */
556
557 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
558#ifdef USE_DMA_CDROM
559 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
560#endif
561 memcpy(s->identify_data, p, sizeof(s->identify_data));
562 s->identify_set = 1;
563}
564
565static void ide_cfata_identify(IDEState *s)
566{
567 uint16_t *p;
568 uint32_t cur_sec;
569 char buf[20];
570
571 p = (uint16_t *) s->identify_data;
572 if (s->identify_set)
573 goto fill_buffer;
574
575 memset(p, 0, sizeof(s->identify_data));
576
577 cur_sec = s->cylinders * s->heads * s->sectors;
578
579 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
580 put_le16(p + 1, s->cylinders); /* Default cylinders */
581 put_le16(p + 3, s->heads); /* Default heads */
582 put_le16(p + 6, s->sectors); /* Default sectors per track */
583 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
584 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
585 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
586 padstr((uint8_t *)(p + 10), buf, 20); /* Serial number in ASCII */
587 put_le16(p + 22, 0x0004); /* ECC bytes */
588 padstr((uint8_t *) (p + 23), QEMU_VERSION, 8); /* Firmware Revision */
589 padstr((uint8_t *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */
590#if MAX_MULT_SECTORS > 1
591 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
592#else
593 put_le16(p + 47, 0x0000);
594#endif
595 put_le16(p + 49, 0x0f00); /* Capabilities */
596 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
597 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
598 put_le16(p + 53, 0x0003); /* Translation params valid */
599 put_le16(p + 54, s->cylinders); /* Current cylinders */
600 put_le16(p + 55, s->heads); /* Current heads */
601 put_le16(p + 56, s->sectors); /* Current sectors */
602 put_le16(p + 57, cur_sec); /* Current capacity */
603 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
604 if (s->mult_sectors) /* Multiple sector setting */
605 put_le16(p + 59, 0x100 | s->mult_sectors);
606 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
607 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
608 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
609 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
610 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
611 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
612 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
613 put_le16(p + 82, 0x400c); /* Command Set supported */
614 put_le16(p + 83, 0x7068); /* Command Set supported */
615 put_le16(p + 84, 0x4000); /* Features supported */
616 put_le16(p + 85, 0x000c); /* Command Set enabled */
617 put_le16(p + 86, 0x7044); /* Command Set enabled */
618 put_le16(p + 87, 0x4000); /* Features enabled */
619 put_le16(p + 91, 0x4060); /* Current APM level */
620 put_le16(p + 129, 0x0002); /* Current features option */
621 put_le16(p + 130, 0x0005); /* Reassigned sectors */
622 put_le16(p + 131, 0x0001); /* Initial power mode */
623 put_le16(p + 132, 0x0000); /* User signature */
624 put_le16(p + 160, 0x8100); /* Power requirement */
625 put_le16(p + 161, 0x8001); /* CF command set */
626
627 s->identify_set = 1;
628
629fill_buffer:
630 memcpy(s->io_buffer, p, sizeof(s->identify_data));
631}
632
633static void ide_set_signature(IDEState *s)
634{
635 s->select &= 0xf0; /* clear head */
636 /* put signature */
637 s->nsector = 1;
638 s->sector = 1;
639 if (s->is_cdrom) {
640 s->lcyl = 0x14;
641 s->hcyl = 0xeb;
642 } else if (s->bs) {
643 s->lcyl = 0;
644 s->hcyl = 0;
645 } else {
646 s->lcyl = 0xff;
647 s->hcyl = 0xff;
648 }
649}
650
651static inline void ide_abort_command(IDEState *s)
652{
653 s->status = READY_STAT | ERR_STAT;
654 s->error = ABRT_ERR;
655}
656
657static inline void ide_set_irq(IDEState *s)
658{
659 BMDMAState *bm = s->bmdma;
660 if (!(s->cmd & IDE_CMD_DISABLE_IRQ)) {
661 if (bm) {
662 bm->status |= BM_STATUS_INT;
663 }
664 qemu_irq_raise(s->irq);
665 }
666}
667
668/* prepare data transfer and tell what to do after */
669static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
670 EndTransferFunc *end_transfer_func)
671{
672 s->end_transfer_func = end_transfer_func;
673 s->data_ptr = buf;
674 s->data_end = buf + size;
675 if (!(s->status & ERR_STAT))
676 s->status |= DRQ_STAT;
677}
678
679static void ide_transfer_stop(IDEState *s)
680{
681 s->end_transfer_func = ide_transfer_stop;
682 s->data_ptr = s->io_buffer;
683 s->data_end = s->io_buffer;
684 s->status &= ~DRQ_STAT;
685}
686
687static int64_t ide_get_sector(IDEState *s)
688{
689 int64_t sector_num;
690 if (s->select & 0x40) {
691 /* lba */
692 if (!s->lba48) {
693 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
694 (s->lcyl << 8) | s->sector;
695 } else {
696 sector_num = ((int64_t)s->hob_hcyl << 40) |
697 ((int64_t) s->hob_lcyl << 32) |
698 ((int64_t) s->hob_sector << 24) |
699 ((int64_t) s->hcyl << 16) |
700 ((int64_t) s->lcyl << 8) | s->sector;
701 }
702 } else {
703 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
704 (s->select & 0x0f) * s->sectors + (s->sector - 1);
705 }
706 return sector_num;
707}
708
709static void ide_set_sector(IDEState *s, int64_t sector_num)
710{
711 unsigned int cyl, r;
712 if (s->select & 0x40) {
713 if (!s->lba48) {
714 s->select = (s->select & 0xf0) | (sector_num >> 24);
715 s->hcyl = (sector_num >> 16);
716 s->lcyl = (sector_num >> 8);
717 s->sector = (sector_num);
718 } else {
719 s->sector = sector_num;
720 s->lcyl = sector_num >> 8;
721 s->hcyl = sector_num >> 16;
722 s->hob_sector = sector_num >> 24;
723 s->hob_lcyl = sector_num >> 32;
724 s->hob_hcyl = sector_num >> 40;
725 }
726 } else {
727 cyl = sector_num / (s->heads * s->sectors);
728 r = sector_num % (s->heads * s->sectors);
729 s->hcyl = cyl >> 8;
730 s->lcyl = cyl;
731 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
732 s->sector = (r % s->sectors) + 1;
733 }
734}
735
736static void ide_sector_read(IDEState *s)
737{
738 int64_t sector_num;
739 int ret, n;
740
741 s->status = READY_STAT | SEEK_STAT;
742 s->error = 0; /* not needed by IDE spec, but needed by Windows */
743 sector_num = ide_get_sector(s);
744 n = s->nsector;
745 if (n == 0) {
746 /* no more sector to read from disk */
747 ide_transfer_stop(s);
748 } else {
749#if defined(DEBUG_IDE)
750 printf("read sector=%Ld\n", sector_num);
751#endif
752 if (n > s->req_nb_sectors)
753 n = s->req_nb_sectors;
754 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
755 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
756 ide_set_irq(s);
757 ide_set_sector(s, sector_num + n);
758 s->nsector -= n;
759 }
760}
761
762/* return 0 if buffer completed */
763static int dma_buf_rw(BMDMAState *bm, int is_write)
764{
765 IDEState *s = bm->ide_if;
766 struct {
767 uint32_t addr;
768 uint32_t size;
769 } prd;
770 int l, len;
771
772 for(;;) {
773 l = s->io_buffer_size - s->io_buffer_index;
774 if (l <= 0)
775 break;
776 if (bm->cur_prd_len == 0) {
777 /* end of table (with a fail safe of one page) */
778 if (bm->cur_prd_last ||
779 (bm->cur_addr - bm->addr) >= 4096)
780 return 0;
781 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
782 bm->cur_addr += 8;
783 prd.addr = le32_to_cpu(prd.addr);
784 prd.size = le32_to_cpu(prd.size);
785 len = prd.size & 0xfffe;
786 if (len == 0)
787 len = 0x10000;
788 bm->cur_prd_len = len;
789 bm->cur_prd_addr = prd.addr;
790 bm->cur_prd_last = (prd.size & 0x80000000);
791 }
792 if (l > bm->cur_prd_len)
793 l = bm->cur_prd_len;
794 if (l > 0) {
795 if (is_write) {
796 cpu_physical_memory_write(bm->cur_prd_addr,
797 s->io_buffer + s->io_buffer_index, l);
798 } else {
799 cpu_physical_memory_read(bm->cur_prd_addr,
800 s->io_buffer + s->io_buffer_index, l);
801 }
802 bm->cur_prd_addr += l;
803 bm->cur_prd_len -= l;
804 s->io_buffer_index += l;
805 }
806 }
807 return 1;
808}
809
810/* XXX: handle errors */
811static void ide_read_dma_cb(void *opaque, int ret)
812{
813 BMDMAState *bm = opaque;
814 IDEState *s = bm->ide_if;
815 int n;
816 int64_t sector_num;
817
818 n = s->io_buffer_size >> 9;
819 sector_num = ide_get_sector(s);
820 if (n > 0) {
821 sector_num += n;
822 ide_set_sector(s, sector_num);
823 s->nsector -= n;
824 if (dma_buf_rw(bm, 1) == 0)
825 goto eot;
826 }
827
828 /* end of transfer ? */
829 if (s->nsector == 0) {
830 s->status = READY_STAT | SEEK_STAT;
831 ide_set_irq(s);
832 eot:
833 bm->status &= ~BM_STATUS_DMAING;
834 bm->status |= BM_STATUS_INT;
835 bm->dma_cb = NULL;
836 bm->ide_if = NULL;
837 bm->aiocb = NULL;
838 return;
839 }
840
841 /* launch next transfer */
842 n = s->nsector;
843 if (n > MAX_MULT_SECTORS)
844 n = MAX_MULT_SECTORS;
845 s->io_buffer_index = 0;
846 s->io_buffer_size = n * 512;
847#ifdef DEBUG_AIO
848 printf("aio_read: sector_num=%lld n=%d\n", sector_num, n);
849#endif
850 bm->aiocb = bdrv_aio_read(s->bs, sector_num, s->io_buffer, n,
851 ide_read_dma_cb, bm);
852}
853
854static void ide_sector_read_dma(IDEState *s)
855{
856 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
857 s->io_buffer_index = 0;
858 s->io_buffer_size = 0;
859 ide_dma_start(s, ide_read_dma_cb);
860}
861
862static void ide_sector_write_timer_cb(void *opaque)
863{
864 IDEState *s = opaque;
865 ide_set_irq(s);
866}
867
868static void ide_sector_write(IDEState *s)
869{
870 int64_t sector_num;
871 int ret, n, n1;
872
873 s->status = READY_STAT | SEEK_STAT;
874 sector_num = ide_get_sector(s);
875#if defined(DEBUG_IDE)
876 printf("write sector=%Ld\n", sector_num);
877#endif
878 n = s->nsector;
879 if (n > s->req_nb_sectors)
880 n = s->req_nb_sectors;
881 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
882 s->nsector -= n;
883 if (s->nsector == 0) {
884 /* no more sectors to write */
885 ide_transfer_stop(s);
886 } else {
887 n1 = s->nsector;
888 if (n1 > s->req_nb_sectors)
889 n1 = s->req_nb_sectors;
890 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
891 }
892 ide_set_sector(s, sector_num + n);
893
894#ifdef TARGET_I386
895 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
896 /* It seems there is a bug in the Windows 2000 installer HDD
897 IDE driver which fills the disk with empty logs when the
898 IDE write IRQ comes too early. This hack tries to correct
899 that at the expense of slower write performances. Use this
900 option _only_ to install Windows 2000. You must disable it
901 for normal use. */
902 qemu_mod_timer(s->sector_write_timer,
903 qemu_get_clock(vm_clock) + (ticks_per_sec / 1000));
904 } else
905#endif
906 {
907 ide_set_irq(s);
908 }
909}
910
911/* XXX: handle errors */
912static void ide_write_dma_cb(void *opaque, int ret)
913{
914 BMDMAState *bm = opaque;
915 IDEState *s = bm->ide_if;
916 int n;
917 int64_t sector_num;
918
919 n = s->io_buffer_size >> 9;
920 sector_num = ide_get_sector(s);
921 if (n > 0) {
922 sector_num += n;
923 ide_set_sector(s, sector_num);
924 s->nsector -= n;
925 }
926
927 /* end of transfer ? */
928 if (s->nsector == 0) {
929 s->status = READY_STAT | SEEK_STAT;
930 ide_set_irq(s);
931 eot:
932 bm->status &= ~BM_STATUS_DMAING;
933 bm->status |= BM_STATUS_INT;
934 bm->dma_cb = NULL;
935 bm->ide_if = NULL;
936 bm->aiocb = NULL;
937 return;
938 }
939
940 /* launch next transfer */
941 n = s->nsector;
942 if (n > MAX_MULT_SECTORS)
943 n = MAX_MULT_SECTORS;
944 s->io_buffer_index = 0;
945 s->io_buffer_size = n * 512;
946
947 if (dma_buf_rw(bm, 0) == 0)
948 goto eot;
949#ifdef DEBUG_AIO
950 printf("aio_write: sector_num=%lld n=%d\n", sector_num, n);
951#endif
952 bm->aiocb = bdrv_aio_write(s->bs, sector_num, s->io_buffer, n,
953 ide_write_dma_cb, bm);
954}
955
956static void ide_sector_write_dma(IDEState *s)
957{
958 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
959 s->io_buffer_index = 0;
960 s->io_buffer_size = 0;
961 ide_dma_start(s, ide_write_dma_cb);
962}
963
964static void ide_atapi_cmd_ok(IDEState *s)
965{
966 s->error = 0;
967 s->status = READY_STAT;
968 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
969 ide_set_irq(s);
970}
971
972static void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
973{
974#ifdef DEBUG_IDE_ATAPI
975 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
976#endif
977 s->error = sense_key << 4;
978 s->status = READY_STAT | ERR_STAT;
979 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
980 s->sense_key = sense_key;
981 s->asc = asc;
982 ide_set_irq(s);
983}
984
985static inline void cpu_to_ube16(uint8_t *buf, int val)
986{
987 buf[0] = val >> 8;
988 buf[1] = val;
989}
990
991static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
992{
993 buf[0] = val >> 24;
994 buf[1] = val >> 16;
995 buf[2] = val >> 8;
996 buf[3] = val;
997}
998
999static inline int ube16_to_cpu(const uint8_t *buf)
1000{
1001 return (buf[0] << 8) | buf[1];
1002}
1003
1004static inline int ube32_to_cpu(const uint8_t *buf)
1005{
1006 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
1007}
1008
1009static void lba_to_msf(uint8_t *buf, int lba)
1010{
1011 lba += 150;
1012 buf[0] = (lba / 75) / 60;
1013 buf[1] = (lba / 75) % 60;
1014 buf[2] = lba % 75;
1015}
1016
1017static void cd_data_to_raw(uint8_t *buf, int lba)
1018{
1019 /* sync bytes */
1020 buf[0] = 0x00;
1021 memset(buf + 1, 0xff, 10);
1022 buf[11] = 0x00;
1023 buf += 12;
1024 /* MSF */
1025 lba_to_msf(buf, lba);
1026 buf[3] = 0x01; /* mode 1 data */
1027 buf += 4;
1028 /* data */
1029 buf += 2048;
1030 /* XXX: ECC not computed */
1031 memset(buf, 0, 288);
1032}
1033
1034static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
1035 int sector_size)
1036{
1037 int ret;
1038
1039 switch(sector_size) {
1040 case 2048:
1041 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
1042 break;
1043 case 2352:
1044 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
1045 if (ret < 0)
1046 return ret;
1047 cd_data_to_raw(buf, lba);
1048 break;
1049 default:
1050 ret = -EIO;
1051 break;
1052 }
1053 return ret;
1054}
1055
1056static void ide_atapi_io_error(IDEState *s, int ret)
1057{
1058 /* XXX: handle more errors */
1059 if (ret == -ENOMEDIUM) {
1060 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1061 ASC_MEDIUM_NOT_PRESENT);
1062 } else {
1063 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1064 ASC_LOGICAL_BLOCK_OOR);
1065 }
1066}
1067
1068/* The whole ATAPI transfer logic is handled in this function */
1069static void ide_atapi_cmd_reply_end(IDEState *s)
1070{
1071 int byte_count_limit, size, ret;
1072#ifdef DEBUG_IDE_ATAPI
1073 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
1074 s->packet_transfer_size,
1075 s->elementary_transfer_size,
1076 s->io_buffer_index);
1077#endif
1078 if (s->packet_transfer_size <= 0) {
1079 /* end of transfer */
1080 ide_transfer_stop(s);
1081 s->status = READY_STAT;
1082 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1083 ide_set_irq(s);
1084#ifdef DEBUG_IDE_ATAPI
1085 printf("status=0x%x\n", s->status);
1086#endif
1087 } else {
1088 /* see if a new sector must be read */
1089 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
1090 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
1091 if (ret < 0) {
1092 ide_transfer_stop(s);
1093 ide_atapi_io_error(s, ret);
1094 return;
1095 }
1096 s->lba++;
1097 s->io_buffer_index = 0;
1098 }
1099 if (s->elementary_transfer_size > 0) {
1100 /* there are some data left to transmit in this elementary
1101 transfer */
1102 size = s->cd_sector_size - s->io_buffer_index;
1103 if (size > s->elementary_transfer_size)
1104 size = s->elementary_transfer_size;
1105 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1106 size, ide_atapi_cmd_reply_end);
1107 s->packet_transfer_size -= size;
1108 s->elementary_transfer_size -= size;
1109 s->io_buffer_index += size;
1110 } else {
1111 /* a new transfer is needed */
1112 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
1113 byte_count_limit = s->lcyl | (s->hcyl << 8);
1114#ifdef DEBUG_IDE_ATAPI
1115 printf("byte_count_limit=%d\n", byte_count_limit);
1116#endif
1117 if (byte_count_limit == 0xffff)
1118 byte_count_limit--;
1119 size = s->packet_transfer_size;
1120 if (size > byte_count_limit) {
1121 /* byte count limit must be even if this case */
1122 if (byte_count_limit & 1)
1123 byte_count_limit--;
1124 size = byte_count_limit;
1125 }
1126 s->lcyl = size;
1127 s->hcyl = size >> 8;
1128 s->elementary_transfer_size = size;
1129 /* we cannot transmit more than one sector at a time */
1130 if (s->lba != -1) {
1131 if (size > (s->cd_sector_size - s->io_buffer_index))
1132 size = (s->cd_sector_size - s->io_buffer_index);
1133 }
1134 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1135 size, ide_atapi_cmd_reply_end);
1136 s->packet_transfer_size -= size;
1137 s->elementary_transfer_size -= size;
1138 s->io_buffer_index += size;
1139 ide_set_irq(s);
1140#ifdef DEBUG_IDE_ATAPI
1141 printf("status=0x%x\n", s->status);
1142#endif
1143 }
1144 }
1145}
1146
1147/* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
1148static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
1149{
1150 if (size > max_size)
1151 size = max_size;
1152 s->lba = -1; /* no sector read */
1153 s->packet_transfer_size = size;
1154 s->io_buffer_size = size; /* dma: send the reply data as one chunk */
1155 s->elementary_transfer_size = 0;
1156 s->io_buffer_index = 0;
1157
1158 if (s->atapi_dma) {
1159 s->status = READY_STAT | DRQ_STAT;
1160 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1161 } else {
1162 s->status = READY_STAT;
1163 ide_atapi_cmd_reply_end(s);
1164 }
1165}
1166
1167/* start a CD-CDROM read command */
1168static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
1169 int sector_size)
1170{
1171 s->lba = lba;
1172 s->packet_transfer_size = nb_sectors * sector_size;
1173 s->elementary_transfer_size = 0;
1174 s->io_buffer_index = sector_size;
1175 s->cd_sector_size = sector_size;
1176
1177 s->status = READY_STAT;
1178 ide_atapi_cmd_reply_end(s);
1179}
1180
1181/* ATAPI DMA support */
1182
1183/* XXX: handle read errors */
1184static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
1185{
1186 BMDMAState *bm = opaque;
1187 IDEState *s = bm->ide_if;
1188 int data_offset, n;
1189
1190 if (ret < 0) {
1191 ide_atapi_io_error(s, ret);
1192 goto eot;
1193 }
1194
1195 if (s->io_buffer_size > 0) {
1196 /*
1197 * For a cdrom read sector command (s->lba != -1),
1198 * adjust the lba for the next s->io_buffer_size chunk
1199 * and dma the current chunk.
1200 * For a command != read (s->lba == -1), just transfer
1201 * the reply data.
1202 */
1203 if (s->lba != -1) {
1204 if (s->cd_sector_size == 2352) {
1205 n = 1;
1206 cd_data_to_raw(s->io_buffer, s->lba);
1207 } else {
1208 n = s->io_buffer_size >> 11;
1209 }
1210 s->lba += n;
1211 }
1212 s->packet_transfer_size -= s->io_buffer_size;
1213 if (dma_buf_rw(bm, 1) == 0)
1214 goto eot;
1215 }
1216
1217 if (s->packet_transfer_size <= 0) {
1218 s->status = READY_STAT;
1219 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1220 ide_set_irq(s);
1221 eot:
1222 bm->status &= ~BM_STATUS_DMAING;
1223 bm->status |= BM_STATUS_INT;
1224 bm->dma_cb = NULL;
1225 bm->ide_if = NULL;
1226 bm->aiocb = NULL;
1227 return;
1228 }
1229
1230 s->io_buffer_index = 0;
1231 if (s->cd_sector_size == 2352) {
1232 n = 1;
1233 s->io_buffer_size = s->cd_sector_size;
1234 data_offset = 16;
1235 } else {
1236 n = s->packet_transfer_size >> 11;
1237 if (n > (MAX_MULT_SECTORS / 4))
1238 n = (MAX_MULT_SECTORS / 4);
1239 s->io_buffer_size = n * 2048;
1240 data_offset = 0;
1241 }
1242#ifdef DEBUG_AIO
1243 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
1244#endif
1245 bm->aiocb = bdrv_aio_read(s->bs, (int64_t)s->lba << 2,
1246 s->io_buffer + data_offset, n * 4,
1247 ide_atapi_cmd_read_dma_cb, bm);
1248 if (!bm->aiocb) {
1249 /* Note: media not present is the most likely case */
1250 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1251 ASC_MEDIUM_NOT_PRESENT);
1252 goto eot;
1253 }
1254}
1255
1256/* start a CD-CDROM read command with DMA */
1257/* XXX: test if DMA is available */
1258static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1259 int sector_size)
1260{
1261 s->lba = lba;
1262 s->packet_transfer_size = nb_sectors * sector_size;
1263 s->io_buffer_index = 0;
1264 s->io_buffer_size = 0;
1265 s->cd_sector_size = sector_size;
1266
1267 /* XXX: check if BUSY_STAT should be set */
1268 s->status = READY_STAT | DRQ_STAT | BUSY_STAT;
1269 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1270}
1271
1272static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
1273 int sector_size)
1274{
1275#ifdef DEBUG_IDE_ATAPI
1276 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
1277 lba, nb_sectors);
1278#endif
1279 if (s->atapi_dma) {
1280 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1281 } else {
1282 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1283 }
1284}
1285
1286static void ide_atapi_cmd(IDEState *s)
1287{
1288 const uint8_t *packet;
1289 uint8_t *buf;
1290 int max_len;
1291
1292 packet = s->io_buffer;
1293 buf = s->io_buffer;
1294#ifdef DEBUG_IDE_ATAPI
1295 {
1296 int i;
1297 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1298 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1299 printf(" %02x", packet[i]);
1300 }
1301 printf("\n");
1302 }
1303#endif
1304 switch(s->io_buffer[0]) {
1305 case GPCMD_TEST_UNIT_READY:
1306 if (bdrv_is_inserted(s->bs)) {
1307 ide_atapi_cmd_ok(s);
1308 } else {
1309 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1310 ASC_MEDIUM_NOT_PRESENT);
1311 }
1312 break;
1313 case GPCMD_MODE_SENSE_6:
1314 case GPCMD_MODE_SENSE_10:
1315 {
1316 int action, code;
1317 if (packet[0] == GPCMD_MODE_SENSE_10)
1318 max_len = ube16_to_cpu(packet + 7);
1319 else
1320 max_len = packet[4];
1321 action = packet[2] >> 6;
1322 code = packet[2] & 0x3f;
1323 switch(action) {
1324 case 0: /* current values */
1325 switch(code) {
1326 case 0x01: /* error recovery */
1327 cpu_to_ube16(&buf[0], 16 + 6);
1328 buf[2] = 0x70;
1329 buf[3] = 0;
1330 buf[4] = 0;
1331 buf[5] = 0;
1332 buf[6] = 0;
1333 buf[7] = 0;
1334
1335 buf[8] = 0x01;
1336 buf[9] = 0x06;
1337 buf[10] = 0x00;
1338 buf[11] = 0x05;
1339 buf[12] = 0x00;
1340 buf[13] = 0x00;
1341 buf[14] = 0x00;
1342 buf[15] = 0x00;
1343 ide_atapi_cmd_reply(s, 16, max_len);
1344 break;
1345 case 0x2a:
1346 cpu_to_ube16(&buf[0], 28 + 6);
1347 buf[2] = 0x70;
1348 buf[3] = 0;
1349 buf[4] = 0;
1350 buf[5] = 0;
1351 buf[6] = 0;
1352 buf[7] = 0;
1353
1354 buf[8] = 0x2a;
1355 buf[9] = 0x12;
1356 buf[10] = 0x08;
1357 buf[11] = 0x00;
1358
1359 buf[12] = 0x70;
1360 buf[13] = 3 << 5;
1361 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
1362 if (bdrv_is_locked(s->bs))
1363 buf[6] |= 1 << 1;
1364 buf[15] = 0x00;
1365 cpu_to_ube16(&buf[16], 706);
1366 buf[18] = 0;
1367 buf[19] = 2;
1368 cpu_to_ube16(&buf[20], 512);
1369 cpu_to_ube16(&buf[22], 706);
1370 buf[24] = 0;
1371 buf[25] = 0;
1372 buf[26] = 0;
1373 buf[27] = 0;
1374 ide_atapi_cmd_reply(s, 28, max_len);
1375 break;
1376 default:
1377 goto error_cmd;
1378 }
1379 break;
1380 case 1: /* changeable values */
1381 goto error_cmd;
1382 case 2: /* default values */
1383 goto error_cmd;
1384 default:
1385 case 3: /* saved values */
1386 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1387 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1388 break;
1389 }
1390 }
1391 break;
1392 case GPCMD_REQUEST_SENSE:
1393 max_len = packet[4];
1394 memset(buf, 0, 18);
1395 buf[0] = 0x70 | (1 << 7);
1396 buf[2] = s->sense_key;
1397 buf[7] = 10;
1398 buf[12] = s->asc;
1399 ide_atapi_cmd_reply(s, 18, max_len);
1400 break;
1401 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
1402 if (bdrv_is_inserted(s->bs)) {
1403 bdrv_set_locked(s->bs, packet[4] & 1);
1404 ide_atapi_cmd_ok(s);
1405 } else {
1406 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1407 ASC_MEDIUM_NOT_PRESENT);
1408 }
1409 break;
1410 case GPCMD_READ_10:
1411 case GPCMD_READ_12:
1412 {
1413 int nb_sectors, lba;
1414
1415 if (packet[0] == GPCMD_READ_10)
1416 nb_sectors = ube16_to_cpu(packet + 7);
1417 else
1418 nb_sectors = ube32_to_cpu(packet + 6);
1419 lba = ube32_to_cpu(packet + 2);
1420 if (nb_sectors == 0) {
1421 ide_atapi_cmd_ok(s);
1422 break;
1423 }
1424 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1425 }
1426 break;
1427 case GPCMD_READ_CD:
1428 {
1429 int nb_sectors, lba, transfer_request;
1430
1431 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1432 lba = ube32_to_cpu(packet + 2);
1433 if (nb_sectors == 0) {
1434 ide_atapi_cmd_ok(s);
1435 break;
1436 }
1437 transfer_request = packet[9];
1438 switch(transfer_request & 0xf8) {
1439 case 0x00:
1440 /* nothing */
1441 ide_atapi_cmd_ok(s);
1442 break;
1443 case 0x10:
1444 /* normal read */
1445 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1446 break;
1447 case 0xf8:
1448 /* read all data */
1449 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1450 break;
1451 default:
1452 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1453 ASC_INV_FIELD_IN_CMD_PACKET);
1454 break;
1455 }
1456 }
1457 break;
1458 case GPCMD_SEEK:
1459 {
1460 int lba;
1461 int64_t total_sectors;
1462
1463 bdrv_get_geometry(s->bs, &total_sectors);
1464 total_sectors >>= 2;
1465 if (total_sectors <= 0) {
1466 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1467 ASC_MEDIUM_NOT_PRESENT);
1468 break;
1469 }
1470 lba = ube32_to_cpu(packet + 2);
1471 if (lba >= total_sectors) {
1472 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1473 ASC_LOGICAL_BLOCK_OOR);
1474 break;
1475 }
1476 ide_atapi_cmd_ok(s);
1477 }
1478 break;
1479 case GPCMD_START_STOP_UNIT:
1480 {
1481 int start, eject;
1482 start = packet[4] & 1;
1483 eject = (packet[4] >> 1) & 1;
1484
1485 if (eject && !start) {
1486 /* eject the disk */
1487 bdrv_eject(s->bs, 1);
1488 } else if (eject && start) {
1489 /* close the tray */
1490 bdrv_eject(s->bs, 0);
1491 }
1492 ide_atapi_cmd_ok(s);
1493 }
1494 break;
1495 case GPCMD_MECHANISM_STATUS:
1496 {
1497 max_len = ube16_to_cpu(packet + 8);
1498 cpu_to_ube16(buf, 0);
1499 /* no current LBA */
1500 buf[2] = 0;
1501 buf[3] = 0;
1502 buf[4] = 0;
1503 buf[5] = 1;
1504 cpu_to_ube16(buf + 6, 0);
1505 ide_atapi_cmd_reply(s, 8, max_len);
1506 }
1507 break;
1508 case GPCMD_READ_TOC_PMA_ATIP:
1509 {
1510 int format, msf, start_track, len;
1511 int64_t total_sectors;
1512
1513 bdrv_get_geometry(s->bs, &total_sectors);
1514 total_sectors >>= 2;
1515 if (total_sectors <= 0) {
1516 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1517 ASC_MEDIUM_NOT_PRESENT);
1518 break;
1519 }
1520 max_len = ube16_to_cpu(packet + 7);
1521 format = packet[9] >> 6;
1522 msf = (packet[1] >> 1) & 1;
1523 start_track = packet[6];
1524 switch(format) {
1525 case 0:
1526 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
1527 if (len < 0)
1528 goto error_cmd;
1529 ide_atapi_cmd_reply(s, len, max_len);
1530 break;
1531 case 1:
1532 /* multi session : only a single session defined */
1533 memset(buf, 0, 12);
1534 buf[1] = 0x0a;
1535 buf[2] = 0x01;
1536 buf[3] = 0x01;
1537 ide_atapi_cmd_reply(s, 12, max_len);
1538 break;
1539 case 2:
1540 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
1541 if (len < 0)
1542 goto error_cmd;
1543 ide_atapi_cmd_reply(s, len, max_len);
1544 break;
1545 default:
1546 error_cmd:
1547 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1548 ASC_INV_FIELD_IN_CMD_PACKET);
1549 break;
1550 }
1551 }
1552 break;
1553 case GPCMD_READ_CDVD_CAPACITY:
1554 {
1555 int64_t total_sectors;
1556
1557 bdrv_get_geometry(s->bs, &total_sectors);
1558 total_sectors >>= 2;
1559 if (total_sectors <= 0) {
1560 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1561 ASC_MEDIUM_NOT_PRESENT);
1562 break;
1563 }
1564 /* NOTE: it is really the number of sectors minus 1 */
1565 cpu_to_ube32(buf, total_sectors - 1);
1566 cpu_to_ube32(buf + 4, 2048);
1567 ide_atapi_cmd_reply(s, 8, 8);
1568 }
1569 break;
1570 case GPCMD_READ_DVD_STRUCTURE:
1571 {
1572 int media = packet[1];
1573 int layer = packet[6];
1574 int format = packet[2];
1575 int64_t total_sectors;
1576
1577 if (media != 0 || layer != 0)
1578 {
1579 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1580 ASC_INV_FIELD_IN_CMD_PACKET);
1581 }
1582
1583 switch (format) {
1584 case 0:
1585 bdrv_get_geometry(s->bs, &total_sectors);
1586 total_sectors >>= 2;
1587
1588 memset(buf, 0, 2052);
1589
1590 buf[4] = 1; // DVD-ROM, part version 1
1591 buf[5] = 0xf; // 120mm disc, maximum rate unspecified
1592 buf[6] = 0; // one layer, embossed data
1593 buf[7] = 0;
1594
1595 cpu_to_ube32(buf + 8, 0);
1596 cpu_to_ube32(buf + 12, total_sectors - 1);
1597 cpu_to_ube32(buf + 16, total_sectors - 1);
1598
1599 cpu_to_be16wu((uint16_t *)buf, 2048 + 4);
1600
1601 ide_atapi_cmd_reply(s, 2048 + 3, 2048 + 4);
1602 break;
1603
1604 default:
1605 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1606 ASC_INV_FIELD_IN_CMD_PACKET);
1607 break;
1608 }
1609 }
1610 break;
1611 case GPCMD_SET_SPEED:
1612 ide_atapi_cmd_ok(s);
1613 break;
1614 case GPCMD_INQUIRY:
1615 max_len = packet[4];
1616 buf[0] = 0x05; /* CD-ROM */
1617 buf[1] = 0x80; /* removable */
1618 buf[2] = 0x00; /* ISO */
1619 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1620 buf[4] = 31; /* additional length */
1621 buf[5] = 0; /* reserved */
1622 buf[6] = 0; /* reserved */
1623 buf[7] = 0; /* reserved */
1624 padstr8(buf + 8, 8, "QEMU");
1625 padstr8(buf + 16, 16, "QEMU CD-ROM");
1626 padstr8(buf + 32, 4, QEMU_VERSION);
1627 ide_atapi_cmd_reply(s, 36, max_len);
1628 break;
1629 case GPCMD_GET_CONFIGURATION:
1630 {
1631 int64_t total_sectors;
1632
1633 /* only feature 0 is supported */
1634 if (packet[2] != 0 || packet[3] != 0) {
1635 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1636 ASC_INV_FIELD_IN_CMD_PACKET);
1637 break;
1638 }
1639 memset(buf, 0, 32);
1640 bdrv_get_geometry(s->bs, &total_sectors);
1641 buf[3] = 16;
1642 buf[7] = total_sectors <= 1433600 ? 0x08 : 0x10; /* current profile */
1643 buf[10] = 0x10 | 0x1;
1644 buf[11] = 0x08; /* size of profile list */
1645 buf[13] = 0x10; /* DVD-ROM profile */
1646 buf[14] = buf[7] == 0x10; /* (in)active */
1647 buf[17] = 0x08; /* CD-ROM profile */
1648 buf[18] = buf[7] == 0x08; /* (in)active */
1649 ide_atapi_cmd_reply(s, 32, 32);
1650 break;
1651 }
1652 default:
1653 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1654 ASC_ILLEGAL_OPCODE);
1655 break;
1656 }
1657}
1658
1659static void ide_cfata_metadata_inquiry(IDEState *s)
1660{
1661 uint16_t *p;
1662 uint32_t spd;
1663
1664 p = (uint16_t *) s->io_buffer;
1665 memset(p, 0, 0x200);
1666 spd = ((s->mdata_size - 1) >> 9) + 1;
1667
1668 put_le16(p + 0, 0x0001); /* Data format revision */
1669 put_le16(p + 1, 0x0000); /* Media property: silicon */
1670 put_le16(p + 2, s->media_changed); /* Media status */
1671 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
1672 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
1673 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
1674 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
1675}
1676
1677static void ide_cfata_metadata_read(IDEState *s)
1678{
1679 uint16_t *p;
1680
1681 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1682 s->status = ERR_STAT;
1683 s->error = ABRT_ERR;
1684 return;
1685 }
1686
1687 p = (uint16_t *) s->io_buffer;
1688 memset(p, 0, 0x200);
1689
1690 put_le16(p + 0, s->media_changed); /* Media status */
1691 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1692 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1693 s->nsector << 9), 0x200 - 2));
1694}
1695
1696static void ide_cfata_metadata_write(IDEState *s)
1697{
1698 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1699 s->status = ERR_STAT;
1700 s->error = ABRT_ERR;
1701 return;
1702 }
1703
1704 s->media_changed = 0;
1705
1706 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1707 s->io_buffer + 2,
1708 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1709 s->nsector << 9), 0x200 - 2));
1710}
1711
1712/* called when the inserted state of the media has changed */
1713static void cdrom_change_cb(void *opaque)
1714{
1715 IDEState *s = opaque;
1716 int64_t nb_sectors;
1717
1718 /* XXX: send interrupt too */
1719 bdrv_get_geometry(s->bs, &nb_sectors);
1720 s->nb_sectors = nb_sectors;
1721}
1722
1723static void ide_cmd_lba48_transform(IDEState *s, int lba48)
1724{
1725 s->lba48 = lba48;
1726
1727 /* handle the 'magic' 0 nsector count conversion here. to avoid
1728 * fiddling with the rest of the read logic, we just store the
1729 * full sector count in ->nsector and ignore ->hob_nsector from now
1730 */
1731 if (!s->lba48) {
1732 if (!s->nsector)
1733 s->nsector = 256;
1734 } else {
1735 if (!s->nsector && !s->hob_nsector)
1736 s->nsector = 65536;
1737 else {
1738 int lo = s->nsector;
1739 int hi = s->hob_nsector;
1740
1741 s->nsector = (hi << 8) | lo;
1742 }
1743 }
1744}
1745
1746static void ide_clear_hob(IDEState *ide_if)
1747{
1748 /* any write clears HOB high bit of device control register */
1749 ide_if[0].select &= ~(1 << 7);
1750 ide_if[1].select &= ~(1 << 7);
1751}
1752
1753static void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
1754{
1755 IDEState *ide_if = opaque;
1756 IDEState *s;
1757 int unit, n;
1758 int lba48 = 0;
1759
1760#ifdef DEBUG_IDE
1761 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1762#endif
1763
1764 addr &= 7;
1765 switch(addr) {
1766 case 0:
1767 break;
1768 case 1:
1769 ide_clear_hob(ide_if);
1770 /* NOTE: data is written to the two drives */
1771 ide_if[0].hob_feature = ide_if[0].feature;
1772 ide_if[1].hob_feature = ide_if[1].feature;
1773 ide_if[0].feature = val;
1774 ide_if[1].feature = val;
1775 break;
1776 case 2:
1777 ide_clear_hob(ide_if);
1778 ide_if[0].hob_nsector = ide_if[0].nsector;
1779 ide_if[1].hob_nsector = ide_if[1].nsector;
1780 ide_if[0].nsector = val;
1781 ide_if[1].nsector = val;
1782 break;
1783 case 3:
1784 ide_clear_hob(ide_if);
1785 ide_if[0].hob_sector = ide_if[0].sector;
1786 ide_if[1].hob_sector = ide_if[1].sector;
1787 ide_if[0].sector = val;
1788 ide_if[1].sector = val;
1789 break;
1790 case 4:
1791 ide_clear_hob(ide_if);
1792 ide_if[0].hob_lcyl = ide_if[0].lcyl;
1793 ide_if[1].hob_lcyl = ide_if[1].lcyl;
1794 ide_if[0].lcyl = val;
1795 ide_if[1].lcyl = val;
1796 break;
1797 case 5:
1798 ide_clear_hob(ide_if);
1799 ide_if[0].hob_hcyl = ide_if[0].hcyl;
1800 ide_if[1].hob_hcyl = ide_if[1].hcyl;
1801 ide_if[0].hcyl = val;
1802 ide_if[1].hcyl = val;
1803 break;
1804 case 6:
1805 /* FIXME: HOB readback uses bit 7 */
1806 ide_if[0].select = (val & ~0x10) | 0xa0;
1807 ide_if[1].select = (val | 0x10) | 0xa0;
1808 /* select drive */
1809 unit = (val >> 4) & 1;
1810 s = ide_if + unit;
1811 ide_if->cur_drive = s;
1812 break;
1813 default:
1814 case 7:
1815 /* command */
1816#if defined(DEBUG_IDE)
1817 printf("ide: CMD=%02x\n", val);
1818#endif
1819 s = ide_if->cur_drive;
1820 /* ignore commands to non existant slave */
1821 if (s != ide_if && !s->bs)
1822 break;
1823
1824 switch(val) {
1825 case WIN_IDENTIFY:
1826 if (s->bs && !s->is_cdrom) {
1827 if (!s->is_cf)
1828 ide_identify(s);
1829 else
1830 ide_cfata_identify(s);
1831 s->status = READY_STAT | SEEK_STAT;
1832 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1833 } else {
1834 if (s->is_cdrom) {
1835 ide_set_signature(s);
1836 }
1837 ide_abort_command(s);
1838 }
1839 ide_set_irq(s);
1840 break;
1841 case WIN_SPECIFY:
1842 case WIN_RECAL:
1843 s->error = 0;
1844 s->status = READY_STAT | SEEK_STAT;
1845 ide_set_irq(s);
1846 break;
1847 case WIN_SETMULT:
1848 if (s->is_cf && s->nsector == 0) {
1849 /* Disable Read and Write Multiple */
1850 s->mult_sectors = 0;
1851 s->status = READY_STAT;
1852 } else if ((s->nsector & 0xff) != 0 &&
1853 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
1854 (s->nsector & (s->nsector - 1)) != 0)) {
1855 ide_abort_command(s);
1856 } else {
1857 s->mult_sectors = s->nsector & 0xff;
1858 s->status = READY_STAT;
1859 }
1860 ide_set_irq(s);
1861 break;
1862 case WIN_VERIFY_EXT:
1863 lba48 = 1;
1864 case WIN_VERIFY:
1865 case WIN_VERIFY_ONCE:
1866 /* do sector number check ? */
1867 ide_cmd_lba48_transform(s, lba48);
1868 s->status = READY_STAT;
1869 ide_set_irq(s);
1870 break;
1871 case WIN_READ_EXT:
1872 lba48 = 1;
1873 case WIN_READ:
1874 case WIN_READ_ONCE:
1875 if (!s->bs)
1876 goto abort_cmd;
1877 ide_cmd_lba48_transform(s, lba48);
1878 s->req_nb_sectors = 1;
1879 ide_sector_read(s);
1880 break;
1881 case WIN_WRITE_EXT:
1882 lba48 = 1;
1883 case WIN_WRITE:
1884 case WIN_WRITE_ONCE:
1885 case CFA_WRITE_SECT_WO_ERASE:
1886 case WIN_WRITE_VERIFY:
1887 ide_cmd_lba48_transform(s, lba48);
1888 s->error = 0;
1889 s->status = SEEK_STAT | READY_STAT;
1890 s->req_nb_sectors = 1;
1891 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1892 s->media_changed = 1;
1893 break;
1894 case WIN_MULTREAD_EXT:
1895 lba48 = 1;
1896 case WIN_MULTREAD:
1897 if (!s->mult_sectors)
1898 goto abort_cmd;
1899 ide_cmd_lba48_transform(s, lba48);
1900 s->req_nb_sectors = s->mult_sectors;
1901 ide_sector_read(s);
1902 break;
1903 case WIN_MULTWRITE_EXT:
1904 lba48 = 1;
1905 case WIN_MULTWRITE:
1906 case CFA_WRITE_MULTI_WO_ERASE:
1907 if (!s->mult_sectors)
1908 goto abort_cmd;
1909 ide_cmd_lba48_transform(s, lba48);
1910 s->error = 0;
1911 s->status = SEEK_STAT | READY_STAT;
1912 s->req_nb_sectors = s->mult_sectors;
1913 n = s->nsector;
1914 if (n > s->req_nb_sectors)
1915 n = s->req_nb_sectors;
1916 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1917 s->media_changed = 1;
1918 break;
1919 case WIN_READDMA_EXT:
1920 lba48 = 1;
1921 case WIN_READDMA:
1922 case WIN_READDMA_ONCE:
1923 if (!s->bs)
1924 goto abort_cmd;
1925 ide_cmd_lba48_transform(s, lba48);
1926 ide_sector_read_dma(s);
1927 break;
1928 case WIN_WRITEDMA_EXT:
1929 lba48 = 1;
1930 case WIN_WRITEDMA:
1931 case WIN_WRITEDMA_ONCE:
1932 if (!s->bs)
1933 goto abort_cmd;
1934 ide_cmd_lba48_transform(s, lba48);
1935 ide_sector_write_dma(s);
1936 s->media_changed = 1;
1937 break;
1938 case WIN_READ_NATIVE_MAX_EXT:
1939 lba48 = 1;
1940 case WIN_READ_NATIVE_MAX:
1941 ide_cmd_lba48_transform(s, lba48);
1942 ide_set_sector(s, s->nb_sectors - 1);
1943 s->status = READY_STAT;
1944 ide_set_irq(s);
1945 break;
1946 case WIN_CHECKPOWERMODE1:
1947 case WIN_CHECKPOWERMODE2:
1948 s->nsector = 0xff; /* device active or idle */
1949 s->status = READY_STAT;
1950 ide_set_irq(s);
1951 break;
1952 case WIN_SETFEATURES:
1953 if (!s->bs)
1954 goto abort_cmd;
1955 /* XXX: valid for CDROM ? */
1956 switch(s->feature) {
1957 case 0xcc: /* reverting to power-on defaults enable */
1958 case 0x66: /* reverting to power-on defaults disable */
1959 case 0x02: /* write cache enable */
1960 case 0x82: /* write cache disable */
1961 case 0xaa: /* read look-ahead enable */
1962 case 0x55: /* read look-ahead disable */
1963 case 0x05: /* set advanced power management mode */
1964 case 0x85: /* disable advanced power management mode */
1965 case 0x69: /* NOP */
1966 case 0x67: /* NOP */
1967 case 0x96: /* NOP */
1968 case 0x9a: /* NOP */
1969 case 0x42: /* enable Automatic Acoustic Mode */
1970 case 0xc2: /* disable Automatic Acoustic Mode */
1971 s->status = READY_STAT | SEEK_STAT;
1972 ide_set_irq(s);
1973 break;
1974 case 0x03: { /* set transfer mode */
1975 uint8_t val = s->nsector & 0x07;
1976
1977 switch (s->nsector >> 3) {
1978 case 0x00: /* pio default */
1979 case 0x01: /* pio mode */
1980 put_le16(s->identify_data + 63,0x07);
1981 put_le16(s->identify_data + 88,0x3f);
1982 break;
1983 case 0x04: /* mdma mode */
1984 put_le16(s->identify_data + 63,0x07 | (1 << (val + 8)));
1985 put_le16(s->identify_data + 88,0x3f);
1986 break;
1987 case 0x08: /* udma mode */
1988 put_le16(s->identify_data + 63,0x07);
1989 put_le16(s->identify_data + 88,0x3f | (1 << (val + 8)));
1990 break;
1991 default:
1992 goto abort_cmd;
1993 }
1994 s->status = READY_STAT | SEEK_STAT;
1995 ide_set_irq(s);
1996 break;
1997 }
1998 default:
1999 goto abort_cmd;
2000 }
2001 break;
2002 case WIN_FLUSH_CACHE:
2003 case WIN_FLUSH_CACHE_EXT:
2004 if (s->bs)
2005 bdrv_flush(s->bs);
2006 s->status = READY_STAT;
2007 ide_set_irq(s);
2008 break;
2009 case WIN_STANDBY:
2010 case WIN_STANDBY2:
2011 case WIN_STANDBYNOW1:
2012 case WIN_STANDBYNOW2:
2013 case WIN_IDLEIMMEDIATE:
2014 case CFA_IDLEIMMEDIATE:
2015 case WIN_SETIDLE1:
2016 case WIN_SETIDLE2:
2017 case WIN_SLEEPNOW1:
2018 case WIN_SLEEPNOW2:
2019 s->status = READY_STAT;
2020 ide_set_irq(s);
2021 break;
2022 /* ATAPI commands */
2023 case WIN_PIDENTIFY:
2024 if (s->is_cdrom) {
2025 ide_atapi_identify(s);
2026 s->status = READY_STAT | SEEK_STAT;
2027 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2028 } else {
2029 ide_abort_command(s);
2030 }
2031 ide_set_irq(s);
2032 break;
2033 case WIN_DIAGNOSE:
2034 ide_set_signature(s);
2035 s->status = 0x00; /* NOTE: READY is _not_ set */
2036 s->error = 0x01;
2037 break;
2038 case WIN_SRST:
2039 if (!s->is_cdrom)
2040 goto abort_cmd;
2041 ide_set_signature(s);
2042 s->status = 0x00; /* NOTE: READY is _not_ set */
2043 s->error = 0x01;
2044 break;
2045 case WIN_PACKETCMD:
2046 if (!s->is_cdrom)
2047 goto abort_cmd;
2048 /* overlapping commands not supported */
2049 if (s->feature & 0x02)
2050 goto abort_cmd;
2051 s->status = READY_STAT;
2052 s->atapi_dma = s->feature & 1;
2053 s->nsector = 1;
2054 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
2055 ide_atapi_cmd);
2056 break;
2057 /* CF-ATA commands */
2058 case CFA_REQ_EXT_ERROR_CODE:
2059 if (!s->is_cf)
2060 goto abort_cmd;
2061 s->error = 0x09; /* miscellaneous error */
2062 s->status = READY_STAT;
2063 ide_set_irq(s);
2064 break;
2065 case CFA_ERASE_SECTORS:
2066 case CFA_WEAR_LEVEL:
2067 if (!s->is_cf)
2068 goto abort_cmd;
2069 if (val == CFA_WEAR_LEVEL)
2070 s->nsector = 0;
2071 if (val == CFA_ERASE_SECTORS)
2072 s->media_changed = 1;
2073 s->error = 0x00;
2074 s->status = READY_STAT;
2075 ide_set_irq(s);
2076 break;
2077 case CFA_TRANSLATE_SECTOR:
2078 if (!s->is_cf)
2079 goto abort_cmd;
2080 s->error = 0x00;
2081 s->status = READY_STAT;
2082 memset(s->io_buffer, 0, 0x200);
2083 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
2084 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
2085 s->io_buffer[0x02] = s->select; /* Head */
2086 s->io_buffer[0x03] = s->sector; /* Sector */
2087 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
2088 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
2089 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
2090 s->io_buffer[0x13] = 0x00; /* Erase flag */
2091 s->io_buffer[0x18] = 0x00; /* Hot count */
2092 s->io_buffer[0x19] = 0x00; /* Hot count */
2093 s->io_buffer[0x1a] = 0x01; /* Hot count */
2094 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2095 ide_set_irq(s);
2096 break;
2097 case CFA_ACCESS_METADATA_STORAGE:
2098 if (!s->is_cf)
2099 goto abort_cmd;
2100 switch (s->feature) {
2101 case 0x02: /* Inquiry Metadata Storage */
2102 ide_cfata_metadata_inquiry(s);
2103 break;
2104 case 0x03: /* Read Metadata Storage */
2105 ide_cfata_metadata_read(s);
2106 break;
2107 case 0x04: /* Write Metadata Storage */
2108 ide_cfata_metadata_write(s);
2109 break;
2110 default:
2111 goto abort_cmd;
2112 }
2113 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2114 s->status = 0x00; /* NOTE: READY is _not_ set */
2115 ide_set_irq(s);
2116 break;
2117 case IBM_SENSE_CONDITION:
2118 if (!s->is_cf)
2119 goto abort_cmd;
2120 switch (s->feature) {
2121 case 0x01: /* sense temperature in device */
2122 s->nsector = 0x50; /* +20 C */
2123 break;
2124 default:
2125 goto abort_cmd;
2126 }
2127 s->status = READY_STAT;
2128 ide_set_irq(s);
2129 break;
2130 default:
2131 abort_cmd:
2132 ide_abort_command(s);
2133 ide_set_irq(s);
2134 break;
2135 }
2136 }
2137}
2138
2139static uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
2140{
2141 IDEState *ide_if = opaque;
2142 IDEState *s = ide_if->cur_drive;
2143 uint32_t addr;
2144 int ret, hob;
2145
2146 addr = addr1 & 7;
2147 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2148 //hob = s->select & (1 << 7);
2149 hob = 0;
2150 switch(addr) {
2151 case 0:
2152 ret = 0xff;
2153 break;
2154 case 1:
2155 if (!ide_if[0].bs && !ide_if[1].bs)
2156 ret = 0;
2157 else if (!hob)
2158 ret = s->error;
2159 else
2160 ret = s->hob_feature;
2161 break;
2162 case 2:
2163 if (!ide_if[0].bs && !ide_if[1].bs)
2164 ret = 0;
2165 else if (!hob)
2166 ret = s->nsector & 0xff;
2167 else
2168 ret = s->hob_nsector;
2169 break;
2170 case 3:
2171 if (!ide_if[0].bs && !ide_if[1].bs)
2172 ret = 0;
2173 else if (!hob)
2174 ret = s->sector;
2175 else
2176 ret = s->hob_sector;
2177 break;
2178 case 4:
2179 if (!ide_if[0].bs && !ide_if[1].bs)
2180 ret = 0;
2181 else if (!hob)
2182 ret = s->lcyl;
2183 else
2184 ret = s->hob_lcyl;
2185 break;
2186 case 5:
2187 if (!ide_if[0].bs && !ide_if[1].bs)
2188 ret = 0;
2189 else if (!hob)
2190 ret = s->hcyl;
2191 else
2192 ret = s->hob_hcyl;
2193 break;
2194 case 6:
2195 if (!ide_if[0].bs && !ide_if[1].bs)
2196 ret = 0;
2197 else
2198 ret = s->select;
2199 break;
2200 default:
2201 case 7:
2202 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2203 (s != ide_if && !s->bs))
2204 ret = 0;
2205 else
2206 ret = s->status;
2207 qemu_irq_lower(s->irq);
2208 break;
2209 }
2210#ifdef DEBUG_IDE
2211 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
2212#endif
2213 return ret;
2214}
2215
2216static uint32_t ide_status_read(void *opaque, uint32_t addr)
2217{
2218 IDEState *ide_if = opaque;
2219 IDEState *s = ide_if->cur_drive;
2220 int ret;
2221
2222 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2223 (s != ide_if && !s->bs))
2224 ret = 0;
2225 else
2226 ret = s->status;
2227#ifdef DEBUG_IDE
2228 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
2229#endif
2230 return ret;
2231}
2232
2233static void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
2234{
2235 IDEState *ide_if = opaque;
2236 IDEState *s;
2237 int i;
2238
2239#ifdef DEBUG_IDE
2240 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
2241#endif
2242 /* common for both drives */
2243 if (!(ide_if[0].cmd & IDE_CMD_RESET) &&
2244 (val & IDE_CMD_RESET)) {
2245 /* reset low to high */
2246 for(i = 0;i < 2; i++) {
2247 s = &ide_if[i];
2248 s->status = BUSY_STAT | SEEK_STAT;
2249 s->error = 0x01;
2250 }
2251 } else if ((ide_if[0].cmd & IDE_CMD_RESET) &&
2252 !(val & IDE_CMD_RESET)) {
2253 /* high to low */
2254 for(i = 0;i < 2; i++) {
2255 s = &ide_if[i];
2256 if (s->is_cdrom)
2257 s->status = 0x00; /* NOTE: READY is _not_ set */
2258 else
2259 s->status = READY_STAT | SEEK_STAT;
2260 ide_set_signature(s);
2261 }
2262 }
2263
2264 ide_if[0].cmd = val;
2265 ide_if[1].cmd = val;
2266}
2267
2268static void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
2269{
2270 IDEState *s = ((IDEState *)opaque)->cur_drive;
2271 uint8_t *p;
2272
2273 p = s->data_ptr;
2274 *(uint16_t *)p = le16_to_cpu(val);
2275 p += 2;
2276 s->data_ptr = p;
2277 if (p >= s->data_end)
2278 s->end_transfer_func(s);
2279}
2280
2281static uint32_t ide_data_readw(void *opaque, uint32_t addr)
2282{
2283 IDEState *s = ((IDEState *)opaque)->cur_drive;
2284 uint8_t *p;
2285 int ret;
2286 p = s->data_ptr;
2287 ret = cpu_to_le16(*(uint16_t *)p);
2288 p += 2;
2289 s->data_ptr = p;
2290 if (p >= s->data_end)
2291 s->end_transfer_func(s);
2292 return ret;
2293}
2294
2295static void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
2296{
2297 IDEState *s = ((IDEState *)opaque)->cur_drive;
2298 uint8_t *p;
2299
2300 p = s->data_ptr;
2301 *(uint32_t *)p = le32_to_cpu(val);
2302 p += 4;
2303 s->data_ptr = p;
2304 if (p >= s->data_end)
2305 s->end_transfer_func(s);
2306}
2307
2308static uint32_t ide_data_readl(void *opaque, uint32_t addr)
2309{
2310 IDEState *s = ((IDEState *)opaque)->cur_drive;
2311 uint8_t *p;
2312 int ret;
2313
2314 p = s->data_ptr;
2315 ret = cpu_to_le32(*(uint32_t *)p);
2316 p += 4;
2317 s->data_ptr = p;
2318 if (p >= s->data_end)
2319 s->end_transfer_func(s);
2320 return ret;
2321}
2322
2323static void ide_dummy_transfer_stop(IDEState *s)
2324{
2325 s->data_ptr = s->io_buffer;
2326 s->data_end = s->io_buffer;
2327 s->io_buffer[0] = 0xff;
2328 s->io_buffer[1] = 0xff;
2329 s->io_buffer[2] = 0xff;
2330 s->io_buffer[3] = 0xff;
2331}
2332
2333static void ide_reset(IDEState *s)
2334{
2335 if (s->is_cf)
2336 s->mult_sectors = 0;
2337 else
2338 s->mult_sectors = MAX_MULT_SECTORS;
2339 s->cur_drive = s;
2340 s->select = 0xa0;
2341 s->status = READY_STAT;
2342 ide_set_signature(s);
2343 /* init the transfer handler so that 0xffff is returned on data
2344 accesses */
2345 s->end_transfer_func = ide_dummy_transfer_stop;
2346 ide_dummy_transfer_stop(s);
2347 s->media_changed = 0;
2348}
2349
2350struct partition {
2351 uint8_t boot_ind; /* 0x80 - active */
2352 uint8_t head; /* starting head */
2353 uint8_t sector; /* starting sector */
2354 uint8_t cyl; /* starting cylinder */
2355 uint8_t sys_ind; /* What partition type */
2356 uint8_t end_head; /* end head */
2357 uint8_t end_sector; /* end sector */
2358 uint8_t end_cyl; /* end cylinder */
2359 uint32_t start_sect; /* starting sector counting from 0 */
2360 uint32_t nr_sects; /* nr of sectors in partition */
2361} __attribute__((packed));
2362
2363/* try to guess the disk logical geometry from the MSDOS partition table. Return 0 if OK, -1 if could not guess */
2364static int guess_disk_lchs(IDEState *s,
2365 int *pcylinders, int *pheads, int *psectors)
2366{
2367 uint8_t buf[512];
2368 int ret, i, heads, sectors, cylinders;
2369 struct partition *p;
2370 uint32_t nr_sects;
2371
2372 ret = bdrv_read(s->bs, 0, buf, 1);
2373 if (ret < 0)
2374 return -1;
2375 /* test msdos magic */
2376 if (buf[510] != 0x55 || buf[511] != 0xaa)
2377 return -1;
2378 for(i = 0; i < 4; i++) {
2379 p = ((struct partition *)(buf + 0x1be)) + i;
2380 nr_sects = le32_to_cpu(p->nr_sects);
2381 if (nr_sects && p->end_head) {
2382 /* We make the assumption that the partition terminates on
2383 a cylinder boundary */
2384 heads = p->end_head + 1;
2385 sectors = p->end_sector & 63;
2386 if (sectors == 0)
2387 continue;
2388 cylinders = s->nb_sectors / (heads * sectors);
2389 if (cylinders < 1 || cylinders > 16383)
2390 continue;
2391 *pheads = heads;
2392 *psectors = sectors;
2393 *pcylinders = cylinders;
2394#if 0
2395 printf("guessed geometry: LCHS=%d %d %d\n",
2396 cylinders, heads, sectors);
2397#endif
2398 return 0;
2399 }
2400 }
2401 return -1;
2402}
2403
2404static void ide_init2(IDEState *ide_state,
2405 BlockDriverState *hd0, BlockDriverState *hd1,
2406 qemu_irq irq)
2407{
2408 IDEState *s;
2409 static int drive_serial = 1;
2410 int i, cylinders, heads, secs, translation, lba_detected = 0;
2411 int64_t nb_sectors;
2412
2413 for(i = 0; i < 2; i++) {
2414 s = ide_state + i;
2415 if (i == 0)
2416 s->bs = hd0;
2417 else
2418 s->bs = hd1;
2419 if (s->bs) {
2420 bdrv_get_geometry(s->bs, &nb_sectors);
2421 s->nb_sectors = nb_sectors;
2422 /* if a geometry hint is available, use it */
2423 bdrv_get_geometry_hint(s->bs, &cylinders, &heads, &secs);
2424 translation = bdrv_get_translation_hint(s->bs);
2425 if (cylinders != 0) {
2426 s->cylinders = cylinders;
2427 s->heads = heads;
2428 s->sectors = secs;
2429 } else {
2430 if (guess_disk_lchs(s, &cylinders, &heads, &secs) == 0) {
2431 if (heads > 16) {
2432 /* if heads > 16, it means that a BIOS LBA
2433 translation was active, so the default
2434 hardware geometry is OK */
2435 lba_detected = 1;
2436 goto default_geometry;
2437 } else {
2438 s->cylinders = cylinders;
2439 s->heads = heads;
2440 s->sectors = secs;
2441 /* disable any translation to be in sync with
2442 the logical geometry */
2443 if (translation == BIOS_ATA_TRANSLATION_AUTO) {
2444 bdrv_set_translation_hint(s->bs,
2445 BIOS_ATA_TRANSLATION_NONE);
2446 }
2447 }
2448 } else {
2449 default_geometry:
2450 /* if no geometry, use a standard physical disk geometry */
2451 cylinders = nb_sectors / (16 * 63);
2452 if (cylinders > 16383)
2453 cylinders = 16383;
2454 else if (cylinders < 2)
2455 cylinders = 2;
2456 s->cylinders = cylinders;
2457 s->heads = 16;
2458 s->sectors = 63;
2459 if ((lba_detected == 1) && (translation == BIOS_ATA_TRANSLATION_AUTO)) {
2460 if ((s->cylinders * s->heads) <= 131072) {
2461 bdrv_set_translation_hint(s->bs,
2462 BIOS_ATA_TRANSLATION_LARGE);
2463 } else {
2464 bdrv_set_translation_hint(s->bs,
2465 BIOS_ATA_TRANSLATION_LBA);
2466 }
2467 }
2468 }
2469 bdrv_set_geometry_hint(s->bs, s->cylinders, s->heads, s->sectors);
2470 }
2471 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
2472 s->is_cdrom = 1;
2473 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
2474 }
2475 }
2476 s->drive_serial = drive_serial++;
2477 s->irq = irq;
2478 s->sector_write_timer = qemu_new_timer(vm_clock,
2479 ide_sector_write_timer_cb, s);
2480 ide_reset(s);
2481 }
2482}
2483
2484static void ide_init_ioport(IDEState *ide_state, int iobase, int iobase2)
2485{
2486 register_ioport_write(iobase, 8, 1, ide_ioport_write, ide_state);
2487 register_ioport_read(iobase, 8, 1, ide_ioport_read, ide_state);
2488 if (iobase2) {
2489 register_ioport_read(iobase2, 1, 1, ide_status_read, ide_state);
2490 register_ioport_write(iobase2, 1, 1, ide_cmd_write, ide_state);
2491 }
2492
2493 /* data ports */
2494 register_ioport_write(iobase, 2, 2, ide_data_writew, ide_state);
2495 register_ioport_read(iobase, 2, 2, ide_data_readw, ide_state);
2496 register_ioport_write(iobase, 4, 4, ide_data_writel, ide_state);
2497 register_ioport_read(iobase, 4, 4, ide_data_readl, ide_state);
2498}
2499
2500/* save per IDE drive data */
2501static void ide_save(QEMUFile* f, IDEState *s)
2502{
2503 qemu_put_be32s(f, &s->mult_sectors);
2504 qemu_put_be32s(f, &s->identify_set);
2505 if (s->identify_set) {
2506 qemu_put_buffer(f, (const uint8_t *)s->identify_data, 512);
2507 }
2508 qemu_put_8s(f, &s->feature);
2509 qemu_put_8s(f, &s->error);
2510 qemu_put_be32s(f, &s->nsector);
2511 qemu_put_8s(f, &s->sector);
2512 qemu_put_8s(f, &s->lcyl);
2513 qemu_put_8s(f, &s->hcyl);
2514 qemu_put_8s(f, &s->hob_feature);
2515 qemu_put_8s(f, &s->hob_nsector);
2516 qemu_put_8s(f, &s->hob_sector);
2517 qemu_put_8s(f, &s->hob_lcyl);
2518 qemu_put_8s(f, &s->hob_hcyl);
2519 qemu_put_8s(f, &s->select);
2520 qemu_put_8s(f, &s->status);
2521 qemu_put_8s(f, &s->lba48);
2522
2523 qemu_put_8s(f, &s->sense_key);
2524 qemu_put_8s(f, &s->asc);
2525 /* XXX: if a transfer is pending, we do not save it yet */
2526}
2527
2528/* load per IDE drive data */
2529static void ide_load(QEMUFile* f, IDEState *s)
2530{
2531 qemu_get_be32s(f, &s->mult_sectors);
2532 qemu_get_be32s(f, &s->identify_set);
2533 if (s->identify_set) {
2534 qemu_get_buffer(f, (uint8_t *)s->identify_data, 512);
2535 }
2536 qemu_get_8s(f, &s->feature);
2537 qemu_get_8s(f, &s->error);
2538 qemu_get_be32s(f, &s->nsector);
2539 qemu_get_8s(f, &s->sector);
2540 qemu_get_8s(f, &s->lcyl);
2541 qemu_get_8s(f, &s->hcyl);
2542 qemu_get_8s(f, &s->hob_feature);
2543 qemu_get_8s(f, &s->hob_nsector);
2544 qemu_get_8s(f, &s->hob_sector);
2545 qemu_get_8s(f, &s->hob_lcyl);
2546 qemu_get_8s(f, &s->hob_hcyl);
2547 qemu_get_8s(f, &s->select);
2548 qemu_get_8s(f, &s->status);
2549 qemu_get_8s(f, &s->lba48);
2550
2551 qemu_get_8s(f, &s->sense_key);
2552 qemu_get_8s(f, &s->asc);
2553 /* XXX: if a transfer is pending, we do not save it yet */
2554}
2555
2556/***********************************************************/
2557/* ISA IDE definitions */
2558
2559void isa_ide_init(int iobase, int iobase2, qemu_irq irq,
2560 BlockDriverState *hd0, BlockDriverState *hd1)
2561{
2562 IDEState *ide_state;
2563
2564 ide_state = qemu_mallocz(sizeof(IDEState) * 2);
2565 if (!ide_state)
2566 return;
2567
2568 ide_init2(ide_state, hd0, hd1, irq);
2569 ide_init_ioport(ide_state, iobase, iobase2);
2570}
2571
2572/***********************************************************/
2573/* PCI IDE definitions */
2574
2575static void cmd646_update_irq(PCIIDEState *d);
2576
2577static void ide_map(PCIDevice *pci_dev, int region_num,
2578 uint32_t addr, uint32_t size, int type)
2579{
2580 PCIIDEState *d = (PCIIDEState *)pci_dev;
2581 IDEState *ide_state;
2582
2583 if (region_num <= 3) {
2584 ide_state = &d->ide_if[(region_num >> 1) * 2];
2585 if (region_num & 1) {
2586 register_ioport_read(addr + 2, 1, 1, ide_status_read, ide_state);
2587 register_ioport_write(addr + 2, 1, 1, ide_cmd_write, ide_state);
2588 } else {
2589 register_ioport_write(addr, 8, 1, ide_ioport_write, ide_state);
2590 register_ioport_read(addr, 8, 1, ide_ioport_read, ide_state);
2591
2592 /* data ports */
2593 register_ioport_write(addr, 2, 2, ide_data_writew, ide_state);
2594 register_ioport_read(addr, 2, 2, ide_data_readw, ide_state);
2595 register_ioport_write(addr, 4, 4, ide_data_writel, ide_state);
2596 register_ioport_read(addr, 4, 4, ide_data_readl, ide_state);
2597 }
2598 }
2599}
2600
2601static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb)
2602{
2603 BMDMAState *bm = s->bmdma;
2604 if(!bm)
2605 return;
2606 bm->ide_if = s;
2607 bm->dma_cb = dma_cb;
2608 bm->cur_prd_last = 0;
2609 bm->cur_prd_addr = 0;
2610 bm->cur_prd_len = 0;
2611 if (bm->status & BM_STATUS_DMAING) {
2612 bm->dma_cb(bm, 0);
2613 }
2614}
2615
2616static void bmdma_cmd_writeb(void *opaque, uint32_t addr, uint32_t val)
2617{
2618 BMDMAState *bm = opaque;
2619#ifdef DEBUG_IDE
2620 printf("%s: 0x%08x\n", __func__, val);
2621#endif
2622 if (!(val & BM_CMD_START)) {
2623 /* XXX: do it better */
2624 if (bm->status & BM_STATUS_DMAING) {
2625 bm->status &= ~BM_STATUS_DMAING;
2626 /* cancel DMA request */
2627 bm->ide_if = NULL;
2628 bm->dma_cb = NULL;
2629 if (bm->aiocb) {
2630#ifdef DEBUG_AIO
2631 printf("aio_cancel\n");
2632#endif
2633 bdrv_aio_cancel(bm->aiocb);
2634 bm->aiocb = NULL;
2635 }
2636 }
2637 bm->cmd = val & 0x09;
2638 } else {
2639 if (!(bm->status & BM_STATUS_DMAING)) {
2640 bm->status |= BM_STATUS_DMAING;
2641 /* start dma transfer if possible */
2642 if (bm->dma_cb)
2643 bm->dma_cb(bm, 0);
2644 }
2645 bm->cmd = val & 0x09;
2646 }
2647}
2648
2649static uint32_t bmdma_readb(void *opaque, uint32_t addr)
2650{
2651 BMDMAState *bm = opaque;
2652 PCIIDEState *pci_dev;
2653 uint32_t val;
2654
2655 switch(addr & 3) {
2656 case 0:
2657 val = bm->cmd;
2658 break;
2659 case 1:
2660 pci_dev = bm->pci_dev;
2661 if (pci_dev->type == IDE_TYPE_CMD646) {
2662 val = pci_dev->dev.config[MRDMODE];
2663 } else {
2664 val = 0xff;
2665 }
2666 break;
2667 case 2:
2668 val = bm->status;
2669 break;
2670 case 3:
2671 pci_dev = bm->pci_dev;
2672 if (pci_dev->type == IDE_TYPE_CMD646) {
2673 if (bm == &pci_dev->bmdma[0])
2674 val = pci_dev->dev.config[UDIDETCR0];
2675 else
2676 val = pci_dev->dev.config[UDIDETCR1];
2677 } else {
2678 val = 0xff;
2679 }
2680 break;
2681 default:
2682 val = 0xff;
2683 break;
2684 }
2685#ifdef DEBUG_IDE
2686 printf("bmdma: readb 0x%02x : 0x%02x\n", addr, val);
2687#endif
2688 return val;
2689}
2690
2691static void bmdma_writeb(void *opaque, uint32_t addr, uint32_t val)
2692{
2693 BMDMAState *bm = opaque;
2694 PCIIDEState *pci_dev;
2695#ifdef DEBUG_IDE
2696 printf("bmdma: writeb 0x%02x : 0x%02x\n", addr, val);
2697#endif
2698 switch(addr & 3) {
2699 case 1:
2700 pci_dev = bm->pci_dev;
2701 if (pci_dev->type == IDE_TYPE_CMD646) {
2702 pci_dev->dev.config[MRDMODE] =
2703 (pci_dev->dev.config[MRDMODE] & ~0x30) | (val & 0x30);
2704 cmd646_update_irq(pci_dev);
2705 }
2706 break;
2707 case 2:
2708 bm->status = (val & 0x60) | (bm->status & 1) | (bm->status & ~val & 0x06);
2709 break;
2710 case 3:
2711 pci_dev = bm->pci_dev;
2712 if (pci_dev->type == IDE_TYPE_CMD646) {
2713 if (bm == &pci_dev->bmdma[0])
2714 pci_dev->dev.config[UDIDETCR0] = val;
2715 else
2716 pci_dev->dev.config[UDIDETCR1] = val;
2717 }
2718 break;
2719 }
2720}
2721
2722static uint32_t bmdma_addr_readl(void *opaque, uint32_t addr)
2723{
2724 BMDMAState *bm = opaque;
2725 uint32_t val;
2726 val = bm->addr;
2727#ifdef DEBUG_IDE
2728 printf("%s: 0x%08x\n", __func__, val);
2729#endif
2730 return val;
2731}
2732
2733static void bmdma_addr_writel(void *opaque, uint32_t addr, uint32_t val)
2734{
2735 BMDMAState *bm = opaque;
2736#ifdef DEBUG_IDE
2737 printf("%s: 0x%08x\n", __func__, val);
2738#endif
2739 bm->addr = val & ~3;
2740 bm->cur_addr = bm->addr;
2741}
2742
2743static void bmdma_map(PCIDevice *pci_dev, int region_num,
2744 uint32_t addr, uint32_t size, int type)
2745{
2746 PCIIDEState *d = (PCIIDEState *)pci_dev;
2747 int i;
2748
2749 for(i = 0;i < 2; i++) {
2750 BMDMAState *bm = &d->bmdma[i];
2751 d->ide_if[2 * i].bmdma = bm;
2752 d->ide_if[2 * i + 1].bmdma = bm;
2753 bm->pci_dev = (PCIIDEState *)pci_dev;
2754
2755 register_ioport_write(addr, 1, 1, bmdma_cmd_writeb, bm);
2756
2757 register_ioport_write(addr + 1, 3, 1, bmdma_writeb, bm);
2758 register_ioport_read(addr, 4, 1, bmdma_readb, bm);
2759
2760 register_ioport_write(addr + 4, 4, 4, bmdma_addr_writel, bm);
2761 register_ioport_read(addr + 4, 4, 4, bmdma_addr_readl, bm);
2762 addr += 8;
2763 }
2764}
2765
2766/* XXX: call it also when the MRDMODE is changed from the PCI config
2767 registers */
2768static void cmd646_update_irq(PCIIDEState *d)
2769{
2770 int pci_level;
2771 pci_level = ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH0) &&
2772 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH0)) ||
2773 ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH1) &&
2774 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH1));
2775 qemu_set_irq(d->dev.irq[0], pci_level);
2776}
2777
2778/* the PCI irq level is the logical OR of the two channels */
2779static void cmd646_set_irq(void *opaque, int channel, int level)
2780{
2781 PCIIDEState *d = opaque;
2782 int irq_mask;
2783
2784 irq_mask = MRDMODE_INTR_CH0 << channel;
2785 if (level)
2786 d->dev.config[MRDMODE] |= irq_mask;
2787 else
2788 d->dev.config[MRDMODE] &= ~irq_mask;
2789 cmd646_update_irq(d);
2790}
2791
2792/* CMD646 PCI IDE controller */
2793void pci_cmd646_ide_init(PCIBus *bus, BlockDriverState **hd_table,
2794 int secondary_ide_enabled)
2795{
2796 PCIIDEState *d;
2797 uint8_t *pci_conf;
2798 int i;
2799 qemu_irq *irq;
2800
2801 d = (PCIIDEState *)pci_register_device(bus, "CMD646 IDE",
2802 sizeof(PCIIDEState),
2803 -1,
2804 NULL, NULL);
2805 d->type = IDE_TYPE_CMD646;
2806 pci_conf = d->dev.config;
2807 pci_conf[0x00] = 0x95; // CMD646
2808 pci_conf[0x01] = 0x10;
2809 pci_conf[0x02] = 0x46;
2810 pci_conf[0x03] = 0x06;
2811
2812 pci_conf[0x08] = 0x07; // IDE controller revision
2813 pci_conf[0x09] = 0x8f;
2814
2815 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2816 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2817 pci_conf[0x0e] = 0x00; // header_type
2818
2819 if (secondary_ide_enabled) {
2820 /* XXX: if not enabled, really disable the seconday IDE controller */
2821 pci_conf[0x51] = 0x80; /* enable IDE1 */
2822 }
2823
2824 pci_register_io_region((PCIDevice *)d, 0, 0x8,
2825 PCI_ADDRESS_SPACE_IO, ide_map);
2826 pci_register_io_region((PCIDevice *)d, 1, 0x4,
2827 PCI_ADDRESS_SPACE_IO, ide_map);
2828 pci_register_io_region((PCIDevice *)d, 2, 0x8,
2829 PCI_ADDRESS_SPACE_IO, ide_map);
2830 pci_register_io_region((PCIDevice *)d, 3, 0x4,
2831 PCI_ADDRESS_SPACE_IO, ide_map);
2832 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2833 PCI_ADDRESS_SPACE_IO, bmdma_map);
2834
2835 pci_conf[0x3d] = 0x01; // interrupt on pin 1
2836
2837 for(i = 0; i < 4; i++)
2838 d->ide_if[i].pci_dev = (PCIDevice *)d;
2839
2840 irq = qemu_allocate_irqs(cmd646_set_irq, d, 2);
2841 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], irq[0]);
2842 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], irq[1]);
2843}
2844
2845static void pci_ide_save(QEMUFile* f, void *opaque)
2846{
2847 PCIIDEState *d = opaque;
2848 int i;
2849
2850 pci_device_save(&d->dev, f);
2851
2852 for(i = 0; i < 2; i++) {
2853 BMDMAState *bm = &d->bmdma[i];
2854 qemu_put_8s(f, &bm->cmd);
2855 qemu_put_8s(f, &bm->status);
2856 qemu_put_be32s(f, &bm->addr);
2857 /* XXX: if a transfer is pending, we do not save it yet */
2858 }
2859
2860 /* per IDE interface data */
2861 for(i = 0; i < 2; i++) {
2862 IDEState *s = &d->ide_if[i * 2];
2863 uint8_t drive1_selected;
2864 qemu_put_8s(f, &s->cmd);
2865 drive1_selected = (s->cur_drive != s);
2866 qemu_put_8s(f, &drive1_selected);
2867 }
2868
2869 /* per IDE drive data */
2870 for(i = 0; i < 4; i++) {
2871 ide_save(f, &d->ide_if[i]);
2872 }
2873}
2874
2875static int pci_ide_load(QEMUFile* f, void *opaque, int version_id)
2876{
2877 PCIIDEState *d = opaque;
2878 int ret, i;
2879
2880 if (version_id != 1)
2881 return -EINVAL;
2882 ret = pci_device_load(&d->dev, f);
2883 if (ret < 0)
2884 return ret;
2885
2886 for(i = 0; i < 2; i++) {
2887 BMDMAState *bm = &d->bmdma[i];
2888 qemu_get_8s(f, &bm->cmd);
2889 qemu_get_8s(f, &bm->status);
2890 qemu_get_be32s(f, &bm->addr);
2891 /* XXX: if a transfer is pending, we do not save it yet */
2892 }
2893
2894 /* per IDE interface data */
2895 for(i = 0; i < 2; i++) {
2896 IDEState *s = &d->ide_if[i * 2];
2897 uint8_t drive1_selected;
2898 qemu_get_8s(f, &s->cmd);
2899 qemu_get_8s(f, &drive1_selected);
2900 s->cur_drive = &d->ide_if[i * 2 + (drive1_selected != 0)];
2901 }
2902
2903 /* per IDE drive data */
2904 for(i = 0; i < 4; i++) {
2905 ide_load(f, &d->ide_if[i]);
2906 }
2907 return 0;
2908}
2909
2910static void piix3_reset(PCIIDEState *d)
2911{
2912 uint8_t *pci_conf = d->dev.config;
2913
2914 pci_conf[0x04] = 0x00;
2915 pci_conf[0x05] = 0x00;
2916 pci_conf[0x06] = 0x80; /* FBC */
2917 pci_conf[0x07] = 0x02; // PCI_status_devsel_medium
2918 pci_conf[0x20] = 0x01; /* BMIBA: 20-23h */
2919}
2920
2921/* hd_table must contain 4 block drivers */
2922/* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
2923void pci_piix3_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
2924 qemu_irq *pic)
2925{
2926 PCIIDEState *d;
2927 uint8_t *pci_conf;
2928
2929 /* register a function 1 of PIIX3 */
2930 d = (PCIIDEState *)pci_register_device(bus, "PIIX3 IDE",
2931 sizeof(PCIIDEState),
2932 devfn,
2933 NULL, NULL);
2934 d->type = IDE_TYPE_PIIX3;
2935
2936 pci_conf = d->dev.config;
2937 pci_conf[0x00] = 0x86; // Intel
2938 pci_conf[0x01] = 0x80;
2939 pci_conf[0x02] = 0x10;
2940 pci_conf[0x03] = 0x70;
2941 pci_conf[0x09] = 0x80; // legacy ATA mode
2942 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2943 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2944 pci_conf[0x0e] = 0x00; // header_type
2945
2946 piix3_reset(d);
2947
2948 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2949 PCI_ADDRESS_SPACE_IO, bmdma_map);
2950
2951 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
2952 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
2953 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
2954 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
2955
2956 register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
2957}
2958
2959/* hd_table must contain 4 block drivers */
2960/* NOTE: for the PIIX4, the IRQs and IOports are hardcoded */
2961void pci_piix4_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
2962 qemu_irq *pic)
2963{
2964 PCIIDEState *d;
2965 uint8_t *pci_conf;
2966
2967 /* register a function 1 of PIIX4 */
2968 d = (PCIIDEState *)pci_register_device(bus, "PIIX4 IDE",
2969 sizeof(PCIIDEState),
2970 devfn,
2971 NULL, NULL);
2972 d->type = IDE_TYPE_PIIX4;
2973
2974 pci_conf = d->dev.config;
2975 pci_conf[0x00] = 0x86; // Intel
2976 pci_conf[0x01] = 0x80;
2977 pci_conf[0x02] = 0x11;
2978 pci_conf[0x03] = 0x71;
2979 pci_conf[0x09] = 0x80; // legacy ATA mode
2980 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2981 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2982 pci_conf[0x0e] = 0x00; // header_type
2983
2984 piix3_reset(d);
2985
2986 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2987 PCI_ADDRESS_SPACE_IO, bmdma_map);
2988
2989 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
2990 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
2991 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
2992 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
2993
2994 register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
2995}
2996
2997/***********************************************************/
2998/* MacIO based PowerPC IDE */
2999
3000/* PowerMac IDE memory IO */
3001static void pmac_ide_writeb (void *opaque,
3002 target_phys_addr_t addr, uint32_t val)
3003{
3004 addr = (addr & 0xFFF) >> 4;
3005 switch (addr) {
3006 case 1 ... 7:
3007 ide_ioport_write(opaque, addr, val);
3008 break;
3009 case 8:
3010 case 22:
3011 ide_cmd_write(opaque, 0, val);
3012 break;
3013 default:
3014 break;
3015 }
3016}
3017
3018static uint32_t pmac_ide_readb (void *opaque,target_phys_addr_t addr)
3019{
3020 uint8_t retval;
3021
3022 addr = (addr & 0xFFF) >> 4;
3023 switch (addr) {
3024 case 1 ... 7:
3025 retval = ide_ioport_read(opaque, addr);
3026 break;
3027 case 8:
3028 case 22:
3029 retval = ide_status_read(opaque, 0);
3030 break;
3031 default:
3032 retval = 0xFF;
3033 break;
3034 }
3035 return retval;
3036}
3037
3038static void pmac_ide_writew (void *opaque,
3039 target_phys_addr_t addr, uint32_t val)
3040{
3041 addr = (addr & 0xFFF) >> 4;
3042#ifdef TARGET_WORDS_BIGENDIAN
3043 val = bswap16(val);
3044#endif
3045 if (addr == 0) {
3046 ide_data_writew(opaque, 0, val);
3047 }
3048}
3049
3050static uint32_t pmac_ide_readw (void *opaque,target_phys_addr_t addr)
3051{
3052 uint16_t retval;
3053
3054 addr = (addr & 0xFFF) >> 4;
3055 if (addr == 0) {
3056 retval = ide_data_readw(opaque, 0);
3057 } else {
3058 retval = 0xFFFF;
3059 }
3060#ifdef TARGET_WORDS_BIGENDIAN
3061 retval = bswap16(retval);
3062#endif
3063 return retval;
3064}
3065
3066static void pmac_ide_writel (void *opaque,
3067 target_phys_addr_t addr, uint32_t val)
3068{
3069 addr = (addr & 0xFFF) >> 4;
3070#ifdef TARGET_WORDS_BIGENDIAN
3071 val = bswap32(val);
3072#endif
3073 if (addr == 0) {
3074 ide_data_writel(opaque, 0, val);
3075 }
3076}
3077
3078static uint32_t pmac_ide_readl (void *opaque,target_phys_addr_t addr)
3079{
3080 uint32_t retval;
3081
3082 addr = (addr & 0xFFF) >> 4;
3083 if (addr == 0) {
3084 retval = ide_data_readl(opaque, 0);
3085 } else {
3086 retval = 0xFFFFFFFF;
3087 }
3088#ifdef TARGET_WORDS_BIGENDIAN
3089 retval = bswap32(retval);
3090#endif
3091 return retval;
3092}
3093
3094static CPUWriteMemoryFunc *pmac_ide_write[] = {
3095 pmac_ide_writeb,
3096 pmac_ide_writew,
3097 pmac_ide_writel,
3098};
3099
3100static CPUReadMemoryFunc *pmac_ide_read[] = {
3101 pmac_ide_readb,
3102 pmac_ide_readw,
3103 pmac_ide_readl,
3104};
3105
3106/* hd_table must contain 4 block drivers */
3107/* PowerMac uses memory mapped registers, not I/O. Return the memory
3108 I/O index to access the ide. */
3109int pmac_ide_init (BlockDriverState **hd_table, qemu_irq irq)
3110{
3111 IDEState *ide_if;
3112 int pmac_ide_memory;
3113
3114 ide_if = qemu_mallocz(sizeof(IDEState) * 2);
3115 ide_init2(&ide_if[0], hd_table[0], hd_table[1], irq);
3116
3117 pmac_ide_memory = cpu_register_io_memory(0, pmac_ide_read,
3118 pmac_ide_write, &ide_if[0]);
3119 return pmac_ide_memory;
3120}
3121
3122/***********************************************************/
3123/* CF-ATA Microdrive */
3124
3125#define METADATA_SIZE 0x20
3126
3127/* DSCM-1XXXX Microdrive hard disk with CF+ II / PCMCIA interface. */
3128struct md_s {
3129 IDEState ide[2];
3130 struct pcmcia_card_s card;
3131 uint32_t attr_base;
3132 uint32_t io_base;
3133
3134 /* Card state */
3135 uint8_t opt;
3136 uint8_t stat;
3137 uint8_t pins;
3138
3139 uint8_t ctrl;
3140 uint16_t io;
3141 int cycle;
3142};
3143
3144/* Register bitfields */
3145enum md_opt {
3146 OPT_MODE_MMAP = 0,
3147 OPT_MODE_IOMAP16 = 1,
3148 OPT_MODE_IOMAP1 = 2,
3149 OPT_MODE_IOMAP2 = 3,
3150 OPT_MODE = 0x3f,
3151 OPT_LEVIREQ = 0x40,
3152 OPT_SRESET = 0x80,
3153};
3154enum md_cstat {
3155 STAT_INT = 0x02,
3156 STAT_PWRDWN = 0x04,
3157 STAT_XE = 0x10,
3158 STAT_IOIS8 = 0x20,
3159 STAT_SIGCHG = 0x40,
3160 STAT_CHANGED = 0x80,
3161};
3162enum md_pins {
3163 PINS_MRDY = 0x02,
3164 PINS_CRDY = 0x20,
3165};
3166enum md_ctrl {
3167 CTRL_IEN = 0x02,
3168 CTRL_SRST = 0x04,
3169};
3170
3171static inline void md_interrupt_update(struct md_s *s)
3172{
3173 if (!s->card.slot)
3174 return;
3175
3176 qemu_set_irq(s->card.slot->irq,
3177 !(s->stat & STAT_INT) && /* Inverted */
3178 !(s->ctrl & (CTRL_IEN | CTRL_SRST)) &&
3179 !(s->opt & OPT_SRESET));
3180}
3181
3182static void md_set_irq(void *opaque, int irq, int level)
3183{
3184 struct md_s *s = (struct md_s *) opaque;
3185 if (level)
3186 s->stat |= STAT_INT;
3187 else
3188 s->stat &= ~STAT_INT;
3189
3190 md_interrupt_update(s);
3191}
3192
3193static void md_reset(struct md_s *s)
3194{
3195 s->opt = OPT_MODE_MMAP;
3196 s->stat = 0;
3197 s->pins = 0;
3198 s->cycle = 0;
3199 s->ctrl = 0;
3200 ide_reset(s->ide);
3201}
3202
3203static uint8_t md_attr_read(void *opaque, uint32_t at)
3204{
3205 struct md_s *s = (struct md_s *) opaque;
3206 if (at < s->attr_base) {
3207 if (at < s->card.cis_len)
3208 return s->card.cis[at];
3209 else
3210 return 0x00;
3211 }
3212
3213 at -= s->attr_base;
3214
3215 switch (at) {
3216 case 0x00: /* Configuration Option Register */
3217 return s->opt;
3218 case 0x02: /* Card Configuration Status Register */
3219 if (s->ctrl & CTRL_IEN)
3220 return s->stat & ~STAT_INT;
3221 else
3222 return s->stat;
3223 case 0x04: /* Pin Replacement Register */
3224 return (s->pins & PINS_CRDY) | 0x0c;
3225 case 0x06: /* Socket and Copy Register */
3226 return 0x00;
3227#ifdef VERBOSE
3228 default:
3229 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3230#endif
3231 }
3232
3233 return 0;
3234}
3235
3236static void md_attr_write(void *opaque, uint32_t at, uint8_t value)
3237{
3238 struct md_s *s = (struct md_s *) opaque;
3239 at -= s->attr_base;
3240
3241 switch (at) {
3242 case 0x00: /* Configuration Option Register */
3243 s->opt = value & 0xcf;
3244 if (value & OPT_SRESET)
3245 md_reset(s);
3246 md_interrupt_update(s);
3247 break;
3248 case 0x02: /* Card Configuration Status Register */
3249 if ((s->stat ^ value) & STAT_PWRDWN)
3250 s->pins |= PINS_CRDY;
3251 s->stat &= 0x82;
3252 s->stat |= value & 0x74;
3253 md_interrupt_update(s);
3254 /* Word 170 in Identify Device must be equal to STAT_XE */
3255 break;
3256 case 0x04: /* Pin Replacement Register */
3257 s->pins &= PINS_CRDY;
3258 s->pins |= value & PINS_MRDY;
3259 break;
3260 case 0x06: /* Socket and Copy Register */
3261 break;
3262 default:
3263 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3264 }
3265}
3266
3267static uint16_t md_common_read(void *opaque, uint32_t at)
3268{
3269 struct md_s *s = (struct md_s *) opaque;
3270 uint16_t ret;
3271 at -= s->io_base;
3272
3273 switch (s->opt & OPT_MODE) {
3274 case OPT_MODE_MMAP:
3275 if ((at & ~0x3ff) == 0x400)
3276 at = 0;
3277 break;
3278 case OPT_MODE_IOMAP16:
3279 at &= 0xf;
3280 break;
3281 case OPT_MODE_IOMAP1:
3282 if ((at & ~0xf) == 0x3f0)
3283 at -= 0x3e8;
3284 else if ((at & ~0xf) == 0x1f0)
3285 at -= 0x1f0;
3286 break;
3287 case OPT_MODE_IOMAP2:
3288 if ((at & ~0xf) == 0x370)
3289 at -= 0x368;
3290 else if ((at & ~0xf) == 0x170)
3291 at -= 0x170;
3292 }
3293
3294 switch (at) {
3295 case 0x0: /* Even RD Data */
3296 case 0x8:
3297 return ide_data_readw(s->ide, 0);
3298
3299 /* TODO: 8-bit accesses */
3300 if (s->cycle)
3301 ret = s->io >> 8;
3302 else {
3303 s->io = ide_data_readw(s->ide, 0);
3304 ret = s->io & 0xff;
3305 }
3306 s->cycle = !s->cycle;
3307 return ret;
3308 case 0x9: /* Odd RD Data */
3309 return s->io >> 8;
3310 case 0xd: /* Error */
3311 return ide_ioport_read(s->ide, 0x1);
3312 case 0xe: /* Alternate Status */
3313 if (s->ide->cur_drive->bs)
3314 return s->ide->cur_drive->status;
3315 else
3316 return 0;
3317 case 0xf: /* Device Address */
3318 return 0xc2 | ((~s->ide->select << 2) & 0x3c);
3319 default:
3320 return ide_ioport_read(s->ide, at);
3321 }
3322
3323 return 0;
3324}
3325
3326static void md_common_write(void *opaque, uint32_t at, uint16_t value)
3327{
3328 struct md_s *s = (struct md_s *) opaque;
3329 at -= s->io_base;
3330
3331 switch (s->opt & OPT_MODE) {
3332 case OPT_MODE_MMAP:
3333 if ((at & ~0x3ff) == 0x400)
3334 at = 0;
3335 break;
3336 case OPT_MODE_IOMAP16:
3337 at &= 0xf;
3338 break;
3339 case OPT_MODE_IOMAP1:
3340 if ((at & ~0xf) == 0x3f0)
3341 at -= 0x3e8;
3342 else if ((at & ~0xf) == 0x1f0)
3343 at -= 0x1f0;
3344 break;
3345 case OPT_MODE_IOMAP2:
3346 if ((at & ~0xf) == 0x370)
3347 at -= 0x368;
3348 else if ((at & ~0xf) == 0x170)
3349 at -= 0x170;
3350 }
3351
3352 switch (at) {
3353 case 0x0: /* Even WR Data */
3354 case 0x8:
3355 ide_data_writew(s->ide, 0, value);
3356 break;
3357
3358 /* TODO: 8-bit accesses */
3359 if (s->cycle)
3360 ide_data_writew(s->ide, 0, s->io | (value << 8));
3361 else
3362 s->io = value & 0xff;
3363 s->cycle = !s->cycle;
3364 break;
3365 case 0x9:
3366 s->io = value & 0xff;
3367 s->cycle = !s->cycle;
3368 break;
3369 case 0xd: /* Features */
3370 ide_ioport_write(s->ide, 0x1, value);
3371 break;
3372 case 0xe: /* Device Control */
3373 s->ctrl = value;
3374 if (value & CTRL_SRST)
3375 md_reset(s);
3376 md_interrupt_update(s);
3377 break;
3378 default:
3379 if (s->stat & STAT_PWRDWN) {
3380 s->pins |= PINS_CRDY;
3381 s->stat &= ~STAT_PWRDWN;
3382 }
3383 ide_ioport_write(s->ide, at, value);
3384 }
3385}
3386
3387static void md_save(QEMUFile *f, void *opaque)
3388{
3389 struct md_s *s = (struct md_s *) opaque;
3390 int i;
3391 uint8_t drive1_selected;
3392
3393 qemu_put_8s(f, &s->opt);
3394 qemu_put_8s(f, &s->stat);
3395 qemu_put_8s(f, &s->pins);
3396
3397 qemu_put_8s(f, &s->ctrl);
3398 qemu_put_be16s(f, &s->io);
3399 qemu_put_byte(f, s->cycle);
3400
3401 drive1_selected = (s->ide->cur_drive != s->ide);
3402 qemu_put_8s(f, &s->ide->cmd);
3403 qemu_put_8s(f, &drive1_selected);
3404
3405 for (i = 0; i < 2; i ++)
3406 ide_save(f, &s->ide[i]);
3407}
3408
3409static int md_load(QEMUFile *f, void *opaque, int version_id)
3410{
3411 struct md_s *s = (struct md_s *) opaque;
3412 int i;
3413 uint8_t drive1_selected;
3414
3415 qemu_get_8s(f, &s->opt);
3416 qemu_get_8s(f, &s->stat);
3417 qemu_get_8s(f, &s->pins);
3418
3419 qemu_get_8s(f, &s->ctrl);
3420 qemu_get_be16s(f, &s->io);
3421 s->cycle = qemu_get_byte(f);
3422
3423 qemu_get_8s(f, &s->ide->cmd);
3424 qemu_get_8s(f, &drive1_selected);
3425 s->ide->cur_drive = &s->ide[(drive1_selected != 0)];
3426
3427 for (i = 0; i < 2; i ++)
3428 ide_load(f, &s->ide[i]);
3429
3430 return 0;
3431}
3432
3433static int md_iid = 0;
3434
3435static const uint8_t dscm1xxxx_cis[0x14a] = {
3436 [0x000] = CISTPL_DEVICE, /* 5V Device Information */
3437 [0x002] = 0x03, /* Tuple length = 4 bytes */
3438 [0x004] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3439 [0x006] = 0x01, /* Size = 2K bytes */
3440 [0x008] = CISTPL_ENDMARK,
3441
3442 [0x00a] = CISTPL_DEVICE_OC, /* Additional Device Information */
3443 [0x00c] = 0x04, /* Tuple length = 4 byest */
3444 [0x00e] = 0x03, /* Conditions: Ext = 0, Vcc 3.3V, MWAIT = 1 */
3445 [0x010] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3446 [0x012] = 0x01, /* Size = 2K bytes */
3447 [0x014] = CISTPL_ENDMARK,
3448
3449 [0x016] = CISTPL_JEDEC_C, /* JEDEC ID */
3450 [0x018] = 0x02, /* Tuple length = 2 bytes */
3451 [0x01a] = 0xdf, /* PC Card ATA with no Vpp required */
3452 [0x01c] = 0x01,
3453
3454 [0x01e] = CISTPL_MANFID, /* Manufacture ID */
3455 [0x020] = 0x04, /* Tuple length = 4 bytes */
3456 [0x022] = 0xa4, /* TPLMID_MANF = 00a4 (IBM) */
3457 [0x024] = 0x00,
3458 [0x026] = 0x00, /* PLMID_CARD = 0000 */
3459 [0x028] = 0x00,
3460
3461 [0x02a] = CISTPL_VERS_1, /* Level 1 Version */
3462 [0x02c] = 0x12, /* Tuple length = 23 bytes */
3463 [0x02e] = 0x04, /* Major Version = JEIDA 4.2 / PCMCIA 2.1 */
3464 [0x030] = 0x01, /* Minor Version = 1 */
3465 [0x032] = 'I',
3466 [0x034] = 'B',
3467 [0x036] = 'M',
3468 [0x038] = 0x00,
3469 [0x03a] = 'm',
3470 [0x03c] = 'i',
3471 [0x03e] = 'c',
3472 [0x040] = 'r',
3473 [0x042] = 'o',
3474 [0x044] = 'd',
3475 [0x046] = 'r',
3476 [0x048] = 'i',
3477 [0x04a] = 'v',
3478 [0x04c] = 'e',
3479 [0x04e] = 0x00,
3480 [0x050] = CISTPL_ENDMARK,
3481
3482 [0x052] = CISTPL_FUNCID, /* Function ID */
3483 [0x054] = 0x02, /* Tuple length = 2 bytes */
3484 [0x056] = 0x04, /* TPLFID_FUNCTION = Fixed Disk */
3485 [0x058] = 0x01, /* TPLFID_SYSINIT: POST = 1, ROM = 0 */
3486
3487 [0x05a] = CISTPL_FUNCE, /* Function Extension */
3488 [0x05c] = 0x02, /* Tuple length = 2 bytes */
3489 [0x05e] = 0x01, /* TPLFE_TYPE = Disk Device Interface */
3490 [0x060] = 0x01, /* TPLFE_DATA = PC Card ATA Interface */
3491
3492 [0x062] = CISTPL_FUNCE, /* Function Extension */
3493 [0x064] = 0x03, /* Tuple length = 3 bytes */
3494 [0x066] = 0x02, /* TPLFE_TYPE = Basic PC Card ATA Interface */
3495 [0x068] = 0x08, /* TPLFE_DATA: Rotating, Unique, Single */
3496 [0x06a] = 0x0f, /* TPLFE_DATA: Sleep, Standby, Idle, Auto */
3497
3498 [0x06c] = CISTPL_CONFIG, /* Configuration */
3499 [0x06e] = 0x05, /* Tuple length = 5 bytes */
3500 [0x070] = 0x01, /* TPCC_RASZ = 2 bytes, TPCC_RMSZ = 1 byte */
3501 [0x072] = 0x07, /* TPCC_LAST = 7 */
3502 [0x074] = 0x00, /* TPCC_RADR = 0200 */
3503 [0x076] = 0x02,
3504 [0x078] = 0x0f, /* TPCC_RMSK = 200, 202, 204, 206 */
3505
3506 [0x07a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3507 [0x07c] = 0x0b, /* Tuple length = 11 bytes */
3508 [0x07e] = 0xc0, /* TPCE_INDX = Memory Mode, Default, Iface */
3509 [0x080] = 0xc0, /* TPCE_IF = Memory, no BVDs, no WP, READY */
3510 [0x082] = 0xa1, /* TPCE_FS = Vcc only, no I/O, Memory, Misc */
3511 [0x084] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3512 [0x086] = 0x55, /* NomV: 5.0 V */
3513 [0x088] = 0x4d, /* MinV: 4.5 V */
3514 [0x08a] = 0x5d, /* MaxV: 5.5 V */
3515 [0x08c] = 0x4e, /* Peakl: 450 mA */
3516 [0x08e] = 0x08, /* TPCE_MS = 1 window, 1 byte, Host address */
3517 [0x090] = 0x00, /* Window descriptor: Window length = 0 */
3518 [0x092] = 0x20, /* TPCE_MI: support power down mode, RW */
3519
3520 [0x094] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3521 [0x096] = 0x06, /* Tuple length = 6 bytes */
3522 [0x098] = 0x00, /* TPCE_INDX = Memory Mode, no Default */
3523 [0x09a] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3524 [0x09c] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3525 [0x09e] = 0xb5, /* NomV: 3.3 V */
3526 [0x0a0] = 0x1e,
3527 [0x0a2] = 0x3e, /* Peakl: 350 mA */
3528
3529 [0x0a4] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3530 [0x0a6] = 0x0d, /* Tuple length = 13 bytes */
3531 [0x0a8] = 0xc1, /* TPCE_INDX = I/O and Memory Mode, Default */
3532 [0x0aa] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3533 [0x0ac] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3534 [0x0ae] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3535 [0x0b0] = 0x55, /* NomV: 5.0 V */
3536 [0x0b2] = 0x4d, /* MinV: 4.5 V */
3537 [0x0b4] = 0x5d, /* MaxV: 5.5 V */
3538 [0x0b6] = 0x4e, /* Peakl: 450 mA */
3539 [0x0b8] = 0x64, /* TPCE_IO = 16-byte boundary, 16/8 accesses */
3540 [0x0ba] = 0xf0, /* TPCE_IR = MASK, Level, Pulse, Share */
3541 [0x0bc] = 0xff, /* IRQ0..IRQ7 supported */
3542 [0x0be] = 0xff, /* IRQ8..IRQ15 supported */
3543 [0x0c0] = 0x20, /* TPCE_MI = support power down mode */
3544
3545 [0x0c2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3546 [0x0c4] = 0x06, /* Tuple length = 6 bytes */
3547 [0x0c6] = 0x01, /* TPCE_INDX = I/O and Memory Mode */
3548 [0x0c8] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3549 [0x0ca] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3550 [0x0cc] = 0xb5, /* NomV: 3.3 V */
3551 [0x0ce] = 0x1e,
3552 [0x0d0] = 0x3e, /* Peakl: 350 mA */
3553
3554 [0x0d2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3555 [0x0d4] = 0x12, /* Tuple length = 18 bytes */
3556 [0x0d6] = 0xc2, /* TPCE_INDX = I/O Primary Mode */
3557 [0x0d8] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3558 [0x0da] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3559 [0x0dc] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3560 [0x0de] = 0x55, /* NomV: 5.0 V */
3561 [0x0e0] = 0x4d, /* MinV: 4.5 V */
3562 [0x0e2] = 0x5d, /* MaxV: 5.5 V */
3563 [0x0e4] = 0x4e, /* Peakl: 450 mA */
3564 [0x0e6] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3565 [0x0e8] = 0x61, /* Range: 2 fields, 2 bytes addr, 1 byte len */
3566 [0x0ea] = 0xf0, /* Field 1 address = 0x01f0 */
3567 [0x0ec] = 0x01,
3568 [0x0ee] = 0x07, /* Address block length = 8 */
3569 [0x0f0] = 0xf6, /* Field 2 address = 0x03f6 */
3570 [0x0f2] = 0x03,
3571 [0x0f4] = 0x01, /* Address block length = 2 */
3572 [0x0f6] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3573 [0x0f8] = 0x20, /* TPCE_MI = support power down mode */
3574
3575 [0x0fa] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3576 [0x0fc] = 0x06, /* Tuple length = 6 bytes */
3577 [0x0fe] = 0x02, /* TPCE_INDX = I/O Primary Mode, no Default */
3578 [0x100] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3579 [0x102] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3580 [0x104] = 0xb5, /* NomV: 3.3 V */
3581 [0x106] = 0x1e,
3582 [0x108] = 0x3e, /* Peakl: 350 mA */
3583
3584 [0x10a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3585 [0x10c] = 0x12, /* Tuple length = 18 bytes */
3586 [0x10e] = 0xc3, /* TPCE_INDX = I/O Secondary Mode, Default */
3587 [0x110] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3588 [0x112] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3589 [0x114] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3590 [0x116] = 0x55, /* NomV: 5.0 V */
3591 [0x118] = 0x4d, /* MinV: 4.5 V */
3592 [0x11a] = 0x5d, /* MaxV: 5.5 V */
3593 [0x11c] = 0x4e, /* Peakl: 450 mA */
3594 [0x11e] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3595 [0x120] = 0x61, /* Range: 2 fields, 2 byte addr, 1 byte len */
3596 [0x122] = 0x70, /* Field 1 address = 0x0170 */
3597 [0x124] = 0x01,
3598 [0x126] = 0x07, /* Address block length = 8 */
3599 [0x128] = 0x76, /* Field 2 address = 0x0376 */
3600 [0x12a] = 0x03,
3601 [0x12c] = 0x01, /* Address block length = 2 */
3602 [0x12e] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3603 [0x130] = 0x20, /* TPCE_MI = support power down mode */
3604
3605 [0x132] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3606 [0x134] = 0x06, /* Tuple length = 6 bytes */
3607 [0x136] = 0x03, /* TPCE_INDX = I/O Secondary Mode */
3608 [0x138] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3609 [0x13a] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3610 [0x13c] = 0xb5, /* NomV: 3.3 V */
3611 [0x13e] = 0x1e,
3612 [0x140] = 0x3e, /* Peakl: 350 mA */
3613
3614 [0x142] = CISTPL_NO_LINK, /* No Link */
3615 [0x144] = 0x00, /* Tuple length = 0 bytes */
3616
3617 [0x146] = CISTPL_END, /* Tuple End */
3618};
3619
3620static int dscm1xxxx_attach(void *opaque)
3621{
3622 struct md_s *md = (struct md_s *) opaque;
3623 md->card.attr_read = md_attr_read;
3624 md->card.attr_write = md_attr_write;
3625 md->card.common_read = md_common_read;
3626 md->card.common_write = md_common_write;
3627 md->card.io_read = md_common_read;
3628 md->card.io_write = md_common_write;
3629
3630 md->attr_base = md->card.cis[0x74] | (md->card.cis[0x76] << 8);
3631 md->io_base = 0x0;
3632
3633 md_reset(md);
3634 md_interrupt_update(md);
3635
3636 md->card.slot->card_string = "DSCM-1xxxx Hitachi Microdrive";
3637 return 0;
3638}
3639
3640static int dscm1xxxx_detach(void *opaque)
3641{
3642 struct md_s *md = (struct md_s *) opaque;
3643 md_reset(md);
3644 return 0;
3645}
3646
3647struct pcmcia_card_s *dscm1xxxx_init(BlockDriverState *bdrv)
3648{
3649 struct md_s *md = (struct md_s *) qemu_mallocz(sizeof(struct md_s));
3650 md->card.state = md;
3651 md->card.attach = dscm1xxxx_attach;
3652 md->card.detach = dscm1xxxx_detach;
3653 md->card.cis = dscm1xxxx_cis;
3654 md->card.cis_len = sizeof(dscm1xxxx_cis);
3655
3656 ide_init2(md->ide, bdrv, 0, qemu_allocate_irqs(md_set_irq, md, 1)[0]);
3657 md->ide->is_cf = 1;
3658 md->ide->mdata_size = METADATA_SIZE;
3659 md->ide->mdata_storage = (uint8_t *) qemu_mallocz(METADATA_SIZE);
3660
3661 register_savevm("microdrive", md_iid ++, 0, md_save, md_load, md);
3662
3663 return &md->card;
3664}
QEMU mirror