]> git.proxmox.com Git - qemu.git/blob - hw/ide/core.c
projects / qemu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge branch 'for_anthony' of git://git.kernel.org/pub/scm/linux/kernel/git/mst/qemu
[qemu.git] / hw / ide / core.c
1 /*
2 * QEMU IDE disk and CD/DVD-ROM Emulator
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
25 #include <hw/hw.h>
26 #include <hw/pc.h>
27 #include <hw/pci.h>
28 #include <hw/scsi.h>
29 #include <hw/sh.h>
30 #include "block.h"
31 #include "block_int.h"
32 #include "qemu-timer.h"
33 #include "sysemu.h"
34 #include "dma.h"
35
36 #include <hw/ide/internal.h>
37
38 static int smart_attributes[][5] = {
39 /* id, flags, val, wrst, thrsh */
40 { 0x01, 0x03, 0x64, 0x64, 0x06}, /* raw read */
41 { 0x03, 0x03, 0x64, 0x64, 0x46}, /* spin up */
42 { 0x04, 0x02, 0x64, 0x64, 0x14}, /* start stop count */
43 { 0x05, 0x03, 0x64, 0x64, 0x36}, /* remapped sectors */
44 { 0x00, 0x00, 0x00, 0x00, 0x00}
45 };
46
47 /* XXX: DVDs that could fit on a CD will be reported as a CD */
48 static inline int media_present(IDEState *s)
49 {
50 return (s->nb_sectors > 0);
51 }
52
53 static inline int media_is_dvd(IDEState *s)
54 {
55 return (media_present(s) && s->nb_sectors > CD_MAX_SECTORS);
56 }
57
58 static inline int media_is_cd(IDEState *s)
59 {
60 return (media_present(s) && s->nb_sectors <= CD_MAX_SECTORS);
61 }
62
63 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb);
64 static void ide_dma_restart(IDEState *s, int is_read);
65 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
66 static int ide_handle_rw_error(IDEState *s, int error, int op);
67
68 static void padstr(char *str, const char *src, int len)
69 {
70 int i, v;
71 for(i = 0; i < len; i++) {
72 if (*src)
73 v = *src++;
74 else
75 v = ' ';
76 str[i^1] = v;
77 }
78 }
79
80 static void padstr8(uint8_t *buf, int buf_size, const char *src)
81 {
82 int i;
83 for(i = 0; i < buf_size; i++) {
84 if (*src)
85 buf[i] = *src++;
86 else
87 buf[i] = ' ';
88 }
89 }
90
91 static void put_le16(uint16_t *p, unsigned int v)
92 {
93 *p = cpu_to_le16(v);
94 }
95
96 static void ide_identify(IDEState *s)
97 {
98 uint16_t *p;
99 unsigned int oldsize;
100
101 if (s->identify_set) {
102 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
103 return;
104 }
105
106 memset(s->io_buffer, 0, 512);
107 p = (uint16_t *)s->io_buffer;
108 put_le16(p + 0, 0x0040);
109 put_le16(p + 1, s->cylinders);
110 put_le16(p + 3, s->heads);
111 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
112 put_le16(p + 5, 512); /* XXX: retired, remove ? */
113 put_le16(p + 6, s->sectors);
114 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
115 put_le16(p + 20, 3); /* XXX: retired, remove ? */
116 put_le16(p + 21, 512); /* cache size in sectors */
117 put_le16(p + 22, 4); /* ecc bytes */
118 padstr((char *)(p + 23), s->version, 8); /* firmware version */
119 padstr((char *)(p + 27), "QEMU HARDDISK", 40); /* model */
120 #if MAX_MULT_SECTORS > 1
121 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
122 #endif
123 put_le16(p + 48, 1); /* dword I/O */
124 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
125 put_le16(p + 51, 0x200); /* PIO transfer cycle */
126 put_le16(p + 52, 0x200); /* DMA transfer cycle */
127 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
128 put_le16(p + 54, s->cylinders);
129 put_le16(p + 55, s->heads);
130 put_le16(p + 56, s->sectors);
131 oldsize = s->cylinders * s->heads * s->sectors;
132 put_le16(p + 57, oldsize);
133 put_le16(p + 58, oldsize >> 16);
134 if (s->mult_sectors)
135 put_le16(p + 59, 0x100 | s->mult_sectors);
136 put_le16(p + 60, s->nb_sectors);
137 put_le16(p + 61, s->nb_sectors >> 16);
138 put_le16(p + 62, 0x07); /* single word dma0-2 supported */
139 put_le16(p + 63, 0x07); /* mdma0-2 supported */
140 put_le16(p + 65, 120);
141 put_le16(p + 66, 120);
142 put_le16(p + 67, 120);
143 put_le16(p + 68, 120);
144 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
145 put_le16(p + 81, 0x16); /* conforms to ata5 */
146 /* 14=NOP supported, 0=SMART supported */
147 put_le16(p + 82, (1 << 14) | 1);
148 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
149 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
150 /* 14=set to 1, 1=SMART self test, 0=SMART error logging */
151 put_le16(p + 84, (1 << 14) | 0);
152 /* 14 = NOP supported, 5=WCACHE enabled, 0=SMART feature set enabled */
153 if (bdrv_enable_write_cache(s->bs))
154 put_le16(p + 85, (1 << 14) | (1 << 5) | 1);
155 else
156 put_le16(p + 85, (1 << 14) | 1);
157 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
158 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
159 /* 14=set to 1, 1=smart self test, 0=smart error logging */
160 put_le16(p + 87, (1 << 14) | 0);
161 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
162 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
163 put_le16(p + 100, s->nb_sectors);
164 put_le16(p + 101, s->nb_sectors >> 16);
165 put_le16(p + 102, s->nb_sectors >> 32);
166 put_le16(p + 103, s->nb_sectors >> 48);
167 if (s->conf && s->conf->physical_block_size)
168 put_le16(p + 106, 0x6000 | get_physical_block_exp(s->conf));
169
170 memcpy(s->identify_data, p, sizeof(s->identify_data));
171 s->identify_set = 1;
172 }
173
174 static void ide_atapi_identify(IDEState *s)
175 {
176 uint16_t *p;
177
178 if (s->identify_set) {
179 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
180 return;
181 }
182
183 memset(s->io_buffer, 0, 512);
184 p = (uint16_t *)s->io_buffer;
185 /* Removable CDROM, 50us response, 12 byte packets */
186 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
187 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
188 put_le16(p + 20, 3); /* buffer type */
189 put_le16(p + 21, 512); /* cache size in sectors */
190 put_le16(p + 22, 4); /* ecc bytes */
191 padstr((char *)(p + 23), s->version, 8); /* firmware version */
192 padstr((char *)(p + 27), "QEMU DVD-ROM", 40); /* model */
193 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
194 #ifdef USE_DMA_CDROM
195 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
196 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
197 put_le16(p + 62, 7); /* single word dma0-2 supported */
198 put_le16(p + 63, 7); /* mdma0-2 supported */
199 put_le16(p + 64, 0x3f); /* PIO modes supported */
200 #else
201 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
202 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
203 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
204 put_le16(p + 64, 1); /* PIO modes */
205 #endif
206 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
207 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
208 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
209 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
210
211 put_le16(p + 71, 30); /* in ns */
212 put_le16(p + 72, 30); /* in ns */
213
214 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
215 #ifdef USE_DMA_CDROM
216 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
217 #endif
218 memcpy(s->identify_data, p, sizeof(s->identify_data));
219 s->identify_set = 1;
220 }
221
222 static void ide_cfata_identify(IDEState *s)
223 {
224 uint16_t *p;
225 uint32_t cur_sec;
226
227 p = (uint16_t *) s->identify_data;
228 if (s->identify_set)
229 goto fill_buffer;
230
231 memset(p, 0, sizeof(s->identify_data));
232
233 cur_sec = s->cylinders * s->heads * s->sectors;
234
235 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
236 put_le16(p + 1, s->cylinders); /* Default cylinders */
237 put_le16(p + 3, s->heads); /* Default heads */
238 put_le16(p + 6, s->sectors); /* Default sectors per track */
239 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
240 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
241 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
242 put_le16(p + 22, 0x0004); /* ECC bytes */
243 padstr((char *) (p + 23), s->version, 8); /* Firmware Revision */
244 padstr((char *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */
245 #if MAX_MULT_SECTORS > 1
246 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
247 #else
248 put_le16(p + 47, 0x0000);
249 #endif
250 put_le16(p + 49, 0x0f00); /* Capabilities */
251 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
252 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
253 put_le16(p + 53, 0x0003); /* Translation params valid */
254 put_le16(p + 54, s->cylinders); /* Current cylinders */
255 put_le16(p + 55, s->heads); /* Current heads */
256 put_le16(p + 56, s->sectors); /* Current sectors */
257 put_le16(p + 57, cur_sec); /* Current capacity */
258 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
259 if (s->mult_sectors) /* Multiple sector setting */
260 put_le16(p + 59, 0x100 | s->mult_sectors);
261 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
262 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
263 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
264 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
265 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
266 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
267 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
268 put_le16(p + 82, 0x400c); /* Command Set supported */
269 put_le16(p + 83, 0x7068); /* Command Set supported */
270 put_le16(p + 84, 0x4000); /* Features supported */
271 put_le16(p + 85, 0x000c); /* Command Set enabled */
272 put_le16(p + 86, 0x7044); /* Command Set enabled */
273 put_le16(p + 87, 0x4000); /* Features enabled */
274 put_le16(p + 91, 0x4060); /* Current APM level */
275 put_le16(p + 129, 0x0002); /* Current features option */
276 put_le16(p + 130, 0x0005); /* Reassigned sectors */
277 put_le16(p + 131, 0x0001); /* Initial power mode */
278 put_le16(p + 132, 0x0000); /* User signature */
279 put_le16(p + 160, 0x8100); /* Power requirement */
280 put_le16(p + 161, 0x8001); /* CF command set */
281
282 s->identify_set = 1;
283
284 fill_buffer:
285 memcpy(s->io_buffer, p, sizeof(s->identify_data));
286 }
287
288 static void ide_set_signature(IDEState *s)
289 {
290 s->select &= 0xf0; /* clear head */
291 /* put signature */
292 s->nsector = 1;
293 s->sector = 1;
294 if (s->is_cdrom) {
295 s->lcyl = 0x14;
296 s->hcyl = 0xeb;
297 } else if (s->bs) {
298 s->lcyl = 0;
299 s->hcyl = 0;
300 } else {
301 s->lcyl = 0xff;
302 s->hcyl = 0xff;
303 }
304 }
305
306 static inline void ide_abort_command(IDEState *s)
307 {
308 s->status = READY_STAT | ERR_STAT;
309 s->error = ABRT_ERR;
310 }
311
312 static inline void ide_dma_submit_check(IDEState *s,
313 BlockDriverCompletionFunc *dma_cb, BMDMAState *bm)
314 {
315 if (bm->aiocb)
316 return;
317 dma_cb(bm, -1);
318 }
319
320 /* prepare data transfer and tell what to do after */
321 static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
322 EndTransferFunc *end_transfer_func)
323 {
324 s->end_transfer_func = end_transfer_func;
325 s->data_ptr = buf;
326 s->data_end = buf + size;
327 if (!(s->status & ERR_STAT))
328 s->status |= DRQ_STAT;
329 }
330
331 static void ide_transfer_stop(IDEState *s)
332 {
333 s->end_transfer_func = ide_transfer_stop;
334 s->data_ptr = s->io_buffer;
335 s->data_end = s->io_buffer;
336 s->status &= ~DRQ_STAT;
337 }
338
339 int64_t ide_get_sector(IDEState *s)
340 {
341 int64_t sector_num;
342 if (s->select & 0x40) {
343 /* lba */
344 if (!s->lba48) {
345 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
346 (s->lcyl << 8) | s->sector;
347 } else {
348 sector_num = ((int64_t)s->hob_hcyl << 40) |
349 ((int64_t) s->hob_lcyl << 32) |
350 ((int64_t) s->hob_sector << 24) |
351 ((int64_t) s->hcyl << 16) |
352 ((int64_t) s->lcyl << 8) | s->sector;
353 }
354 } else {
355 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
356 (s->select & 0x0f) * s->sectors + (s->sector - 1);
357 }
358 return sector_num;
359 }
360
361 void ide_set_sector(IDEState *s, int64_t sector_num)
362 {
363 unsigned int cyl, r;
364 if (s->select & 0x40) {
365 if (!s->lba48) {
366 s->select = (s->select & 0xf0) | (sector_num >> 24);
367 s->hcyl = (sector_num >> 16);
368 s->lcyl = (sector_num >> 8);
369 s->sector = (sector_num);
370 } else {
371 s->sector = sector_num;
372 s->lcyl = sector_num >> 8;
373 s->hcyl = sector_num >> 16;
374 s->hob_sector = sector_num >> 24;
375 s->hob_lcyl = sector_num >> 32;
376 s->hob_hcyl = sector_num >> 40;
377 }
378 } else {
379 cyl = sector_num / (s->heads * s->sectors);
380 r = sector_num % (s->heads * s->sectors);
381 s->hcyl = cyl >> 8;
382 s->lcyl = cyl;
383 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
384 s->sector = (r % s->sectors) + 1;
385 }
386 }
387
388 static void ide_rw_error(IDEState *s) {
389 ide_abort_command(s);
390 ide_set_irq(s->bus);
391 }
392
393 static void ide_sector_read(IDEState *s)
394 {
395 int64_t sector_num;
396 int ret, n;
397
398 s->status = READY_STAT | SEEK_STAT;
399 s->error = 0; /* not needed by IDE spec, but needed by Windows */
400 sector_num = ide_get_sector(s);
401 n = s->nsector;
402 if (n == 0) {
403 /* no more sector to read from disk */
404 ide_transfer_stop(s);
405 } else {
406 #if defined(DEBUG_IDE)
407 printf("read sector=%" PRId64 "\n", sector_num);
408 #endif
409 if (n > s->req_nb_sectors)
410 n = s->req_nb_sectors;
411 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
412 if (ret != 0) {
413 if (ide_handle_rw_error(s, -ret,
414 BM_STATUS_PIO_RETRY | BM_STATUS_RETRY_READ))
415 {
416 return;
417 }
418 }
419 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
420 ide_set_irq(s->bus);
421 ide_set_sector(s, sector_num + n);
422 s->nsector -= n;
423 }
424 }
425
426
427 /* return 0 if buffer completed */
428 static int dma_buf_prepare(BMDMAState *bm, int is_write)
429 {
430 IDEState *s = bmdma_active_if(bm);
431 struct {
432 uint32_t addr;
433 uint32_t size;
434 } prd;
435 int l, len;
436
437 qemu_sglist_init(&s->sg, s->nsector / (TARGET_PAGE_SIZE/512) + 1);
438 s->io_buffer_size = 0;
439 for(;;) {
440 if (bm->cur_prd_len == 0) {
441 /* end of table (with a fail safe of one page) */
442 if (bm->cur_prd_last ||
443 (bm->cur_addr - bm->addr) >= 4096)
444 return s->io_buffer_size != 0;
445 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
446 bm->cur_addr += 8;
447 prd.addr = le32_to_cpu(prd.addr);
448 prd.size = le32_to_cpu(prd.size);
449 len = prd.size & 0xfffe;
450 if (len == 0)
451 len = 0x10000;
452 bm->cur_prd_len = len;
453 bm->cur_prd_addr = prd.addr;
454 bm->cur_prd_last = (prd.size & 0x80000000);
455 }
456 l = bm->cur_prd_len;
457 if (l > 0) {
458 qemu_sglist_add(&s->sg, bm->cur_prd_addr, l);
459 bm->cur_prd_addr += l;
460 bm->cur_prd_len -= l;
461 s->io_buffer_size += l;
462 }
463 }
464 return 1;
465 }
466
467 static void dma_buf_commit(IDEState *s, int is_write)
468 {
469 qemu_sglist_destroy(&s->sg);
470 }
471
472 void ide_dma_error(IDEState *s)
473 {
474 ide_transfer_stop(s);
475 s->error = ABRT_ERR;
476 s->status = READY_STAT | ERR_STAT;
477 ide_set_irq(s->bus);
478 }
479
480 static int ide_handle_rw_error(IDEState *s, int error, int op)
481 {
482 int is_read = (op & BM_STATUS_RETRY_READ);
483 BlockInterfaceErrorAction action = drive_get_on_error(s->bs, is_read);
484
485 if (action == BLOCK_ERR_IGNORE) {
486 bdrv_mon_event(s->bs, BDRV_ACTION_IGNORE, is_read);
487 return 0;
488 }
489
490 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
491 || action == BLOCK_ERR_STOP_ANY) {
492 s->bus->bmdma->unit = s->unit;
493 s->bus->bmdma->status |= op;
494 vm_stop(0);
495 bdrv_mon_event(s->bs, BDRV_ACTION_STOP, is_read);
496 } else {
497 if (op & BM_STATUS_DMA_RETRY) {
498 dma_buf_commit(s, 0);
499 ide_dma_error(s);
500 } else {
501 ide_rw_error(s);
502 }
503 bdrv_mon_event(s->bs, BDRV_ACTION_REPORT, is_read);
504 }
505
506 return 1;
507 }
508
509 /* return 0 if buffer completed */
510 static int dma_buf_rw(BMDMAState *bm, int is_write)
511 {
512 IDEState *s = bmdma_active_if(bm);
513 struct {
514 uint32_t addr;
515 uint32_t size;
516 } prd;
517 int l, len;
518
519 for(;;) {
520 l = s->io_buffer_size - s->io_buffer_index;
521 if (l <= 0)
522 break;
523 if (bm->cur_prd_len == 0) {
524 /* end of table (with a fail safe of one page) */
525 if (bm->cur_prd_last ||
526 (bm->cur_addr - bm->addr) >= 4096)
527 return 0;
528 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
529 bm->cur_addr += 8;
530 prd.addr = le32_to_cpu(prd.addr);
531 prd.size = le32_to_cpu(prd.size);
532 len = prd.size & 0xfffe;
533 if (len == 0)
534 len = 0x10000;
535 bm->cur_prd_len = len;
536 bm->cur_prd_addr = prd.addr;
537 bm->cur_prd_last = (prd.size & 0x80000000);
538 }
539 if (l > bm->cur_prd_len)
540 l = bm->cur_prd_len;
541 if (l > 0) {
542 if (is_write) {
543 cpu_physical_memory_write(bm->cur_prd_addr,
544 s->io_buffer + s->io_buffer_index, l);
545 } else {
546 cpu_physical_memory_read(bm->cur_prd_addr,
547 s->io_buffer + s->io_buffer_index, l);
548 }
549 bm->cur_prd_addr += l;
550 bm->cur_prd_len -= l;
551 s->io_buffer_index += l;
552 }
553 }
554 return 1;
555 }
556
557 static void ide_read_dma_cb(void *opaque, int ret)
558 {
559 BMDMAState *bm = opaque;
560 IDEState *s = bmdma_active_if(bm);
561 int n;
562 int64_t sector_num;
563
564 if (ret < 0) {
565 if (ide_handle_rw_error(s, -ret,
566 BM_STATUS_DMA_RETRY | BM_STATUS_RETRY_READ))
567 {
568 return;
569 }
570 }
571
572 n = s->io_buffer_size >> 9;
573 sector_num = ide_get_sector(s);
574 if (n > 0) {
575 dma_buf_commit(s, 1);
576 sector_num += n;
577 ide_set_sector(s, sector_num);
578 s->nsector -= n;
579 }
580
581 /* end of transfer ? */
582 if (s->nsector == 0) {
583 s->status = READY_STAT | SEEK_STAT;
584 ide_set_irq(s->bus);
585 eot:
586 bm->status &= ~BM_STATUS_DMAING;
587 bm->status |= BM_STATUS_INT;
588 bm->dma_cb = NULL;
589 bm->unit = -1;
590 bm->aiocb = NULL;
591 return;
592 }
593
594 /* launch next transfer */
595 n = s->nsector;
596 s->io_buffer_index = 0;
597 s->io_buffer_size = n * 512;
598 if (dma_buf_prepare(bm, 1) == 0)
599 goto eot;
600 #ifdef DEBUG_AIO
601 printf("aio_read: sector_num=%" PRId64 " n=%d\n", sector_num, n);
602 #endif
603 bm->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num, ide_read_dma_cb, bm);
604 ide_dma_submit_check(s, ide_read_dma_cb, bm);
605 }
606
607 static void ide_sector_read_dma(IDEState *s)
608 {
609 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
610 s->io_buffer_index = 0;
611 s->io_buffer_size = 0;
612 s->is_read = 1;
613 ide_dma_start(s, ide_read_dma_cb);
614 }
615
616 static void ide_sector_write_timer_cb(void *opaque)
617 {
618 IDEState *s = opaque;
619 ide_set_irq(s->bus);
620 }
621
622 static void ide_sector_write(IDEState *s)
623 {
624 int64_t sector_num;
625 int ret, n, n1;
626
627 s->status = READY_STAT | SEEK_STAT;
628 sector_num = ide_get_sector(s);
629 #if defined(DEBUG_IDE)
630 printf("write sector=%" PRId64 "\n", sector_num);
631 #endif
632 n = s->nsector;
633 if (n > s->req_nb_sectors)
634 n = s->req_nb_sectors;
635 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
636
637 if (ret != 0) {
638 if (ide_handle_rw_error(s, -ret, BM_STATUS_PIO_RETRY))
639 return;
640 }
641
642 s->nsector -= n;
643 if (s->nsector == 0) {
644 /* no more sectors to write */
645 ide_transfer_stop(s);
646 } else {
647 n1 = s->nsector;
648 if (n1 > s->req_nb_sectors)
649 n1 = s->req_nb_sectors;
650 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
651 }
652 ide_set_sector(s, sector_num + n);
653
654 #ifdef TARGET_I386
655 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
656 /* It seems there is a bug in the Windows 2000 installer HDD
657 IDE driver which fills the disk with empty logs when the
658 IDE write IRQ comes too early. This hack tries to correct
659 that at the expense of slower write performances. Use this
660 option _only_ to install Windows 2000. You must disable it
661 for normal use. */
662 qemu_mod_timer(s->sector_write_timer,
663 qemu_get_clock(vm_clock) + (get_ticks_per_sec() / 1000));
664 } else
665 #endif
666 {
667 ide_set_irq(s->bus);
668 }
669 }
670
671 static void ide_dma_restart_bh(void *opaque)
672 {
673 BMDMAState *bm = opaque;
674 int is_read;
675
676 qemu_bh_delete(bm->bh);
677 bm->bh = NULL;
678
679 is_read = !!(bm->status & BM_STATUS_RETRY_READ);
680
681 if (bm->status & BM_STATUS_DMA_RETRY) {
682 bm->status &= ~(BM_STATUS_DMA_RETRY | BM_STATUS_RETRY_READ);
683 ide_dma_restart(bmdma_active_if(bm), is_read);
684 } else if (bm->status & BM_STATUS_PIO_RETRY) {
685 bm->status &= ~(BM_STATUS_PIO_RETRY | BM_STATUS_RETRY_READ);
686 if (is_read) {
687 ide_sector_read(bmdma_active_if(bm));
688 } else {
689 ide_sector_write(bmdma_active_if(bm));
690 }
691 }
692 }
693
694 void ide_dma_restart_cb(void *opaque, int running, int reason)
695 {
696 BMDMAState *bm = opaque;
697
698 if (!running)
699 return;
700
701 if (!bm->bh) {
702 bm->bh = qemu_bh_new(ide_dma_restart_bh, bm);
703 qemu_bh_schedule(bm->bh);
704 }
705 }
706
707 static void ide_write_dma_cb(void *opaque, int ret)
708 {
709 BMDMAState *bm = opaque;
710 IDEState *s = bmdma_active_if(bm);
711 int n;
712 int64_t sector_num;
713
714 if (ret < 0) {
715 if (ide_handle_rw_error(s, -ret, BM_STATUS_DMA_RETRY))
716 return;
717 }
718
719 n = s->io_buffer_size >> 9;
720 sector_num = ide_get_sector(s);
721 if (n > 0) {
722 dma_buf_commit(s, 0);
723 sector_num += n;
724 ide_set_sector(s, sector_num);
725 s->nsector -= n;
726 }
727
728 /* end of transfer ? */
729 if (s->nsector == 0) {
730 s->status = READY_STAT | SEEK_STAT;
731 ide_set_irq(s->bus);
732 eot:
733 bm->status &= ~BM_STATUS_DMAING;
734 bm->status |= BM_STATUS_INT;
735 bm->dma_cb = NULL;
736 bm->unit = -1;
737 bm->aiocb = NULL;
738 return;
739 }
740
741 n = s->nsector;
742 s->io_buffer_size = n * 512;
743 /* launch next transfer */
744 if (dma_buf_prepare(bm, 0) == 0)
745 goto eot;
746 #ifdef DEBUG_AIO
747 printf("aio_write: sector_num=%" PRId64 " n=%d\n", sector_num, n);
748 #endif
749 bm->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num, ide_write_dma_cb, bm);
750 ide_dma_submit_check(s, ide_write_dma_cb, bm);
751 }
752
753 static void ide_sector_write_dma(IDEState *s)
754 {
755 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
756 s->io_buffer_index = 0;
757 s->io_buffer_size = 0;
758 s->is_read = 0;
759 ide_dma_start(s, ide_write_dma_cb);
760 }
761
762 void ide_atapi_cmd_ok(IDEState *s)
763 {
764 s->error = 0;
765 s->status = READY_STAT | SEEK_STAT;
766 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
767 ide_set_irq(s->bus);
768 }
769
770 void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
771 {
772 #ifdef DEBUG_IDE_ATAPI
773 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
774 #endif
775 s->error = sense_key << 4;
776 s->status = READY_STAT | ERR_STAT;
777 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
778 s->sense_key = sense_key;
779 s->asc = asc;
780 ide_set_irq(s->bus);
781 }
782
783 static void ide_atapi_cmd_check_status(IDEState *s)
784 {
785 #ifdef DEBUG_IDE_ATAPI
786 printf("atapi_cmd_check_status\n");
787 #endif
788 s->error = MC_ERR | (SENSE_UNIT_ATTENTION << 4);
789 s->status = ERR_STAT;
790 s->nsector = 0;
791 ide_set_irq(s->bus);
792 }
793
794 static void ide_flush_cb(void *opaque, int ret)
795 {
796 IDEState *s = opaque;
797
798 /* XXX: how do we signal I/O errors here? */
799
800 s->status = READY_STAT | SEEK_STAT;
801 ide_set_irq(s->bus);
802 }
803
804 static inline void cpu_to_ube16(uint8_t *buf, int val)
805 {
806 buf[0] = val >> 8;
807 buf[1] = val & 0xff;
808 }
809
810 static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
811 {
812 buf[0] = val >> 24;
813 buf[1] = val >> 16;
814 buf[2] = val >> 8;
815 buf[3] = val & 0xff;
816 }
817
818 static inline int ube16_to_cpu(const uint8_t *buf)
819 {
820 return (buf[0] << 8) | buf[1];
821 }
822
823 static inline int ube32_to_cpu(const uint8_t *buf)
824 {
825 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
826 }
827
828 static void lba_to_msf(uint8_t *buf, int lba)
829 {
830 lba += 150;
831 buf[0] = (lba / 75) / 60;
832 buf[1] = (lba / 75) % 60;
833 buf[2] = lba % 75;
834 }
835
836 static void cd_data_to_raw(uint8_t *buf, int lba)
837 {
838 /* sync bytes */
839 buf[0] = 0x00;
840 memset(buf + 1, 0xff, 10);
841 buf[11] = 0x00;
842 buf += 12;
843 /* MSF */
844 lba_to_msf(buf, lba);
845 buf[3] = 0x01; /* mode 1 data */
846 buf += 4;
847 /* data */
848 buf += 2048;
849 /* XXX: ECC not computed */
850 memset(buf, 0, 288);
851 }
852
853 static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
854 int sector_size)
855 {
856 int ret;
857
858 switch(sector_size) {
859 case 2048:
860 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
861 break;
862 case 2352:
863 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
864 if (ret < 0)
865 return ret;
866 cd_data_to_raw(buf, lba);
867 break;
868 default:
869 ret = -EIO;
870 break;
871 }
872 return ret;
873 }
874
875 void ide_atapi_io_error(IDEState *s, int ret)
876 {
877 /* XXX: handle more errors */
878 if (ret == -ENOMEDIUM) {
879 ide_atapi_cmd_error(s, SENSE_NOT_READY,
880 ASC_MEDIUM_NOT_PRESENT);
881 } else {
882 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
883 ASC_LOGICAL_BLOCK_OOR);
884 }
885 }
886
887 /* The whole ATAPI transfer logic is handled in this function */
888 static void ide_atapi_cmd_reply_end(IDEState *s)
889 {
890 int byte_count_limit, size, ret;
891 #ifdef DEBUG_IDE_ATAPI
892 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
893 s->packet_transfer_size,
894 s->elementary_transfer_size,
895 s->io_buffer_index);
896 #endif
897 if (s->packet_transfer_size <= 0) {
898 /* end of transfer */
899 ide_transfer_stop(s);
900 s->status = READY_STAT | SEEK_STAT;
901 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
902 ide_set_irq(s->bus);
903 #ifdef DEBUG_IDE_ATAPI
904 printf("status=0x%x\n", s->status);
905 #endif
906 } else {
907 /* see if a new sector must be read */
908 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
909 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
910 if (ret < 0) {
911 ide_transfer_stop(s);
912 ide_atapi_io_error(s, ret);
913 return;
914 }
915 s->lba++;
916 s->io_buffer_index = 0;
917 }
918 if (s->elementary_transfer_size > 0) {
919 /* there are some data left to transmit in this elementary
920 transfer */
921 size = s->cd_sector_size - s->io_buffer_index;
922 if (size > s->elementary_transfer_size)
923 size = s->elementary_transfer_size;
924 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
925 size, ide_atapi_cmd_reply_end);
926 s->packet_transfer_size -= size;
927 s->elementary_transfer_size -= size;
928 s->io_buffer_index += size;
929 } else {
930 /* a new transfer is needed */
931 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
932 byte_count_limit = s->lcyl | (s->hcyl << 8);
933 #ifdef DEBUG_IDE_ATAPI
934 printf("byte_count_limit=%d\n", byte_count_limit);
935 #endif
936 if (byte_count_limit == 0xffff)
937 byte_count_limit--;
938 size = s->packet_transfer_size;
939 if (size > byte_count_limit) {
940 /* byte count limit must be even if this case */
941 if (byte_count_limit & 1)
942 byte_count_limit--;
943 size = byte_count_limit;
944 }
945 s->lcyl = size;
946 s->hcyl = size >> 8;
947 s->elementary_transfer_size = size;
948 /* we cannot transmit more than one sector at a time */
949 if (s->lba != -1) {
950 if (size > (s->cd_sector_size - s->io_buffer_index))
951 size = (s->cd_sector_size - s->io_buffer_index);
952 }
953 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
954 size, ide_atapi_cmd_reply_end);
955 s->packet_transfer_size -= size;
956 s->elementary_transfer_size -= size;
957 s->io_buffer_index += size;
958 ide_set_irq(s->bus);
959 #ifdef DEBUG_IDE_ATAPI
960 printf("status=0x%x\n", s->status);
961 #endif
962 }
963 }
964 }
965
966 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
967 static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
968 {
969 if (size > max_size)
970 size = max_size;
971 s->lba = -1; /* no sector read */
972 s->packet_transfer_size = size;
973 s->io_buffer_size = size; /* dma: send the reply data as one chunk */
974 s->elementary_transfer_size = 0;
975 s->io_buffer_index = 0;
976
977 if (s->atapi_dma) {
978 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
979 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
980 } else {
981 s->status = READY_STAT | SEEK_STAT;
982 ide_atapi_cmd_reply_end(s);
983 }
984 }
985
986 /* start a CD-CDROM read command */
987 static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
988 int sector_size)
989 {
990 s->lba = lba;
991 s->packet_transfer_size = nb_sectors * sector_size;
992 s->elementary_transfer_size = 0;
993 s->io_buffer_index = sector_size;
994 s->cd_sector_size = sector_size;
995
996 s->status = READY_STAT | SEEK_STAT;
997 ide_atapi_cmd_reply_end(s);
998 }
999
1000 /* ATAPI DMA support */
1001
1002 /* XXX: handle read errors */
1003 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
1004 {
1005 BMDMAState *bm = opaque;
1006 IDEState *s = bmdma_active_if(bm);
1007 int data_offset, n;
1008
1009 if (ret < 0) {
1010 ide_atapi_io_error(s, ret);
1011 goto eot;
1012 }
1013
1014 if (s->io_buffer_size > 0) {
1015 /*
1016 * For a cdrom read sector command (s->lba != -1),
1017 * adjust the lba for the next s->io_buffer_size chunk
1018 * and dma the current chunk.
1019 * For a command != read (s->lba == -1), just transfer
1020 * the reply data.
1021 */
1022 if (s->lba != -1) {
1023 if (s->cd_sector_size == 2352) {
1024 n = 1;
1025 cd_data_to_raw(s->io_buffer, s->lba);
1026 } else {
1027 n = s->io_buffer_size >> 11;
1028 }
1029 s->lba += n;
1030 }
1031 s->packet_transfer_size -= s->io_buffer_size;
1032 if (dma_buf_rw(bm, 1) == 0)
1033 goto eot;
1034 }
1035
1036 if (s->packet_transfer_size <= 0) {
1037 s->status = READY_STAT | SEEK_STAT;
1038 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1039 ide_set_irq(s->bus);
1040 eot:
1041 bm->status &= ~BM_STATUS_DMAING;
1042 bm->status |= BM_STATUS_INT;
1043 bm->dma_cb = NULL;
1044 bm->unit = -1;
1045 bm->aiocb = NULL;
1046 return;
1047 }
1048
1049 s->io_buffer_index = 0;
1050 if (s->cd_sector_size == 2352) {
1051 n = 1;
1052 s->io_buffer_size = s->cd_sector_size;
1053 data_offset = 16;
1054 } else {
1055 n = s->packet_transfer_size >> 11;
1056 if (n > (IDE_DMA_BUF_SECTORS / 4))
1057 n = (IDE_DMA_BUF_SECTORS / 4);
1058 s->io_buffer_size = n * 2048;
1059 data_offset = 0;
1060 }
1061 #ifdef DEBUG_AIO
1062 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
1063 #endif
1064 bm->iov.iov_base = (void *)(s->io_buffer + data_offset);
1065 bm->iov.iov_len = n * 4 * 512;
1066 qemu_iovec_init_external(&bm->qiov, &bm->iov, 1);
1067 bm->aiocb = bdrv_aio_readv(s->bs, (int64_t)s->lba << 2, &bm->qiov,
1068 n * 4, ide_atapi_cmd_read_dma_cb, bm);
1069 if (!bm->aiocb) {
1070 /* Note: media not present is the most likely case */
1071 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1072 ASC_MEDIUM_NOT_PRESENT);
1073 goto eot;
1074 }
1075 }
1076
1077 /* start a CD-CDROM read command with DMA */
1078 /* XXX: test if DMA is available */
1079 static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1080 int sector_size)
1081 {
1082 s->lba = lba;
1083 s->packet_transfer_size = nb_sectors * sector_size;
1084 s->io_buffer_index = 0;
1085 s->io_buffer_size = 0;
1086 s->cd_sector_size = sector_size;
1087
1088 /* XXX: check if BUSY_STAT should be set */
1089 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
1090 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1091 }
1092
1093 static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
1094 int sector_size)
1095 {
1096 #ifdef DEBUG_IDE_ATAPI
1097 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
1098 lba, nb_sectors);
1099 #endif
1100 if (s->atapi_dma) {
1101 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1102 } else {
1103 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1104 }
1105 }
1106
1107 static inline uint8_t ide_atapi_set_profile(uint8_t *buf, uint8_t *index,
1108 uint16_t profile)
1109 {
1110 uint8_t *buf_profile = buf + 12; /* start of profiles */
1111
1112 buf_profile += ((*index) * 4); /* start of indexed profile */
1113 cpu_to_ube16 (buf_profile, profile);
1114 buf_profile[2] = ((buf_profile[0] == buf[6]) && (buf_profile[1] == buf[7]));
1115
1116 /* each profile adds 4 bytes to the response */
1117 (*index)++;
1118 buf[11] += 4; /* Additional Length */
1119
1120 return 4;
1121 }
1122
1123 static int ide_dvd_read_structure(IDEState *s, int format,
1124 const uint8_t *packet, uint8_t *buf)
1125 {
1126 switch (format) {
1127 case 0x0: /* Physical format information */
1128 {
1129 int layer = packet[6];
1130 uint64_t total_sectors;
1131
1132 if (layer != 0)
1133 return -ASC_INV_FIELD_IN_CMD_PACKET;
1134
1135 bdrv_get_geometry(s->bs, &total_sectors);
1136 total_sectors >>= 2;
1137 if (total_sectors == 0)
1138 return -ASC_MEDIUM_NOT_PRESENT;
1139
1140 buf[4] = 1; /* DVD-ROM, part version 1 */
1141 buf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
1142 buf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
1143 buf[7] = 0; /* default densities */
1144
1145 /* FIXME: 0x30000 per spec? */
1146 cpu_to_ube32(buf + 8, 0); /* start sector */
1147 cpu_to_ube32(buf + 12, total_sectors - 1); /* end sector */
1148 cpu_to_ube32(buf + 16, total_sectors - 1); /* l0 end sector */
1149
1150 /* Size of buffer, not including 2 byte size field */
1151 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1152
1153 /* 2k data + 4 byte header */
1154 return (2048 + 4);
1155 }
1156
1157 case 0x01: /* DVD copyright information */
1158 buf[4] = 0; /* no copyright data */
1159 buf[5] = 0; /* no region restrictions */
1160
1161 /* Size of buffer, not including 2 byte size field */
1162 cpu_to_be16wu((uint16_t *)buf, 4 + 2);
1163
1164 /* 4 byte header + 4 byte data */
1165 return (4 + 4);
1166
1167 case 0x03: /* BCA information - invalid field for no BCA info */
1168 return -ASC_INV_FIELD_IN_CMD_PACKET;
1169
1170 case 0x04: /* DVD disc manufacturing information */
1171 /* Size of buffer, not including 2 byte size field */
1172 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1173
1174 /* 2k data + 4 byte header */
1175 return (2048 + 4);
1176
1177 case 0xff:
1178 /*
1179 * This lists all the command capabilities above. Add new ones
1180 * in order and update the length and buffer return values.
1181 */
1182
1183 buf[4] = 0x00; /* Physical format */
1184 buf[5] = 0x40; /* Not writable, is readable */
1185 cpu_to_be16wu((uint16_t *)(buf + 6), 2048 + 4);
1186
1187 buf[8] = 0x01; /* Copyright info */
1188 buf[9] = 0x40; /* Not writable, is readable */
1189 cpu_to_be16wu((uint16_t *)(buf + 10), 4 + 4);
1190
1191 buf[12] = 0x03; /* BCA info */
1192 buf[13] = 0x40; /* Not writable, is readable */
1193 cpu_to_be16wu((uint16_t *)(buf + 14), 188 + 4);
1194
1195 buf[16] = 0x04; /* Manufacturing info */
1196 buf[17] = 0x40; /* Not writable, is readable */
1197 cpu_to_be16wu((uint16_t *)(buf + 18), 2048 + 4);
1198
1199 /* Size of buffer, not including 2 byte size field */
1200 cpu_to_be16wu((uint16_t *)buf, 16 + 2);
1201
1202 /* data written + 4 byte header */
1203 return (16 + 4);
1204
1205 default: /* TODO: formats beyond DVD-ROM requires */
1206 return -ASC_INV_FIELD_IN_CMD_PACKET;
1207 }
1208 }
1209
1210 static void ide_atapi_cmd(IDEState *s)
1211 {
1212 const uint8_t *packet;
1213 uint8_t *buf;
1214 int max_len;
1215
1216 packet = s->io_buffer;
1217 buf = s->io_buffer;
1218 #ifdef DEBUG_IDE_ATAPI
1219 {
1220 int i;
1221 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1222 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1223 printf(" %02x", packet[i]);
1224 }
1225 printf("\n");
1226 }
1227 #endif
1228 /* If there's a UNIT_ATTENTION condition pending, only
1229 REQUEST_SENSE and INQUIRY commands are allowed to complete. */
1230 if (s->sense_key == SENSE_UNIT_ATTENTION &&
1231 s->io_buffer[0] != GPCMD_REQUEST_SENSE &&
1232 s->io_buffer[0] != GPCMD_INQUIRY) {
1233 ide_atapi_cmd_check_status(s);
1234 return;
1235 }
1236 switch(s->io_buffer[0]) {
1237 case GPCMD_TEST_UNIT_READY:
1238 if (bdrv_is_inserted(s->bs) && !s->cdrom_changed) {
1239 ide_atapi_cmd_ok(s);
1240 } else {
1241 s->cdrom_changed = 0;
1242 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1243 ASC_MEDIUM_NOT_PRESENT);
1244 }
1245 break;
1246 case GPCMD_MODE_SENSE_6:
1247 case GPCMD_MODE_SENSE_10:
1248 {
1249 int action, code;
1250 if (packet[0] == GPCMD_MODE_SENSE_10)
1251 max_len = ube16_to_cpu(packet + 7);
1252 else
1253 max_len = packet[4];
1254 action = packet[2] >> 6;
1255 code = packet[2] & 0x3f;
1256 switch(action) {
1257 case 0: /* current values */
1258 switch(code) {
1259 case GPMODE_R_W_ERROR_PAGE: /* error recovery */
1260 cpu_to_ube16(&buf[0], 16 + 6);
1261 buf[2] = 0x70;
1262 buf[3] = 0;
1263 buf[4] = 0;
1264 buf[5] = 0;
1265 buf[6] = 0;
1266 buf[7] = 0;
1267
1268 buf[8] = 0x01;
1269 buf[9] = 0x06;
1270 buf[10] = 0x00;
1271 buf[11] = 0x05;
1272 buf[12] = 0x00;
1273 buf[13] = 0x00;
1274 buf[14] = 0x00;
1275 buf[15] = 0x00;
1276 ide_atapi_cmd_reply(s, 16, max_len);
1277 break;
1278 case GPMODE_AUDIO_CTL_PAGE:
1279 cpu_to_ube16(&buf[0], 24 + 6);
1280 buf[2] = 0x70;
1281 buf[3] = 0;
1282 buf[4] = 0;
1283 buf[5] = 0;
1284 buf[6] = 0;
1285 buf[7] = 0;
1286
1287 /* Fill with CDROM audio volume */
1288 buf[17] = 0;
1289 buf[19] = 0;
1290 buf[21] = 0;
1291 buf[23] = 0;
1292
1293 ide_atapi_cmd_reply(s, 24, max_len);
1294 break;
1295 case GPMODE_CAPABILITIES_PAGE:
1296 cpu_to_ube16(&buf[0], 28 + 6);
1297 buf[2] = 0x70;
1298 buf[3] = 0;
1299 buf[4] = 0;
1300 buf[5] = 0;
1301 buf[6] = 0;
1302 buf[7] = 0;
1303
1304 buf[8] = 0x2a;
1305 buf[9] = 0x12;
1306 buf[10] = 0x00;
1307 buf[11] = 0x00;
1308
1309 /* Claim PLAY_AUDIO capability (0x01) since some Linux
1310 code checks for this to automount media. */
1311 buf[12] = 0x71;
1312 buf[13] = 3 << 5;
1313 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
1314 if (bdrv_is_locked(s->bs))
1315 buf[6] |= 1 << 1;
1316 buf[15] = 0x00;
1317 cpu_to_ube16(&buf[16], 706);
1318 buf[18] = 0;
1319 buf[19] = 2;
1320 cpu_to_ube16(&buf[20], 512);
1321 cpu_to_ube16(&buf[22], 706);
1322 buf[24] = 0;
1323 buf[25] = 0;
1324 buf[26] = 0;
1325 buf[27] = 0;
1326 ide_atapi_cmd_reply(s, 28, max_len);
1327 break;
1328 default:
1329 goto error_cmd;
1330 }
1331 break;
1332 case 1: /* changeable values */
1333 goto error_cmd;
1334 case 2: /* default values */
1335 goto error_cmd;
1336 default:
1337 case 3: /* saved values */
1338 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1339 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1340 break;
1341 }
1342 }
1343 break;
1344 case GPCMD_REQUEST_SENSE:
1345 max_len = packet[4];
1346 memset(buf, 0, 18);
1347 buf[0] = 0x70 | (1 << 7);
1348 buf[2] = s->sense_key;
1349 buf[7] = 10;
1350 buf[12] = s->asc;
1351 if (s->sense_key == SENSE_UNIT_ATTENTION)
1352 s->sense_key = SENSE_NONE;
1353 ide_atapi_cmd_reply(s, 18, max_len);
1354 break;
1355 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
1356 if (bdrv_is_inserted(s->bs)) {
1357 bdrv_set_locked(s->bs, packet[4] & 1);
1358 ide_atapi_cmd_ok(s);
1359 } else {
1360 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1361 ASC_MEDIUM_NOT_PRESENT);
1362 }
1363 break;
1364 case GPCMD_READ_10:
1365 case GPCMD_READ_12:
1366 {
1367 int nb_sectors, lba;
1368
1369 if (packet[0] == GPCMD_READ_10)
1370 nb_sectors = ube16_to_cpu(packet + 7);
1371 else
1372 nb_sectors = ube32_to_cpu(packet + 6);
1373 lba = ube32_to_cpu(packet + 2);
1374 if (nb_sectors == 0) {
1375 ide_atapi_cmd_ok(s);
1376 break;
1377 }
1378 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1379 }
1380 break;
1381 case GPCMD_READ_CD:
1382 {
1383 int nb_sectors, lba, transfer_request;
1384
1385 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1386 lba = ube32_to_cpu(packet + 2);
1387 if (nb_sectors == 0) {
1388 ide_atapi_cmd_ok(s);
1389 break;
1390 }
1391 transfer_request = packet[9];
1392 switch(transfer_request & 0xf8) {
1393 case 0x00:
1394 /* nothing */
1395 ide_atapi_cmd_ok(s);
1396 break;
1397 case 0x10:
1398 /* normal read */
1399 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1400 break;
1401 case 0xf8:
1402 /* read all data */
1403 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1404 break;
1405 default:
1406 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1407 ASC_INV_FIELD_IN_CMD_PACKET);
1408 break;
1409 }
1410 }
1411 break;
1412 case GPCMD_SEEK:
1413 {
1414 unsigned int lba;
1415 uint64_t total_sectors;
1416
1417 bdrv_get_geometry(s->bs, &total_sectors);
1418 total_sectors >>= 2;
1419 if (total_sectors == 0) {
1420 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1421 ASC_MEDIUM_NOT_PRESENT);
1422 break;
1423 }
1424 lba = ube32_to_cpu(packet + 2);
1425 if (lba >= total_sectors) {
1426 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1427 ASC_LOGICAL_BLOCK_OOR);
1428 break;
1429 }
1430 ide_atapi_cmd_ok(s);
1431 }
1432 break;
1433 case GPCMD_START_STOP_UNIT:
1434 {
1435 int start, eject, err = 0;
1436 start = packet[4] & 1;
1437 eject = (packet[4] >> 1) & 1;
1438
1439 if (eject) {
1440 err = bdrv_eject(s->bs, !start);
1441 }
1442
1443 switch (err) {
1444 case 0:
1445 ide_atapi_cmd_ok(s);
1446 break;
1447 case -EBUSY:
1448 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1449 ASC_MEDIA_REMOVAL_PREVENTED);
1450 break;
1451 default:
1452 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1453 ASC_MEDIUM_NOT_PRESENT);
1454 break;
1455 }
1456 }
1457 break;
1458 case GPCMD_MECHANISM_STATUS:
1459 {
1460 max_len = ube16_to_cpu(packet + 8);
1461 cpu_to_ube16(buf, 0);
1462 /* no current LBA */
1463 buf[2] = 0;
1464 buf[3] = 0;
1465 buf[4] = 0;
1466 buf[5] = 1;
1467 cpu_to_ube16(buf + 6, 0);
1468 ide_atapi_cmd_reply(s, 8, max_len);
1469 }
1470 break;
1471 case GPCMD_READ_TOC_PMA_ATIP:
1472 {
1473 int format, msf, start_track, len;
1474 uint64_t total_sectors;
1475
1476 bdrv_get_geometry(s->bs, &total_sectors);
1477 total_sectors >>= 2;
1478 if (total_sectors == 0) {
1479 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1480 ASC_MEDIUM_NOT_PRESENT);
1481 break;
1482 }
1483 max_len = ube16_to_cpu(packet + 7);
1484 format = packet[9] >> 6;
1485 msf = (packet[1] >> 1) & 1;
1486 start_track = packet[6];
1487 switch(format) {
1488 case 0:
1489 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
1490 if (len < 0)
1491 goto error_cmd;
1492 ide_atapi_cmd_reply(s, len, max_len);
1493 break;
1494 case 1:
1495 /* multi session : only a single session defined */
1496 memset(buf, 0, 12);
1497 buf[1] = 0x0a;
1498 buf[2] = 0x01;
1499 buf[3] = 0x01;
1500 ide_atapi_cmd_reply(s, 12, max_len);
1501 break;
1502 case 2:
1503 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
1504 if (len < 0)
1505 goto error_cmd;
1506 ide_atapi_cmd_reply(s, len, max_len);
1507 break;
1508 default:
1509 error_cmd:
1510 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1511 ASC_INV_FIELD_IN_CMD_PACKET);
1512 break;
1513 }
1514 }
1515 break;
1516 case GPCMD_READ_CDVD_CAPACITY:
1517 {
1518 uint64_t total_sectors;
1519
1520 bdrv_get_geometry(s->bs, &total_sectors);
1521 total_sectors >>= 2;
1522 if (total_sectors == 0) {
1523 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1524 ASC_MEDIUM_NOT_PRESENT);
1525 break;
1526 }
1527 /* NOTE: it is really the number of sectors minus 1 */
1528 cpu_to_ube32(buf, total_sectors - 1);
1529 cpu_to_ube32(buf + 4, 2048);
1530 ide_atapi_cmd_reply(s, 8, 8);
1531 }
1532 break;
1533 case GPCMD_READ_DVD_STRUCTURE:
1534 {
1535 int media = packet[1];
1536 int format = packet[7];
1537 int ret;
1538
1539 max_len = ube16_to_cpu(packet + 8);
1540
1541 if (format < 0xff) {
1542 if (media_is_cd(s)) {
1543 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1544 ASC_INCOMPATIBLE_FORMAT);
1545 break;
1546 } else if (!media_present(s)) {
1547 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1548 ASC_INV_FIELD_IN_CMD_PACKET);
1549 break;
1550 }
1551 }
1552
1553 memset(buf, 0, max_len > IDE_DMA_BUF_SECTORS * 512 + 4 ?
1554 IDE_DMA_BUF_SECTORS * 512 + 4 : max_len);
1555
1556 switch (format) {
1557 case 0x00 ... 0x7f:
1558 case 0xff:
1559 if (media == 0) {
1560 ret = ide_dvd_read_structure(s, format, packet, buf);
1561
1562 if (ret < 0)
1563 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, -ret);
1564 else
1565 ide_atapi_cmd_reply(s, ret, max_len);
1566
1567 break;
1568 }
1569 /* TODO: BD support, fall through for now */
1570
1571 /* Generic disk structures */
1572 case 0x80: /* TODO: AACS volume identifier */
1573 case 0x81: /* TODO: AACS media serial number */
1574 case 0x82: /* TODO: AACS media identifier */
1575 case 0x83: /* TODO: AACS media key block */
1576 case 0x90: /* TODO: List of recognized format layers */
1577 case 0xc0: /* TODO: Write protection status */
1578 default:
1579 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1580 ASC_INV_FIELD_IN_CMD_PACKET);
1581 break;
1582 }
1583 }
1584 break;
1585 case GPCMD_SET_SPEED:
1586 ide_atapi_cmd_ok(s);
1587 break;
1588 case GPCMD_INQUIRY:
1589 max_len = packet[4];
1590 buf[0] = 0x05; /* CD-ROM */
1591 buf[1] = 0x80; /* removable */
1592 buf[2] = 0x00; /* ISO */
1593 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1594 buf[4] = 31; /* additional length */
1595 buf[5] = 0; /* reserved */
1596 buf[6] = 0; /* reserved */
1597 buf[7] = 0; /* reserved */
1598 padstr8(buf + 8, 8, "QEMU");
1599 padstr8(buf + 16, 16, "QEMU DVD-ROM");
1600 padstr8(buf + 32, 4, s->version);
1601 ide_atapi_cmd_reply(s, 36, max_len);
1602 break;
1603 case GPCMD_GET_CONFIGURATION:
1604 {
1605 uint32_t len;
1606 uint8_t index = 0;
1607
1608 /* only feature 0 is supported */
1609 if (packet[2] != 0 || packet[3] != 0) {
1610 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1611 ASC_INV_FIELD_IN_CMD_PACKET);
1612 break;
1613 }
1614
1615 /* XXX: could result in alignment problems in some architectures */
1616 max_len = ube16_to_cpu(packet + 7);
1617
1618 /*
1619 * XXX: avoid overflow for io_buffer if max_len is bigger than
1620 * the size of that buffer (dimensioned to max number of
1621 * sectors to transfer at once)
1622 *
1623 * Only a problem if the feature/profiles grow.
1624 */
1625 if (max_len > 512) /* XXX: assume 1 sector */
1626 max_len = 512;
1627
1628 memset(buf, 0, max_len);
1629 /*
1630 * the number of sectors from the media tells us which profile
1631 * to use as current. 0 means there is no media
1632 */
1633 if (media_is_dvd(s))
1634 cpu_to_ube16(buf + 6, MMC_PROFILE_DVD_ROM);
1635 else if (media_is_cd(s))
1636 cpu_to_ube16(buf + 6, MMC_PROFILE_CD_ROM);
1637
1638 buf[10] = 0x02 | 0x01; /* persistent and current */
1639 len = 12; /* headers: 8 + 4 */
1640 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_DVD_ROM);
1641 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_CD_ROM);
1642 cpu_to_ube32(buf, len - 4); /* data length */
1643
1644 ide_atapi_cmd_reply(s, len, max_len);
1645 break;
1646 }
1647 default:
1648 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1649 ASC_ILLEGAL_OPCODE);
1650 break;
1651 }
1652 }
1653
1654 static void ide_cfata_metadata_inquiry(IDEState *s)
1655 {
1656 uint16_t *p;
1657 uint32_t spd;
1658
1659 p = (uint16_t *) s->io_buffer;
1660 memset(p, 0, 0x200);
1661 spd = ((s->mdata_size - 1) >> 9) + 1;
1662
1663 put_le16(p + 0, 0x0001); /* Data format revision */
1664 put_le16(p + 1, 0x0000); /* Media property: silicon */
1665 put_le16(p + 2, s->media_changed); /* Media status */
1666 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
1667 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
1668 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
1669 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
1670 }
1671
1672 static void ide_cfata_metadata_read(IDEState *s)
1673 {
1674 uint16_t *p;
1675
1676 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1677 s->status = ERR_STAT;
1678 s->error = ABRT_ERR;
1679 return;
1680 }
1681
1682 p = (uint16_t *) s->io_buffer;
1683 memset(p, 0, 0x200);
1684
1685 put_le16(p + 0, s->media_changed); /* Media status */
1686 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1687 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1688 s->nsector << 9), 0x200 - 2));
1689 }
1690
1691 static void ide_cfata_metadata_write(IDEState *s)
1692 {
1693 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1694 s->status = ERR_STAT;
1695 s->error = ABRT_ERR;
1696 return;
1697 }
1698
1699 s->media_changed = 0;
1700
1701 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1702 s->io_buffer + 2,
1703 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1704 s->nsector << 9), 0x200 - 2));
1705 }
1706
1707 /* called when the inserted state of the media has changed */
1708 static void cdrom_change_cb(void *opaque)
1709 {
1710 IDEState *s = opaque;
1711 uint64_t nb_sectors;
1712
1713 bdrv_get_geometry(s->bs, &nb_sectors);
1714 s->nb_sectors = nb_sectors;
1715
1716 s->sense_key = SENSE_UNIT_ATTENTION;
1717 s->asc = ASC_MEDIUM_MAY_HAVE_CHANGED;
1718 s->cdrom_changed = 1;
1719 ide_set_irq(s->bus);
1720 }
1721
1722 static void ide_cmd_lba48_transform(IDEState *s, int lba48)
1723 {
1724 s->lba48 = lba48;
1725
1726 /* handle the 'magic' 0 nsector count conversion here. to avoid
1727 * fiddling with the rest of the read logic, we just store the
1728 * full sector count in ->nsector and ignore ->hob_nsector from now
1729 */
1730 if (!s->lba48) {
1731 if (!s->nsector)
1732 s->nsector = 256;
1733 } else {
1734 if (!s->nsector && !s->hob_nsector)
1735 s->nsector = 65536;
1736 else {
1737 int lo = s->nsector;
1738 int hi = s->hob_nsector;
1739
1740 s->nsector = (hi << 8) | lo;
1741 }
1742 }
1743 }
1744
1745 static void ide_clear_hob(IDEBus *bus)
1746 {
1747 /* any write clears HOB high bit of device control register */
1748 bus->ifs[0].select &= ~(1 << 7);
1749 bus->ifs[1].select &= ~(1 << 7);
1750 }
1751
1752 void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
1753 {
1754 IDEBus *bus = opaque;
1755 IDEState *s;
1756 int n;
1757 int lba48 = 0;
1758
1759 #ifdef DEBUG_IDE
1760 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1761 #endif
1762
1763 addr &= 7;
1764
1765 /* ignore writes to command block while busy with previous command */
1766 if (addr != 7 && (idebus_active_if(bus)->status & (BUSY_STAT|DRQ_STAT)))
1767 return;
1768
1769 switch(addr) {
1770 case 0:
1771 break;
1772 case 1:
1773 ide_clear_hob(bus);
1774 /* NOTE: data is written to the two drives */
1775 bus->ifs[0].hob_feature = bus->ifs[0].feature;
1776 bus->ifs[1].hob_feature = bus->ifs[1].feature;
1777 bus->ifs[0].feature = val;
1778 bus->ifs[1].feature = val;
1779 break;
1780 case 2:
1781 ide_clear_hob(bus);
1782 bus->ifs[0].hob_nsector = bus->ifs[0].nsector;
1783 bus->ifs[1].hob_nsector = bus->ifs[1].nsector;
1784 bus->ifs[0].nsector = val;
1785 bus->ifs[1].nsector = val;
1786 break;
1787 case 3:
1788 ide_clear_hob(bus);
1789 bus->ifs[0].hob_sector = bus->ifs[0].sector;
1790 bus->ifs[1].hob_sector = bus->ifs[1].sector;
1791 bus->ifs[0].sector = val;
1792 bus->ifs[1].sector = val;
1793 break;
1794 case 4:
1795 ide_clear_hob(bus);
1796 bus->ifs[0].hob_lcyl = bus->ifs[0].lcyl;
1797 bus->ifs[1].hob_lcyl = bus->ifs[1].lcyl;
1798 bus->ifs[0].lcyl = val;
1799 bus->ifs[1].lcyl = val;
1800 break;
1801 case 5:
1802 ide_clear_hob(bus);
1803 bus->ifs[0].hob_hcyl = bus->ifs[0].hcyl;
1804 bus->ifs[1].hob_hcyl = bus->ifs[1].hcyl;
1805 bus->ifs[0].hcyl = val;
1806 bus->ifs[1].hcyl = val;
1807 break;
1808 case 6:
1809 /* FIXME: HOB readback uses bit 7 */
1810 bus->ifs[0].select = (val & ~0x10) | 0xa0;
1811 bus->ifs[1].select = (val | 0x10) | 0xa0;
1812 /* select drive */
1813 bus->unit = (val >> 4) & 1;
1814 break;
1815 default:
1816 case 7:
1817 /* command */
1818 #if defined(DEBUG_IDE)
1819 printf("ide: CMD=%02x\n", val);
1820 #endif
1821 s = idebus_active_if(bus);
1822 /* ignore commands to non existant slave */
1823 if (s != bus->ifs && !s->bs)
1824 break;
1825
1826 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */
1827 if ((s->status & (BUSY_STAT|DRQ_STAT)) && val != WIN_DEVICE_RESET)
1828 break;
1829
1830 switch(val) {
1831 case WIN_IDENTIFY:
1832 if (s->bs && !s->is_cdrom) {
1833 if (!s->is_cf)
1834 ide_identify(s);
1835 else
1836 ide_cfata_identify(s);
1837 s->status = READY_STAT | SEEK_STAT;
1838 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1839 } else {
1840 if (s->is_cdrom) {
1841 ide_set_signature(s);
1842 }
1843 ide_abort_command(s);
1844 }
1845 ide_set_irq(s->bus);
1846 break;
1847 case WIN_SPECIFY:
1848 case WIN_RECAL:
1849 s->error = 0;
1850 s->status = READY_STAT | SEEK_STAT;
1851 ide_set_irq(s->bus);
1852 break;
1853 case WIN_SETMULT:
1854 if (s->is_cf && s->nsector == 0) {
1855 /* Disable Read and Write Multiple */
1856 s->mult_sectors = 0;
1857 s->status = READY_STAT | SEEK_STAT;
1858 } else if ((s->nsector & 0xff) != 0 &&
1859 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
1860 (s->nsector & (s->nsector - 1)) != 0)) {
1861 ide_abort_command(s);
1862 } else {
1863 s->mult_sectors = s->nsector & 0xff;
1864 s->status = READY_STAT | SEEK_STAT;
1865 }
1866 ide_set_irq(s->bus);
1867 break;
1868 case WIN_VERIFY_EXT:
1869 lba48 = 1;
1870 case WIN_VERIFY:
1871 case WIN_VERIFY_ONCE:
1872 /* do sector number check ? */
1873 ide_cmd_lba48_transform(s, lba48);
1874 s->status = READY_STAT | SEEK_STAT;
1875 ide_set_irq(s->bus);
1876 break;
1877 case WIN_READ_EXT:
1878 lba48 = 1;
1879 case WIN_READ:
1880 case WIN_READ_ONCE:
1881 if (!s->bs)
1882 goto abort_cmd;
1883 ide_cmd_lba48_transform(s, lba48);
1884 s->req_nb_sectors = 1;
1885 ide_sector_read(s);
1886 break;
1887 case WIN_WRITE_EXT:
1888 lba48 = 1;
1889 case WIN_WRITE:
1890 case WIN_WRITE_ONCE:
1891 case CFA_WRITE_SECT_WO_ERASE:
1892 case WIN_WRITE_VERIFY:
1893 ide_cmd_lba48_transform(s, lba48);
1894 s->error = 0;
1895 s->status = SEEK_STAT | READY_STAT;
1896 s->req_nb_sectors = 1;
1897 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1898 s->media_changed = 1;
1899 break;
1900 case WIN_MULTREAD_EXT:
1901 lba48 = 1;
1902 case WIN_MULTREAD:
1903 if (!s->mult_sectors)
1904 goto abort_cmd;
1905 ide_cmd_lba48_transform(s, lba48);
1906 s->req_nb_sectors = s->mult_sectors;
1907 ide_sector_read(s);
1908 break;
1909 case WIN_MULTWRITE_EXT:
1910 lba48 = 1;
1911 case WIN_MULTWRITE:
1912 case CFA_WRITE_MULTI_WO_ERASE:
1913 if (!s->mult_sectors)
1914 goto abort_cmd;
1915 ide_cmd_lba48_transform(s, lba48);
1916 s->error = 0;
1917 s->status = SEEK_STAT | READY_STAT;
1918 s->req_nb_sectors = s->mult_sectors;
1919 n = s->nsector;
1920 if (n > s->req_nb_sectors)
1921 n = s->req_nb_sectors;
1922 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1923 s->media_changed = 1;
1924 break;
1925 case WIN_READDMA_EXT:
1926 lba48 = 1;
1927 case WIN_READDMA:
1928 case WIN_READDMA_ONCE:
1929 if (!s->bs)
1930 goto abort_cmd;
1931 ide_cmd_lba48_transform(s, lba48);
1932 ide_sector_read_dma(s);
1933 break;
1934 case WIN_WRITEDMA_EXT:
1935 lba48 = 1;
1936 case WIN_WRITEDMA:
1937 case WIN_WRITEDMA_ONCE:
1938 if (!s->bs)
1939 goto abort_cmd;
1940 ide_cmd_lba48_transform(s, lba48);
1941 ide_sector_write_dma(s);
1942 s->media_changed = 1;
1943 break;
1944 case WIN_READ_NATIVE_MAX_EXT:
1945 lba48 = 1;
1946 case WIN_READ_NATIVE_MAX:
1947 ide_cmd_lba48_transform(s, lba48);
1948 ide_set_sector(s, s->nb_sectors - 1);
1949 s->status = READY_STAT | SEEK_STAT;
1950 ide_set_irq(s->bus);
1951 break;
1952 case WIN_CHECKPOWERMODE1:
1953 case WIN_CHECKPOWERMODE2:
1954 s->nsector = 0xff; /* device active or idle */
1955 s->status = READY_STAT | SEEK_STAT;
1956 ide_set_irq(s->bus);
1957 break;
1958 case WIN_SETFEATURES:
1959 if (!s->bs)
1960 goto abort_cmd;
1961 /* XXX: valid for CDROM ? */
1962 switch(s->feature) {
1963 case 0xcc: /* reverting to power-on defaults enable */
1964 case 0x66: /* reverting to power-on defaults disable */
1965 case 0x02: /* write cache enable */
1966 case 0x82: /* write cache disable */
1967 case 0xaa: /* read look-ahead enable */
1968 case 0x55: /* read look-ahead disable */
1969 case 0x05: /* set advanced power management mode */
1970 case 0x85: /* disable advanced power management mode */
1971 case 0x69: /* NOP */
1972 case 0x67: /* NOP */
1973 case 0x96: /* NOP */
1974 case 0x9a: /* NOP */
1975 case 0x42: /* enable Automatic Acoustic Mode */
1976 case 0xc2: /* disable Automatic Acoustic Mode */
1977 s->status = READY_STAT | SEEK_STAT;
1978 ide_set_irq(s->bus);
1979 break;
1980 case 0x03: { /* set transfer mode */
1981 uint8_t val = s->nsector & 0x07;
1982 uint16_t *identify_data = (uint16_t *)s->identify_data;
1983
1984 switch (s->nsector >> 3) {
1985 case 0x00: /* pio default */
1986 case 0x01: /* pio mode */
1987 put_le16(identify_data + 62,0x07);
1988 put_le16(identify_data + 63,0x07);
1989 put_le16(identify_data + 88,0x3f);
1990 break;
1991 case 0x02: /* sigle word dma mode*/
1992 put_le16(identify_data + 62,0x07 | (1 << (val + 8)));
1993 put_le16(identify_data + 63,0x07);
1994 put_le16(identify_data + 88,0x3f);
1995 break;
1996 case 0x04: /* mdma mode */
1997 put_le16(identify_data + 62,0x07);
1998 put_le16(identify_data + 63,0x07 | (1 << (val + 8)));
1999 put_le16(identify_data + 88,0x3f);
2000 break;
2001 case 0x08: /* udma mode */
2002 put_le16(identify_data + 62,0x07);
2003 put_le16(identify_data + 63,0x07);
2004 put_le16(identify_data + 88,0x3f | (1 << (val + 8)));
2005 break;
2006 default:
2007 goto abort_cmd;
2008 }
2009 s->status = READY_STAT | SEEK_STAT;
2010 ide_set_irq(s->bus);
2011 break;
2012 }
2013 default:
2014 goto abort_cmd;
2015 }
2016 break;
2017 case WIN_FLUSH_CACHE:
2018 case WIN_FLUSH_CACHE_EXT:
2019 if (s->bs)
2020 bdrv_aio_flush(s->bs, ide_flush_cb, s);
2021 else
2022 ide_flush_cb(s, 0);
2023 break;
2024 case WIN_STANDBY:
2025 case WIN_STANDBY2:
2026 case WIN_STANDBYNOW1:
2027 case WIN_STANDBYNOW2:
2028 case WIN_IDLEIMMEDIATE:
2029 case CFA_IDLEIMMEDIATE:
2030 case WIN_SETIDLE1:
2031 case WIN_SETIDLE2:
2032 case WIN_SLEEPNOW1:
2033 case WIN_SLEEPNOW2:
2034 s->status = READY_STAT;
2035 ide_set_irq(s->bus);
2036 break;
2037 case WIN_SEEK:
2038 if(s->is_cdrom)
2039 goto abort_cmd;
2040 /* XXX: Check that seek is within bounds */
2041 s->status = READY_STAT | SEEK_STAT;
2042 ide_set_irq(s->bus);
2043 break;
2044 /* ATAPI commands */
2045 case WIN_PIDENTIFY:
2046 if (s->is_cdrom) {
2047 ide_atapi_identify(s);
2048 s->status = READY_STAT | SEEK_STAT;
2049 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2050 } else {
2051 ide_abort_command(s);
2052 }
2053 ide_set_irq(s->bus);
2054 break;
2055 case WIN_DIAGNOSE:
2056 ide_set_signature(s);
2057 if (s->is_cdrom)
2058 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet
2059 * devices to return a clear status register
2060 * with READY_STAT *not* set. */
2061 else
2062 s->status = READY_STAT | SEEK_STAT;
2063 s->error = 0x01; /* Device 0 passed, Device 1 passed or not
2064 * present.
2065 */
2066 ide_set_irq(s->bus);
2067 break;
2068 case WIN_SRST:
2069 if (!s->is_cdrom)
2070 goto abort_cmd;
2071 ide_set_signature(s);
2072 s->status = 0x00; /* NOTE: READY is _not_ set */
2073 s->error = 0x01;
2074 break;
2075 case WIN_PACKETCMD:
2076 if (!s->is_cdrom)
2077 goto abort_cmd;
2078 /* overlapping commands not supported */
2079 if (s->feature & 0x02)
2080 goto abort_cmd;
2081 s->status = READY_STAT | SEEK_STAT;
2082 s->atapi_dma = s->feature & 1;
2083 s->nsector = 1;
2084 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
2085 ide_atapi_cmd);
2086 break;
2087 /* CF-ATA commands */
2088 case CFA_REQ_EXT_ERROR_CODE:
2089 if (!s->is_cf)
2090 goto abort_cmd;
2091 s->error = 0x09; /* miscellaneous error */
2092 s->status = READY_STAT | SEEK_STAT;
2093 ide_set_irq(s->bus);
2094 break;
2095 case CFA_ERASE_SECTORS:
2096 case CFA_WEAR_LEVEL:
2097 if (!s->is_cf)
2098 goto abort_cmd;
2099 if (val == CFA_WEAR_LEVEL)
2100 s->nsector = 0;
2101 if (val == CFA_ERASE_SECTORS)
2102 s->media_changed = 1;
2103 s->error = 0x00;
2104 s->status = READY_STAT | SEEK_STAT;
2105 ide_set_irq(s->bus);
2106 break;
2107 case CFA_TRANSLATE_SECTOR:
2108 if (!s->is_cf)
2109 goto abort_cmd;
2110 s->error = 0x00;
2111 s->status = READY_STAT | SEEK_STAT;
2112 memset(s->io_buffer, 0, 0x200);
2113 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
2114 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
2115 s->io_buffer[0x02] = s->select; /* Head */
2116 s->io_buffer[0x03] = s->sector; /* Sector */
2117 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
2118 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
2119 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
2120 s->io_buffer[0x13] = 0x00; /* Erase flag */
2121 s->io_buffer[0x18] = 0x00; /* Hot count */
2122 s->io_buffer[0x19] = 0x00; /* Hot count */
2123 s->io_buffer[0x1a] = 0x01; /* Hot count */
2124 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2125 ide_set_irq(s->bus);
2126 break;
2127 case CFA_ACCESS_METADATA_STORAGE:
2128 if (!s->is_cf)
2129 goto abort_cmd;
2130 switch (s->feature) {
2131 case 0x02: /* Inquiry Metadata Storage */
2132 ide_cfata_metadata_inquiry(s);
2133 break;
2134 case 0x03: /* Read Metadata Storage */
2135 ide_cfata_metadata_read(s);
2136 break;
2137 case 0x04: /* Write Metadata Storage */
2138 ide_cfata_metadata_write(s);
2139 break;
2140 default:
2141 goto abort_cmd;
2142 }
2143 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2144 s->status = 0x00; /* NOTE: READY is _not_ set */
2145 ide_set_irq(s->bus);
2146 break;
2147 case IBM_SENSE_CONDITION:
2148 if (!s->is_cf)
2149 goto abort_cmd;
2150 switch (s->feature) {
2151 case 0x01: /* sense temperature in device */
2152 s->nsector = 0x50; /* +20 C */
2153 break;
2154 default:
2155 goto abort_cmd;
2156 }
2157 s->status = READY_STAT | SEEK_STAT;
2158 ide_set_irq(s->bus);
2159 break;
2160
2161 case WIN_SMART:
2162 if (s->is_cdrom)
2163 goto abort_cmd;
2164 if (s->hcyl != 0xc2 || s->lcyl != 0x4f)
2165 goto abort_cmd;
2166 if (!s->smart_enabled && s->feature != SMART_ENABLE)
2167 goto abort_cmd;
2168 switch (s->feature) {
2169 case SMART_DISABLE:
2170 s->smart_enabled = 0;
2171 s->status = READY_STAT | SEEK_STAT;
2172 ide_set_irq(s->bus);
2173 break;
2174 case SMART_ENABLE:
2175 s->smart_enabled = 1;
2176 s->status = READY_STAT | SEEK_STAT;
2177 ide_set_irq(s->bus);
2178 break;
2179 case SMART_ATTR_AUTOSAVE:
2180 switch (s->sector) {
2181 case 0x00:
2182 s->smart_autosave = 0;
2183 break;
2184 case 0xf1:
2185 s->smart_autosave = 1;
2186 break;
2187 default:
2188 goto abort_cmd;
2189 }
2190 s->status = READY_STAT | SEEK_STAT;
2191 ide_set_irq(s->bus);
2192 break;
2193 case SMART_STATUS:
2194 if (!s->smart_errors) {
2195 s->hcyl = 0xc2;
2196 s->lcyl = 0x4f;
2197 } else {
2198 s->hcyl = 0x2c;
2199 s->lcyl = 0xf4;
2200 }
2201 s->status = READY_STAT | SEEK_STAT;
2202 ide_set_irq(s->bus);
2203 break;
2204 case SMART_READ_THRESH:
2205 memset(s->io_buffer, 0, 0x200);
2206 s->io_buffer[0] = 0x01; /* smart struct version */
2207 for (n=0; n<30; n++) {
2208 if (smart_attributes[n][0] == 0)
2209 break;
2210 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0];
2211 s->io_buffer[2+1+(n*12)] = smart_attributes[n][4];
2212 }
2213 for (n=0; n<511; n++) /* checksum */
2214 s->io_buffer[511] += s->io_buffer[n];
2215 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2216 s->status = READY_STAT | SEEK_STAT;
2217 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2218 ide_set_irq(s->bus);
2219 break;
2220 case SMART_READ_DATA:
2221 memset(s->io_buffer, 0, 0x200);
2222 s->io_buffer[0] = 0x01; /* smart struct version */
2223 for (n=0; n<30; n++) {
2224 if (smart_attributes[n][0] == 0)
2225 break;
2226 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0];
2227 s->io_buffer[2+1+(n*12)] = smart_attributes[n][1];
2228 s->io_buffer[2+3+(n*12)] = smart_attributes[n][2];
2229 s->io_buffer[2+4+(n*12)] = smart_attributes[n][3];
2230 }
2231 s->io_buffer[362] = 0x02 | (s->smart_autosave?0x80:0x00);
2232 if (s->smart_selftest_count == 0) {
2233 s->io_buffer[363] = 0;
2234 } else {
2235 s->io_buffer[363] =
2236 s->smart_selftest_data[3 +
2237 (s->smart_selftest_count - 1) *
2238 24];
2239 }
2240 s->io_buffer[364] = 0x20;
2241 s->io_buffer[365] = 0x01;
2242 /* offline data collection capacity: execute + self-test*/
2243 s->io_buffer[367] = (1<<4 | 1<<3 | 1);
2244 s->io_buffer[368] = 0x03; /* smart capability (1) */
2245 s->io_buffer[369] = 0x00; /* smart capability (2) */
2246 s->io_buffer[370] = 0x01; /* error logging supported */
2247 s->io_buffer[372] = 0x02; /* minutes for poll short test */
2248 s->io_buffer[373] = 0x36; /* minutes for poll ext test */
2249 s->io_buffer[374] = 0x01; /* minutes for poll conveyance */
2250
2251 for (n=0; n<511; n++)
2252 s->io_buffer[511] += s->io_buffer[n];
2253 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2254 s->status = READY_STAT | SEEK_STAT;
2255 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2256 ide_set_irq(s->bus);
2257 break;
2258 case SMART_READ_LOG:
2259 switch (s->sector) {
2260 case 0x01: /* summary smart error log */
2261 memset(s->io_buffer, 0, 0x200);
2262 s->io_buffer[0] = 0x01;
2263 s->io_buffer[1] = 0x00; /* no error entries */
2264 s->io_buffer[452] = s->smart_errors & 0xff;
2265 s->io_buffer[453] = (s->smart_errors & 0xff00) >> 8;
2266
2267 for (n=0; n<511; n++)
2268 s->io_buffer[511] += s->io_buffer[n];
2269 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2270 break;
2271 case 0x06: /* smart self test log */
2272 memset(s->io_buffer, 0, 0x200);
2273 s->io_buffer[0] = 0x01;
2274 if (s->smart_selftest_count == 0) {
2275 s->io_buffer[508] = 0;
2276 } else {
2277 s->io_buffer[508] = s->smart_selftest_count;
2278 for (n=2; n<506; n++)
2279 s->io_buffer[n] = s->smart_selftest_data[n];
2280 }
2281 for (n=0; n<511; n++)
2282 s->io_buffer[511] += s->io_buffer[n];
2283 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2284 break;
2285 default:
2286 goto abort_cmd;
2287 }
2288 s->status = READY_STAT | SEEK_STAT;
2289 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2290 ide_set_irq(s->bus);
2291 break;
2292 case SMART_EXECUTE_OFFLINE:
2293 switch (s->sector) {
2294 case 0: /* off-line routine */
2295 case 1: /* short self test */
2296 case 2: /* extended self test */
2297 s->smart_selftest_count++;
2298 if(s->smart_selftest_count > 21)
2299 s->smart_selftest_count = 0;
2300 n = 2 + (s->smart_selftest_count - 1) * 24;
2301 s->smart_selftest_data[n] = s->sector;
2302 s->smart_selftest_data[n+1] = 0x00; /* OK and finished */
2303 s->smart_selftest_data[n+2] = 0x34; /* hour count lsb */
2304 s->smart_selftest_data[n+3] = 0x12; /* hour count msb */
2305 s->status = READY_STAT | SEEK_STAT;
2306 ide_set_irq(s->bus);
2307 break;
2308 default:
2309 goto abort_cmd;
2310 }
2311 break;
2312 default:
2313 goto abort_cmd;
2314 }
2315 break;
2316 default:
2317 abort_cmd:
2318 ide_abort_command(s);
2319 ide_set_irq(s->bus);
2320 break;
2321 }
2322 }
2323 }
2324
2325 uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
2326 {
2327 IDEBus *bus = opaque;
2328 IDEState *s = idebus_active_if(bus);
2329 uint32_t addr;
2330 int ret, hob;
2331
2332 addr = addr1 & 7;
2333 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2334 //hob = s->select & (1 << 7);
2335 hob = 0;
2336 switch(addr) {
2337 case 0:
2338 ret = 0xff;
2339 break;
2340 case 1:
2341 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2342 (s != bus->ifs && !s->bs))
2343 ret = 0;
2344 else if (!hob)
2345 ret = s->error;
2346 else
2347 ret = s->hob_feature;
2348 break;
2349 case 2:
2350 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2351 ret = 0;
2352 else if (!hob)
2353 ret = s->nsector & 0xff;
2354 else
2355 ret = s->hob_nsector;
2356 break;
2357 case 3:
2358 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2359 ret = 0;
2360 else if (!hob)
2361 ret = s->sector;
2362 else
2363 ret = s->hob_sector;
2364 break;
2365 case 4:
2366 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2367 ret = 0;
2368 else if (!hob)
2369 ret = s->lcyl;
2370 else
2371 ret = s->hob_lcyl;
2372 break;
2373 case 5:
2374 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2375 ret = 0;
2376 else if (!hob)
2377 ret = s->hcyl;
2378 else
2379 ret = s->hob_hcyl;
2380 break;
2381 case 6:
2382 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2383 ret = 0;
2384 else
2385 ret = s->select;
2386 break;
2387 default:
2388 case 7:
2389 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2390 (s != bus->ifs && !s->bs))
2391 ret = 0;
2392 else
2393 ret = s->status;
2394 qemu_irq_lower(bus->irq);
2395 break;
2396 }
2397 #ifdef DEBUG_IDE
2398 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
2399 #endif
2400 return ret;
2401 }
2402
2403 uint32_t ide_status_read(void *opaque, uint32_t addr)
2404 {
2405 IDEBus *bus = opaque;
2406 IDEState *s = idebus_active_if(bus);
2407 int ret;
2408
2409 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2410 (s != bus->ifs && !s->bs))
2411 ret = 0;
2412 else
2413 ret = s->status;
2414 #ifdef DEBUG_IDE
2415 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
2416 #endif
2417 return ret;
2418 }
2419
2420 void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
2421 {
2422 IDEBus *bus = opaque;
2423 IDEState *s;
2424 int i;
2425
2426 #ifdef DEBUG_IDE
2427 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
2428 #endif
2429 /* common for both drives */
2430 if (!(bus->cmd & IDE_CMD_RESET) &&
2431 (val & IDE_CMD_RESET)) {
2432 /* reset low to high */
2433 for(i = 0;i < 2; i++) {
2434 s = &bus->ifs[i];
2435 s->status = BUSY_STAT | SEEK_STAT;
2436 s->error = 0x01;
2437 }
2438 } else if ((bus->cmd & IDE_CMD_RESET) &&
2439 !(val & IDE_CMD_RESET)) {
2440 /* high to low */
2441 for(i = 0;i < 2; i++) {
2442 s = &bus->ifs[i];
2443 if (s->is_cdrom)
2444 s->status = 0x00; /* NOTE: READY is _not_ set */
2445 else
2446 s->status = READY_STAT | SEEK_STAT;
2447 ide_set_signature(s);
2448 }
2449 }
2450
2451 bus->cmd = val;
2452 }
2453
2454 void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
2455 {
2456 IDEBus *bus = opaque;
2457 IDEState *s = idebus_active_if(bus);
2458 uint8_t *p;
2459
2460 /* PIO data access allowed only when DRQ bit is set */
2461 if (!(s->status & DRQ_STAT))
2462 return;
2463
2464 p = s->data_ptr;
2465 *(uint16_t *)p = le16_to_cpu(val);
2466 p += 2;
2467 s->data_ptr = p;
2468 if (p >= s->data_end)
2469 s->end_transfer_func(s);
2470 }
2471
2472 uint32_t ide_data_readw(void *opaque, uint32_t addr)
2473 {
2474 IDEBus *bus = opaque;
2475 IDEState *s = idebus_active_if(bus);
2476 uint8_t *p;
2477 int ret;
2478
2479 /* PIO data access allowed only when DRQ bit is set */
2480 if (!(s->status & DRQ_STAT))
2481 return 0;
2482
2483 p = s->data_ptr;
2484 ret = cpu_to_le16(*(uint16_t *)p);
2485 p += 2;
2486 s->data_ptr = p;
2487 if (p >= s->data_end)
2488 s->end_transfer_func(s);
2489 return ret;
2490 }
2491
2492 void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
2493 {
2494 IDEBus *bus = opaque;
2495 IDEState *s = idebus_active_if(bus);
2496 uint8_t *p;
2497
2498 /* PIO data access allowed only when DRQ bit is set */
2499 if (!(s->status & DRQ_STAT))
2500 return;
2501
2502 p = s->data_ptr;
2503 *(uint32_t *)p = le32_to_cpu(val);
2504 p += 4;
2505 s->data_ptr = p;
2506 if (p >= s->data_end)
2507 s->end_transfer_func(s);
2508 }
2509
2510 uint32_t ide_data_readl(void *opaque, uint32_t addr)
2511 {
2512 IDEBus *bus = opaque;
2513 IDEState *s = idebus_active_if(bus);
2514 uint8_t *p;
2515 int ret;
2516
2517 /* PIO data access allowed only when DRQ bit is set */
2518 if (!(s->status & DRQ_STAT))
2519 return 0;
2520
2521 p = s->data_ptr;
2522 ret = cpu_to_le32(*(uint32_t *)p);
2523 p += 4;
2524 s->data_ptr = p;
2525 if (p >= s->data_end)
2526 s->end_transfer_func(s);
2527 return ret;
2528 }
2529
2530 static void ide_dummy_transfer_stop(IDEState *s)
2531 {
2532 s->data_ptr = s->io_buffer;
2533 s->data_end = s->io_buffer;
2534 s->io_buffer[0] = 0xff;
2535 s->io_buffer[1] = 0xff;
2536 s->io_buffer[2] = 0xff;
2537 s->io_buffer[3] = 0xff;
2538 }
2539
2540 static void ide_reset(IDEState *s)
2541 {
2542 #ifdef DEBUG_IDE
2543 printf("ide: reset\n");
2544 #endif
2545 if (s->is_cf)
2546 s->mult_sectors = 0;
2547 else
2548 s->mult_sectors = MAX_MULT_SECTORS;
2549 /* ide regs */
2550 s->feature = 0;
2551 s->error = 0;
2552 s->nsector = 0;
2553 s->sector = 0;
2554 s->lcyl = 0;
2555 s->hcyl = 0;
2556
2557 /* lba48 */
2558 s->hob_feature = 0;
2559 s->hob_sector = 0;
2560 s->hob_nsector = 0;
2561 s->hob_lcyl = 0;
2562 s->hob_hcyl = 0;
2563
2564 s->select = 0xa0;
2565 s->status = READY_STAT | SEEK_STAT;
2566
2567 s->lba48 = 0;
2568
2569 /* ATAPI specific */
2570 s->sense_key = 0;
2571 s->asc = 0;
2572 s->cdrom_changed = 0;
2573 s->packet_transfer_size = 0;
2574 s->elementary_transfer_size = 0;
2575 s->io_buffer_index = 0;
2576 s->cd_sector_size = 0;
2577 s->atapi_dma = 0;
2578 /* ATA DMA state */
2579 s->io_buffer_size = 0;
2580 s->req_nb_sectors = 0;
2581
2582 ide_set_signature(s);
2583 /* init the transfer handler so that 0xffff is returned on data
2584 accesses */
2585 s->end_transfer_func = ide_dummy_transfer_stop;
2586 ide_dummy_transfer_stop(s);
2587 s->media_changed = 0;
2588 }
2589
2590 void ide_bus_reset(IDEBus *bus)
2591 {
2592 bus->unit = 0;
2593 bus->cmd = 0;
2594 ide_reset(&bus->ifs[0]);
2595 ide_reset(&bus->ifs[1]);
2596 ide_clear_hob(bus);
2597 }
2598
2599 void ide_init_drive(IDEState *s, DriveInfo *dinfo, BlockConf *conf,
2600 const char *version)
2601 {
2602 int cylinders, heads, secs;
2603 uint64_t nb_sectors;
2604
2605 if (dinfo && dinfo->bdrv) {
2606 s->bs = dinfo->bdrv;
2607 bdrv_get_geometry(s->bs, &nb_sectors);
2608 bdrv_guess_geometry(s->bs, &cylinders, &heads, &secs);
2609 s->cylinders = cylinders;
2610 s->heads = heads;
2611 s->sectors = secs;
2612 s->nb_sectors = nb_sectors;
2613 /* The SMART values should be preserved across power cycles
2614 but they aren't. */
2615 s->smart_enabled = 1;
2616 s->smart_autosave = 1;
2617 s->smart_errors = 0;
2618 s->smart_selftest_count = 0;
2619 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
2620 s->is_cdrom = 1;
2621 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
2622 }
2623 strncpy(s->drive_serial_str, drive_get_serial(s->bs),
2624 sizeof(s->drive_serial_str));
2625 if (conf) {
2626 s->conf = conf;
2627 }
2628 }
2629 if (strlen(s->drive_serial_str) == 0)
2630 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str),
2631 "QM%05d", s->drive_serial);
2632 if (version) {
2633 pstrcpy(s->version, sizeof(s->version), version);
2634 } else {
2635 pstrcpy(s->version, sizeof(s->version), QEMU_VERSION);
2636 }
2637 ide_reset(s);
2638 }
2639
2640 void ide_init2(IDEBus *bus, DriveInfo *hd0, DriveInfo *hd1,
2641 qemu_irq irq)
2642 {
2643 IDEState *s;
2644 static int drive_serial = 1;
2645 int i;
2646
2647 for(i = 0; i < 2; i++) {
2648 s = bus->ifs + i;
2649 s->bus = bus;
2650 s->unit = i;
2651 s->drive_serial = drive_serial++;
2652 s->io_buffer = qemu_blockalign(s->bs, IDE_DMA_BUF_SECTORS*512 + 4);
2653 s->smart_selftest_data = qemu_blockalign(s->bs, 512);
2654 s->sector_write_timer = qemu_new_timer(vm_clock,
2655 ide_sector_write_timer_cb, s);
2656 if (i == 0)
2657 ide_init_drive(s, hd0, NULL, NULL);
2658 if (i == 1)
2659 ide_init_drive(s, hd1, NULL, NULL);
2660 }
2661 bus->irq = irq;
2662 }
2663
2664 void ide_init_ioport(IDEBus *bus, int iobase, int iobase2)
2665 {
2666 register_ioport_write(iobase, 8, 1, ide_ioport_write, bus);
2667 register_ioport_read(iobase, 8, 1, ide_ioport_read, bus);
2668 if (iobase2) {
2669 register_ioport_read(iobase2, 1, 1, ide_status_read, bus);
2670 register_ioport_write(iobase2, 1, 1, ide_cmd_write, bus);
2671 }
2672
2673 /* data ports */
2674 register_ioport_write(iobase, 2, 2, ide_data_writew, bus);
2675 register_ioport_read(iobase, 2, 2, ide_data_readw, bus);
2676 register_ioport_write(iobase, 4, 4, ide_data_writel, bus);
2677 register_ioport_read(iobase, 4, 4, ide_data_readl, bus);
2678 }
2679
2680 static bool is_identify_set(void *opaque, int version_id)
2681 {
2682 IDEState *s = opaque;
2683
2684 return s->identify_set != 0;
2685 }
2686
2687 static int ide_drive_post_load(void *opaque, int version_id)
2688 {
2689 IDEState *s = opaque;
2690
2691 if (version_id < 3) {
2692 if (s->sense_key == SENSE_UNIT_ATTENTION &&
2693 s->asc == ASC_MEDIUM_MAY_HAVE_CHANGED) {
2694 s->cdrom_changed = 1;
2695 }
2696 }
2697 return 0;
2698 }
2699
2700 const VMStateDescription vmstate_ide_drive = {
2701 .name = "ide_drive",
2702 .version_id = 3,
2703 .minimum_version_id = 0,
2704 .minimum_version_id_old = 0,
2705 .post_load = ide_drive_post_load,
2706 .fields = (VMStateField []) {
2707 VMSTATE_INT32(mult_sectors, IDEState),
2708 VMSTATE_INT32(identify_set, IDEState),
2709 VMSTATE_BUFFER_TEST(identify_data, IDEState, is_identify_set),
2710 VMSTATE_UINT8(feature, IDEState),
2711 VMSTATE_UINT8(error, IDEState),
2712 VMSTATE_UINT32(nsector, IDEState),
2713 VMSTATE_UINT8(sector, IDEState),
2714 VMSTATE_UINT8(lcyl, IDEState),
2715 VMSTATE_UINT8(hcyl, IDEState),
2716 VMSTATE_UINT8(hob_feature, IDEState),
2717 VMSTATE_UINT8(hob_sector, IDEState),
2718 VMSTATE_UINT8(hob_nsector, IDEState),
2719 VMSTATE_UINT8(hob_lcyl, IDEState),
2720 VMSTATE_UINT8(hob_hcyl, IDEState),
2721 VMSTATE_UINT8(select, IDEState),
2722 VMSTATE_UINT8(status, IDEState),
2723 VMSTATE_UINT8(lba48, IDEState),
2724 VMSTATE_UINT8(sense_key, IDEState),
2725 VMSTATE_UINT8(asc, IDEState),
2726 VMSTATE_UINT8_V(cdrom_changed, IDEState, 3),
2727 /* XXX: if a transfer is pending, we do not save it yet */
2728 VMSTATE_END_OF_LIST()
2729 }
2730 };
2731
2732 const VMStateDescription vmstate_ide_bus = {
2733 .name = "ide_bus",
2734 .version_id = 1,
2735 .minimum_version_id = 1,
2736 .minimum_version_id_old = 1,
2737 .fields = (VMStateField []) {
2738 VMSTATE_UINT8(cmd, IDEBus),
2739 VMSTATE_UINT8(unit, IDEBus),
2740 VMSTATE_END_OF_LIST()
2741 }
2742 };
2743
2744 /***********************************************************/
2745 /* PCI IDE definitions */
2746
2747 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb)
2748 {
2749 BMDMAState *bm = s->bus->bmdma;
2750 if(!bm)
2751 return;
2752 bm->unit = s->unit;
2753 bm->dma_cb = dma_cb;
2754 bm->cur_prd_last = 0;
2755 bm->cur_prd_addr = 0;
2756 bm->cur_prd_len = 0;
2757 bm->sector_num = ide_get_sector(s);
2758 bm->nsector = s->nsector;
2759 if (bm->status & BM_STATUS_DMAING) {
2760 bm->dma_cb(bm, 0);
2761 }
2762 }
2763
2764 static void ide_dma_restart(IDEState *s, int is_read)
2765 {
2766 BMDMAState *bm = s->bus->bmdma;
2767 ide_set_sector(s, bm->sector_num);
2768 s->io_buffer_index = 0;
2769 s->io_buffer_size = 0;
2770 s->nsector = bm->nsector;
2771 bm->cur_addr = bm->addr;
2772
2773 if (is_read) {
2774 bm->dma_cb = ide_read_dma_cb;
2775 } else {
2776 bm->dma_cb = ide_write_dma_cb;
2777 }
2778
2779 ide_dma_start(s, bm->dma_cb);
2780 }
2781
2782 void ide_dma_cancel(BMDMAState *bm)
2783 {
2784 if (bm->status & BM_STATUS_DMAING) {
2785 bm->status &= ~BM_STATUS_DMAING;
2786 /* cancel DMA request */
2787 bm->unit = -1;
2788 bm->dma_cb = NULL;
2789 if (bm->aiocb) {
2790 #ifdef DEBUG_AIO
2791 printf("aio_cancel\n");
2792 #endif
2793 bdrv_aio_cancel(bm->aiocb);
2794 bm->aiocb = NULL;
2795 }
2796 }
2797 }
2798
2799 void ide_dma_reset(BMDMAState *bm)
2800 {
2801 #ifdef DEBUG_IDE
2802 printf("ide: dma_reset\n");
2803 #endif
2804 ide_dma_cancel(bm);
2805 bm->cmd = 0;
2806 bm->status = 0;
2807 bm->addr = 0;
2808 bm->cur_addr = 0;
2809 bm->cur_prd_last = 0;
2810 bm->cur_prd_addr = 0;
2811 bm->cur_prd_len = 0;
2812 bm->sector_num = 0;
2813 bm->nsector = 0;
2814 }
Qemu copy for testing