]> git.proxmox.com Git - qemu.git/blob - hw/ide.c
projects / qemu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
new bochs BIOS - 16 bit APM support (initial patch by Struan Bartlett)
[qemu.git] / hw / ide.c
1 /*
2 * QEMU IDE disk and CD-ROM Emulator
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 *
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
12 *
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
15 *
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
22 * THE SOFTWARE.
23 */
24 #include "vl.h"
25
26 /* debug IDE devices */
27 //#define DEBUG_IDE
28 //#define DEBUG_IDE_ATAPI
29
30 /* Bits of HD_STATUS */
31 #define ERR_STAT 0x01
32 #define INDEX_STAT 0x02
33 #define ECC_STAT 0x04 /* Corrected error */
34 #define DRQ_STAT 0x08
35 #define SEEK_STAT 0x10
36 #define SRV_STAT 0x10
37 #define WRERR_STAT 0x20
38 #define READY_STAT 0x40
39 #define BUSY_STAT 0x80
40
41 /* Bits for HD_ERROR */
42 #define MARK_ERR 0x01 /* Bad address mark */
43 #define TRK0_ERR 0x02 /* couldn't find track 0 */
44 #define ABRT_ERR 0x04 /* Command aborted */
45 #define MCR_ERR 0x08 /* media change request */
46 #define ID_ERR 0x10 /* ID field not found */
47 #define MC_ERR 0x20 /* media changed */
48 #define ECC_ERR 0x40 /* Uncorrectable ECC error */
49 #define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
50 #define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
51
52 /* Bits of HD_NSECTOR */
53 #define CD 0x01
54 #define IO 0x02
55 #define REL 0x04
56 #define TAG_MASK 0xf8
57
58 #define IDE_CMD_RESET 0x04
59 #define IDE_CMD_DISABLE_IRQ 0x02
60
61 /* ATA/ATAPI Commands pre T13 Spec */
62 #define WIN_NOP 0x00
63 /*
64 * 0x01->0x02 Reserved
65 */
66 #define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
67 /*
68 * 0x04->0x07 Reserved
69 */
70 #define WIN_SRST 0x08 /* ATAPI soft reset command */
71 #define WIN_DEVICE_RESET 0x08
72 /*
73 * 0x09->0x0F Reserved
74 */
75 #define WIN_RECAL 0x10
76 #define WIN_RESTORE WIN_RECAL
77 /*
78 * 0x10->0x1F Reserved
79 */
80 #define WIN_READ 0x20 /* 28-Bit */
81 #define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
82 #define WIN_READ_LONG 0x22 /* 28-Bit */
83 #define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
84 #define WIN_READ_EXT 0x24 /* 48-Bit */
85 #define WIN_READDMA_EXT 0x25 /* 48-Bit */
86 #define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
87 #define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
88 /*
89 * 0x28
90 */
91 #define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
92 /*
93 * 0x2A->0x2F Reserved
94 */
95 #define WIN_WRITE 0x30 /* 28-Bit */
96 #define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
97 #define WIN_WRITE_LONG 0x32 /* 28-Bit */
98 #define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
99 #define WIN_WRITE_EXT 0x34 /* 48-Bit */
100 #define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
101 #define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
102 #define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
103 #define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
104 #define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
105 /*
106 * 0x3A->0x3B Reserved
107 */
108 #define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
109 /*
110 * 0x3D->0x3F Reserved
111 */
112 #define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
113 #define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
114 #define WIN_VERIFY_EXT 0x42 /* 48-Bit */
115 /*
116 * 0x43->0x4F Reserved
117 */
118 #define WIN_FORMAT 0x50
119 /*
120 * 0x51->0x5F Reserved
121 */
122 #define WIN_INIT 0x60
123 /*
124 * 0x61->0x5F Reserved
125 */
126 #define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
127 #define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
128 #define WIN_DIAGNOSE 0x90
129 #define WIN_SPECIFY 0x91 /* set drive geometry translation */
130 #define WIN_DOWNLOAD_MICROCODE 0x92
131 #define WIN_STANDBYNOW2 0x94
132 #define WIN_STANDBY2 0x96
133 #define WIN_SETIDLE2 0x97
134 #define WIN_CHECKPOWERMODE2 0x98
135 #define WIN_SLEEPNOW2 0x99
136 /*
137 * 0x9A VENDOR
138 */
139 #define WIN_PACKETCMD 0xA0 /* Send a packet command. */
140 #define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
141 #define WIN_QUEUED_SERVICE 0xA2
142 #define WIN_SMART 0xB0 /* self-monitoring and reporting */
143 #define CFA_ERASE_SECTORS 0xC0
144 #define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
145 #define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
146 #define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
147 #define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
148 #define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
149 #define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
150 #define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
151 #define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
152 #define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
153 #define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
154 #define WIN_GETMEDIASTATUS 0xDA
155 #define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
156 #define WIN_POSTBOOT 0xDC
157 #define WIN_PREBOOT 0xDD
158 #define WIN_DOORLOCK 0xDE /* lock door on removable drives */
159 #define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
160 #define WIN_STANDBYNOW1 0xE0
161 #define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
162 #define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
163 #define WIN_SETIDLE1 0xE3
164 #define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
165 #define WIN_CHECKPOWERMODE1 0xE5
166 #define WIN_SLEEPNOW1 0xE6
167 #define WIN_FLUSH_CACHE 0xE7
168 #define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
169 #define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
170 /* SET_FEATURES 0x22 or 0xDD */
171 #define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
172 #define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
173 #define WIN_MEDIAEJECT 0xED
174 #define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
175 #define WIN_SETFEATURES 0xEF /* set special drive features */
176 #define EXABYTE_ENABLE_NEST 0xF0
177 #define WIN_SECURITY_SET_PASS 0xF1
178 #define WIN_SECURITY_UNLOCK 0xF2
179 #define WIN_SECURITY_ERASE_PREPARE 0xF3
180 #define WIN_SECURITY_ERASE_UNIT 0xF4
181 #define WIN_SECURITY_FREEZE_LOCK 0xF5
182 #define WIN_SECURITY_DISABLE 0xF6
183 #define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
184 #define WIN_SET_MAX 0xF9
185 #define DISABLE_SEAGATE 0xFB
186
187 /* set to 1 set disable mult support */
188 #define MAX_MULT_SECTORS 16
189
190 /* ATAPI defines */
191
192 #define ATAPI_PACKET_SIZE 12
193
194 /* The generic packet command opcodes for CD/DVD Logical Units,
195 * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
196 #define GPCMD_BLANK 0xa1
197 #define GPCMD_CLOSE_TRACK 0x5b
198 #define GPCMD_FLUSH_CACHE 0x35
199 #define GPCMD_FORMAT_UNIT 0x04
200 #define GPCMD_GET_CONFIGURATION 0x46
201 #define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
202 #define GPCMD_GET_PERFORMANCE 0xac
203 #define GPCMD_INQUIRY 0x12
204 #define GPCMD_LOAD_UNLOAD 0xa6
205 #define GPCMD_MECHANISM_STATUS 0xbd
206 #define GPCMD_MODE_SELECT_10 0x55
207 #define GPCMD_MODE_SENSE_10 0x5a
208 #define GPCMD_PAUSE_RESUME 0x4b
209 #define GPCMD_PLAY_AUDIO_10 0x45
210 #define GPCMD_PLAY_AUDIO_MSF 0x47
211 #define GPCMD_PLAY_AUDIO_TI 0x48
212 #define GPCMD_PLAY_CD 0xbc
213 #define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
214 #define GPCMD_READ_10 0x28
215 #define GPCMD_READ_12 0xa8
216 #define GPCMD_READ_CDVD_CAPACITY 0x25
217 #define GPCMD_READ_CD 0xbe
218 #define GPCMD_READ_CD_MSF 0xb9
219 #define GPCMD_READ_DISC_INFO 0x51
220 #define GPCMD_READ_DVD_STRUCTURE 0xad
221 #define GPCMD_READ_FORMAT_CAPACITIES 0x23
222 #define GPCMD_READ_HEADER 0x44
223 #define GPCMD_READ_TRACK_RZONE_INFO 0x52
224 #define GPCMD_READ_SUBCHANNEL 0x42
225 #define GPCMD_READ_TOC_PMA_ATIP 0x43
226 #define GPCMD_REPAIR_RZONE_TRACK 0x58
227 #define GPCMD_REPORT_KEY 0xa4
228 #define GPCMD_REQUEST_SENSE 0x03
229 #define GPCMD_RESERVE_RZONE_TRACK 0x53
230 #define GPCMD_SCAN 0xba
231 #define GPCMD_SEEK 0x2b
232 #define GPCMD_SEND_DVD_STRUCTURE 0xad
233 #define GPCMD_SEND_EVENT 0xa2
234 #define GPCMD_SEND_KEY 0xa3
235 #define GPCMD_SEND_OPC 0x54
236 #define GPCMD_SET_READ_AHEAD 0xa7
237 #define GPCMD_SET_STREAMING 0xb6
238 #define GPCMD_START_STOP_UNIT 0x1b
239 #define GPCMD_STOP_PLAY_SCAN 0x4e
240 #define GPCMD_TEST_UNIT_READY 0x00
241 #define GPCMD_VERIFY_10 0x2f
242 #define GPCMD_WRITE_10 0x2a
243 #define GPCMD_WRITE_AND_VERIFY_10 0x2e
244 /* This is listed as optional in ATAPI 2.6, but is (curiously)
245 * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
246 * Table 377 as an MMC command for SCSi devices though... Most ATAPI
247 * drives support it. */
248 #define GPCMD_SET_SPEED 0xbb
249 /* This seems to be a SCSI specific CD-ROM opcode
250 * to play data at track/index */
251 #define GPCMD_PLAYAUDIO_TI 0x48
252 /*
253 * From MS Media Status Notification Support Specification. For
254 * older drives only.
255 */
256 #define GPCMD_GET_MEDIA_STATUS 0xda
257
258 /* Mode page codes for mode sense/set */
259 #define GPMODE_R_W_ERROR_PAGE 0x01
260 #define GPMODE_WRITE_PARMS_PAGE 0x05
261 #define GPMODE_AUDIO_CTL_PAGE 0x0e
262 #define GPMODE_POWER_PAGE 0x1a
263 #define GPMODE_FAULT_FAIL_PAGE 0x1c
264 #define GPMODE_TO_PROTECT_PAGE 0x1d
265 #define GPMODE_CAPABILITIES_PAGE 0x2a
266 #define GPMODE_ALL_PAGES 0x3f
267 /* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
268 * of MODE_SENSE_POWER_PAGE */
269 #define GPMODE_CDROM_PAGE 0x0d
270
271 #define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
272 #define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
273 #define ATAPI_INT_REASON_REL 0x04
274 #define ATAPI_INT_REASON_TAG 0xf8
275
276 /* same constants as bochs */
277 #define ASC_ILLEGAL_OPCODE 0x20
278 #define ASC_LOGICAL_BLOCK_OOR 0x21
279 #define ASC_INV_FIELD_IN_CMD_PACKET 0x24
280 #define ASC_MEDIUM_NOT_PRESENT 0x3a
281 #define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
282
283 #define SENSE_NONE 0
284 #define SENSE_NOT_READY 2
285 #define SENSE_ILLEGAL_REQUEST 5
286 #define SENSE_UNIT_ATTENTION 6
287
288 struct IDEState;
289
290 typedef void EndTransferFunc(struct IDEState *);
291
292 /* NOTE: IDEState represents in fact one drive */
293 typedef struct IDEState {
294 /* ide config */
295 int is_cdrom;
296 int cylinders, heads, sectors;
297 int64_t nb_sectors;
298 int mult_sectors;
299 int irq;
300 openpic_t *openpic;
301 PCIDevice *pci_dev;
302 struct BMDMAState *bmdma;
303 int drive_serial;
304 /* ide regs */
305 uint8_t feature;
306 uint8_t error;
307 uint16_t nsector; /* 0 is 256 to ease computations */
308 uint8_t sector;
309 uint8_t lcyl;
310 uint8_t hcyl;
311 uint8_t select;
312 uint8_t status;
313 /* 0x3f6 command, only meaningful for drive 0 */
314 uint8_t cmd;
315 /* depends on bit 4 in select, only meaningful for drive 0 */
316 struct IDEState *cur_drive;
317 BlockDriverState *bs;
318 /* ATAPI specific */
319 uint8_t sense_key;
320 uint8_t asc;
321 int packet_transfer_size;
322 int elementary_transfer_size;
323 int io_buffer_index;
324 int lba;
325 int cd_sector_size;
326 int atapi_dma; /* true if dma is requested for the packet cmd */
327 /* ATA DMA state */
328 int io_buffer_size;
329 /* PIO transfer handling */
330 int req_nb_sectors; /* number of sectors per interrupt */
331 EndTransferFunc *end_transfer_func;
332 uint8_t *data_ptr;
333 uint8_t *data_end;
334 uint8_t io_buffer[MAX_MULT_SECTORS*512 + 4];
335 } IDEState;
336
337 #define BM_STATUS_DMAING 0x01
338 #define BM_STATUS_ERROR 0x02
339 #define BM_STATUS_INT 0x04
340
341 #define BM_CMD_START 0x01
342 #define BM_CMD_READ 0x08
343
344 typedef int IDEDMAFunc(IDEState *s,
345 target_phys_addr_t phys_addr,
346 int transfer_size1);
347
348 typedef struct BMDMAState {
349 uint8_t cmd;
350 uint8_t status;
351 uint32_t addr;
352 /* current transfer state */
353 IDEState *ide_if;
354 IDEDMAFunc *dma_cb;
355 } BMDMAState;
356
357 typedef struct PCIIDEState {
358 PCIDevice dev;
359 IDEState ide_if[4];
360 BMDMAState bmdma[2];
361 } PCIIDEState;
362
363 static void ide_dma_start(IDEState *s, IDEDMAFunc *dma_cb);
364
365 static void padstr(char *str, const char *src, int len)
366 {
367 int i, v;
368 for(i = 0; i < len; i++) {
369 if (*src)
370 v = *src++;
371 else
372 v = ' ';
373 *(char *)((long)str ^ 1) = v;
374 str++;
375 }
376 }
377
378 static void padstr8(uint8_t *buf, int buf_size, const char *src)
379 {
380 int i;
381 for(i = 0; i < buf_size; i++) {
382 if (*src)
383 buf[i] = *src++;
384 else
385 buf[i] = ' ';
386 }
387 }
388
389 static void put_le16(uint16_t *p, unsigned int v)
390 {
391 *p = cpu_to_le16(v);
392 }
393
394 static void ide_identify(IDEState *s)
395 {
396 uint16_t *p;
397 unsigned int oldsize;
398 char buf[20];
399
400 memset(s->io_buffer, 0, 512);
401 p = (uint16_t *)s->io_buffer;
402 put_le16(p + 0, 0x0040);
403 put_le16(p + 1, s->cylinders);
404 put_le16(p + 3, s->heads);
405 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
406 put_le16(p + 5, 512); /* XXX: retired, remove ? */
407 put_le16(p + 6, s->sectors);
408 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
409 padstr((uint8_t *)(p + 10), buf, 20); /* serial number */
410 put_le16(p + 20, 3); /* XXX: retired, remove ? */
411 put_le16(p + 21, 512); /* cache size in sectors */
412 put_le16(p + 22, 4); /* ecc bytes */
413 padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */
414 padstr((uint8_t *)(p + 27), "QEMU HARDDISK", 40); /* model */
415 #if MAX_MULT_SECTORS > 1
416 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
417 #endif
418 put_le16(p + 48, 1); /* dword I/O */
419 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
420 put_le16(p + 51, 0x200); /* PIO transfer cycle */
421 put_le16(p + 52, 0x200); /* DMA transfer cycle */
422 put_le16(p + 53, 1 | 1 << 2); /* words 54-58,88 are valid */
423 put_le16(p + 54, s->cylinders);
424 put_le16(p + 55, s->heads);
425 put_le16(p + 56, s->sectors);
426 oldsize = s->cylinders * s->heads * s->sectors;
427 put_le16(p + 57, oldsize);
428 put_le16(p + 58, oldsize >> 16);
429 if (s->mult_sectors)
430 put_le16(p + 59, 0x100 | s->mult_sectors);
431 put_le16(p + 60, s->nb_sectors);
432 put_le16(p + 61, s->nb_sectors >> 16);
433 put_le16(p + 80, (1 << 1) | (1 << 2));
434 put_le16(p + 82, (1 << 14));
435 put_le16(p + 83, (1 << 14));
436 put_le16(p + 84, (1 << 14));
437 put_le16(p + 85, (1 << 14));
438 put_le16(p + 86, 0);
439 put_le16(p + 87, (1 << 14));
440 put_le16(p + 88, 0x1f | (1 << 13));
441 put_le16(p + 93, 1 | (1 << 14) | 0x2000 | 0x4000);
442 }
443
444 static void ide_atapi_identify(IDEState *s)
445 {
446 uint16_t *p;
447 char buf[20];
448
449 memset(s->io_buffer, 0, 512);
450 p = (uint16_t *)s->io_buffer;
451 /* Removable CDROM, 50us response, 12 byte packets */
452 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
453 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
454 padstr((uint8_t *)(p + 10), buf, 20); /* serial number */
455 put_le16(p + 20, 3); /* buffer type */
456 put_le16(p + 21, 512); /* cache size in sectors */
457 put_le16(p + 22, 4); /* ecc bytes */
458 padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */
459 padstr((uint8_t *)(p + 27), "QEMU CD-ROM", 40); /* model */
460 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
461 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
462 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
463 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
464 put_le16(p + 64, 1); /* PIO modes */
465 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
466 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
467 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
468 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
469
470 put_le16(p + 71, 30); /* in ns */
471 put_le16(p + 72, 30); /* in ns */
472
473 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
474 }
475
476 static void ide_set_signature(IDEState *s)
477 {
478 s->select &= 0xf0; /* clear head */
479 /* put signature */
480 s->nsector = 1;
481 s->sector = 1;
482 if (s->is_cdrom) {
483 s->lcyl = 0x14;
484 s->hcyl = 0xeb;
485 } else if (s->bs) {
486 s->lcyl = 0;
487 s->hcyl = 0;
488 } else {
489 s->lcyl = 0xff;
490 s->hcyl = 0xff;
491 }
492 }
493
494 static inline void ide_abort_command(IDEState *s)
495 {
496 s->status = READY_STAT | ERR_STAT;
497 s->error = ABRT_ERR;
498 }
499
500 static inline void ide_set_irq(IDEState *s)
501 {
502 if (!(s->cmd & IDE_CMD_DISABLE_IRQ)) {
503 #ifdef TARGET_PPC
504 if (s->openpic)
505 openpic_set_irq(s->openpic, s->irq, 1);
506 else
507 #endif
508 if (s->irq == 16)
509 pci_set_irq(s->pci_dev, 0, 1);
510 else
511 pic_set_irq(s->irq, 1);
512 }
513 }
514
515 /* prepare data transfer and tell what to do after */
516 static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
517 EndTransferFunc *end_transfer_func)
518 {
519 s->end_transfer_func = end_transfer_func;
520 s->data_ptr = buf;
521 s->data_end = buf + size;
522 s->status |= DRQ_STAT;
523 }
524
525 static void ide_transfer_stop(IDEState *s)
526 {
527 s->end_transfer_func = ide_transfer_stop;
528 s->data_ptr = s->io_buffer;
529 s->data_end = s->io_buffer;
530 s->status &= ~DRQ_STAT;
531 }
532
533 static int64_t ide_get_sector(IDEState *s)
534 {
535 int64_t sector_num;
536 if (s->select & 0x40) {
537 /* lba */
538 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
539 (s->lcyl << 8) | s->sector;
540 } else {
541 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
542 (s->select & 0x0f) * s->sectors +
543 (s->sector - 1);
544 }
545 return sector_num;
546 }
547
548 static void ide_set_sector(IDEState *s, int64_t sector_num)
549 {
550 unsigned int cyl, r;
551 if (s->select & 0x40) {
552 s->select = (s->select & 0xf0) | (sector_num >> 24);
553 s->hcyl = (sector_num >> 16);
554 s->lcyl = (sector_num >> 8);
555 s->sector = (sector_num);
556 } else {
557 cyl = sector_num / (s->heads * s->sectors);
558 r = sector_num % (s->heads * s->sectors);
559 s->hcyl = cyl >> 8;
560 s->lcyl = cyl;
561 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
562 s->sector = (r % s->sectors) + 1;
563 }
564 }
565
566 static void ide_sector_read(IDEState *s)
567 {
568 int64_t sector_num;
569 int ret, n;
570
571 s->status = READY_STAT | SEEK_STAT;
572 s->error = 0; /* not needed by IDE spec, but needed by Windows */
573 sector_num = ide_get_sector(s);
574 n = s->nsector;
575 if (n == 0) {
576 /* no more sector to read from disk */
577 ide_transfer_stop(s);
578 } else {
579 #if defined(DEBUG_IDE)
580 printf("read sector=%Ld\n", sector_num);
581 #endif
582 if (n > s->req_nb_sectors)
583 n = s->req_nb_sectors;
584 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
585 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
586 ide_set_irq(s);
587 ide_set_sector(s, sector_num + n);
588 s->nsector -= n;
589 }
590 }
591
592 static int ide_read_dma_cb(IDEState *s,
593 target_phys_addr_t phys_addr,
594 int transfer_size1)
595 {
596 int len, transfer_size, n;
597 int64_t sector_num;
598
599 transfer_size = transfer_size1;
600 while (transfer_size > 0) {
601 len = s->io_buffer_size - s->io_buffer_index;
602 if (len <= 0) {
603 /* transfert next data */
604 n = s->nsector;
605 if (n == 0)
606 break;
607 if (n > MAX_MULT_SECTORS)
608 n = MAX_MULT_SECTORS;
609 sector_num = ide_get_sector(s);
610 bdrv_read(s->bs, sector_num, s->io_buffer, n);
611 s->io_buffer_index = 0;
612 s->io_buffer_size = n * 512;
613 len = s->io_buffer_size;
614 sector_num += n;
615 ide_set_sector(s, sector_num);
616 s->nsector -= n;
617 }
618 if (len > transfer_size)
619 len = transfer_size;
620 cpu_physical_memory_write(phys_addr,
621 s->io_buffer + s->io_buffer_index, len);
622 s->io_buffer_index += len;
623 transfer_size -= len;
624 phys_addr += len;
625 }
626 if (s->io_buffer_index >= s->io_buffer_size && s->nsector == 0) {
627 s->status = READY_STAT | SEEK_STAT;
628 ide_set_irq(s);
629 #ifdef DEBUG_IDE_ATAPI
630 printf("dma status=0x%x\n", s->status);
631 #endif
632 return 0;
633 }
634 return transfer_size1 - transfer_size;
635 }
636
637 static void ide_sector_read_dma(IDEState *s)
638 {
639 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
640 s->io_buffer_index = 0;
641 s->io_buffer_size = 0;
642 ide_dma_start(s, ide_read_dma_cb);
643 }
644
645 static void ide_sector_write(IDEState *s)
646 {
647 int64_t sector_num;
648 int ret, n, n1;
649
650 s->status = READY_STAT | SEEK_STAT;
651 sector_num = ide_get_sector(s);
652 #if defined(DEBUG_IDE)
653 printf("write sector=%Ld\n", sector_num);
654 #endif
655 n = s->nsector;
656 if (n > s->req_nb_sectors)
657 n = s->req_nb_sectors;
658 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
659 s->nsector -= n;
660 if (s->nsector == 0) {
661 /* no more sector to write */
662 ide_transfer_stop(s);
663 } else {
664 n1 = s->nsector;
665 if (n1 > s->req_nb_sectors)
666 n1 = s->req_nb_sectors;
667 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
668 }
669 ide_set_sector(s, sector_num + n);
670 ide_set_irq(s);
671 }
672
673 static int ide_write_dma_cb(IDEState *s,
674 target_phys_addr_t phys_addr,
675 int transfer_size1)
676 {
677 int len, transfer_size, n;
678 int64_t sector_num;
679
680 transfer_size = transfer_size1;
681 for(;;) {
682 len = s->io_buffer_size - s->io_buffer_index;
683 if (len == 0) {
684 n = s->io_buffer_size >> 9;
685 sector_num = ide_get_sector(s);
686 bdrv_write(s->bs, sector_num, s->io_buffer,
687 s->io_buffer_size >> 9);
688 sector_num += n;
689 ide_set_sector(s, sector_num);
690 s->nsector -= n;
691 n = s->nsector;
692 if (n == 0) {
693 /* end of transfer */
694 s->status = READY_STAT | SEEK_STAT;
695 ide_set_irq(s);
696 return 0;
697 }
698 if (n > MAX_MULT_SECTORS)
699 n = MAX_MULT_SECTORS;
700 s->io_buffer_index = 0;
701 s->io_buffer_size = n * 512;
702 len = s->io_buffer_size;
703 }
704 if (transfer_size <= 0)
705 break;
706 if (len > transfer_size)
707 len = transfer_size;
708 cpu_physical_memory_read(phys_addr,
709 s->io_buffer + s->io_buffer_index, len);
710 s->io_buffer_index += len;
711 transfer_size -= len;
712 phys_addr += len;
713 }
714 return transfer_size1 - transfer_size;
715 }
716
717 static void ide_sector_write_dma(IDEState *s)
718 {
719 int n;
720 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
721 n = s->nsector;
722 if (n > MAX_MULT_SECTORS)
723 n = MAX_MULT_SECTORS;
724 s->io_buffer_index = 0;
725 s->io_buffer_size = n * 512;
726 ide_dma_start(s, ide_write_dma_cb);
727 }
728
729 static void ide_atapi_cmd_ok(IDEState *s)
730 {
731 s->error = 0;
732 s->status = READY_STAT;
733 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
734 ide_set_irq(s);
735 }
736
737 static void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
738 {
739 #ifdef DEBUG_IDE_ATAPI
740 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
741 #endif
742 s->error = sense_key << 4;
743 s->status = READY_STAT | ERR_STAT;
744 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
745 s->sense_key = sense_key;
746 s->asc = asc;
747 ide_set_irq(s);
748 }
749
750 static inline void cpu_to_ube16(uint8_t *buf, int val)
751 {
752 buf[0] = val >> 8;
753 buf[1] = val;
754 }
755
756 static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
757 {
758 buf[0] = val >> 24;
759 buf[1] = val >> 16;
760 buf[2] = val >> 8;
761 buf[3] = val;
762 }
763
764 static inline int ube16_to_cpu(const uint8_t *buf)
765 {
766 return (buf[0] << 8) | buf[1];
767 }
768
769 static inline int ube32_to_cpu(const uint8_t *buf)
770 {
771 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
772 }
773
774 static void lba_to_msf(uint8_t *buf, int lba)
775 {
776 lba += 150;
777 buf[0] = (lba / 75) / 60;
778 buf[1] = (lba / 75) % 60;
779 buf[2] = lba % 75;
780 }
781
782 static void cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
783 int sector_size)
784 {
785 switch(sector_size) {
786 case 2048:
787 bdrv_read(bs, (int64_t)lba << 2, buf, 4);
788 break;
789 case 2352:
790 /* sync bytes */
791 buf[0] = 0x00;
792 memset(buf + 1, 0xff, 11);
793 buf += 12;
794 /* MSF */
795 lba_to_msf(buf, lba);
796 buf[3] = 0x01; /* mode 1 data */
797 buf += 4;
798 /* data */
799 bdrv_read(bs, (int64_t)lba << 2, buf, 4);
800 buf += 2048;
801 /* ECC */
802 memset(buf, 0, 288);
803 break;
804 default:
805 break;
806 }
807 }
808
809 /* The whole ATAPI transfer logic is handled in this function */
810 static void ide_atapi_cmd_reply_end(IDEState *s)
811 {
812 int byte_count_limit, size;
813 #ifdef DEBUG_IDE_ATAPI
814 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
815 s->packet_transfer_size,
816 s->elementary_transfer_size,
817 s->io_buffer_index);
818 #endif
819 if (s->packet_transfer_size <= 0) {
820 /* end of transfer */
821 ide_transfer_stop(s);
822 s->status = READY_STAT;
823 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
824 ide_set_irq(s);
825 #ifdef DEBUG_IDE_ATAPI
826 printf("status=0x%x\n", s->status);
827 #endif
828 } else {
829 /* see if a new sector must be read */
830 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
831 cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
832 s->lba++;
833 s->io_buffer_index = 0;
834 }
835 if (s->elementary_transfer_size > 0) {
836 /* there are some data left to transmit in this elementary
837 transfer */
838 size = s->cd_sector_size - s->io_buffer_index;
839 if (size > s->elementary_transfer_size)
840 size = s->elementary_transfer_size;
841 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
842 size, ide_atapi_cmd_reply_end);
843 s->packet_transfer_size -= size;
844 s->elementary_transfer_size -= size;
845 s->io_buffer_index += size;
846 } else {
847 /* a new transfer is needed */
848 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
849 byte_count_limit = s->lcyl | (s->hcyl << 8);
850 #ifdef DEBUG_IDE_ATAPI
851 printf("byte_count_limit=%d\n", byte_count_limit);
852 #endif
853 if (byte_count_limit == 0xffff)
854 byte_count_limit--;
855 size = s->packet_transfer_size;
856 if (size > byte_count_limit) {
857 /* byte count limit must be even if this case */
858 if (byte_count_limit & 1)
859 byte_count_limit--;
860 size = byte_count_limit;
861 }
862 s->lcyl = size;
863 s->hcyl = size >> 8;
864 s->elementary_transfer_size = size;
865 /* we cannot transmit more than one sector at a time */
866 if (s->lba != -1) {
867 if (size > (s->cd_sector_size - s->io_buffer_index))
868 size = (s->cd_sector_size - s->io_buffer_index);
869 }
870 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
871 size, ide_atapi_cmd_reply_end);
872 s->packet_transfer_size -= size;
873 s->elementary_transfer_size -= size;
874 s->io_buffer_index += size;
875 ide_set_irq(s);
876 #ifdef DEBUG_IDE_ATAPI
877 printf("status=0x%x\n", s->status);
878 #endif
879 }
880 }
881 }
882
883 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
884 static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
885 {
886 if (size > max_size)
887 size = max_size;
888 s->lba = -1; /* no sector read */
889 s->packet_transfer_size = size;
890 s->elementary_transfer_size = 0;
891 s->io_buffer_index = 0;
892
893 s->status = READY_STAT;
894 ide_atapi_cmd_reply_end(s);
895 }
896
897 /* start a CD-CDROM read command */
898 static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
899 int sector_size)
900 {
901 s->lba = lba;
902 s->packet_transfer_size = nb_sectors * sector_size;
903 s->elementary_transfer_size = 0;
904 s->io_buffer_index = sector_size;
905 s->cd_sector_size = sector_size;
906
907 s->status = READY_STAT;
908 ide_atapi_cmd_reply_end(s);
909 }
910
911 /* ATAPI DMA support */
912 static int ide_atapi_cmd_read_dma_cb(IDEState *s,
913 target_phys_addr_t phys_addr,
914 int transfer_size1)
915 {
916 int len, transfer_size;
917
918 transfer_size = transfer_size1;
919 while (transfer_size > 0) {
920 if (s->packet_transfer_size <= 0)
921 break;
922 len = s->cd_sector_size - s->io_buffer_index;
923 if (len <= 0) {
924 /* transfert next data */
925 cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
926 s->lba++;
927 s->io_buffer_index = 0;
928 len = s->cd_sector_size;
929 }
930 if (len > transfer_size)
931 len = transfer_size;
932 cpu_physical_memory_write(phys_addr,
933 s->io_buffer + s->io_buffer_index, len);
934 s->packet_transfer_size -= len;
935 s->io_buffer_index += len;
936 transfer_size -= len;
937 phys_addr += len;
938 }
939 if (s->packet_transfer_size <= 0) {
940 s->status = READY_STAT;
941 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
942 ide_set_irq(s);
943 #ifdef DEBUG_IDE_ATAPI
944 printf("dma status=0x%x\n", s->status);
945 #endif
946 return 0;
947 }
948 return transfer_size1 - transfer_size;
949 }
950
951 /* start a CD-CDROM read command with DMA */
952 /* XXX: test if DMA is available */
953 static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
954 int sector_size)
955 {
956 s->lba = lba;
957 s->packet_transfer_size = nb_sectors * sector_size;
958 s->io_buffer_index = sector_size;
959 s->cd_sector_size = sector_size;
960
961 s->status = READY_STAT | DRQ_STAT;
962 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
963 }
964
965 static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
966 int sector_size)
967 {
968 #ifdef DEBUG_IDE_ATAPI
969 printf("read: LBA=%d nb_sectors=%d\n", lba, nb_sectors);
970 #endif
971 if (s->atapi_dma) {
972 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
973 } else {
974 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
975 }
976 }
977
978 /* same toc as bochs. Return -1 if error or the toc length */
979 /* XXX: check this */
980 static int cdrom_read_toc(IDEState *s, uint8_t *buf, int msf, int start_track)
981 {
982 uint8_t *q;
983 int nb_sectors, len;
984
985 if (start_track > 1 && start_track != 0xaa)
986 return -1;
987 q = buf + 2;
988 *q++ = 1; /* first session */
989 *q++ = 1; /* last session */
990 if (start_track <= 1) {
991 *q++ = 0; /* reserved */
992 *q++ = 0x14; /* ADR, control */
993 *q++ = 1; /* track number */
994 *q++ = 0; /* reserved */
995 if (msf) {
996 *q++ = 0; /* reserved */
997 *q++ = 0; /* minute */
998 *q++ = 2; /* second */
999 *q++ = 0; /* frame */
1000 } else {
1001 /* sector 0 */
1002 cpu_to_ube32(q, 0);
1003 q += 4;
1004 }
1005 }
1006 /* lead out track */
1007 *q++ = 0; /* reserved */
1008 *q++ = 0x16; /* ADR, control */
1009 *q++ = 0xaa; /* track number */
1010 *q++ = 0; /* reserved */
1011 nb_sectors = s->nb_sectors >> 2;
1012 if (msf) {
1013 *q++ = 0; /* reserved */
1014 lba_to_msf(q, nb_sectors);
1015 q += 3;
1016 } else {
1017 cpu_to_ube32(q, nb_sectors);
1018 q += 4;
1019 }
1020 len = q - buf;
1021 cpu_to_ube16(buf, len - 2);
1022 return len;
1023 }
1024
1025 /* mostly same info as PearPc */
1026 static int cdrom_read_toc_raw(IDEState *s, uint8_t *buf, int msf,
1027 int session_num)
1028 {
1029 uint8_t *q;
1030 int nb_sectors, len;
1031
1032 q = buf + 2;
1033 *q++ = 1; /* first session */
1034 *q++ = 1; /* last session */
1035
1036 *q++ = 1; /* session number */
1037 *q++ = 0x14; /* data track */
1038 *q++ = 0; /* track number */
1039 *q++ = 0xa0; /* lead-in */
1040 *q++ = 0; /* min */
1041 *q++ = 0; /* sec */
1042 *q++ = 0; /* frame */
1043 *q++ = 0;
1044 *q++ = 1; /* first track */
1045 *q++ = 0x00; /* disk type */
1046 *q++ = 0x00;
1047
1048 *q++ = 1; /* session number */
1049 *q++ = 0x14; /* data track */
1050 *q++ = 0; /* track number */
1051 *q++ = 0xa1;
1052 *q++ = 0; /* min */
1053 *q++ = 0; /* sec */
1054 *q++ = 0; /* frame */
1055 *q++ = 0;
1056 *q++ = 1; /* last track */
1057 *q++ = 0x00;
1058 *q++ = 0x00;
1059
1060 *q++ = 1; /* session number */
1061 *q++ = 0x14; /* data track */
1062 *q++ = 0; /* track number */
1063 *q++ = 0xa2; /* lead-out */
1064 *q++ = 0; /* min */
1065 *q++ = 0; /* sec */
1066 *q++ = 0; /* frame */
1067 nb_sectors = s->nb_sectors >> 2;
1068 if (msf) {
1069 *q++ = 0; /* reserved */
1070 lba_to_msf(q, nb_sectors);
1071 q += 3;
1072 } else {
1073 cpu_to_ube32(q, nb_sectors);
1074 q += 4;
1075 }
1076
1077 *q++ = 1; /* session number */
1078 *q++ = 0x14; /* ADR, control */
1079 *q++ = 0; /* track number */
1080 *q++ = 1; /* point */
1081 *q++ = 0; /* min */
1082 *q++ = 0; /* sec */
1083 *q++ = 0; /* frame */
1084 *q++ = 0;
1085 *q++ = 0;
1086 *q++ = 0;
1087 *q++ = 0;
1088
1089 len = q - buf;
1090 cpu_to_ube16(buf, len - 2);
1091 return len;
1092 }
1093
1094 static void ide_atapi_cmd(IDEState *s)
1095 {
1096 const uint8_t *packet;
1097 uint8_t *buf;
1098 int max_len;
1099
1100 packet = s->io_buffer;
1101 buf = s->io_buffer;
1102 #ifdef DEBUG_IDE_ATAPI
1103 {
1104 int i;
1105 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1106 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1107 printf(" %02x", packet[i]);
1108 }
1109 printf("\n");
1110 }
1111 #endif
1112 switch(s->io_buffer[0]) {
1113 case GPCMD_TEST_UNIT_READY:
1114 if (bdrv_is_inserted(s->bs)) {
1115 ide_atapi_cmd_ok(s);
1116 } else {
1117 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1118 ASC_MEDIUM_NOT_PRESENT);
1119 }
1120 break;
1121 case GPCMD_MODE_SENSE_10:
1122 {
1123 int action, code;
1124 max_len = ube16_to_cpu(packet + 7);
1125 action = packet[2] >> 6;
1126 code = packet[2] & 0x3f;
1127 switch(action) {
1128 case 0: /* current values */
1129 switch(code) {
1130 case 0x01: /* error recovery */
1131 cpu_to_ube16(&buf[0], 16 + 6);
1132 buf[2] = 0x70;
1133 buf[3] = 0;
1134 buf[4] = 0;
1135 buf[5] = 0;
1136 buf[6] = 0;
1137 buf[7] = 0;
1138
1139 buf[8] = 0x01;
1140 buf[9] = 0x06;
1141 buf[10] = 0x00;
1142 buf[11] = 0x05;
1143 buf[12] = 0x00;
1144 buf[13] = 0x00;
1145 buf[14] = 0x00;
1146 buf[15] = 0x00;
1147 ide_atapi_cmd_reply(s, 16, max_len);
1148 break;
1149 case 0x2a:
1150 cpu_to_ube16(&buf[0], 28 + 6);
1151 buf[2] = 0x70;
1152 buf[3] = 0;
1153 buf[4] = 0;
1154 buf[5] = 0;
1155 buf[6] = 0;
1156 buf[7] = 0;
1157
1158 buf[8] = 0x2a;
1159 buf[9] = 0x12;
1160 buf[10] = 0x00;
1161 buf[11] = 0x00;
1162
1163 buf[12] = 0x70;
1164 buf[13] = 3 << 5;
1165 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
1166 if (bdrv_is_locked(s->bs))
1167 buf[6] |= 1 << 1;
1168 buf[15] = 0x00;
1169 cpu_to_ube16(&buf[16], 706);
1170 buf[18] = 0;
1171 buf[19] = 2;
1172 cpu_to_ube16(&buf[20], 512);
1173 cpu_to_ube16(&buf[22], 706);
1174 buf[24] = 0;
1175 buf[25] = 0;
1176 buf[26] = 0;
1177 buf[27] = 0;
1178 ide_atapi_cmd_reply(s, 28, max_len);
1179 break;
1180 default:
1181 goto error_cmd;
1182 }
1183 break;
1184 case 1: /* changeable values */
1185 goto error_cmd;
1186 case 2: /* default values */
1187 goto error_cmd;
1188 default:
1189 case 3: /* saved values */
1190 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1191 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1192 break;
1193 }
1194 }
1195 break;
1196 case GPCMD_REQUEST_SENSE:
1197 max_len = packet[4];
1198 memset(buf, 0, 18);
1199 buf[0] = 0x70 | (1 << 7);
1200 buf[2] = s->sense_key;
1201 buf[7] = 10;
1202 buf[12] = s->asc;
1203 ide_atapi_cmd_reply(s, 18, max_len);
1204 break;
1205 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
1206 if (bdrv_is_inserted(s->bs)) {
1207 bdrv_set_locked(s->bs, packet[4] & 1);
1208 ide_atapi_cmd_ok(s);
1209 } else {
1210 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1211 ASC_MEDIUM_NOT_PRESENT);
1212 }
1213 break;
1214 case GPCMD_READ_10:
1215 case GPCMD_READ_12:
1216 {
1217 int nb_sectors, lba;
1218
1219 if (!bdrv_is_inserted(s->bs)) {
1220 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1221 ASC_MEDIUM_NOT_PRESENT);
1222 break;
1223 }
1224 if (packet[0] == GPCMD_READ_10)
1225 nb_sectors = ube16_to_cpu(packet + 7);
1226 else
1227 nb_sectors = ube32_to_cpu(packet + 6);
1228 lba = ube32_to_cpu(packet + 2);
1229 if (nb_sectors == 0) {
1230 ide_atapi_cmd_ok(s);
1231 break;
1232 }
1233 if (((int64_t)(lba + nb_sectors) << 2) > s->nb_sectors) {
1234 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1235 ASC_LOGICAL_BLOCK_OOR);
1236 break;
1237 }
1238 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1239 }
1240 break;
1241 case GPCMD_READ_CD:
1242 {
1243 int nb_sectors, lba, transfer_request;
1244
1245 if (!bdrv_is_inserted(s->bs)) {
1246 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1247 ASC_MEDIUM_NOT_PRESENT);
1248 break;
1249 }
1250 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1251 lba = ube32_to_cpu(packet + 2);
1252 if (nb_sectors == 0) {
1253 ide_atapi_cmd_ok(s);
1254 break;
1255 }
1256 if (((int64_t)(lba + nb_sectors) << 2) > s->nb_sectors) {
1257 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1258 ASC_LOGICAL_BLOCK_OOR);
1259 break;
1260 }
1261 transfer_request = packet[9];
1262 switch(transfer_request & 0xf8) {
1263 case 0x00:
1264 /* nothing */
1265 ide_atapi_cmd_ok(s);
1266 break;
1267 case 0x10:
1268 /* normal read */
1269 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1270 break;
1271 case 0xf8:
1272 /* read all data */
1273 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1274 break;
1275 default:
1276 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1277 ASC_INV_FIELD_IN_CMD_PACKET);
1278 break;
1279 }
1280 }
1281 break;
1282 case GPCMD_SEEK:
1283 {
1284 int lba;
1285 if (!bdrv_is_inserted(s->bs)) {
1286 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1287 ASC_MEDIUM_NOT_PRESENT);
1288 break;
1289 }
1290 lba = ube32_to_cpu(packet + 2);
1291 if (((int64_t)lba << 2) > s->nb_sectors) {
1292 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1293 ASC_LOGICAL_BLOCK_OOR);
1294 break;
1295 }
1296 ide_atapi_cmd_ok(s);
1297 }
1298 break;
1299 case GPCMD_START_STOP_UNIT:
1300 {
1301 int start, eject;
1302 start = packet[4] & 1;
1303 eject = (packet[4] >> 1) & 1;
1304
1305 if (eject && !start) {
1306 /* eject the disk */
1307 bdrv_close(s->bs);
1308 }
1309 ide_atapi_cmd_ok(s);
1310 }
1311 break;
1312 case GPCMD_MECHANISM_STATUS:
1313 {
1314 max_len = ube16_to_cpu(packet + 8);
1315 cpu_to_ube16(buf, 0);
1316 /* no current LBA */
1317 buf[2] = 0;
1318 buf[3] = 0;
1319 buf[4] = 0;
1320 buf[5] = 1;
1321 cpu_to_ube16(buf + 6, 0);
1322 ide_atapi_cmd_reply(s, 8, max_len);
1323 }
1324 break;
1325 case GPCMD_READ_TOC_PMA_ATIP:
1326 {
1327 int format, msf, start_track, len;
1328
1329 if (!bdrv_is_inserted(s->bs)) {
1330 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1331 ASC_MEDIUM_NOT_PRESENT);
1332 break;
1333 }
1334 max_len = ube16_to_cpu(packet + 7);
1335 format = packet[9] >> 6;
1336 msf = (packet[1] >> 1) & 1;
1337 start_track = packet[6];
1338 switch(format) {
1339 case 0:
1340 len = cdrom_read_toc(s, buf, msf, start_track);
1341 if (len < 0)
1342 goto error_cmd;
1343 ide_atapi_cmd_reply(s, len, max_len);
1344 break;
1345 case 1:
1346 /* multi session : only a single session defined */
1347 memset(buf, 0, 12);
1348 buf[1] = 0x0a;
1349 buf[2] = 0x01;
1350 buf[3] = 0x01;
1351 ide_atapi_cmd_reply(s, 12, max_len);
1352 break;
1353 case 2:
1354 len = cdrom_read_toc_raw(s, buf, msf, start_track);
1355 if (len < 0)
1356 goto error_cmd;
1357 ide_atapi_cmd_reply(s, len, max_len);
1358 break;
1359 default:
1360 error_cmd:
1361 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1362 ASC_INV_FIELD_IN_CMD_PACKET);
1363 break;
1364 }
1365 }
1366 break;
1367 case GPCMD_READ_CDVD_CAPACITY:
1368 if (!bdrv_is_inserted(s->bs)) {
1369 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1370 ASC_MEDIUM_NOT_PRESENT);
1371 break;
1372 }
1373 /* NOTE: it is really the number of sectors minus 1 */
1374 cpu_to_ube32(buf, (s->nb_sectors >> 2) - 1);
1375 cpu_to_ube32(buf + 4, 2048);
1376 ide_atapi_cmd_reply(s, 8, 8);
1377 break;
1378 case GPCMD_INQUIRY:
1379 max_len = packet[4];
1380 buf[0] = 0x05; /* CD-ROM */
1381 buf[1] = 0x80; /* removable */
1382 buf[2] = 0x00; /* ISO */
1383 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1384 buf[4] = 31; /* additionnal length */
1385 buf[5] = 0; /* reserved */
1386 buf[6] = 0; /* reserved */
1387 buf[7] = 0; /* reserved */
1388 padstr8(buf + 8, 8, "QEMU");
1389 padstr8(buf + 16, 16, "QEMU CD-ROM");
1390 padstr8(buf + 32, 4, QEMU_VERSION);
1391 ide_atapi_cmd_reply(s, 36, max_len);
1392 break;
1393 default:
1394 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1395 ASC_ILLEGAL_OPCODE);
1396 break;
1397 }
1398 }
1399
1400 /* called when the inserted state of the media has changed */
1401 static void cdrom_change_cb(void *opaque)
1402 {
1403 IDEState *s = opaque;
1404 int64_t nb_sectors;
1405
1406 /* XXX: send interrupt too */
1407 bdrv_get_geometry(s->bs, &nb_sectors);
1408 s->nb_sectors = nb_sectors;
1409 }
1410
1411 static void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
1412 {
1413 IDEState *ide_if = opaque;
1414 IDEState *s;
1415 int unit, n;
1416
1417 #ifdef DEBUG_IDE
1418 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1419 #endif
1420 addr &= 7;
1421 switch(addr) {
1422 case 0:
1423 break;
1424 case 1:
1425 /* NOTE: data is written to the two drives */
1426 ide_if[0].feature = val;
1427 ide_if[1].feature = val;
1428 break;
1429 case 2:
1430 if (val == 0)
1431 val = 256;
1432 ide_if[0].nsector = val;
1433 ide_if[1].nsector = val;
1434 break;
1435 case 3:
1436 ide_if[0].sector = val;
1437 ide_if[1].sector = val;
1438 break;
1439 case 4:
1440 ide_if[0].lcyl = val;
1441 ide_if[1].lcyl = val;
1442 break;
1443 case 5:
1444 ide_if[0].hcyl = val;
1445 ide_if[1].hcyl = val;
1446 break;
1447 case 6:
1448 ide_if[0].select = (val & ~0x10) | 0xa0;
1449 ide_if[1].select = (val | 0x10) | 0xa0;
1450 /* select drive */
1451 unit = (val >> 4) & 1;
1452 s = ide_if + unit;
1453 ide_if->cur_drive = s;
1454 break;
1455 default:
1456 case 7:
1457 /* command */
1458 #if defined(DEBUG_IDE)
1459 printf("ide: CMD=%02x\n", val);
1460 #endif
1461 s = ide_if->cur_drive;
1462 /* ignore commands to non existant slave */
1463 if (s != ide_if && !s->bs)
1464 break;
1465 switch(val) {
1466 case WIN_IDENTIFY:
1467 if (s->bs && !s->is_cdrom) {
1468 ide_identify(s);
1469 s->status = READY_STAT | SEEK_STAT;
1470 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1471 } else {
1472 if (s->is_cdrom) {
1473 ide_set_signature(s);
1474 }
1475 ide_abort_command(s);
1476 }
1477 ide_set_irq(s);
1478 break;
1479 case WIN_SPECIFY:
1480 case WIN_RECAL:
1481 s->error = 0;
1482 s->status = READY_STAT | SEEK_STAT;
1483 ide_set_irq(s);
1484 break;
1485 case WIN_SETMULT:
1486 if (s->nsector > MAX_MULT_SECTORS ||
1487 s->nsector == 0 ||
1488 (s->nsector & (s->nsector - 1)) != 0) {
1489 ide_abort_command(s);
1490 } else {
1491 s->mult_sectors = s->nsector;
1492 s->status = READY_STAT;
1493 }
1494 ide_set_irq(s);
1495 break;
1496 case WIN_VERIFY:
1497 case WIN_VERIFY_ONCE:
1498 /* do sector number check ? */
1499 s->status = READY_STAT;
1500 ide_set_irq(s);
1501 break;
1502 case WIN_READ:
1503 case WIN_READ_ONCE:
1504 if (!s->bs)
1505 goto abort_cmd;
1506 s->req_nb_sectors = 1;
1507 ide_sector_read(s);
1508 break;
1509 case WIN_WRITE:
1510 case WIN_WRITE_ONCE:
1511 s->error = 0;
1512 s->status = SEEK_STAT | READY_STAT;
1513 s->req_nb_sectors = 1;
1514 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1515 break;
1516 case WIN_MULTREAD:
1517 if (!s->mult_sectors)
1518 goto abort_cmd;
1519 s->req_nb_sectors = s->mult_sectors;
1520 ide_sector_read(s);
1521 break;
1522 case WIN_MULTWRITE:
1523 if (!s->mult_sectors)
1524 goto abort_cmd;
1525 s->error = 0;
1526 s->status = SEEK_STAT | READY_STAT;
1527 s->req_nb_sectors = s->mult_sectors;
1528 n = s->nsector;
1529 if (n > s->req_nb_sectors)
1530 n = s->req_nb_sectors;
1531 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1532 break;
1533 case WIN_READDMA:
1534 case WIN_READDMA_ONCE:
1535 if (!s->bs)
1536 goto abort_cmd;
1537 ide_sector_read_dma(s);
1538 break;
1539 case WIN_WRITEDMA:
1540 case WIN_WRITEDMA_ONCE:
1541 if (!s->bs)
1542 goto abort_cmd;
1543 ide_sector_write_dma(s);
1544 break;
1545 case WIN_READ_NATIVE_MAX:
1546 ide_set_sector(s, s->nb_sectors - 1);
1547 s->status = READY_STAT;
1548 ide_set_irq(s);
1549 break;
1550 case WIN_CHECKPOWERMODE1:
1551 s->nsector = 0xff; /* device active or idle */
1552 s->status = READY_STAT;
1553 ide_set_irq(s);
1554 break;
1555 case WIN_SETFEATURES:
1556 if (!s->bs)
1557 goto abort_cmd;
1558 /* XXX: valid for CDROM ? */
1559 switch(s->feature) {
1560 case 0x02: /* write cache enable */
1561 case 0x03: /* set transfer mode */
1562 case 0x82: /* write cache disable */
1563 case 0xaa: /* read look-ahead enable */
1564 case 0x55: /* read look-ahead disable */
1565 s->status = READY_STAT | SEEK_STAT;
1566 ide_set_irq(s);
1567 break;
1568 default:
1569 goto abort_cmd;
1570 }
1571 break;
1572 case WIN_STANDBYNOW1:
1573 case WIN_IDLEIMMEDIATE:
1574 s->status = READY_STAT;
1575 ide_set_irq(s);
1576 break;
1577 /* ATAPI commands */
1578 case WIN_PIDENTIFY:
1579 if (s->is_cdrom) {
1580 ide_atapi_identify(s);
1581 s->status = READY_STAT;
1582 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1583 } else {
1584 ide_abort_command(s);
1585 }
1586 ide_set_irq(s);
1587 break;
1588 case WIN_DIAGNOSE:
1589 ide_set_signature(s);
1590 s->status = 0x00; /* NOTE: READY is _not_ set */
1591 s->error = 0x01;
1592 break;
1593 case WIN_SRST:
1594 if (!s->is_cdrom)
1595 goto abort_cmd;
1596 ide_set_signature(s);
1597 s->status = 0x00; /* NOTE: READY is _not_ set */
1598 s->error = 0x01;
1599 break;
1600 case WIN_PACKETCMD:
1601 if (!s->is_cdrom)
1602 goto abort_cmd;
1603 /* overlapping commands not supported */
1604 if (s->feature & 0x02)
1605 goto abort_cmd;
1606 s->atapi_dma = s->feature & 1;
1607 s->nsector = 1;
1608 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
1609 ide_atapi_cmd);
1610 break;
1611 default:
1612 abort_cmd:
1613 ide_abort_command(s);
1614 ide_set_irq(s);
1615 break;
1616 }
1617 }
1618 }
1619
1620 static uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
1621 {
1622 IDEState *ide_if = opaque;
1623 IDEState *s = ide_if->cur_drive;
1624 uint32_t addr;
1625 int ret;
1626
1627 addr = addr1 & 7;
1628 switch(addr) {
1629 case 0:
1630 ret = 0xff;
1631 break;
1632 case 1:
1633 if (!ide_if[0].bs && !ide_if[1].bs)
1634 ret = 0;
1635 else
1636 ret = s->error;
1637 break;
1638 case 2:
1639 if (!ide_if[0].bs && !ide_if[1].bs)
1640 ret = 0;
1641 else
1642 ret = s->nsector & 0xff;
1643 break;
1644 case 3:
1645 if (!ide_if[0].bs && !ide_if[1].bs)
1646 ret = 0;
1647 else
1648 ret = s->sector;
1649 break;
1650 case 4:
1651 if (!ide_if[0].bs && !ide_if[1].bs)
1652 ret = 0;
1653 else
1654 ret = s->lcyl;
1655 break;
1656 case 5:
1657 if (!ide_if[0].bs && !ide_if[1].bs)
1658 ret = 0;
1659 else
1660 ret = s->hcyl;
1661 break;
1662 case 6:
1663 if (!ide_if[0].bs && !ide_if[1].bs)
1664 ret = 0;
1665 else
1666 ret = s->select;
1667 break;
1668 default:
1669 case 7:
1670 if ((!ide_if[0].bs && !ide_if[1].bs) ||
1671 (s != ide_if && !s->bs))
1672 ret = 0;
1673 else
1674 ret = s->status;
1675 #ifdef TARGET_PPC
1676 if (s->openpic)
1677 openpic_set_irq(s->openpic, s->irq, 0);
1678 else
1679 #endif
1680 if (s->irq == 16)
1681 pci_set_irq(s->pci_dev, 0, 0);
1682 else
1683 pic_set_irq(s->irq, 0);
1684 break;
1685 }
1686 #ifdef DEBUG_IDE
1687 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
1688 #endif
1689 return ret;
1690 }
1691
1692 static uint32_t ide_status_read(void *opaque, uint32_t addr)
1693 {
1694 IDEState *ide_if = opaque;
1695 IDEState *s = ide_if->cur_drive;
1696 int ret;
1697
1698 if ((!ide_if[0].bs && !ide_if[1].bs) ||
1699 (s != ide_if && !s->bs))
1700 ret = 0;
1701 else
1702 ret = s->status;
1703 #ifdef DEBUG_IDE
1704 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
1705 #endif
1706 return ret;
1707 }
1708
1709 static void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
1710 {
1711 IDEState *ide_if = opaque;
1712 IDEState *s;
1713 int i;
1714
1715 #ifdef DEBUG_IDE
1716 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
1717 #endif
1718 /* common for both drives */
1719 if (!(ide_if[0].cmd & IDE_CMD_RESET) &&
1720 (val & IDE_CMD_RESET)) {
1721 /* reset low to high */
1722 for(i = 0;i < 2; i++) {
1723 s = &ide_if[i];
1724 s->status = BUSY_STAT | SEEK_STAT;
1725 s->error = 0x01;
1726 }
1727 } else if ((ide_if[0].cmd & IDE_CMD_RESET) &&
1728 !(val & IDE_CMD_RESET)) {
1729 /* high to low */
1730 for(i = 0;i < 2; i++) {
1731 s = &ide_if[i];
1732 if (s->is_cdrom)
1733 s->status = 0x00; /* NOTE: READY is _not_ set */
1734 else
1735 s->status = READY_STAT | SEEK_STAT;
1736 ide_set_signature(s);
1737 }
1738 }
1739
1740 ide_if[0].cmd = val;
1741 ide_if[1].cmd = val;
1742 }
1743
1744 static void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
1745 {
1746 IDEState *s = ((IDEState *)opaque)->cur_drive;
1747 uint8_t *p;
1748
1749 p = s->data_ptr;
1750 *(uint16_t *)p = le16_to_cpu(val);
1751 p += 2;
1752 s->data_ptr = p;
1753 if (p >= s->data_end)
1754 s->end_transfer_func(s);
1755 }
1756
1757 static uint32_t ide_data_readw(void *opaque, uint32_t addr)
1758 {
1759 IDEState *s = ((IDEState *)opaque)->cur_drive;
1760 uint8_t *p;
1761 int ret;
1762 p = s->data_ptr;
1763 ret = cpu_to_le16(*(uint16_t *)p);
1764 p += 2;
1765 s->data_ptr = p;
1766 if (p >= s->data_end)
1767 s->end_transfer_func(s);
1768 return ret;
1769 }
1770
1771 static void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
1772 {
1773 IDEState *s = ((IDEState *)opaque)->cur_drive;
1774 uint8_t *p;
1775
1776 p = s->data_ptr;
1777 *(uint32_t *)p = le32_to_cpu(val);
1778 p += 4;
1779 s->data_ptr = p;
1780 if (p >= s->data_end)
1781 s->end_transfer_func(s);
1782 }
1783
1784 static uint32_t ide_data_readl(void *opaque, uint32_t addr)
1785 {
1786 IDEState *s = ((IDEState *)opaque)->cur_drive;
1787 uint8_t *p;
1788 int ret;
1789
1790 p = s->data_ptr;
1791 ret = cpu_to_le32(*(uint32_t *)p);
1792 p += 4;
1793 s->data_ptr = p;
1794 if (p >= s->data_end)
1795 s->end_transfer_func(s);
1796 return ret;
1797 }
1798
1799 static void ide_dummy_transfer_stop(IDEState *s)
1800 {
1801 s->data_ptr = s->io_buffer;
1802 s->data_end = s->io_buffer;
1803 s->io_buffer[0] = 0xff;
1804 s->io_buffer[1] = 0xff;
1805 s->io_buffer[2] = 0xff;
1806 s->io_buffer[3] = 0xff;
1807 }
1808
1809 static void ide_reset(IDEState *s)
1810 {
1811 s->mult_sectors = MAX_MULT_SECTORS;
1812 s->cur_drive = s;
1813 s->select = 0xa0;
1814 s->status = READY_STAT;
1815 ide_set_signature(s);
1816 /* init the transfer handler so that 0xffff is returned on data
1817 accesses */
1818 s->end_transfer_func = ide_dummy_transfer_stop;
1819 ide_dummy_transfer_stop(s);
1820 }
1821
1822 struct partition {
1823 uint8_t boot_ind; /* 0x80 - active */
1824 uint8_t head; /* starting head */
1825 uint8_t sector; /* starting sector */
1826 uint8_t cyl; /* starting cylinder */
1827 uint8_t sys_ind; /* What partition type */
1828 uint8_t end_head; /* end head */
1829 uint8_t end_sector; /* end sector */
1830 uint8_t end_cyl; /* end cylinder */
1831 uint32_t start_sect; /* starting sector counting from 0 */
1832 uint32_t nr_sects; /* nr of sectors in partition */
1833 } __attribute__((packed));
1834
1835 /* try to guess the disk logical geometry from the MSDOS partition table. Return 0 if OK, -1 if could not guess */
1836 static int guess_disk_lchs(IDEState *s,
1837 int *pcylinders, int *pheads, int *psectors)
1838 {
1839 uint8_t buf[512];
1840 int ret, i, heads, sectors, cylinders;
1841 struct partition *p;
1842 uint32_t nr_sects;
1843
1844 ret = bdrv_read(s->bs, 0, buf, 1);
1845 if (ret < 0)
1846 return -1;
1847 /* test msdos magic */
1848 if (buf[510] != 0x55 || buf[511] != 0xaa)
1849 return -1;
1850 for(i = 0; i < 4; i++) {
1851 p = ((struct partition *)(buf + 0x1be)) + i;
1852 nr_sects = le32_to_cpu(p->nr_sects);
1853 if (nr_sects && p->end_head) {
1854 /* We make the assumption that the partition terminates on
1855 a cylinder boundary */
1856 heads = p->end_head + 1;
1857 sectors = p->end_sector & 63;
1858 if (sectors == 0)
1859 continue;
1860 cylinders = s->nb_sectors / (heads * sectors);
1861 if (cylinders < 1 || cylinders > 16383)
1862 continue;
1863 *pheads = heads;
1864 *psectors = sectors;
1865 *pcylinders = cylinders;
1866 #if 0
1867 printf("guessed geometry: LCHS=%d %d %d\n",
1868 cylinders, heads, sectors);
1869 #endif
1870 return 0;
1871 }
1872 }
1873 return -1;
1874 }
1875
1876 static void ide_init2(IDEState *ide_state, int irq,
1877 BlockDriverState *hd0, BlockDriverState *hd1)
1878 {
1879 IDEState *s;
1880 static int drive_serial = 1;
1881 int i, cylinders, heads, secs, translation;
1882 int64_t nb_sectors;
1883
1884 for(i = 0; i < 2; i++) {
1885 s = ide_state + i;
1886 if (i == 0)
1887 s->bs = hd0;
1888 else
1889 s->bs = hd1;
1890 if (s->bs) {
1891 bdrv_get_geometry(s->bs, &nb_sectors);
1892 s->nb_sectors = nb_sectors;
1893 /* if a geometry hint is available, use it */
1894 bdrv_get_geometry_hint(s->bs, &cylinders, &heads, &secs);
1895 if (cylinders != 0) {
1896 s->cylinders = cylinders;
1897 s->heads = heads;
1898 s->sectors = secs;
1899 } else {
1900 if (guess_disk_lchs(s, &cylinders, &heads, &secs) == 0) {
1901 if (heads > 16) {
1902 /* if heads > 16, it means that a BIOS LBA
1903 translation was active, so the default
1904 hardware geometry is OK */
1905 goto default_geometry;
1906 } else {
1907 s->cylinders = cylinders;
1908 s->heads = heads;
1909 s->sectors = secs;
1910 /* disable any translation to be in sync with
1911 the logical geometry */
1912 translation = bdrv_get_translation_hint(s->bs);
1913 if (translation == BIOS_ATA_TRANSLATION_AUTO) {
1914 bdrv_set_translation_hint(s->bs,
1915 BIOS_ATA_TRANSLATION_NONE);
1916 }
1917 }
1918 } else {
1919 default_geometry:
1920 /* if no geometry, use a standard physical disk geometry */
1921 cylinders = nb_sectors / (16 * 63);
1922 if (cylinders > 16383)
1923 cylinders = 16383;
1924 else if (cylinders < 2)
1925 cylinders = 2;
1926 s->cylinders = cylinders;
1927 s->heads = 16;
1928 s->sectors = 63;
1929 }
1930 bdrv_set_geometry_hint(s->bs, s->cylinders, s->heads, s->sectors);
1931 }
1932 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
1933 s->is_cdrom = 1;
1934 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
1935 }
1936 }
1937 s->drive_serial = drive_serial++;
1938 s->irq = irq;
1939 ide_reset(s);
1940 }
1941 }
1942
1943 static void ide_init_ioport(IDEState *ide_state, int iobase, int iobase2)
1944 {
1945 register_ioport_write(iobase, 8, 1, ide_ioport_write, ide_state);
1946 register_ioport_read(iobase, 8, 1, ide_ioport_read, ide_state);
1947 if (iobase2) {
1948 register_ioport_read(iobase2, 1, 1, ide_status_read, ide_state);
1949 register_ioport_write(iobase2, 1, 1, ide_cmd_write, ide_state);
1950 }
1951
1952 /* data ports */
1953 register_ioport_write(iobase, 2, 2, ide_data_writew, ide_state);
1954 register_ioport_read(iobase, 2, 2, ide_data_readw, ide_state);
1955 register_ioport_write(iobase, 4, 4, ide_data_writel, ide_state);
1956 register_ioport_read(iobase, 4, 4, ide_data_readl, ide_state);
1957 }
1958
1959 /***********************************************************/
1960 /* ISA IDE definitions */
1961
1962 void isa_ide_init(int iobase, int iobase2, int irq,
1963 BlockDriverState *hd0, BlockDriverState *hd1)
1964 {
1965 IDEState *ide_state;
1966
1967 ide_state = qemu_mallocz(sizeof(IDEState) * 2);
1968 if (!ide_state)
1969 return;
1970
1971 ide_init2(ide_state, irq, hd0, hd1);
1972 ide_init_ioport(ide_state, iobase, iobase2);
1973 }
1974
1975 /***********************************************************/
1976 /* PCI IDE definitions */
1977
1978 static void ide_map(PCIDevice *pci_dev, int region_num,
1979 uint32_t addr, uint32_t size, int type)
1980 {
1981 PCIIDEState *d = (PCIIDEState *)pci_dev;
1982 IDEState *ide_state;
1983
1984 if (region_num <= 3) {
1985 ide_state = &d->ide_if[(region_num >> 1) * 2];
1986 if (region_num & 1) {
1987 register_ioport_read(addr + 2, 1, 1, ide_status_read, ide_state);
1988 register_ioport_write(addr + 2, 1, 1, ide_cmd_write, ide_state);
1989 } else {
1990 register_ioport_write(addr, 8, 1, ide_ioport_write, ide_state);
1991 register_ioport_read(addr, 8, 1, ide_ioport_read, ide_state);
1992
1993 /* data ports */
1994 register_ioport_write(addr, 2, 2, ide_data_writew, ide_state);
1995 register_ioport_read(addr, 2, 2, ide_data_readw, ide_state);
1996 register_ioport_write(addr, 4, 4, ide_data_writel, ide_state);
1997 register_ioport_read(addr, 4, 4, ide_data_readl, ide_state);
1998 }
1999 }
2000 }
2001
2002 /* XXX: full callback usage to prepare non blocking I/Os support -
2003 error handling */
2004 static void ide_dma_loop(BMDMAState *bm)
2005 {
2006 struct {
2007 uint32_t addr;
2008 uint32_t size;
2009 } prd;
2010 target_phys_addr_t cur_addr;
2011 int len, i, len1;
2012
2013 cur_addr = bm->addr;
2014 /* at most one page to avoid hanging if erroneous parameters */
2015 for(i = 0; i < 512; i++) {
2016 cpu_physical_memory_read(cur_addr, (uint8_t *)&prd, 8);
2017 prd.addr = le32_to_cpu(prd.addr);
2018 prd.size = le32_to_cpu(prd.size);
2019 #ifdef DEBUG_IDE
2020 printf("ide: dma: prd: %08x: addr=0x%08x size=0x%08x\n",
2021 (int)cur_addr, prd.addr, prd.size);
2022 #endif
2023 len = prd.size & 0xfffe;
2024 if (len == 0)
2025 len = 0x10000;
2026 while (len > 0) {
2027 len1 = bm->dma_cb(bm->ide_if, prd.addr, len);
2028 if (len1 == 0)
2029 goto the_end;
2030 prd.addr += len1;
2031 len -= len1;
2032 }
2033 /* end of transfer */
2034 if (prd.size & 0x80000000)
2035 break;
2036 cur_addr += 8;
2037 }
2038 /* end of transfer */
2039 the_end:
2040 bm->status &= ~BM_STATUS_DMAING;
2041 bm->status |= BM_STATUS_INT;
2042 bm->dma_cb = NULL;
2043 bm->ide_if = NULL;
2044 }
2045
2046 static void ide_dma_start(IDEState *s, IDEDMAFunc *dma_cb)
2047 {
2048 BMDMAState *bm = s->bmdma;
2049 if(!bm)
2050 return;
2051 bm->ide_if = s;
2052 bm->dma_cb = dma_cb;
2053 if (bm->status & BM_STATUS_DMAING) {
2054 ide_dma_loop(bm);
2055 }
2056 }
2057
2058 static uint32_t bmdma_cmd_readb(void *opaque, uint32_t addr)
2059 {
2060 BMDMAState *bm = opaque;
2061 uint32_t val;
2062 val = bm->cmd;
2063 #ifdef DEBUG_IDE
2064 printf("%s: 0x%08x\n", __func__, val);
2065 #endif
2066 return val;
2067 }
2068
2069 static void bmdma_cmd_writeb(void *opaque, uint32_t addr, uint32_t val)
2070 {
2071 BMDMAState *bm = opaque;
2072 #ifdef DEBUG_IDE
2073 printf("%s: 0x%08x\n", __func__, val);
2074 #endif
2075 if (!(val & BM_CMD_START)) {
2076 /* XXX: do it better */
2077 bm->status &= ~BM_STATUS_DMAING;
2078 bm->cmd = val & 0x09;
2079 } else {
2080 bm->status |= BM_STATUS_DMAING;
2081 bm->cmd = val & 0x09;
2082 /* start dma transfer if possible */
2083 if (bm->dma_cb)
2084 ide_dma_loop(bm);
2085 }
2086 }
2087
2088 static uint32_t bmdma_status_readb(void *opaque, uint32_t addr)
2089 {
2090 BMDMAState *bm = opaque;
2091 uint32_t val;
2092 val = bm->status;
2093 #ifdef DEBUG_IDE
2094 printf("%s: 0x%08x\n", __func__, val);
2095 #endif
2096 return val;
2097 }
2098
2099 static void bmdma_status_writeb(void *opaque, uint32_t addr, uint32_t val)
2100 {
2101 BMDMAState *bm = opaque;
2102 #ifdef DEBUG_IDE
2103 printf("%s: 0x%08x\n", __func__, val);
2104 #endif
2105 bm->status = (val & 0x60) | (bm->status & 1) | (bm->status & ~val & 0x06);
2106 }
2107
2108 static uint32_t bmdma_addr_readl(void *opaque, uint32_t addr)
2109 {
2110 BMDMAState *bm = opaque;
2111 uint32_t val;
2112 val = bm->addr;
2113 #ifdef DEBUG_IDE
2114 printf("%s: 0x%08x\n", __func__, val);
2115 #endif
2116 return val;
2117 }
2118
2119 static void bmdma_addr_writel(void *opaque, uint32_t addr, uint32_t val)
2120 {
2121 BMDMAState *bm = opaque;
2122 #ifdef DEBUG_IDE
2123 printf("%s: 0x%08x\n", __func__, val);
2124 #endif
2125 bm->addr = val & ~3;
2126 }
2127
2128 static void bmdma_map(PCIDevice *pci_dev, int region_num,
2129 uint32_t addr, uint32_t size, int type)
2130 {
2131 PCIIDEState *d = (PCIIDEState *)pci_dev;
2132 int i;
2133
2134 for(i = 0;i < 2; i++) {
2135 BMDMAState *bm = &d->bmdma[i];
2136 d->ide_if[2 * i].bmdma = bm;
2137 d->ide_if[2 * i + 1].bmdma = bm;
2138
2139 register_ioport_write(addr, 1, 1, bmdma_cmd_writeb, bm);
2140 register_ioport_read(addr, 1, 1, bmdma_cmd_readb, bm);
2141
2142 register_ioport_write(addr + 2, 1, 1, bmdma_status_writeb, bm);
2143 register_ioport_read(addr + 2, 1, 1, bmdma_status_readb, bm);
2144
2145 register_ioport_write(addr + 4, 4, 4, bmdma_addr_writel, bm);
2146 register_ioport_read(addr + 4, 4, 4, bmdma_addr_readl, bm);
2147 addr += 8;
2148 }
2149 }
2150
2151 /* hd_table must contain 4 block drivers */
2152 void pci_ide_init(PCIBus *bus, BlockDriverState **hd_table)
2153 {
2154 PCIIDEState *d;
2155 uint8_t *pci_conf;
2156 int i;
2157
2158 d = (PCIIDEState *)pci_register_device(bus, "IDE", sizeof(PCIIDEState),
2159 -1,
2160 NULL, NULL);
2161 pci_conf = d->dev.config;
2162 pci_conf[0x00] = 0x86; // Intel
2163 pci_conf[0x01] = 0x80;
2164 pci_conf[0x02] = 0x00; // fake
2165 pci_conf[0x03] = 0x01; // fake
2166 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2167 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2168 pci_conf[0x0e] = 0x80; // header_type = PCI_multifunction, generic
2169
2170 pci_conf[0x2c] = 0x86; // subsys vendor
2171 pci_conf[0x2d] = 0x80; // subsys vendor
2172 pci_conf[0x2e] = 0x00; // fake
2173 pci_conf[0x2f] = 0x01; // fake
2174
2175 pci_register_io_region((PCIDevice *)d, 0, 0x8,
2176 PCI_ADDRESS_SPACE_IO, ide_map);
2177 pci_register_io_region((PCIDevice *)d, 1, 0x4,
2178 PCI_ADDRESS_SPACE_IO, ide_map);
2179 pci_register_io_region((PCIDevice *)d, 2, 0x8,
2180 PCI_ADDRESS_SPACE_IO, ide_map);
2181 pci_register_io_region((PCIDevice *)d, 3, 0x4,
2182 PCI_ADDRESS_SPACE_IO, ide_map);
2183 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2184 PCI_ADDRESS_SPACE_IO, bmdma_map);
2185
2186 pci_conf[0x3d] = 0x01; // interrupt on pin 1
2187
2188 for(i = 0; i < 4; i++)
2189 d->ide_if[i].pci_dev = (PCIDevice *)d;
2190 ide_init2(&d->ide_if[0], 16, hd_table[0], hd_table[1]);
2191 ide_init2(&d->ide_if[2], 16, hd_table[2], hd_table[3]);
2192 }
2193
2194 /* hd_table must contain 4 block drivers */
2195 /* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
2196 void pci_piix3_ide_init(PCIBus *bus, BlockDriverState **hd_table)
2197 {
2198 PCIIDEState *d;
2199 uint8_t *pci_conf;
2200
2201 /* register a function 1 of PIIX3 */
2202 d = (PCIIDEState *)pci_register_device(bus, "PIIX3 IDE",
2203 sizeof(PCIIDEState),
2204 ((PCIDevice *)piix3_state)->devfn + 1,
2205 NULL, NULL);
2206 pci_conf = d->dev.config;
2207 pci_conf[0x00] = 0x86; // Intel
2208 pci_conf[0x01] = 0x80;
2209 pci_conf[0x02] = 0x10;
2210 pci_conf[0x03] = 0x70;
2211 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2212 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2213 pci_conf[0x0e] = 0x00; // header_type
2214
2215 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2216 PCI_ADDRESS_SPACE_IO, bmdma_map);
2217
2218 ide_init2(&d->ide_if[0], 14, hd_table[0], hd_table[1]);
2219 ide_init2(&d->ide_if[2], 15, hd_table[2], hd_table[3]);
2220 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
2221 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
2222 }
2223
2224 /***********************************************************/
2225 /* MacIO based PowerPC IDE */
2226
2227 /* PowerMac IDE memory IO */
2228 static void pmac_ide_writeb (void *opaque,
2229 target_phys_addr_t addr, uint32_t val)
2230 {
2231 addr = (addr & 0xFFF) >> 4;
2232 switch (addr) {
2233 case 1 ... 7:
2234 ide_ioport_write(opaque, addr, val);
2235 break;
2236 case 8:
2237 case 22:
2238 ide_cmd_write(opaque, 0, val);
2239 break;
2240 default:
2241 break;
2242 }
2243 }
2244
2245 static uint32_t pmac_ide_readb (void *opaque,target_phys_addr_t addr)
2246 {
2247 uint8_t retval;
2248
2249 addr = (addr & 0xFFF) >> 4;
2250 switch (addr) {
2251 case 1 ... 7:
2252 retval = ide_ioport_read(opaque, addr);
2253 break;
2254 case 8:
2255 case 22:
2256 retval = ide_status_read(opaque, 0);
2257 break;
2258 default:
2259 retval = 0xFF;
2260 break;
2261 }
2262 return retval;
2263 }
2264
2265 static void pmac_ide_writew (void *opaque,
2266 target_phys_addr_t addr, uint32_t val)
2267 {
2268 addr = (addr & 0xFFF) >> 4;
2269 #ifdef TARGET_WORDS_BIGENDIAN
2270 val = bswap16(val);
2271 #endif
2272 if (addr == 0) {
2273 ide_data_writew(opaque, 0, val);
2274 }
2275 }
2276
2277 static uint32_t pmac_ide_readw (void *opaque,target_phys_addr_t addr)
2278 {
2279 uint16_t retval;
2280
2281 addr = (addr & 0xFFF) >> 4;
2282 if (addr == 0) {
2283 retval = ide_data_readw(opaque, 0);
2284 } else {
2285 retval = 0xFFFF;
2286 }
2287 #ifdef TARGET_WORDS_BIGENDIAN
2288 retval = bswap16(retval);
2289 #endif
2290 return retval;
2291 }
2292
2293 static void pmac_ide_writel (void *opaque,
2294 target_phys_addr_t addr, uint32_t val)
2295 {
2296 addr = (addr & 0xFFF) >> 4;
2297 #ifdef TARGET_WORDS_BIGENDIAN
2298 val = bswap32(val);
2299 #endif
2300 if (addr == 0) {
2301 ide_data_writel(opaque, 0, val);
2302 }
2303 }
2304
2305 static uint32_t pmac_ide_readl (void *opaque,target_phys_addr_t addr)
2306 {
2307 uint32_t retval;
2308
2309 addr = (addr & 0xFFF) >> 4;
2310 if (addr == 0) {
2311 retval = ide_data_readl(opaque, 0);
2312 } else {
2313 retval = 0xFFFFFFFF;
2314 }
2315 #ifdef TARGET_WORDS_BIGENDIAN
2316 retval = bswap32(retval);
2317 #endif
2318 return retval;
2319 }
2320
2321 static CPUWriteMemoryFunc *pmac_ide_write[] = {
2322 pmac_ide_writeb,
2323 pmac_ide_writew,
2324 pmac_ide_writel,
2325 };
2326
2327 static CPUReadMemoryFunc *pmac_ide_read[] = {
2328 pmac_ide_readb,
2329 pmac_ide_readw,
2330 pmac_ide_readl,
2331 };
2332
2333 /* hd_table must contain 4 block drivers */
2334 /* PowerMac uses memory mapped registers, not I/O. Return the memory
2335 I/O index to access the ide. */
2336 int pmac_ide_init (BlockDriverState **hd_table,
2337 openpic_t *openpic, int irq)
2338 {
2339 IDEState *ide_if;
2340 int pmac_ide_memory;
2341
2342 ide_if = qemu_mallocz(sizeof(IDEState) * 2);
2343 ide_init2(&ide_if[0], irq, hd_table[0], hd_table[1]);
2344 ide_if[0].openpic = openpic;
2345 ide_if[1].openpic = openpic;
2346
2347 pmac_ide_memory = cpu_register_io_memory(0, pmac_ide_read,
2348 pmac_ide_write, &ide_if[0]);
2349 return pmac_ide_memory;
2350 }
Qemu copy for testing