]> git.proxmox.com Git - qemu.git/blob - hw/ide.c
projects / qemu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
IDE: Improve DMA transfers by increasing the buffer size
[qemu.git] / hw / ide.c
1 /*
2 * QEMU IDE disk and CD/DVD-ROM Emulator
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
25 #include "hw.h"
26 #include "pc.h"
27 #include "pci.h"
28 #include "scsi-disk.h"
29 #include "pcmcia.h"
30 #include "block.h"
31 #include "qemu-timer.h"
32 #include "sysemu.h"
33 #include "ppc_mac.h"
34
35 /* debug IDE devices */
36 //#define DEBUG_IDE
37 //#define DEBUG_IDE_ATAPI
38 //#define DEBUG_AIO
39 #define USE_DMA_CDROM
40
41 /* Bits of HD_STATUS */
42 #define ERR_STAT 0x01
43 #define INDEX_STAT 0x02
44 #define ECC_STAT 0x04 /* Corrected error */
45 #define DRQ_STAT 0x08
46 #define SEEK_STAT 0x10
47 #define SRV_STAT 0x10
48 #define WRERR_STAT 0x20
49 #define READY_STAT 0x40
50 #define BUSY_STAT 0x80
51
52 /* Bits for HD_ERROR */
53 #define MARK_ERR 0x01 /* Bad address mark */
54 #define TRK0_ERR 0x02 /* couldn't find track 0 */
55 #define ABRT_ERR 0x04 /* Command aborted */
56 #define MCR_ERR 0x08 /* media change request */
57 #define ID_ERR 0x10 /* ID field not found */
58 #define MC_ERR 0x20 /* media changed */
59 #define ECC_ERR 0x40 /* Uncorrectable ECC error */
60 #define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
61 #define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
62
63 /* Bits of HD_NSECTOR */
64 #define CD 0x01
65 #define IO 0x02
66 #define REL 0x04
67 #define TAG_MASK 0xf8
68
69 #define IDE_CMD_RESET 0x04
70 #define IDE_CMD_DISABLE_IRQ 0x02
71
72 /* ATA/ATAPI Commands pre T13 Spec */
73 #define WIN_NOP 0x00
74 /*
75 * 0x01->0x02 Reserved
76 */
77 #define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
78 /*
79 * 0x04->0x07 Reserved
80 */
81 #define WIN_SRST 0x08 /* ATAPI soft reset command */
82 #define WIN_DEVICE_RESET 0x08
83 /*
84 * 0x09->0x0F Reserved
85 */
86 #define WIN_RECAL 0x10
87 #define WIN_RESTORE WIN_RECAL
88 /*
89 * 0x10->0x1F Reserved
90 */
91 #define WIN_READ 0x20 /* 28-Bit */
92 #define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
93 #define WIN_READ_LONG 0x22 /* 28-Bit */
94 #define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
95 #define WIN_READ_EXT 0x24 /* 48-Bit */
96 #define WIN_READDMA_EXT 0x25 /* 48-Bit */
97 #define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
98 #define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
99 /*
100 * 0x28
101 */
102 #define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
103 /*
104 * 0x2A->0x2F Reserved
105 */
106 #define WIN_WRITE 0x30 /* 28-Bit */
107 #define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
108 #define WIN_WRITE_LONG 0x32 /* 28-Bit */
109 #define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
110 #define WIN_WRITE_EXT 0x34 /* 48-Bit */
111 #define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
112 #define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
113 #define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
114 #define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
115 #define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
116 /*
117 * 0x3A->0x3B Reserved
118 */
119 #define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
120 /*
121 * 0x3D->0x3F Reserved
122 */
123 #define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
124 #define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
125 #define WIN_VERIFY_EXT 0x42 /* 48-Bit */
126 /*
127 * 0x43->0x4F Reserved
128 */
129 #define WIN_FORMAT 0x50
130 /*
131 * 0x51->0x5F Reserved
132 */
133 #define WIN_INIT 0x60
134 /*
135 * 0x61->0x5F Reserved
136 */
137 #define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
138 #define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
139 #define WIN_DIAGNOSE 0x90
140 #define WIN_SPECIFY 0x91 /* set drive geometry translation */
141 #define WIN_DOWNLOAD_MICROCODE 0x92
142 #define WIN_STANDBYNOW2 0x94
143 #define CFA_IDLEIMMEDIATE 0x95 /* force drive to become "ready" */
144 #define WIN_STANDBY2 0x96
145 #define WIN_SETIDLE2 0x97
146 #define WIN_CHECKPOWERMODE2 0x98
147 #define WIN_SLEEPNOW2 0x99
148 /*
149 * 0x9A VENDOR
150 */
151 #define WIN_PACKETCMD 0xA0 /* Send a packet command. */
152 #define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
153 #define WIN_QUEUED_SERVICE 0xA2
154 #define WIN_SMART 0xB0 /* self-monitoring and reporting */
155 #define CFA_ACCESS_METADATA_STORAGE 0xB8
156 #define CFA_ERASE_SECTORS 0xC0 /* microdrives implement as NOP */
157 #define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
158 #define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
159 #define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
160 #define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
161 #define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
162 #define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
163 #define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
164 #define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
165 #define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
166 #define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
167 #define WIN_GETMEDIASTATUS 0xDA
168 #define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
169 #define WIN_POSTBOOT 0xDC
170 #define WIN_PREBOOT 0xDD
171 #define WIN_DOORLOCK 0xDE /* lock door on removable drives */
172 #define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
173 #define WIN_STANDBYNOW1 0xE0
174 #define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
175 #define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
176 #define WIN_SETIDLE1 0xE3
177 #define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
178 #define WIN_CHECKPOWERMODE1 0xE5
179 #define WIN_SLEEPNOW1 0xE6
180 #define WIN_FLUSH_CACHE 0xE7
181 #define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
182 #define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
183 /* SET_FEATURES 0x22 or 0xDD */
184 #define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
185 #define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
186 #define WIN_MEDIAEJECT 0xED
187 #define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
188 #define WIN_SETFEATURES 0xEF /* set special drive features */
189 #define EXABYTE_ENABLE_NEST 0xF0
190 #define IBM_SENSE_CONDITION 0xF0 /* measure disk temperature */
191 #define WIN_SECURITY_SET_PASS 0xF1
192 #define WIN_SECURITY_UNLOCK 0xF2
193 #define WIN_SECURITY_ERASE_PREPARE 0xF3
194 #define WIN_SECURITY_ERASE_UNIT 0xF4
195 #define WIN_SECURITY_FREEZE_LOCK 0xF5
196 #define CFA_WEAR_LEVEL 0xF5 /* microdrives implement as NOP */
197 #define WIN_SECURITY_DISABLE 0xF6
198 #define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
199 #define WIN_SET_MAX 0xF9
200 #define DISABLE_SEAGATE 0xFB
201
202 /* set to 1 set disable mult support */
203 #define MAX_MULT_SECTORS 16
204
205 #define IDE_DMA_BUF_SECTORS 256
206
207 #if (IDE_DMA_BUF_SECTORS < MAX_MULT_SECTORS)
208 #error "IDE_DMA_BUF_SECTORS must be bigger or equal to MAX_MULT_SECTORS"
209 #endif
210
211 /* ATAPI defines */
212
213 #define ATAPI_PACKET_SIZE 12
214
215 /* The generic packet command opcodes for CD/DVD Logical Units,
216 * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
217 #define GPCMD_BLANK 0xa1
218 #define GPCMD_CLOSE_TRACK 0x5b
219 #define GPCMD_FLUSH_CACHE 0x35
220 #define GPCMD_FORMAT_UNIT 0x04
221 #define GPCMD_GET_CONFIGURATION 0x46
222 #define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
223 #define GPCMD_GET_PERFORMANCE 0xac
224 #define GPCMD_INQUIRY 0x12
225 #define GPCMD_LOAD_UNLOAD 0xa6
226 #define GPCMD_MECHANISM_STATUS 0xbd
227 #define GPCMD_MODE_SELECT_10 0x55
228 #define GPCMD_MODE_SENSE_10 0x5a
229 #define GPCMD_PAUSE_RESUME 0x4b
230 #define GPCMD_PLAY_AUDIO_10 0x45
231 #define GPCMD_PLAY_AUDIO_MSF 0x47
232 #define GPCMD_PLAY_AUDIO_TI 0x48
233 #define GPCMD_PLAY_CD 0xbc
234 #define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
235 #define GPCMD_READ_10 0x28
236 #define GPCMD_READ_12 0xa8
237 #define GPCMD_READ_CDVD_CAPACITY 0x25
238 #define GPCMD_READ_CD 0xbe
239 #define GPCMD_READ_CD_MSF 0xb9
240 #define GPCMD_READ_DISC_INFO 0x51
241 #define GPCMD_READ_DVD_STRUCTURE 0xad
242 #define GPCMD_READ_FORMAT_CAPACITIES 0x23
243 #define GPCMD_READ_HEADER 0x44
244 #define GPCMD_READ_TRACK_RZONE_INFO 0x52
245 #define GPCMD_READ_SUBCHANNEL 0x42
246 #define GPCMD_READ_TOC_PMA_ATIP 0x43
247 #define GPCMD_REPAIR_RZONE_TRACK 0x58
248 #define GPCMD_REPORT_KEY 0xa4
249 #define GPCMD_REQUEST_SENSE 0x03
250 #define GPCMD_RESERVE_RZONE_TRACK 0x53
251 #define GPCMD_SCAN 0xba
252 #define GPCMD_SEEK 0x2b
253 #define GPCMD_SEND_DVD_STRUCTURE 0xad
254 #define GPCMD_SEND_EVENT 0xa2
255 #define GPCMD_SEND_KEY 0xa3
256 #define GPCMD_SEND_OPC 0x54
257 #define GPCMD_SET_READ_AHEAD 0xa7
258 #define GPCMD_SET_STREAMING 0xb6
259 #define GPCMD_START_STOP_UNIT 0x1b
260 #define GPCMD_STOP_PLAY_SCAN 0x4e
261 #define GPCMD_TEST_UNIT_READY 0x00
262 #define GPCMD_VERIFY_10 0x2f
263 #define GPCMD_WRITE_10 0x2a
264 #define GPCMD_WRITE_AND_VERIFY_10 0x2e
265 /* This is listed as optional in ATAPI 2.6, but is (curiously)
266 * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
267 * Table 377 as an MMC command for SCSi devices though... Most ATAPI
268 * drives support it. */
269 #define GPCMD_SET_SPEED 0xbb
270 /* This seems to be a SCSI specific CD-ROM opcode
271 * to play data at track/index */
272 #define GPCMD_PLAYAUDIO_TI 0x48
273 /*
274 * From MS Media Status Notification Support Specification. For
275 * older drives only.
276 */
277 #define GPCMD_GET_MEDIA_STATUS 0xda
278 #define GPCMD_MODE_SENSE_6 0x1a
279
280 /* Mode page codes for mode sense/set */
281 #define GPMODE_R_W_ERROR_PAGE 0x01
282 #define GPMODE_WRITE_PARMS_PAGE 0x05
283 #define GPMODE_AUDIO_CTL_PAGE 0x0e
284 #define GPMODE_POWER_PAGE 0x1a
285 #define GPMODE_FAULT_FAIL_PAGE 0x1c
286 #define GPMODE_TO_PROTECT_PAGE 0x1d
287 #define GPMODE_CAPABILITIES_PAGE 0x2a
288 #define GPMODE_ALL_PAGES 0x3f
289 /* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
290 * of MODE_SENSE_POWER_PAGE */
291 #define GPMODE_CDROM_PAGE 0x0d
292
293 /*
294 * Based on values from <linux/cdrom.h> but extending CD_MINS
295 * to the maximum common size allowed by the Orange's Book ATIP
296 *
297 * 90 and 99 min CDs are also available but using them as the
298 * upper limit reduces the effectiveness of the heuristic to
299 * detect DVDs burned to less than 25% of their maximum capacity
300 */
301
302 /* Some generally useful CD-ROM information */
303 #define CD_MINS 80 /* max. minutes per CD */
304 #define CD_SECS 60 /* seconds per minute */
305 #define CD_FRAMES 75 /* frames per second */
306 #define CD_FRAMESIZE 2048 /* bytes per frame, "cooked" mode */
307 #define CD_MAX_BYTES (CD_MINS * CD_SECS * CD_FRAMES * CD_FRAMESIZE)
308 #define CD_MAX_SECTORS (CD_MAX_BYTES / 512)
309
310 /*
311 * The MMC values are not IDE specific and might need to be moved
312 * to a common header if they are also needed for the SCSI emulation
313 */
314
315 /* Profile list from MMC-6 revision 1 table 91 */
316 #define MMC_PROFILE_NONE 0x0000
317 #define MMC_PROFILE_CD_ROM 0x0008
318 #define MMC_PROFILE_CD_R 0x0009
319 #define MMC_PROFILE_CD_RW 0x000A
320 #define MMC_PROFILE_DVD_ROM 0x0010
321 #define MMC_PROFILE_DVD_R_SR 0x0011
322 #define MMC_PROFILE_DVD_RAM 0x0012
323 #define MMC_PROFILE_DVD_RW_RO 0x0013
324 #define MMC_PROFILE_DVD_RW_SR 0x0014
325 #define MMC_PROFILE_DVD_R_DL_SR 0x0015
326 #define MMC_PROFILE_DVD_R_DL_JR 0x0016
327 #define MMC_PROFILE_DVD_RW_DL 0x0017
328 #define MMC_PROFILE_DVD_DDR 0x0018
329 #define MMC_PROFILE_DVD_PLUS_RW 0x001A
330 #define MMC_PROFILE_DVD_PLUS_R 0x001B
331 #define MMC_PROFILE_DVD_PLUS_RW_DL 0x002A
332 #define MMC_PROFILE_DVD_PLUS_R_DL 0x002B
333 #define MMC_PROFILE_BD_ROM 0x0040
334 #define MMC_PROFILE_BD_R_SRM 0x0041
335 #define MMC_PROFILE_BD_R_RRM 0x0042
336 #define MMC_PROFILE_BD_RE 0x0043
337 #define MMC_PROFILE_HDDVD_ROM 0x0050
338 #define MMC_PROFILE_HDDVD_R 0x0051
339 #define MMC_PROFILE_HDDVD_RAM 0x0052
340 #define MMC_PROFILE_HDDVD_RW 0x0053
341 #define MMC_PROFILE_HDDVD_R_DL 0x0058
342 #define MMC_PROFILE_HDDVD_RW_DL 0x005A
343 #define MMC_PROFILE_INVALID 0xFFFF
344
345 #define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
346 #define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
347 #define ATAPI_INT_REASON_REL 0x04
348 #define ATAPI_INT_REASON_TAG 0xf8
349
350 /* same constants as bochs */
351 #define ASC_ILLEGAL_OPCODE 0x20
352 #define ASC_LOGICAL_BLOCK_OOR 0x21
353 #define ASC_INV_FIELD_IN_CMD_PACKET 0x24
354 #define ASC_MEDIUM_NOT_PRESENT 0x3a
355 #define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
356
357 #define CFA_NO_ERROR 0x00
358 #define CFA_MISC_ERROR 0x09
359 #define CFA_INVALID_COMMAND 0x20
360 #define CFA_INVALID_ADDRESS 0x21
361 #define CFA_ADDRESS_OVERFLOW 0x2f
362
363 #define SENSE_NONE 0
364 #define SENSE_NOT_READY 2
365 #define SENSE_ILLEGAL_REQUEST 5
366 #define SENSE_UNIT_ATTENTION 6
367
368 struct IDEState;
369
370 typedef void EndTransferFunc(struct IDEState *);
371
372 /* NOTE: IDEState represents in fact one drive */
373 typedef struct IDEState {
374 /* ide config */
375 int is_cdrom;
376 int is_cf;
377 int cylinders, heads, sectors;
378 int64_t nb_sectors;
379 int mult_sectors;
380 int identify_set;
381 uint16_t identify_data[256];
382 qemu_irq irq;
383 PCIDevice *pci_dev;
384 struct BMDMAState *bmdma;
385 int drive_serial;
386 /* ide regs */
387 uint8_t feature;
388 uint8_t error;
389 uint32_t nsector;
390 uint8_t sector;
391 uint8_t lcyl;
392 uint8_t hcyl;
393 /* other part of tf for lba48 support */
394 uint8_t hob_feature;
395 uint8_t hob_nsector;
396 uint8_t hob_sector;
397 uint8_t hob_lcyl;
398 uint8_t hob_hcyl;
399
400 uint8_t select;
401 uint8_t status;
402
403 /* 0x3f6 command, only meaningful for drive 0 */
404 uint8_t cmd;
405 /* set for lba48 access */
406 uint8_t lba48;
407 /* depends on bit 4 in select, only meaningful for drive 0 */
408 struct IDEState *cur_drive;
409 BlockDriverState *bs;
410 /* ATAPI specific */
411 uint8_t sense_key;
412 uint8_t asc;
413 int packet_transfer_size;
414 int elementary_transfer_size;
415 int io_buffer_index;
416 int lba;
417 int cd_sector_size;
418 int atapi_dma; /* true if dma is requested for the packet cmd */
419 /* ATA DMA state */
420 int io_buffer_size;
421 /* PIO transfer handling */
422 int req_nb_sectors; /* number of sectors per interrupt */
423 EndTransferFunc *end_transfer_func;
424 uint8_t *data_ptr;
425 uint8_t *data_end;
426 uint8_t *io_buffer;
427 QEMUTimer *sector_write_timer; /* only used for win2k install hack */
428 uint32_t irq_count; /* counts IRQs when using win2k install hack */
429 /* CF-ATA extended error */
430 uint8_t ext_error;
431 /* CF-ATA metadata storage */
432 uint32_t mdata_size;
433 uint8_t *mdata_storage;
434 int media_changed;
435 } IDEState;
436
437 #define BM_STATUS_DMAING 0x01
438 #define BM_STATUS_ERROR 0x02
439 #define BM_STATUS_INT 0x04
440
441 #define BM_CMD_START 0x01
442 #define BM_CMD_READ 0x08
443
444 #define IDE_TYPE_PIIX3 0
445 #define IDE_TYPE_CMD646 1
446 #define IDE_TYPE_PIIX4 2
447
448 /* CMD646 specific */
449 #define MRDMODE 0x71
450 #define MRDMODE_INTR_CH0 0x04
451 #define MRDMODE_INTR_CH1 0x08
452 #define MRDMODE_BLK_CH0 0x10
453 #define MRDMODE_BLK_CH1 0x20
454 #define UDIDETCR0 0x73
455 #define UDIDETCR1 0x7B
456
457 typedef struct BMDMAState {
458 uint8_t cmd;
459 uint8_t status;
460 uint32_t addr;
461
462 struct PCIIDEState *pci_dev;
463 /* current transfer state */
464 uint32_t cur_addr;
465 uint32_t cur_prd_last;
466 uint32_t cur_prd_addr;
467 uint32_t cur_prd_len;
468 IDEState *ide_if;
469 BlockDriverCompletionFunc *dma_cb;
470 BlockDriverAIOCB *aiocb;
471 } BMDMAState;
472
473 typedef struct PCIIDEState {
474 PCIDevice dev;
475 IDEState ide_if[4];
476 BMDMAState bmdma[2];
477 int type; /* see IDE_TYPE_xxx */
478 } PCIIDEState;
479
480 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb);
481 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
482
483 static void padstr(char *str, const char *src, int len)
484 {
485 int i, v;
486 for(i = 0; i < len; i++) {
487 if (*src)
488 v = *src++;
489 else
490 v = ' ';
491 str[i^1] = v;
492 }
493 }
494
495 static void padstr8(uint8_t *buf, int buf_size, const char *src)
496 {
497 int i;
498 for(i = 0; i < buf_size; i++) {
499 if (*src)
500 buf[i] = *src++;
501 else
502 buf[i] = ' ';
503 }
504 }
505
506 static void put_le16(uint16_t *p, unsigned int v)
507 {
508 *p = cpu_to_le16(v);
509 }
510
511 static void ide_identify(IDEState *s)
512 {
513 uint16_t *p;
514 unsigned int oldsize;
515 char buf[20];
516
517 if (s->identify_set) {
518 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
519 return;
520 }
521
522 memset(s->io_buffer, 0, 512);
523 p = (uint16_t *)s->io_buffer;
524 put_le16(p + 0, 0x0040);
525 put_le16(p + 1, s->cylinders);
526 put_le16(p + 3, s->heads);
527 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
528 put_le16(p + 5, 512); /* XXX: retired, remove ? */
529 put_le16(p + 6, s->sectors);
530 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
531 padstr((char *)(p + 10), buf, 20); /* serial number */
532 put_le16(p + 20, 3); /* XXX: retired, remove ? */
533 put_le16(p + 21, 512); /* cache size in sectors */
534 put_le16(p + 22, 4); /* ecc bytes */
535 padstr((char *)(p + 23), QEMU_VERSION, 8); /* firmware version */
536 padstr((char *)(p + 27), "QEMU HARDDISK", 40); /* model */
537 #if MAX_MULT_SECTORS > 1
538 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
539 #endif
540 put_le16(p + 48, 1); /* dword I/O */
541 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
542 put_le16(p + 51, 0x200); /* PIO transfer cycle */
543 put_le16(p + 52, 0x200); /* DMA transfer cycle */
544 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
545 put_le16(p + 54, s->cylinders);
546 put_le16(p + 55, s->heads);
547 put_le16(p + 56, s->sectors);
548 oldsize = s->cylinders * s->heads * s->sectors;
549 put_le16(p + 57, oldsize);
550 put_le16(p + 58, oldsize >> 16);
551 if (s->mult_sectors)
552 put_le16(p + 59, 0x100 | s->mult_sectors);
553 put_le16(p + 60, s->nb_sectors);
554 put_le16(p + 61, s->nb_sectors >> 16);
555 put_le16(p + 63, 0x07); /* mdma0-2 supported */
556 put_le16(p + 65, 120);
557 put_le16(p + 66, 120);
558 put_le16(p + 67, 120);
559 put_le16(p + 68, 120);
560 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
561 put_le16(p + 81, 0x16); /* conforms to ata5 */
562 put_le16(p + 82, (1 << 14));
563 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
564 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
565 put_le16(p + 84, (1 << 14));
566 put_le16(p + 85, (1 << 14));
567 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
568 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
569 put_le16(p + 87, (1 << 14));
570 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
571 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
572 put_le16(p + 100, s->nb_sectors);
573 put_le16(p + 101, s->nb_sectors >> 16);
574 put_le16(p + 102, s->nb_sectors >> 32);
575 put_le16(p + 103, s->nb_sectors >> 48);
576
577 memcpy(s->identify_data, p, sizeof(s->identify_data));
578 s->identify_set = 1;
579 }
580
581 static void ide_atapi_identify(IDEState *s)
582 {
583 uint16_t *p;
584 char buf[20];
585
586 if (s->identify_set) {
587 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
588 return;
589 }
590
591 memset(s->io_buffer, 0, 512);
592 p = (uint16_t *)s->io_buffer;
593 /* Removable CDROM, 50us response, 12 byte packets */
594 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
595 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
596 padstr((char *)(p + 10), buf, 20); /* serial number */
597 put_le16(p + 20, 3); /* buffer type */
598 put_le16(p + 21, 512); /* cache size in sectors */
599 put_le16(p + 22, 4); /* ecc bytes */
600 padstr((char *)(p + 23), QEMU_VERSION, 8); /* firmware version */
601 padstr((char *)(p + 27), "QEMU DVD-ROM", 40); /* model */
602 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
603 #ifdef USE_DMA_CDROM
604 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
605 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
606 put_le16(p + 63, 7); /* mdma0-2 supported */
607 put_le16(p + 64, 0x3f); /* PIO modes supported */
608 #else
609 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
610 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
611 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
612 put_le16(p + 64, 1); /* PIO modes */
613 #endif
614 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
615 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
616 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
617 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
618
619 put_le16(p + 71, 30); /* in ns */
620 put_le16(p + 72, 30); /* in ns */
621
622 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
623 #ifdef USE_DMA_CDROM
624 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
625 #endif
626 memcpy(s->identify_data, p, sizeof(s->identify_data));
627 s->identify_set = 1;
628 }
629
630 static void ide_cfata_identify(IDEState *s)
631 {
632 uint16_t *p;
633 uint32_t cur_sec;
634 char buf[20];
635
636 p = (uint16_t *) s->identify_data;
637 if (s->identify_set)
638 goto fill_buffer;
639
640 memset(p, 0, sizeof(s->identify_data));
641
642 cur_sec = s->cylinders * s->heads * s->sectors;
643
644 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
645 put_le16(p + 1, s->cylinders); /* Default cylinders */
646 put_le16(p + 3, s->heads); /* Default heads */
647 put_le16(p + 6, s->sectors); /* Default sectors per track */
648 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
649 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
650 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
651 padstr((char *)(p + 10), buf, 20); /* Serial number in ASCII */
652 put_le16(p + 22, 0x0004); /* ECC bytes */
653 padstr((char *) (p + 23), QEMU_VERSION, 8); /* Firmware Revision */
654 padstr((char *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */
655 #if MAX_MULT_SECTORS > 1
656 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
657 #else
658 put_le16(p + 47, 0x0000);
659 #endif
660 put_le16(p + 49, 0x0f00); /* Capabilities */
661 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
662 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
663 put_le16(p + 53, 0x0003); /* Translation params valid */
664 put_le16(p + 54, s->cylinders); /* Current cylinders */
665 put_le16(p + 55, s->heads); /* Current heads */
666 put_le16(p + 56, s->sectors); /* Current sectors */
667 put_le16(p + 57, cur_sec); /* Current capacity */
668 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
669 if (s->mult_sectors) /* Multiple sector setting */
670 put_le16(p + 59, 0x100 | s->mult_sectors);
671 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
672 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
673 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
674 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
675 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
676 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
677 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
678 put_le16(p + 82, 0x400c); /* Command Set supported */
679 put_le16(p + 83, 0x7068); /* Command Set supported */
680 put_le16(p + 84, 0x4000); /* Features supported */
681 put_le16(p + 85, 0x000c); /* Command Set enabled */
682 put_le16(p + 86, 0x7044); /* Command Set enabled */
683 put_le16(p + 87, 0x4000); /* Features enabled */
684 put_le16(p + 91, 0x4060); /* Current APM level */
685 put_le16(p + 129, 0x0002); /* Current features option */
686 put_le16(p + 130, 0x0005); /* Reassigned sectors */
687 put_le16(p + 131, 0x0001); /* Initial power mode */
688 put_le16(p + 132, 0x0000); /* User signature */
689 put_le16(p + 160, 0x8100); /* Power requirement */
690 put_le16(p + 161, 0x8001); /* CF command set */
691
692 s->identify_set = 1;
693
694 fill_buffer:
695 memcpy(s->io_buffer, p, sizeof(s->identify_data));
696 }
697
698 static void ide_set_signature(IDEState *s)
699 {
700 s->select &= 0xf0; /* clear head */
701 /* put signature */
702 s->nsector = 1;
703 s->sector = 1;
704 if (s->is_cdrom) {
705 s->lcyl = 0x14;
706 s->hcyl = 0xeb;
707 } else if (s->bs) {
708 s->lcyl = 0;
709 s->hcyl = 0;
710 } else {
711 s->lcyl = 0xff;
712 s->hcyl = 0xff;
713 }
714 }
715
716 static inline void ide_abort_command(IDEState *s)
717 {
718 s->status = READY_STAT | ERR_STAT;
719 s->error = ABRT_ERR;
720 }
721
722 static inline void ide_set_irq(IDEState *s)
723 {
724 BMDMAState *bm = s->bmdma;
725 if (!(s->cmd & IDE_CMD_DISABLE_IRQ)) {
726 if (bm) {
727 bm->status |= BM_STATUS_INT;
728 }
729 qemu_irq_raise(s->irq);
730 }
731 }
732
733 /* prepare data transfer and tell what to do after */
734 static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
735 EndTransferFunc *end_transfer_func)
736 {
737 s->end_transfer_func = end_transfer_func;
738 s->data_ptr = buf;
739 s->data_end = buf + size;
740 if (!(s->status & ERR_STAT))
741 s->status |= DRQ_STAT;
742 }
743
744 static void ide_transfer_stop(IDEState *s)
745 {
746 s->end_transfer_func = ide_transfer_stop;
747 s->data_ptr = s->io_buffer;
748 s->data_end = s->io_buffer;
749 s->status &= ~DRQ_STAT;
750 }
751
752 static int64_t ide_get_sector(IDEState *s)
753 {
754 int64_t sector_num;
755 if (s->select & 0x40) {
756 /* lba */
757 if (!s->lba48) {
758 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
759 (s->lcyl << 8) | s->sector;
760 } else {
761 sector_num = ((int64_t)s->hob_hcyl << 40) |
762 ((int64_t) s->hob_lcyl << 32) |
763 ((int64_t) s->hob_sector << 24) |
764 ((int64_t) s->hcyl << 16) |
765 ((int64_t) s->lcyl << 8) | s->sector;
766 }
767 } else {
768 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
769 (s->select & 0x0f) * s->sectors + (s->sector - 1);
770 }
771 return sector_num;
772 }
773
774 static void ide_set_sector(IDEState *s, int64_t sector_num)
775 {
776 unsigned int cyl, r;
777 if (s->select & 0x40) {
778 if (!s->lba48) {
779 s->select = (s->select & 0xf0) | (sector_num >> 24);
780 s->hcyl = (sector_num >> 16);
781 s->lcyl = (sector_num >> 8);
782 s->sector = (sector_num);
783 } else {
784 s->sector = sector_num;
785 s->lcyl = sector_num >> 8;
786 s->hcyl = sector_num >> 16;
787 s->hob_sector = sector_num >> 24;
788 s->hob_lcyl = sector_num >> 32;
789 s->hob_hcyl = sector_num >> 40;
790 }
791 } else {
792 cyl = sector_num / (s->heads * s->sectors);
793 r = sector_num % (s->heads * s->sectors);
794 s->hcyl = cyl >> 8;
795 s->lcyl = cyl;
796 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
797 s->sector = (r % s->sectors) + 1;
798 }
799 }
800
801 static void ide_sector_read(IDEState *s)
802 {
803 int64_t sector_num;
804 int ret, n;
805
806 s->status = READY_STAT | SEEK_STAT;
807 s->error = 0; /* not needed by IDE spec, but needed by Windows */
808 sector_num = ide_get_sector(s);
809 n = s->nsector;
810 if (n == 0) {
811 /* no more sector to read from disk */
812 ide_transfer_stop(s);
813 } else {
814 #if defined(DEBUG_IDE)
815 printf("read sector=%Ld\n", sector_num);
816 #endif
817 if (n > s->req_nb_sectors)
818 n = s->req_nb_sectors;
819 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
820 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
821 ide_set_irq(s);
822 ide_set_sector(s, sector_num + n);
823 s->nsector -= n;
824 }
825 }
826
827 /* return 0 if buffer completed */
828 static int dma_buf_rw(BMDMAState *bm, int is_write)
829 {
830 IDEState *s = bm->ide_if;
831 struct {
832 uint32_t addr;
833 uint32_t size;
834 } prd;
835 int l, len;
836
837 for(;;) {
838 l = s->io_buffer_size - s->io_buffer_index;
839 if (l <= 0)
840 break;
841 if (bm->cur_prd_len == 0) {
842 /* end of table (with a fail safe of one page) */
843 if (bm->cur_prd_last ||
844 (bm->cur_addr - bm->addr) >= 4096)
845 return 0;
846 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
847 bm->cur_addr += 8;
848 prd.addr = le32_to_cpu(prd.addr);
849 prd.size = le32_to_cpu(prd.size);
850 len = prd.size & 0xfffe;
851 if (len == 0)
852 len = 0x10000;
853 bm->cur_prd_len = len;
854 bm->cur_prd_addr = prd.addr;
855 bm->cur_prd_last = (prd.size & 0x80000000);
856 }
857 if (l > bm->cur_prd_len)
858 l = bm->cur_prd_len;
859 if (l > 0) {
860 if (is_write) {
861 cpu_physical_memory_write(bm->cur_prd_addr,
862 s->io_buffer + s->io_buffer_index, l);
863 } else {
864 cpu_physical_memory_read(bm->cur_prd_addr,
865 s->io_buffer + s->io_buffer_index, l);
866 }
867 bm->cur_prd_addr += l;
868 bm->cur_prd_len -= l;
869 s->io_buffer_index += l;
870 }
871 }
872 return 1;
873 }
874
875 /* XXX: handle errors */
876 static void ide_read_dma_cb(void *opaque, int ret)
877 {
878 BMDMAState *bm = opaque;
879 IDEState *s = bm->ide_if;
880 int n;
881 int64_t sector_num;
882
883 n = s->io_buffer_size >> 9;
884 sector_num = ide_get_sector(s);
885 if (n > 0) {
886 sector_num += n;
887 ide_set_sector(s, sector_num);
888 s->nsector -= n;
889 if (dma_buf_rw(bm, 1) == 0)
890 goto eot;
891 }
892
893 /* end of transfer ? */
894 if (s->nsector == 0) {
895 s->status = READY_STAT | SEEK_STAT;
896 ide_set_irq(s);
897 eot:
898 bm->status &= ~BM_STATUS_DMAING;
899 bm->status |= BM_STATUS_INT;
900 bm->dma_cb = NULL;
901 bm->ide_if = NULL;
902 bm->aiocb = NULL;
903 return;
904 }
905
906 /* launch next transfer */
907 n = s->nsector;
908 if (n > IDE_DMA_BUF_SECTORS)
909 n = IDE_DMA_BUF_SECTORS;
910 s->io_buffer_index = 0;
911 s->io_buffer_size = n * 512;
912 #ifdef DEBUG_AIO
913 printf("aio_read: sector_num=%lld n=%d\n", sector_num, n);
914 #endif
915 bm->aiocb = bdrv_aio_read(s->bs, sector_num, s->io_buffer, n,
916 ide_read_dma_cb, bm);
917 }
918
919 static void ide_sector_read_dma(IDEState *s)
920 {
921 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
922 s->io_buffer_index = 0;
923 s->io_buffer_size = 0;
924 ide_dma_start(s, ide_read_dma_cb);
925 }
926
927 static void ide_sector_write_timer_cb(void *opaque)
928 {
929 IDEState *s = opaque;
930 ide_set_irq(s);
931 }
932
933 static void ide_sector_write(IDEState *s)
934 {
935 int64_t sector_num;
936 int ret, n, n1;
937
938 s->status = READY_STAT | SEEK_STAT;
939 sector_num = ide_get_sector(s);
940 #if defined(DEBUG_IDE)
941 printf("write sector=%Ld\n", sector_num);
942 #endif
943 n = s->nsector;
944 if (n > s->req_nb_sectors)
945 n = s->req_nb_sectors;
946 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
947 s->nsector -= n;
948 if (s->nsector == 0) {
949 /* no more sectors to write */
950 ide_transfer_stop(s);
951 } else {
952 n1 = s->nsector;
953 if (n1 > s->req_nb_sectors)
954 n1 = s->req_nb_sectors;
955 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
956 }
957 ide_set_sector(s, sector_num + n);
958
959 #ifdef TARGET_I386
960 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
961 /* It seems there is a bug in the Windows 2000 installer HDD
962 IDE driver which fills the disk with empty logs when the
963 IDE write IRQ comes too early. This hack tries to correct
964 that at the expense of slower write performances. Use this
965 option _only_ to install Windows 2000. You must disable it
966 for normal use. */
967 qemu_mod_timer(s->sector_write_timer,
968 qemu_get_clock(vm_clock) + (ticks_per_sec / 1000));
969 } else
970 #endif
971 {
972 ide_set_irq(s);
973 }
974 }
975
976 /* XXX: handle errors */
977 static void ide_write_dma_cb(void *opaque, int ret)
978 {
979 BMDMAState *bm = opaque;
980 IDEState *s = bm->ide_if;
981 int n;
982 int64_t sector_num;
983
984 n = s->io_buffer_size >> 9;
985 sector_num = ide_get_sector(s);
986 if (n > 0) {
987 sector_num += n;
988 ide_set_sector(s, sector_num);
989 s->nsector -= n;
990 }
991
992 /* end of transfer ? */
993 if (s->nsector == 0) {
994 s->status = READY_STAT | SEEK_STAT;
995 ide_set_irq(s);
996 eot:
997 bm->status &= ~BM_STATUS_DMAING;
998 bm->status |= BM_STATUS_INT;
999 bm->dma_cb = NULL;
1000 bm->ide_if = NULL;
1001 bm->aiocb = NULL;
1002 return;
1003 }
1004
1005 /* launch next transfer */
1006 n = s->nsector;
1007 if (n > IDE_DMA_BUF_SECTORS)
1008 n = IDE_DMA_BUF_SECTORS;
1009 s->io_buffer_index = 0;
1010 s->io_buffer_size = n * 512;
1011
1012 if (dma_buf_rw(bm, 0) == 0)
1013 goto eot;
1014 #ifdef DEBUG_AIO
1015 printf("aio_write: sector_num=%lld n=%d\n", sector_num, n);
1016 #endif
1017 bm->aiocb = bdrv_aio_write(s->bs, sector_num, s->io_buffer, n,
1018 ide_write_dma_cb, bm);
1019 }
1020
1021 static void ide_sector_write_dma(IDEState *s)
1022 {
1023 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
1024 s->io_buffer_index = 0;
1025 s->io_buffer_size = 0;
1026 ide_dma_start(s, ide_write_dma_cb);
1027 }
1028
1029 static void ide_atapi_cmd_ok(IDEState *s)
1030 {
1031 s->error = 0;
1032 s->status = READY_STAT;
1033 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1034 ide_set_irq(s);
1035 }
1036
1037 static void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
1038 {
1039 #ifdef DEBUG_IDE_ATAPI
1040 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
1041 #endif
1042 s->error = sense_key << 4;
1043 s->status = READY_STAT | ERR_STAT;
1044 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1045 s->sense_key = sense_key;
1046 s->asc = asc;
1047 ide_set_irq(s);
1048 }
1049
1050 static inline void cpu_to_ube16(uint8_t *buf, int val)
1051 {
1052 buf[0] = val >> 8;
1053 buf[1] = val;
1054 }
1055
1056 static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
1057 {
1058 buf[0] = val >> 24;
1059 buf[1] = val >> 16;
1060 buf[2] = val >> 8;
1061 buf[3] = val;
1062 }
1063
1064 static inline int ube16_to_cpu(const uint8_t *buf)
1065 {
1066 return (buf[0] << 8) | buf[1];
1067 }
1068
1069 static inline int ube32_to_cpu(const uint8_t *buf)
1070 {
1071 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
1072 }
1073
1074 static void lba_to_msf(uint8_t *buf, int lba)
1075 {
1076 lba += 150;
1077 buf[0] = (lba / 75) / 60;
1078 buf[1] = (lba / 75) % 60;
1079 buf[2] = lba % 75;
1080 }
1081
1082 static void cd_data_to_raw(uint8_t *buf, int lba)
1083 {
1084 /* sync bytes */
1085 buf[0] = 0x00;
1086 memset(buf + 1, 0xff, 10);
1087 buf[11] = 0x00;
1088 buf += 12;
1089 /* MSF */
1090 lba_to_msf(buf, lba);
1091 buf[3] = 0x01; /* mode 1 data */
1092 buf += 4;
1093 /* data */
1094 buf += 2048;
1095 /* XXX: ECC not computed */
1096 memset(buf, 0, 288);
1097 }
1098
1099 static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
1100 int sector_size)
1101 {
1102 int ret;
1103
1104 switch(sector_size) {
1105 case 2048:
1106 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
1107 break;
1108 case 2352:
1109 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
1110 if (ret < 0)
1111 return ret;
1112 cd_data_to_raw(buf, lba);
1113 break;
1114 default:
1115 ret = -EIO;
1116 break;
1117 }
1118 return ret;
1119 }
1120
1121 static void ide_atapi_io_error(IDEState *s, int ret)
1122 {
1123 /* XXX: handle more errors */
1124 if (ret == -ENOMEDIUM) {
1125 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1126 ASC_MEDIUM_NOT_PRESENT);
1127 } else {
1128 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1129 ASC_LOGICAL_BLOCK_OOR);
1130 }
1131 }
1132
1133 /* The whole ATAPI transfer logic is handled in this function */
1134 static void ide_atapi_cmd_reply_end(IDEState *s)
1135 {
1136 int byte_count_limit, size, ret;
1137 #ifdef DEBUG_IDE_ATAPI
1138 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
1139 s->packet_transfer_size,
1140 s->elementary_transfer_size,
1141 s->io_buffer_index);
1142 #endif
1143 if (s->packet_transfer_size <= 0) {
1144 /* end of transfer */
1145 ide_transfer_stop(s);
1146 s->status = READY_STAT;
1147 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1148 ide_set_irq(s);
1149 #ifdef DEBUG_IDE_ATAPI
1150 printf("status=0x%x\n", s->status);
1151 #endif
1152 } else {
1153 /* see if a new sector must be read */
1154 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
1155 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
1156 if (ret < 0) {
1157 ide_transfer_stop(s);
1158 ide_atapi_io_error(s, ret);
1159 return;
1160 }
1161 s->lba++;
1162 s->io_buffer_index = 0;
1163 }
1164 if (s->elementary_transfer_size > 0) {
1165 /* there are some data left to transmit in this elementary
1166 transfer */
1167 size = s->cd_sector_size - s->io_buffer_index;
1168 if (size > s->elementary_transfer_size)
1169 size = s->elementary_transfer_size;
1170 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1171 size, ide_atapi_cmd_reply_end);
1172 s->packet_transfer_size -= size;
1173 s->elementary_transfer_size -= size;
1174 s->io_buffer_index += size;
1175 } else {
1176 /* a new transfer is needed */
1177 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
1178 byte_count_limit = s->lcyl | (s->hcyl << 8);
1179 #ifdef DEBUG_IDE_ATAPI
1180 printf("byte_count_limit=%d\n", byte_count_limit);
1181 #endif
1182 if (byte_count_limit == 0xffff)
1183 byte_count_limit--;
1184 size = s->packet_transfer_size;
1185 if (size > byte_count_limit) {
1186 /* byte count limit must be even if this case */
1187 if (byte_count_limit & 1)
1188 byte_count_limit--;
1189 size = byte_count_limit;
1190 }
1191 s->lcyl = size;
1192 s->hcyl = size >> 8;
1193 s->elementary_transfer_size = size;
1194 /* we cannot transmit more than one sector at a time */
1195 if (s->lba != -1) {
1196 if (size > (s->cd_sector_size - s->io_buffer_index))
1197 size = (s->cd_sector_size - s->io_buffer_index);
1198 }
1199 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1200 size, ide_atapi_cmd_reply_end);
1201 s->packet_transfer_size -= size;
1202 s->elementary_transfer_size -= size;
1203 s->io_buffer_index += size;
1204 ide_set_irq(s);
1205 #ifdef DEBUG_IDE_ATAPI
1206 printf("status=0x%x\n", s->status);
1207 #endif
1208 }
1209 }
1210 }
1211
1212 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
1213 static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
1214 {
1215 if (size > max_size)
1216 size = max_size;
1217 s->lba = -1; /* no sector read */
1218 s->packet_transfer_size = size;
1219 s->io_buffer_size = size; /* dma: send the reply data as one chunk */
1220 s->elementary_transfer_size = 0;
1221 s->io_buffer_index = 0;
1222
1223 if (s->atapi_dma) {
1224 s->status = READY_STAT | DRQ_STAT;
1225 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1226 } else {
1227 s->status = READY_STAT;
1228 ide_atapi_cmd_reply_end(s);
1229 }
1230 }
1231
1232 /* start a CD-CDROM read command */
1233 static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
1234 int sector_size)
1235 {
1236 s->lba = lba;
1237 s->packet_transfer_size = nb_sectors * sector_size;
1238 s->elementary_transfer_size = 0;
1239 s->io_buffer_index = sector_size;
1240 s->cd_sector_size = sector_size;
1241
1242 s->status = READY_STAT;
1243 ide_atapi_cmd_reply_end(s);
1244 }
1245
1246 /* ATAPI DMA support */
1247
1248 /* XXX: handle read errors */
1249 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
1250 {
1251 BMDMAState *bm = opaque;
1252 IDEState *s = bm->ide_if;
1253 int data_offset, n;
1254
1255 if (ret < 0) {
1256 ide_atapi_io_error(s, ret);
1257 goto eot;
1258 }
1259
1260 if (s->io_buffer_size > 0) {
1261 /*
1262 * For a cdrom read sector command (s->lba != -1),
1263 * adjust the lba for the next s->io_buffer_size chunk
1264 * and dma the current chunk.
1265 * For a command != read (s->lba == -1), just transfer
1266 * the reply data.
1267 */
1268 if (s->lba != -1) {
1269 if (s->cd_sector_size == 2352) {
1270 n = 1;
1271 cd_data_to_raw(s->io_buffer, s->lba);
1272 } else {
1273 n = s->io_buffer_size >> 11;
1274 }
1275 s->lba += n;
1276 }
1277 s->packet_transfer_size -= s->io_buffer_size;
1278 if (dma_buf_rw(bm, 1) == 0)
1279 goto eot;
1280 }
1281
1282 if (s->packet_transfer_size <= 0) {
1283 s->status = READY_STAT;
1284 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1285 ide_set_irq(s);
1286 eot:
1287 bm->status &= ~BM_STATUS_DMAING;
1288 bm->status |= BM_STATUS_INT;
1289 bm->dma_cb = NULL;
1290 bm->ide_if = NULL;
1291 bm->aiocb = NULL;
1292 return;
1293 }
1294
1295 s->io_buffer_index = 0;
1296 if (s->cd_sector_size == 2352) {
1297 n = 1;
1298 s->io_buffer_size = s->cd_sector_size;
1299 data_offset = 16;
1300 } else {
1301 n = s->packet_transfer_size >> 11;
1302 if (n > (IDE_DMA_BUF_SECTORS / 4))
1303 n = (IDE_DMA_BUF_SECTORS / 4);
1304 s->io_buffer_size = n * 2048;
1305 data_offset = 0;
1306 }
1307 #ifdef DEBUG_AIO
1308 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
1309 #endif
1310 bm->aiocb = bdrv_aio_read(s->bs, (int64_t)s->lba << 2,
1311 s->io_buffer + data_offset, n * 4,
1312 ide_atapi_cmd_read_dma_cb, bm);
1313 if (!bm->aiocb) {
1314 /* Note: media not present is the most likely case */
1315 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1316 ASC_MEDIUM_NOT_PRESENT);
1317 goto eot;
1318 }
1319 }
1320
1321 /* start a CD-CDROM read command with DMA */
1322 /* XXX: test if DMA is available */
1323 static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1324 int sector_size)
1325 {
1326 s->lba = lba;
1327 s->packet_transfer_size = nb_sectors * sector_size;
1328 s->io_buffer_index = 0;
1329 s->io_buffer_size = 0;
1330 s->cd_sector_size = sector_size;
1331
1332 /* XXX: check if BUSY_STAT should be set */
1333 s->status = READY_STAT | DRQ_STAT | BUSY_STAT;
1334 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1335 }
1336
1337 static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
1338 int sector_size)
1339 {
1340 #ifdef DEBUG_IDE_ATAPI
1341 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
1342 lba, nb_sectors);
1343 #endif
1344 if (s->atapi_dma) {
1345 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1346 } else {
1347 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1348 }
1349 }
1350
1351 static inline uint8_t ide_atapi_set_profile(uint8_t *buf, uint8_t *index,
1352 uint16_t profile)
1353 {
1354 uint8_t *buf_profile = buf + 12; /* start of profiles */
1355
1356 buf_profile += ((*index) * 4); /* start of indexed profile */
1357 cpu_to_ube16 (buf_profile, profile);
1358 buf_profile[2] = ((buf_profile[0] == buf[6]) && (buf_profile[1] == buf[7]));
1359
1360 /* each profile adds 4 bytes to the response */
1361 (*index)++;
1362 buf[11] += 4; /* Additional Length */
1363
1364 return 4;
1365 }
1366
1367 static void ide_atapi_cmd(IDEState *s)
1368 {
1369 const uint8_t *packet;
1370 uint8_t *buf;
1371 int max_len;
1372
1373 packet = s->io_buffer;
1374 buf = s->io_buffer;
1375 #ifdef DEBUG_IDE_ATAPI
1376 {
1377 int i;
1378 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1379 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1380 printf(" %02x", packet[i]);
1381 }
1382 printf("\n");
1383 }
1384 #endif
1385 switch(s->io_buffer[0]) {
1386 case GPCMD_TEST_UNIT_READY:
1387 if (bdrv_is_inserted(s->bs)) {
1388 ide_atapi_cmd_ok(s);
1389 } else {
1390 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1391 ASC_MEDIUM_NOT_PRESENT);
1392 }
1393 break;
1394 case GPCMD_MODE_SENSE_6:
1395 case GPCMD_MODE_SENSE_10:
1396 {
1397 int action, code;
1398 if (packet[0] == GPCMD_MODE_SENSE_10)
1399 max_len = ube16_to_cpu(packet + 7);
1400 else
1401 max_len = packet[4];
1402 action = packet[2] >> 6;
1403 code = packet[2] & 0x3f;
1404 switch(action) {
1405 case 0: /* current values */
1406 switch(code) {
1407 case 0x01: /* error recovery */
1408 cpu_to_ube16(&buf[0], 16 + 6);
1409 buf[2] = 0x70;
1410 buf[3] = 0;
1411 buf[4] = 0;
1412 buf[5] = 0;
1413 buf[6] = 0;
1414 buf[7] = 0;
1415
1416 buf[8] = 0x01;
1417 buf[9] = 0x06;
1418 buf[10] = 0x00;
1419 buf[11] = 0x05;
1420 buf[12] = 0x00;
1421 buf[13] = 0x00;
1422 buf[14] = 0x00;
1423 buf[15] = 0x00;
1424 ide_atapi_cmd_reply(s, 16, max_len);
1425 break;
1426 case 0x2a:
1427 cpu_to_ube16(&buf[0], 28 + 6);
1428 buf[2] = 0x70;
1429 buf[3] = 0;
1430 buf[4] = 0;
1431 buf[5] = 0;
1432 buf[6] = 0;
1433 buf[7] = 0;
1434
1435 buf[8] = 0x2a;
1436 buf[9] = 0x12;
1437 buf[10] = 0x00;
1438 buf[11] = 0x00;
1439
1440 buf[12] = 0x70;
1441 buf[13] = 3 << 5;
1442 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
1443 if (bdrv_is_locked(s->bs))
1444 buf[6] |= 1 << 1;
1445 buf[15] = 0x00;
1446 cpu_to_ube16(&buf[16], 706);
1447 buf[18] = 0;
1448 buf[19] = 2;
1449 cpu_to_ube16(&buf[20], 512);
1450 cpu_to_ube16(&buf[22], 706);
1451 buf[24] = 0;
1452 buf[25] = 0;
1453 buf[26] = 0;
1454 buf[27] = 0;
1455 ide_atapi_cmd_reply(s, 28, max_len);
1456 break;
1457 default:
1458 goto error_cmd;
1459 }
1460 break;
1461 case 1: /* changeable values */
1462 goto error_cmd;
1463 case 2: /* default values */
1464 goto error_cmd;
1465 default:
1466 case 3: /* saved values */
1467 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1468 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1469 break;
1470 }
1471 }
1472 break;
1473 case GPCMD_REQUEST_SENSE:
1474 max_len = packet[4];
1475 memset(buf, 0, 18);
1476 buf[0] = 0x70 | (1 << 7);
1477 buf[2] = s->sense_key;
1478 buf[7] = 10;
1479 buf[12] = s->asc;
1480 ide_atapi_cmd_reply(s, 18, max_len);
1481 break;
1482 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
1483 if (bdrv_is_inserted(s->bs)) {
1484 bdrv_set_locked(s->bs, packet[4] & 1);
1485 ide_atapi_cmd_ok(s);
1486 } else {
1487 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1488 ASC_MEDIUM_NOT_PRESENT);
1489 }
1490 break;
1491 case GPCMD_READ_10:
1492 case GPCMD_READ_12:
1493 {
1494 int nb_sectors, lba;
1495
1496 if (packet[0] == GPCMD_READ_10)
1497 nb_sectors = ube16_to_cpu(packet + 7);
1498 else
1499 nb_sectors = ube32_to_cpu(packet + 6);
1500 lba = ube32_to_cpu(packet + 2);
1501 if (nb_sectors == 0) {
1502 ide_atapi_cmd_ok(s);
1503 break;
1504 }
1505 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1506 }
1507 break;
1508 case GPCMD_READ_CD:
1509 {
1510 int nb_sectors, lba, transfer_request;
1511
1512 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1513 lba = ube32_to_cpu(packet + 2);
1514 if (nb_sectors == 0) {
1515 ide_atapi_cmd_ok(s);
1516 break;
1517 }
1518 transfer_request = packet[9];
1519 switch(transfer_request & 0xf8) {
1520 case 0x00:
1521 /* nothing */
1522 ide_atapi_cmd_ok(s);
1523 break;
1524 case 0x10:
1525 /* normal read */
1526 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1527 break;
1528 case 0xf8:
1529 /* read all data */
1530 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1531 break;
1532 default:
1533 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1534 ASC_INV_FIELD_IN_CMD_PACKET);
1535 break;
1536 }
1537 }
1538 break;
1539 case GPCMD_SEEK:
1540 {
1541 unsigned int lba;
1542 uint64_t total_sectors;
1543
1544 bdrv_get_geometry(s->bs, &total_sectors);
1545 total_sectors >>= 2;
1546 if (total_sectors == 0) {
1547 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1548 ASC_MEDIUM_NOT_PRESENT);
1549 break;
1550 }
1551 lba = ube32_to_cpu(packet + 2);
1552 if (lba >= total_sectors) {
1553 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1554 ASC_LOGICAL_BLOCK_OOR);
1555 break;
1556 }
1557 ide_atapi_cmd_ok(s);
1558 }
1559 break;
1560 case GPCMD_START_STOP_UNIT:
1561 {
1562 int start, eject;
1563 start = packet[4] & 1;
1564 eject = (packet[4] >> 1) & 1;
1565
1566 if (eject && !start) {
1567 /* eject the disk */
1568 bdrv_eject(s->bs, 1);
1569 } else if (eject && start) {
1570 /* close the tray */
1571 bdrv_eject(s->bs, 0);
1572 }
1573 ide_atapi_cmd_ok(s);
1574 }
1575 break;
1576 case GPCMD_MECHANISM_STATUS:
1577 {
1578 max_len = ube16_to_cpu(packet + 8);
1579 cpu_to_ube16(buf, 0);
1580 /* no current LBA */
1581 buf[2] = 0;
1582 buf[3] = 0;
1583 buf[4] = 0;
1584 buf[5] = 1;
1585 cpu_to_ube16(buf + 6, 0);
1586 ide_atapi_cmd_reply(s, 8, max_len);
1587 }
1588 break;
1589 case GPCMD_READ_TOC_PMA_ATIP:
1590 {
1591 int format, msf, start_track, len;
1592 uint64_t total_sectors;
1593
1594 bdrv_get_geometry(s->bs, &total_sectors);
1595 total_sectors >>= 2;
1596 if (total_sectors == 0) {
1597 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1598 ASC_MEDIUM_NOT_PRESENT);
1599 break;
1600 }
1601 max_len = ube16_to_cpu(packet + 7);
1602 format = packet[9] >> 6;
1603 msf = (packet[1] >> 1) & 1;
1604 start_track = packet[6];
1605 switch(format) {
1606 case 0:
1607 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
1608 if (len < 0)
1609 goto error_cmd;
1610 ide_atapi_cmd_reply(s, len, max_len);
1611 break;
1612 case 1:
1613 /* multi session : only a single session defined */
1614 memset(buf, 0, 12);
1615 buf[1] = 0x0a;
1616 buf[2] = 0x01;
1617 buf[3] = 0x01;
1618 ide_atapi_cmd_reply(s, 12, max_len);
1619 break;
1620 case 2:
1621 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
1622 if (len < 0)
1623 goto error_cmd;
1624 ide_atapi_cmd_reply(s, len, max_len);
1625 break;
1626 default:
1627 error_cmd:
1628 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1629 ASC_INV_FIELD_IN_CMD_PACKET);
1630 break;
1631 }
1632 }
1633 break;
1634 case GPCMD_READ_CDVD_CAPACITY:
1635 {
1636 uint64_t total_sectors;
1637
1638 bdrv_get_geometry(s->bs, &total_sectors);
1639 total_sectors >>= 2;
1640 if (total_sectors == 0) {
1641 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1642 ASC_MEDIUM_NOT_PRESENT);
1643 break;
1644 }
1645 /* NOTE: it is really the number of sectors minus 1 */
1646 cpu_to_ube32(buf, total_sectors - 1);
1647 cpu_to_ube32(buf + 4, 2048);
1648 ide_atapi_cmd_reply(s, 8, 8);
1649 }
1650 break;
1651 case GPCMD_READ_DVD_STRUCTURE:
1652 {
1653 int media = packet[1];
1654 int layer = packet[6];
1655 int format = packet[2];
1656 uint64_t total_sectors;
1657
1658 if (media != 0 || layer != 0)
1659 {
1660 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1661 ASC_INV_FIELD_IN_CMD_PACKET);
1662 }
1663
1664 switch (format) {
1665 case 0:
1666 bdrv_get_geometry(s->bs, &total_sectors);
1667 total_sectors >>= 2;
1668 if (total_sectors == 0) {
1669 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1670 ASC_MEDIUM_NOT_PRESENT);
1671 break;
1672 }
1673
1674 memset(buf, 0, 2052);
1675
1676 buf[4] = 1; // DVD-ROM, part version 1
1677 buf[5] = 0xf; // 120mm disc, maximum rate unspecified
1678 buf[6] = 0; // one layer, embossed data
1679 buf[7] = 0;
1680
1681 cpu_to_ube32(buf + 8, 0);
1682 cpu_to_ube32(buf + 12, total_sectors - 1);
1683 cpu_to_ube32(buf + 16, total_sectors - 1);
1684
1685 cpu_to_be16wu((uint16_t *)buf, 2048 + 4);
1686
1687 ide_atapi_cmd_reply(s, 2048 + 3, 2048 + 4);
1688 break;
1689
1690 default:
1691 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1692 ASC_INV_FIELD_IN_CMD_PACKET);
1693 break;
1694 }
1695 }
1696 break;
1697 case GPCMD_SET_SPEED:
1698 ide_atapi_cmd_ok(s);
1699 break;
1700 case GPCMD_INQUIRY:
1701 max_len = packet[4];
1702 buf[0] = 0x05; /* CD-ROM */
1703 buf[1] = 0x80; /* removable */
1704 buf[2] = 0x00; /* ISO */
1705 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1706 buf[4] = 31; /* additional length */
1707 buf[5] = 0; /* reserved */
1708 buf[6] = 0; /* reserved */
1709 buf[7] = 0; /* reserved */
1710 padstr8(buf + 8, 8, "QEMU");
1711 padstr8(buf + 16, 16, "QEMU DVD-ROM");
1712 padstr8(buf + 32, 4, QEMU_VERSION);
1713 ide_atapi_cmd_reply(s, 36, max_len);
1714 break;
1715 case GPCMD_GET_CONFIGURATION:
1716 {
1717 uint32_t len;
1718
1719 /* only feature 0 is supported */
1720 if (packet[2] != 0 || packet[3] != 0) {
1721 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1722 ASC_INV_FIELD_IN_CMD_PACKET);
1723 break;
1724 }
1725
1726 /* XXX: could result in alignment problems in some architectures */
1727 max_len = ube16_to_cpu(packet + 7);
1728 /*
1729 * XXX: avoid overflow for io_buffer if max_len is bigger than the
1730 * size of that buffer (dimensioned to max number of sectors
1731 * to transfer at once)
1732 *
1733 * Only a problem if the feature/profiles grow exponentially.
1734 */
1735 if (max_len > 512) /* XXX: assume 1 sector */
1736 max_len = 512;
1737
1738 memset(buf, 0, max_len);
1739 /*
1740 * the number of sectors from the media tells us which profile
1741 * to use as current. 0 means there is no media
1742 *
1743 * XXX: fails to detect correctly DVDs with less data burned
1744 * than what a CD can hold
1745 */
1746 if ((s -> nb_sectors)) {
1747 if ((s -> nb_sectors > CD_MAX_SECTORS))
1748 cpu_to_ube16(buf + 6, MMC_PROFILE_DVD_ROM);
1749 else
1750 cpu_to_ube16(buf + 6, MMC_PROFILE_CD_ROM);
1751 }
1752
1753 len = 8; /* header completed */
1754 if (max_len > len) {
1755 uint8_t index = 0;
1756
1757 buf[10] = 0x02 | 0x01; /* persistent and current */
1758 len += 4; /* header */
1759 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_DVD_ROM);
1760 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_CD_ROM);
1761 }
1762 cpu_to_ube32(buf, len - 4); /* data length */
1763
1764 ide_atapi_cmd_reply(s, len, max_len);
1765 break;
1766 }
1767 default:
1768 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1769 ASC_ILLEGAL_OPCODE);
1770 break;
1771 }
1772 }
1773
1774 static void ide_cfata_metadata_inquiry(IDEState *s)
1775 {
1776 uint16_t *p;
1777 uint32_t spd;
1778
1779 p = (uint16_t *) s->io_buffer;
1780 memset(p, 0, 0x200);
1781 spd = ((s->mdata_size - 1) >> 9) + 1;
1782
1783 put_le16(p + 0, 0x0001); /* Data format revision */
1784 put_le16(p + 1, 0x0000); /* Media property: silicon */
1785 put_le16(p + 2, s->media_changed); /* Media status */
1786 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
1787 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
1788 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
1789 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
1790 }
1791
1792 static void ide_cfata_metadata_read(IDEState *s)
1793 {
1794 uint16_t *p;
1795
1796 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1797 s->status = ERR_STAT;
1798 s->error = ABRT_ERR;
1799 return;
1800 }
1801
1802 p = (uint16_t *) s->io_buffer;
1803 memset(p, 0, 0x200);
1804
1805 put_le16(p + 0, s->media_changed); /* Media status */
1806 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1807 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1808 s->nsector << 9), 0x200 - 2));
1809 }
1810
1811 static void ide_cfata_metadata_write(IDEState *s)
1812 {
1813 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1814 s->status = ERR_STAT;
1815 s->error = ABRT_ERR;
1816 return;
1817 }
1818
1819 s->media_changed = 0;
1820
1821 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1822 s->io_buffer + 2,
1823 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1824 s->nsector << 9), 0x200 - 2));
1825 }
1826
1827 /* called when the inserted state of the media has changed */
1828 static void cdrom_change_cb(void *opaque)
1829 {
1830 IDEState *s = opaque;
1831 uint64_t nb_sectors;
1832
1833 /* XXX: send interrupt too */
1834 bdrv_get_geometry(s->bs, &nb_sectors);
1835 s->nb_sectors = nb_sectors;
1836 }
1837
1838 static void ide_cmd_lba48_transform(IDEState *s, int lba48)
1839 {
1840 s->lba48 = lba48;
1841
1842 /* handle the 'magic' 0 nsector count conversion here. to avoid
1843 * fiddling with the rest of the read logic, we just store the
1844 * full sector count in ->nsector and ignore ->hob_nsector from now
1845 */
1846 if (!s->lba48) {
1847 if (!s->nsector)
1848 s->nsector = 256;
1849 } else {
1850 if (!s->nsector && !s->hob_nsector)
1851 s->nsector = 65536;
1852 else {
1853 int lo = s->nsector;
1854 int hi = s->hob_nsector;
1855
1856 s->nsector = (hi << 8) | lo;
1857 }
1858 }
1859 }
1860
1861 static void ide_clear_hob(IDEState *ide_if)
1862 {
1863 /* any write clears HOB high bit of device control register */
1864 ide_if[0].select &= ~(1 << 7);
1865 ide_if[1].select &= ~(1 << 7);
1866 }
1867
1868 static void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
1869 {
1870 IDEState *ide_if = opaque;
1871 IDEState *s;
1872 int unit, n;
1873 int lba48 = 0;
1874
1875 #ifdef DEBUG_IDE
1876 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1877 #endif
1878
1879 addr &= 7;
1880 switch(addr) {
1881 case 0:
1882 break;
1883 case 1:
1884 ide_clear_hob(ide_if);
1885 /* NOTE: data is written to the two drives */
1886 ide_if[0].hob_feature = ide_if[0].feature;
1887 ide_if[1].hob_feature = ide_if[1].feature;
1888 ide_if[0].feature = val;
1889 ide_if[1].feature = val;
1890 break;
1891 case 2:
1892 ide_clear_hob(ide_if);
1893 ide_if[0].hob_nsector = ide_if[0].nsector;
1894 ide_if[1].hob_nsector = ide_if[1].nsector;
1895 ide_if[0].nsector = val;
1896 ide_if[1].nsector = val;
1897 break;
1898 case 3:
1899 ide_clear_hob(ide_if);
1900 ide_if[0].hob_sector = ide_if[0].sector;
1901 ide_if[1].hob_sector = ide_if[1].sector;
1902 ide_if[0].sector = val;
1903 ide_if[1].sector = val;
1904 break;
1905 case 4:
1906 ide_clear_hob(ide_if);
1907 ide_if[0].hob_lcyl = ide_if[0].lcyl;
1908 ide_if[1].hob_lcyl = ide_if[1].lcyl;
1909 ide_if[0].lcyl = val;
1910 ide_if[1].lcyl = val;
1911 break;
1912 case 5:
1913 ide_clear_hob(ide_if);
1914 ide_if[0].hob_hcyl = ide_if[0].hcyl;
1915 ide_if[1].hob_hcyl = ide_if[1].hcyl;
1916 ide_if[0].hcyl = val;
1917 ide_if[1].hcyl = val;
1918 break;
1919 case 6:
1920 /* FIXME: HOB readback uses bit 7 */
1921 ide_if[0].select = (val & ~0x10) | 0xa0;
1922 ide_if[1].select = (val | 0x10) | 0xa0;
1923 /* select drive */
1924 unit = (val >> 4) & 1;
1925 s = ide_if + unit;
1926 ide_if->cur_drive = s;
1927 break;
1928 default:
1929 case 7:
1930 /* command */
1931 #if defined(DEBUG_IDE)
1932 printf("ide: CMD=%02x\n", val);
1933 #endif
1934 s = ide_if->cur_drive;
1935 /* ignore commands to non existant slave */
1936 if (s != ide_if && !s->bs)
1937 break;
1938
1939 switch(val) {
1940 case WIN_IDENTIFY:
1941 if (s->bs && !s->is_cdrom) {
1942 if (!s->is_cf)
1943 ide_identify(s);
1944 else
1945 ide_cfata_identify(s);
1946 s->status = READY_STAT | SEEK_STAT;
1947 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1948 } else {
1949 if (s->is_cdrom) {
1950 ide_set_signature(s);
1951 }
1952 ide_abort_command(s);
1953 }
1954 ide_set_irq(s);
1955 break;
1956 case WIN_SPECIFY:
1957 case WIN_RECAL:
1958 s->error = 0;
1959 s->status = READY_STAT | SEEK_STAT;
1960 ide_set_irq(s);
1961 break;
1962 case WIN_SETMULT:
1963 if (s->is_cf && s->nsector == 0) {
1964 /* Disable Read and Write Multiple */
1965 s->mult_sectors = 0;
1966 s->status = READY_STAT;
1967 } else if ((s->nsector & 0xff) != 0 &&
1968 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
1969 (s->nsector & (s->nsector - 1)) != 0)) {
1970 ide_abort_command(s);
1971 } else {
1972 s->mult_sectors = s->nsector & 0xff;
1973 s->status = READY_STAT;
1974 }
1975 ide_set_irq(s);
1976 break;
1977 case WIN_VERIFY_EXT:
1978 lba48 = 1;
1979 case WIN_VERIFY:
1980 case WIN_VERIFY_ONCE:
1981 /* do sector number check ? */
1982 ide_cmd_lba48_transform(s, lba48);
1983 s->status = READY_STAT;
1984 ide_set_irq(s);
1985 break;
1986 case WIN_READ_EXT:
1987 lba48 = 1;
1988 case WIN_READ:
1989 case WIN_READ_ONCE:
1990 if (!s->bs)
1991 goto abort_cmd;
1992 ide_cmd_lba48_transform(s, lba48);
1993 s->req_nb_sectors = 1;
1994 ide_sector_read(s);
1995 break;
1996 case WIN_WRITE_EXT:
1997 lba48 = 1;
1998 case WIN_WRITE:
1999 case WIN_WRITE_ONCE:
2000 case CFA_WRITE_SECT_WO_ERASE:
2001 case WIN_WRITE_VERIFY:
2002 ide_cmd_lba48_transform(s, lba48);
2003 s->error = 0;
2004 s->status = SEEK_STAT | READY_STAT;
2005 s->req_nb_sectors = 1;
2006 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
2007 s->media_changed = 1;
2008 break;
2009 case WIN_MULTREAD_EXT:
2010 lba48 = 1;
2011 case WIN_MULTREAD:
2012 if (!s->mult_sectors)
2013 goto abort_cmd;
2014 ide_cmd_lba48_transform(s, lba48);
2015 s->req_nb_sectors = s->mult_sectors;
2016 ide_sector_read(s);
2017 break;
2018 case WIN_MULTWRITE_EXT:
2019 lba48 = 1;
2020 case WIN_MULTWRITE:
2021 case CFA_WRITE_MULTI_WO_ERASE:
2022 if (!s->mult_sectors)
2023 goto abort_cmd;
2024 ide_cmd_lba48_transform(s, lba48);
2025 s->error = 0;
2026 s->status = SEEK_STAT | READY_STAT;
2027 s->req_nb_sectors = s->mult_sectors;
2028 n = s->nsector;
2029 if (n > s->req_nb_sectors)
2030 n = s->req_nb_sectors;
2031 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
2032 s->media_changed = 1;
2033 break;
2034 case WIN_READDMA_EXT:
2035 lba48 = 1;
2036 case WIN_READDMA:
2037 case WIN_READDMA_ONCE:
2038 if (!s->bs)
2039 goto abort_cmd;
2040 ide_cmd_lba48_transform(s, lba48);
2041 ide_sector_read_dma(s);
2042 break;
2043 case WIN_WRITEDMA_EXT:
2044 lba48 = 1;
2045 case WIN_WRITEDMA:
2046 case WIN_WRITEDMA_ONCE:
2047 if (!s->bs)
2048 goto abort_cmd;
2049 ide_cmd_lba48_transform(s, lba48);
2050 ide_sector_write_dma(s);
2051 s->media_changed = 1;
2052 break;
2053 case WIN_READ_NATIVE_MAX_EXT:
2054 lba48 = 1;
2055 case WIN_READ_NATIVE_MAX:
2056 ide_cmd_lba48_transform(s, lba48);
2057 ide_set_sector(s, s->nb_sectors - 1);
2058 s->status = READY_STAT;
2059 ide_set_irq(s);
2060 break;
2061 case WIN_CHECKPOWERMODE1:
2062 case WIN_CHECKPOWERMODE2:
2063 s->nsector = 0xff; /* device active or idle */
2064 s->status = READY_STAT;
2065 ide_set_irq(s);
2066 break;
2067 case WIN_SETFEATURES:
2068 if (!s->bs)
2069 goto abort_cmd;
2070 /* XXX: valid for CDROM ? */
2071 switch(s->feature) {
2072 case 0xcc: /* reverting to power-on defaults enable */
2073 case 0x66: /* reverting to power-on defaults disable */
2074 case 0x02: /* write cache enable */
2075 case 0x82: /* write cache disable */
2076 case 0xaa: /* read look-ahead enable */
2077 case 0x55: /* read look-ahead disable */
2078 case 0x05: /* set advanced power management mode */
2079 case 0x85: /* disable advanced power management mode */
2080 case 0x69: /* NOP */
2081 case 0x67: /* NOP */
2082 case 0x96: /* NOP */
2083 case 0x9a: /* NOP */
2084 case 0x42: /* enable Automatic Acoustic Mode */
2085 case 0xc2: /* disable Automatic Acoustic Mode */
2086 s->status = READY_STAT | SEEK_STAT;
2087 ide_set_irq(s);
2088 break;
2089 case 0x03: { /* set transfer mode */
2090 uint8_t val = s->nsector & 0x07;
2091
2092 switch (s->nsector >> 3) {
2093 case 0x00: /* pio default */
2094 case 0x01: /* pio mode */
2095 put_le16(s->identify_data + 63,0x07);
2096 put_le16(s->identify_data + 88,0x3f);
2097 break;
2098 case 0x04: /* mdma mode */
2099 put_le16(s->identify_data + 63,0x07 | (1 << (val + 8)));
2100 put_le16(s->identify_data + 88,0x3f);
2101 break;
2102 case 0x08: /* udma mode */
2103 put_le16(s->identify_data + 63,0x07);
2104 put_le16(s->identify_data + 88,0x3f | (1 << (val + 8)));
2105 break;
2106 default:
2107 goto abort_cmd;
2108 }
2109 s->status = READY_STAT | SEEK_STAT;
2110 ide_set_irq(s);
2111 break;
2112 }
2113 default:
2114 goto abort_cmd;
2115 }
2116 break;
2117 case WIN_FLUSH_CACHE:
2118 case WIN_FLUSH_CACHE_EXT:
2119 if (s->bs)
2120 bdrv_flush(s->bs);
2121 s->status = READY_STAT;
2122 ide_set_irq(s);
2123 break;
2124 case WIN_STANDBY:
2125 case WIN_STANDBY2:
2126 case WIN_STANDBYNOW1:
2127 case WIN_STANDBYNOW2:
2128 case WIN_IDLEIMMEDIATE:
2129 case CFA_IDLEIMMEDIATE:
2130 case WIN_SETIDLE1:
2131 case WIN_SETIDLE2:
2132 case WIN_SLEEPNOW1:
2133 case WIN_SLEEPNOW2:
2134 s->status = READY_STAT;
2135 ide_set_irq(s);
2136 break;
2137 /* ATAPI commands */
2138 case WIN_PIDENTIFY:
2139 if (s->is_cdrom) {
2140 ide_atapi_identify(s);
2141 s->status = READY_STAT | SEEK_STAT;
2142 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2143 } else {
2144 ide_abort_command(s);
2145 }
2146 ide_set_irq(s);
2147 break;
2148 case WIN_DIAGNOSE:
2149 ide_set_signature(s);
2150 s->status = READY_STAT;
2151 s->error = 0x01;
2152 ide_set_irq(s);
2153 break;
2154 case WIN_SRST:
2155 if (!s->is_cdrom)
2156 goto abort_cmd;
2157 ide_set_signature(s);
2158 s->status = 0x00; /* NOTE: READY is _not_ set */
2159 s->error = 0x01;
2160 break;
2161 case WIN_PACKETCMD:
2162 if (!s->is_cdrom)
2163 goto abort_cmd;
2164 /* overlapping commands not supported */
2165 if (s->feature & 0x02)
2166 goto abort_cmd;
2167 s->status = READY_STAT;
2168 s->atapi_dma = s->feature & 1;
2169 s->nsector = 1;
2170 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
2171 ide_atapi_cmd);
2172 break;
2173 /* CF-ATA commands */
2174 case CFA_REQ_EXT_ERROR_CODE:
2175 if (!s->is_cf)
2176 goto abort_cmd;
2177 s->error = 0x09; /* miscellaneous error */
2178 s->status = READY_STAT;
2179 ide_set_irq(s);
2180 break;
2181 case CFA_ERASE_SECTORS:
2182 case CFA_WEAR_LEVEL:
2183 if (!s->is_cf)
2184 goto abort_cmd;
2185 if (val == CFA_WEAR_LEVEL)
2186 s->nsector = 0;
2187 if (val == CFA_ERASE_SECTORS)
2188 s->media_changed = 1;
2189 s->error = 0x00;
2190 s->status = READY_STAT;
2191 ide_set_irq(s);
2192 break;
2193 case CFA_TRANSLATE_SECTOR:
2194 if (!s->is_cf)
2195 goto abort_cmd;
2196 s->error = 0x00;
2197 s->status = READY_STAT;
2198 memset(s->io_buffer, 0, 0x200);
2199 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
2200 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
2201 s->io_buffer[0x02] = s->select; /* Head */
2202 s->io_buffer[0x03] = s->sector; /* Sector */
2203 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
2204 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
2205 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
2206 s->io_buffer[0x13] = 0x00; /* Erase flag */
2207 s->io_buffer[0x18] = 0x00; /* Hot count */
2208 s->io_buffer[0x19] = 0x00; /* Hot count */
2209 s->io_buffer[0x1a] = 0x01; /* Hot count */
2210 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2211 ide_set_irq(s);
2212 break;
2213 case CFA_ACCESS_METADATA_STORAGE:
2214 if (!s->is_cf)
2215 goto abort_cmd;
2216 switch (s->feature) {
2217 case 0x02: /* Inquiry Metadata Storage */
2218 ide_cfata_metadata_inquiry(s);
2219 break;
2220 case 0x03: /* Read Metadata Storage */
2221 ide_cfata_metadata_read(s);
2222 break;
2223 case 0x04: /* Write Metadata Storage */
2224 ide_cfata_metadata_write(s);
2225 break;
2226 default:
2227 goto abort_cmd;
2228 }
2229 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2230 s->status = 0x00; /* NOTE: READY is _not_ set */
2231 ide_set_irq(s);
2232 break;
2233 case IBM_SENSE_CONDITION:
2234 if (!s->is_cf)
2235 goto abort_cmd;
2236 switch (s->feature) {
2237 case 0x01: /* sense temperature in device */
2238 s->nsector = 0x50; /* +20 C */
2239 break;
2240 default:
2241 goto abort_cmd;
2242 }
2243 s->status = READY_STAT;
2244 ide_set_irq(s);
2245 break;
2246 default:
2247 abort_cmd:
2248 ide_abort_command(s);
2249 ide_set_irq(s);
2250 break;
2251 }
2252 }
2253 }
2254
2255 static uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
2256 {
2257 IDEState *ide_if = opaque;
2258 IDEState *s = ide_if->cur_drive;
2259 uint32_t addr;
2260 int ret, hob;
2261
2262 addr = addr1 & 7;
2263 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2264 //hob = s->select & (1 << 7);
2265 hob = 0;
2266 switch(addr) {
2267 case 0:
2268 ret = 0xff;
2269 break;
2270 case 1:
2271 if (!ide_if[0].bs && !ide_if[1].bs)
2272 ret = 0;
2273 else if (!hob)
2274 ret = s->error;
2275 else
2276 ret = s->hob_feature;
2277 break;
2278 case 2:
2279 if (!ide_if[0].bs && !ide_if[1].bs)
2280 ret = 0;
2281 else if (!hob)
2282 ret = s->nsector & 0xff;
2283 else
2284 ret = s->hob_nsector;
2285 break;
2286 case 3:
2287 if (!ide_if[0].bs && !ide_if[1].bs)
2288 ret = 0;
2289 else if (!hob)
2290 ret = s->sector;
2291 else
2292 ret = s->hob_sector;
2293 break;
2294 case 4:
2295 if (!ide_if[0].bs && !ide_if[1].bs)
2296 ret = 0;
2297 else if (!hob)
2298 ret = s->lcyl;
2299 else
2300 ret = s->hob_lcyl;
2301 break;
2302 case 5:
2303 if (!ide_if[0].bs && !ide_if[1].bs)
2304 ret = 0;
2305 else if (!hob)
2306 ret = s->hcyl;
2307 else
2308 ret = s->hob_hcyl;
2309 break;
2310 case 6:
2311 if (!ide_if[0].bs && !ide_if[1].bs)
2312 ret = 0;
2313 else
2314 ret = s->select;
2315 break;
2316 default:
2317 case 7:
2318 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2319 (s != ide_if && !s->bs))
2320 ret = 0;
2321 else
2322 ret = s->status;
2323 qemu_irq_lower(s->irq);
2324 break;
2325 }
2326 #ifdef DEBUG_IDE
2327 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
2328 #endif
2329 return ret;
2330 }
2331
2332 static uint32_t ide_status_read(void *opaque, uint32_t addr)
2333 {
2334 IDEState *ide_if = opaque;
2335 IDEState *s = ide_if->cur_drive;
2336 int ret;
2337
2338 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2339 (s != ide_if && !s->bs))
2340 ret = 0;
2341 else
2342 ret = s->status;
2343 #ifdef DEBUG_IDE
2344 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
2345 #endif
2346 return ret;
2347 }
2348
2349 static void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
2350 {
2351 IDEState *ide_if = opaque;
2352 IDEState *s;
2353 int i;
2354
2355 #ifdef DEBUG_IDE
2356 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
2357 #endif
2358 /* common for both drives */
2359 if (!(ide_if[0].cmd & IDE_CMD_RESET) &&
2360 (val & IDE_CMD_RESET)) {
2361 /* reset low to high */
2362 for(i = 0;i < 2; i++) {
2363 s = &ide_if[i];
2364 s->status = BUSY_STAT | SEEK_STAT;
2365 s->error = 0x01;
2366 }
2367 } else if ((ide_if[0].cmd & IDE_CMD_RESET) &&
2368 !(val & IDE_CMD_RESET)) {
2369 /* high to low */
2370 for(i = 0;i < 2; i++) {
2371 s = &ide_if[i];
2372 if (s->is_cdrom)
2373 s->status = 0x00; /* NOTE: READY is _not_ set */
2374 else
2375 s->status = READY_STAT | SEEK_STAT;
2376 ide_set_signature(s);
2377 }
2378 }
2379
2380 ide_if[0].cmd = val;
2381 ide_if[1].cmd = val;
2382 }
2383
2384 static void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
2385 {
2386 IDEState *s = ((IDEState *)opaque)->cur_drive;
2387 uint8_t *p;
2388
2389 p = s->data_ptr;
2390 *(uint16_t *)p = le16_to_cpu(val);
2391 p += 2;
2392 s->data_ptr = p;
2393 if (p >= s->data_end)
2394 s->end_transfer_func(s);
2395 }
2396
2397 static uint32_t ide_data_readw(void *opaque, uint32_t addr)
2398 {
2399 IDEState *s = ((IDEState *)opaque)->cur_drive;
2400 uint8_t *p;
2401 int ret;
2402 p = s->data_ptr;
2403 ret = cpu_to_le16(*(uint16_t *)p);
2404 p += 2;
2405 s->data_ptr = p;
2406 if (p >= s->data_end)
2407 s->end_transfer_func(s);
2408 return ret;
2409 }
2410
2411 static void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
2412 {
2413 IDEState *s = ((IDEState *)opaque)->cur_drive;
2414 uint8_t *p;
2415
2416 p = s->data_ptr;
2417 *(uint32_t *)p = le32_to_cpu(val);
2418 p += 4;
2419 s->data_ptr = p;
2420 if (p >= s->data_end)
2421 s->end_transfer_func(s);
2422 }
2423
2424 static uint32_t ide_data_readl(void *opaque, uint32_t addr)
2425 {
2426 IDEState *s = ((IDEState *)opaque)->cur_drive;
2427 uint8_t *p;
2428 int ret;
2429
2430 p = s->data_ptr;
2431 ret = cpu_to_le32(*(uint32_t *)p);
2432 p += 4;
2433 s->data_ptr = p;
2434 if (p >= s->data_end)
2435 s->end_transfer_func(s);
2436 return ret;
2437 }
2438
2439 static void ide_dummy_transfer_stop(IDEState *s)
2440 {
2441 s->data_ptr = s->io_buffer;
2442 s->data_end = s->io_buffer;
2443 s->io_buffer[0] = 0xff;
2444 s->io_buffer[1] = 0xff;
2445 s->io_buffer[2] = 0xff;
2446 s->io_buffer[3] = 0xff;
2447 }
2448
2449 static void ide_reset(IDEState *s)
2450 {
2451 if (s->is_cf)
2452 s->mult_sectors = 0;
2453 else
2454 s->mult_sectors = MAX_MULT_SECTORS;
2455 s->cur_drive = s;
2456 s->select = 0xa0;
2457 s->status = READY_STAT;
2458 ide_set_signature(s);
2459 /* init the transfer handler so that 0xffff is returned on data
2460 accesses */
2461 s->end_transfer_func = ide_dummy_transfer_stop;
2462 ide_dummy_transfer_stop(s);
2463 s->media_changed = 0;
2464 }
2465
2466 struct partition {
2467 uint8_t boot_ind; /* 0x80 - active */
2468 uint8_t head; /* starting head */
2469 uint8_t sector; /* starting sector */
2470 uint8_t cyl; /* starting cylinder */
2471 uint8_t sys_ind; /* What partition type */
2472 uint8_t end_head; /* end head */
2473 uint8_t end_sector; /* end sector */
2474 uint8_t end_cyl; /* end cylinder */
2475 uint32_t start_sect; /* starting sector counting from 0 */
2476 uint32_t nr_sects; /* nr of sectors in partition */
2477 } __attribute__((packed));
2478
2479 /* try to guess the disk logical geometry from the MSDOS partition table. Return 0 if OK, -1 if could not guess */
2480 static int guess_disk_lchs(IDEState *s,
2481 int *pcylinders, int *pheads, int *psectors)
2482 {
2483 uint8_t *buf = s->io_buffer;
2484 int ret, i, heads, sectors, cylinders;
2485 struct partition *p;
2486 uint32_t nr_sects;
2487
2488 ret = bdrv_read(s->bs, 0, buf, 1);
2489 if (ret < 0) {
2490 return -1;
2491 }
2492 /* test msdos magic */
2493 if (buf[510] != 0x55 || buf[511] != 0xaa) {
2494 return -1;
2495 }
2496 for(i = 0; i < 4; i++) {
2497 p = ((struct partition *)(buf + 0x1be)) + i;
2498 nr_sects = le32_to_cpu(p->nr_sects);
2499 if (nr_sects && p->end_head) {
2500 /* We make the assumption that the partition terminates on
2501 a cylinder boundary */
2502 heads = p->end_head + 1;
2503 sectors = p->end_sector & 63;
2504 if (sectors == 0)
2505 continue;
2506 cylinders = s->nb_sectors / (heads * sectors);
2507 if (cylinders < 1 || cylinders > 16383)
2508 continue;
2509 *pheads = heads;
2510 *psectors = sectors;
2511 *pcylinders = cylinders;
2512 #if 0
2513 printf("guessed geometry: LCHS=%d %d %d\n",
2514 cylinders, heads, sectors);
2515 #endif
2516 return 0;
2517 }
2518 }
2519 return -1;
2520 }
2521
2522 static void ide_init2(IDEState *ide_state,
2523 BlockDriverState *hd0, BlockDriverState *hd1,
2524 qemu_irq irq)
2525 {
2526 IDEState *s;
2527 static int drive_serial = 1;
2528 int i, cylinders, heads, secs, translation, lba_detected = 0;
2529 uint64_t nb_sectors;
2530
2531 for(i = 0; i < 2; i++) {
2532 s = ide_state + i;
2533 s->io_buffer = qemu_memalign(512, IDE_DMA_BUF_SECTORS*512 + 4);
2534 if (i == 0)
2535 s->bs = hd0;
2536 else
2537 s->bs = hd1;
2538 if (s->bs) {
2539 bdrv_get_geometry(s->bs, &nb_sectors);
2540 s->nb_sectors = nb_sectors;
2541 /* if a geometry hint is available, use it */
2542 bdrv_get_geometry_hint(s->bs, &cylinders, &heads, &secs);
2543 translation = bdrv_get_translation_hint(s->bs);
2544 if (cylinders != 0) {
2545 s->cylinders = cylinders;
2546 s->heads = heads;
2547 s->sectors = secs;
2548 } else {
2549 if (guess_disk_lchs(s, &cylinders, &heads, &secs) == 0) {
2550 if (heads > 16) {
2551 /* if heads > 16, it means that a BIOS LBA
2552 translation was active, so the default
2553 hardware geometry is OK */
2554 lba_detected = 1;
2555 goto default_geometry;
2556 } else {
2557 s->cylinders = cylinders;
2558 s->heads = heads;
2559 s->sectors = secs;
2560 /* disable any translation to be in sync with
2561 the logical geometry */
2562 if (translation == BIOS_ATA_TRANSLATION_AUTO) {
2563 bdrv_set_translation_hint(s->bs,
2564 BIOS_ATA_TRANSLATION_NONE);
2565 }
2566 }
2567 } else {
2568 default_geometry:
2569 /* if no geometry, use a standard physical disk geometry */
2570 cylinders = nb_sectors / (16 * 63);
2571 if (cylinders > 16383)
2572 cylinders = 16383;
2573 else if (cylinders < 2)
2574 cylinders = 2;
2575 s->cylinders = cylinders;
2576 s->heads = 16;
2577 s->sectors = 63;
2578 if ((lba_detected == 1) && (translation == BIOS_ATA_TRANSLATION_AUTO)) {
2579 if ((s->cylinders * s->heads) <= 131072) {
2580 bdrv_set_translation_hint(s->bs,
2581 BIOS_ATA_TRANSLATION_LARGE);
2582 } else {
2583 bdrv_set_translation_hint(s->bs,
2584 BIOS_ATA_TRANSLATION_LBA);
2585 }
2586 }
2587 }
2588 bdrv_set_geometry_hint(s->bs, s->cylinders, s->heads, s->sectors);
2589 }
2590 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
2591 s->is_cdrom = 1;
2592 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
2593 }
2594 }
2595 s->drive_serial = drive_serial++;
2596 s->irq = irq;
2597 s->sector_write_timer = qemu_new_timer(vm_clock,
2598 ide_sector_write_timer_cb, s);
2599 ide_reset(s);
2600 }
2601 }
2602
2603 static void ide_init_ioport(IDEState *ide_state, int iobase, int iobase2)
2604 {
2605 register_ioport_write(iobase, 8, 1, ide_ioport_write, ide_state);
2606 register_ioport_read(iobase, 8, 1, ide_ioport_read, ide_state);
2607 if (iobase2) {
2608 register_ioport_read(iobase2, 1, 1, ide_status_read, ide_state);
2609 register_ioport_write(iobase2, 1, 1, ide_cmd_write, ide_state);
2610 }
2611
2612 /* data ports */
2613 register_ioport_write(iobase, 2, 2, ide_data_writew, ide_state);
2614 register_ioport_read(iobase, 2, 2, ide_data_readw, ide_state);
2615 register_ioport_write(iobase, 4, 4, ide_data_writel, ide_state);
2616 register_ioport_read(iobase, 4, 4, ide_data_readl, ide_state);
2617 }
2618
2619 /* save per IDE drive data */
2620 static void ide_save(QEMUFile* f, IDEState *s)
2621 {
2622 qemu_put_be32(f, s->mult_sectors);
2623 qemu_put_be32(f, s->identify_set);
2624 if (s->identify_set) {
2625 qemu_put_buffer(f, (const uint8_t *)s->identify_data, 512);
2626 }
2627 qemu_put_8s(f, &s->feature);
2628 qemu_put_8s(f, &s->error);
2629 qemu_put_be32s(f, &s->nsector);
2630 qemu_put_8s(f, &s->sector);
2631 qemu_put_8s(f, &s->lcyl);
2632 qemu_put_8s(f, &s->hcyl);
2633 qemu_put_8s(f, &s->hob_feature);
2634 qemu_put_8s(f, &s->hob_nsector);
2635 qemu_put_8s(f, &s->hob_sector);
2636 qemu_put_8s(f, &s->hob_lcyl);
2637 qemu_put_8s(f, &s->hob_hcyl);
2638 qemu_put_8s(f, &s->select);
2639 qemu_put_8s(f, &s->status);
2640 qemu_put_8s(f, &s->lba48);
2641
2642 qemu_put_8s(f, &s->sense_key);
2643 qemu_put_8s(f, &s->asc);
2644 /* XXX: if a transfer is pending, we do not save it yet */
2645 }
2646
2647 /* load per IDE drive data */
2648 static void ide_load(QEMUFile* f, IDEState *s)
2649 {
2650 s->mult_sectors=qemu_get_be32(f);
2651 s->identify_set=qemu_get_be32(f);
2652 if (s->identify_set) {
2653 qemu_get_buffer(f, (uint8_t *)s->identify_data, 512);
2654 }
2655 qemu_get_8s(f, &s->feature);
2656 qemu_get_8s(f, &s->error);
2657 qemu_get_be32s(f, &s->nsector);
2658 qemu_get_8s(f, &s->sector);
2659 qemu_get_8s(f, &s->lcyl);
2660 qemu_get_8s(f, &s->hcyl);
2661 qemu_get_8s(f, &s->hob_feature);
2662 qemu_get_8s(f, &s->hob_nsector);
2663 qemu_get_8s(f, &s->hob_sector);
2664 qemu_get_8s(f, &s->hob_lcyl);
2665 qemu_get_8s(f, &s->hob_hcyl);
2666 qemu_get_8s(f, &s->select);
2667 qemu_get_8s(f, &s->status);
2668 qemu_get_8s(f, &s->lba48);
2669
2670 qemu_get_8s(f, &s->sense_key);
2671 qemu_get_8s(f, &s->asc);
2672 /* XXX: if a transfer is pending, we do not save it yet */
2673 }
2674
2675 /***********************************************************/
2676 /* ISA IDE definitions */
2677
2678 void isa_ide_init(int iobase, int iobase2, qemu_irq irq,
2679 BlockDriverState *hd0, BlockDriverState *hd1)
2680 {
2681 IDEState *ide_state;
2682
2683 ide_state = qemu_mallocz(sizeof(IDEState) * 2);
2684 if (!ide_state)
2685 return;
2686
2687 ide_init2(ide_state, hd0, hd1, irq);
2688 ide_init_ioport(ide_state, iobase, iobase2);
2689 }
2690
2691 /***********************************************************/
2692 /* PCI IDE definitions */
2693
2694 static void cmd646_update_irq(PCIIDEState *d);
2695
2696 static void ide_map(PCIDevice *pci_dev, int region_num,
2697 uint32_t addr, uint32_t size, int type)
2698 {
2699 PCIIDEState *d = (PCIIDEState *)pci_dev;
2700 IDEState *ide_state;
2701
2702 if (region_num <= 3) {
2703 ide_state = &d->ide_if[(region_num >> 1) * 2];
2704 if (region_num & 1) {
2705 register_ioport_read(addr + 2, 1, 1, ide_status_read, ide_state);
2706 register_ioport_write(addr + 2, 1, 1, ide_cmd_write, ide_state);
2707 } else {
2708 register_ioport_write(addr, 8, 1, ide_ioport_write, ide_state);
2709 register_ioport_read(addr, 8, 1, ide_ioport_read, ide_state);
2710
2711 /* data ports */
2712 register_ioport_write(addr, 2, 2, ide_data_writew, ide_state);
2713 register_ioport_read(addr, 2, 2, ide_data_readw, ide_state);
2714 register_ioport_write(addr, 4, 4, ide_data_writel, ide_state);
2715 register_ioport_read(addr, 4, 4, ide_data_readl, ide_state);
2716 }
2717 }
2718 }
2719
2720 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb)
2721 {
2722 BMDMAState *bm = s->bmdma;
2723 if(!bm)
2724 return;
2725 bm->ide_if = s;
2726 bm->dma_cb = dma_cb;
2727 bm->cur_prd_last = 0;
2728 bm->cur_prd_addr = 0;
2729 bm->cur_prd_len = 0;
2730 if (bm->status & BM_STATUS_DMAING) {
2731 bm->dma_cb(bm, 0);
2732 }
2733 }
2734
2735 static void bmdma_cmd_writeb(void *opaque, uint32_t addr, uint32_t val)
2736 {
2737 BMDMAState *bm = opaque;
2738 #ifdef DEBUG_IDE
2739 printf("%s: 0x%08x\n", __func__, val);
2740 #endif
2741 if (!(val & BM_CMD_START)) {
2742 /* XXX: do it better */
2743 if (bm->status & BM_STATUS_DMAING) {
2744 bm->status &= ~BM_STATUS_DMAING;
2745 /* cancel DMA request */
2746 bm->ide_if = NULL;
2747 bm->dma_cb = NULL;
2748 if (bm->aiocb) {
2749 #ifdef DEBUG_AIO
2750 printf("aio_cancel\n");
2751 #endif
2752 bdrv_aio_cancel(bm->aiocb);
2753 bm->aiocb = NULL;
2754 }
2755 }
2756 bm->cmd = val & 0x09;
2757 } else {
2758 if (!(bm->status & BM_STATUS_DMAING)) {
2759 bm->status |= BM_STATUS_DMAING;
2760 /* start dma transfer if possible */
2761 if (bm->dma_cb)
2762 bm->dma_cb(bm, 0);
2763 }
2764 bm->cmd = val & 0x09;
2765 }
2766 }
2767
2768 static uint32_t bmdma_readb(void *opaque, uint32_t addr)
2769 {
2770 BMDMAState *bm = opaque;
2771 PCIIDEState *pci_dev;
2772 uint32_t val;
2773
2774 switch(addr & 3) {
2775 case 0:
2776 val = bm->cmd;
2777 break;
2778 case 1:
2779 pci_dev = bm->pci_dev;
2780 if (pci_dev->type == IDE_TYPE_CMD646) {
2781 val = pci_dev->dev.config[MRDMODE];
2782 } else {
2783 val = 0xff;
2784 }
2785 break;
2786 case 2:
2787 val = bm->status;
2788 break;
2789 case 3:
2790 pci_dev = bm->pci_dev;
2791 if (pci_dev->type == IDE_TYPE_CMD646) {
2792 if (bm == &pci_dev->bmdma[0])
2793 val = pci_dev->dev.config[UDIDETCR0];
2794 else
2795 val = pci_dev->dev.config[UDIDETCR1];
2796 } else {
2797 val = 0xff;
2798 }
2799 break;
2800 default:
2801 val = 0xff;
2802 break;
2803 }
2804 #ifdef DEBUG_IDE
2805 printf("bmdma: readb 0x%02x : 0x%02x\n", addr, val);
2806 #endif
2807 return val;
2808 }
2809
2810 static void bmdma_writeb(void *opaque, uint32_t addr, uint32_t val)
2811 {
2812 BMDMAState *bm = opaque;
2813 PCIIDEState *pci_dev;
2814 #ifdef DEBUG_IDE
2815 printf("bmdma: writeb 0x%02x : 0x%02x\n", addr, val);
2816 #endif
2817 switch(addr & 3) {
2818 case 1:
2819 pci_dev = bm->pci_dev;
2820 if (pci_dev->type == IDE_TYPE_CMD646) {
2821 pci_dev->dev.config[MRDMODE] =
2822 (pci_dev->dev.config[MRDMODE] & ~0x30) | (val & 0x30);
2823 cmd646_update_irq(pci_dev);
2824 }
2825 break;
2826 case 2:
2827 bm->status = (val & 0x60) | (bm->status & 1) | (bm->status & ~val & 0x06);
2828 break;
2829 case 3:
2830 pci_dev = bm->pci_dev;
2831 if (pci_dev->type == IDE_TYPE_CMD646) {
2832 if (bm == &pci_dev->bmdma[0])
2833 pci_dev->dev.config[UDIDETCR0] = val;
2834 else
2835 pci_dev->dev.config[UDIDETCR1] = val;
2836 }
2837 break;
2838 }
2839 }
2840
2841 static uint32_t bmdma_addr_readl(void *opaque, uint32_t addr)
2842 {
2843 BMDMAState *bm = opaque;
2844 uint32_t val;
2845 val = bm->addr;
2846 #ifdef DEBUG_IDE
2847 printf("%s: 0x%08x\n", __func__, val);
2848 #endif
2849 return val;
2850 }
2851
2852 static void bmdma_addr_writel(void *opaque, uint32_t addr, uint32_t val)
2853 {
2854 BMDMAState *bm = opaque;
2855 #ifdef DEBUG_IDE
2856 printf("%s: 0x%08x\n", __func__, val);
2857 #endif
2858 bm->addr = val & ~3;
2859 bm->cur_addr = bm->addr;
2860 }
2861
2862 static void bmdma_map(PCIDevice *pci_dev, int region_num,
2863 uint32_t addr, uint32_t size, int type)
2864 {
2865 PCIIDEState *d = (PCIIDEState *)pci_dev;
2866 int i;
2867
2868 for(i = 0;i < 2; i++) {
2869 BMDMAState *bm = &d->bmdma[i];
2870 d->ide_if[2 * i].bmdma = bm;
2871 d->ide_if[2 * i + 1].bmdma = bm;
2872 bm->pci_dev = (PCIIDEState *)pci_dev;
2873
2874 register_ioport_write(addr, 1, 1, bmdma_cmd_writeb, bm);
2875
2876 register_ioport_write(addr + 1, 3, 1, bmdma_writeb, bm);
2877 register_ioport_read(addr, 4, 1, bmdma_readb, bm);
2878
2879 register_ioport_write(addr + 4, 4, 4, bmdma_addr_writel, bm);
2880 register_ioport_read(addr + 4, 4, 4, bmdma_addr_readl, bm);
2881 addr += 8;
2882 }
2883 }
2884
2885 /* XXX: call it also when the MRDMODE is changed from the PCI config
2886 registers */
2887 static void cmd646_update_irq(PCIIDEState *d)
2888 {
2889 int pci_level;
2890 pci_level = ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH0) &&
2891 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH0)) ||
2892 ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH1) &&
2893 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH1));
2894 qemu_set_irq(d->dev.irq[0], pci_level);
2895 }
2896
2897 /* the PCI irq level is the logical OR of the two channels */
2898 static void cmd646_set_irq(void *opaque, int channel, int level)
2899 {
2900 PCIIDEState *d = opaque;
2901 int irq_mask;
2902
2903 irq_mask = MRDMODE_INTR_CH0 << channel;
2904 if (level)
2905 d->dev.config[MRDMODE] |= irq_mask;
2906 else
2907 d->dev.config[MRDMODE] &= ~irq_mask;
2908 cmd646_update_irq(d);
2909 }
2910
2911 /* CMD646 PCI IDE controller */
2912 void pci_cmd646_ide_init(PCIBus *bus, BlockDriverState **hd_table,
2913 int secondary_ide_enabled)
2914 {
2915 PCIIDEState *d;
2916 uint8_t *pci_conf;
2917 int i;
2918 qemu_irq *irq;
2919
2920 d = (PCIIDEState *)pci_register_device(bus, "CMD646 IDE",
2921 sizeof(PCIIDEState),
2922 -1,
2923 NULL, NULL);
2924 d->type = IDE_TYPE_CMD646;
2925 pci_conf = d->dev.config;
2926 pci_conf[0x00] = 0x95; // CMD646
2927 pci_conf[0x01] = 0x10;
2928 pci_conf[0x02] = 0x46;
2929 pci_conf[0x03] = 0x06;
2930
2931 pci_conf[0x08] = 0x07; // IDE controller revision
2932 pci_conf[0x09] = 0x8f;
2933
2934 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2935 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2936 pci_conf[0x0e] = 0x00; // header_type
2937
2938 if (secondary_ide_enabled) {
2939 /* XXX: if not enabled, really disable the seconday IDE controller */
2940 pci_conf[0x51] = 0x80; /* enable IDE1 */
2941 }
2942
2943 pci_register_io_region((PCIDevice *)d, 0, 0x8,
2944 PCI_ADDRESS_SPACE_IO, ide_map);
2945 pci_register_io_region((PCIDevice *)d, 1, 0x4,
2946 PCI_ADDRESS_SPACE_IO, ide_map);
2947 pci_register_io_region((PCIDevice *)d, 2, 0x8,
2948 PCI_ADDRESS_SPACE_IO, ide_map);
2949 pci_register_io_region((PCIDevice *)d, 3, 0x4,
2950 PCI_ADDRESS_SPACE_IO, ide_map);
2951 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2952 PCI_ADDRESS_SPACE_IO, bmdma_map);
2953
2954 pci_conf[0x3d] = 0x01; // interrupt on pin 1
2955
2956 for(i = 0; i < 4; i++)
2957 d->ide_if[i].pci_dev = (PCIDevice *)d;
2958
2959 irq = qemu_allocate_irqs(cmd646_set_irq, d, 2);
2960 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], irq[0]);
2961 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], irq[1]);
2962 }
2963
2964 static void pci_ide_save(QEMUFile* f, void *opaque)
2965 {
2966 PCIIDEState *d = opaque;
2967 int i;
2968
2969 pci_device_save(&d->dev, f);
2970
2971 for(i = 0; i < 2; i++) {
2972 BMDMAState *bm = &d->bmdma[i];
2973 qemu_put_8s(f, &bm->cmd);
2974 qemu_put_8s(f, &bm->status);
2975 qemu_put_be32s(f, &bm->addr);
2976 /* XXX: if a transfer is pending, we do not save it yet */
2977 }
2978
2979 /* per IDE interface data */
2980 for(i = 0; i < 2; i++) {
2981 IDEState *s = &d->ide_if[i * 2];
2982 uint8_t drive1_selected;
2983 qemu_put_8s(f, &s->cmd);
2984 drive1_selected = (s->cur_drive != s);
2985 qemu_put_8s(f, &drive1_selected);
2986 }
2987
2988 /* per IDE drive data */
2989 for(i = 0; i < 4; i++) {
2990 ide_save(f, &d->ide_if[i]);
2991 }
2992 }
2993
2994 static int pci_ide_load(QEMUFile* f, void *opaque, int version_id)
2995 {
2996 PCIIDEState *d = opaque;
2997 int ret, i;
2998
2999 if (version_id != 1)
3000 return -EINVAL;
3001 ret = pci_device_load(&d->dev, f);
3002 if (ret < 0)
3003 return ret;
3004
3005 for(i = 0; i < 2; i++) {
3006 BMDMAState *bm = &d->bmdma[i];
3007 qemu_get_8s(f, &bm->cmd);
3008 qemu_get_8s(f, &bm->status);
3009 qemu_get_be32s(f, &bm->addr);
3010 /* XXX: if a transfer is pending, we do not save it yet */
3011 }
3012
3013 /* per IDE interface data */
3014 for(i = 0; i < 2; i++) {
3015 IDEState *s = &d->ide_if[i * 2];
3016 uint8_t drive1_selected;
3017 qemu_get_8s(f, &s->cmd);
3018 qemu_get_8s(f, &drive1_selected);
3019 s->cur_drive = &d->ide_if[i * 2 + (drive1_selected != 0)];
3020 }
3021
3022 /* per IDE drive data */
3023 for(i = 0; i < 4; i++) {
3024 ide_load(f, &d->ide_if[i]);
3025 }
3026 return 0;
3027 }
3028
3029 static void piix3_reset(PCIIDEState *d)
3030 {
3031 uint8_t *pci_conf = d->dev.config;
3032
3033 pci_conf[0x04] = 0x00;
3034 pci_conf[0x05] = 0x00;
3035 pci_conf[0x06] = 0x80; /* FBC */
3036 pci_conf[0x07] = 0x02; // PCI_status_devsel_medium
3037 pci_conf[0x20] = 0x01; /* BMIBA: 20-23h */
3038 }
3039
3040 /* hd_table must contain 4 block drivers */
3041 /* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
3042 void pci_piix3_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
3043 qemu_irq *pic)
3044 {
3045 PCIIDEState *d;
3046 uint8_t *pci_conf;
3047
3048 /* register a function 1 of PIIX3 */
3049 d = (PCIIDEState *)pci_register_device(bus, "PIIX3 IDE",
3050 sizeof(PCIIDEState),
3051 devfn,
3052 NULL, NULL);
3053 d->type = IDE_TYPE_PIIX3;
3054
3055 pci_conf = d->dev.config;
3056 pci_conf[0x00] = 0x86; // Intel
3057 pci_conf[0x01] = 0x80;
3058 pci_conf[0x02] = 0x10;
3059 pci_conf[0x03] = 0x70;
3060 pci_conf[0x09] = 0x80; // legacy ATA mode
3061 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
3062 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
3063 pci_conf[0x0e] = 0x00; // header_type
3064
3065 piix3_reset(d);
3066
3067 pci_register_io_region((PCIDevice *)d, 4, 0x10,
3068 PCI_ADDRESS_SPACE_IO, bmdma_map);
3069
3070 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
3071 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
3072 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
3073 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
3074
3075 register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
3076 }
3077
3078 /* hd_table must contain 4 block drivers */
3079 /* NOTE: for the PIIX4, the IRQs and IOports are hardcoded */
3080 void pci_piix4_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
3081 qemu_irq *pic)
3082 {
3083 PCIIDEState *d;
3084 uint8_t *pci_conf;
3085
3086 /* register a function 1 of PIIX4 */
3087 d = (PCIIDEState *)pci_register_device(bus, "PIIX4 IDE",
3088 sizeof(PCIIDEState),
3089 devfn,
3090 NULL, NULL);
3091 d->type = IDE_TYPE_PIIX4;
3092
3093 pci_conf = d->dev.config;
3094 pci_conf[0x00] = 0x86; // Intel
3095 pci_conf[0x01] = 0x80;
3096 pci_conf[0x02] = 0x11;
3097 pci_conf[0x03] = 0x71;
3098 pci_conf[0x09] = 0x80; // legacy ATA mode
3099 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
3100 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
3101 pci_conf[0x0e] = 0x00; // header_type
3102
3103 piix3_reset(d);
3104
3105 pci_register_io_region((PCIDevice *)d, 4, 0x10,
3106 PCI_ADDRESS_SPACE_IO, bmdma_map);
3107
3108 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
3109 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
3110 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
3111 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
3112
3113 register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
3114 }
3115
3116 /***********************************************************/
3117 /* MacIO based PowerPC IDE */
3118
3119 /* PowerMac IDE memory IO */
3120 static void pmac_ide_writeb (void *opaque,
3121 target_phys_addr_t addr, uint32_t val)
3122 {
3123 addr = (addr & 0xFFF) >> 4;
3124 switch (addr) {
3125 case 1 ... 7:
3126 ide_ioport_write(opaque, addr, val);
3127 break;
3128 case 8:
3129 case 22:
3130 ide_cmd_write(opaque, 0, val);
3131 break;
3132 default:
3133 break;
3134 }
3135 }
3136
3137 static uint32_t pmac_ide_readb (void *opaque,target_phys_addr_t addr)
3138 {
3139 uint8_t retval;
3140
3141 addr = (addr & 0xFFF) >> 4;
3142 switch (addr) {
3143 case 1 ... 7:
3144 retval = ide_ioport_read(opaque, addr);
3145 break;
3146 case 8:
3147 case 22:
3148 retval = ide_status_read(opaque, 0);
3149 break;
3150 default:
3151 retval = 0xFF;
3152 break;
3153 }
3154 return retval;
3155 }
3156
3157 static void pmac_ide_writew (void *opaque,
3158 target_phys_addr_t addr, uint32_t val)
3159 {
3160 addr = (addr & 0xFFF) >> 4;
3161 #ifdef TARGET_WORDS_BIGENDIAN
3162 val = bswap16(val);
3163 #endif
3164 if (addr == 0) {
3165 ide_data_writew(opaque, 0, val);
3166 }
3167 }
3168
3169 static uint32_t pmac_ide_readw (void *opaque,target_phys_addr_t addr)
3170 {
3171 uint16_t retval;
3172
3173 addr = (addr & 0xFFF) >> 4;
3174 if (addr == 0) {
3175 retval = ide_data_readw(opaque, 0);
3176 } else {
3177 retval = 0xFFFF;
3178 }
3179 #ifdef TARGET_WORDS_BIGENDIAN
3180 retval = bswap16(retval);
3181 #endif
3182 return retval;
3183 }
3184
3185 static void pmac_ide_writel (void *opaque,
3186 target_phys_addr_t addr, uint32_t val)
3187 {
3188 addr = (addr & 0xFFF) >> 4;
3189 #ifdef TARGET_WORDS_BIGENDIAN
3190 val = bswap32(val);
3191 #endif
3192 if (addr == 0) {
3193 ide_data_writel(opaque, 0, val);
3194 }
3195 }
3196
3197 static uint32_t pmac_ide_readl (void *opaque,target_phys_addr_t addr)
3198 {
3199 uint32_t retval;
3200
3201 addr = (addr & 0xFFF) >> 4;
3202 if (addr == 0) {
3203 retval = ide_data_readl(opaque, 0);
3204 } else {
3205 retval = 0xFFFFFFFF;
3206 }
3207 #ifdef TARGET_WORDS_BIGENDIAN
3208 retval = bswap32(retval);
3209 #endif
3210 return retval;
3211 }
3212
3213 static CPUWriteMemoryFunc *pmac_ide_write[] = {
3214 pmac_ide_writeb,
3215 pmac_ide_writew,
3216 pmac_ide_writel,
3217 };
3218
3219 static CPUReadMemoryFunc *pmac_ide_read[] = {
3220 pmac_ide_readb,
3221 pmac_ide_readw,
3222 pmac_ide_readl,
3223 };
3224
3225 /* hd_table must contain 4 block drivers */
3226 /* PowerMac uses memory mapped registers, not I/O. Return the memory
3227 I/O index to access the ide. */
3228 int pmac_ide_init (BlockDriverState **hd_table, qemu_irq irq)
3229 {
3230 IDEState *ide_if;
3231 int pmac_ide_memory;
3232
3233 ide_if = qemu_mallocz(sizeof(IDEState) * 2);
3234 ide_init2(&ide_if[0], hd_table[0], hd_table[1], irq);
3235
3236 pmac_ide_memory = cpu_register_io_memory(0, pmac_ide_read,
3237 pmac_ide_write, &ide_if[0]);
3238 return pmac_ide_memory;
3239 }
3240
3241 /***********************************************************/
3242 /* CF-ATA Microdrive */
3243
3244 #define METADATA_SIZE 0x20
3245
3246 /* DSCM-1XXXX Microdrive hard disk with CF+ II / PCMCIA interface. */
3247 struct md_s {
3248 IDEState ide[2];
3249 struct pcmcia_card_s card;
3250 uint32_t attr_base;
3251 uint32_t io_base;
3252
3253 /* Card state */
3254 uint8_t opt;
3255 uint8_t stat;
3256 uint8_t pins;
3257
3258 uint8_t ctrl;
3259 uint16_t io;
3260 int cycle;
3261 };
3262
3263 /* Register bitfields */
3264 enum md_opt {
3265 OPT_MODE_MMAP = 0,
3266 OPT_MODE_IOMAP16 = 1,
3267 OPT_MODE_IOMAP1 = 2,
3268 OPT_MODE_IOMAP2 = 3,
3269 OPT_MODE = 0x3f,
3270 OPT_LEVIREQ = 0x40,
3271 OPT_SRESET = 0x80,
3272 };
3273 enum md_cstat {
3274 STAT_INT = 0x02,
3275 STAT_PWRDWN = 0x04,
3276 STAT_XE = 0x10,
3277 STAT_IOIS8 = 0x20,
3278 STAT_SIGCHG = 0x40,
3279 STAT_CHANGED = 0x80,
3280 };
3281 enum md_pins {
3282 PINS_MRDY = 0x02,
3283 PINS_CRDY = 0x20,
3284 };
3285 enum md_ctrl {
3286 CTRL_IEN = 0x02,
3287 CTRL_SRST = 0x04,
3288 };
3289
3290 static inline void md_interrupt_update(struct md_s *s)
3291 {
3292 if (!s->card.slot)
3293 return;
3294
3295 qemu_set_irq(s->card.slot->irq,
3296 !(s->stat & STAT_INT) && /* Inverted */
3297 !(s->ctrl & (CTRL_IEN | CTRL_SRST)) &&
3298 !(s->opt & OPT_SRESET));
3299 }
3300
3301 static void md_set_irq(void *opaque, int irq, int level)
3302 {
3303 struct md_s *s = (struct md_s *) opaque;
3304 if (level)
3305 s->stat |= STAT_INT;
3306 else
3307 s->stat &= ~STAT_INT;
3308
3309 md_interrupt_update(s);
3310 }
3311
3312 static void md_reset(struct md_s *s)
3313 {
3314 s->opt = OPT_MODE_MMAP;
3315 s->stat = 0;
3316 s->pins = 0;
3317 s->cycle = 0;
3318 s->ctrl = 0;
3319 ide_reset(s->ide);
3320 }
3321
3322 static uint8_t md_attr_read(void *opaque, uint32_t at)
3323 {
3324 struct md_s *s = (struct md_s *) opaque;
3325 if (at < s->attr_base) {
3326 if (at < s->card.cis_len)
3327 return s->card.cis[at];
3328 else
3329 return 0x00;
3330 }
3331
3332 at -= s->attr_base;
3333
3334 switch (at) {
3335 case 0x00: /* Configuration Option Register */
3336 return s->opt;
3337 case 0x02: /* Card Configuration Status Register */
3338 if (s->ctrl & CTRL_IEN)
3339 return s->stat & ~STAT_INT;
3340 else
3341 return s->stat;
3342 case 0x04: /* Pin Replacement Register */
3343 return (s->pins & PINS_CRDY) | 0x0c;
3344 case 0x06: /* Socket and Copy Register */
3345 return 0x00;
3346 #ifdef VERBOSE
3347 default:
3348 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3349 #endif
3350 }
3351
3352 return 0;
3353 }
3354
3355 static void md_attr_write(void *opaque, uint32_t at, uint8_t value)
3356 {
3357 struct md_s *s = (struct md_s *) opaque;
3358 at -= s->attr_base;
3359
3360 switch (at) {
3361 case 0x00: /* Configuration Option Register */
3362 s->opt = value & 0xcf;
3363 if (value & OPT_SRESET)
3364 md_reset(s);
3365 md_interrupt_update(s);
3366 break;
3367 case 0x02: /* Card Configuration Status Register */
3368 if ((s->stat ^ value) & STAT_PWRDWN)
3369 s->pins |= PINS_CRDY;
3370 s->stat &= 0x82;
3371 s->stat |= value & 0x74;
3372 md_interrupt_update(s);
3373 /* Word 170 in Identify Device must be equal to STAT_XE */
3374 break;
3375 case 0x04: /* Pin Replacement Register */
3376 s->pins &= PINS_CRDY;
3377 s->pins |= value & PINS_MRDY;
3378 break;
3379 case 0x06: /* Socket and Copy Register */
3380 break;
3381 default:
3382 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3383 }
3384 }
3385
3386 static uint16_t md_common_read(void *opaque, uint32_t at)
3387 {
3388 struct md_s *s = (struct md_s *) opaque;
3389 uint16_t ret;
3390 at -= s->io_base;
3391
3392 switch (s->opt & OPT_MODE) {
3393 case OPT_MODE_MMAP:
3394 if ((at & ~0x3ff) == 0x400)
3395 at = 0;
3396 break;
3397 case OPT_MODE_IOMAP16:
3398 at &= 0xf;
3399 break;
3400 case OPT_MODE_IOMAP1:
3401 if ((at & ~0xf) == 0x3f0)
3402 at -= 0x3e8;
3403 else if ((at & ~0xf) == 0x1f0)
3404 at -= 0x1f0;
3405 break;
3406 case OPT_MODE_IOMAP2:
3407 if ((at & ~0xf) == 0x370)
3408 at -= 0x368;
3409 else if ((at & ~0xf) == 0x170)
3410 at -= 0x170;
3411 }
3412
3413 switch (at) {
3414 case 0x0: /* Even RD Data */
3415 case 0x8:
3416 return ide_data_readw(s->ide, 0);
3417
3418 /* TODO: 8-bit accesses */
3419 if (s->cycle)
3420 ret = s->io >> 8;
3421 else {
3422 s->io = ide_data_readw(s->ide, 0);
3423 ret = s->io & 0xff;
3424 }
3425 s->cycle = !s->cycle;
3426 return ret;
3427 case 0x9: /* Odd RD Data */
3428 return s->io >> 8;
3429 case 0xd: /* Error */
3430 return ide_ioport_read(s->ide, 0x1);
3431 case 0xe: /* Alternate Status */
3432 if (s->ide->cur_drive->bs)
3433 return s->ide->cur_drive->status;
3434 else
3435 return 0;
3436 case 0xf: /* Device Address */
3437 return 0xc2 | ((~s->ide->select << 2) & 0x3c);
3438 default:
3439 return ide_ioport_read(s->ide, at);
3440 }
3441
3442 return 0;
3443 }
3444
3445 static void md_common_write(void *opaque, uint32_t at, uint16_t value)
3446 {
3447 struct md_s *s = (struct md_s *) opaque;
3448 at -= s->io_base;
3449
3450 switch (s->opt & OPT_MODE) {
3451 case OPT_MODE_MMAP:
3452 if ((at & ~0x3ff) == 0x400)
3453 at = 0;
3454 break;
3455 case OPT_MODE_IOMAP16:
3456 at &= 0xf;
3457 break;
3458 case OPT_MODE_IOMAP1:
3459 if ((at & ~0xf) == 0x3f0)
3460 at -= 0x3e8;
3461 else if ((at & ~0xf) == 0x1f0)
3462 at -= 0x1f0;
3463 break;
3464 case OPT_MODE_IOMAP2:
3465 if ((at & ~0xf) == 0x370)
3466 at -= 0x368;
3467 else if ((at & ~0xf) == 0x170)
3468 at -= 0x170;
3469 }
3470
3471 switch (at) {
3472 case 0x0: /* Even WR Data */
3473 case 0x8:
3474 ide_data_writew(s->ide, 0, value);
3475 break;
3476
3477 /* TODO: 8-bit accesses */
3478 if (s->cycle)
3479 ide_data_writew(s->ide, 0, s->io | (value << 8));
3480 else
3481 s->io = value & 0xff;
3482 s->cycle = !s->cycle;
3483 break;
3484 case 0x9:
3485 s->io = value & 0xff;
3486 s->cycle = !s->cycle;
3487 break;
3488 case 0xd: /* Features */
3489 ide_ioport_write(s->ide, 0x1, value);
3490 break;
3491 case 0xe: /* Device Control */
3492 s->ctrl = value;
3493 if (value & CTRL_SRST)
3494 md_reset(s);
3495 md_interrupt_update(s);
3496 break;
3497 default:
3498 if (s->stat & STAT_PWRDWN) {
3499 s->pins |= PINS_CRDY;
3500 s->stat &= ~STAT_PWRDWN;
3501 }
3502 ide_ioport_write(s->ide, at, value);
3503 }
3504 }
3505
3506 static void md_save(QEMUFile *f, void *opaque)
3507 {
3508 struct md_s *s = (struct md_s *) opaque;
3509 int i;
3510 uint8_t drive1_selected;
3511
3512 qemu_put_8s(f, &s->opt);
3513 qemu_put_8s(f, &s->stat);
3514 qemu_put_8s(f, &s->pins);
3515
3516 qemu_put_8s(f, &s->ctrl);
3517 qemu_put_be16s(f, &s->io);
3518 qemu_put_byte(f, s->cycle);
3519
3520 drive1_selected = (s->ide->cur_drive != s->ide);
3521 qemu_put_8s(f, &s->ide->cmd);
3522 qemu_put_8s(f, &drive1_selected);
3523
3524 for (i = 0; i < 2; i ++)
3525 ide_save(f, &s->ide[i]);
3526 }
3527
3528 static int md_load(QEMUFile *f, void *opaque, int version_id)
3529 {
3530 struct md_s *s = (struct md_s *) opaque;
3531 int i;
3532 uint8_t drive1_selected;
3533
3534 qemu_get_8s(f, &s->opt);
3535 qemu_get_8s(f, &s->stat);
3536 qemu_get_8s(f, &s->pins);
3537
3538 qemu_get_8s(f, &s->ctrl);
3539 qemu_get_be16s(f, &s->io);
3540 s->cycle = qemu_get_byte(f);
3541
3542 qemu_get_8s(f, &s->ide->cmd);
3543 qemu_get_8s(f, &drive1_selected);
3544 s->ide->cur_drive = &s->ide[(drive1_selected != 0)];
3545
3546 for (i = 0; i < 2; i ++)
3547 ide_load(f, &s->ide[i]);
3548
3549 return 0;
3550 }
3551
3552 static int md_iid = 0;
3553
3554 static const uint8_t dscm1xxxx_cis[0x14a] = {
3555 [0x000] = CISTPL_DEVICE, /* 5V Device Information */
3556 [0x002] = 0x03, /* Tuple length = 4 bytes */
3557 [0x004] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3558 [0x006] = 0x01, /* Size = 2K bytes */
3559 [0x008] = CISTPL_ENDMARK,
3560
3561 [0x00a] = CISTPL_DEVICE_OC, /* Additional Device Information */
3562 [0x00c] = 0x04, /* Tuple length = 4 byest */
3563 [0x00e] = 0x03, /* Conditions: Ext = 0, Vcc 3.3V, MWAIT = 1 */
3564 [0x010] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3565 [0x012] = 0x01, /* Size = 2K bytes */
3566 [0x014] = CISTPL_ENDMARK,
3567
3568 [0x016] = CISTPL_JEDEC_C, /* JEDEC ID */
3569 [0x018] = 0x02, /* Tuple length = 2 bytes */
3570 [0x01a] = 0xdf, /* PC Card ATA with no Vpp required */
3571 [0x01c] = 0x01,
3572
3573 [0x01e] = CISTPL_MANFID, /* Manufacture ID */
3574 [0x020] = 0x04, /* Tuple length = 4 bytes */
3575 [0x022] = 0xa4, /* TPLMID_MANF = 00a4 (IBM) */
3576 [0x024] = 0x00,
3577 [0x026] = 0x00, /* PLMID_CARD = 0000 */
3578 [0x028] = 0x00,
3579
3580 [0x02a] = CISTPL_VERS_1, /* Level 1 Version */
3581 [0x02c] = 0x12, /* Tuple length = 23 bytes */
3582 [0x02e] = 0x04, /* Major Version = JEIDA 4.2 / PCMCIA 2.1 */
3583 [0x030] = 0x01, /* Minor Version = 1 */
3584 [0x032] = 'I',
3585 [0x034] = 'B',
3586 [0x036] = 'M',
3587 [0x038] = 0x00,
3588 [0x03a] = 'm',
3589 [0x03c] = 'i',
3590 [0x03e] = 'c',
3591 [0x040] = 'r',
3592 [0x042] = 'o',
3593 [0x044] = 'd',
3594 [0x046] = 'r',
3595 [0x048] = 'i',
3596 [0x04a] = 'v',
3597 [0x04c] = 'e',
3598 [0x04e] = 0x00,
3599 [0x050] = CISTPL_ENDMARK,
3600
3601 [0x052] = CISTPL_FUNCID, /* Function ID */
3602 [0x054] = 0x02, /* Tuple length = 2 bytes */
3603 [0x056] = 0x04, /* TPLFID_FUNCTION = Fixed Disk */
3604 [0x058] = 0x01, /* TPLFID_SYSINIT: POST = 1, ROM = 0 */
3605
3606 [0x05a] = CISTPL_FUNCE, /* Function Extension */
3607 [0x05c] = 0x02, /* Tuple length = 2 bytes */
3608 [0x05e] = 0x01, /* TPLFE_TYPE = Disk Device Interface */
3609 [0x060] = 0x01, /* TPLFE_DATA = PC Card ATA Interface */
3610
3611 [0x062] = CISTPL_FUNCE, /* Function Extension */
3612 [0x064] = 0x03, /* Tuple length = 3 bytes */
3613 [0x066] = 0x02, /* TPLFE_TYPE = Basic PC Card ATA Interface */
3614 [0x068] = 0x08, /* TPLFE_DATA: Rotating, Unique, Single */
3615 [0x06a] = 0x0f, /* TPLFE_DATA: Sleep, Standby, Idle, Auto */
3616
3617 [0x06c] = CISTPL_CONFIG, /* Configuration */
3618 [0x06e] = 0x05, /* Tuple length = 5 bytes */
3619 [0x070] = 0x01, /* TPCC_RASZ = 2 bytes, TPCC_RMSZ = 1 byte */
3620 [0x072] = 0x07, /* TPCC_LAST = 7 */
3621 [0x074] = 0x00, /* TPCC_RADR = 0200 */
3622 [0x076] = 0x02,
3623 [0x078] = 0x0f, /* TPCC_RMSK = 200, 202, 204, 206 */
3624
3625 [0x07a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3626 [0x07c] = 0x0b, /* Tuple length = 11 bytes */
3627 [0x07e] = 0xc0, /* TPCE_INDX = Memory Mode, Default, Iface */
3628 [0x080] = 0xc0, /* TPCE_IF = Memory, no BVDs, no WP, READY */
3629 [0x082] = 0xa1, /* TPCE_FS = Vcc only, no I/O, Memory, Misc */
3630 [0x084] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3631 [0x086] = 0x55, /* NomV: 5.0 V */
3632 [0x088] = 0x4d, /* MinV: 4.5 V */
3633 [0x08a] = 0x5d, /* MaxV: 5.5 V */
3634 [0x08c] = 0x4e, /* Peakl: 450 mA */
3635 [0x08e] = 0x08, /* TPCE_MS = 1 window, 1 byte, Host address */
3636 [0x090] = 0x00, /* Window descriptor: Window length = 0 */
3637 [0x092] = 0x20, /* TPCE_MI: support power down mode, RW */
3638
3639 [0x094] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3640 [0x096] = 0x06, /* Tuple length = 6 bytes */
3641 [0x098] = 0x00, /* TPCE_INDX = Memory Mode, no Default */
3642 [0x09a] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3643 [0x09c] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3644 [0x09e] = 0xb5, /* NomV: 3.3 V */
3645 [0x0a0] = 0x1e,
3646 [0x0a2] = 0x3e, /* Peakl: 350 mA */
3647
3648 [0x0a4] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3649 [0x0a6] = 0x0d, /* Tuple length = 13 bytes */
3650 [0x0a8] = 0xc1, /* TPCE_INDX = I/O and Memory Mode, Default */
3651 [0x0aa] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3652 [0x0ac] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3653 [0x0ae] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3654 [0x0b0] = 0x55, /* NomV: 5.0 V */
3655 [0x0b2] = 0x4d, /* MinV: 4.5 V */
3656 [0x0b4] = 0x5d, /* MaxV: 5.5 V */
3657 [0x0b6] = 0x4e, /* Peakl: 450 mA */
3658 [0x0b8] = 0x64, /* TPCE_IO = 16-byte boundary, 16/8 accesses */
3659 [0x0ba] = 0xf0, /* TPCE_IR = MASK, Level, Pulse, Share */
3660 [0x0bc] = 0xff, /* IRQ0..IRQ7 supported */
3661 [0x0be] = 0xff, /* IRQ8..IRQ15 supported */
3662 [0x0c0] = 0x20, /* TPCE_MI = support power down mode */
3663
3664 [0x0c2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3665 [0x0c4] = 0x06, /* Tuple length = 6 bytes */
3666 [0x0c6] = 0x01, /* TPCE_INDX = I/O and Memory Mode */
3667 [0x0c8] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3668 [0x0ca] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3669 [0x0cc] = 0xb5, /* NomV: 3.3 V */
3670 [0x0ce] = 0x1e,
3671 [0x0d0] = 0x3e, /* Peakl: 350 mA */
3672
3673 [0x0d2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3674 [0x0d4] = 0x12, /* Tuple length = 18 bytes */
3675 [0x0d6] = 0xc2, /* TPCE_INDX = I/O Primary Mode */
3676 [0x0d8] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3677 [0x0da] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3678 [0x0dc] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3679 [0x0de] = 0x55, /* NomV: 5.0 V */
3680 [0x0e0] = 0x4d, /* MinV: 4.5 V */
3681 [0x0e2] = 0x5d, /* MaxV: 5.5 V */
3682 [0x0e4] = 0x4e, /* Peakl: 450 mA */
3683 [0x0e6] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3684 [0x0e8] = 0x61, /* Range: 2 fields, 2 bytes addr, 1 byte len */
3685 [0x0ea] = 0xf0, /* Field 1 address = 0x01f0 */
3686 [0x0ec] = 0x01,
3687 [0x0ee] = 0x07, /* Address block length = 8 */
3688 [0x0f0] = 0xf6, /* Field 2 address = 0x03f6 */
3689 [0x0f2] = 0x03,
3690 [0x0f4] = 0x01, /* Address block length = 2 */
3691 [0x0f6] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3692 [0x0f8] = 0x20, /* TPCE_MI = support power down mode */
3693
3694 [0x0fa] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3695 [0x0fc] = 0x06, /* Tuple length = 6 bytes */
3696 [0x0fe] = 0x02, /* TPCE_INDX = I/O Primary Mode, no Default */
3697 [0x100] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3698 [0x102] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3699 [0x104] = 0xb5, /* NomV: 3.3 V */
3700 [0x106] = 0x1e,
3701 [0x108] = 0x3e, /* Peakl: 350 mA */
3702
3703 [0x10a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3704 [0x10c] = 0x12, /* Tuple length = 18 bytes */
3705 [0x10e] = 0xc3, /* TPCE_INDX = I/O Secondary Mode, Default */
3706 [0x110] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3707 [0x112] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3708 [0x114] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3709 [0x116] = 0x55, /* NomV: 5.0 V */
3710 [0x118] = 0x4d, /* MinV: 4.5 V */
3711 [0x11a] = 0x5d, /* MaxV: 5.5 V */
3712 [0x11c] = 0x4e, /* Peakl: 450 mA */
3713 [0x11e] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3714 [0x120] = 0x61, /* Range: 2 fields, 2 byte addr, 1 byte len */
3715 [0x122] = 0x70, /* Field 1 address = 0x0170 */
3716 [0x124] = 0x01,
3717 [0x126] = 0x07, /* Address block length = 8 */
3718 [0x128] = 0x76, /* Field 2 address = 0x0376 */
3719 [0x12a] = 0x03,
3720 [0x12c] = 0x01, /* Address block length = 2 */
3721 [0x12e] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3722 [0x130] = 0x20, /* TPCE_MI = support power down mode */
3723
3724 [0x132] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3725 [0x134] = 0x06, /* Tuple length = 6 bytes */
3726 [0x136] = 0x03, /* TPCE_INDX = I/O Secondary Mode */
3727 [0x138] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3728 [0x13a] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3729 [0x13c] = 0xb5, /* NomV: 3.3 V */
3730 [0x13e] = 0x1e,
3731 [0x140] = 0x3e, /* Peakl: 350 mA */
3732
3733 [0x142] = CISTPL_NO_LINK, /* No Link */
3734 [0x144] = 0x00, /* Tuple length = 0 bytes */
3735
3736 [0x146] = CISTPL_END, /* Tuple End */
3737 };
3738
3739 static int dscm1xxxx_attach(void *opaque)
3740 {
3741 struct md_s *md = (struct md_s *) opaque;
3742 md->card.attr_read = md_attr_read;
3743 md->card.attr_write = md_attr_write;
3744 md->card.common_read = md_common_read;
3745 md->card.common_write = md_common_write;
3746 md->card.io_read = md_common_read;
3747 md->card.io_write = md_common_write;
3748
3749 md->attr_base = md->card.cis[0x74] | (md->card.cis[0x76] << 8);
3750 md->io_base = 0x0;
3751
3752 md_reset(md);
3753 md_interrupt_update(md);
3754
3755 md->card.slot->card_string = "DSCM-1xxxx Hitachi Microdrive";
3756 return 0;
3757 }
3758
3759 static int dscm1xxxx_detach(void *opaque)
3760 {
3761 struct md_s *md = (struct md_s *) opaque;
3762 md_reset(md);
3763 return 0;
3764 }
3765
3766 struct pcmcia_card_s *dscm1xxxx_init(BlockDriverState *bdrv)
3767 {
3768 struct md_s *md = (struct md_s *) qemu_mallocz(sizeof(struct md_s));
3769 md->card.state = md;
3770 md->card.attach = dscm1xxxx_attach;
3771 md->card.detach = dscm1xxxx_detach;
3772 md->card.cis = dscm1xxxx_cis;
3773 md->card.cis_len = sizeof(dscm1xxxx_cis);
3774
3775 ide_init2(md->ide, bdrv, 0, qemu_allocate_irqs(md_set_irq, md, 1)[0]);
3776 md->ide->is_cf = 1;
3777 md->ide->mdata_size = METADATA_SIZE;
3778 md->ide->mdata_storage = (uint8_t *) qemu_mallocz(METADATA_SIZE);
3779
3780 register_savevm("microdrive", md_iid ++, 0, md_save, md_load, md);
3781
3782 return &md->card;
3783 }
Qemu copy for testing