]> git.proxmox.com Git - qemu.git/blob - hw/ide.c
projects / qemu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Fix bdrv_get_geometry to return uint64_t, by Andre Przywara.
[qemu.git] / hw / ide.c
1 /*
2 * QEMU IDE disk and CD-ROM Emulator
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
25 #include "hw.h"
26 #include "pc.h"
27 #include "pci.h"
28 #include "scsi-disk.h"
29 #include "pcmcia.h"
30 #include "block.h"
31 #include "qemu-timer.h"
32 #include "sysemu.h"
33 #include "ppc_mac.h"
34
35 /* debug IDE devices */
36 //#define DEBUG_IDE
37 //#define DEBUG_IDE_ATAPI
38 //#define DEBUG_AIO
39 #define USE_DMA_CDROM
40
41 /* Bits of HD_STATUS */
42 #define ERR_STAT 0x01
43 #define INDEX_STAT 0x02
44 #define ECC_STAT 0x04 /* Corrected error */
45 #define DRQ_STAT 0x08
46 #define SEEK_STAT 0x10
47 #define SRV_STAT 0x10
48 #define WRERR_STAT 0x20
49 #define READY_STAT 0x40
50 #define BUSY_STAT 0x80
51
52 /* Bits for HD_ERROR */
53 #define MARK_ERR 0x01 /* Bad address mark */
54 #define TRK0_ERR 0x02 /* couldn't find track 0 */
55 #define ABRT_ERR 0x04 /* Command aborted */
56 #define MCR_ERR 0x08 /* media change request */
57 #define ID_ERR 0x10 /* ID field not found */
58 #define MC_ERR 0x20 /* media changed */
59 #define ECC_ERR 0x40 /* Uncorrectable ECC error */
60 #define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
61 #define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
62
63 /* Bits of HD_NSECTOR */
64 #define CD 0x01
65 #define IO 0x02
66 #define REL 0x04
67 #define TAG_MASK 0xf8
68
69 #define IDE_CMD_RESET 0x04
70 #define IDE_CMD_DISABLE_IRQ 0x02
71
72 /* ATA/ATAPI Commands pre T13 Spec */
73 #define WIN_NOP 0x00
74 /*
75 * 0x01->0x02 Reserved
76 */
77 #define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
78 /*
79 * 0x04->0x07 Reserved
80 */
81 #define WIN_SRST 0x08 /* ATAPI soft reset command */
82 #define WIN_DEVICE_RESET 0x08
83 /*
84 * 0x09->0x0F Reserved
85 */
86 #define WIN_RECAL 0x10
87 #define WIN_RESTORE WIN_RECAL
88 /*
89 * 0x10->0x1F Reserved
90 */
91 #define WIN_READ 0x20 /* 28-Bit */
92 #define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
93 #define WIN_READ_LONG 0x22 /* 28-Bit */
94 #define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
95 #define WIN_READ_EXT 0x24 /* 48-Bit */
96 #define WIN_READDMA_EXT 0x25 /* 48-Bit */
97 #define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
98 #define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
99 /*
100 * 0x28
101 */
102 #define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
103 /*
104 * 0x2A->0x2F Reserved
105 */
106 #define WIN_WRITE 0x30 /* 28-Bit */
107 #define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
108 #define WIN_WRITE_LONG 0x32 /* 28-Bit */
109 #define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
110 #define WIN_WRITE_EXT 0x34 /* 48-Bit */
111 #define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
112 #define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
113 #define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
114 #define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
115 #define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
116 /*
117 * 0x3A->0x3B Reserved
118 */
119 #define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
120 /*
121 * 0x3D->0x3F Reserved
122 */
123 #define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
124 #define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
125 #define WIN_VERIFY_EXT 0x42 /* 48-Bit */
126 /*
127 * 0x43->0x4F Reserved
128 */
129 #define WIN_FORMAT 0x50
130 /*
131 * 0x51->0x5F Reserved
132 */
133 #define WIN_INIT 0x60
134 /*
135 * 0x61->0x5F Reserved
136 */
137 #define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
138 #define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
139 #define WIN_DIAGNOSE 0x90
140 #define WIN_SPECIFY 0x91 /* set drive geometry translation */
141 #define WIN_DOWNLOAD_MICROCODE 0x92
142 #define WIN_STANDBYNOW2 0x94
143 #define CFA_IDLEIMMEDIATE 0x95 /* force drive to become "ready" */
144 #define WIN_STANDBY2 0x96
145 #define WIN_SETIDLE2 0x97
146 #define WIN_CHECKPOWERMODE2 0x98
147 #define WIN_SLEEPNOW2 0x99
148 /*
149 * 0x9A VENDOR
150 */
151 #define WIN_PACKETCMD 0xA0 /* Send a packet command. */
152 #define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
153 #define WIN_QUEUED_SERVICE 0xA2
154 #define WIN_SMART 0xB0 /* self-monitoring and reporting */
155 #define CFA_ACCESS_METADATA_STORAGE 0xB8
156 #define CFA_ERASE_SECTORS 0xC0 /* microdrives implement as NOP */
157 #define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
158 #define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
159 #define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
160 #define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
161 #define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
162 #define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
163 #define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
164 #define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
165 #define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
166 #define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
167 #define WIN_GETMEDIASTATUS 0xDA
168 #define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
169 #define WIN_POSTBOOT 0xDC
170 #define WIN_PREBOOT 0xDD
171 #define WIN_DOORLOCK 0xDE /* lock door on removable drives */
172 #define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
173 #define WIN_STANDBYNOW1 0xE0
174 #define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
175 #define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
176 #define WIN_SETIDLE1 0xE3
177 #define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
178 #define WIN_CHECKPOWERMODE1 0xE5
179 #define WIN_SLEEPNOW1 0xE6
180 #define WIN_FLUSH_CACHE 0xE7
181 #define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
182 #define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
183 /* SET_FEATURES 0x22 or 0xDD */
184 #define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
185 #define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
186 #define WIN_MEDIAEJECT 0xED
187 #define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
188 #define WIN_SETFEATURES 0xEF /* set special drive features */
189 #define EXABYTE_ENABLE_NEST 0xF0
190 #define IBM_SENSE_CONDITION 0xF0 /* measure disk temperature */
191 #define WIN_SECURITY_SET_PASS 0xF1
192 #define WIN_SECURITY_UNLOCK 0xF2
193 #define WIN_SECURITY_ERASE_PREPARE 0xF3
194 #define WIN_SECURITY_ERASE_UNIT 0xF4
195 #define WIN_SECURITY_FREEZE_LOCK 0xF5
196 #define CFA_WEAR_LEVEL 0xF5 /* microdrives implement as NOP */
197 #define WIN_SECURITY_DISABLE 0xF6
198 #define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
199 #define WIN_SET_MAX 0xF9
200 #define DISABLE_SEAGATE 0xFB
201
202 /* set to 1 set disable mult support */
203 #define MAX_MULT_SECTORS 16
204
205 /* ATAPI defines */
206
207 #define ATAPI_PACKET_SIZE 12
208
209 /* The generic packet command opcodes for CD/DVD Logical Units,
210 * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
211 #define GPCMD_BLANK 0xa1
212 #define GPCMD_CLOSE_TRACK 0x5b
213 #define GPCMD_FLUSH_CACHE 0x35
214 #define GPCMD_FORMAT_UNIT 0x04
215 #define GPCMD_GET_CONFIGURATION 0x46
216 #define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
217 #define GPCMD_GET_PERFORMANCE 0xac
218 #define GPCMD_INQUIRY 0x12
219 #define GPCMD_LOAD_UNLOAD 0xa6
220 #define GPCMD_MECHANISM_STATUS 0xbd
221 #define GPCMD_MODE_SELECT_10 0x55
222 #define GPCMD_MODE_SENSE_10 0x5a
223 #define GPCMD_PAUSE_RESUME 0x4b
224 #define GPCMD_PLAY_AUDIO_10 0x45
225 #define GPCMD_PLAY_AUDIO_MSF 0x47
226 #define GPCMD_PLAY_AUDIO_TI 0x48
227 #define GPCMD_PLAY_CD 0xbc
228 #define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
229 #define GPCMD_READ_10 0x28
230 #define GPCMD_READ_12 0xa8
231 #define GPCMD_READ_CDVD_CAPACITY 0x25
232 #define GPCMD_READ_CD 0xbe
233 #define GPCMD_READ_CD_MSF 0xb9
234 #define GPCMD_READ_DISC_INFO 0x51
235 #define GPCMD_READ_DVD_STRUCTURE 0xad
236 #define GPCMD_READ_FORMAT_CAPACITIES 0x23
237 #define GPCMD_READ_HEADER 0x44
238 #define GPCMD_READ_TRACK_RZONE_INFO 0x52
239 #define GPCMD_READ_SUBCHANNEL 0x42
240 #define GPCMD_READ_TOC_PMA_ATIP 0x43
241 #define GPCMD_REPAIR_RZONE_TRACK 0x58
242 #define GPCMD_REPORT_KEY 0xa4
243 #define GPCMD_REQUEST_SENSE 0x03
244 #define GPCMD_RESERVE_RZONE_TRACK 0x53
245 #define GPCMD_SCAN 0xba
246 #define GPCMD_SEEK 0x2b
247 #define GPCMD_SEND_DVD_STRUCTURE 0xad
248 #define GPCMD_SEND_EVENT 0xa2
249 #define GPCMD_SEND_KEY 0xa3
250 #define GPCMD_SEND_OPC 0x54
251 #define GPCMD_SET_READ_AHEAD 0xa7
252 #define GPCMD_SET_STREAMING 0xb6
253 #define GPCMD_START_STOP_UNIT 0x1b
254 #define GPCMD_STOP_PLAY_SCAN 0x4e
255 #define GPCMD_TEST_UNIT_READY 0x00
256 #define GPCMD_VERIFY_10 0x2f
257 #define GPCMD_WRITE_10 0x2a
258 #define GPCMD_WRITE_AND_VERIFY_10 0x2e
259 /* This is listed as optional in ATAPI 2.6, but is (curiously)
260 * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
261 * Table 377 as an MMC command for SCSi devices though... Most ATAPI
262 * drives support it. */
263 #define GPCMD_SET_SPEED 0xbb
264 /* This seems to be a SCSI specific CD-ROM opcode
265 * to play data at track/index */
266 #define GPCMD_PLAYAUDIO_TI 0x48
267 /*
268 * From MS Media Status Notification Support Specification. For
269 * older drives only.
270 */
271 #define GPCMD_GET_MEDIA_STATUS 0xda
272 #define GPCMD_MODE_SENSE_6 0x1a
273
274 /* Mode page codes for mode sense/set */
275 #define GPMODE_R_W_ERROR_PAGE 0x01
276 #define GPMODE_WRITE_PARMS_PAGE 0x05
277 #define GPMODE_AUDIO_CTL_PAGE 0x0e
278 #define GPMODE_POWER_PAGE 0x1a
279 #define GPMODE_FAULT_FAIL_PAGE 0x1c
280 #define GPMODE_TO_PROTECT_PAGE 0x1d
281 #define GPMODE_CAPABILITIES_PAGE 0x2a
282 #define GPMODE_ALL_PAGES 0x3f
283 /* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
284 * of MODE_SENSE_POWER_PAGE */
285 #define GPMODE_CDROM_PAGE 0x0d
286
287 #define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
288 #define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
289 #define ATAPI_INT_REASON_REL 0x04
290 #define ATAPI_INT_REASON_TAG 0xf8
291
292 /* same constants as bochs */
293 #define ASC_ILLEGAL_OPCODE 0x20
294 #define ASC_LOGICAL_BLOCK_OOR 0x21
295 #define ASC_INV_FIELD_IN_CMD_PACKET 0x24
296 #define ASC_MEDIUM_NOT_PRESENT 0x3a
297 #define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
298
299 #define CFA_NO_ERROR 0x00
300 #define CFA_MISC_ERROR 0x09
301 #define CFA_INVALID_COMMAND 0x20
302 #define CFA_INVALID_ADDRESS 0x21
303 #define CFA_ADDRESS_OVERFLOW 0x2f
304
305 #define SENSE_NONE 0
306 #define SENSE_NOT_READY 2
307 #define SENSE_ILLEGAL_REQUEST 5
308 #define SENSE_UNIT_ATTENTION 6
309
310 struct IDEState;
311
312 typedef void EndTransferFunc(struct IDEState *);
313
314 /* NOTE: IDEState represents in fact one drive */
315 typedef struct IDEState {
316 /* ide config */
317 int is_cdrom;
318 int is_cf;
319 int cylinders, heads, sectors;
320 int64_t nb_sectors;
321 int mult_sectors;
322 int identify_set;
323 uint16_t identify_data[256];
324 qemu_irq irq;
325 PCIDevice *pci_dev;
326 struct BMDMAState *bmdma;
327 int drive_serial;
328 /* ide regs */
329 uint8_t feature;
330 uint8_t error;
331 uint32_t nsector;
332 uint8_t sector;
333 uint8_t lcyl;
334 uint8_t hcyl;
335 /* other part of tf for lba48 support */
336 uint8_t hob_feature;
337 uint8_t hob_nsector;
338 uint8_t hob_sector;
339 uint8_t hob_lcyl;
340 uint8_t hob_hcyl;
341
342 uint8_t select;
343 uint8_t status;
344
345 /* 0x3f6 command, only meaningful for drive 0 */
346 uint8_t cmd;
347 /* set for lba48 access */
348 uint8_t lba48;
349 /* depends on bit 4 in select, only meaningful for drive 0 */
350 struct IDEState *cur_drive;
351 BlockDriverState *bs;
352 /* ATAPI specific */
353 uint8_t sense_key;
354 uint8_t asc;
355 int packet_transfer_size;
356 int elementary_transfer_size;
357 int io_buffer_index;
358 int lba;
359 int cd_sector_size;
360 int atapi_dma; /* true if dma is requested for the packet cmd */
361 /* ATA DMA state */
362 int io_buffer_size;
363 /* PIO transfer handling */
364 int req_nb_sectors; /* number of sectors per interrupt */
365 EndTransferFunc *end_transfer_func;
366 uint8_t *data_ptr;
367 uint8_t *data_end;
368 uint8_t io_buffer[MAX_MULT_SECTORS*512 + 4];
369 QEMUTimer *sector_write_timer; /* only used for win2k install hack */
370 uint32_t irq_count; /* counts IRQs when using win2k install hack */
371 /* CF-ATA extended error */
372 uint8_t ext_error;
373 /* CF-ATA metadata storage */
374 uint32_t mdata_size;
375 uint8_t *mdata_storage;
376 int media_changed;
377 } IDEState;
378
379 #define BM_STATUS_DMAING 0x01
380 #define BM_STATUS_ERROR 0x02
381 #define BM_STATUS_INT 0x04
382
383 #define BM_CMD_START 0x01
384 #define BM_CMD_READ 0x08
385
386 #define IDE_TYPE_PIIX3 0
387 #define IDE_TYPE_CMD646 1
388 #define IDE_TYPE_PIIX4 2
389
390 /* CMD646 specific */
391 #define MRDMODE 0x71
392 #define MRDMODE_INTR_CH0 0x04
393 #define MRDMODE_INTR_CH1 0x08
394 #define MRDMODE_BLK_CH0 0x10
395 #define MRDMODE_BLK_CH1 0x20
396 #define UDIDETCR0 0x73
397 #define UDIDETCR1 0x7B
398
399 typedef struct BMDMAState {
400 uint8_t cmd;
401 uint8_t status;
402 uint32_t addr;
403
404 struct PCIIDEState *pci_dev;
405 /* current transfer state */
406 uint32_t cur_addr;
407 uint32_t cur_prd_last;
408 uint32_t cur_prd_addr;
409 uint32_t cur_prd_len;
410 IDEState *ide_if;
411 BlockDriverCompletionFunc *dma_cb;
412 BlockDriverAIOCB *aiocb;
413 } BMDMAState;
414
415 typedef struct PCIIDEState {
416 PCIDevice dev;
417 IDEState ide_if[4];
418 BMDMAState bmdma[2];
419 int type; /* see IDE_TYPE_xxx */
420 } PCIIDEState;
421
422 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb);
423 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
424
425 static void padstr(char *str, const char *src, int len)
426 {
427 int i, v;
428 for(i = 0; i < len; i++) {
429 if (*src)
430 v = *src++;
431 else
432 v = ' ';
433 *(char *)((long)str ^ 1) = v;
434 str++;
435 }
436 }
437
438 static void padstr8(uint8_t *buf, int buf_size, const char *src)
439 {
440 int i;
441 for(i = 0; i < buf_size; i++) {
442 if (*src)
443 buf[i] = *src++;
444 else
445 buf[i] = ' ';
446 }
447 }
448
449 static void put_le16(uint16_t *p, unsigned int v)
450 {
451 *p = cpu_to_le16(v);
452 }
453
454 static void ide_identify(IDEState *s)
455 {
456 uint16_t *p;
457 unsigned int oldsize;
458 char buf[20];
459
460 if (s->identify_set) {
461 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
462 return;
463 }
464
465 memset(s->io_buffer, 0, 512);
466 p = (uint16_t *)s->io_buffer;
467 put_le16(p + 0, 0x0040);
468 put_le16(p + 1, s->cylinders);
469 put_le16(p + 3, s->heads);
470 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
471 put_le16(p + 5, 512); /* XXX: retired, remove ? */
472 put_le16(p + 6, s->sectors);
473 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
474 padstr((char *)(p + 10), buf, 20); /* serial number */
475 put_le16(p + 20, 3); /* XXX: retired, remove ? */
476 put_le16(p + 21, 512); /* cache size in sectors */
477 put_le16(p + 22, 4); /* ecc bytes */
478 padstr((char *)(p + 23), QEMU_VERSION, 8); /* firmware version */
479 padstr((char *)(p + 27), "QEMU HARDDISK", 40); /* model */
480 #if MAX_MULT_SECTORS > 1
481 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
482 #endif
483 put_le16(p + 48, 1); /* dword I/O */
484 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
485 put_le16(p + 51, 0x200); /* PIO transfer cycle */
486 put_le16(p + 52, 0x200); /* DMA transfer cycle */
487 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
488 put_le16(p + 54, s->cylinders);
489 put_le16(p + 55, s->heads);
490 put_le16(p + 56, s->sectors);
491 oldsize = s->cylinders * s->heads * s->sectors;
492 put_le16(p + 57, oldsize);
493 put_le16(p + 58, oldsize >> 16);
494 if (s->mult_sectors)
495 put_le16(p + 59, 0x100 | s->mult_sectors);
496 put_le16(p + 60, s->nb_sectors);
497 put_le16(p + 61, s->nb_sectors >> 16);
498 put_le16(p + 63, 0x07); /* mdma0-2 supported */
499 put_le16(p + 65, 120);
500 put_le16(p + 66, 120);
501 put_le16(p + 67, 120);
502 put_le16(p + 68, 120);
503 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
504 put_le16(p + 81, 0x16); /* conforms to ata5 */
505 put_le16(p + 82, (1 << 14));
506 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
507 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
508 put_le16(p + 84, (1 << 14));
509 put_le16(p + 85, (1 << 14));
510 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
511 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
512 put_le16(p + 87, (1 << 14));
513 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
514 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
515 put_le16(p + 100, s->nb_sectors);
516 put_le16(p + 101, s->nb_sectors >> 16);
517 put_le16(p + 102, s->nb_sectors >> 32);
518 put_le16(p + 103, s->nb_sectors >> 48);
519
520 memcpy(s->identify_data, p, sizeof(s->identify_data));
521 s->identify_set = 1;
522 }
523
524 static void ide_atapi_identify(IDEState *s)
525 {
526 uint16_t *p;
527 char buf[20];
528
529 if (s->identify_set) {
530 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
531 return;
532 }
533
534 memset(s->io_buffer, 0, 512);
535 p = (uint16_t *)s->io_buffer;
536 /* Removable CDROM, 50us response, 12 byte packets */
537 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
538 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
539 padstr((char *)(p + 10), buf, 20); /* serial number */
540 put_le16(p + 20, 3); /* buffer type */
541 put_le16(p + 21, 512); /* cache size in sectors */
542 put_le16(p + 22, 4); /* ecc bytes */
543 padstr((char *)(p + 23), QEMU_VERSION, 8); /* firmware version */
544 padstr((char *)(p + 27), "QEMU CD-ROM", 40); /* model */
545 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
546 #ifdef USE_DMA_CDROM
547 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
548 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
549 put_le16(p + 63, 7); /* mdma0-2 supported */
550 put_le16(p + 64, 0x3f); /* PIO modes supported */
551 #else
552 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
553 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
554 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
555 put_le16(p + 64, 1); /* PIO modes */
556 #endif
557 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
558 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
559 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
560 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
561
562 put_le16(p + 71, 30); /* in ns */
563 put_le16(p + 72, 30); /* in ns */
564
565 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
566 #ifdef USE_DMA_CDROM
567 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
568 #endif
569 memcpy(s->identify_data, p, sizeof(s->identify_data));
570 s->identify_set = 1;
571 }
572
573 static void ide_cfata_identify(IDEState *s)
574 {
575 uint16_t *p;
576 uint32_t cur_sec;
577 char buf[20];
578
579 p = (uint16_t *) s->identify_data;
580 if (s->identify_set)
581 goto fill_buffer;
582
583 memset(p, 0, sizeof(s->identify_data));
584
585 cur_sec = s->cylinders * s->heads * s->sectors;
586
587 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
588 put_le16(p + 1, s->cylinders); /* Default cylinders */
589 put_le16(p + 3, s->heads); /* Default heads */
590 put_le16(p + 6, s->sectors); /* Default sectors per track */
591 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
592 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
593 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
594 padstr((char *)(p + 10), buf, 20); /* Serial number in ASCII */
595 put_le16(p + 22, 0x0004); /* ECC bytes */
596 padstr((char *) (p + 23), QEMU_VERSION, 8); /* Firmware Revision */
597 padstr((char *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */
598 #if MAX_MULT_SECTORS > 1
599 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
600 #else
601 put_le16(p + 47, 0x0000);
602 #endif
603 put_le16(p + 49, 0x0f00); /* Capabilities */
604 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
605 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
606 put_le16(p + 53, 0x0003); /* Translation params valid */
607 put_le16(p + 54, s->cylinders); /* Current cylinders */
608 put_le16(p + 55, s->heads); /* Current heads */
609 put_le16(p + 56, s->sectors); /* Current sectors */
610 put_le16(p + 57, cur_sec); /* Current capacity */
611 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
612 if (s->mult_sectors) /* Multiple sector setting */
613 put_le16(p + 59, 0x100 | s->mult_sectors);
614 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
615 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
616 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
617 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
618 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
619 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
620 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
621 put_le16(p + 82, 0x400c); /* Command Set supported */
622 put_le16(p + 83, 0x7068); /* Command Set supported */
623 put_le16(p + 84, 0x4000); /* Features supported */
624 put_le16(p + 85, 0x000c); /* Command Set enabled */
625 put_le16(p + 86, 0x7044); /* Command Set enabled */
626 put_le16(p + 87, 0x4000); /* Features enabled */
627 put_le16(p + 91, 0x4060); /* Current APM level */
628 put_le16(p + 129, 0x0002); /* Current features option */
629 put_le16(p + 130, 0x0005); /* Reassigned sectors */
630 put_le16(p + 131, 0x0001); /* Initial power mode */
631 put_le16(p + 132, 0x0000); /* User signature */
632 put_le16(p + 160, 0x8100); /* Power requirement */
633 put_le16(p + 161, 0x8001); /* CF command set */
634
635 s->identify_set = 1;
636
637 fill_buffer:
638 memcpy(s->io_buffer, p, sizeof(s->identify_data));
639 }
640
641 static void ide_set_signature(IDEState *s)
642 {
643 s->select &= 0xf0; /* clear head */
644 /* put signature */
645 s->nsector = 1;
646 s->sector = 1;
647 if (s->is_cdrom) {
648 s->lcyl = 0x14;
649 s->hcyl = 0xeb;
650 } else if (s->bs) {
651 s->lcyl = 0;
652 s->hcyl = 0;
653 } else {
654 s->lcyl = 0xff;
655 s->hcyl = 0xff;
656 }
657 }
658
659 static inline void ide_abort_command(IDEState *s)
660 {
661 s->status = READY_STAT | ERR_STAT;
662 s->error = ABRT_ERR;
663 }
664
665 static inline void ide_set_irq(IDEState *s)
666 {
667 BMDMAState *bm = s->bmdma;
668 if (!(s->cmd & IDE_CMD_DISABLE_IRQ)) {
669 if (bm) {
670 bm->status |= BM_STATUS_INT;
671 }
672 qemu_irq_raise(s->irq);
673 }
674 }
675
676 /* prepare data transfer and tell what to do after */
677 static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
678 EndTransferFunc *end_transfer_func)
679 {
680 s->end_transfer_func = end_transfer_func;
681 s->data_ptr = buf;
682 s->data_end = buf + size;
683 if (!(s->status & ERR_STAT))
684 s->status |= DRQ_STAT;
685 }
686
687 static void ide_transfer_stop(IDEState *s)
688 {
689 s->end_transfer_func = ide_transfer_stop;
690 s->data_ptr = s->io_buffer;
691 s->data_end = s->io_buffer;
692 s->status &= ~DRQ_STAT;
693 }
694
695 static int64_t ide_get_sector(IDEState *s)
696 {
697 int64_t sector_num;
698 if (s->select & 0x40) {
699 /* lba */
700 if (!s->lba48) {
701 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
702 (s->lcyl << 8) | s->sector;
703 } else {
704 sector_num = ((int64_t)s->hob_hcyl << 40) |
705 ((int64_t) s->hob_lcyl << 32) |
706 ((int64_t) s->hob_sector << 24) |
707 ((int64_t) s->hcyl << 16) |
708 ((int64_t) s->lcyl << 8) | s->sector;
709 }
710 } else {
711 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
712 (s->select & 0x0f) * s->sectors + (s->sector - 1);
713 }
714 return sector_num;
715 }
716
717 static void ide_set_sector(IDEState *s, int64_t sector_num)
718 {
719 unsigned int cyl, r;
720 if (s->select & 0x40) {
721 if (!s->lba48) {
722 s->select = (s->select & 0xf0) | (sector_num >> 24);
723 s->hcyl = (sector_num >> 16);
724 s->lcyl = (sector_num >> 8);
725 s->sector = (sector_num);
726 } else {
727 s->sector = sector_num;
728 s->lcyl = sector_num >> 8;
729 s->hcyl = sector_num >> 16;
730 s->hob_sector = sector_num >> 24;
731 s->hob_lcyl = sector_num >> 32;
732 s->hob_hcyl = sector_num >> 40;
733 }
734 } else {
735 cyl = sector_num / (s->heads * s->sectors);
736 r = sector_num % (s->heads * s->sectors);
737 s->hcyl = cyl >> 8;
738 s->lcyl = cyl;
739 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
740 s->sector = (r % s->sectors) + 1;
741 }
742 }
743
744 static void ide_sector_read(IDEState *s)
745 {
746 int64_t sector_num;
747 int ret, n;
748
749 s->status = READY_STAT | SEEK_STAT;
750 s->error = 0; /* not needed by IDE spec, but needed by Windows */
751 sector_num = ide_get_sector(s);
752 n = s->nsector;
753 if (n == 0) {
754 /* no more sector to read from disk */
755 ide_transfer_stop(s);
756 } else {
757 #if defined(DEBUG_IDE)
758 printf("read sector=%Ld\n", sector_num);
759 #endif
760 if (n > s->req_nb_sectors)
761 n = s->req_nb_sectors;
762 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
763 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
764 ide_set_irq(s);
765 ide_set_sector(s, sector_num + n);
766 s->nsector -= n;
767 }
768 }
769
770 /* return 0 if buffer completed */
771 static int dma_buf_rw(BMDMAState *bm, int is_write)
772 {
773 IDEState *s = bm->ide_if;
774 struct {
775 uint32_t addr;
776 uint32_t size;
777 } prd;
778 int l, len;
779
780 for(;;) {
781 l = s->io_buffer_size - s->io_buffer_index;
782 if (l <= 0)
783 break;
784 if (bm->cur_prd_len == 0) {
785 /* end of table (with a fail safe of one page) */
786 if (bm->cur_prd_last ||
787 (bm->cur_addr - bm->addr) >= 4096)
788 return 0;
789 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
790 bm->cur_addr += 8;
791 prd.addr = le32_to_cpu(prd.addr);
792 prd.size = le32_to_cpu(prd.size);
793 len = prd.size & 0xfffe;
794 if (len == 0)
795 len = 0x10000;
796 bm->cur_prd_len = len;
797 bm->cur_prd_addr = prd.addr;
798 bm->cur_prd_last = (prd.size & 0x80000000);
799 }
800 if (l > bm->cur_prd_len)
801 l = bm->cur_prd_len;
802 if (l > 0) {
803 if (is_write) {
804 cpu_physical_memory_write(bm->cur_prd_addr,
805 s->io_buffer + s->io_buffer_index, l);
806 } else {
807 cpu_physical_memory_read(bm->cur_prd_addr,
808 s->io_buffer + s->io_buffer_index, l);
809 }
810 bm->cur_prd_addr += l;
811 bm->cur_prd_len -= l;
812 s->io_buffer_index += l;
813 }
814 }
815 return 1;
816 }
817
818 /* XXX: handle errors */
819 static void ide_read_dma_cb(void *opaque, int ret)
820 {
821 BMDMAState *bm = opaque;
822 IDEState *s = bm->ide_if;
823 int n;
824 int64_t sector_num;
825
826 n = s->io_buffer_size >> 9;
827 sector_num = ide_get_sector(s);
828 if (n > 0) {
829 sector_num += n;
830 ide_set_sector(s, sector_num);
831 s->nsector -= n;
832 if (dma_buf_rw(bm, 1) == 0)
833 goto eot;
834 }
835
836 /* end of transfer ? */
837 if (s->nsector == 0) {
838 s->status = READY_STAT | SEEK_STAT;
839 ide_set_irq(s);
840 eot:
841 bm->status &= ~BM_STATUS_DMAING;
842 bm->status |= BM_STATUS_INT;
843 bm->dma_cb = NULL;
844 bm->ide_if = NULL;
845 bm->aiocb = NULL;
846 return;
847 }
848
849 /* launch next transfer */
850 n = s->nsector;
851 if (n > MAX_MULT_SECTORS)
852 n = MAX_MULT_SECTORS;
853 s->io_buffer_index = 0;
854 s->io_buffer_size = n * 512;
855 #ifdef DEBUG_AIO
856 printf("aio_read: sector_num=%lld n=%d\n", sector_num, n);
857 #endif
858 bm->aiocb = bdrv_aio_read(s->bs, sector_num, s->io_buffer, n,
859 ide_read_dma_cb, bm);
860 }
861
862 static void ide_sector_read_dma(IDEState *s)
863 {
864 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
865 s->io_buffer_index = 0;
866 s->io_buffer_size = 0;
867 ide_dma_start(s, ide_read_dma_cb);
868 }
869
870 static void ide_sector_write_timer_cb(void *opaque)
871 {
872 IDEState *s = opaque;
873 ide_set_irq(s);
874 }
875
876 static void ide_sector_write(IDEState *s)
877 {
878 int64_t sector_num;
879 int ret, n, n1;
880
881 s->status = READY_STAT | SEEK_STAT;
882 sector_num = ide_get_sector(s);
883 #if defined(DEBUG_IDE)
884 printf("write sector=%Ld\n", sector_num);
885 #endif
886 n = s->nsector;
887 if (n > s->req_nb_sectors)
888 n = s->req_nb_sectors;
889 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
890 s->nsector -= n;
891 if (s->nsector == 0) {
892 /* no more sectors to write */
893 ide_transfer_stop(s);
894 } else {
895 n1 = s->nsector;
896 if (n1 > s->req_nb_sectors)
897 n1 = s->req_nb_sectors;
898 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
899 }
900 ide_set_sector(s, sector_num + n);
901
902 #ifdef TARGET_I386
903 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
904 /* It seems there is a bug in the Windows 2000 installer HDD
905 IDE driver which fills the disk with empty logs when the
906 IDE write IRQ comes too early. This hack tries to correct
907 that at the expense of slower write performances. Use this
908 option _only_ to install Windows 2000. You must disable it
909 for normal use. */
910 qemu_mod_timer(s->sector_write_timer,
911 qemu_get_clock(vm_clock) + (ticks_per_sec / 1000));
912 } else
913 #endif
914 {
915 ide_set_irq(s);
916 }
917 }
918
919 /* XXX: handle errors */
920 static void ide_write_dma_cb(void *opaque, int ret)
921 {
922 BMDMAState *bm = opaque;
923 IDEState *s = bm->ide_if;
924 int n;
925 int64_t sector_num;
926
927 n = s->io_buffer_size >> 9;
928 sector_num = ide_get_sector(s);
929 if (n > 0) {
930 sector_num += n;
931 ide_set_sector(s, sector_num);
932 s->nsector -= n;
933 }
934
935 /* end of transfer ? */
936 if (s->nsector == 0) {
937 s->status = READY_STAT | SEEK_STAT;
938 ide_set_irq(s);
939 eot:
940 bm->status &= ~BM_STATUS_DMAING;
941 bm->status |= BM_STATUS_INT;
942 bm->dma_cb = NULL;
943 bm->ide_if = NULL;
944 bm->aiocb = NULL;
945 return;
946 }
947
948 /* launch next transfer */
949 n = s->nsector;
950 if (n > MAX_MULT_SECTORS)
951 n = MAX_MULT_SECTORS;
952 s->io_buffer_index = 0;
953 s->io_buffer_size = n * 512;
954
955 if (dma_buf_rw(bm, 0) == 0)
956 goto eot;
957 #ifdef DEBUG_AIO
958 printf("aio_write: sector_num=%lld n=%d\n", sector_num, n);
959 #endif
960 bm->aiocb = bdrv_aio_write(s->bs, sector_num, s->io_buffer, n,
961 ide_write_dma_cb, bm);
962 }
963
964 static void ide_sector_write_dma(IDEState *s)
965 {
966 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
967 s->io_buffer_index = 0;
968 s->io_buffer_size = 0;
969 ide_dma_start(s, ide_write_dma_cb);
970 }
971
972 static void ide_atapi_cmd_ok(IDEState *s)
973 {
974 s->error = 0;
975 s->status = READY_STAT;
976 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
977 ide_set_irq(s);
978 }
979
980 static void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
981 {
982 #ifdef DEBUG_IDE_ATAPI
983 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
984 #endif
985 s->error = sense_key << 4;
986 s->status = READY_STAT | ERR_STAT;
987 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
988 s->sense_key = sense_key;
989 s->asc = asc;
990 ide_set_irq(s);
991 }
992
993 static inline void cpu_to_ube16(uint8_t *buf, int val)
994 {
995 buf[0] = val >> 8;
996 buf[1] = val;
997 }
998
999 static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
1000 {
1001 buf[0] = val >> 24;
1002 buf[1] = val >> 16;
1003 buf[2] = val >> 8;
1004 buf[3] = val;
1005 }
1006
1007 static inline int ube16_to_cpu(const uint8_t *buf)
1008 {
1009 return (buf[0] << 8) | buf[1];
1010 }
1011
1012 static inline int ube32_to_cpu(const uint8_t *buf)
1013 {
1014 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
1015 }
1016
1017 static void lba_to_msf(uint8_t *buf, int lba)
1018 {
1019 lba += 150;
1020 buf[0] = (lba / 75) / 60;
1021 buf[1] = (lba / 75) % 60;
1022 buf[2] = lba % 75;
1023 }
1024
1025 static void cd_data_to_raw(uint8_t *buf, int lba)
1026 {
1027 /* sync bytes */
1028 buf[0] = 0x00;
1029 memset(buf + 1, 0xff, 10);
1030 buf[11] = 0x00;
1031 buf += 12;
1032 /* MSF */
1033 lba_to_msf(buf, lba);
1034 buf[3] = 0x01; /* mode 1 data */
1035 buf += 4;
1036 /* data */
1037 buf += 2048;
1038 /* XXX: ECC not computed */
1039 memset(buf, 0, 288);
1040 }
1041
1042 static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
1043 int sector_size)
1044 {
1045 int ret;
1046
1047 switch(sector_size) {
1048 case 2048:
1049 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
1050 break;
1051 case 2352:
1052 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
1053 if (ret < 0)
1054 return ret;
1055 cd_data_to_raw(buf, lba);
1056 break;
1057 default:
1058 ret = -EIO;
1059 break;
1060 }
1061 return ret;
1062 }
1063
1064 static void ide_atapi_io_error(IDEState *s, int ret)
1065 {
1066 /* XXX: handle more errors */
1067 if (ret == -ENOMEDIUM) {
1068 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1069 ASC_MEDIUM_NOT_PRESENT);
1070 } else {
1071 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1072 ASC_LOGICAL_BLOCK_OOR);
1073 }
1074 }
1075
1076 /* The whole ATAPI transfer logic is handled in this function */
1077 static void ide_atapi_cmd_reply_end(IDEState *s)
1078 {
1079 int byte_count_limit, size, ret;
1080 #ifdef DEBUG_IDE_ATAPI
1081 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
1082 s->packet_transfer_size,
1083 s->elementary_transfer_size,
1084 s->io_buffer_index);
1085 #endif
1086 if (s->packet_transfer_size <= 0) {
1087 /* end of transfer */
1088 ide_transfer_stop(s);
1089 s->status = READY_STAT;
1090 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1091 ide_set_irq(s);
1092 #ifdef DEBUG_IDE_ATAPI
1093 printf("status=0x%x\n", s->status);
1094 #endif
1095 } else {
1096 /* see if a new sector must be read */
1097 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
1098 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
1099 if (ret < 0) {
1100 ide_transfer_stop(s);
1101 ide_atapi_io_error(s, ret);
1102 return;
1103 }
1104 s->lba++;
1105 s->io_buffer_index = 0;
1106 }
1107 if (s->elementary_transfer_size > 0) {
1108 /* there are some data left to transmit in this elementary
1109 transfer */
1110 size = s->cd_sector_size - s->io_buffer_index;
1111 if (size > s->elementary_transfer_size)
1112 size = s->elementary_transfer_size;
1113 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1114 size, ide_atapi_cmd_reply_end);
1115 s->packet_transfer_size -= size;
1116 s->elementary_transfer_size -= size;
1117 s->io_buffer_index += size;
1118 } else {
1119 /* a new transfer is needed */
1120 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
1121 byte_count_limit = s->lcyl | (s->hcyl << 8);
1122 #ifdef DEBUG_IDE_ATAPI
1123 printf("byte_count_limit=%d\n", byte_count_limit);
1124 #endif
1125 if (byte_count_limit == 0xffff)
1126 byte_count_limit--;
1127 size = s->packet_transfer_size;
1128 if (size > byte_count_limit) {
1129 /* byte count limit must be even if this case */
1130 if (byte_count_limit & 1)
1131 byte_count_limit--;
1132 size = byte_count_limit;
1133 }
1134 s->lcyl = size;
1135 s->hcyl = size >> 8;
1136 s->elementary_transfer_size = size;
1137 /* we cannot transmit more than one sector at a time */
1138 if (s->lba != -1) {
1139 if (size > (s->cd_sector_size - s->io_buffer_index))
1140 size = (s->cd_sector_size - s->io_buffer_index);
1141 }
1142 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1143 size, ide_atapi_cmd_reply_end);
1144 s->packet_transfer_size -= size;
1145 s->elementary_transfer_size -= size;
1146 s->io_buffer_index += size;
1147 ide_set_irq(s);
1148 #ifdef DEBUG_IDE_ATAPI
1149 printf("status=0x%x\n", s->status);
1150 #endif
1151 }
1152 }
1153 }
1154
1155 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
1156 static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
1157 {
1158 if (size > max_size)
1159 size = max_size;
1160 s->lba = -1; /* no sector read */
1161 s->packet_transfer_size = size;
1162 s->io_buffer_size = size; /* dma: send the reply data as one chunk */
1163 s->elementary_transfer_size = 0;
1164 s->io_buffer_index = 0;
1165
1166 if (s->atapi_dma) {
1167 s->status = READY_STAT | DRQ_STAT;
1168 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1169 } else {
1170 s->status = READY_STAT;
1171 ide_atapi_cmd_reply_end(s);
1172 }
1173 }
1174
1175 /* start a CD-CDROM read command */
1176 static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
1177 int sector_size)
1178 {
1179 s->lba = lba;
1180 s->packet_transfer_size = nb_sectors * sector_size;
1181 s->elementary_transfer_size = 0;
1182 s->io_buffer_index = sector_size;
1183 s->cd_sector_size = sector_size;
1184
1185 s->status = READY_STAT;
1186 ide_atapi_cmd_reply_end(s);
1187 }
1188
1189 /* ATAPI DMA support */
1190
1191 /* XXX: handle read errors */
1192 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
1193 {
1194 BMDMAState *bm = opaque;
1195 IDEState *s = bm->ide_if;
1196 int data_offset, n;
1197
1198 if (ret < 0) {
1199 ide_atapi_io_error(s, ret);
1200 goto eot;
1201 }
1202
1203 if (s->io_buffer_size > 0) {
1204 /*
1205 * For a cdrom read sector command (s->lba != -1),
1206 * adjust the lba for the next s->io_buffer_size chunk
1207 * and dma the current chunk.
1208 * For a command != read (s->lba == -1), just transfer
1209 * the reply data.
1210 */
1211 if (s->lba != -1) {
1212 if (s->cd_sector_size == 2352) {
1213 n = 1;
1214 cd_data_to_raw(s->io_buffer, s->lba);
1215 } else {
1216 n = s->io_buffer_size >> 11;
1217 }
1218 s->lba += n;
1219 }
1220 s->packet_transfer_size -= s->io_buffer_size;
1221 if (dma_buf_rw(bm, 1) == 0)
1222 goto eot;
1223 }
1224
1225 if (s->packet_transfer_size <= 0) {
1226 s->status = READY_STAT;
1227 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1228 ide_set_irq(s);
1229 eot:
1230 bm->status &= ~BM_STATUS_DMAING;
1231 bm->status |= BM_STATUS_INT;
1232 bm->dma_cb = NULL;
1233 bm->ide_if = NULL;
1234 bm->aiocb = NULL;
1235 return;
1236 }
1237
1238 s->io_buffer_index = 0;
1239 if (s->cd_sector_size == 2352) {
1240 n = 1;
1241 s->io_buffer_size = s->cd_sector_size;
1242 data_offset = 16;
1243 } else {
1244 n = s->packet_transfer_size >> 11;
1245 if (n > (MAX_MULT_SECTORS / 4))
1246 n = (MAX_MULT_SECTORS / 4);
1247 s->io_buffer_size = n * 2048;
1248 data_offset = 0;
1249 }
1250 #ifdef DEBUG_AIO
1251 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
1252 #endif
1253 bm->aiocb = bdrv_aio_read(s->bs, (int64_t)s->lba << 2,
1254 s->io_buffer + data_offset, n * 4,
1255 ide_atapi_cmd_read_dma_cb, bm);
1256 if (!bm->aiocb) {
1257 /* Note: media not present is the most likely case */
1258 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1259 ASC_MEDIUM_NOT_PRESENT);
1260 goto eot;
1261 }
1262 }
1263
1264 /* start a CD-CDROM read command with DMA */
1265 /* XXX: test if DMA is available */
1266 static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1267 int sector_size)
1268 {
1269 s->lba = lba;
1270 s->packet_transfer_size = nb_sectors * sector_size;
1271 s->io_buffer_index = 0;
1272 s->io_buffer_size = 0;
1273 s->cd_sector_size = sector_size;
1274
1275 /* XXX: check if BUSY_STAT should be set */
1276 s->status = READY_STAT | DRQ_STAT | BUSY_STAT;
1277 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1278 }
1279
1280 static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
1281 int sector_size)
1282 {
1283 #ifdef DEBUG_IDE_ATAPI
1284 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
1285 lba, nb_sectors);
1286 #endif
1287 if (s->atapi_dma) {
1288 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1289 } else {
1290 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1291 }
1292 }
1293
1294 static void ide_atapi_cmd(IDEState *s)
1295 {
1296 const uint8_t *packet;
1297 uint8_t *buf;
1298 int max_len;
1299
1300 packet = s->io_buffer;
1301 buf = s->io_buffer;
1302 #ifdef DEBUG_IDE_ATAPI
1303 {
1304 int i;
1305 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1306 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1307 printf(" %02x", packet[i]);
1308 }
1309 printf("\n");
1310 }
1311 #endif
1312 switch(s->io_buffer[0]) {
1313 case GPCMD_TEST_UNIT_READY:
1314 if (bdrv_is_inserted(s->bs)) {
1315 ide_atapi_cmd_ok(s);
1316 } else {
1317 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1318 ASC_MEDIUM_NOT_PRESENT);
1319 }
1320 break;
1321 case GPCMD_MODE_SENSE_6:
1322 case GPCMD_MODE_SENSE_10:
1323 {
1324 int action, code;
1325 if (packet[0] == GPCMD_MODE_SENSE_10)
1326 max_len = ube16_to_cpu(packet + 7);
1327 else
1328 max_len = packet[4];
1329 action = packet[2] >> 6;
1330 code = packet[2] & 0x3f;
1331 switch(action) {
1332 case 0: /* current values */
1333 switch(code) {
1334 case 0x01: /* error recovery */
1335 cpu_to_ube16(&buf[0], 16 + 6);
1336 buf[2] = 0x70;
1337 buf[3] = 0;
1338 buf[4] = 0;
1339 buf[5] = 0;
1340 buf[6] = 0;
1341 buf[7] = 0;
1342
1343 buf[8] = 0x01;
1344 buf[9] = 0x06;
1345 buf[10] = 0x00;
1346 buf[11] = 0x05;
1347 buf[12] = 0x00;
1348 buf[13] = 0x00;
1349 buf[14] = 0x00;
1350 buf[15] = 0x00;
1351 ide_atapi_cmd_reply(s, 16, max_len);
1352 break;
1353 case 0x2a:
1354 cpu_to_ube16(&buf[0], 28 + 6);
1355 buf[2] = 0x70;
1356 buf[3] = 0;
1357 buf[4] = 0;
1358 buf[5] = 0;
1359 buf[6] = 0;
1360 buf[7] = 0;
1361
1362 buf[8] = 0x2a;
1363 buf[9] = 0x12;
1364 buf[10] = 0x00;
1365 buf[11] = 0x00;
1366
1367 buf[12] = 0x70;
1368 buf[13] = 3 << 5;
1369 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
1370 if (bdrv_is_locked(s->bs))
1371 buf[6] |= 1 << 1;
1372 buf[15] = 0x00;
1373 cpu_to_ube16(&buf[16], 706);
1374 buf[18] = 0;
1375 buf[19] = 2;
1376 cpu_to_ube16(&buf[20], 512);
1377 cpu_to_ube16(&buf[22], 706);
1378 buf[24] = 0;
1379 buf[25] = 0;
1380 buf[26] = 0;
1381 buf[27] = 0;
1382 ide_atapi_cmd_reply(s, 28, max_len);
1383 break;
1384 default:
1385 goto error_cmd;
1386 }
1387 break;
1388 case 1: /* changeable values */
1389 goto error_cmd;
1390 case 2: /* default values */
1391 goto error_cmd;
1392 default:
1393 case 3: /* saved values */
1394 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1395 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1396 break;
1397 }
1398 }
1399 break;
1400 case GPCMD_REQUEST_SENSE:
1401 max_len = packet[4];
1402 memset(buf, 0, 18);
1403 buf[0] = 0x70 | (1 << 7);
1404 buf[2] = s->sense_key;
1405 buf[7] = 10;
1406 buf[12] = s->asc;
1407 ide_atapi_cmd_reply(s, 18, max_len);
1408 break;
1409 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
1410 if (bdrv_is_inserted(s->bs)) {
1411 bdrv_set_locked(s->bs, packet[4] & 1);
1412 ide_atapi_cmd_ok(s);
1413 } else {
1414 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1415 ASC_MEDIUM_NOT_PRESENT);
1416 }
1417 break;
1418 case GPCMD_READ_10:
1419 case GPCMD_READ_12:
1420 {
1421 int nb_sectors, lba;
1422
1423 if (packet[0] == GPCMD_READ_10)
1424 nb_sectors = ube16_to_cpu(packet + 7);
1425 else
1426 nb_sectors = ube32_to_cpu(packet + 6);
1427 lba = ube32_to_cpu(packet + 2);
1428 if (nb_sectors == 0) {
1429 ide_atapi_cmd_ok(s);
1430 break;
1431 }
1432 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1433 }
1434 break;
1435 case GPCMD_READ_CD:
1436 {
1437 int nb_sectors, lba, transfer_request;
1438
1439 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1440 lba = ube32_to_cpu(packet + 2);
1441 if (nb_sectors == 0) {
1442 ide_atapi_cmd_ok(s);
1443 break;
1444 }
1445 transfer_request = packet[9];
1446 switch(transfer_request & 0xf8) {
1447 case 0x00:
1448 /* nothing */
1449 ide_atapi_cmd_ok(s);
1450 break;
1451 case 0x10:
1452 /* normal read */
1453 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1454 break;
1455 case 0xf8:
1456 /* read all data */
1457 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1458 break;
1459 default:
1460 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1461 ASC_INV_FIELD_IN_CMD_PACKET);
1462 break;
1463 }
1464 }
1465 break;
1466 case GPCMD_SEEK:
1467 {
1468 unsigned int lba;
1469 uint64_t total_sectors;
1470
1471 bdrv_get_geometry(s->bs, &total_sectors);
1472 total_sectors >>= 2;
1473 if (total_sectors == 0) {
1474 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1475 ASC_MEDIUM_NOT_PRESENT);
1476 break;
1477 }
1478 lba = ube32_to_cpu(packet + 2);
1479 if (lba >= total_sectors) {
1480 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1481 ASC_LOGICAL_BLOCK_OOR);
1482 break;
1483 }
1484 ide_atapi_cmd_ok(s);
1485 }
1486 break;
1487 case GPCMD_START_STOP_UNIT:
1488 {
1489 int start, eject;
1490 start = packet[4] & 1;
1491 eject = (packet[4] >> 1) & 1;
1492
1493 if (eject && !start) {
1494 /* eject the disk */
1495 bdrv_eject(s->bs, 1);
1496 } else if (eject && start) {
1497 /* close the tray */
1498 bdrv_eject(s->bs, 0);
1499 }
1500 ide_atapi_cmd_ok(s);
1501 }
1502 break;
1503 case GPCMD_MECHANISM_STATUS:
1504 {
1505 max_len = ube16_to_cpu(packet + 8);
1506 cpu_to_ube16(buf, 0);
1507 /* no current LBA */
1508 buf[2] = 0;
1509 buf[3] = 0;
1510 buf[4] = 0;
1511 buf[5] = 1;
1512 cpu_to_ube16(buf + 6, 0);
1513 ide_atapi_cmd_reply(s, 8, max_len);
1514 }
1515 break;
1516 case GPCMD_READ_TOC_PMA_ATIP:
1517 {
1518 int format, msf, start_track, len;
1519 uint64_t total_sectors;
1520
1521 bdrv_get_geometry(s->bs, &total_sectors);
1522 total_sectors >>= 2;
1523 if (total_sectors == 0) {
1524 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1525 ASC_MEDIUM_NOT_PRESENT);
1526 break;
1527 }
1528 max_len = ube16_to_cpu(packet + 7);
1529 format = packet[9] >> 6;
1530 msf = (packet[1] >> 1) & 1;
1531 start_track = packet[6];
1532 switch(format) {
1533 case 0:
1534 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
1535 if (len < 0)
1536 goto error_cmd;
1537 ide_atapi_cmd_reply(s, len, max_len);
1538 break;
1539 case 1:
1540 /* multi session : only a single session defined */
1541 memset(buf, 0, 12);
1542 buf[1] = 0x0a;
1543 buf[2] = 0x01;
1544 buf[3] = 0x01;
1545 ide_atapi_cmd_reply(s, 12, max_len);
1546 break;
1547 case 2:
1548 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
1549 if (len < 0)
1550 goto error_cmd;
1551 ide_atapi_cmd_reply(s, len, max_len);
1552 break;
1553 default:
1554 error_cmd:
1555 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1556 ASC_INV_FIELD_IN_CMD_PACKET);
1557 break;
1558 }
1559 }
1560 break;
1561 case GPCMD_READ_CDVD_CAPACITY:
1562 {
1563 uint64_t total_sectors;
1564
1565 bdrv_get_geometry(s->bs, &total_sectors);
1566 total_sectors >>= 2;
1567 if (total_sectors == 0) {
1568 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1569 ASC_MEDIUM_NOT_PRESENT);
1570 break;
1571 }
1572 /* NOTE: it is really the number of sectors minus 1 */
1573 cpu_to_ube32(buf, total_sectors - 1);
1574 cpu_to_ube32(buf + 4, 2048);
1575 ide_atapi_cmd_reply(s, 8, 8);
1576 }
1577 break;
1578 case GPCMD_READ_DVD_STRUCTURE:
1579 {
1580 int media = packet[1];
1581 int layer = packet[6];
1582 int format = packet[2];
1583 uint64_t total_sectors;
1584
1585 if (media != 0 || layer != 0)
1586 {
1587 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1588 ASC_INV_FIELD_IN_CMD_PACKET);
1589 }
1590
1591 switch (format) {
1592 case 0:
1593 bdrv_get_geometry(s->bs, &total_sectors);
1594 total_sectors >>= 2;
1595 if (total_sectors == 0) {
1596 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1597 ASC_MEDIUM_NOT_PRESENT);
1598 break;
1599 }
1600
1601 memset(buf, 0, 2052);
1602
1603 buf[4] = 1; // DVD-ROM, part version 1
1604 buf[5] = 0xf; // 120mm disc, maximum rate unspecified
1605 buf[6] = 0; // one layer, embossed data
1606 buf[7] = 0;
1607
1608 cpu_to_ube32(buf + 8, 0);
1609 cpu_to_ube32(buf + 12, total_sectors - 1);
1610 cpu_to_ube32(buf + 16, total_sectors - 1);
1611
1612 cpu_to_be16wu((uint16_t *)buf, 2048 + 4);
1613
1614 ide_atapi_cmd_reply(s, 2048 + 3, 2048 + 4);
1615 break;
1616
1617 default:
1618 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1619 ASC_INV_FIELD_IN_CMD_PACKET);
1620 break;
1621 }
1622 }
1623 break;
1624 case GPCMD_SET_SPEED:
1625 ide_atapi_cmd_ok(s);
1626 break;
1627 case GPCMD_INQUIRY:
1628 max_len = packet[4];
1629 buf[0] = 0x05; /* CD-ROM */
1630 buf[1] = 0x80; /* removable */
1631 buf[2] = 0x00; /* ISO */
1632 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1633 buf[4] = 31; /* additional length */
1634 buf[5] = 0; /* reserved */
1635 buf[6] = 0; /* reserved */
1636 buf[7] = 0; /* reserved */
1637 padstr8(buf + 8, 8, "QEMU");
1638 padstr8(buf + 16, 16, "QEMU CD-ROM");
1639 padstr8(buf + 32, 4, QEMU_VERSION);
1640 ide_atapi_cmd_reply(s, 36, max_len);
1641 break;
1642 case GPCMD_GET_CONFIGURATION:
1643 {
1644 uint64_t total_sectors;
1645
1646 /* only feature 0 is supported */
1647 if (packet[2] != 0 || packet[3] != 0) {
1648 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1649 ASC_INV_FIELD_IN_CMD_PACKET);
1650 break;
1651 }
1652 memset(buf, 0, 32);
1653 bdrv_get_geometry(s->bs, &total_sectors);
1654 buf[3] = 16;
1655 buf[7] = total_sectors <= 1433600 ? 0x08 : 0x10; /* current profile */
1656 buf[10] = 0x10 | 0x1;
1657 buf[11] = 0x08; /* size of profile list */
1658 buf[13] = 0x10; /* DVD-ROM profile */
1659 buf[14] = buf[7] == 0x10; /* (in)active */
1660 buf[17] = 0x08; /* CD-ROM profile */
1661 buf[18] = buf[7] == 0x08; /* (in)active */
1662 ide_atapi_cmd_reply(s, 32, 32);
1663 break;
1664 }
1665 default:
1666 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1667 ASC_ILLEGAL_OPCODE);
1668 break;
1669 }
1670 }
1671
1672 static void ide_cfata_metadata_inquiry(IDEState *s)
1673 {
1674 uint16_t *p;
1675 uint32_t spd;
1676
1677 p = (uint16_t *) s->io_buffer;
1678 memset(p, 0, 0x200);
1679 spd = ((s->mdata_size - 1) >> 9) + 1;
1680
1681 put_le16(p + 0, 0x0001); /* Data format revision */
1682 put_le16(p + 1, 0x0000); /* Media property: silicon */
1683 put_le16(p + 2, s->media_changed); /* Media status */
1684 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
1685 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
1686 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
1687 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
1688 }
1689
1690 static void ide_cfata_metadata_read(IDEState *s)
1691 {
1692 uint16_t *p;
1693
1694 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1695 s->status = ERR_STAT;
1696 s->error = ABRT_ERR;
1697 return;
1698 }
1699
1700 p = (uint16_t *) s->io_buffer;
1701 memset(p, 0, 0x200);
1702
1703 put_le16(p + 0, s->media_changed); /* Media status */
1704 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1705 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1706 s->nsector << 9), 0x200 - 2));
1707 }
1708
1709 static void ide_cfata_metadata_write(IDEState *s)
1710 {
1711 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1712 s->status = ERR_STAT;
1713 s->error = ABRT_ERR;
1714 return;
1715 }
1716
1717 s->media_changed = 0;
1718
1719 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1720 s->io_buffer + 2,
1721 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1722 s->nsector << 9), 0x200 - 2));
1723 }
1724
1725 /* called when the inserted state of the media has changed */
1726 static void cdrom_change_cb(void *opaque)
1727 {
1728 IDEState *s = opaque;
1729 uint64_t nb_sectors;
1730
1731 /* XXX: send interrupt too */
1732 bdrv_get_geometry(s->bs, &nb_sectors);
1733 s->nb_sectors = nb_sectors;
1734 }
1735
1736 static void ide_cmd_lba48_transform(IDEState *s, int lba48)
1737 {
1738 s->lba48 = lba48;
1739
1740 /* handle the 'magic' 0 nsector count conversion here. to avoid
1741 * fiddling with the rest of the read logic, we just store the
1742 * full sector count in ->nsector and ignore ->hob_nsector from now
1743 */
1744 if (!s->lba48) {
1745 if (!s->nsector)
1746 s->nsector = 256;
1747 } else {
1748 if (!s->nsector && !s->hob_nsector)
1749 s->nsector = 65536;
1750 else {
1751 int lo = s->nsector;
1752 int hi = s->hob_nsector;
1753
1754 s->nsector = (hi << 8) | lo;
1755 }
1756 }
1757 }
1758
1759 static void ide_clear_hob(IDEState *ide_if)
1760 {
1761 /* any write clears HOB high bit of device control register */
1762 ide_if[0].select &= ~(1 << 7);
1763 ide_if[1].select &= ~(1 << 7);
1764 }
1765
1766 static void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
1767 {
1768 IDEState *ide_if = opaque;
1769 IDEState *s;
1770 int unit, n;
1771 int lba48 = 0;
1772
1773 #ifdef DEBUG_IDE
1774 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1775 #endif
1776
1777 addr &= 7;
1778 switch(addr) {
1779 case 0:
1780 break;
1781 case 1:
1782 ide_clear_hob(ide_if);
1783 /* NOTE: data is written to the two drives */
1784 ide_if[0].hob_feature = ide_if[0].feature;
1785 ide_if[1].hob_feature = ide_if[1].feature;
1786 ide_if[0].feature = val;
1787 ide_if[1].feature = val;
1788 break;
1789 case 2:
1790 ide_clear_hob(ide_if);
1791 ide_if[0].hob_nsector = ide_if[0].nsector;
1792 ide_if[1].hob_nsector = ide_if[1].nsector;
1793 ide_if[0].nsector = val;
1794 ide_if[1].nsector = val;
1795 break;
1796 case 3:
1797 ide_clear_hob(ide_if);
1798 ide_if[0].hob_sector = ide_if[0].sector;
1799 ide_if[1].hob_sector = ide_if[1].sector;
1800 ide_if[0].sector = val;
1801 ide_if[1].sector = val;
1802 break;
1803 case 4:
1804 ide_clear_hob(ide_if);
1805 ide_if[0].hob_lcyl = ide_if[0].lcyl;
1806 ide_if[1].hob_lcyl = ide_if[1].lcyl;
1807 ide_if[0].lcyl = val;
1808 ide_if[1].lcyl = val;
1809 break;
1810 case 5:
1811 ide_clear_hob(ide_if);
1812 ide_if[0].hob_hcyl = ide_if[0].hcyl;
1813 ide_if[1].hob_hcyl = ide_if[1].hcyl;
1814 ide_if[0].hcyl = val;
1815 ide_if[1].hcyl = val;
1816 break;
1817 case 6:
1818 /* FIXME: HOB readback uses bit 7 */
1819 ide_if[0].select = (val & ~0x10) | 0xa0;
1820 ide_if[1].select = (val | 0x10) | 0xa0;
1821 /* select drive */
1822 unit = (val >> 4) & 1;
1823 s = ide_if + unit;
1824 ide_if->cur_drive = s;
1825 break;
1826 default:
1827 case 7:
1828 /* command */
1829 #if defined(DEBUG_IDE)
1830 printf("ide: CMD=%02x\n", val);
1831 #endif
1832 s = ide_if->cur_drive;
1833 /* ignore commands to non existant slave */
1834 if (s != ide_if && !s->bs)
1835 break;
1836
1837 switch(val) {
1838 case WIN_IDENTIFY:
1839 if (s->bs && !s->is_cdrom) {
1840 if (!s->is_cf)
1841 ide_identify(s);
1842 else
1843 ide_cfata_identify(s);
1844 s->status = READY_STAT | SEEK_STAT;
1845 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1846 } else {
1847 if (s->is_cdrom) {
1848 ide_set_signature(s);
1849 }
1850 ide_abort_command(s);
1851 }
1852 ide_set_irq(s);
1853 break;
1854 case WIN_SPECIFY:
1855 case WIN_RECAL:
1856 s->error = 0;
1857 s->status = READY_STAT | SEEK_STAT;
1858 ide_set_irq(s);
1859 break;
1860 case WIN_SETMULT:
1861 if (s->is_cf && s->nsector == 0) {
1862 /* Disable Read and Write Multiple */
1863 s->mult_sectors = 0;
1864 s->status = READY_STAT;
1865 } else if ((s->nsector & 0xff) != 0 &&
1866 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
1867 (s->nsector & (s->nsector - 1)) != 0)) {
1868 ide_abort_command(s);
1869 } else {
1870 s->mult_sectors = s->nsector & 0xff;
1871 s->status = READY_STAT;
1872 }
1873 ide_set_irq(s);
1874 break;
1875 case WIN_VERIFY_EXT:
1876 lba48 = 1;
1877 case WIN_VERIFY:
1878 case WIN_VERIFY_ONCE:
1879 /* do sector number check ? */
1880 ide_cmd_lba48_transform(s, lba48);
1881 s->status = READY_STAT;
1882 ide_set_irq(s);
1883 break;
1884 case WIN_READ_EXT:
1885 lba48 = 1;
1886 case WIN_READ:
1887 case WIN_READ_ONCE:
1888 if (!s->bs)
1889 goto abort_cmd;
1890 ide_cmd_lba48_transform(s, lba48);
1891 s->req_nb_sectors = 1;
1892 ide_sector_read(s);
1893 break;
1894 case WIN_WRITE_EXT:
1895 lba48 = 1;
1896 case WIN_WRITE:
1897 case WIN_WRITE_ONCE:
1898 case CFA_WRITE_SECT_WO_ERASE:
1899 case WIN_WRITE_VERIFY:
1900 ide_cmd_lba48_transform(s, lba48);
1901 s->error = 0;
1902 s->status = SEEK_STAT | READY_STAT;
1903 s->req_nb_sectors = 1;
1904 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1905 s->media_changed = 1;
1906 break;
1907 case WIN_MULTREAD_EXT:
1908 lba48 = 1;
1909 case WIN_MULTREAD:
1910 if (!s->mult_sectors)
1911 goto abort_cmd;
1912 ide_cmd_lba48_transform(s, lba48);
1913 s->req_nb_sectors = s->mult_sectors;
1914 ide_sector_read(s);
1915 break;
1916 case WIN_MULTWRITE_EXT:
1917 lba48 = 1;
1918 case WIN_MULTWRITE:
1919 case CFA_WRITE_MULTI_WO_ERASE:
1920 if (!s->mult_sectors)
1921 goto abort_cmd;
1922 ide_cmd_lba48_transform(s, lba48);
1923 s->error = 0;
1924 s->status = SEEK_STAT | READY_STAT;
1925 s->req_nb_sectors = s->mult_sectors;
1926 n = s->nsector;
1927 if (n > s->req_nb_sectors)
1928 n = s->req_nb_sectors;
1929 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1930 s->media_changed = 1;
1931 break;
1932 case WIN_READDMA_EXT:
1933 lba48 = 1;
1934 case WIN_READDMA:
1935 case WIN_READDMA_ONCE:
1936 if (!s->bs)
1937 goto abort_cmd;
1938 ide_cmd_lba48_transform(s, lba48);
1939 ide_sector_read_dma(s);
1940 break;
1941 case WIN_WRITEDMA_EXT:
1942 lba48 = 1;
1943 case WIN_WRITEDMA:
1944 case WIN_WRITEDMA_ONCE:
1945 if (!s->bs)
1946 goto abort_cmd;
1947 ide_cmd_lba48_transform(s, lba48);
1948 ide_sector_write_dma(s);
1949 s->media_changed = 1;
1950 break;
1951 case WIN_READ_NATIVE_MAX_EXT:
1952 lba48 = 1;
1953 case WIN_READ_NATIVE_MAX:
1954 ide_cmd_lba48_transform(s, lba48);
1955 ide_set_sector(s, s->nb_sectors - 1);
1956 s->status = READY_STAT;
1957 ide_set_irq(s);
1958 break;
1959 case WIN_CHECKPOWERMODE1:
1960 case WIN_CHECKPOWERMODE2:
1961 s->nsector = 0xff; /* device active or idle */
1962 s->status = READY_STAT;
1963 ide_set_irq(s);
1964 break;
1965 case WIN_SETFEATURES:
1966 if (!s->bs)
1967 goto abort_cmd;
1968 /* XXX: valid for CDROM ? */
1969 switch(s->feature) {
1970 case 0xcc: /* reverting to power-on defaults enable */
1971 case 0x66: /* reverting to power-on defaults disable */
1972 case 0x02: /* write cache enable */
1973 case 0x82: /* write cache disable */
1974 case 0xaa: /* read look-ahead enable */
1975 case 0x55: /* read look-ahead disable */
1976 case 0x05: /* set advanced power management mode */
1977 case 0x85: /* disable advanced power management mode */
1978 case 0x69: /* NOP */
1979 case 0x67: /* NOP */
1980 case 0x96: /* NOP */
1981 case 0x9a: /* NOP */
1982 case 0x42: /* enable Automatic Acoustic Mode */
1983 case 0xc2: /* disable Automatic Acoustic Mode */
1984 s->status = READY_STAT | SEEK_STAT;
1985 ide_set_irq(s);
1986 break;
1987 case 0x03: { /* set transfer mode */
1988 uint8_t val = s->nsector & 0x07;
1989
1990 switch (s->nsector >> 3) {
1991 case 0x00: /* pio default */
1992 case 0x01: /* pio mode */
1993 put_le16(s->identify_data + 63,0x07);
1994 put_le16(s->identify_data + 88,0x3f);
1995 break;
1996 case 0x04: /* mdma mode */
1997 put_le16(s->identify_data + 63,0x07 | (1 << (val + 8)));
1998 put_le16(s->identify_data + 88,0x3f);
1999 break;
2000 case 0x08: /* udma mode */
2001 put_le16(s->identify_data + 63,0x07);
2002 put_le16(s->identify_data + 88,0x3f | (1 << (val + 8)));
2003 break;
2004 default:
2005 goto abort_cmd;
2006 }
2007 s->status = READY_STAT | SEEK_STAT;
2008 ide_set_irq(s);
2009 break;
2010 }
2011 default:
2012 goto abort_cmd;
2013 }
2014 break;
2015 case WIN_FLUSH_CACHE:
2016 case WIN_FLUSH_CACHE_EXT:
2017 if (s->bs)
2018 bdrv_flush(s->bs);
2019 s->status = READY_STAT;
2020 ide_set_irq(s);
2021 break;
2022 case WIN_STANDBY:
2023 case WIN_STANDBY2:
2024 case WIN_STANDBYNOW1:
2025 case WIN_STANDBYNOW2:
2026 case WIN_IDLEIMMEDIATE:
2027 case CFA_IDLEIMMEDIATE:
2028 case WIN_SETIDLE1:
2029 case WIN_SETIDLE2:
2030 case WIN_SLEEPNOW1:
2031 case WIN_SLEEPNOW2:
2032 s->status = READY_STAT;
2033 ide_set_irq(s);
2034 break;
2035 /* ATAPI commands */
2036 case WIN_PIDENTIFY:
2037 if (s->is_cdrom) {
2038 ide_atapi_identify(s);
2039 s->status = READY_STAT | SEEK_STAT;
2040 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2041 } else {
2042 ide_abort_command(s);
2043 }
2044 ide_set_irq(s);
2045 break;
2046 case WIN_DIAGNOSE:
2047 ide_set_signature(s);
2048 s->status = 0x00; /* NOTE: READY is _not_ set */
2049 s->error = 0x01;
2050 ide_set_irq(s);
2051 break;
2052 case WIN_SRST:
2053 if (!s->is_cdrom)
2054 goto abort_cmd;
2055 ide_set_signature(s);
2056 s->status = 0x00; /* NOTE: READY is _not_ set */
2057 s->error = 0x01;
2058 break;
2059 case WIN_PACKETCMD:
2060 if (!s->is_cdrom)
2061 goto abort_cmd;
2062 /* overlapping commands not supported */
2063 if (s->feature & 0x02)
2064 goto abort_cmd;
2065 s->status = READY_STAT;
2066 s->atapi_dma = s->feature & 1;
2067 s->nsector = 1;
2068 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
2069 ide_atapi_cmd);
2070 break;
2071 /* CF-ATA commands */
2072 case CFA_REQ_EXT_ERROR_CODE:
2073 if (!s->is_cf)
2074 goto abort_cmd;
2075 s->error = 0x09; /* miscellaneous error */
2076 s->status = READY_STAT;
2077 ide_set_irq(s);
2078 break;
2079 case CFA_ERASE_SECTORS:
2080 case CFA_WEAR_LEVEL:
2081 if (!s->is_cf)
2082 goto abort_cmd;
2083 if (val == CFA_WEAR_LEVEL)
2084 s->nsector = 0;
2085 if (val == CFA_ERASE_SECTORS)
2086 s->media_changed = 1;
2087 s->error = 0x00;
2088 s->status = READY_STAT;
2089 ide_set_irq(s);
2090 break;
2091 case CFA_TRANSLATE_SECTOR:
2092 if (!s->is_cf)
2093 goto abort_cmd;
2094 s->error = 0x00;
2095 s->status = READY_STAT;
2096 memset(s->io_buffer, 0, 0x200);
2097 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
2098 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
2099 s->io_buffer[0x02] = s->select; /* Head */
2100 s->io_buffer[0x03] = s->sector; /* Sector */
2101 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
2102 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
2103 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
2104 s->io_buffer[0x13] = 0x00; /* Erase flag */
2105 s->io_buffer[0x18] = 0x00; /* Hot count */
2106 s->io_buffer[0x19] = 0x00; /* Hot count */
2107 s->io_buffer[0x1a] = 0x01; /* Hot count */
2108 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2109 ide_set_irq(s);
2110 break;
2111 case CFA_ACCESS_METADATA_STORAGE:
2112 if (!s->is_cf)
2113 goto abort_cmd;
2114 switch (s->feature) {
2115 case 0x02: /* Inquiry Metadata Storage */
2116 ide_cfata_metadata_inquiry(s);
2117 break;
2118 case 0x03: /* Read Metadata Storage */
2119 ide_cfata_metadata_read(s);
2120 break;
2121 case 0x04: /* Write Metadata Storage */
2122 ide_cfata_metadata_write(s);
2123 break;
2124 default:
2125 goto abort_cmd;
2126 }
2127 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2128 s->status = 0x00; /* NOTE: READY is _not_ set */
2129 ide_set_irq(s);
2130 break;
2131 case IBM_SENSE_CONDITION:
2132 if (!s->is_cf)
2133 goto abort_cmd;
2134 switch (s->feature) {
2135 case 0x01: /* sense temperature in device */
2136 s->nsector = 0x50; /* +20 C */
2137 break;
2138 default:
2139 goto abort_cmd;
2140 }
2141 s->status = READY_STAT;
2142 ide_set_irq(s);
2143 break;
2144 default:
2145 abort_cmd:
2146 ide_abort_command(s);
2147 ide_set_irq(s);
2148 break;
2149 }
2150 }
2151 }
2152
2153 static uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
2154 {
2155 IDEState *ide_if = opaque;
2156 IDEState *s = ide_if->cur_drive;
2157 uint32_t addr;
2158 int ret, hob;
2159
2160 addr = addr1 & 7;
2161 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2162 //hob = s->select & (1 << 7);
2163 hob = 0;
2164 switch(addr) {
2165 case 0:
2166 ret = 0xff;
2167 break;
2168 case 1:
2169 if (!ide_if[0].bs && !ide_if[1].bs)
2170 ret = 0;
2171 else if (!hob)
2172 ret = s->error;
2173 else
2174 ret = s->hob_feature;
2175 break;
2176 case 2:
2177 if (!ide_if[0].bs && !ide_if[1].bs)
2178 ret = 0;
2179 else if (!hob)
2180 ret = s->nsector & 0xff;
2181 else
2182 ret = s->hob_nsector;
2183 break;
2184 case 3:
2185 if (!ide_if[0].bs && !ide_if[1].bs)
2186 ret = 0;
2187 else if (!hob)
2188 ret = s->sector;
2189 else
2190 ret = s->hob_sector;
2191 break;
2192 case 4:
2193 if (!ide_if[0].bs && !ide_if[1].bs)
2194 ret = 0;
2195 else if (!hob)
2196 ret = s->lcyl;
2197 else
2198 ret = s->hob_lcyl;
2199 break;
2200 case 5:
2201 if (!ide_if[0].bs && !ide_if[1].bs)
2202 ret = 0;
2203 else if (!hob)
2204 ret = s->hcyl;
2205 else
2206 ret = s->hob_hcyl;
2207 break;
2208 case 6:
2209 if (!ide_if[0].bs && !ide_if[1].bs)
2210 ret = 0;
2211 else
2212 ret = s->select;
2213 break;
2214 default:
2215 case 7:
2216 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2217 (s != ide_if && !s->bs))
2218 ret = 0;
2219 else
2220 ret = s->status;
2221 qemu_irq_lower(s->irq);
2222 break;
2223 }
2224 #ifdef DEBUG_IDE
2225 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
2226 #endif
2227 return ret;
2228 }
2229
2230 static uint32_t ide_status_read(void *opaque, uint32_t addr)
2231 {
2232 IDEState *ide_if = opaque;
2233 IDEState *s = ide_if->cur_drive;
2234 int ret;
2235
2236 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2237 (s != ide_if && !s->bs))
2238 ret = 0;
2239 else
2240 ret = s->status;
2241 #ifdef DEBUG_IDE
2242 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
2243 #endif
2244 return ret;
2245 }
2246
2247 static void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
2248 {
2249 IDEState *ide_if = opaque;
2250 IDEState *s;
2251 int i;
2252
2253 #ifdef DEBUG_IDE
2254 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
2255 #endif
2256 /* common for both drives */
2257 if (!(ide_if[0].cmd & IDE_CMD_RESET) &&
2258 (val & IDE_CMD_RESET)) {
2259 /* reset low to high */
2260 for(i = 0;i < 2; i++) {
2261 s = &ide_if[i];
2262 s->status = BUSY_STAT | SEEK_STAT;
2263 s->error = 0x01;
2264 }
2265 } else if ((ide_if[0].cmd & IDE_CMD_RESET) &&
2266 !(val & IDE_CMD_RESET)) {
2267 /* high to low */
2268 for(i = 0;i < 2; i++) {
2269 s = &ide_if[i];
2270 if (s->is_cdrom)
2271 s->status = 0x00; /* NOTE: READY is _not_ set */
2272 else
2273 s->status = READY_STAT | SEEK_STAT;
2274 ide_set_signature(s);
2275 }
2276 }
2277
2278 ide_if[0].cmd = val;
2279 ide_if[1].cmd = val;
2280 }
2281
2282 static void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
2283 {
2284 IDEState *s = ((IDEState *)opaque)->cur_drive;
2285 uint8_t *p;
2286
2287 p = s->data_ptr;
2288 *(uint16_t *)p = le16_to_cpu(val);
2289 p += 2;
2290 s->data_ptr = p;
2291 if (p >= s->data_end)
2292 s->end_transfer_func(s);
2293 }
2294
2295 static uint32_t ide_data_readw(void *opaque, uint32_t addr)
2296 {
2297 IDEState *s = ((IDEState *)opaque)->cur_drive;
2298 uint8_t *p;
2299 int ret;
2300 p = s->data_ptr;
2301 ret = cpu_to_le16(*(uint16_t *)p);
2302 p += 2;
2303 s->data_ptr = p;
2304 if (p >= s->data_end)
2305 s->end_transfer_func(s);
2306 return ret;
2307 }
2308
2309 static void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
2310 {
2311 IDEState *s = ((IDEState *)opaque)->cur_drive;
2312 uint8_t *p;
2313
2314 p = s->data_ptr;
2315 *(uint32_t *)p = le32_to_cpu(val);
2316 p += 4;
2317 s->data_ptr = p;
2318 if (p >= s->data_end)
2319 s->end_transfer_func(s);
2320 }
2321
2322 static uint32_t ide_data_readl(void *opaque, uint32_t addr)
2323 {
2324 IDEState *s = ((IDEState *)opaque)->cur_drive;
2325 uint8_t *p;
2326 int ret;
2327
2328 p = s->data_ptr;
2329 ret = cpu_to_le32(*(uint32_t *)p);
2330 p += 4;
2331 s->data_ptr = p;
2332 if (p >= s->data_end)
2333 s->end_transfer_func(s);
2334 return ret;
2335 }
2336
2337 static void ide_dummy_transfer_stop(IDEState *s)
2338 {
2339 s->data_ptr = s->io_buffer;
2340 s->data_end = s->io_buffer;
2341 s->io_buffer[0] = 0xff;
2342 s->io_buffer[1] = 0xff;
2343 s->io_buffer[2] = 0xff;
2344 s->io_buffer[3] = 0xff;
2345 }
2346
2347 static void ide_reset(IDEState *s)
2348 {
2349 if (s->is_cf)
2350 s->mult_sectors = 0;
2351 else
2352 s->mult_sectors = MAX_MULT_SECTORS;
2353 s->cur_drive = s;
2354 s->select = 0xa0;
2355 s->status = READY_STAT;
2356 ide_set_signature(s);
2357 /* init the transfer handler so that 0xffff is returned on data
2358 accesses */
2359 s->end_transfer_func = ide_dummy_transfer_stop;
2360 ide_dummy_transfer_stop(s);
2361 s->media_changed = 0;
2362 }
2363
2364 struct partition {
2365 uint8_t boot_ind; /* 0x80 - active */
2366 uint8_t head; /* starting head */
2367 uint8_t sector; /* starting sector */
2368 uint8_t cyl; /* starting cylinder */
2369 uint8_t sys_ind; /* What partition type */
2370 uint8_t end_head; /* end head */
2371 uint8_t end_sector; /* end sector */
2372 uint8_t end_cyl; /* end cylinder */
2373 uint32_t start_sect; /* starting sector counting from 0 */
2374 uint32_t nr_sects; /* nr of sectors in partition */
2375 } __attribute__((packed));
2376
2377 /* try to guess the disk logical geometry from the MSDOS partition table. Return 0 if OK, -1 if could not guess */
2378 static int guess_disk_lchs(IDEState *s,
2379 int *pcylinders, int *pheads, int *psectors)
2380 {
2381 uint8_t buf[512];
2382 int ret, i, heads, sectors, cylinders;
2383 struct partition *p;
2384 uint32_t nr_sects;
2385
2386 ret = bdrv_read(s->bs, 0, buf, 1);
2387 if (ret < 0)
2388 return -1;
2389 /* test msdos magic */
2390 if (buf[510] != 0x55 || buf[511] != 0xaa)
2391 return -1;
2392 for(i = 0; i < 4; i++) {
2393 p = ((struct partition *)(buf + 0x1be)) + i;
2394 nr_sects = le32_to_cpu(p->nr_sects);
2395 if (nr_sects && p->end_head) {
2396 /* We make the assumption that the partition terminates on
2397 a cylinder boundary */
2398 heads = p->end_head + 1;
2399 sectors = p->end_sector & 63;
2400 if (sectors == 0)
2401 continue;
2402 cylinders = s->nb_sectors / (heads * sectors);
2403 if (cylinders < 1 || cylinders > 16383)
2404 continue;
2405 *pheads = heads;
2406 *psectors = sectors;
2407 *pcylinders = cylinders;
2408 #if 0
2409 printf("guessed geometry: LCHS=%d %d %d\n",
2410 cylinders, heads, sectors);
2411 #endif
2412 return 0;
2413 }
2414 }
2415 return -1;
2416 }
2417
2418 static void ide_init2(IDEState *ide_state,
2419 BlockDriverState *hd0, BlockDriverState *hd1,
2420 qemu_irq irq)
2421 {
2422 IDEState *s;
2423 static int drive_serial = 1;
2424 int i, cylinders, heads, secs, translation, lba_detected = 0;
2425 uint64_t nb_sectors;
2426
2427 for(i = 0; i < 2; i++) {
2428 s = ide_state + i;
2429 if (i == 0)
2430 s->bs = hd0;
2431 else
2432 s->bs = hd1;
2433 if (s->bs) {
2434 bdrv_get_geometry(s->bs, &nb_sectors);
2435 s->nb_sectors = nb_sectors;
2436 /* if a geometry hint is available, use it */
2437 bdrv_get_geometry_hint(s->bs, &cylinders, &heads, &secs);
2438 translation = bdrv_get_translation_hint(s->bs);
2439 if (cylinders != 0) {
2440 s->cylinders = cylinders;
2441 s->heads = heads;
2442 s->sectors = secs;
2443 } else {
2444 if (guess_disk_lchs(s, &cylinders, &heads, &secs) == 0) {
2445 if (heads > 16) {
2446 /* if heads > 16, it means that a BIOS LBA
2447 translation was active, so the default
2448 hardware geometry is OK */
2449 lba_detected = 1;
2450 goto default_geometry;
2451 } else {
2452 s->cylinders = cylinders;
2453 s->heads = heads;
2454 s->sectors = secs;
2455 /* disable any translation to be in sync with
2456 the logical geometry */
2457 if (translation == BIOS_ATA_TRANSLATION_AUTO) {
2458 bdrv_set_translation_hint(s->bs,
2459 BIOS_ATA_TRANSLATION_NONE);
2460 }
2461 }
2462 } else {
2463 default_geometry:
2464 /* if no geometry, use a standard physical disk geometry */
2465 cylinders = nb_sectors / (16 * 63);
2466 if (cylinders > 16383)
2467 cylinders = 16383;
2468 else if (cylinders < 2)
2469 cylinders = 2;
2470 s->cylinders = cylinders;
2471 s->heads = 16;
2472 s->sectors = 63;
2473 if ((lba_detected == 1) && (translation == BIOS_ATA_TRANSLATION_AUTO)) {
2474 if ((s->cylinders * s->heads) <= 131072) {
2475 bdrv_set_translation_hint(s->bs,
2476 BIOS_ATA_TRANSLATION_LARGE);
2477 } else {
2478 bdrv_set_translation_hint(s->bs,
2479 BIOS_ATA_TRANSLATION_LBA);
2480 }
2481 }
2482 }
2483 bdrv_set_geometry_hint(s->bs, s->cylinders, s->heads, s->sectors);
2484 }
2485 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
2486 s->is_cdrom = 1;
2487 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
2488 }
2489 }
2490 s->drive_serial = drive_serial++;
2491 s->irq = irq;
2492 s->sector_write_timer = qemu_new_timer(vm_clock,
2493 ide_sector_write_timer_cb, s);
2494 ide_reset(s);
2495 }
2496 }
2497
2498 static void ide_init_ioport(IDEState *ide_state, int iobase, int iobase2)
2499 {
2500 register_ioport_write(iobase, 8, 1, ide_ioport_write, ide_state);
2501 register_ioport_read(iobase, 8, 1, ide_ioport_read, ide_state);
2502 if (iobase2) {
2503 register_ioport_read(iobase2, 1, 1, ide_status_read, ide_state);
2504 register_ioport_write(iobase2, 1, 1, ide_cmd_write, ide_state);
2505 }
2506
2507 /* data ports */
2508 register_ioport_write(iobase, 2, 2, ide_data_writew, ide_state);
2509 register_ioport_read(iobase, 2, 2, ide_data_readw, ide_state);
2510 register_ioport_write(iobase, 4, 4, ide_data_writel, ide_state);
2511 register_ioport_read(iobase, 4, 4, ide_data_readl, ide_state);
2512 }
2513
2514 /* save per IDE drive data */
2515 static void ide_save(QEMUFile* f, IDEState *s)
2516 {
2517 qemu_put_be32(f, s->mult_sectors);
2518 qemu_put_be32(f, s->identify_set);
2519 if (s->identify_set) {
2520 qemu_put_buffer(f, (const uint8_t *)s->identify_data, 512);
2521 }
2522 qemu_put_8s(f, &s->feature);
2523 qemu_put_8s(f, &s->error);
2524 qemu_put_be32s(f, &s->nsector);
2525 qemu_put_8s(f, &s->sector);
2526 qemu_put_8s(f, &s->lcyl);
2527 qemu_put_8s(f, &s->hcyl);
2528 qemu_put_8s(f, &s->hob_feature);
2529 qemu_put_8s(f, &s->hob_nsector);
2530 qemu_put_8s(f, &s->hob_sector);
2531 qemu_put_8s(f, &s->hob_lcyl);
2532 qemu_put_8s(f, &s->hob_hcyl);
2533 qemu_put_8s(f, &s->select);
2534 qemu_put_8s(f, &s->status);
2535 qemu_put_8s(f, &s->lba48);
2536
2537 qemu_put_8s(f, &s->sense_key);
2538 qemu_put_8s(f, &s->asc);
2539 /* XXX: if a transfer is pending, we do not save it yet */
2540 }
2541
2542 /* load per IDE drive data */
2543 static void ide_load(QEMUFile* f, IDEState *s)
2544 {
2545 s->mult_sectors=qemu_get_be32(f);
2546 s->identify_set=qemu_get_be32(f);
2547 if (s->identify_set) {
2548 qemu_get_buffer(f, (uint8_t *)s->identify_data, 512);
2549 }
2550 qemu_get_8s(f, &s->feature);
2551 qemu_get_8s(f, &s->error);
2552 qemu_get_be32s(f, &s->nsector);
2553 qemu_get_8s(f, &s->sector);
2554 qemu_get_8s(f, &s->lcyl);
2555 qemu_get_8s(f, &s->hcyl);
2556 qemu_get_8s(f, &s->hob_feature);
2557 qemu_get_8s(f, &s->hob_nsector);
2558 qemu_get_8s(f, &s->hob_sector);
2559 qemu_get_8s(f, &s->hob_lcyl);
2560 qemu_get_8s(f, &s->hob_hcyl);
2561 qemu_get_8s(f, &s->select);
2562 qemu_get_8s(f, &s->status);
2563 qemu_get_8s(f, &s->lba48);
2564
2565 qemu_get_8s(f, &s->sense_key);
2566 qemu_get_8s(f, &s->asc);
2567 /* XXX: if a transfer is pending, we do not save it yet */
2568 }
2569
2570 /***********************************************************/
2571 /* ISA IDE definitions */
2572
2573 void isa_ide_init(int iobase, int iobase2, qemu_irq irq,
2574 BlockDriverState *hd0, BlockDriverState *hd1)
2575 {
2576 IDEState *ide_state;
2577
2578 ide_state = qemu_mallocz(sizeof(IDEState) * 2);
2579 if (!ide_state)
2580 return;
2581
2582 ide_init2(ide_state, hd0, hd1, irq);
2583 ide_init_ioport(ide_state, iobase, iobase2);
2584 }
2585
2586 /***********************************************************/
2587 /* PCI IDE definitions */
2588
2589 static void cmd646_update_irq(PCIIDEState *d);
2590
2591 static void ide_map(PCIDevice *pci_dev, int region_num,
2592 uint32_t addr, uint32_t size, int type)
2593 {
2594 PCIIDEState *d = (PCIIDEState *)pci_dev;
2595 IDEState *ide_state;
2596
2597 if (region_num <= 3) {
2598 ide_state = &d->ide_if[(region_num >> 1) * 2];
2599 if (region_num & 1) {
2600 register_ioport_read(addr + 2, 1, 1, ide_status_read, ide_state);
2601 register_ioport_write(addr + 2, 1, 1, ide_cmd_write, ide_state);
2602 } else {
2603 register_ioport_write(addr, 8, 1, ide_ioport_write, ide_state);
2604 register_ioport_read(addr, 8, 1, ide_ioport_read, ide_state);
2605
2606 /* data ports */
2607 register_ioport_write(addr, 2, 2, ide_data_writew, ide_state);
2608 register_ioport_read(addr, 2, 2, ide_data_readw, ide_state);
2609 register_ioport_write(addr, 4, 4, ide_data_writel, ide_state);
2610 register_ioport_read(addr, 4, 4, ide_data_readl, ide_state);
2611 }
2612 }
2613 }
2614
2615 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb)
2616 {
2617 BMDMAState *bm = s->bmdma;
2618 if(!bm)
2619 return;
2620 bm->ide_if = s;
2621 bm->dma_cb = dma_cb;
2622 bm->cur_prd_last = 0;
2623 bm->cur_prd_addr = 0;
2624 bm->cur_prd_len = 0;
2625 if (bm->status & BM_STATUS_DMAING) {
2626 bm->dma_cb(bm, 0);
2627 }
2628 }
2629
2630 static void bmdma_cmd_writeb(void *opaque, uint32_t addr, uint32_t val)
2631 {
2632 BMDMAState *bm = opaque;
2633 #ifdef DEBUG_IDE
2634 printf("%s: 0x%08x\n", __func__, val);
2635 #endif
2636 if (!(val & BM_CMD_START)) {
2637 /* XXX: do it better */
2638 if (bm->status & BM_STATUS_DMAING) {
2639 bm->status &= ~BM_STATUS_DMAING;
2640 /* cancel DMA request */
2641 bm->ide_if = NULL;
2642 bm->dma_cb = NULL;
2643 if (bm->aiocb) {
2644 #ifdef DEBUG_AIO
2645 printf("aio_cancel\n");
2646 #endif
2647 bdrv_aio_cancel(bm->aiocb);
2648 bm->aiocb = NULL;
2649 }
2650 }
2651 bm->cmd = val & 0x09;
2652 } else {
2653 if (!(bm->status & BM_STATUS_DMAING)) {
2654 bm->status |= BM_STATUS_DMAING;
2655 /* start dma transfer if possible */
2656 if (bm->dma_cb)
2657 bm->dma_cb(bm, 0);
2658 }
2659 bm->cmd = val & 0x09;
2660 }
2661 }
2662
2663 static uint32_t bmdma_readb(void *opaque, uint32_t addr)
2664 {
2665 BMDMAState *bm = opaque;
2666 PCIIDEState *pci_dev;
2667 uint32_t val;
2668
2669 switch(addr & 3) {
2670 case 0:
2671 val = bm->cmd;
2672 break;
2673 case 1:
2674 pci_dev = bm->pci_dev;
2675 if (pci_dev->type == IDE_TYPE_CMD646) {
2676 val = pci_dev->dev.config[MRDMODE];
2677 } else {
2678 val = 0xff;
2679 }
2680 break;
2681 case 2:
2682 val = bm->status;
2683 break;
2684 case 3:
2685 pci_dev = bm->pci_dev;
2686 if (pci_dev->type == IDE_TYPE_CMD646) {
2687 if (bm == &pci_dev->bmdma[0])
2688 val = pci_dev->dev.config[UDIDETCR0];
2689 else
2690 val = pci_dev->dev.config[UDIDETCR1];
2691 } else {
2692 val = 0xff;
2693 }
2694 break;
2695 default:
2696 val = 0xff;
2697 break;
2698 }
2699 #ifdef DEBUG_IDE
2700 printf("bmdma: readb 0x%02x : 0x%02x\n", addr, val);
2701 #endif
2702 return val;
2703 }
2704
2705 static void bmdma_writeb(void *opaque, uint32_t addr, uint32_t val)
2706 {
2707 BMDMAState *bm = opaque;
2708 PCIIDEState *pci_dev;
2709 #ifdef DEBUG_IDE
2710 printf("bmdma: writeb 0x%02x : 0x%02x\n", addr, val);
2711 #endif
2712 switch(addr & 3) {
2713 case 1:
2714 pci_dev = bm->pci_dev;
2715 if (pci_dev->type == IDE_TYPE_CMD646) {
2716 pci_dev->dev.config[MRDMODE] =
2717 (pci_dev->dev.config[MRDMODE] & ~0x30) | (val & 0x30);
2718 cmd646_update_irq(pci_dev);
2719 }
2720 break;
2721 case 2:
2722 bm->status = (val & 0x60) | (bm->status & 1) | (bm->status & ~val & 0x06);
2723 break;
2724 case 3:
2725 pci_dev = bm->pci_dev;
2726 if (pci_dev->type == IDE_TYPE_CMD646) {
2727 if (bm == &pci_dev->bmdma[0])
2728 pci_dev->dev.config[UDIDETCR0] = val;
2729 else
2730 pci_dev->dev.config[UDIDETCR1] = val;
2731 }
2732 break;
2733 }
2734 }
2735
2736 static uint32_t bmdma_addr_readl(void *opaque, uint32_t addr)
2737 {
2738 BMDMAState *bm = opaque;
2739 uint32_t val;
2740 val = bm->addr;
2741 #ifdef DEBUG_IDE
2742 printf("%s: 0x%08x\n", __func__, val);
2743 #endif
2744 return val;
2745 }
2746
2747 static void bmdma_addr_writel(void *opaque, uint32_t addr, uint32_t val)
2748 {
2749 BMDMAState *bm = opaque;
2750 #ifdef DEBUG_IDE
2751 printf("%s: 0x%08x\n", __func__, val);
2752 #endif
2753 bm->addr = val & ~3;
2754 bm->cur_addr = bm->addr;
2755 }
2756
2757 static void bmdma_map(PCIDevice *pci_dev, int region_num,
2758 uint32_t addr, uint32_t size, int type)
2759 {
2760 PCIIDEState *d = (PCIIDEState *)pci_dev;
2761 int i;
2762
2763 for(i = 0;i < 2; i++) {
2764 BMDMAState *bm = &d->bmdma[i];
2765 d->ide_if[2 * i].bmdma = bm;
2766 d->ide_if[2 * i + 1].bmdma = bm;
2767 bm->pci_dev = (PCIIDEState *)pci_dev;
2768
2769 register_ioport_write(addr, 1, 1, bmdma_cmd_writeb, bm);
2770
2771 register_ioport_write(addr + 1, 3, 1, bmdma_writeb, bm);
2772 register_ioport_read(addr, 4, 1, bmdma_readb, bm);
2773
2774 register_ioport_write(addr + 4, 4, 4, bmdma_addr_writel, bm);
2775 register_ioport_read(addr + 4, 4, 4, bmdma_addr_readl, bm);
2776 addr += 8;
2777 }
2778 }
2779
2780 /* XXX: call it also when the MRDMODE is changed from the PCI config
2781 registers */
2782 static void cmd646_update_irq(PCIIDEState *d)
2783 {
2784 int pci_level;
2785 pci_level = ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH0) &&
2786 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH0)) ||
2787 ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH1) &&
2788 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH1));
2789 qemu_set_irq(d->dev.irq[0], pci_level);
2790 }
2791
2792 /* the PCI irq level is the logical OR of the two channels */
2793 static void cmd646_set_irq(void *opaque, int channel, int level)
2794 {
2795 PCIIDEState *d = opaque;
2796 int irq_mask;
2797
2798 irq_mask = MRDMODE_INTR_CH0 << channel;
2799 if (level)
2800 d->dev.config[MRDMODE] |= irq_mask;
2801 else
2802 d->dev.config[MRDMODE] &= ~irq_mask;
2803 cmd646_update_irq(d);
2804 }
2805
2806 /* CMD646 PCI IDE controller */
2807 void pci_cmd646_ide_init(PCIBus *bus, BlockDriverState **hd_table,
2808 int secondary_ide_enabled)
2809 {
2810 PCIIDEState *d;
2811 uint8_t *pci_conf;
2812 int i;
2813 qemu_irq *irq;
2814
2815 d = (PCIIDEState *)pci_register_device(bus, "CMD646 IDE",
2816 sizeof(PCIIDEState),
2817 -1,
2818 NULL, NULL);
2819 d->type = IDE_TYPE_CMD646;
2820 pci_conf = d->dev.config;
2821 pci_conf[0x00] = 0x95; // CMD646
2822 pci_conf[0x01] = 0x10;
2823 pci_conf[0x02] = 0x46;
2824 pci_conf[0x03] = 0x06;
2825
2826 pci_conf[0x08] = 0x07; // IDE controller revision
2827 pci_conf[0x09] = 0x8f;
2828
2829 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2830 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2831 pci_conf[0x0e] = 0x00; // header_type
2832
2833 if (secondary_ide_enabled) {
2834 /* XXX: if not enabled, really disable the seconday IDE controller */
2835 pci_conf[0x51] = 0x80; /* enable IDE1 */
2836 }
2837
2838 pci_register_io_region((PCIDevice *)d, 0, 0x8,
2839 PCI_ADDRESS_SPACE_IO, ide_map);
2840 pci_register_io_region((PCIDevice *)d, 1, 0x4,
2841 PCI_ADDRESS_SPACE_IO, ide_map);
2842 pci_register_io_region((PCIDevice *)d, 2, 0x8,
2843 PCI_ADDRESS_SPACE_IO, ide_map);
2844 pci_register_io_region((PCIDevice *)d, 3, 0x4,
2845 PCI_ADDRESS_SPACE_IO, ide_map);
2846 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2847 PCI_ADDRESS_SPACE_IO, bmdma_map);
2848
2849 pci_conf[0x3d] = 0x01; // interrupt on pin 1
2850
2851 for(i = 0; i < 4; i++)
2852 d->ide_if[i].pci_dev = (PCIDevice *)d;
2853
2854 irq = qemu_allocate_irqs(cmd646_set_irq, d, 2);
2855 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], irq[0]);
2856 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], irq[1]);
2857 }
2858
2859 static void pci_ide_save(QEMUFile* f, void *opaque)
2860 {
2861 PCIIDEState *d = opaque;
2862 int i;
2863
2864 pci_device_save(&d->dev, f);
2865
2866 for(i = 0; i < 2; i++) {
2867 BMDMAState *bm = &d->bmdma[i];
2868 qemu_put_8s(f, &bm->cmd);
2869 qemu_put_8s(f, &bm->status);
2870 qemu_put_be32s(f, &bm->addr);
2871 /* XXX: if a transfer is pending, we do not save it yet */
2872 }
2873
2874 /* per IDE interface data */
2875 for(i = 0; i < 2; i++) {
2876 IDEState *s = &d->ide_if[i * 2];
2877 uint8_t drive1_selected;
2878 qemu_put_8s(f, &s->cmd);
2879 drive1_selected = (s->cur_drive != s);
2880 qemu_put_8s(f, &drive1_selected);
2881 }
2882
2883 /* per IDE drive data */
2884 for(i = 0; i < 4; i++) {
2885 ide_save(f, &d->ide_if[i]);
2886 }
2887 }
2888
2889 static int pci_ide_load(QEMUFile* f, void *opaque, int version_id)
2890 {
2891 PCIIDEState *d = opaque;
2892 int ret, i;
2893
2894 if (version_id != 1)
2895 return -EINVAL;
2896 ret = pci_device_load(&d->dev, f);
2897 if (ret < 0)
2898 return ret;
2899
2900 for(i = 0; i < 2; i++) {
2901 BMDMAState *bm = &d->bmdma[i];
2902 qemu_get_8s(f, &bm->cmd);
2903 qemu_get_8s(f, &bm->status);
2904 qemu_get_be32s(f, &bm->addr);
2905 /* XXX: if a transfer is pending, we do not save it yet */
2906 }
2907
2908 /* per IDE interface data */
2909 for(i = 0; i < 2; i++) {
2910 IDEState *s = &d->ide_if[i * 2];
2911 uint8_t drive1_selected;
2912 qemu_get_8s(f, &s->cmd);
2913 qemu_get_8s(f, &drive1_selected);
2914 s->cur_drive = &d->ide_if[i * 2 + (drive1_selected != 0)];
2915 }
2916
2917 /* per IDE drive data */
2918 for(i = 0; i < 4; i++) {
2919 ide_load(f, &d->ide_if[i]);
2920 }
2921 return 0;
2922 }
2923
2924 static void piix3_reset(PCIIDEState *d)
2925 {
2926 uint8_t *pci_conf = d->dev.config;
2927
2928 pci_conf[0x04] = 0x00;
2929 pci_conf[0x05] = 0x00;
2930 pci_conf[0x06] = 0x80; /* FBC */
2931 pci_conf[0x07] = 0x02; // PCI_status_devsel_medium
2932 pci_conf[0x20] = 0x01; /* BMIBA: 20-23h */
2933 }
2934
2935 /* hd_table must contain 4 block drivers */
2936 /* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
2937 void pci_piix3_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
2938 qemu_irq *pic)
2939 {
2940 PCIIDEState *d;
2941 uint8_t *pci_conf;
2942
2943 /* register a function 1 of PIIX3 */
2944 d = (PCIIDEState *)pci_register_device(bus, "PIIX3 IDE",
2945 sizeof(PCIIDEState),
2946 devfn,
2947 NULL, NULL);
2948 d->type = IDE_TYPE_PIIX3;
2949
2950 pci_conf = d->dev.config;
2951 pci_conf[0x00] = 0x86; // Intel
2952 pci_conf[0x01] = 0x80;
2953 pci_conf[0x02] = 0x10;
2954 pci_conf[0x03] = 0x70;
2955 pci_conf[0x09] = 0x80; // legacy ATA mode
2956 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2957 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2958 pci_conf[0x0e] = 0x00; // header_type
2959
2960 piix3_reset(d);
2961
2962 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2963 PCI_ADDRESS_SPACE_IO, bmdma_map);
2964
2965 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
2966 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
2967 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
2968 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
2969
2970 register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
2971 }
2972
2973 /* hd_table must contain 4 block drivers */
2974 /* NOTE: for the PIIX4, the IRQs and IOports are hardcoded */
2975 void pci_piix4_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
2976 qemu_irq *pic)
2977 {
2978 PCIIDEState *d;
2979 uint8_t *pci_conf;
2980
2981 /* register a function 1 of PIIX4 */
2982 d = (PCIIDEState *)pci_register_device(bus, "PIIX4 IDE",
2983 sizeof(PCIIDEState),
2984 devfn,
2985 NULL, NULL);
2986 d->type = IDE_TYPE_PIIX4;
2987
2988 pci_conf = d->dev.config;
2989 pci_conf[0x00] = 0x86; // Intel
2990 pci_conf[0x01] = 0x80;
2991 pci_conf[0x02] = 0x11;
2992 pci_conf[0x03] = 0x71;
2993 pci_conf[0x09] = 0x80; // legacy ATA mode
2994 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2995 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2996 pci_conf[0x0e] = 0x00; // header_type
2997
2998 piix3_reset(d);
2999
3000 pci_register_io_region((PCIDevice *)d, 4, 0x10,
3001 PCI_ADDRESS_SPACE_IO, bmdma_map);
3002
3003 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
3004 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
3005 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
3006 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
3007
3008 register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
3009 }
3010
3011 /***********************************************************/
3012 /* MacIO based PowerPC IDE */
3013
3014 /* PowerMac IDE memory IO */
3015 static void pmac_ide_writeb (void *opaque,
3016 target_phys_addr_t addr, uint32_t val)
3017 {
3018 addr = (addr & 0xFFF) >> 4;
3019 switch (addr) {
3020 case 1 ... 7:
3021 ide_ioport_write(opaque, addr, val);
3022 break;
3023 case 8:
3024 case 22:
3025 ide_cmd_write(opaque, 0, val);
3026 break;
3027 default:
3028 break;
3029 }
3030 }
3031
3032 static uint32_t pmac_ide_readb (void *opaque,target_phys_addr_t addr)
3033 {
3034 uint8_t retval;
3035
3036 addr = (addr & 0xFFF) >> 4;
3037 switch (addr) {
3038 case 1 ... 7:
3039 retval = ide_ioport_read(opaque, addr);
3040 break;
3041 case 8:
3042 case 22:
3043 retval = ide_status_read(opaque, 0);
3044 break;
3045 default:
3046 retval = 0xFF;
3047 break;
3048 }
3049 return retval;
3050 }
3051
3052 static void pmac_ide_writew (void *opaque,
3053 target_phys_addr_t addr, uint32_t val)
3054 {
3055 addr = (addr & 0xFFF) >> 4;
3056 #ifdef TARGET_WORDS_BIGENDIAN
3057 val = bswap16(val);
3058 #endif
3059 if (addr == 0) {
3060 ide_data_writew(opaque, 0, val);
3061 }
3062 }
3063
3064 static uint32_t pmac_ide_readw (void *opaque,target_phys_addr_t addr)
3065 {
3066 uint16_t retval;
3067
3068 addr = (addr & 0xFFF) >> 4;
3069 if (addr == 0) {
3070 retval = ide_data_readw(opaque, 0);
3071 } else {
3072 retval = 0xFFFF;
3073 }
3074 #ifdef TARGET_WORDS_BIGENDIAN
3075 retval = bswap16(retval);
3076 #endif
3077 return retval;
3078 }
3079
3080 static void pmac_ide_writel (void *opaque,
3081 target_phys_addr_t addr, uint32_t val)
3082 {
3083 addr = (addr & 0xFFF) >> 4;
3084 #ifdef TARGET_WORDS_BIGENDIAN
3085 val = bswap32(val);
3086 #endif
3087 if (addr == 0) {
3088 ide_data_writel(opaque, 0, val);
3089 }
3090 }
3091
3092 static uint32_t pmac_ide_readl (void *opaque,target_phys_addr_t addr)
3093 {
3094 uint32_t retval;
3095
3096 addr = (addr & 0xFFF) >> 4;
3097 if (addr == 0) {
3098 retval = ide_data_readl(opaque, 0);
3099 } else {
3100 retval = 0xFFFFFFFF;
3101 }
3102 #ifdef TARGET_WORDS_BIGENDIAN
3103 retval = bswap32(retval);
3104 #endif
3105 return retval;
3106 }
3107
3108 static CPUWriteMemoryFunc *pmac_ide_write[] = {
3109 pmac_ide_writeb,
3110 pmac_ide_writew,
3111 pmac_ide_writel,
3112 };
3113
3114 static CPUReadMemoryFunc *pmac_ide_read[] = {
3115 pmac_ide_readb,
3116 pmac_ide_readw,
3117 pmac_ide_readl,
3118 };
3119
3120 /* hd_table must contain 4 block drivers */
3121 /* PowerMac uses memory mapped registers, not I/O. Return the memory
3122 I/O index to access the ide. */
3123 int pmac_ide_init (BlockDriverState **hd_table, qemu_irq irq)
3124 {
3125 IDEState *ide_if;
3126 int pmac_ide_memory;
3127
3128 ide_if = qemu_mallocz(sizeof(IDEState) * 2);
3129 ide_init2(&ide_if[0], hd_table[0], hd_table[1], irq);
3130
3131 pmac_ide_memory = cpu_register_io_memory(0, pmac_ide_read,
3132 pmac_ide_write, &ide_if[0]);
3133 return pmac_ide_memory;
3134 }
3135
3136 /***********************************************************/
3137 /* CF-ATA Microdrive */
3138
3139 #define METADATA_SIZE 0x20
3140
3141 /* DSCM-1XXXX Microdrive hard disk with CF+ II / PCMCIA interface. */
3142 struct md_s {
3143 IDEState ide[2];
3144 struct pcmcia_card_s card;
3145 uint32_t attr_base;
3146 uint32_t io_base;
3147
3148 /* Card state */
3149 uint8_t opt;
3150 uint8_t stat;
3151 uint8_t pins;
3152
3153 uint8_t ctrl;
3154 uint16_t io;
3155 int cycle;
3156 };
3157
3158 /* Register bitfields */
3159 enum md_opt {
3160 OPT_MODE_MMAP = 0,
3161 OPT_MODE_IOMAP16 = 1,
3162 OPT_MODE_IOMAP1 = 2,
3163 OPT_MODE_IOMAP2 = 3,
3164 OPT_MODE = 0x3f,
3165 OPT_LEVIREQ = 0x40,
3166 OPT_SRESET = 0x80,
3167 };
3168 enum md_cstat {
3169 STAT_INT = 0x02,
3170 STAT_PWRDWN = 0x04,
3171 STAT_XE = 0x10,
3172 STAT_IOIS8 = 0x20,
3173 STAT_SIGCHG = 0x40,
3174 STAT_CHANGED = 0x80,
3175 };
3176 enum md_pins {
3177 PINS_MRDY = 0x02,
3178 PINS_CRDY = 0x20,
3179 };
3180 enum md_ctrl {
3181 CTRL_IEN = 0x02,
3182 CTRL_SRST = 0x04,
3183 };
3184
3185 static inline void md_interrupt_update(struct md_s *s)
3186 {
3187 if (!s->card.slot)
3188 return;
3189
3190 qemu_set_irq(s->card.slot->irq,
3191 !(s->stat & STAT_INT) && /* Inverted */
3192 !(s->ctrl & (CTRL_IEN | CTRL_SRST)) &&
3193 !(s->opt & OPT_SRESET));
3194 }
3195
3196 static void md_set_irq(void *opaque, int irq, int level)
3197 {
3198 struct md_s *s = (struct md_s *) opaque;
3199 if (level)
3200 s->stat |= STAT_INT;
3201 else
3202 s->stat &= ~STAT_INT;
3203
3204 md_interrupt_update(s);
3205 }
3206
3207 static void md_reset(struct md_s *s)
3208 {
3209 s->opt = OPT_MODE_MMAP;
3210 s->stat = 0;
3211 s->pins = 0;
3212 s->cycle = 0;
3213 s->ctrl = 0;
3214 ide_reset(s->ide);
3215 }
3216
3217 static uint8_t md_attr_read(void *opaque, uint32_t at)
3218 {
3219 struct md_s *s = (struct md_s *) opaque;
3220 if (at < s->attr_base) {
3221 if (at < s->card.cis_len)
3222 return s->card.cis[at];
3223 else
3224 return 0x00;
3225 }
3226
3227 at -= s->attr_base;
3228
3229 switch (at) {
3230 case 0x00: /* Configuration Option Register */
3231 return s->opt;
3232 case 0x02: /* Card Configuration Status Register */
3233 if (s->ctrl & CTRL_IEN)
3234 return s->stat & ~STAT_INT;
3235 else
3236 return s->stat;
3237 case 0x04: /* Pin Replacement Register */
3238 return (s->pins & PINS_CRDY) | 0x0c;
3239 case 0x06: /* Socket and Copy Register */
3240 return 0x00;
3241 #ifdef VERBOSE
3242 default:
3243 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3244 #endif
3245 }
3246
3247 return 0;
3248 }
3249
3250 static void md_attr_write(void *opaque, uint32_t at, uint8_t value)
3251 {
3252 struct md_s *s = (struct md_s *) opaque;
3253 at -= s->attr_base;
3254
3255 switch (at) {
3256 case 0x00: /* Configuration Option Register */
3257 s->opt = value & 0xcf;
3258 if (value & OPT_SRESET)
3259 md_reset(s);
3260 md_interrupt_update(s);
3261 break;
3262 case 0x02: /* Card Configuration Status Register */
3263 if ((s->stat ^ value) & STAT_PWRDWN)
3264 s->pins |= PINS_CRDY;
3265 s->stat &= 0x82;
3266 s->stat |= value & 0x74;
3267 md_interrupt_update(s);
3268 /* Word 170 in Identify Device must be equal to STAT_XE */
3269 break;
3270 case 0x04: /* Pin Replacement Register */
3271 s->pins &= PINS_CRDY;
3272 s->pins |= value & PINS_MRDY;
3273 break;
3274 case 0x06: /* Socket and Copy Register */
3275 break;
3276 default:
3277 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3278 }
3279 }
3280
3281 static uint16_t md_common_read(void *opaque, uint32_t at)
3282 {
3283 struct md_s *s = (struct md_s *) opaque;
3284 uint16_t ret;
3285 at -= s->io_base;
3286
3287 switch (s->opt & OPT_MODE) {
3288 case OPT_MODE_MMAP:
3289 if ((at & ~0x3ff) == 0x400)
3290 at = 0;
3291 break;
3292 case OPT_MODE_IOMAP16:
3293 at &= 0xf;
3294 break;
3295 case OPT_MODE_IOMAP1:
3296 if ((at & ~0xf) == 0x3f0)
3297 at -= 0x3e8;
3298 else if ((at & ~0xf) == 0x1f0)
3299 at -= 0x1f0;
3300 break;
3301 case OPT_MODE_IOMAP2:
3302 if ((at & ~0xf) == 0x370)
3303 at -= 0x368;
3304 else if ((at & ~0xf) == 0x170)
3305 at -= 0x170;
3306 }
3307
3308 switch (at) {
3309 case 0x0: /* Even RD Data */
3310 case 0x8:
3311 return ide_data_readw(s->ide, 0);
3312
3313 /* TODO: 8-bit accesses */
3314 if (s->cycle)
3315 ret = s->io >> 8;
3316 else {
3317 s->io = ide_data_readw(s->ide, 0);
3318 ret = s->io & 0xff;
3319 }
3320 s->cycle = !s->cycle;
3321 return ret;
3322 case 0x9: /* Odd RD Data */
3323 return s->io >> 8;
3324 case 0xd: /* Error */
3325 return ide_ioport_read(s->ide, 0x1);
3326 case 0xe: /* Alternate Status */
3327 if (s->ide->cur_drive->bs)
3328 return s->ide->cur_drive->status;
3329 else
3330 return 0;
3331 case 0xf: /* Device Address */
3332 return 0xc2 | ((~s->ide->select << 2) & 0x3c);
3333 default:
3334 return ide_ioport_read(s->ide, at);
3335 }
3336
3337 return 0;
3338 }
3339
3340 static void md_common_write(void *opaque, uint32_t at, uint16_t value)
3341 {
3342 struct md_s *s = (struct md_s *) opaque;
3343 at -= s->io_base;
3344
3345 switch (s->opt & OPT_MODE) {
3346 case OPT_MODE_MMAP:
3347 if ((at & ~0x3ff) == 0x400)
3348 at = 0;
3349 break;
3350 case OPT_MODE_IOMAP16:
3351 at &= 0xf;
3352 break;
3353 case OPT_MODE_IOMAP1:
3354 if ((at & ~0xf) == 0x3f0)
3355 at -= 0x3e8;
3356 else if ((at & ~0xf) == 0x1f0)
3357 at -= 0x1f0;
3358 break;
3359 case OPT_MODE_IOMAP2:
3360 if ((at & ~0xf) == 0x370)
3361 at -= 0x368;
3362 else if ((at & ~0xf) == 0x170)
3363 at -= 0x170;
3364 }
3365
3366 switch (at) {
3367 case 0x0: /* Even WR Data */
3368 case 0x8:
3369 ide_data_writew(s->ide, 0, value);
3370 break;
3371
3372 /* TODO: 8-bit accesses */
3373 if (s->cycle)
3374 ide_data_writew(s->ide, 0, s->io | (value << 8));
3375 else
3376 s->io = value & 0xff;
3377 s->cycle = !s->cycle;
3378 break;
3379 case 0x9:
3380 s->io = value & 0xff;
3381 s->cycle = !s->cycle;
3382 break;
3383 case 0xd: /* Features */
3384 ide_ioport_write(s->ide, 0x1, value);
3385 break;
3386 case 0xe: /* Device Control */
3387 s->ctrl = value;
3388 if (value & CTRL_SRST)
3389 md_reset(s);
3390 md_interrupt_update(s);
3391 break;
3392 default:
3393 if (s->stat & STAT_PWRDWN) {
3394 s->pins |= PINS_CRDY;
3395 s->stat &= ~STAT_PWRDWN;
3396 }
3397 ide_ioport_write(s->ide, at, value);
3398 }
3399 }
3400
3401 static void md_save(QEMUFile *f, void *opaque)
3402 {
3403 struct md_s *s = (struct md_s *) opaque;
3404 int i;
3405 uint8_t drive1_selected;
3406
3407 qemu_put_8s(f, &s->opt);
3408 qemu_put_8s(f, &s->stat);
3409 qemu_put_8s(f, &s->pins);
3410
3411 qemu_put_8s(f, &s->ctrl);
3412 qemu_put_be16s(f, &s->io);
3413 qemu_put_byte(f, s->cycle);
3414
3415 drive1_selected = (s->ide->cur_drive != s->ide);
3416 qemu_put_8s(f, &s->ide->cmd);
3417 qemu_put_8s(f, &drive1_selected);
3418
3419 for (i = 0; i < 2; i ++)
3420 ide_save(f, &s->ide[i]);
3421 }
3422
3423 static int md_load(QEMUFile *f, void *opaque, int version_id)
3424 {
3425 struct md_s *s = (struct md_s *) opaque;
3426 int i;
3427 uint8_t drive1_selected;
3428
3429 qemu_get_8s(f, &s->opt);
3430 qemu_get_8s(f, &s->stat);
3431 qemu_get_8s(f, &s->pins);
3432
3433 qemu_get_8s(f, &s->ctrl);
3434 qemu_get_be16s(f, &s->io);
3435 s->cycle = qemu_get_byte(f);
3436
3437 qemu_get_8s(f, &s->ide->cmd);
3438 qemu_get_8s(f, &drive1_selected);
3439 s->ide->cur_drive = &s->ide[(drive1_selected != 0)];
3440
3441 for (i = 0; i < 2; i ++)
3442 ide_load(f, &s->ide[i]);
3443
3444 return 0;
3445 }
3446
3447 static int md_iid = 0;
3448
3449 static const uint8_t dscm1xxxx_cis[0x14a] = {
3450 [0x000] = CISTPL_DEVICE, /* 5V Device Information */
3451 [0x002] = 0x03, /* Tuple length = 4 bytes */
3452 [0x004] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3453 [0x006] = 0x01, /* Size = 2K bytes */
3454 [0x008] = CISTPL_ENDMARK,
3455
3456 [0x00a] = CISTPL_DEVICE_OC, /* Additional Device Information */
3457 [0x00c] = 0x04, /* Tuple length = 4 byest */
3458 [0x00e] = 0x03, /* Conditions: Ext = 0, Vcc 3.3V, MWAIT = 1 */
3459 [0x010] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3460 [0x012] = 0x01, /* Size = 2K bytes */
3461 [0x014] = CISTPL_ENDMARK,
3462
3463 [0x016] = CISTPL_JEDEC_C, /* JEDEC ID */
3464 [0x018] = 0x02, /* Tuple length = 2 bytes */
3465 [0x01a] = 0xdf, /* PC Card ATA with no Vpp required */
3466 [0x01c] = 0x01,
3467
3468 [0x01e] = CISTPL_MANFID, /* Manufacture ID */
3469 [0x020] = 0x04, /* Tuple length = 4 bytes */
3470 [0x022] = 0xa4, /* TPLMID_MANF = 00a4 (IBM) */
3471 [0x024] = 0x00,
3472 [0x026] = 0x00, /* PLMID_CARD = 0000 */
3473 [0x028] = 0x00,
3474
3475 [0x02a] = CISTPL_VERS_1, /* Level 1 Version */
3476 [0x02c] = 0x12, /* Tuple length = 23 bytes */
3477 [0x02e] = 0x04, /* Major Version = JEIDA 4.2 / PCMCIA 2.1 */
3478 [0x030] = 0x01, /* Minor Version = 1 */
3479 [0x032] = 'I',
3480 [0x034] = 'B',
3481 [0x036] = 'M',
3482 [0x038] = 0x00,
3483 [0x03a] = 'm',
3484 [0x03c] = 'i',
3485 [0x03e] = 'c',
3486 [0x040] = 'r',
3487 [0x042] = 'o',
3488 [0x044] = 'd',
3489 [0x046] = 'r',
3490 [0x048] = 'i',
3491 [0x04a] = 'v',
3492 [0x04c] = 'e',
3493 [0x04e] = 0x00,
3494 [0x050] = CISTPL_ENDMARK,
3495
3496 [0x052] = CISTPL_FUNCID, /* Function ID */
3497 [0x054] = 0x02, /* Tuple length = 2 bytes */
3498 [0x056] = 0x04, /* TPLFID_FUNCTION = Fixed Disk */
3499 [0x058] = 0x01, /* TPLFID_SYSINIT: POST = 1, ROM = 0 */
3500
3501 [0x05a] = CISTPL_FUNCE, /* Function Extension */
3502 [0x05c] = 0x02, /* Tuple length = 2 bytes */
3503 [0x05e] = 0x01, /* TPLFE_TYPE = Disk Device Interface */
3504 [0x060] = 0x01, /* TPLFE_DATA = PC Card ATA Interface */
3505
3506 [0x062] = CISTPL_FUNCE, /* Function Extension */
3507 [0x064] = 0x03, /* Tuple length = 3 bytes */
3508 [0x066] = 0x02, /* TPLFE_TYPE = Basic PC Card ATA Interface */
3509 [0x068] = 0x08, /* TPLFE_DATA: Rotating, Unique, Single */
3510 [0x06a] = 0x0f, /* TPLFE_DATA: Sleep, Standby, Idle, Auto */
3511
3512 [0x06c] = CISTPL_CONFIG, /* Configuration */
3513 [0x06e] = 0x05, /* Tuple length = 5 bytes */
3514 [0x070] = 0x01, /* TPCC_RASZ = 2 bytes, TPCC_RMSZ = 1 byte */
3515 [0x072] = 0x07, /* TPCC_LAST = 7 */
3516 [0x074] = 0x00, /* TPCC_RADR = 0200 */
3517 [0x076] = 0x02,
3518 [0x078] = 0x0f, /* TPCC_RMSK = 200, 202, 204, 206 */
3519
3520 [0x07a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3521 [0x07c] = 0x0b, /* Tuple length = 11 bytes */
3522 [0x07e] = 0xc0, /* TPCE_INDX = Memory Mode, Default, Iface */
3523 [0x080] = 0xc0, /* TPCE_IF = Memory, no BVDs, no WP, READY */
3524 [0x082] = 0xa1, /* TPCE_FS = Vcc only, no I/O, Memory, Misc */
3525 [0x084] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3526 [0x086] = 0x55, /* NomV: 5.0 V */
3527 [0x088] = 0x4d, /* MinV: 4.5 V */
3528 [0x08a] = 0x5d, /* MaxV: 5.5 V */
3529 [0x08c] = 0x4e, /* Peakl: 450 mA */
3530 [0x08e] = 0x08, /* TPCE_MS = 1 window, 1 byte, Host address */
3531 [0x090] = 0x00, /* Window descriptor: Window length = 0 */
3532 [0x092] = 0x20, /* TPCE_MI: support power down mode, RW */
3533
3534 [0x094] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3535 [0x096] = 0x06, /* Tuple length = 6 bytes */
3536 [0x098] = 0x00, /* TPCE_INDX = Memory Mode, no Default */
3537 [0x09a] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3538 [0x09c] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3539 [0x09e] = 0xb5, /* NomV: 3.3 V */
3540 [0x0a0] = 0x1e,
3541 [0x0a2] = 0x3e, /* Peakl: 350 mA */
3542
3543 [0x0a4] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3544 [0x0a6] = 0x0d, /* Tuple length = 13 bytes */
3545 [0x0a8] = 0xc1, /* TPCE_INDX = I/O and Memory Mode, Default */
3546 [0x0aa] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3547 [0x0ac] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3548 [0x0ae] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3549 [0x0b0] = 0x55, /* NomV: 5.0 V */
3550 [0x0b2] = 0x4d, /* MinV: 4.5 V */
3551 [0x0b4] = 0x5d, /* MaxV: 5.5 V */
3552 [0x0b6] = 0x4e, /* Peakl: 450 mA */
3553 [0x0b8] = 0x64, /* TPCE_IO = 16-byte boundary, 16/8 accesses */
3554 [0x0ba] = 0xf0, /* TPCE_IR = MASK, Level, Pulse, Share */
3555 [0x0bc] = 0xff, /* IRQ0..IRQ7 supported */
3556 [0x0be] = 0xff, /* IRQ8..IRQ15 supported */
3557 [0x0c0] = 0x20, /* TPCE_MI = support power down mode */
3558
3559 [0x0c2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3560 [0x0c4] = 0x06, /* Tuple length = 6 bytes */
3561 [0x0c6] = 0x01, /* TPCE_INDX = I/O and Memory Mode */
3562 [0x0c8] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3563 [0x0ca] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3564 [0x0cc] = 0xb5, /* NomV: 3.3 V */
3565 [0x0ce] = 0x1e,
3566 [0x0d0] = 0x3e, /* Peakl: 350 mA */
3567
3568 [0x0d2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3569 [0x0d4] = 0x12, /* Tuple length = 18 bytes */
3570 [0x0d6] = 0xc2, /* TPCE_INDX = I/O Primary Mode */
3571 [0x0d8] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3572 [0x0da] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3573 [0x0dc] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3574 [0x0de] = 0x55, /* NomV: 5.0 V */
3575 [0x0e0] = 0x4d, /* MinV: 4.5 V */
3576 [0x0e2] = 0x5d, /* MaxV: 5.5 V */
3577 [0x0e4] = 0x4e, /* Peakl: 450 mA */
3578 [0x0e6] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3579 [0x0e8] = 0x61, /* Range: 2 fields, 2 bytes addr, 1 byte len */
3580 [0x0ea] = 0xf0, /* Field 1 address = 0x01f0 */
3581 [0x0ec] = 0x01,
3582 [0x0ee] = 0x07, /* Address block length = 8 */
3583 [0x0f0] = 0xf6, /* Field 2 address = 0x03f6 */
3584 [0x0f2] = 0x03,
3585 [0x0f4] = 0x01, /* Address block length = 2 */
3586 [0x0f6] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3587 [0x0f8] = 0x20, /* TPCE_MI = support power down mode */
3588
3589 [0x0fa] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3590 [0x0fc] = 0x06, /* Tuple length = 6 bytes */
3591 [0x0fe] = 0x02, /* TPCE_INDX = I/O Primary Mode, no Default */
3592 [0x100] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3593 [0x102] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3594 [0x104] = 0xb5, /* NomV: 3.3 V */
3595 [0x106] = 0x1e,
3596 [0x108] = 0x3e, /* Peakl: 350 mA */
3597
3598 [0x10a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3599 [0x10c] = 0x12, /* Tuple length = 18 bytes */
3600 [0x10e] = 0xc3, /* TPCE_INDX = I/O Secondary Mode, Default */
3601 [0x110] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3602 [0x112] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3603 [0x114] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3604 [0x116] = 0x55, /* NomV: 5.0 V */
3605 [0x118] = 0x4d, /* MinV: 4.5 V */
3606 [0x11a] = 0x5d, /* MaxV: 5.5 V */
3607 [0x11c] = 0x4e, /* Peakl: 450 mA */
3608 [0x11e] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3609 [0x120] = 0x61, /* Range: 2 fields, 2 byte addr, 1 byte len */
3610 [0x122] = 0x70, /* Field 1 address = 0x0170 */
3611 [0x124] = 0x01,
3612 [0x126] = 0x07, /* Address block length = 8 */
3613 [0x128] = 0x76, /* Field 2 address = 0x0376 */
3614 [0x12a] = 0x03,
3615 [0x12c] = 0x01, /* Address block length = 2 */
3616 [0x12e] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3617 [0x130] = 0x20, /* TPCE_MI = support power down mode */
3618
3619 [0x132] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3620 [0x134] = 0x06, /* Tuple length = 6 bytes */
3621 [0x136] = 0x03, /* TPCE_INDX = I/O Secondary Mode */
3622 [0x138] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3623 [0x13a] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3624 [0x13c] = 0xb5, /* NomV: 3.3 V */
3625 [0x13e] = 0x1e,
3626 [0x140] = 0x3e, /* Peakl: 350 mA */
3627
3628 [0x142] = CISTPL_NO_LINK, /* No Link */
3629 [0x144] = 0x00, /* Tuple length = 0 bytes */
3630
3631 [0x146] = CISTPL_END, /* Tuple End */
3632 };
3633
3634 static int dscm1xxxx_attach(void *opaque)
3635 {
3636 struct md_s *md = (struct md_s *) opaque;
3637 md->card.attr_read = md_attr_read;
3638 md->card.attr_write = md_attr_write;
3639 md->card.common_read = md_common_read;
3640 md->card.common_write = md_common_write;
3641 md->card.io_read = md_common_read;
3642 md->card.io_write = md_common_write;
3643
3644 md->attr_base = md->card.cis[0x74] | (md->card.cis[0x76] << 8);
3645 md->io_base = 0x0;
3646
3647 md_reset(md);
3648 md_interrupt_update(md);
3649
3650 md->card.slot->card_string = "DSCM-1xxxx Hitachi Microdrive";
3651 return 0;
3652 }
3653
3654 static int dscm1xxxx_detach(void *opaque)
3655 {
3656 struct md_s *md = (struct md_s *) opaque;
3657 md_reset(md);
3658 return 0;
3659 }
3660
3661 struct pcmcia_card_s *dscm1xxxx_init(BlockDriverState *bdrv)
3662 {
3663 struct md_s *md = (struct md_s *) qemu_mallocz(sizeof(struct md_s));
3664 md->card.state = md;
3665 md->card.attach = dscm1xxxx_attach;
3666 md->card.detach = dscm1xxxx_detach;
3667 md->card.cis = dscm1xxxx_cis;
3668 md->card.cis_len = sizeof(dscm1xxxx_cis);
3669
3670 ide_init2(md->ide, bdrv, 0, qemu_allocate_irqs(md_set_irq, md, 1)[0]);
3671 md->ide->is_cf = 1;
3672 md->ide->mdata_size = METADATA_SIZE;
3673 md->ide->mdata_storage = (uint8_t *) qemu_mallocz(METADATA_SIZE);
3674
3675 register_savevm("microdrive", md_iid ++, 0, md_save, md_load, md);
3676
3677 return &md->card;
3678 }
Qemu copy for testing