search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Enhance 'info vnc' monitor output ("Daniel P. Berrange")
[qemu-kvm/fedora.git] / hw / ide.c
blob9b93e7f678de9f1e149932fce46769f784dc9f49
1 /*
2 * QEMU IDE disk and CD/DVD-ROM Emulator
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
25 #include "hw.h"
26 #include "pc.h"
27 #include "pci.h"
28 #include "scsi-disk.h"
29 #include "pcmcia.h"
30 #include "block.h"
31 #include "block_int.h"
32 #include "qemu-timer.h"
33 #include "sysemu.h"
34 #include "ppc_mac.h"
35 #include "mac_dbdma.h"
36 #include "sh.h"
37 #include "dma.h"
38
39 /* debug IDE devices */
40 //#define DEBUG_IDE
41 //#define DEBUG_IDE_ATAPI
42 //#define DEBUG_AIO
43 #define USE_DMA_CDROM
44
45 /* Bits of HD_STATUS */
46 #define ERR_STAT 0x01
47 #define INDEX_STAT 0x02
48 #define ECC_STAT 0x04 /* Corrected error */
49 #define DRQ_STAT 0x08
50 #define SEEK_STAT 0x10
51 #define SRV_STAT 0x10
52 #define WRERR_STAT 0x20
53 #define READY_STAT 0x40
54 #define BUSY_STAT 0x80
55
56 /* Bits for HD_ERROR */
57 #define MARK_ERR 0x01 /* Bad address mark */
58 #define TRK0_ERR 0x02 /* couldn't find track 0 */
59 #define ABRT_ERR 0x04 /* Command aborted */
60 #define MCR_ERR 0x08 /* media change request */
61 #define ID_ERR 0x10 /* ID field not found */
62 #define MC_ERR 0x20 /* media changed */
63 #define ECC_ERR 0x40 /* Uncorrectable ECC error */
64 #define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
65 #define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
66
67 /* Bits of HD_NSECTOR */
68 #define CD 0x01
69 #define IO 0x02
70 #define REL 0x04
71 #define TAG_MASK 0xf8
72
73 #define IDE_CMD_RESET 0x04
74 #define IDE_CMD_DISABLE_IRQ 0x02
75
76 /* ATA/ATAPI Commands pre T13 Spec */
77 #define WIN_NOP 0x00
78 /*
79 * 0x01->0x02 Reserved
80 */
81 #define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
82 /*
83 * 0x04->0x07 Reserved
84 */
85 #define WIN_SRST 0x08 /* ATAPI soft reset command */
86 #define WIN_DEVICE_RESET 0x08
87 /*
88 * 0x09->0x0F Reserved
89 */
90 #define WIN_RECAL 0x10
91 #define WIN_RESTORE WIN_RECAL
92 /*
93 * 0x10->0x1F Reserved
94 */
95 #define WIN_READ 0x20 /* 28-Bit */
96 #define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
97 #define WIN_READ_LONG 0x22 /* 28-Bit */
98 #define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
99 #define WIN_READ_EXT 0x24 /* 48-Bit */
100 #define WIN_READDMA_EXT 0x25 /* 48-Bit */
101 #define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
102 #define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
103 /*
104 * 0x28
105 */
106 #define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
107 /*
108 * 0x2A->0x2F Reserved
109 */
110 #define WIN_WRITE 0x30 /* 28-Bit */
111 #define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
112 #define WIN_WRITE_LONG 0x32 /* 28-Bit */
113 #define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
114 #define WIN_WRITE_EXT 0x34 /* 48-Bit */
115 #define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
116 #define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
117 #define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
118 #define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
119 #define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
120 /*
121 * 0x3A->0x3B Reserved
122 */
123 #define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
124 /*
125 * 0x3D->0x3F Reserved
126 */
127 #define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
128 #define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
129 #define WIN_VERIFY_EXT 0x42 /* 48-Bit */
130 /*
131 * 0x43->0x4F Reserved
132 */
133 #define WIN_FORMAT 0x50
134 /*
135 * 0x51->0x5F Reserved
136 */
137 #define WIN_INIT 0x60
138 /*
139 * 0x61->0x5F Reserved
140 */
141 #define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
142 #define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
143 #define WIN_DIAGNOSE 0x90
144 #define WIN_SPECIFY 0x91 /* set drive geometry translation */
145 #define WIN_DOWNLOAD_MICROCODE 0x92
146 #define WIN_STANDBYNOW2 0x94
147 #define CFA_IDLEIMMEDIATE 0x95 /* force drive to become "ready" */
148 #define WIN_STANDBY2 0x96
149 #define WIN_SETIDLE2 0x97
150 #define WIN_CHECKPOWERMODE2 0x98
151 #define WIN_SLEEPNOW2 0x99
152 /*
153 * 0x9A VENDOR
154 */
155 #define WIN_PACKETCMD 0xA0 /* Send a packet command. */
156 #define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
157 #define WIN_QUEUED_SERVICE 0xA2
158 #define WIN_SMART 0xB0 /* self-monitoring and reporting */
159 #define CFA_ACCESS_METADATA_STORAGE 0xB8
160 #define CFA_ERASE_SECTORS 0xC0 /* microdrives implement as NOP */
161 #define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
162 #define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
163 #define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
164 #define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
165 #define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
166 #define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
167 #define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
168 #define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
169 #define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
170 #define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
171 #define WIN_GETMEDIASTATUS 0xDA
172 #define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
173 #define WIN_POSTBOOT 0xDC
174 #define WIN_PREBOOT 0xDD
175 #define WIN_DOORLOCK 0xDE /* lock door on removable drives */
176 #define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
177 #define WIN_STANDBYNOW1 0xE0
178 #define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
179 #define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
180 #define WIN_SETIDLE1 0xE3
181 #define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
182 #define WIN_CHECKPOWERMODE1 0xE5
183 #define WIN_SLEEPNOW1 0xE6
184 #define WIN_FLUSH_CACHE 0xE7
185 #define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
186 #define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
187 /* SET_FEATURES 0x22 or 0xDD */
188 #define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
189 #define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
190 #define WIN_MEDIAEJECT 0xED
191 #define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
192 #define WIN_SETFEATURES 0xEF /* set special drive features */
193 #define EXABYTE_ENABLE_NEST 0xF0
194 #define IBM_SENSE_CONDITION 0xF0 /* measure disk temperature */
195 #define WIN_SECURITY_SET_PASS 0xF1
196 #define WIN_SECURITY_UNLOCK 0xF2
197 #define WIN_SECURITY_ERASE_PREPARE 0xF3
198 #define WIN_SECURITY_ERASE_UNIT 0xF4
199 #define WIN_SECURITY_FREEZE_LOCK 0xF5
200 #define CFA_WEAR_LEVEL 0xF5 /* microdrives implement as NOP */
201 #define WIN_SECURITY_DISABLE 0xF6
202 #define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
203 #define WIN_SET_MAX 0xF9
204 #define DISABLE_SEAGATE 0xFB
205
206 /* set to 1 set disable mult support */
207 #define MAX_MULT_SECTORS 16
208
209 #define IDE_DMA_BUF_SECTORS 256
210
211 #if (IDE_DMA_BUF_SECTORS < MAX_MULT_SECTORS)
212 #error "IDE_DMA_BUF_SECTORS must be bigger or equal to MAX_MULT_SECTORS"
213 #endif
214
215 /* ATAPI defines */
216
217 #define ATAPI_PACKET_SIZE 12
218
219 /* The generic packet command opcodes for CD/DVD Logical Units,
220 * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
221 #define GPCMD_BLANK 0xa1
222 #define GPCMD_CLOSE_TRACK 0x5b
223 #define GPCMD_FLUSH_CACHE 0x35
224 #define GPCMD_FORMAT_UNIT 0x04
225 #define GPCMD_GET_CONFIGURATION 0x46
226 #define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
227 #define GPCMD_GET_PERFORMANCE 0xac
228 #define GPCMD_INQUIRY 0x12
229 #define GPCMD_LOAD_UNLOAD 0xa6
230 #define GPCMD_MECHANISM_STATUS 0xbd
231 #define GPCMD_MODE_SELECT_10 0x55
232 #define GPCMD_MODE_SENSE_10 0x5a
233 #define GPCMD_PAUSE_RESUME 0x4b
234 #define GPCMD_PLAY_AUDIO_10 0x45
235 #define GPCMD_PLAY_AUDIO_MSF 0x47
236 #define GPCMD_PLAY_AUDIO_TI 0x48
237 #define GPCMD_PLAY_CD 0xbc
238 #define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
239 #define GPCMD_READ_10 0x28
240 #define GPCMD_READ_12 0xa8
241 #define GPCMD_READ_CDVD_CAPACITY 0x25
242 #define GPCMD_READ_CD 0xbe
243 #define GPCMD_READ_CD_MSF 0xb9
244 #define GPCMD_READ_DISC_INFO 0x51
245 #define GPCMD_READ_DVD_STRUCTURE 0xad
246 #define GPCMD_READ_FORMAT_CAPACITIES 0x23
247 #define GPCMD_READ_HEADER 0x44
248 #define GPCMD_READ_TRACK_RZONE_INFO 0x52
249 #define GPCMD_READ_SUBCHANNEL 0x42
250 #define GPCMD_READ_TOC_PMA_ATIP 0x43
251 #define GPCMD_REPAIR_RZONE_TRACK 0x58
252 #define GPCMD_REPORT_KEY 0xa4
253 #define GPCMD_REQUEST_SENSE 0x03
254 #define GPCMD_RESERVE_RZONE_TRACK 0x53
255 #define GPCMD_SCAN 0xba
256 #define GPCMD_SEEK 0x2b
257 #define GPCMD_SEND_DVD_STRUCTURE 0xad
258 #define GPCMD_SEND_EVENT 0xa2
259 #define GPCMD_SEND_KEY 0xa3
260 #define GPCMD_SEND_OPC 0x54
261 #define GPCMD_SET_READ_AHEAD 0xa7
262 #define GPCMD_SET_STREAMING 0xb6
263 #define GPCMD_START_STOP_UNIT 0x1b
264 #define GPCMD_STOP_PLAY_SCAN 0x4e
265 #define GPCMD_TEST_UNIT_READY 0x00
266 #define GPCMD_VERIFY_10 0x2f
267 #define GPCMD_WRITE_10 0x2a
268 #define GPCMD_WRITE_AND_VERIFY_10 0x2e
269 /* This is listed as optional in ATAPI 2.6, but is (curiously)
270 * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
271 * Table 377 as an MMC command for SCSi devices though... Most ATAPI
272 * drives support it. */
273 #define GPCMD_SET_SPEED 0xbb
274 /* This seems to be a SCSI specific CD-ROM opcode
275 * to play data at track/index */
276 #define GPCMD_PLAYAUDIO_TI 0x48
277 /*
278 * From MS Media Status Notification Support Specification. For
279 * older drives only.
280 */
281 #define GPCMD_GET_MEDIA_STATUS 0xda
282 #define GPCMD_MODE_SENSE_6 0x1a
283
284 /* Mode page codes for mode sense/set */
285 #define GPMODE_R_W_ERROR_PAGE 0x01
286 #define GPMODE_WRITE_PARMS_PAGE 0x05
287 #define GPMODE_AUDIO_CTL_PAGE 0x0e
288 #define GPMODE_POWER_PAGE 0x1a
289 #define GPMODE_FAULT_FAIL_PAGE 0x1c
290 #define GPMODE_TO_PROTECT_PAGE 0x1d
291 #define GPMODE_CAPABILITIES_PAGE 0x2a
292 #define GPMODE_ALL_PAGES 0x3f
293 /* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
294 * of MODE_SENSE_POWER_PAGE */
295 #define GPMODE_CDROM_PAGE 0x0d
296
297 /*
298 * Based on values from <linux/cdrom.h> but extending CD_MINS
299 * to the maximum common size allowed by the Orange's Book ATIP
300 *
301 * 90 and 99 min CDs are also available but using them as the
302 * upper limit reduces the effectiveness of the heuristic to
303 * detect DVDs burned to less than 25% of their maximum capacity
304 */
305
306 /* Some generally useful CD-ROM information */
307 #define CD_MINS 80 /* max. minutes per CD */
308 #define CD_SECS 60 /* seconds per minute */
309 #define CD_FRAMES 75 /* frames per second */
310 #define CD_FRAMESIZE 2048 /* bytes per frame, "cooked" mode */
311 #define CD_MAX_BYTES (CD_MINS * CD_SECS * CD_FRAMES * CD_FRAMESIZE)
312 #define CD_MAX_SECTORS (CD_MAX_BYTES / 512)
313
314 /*
315 * The MMC values are not IDE specific and might need to be moved
316 * to a common header if they are also needed for the SCSI emulation
317 */
318
319 /* Profile list from MMC-6 revision 1 table 91 */
320 #define MMC_PROFILE_NONE 0x0000
321 #define MMC_PROFILE_CD_ROM 0x0008
322 #define MMC_PROFILE_CD_R 0x0009
323 #define MMC_PROFILE_CD_RW 0x000A
324 #define MMC_PROFILE_DVD_ROM 0x0010
325 #define MMC_PROFILE_DVD_R_SR 0x0011
326 #define MMC_PROFILE_DVD_RAM 0x0012
327 #define MMC_PROFILE_DVD_RW_RO 0x0013
328 #define MMC_PROFILE_DVD_RW_SR 0x0014
329 #define MMC_PROFILE_DVD_R_DL_SR 0x0015
330 #define MMC_PROFILE_DVD_R_DL_JR 0x0016
331 #define MMC_PROFILE_DVD_RW_DL 0x0017
332 #define MMC_PROFILE_DVD_DDR 0x0018
333 #define MMC_PROFILE_DVD_PLUS_RW 0x001A
334 #define MMC_PROFILE_DVD_PLUS_R 0x001B
335 #define MMC_PROFILE_DVD_PLUS_RW_DL 0x002A
336 #define MMC_PROFILE_DVD_PLUS_R_DL 0x002B
337 #define MMC_PROFILE_BD_ROM 0x0040
338 #define MMC_PROFILE_BD_R_SRM 0x0041
339 #define MMC_PROFILE_BD_R_RRM 0x0042
340 #define MMC_PROFILE_BD_RE 0x0043
341 #define MMC_PROFILE_HDDVD_ROM 0x0050
342 #define MMC_PROFILE_HDDVD_R 0x0051
343 #define MMC_PROFILE_HDDVD_RAM 0x0052
344 #define MMC_PROFILE_HDDVD_RW 0x0053
345 #define MMC_PROFILE_HDDVD_R_DL 0x0058
346 #define MMC_PROFILE_HDDVD_RW_DL 0x005A
347 #define MMC_PROFILE_INVALID 0xFFFF
348
349 #define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
350 #define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
351 #define ATAPI_INT_REASON_REL 0x04
352 #define ATAPI_INT_REASON_TAG 0xf8
353
354 /* same constants as bochs */
355 #define ASC_ILLEGAL_OPCODE 0x20
356 #define ASC_LOGICAL_BLOCK_OOR 0x21
357 #define ASC_INV_FIELD_IN_CMD_PACKET 0x24
358 #define ASC_MEDIUM_MAY_HAVE_CHANGED 0x28
359 #define ASC_INCOMPATIBLE_FORMAT 0x30
360 #define ASC_MEDIUM_NOT_PRESENT 0x3a
361 #define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
362 #define ASC_MEDIA_REMOVAL_PREVENTED 0x53
363
364 #define CFA_NO_ERROR 0x00
365 #define CFA_MISC_ERROR 0x09
366 #define CFA_INVALID_COMMAND 0x20
367 #define CFA_INVALID_ADDRESS 0x21
368 #define CFA_ADDRESS_OVERFLOW 0x2f
369
370 #define SENSE_NONE 0
371 #define SENSE_NOT_READY 2
372 #define SENSE_ILLEGAL_REQUEST 5
373 #define SENSE_UNIT_ATTENTION 6
374
375 struct IDEState;
376
377 typedef void EndTransferFunc(struct IDEState *);
378
379 /* NOTE: IDEState represents in fact one drive */
380 typedef struct IDEState {
381 /* ide config */
382 int is_cdrom;
383 int is_cf;
384 int cylinders, heads, sectors;
385 int64_t nb_sectors;
386 int mult_sectors;
387 int identify_set;
388 uint16_t identify_data[256];
389 qemu_irq irq;
390 PCIDevice *pci_dev;
391 struct BMDMAState *bmdma;
392 int drive_serial;
393 char drive_serial_str[21];
394 /* ide regs */
395 uint8_t feature;
396 uint8_t error;
397 uint32_t nsector;
398 uint8_t sector;
399 uint8_t lcyl;
400 uint8_t hcyl;
401 /* other part of tf for lba48 support */
402 uint8_t hob_feature;
403 uint8_t hob_nsector;
404 uint8_t hob_sector;
405 uint8_t hob_lcyl;
406 uint8_t hob_hcyl;
407
408 uint8_t select;
409 uint8_t status;
410
411 /* 0x3f6 command, only meaningful for drive 0 */
412 uint8_t cmd;
413 /* set for lba48 access */
414 uint8_t lba48;
415 /* depends on bit 4 in select, only meaningful for drive 0 */
416 struct IDEState *cur_drive;
417 BlockDriverState *bs;
418 /* ATAPI specific */
419 uint8_t sense_key;
420 uint8_t asc;
421 int packet_transfer_size;
422 int elementary_transfer_size;
423 int io_buffer_index;
424 int lba;
425 int cd_sector_size;
426 int atapi_dma; /* true if dma is requested for the packet cmd */
427 /* ATA DMA state */
428 int io_buffer_size;
429 QEMUSGList sg;
430 /* PIO transfer handling */
431 int req_nb_sectors; /* number of sectors per interrupt */
432 EndTransferFunc *end_transfer_func;
433 uint8_t *data_ptr;
434 uint8_t *data_end;
435 uint8_t *io_buffer;
436 QEMUTimer *sector_write_timer; /* only used for win2k install hack */
437 uint32_t irq_count; /* counts IRQs when using win2k install hack */
438 /* CF-ATA extended error */
439 uint8_t ext_error;
440 /* CF-ATA metadata storage */
441 uint32_t mdata_size;
442 uint8_t *mdata_storage;
443 int media_changed;
444 /* for pmac */
445 int is_read;
446 } IDEState;
447
448 /* XXX: DVDs that could fit on a CD will be reported as a CD */
449 static inline int media_present(IDEState *s)
450 {
451 return (s->nb_sectors > 0);
452 }
453
454 static inline int media_is_dvd(IDEState *s)
455 {
456 return (media_present(s) && s->nb_sectors > CD_MAX_SECTORS);
457 }
458
459 static inline int media_is_cd(IDEState *s)
460 {
461 return (media_present(s) && s->nb_sectors <= CD_MAX_SECTORS);
462 }
463
464 #define BM_STATUS_DMAING 0x01
465 #define BM_STATUS_ERROR 0x02
466 #define BM_STATUS_INT 0x04
467 #define BM_STATUS_DMA_RETRY 0x08
468 #define BM_STATUS_PIO_RETRY 0x10
469
470 #define BM_CMD_START 0x01
471 #define BM_CMD_READ 0x08
472
473 #define IDE_TYPE_PIIX3 0
474 #define IDE_TYPE_CMD646 1
475 #define IDE_TYPE_PIIX4 2
476
477 /* CMD646 specific */
478 #define MRDMODE 0x71
479 #define MRDMODE_INTR_CH0 0x04
480 #define MRDMODE_INTR_CH1 0x08
481 #define MRDMODE_BLK_CH0 0x10
482 #define MRDMODE_BLK_CH1 0x20
483 #define UDIDETCR0 0x73
484 #define UDIDETCR1 0x7B
485
486 typedef struct BMDMAState {
487 uint8_t cmd;
488 uint8_t status;
489 uint32_t addr;
490
491 struct PCIIDEState *pci_dev;
492 /* current transfer state */
493 uint32_t cur_addr;
494 uint32_t cur_prd_last;
495 uint32_t cur_prd_addr;
496 uint32_t cur_prd_len;
497 IDEState *ide_if;
498 BlockDriverCompletionFunc *dma_cb;
499 BlockDriverAIOCB *aiocb;
500 int64_t sector_num;
501 uint32_t nsector;
502 } BMDMAState;
503
504 typedef struct PCIIDEState {
505 PCIDevice dev;
506 IDEState ide_if[4];
507 BMDMAState bmdma[2];
508 int type; /* see IDE_TYPE_xxx */
509 } PCIIDEState;
510
511 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb);
512 static void ide_dma_restart(IDEState *s);
513 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
514
515 static void padstr(char *str, const char *src, int len)
516 {
517 int i, v;
518 for(i = 0; i < len; i++) {
519 if (*src)
520 v = *src++;
521 else
522 v = ' ';
523 str[i^1] = v;
524 }
525 }
526
527 static void padstr8(uint8_t *buf, int buf_size, const char *src)
528 {
529 int i;
530 for(i = 0; i < buf_size; i++) {
531 if (*src)
532 buf[i] = *src++;
533 else
534 buf[i] = ' ';
535 }
536 }
537
538 static void put_le16(uint16_t *p, unsigned int v)
539 {
540 *p = cpu_to_le16(v);
541 }
542
543 static void ide_identify(IDEState *s)
544 {
545 uint16_t *p;
546 unsigned int oldsize;
547
548 if (s->identify_set) {
549 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
550 return;
551 }
552
553 memset(s->io_buffer, 0, 512);
554 p = (uint16_t *)s->io_buffer;
555 put_le16(p + 0, 0x0040);
556 put_le16(p + 1, s->cylinders);
557 put_le16(p + 3, s->heads);
558 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
559 put_le16(p + 5, 512); /* XXX: retired, remove ? */
560 put_le16(p + 6, s->sectors);
561 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
562 put_le16(p + 20, 3); /* XXX: retired, remove ? */
563 put_le16(p + 21, 512); /* cache size in sectors */
564 put_le16(p + 22, 4); /* ecc bytes */
565 padstr((char *)(p + 23), QEMU_VERSION, 8); /* firmware version */
566 padstr((char *)(p + 27), "QEMU HARDDISK", 40); /* model */
567 #if MAX_MULT_SECTORS > 1
568 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
569 #endif
570 put_le16(p + 48, 1); /* dword I/O */
571 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
572 put_le16(p + 51, 0x200); /* PIO transfer cycle */
573 put_le16(p + 52, 0x200); /* DMA transfer cycle */
574 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
575 put_le16(p + 54, s->cylinders);
576 put_le16(p + 55, s->heads);
577 put_le16(p + 56, s->sectors);
578 oldsize = s->cylinders * s->heads * s->sectors;
579 put_le16(p + 57, oldsize);
580 put_le16(p + 58, oldsize >> 16);
581 if (s->mult_sectors)
582 put_le16(p + 59, 0x100 | s->mult_sectors);
583 put_le16(p + 60, s->nb_sectors);
584 put_le16(p + 61, s->nb_sectors >> 16);
585 put_le16(p + 62, 0x07); /* single word dma0-2 supported */
586 put_le16(p + 63, 0x07); /* mdma0-2 supported */
587 put_le16(p + 65, 120);
588 put_le16(p + 66, 120);
589 put_le16(p + 67, 120);
590 put_le16(p + 68, 120);
591 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
592 put_le16(p + 81, 0x16); /* conforms to ata5 */
593 put_le16(p + 82, (1 << 14));
594 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
595 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
596 put_le16(p + 84, (1 << 14));
597 put_le16(p + 85, (1 << 14));
598 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
599 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
600 put_le16(p + 87, (1 << 14));
601 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
602 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
603 put_le16(p + 100, s->nb_sectors);
604 put_le16(p + 101, s->nb_sectors >> 16);
605 put_le16(p + 102, s->nb_sectors >> 32);
606 put_le16(p + 103, s->nb_sectors >> 48);
607
608 memcpy(s->identify_data, p, sizeof(s->identify_data));
609 s->identify_set = 1;
610 }
611
612 static void ide_atapi_identify(IDEState *s)
613 {
614 uint16_t *p;
615
616 if (s->identify_set) {
617 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
618 return;
619 }
620
621 memset(s->io_buffer, 0, 512);
622 p = (uint16_t *)s->io_buffer;
623 /* Removable CDROM, 50us response, 12 byte packets */
624 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
625 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
626 put_le16(p + 20, 3); /* buffer type */
627 put_le16(p + 21, 512); /* cache size in sectors */
628 put_le16(p + 22, 4); /* ecc bytes */
629 padstr((char *)(p + 23), QEMU_VERSION, 8); /* firmware version */
630 padstr((char *)(p + 27), "QEMU DVD-ROM", 40); /* model */
631 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
632 #ifdef USE_DMA_CDROM
633 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
634 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
635 put_le16(p + 62, 7); /* single word dma0-2 supported */
636 put_le16(p + 63, 7); /* mdma0-2 supported */
637 put_le16(p + 64, 0x3f); /* PIO modes supported */
638 #else
639 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
640 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
641 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
642 put_le16(p + 64, 1); /* PIO modes */
643 #endif
644 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
645 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
646 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
647 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
648
649 put_le16(p + 71, 30); /* in ns */
650 put_le16(p + 72, 30); /* in ns */
651
652 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
653 #ifdef USE_DMA_CDROM
654 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
655 #endif
656 memcpy(s->identify_data, p, sizeof(s->identify_data));
657 s->identify_set = 1;
658 }
659
660 static void ide_cfata_identify(IDEState *s)
661 {
662 uint16_t *p;
663 uint32_t cur_sec;
664
665 p = (uint16_t *) s->identify_data;
666 if (s->identify_set)
667 goto fill_buffer;
668
669 memset(p, 0, sizeof(s->identify_data));
670
671 cur_sec = s->cylinders * s->heads * s->sectors;
672
673 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
674 put_le16(p + 1, s->cylinders); /* Default cylinders */
675 put_le16(p + 3, s->heads); /* Default heads */
676 put_le16(p + 6, s->sectors); /* Default sectors per track */
677 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
678 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
679 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
680 put_le16(p + 22, 0x0004); /* ECC bytes */
681 padstr((char *) (p + 23), QEMU_VERSION, 8); /* Firmware Revision */
682 padstr((char *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */
683 #if MAX_MULT_SECTORS > 1
684 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
685 #else
686 put_le16(p + 47, 0x0000);
687 #endif
688 put_le16(p + 49, 0x0f00); /* Capabilities */
689 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
690 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
691 put_le16(p + 53, 0x0003); /* Translation params valid */
692 put_le16(p + 54, s->cylinders); /* Current cylinders */
693 put_le16(p + 55, s->heads); /* Current heads */
694 put_le16(p + 56, s->sectors); /* Current sectors */
695 put_le16(p + 57, cur_sec); /* Current capacity */
696 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
697 if (s->mult_sectors) /* Multiple sector setting */
698 put_le16(p + 59, 0x100 | s->mult_sectors);
699 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
700 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
701 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
702 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
703 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
704 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
705 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
706 put_le16(p + 82, 0x400c); /* Command Set supported */
707 put_le16(p + 83, 0x7068); /* Command Set supported */
708 put_le16(p + 84, 0x4000); /* Features supported */
709 put_le16(p + 85, 0x000c); /* Command Set enabled */
710 put_le16(p + 86, 0x7044); /* Command Set enabled */
711 put_le16(p + 87, 0x4000); /* Features enabled */
712 put_le16(p + 91, 0x4060); /* Current APM level */
713 put_le16(p + 129, 0x0002); /* Current features option */
714 put_le16(p + 130, 0x0005); /* Reassigned sectors */
715 put_le16(p + 131, 0x0001); /* Initial power mode */
716 put_le16(p + 132, 0x0000); /* User signature */
717 put_le16(p + 160, 0x8100); /* Power requirement */
718 put_le16(p + 161, 0x8001); /* CF command set */
719
720 s->identify_set = 1;
721
722 fill_buffer:
723 memcpy(s->io_buffer, p, sizeof(s->identify_data));
724 }
725
726 static void ide_set_signature(IDEState *s)
727 {
728 s->select &= 0xf0; /* clear head */
729 /* put signature */
730 s->nsector = 1;
731 s->sector = 1;
732 if (s->is_cdrom) {
733 s->lcyl = 0x14;
734 s->hcyl = 0xeb;
735 } else if (s->bs) {
736 s->lcyl = 0;
737 s->hcyl = 0;
738 } else {
739 s->lcyl = 0xff;
740 s->hcyl = 0xff;
741 }
742 }
743
744 static inline void ide_abort_command(IDEState *s)
745 {
746 s->status = READY_STAT | ERR_STAT;
747 s->error = ABRT_ERR;
748 }
749
750 static inline void ide_dma_submit_check(IDEState *s,
751 BlockDriverCompletionFunc *dma_cb, BMDMAState *bm)
752 {
753 if (bm->aiocb)
754 return;
755 dma_cb(bm, -1);
756 }
757
758 static inline void ide_set_irq(IDEState *s)
759 {
760 BMDMAState *bm = s->bmdma;
761 if (!(s->cmd & IDE_CMD_DISABLE_IRQ)) {
762 if (bm) {
763 bm->status |= BM_STATUS_INT;
764 }
765 qemu_irq_raise(s->irq);
766 }
767 }
768
769 /* prepare data transfer and tell what to do after */
770 static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
771 EndTransferFunc *end_transfer_func)
772 {
773 s->end_transfer_func = end_transfer_func;
774 s->data_ptr = buf;
775 s->data_end = buf + size;
776 if (!(s->status & ERR_STAT))
777 s->status |= DRQ_STAT;
778 }
779
780 static void ide_transfer_stop(IDEState *s)
781 {
782 s->end_transfer_func = ide_transfer_stop;
783 s->data_ptr = s->io_buffer;
784 s->data_end = s->io_buffer;
785 s->status &= ~DRQ_STAT;
786 }
787
788 static int64_t ide_get_sector(IDEState *s)
789 {
790 int64_t sector_num;
791 if (s->select & 0x40) {
792 /* lba */
793 if (!s->lba48) {
794 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
795 (s->lcyl << 8) | s->sector;
796 } else {
797 sector_num = ((int64_t)s->hob_hcyl << 40) |
798 ((int64_t) s->hob_lcyl << 32) |
799 ((int64_t) s->hob_sector << 24) |
800 ((int64_t) s->hcyl << 16) |
801 ((int64_t) s->lcyl << 8) | s->sector;
802 }
803 } else {
804 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
805 (s->select & 0x0f) * s->sectors + (s->sector - 1);
806 }
807 return sector_num;
808 }
809
810 static void ide_set_sector(IDEState *s, int64_t sector_num)
811 {
812 unsigned int cyl, r;
813 if (s->select & 0x40) {
814 if (!s->lba48) {
815 s->select = (s->select & 0xf0) | (sector_num >> 24);
816 s->hcyl = (sector_num >> 16);
817 s->lcyl = (sector_num >> 8);
818 s->sector = (sector_num);
819 } else {
820 s->sector = sector_num;
821 s->lcyl = sector_num >> 8;
822 s->hcyl = sector_num >> 16;
823 s->hob_sector = sector_num >> 24;
824 s->hob_lcyl = sector_num >> 32;
825 s->hob_hcyl = sector_num >> 40;
826 }
827 } else {
828 cyl = sector_num / (s->heads * s->sectors);
829 r = sector_num % (s->heads * s->sectors);
830 s->hcyl = cyl >> 8;
831 s->lcyl = cyl;
832 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
833 s->sector = (r % s->sectors) + 1;
834 }
835 }
836
837 static void ide_rw_error(IDEState *s) {
838 ide_abort_command(s);
839 ide_set_irq(s);
840 }
841
842 static void ide_sector_read(IDEState *s)
843 {
844 int64_t sector_num;
845 int ret, n;
846
847 s->status = READY_STAT | SEEK_STAT;
848 s->error = 0; /* not needed by IDE spec, but needed by Windows */
849 sector_num = ide_get_sector(s);
850 n = s->nsector;
851 if (n == 0) {
852 /* no more sector to read from disk */
853 ide_transfer_stop(s);
854 } else {
855 #if defined(DEBUG_IDE)
856 printf("read sector=%" PRId64 "\n", sector_num);
857 #endif
858 if (n > s->req_nb_sectors)
859 n = s->req_nb_sectors;
860 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
861 if (ret != 0) {
862 ide_rw_error(s);
863 return;
864 }
865 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
866 ide_set_irq(s);
867 ide_set_sector(s, sector_num + n);
868 s->nsector -= n;
869 }
870 }
871
872
873 /* return 0 if buffer completed */
874 static int dma_buf_prepare(BMDMAState *bm, int is_write)
875 {
876 IDEState *s = bm->ide_if;
877 struct {
878 uint32_t addr;
879 uint32_t size;
880 } prd;
881 int l, len;
882
883 qemu_sglist_init(&s->sg, s->nsector / (TARGET_PAGE_SIZE/512) + 1);
884 s->io_buffer_size = 0;
885 for(;;) {
886 if (bm->cur_prd_len == 0) {
887 /* end of table (with a fail safe of one page) */
888 if (bm->cur_prd_last ||
889 (bm->cur_addr - bm->addr) >= 4096)
890 return s->io_buffer_size != 0;
891 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
892 bm->cur_addr += 8;
893 prd.addr = le32_to_cpu(prd.addr);
894 prd.size = le32_to_cpu(prd.size);
895 len = prd.size & 0xfffe;
896 if (len == 0)
897 len = 0x10000;
898 bm->cur_prd_len = len;
899 bm->cur_prd_addr = prd.addr;
900 bm->cur_prd_last = (prd.size & 0x80000000);
901 }
902 l = bm->cur_prd_len;
903 if (l > 0) {
904 qemu_sglist_add(&s->sg, bm->cur_prd_addr, l);
905 bm->cur_prd_addr += l;
906 bm->cur_prd_len -= l;
907 s->io_buffer_size += l;
908 }
909 }
910 return 1;
911 }
912
913 static void dma_buf_commit(IDEState *s, int is_write)
914 {
915 qemu_sglist_destroy(&s->sg);
916 }
917
918 static void ide_dma_error(IDEState *s)
919 {
920 ide_transfer_stop(s);
921 s->error = ABRT_ERR;
922 s->status = READY_STAT | ERR_STAT;
923 ide_set_irq(s);
924 }
925
926 static int ide_handle_write_error(IDEState *s, int error, int op)
927 {
928 BlockInterfaceErrorAction action = drive_get_onerror(s->bs);
929
930 if (action == BLOCK_ERR_IGNORE)
931 return 0;
932
933 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
934 || action == BLOCK_ERR_STOP_ANY) {
935 s->bmdma->ide_if = s;
936 s->bmdma->status |= op;
937 vm_stop(0);
938 } else {
939 if (op == BM_STATUS_DMA_RETRY) {
940 dma_buf_commit(s, 0);
941 ide_dma_error(s);
942 } else {
943 ide_rw_error(s);
944 }
945 }
946
947 return 1;
948 }
949
950 /* return 0 if buffer completed */
951 static int dma_buf_rw(BMDMAState *bm, int is_write)
952 {
953 IDEState *s = bm->ide_if;
954 struct {
955 uint32_t addr;
956 uint32_t size;
957 } prd;
958 int l, len;
959
960 for(;;) {
961 l = s->io_buffer_size - s->io_buffer_index;
962 if (l <= 0)
963 break;
964 if (bm->cur_prd_len == 0) {
965 /* end of table (with a fail safe of one page) */
966 if (bm->cur_prd_last ||
967 (bm->cur_addr - bm->addr) >= 4096)
968 return 0;
969 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
970 bm->cur_addr += 8;
971 prd.addr = le32_to_cpu(prd.addr);
972 prd.size = le32_to_cpu(prd.size);
973 len = prd.size & 0xfffe;
974 if (len == 0)
975 len = 0x10000;
976 bm->cur_prd_len = len;
977 bm->cur_prd_addr = prd.addr;
978 bm->cur_prd_last = (prd.size & 0x80000000);
979 }
980 if (l > bm->cur_prd_len)
981 l = bm->cur_prd_len;
982 if (l > 0) {
983 if (is_write) {
984 cpu_physical_memory_write(bm->cur_prd_addr,
985 s->io_buffer + s->io_buffer_index, l);
986 } else {
987 cpu_physical_memory_read(bm->cur_prd_addr,
988 s->io_buffer + s->io_buffer_index, l);
989 }
990 bm->cur_prd_addr += l;
991 bm->cur_prd_len -= l;
992 s->io_buffer_index += l;
993 }
994 }
995 return 1;
996 }
997
998 static void ide_read_dma_cb(void *opaque, int ret)
999 {
1000 BMDMAState *bm = opaque;
1001 IDEState *s = bm->ide_if;
1002 int n;
1003 int64_t sector_num;
1004
1005 if (ret < 0) {
1006 dma_buf_commit(s, 1);
1007 ide_dma_error(s);
1008 return;
1009 }
1010
1011 n = s->io_buffer_size >> 9;
1012 sector_num = ide_get_sector(s);
1013 if (n > 0) {
1014 dma_buf_commit(s, 1);
1015 sector_num += n;
1016 ide_set_sector(s, sector_num);
1017 s->nsector -= n;
1018 }
1019
1020 /* end of transfer ? */
1021 if (s->nsector == 0) {
1022 s->status = READY_STAT | SEEK_STAT;
1023 ide_set_irq(s);
1024 eot:
1025 bm->status &= ~BM_STATUS_DMAING;
1026 bm->status |= BM_STATUS_INT;
1027 bm->dma_cb = NULL;
1028 bm->ide_if = NULL;
1029 bm->aiocb = NULL;
1030 return;
1031 }
1032
1033 /* launch next transfer */
1034 n = s->nsector;
1035 s->io_buffer_index = 0;
1036 s->io_buffer_size = n * 512;
1037 if (dma_buf_prepare(bm, 1) == 0)
1038 goto eot;
1039 #ifdef DEBUG_AIO
1040 printf("aio_read: sector_num=%" PRId64 " n=%d\n", sector_num, n);
1041 #endif
1042 bm->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num, ide_read_dma_cb, bm);
1043 ide_dma_submit_check(s, ide_read_dma_cb, bm);
1044 }
1045
1046 static void ide_sector_read_dma(IDEState *s)
1047 {
1048 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
1049 s->io_buffer_index = 0;
1050 s->io_buffer_size = 0;
1051 s->is_read = 1;
1052 ide_dma_start(s, ide_read_dma_cb);
1053 }
1054
1055 static void ide_sector_write_timer_cb(void *opaque)
1056 {
1057 IDEState *s = opaque;
1058 ide_set_irq(s);
1059 }
1060
1061 static void ide_sector_write(IDEState *s)
1062 {
1063 int64_t sector_num;
1064 int ret, n, n1;
1065
1066 s->status = READY_STAT | SEEK_STAT;
1067 sector_num = ide_get_sector(s);
1068 #if defined(DEBUG_IDE)
1069 printf("write sector=%" PRId64 "\n", sector_num);
1070 #endif
1071 n = s->nsector;
1072 if (n > s->req_nb_sectors)
1073 n = s->req_nb_sectors;
1074 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
1075
1076 if (ret != 0) {
1077 if (ide_handle_write_error(s, -ret, BM_STATUS_PIO_RETRY))
1078 return;
1079 }
1080
1081 s->nsector -= n;
1082 if (s->nsector == 0) {
1083 /* no more sectors to write */
1084 ide_transfer_stop(s);
1085 } else {
1086 n1 = s->nsector;
1087 if (n1 > s->req_nb_sectors)
1088 n1 = s->req_nb_sectors;
1089 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
1090 }
1091 ide_set_sector(s, sector_num + n);
1092
1093 #ifdef TARGET_I386
1094 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
1095 /* It seems there is a bug in the Windows 2000 installer HDD
1096 IDE driver which fills the disk with empty logs when the
1097 IDE write IRQ comes too early. This hack tries to correct
1098 that at the expense of slower write performances. Use this
1099 option _only_ to install Windows 2000. You must disable it
1100 for normal use. */
1101 qemu_mod_timer(s->sector_write_timer,
1102 qemu_get_clock(vm_clock) + (ticks_per_sec / 1000));
1103 } else
1104 #endif
1105 {
1106 ide_set_irq(s);
1107 }
1108 }
1109
1110 static void ide_dma_restart_cb(void *opaque, int running, int reason)
1111 {
1112 BMDMAState *bm = opaque;
1113 if (!running)
1114 return;
1115 if (bm->status & BM_STATUS_DMA_RETRY) {
1116 bm->status &= ~BM_STATUS_DMA_RETRY;
1117 ide_dma_restart(bm->ide_if);
1118 } else if (bm->status & BM_STATUS_PIO_RETRY) {
1119 bm->status &= ~BM_STATUS_PIO_RETRY;
1120 ide_sector_write(bm->ide_if);
1121 }
1122 }
1123
1124 static void ide_write_dma_cb(void *opaque, int ret)
1125 {
1126 BMDMAState *bm = opaque;
1127 IDEState *s = bm->ide_if;
1128 int n;
1129 int64_t sector_num;
1130
1131 if (ret < 0) {
1132 if (ide_handle_write_error(s, -ret, BM_STATUS_DMA_RETRY))
1133 return;
1134 }
1135
1136 n = s->io_buffer_size >> 9;
1137 sector_num = ide_get_sector(s);
1138 if (n > 0) {
1139 dma_buf_commit(s, 0);
1140 sector_num += n;
1141 ide_set_sector(s, sector_num);
1142 s->nsector -= n;
1143 }
1144
1145 /* end of transfer ? */
1146 if (s->nsector == 0) {
1147 s->status = READY_STAT | SEEK_STAT;
1148 ide_set_irq(s);
1149 eot:
1150 bm->status &= ~BM_STATUS_DMAING;
1151 bm->status |= BM_STATUS_INT;
1152 bm->dma_cb = NULL;
1153 bm->ide_if = NULL;
1154 bm->aiocb = NULL;
1155 return;
1156 }
1157
1158 n = s->nsector;
1159 s->io_buffer_size = n * 512;
1160 /* launch next transfer */
1161 if (dma_buf_prepare(bm, 0) == 0)
1162 goto eot;
1163 #ifdef DEBUG_AIO
1164 printf("aio_write: sector_num=%" PRId64 " n=%d\n", sector_num, n);
1165 #endif
1166 bm->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num, ide_write_dma_cb, bm);
1167 ide_dma_submit_check(s, ide_write_dma_cb, bm);
1168 }
1169
1170 static void ide_sector_write_dma(IDEState *s)
1171 {
1172 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
1173 s->io_buffer_index = 0;
1174 s->io_buffer_size = 0;
1175 s->is_read = 0;
1176 ide_dma_start(s, ide_write_dma_cb);
1177 }
1178
1179 static void ide_atapi_cmd_ok(IDEState *s)
1180 {
1181 s->error = 0;
1182 s->status = READY_STAT | SEEK_STAT;
1183 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1184 ide_set_irq(s);
1185 }
1186
1187 static void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
1188 {
1189 #ifdef DEBUG_IDE_ATAPI
1190 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
1191 #endif
1192 s->error = sense_key << 4;
1193 s->status = READY_STAT | ERR_STAT;
1194 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1195 s->sense_key = sense_key;
1196 s->asc = asc;
1197 ide_set_irq(s);
1198 }
1199
1200 static void ide_atapi_cmd_check_status(IDEState *s)
1201 {
1202 #ifdef DEBUG_IDE_ATAPI
1203 printf("atapi_cmd_check_status\n");
1204 #endif
1205 s->error = MC_ERR | (SENSE_UNIT_ATTENTION << 4);
1206 s->status = ERR_STAT;
1207 s->nsector = 0;
1208 ide_set_irq(s);
1209 }
1210
1211 static inline void cpu_to_ube16(uint8_t *buf, int val)
1212 {
1213 buf[0] = val >> 8;
1214 buf[1] = val;
1215 }
1216
1217 static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
1218 {
1219 buf[0] = val >> 24;
1220 buf[1] = val >> 16;
1221 buf[2] = val >> 8;
1222 buf[3] = val;
1223 }
1224
1225 static inline int ube16_to_cpu(const uint8_t *buf)
1226 {
1227 return (buf[0] << 8) | buf[1];
1228 }
1229
1230 static inline int ube32_to_cpu(const uint8_t *buf)
1231 {
1232 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
1233 }
1234
1235 static void lba_to_msf(uint8_t *buf, int lba)
1236 {
1237 lba += 150;
1238 buf[0] = (lba / 75) / 60;
1239 buf[1] = (lba / 75) % 60;
1240 buf[2] = lba % 75;
1241 }
1242
1243 static void cd_data_to_raw(uint8_t *buf, int lba)
1244 {
1245 /* sync bytes */
1246 buf[0] = 0x00;
1247 memset(buf + 1, 0xff, 10);
1248 buf[11] = 0x00;
1249 buf += 12;
1250 /* MSF */
1251 lba_to_msf(buf, lba);
1252 buf[3] = 0x01; /* mode 1 data */
1253 buf += 4;
1254 /* data */
1255 buf += 2048;
1256 /* XXX: ECC not computed */
1257 memset(buf, 0, 288);
1258 }
1259
1260 static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
1261 int sector_size)
1262 {
1263 int ret;
1264
1265 switch(sector_size) {
1266 case 2048:
1267 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
1268 break;
1269 case 2352:
1270 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
1271 if (ret < 0)
1272 return ret;
1273 cd_data_to_raw(buf, lba);
1274 break;
1275 default:
1276 ret = -EIO;
1277 break;
1278 }
1279 return ret;
1280 }
1281
1282 static void ide_atapi_io_error(IDEState *s, int ret)
1283 {
1284 /* XXX: handle more errors */
1285 if (ret == -ENOMEDIUM) {
1286 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1287 ASC_MEDIUM_NOT_PRESENT);
1288 } else {
1289 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1290 ASC_LOGICAL_BLOCK_OOR);
1291 }
1292 }
1293
1294 /* The whole ATAPI transfer logic is handled in this function */
1295 static void ide_atapi_cmd_reply_end(IDEState *s)
1296 {
1297 int byte_count_limit, size, ret;
1298 #ifdef DEBUG_IDE_ATAPI
1299 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
1300 s->packet_transfer_size,
1301 s->elementary_transfer_size,
1302 s->io_buffer_index);
1303 #endif
1304 if (s->packet_transfer_size <= 0) {
1305 /* end of transfer */
1306 ide_transfer_stop(s);
1307 s->status = READY_STAT | SEEK_STAT;
1308 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1309 ide_set_irq(s);
1310 #ifdef DEBUG_IDE_ATAPI
1311 printf("status=0x%x\n", s->status);
1312 #endif
1313 } else {
1314 /* see if a new sector must be read */
1315 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
1316 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
1317 if (ret < 0) {
1318 ide_transfer_stop(s);
1319 ide_atapi_io_error(s, ret);
1320 return;
1321 }
1322 s->lba++;
1323 s->io_buffer_index = 0;
1324 }
1325 if (s->elementary_transfer_size > 0) {
1326 /* there are some data left to transmit in this elementary
1327 transfer */
1328 size = s->cd_sector_size - s->io_buffer_index;
1329 if (size > s->elementary_transfer_size)
1330 size = s->elementary_transfer_size;
1331 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1332 size, ide_atapi_cmd_reply_end);
1333 s->packet_transfer_size -= size;
1334 s->elementary_transfer_size -= size;
1335 s->io_buffer_index += size;
1336 } else {
1337 /* a new transfer is needed */
1338 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
1339 byte_count_limit = s->lcyl | (s->hcyl << 8);
1340 #ifdef DEBUG_IDE_ATAPI
1341 printf("byte_count_limit=%d\n", byte_count_limit);
1342 #endif
1343 if (byte_count_limit == 0xffff)
1344 byte_count_limit--;
1345 size = s->packet_transfer_size;
1346 if (size > byte_count_limit) {
1347 /* byte count limit must be even if this case */
1348 if (byte_count_limit & 1)
1349 byte_count_limit--;
1350 size = byte_count_limit;
1351 }
1352 s->lcyl = size;
1353 s->hcyl = size >> 8;
1354 s->elementary_transfer_size = size;
1355 /* we cannot transmit more than one sector at a time */
1356 if (s->lba != -1) {
1357 if (size > (s->cd_sector_size - s->io_buffer_index))
1358 size = (s->cd_sector_size - s->io_buffer_index);
1359 }
1360 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1361 size, ide_atapi_cmd_reply_end);
1362 s->packet_transfer_size -= size;
1363 s->elementary_transfer_size -= size;
1364 s->io_buffer_index += size;
1365 ide_set_irq(s);
1366 #ifdef DEBUG_IDE_ATAPI
1367 printf("status=0x%x\n", s->status);
1368 #endif
1369 }
1370 }
1371 }
1372
1373 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
1374 static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
1375 {
1376 if (size > max_size)
1377 size = max_size;
1378 s->lba = -1; /* no sector read */
1379 s->packet_transfer_size = size;
1380 s->io_buffer_size = size; /* dma: send the reply data as one chunk */
1381 s->elementary_transfer_size = 0;
1382 s->io_buffer_index = 0;
1383
1384 if (s->atapi_dma) {
1385 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
1386 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1387 } else {
1388 s->status = READY_STAT | SEEK_STAT;
1389 ide_atapi_cmd_reply_end(s);
1390 }
1391 }
1392
1393 /* start a CD-CDROM read command */
1394 static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
1395 int sector_size)
1396 {
1397 s->lba = lba;
1398 s->packet_transfer_size = nb_sectors * sector_size;
1399 s->elementary_transfer_size = 0;
1400 s->io_buffer_index = sector_size;
1401 s->cd_sector_size = sector_size;
1402
1403 s->status = READY_STAT | SEEK_STAT;
1404 ide_atapi_cmd_reply_end(s);
1405 }
1406
1407 /* ATAPI DMA support */
1408
1409 /* XXX: handle read errors */
1410 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
1411 {
1412 BMDMAState *bm = opaque;
1413 IDEState *s = bm->ide_if;
1414 int data_offset, n;
1415
1416 if (ret < 0) {
1417 ide_atapi_io_error(s, ret);
1418 goto eot;
1419 }
1420
1421 if (s->io_buffer_size > 0) {
1422 /*
1423 * For a cdrom read sector command (s->lba != -1),
1424 * adjust the lba for the next s->io_buffer_size chunk
1425 * and dma the current chunk.
1426 * For a command != read (s->lba == -1), just transfer
1427 * the reply data.
1428 */
1429 if (s->lba != -1) {
1430 if (s->cd_sector_size == 2352) {
1431 n = 1;
1432 cd_data_to_raw(s->io_buffer, s->lba);
1433 } else {
1434 n = s->io_buffer_size >> 11;
1435 }
1436 s->lba += n;
1437 }
1438 s->packet_transfer_size -= s->io_buffer_size;
1439 if (dma_buf_rw(bm, 1) == 0)
1440 goto eot;
1441 }
1442
1443 if (s->packet_transfer_size <= 0) {
1444 s->status = READY_STAT | SEEK_STAT;
1445 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1446 ide_set_irq(s);
1447 eot:
1448 bm->status &= ~BM_STATUS_DMAING;
1449 bm->status |= BM_STATUS_INT;
1450 bm->dma_cb = NULL;
1451 bm->ide_if = NULL;
1452 bm->aiocb = NULL;
1453 return;
1454 }
1455
1456 s->io_buffer_index = 0;
1457 if (s->cd_sector_size == 2352) {
1458 n = 1;
1459 s->io_buffer_size = s->cd_sector_size;
1460 data_offset = 16;
1461 } else {
1462 n = s->packet_transfer_size >> 11;
1463 if (n > (IDE_DMA_BUF_SECTORS / 4))
1464 n = (IDE_DMA_BUF_SECTORS / 4);
1465 s->io_buffer_size = n * 2048;
1466 data_offset = 0;
1467 }
1468 #ifdef DEBUG_AIO
1469 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
1470 #endif
1471 bm->aiocb = bdrv_aio_read(s->bs, (int64_t)s->lba << 2,
1472 s->io_buffer + data_offset, n * 4,
1473 ide_atapi_cmd_read_dma_cb, bm);
1474 if (!bm->aiocb) {
1475 /* Note: media not present is the most likely case */
1476 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1477 ASC_MEDIUM_NOT_PRESENT);
1478 goto eot;
1479 }
1480 }
1481
1482 /* start a CD-CDROM read command with DMA */
1483 /* XXX: test if DMA is available */
1484 static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1485 int sector_size)
1486 {
1487 s->lba = lba;
1488 s->packet_transfer_size = nb_sectors * sector_size;
1489 s->io_buffer_index = 0;
1490 s->io_buffer_size = 0;
1491 s->cd_sector_size = sector_size;
1492
1493 /* XXX: check if BUSY_STAT should be set */
1494 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
1495 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1496 }
1497
1498 static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
1499 int sector_size)
1500 {
1501 #ifdef DEBUG_IDE_ATAPI
1502 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
1503 lba, nb_sectors);
1504 #endif
1505 if (s->atapi_dma) {
1506 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1507 } else {
1508 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1509 }
1510 }
1511
1512 static inline uint8_t ide_atapi_set_profile(uint8_t *buf, uint8_t *index,
1513 uint16_t profile)
1514 {
1515 uint8_t *buf_profile = buf + 12; /* start of profiles */
1516
1517 buf_profile += ((*index) * 4); /* start of indexed profile */
1518 cpu_to_ube16 (buf_profile, profile);
1519 buf_profile[2] = ((buf_profile[0] == buf[6]) && (buf_profile[1] == buf[7]));
1520
1521 /* each profile adds 4 bytes to the response */
1522 (*index)++;
1523 buf[11] += 4; /* Additional Length */
1524
1525 return 4;
1526 }
1527
1528 static int ide_dvd_read_structure(IDEState *s, int format,
1529 const uint8_t *packet, uint8_t *buf)
1530 {
1531 switch (format) {
1532 case 0x0: /* Physical format information */
1533 {
1534 int layer = packet[6];
1535 uint64_t total_sectors;
1536
1537 if (layer != 0)
1538 return -ASC_INV_FIELD_IN_CMD_PACKET;
1539
1540 bdrv_get_geometry(s->bs, &total_sectors);
1541 total_sectors >>= 2;
1542 if (total_sectors == 0)
1543 return -ASC_MEDIUM_NOT_PRESENT;
1544
1545 buf[4] = 1; /* DVD-ROM, part version 1 */
1546 buf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
1547 buf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
1548 buf[7] = 0; /* default densities */
1549
1550 /* FIXME: 0x30000 per spec? */
1551 cpu_to_ube32(buf + 8, 0); /* start sector */
1552 cpu_to_ube32(buf + 12, total_sectors - 1); /* end sector */
1553 cpu_to_ube32(buf + 16, total_sectors - 1); /* l0 end sector */
1554
1555 /* Size of buffer, not including 2 byte size field */
1556 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1557
1558 /* 2k data + 4 byte header */
1559 return (2048 + 4);
1560 }
1561
1562 case 0x01: /* DVD copyright information */
1563 buf[4] = 0; /* no copyright data */
1564 buf[5] = 0; /* no region restrictions */
1565
1566 /* Size of buffer, not including 2 byte size field */
1567 cpu_to_be16wu((uint16_t *)buf, 4 + 2);
1568
1569 /* 4 byte header + 4 byte data */
1570 return (4 + 4);
1571
1572 case 0x03: /* BCA information - invalid field for no BCA info */
1573 return -ASC_INV_FIELD_IN_CMD_PACKET;
1574
1575 case 0x04: /* DVD disc manufacturing information */
1576 /* Size of buffer, not including 2 byte size field */
1577 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1578
1579 /* 2k data + 4 byte header */
1580 return (2048 + 4);
1581
1582 case 0xff:
1583 /*
1584 * This lists all the command capabilities above. Add new ones
1585 * in order and update the length and buffer return values.
1586 */
1587
1588 buf[4] = 0x00; /* Physical format */
1589 buf[5] = 0x40; /* Not writable, is readable */
1590 cpu_to_be16wu((uint16_t *)(buf + 6), 2048 + 4);
1591
1592 buf[8] = 0x01; /* Copyright info */
1593 buf[9] = 0x40; /* Not writable, is readable */
1594 cpu_to_be16wu((uint16_t *)(buf + 10), 4 + 4);
1595
1596 buf[12] = 0x03; /* BCA info */
1597 buf[13] = 0x40; /* Not writable, is readable */
1598 cpu_to_be16wu((uint16_t *)(buf + 14), 188 + 4);
1599
1600 buf[16] = 0x04; /* Manufacturing info */
1601 buf[17] = 0x40; /* Not writable, is readable */
1602 cpu_to_be16wu((uint16_t *)(buf + 18), 2048 + 4);
1603
1604 /* Size of buffer, not including 2 byte size field */
1605 cpu_to_be16wu((uint16_t *)buf, 16 + 2);
1606
1607 /* data written + 4 byte header */
1608 return (16 + 4);
1609
1610 default: /* TODO: formats beyond DVD-ROM requires */
1611 return -ASC_INV_FIELD_IN_CMD_PACKET;
1612 }
1613 }
1614
1615 static void ide_atapi_cmd(IDEState *s)
1616 {
1617 const uint8_t *packet;
1618 uint8_t *buf;
1619 int max_len;
1620
1621 packet = s->io_buffer;
1622 buf = s->io_buffer;
1623 #ifdef DEBUG_IDE_ATAPI
1624 {
1625 int i;
1626 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1627 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1628 printf(" %02x", packet[i]);
1629 }
1630 printf("\n");
1631 }
1632 #endif
1633 /* If there's a UNIT_ATTENTION condition pending, only
1634 REQUEST_SENSE and INQUIRY commands are allowed to complete. */
1635 if (s->sense_key == SENSE_UNIT_ATTENTION &&
1636 s->io_buffer[0] != GPCMD_REQUEST_SENSE &&
1637 s->io_buffer[0] != GPCMD_INQUIRY) {
1638 ide_atapi_cmd_check_status(s);
1639 return;
1640 }
1641 switch(s->io_buffer[0]) {
1642 case GPCMD_TEST_UNIT_READY:
1643 if (bdrv_is_inserted(s->bs)) {
1644 ide_atapi_cmd_ok(s);
1645 } else {
1646 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1647 ASC_MEDIUM_NOT_PRESENT);
1648 }
1649 break;
1650 case GPCMD_MODE_SENSE_6:
1651 case GPCMD_MODE_SENSE_10:
1652 {
1653 int action, code;
1654 if (packet[0] == GPCMD_MODE_SENSE_10)
1655 max_len = ube16_to_cpu(packet + 7);
1656 else
1657 max_len = packet[4];
1658 action = packet[2] >> 6;
1659 code = packet[2] & 0x3f;
1660 switch(action) {
1661 case 0: /* current values */
1662 switch(code) {
1663 case 0x01: /* error recovery */
1664 cpu_to_ube16(&buf[0], 16 + 6);
1665 buf[2] = 0x70;
1666 buf[3] = 0;
1667 buf[4] = 0;
1668 buf[5] = 0;
1669 buf[6] = 0;
1670 buf[7] = 0;
1671
1672 buf[8] = 0x01;
1673 buf[9] = 0x06;
1674 buf[10] = 0x00;
1675 buf[11] = 0x05;
1676 buf[12] = 0x00;
1677 buf[13] = 0x00;
1678 buf[14] = 0x00;
1679 buf[15] = 0x00;
1680 ide_atapi_cmd_reply(s, 16, max_len);
1681 break;
1682 case 0x2a:
1683 cpu_to_ube16(&buf[0], 28 + 6);
1684 buf[2] = 0x70;
1685 buf[3] = 0;
1686 buf[4] = 0;
1687 buf[5] = 0;
1688 buf[6] = 0;
1689 buf[7] = 0;
1690
1691 buf[8] = 0x2a;
1692 buf[9] = 0x12;
1693 buf[10] = 0x00;
1694 buf[11] = 0x00;
1695
1696 /* Claim PLAY_AUDIO capability (0x01) since some Linux
1697 code checks for this to automount media. */
1698 buf[12] = 0x71;
1699 buf[13] = 3 << 5;
1700 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
1701 if (bdrv_is_locked(s->bs))
1702 buf[6] |= 1 << 1;
1703 buf[15] = 0x00;
1704 cpu_to_ube16(&buf[16], 706);
1705 buf[18] = 0;
1706 buf[19] = 2;
1707 cpu_to_ube16(&buf[20], 512);
1708 cpu_to_ube16(&buf[22], 706);
1709 buf[24] = 0;
1710 buf[25] = 0;
1711 buf[26] = 0;
1712 buf[27] = 0;
1713 ide_atapi_cmd_reply(s, 28, max_len);
1714 break;
1715 default:
1716 goto error_cmd;
1717 }
1718 break;
1719 case 1: /* changeable values */
1720 goto error_cmd;
1721 case 2: /* default values */
1722 goto error_cmd;
1723 default:
1724 case 3: /* saved values */
1725 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1726 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1727 break;
1728 }
1729 }
1730 break;
1731 case GPCMD_REQUEST_SENSE:
1732 max_len = packet[4];
1733 memset(buf, 0, 18);
1734 buf[0] = 0x70 | (1 << 7);
1735 buf[2] = s->sense_key;
1736 buf[7] = 10;
1737 buf[12] = s->asc;
1738 if (s->sense_key == SENSE_UNIT_ATTENTION)
1739 s->sense_key = SENSE_NONE;
1740 ide_atapi_cmd_reply(s, 18, max_len);
1741 break;
1742 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
1743 if (bdrv_is_inserted(s->bs)) {
1744 bdrv_set_locked(s->bs, packet[4] & 1);
1745 ide_atapi_cmd_ok(s);
1746 } else {
1747 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1748 ASC_MEDIUM_NOT_PRESENT);
1749 }
1750 break;
1751 case GPCMD_READ_10:
1752 case GPCMD_READ_12:
1753 {
1754 int nb_sectors, lba;
1755
1756 if (packet[0] == GPCMD_READ_10)
1757 nb_sectors = ube16_to_cpu(packet + 7);
1758 else
1759 nb_sectors = ube32_to_cpu(packet + 6);
1760 lba = ube32_to_cpu(packet + 2);
1761 if (nb_sectors == 0) {
1762 ide_atapi_cmd_ok(s);
1763 break;
1764 }
1765 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1766 }
1767 break;
1768 case GPCMD_READ_CD:
1769 {
1770 int nb_sectors, lba, transfer_request;
1771
1772 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1773 lba = ube32_to_cpu(packet + 2);
1774 if (nb_sectors == 0) {
1775 ide_atapi_cmd_ok(s);
1776 break;
1777 }
1778 transfer_request = packet[9];
1779 switch(transfer_request & 0xf8) {
1780 case 0x00:
1781 /* nothing */
1782 ide_atapi_cmd_ok(s);
1783 break;
1784 case 0x10:
1785 /* normal read */
1786 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1787 break;
1788 case 0xf8:
1789 /* read all data */
1790 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1791 break;
1792 default:
1793 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1794 ASC_INV_FIELD_IN_CMD_PACKET);
1795 break;
1796 }
1797 }
1798 break;
1799 case GPCMD_SEEK:
1800 {
1801 unsigned int lba;
1802 uint64_t total_sectors;
1803
1804 bdrv_get_geometry(s->bs, &total_sectors);
1805 total_sectors >>= 2;
1806 if (total_sectors == 0) {
1807 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1808 ASC_MEDIUM_NOT_PRESENT);
1809 break;
1810 }
1811 lba = ube32_to_cpu(packet + 2);
1812 if (lba >= total_sectors) {
1813 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1814 ASC_LOGICAL_BLOCK_OOR);
1815 break;
1816 }
1817 ide_atapi_cmd_ok(s);
1818 }
1819 break;
1820 case GPCMD_START_STOP_UNIT:
1821 {
1822 int start, eject, err = 0;
1823 start = packet[4] & 1;
1824 eject = (packet[4] >> 1) & 1;
1825
1826 if (eject) {
1827 err = bdrv_eject(s->bs, !start);
1828 }
1829
1830 switch (err) {
1831 case 0:
1832 ide_atapi_cmd_ok(s);
1833 break;
1834 case -EBUSY:
1835 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1836 ASC_MEDIA_REMOVAL_PREVENTED);
1837 break;
1838 default:
1839 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1840 ASC_MEDIUM_NOT_PRESENT);
1841 break;
1842 }
1843 }
1844 break;
1845 case GPCMD_MECHANISM_STATUS:
1846 {
1847 max_len = ube16_to_cpu(packet + 8);
1848 cpu_to_ube16(buf, 0);
1849 /* no current LBA */
1850 buf[2] = 0;
1851 buf[3] = 0;
1852 buf[4] = 0;
1853 buf[5] = 1;
1854 cpu_to_ube16(buf + 6, 0);
1855 ide_atapi_cmd_reply(s, 8, max_len);
1856 }
1857 break;
1858 case GPCMD_READ_TOC_PMA_ATIP:
1859 {
1860 int format, msf, start_track, len;
1861 uint64_t total_sectors;
1862
1863 bdrv_get_geometry(s->bs, &total_sectors);
1864 total_sectors >>= 2;
1865 if (total_sectors == 0) {
1866 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1867 ASC_MEDIUM_NOT_PRESENT);
1868 break;
1869 }
1870 max_len = ube16_to_cpu(packet + 7);
1871 format = packet[9] >> 6;
1872 msf = (packet[1] >> 1) & 1;
1873 start_track = packet[6];
1874 switch(format) {
1875 case 0:
1876 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
1877 if (len < 0)
1878 goto error_cmd;
1879 ide_atapi_cmd_reply(s, len, max_len);
1880 break;
1881 case 1:
1882 /* multi session : only a single session defined */
1883 memset(buf, 0, 12);
1884 buf[1] = 0x0a;
1885 buf[2] = 0x01;
1886 buf[3] = 0x01;
1887 ide_atapi_cmd_reply(s, 12, max_len);
1888 break;
1889 case 2:
1890 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
1891 if (len < 0)
1892 goto error_cmd;
1893 ide_atapi_cmd_reply(s, len, max_len);
1894 break;
1895 default:
1896 error_cmd:
1897 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1898 ASC_INV_FIELD_IN_CMD_PACKET);
1899 break;
1900 }
1901 }
1902 break;
1903 case GPCMD_READ_CDVD_CAPACITY:
1904 {
1905 uint64_t total_sectors;
1906
1907 bdrv_get_geometry(s->bs, &total_sectors);
1908 total_sectors >>= 2;
1909 if (total_sectors == 0) {
1910 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1911 ASC_MEDIUM_NOT_PRESENT);
1912 break;
1913 }
1914 /* NOTE: it is really the number of sectors minus 1 */
1915 cpu_to_ube32(buf, total_sectors - 1);
1916 cpu_to_ube32(buf + 4, 2048);
1917 ide_atapi_cmd_reply(s, 8, 8);
1918 }
1919 break;
1920 case GPCMD_READ_DVD_STRUCTURE:
1921 {
1922 int media = packet[1];
1923 int format = packet[7];
1924 int ret;
1925
1926 max_len = ube16_to_cpu(packet + 8);
1927
1928 if (format < 0xff) {
1929 if (media_is_cd(s)) {
1930 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1931 ASC_INCOMPATIBLE_FORMAT);
1932 break;
1933 } else if (!media_present(s)) {
1934 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1935 ASC_INV_FIELD_IN_CMD_PACKET);
1936 break;
1937 }
1938 }
1939
1940 memset(buf, 0, max_len > IDE_DMA_BUF_SECTORS * 512 + 4 ?
1941 IDE_DMA_BUF_SECTORS * 512 + 4 : max_len);
1942
1943 switch (format) {
1944 case 0x00 ... 0x7f:
1945 case 0xff:
1946 if (media == 0) {
1947 ret = ide_dvd_read_structure(s, format, packet, buf);
1948
1949 if (ret < 0)
1950 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, -ret);
1951 else
1952 ide_atapi_cmd_reply(s, ret, max_len);
1953
1954 break;
1955 }
1956 /* TODO: BD support, fall through for now */
1957
1958 /* Generic disk structures */
1959 case 0x80: /* TODO: AACS volume identifier */
1960 case 0x81: /* TODO: AACS media serial number */
1961 case 0x82: /* TODO: AACS media identifier */
1962 case 0x83: /* TODO: AACS media key block */
1963 case 0x90: /* TODO: List of recognized format layers */
1964 case 0xc0: /* TODO: Write protection status */
1965 default:
1966 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1967 ASC_INV_FIELD_IN_CMD_PACKET);
1968 break;
1969 }
1970 }
1971 break;
1972 case GPCMD_SET_SPEED:
1973 ide_atapi_cmd_ok(s);
1974 break;
1975 case GPCMD_INQUIRY:
1976 max_len = packet[4];
1977 buf[0] = 0x05; /* CD-ROM */
1978 buf[1] = 0x80; /* removable */
1979 buf[2] = 0x00; /* ISO */
1980 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1981 buf[4] = 31; /* additional length */
1982 buf[5] = 0; /* reserved */
1983 buf[6] = 0; /* reserved */
1984 buf[7] = 0; /* reserved */
1985 padstr8(buf + 8, 8, "QEMU");
1986 padstr8(buf + 16, 16, "QEMU DVD-ROM");
1987 padstr8(buf + 32, 4, QEMU_VERSION);
1988 ide_atapi_cmd_reply(s, 36, max_len);
1989 break;
1990 case GPCMD_GET_CONFIGURATION:
1991 {
1992 uint32_t len;
1993 uint8_t index = 0;
1994
1995 /* only feature 0 is supported */
1996 if (packet[2] != 0 || packet[3] != 0) {
1997 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1998 ASC_INV_FIELD_IN_CMD_PACKET);
1999 break;
2000 }
2001
2002 /* XXX: could result in alignment problems in some architectures */
2003 max_len = ube16_to_cpu(packet + 7);
2004
2005 /*
2006 * XXX: avoid overflow for io_buffer if max_len is bigger than
2007 * the size of that buffer (dimensioned to max number of
2008 * sectors to transfer at once)
2009 *
2010 * Only a problem if the feature/profiles grow.
2011 */
2012 if (max_len > 512) /* XXX: assume 1 sector */
2013 max_len = 512;
2014
2015 memset(buf, 0, max_len);
2016 /*
2017 * the number of sectors from the media tells us which profile
2018 * to use as current. 0 means there is no media
2019 */
2020 if (media_is_dvd(s))
2021 cpu_to_ube16(buf + 6, MMC_PROFILE_DVD_ROM);
2022 else if (media_is_cd(s))
2023 cpu_to_ube16(buf + 6, MMC_PROFILE_CD_ROM);
2024
2025 buf[10] = 0x02 | 0x01; /* persistent and current */
2026 len = 12; /* headers: 8 + 4 */
2027 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_DVD_ROM);
2028 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_CD_ROM);
2029 cpu_to_ube32(buf, len - 4); /* data length */
2030
2031 ide_atapi_cmd_reply(s, len, max_len);
2032 break;
2033 }
2034 default:
2035 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
2036 ASC_ILLEGAL_OPCODE);
2037 break;
2038 }
2039 }
2040
2041 static void ide_cfata_metadata_inquiry(IDEState *s)
2042 {
2043 uint16_t *p;
2044 uint32_t spd;
2045
2046 p = (uint16_t *) s->io_buffer;
2047 memset(p, 0, 0x200);
2048 spd = ((s->mdata_size - 1) >> 9) + 1;
2049
2050 put_le16(p + 0, 0x0001); /* Data format revision */
2051 put_le16(p + 1, 0x0000); /* Media property: silicon */
2052 put_le16(p + 2, s->media_changed); /* Media status */
2053 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
2054 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
2055 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
2056 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
2057 }
2058
2059 static void ide_cfata_metadata_read(IDEState *s)
2060 {
2061 uint16_t *p;
2062
2063 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
2064 s->status = ERR_STAT;
2065 s->error = ABRT_ERR;
2066 return;
2067 }
2068
2069 p = (uint16_t *) s->io_buffer;
2070 memset(p, 0, 0x200);
2071
2072 put_le16(p + 0, s->media_changed); /* Media status */
2073 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
2074 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
2075 s->nsector << 9), 0x200 - 2));
2076 }
2077
2078 static void ide_cfata_metadata_write(IDEState *s)
2079 {
2080 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
2081 s->status = ERR_STAT;
2082 s->error = ABRT_ERR;
2083 return;
2084 }
2085
2086 s->media_changed = 0;
2087
2088 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
2089 s->io_buffer + 2,
2090 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
2091 s->nsector << 9), 0x200 - 2));
2092 }
2093
2094 /* called when the inserted state of the media has changed */
2095 static void cdrom_change_cb(void *opaque)
2096 {
2097 IDEState *s = opaque;
2098 uint64_t nb_sectors;
2099
2100 bdrv_get_geometry(s->bs, &nb_sectors);
2101 s->nb_sectors = nb_sectors;
2102
2103 s->sense_key = SENSE_UNIT_ATTENTION;
2104 s->asc = ASC_MEDIUM_MAY_HAVE_CHANGED;
2105
2106 ide_set_irq(s);
2107 }
2108
2109 static void ide_cmd_lba48_transform(IDEState *s, int lba48)
2110 {
2111 s->lba48 = lba48;
2112
2113 /* handle the 'magic' 0 nsector count conversion here. to avoid
2114 * fiddling with the rest of the read logic, we just store the
2115 * full sector count in ->nsector and ignore ->hob_nsector from now
2116 */
2117 if (!s->lba48) {
2118 if (!s->nsector)
2119 s->nsector = 256;
2120 } else {
2121 if (!s->nsector && !s->hob_nsector)
2122 s->nsector = 65536;
2123 else {
2124 int lo = s->nsector;
2125 int hi = s->hob_nsector;
2126
2127 s->nsector = (hi << 8) | lo;
2128 }
2129 }
2130 }
2131
2132 static void ide_clear_hob(IDEState *ide_if)
2133 {
2134 /* any write clears HOB high bit of device control register */
2135 ide_if[0].select &= ~(1 << 7);
2136 ide_if[1].select &= ~(1 << 7);
2137 }
2138
2139 static void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
2140 {
2141 IDEState *ide_if = opaque;
2142 IDEState *s;
2143 int unit, n;
2144 int lba48 = 0;
2145
2146 #ifdef DEBUG_IDE
2147 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
2148 #endif
2149
2150 addr &= 7;
2151
2152 /* ignore writes to command block while busy with previous command */
2153 if (addr != 7 && (ide_if->cur_drive->status & (BUSY_STAT|DRQ_STAT)))
2154 return;
2155
2156 switch(addr) {
2157 case 0:
2158 break;
2159 case 1:
2160 ide_clear_hob(ide_if);
2161 /* NOTE: data is written to the two drives */
2162 ide_if[0].hob_feature = ide_if[0].feature;
2163 ide_if[1].hob_feature = ide_if[1].feature;
2164 ide_if[0].feature = val;
2165 ide_if[1].feature = val;
2166 break;
2167 case 2:
2168 ide_clear_hob(ide_if);
2169 ide_if[0].hob_nsector = ide_if[0].nsector;
2170 ide_if[1].hob_nsector = ide_if[1].nsector;
2171 ide_if[0].nsector = val;
2172 ide_if[1].nsector = val;
2173 break;
2174 case 3:
2175 ide_clear_hob(ide_if);
2176 ide_if[0].hob_sector = ide_if[0].sector;
2177 ide_if[1].hob_sector = ide_if[1].sector;
2178 ide_if[0].sector = val;
2179 ide_if[1].sector = val;
2180 break;
2181 case 4:
2182 ide_clear_hob(ide_if);
2183 ide_if[0].hob_lcyl = ide_if[0].lcyl;
2184 ide_if[1].hob_lcyl = ide_if[1].lcyl;
2185 ide_if[0].lcyl = val;
2186 ide_if[1].lcyl = val;
2187 break;
2188 case 5:
2189 ide_clear_hob(ide_if);
2190 ide_if[0].hob_hcyl = ide_if[0].hcyl;
2191 ide_if[1].hob_hcyl = ide_if[1].hcyl;
2192 ide_if[0].hcyl = val;
2193 ide_if[1].hcyl = val;
2194 break;
2195 case 6:
2196 /* FIXME: HOB readback uses bit 7 */
2197 ide_if[0].select = (val & ~0x10) | 0xa0;
2198 ide_if[1].select = (val | 0x10) | 0xa0;
2199 /* select drive */
2200 unit = (val >> 4) & 1;
2201 s = ide_if + unit;
2202 ide_if->cur_drive = s;
2203 break;
2204 default:
2205 case 7:
2206 /* command */
2207 #if defined(DEBUG_IDE)
2208 printf("ide: CMD=%02x\n", val);
2209 #endif
2210 s = ide_if->cur_drive;
2211 /* ignore commands to non existant slave */
2212 if (s != ide_if && !s->bs)
2213 break;
2214
2215 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */
2216 if ((s->status & (BUSY_STAT|DRQ_STAT)) && val != WIN_DEVICE_RESET)
2217 break;
2218
2219 switch(val) {
2220 case WIN_IDENTIFY:
2221 if (s->bs && !s->is_cdrom) {
2222 if (!s->is_cf)
2223 ide_identify(s);
2224 else
2225 ide_cfata_identify(s);
2226 s->status = READY_STAT | SEEK_STAT;
2227 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2228 } else {
2229 if (s->is_cdrom) {
2230 ide_set_signature(s);
2231 }
2232 ide_abort_command(s);
2233 }
2234 ide_set_irq(s);
2235 break;
2236 case WIN_SPECIFY:
2237 case WIN_RECAL:
2238 s->error = 0;
2239 s->status = READY_STAT | SEEK_STAT;
2240 ide_set_irq(s);
2241 break;
2242 case WIN_SETMULT:
2243 if (s->is_cf && s->nsector == 0) {
2244 /* Disable Read and Write Multiple */
2245 s->mult_sectors = 0;
2246 s->status = READY_STAT | SEEK_STAT;
2247 } else if ((s->nsector & 0xff) != 0 &&
2248 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
2249 (s->nsector & (s->nsector - 1)) != 0)) {
2250 ide_abort_command(s);
2251 } else {
2252 s->mult_sectors = s->nsector & 0xff;
2253 s->status = READY_STAT | SEEK_STAT;
2254 }
2255 ide_set_irq(s);
2256 break;
2257 case WIN_VERIFY_EXT:
2258 lba48 = 1;
2259 case WIN_VERIFY:
2260 case WIN_VERIFY_ONCE:
2261 /* do sector number check ? */
2262 ide_cmd_lba48_transform(s, lba48);
2263 s->status = READY_STAT | SEEK_STAT;
2264 ide_set_irq(s);
2265 break;
2266 case WIN_READ_EXT:
2267 lba48 = 1;
2268 case WIN_READ:
2269 case WIN_READ_ONCE:
2270 if (!s->bs)
2271 goto abort_cmd;
2272 ide_cmd_lba48_transform(s, lba48);
2273 s->req_nb_sectors = 1;
2274 ide_sector_read(s);
2275 break;
2276 case WIN_WRITE_EXT:
2277 lba48 = 1;
2278 case WIN_WRITE:
2279 case WIN_WRITE_ONCE:
2280 case CFA_WRITE_SECT_WO_ERASE:
2281 case WIN_WRITE_VERIFY:
2282 ide_cmd_lba48_transform(s, lba48);
2283 s->error = 0;
2284 s->status = SEEK_STAT | READY_STAT;
2285 s->req_nb_sectors = 1;
2286 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
2287 s->media_changed = 1;
2288 break;
2289 case WIN_MULTREAD_EXT:
2290 lba48 = 1;
2291 case WIN_MULTREAD:
2292 if (!s->mult_sectors)
2293 goto abort_cmd;
2294 ide_cmd_lba48_transform(s, lba48);
2295 s->req_nb_sectors = s->mult_sectors;
2296 ide_sector_read(s);
2297 break;
2298 case WIN_MULTWRITE_EXT:
2299 lba48 = 1;
2300 case WIN_MULTWRITE:
2301 case CFA_WRITE_MULTI_WO_ERASE:
2302 if (!s->mult_sectors)
2303 goto abort_cmd;
2304 ide_cmd_lba48_transform(s, lba48);
2305 s->error = 0;
2306 s->status = SEEK_STAT | READY_STAT;
2307 s->req_nb_sectors = s->mult_sectors;
2308 n = s->nsector;
2309 if (n > s->req_nb_sectors)
2310 n = s->req_nb_sectors;
2311 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
2312 s->media_changed = 1;
2313 break;
2314 case WIN_READDMA_EXT:
2315 lba48 = 1;
2316 case WIN_READDMA:
2317 case WIN_READDMA_ONCE:
2318 if (!s->bs)
2319 goto abort_cmd;
2320 ide_cmd_lba48_transform(s, lba48);
2321 ide_sector_read_dma(s);
2322 break;
2323 case WIN_WRITEDMA_EXT:
2324 lba48 = 1;
2325 case WIN_WRITEDMA:
2326 case WIN_WRITEDMA_ONCE:
2327 if (!s->bs)
2328 goto abort_cmd;
2329 ide_cmd_lba48_transform(s, lba48);
2330 ide_sector_write_dma(s);
2331 s->media_changed = 1;
2332 break;
2333 case WIN_READ_NATIVE_MAX_EXT:
2334 lba48 = 1;
2335 case WIN_READ_NATIVE_MAX:
2336 ide_cmd_lba48_transform(s, lba48);
2337 ide_set_sector(s, s->nb_sectors - 1);
2338 s->status = READY_STAT | SEEK_STAT;
2339 ide_set_irq(s);
2340 break;
2341 case WIN_CHECKPOWERMODE1:
2342 case WIN_CHECKPOWERMODE2:
2343 s->nsector = 0xff; /* device active or idle */
2344 s->status = READY_STAT | SEEK_STAT;
2345 ide_set_irq(s);
2346 break;
2347 case WIN_SETFEATURES:
2348 if (!s->bs)
2349 goto abort_cmd;
2350 /* XXX: valid for CDROM ? */
2351 switch(s->feature) {
2352 case 0xcc: /* reverting to power-on defaults enable */
2353 case 0x66: /* reverting to power-on defaults disable */
2354 case 0x02: /* write cache enable */
2355 case 0x82: /* write cache disable */
2356 case 0xaa: /* read look-ahead enable */
2357 case 0x55: /* read look-ahead disable */
2358 case 0x05: /* set advanced power management mode */
2359 case 0x85: /* disable advanced power management mode */
2360 case 0x69: /* NOP */
2361 case 0x67: /* NOP */
2362 case 0x96: /* NOP */
2363 case 0x9a: /* NOP */
2364 case 0x42: /* enable Automatic Acoustic Mode */
2365 case 0xc2: /* disable Automatic Acoustic Mode */
2366 s->status = READY_STAT | SEEK_STAT;
2367 ide_set_irq(s);
2368 break;
2369 case 0x03: { /* set transfer mode */
2370 uint8_t val = s->nsector & 0x07;
2371
2372 switch (s->nsector >> 3) {
2373 case 0x00: /* pio default */
2374 case 0x01: /* pio mode */
2375 put_le16(s->identify_data + 62,0x07);
2376 put_le16(s->identify_data + 63,0x07);
2377 put_le16(s->identify_data + 88,0x3f);
2378 break;
2379 case 0x02: /* sigle word dma mode*/
2380 put_le16(s->identify_data + 62,0x07 | (1 << (val + 8)));
2381 put_le16(s->identify_data + 63,0x07);
2382 put_le16(s->identify_data + 88,0x3f);
2383 break;
2384 case 0x04: /* mdma mode */
2385 put_le16(s->identify_data + 62,0x07);
2386 put_le16(s->identify_data + 63,0x07 | (1 << (val + 8)));
2387 put_le16(s->identify_data + 88,0x3f);
2388 break;
2389 case 0x08: /* udma mode */
2390 put_le16(s->identify_data + 62,0x07);
2391 put_le16(s->identify_data + 63,0x07);
2392 put_le16(s->identify_data + 88,0x3f | (1 << (val + 8)));
2393 break;
2394 default:
2395 goto abort_cmd;
2396 }
2397 s->status = READY_STAT | SEEK_STAT;
2398 ide_set_irq(s);
2399 break;
2400 }
2401 default:
2402 goto abort_cmd;
2403 }
2404 break;
2405 case WIN_FLUSH_CACHE:
2406 case WIN_FLUSH_CACHE_EXT:
2407 if (s->bs)
2408 bdrv_flush(s->bs);
2409 s->status = READY_STAT | SEEK_STAT;
2410 ide_set_irq(s);
2411 break;
2412 case WIN_STANDBY:
2413 case WIN_STANDBY2:
2414 case WIN_STANDBYNOW1:
2415 case WIN_STANDBYNOW2:
2416 case WIN_IDLEIMMEDIATE:
2417 case CFA_IDLEIMMEDIATE:
2418 case WIN_SETIDLE1:
2419 case WIN_SETIDLE2:
2420 case WIN_SLEEPNOW1:
2421 case WIN_SLEEPNOW2:
2422 s->status = READY_STAT;
2423 ide_set_irq(s);
2424 break;
2425 case WIN_SEEK:
2426 if(s->is_cdrom)
2427 goto abort_cmd;
2428 /* XXX: Check that seek is within bounds */
2429 s->status = READY_STAT | SEEK_STAT;
2430 ide_set_irq(s);
2431 break;
2432 /* ATAPI commands */
2433 case WIN_PIDENTIFY:
2434 if (s->is_cdrom) {
2435 ide_atapi_identify(s);
2436 s->status = READY_STAT | SEEK_STAT;
2437 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2438 } else {
2439 ide_abort_command(s);
2440 }
2441 ide_set_irq(s);
2442 break;
2443 case WIN_DIAGNOSE:
2444 ide_set_signature(s);
2445 if (s->is_cdrom)
2446 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet
2447 * devices to return a clear status register
2448 * with READY_STAT *not* set. */
2449 else
2450 s->status = READY_STAT | SEEK_STAT;
2451 s->error = 0x01; /* Device 0 passed, Device 1 passed or not
2452 * present.
2453 */
2454 ide_set_irq(s);
2455 break;
2456 case WIN_SRST:
2457 if (!s->is_cdrom)
2458 goto abort_cmd;
2459 ide_set_signature(s);
2460 s->status = 0x00; /* NOTE: READY is _not_ set */
2461 s->error = 0x01;
2462 break;
2463 case WIN_PACKETCMD:
2464 if (!s->is_cdrom)
2465 goto abort_cmd;
2466 /* overlapping commands not supported */
2467 if (s->feature & 0x02)
2468 goto abort_cmd;
2469 s->status = READY_STAT | SEEK_STAT;
2470 s->atapi_dma = s->feature & 1;
2471 s->nsector = 1;
2472 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
2473 ide_atapi_cmd);
2474 break;
2475 /* CF-ATA commands */
2476 case CFA_REQ_EXT_ERROR_CODE:
2477 if (!s->is_cf)
2478 goto abort_cmd;
2479 s->error = 0x09; /* miscellaneous error */
2480 s->status = READY_STAT | SEEK_STAT;
2481 ide_set_irq(s);
2482 break;
2483 case CFA_ERASE_SECTORS:
2484 case CFA_WEAR_LEVEL:
2485 if (!s->is_cf)
2486 goto abort_cmd;
2487 if (val == CFA_WEAR_LEVEL)
2488 s->nsector = 0;
2489 if (val == CFA_ERASE_SECTORS)
2490 s->media_changed = 1;
2491 s->error = 0x00;
2492 s->status = READY_STAT | SEEK_STAT;
2493 ide_set_irq(s);
2494 break;
2495 case CFA_TRANSLATE_SECTOR:
2496 if (!s->is_cf)
2497 goto abort_cmd;
2498 s->error = 0x00;
2499 s->status = READY_STAT | SEEK_STAT;
2500 memset(s->io_buffer, 0, 0x200);
2501 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
2502 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
2503 s->io_buffer[0x02] = s->select; /* Head */
2504 s->io_buffer[0x03] = s->sector; /* Sector */
2505 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
2506 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
2507 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
2508 s->io_buffer[0x13] = 0x00; /* Erase flag */
2509 s->io_buffer[0x18] = 0x00; /* Hot count */
2510 s->io_buffer[0x19] = 0x00; /* Hot count */
2511 s->io_buffer[0x1a] = 0x01; /* Hot count */
2512 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2513 ide_set_irq(s);
2514 break;
2515 case CFA_ACCESS_METADATA_STORAGE:
2516 if (!s->is_cf)
2517 goto abort_cmd;
2518 switch (s->feature) {
2519 case 0x02: /* Inquiry Metadata Storage */
2520 ide_cfata_metadata_inquiry(s);
2521 break;
2522 case 0x03: /* Read Metadata Storage */
2523 ide_cfata_metadata_read(s);
2524 break;
2525 case 0x04: /* Write Metadata Storage */
2526 ide_cfata_metadata_write(s);
2527 break;
2528 default:
2529 goto abort_cmd;
2530 }
2531 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2532 s->status = 0x00; /* NOTE: READY is _not_ set */
2533 ide_set_irq(s);
2534 break;
2535 case IBM_SENSE_CONDITION:
2536 if (!s->is_cf)
2537 goto abort_cmd;
2538 switch (s->feature) {
2539 case 0x01: /* sense temperature in device */
2540 s->nsector = 0x50; /* +20 C */
2541 break;
2542 default:
2543 goto abort_cmd;
2544 }
2545 s->status = READY_STAT | SEEK_STAT;
2546 ide_set_irq(s);
2547 break;
2548 default:
2549 abort_cmd:
2550 ide_abort_command(s);
2551 ide_set_irq(s);
2552 break;
2553 }
2554 }
2555 }
2556
2557 static uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
2558 {
2559 IDEState *ide_if = opaque;
2560 IDEState *s = ide_if->cur_drive;
2561 uint32_t addr;
2562 int ret, hob;
2563
2564 addr = addr1 & 7;
2565 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2566 //hob = s->select & (1 << 7);
2567 hob = 0;
2568 switch(addr) {
2569 case 0:
2570 ret = 0xff;
2571 break;
2572 case 1:
2573 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2574 (s != ide_if && !s->bs))
2575 ret = 0;
2576 else if (!hob)
2577 ret = s->error;
2578 else
2579 ret = s->hob_feature;
2580 break;
2581 case 2:
2582 if (!ide_if[0].bs && !ide_if[1].bs)
2583 ret = 0;
2584 else if (!hob)
2585 ret = s->nsector & 0xff;
2586 else
2587 ret = s->hob_nsector;
2588 break;
2589 case 3:
2590 if (!ide_if[0].bs && !ide_if[1].bs)
2591 ret = 0;
2592 else if (!hob)
2593 ret = s->sector;
2594 else
2595 ret = s->hob_sector;
2596 break;
2597 case 4:
2598 if (!ide_if[0].bs && !ide_if[1].bs)
2599 ret = 0;
2600 else if (!hob)
2601 ret = s->lcyl;
2602 else
2603 ret = s->hob_lcyl;
2604 break;
2605 case 5:
2606 if (!ide_if[0].bs && !ide_if[1].bs)
2607 ret = 0;
2608 else if (!hob)
2609 ret = s->hcyl;
2610 else
2611 ret = s->hob_hcyl;
2612 break;
2613 case 6:
2614 if (!ide_if[0].bs && !ide_if[1].bs)
2615 ret = 0;
2616 else
2617 ret = s->select;
2618 break;
2619 default:
2620 case 7:
2621 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2622 (s != ide_if && !s->bs))
2623 ret = 0;
2624 else
2625 ret = s->status;
2626 qemu_irq_lower(s->irq);
2627 break;
2628 }
2629 #ifdef DEBUG_IDE
2630 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
2631 #endif
2632 return ret;
2633 }
2634
2635 static uint32_t ide_status_read(void *opaque, uint32_t addr)
2636 {
2637 IDEState *ide_if = opaque;
2638 IDEState *s = ide_if->cur_drive;
2639 int ret;
2640
2641 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2642 (s != ide_if && !s->bs))
2643 ret = 0;
2644 else
2645 ret = s->status;
2646 #ifdef DEBUG_IDE
2647 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
2648 #endif
2649 return ret;
2650 }
2651
2652 static void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
2653 {
2654 IDEState *ide_if = opaque;
2655 IDEState *s;
2656 int i;
2657
2658 #ifdef DEBUG_IDE
2659 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
2660 #endif
2661 /* common for both drives */
2662 if (!(ide_if[0].cmd & IDE_CMD_RESET) &&
2663 (val & IDE_CMD_RESET)) {
2664 /* reset low to high */
2665 for(i = 0;i < 2; i++) {
2666 s = &ide_if[i];
2667 s->status = BUSY_STAT | SEEK_STAT;
2668 s->error = 0x01;
2669 }
2670 } else if ((ide_if[0].cmd & IDE_CMD_RESET) &&
2671 !(val & IDE_CMD_RESET)) {
2672 /* high to low */
2673 for(i = 0;i < 2; i++) {
2674 s = &ide_if[i];
2675 if (s->is_cdrom)
2676 s->status = 0x00; /* NOTE: READY is _not_ set */
2677 else
2678 s->status = READY_STAT | SEEK_STAT;
2679 ide_set_signature(s);
2680 }
2681 }
2682
2683 ide_if[0].cmd = val;
2684 ide_if[1].cmd = val;
2685 }
2686
2687 static void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
2688 {
2689 IDEState *s = ((IDEState *)opaque)->cur_drive;
2690 uint8_t *p;
2691
2692 /* PIO data access allowed only when DRQ bit is set */
2693 if (!(s->status & DRQ_STAT))
2694 return;
2695
2696 p = s->data_ptr;
2697 *(uint16_t *)p = le16_to_cpu(val);
2698 p += 2;
2699 s->data_ptr = p;
2700 if (p >= s->data_end)
2701 s->end_transfer_func(s);
2702 }
2703
2704 static uint32_t ide_data_readw(void *opaque, uint32_t addr)
2705 {
2706 IDEState *s = ((IDEState *)opaque)->cur_drive;
2707 uint8_t *p;
2708 int ret;
2709
2710 /* PIO data access allowed only when DRQ bit is set */
2711 if (!(s->status & DRQ_STAT))
2712 return 0;
2713
2714 p = s->data_ptr;
2715 ret = cpu_to_le16(*(uint16_t *)p);
2716 p += 2;
2717 s->data_ptr = p;
2718 if (p >= s->data_end)
2719 s->end_transfer_func(s);
2720 return ret;
2721 }
2722
2723 static void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
2724 {
2725 IDEState *s = ((IDEState *)opaque)->cur_drive;
2726 uint8_t *p;
2727
2728 /* PIO data access allowed only when DRQ bit is set */
2729 if (!(s->status & DRQ_STAT))
2730 return;
2731
2732 p = s->data_ptr;
2733 *(uint32_t *)p = le32_to_cpu(val);
2734 p += 4;
2735 s->data_ptr = p;
2736 if (p >= s->data_end)
2737 s->end_transfer_func(s);
2738 }
2739
2740 static uint32_t ide_data_readl(void *opaque, uint32_t addr)
2741 {
2742 IDEState *s = ((IDEState *)opaque)->cur_drive;
2743 uint8_t *p;
2744 int ret;
2745
2746 /* PIO data access allowed only when DRQ bit is set */
2747 if (!(s->status & DRQ_STAT))
2748 return 0;
2749
2750 p = s->data_ptr;
2751 ret = cpu_to_le32(*(uint32_t *)p);
2752 p += 4;
2753 s->data_ptr = p;
2754 if (p >= s->data_end)
2755 s->end_transfer_func(s);
2756 return ret;
2757 }
2758
2759 static void ide_dummy_transfer_stop(IDEState *s)
2760 {
2761 s->data_ptr = s->io_buffer;
2762 s->data_end = s->io_buffer;
2763 s->io_buffer[0] = 0xff;
2764 s->io_buffer[1] = 0xff;
2765 s->io_buffer[2] = 0xff;
2766 s->io_buffer[3] = 0xff;
2767 }
2768
2769 static void ide_reset(IDEState *s)
2770 {
2771 if (s->is_cf)
2772 s->mult_sectors = 0;
2773 else
2774 s->mult_sectors = MAX_MULT_SECTORS;
2775 s->cur_drive = s;
2776 s->select = 0xa0;
2777 s->status = READY_STAT | SEEK_STAT;
2778 ide_set_signature(s);
2779 /* init the transfer handler so that 0xffff is returned on data
2780 accesses */
2781 s->end_transfer_func = ide_dummy_transfer_stop;
2782 ide_dummy_transfer_stop(s);
2783 s->media_changed = 0;
2784 }
2785
2786 static void ide_init2(IDEState *ide_state,
2787 BlockDriverState *hd0, BlockDriverState *hd1,
2788 qemu_irq irq)
2789 {
2790 IDEState *s;
2791 static int drive_serial = 1;
2792 int i, cylinders, heads, secs;
2793 uint64_t nb_sectors;
2794
2795 for(i = 0; i < 2; i++) {
2796 s = ide_state + i;
2797 s->io_buffer = qemu_memalign(512, IDE_DMA_BUF_SECTORS*512 + 4);
2798 if (i == 0)
2799 s->bs = hd0;
2800 else
2801 s->bs = hd1;
2802 if (s->bs) {
2803 bdrv_get_geometry(s->bs, &nb_sectors);
2804 bdrv_guess_geometry(s->bs, &cylinders, &heads, &secs);
2805 s->cylinders = cylinders;
2806 s->heads = heads;
2807 s->sectors = secs;
2808 s->nb_sectors = nb_sectors;
2809
2810 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
2811 s->is_cdrom = 1;
2812 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
2813 }
2814 }
2815 s->drive_serial = drive_serial++;
2816 strncpy(s->drive_serial_str, drive_get_serial(s->bs),
2817 sizeof(s->drive_serial_str));
2818 if (strlen(s->drive_serial_str) == 0)
2819 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str),
2820 "QM%05d", s->drive_serial);
2821 s->irq = irq;
2822 s->sector_write_timer = qemu_new_timer(vm_clock,
2823 ide_sector_write_timer_cb, s);
2824 ide_reset(s);
2825 }
2826 }
2827
2828 static void ide_init_ioport(IDEState *ide_state, int iobase, int iobase2)
2829 {
2830 register_ioport_write(iobase, 8, 1, ide_ioport_write, ide_state);
2831 register_ioport_read(iobase, 8, 1, ide_ioport_read, ide_state);
2832 if (iobase2) {
2833 register_ioport_read(iobase2, 1, 1, ide_status_read, ide_state);
2834 register_ioport_write(iobase2, 1, 1, ide_cmd_write, ide_state);
2835 }
2836
2837 /* data ports */
2838 register_ioport_write(iobase, 2, 2, ide_data_writew, ide_state);
2839 register_ioport_read(iobase, 2, 2, ide_data_readw, ide_state);
2840 register_ioport_write(iobase, 4, 4, ide_data_writel, ide_state);
2841 register_ioport_read(iobase, 4, 4, ide_data_readl, ide_state);
2842 }
2843
2844 /* save per IDE drive data */
2845 static void ide_save(QEMUFile* f, IDEState *s)
2846 {
2847 qemu_put_be32(f, s->mult_sectors);
2848 qemu_put_be32(f, s->identify_set);
2849 if (s->identify_set) {
2850 qemu_put_buffer(f, (const uint8_t *)s->identify_data, 512);
2851 }
2852 qemu_put_8s(f, &s->feature);
2853 qemu_put_8s(f, &s->error);
2854 qemu_put_be32s(f, &s->nsector);
2855 qemu_put_8s(f, &s->sector);
2856 qemu_put_8s(f, &s->lcyl);
2857 qemu_put_8s(f, &s->hcyl);
2858 qemu_put_8s(f, &s->hob_feature);
2859 qemu_put_8s(f, &s->hob_nsector);
2860 qemu_put_8s(f, &s->hob_sector);
2861 qemu_put_8s(f, &s->hob_lcyl);
2862 qemu_put_8s(f, &s->hob_hcyl);
2863 qemu_put_8s(f, &s->select);
2864 qemu_put_8s(f, &s->status);
2865 qemu_put_8s(f, &s->lba48);
2866
2867 qemu_put_8s(f, &s->sense_key);
2868 qemu_put_8s(f, &s->asc);
2869 /* XXX: if a transfer is pending, we do not save it yet */
2870 }
2871
2872 /* load per IDE drive data */
2873 static void ide_load(QEMUFile* f, IDEState *s)
2874 {
2875 s->mult_sectors=qemu_get_be32(f);
2876 s->identify_set=qemu_get_be32(f);
2877 if (s->identify_set) {
2878 qemu_get_buffer(f, (uint8_t *)s->identify_data, 512);
2879 }
2880 qemu_get_8s(f, &s->feature);
2881 qemu_get_8s(f, &s->error);
2882 qemu_get_be32s(f, &s->nsector);
2883 qemu_get_8s(f, &s->sector);
2884 qemu_get_8s(f, &s->lcyl);
2885 qemu_get_8s(f, &s->hcyl);
2886 qemu_get_8s(f, &s->hob_feature);
2887 qemu_get_8s(f, &s->hob_nsector);
2888 qemu_get_8s(f, &s->hob_sector);
2889 qemu_get_8s(f, &s->hob_lcyl);
2890 qemu_get_8s(f, &s->hob_hcyl);
2891 qemu_get_8s(f, &s->select);
2892 qemu_get_8s(f, &s->status);
2893 qemu_get_8s(f, &s->lba48);
2894
2895 qemu_get_8s(f, &s->sense_key);
2896 qemu_get_8s(f, &s->asc);
2897 /* XXX: if a transfer is pending, we do not save it yet */
2898 }
2899
2900 /***********************************************************/
2901 /* ISA IDE definitions */
2902
2903 void isa_ide_init(int iobase, int iobase2, qemu_irq irq,
2904 BlockDriverState *hd0, BlockDriverState *hd1)
2905 {
2906 IDEState *ide_state;
2907
2908 ide_state = qemu_mallocz(sizeof(IDEState) * 2);
2909
2910 ide_init2(ide_state, hd0, hd1, irq);
2911 ide_init_ioport(ide_state, iobase, iobase2);
2912 }
2913
2914 /***********************************************************/
2915 /* PCI IDE definitions */
2916
2917 static void cmd646_update_irq(PCIIDEState *d);
2918
2919 static void ide_map(PCIDevice *pci_dev, int region_num,
2920 uint32_t addr, uint32_t size, int type)
2921 {
2922 PCIIDEState *d = (PCIIDEState *)pci_dev;
2923 IDEState *ide_state;
2924
2925 if (region_num <= 3) {
2926 ide_state = &d->ide_if[(region_num >> 1) * 2];
2927 if (region_num & 1) {
2928 register_ioport_read(addr + 2, 1, 1, ide_status_read, ide_state);
2929 register_ioport_write(addr + 2, 1, 1, ide_cmd_write, ide_state);
2930 } else {
2931 register_ioport_write(addr, 8, 1, ide_ioport_write, ide_state);
2932 register_ioport_read(addr, 8, 1, ide_ioport_read, ide_state);
2933
2934 /* data ports */
2935 register_ioport_write(addr, 2, 2, ide_data_writew, ide_state);
2936 register_ioport_read(addr, 2, 2, ide_data_readw, ide_state);
2937 register_ioport_write(addr, 4, 4, ide_data_writel, ide_state);
2938 register_ioport_read(addr, 4, 4, ide_data_readl, ide_state);
2939 }
2940 }
2941 }
2942
2943 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb)
2944 {
2945 BMDMAState *bm = s->bmdma;
2946 if(!bm)
2947 return;
2948 bm->ide_if = s;
2949 bm->dma_cb = dma_cb;
2950 bm->cur_prd_last = 0;
2951 bm->cur_prd_addr = 0;
2952 bm->cur_prd_len = 0;
2953 bm->sector_num = ide_get_sector(s);
2954 bm->nsector = s->nsector;
2955 if (bm->status & BM_STATUS_DMAING) {
2956 bm->dma_cb(bm, 0);
2957 }
2958 }
2959
2960 static void ide_dma_restart(IDEState *s)
2961 {
2962 BMDMAState *bm = s->bmdma;
2963 ide_set_sector(s, bm->sector_num);
2964 s->io_buffer_index = 0;
2965 s->io_buffer_size = 0;
2966 s->nsector = bm->nsector;
2967 bm->cur_addr = bm->addr;
2968 bm->dma_cb = ide_write_dma_cb;
2969 ide_dma_start(s, bm->dma_cb);
2970 }
2971
2972 static void ide_dma_cancel(BMDMAState *bm)
2973 {
2974 if (bm->status & BM_STATUS_DMAING) {
2975 bm->status &= ~BM_STATUS_DMAING;
2976 /* cancel DMA request */
2977 bm->ide_if = NULL;
2978 bm->dma_cb = NULL;
2979 if (bm->aiocb) {
2980 #ifdef DEBUG_AIO
2981 printf("aio_cancel\n");
2982 #endif
2983 bdrv_aio_cancel(bm->aiocb);
2984 bm->aiocb = NULL;
2985 }
2986 }
2987 }
2988
2989 static void bmdma_cmd_writeb(void *opaque, uint32_t addr, uint32_t val)
2990 {
2991 BMDMAState *bm = opaque;
2992 #ifdef DEBUG_IDE
2993 printf("%s: 0x%08x\n", __func__, val);
2994 #endif
2995 if (!(val & BM_CMD_START)) {
2996 /* XXX: do it better */
2997 ide_dma_cancel(bm);
2998 bm->cmd = val & 0x09;
2999 } else {
3000 if (!(bm->status & BM_STATUS_DMAING)) {
3001 bm->status |= BM_STATUS_DMAING;
3002 /* start dma transfer if possible */
3003 if (bm->dma_cb)
3004 bm->dma_cb(bm, 0);
3005 }
3006 bm->cmd = val & 0x09;
3007 }
3008 }
3009
3010 static uint32_t bmdma_readb(void *opaque, uint32_t addr)
3011 {
3012 BMDMAState *bm = opaque;
3013 PCIIDEState *pci_dev;
3014 uint32_t val;
3015
3016 switch(addr & 3) {
3017 case 0:
3018 val = bm->cmd;
3019 break;
3020 case 1:
3021 pci_dev = bm->pci_dev;
3022 if (pci_dev->type == IDE_TYPE_CMD646) {
3023 val = pci_dev->dev.config[MRDMODE];
3024 } else {
3025 val = 0xff;
3026 }
3027 break;
3028 case 2:
3029 val = bm->status;
3030 break;
3031 case 3:
3032 pci_dev = bm->pci_dev;
3033 if (pci_dev->type == IDE_TYPE_CMD646) {
3034 if (bm == &pci_dev->bmdma[0])
3035 val = pci_dev->dev.config[UDIDETCR0];
3036 else
3037 val = pci_dev->dev.config[UDIDETCR1];
3038 } else {
3039 val = 0xff;
3040 }
3041 break;
3042 default:
3043 val = 0xff;
3044 break;
3045 }
3046 #ifdef DEBUG_IDE
3047 printf("bmdma: readb 0x%02x : 0x%02x\n", addr, val);
3048 #endif
3049 return val;
3050 }
3051
3052 static void bmdma_writeb(void *opaque, uint32_t addr, uint32_t val)
3053 {
3054 BMDMAState *bm = opaque;
3055 PCIIDEState *pci_dev;
3056 #ifdef DEBUG_IDE
3057 printf("bmdma: writeb 0x%02x : 0x%02x\n", addr, val);
3058 #endif
3059 switch(addr & 3) {
3060 case 1:
3061 pci_dev = bm->pci_dev;
3062 if (pci_dev->type == IDE_TYPE_CMD646) {
3063 pci_dev->dev.config[MRDMODE] =
3064 (pci_dev->dev.config[MRDMODE] & ~0x30) | (val & 0x30);
3065 cmd646_update_irq(pci_dev);
3066 }
3067 break;
3068 case 2:
3069 bm->status = (val & 0x60) | (bm->status & 1) | (bm->status & ~val & 0x06);
3070 break;
3071 case 3:
3072 pci_dev = bm->pci_dev;
3073 if (pci_dev->type == IDE_TYPE_CMD646) {
3074 if (bm == &pci_dev->bmdma[0])
3075 pci_dev->dev.config[UDIDETCR0] = val;
3076 else
3077 pci_dev->dev.config[UDIDETCR1] = val;
3078 }
3079 break;
3080 }
3081 }
3082
3083 static uint32_t bmdma_addr_readb(void *opaque, uint32_t addr)
3084 {
3085 BMDMAState *bm = opaque;
3086 uint32_t val;
3087 val = (bm->addr >> ((addr & 3) * 8)) & 0xff;
3088 #ifdef DEBUG_IDE
3089 printf("%s: 0x%08x\n", __func__, val);
3090 #endif
3091 return val;
3092 }
3093
3094 static void bmdma_addr_writeb(void *opaque, uint32_t addr, uint32_t val)
3095 {
3096 BMDMAState *bm = opaque;
3097 int shift = (addr & 3) * 8;
3098 #ifdef DEBUG_IDE
3099 printf("%s: 0x%08x\n", __func__, val);
3100 #endif
3101 bm->addr &= ~(0xFF << shift);
3102 bm->addr |= ((val & 0xFF) << shift) & ~3;
3103 bm->cur_addr = bm->addr;
3104 }
3105
3106 static uint32_t bmdma_addr_readw(void *opaque, uint32_t addr)
3107 {
3108 BMDMAState *bm = opaque;
3109 uint32_t val;
3110 val = (bm->addr >> ((addr & 3) * 8)) & 0xffff;
3111 #ifdef DEBUG_IDE
3112 printf("%s: 0x%08x\n", __func__, val);
3113 #endif
3114 return val;
3115 }
3116
3117 static void bmdma_addr_writew(void *opaque, uint32_t addr, uint32_t val)
3118 {
3119 BMDMAState *bm = opaque;
3120 int shift = (addr & 3) * 8;
3121 #ifdef DEBUG_IDE
3122 printf("%s: 0x%08x\n", __func__, val);
3123 #endif
3124 bm->addr &= ~(0xFFFF << shift);
3125 bm->addr |= ((val & 0xFFFF) << shift) & ~3;
3126 bm->cur_addr = bm->addr;
3127 }
3128
3129 static uint32_t bmdma_addr_readl(void *opaque, uint32_t addr)
3130 {
3131 BMDMAState *bm = opaque;
3132 uint32_t val;
3133 val = bm->addr;
3134 #ifdef DEBUG_IDE
3135 printf("%s: 0x%08x\n", __func__, val);
3136 #endif
3137 return val;
3138 }
3139
3140 static void bmdma_addr_writel(void *opaque, uint32_t addr, uint32_t val)
3141 {
3142 BMDMAState *bm = opaque;
3143 #ifdef DEBUG_IDE
3144 printf("%s: 0x%08x\n", __func__, val);
3145 #endif
3146 bm->addr = val & ~3;
3147 bm->cur_addr = bm->addr;
3148 }
3149
3150 static void bmdma_map(PCIDevice *pci_dev, int region_num,
3151 uint32_t addr, uint32_t size, int type)
3152 {
3153 PCIIDEState *d = (PCIIDEState *)pci_dev;
3154 int i;
3155
3156 for(i = 0;i < 2; i++) {
3157 BMDMAState *bm = &d->bmdma[i];
3158 d->ide_if[2 * i].bmdma = bm;
3159 d->ide_if[2 * i + 1].bmdma = bm;
3160 bm->pci_dev = (PCIIDEState *)pci_dev;
3161 qemu_add_vm_change_state_handler(ide_dma_restart_cb, bm);
3162
3163 register_ioport_write(addr, 1, 1, bmdma_cmd_writeb, bm);
3164
3165 register_ioport_write(addr + 1, 3, 1, bmdma_writeb, bm);
3166 register_ioport_read(addr, 4, 1, bmdma_readb, bm);
3167
3168 register_ioport_write(addr + 4, 4, 1, bmdma_addr_writeb, bm);
3169 register_ioport_read(addr + 4, 4, 1, bmdma_addr_readb, bm);
3170 register_ioport_write(addr + 4, 4, 2, bmdma_addr_writew, bm);
3171 register_ioport_read(addr + 4, 4, 2, bmdma_addr_readw, bm);
3172 register_ioport_write(addr + 4, 4, 4, bmdma_addr_writel, bm);
3173 register_ioport_read(addr + 4, 4, 4, bmdma_addr_readl, bm);
3174 addr += 8;
3175 }
3176 }
3177
3178 static void pci_ide_save(QEMUFile* f, void *opaque)
3179 {
3180 PCIIDEState *d = opaque;
3181 int i;
3182
3183 pci_device_save(&d->dev, f);
3184
3185 for(i = 0; i < 2; i++) {
3186 BMDMAState *bm = &d->bmdma[i];
3187 uint8_t ifidx;
3188 qemu_put_8s(f, &bm->cmd);
3189 qemu_put_8s(f, &bm->status);
3190 qemu_put_be32s(f, &bm->addr);
3191 qemu_put_sbe64s(f, &bm->sector_num);
3192 qemu_put_be32s(f, &bm->nsector);
3193 ifidx = bm->ide_if ? bm->ide_if - d->ide_if : 0;
3194 qemu_put_8s(f, &ifidx);
3195 /* XXX: if a transfer is pending, we do not save it yet */
3196 }
3197
3198 /* per IDE interface data */
3199 for(i = 0; i < 2; i++) {
3200 IDEState *s = &d->ide_if[i * 2];
3201 uint8_t drive1_selected;
3202 qemu_put_8s(f, &s->cmd);
3203 drive1_selected = (s->cur_drive != s);
3204 qemu_put_8s(f, &drive1_selected);
3205 }
3206
3207 /* per IDE drive data */
3208 for(i = 0; i < 4; i++) {
3209 ide_save(f, &d->ide_if[i]);
3210 }
3211 }
3212
3213 static int pci_ide_load(QEMUFile* f, void *opaque, int version_id)
3214 {
3215 PCIIDEState *d = opaque;
3216 int ret, i;
3217
3218 if (version_id != 2)
3219 return -EINVAL;
3220 ret = pci_device_load(&d->dev, f);
3221 if (ret < 0)
3222 return ret;
3223
3224 for(i = 0; i < 2; i++) {
3225 BMDMAState *bm = &d->bmdma[i];
3226 uint8_t ifidx;
3227 qemu_get_8s(f, &bm->cmd);
3228 qemu_get_8s(f, &bm->status);
3229 qemu_get_be32s(f, &bm->addr);
3230 qemu_get_sbe64s(f, &bm->sector_num);
3231 qemu_get_be32s(f, &bm->nsector);
3232 qemu_get_8s(f, &ifidx);
3233 bm->ide_if = &d->ide_if[ifidx];
3234 /* XXX: if a transfer is pending, we do not save it yet */
3235 }
3236
3237 /* per IDE interface data */
3238 for(i = 0; i < 2; i++) {
3239 IDEState *s = &d->ide_if[i * 2];
3240 uint8_t drive1_selected;
3241 qemu_get_8s(f, &s->cmd);
3242 qemu_get_8s(f, &drive1_selected);
3243 s->cur_drive = &d->ide_if[i * 2 + (drive1_selected != 0)];
3244 }
3245
3246 /* per IDE drive data */
3247 for(i = 0; i < 4; i++) {
3248 ide_load(f, &d->ide_if[i]);
3249 }
3250 return 0;
3251 }
3252
3253 /* XXX: call it also when the MRDMODE is changed from the PCI config
3254 registers */
3255 static void cmd646_update_irq(PCIIDEState *d)
3256 {
3257 int pci_level;
3258 pci_level = ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH0) &&
3259 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH0)) ||
3260 ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH1) &&
3261 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH1));
3262 qemu_set_irq(d->dev.irq[0], pci_level);
3263 }
3264
3265 /* the PCI irq level is the logical OR of the two channels */
3266 static void cmd646_set_irq(void *opaque, int channel, int level)
3267 {
3268 PCIIDEState *d = opaque;
3269 int irq_mask;
3270
3271 irq_mask = MRDMODE_INTR_CH0 << channel;
3272 if (level)
3273 d->dev.config[MRDMODE] |= irq_mask;
3274 else
3275 d->dev.config[MRDMODE] &= ~irq_mask;
3276 cmd646_update_irq(d);
3277 }
3278
3279 static void cmd646_reset(void *opaque)
3280 {
3281 PCIIDEState *d = opaque;
3282 unsigned int i;
3283
3284 for (i = 0; i < 2; i++)
3285 ide_dma_cancel(&d->bmdma[i]);
3286 }
3287
3288 /* CMD646 PCI IDE controller */
3289 void pci_cmd646_ide_init(PCIBus *bus, BlockDriverState **hd_table,
3290 int secondary_ide_enabled)
3291 {
3292 PCIIDEState *d;
3293 uint8_t *pci_conf;
3294 int i;
3295 qemu_irq *irq;
3296
3297 d = (PCIIDEState *)pci_register_device(bus, "CMD646 IDE",
3298 sizeof(PCIIDEState),
3299 -1,
3300 NULL, NULL);
3301 d->type = IDE_TYPE_CMD646;
3302 pci_conf = d->dev.config;
3303 pci_config_set_vendor_id(pci_conf, PCI_VENDOR_ID_CMD);
3304 pci_config_set_device_id(pci_conf, PCI_DEVICE_ID_CMD_646);
3305
3306 pci_conf[0x08] = 0x07; // IDE controller revision
3307 pci_conf[0x09] = 0x8f;
3308
3309 pci_config_set_class(pci_conf, PCI_CLASS_STORAGE_IDE);
3310 pci_conf[0x0e] = 0x00; // header_type
3311
3312 pci_conf[0x51] = 0x04; // enable IDE0
3313 if (secondary_ide_enabled) {
3314 /* XXX: if not enabled, really disable the seconday IDE controller */
3315 pci_conf[0x51] |= 0x08; /* enable IDE1 */
3316 }
3317
3318 pci_register_io_region((PCIDevice *)d, 0, 0x8,
3319 PCI_ADDRESS_SPACE_IO, ide_map);
3320 pci_register_io_region((PCIDevice *)d, 1, 0x4,
3321 PCI_ADDRESS_SPACE_IO, ide_map);
3322 pci_register_io_region((PCIDevice *)d, 2, 0x8,
3323 PCI_ADDRESS_SPACE_IO, ide_map);
3324 pci_register_io_region((PCIDevice *)d, 3, 0x4,
3325 PCI_ADDRESS_SPACE_IO, ide_map);
3326 pci_register_io_region((PCIDevice *)d, 4, 0x10,
3327 PCI_ADDRESS_SPACE_IO, bmdma_map);
3328
3329 pci_conf[0x3d] = 0x01; // interrupt on pin 1
3330
3331 for(i = 0; i < 4; i++)
3332 d->ide_if[i].pci_dev = (PCIDevice *)d;
3333
3334 irq = qemu_allocate_irqs(cmd646_set_irq, d, 2);
3335 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], irq[0]);
3336 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], irq[1]);
3337
3338 register_savevm("ide", 0, 2, pci_ide_save, pci_ide_load, d);
3339 qemu_register_reset(cmd646_reset, d);
3340 cmd646_reset(d);
3341 }
3342
3343 static void piix3_reset(void *opaque)
3344 {
3345 PCIIDEState *d = opaque;
3346 uint8_t *pci_conf = d->dev.config;
3347 int i;
3348
3349 for (i = 0; i < 2; i++)
3350 ide_dma_cancel(&d->bmdma[i]);
3351
3352 pci_conf[0x04] = 0x00;
3353 pci_conf[0x05] = 0x00;
3354 pci_conf[0x06] = 0x80; /* FBC */
3355 pci_conf[0x07] = 0x02; // PCI_status_devsel_medium
3356 pci_conf[0x20] = 0x01; /* BMIBA: 20-23h */
3357 }
3358
3359 /* hd_table must contain 4 block drivers */
3360 /* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
3361 void pci_piix3_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
3362 qemu_irq *pic)
3363 {
3364 PCIIDEState *d;
3365 uint8_t *pci_conf;
3366 int i;
3367
3368 /* register a function 1 of PIIX3 */
3369 d = (PCIIDEState *)pci_register_device(bus, "PIIX3 IDE",
3370 sizeof(PCIIDEState),
3371 devfn,
3372 NULL, NULL);
3373 d->type = IDE_TYPE_PIIX3;
3374
3375 pci_conf = d->dev.config;
3376 pci_config_set_vendor_id(pci_conf, PCI_VENDOR_ID_INTEL);
3377 pci_config_set_device_id(pci_conf, PCI_DEVICE_ID_INTEL_82371SB_1);
3378 pci_conf[0x09] = 0x80; // legacy ATA mode
3379 pci_config_set_class(pci_conf, PCI_CLASS_STORAGE_IDE);
3380 pci_conf[0x0e] = 0x00; // header_type
3381
3382 qemu_register_reset(piix3_reset, d);
3383 piix3_reset(d);
3384
3385 pci_register_io_region((PCIDevice *)d, 4, 0x10,
3386 PCI_ADDRESS_SPACE_IO, bmdma_map);
3387
3388 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
3389 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
3390 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
3391 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
3392
3393 for (i = 0; i < 4; i++)
3394 if (hd_table[i])
3395 hd_table[i]->private = &d->dev;
3396
3397 register_savevm("ide", 0, 2, pci_ide_save, pci_ide_load, d);
3398 }
3399
3400 /* hd_table must contain 4 block drivers */
3401 /* NOTE: for the PIIX4, the IRQs and IOports are hardcoded */
3402 void pci_piix4_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
3403 qemu_irq *pic)
3404 {
3405 PCIIDEState *d;
3406 uint8_t *pci_conf;
3407
3408 /* register a function 1 of PIIX4 */
3409 d = (PCIIDEState *)pci_register_device(bus, "PIIX4 IDE",
3410 sizeof(PCIIDEState),
3411 devfn,
3412 NULL, NULL);
3413 d->type = IDE_TYPE_PIIX4;
3414
3415 pci_conf = d->dev.config;
3416 pci_config_set_vendor_id(pci_conf, PCI_VENDOR_ID_INTEL);
3417 pci_config_set_device_id(pci_conf, PCI_DEVICE_ID_INTEL_82371AB);
3418 pci_conf[0x09] = 0x80; // legacy ATA mode
3419 pci_config_set_class(pci_conf, PCI_CLASS_STORAGE_IDE);
3420 pci_conf[0x0e] = 0x00; // header_type
3421
3422 qemu_register_reset(piix3_reset, d);
3423 piix3_reset(d);
3424
3425 pci_register_io_region((PCIDevice *)d, 4, 0x10,
3426 PCI_ADDRESS_SPACE_IO, bmdma_map);
3427
3428 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
3429 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
3430 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
3431 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
3432
3433 register_savevm("ide", 0, 2, pci_ide_save, pci_ide_load, d);
3434 }
3435
3436 #if defined(TARGET_PPC)
3437 /***********************************************************/
3438 /* MacIO based PowerPC IDE */
3439
3440 typedef struct MACIOIDEState {
3441 IDEState ide_if[2];
3442 BlockDriverAIOCB *aiocb;
3443 } MACIOIDEState;
3444
3445 static void pmac_ide_atapi_transfer_cb(void *opaque, int ret)
3446 {
3447 DBDMA_io *io = opaque;
3448 MACIOIDEState *m = io->opaque;
3449 IDEState *s = m->ide_if->cur_drive;
3450
3451 if (ret < 0) {
3452 m->aiocb = NULL;
3453 qemu_sglist_destroy(&s->sg);
3454 ide_atapi_io_error(s, ret);
3455 io->dma_end(opaque);
3456 return;
3457 }
3458
3459 if (s->io_buffer_size > 0) {
3460 m->aiocb = NULL;
3461 qemu_sglist_destroy(&s->sg);
3462
3463 s->packet_transfer_size -= s->io_buffer_size;
3464
3465 s->io_buffer_index += s->io_buffer_size;
3466 s->lba += s->io_buffer_index >> 11;
3467 s->io_buffer_index &= 0x7ff;
3468 }
3469
3470 if (s->packet_transfer_size <= 0)
3471 ide_atapi_cmd_ok(s);
3472
3473 if (io->len == 0) {
3474 io->dma_end(opaque);
3475 return;
3476 }
3477
3478 /* launch next transfer */
3479
3480 s->io_buffer_size = io->len;
3481
3482 qemu_sglist_init(&s->sg, io->len / TARGET_PAGE_SIZE + 1);
3483 qemu_sglist_add(&s->sg, io->addr, io->len);
3484 io->addr += io->len;
3485 io->len = 0;
3486
3487 m->aiocb = dma_bdrv_read(s->bs, &s->sg,
3488 (int64_t)(s->lba << 2) + (s->io_buffer_index >> 9),
3489 pmac_ide_atapi_transfer_cb, io);
3490 if (!m->aiocb) {
3491 qemu_sglist_destroy(&s->sg);
3492 /* Note: media not present is the most likely case */
3493 ide_atapi_cmd_error(s, SENSE_NOT_READY,
3494 ASC_MEDIUM_NOT_PRESENT);
3495 io->dma_end(opaque);
3496 return;
3497 }
3498 }
3499
3500 static void pmac_ide_transfer_cb(void *opaque, int ret)
3501 {
3502 DBDMA_io *io = opaque;
3503 MACIOIDEState *m = io->opaque;
3504 IDEState *s = m->ide_if->cur_drive;
3505 int n;
3506 int64_t sector_num;
3507
3508 if (ret < 0) {
3509 m->aiocb = NULL;
3510 qemu_sglist_destroy(&s->sg);
3511 ide_dma_error(s);
3512 io->dma_end(io);
3513 return;
3514 }
3515
3516 sector_num = ide_get_sector(s);
3517 if (s->io_buffer_size > 0) {
3518 m->aiocb = NULL;
3519 qemu_sglist_destroy(&s->sg);
3520 n = (s->io_buffer_size + 0x1ff) >> 9;
3521 sector_num += n;
3522 ide_set_sector(s, sector_num);
3523 s->nsector -= n;
3524 }
3525
3526 /* end of transfer ? */
3527 if (s->nsector == 0) {
3528 s->status = READY_STAT | SEEK_STAT;
3529 ide_set_irq(s);
3530 }
3531
3532 /* end of DMA ? */
3533
3534 if (io->len == 0) {
3535 io->dma_end(io);
3536 return;
3537 }
3538
3539 /* launch next transfer */
3540
3541 s->io_buffer_index = 0;
3542 s->io_buffer_size = io->len;
3543
3544 qemu_sglist_init(&s->sg, io->len / TARGET_PAGE_SIZE + 1);
3545 qemu_sglist_add(&s->sg, io->addr, io->len);
3546 io->addr += io->len;
3547 io->len = 0;
3548
3549 if (s->is_read)
3550 m->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num,
3551 pmac_ide_transfer_cb, io);
3552 else
3553 m->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num,
3554 pmac_ide_transfer_cb, io);
3555 if (!m->aiocb)
3556 pmac_ide_transfer_cb(io, -1);
3557 }
3558
3559 static void pmac_ide_transfer(DBDMA_io *io)
3560 {
3561 MACIOIDEState *m = io->opaque;
3562 IDEState *s = m->ide_if->cur_drive;
3563
3564 s->io_buffer_size = 0;
3565 if (s->is_cdrom) {
3566 pmac_ide_atapi_transfer_cb(io, 0);
3567 return;
3568 }
3569
3570 pmac_ide_transfer_cb(io, 0);
3571 }
3572
3573 static void pmac_ide_flush(DBDMA_io *io)
3574 {
3575 MACIOIDEState *m = io->opaque;
3576
3577 if (m->aiocb)
3578 qemu_aio_flush();
3579 }
3580
3581 /* PowerMac IDE memory IO */
3582 static void pmac_ide_writeb (void *opaque,
3583 target_phys_addr_t addr, uint32_t val)
3584 {
3585 MACIOIDEState *d = opaque;
3586
3587 addr = (addr & 0xFFF) >> 4;
3588 switch (addr) {
3589 case 1 ... 7:
3590 ide_ioport_write(d->ide_if, addr, val);
3591 break;
3592 case 8:
3593 case 22:
3594 ide_cmd_write(d->ide_if, 0, val);
3595 break;
3596 default:
3597 break;
3598 }
3599 }
3600
3601 static uint32_t pmac_ide_readb (void *opaque,target_phys_addr_t addr)
3602 {
3603 uint8_t retval;
3604 MACIOIDEState *d = opaque;
3605
3606 addr = (addr & 0xFFF) >> 4;
3607 switch (addr) {
3608 case 1 ... 7:
3609 retval = ide_ioport_read(d->ide_if, addr);
3610 break;
3611 case 8:
3612 case 22:
3613 retval = ide_status_read(d->ide_if, 0);
3614 break;
3615 default:
3616 retval = 0xFF;
3617 break;
3618 }
3619 return retval;
3620 }
3621
3622 static void pmac_ide_writew (void *opaque,
3623 target_phys_addr_t addr, uint32_t val)
3624 {
3625 MACIOIDEState *d = opaque;
3626
3627 addr = (addr & 0xFFF) >> 4;
3628 #ifdef TARGET_WORDS_BIGENDIAN
3629 val = bswap16(val);
3630 #endif
3631 if (addr == 0) {
3632 ide_data_writew(d->ide_if, 0, val);
3633 }
3634 }
3635
3636 static uint32_t pmac_ide_readw (void *opaque,target_phys_addr_t addr)
3637 {
3638 uint16_t retval;
3639 MACIOIDEState *d = opaque;
3640
3641 addr = (addr & 0xFFF) >> 4;
3642 if (addr == 0) {
3643 retval = ide_data_readw(d->ide_if, 0);
3644 } else {
3645 retval = 0xFFFF;
3646 }
3647 #ifdef TARGET_WORDS_BIGENDIAN
3648 retval = bswap16(retval);
3649 #endif
3650 return retval;
3651 }
3652
3653 static void pmac_ide_writel (void *opaque,
3654 target_phys_addr_t addr, uint32_t val)
3655 {
3656 MACIOIDEState *d = opaque;
3657
3658 addr = (addr & 0xFFF) >> 4;
3659 #ifdef TARGET_WORDS_BIGENDIAN
3660 val = bswap32(val);
3661 #endif
3662 if (addr == 0) {
3663 ide_data_writel(d->ide_if, 0, val);
3664 }
3665 }
3666
3667 static uint32_t pmac_ide_readl (void *opaque,target_phys_addr_t addr)
3668 {
3669 uint32_t retval;
3670 MACIOIDEState *d = opaque;
3671
3672 addr = (addr & 0xFFF) >> 4;
3673 if (addr == 0) {
3674 retval = ide_data_readl(d->ide_if, 0);
3675 } else {
3676 retval = 0xFFFFFFFF;
3677 }
3678 #ifdef TARGET_WORDS_BIGENDIAN
3679 retval = bswap32(retval);
3680 #endif
3681 return retval;
3682 }
3683
3684 static CPUWriteMemoryFunc *pmac_ide_write[] = {
3685 pmac_ide_writeb,
3686 pmac_ide_writew,
3687 pmac_ide_writel,
3688 };
3689
3690 static CPUReadMemoryFunc *pmac_ide_read[] = {
3691 pmac_ide_readb,
3692 pmac_ide_readw,
3693 pmac_ide_readl,
3694 };
3695
3696 static void pmac_ide_save(QEMUFile *f, void *opaque)
3697 {
3698 MACIOIDEState *d = opaque;
3699 IDEState *s = d->ide_if;
3700 uint8_t drive1_selected;
3701 unsigned int i;
3702
3703 /* per IDE interface data */
3704 qemu_put_8s(f, &s->cmd);
3705 drive1_selected = (s->cur_drive != s);
3706 qemu_put_8s(f, &drive1_selected);
3707
3708 /* per IDE drive data */
3709 for(i = 0; i < 2; i++) {
3710 ide_save(f, &s[i]);
3711 }
3712 }
3713
3714 static int pmac_ide_load(QEMUFile *f, void *opaque, int version_id)
3715 {
3716 MACIOIDEState *d = opaque;
3717 IDEState *s = d->ide_if;
3718 uint8_t drive1_selected;
3719 unsigned int i;
3720
3721 if (version_id != 1)
3722 return -EINVAL;
3723
3724 /* per IDE interface data */
3725 qemu_get_8s(f, &s->cmd);
3726 qemu_get_8s(f, &drive1_selected);
3727 s->cur_drive = &s[(drive1_selected != 0)];
3728
3729 /* per IDE drive data */
3730 for(i = 0; i < 2; i++) {
3731 ide_load(f, &s[i]);
3732 }
3733 return 0;
3734 }
3735
3736 static void pmac_ide_reset(void *opaque)
3737 {
3738 MACIOIDEState *d = opaque;
3739 IDEState *s = d->ide_if;
3740
3741 ide_reset(&s[0]);
3742 ide_reset(&s[1]);
3743 }
3744
3745 /* hd_table must contain 4 block drivers */
3746 /* PowerMac uses memory mapped registers, not I/O. Return the memory
3747 I/O index to access the ide. */
3748 int pmac_ide_init (BlockDriverState **hd_table, qemu_irq irq,
3749 void *dbdma, int channel, qemu_irq dma_irq)
3750 {
3751 MACIOIDEState *d;
3752 int pmac_ide_memory;
3753
3754 d = qemu_mallocz(sizeof(MACIOIDEState));
3755 ide_init2(d->ide_if, hd_table[0], hd_table[1], irq);
3756
3757 if (dbdma)
3758 DBDMA_register_channel(dbdma, channel, dma_irq, pmac_ide_transfer, pmac_ide_flush, d);
3759
3760 pmac_ide_memory = cpu_register_io_memory(0, pmac_ide_read,
3761 pmac_ide_write, d);
3762 register_savevm("ide", 0, 1, pmac_ide_save, pmac_ide_load, d);
3763 qemu_register_reset(pmac_ide_reset, d);
3764 pmac_ide_reset(d);
3765
3766 return pmac_ide_memory;
3767 }
3768 #endif /* TARGET_PPC */
3769
3770 /***********************************************************/
3771 /* MMIO based ide port
3772 * This emulates IDE device connected directly to the CPU bus without
3773 * dedicated ide controller, which is often seen on embedded boards.
3774 */
3775
3776 typedef struct {
3777 void *dev;
3778 int shift;
3779 } MMIOState;
3780
3781 static uint32_t mmio_ide_read (void *opaque, target_phys_addr_t addr)
3782 {
3783 MMIOState *s = (MMIOState*)opaque;
3784 IDEState *ide = (IDEState*)s->dev;
3785 addr >>= s->shift;
3786 if (addr & 7)
3787 return ide_ioport_read(ide, addr);
3788 else
3789 return ide_data_readw(ide, 0);
3790 }
3791
3792 static void mmio_ide_write (void *opaque, target_phys_addr_t addr,
3793 uint32_t val)
3794 {
3795 MMIOState *s = (MMIOState*)opaque;
3796 IDEState *ide = (IDEState*)s->dev;
3797 addr >>= s->shift;
3798 if (addr & 7)
3799 ide_ioport_write(ide, addr, val);
3800 else
3801 ide_data_writew(ide, 0, val);
3802 }
3803
3804 static CPUReadMemoryFunc *mmio_ide_reads[] = {
3805 mmio_ide_read,
3806 mmio_ide_read,
3807 mmio_ide_read,
3808 };
3809
3810 static CPUWriteMemoryFunc *mmio_ide_writes[] = {
3811 mmio_ide_write,
3812 mmio_ide_write,
3813 mmio_ide_write,
3814 };
3815
3816 static uint32_t mmio_ide_status_read (void *opaque, target_phys_addr_t addr)
3817 {
3818 MMIOState *s= (MMIOState*)opaque;
3819 IDEState *ide = (IDEState*)s->dev;
3820 return ide_status_read(ide, 0);
3821 }
3822
3823 static void mmio_ide_cmd_write (void *opaque, target_phys_addr_t addr,
3824 uint32_t val)
3825 {
3826 MMIOState *s = (MMIOState*)opaque;
3827 IDEState *ide = (IDEState*)s->dev;
3828 ide_cmd_write(ide, 0, val);
3829 }
3830
3831 static CPUReadMemoryFunc *mmio_ide_status[] = {
3832 mmio_ide_status_read,
3833 mmio_ide_status_read,
3834 mmio_ide_status_read,
3835 };
3836
3837 static CPUWriteMemoryFunc *mmio_ide_cmd[] = {
3838 mmio_ide_cmd_write,
3839 mmio_ide_cmd_write,
3840 mmio_ide_cmd_write,
3841 };
3842
3843 void mmio_ide_init (target_phys_addr_t membase, target_phys_addr_t membase2,
3844 qemu_irq irq, int shift,
3845 BlockDriverState *hd0, BlockDriverState *hd1)
3846 {
3847 MMIOState *s = qemu_mallocz(sizeof(MMIOState));
3848 IDEState *ide = qemu_mallocz(sizeof(IDEState) * 2);
3849 int mem1, mem2;
3850
3851 ide_init2(ide, hd0, hd1, irq);
3852
3853 s->dev = ide;
3854 s->shift = shift;
3855
3856 mem1 = cpu_register_io_memory(0, mmio_ide_reads, mmio_ide_writes, s);
3857 mem2 = cpu_register_io_memory(0, mmio_ide_status, mmio_ide_cmd, s);
3858 cpu_register_physical_memory(membase, 16 << shift, mem1);
3859 cpu_register_physical_memory(membase2, 2 << shift, mem2);
3860 }
3861
3862 /***********************************************************/
3863 /* CF-ATA Microdrive */
3864
3865 #define METADATA_SIZE 0x20
3866
3867 /* DSCM-1XXXX Microdrive hard disk with CF+ II / PCMCIA interface. */
3868 struct md_s {
3869 IDEState ide[2];
3870 struct pcmcia_card_s card;
3871 uint32_t attr_base;
3872 uint32_t io_base;
3873
3874 /* Card state */
3875 uint8_t opt;
3876 uint8_t stat;
3877 uint8_t pins;
3878
3879 uint8_t ctrl;
3880 uint16_t io;
3881 int cycle;
3882 };
3883
3884 /* Register bitfields */
3885 enum md_opt {
3886 OPT_MODE_MMAP = 0,
3887 OPT_MODE_IOMAP16 = 1,
3888 OPT_MODE_IOMAP1 = 2,
3889 OPT_MODE_IOMAP2 = 3,
3890 OPT_MODE = 0x3f,
3891 OPT_LEVIREQ = 0x40,
3892 OPT_SRESET = 0x80,
3893 };
3894 enum md_cstat {
3895 STAT_INT = 0x02,
3896 STAT_PWRDWN = 0x04,
3897 STAT_XE = 0x10,
3898 STAT_IOIS8 = 0x20,
3899 STAT_SIGCHG = 0x40,
3900 STAT_CHANGED = 0x80,
3901 };
3902 enum md_pins {
3903 PINS_MRDY = 0x02,
3904 PINS_CRDY = 0x20,
3905 };
3906 enum md_ctrl {
3907 CTRL_IEN = 0x02,
3908 CTRL_SRST = 0x04,
3909 };
3910
3911 static inline void md_interrupt_update(struct md_s *s)
3912 {
3913 if (!s->card.slot)
3914 return;
3915
3916 qemu_set_irq(s->card.slot->irq,
3917 !(s->stat & STAT_INT) && /* Inverted */
3918 !(s->ctrl & (CTRL_IEN | CTRL_SRST)) &&
3919 !(s->opt & OPT_SRESET));
3920 }
3921
3922 static void md_set_irq(void *opaque, int irq, int level)
3923 {
3924 struct md_s *s = (struct md_s *) opaque;
3925 if (level)
3926 s->stat |= STAT_INT;
3927 else
3928 s->stat &= ~STAT_INT;
3929
3930 md_interrupt_update(s);
3931 }
3932
3933 static void md_reset(struct md_s *s)
3934 {
3935 s->opt = OPT_MODE_MMAP;
3936 s->stat = 0;
3937 s->pins = 0;
3938 s->cycle = 0;
3939 s->ctrl = 0;
3940 ide_reset(s->ide);
3941 }
3942
3943 static uint8_t md_attr_read(void *opaque, uint32_t at)
3944 {
3945 struct md_s *s = (struct md_s *) opaque;
3946 if (at < s->attr_base) {
3947 if (at < s->card.cis_len)
3948 return s->card.cis[at];
3949 else
3950 return 0x00;
3951 }
3952
3953 at -= s->attr_base;
3954
3955 switch (at) {
3956 case 0x00: /* Configuration Option Register */
3957 return s->opt;
3958 case 0x02: /* Card Configuration Status Register */
3959 if (s->ctrl & CTRL_IEN)
3960 return s->stat & ~STAT_INT;
3961 else
3962 return s->stat;
3963 case 0x04: /* Pin Replacement Register */
3964 return (s->pins & PINS_CRDY) | 0x0c;
3965 case 0x06: /* Socket and Copy Register */
3966 return 0x00;
3967 #ifdef VERBOSE
3968 default:
3969 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3970 #endif
3971 }
3972
3973 return 0;
3974 }
3975
3976 static void md_attr_write(void *opaque, uint32_t at, uint8_t value)
3977 {
3978 struct md_s *s = (struct md_s *) opaque;
3979 at -= s->attr_base;
3980
3981 switch (at) {
3982 case 0x00: /* Configuration Option Register */
3983 s->opt = value & 0xcf;
3984 if (value & OPT_SRESET)
3985 md_reset(s);
3986 md_interrupt_update(s);
3987 break;
3988 case 0x02: /* Card Configuration Status Register */
3989 if ((s->stat ^ value) & STAT_PWRDWN)
3990 s->pins |= PINS_CRDY;
3991 s->stat &= 0x82;
3992 s->stat |= value & 0x74;
3993 md_interrupt_update(s);
3994 /* Word 170 in Identify Device must be equal to STAT_XE */
3995 break;
3996 case 0x04: /* Pin Replacement Register */
3997 s->pins &= PINS_CRDY;
3998 s->pins |= value & PINS_MRDY;
3999 break;
4000 case 0x06: /* Socket and Copy Register */
4001 break;
4002 default:
4003 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
4004 }
4005 }
4006
4007 static uint16_t md_common_read(void *opaque, uint32_t at)
4008 {
4009 struct md_s *s = (struct md_s *) opaque;
4010 uint16_t ret;
4011 at -= s->io_base;
4012
4013 switch (s->opt & OPT_MODE) {
4014 case OPT_MODE_MMAP:
4015 if ((at & ~0x3ff) == 0x400)
4016 at = 0;
4017 break;
4018 case OPT_MODE_IOMAP16:
4019 at &= 0xf;
4020 break;
4021 case OPT_MODE_IOMAP1:
4022 if ((at & ~0xf) == 0x3f0)
4023 at -= 0x3e8;
4024 else if ((at & ~0xf) == 0x1f0)
4025 at -= 0x1f0;
4026 break;
4027 case OPT_MODE_IOMAP2:
4028 if ((at & ~0xf) == 0x370)
4029 at -= 0x368;
4030 else if ((at & ~0xf) == 0x170)
4031 at -= 0x170;
4032 }
4033
4034 switch (at) {
4035 case 0x0: /* Even RD Data */
4036 case 0x8:
4037 return ide_data_readw(s->ide, 0);
4038
4039 /* TODO: 8-bit accesses */
4040 if (s->cycle)
4041 ret = s->io >> 8;
4042 else {
4043 s->io = ide_data_readw(s->ide, 0);
4044 ret = s->io & 0xff;
4045 }
4046 s->cycle = !s->cycle;
4047 return ret;
4048 case 0x9: /* Odd RD Data */
4049 return s->io >> 8;
4050 case 0xd: /* Error */
4051 return ide_ioport_read(s->ide, 0x1);
4052 case 0xe: /* Alternate Status */
4053 if (s->ide->cur_drive->bs)
4054 return s->ide->cur_drive->status;
4055 else
4056 return 0;
4057 case 0xf: /* Device Address */
4058 return 0xc2 | ((~s->ide->select << 2) & 0x3c);
4059 default:
4060 return ide_ioport_read(s->ide, at);
4061 }
4062
4063 return 0;
4064 }
4065
4066 static void md_common_write(void *opaque, uint32_t at, uint16_t value)
4067 {
4068 struct md_s *s = (struct md_s *) opaque;
4069 at -= s->io_base;
4070
4071 switch (s->opt & OPT_MODE) {
4072 case OPT_MODE_MMAP:
4073 if ((at & ~0x3ff) == 0x400)
4074 at = 0;
4075 break;
4076 case OPT_MODE_IOMAP16:
4077 at &= 0xf;
4078 break;
4079 case OPT_MODE_IOMAP1:
4080 if ((at & ~0xf) == 0x3f0)
4081 at -= 0x3e8;
4082 else if ((at & ~0xf) == 0x1f0)
4083 at -= 0x1f0;
4084 break;
4085 case OPT_MODE_IOMAP2:
4086 if ((at & ~0xf) == 0x370)
4087 at -= 0x368;
4088 else if ((at & ~0xf) == 0x170)
4089 at -= 0x170;
4090 }
4091
4092 switch (at) {
4093 case 0x0: /* Even WR Data */
4094 case 0x8:
4095 ide_data_writew(s->ide, 0, value);
4096 break;
4097
4098 /* TODO: 8-bit accesses */
4099 if (s->cycle)
4100 ide_data_writew(s->ide, 0, s->io | (value << 8));
4101 else
4102 s->io = value & 0xff;
4103 s->cycle = !s->cycle;
4104 break;
4105 case 0x9:
4106 s->io = value & 0xff;
4107 s->cycle = !s->cycle;
4108 break;
4109 case 0xd: /* Features */
4110 ide_ioport_write(s->ide, 0x1, value);
4111 break;
4112 case 0xe: /* Device Control */
4113 s->ctrl = value;
4114 if (value & CTRL_SRST)
4115 md_reset(s);
4116 md_interrupt_update(s);
4117 break;
4118 default:
4119 if (s->stat & STAT_PWRDWN) {
4120 s->pins |= PINS_CRDY;
4121 s->stat &= ~STAT_PWRDWN;
4122 }
4123 ide_ioport_write(s->ide, at, value);
4124 }
4125 }
4126
4127 static void md_save(QEMUFile *f, void *opaque)
4128 {
4129 struct md_s *s = (struct md_s *) opaque;
4130 int i;
4131 uint8_t drive1_selected;
4132
4133 qemu_put_8s(f, &s->opt);
4134 qemu_put_8s(f, &s->stat);
4135 qemu_put_8s(f, &s->pins);
4136
4137 qemu_put_8s(f, &s->ctrl);
4138 qemu_put_be16s(f, &s->io);
4139 qemu_put_byte(f, s->cycle);
4140
4141 drive1_selected = (s->ide->cur_drive != s->ide);
4142 qemu_put_8s(f, &s->ide->cmd);
4143 qemu_put_8s(f, &drive1_selected);
4144
4145 for (i = 0; i < 2; i ++)
4146 ide_save(f, &s->ide[i]);
4147 }
4148
4149 static int md_load(QEMUFile *f, void *opaque, int version_id)
4150 {
4151 struct md_s *s = (struct md_s *) opaque;
4152 int i;
4153 uint8_t drive1_selected;
4154
4155 qemu_get_8s(f, &s->opt);
4156 qemu_get_8s(f, &s->stat);
4157 qemu_get_8s(f, &s->pins);
4158
4159 qemu_get_8s(f, &s->ctrl);
4160 qemu_get_be16s(f, &s->io);
4161 s->cycle = qemu_get_byte(f);
4162
4163 qemu_get_8s(f, &s->ide->cmd);
4164 qemu_get_8s(f, &drive1_selected);
4165 s->ide->cur_drive = &s->ide[(drive1_selected != 0)];
4166
4167 for (i = 0; i < 2; i ++)
4168 ide_load(f, &s->ide[i]);
4169
4170 return 0;
4171 }
4172
4173 static const uint8_t dscm1xxxx_cis[0x14a] = {
4174 [0x000] = CISTPL_DEVICE, /* 5V Device Information */
4175 [0x002] = 0x03, /* Tuple length = 4 bytes */
4176 [0x004] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
4177 [0x006] = 0x01, /* Size = 2K bytes */
4178 [0x008] = CISTPL_ENDMARK,
4179
4180 [0x00a] = CISTPL_DEVICE_OC, /* Additional Device Information */
4181 [0x00c] = 0x04, /* Tuple length = 4 byest */
4182 [0x00e] = 0x03, /* Conditions: Ext = 0, Vcc 3.3V, MWAIT = 1 */
4183 [0x010] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
4184 [0x012] = 0x01, /* Size = 2K bytes */
4185 [0x014] = CISTPL_ENDMARK,
4186
4187 [0x016] = CISTPL_JEDEC_C, /* JEDEC ID */
4188 [0x018] = 0x02, /* Tuple length = 2 bytes */
4189 [0x01a] = 0xdf, /* PC Card ATA with no Vpp required */
4190 [0x01c] = 0x01,
4191
4192 [0x01e] = CISTPL_MANFID, /* Manufacture ID */
4193 [0x020] = 0x04, /* Tuple length = 4 bytes */
4194 [0x022] = 0xa4, /* TPLMID_MANF = 00a4 (IBM) */
4195 [0x024] = 0x00,
4196 [0x026] = 0x00, /* PLMID_CARD = 0000 */
4197 [0x028] = 0x00,
4198
4199 [0x02a] = CISTPL_VERS_1, /* Level 1 Version */
4200 [0x02c] = 0x12, /* Tuple length = 23 bytes */
4201 [0x02e] = 0x04, /* Major Version = JEIDA 4.2 / PCMCIA 2.1 */
4202 [0x030] = 0x01, /* Minor Version = 1 */
4203 [0x032] = 'I',
4204 [0x034] = 'B',
4205 [0x036] = 'M',
4206 [0x038] = 0x00,
4207 [0x03a] = 'm',
4208 [0x03c] = 'i',
4209 [0x03e] = 'c',
4210 [0x040] = 'r',
4211 [0x042] = 'o',
4212 [0x044] = 'd',
4213 [0x046] = 'r',
4214 [0x048] = 'i',
4215 [0x04a] = 'v',
4216 [0x04c] = 'e',
4217 [0x04e] = 0x00,
4218 [0x050] = CISTPL_ENDMARK,
4219
4220 [0x052] = CISTPL_FUNCID, /* Function ID */
4221 [0x054] = 0x02, /* Tuple length = 2 bytes */
4222 [0x056] = 0x04, /* TPLFID_FUNCTION = Fixed Disk */
4223 [0x058] = 0x01, /* TPLFID_SYSINIT: POST = 1, ROM = 0 */
4224
4225 [0x05a] = CISTPL_FUNCE, /* Function Extension */
4226 [0x05c] = 0x02, /* Tuple length = 2 bytes */
4227 [0x05e] = 0x01, /* TPLFE_TYPE = Disk Device Interface */
4228 [0x060] = 0x01, /* TPLFE_DATA = PC Card ATA Interface */
4229
4230 [0x062] = CISTPL_FUNCE, /* Function Extension */
4231 [0x064] = 0x03, /* Tuple length = 3 bytes */
4232 [0x066] = 0x02, /* TPLFE_TYPE = Basic PC Card ATA Interface */
4233 [0x068] = 0x08, /* TPLFE_DATA: Rotating, Unique, Single */
4234 [0x06a] = 0x0f, /* TPLFE_DATA: Sleep, Standby, Idle, Auto */
4235
4236 [0x06c] = CISTPL_CONFIG, /* Configuration */
4237 [0x06e] = 0x05, /* Tuple length = 5 bytes */
4238 [0x070] = 0x01, /* TPCC_RASZ = 2 bytes, TPCC_RMSZ = 1 byte */
4239 [0x072] = 0x07, /* TPCC_LAST = 7 */
4240 [0x074] = 0x00, /* TPCC_RADR = 0200 */
4241 [0x076] = 0x02,
4242 [0x078] = 0x0f, /* TPCC_RMSK = 200, 202, 204, 206 */
4243
4244 [0x07a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4245 [0x07c] = 0x0b, /* Tuple length = 11 bytes */
4246 [0x07e] = 0xc0, /* TPCE_INDX = Memory Mode, Default, Iface */
4247 [0x080] = 0xc0, /* TPCE_IF = Memory, no BVDs, no WP, READY */
4248 [0x082] = 0xa1, /* TPCE_FS = Vcc only, no I/O, Memory, Misc */
4249 [0x084] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
4250 [0x086] = 0x55, /* NomV: 5.0 V */
4251 [0x088] = 0x4d, /* MinV: 4.5 V */
4252 [0x08a] = 0x5d, /* MaxV: 5.5 V */
4253 [0x08c] = 0x4e, /* Peakl: 450 mA */
4254 [0x08e] = 0x08, /* TPCE_MS = 1 window, 1 byte, Host address */
4255 [0x090] = 0x00, /* Window descriptor: Window length = 0 */
4256 [0x092] = 0x20, /* TPCE_MI: support power down mode, RW */
4257
4258 [0x094] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4259 [0x096] = 0x06, /* Tuple length = 6 bytes */
4260 [0x098] = 0x00, /* TPCE_INDX = Memory Mode, no Default */
4261 [0x09a] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
4262 [0x09c] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
4263 [0x09e] = 0xb5, /* NomV: 3.3 V */
4264 [0x0a0] = 0x1e,
4265 [0x0a2] = 0x3e, /* Peakl: 350 mA */
4266
4267 [0x0a4] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4268 [0x0a6] = 0x0d, /* Tuple length = 13 bytes */
4269 [0x0a8] = 0xc1, /* TPCE_INDX = I/O and Memory Mode, Default */
4270 [0x0aa] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
4271 [0x0ac] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
4272 [0x0ae] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
4273 [0x0b0] = 0x55, /* NomV: 5.0 V */
4274 [0x0b2] = 0x4d, /* MinV: 4.5 V */
4275 [0x0b4] = 0x5d, /* MaxV: 5.5 V */
4276 [0x0b6] = 0x4e, /* Peakl: 450 mA */
4277 [0x0b8] = 0x64, /* TPCE_IO = 16-byte boundary, 16/8 accesses */
4278 [0x0ba] = 0xf0, /* TPCE_IR = MASK, Level, Pulse, Share */
4279 [0x0bc] = 0xff, /* IRQ0..IRQ7 supported */
4280 [0x0be] = 0xff, /* IRQ8..IRQ15 supported */
4281 [0x0c0] = 0x20, /* TPCE_MI = support power down mode */
4282
4283 [0x0c2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4284 [0x0c4] = 0x06, /* Tuple length = 6 bytes */
4285 [0x0c6] = 0x01, /* TPCE_INDX = I/O and Memory Mode */
4286 [0x0c8] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
4287 [0x0ca] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
4288 [0x0cc] = 0xb5, /* NomV: 3.3 V */
4289 [0x0ce] = 0x1e,
4290 [0x0d0] = 0x3e, /* Peakl: 350 mA */
4291
4292 [0x0d2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4293 [0x0d4] = 0x12, /* Tuple length = 18 bytes */
4294 [0x0d6] = 0xc2, /* TPCE_INDX = I/O Primary Mode */
4295 [0x0d8] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
4296 [0x0da] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
4297 [0x0dc] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
4298 [0x0de] = 0x55, /* NomV: 5.0 V */
4299 [0x0e0] = 0x4d, /* MinV: 4.5 V */
4300 [0x0e2] = 0x5d, /* MaxV: 5.5 V */
4301 [0x0e4] = 0x4e, /* Peakl: 450 mA */
4302 [0x0e6] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
4303 [0x0e8] = 0x61, /* Range: 2 fields, 2 bytes addr, 1 byte len */
4304 [0x0ea] = 0xf0, /* Field 1 address = 0x01f0 */
4305 [0x0ec] = 0x01,
4306 [0x0ee] = 0x07, /* Address block length = 8 */
4307 [0x0f0] = 0xf6, /* Field 2 address = 0x03f6 */
4308 [0x0f2] = 0x03,
4309 [0x0f4] = 0x01, /* Address block length = 2 */
4310 [0x0f6] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
4311 [0x0f8] = 0x20, /* TPCE_MI = support power down mode */
4312
4313 [0x0fa] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4314 [0x0fc] = 0x06, /* Tuple length = 6 bytes */
4315 [0x0fe] = 0x02, /* TPCE_INDX = I/O Primary Mode, no Default */
4316 [0x100] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
4317 [0x102] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
4318 [0x104] = 0xb5, /* NomV: 3.3 V */
4319 [0x106] = 0x1e,
4320 [0x108] = 0x3e, /* Peakl: 350 mA */
4321
4322 [0x10a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4323 [0x10c] = 0x12, /* Tuple length = 18 bytes */
4324 [0x10e] = 0xc3, /* TPCE_INDX = I/O Secondary Mode, Default */
4325 [0x110] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
4326 [0x112] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
4327 [0x114] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
4328 [0x116] = 0x55, /* NomV: 5.0 V */
4329 [0x118] = 0x4d, /* MinV: 4.5 V */
4330 [0x11a] = 0x5d, /* MaxV: 5.5 V */
4331 [0x11c] = 0x4e, /* Peakl: 450 mA */
4332 [0x11e] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
4333 [0x120] = 0x61, /* Range: 2 fields, 2 byte addr, 1 byte len */
4334 [0x122] = 0x70, /* Field 1 address = 0x0170 */
4335 [0x124] = 0x01,
4336 [0x126] = 0x07, /* Address block length = 8 */
4337 [0x128] = 0x76, /* Field 2 address = 0x0376 */
4338 [0x12a] = 0x03,
4339 [0x12c] = 0x01, /* Address block length = 2 */
4340 [0x12e] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
4341 [0x130] = 0x20, /* TPCE_MI = support power down mode */
4342
4343 [0x132] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4344 [0x134] = 0x06, /* Tuple length = 6 bytes */
4345 [0x136] = 0x03, /* TPCE_INDX = I/O Secondary Mode */
4346 [0x138] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
4347 [0x13a] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
4348 [0x13c] = 0xb5, /* NomV: 3.3 V */
4349 [0x13e] = 0x1e,
4350 [0x140] = 0x3e, /* Peakl: 350 mA */
4351
4352 [0x142] = CISTPL_NO_LINK, /* No Link */
4353 [0x144] = 0x00, /* Tuple length = 0 bytes */
4354
4355 [0x146] = CISTPL_END, /* Tuple End */
4356 };
4357
4358 static int dscm1xxxx_attach(void *opaque)
4359 {
4360 struct md_s *md = (struct md_s *) opaque;
4361 md->card.attr_read = md_attr_read;
4362 md->card.attr_write = md_attr_write;
4363 md->card.common_read = md_common_read;
4364 md->card.common_write = md_common_write;
4365 md->card.io_read = md_common_read;
4366 md->card.io_write = md_common_write;
4367
4368 md->attr_base = md->card.cis[0x74] | (md->card.cis[0x76] << 8);
4369 md->io_base = 0x0;
4370
4371 md_reset(md);
4372 md_interrupt_update(md);
4373
4374 md->card.slot->card_string = "DSCM-1xxxx Hitachi Microdrive";
4375 return 0;
4376 }
4377
4378 static int dscm1xxxx_detach(void *opaque)
4379 {
4380 struct md_s *md = (struct md_s *) opaque;
4381 md_reset(md);
4382 return 0;
4383 }
4384
4385 struct pcmcia_card_s *dscm1xxxx_init(BlockDriverState *bdrv)
4386 {
4387 struct md_s *md = (struct md_s *) qemu_mallocz(sizeof(struct md_s));
4388 md->card.state = md;
4389 md->card.attach = dscm1xxxx_attach;
4390 md->card.detach = dscm1xxxx_detach;
4391 md->card.cis = dscm1xxxx_cis;
4392 md->card.cis_len = sizeof(dscm1xxxx_cis);
4393
4394 ide_init2(md->ide, bdrv, 0, qemu_allocate_irqs(md_set_irq, md, 1)[0]);
4395 md->ide->is_cf = 1;
4396 md->ide->mdata_size = METADATA_SIZE;
4397 md->ide->mdata_storage = (uint8_t *) qemu_mallocz(METADATA_SIZE);
4398
4399 register_savevm("microdrive", -1, 0, md_save, md_load, md);
4400
4401 return &md->card;
4402 }
Patches shipped by Fedora