search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix typo in comment, by Andreas Faerber.
[qemu/dscho.git] / hw / ide.c
blobe84c4d67f95bb113083c0ee889bac2b0a5c39aae
1 /*
2 * QEMU IDE disk and CD-ROM Emulator
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
25 #include "vl.h"
26
27 /* debug IDE devices */
28 //#define DEBUG_IDE
29 //#define DEBUG_IDE_ATAPI
30 //#define DEBUG_AIO
31 #define USE_DMA_CDROM
32
33 /* Bits of HD_STATUS */
34 #define ERR_STAT 0x01
35 #define INDEX_STAT 0x02
36 #define ECC_STAT 0x04 /* Corrected error */
37 #define DRQ_STAT 0x08
38 #define SEEK_STAT 0x10
39 #define SRV_STAT 0x10
40 #define WRERR_STAT 0x20
41 #define READY_STAT 0x40
42 #define BUSY_STAT 0x80
43
44 /* Bits for HD_ERROR */
45 #define MARK_ERR 0x01 /* Bad address mark */
46 #define TRK0_ERR 0x02 /* couldn't find track 0 */
47 #define ABRT_ERR 0x04 /* Command aborted */
48 #define MCR_ERR 0x08 /* media change request */
49 #define ID_ERR 0x10 /* ID field not found */
50 #define MC_ERR 0x20 /* media changed */
51 #define ECC_ERR 0x40 /* Uncorrectable ECC error */
52 #define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
53 #define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
54
55 /* Bits of HD_NSECTOR */
56 #define CD 0x01
57 #define IO 0x02
58 #define REL 0x04
59 #define TAG_MASK 0xf8
60
61 #define IDE_CMD_RESET 0x04
62 #define IDE_CMD_DISABLE_IRQ 0x02
63
64 /* ATA/ATAPI Commands pre T13 Spec */
65 #define WIN_NOP 0x00
66 /*
67 * 0x01->0x02 Reserved
68 */
69 #define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
70 /*
71 * 0x04->0x07 Reserved
72 */
73 #define WIN_SRST 0x08 /* ATAPI soft reset command */
74 #define WIN_DEVICE_RESET 0x08
75 /*
76 * 0x09->0x0F Reserved
77 */
78 #define WIN_RECAL 0x10
79 #define WIN_RESTORE WIN_RECAL
80 /*
81 * 0x10->0x1F Reserved
82 */
83 #define WIN_READ 0x20 /* 28-Bit */
84 #define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
85 #define WIN_READ_LONG 0x22 /* 28-Bit */
86 #define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
87 #define WIN_READ_EXT 0x24 /* 48-Bit */
88 #define WIN_READDMA_EXT 0x25 /* 48-Bit */
89 #define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
90 #define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
91 /*
92 * 0x28
93 */
94 #define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
95 /*
96 * 0x2A->0x2F Reserved
97 */
98 #define WIN_WRITE 0x30 /* 28-Bit */
99 #define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
100 #define WIN_WRITE_LONG 0x32 /* 28-Bit */
101 #define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
102 #define WIN_WRITE_EXT 0x34 /* 48-Bit */
103 #define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
104 #define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
105 #define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
106 #define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
107 #define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
108 /*
109 * 0x3A->0x3B Reserved
110 */
111 #define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
112 /*
113 * 0x3D->0x3F Reserved
114 */
115 #define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
116 #define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
117 #define WIN_VERIFY_EXT 0x42 /* 48-Bit */
118 /*
119 * 0x43->0x4F Reserved
120 */
121 #define WIN_FORMAT 0x50
122 /*
123 * 0x51->0x5F Reserved
124 */
125 #define WIN_INIT 0x60
126 /*
127 * 0x61->0x5F Reserved
128 */
129 #define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
130 #define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
131 #define WIN_DIAGNOSE 0x90
132 #define WIN_SPECIFY 0x91 /* set drive geometry translation */
133 #define WIN_DOWNLOAD_MICROCODE 0x92
134 #define WIN_STANDBYNOW2 0x94
135 #define CFA_IDLEIMMEDIATE 0x95 /* force drive to become "ready" */
136 #define WIN_STANDBY2 0x96
137 #define WIN_SETIDLE2 0x97
138 #define WIN_CHECKPOWERMODE2 0x98
139 #define WIN_SLEEPNOW2 0x99
140 /*
141 * 0x9A VENDOR
142 */
143 #define WIN_PACKETCMD 0xA0 /* Send a packet command. */
144 #define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
145 #define WIN_QUEUED_SERVICE 0xA2
146 #define WIN_SMART 0xB0 /* self-monitoring and reporting */
147 #define CFA_ACCESS_METADATA_STORAGE 0xB8
148 #define CFA_ERASE_SECTORS 0xC0 /* microdrives implement as NOP */
149 #define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
150 #define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
151 #define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
152 #define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
153 #define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
154 #define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
155 #define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
156 #define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
157 #define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
158 #define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
159 #define WIN_GETMEDIASTATUS 0xDA
160 #define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
161 #define WIN_POSTBOOT 0xDC
162 #define WIN_PREBOOT 0xDD
163 #define WIN_DOORLOCK 0xDE /* lock door on removable drives */
164 #define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
165 #define WIN_STANDBYNOW1 0xE0
166 #define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
167 #define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
168 #define WIN_SETIDLE1 0xE3
169 #define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
170 #define WIN_CHECKPOWERMODE1 0xE5
171 #define WIN_SLEEPNOW1 0xE6
172 #define WIN_FLUSH_CACHE 0xE7
173 #define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
174 #define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
175 /* SET_FEATURES 0x22 or 0xDD */
176 #define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
177 #define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
178 #define WIN_MEDIAEJECT 0xED
179 #define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
180 #define WIN_SETFEATURES 0xEF /* set special drive features */
181 #define EXABYTE_ENABLE_NEST 0xF0
182 #define IBM_SENSE_CONDITION 0xF0 /* measure disk temperature */
183 #define WIN_SECURITY_SET_PASS 0xF1
184 #define WIN_SECURITY_UNLOCK 0xF2
185 #define WIN_SECURITY_ERASE_PREPARE 0xF3
186 #define WIN_SECURITY_ERASE_UNIT 0xF4
187 #define WIN_SECURITY_FREEZE_LOCK 0xF5
188 #define CFA_WEAR_LEVEL 0xF5 /* microdrives implement as NOP */
189 #define WIN_SECURITY_DISABLE 0xF6
190 #define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
191 #define WIN_SET_MAX 0xF9
192 #define DISABLE_SEAGATE 0xFB
193
194 /* set to 1 set disable mult support */
195 #define MAX_MULT_SECTORS 16
196
197 /* ATAPI defines */
198
199 #define ATAPI_PACKET_SIZE 12
200
201 /* The generic packet command opcodes for CD/DVD Logical Units,
202 * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
203 #define GPCMD_BLANK 0xa1
204 #define GPCMD_CLOSE_TRACK 0x5b
205 #define GPCMD_FLUSH_CACHE 0x35
206 #define GPCMD_FORMAT_UNIT 0x04
207 #define GPCMD_GET_CONFIGURATION 0x46
208 #define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
209 #define GPCMD_GET_PERFORMANCE 0xac
210 #define GPCMD_INQUIRY 0x12
211 #define GPCMD_LOAD_UNLOAD 0xa6
212 #define GPCMD_MECHANISM_STATUS 0xbd
213 #define GPCMD_MODE_SELECT_10 0x55
214 #define GPCMD_MODE_SENSE_10 0x5a
215 #define GPCMD_PAUSE_RESUME 0x4b
216 #define GPCMD_PLAY_AUDIO_10 0x45
217 #define GPCMD_PLAY_AUDIO_MSF 0x47
218 #define GPCMD_PLAY_AUDIO_TI 0x48
219 #define GPCMD_PLAY_CD 0xbc
220 #define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
221 #define GPCMD_READ_10 0x28
222 #define GPCMD_READ_12 0xa8
223 #define GPCMD_READ_CDVD_CAPACITY 0x25
224 #define GPCMD_READ_CD 0xbe
225 #define GPCMD_READ_CD_MSF 0xb9
226 #define GPCMD_READ_DISC_INFO 0x51
227 #define GPCMD_READ_DVD_STRUCTURE 0xad
228 #define GPCMD_READ_FORMAT_CAPACITIES 0x23
229 #define GPCMD_READ_HEADER 0x44
230 #define GPCMD_READ_TRACK_RZONE_INFO 0x52
231 #define GPCMD_READ_SUBCHANNEL 0x42
232 #define GPCMD_READ_TOC_PMA_ATIP 0x43
233 #define GPCMD_REPAIR_RZONE_TRACK 0x58
234 #define GPCMD_REPORT_KEY 0xa4
235 #define GPCMD_REQUEST_SENSE 0x03
236 #define GPCMD_RESERVE_RZONE_TRACK 0x53
237 #define GPCMD_SCAN 0xba
238 #define GPCMD_SEEK 0x2b
239 #define GPCMD_SEND_DVD_STRUCTURE 0xad
240 #define GPCMD_SEND_EVENT 0xa2
241 #define GPCMD_SEND_KEY 0xa3
242 #define GPCMD_SEND_OPC 0x54
243 #define GPCMD_SET_READ_AHEAD 0xa7
244 #define GPCMD_SET_STREAMING 0xb6
245 #define GPCMD_START_STOP_UNIT 0x1b
246 #define GPCMD_STOP_PLAY_SCAN 0x4e
247 #define GPCMD_TEST_UNIT_READY 0x00
248 #define GPCMD_VERIFY_10 0x2f
249 #define GPCMD_WRITE_10 0x2a
250 #define GPCMD_WRITE_AND_VERIFY_10 0x2e
251 /* This is listed as optional in ATAPI 2.6, but is (curiously)
252 * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
253 * Table 377 as an MMC command for SCSi devices though... Most ATAPI
254 * drives support it. */
255 #define GPCMD_SET_SPEED 0xbb
256 /* This seems to be a SCSI specific CD-ROM opcode
257 * to play data at track/index */
258 #define GPCMD_PLAYAUDIO_TI 0x48
259 /*
260 * From MS Media Status Notification Support Specification. For
261 * older drives only.
262 */
263 #define GPCMD_GET_MEDIA_STATUS 0xda
264
265 /* Mode page codes for mode sense/set */
266 #define GPMODE_R_W_ERROR_PAGE 0x01
267 #define GPMODE_WRITE_PARMS_PAGE 0x05
268 #define GPMODE_AUDIO_CTL_PAGE 0x0e
269 #define GPMODE_POWER_PAGE 0x1a
270 #define GPMODE_FAULT_FAIL_PAGE 0x1c
271 #define GPMODE_TO_PROTECT_PAGE 0x1d
272 #define GPMODE_CAPABILITIES_PAGE 0x2a
273 #define GPMODE_ALL_PAGES 0x3f
274 /* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
275 * of MODE_SENSE_POWER_PAGE */
276 #define GPMODE_CDROM_PAGE 0x0d
277
278 #define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
279 #define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
280 #define ATAPI_INT_REASON_REL 0x04
281 #define ATAPI_INT_REASON_TAG 0xf8
282
283 /* same constants as bochs */
284 #define ASC_ILLEGAL_OPCODE 0x20
285 #define ASC_LOGICAL_BLOCK_OOR 0x21
286 #define ASC_INV_FIELD_IN_CMD_PACKET 0x24
287 #define ASC_MEDIUM_NOT_PRESENT 0x3a
288 #define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
289
290 #define CFA_NO_ERROR 0x00
291 #define CFA_MISC_ERROR 0x09
292 #define CFA_INVALID_COMMAND 0x20
293 #define CFA_INVALID_ADDRESS 0x21
294 #define CFA_ADDRESS_OVERFLOW 0x2f
295
296 #define SENSE_NONE 0
297 #define SENSE_NOT_READY 2
298 #define SENSE_ILLEGAL_REQUEST 5
299 #define SENSE_UNIT_ATTENTION 6
300
301 struct IDEState;
302
303 typedef void EndTransferFunc(struct IDEState *);
304
305 /* NOTE: IDEState represents in fact one drive */
306 typedef struct IDEState {
307 /* ide config */
308 int is_cdrom;
309 int is_cf;
310 int cylinders, heads, sectors;
311 int64_t nb_sectors;
312 int mult_sectors;
313 int identify_set;
314 uint16_t identify_data[256];
315 qemu_irq irq;
316 PCIDevice *pci_dev;
317 struct BMDMAState *bmdma;
318 int drive_serial;
319 /* ide regs */
320 uint8_t feature;
321 uint8_t error;
322 uint32_t nsector;
323 uint8_t sector;
324 uint8_t lcyl;
325 uint8_t hcyl;
326 /* other part of tf for lba48 support */
327 uint8_t hob_feature;
328 uint8_t hob_nsector;
329 uint8_t hob_sector;
330 uint8_t hob_lcyl;
331 uint8_t hob_hcyl;
332
333 uint8_t select;
334 uint8_t status;
335
336 /* 0x3f6 command, only meaningful for drive 0 */
337 uint8_t cmd;
338 /* set for lba48 access */
339 uint8_t lba48;
340 /* depends on bit 4 in select, only meaningful for drive 0 */
341 struct IDEState *cur_drive;
342 BlockDriverState *bs;
343 /* ATAPI specific */
344 uint8_t sense_key;
345 uint8_t asc;
346 int packet_transfer_size;
347 int elementary_transfer_size;
348 int io_buffer_index;
349 int lba;
350 int cd_sector_size;
351 int atapi_dma; /* true if dma is requested for the packet cmd */
352 /* ATA DMA state */
353 int io_buffer_size;
354 /* PIO transfer handling */
355 int req_nb_sectors; /* number of sectors per interrupt */
356 EndTransferFunc *end_transfer_func;
357 uint8_t *data_ptr;
358 uint8_t *data_end;
359 uint8_t io_buffer[MAX_MULT_SECTORS*512 + 4];
360 QEMUTimer *sector_write_timer; /* only used for win2k instal hack */
361 uint32_t irq_count; /* counts IRQs when using win2k install hack */
362 /* CF-ATA extended error */
363 uint8_t ext_error;
364 /* CF-ATA metadata storage */
365 uint32_t mdata_size;
366 uint8_t *mdata_storage;
367 int media_changed;
368 } IDEState;
369
370 #define BM_STATUS_DMAING 0x01
371 #define BM_STATUS_ERROR 0x02
372 #define BM_STATUS_INT 0x04
373
374 #define BM_CMD_START 0x01
375 #define BM_CMD_READ 0x08
376
377 #define IDE_TYPE_PIIX3 0
378 #define IDE_TYPE_CMD646 1
379 #define IDE_TYPE_PIIX4 2
380
381 /* CMD646 specific */
382 #define MRDMODE 0x71
383 #define MRDMODE_INTR_CH0 0x04
384 #define MRDMODE_INTR_CH1 0x08
385 #define MRDMODE_BLK_CH0 0x10
386 #define MRDMODE_BLK_CH1 0x20
387 #define UDIDETCR0 0x73
388 #define UDIDETCR1 0x7B
389
390 typedef struct BMDMAState {
391 uint8_t cmd;
392 uint8_t status;
393 uint32_t addr;
394
395 struct PCIIDEState *pci_dev;
396 /* current transfer state */
397 uint32_t cur_addr;
398 uint32_t cur_prd_last;
399 uint32_t cur_prd_addr;
400 uint32_t cur_prd_len;
401 IDEState *ide_if;
402 BlockDriverCompletionFunc *dma_cb;
403 BlockDriverAIOCB *aiocb;
404 } BMDMAState;
405
406 typedef struct PCIIDEState {
407 PCIDevice dev;
408 IDEState ide_if[4];
409 BMDMAState bmdma[2];
410 int type; /* see IDE_TYPE_xxx */
411 } PCIIDEState;
412
413 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb);
414 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
415
416 static void padstr(char *str, const char *src, int len)
417 {
418 int i, v;
419 for(i = 0; i < len; i++) {
420 if (*src)
421 v = *src++;
422 else
423 v = ' ';
424 *(char *)((long)str ^ 1) = v;
425 str++;
426 }
427 }
428
429 static void padstr8(uint8_t *buf, int buf_size, const char *src)
430 {
431 int i;
432 for(i = 0; i < buf_size; i++) {
433 if (*src)
434 buf[i] = *src++;
435 else
436 buf[i] = ' ';
437 }
438 }
439
440 static void put_le16(uint16_t *p, unsigned int v)
441 {
442 *p = cpu_to_le16(v);
443 }
444
445 static void ide_identify(IDEState *s)
446 {
447 uint16_t *p;
448 unsigned int oldsize;
449 char buf[20];
450
451 if (s->identify_set) {
452 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
453 return;
454 }
455
456 memset(s->io_buffer, 0, 512);
457 p = (uint16_t *)s->io_buffer;
458 put_le16(p + 0, 0x0040);
459 put_le16(p + 1, s->cylinders);
460 put_le16(p + 3, s->heads);
461 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
462 put_le16(p + 5, 512); /* XXX: retired, remove ? */
463 put_le16(p + 6, s->sectors);
464 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
465 padstr((uint8_t *)(p + 10), buf, 20); /* serial number */
466 put_le16(p + 20, 3); /* XXX: retired, remove ? */
467 put_le16(p + 21, 512); /* cache size in sectors */
468 put_le16(p + 22, 4); /* ecc bytes */
469 padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */
470 padstr((uint8_t *)(p + 27), "QEMU HARDDISK", 40); /* model */
471 #if MAX_MULT_SECTORS > 1
472 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
473 #endif
474 put_le16(p + 48, 1); /* dword I/O */
475 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
476 put_le16(p + 51, 0x200); /* PIO transfer cycle */
477 put_le16(p + 52, 0x200); /* DMA transfer cycle */
478 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
479 put_le16(p + 54, s->cylinders);
480 put_le16(p + 55, s->heads);
481 put_le16(p + 56, s->sectors);
482 oldsize = s->cylinders * s->heads * s->sectors;
483 put_le16(p + 57, oldsize);
484 put_le16(p + 58, oldsize >> 16);
485 if (s->mult_sectors)
486 put_le16(p + 59, 0x100 | s->mult_sectors);
487 put_le16(p + 60, s->nb_sectors);
488 put_le16(p + 61, s->nb_sectors >> 16);
489 put_le16(p + 63, 0x07); /* mdma0-2 supported */
490 put_le16(p + 65, 120);
491 put_le16(p + 66, 120);
492 put_le16(p + 67, 120);
493 put_le16(p + 68, 120);
494 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
495 put_le16(p + 81, 0x16); /* conforms to ata5 */
496 put_le16(p + 82, (1 << 14));
497 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
498 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
499 put_le16(p + 84, (1 << 14));
500 put_le16(p + 85, (1 << 14));
501 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
502 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
503 put_le16(p + 87, (1 << 14));
504 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
505 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
506 put_le16(p + 100, s->nb_sectors);
507 put_le16(p + 101, s->nb_sectors >> 16);
508 put_le16(p + 102, s->nb_sectors >> 32);
509 put_le16(p + 103, s->nb_sectors >> 48);
510
511 memcpy(s->identify_data, p, sizeof(s->identify_data));
512 s->identify_set = 1;
513 }
514
515 static void ide_atapi_identify(IDEState *s)
516 {
517 uint16_t *p;
518 char buf[20];
519
520 if (s->identify_set) {
521 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
522 return;
523 }
524
525 memset(s->io_buffer, 0, 512);
526 p = (uint16_t *)s->io_buffer;
527 /* Removable CDROM, 50us response, 12 byte packets */
528 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
529 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
530 padstr((uint8_t *)(p + 10), buf, 20); /* serial number */
531 put_le16(p + 20, 3); /* buffer type */
532 put_le16(p + 21, 512); /* cache size in sectors */
533 put_le16(p + 22, 4); /* ecc bytes */
534 padstr((uint8_t *)(p + 23), QEMU_VERSION, 8); /* firmware version */
535 padstr((uint8_t *)(p + 27), "QEMU CD-ROM", 40); /* model */
536 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
537 #ifdef USE_DMA_CDROM
538 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
539 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
540 put_le16(p + 63, 7); /* mdma0-2 supported */
541 put_le16(p + 64, 0x3f); /* PIO modes supported */
542 #else
543 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
544 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
545 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
546 put_le16(p + 64, 1); /* PIO modes */
547 #endif
548 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
549 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
550 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
551 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
552
553 put_le16(p + 71, 30); /* in ns */
554 put_le16(p + 72, 30); /* in ns */
555
556 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
557 #ifdef USE_DMA_CDROM
558 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
559 #endif
560 memcpy(s->identify_data, p, sizeof(s->identify_data));
561 s->identify_set = 1;
562 }
563
564 static void ide_cfata_identify(IDEState *s)
565 {
566 uint16_t *p;
567 uint32_t cur_sec;
568 char buf[20];
569
570 p = (uint16_t *) s->identify_data;
571 if (s->identify_set)
572 goto fill_buffer;
573
574 memset(p, 0, sizeof(s->identify_data));
575
576 cur_sec = s->cylinders * s->heads * s->sectors;
577
578 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
579 put_le16(p + 1, s->cylinders); /* Default cylinders */
580 put_le16(p + 3, s->heads); /* Default heads */
581 put_le16(p + 6, s->sectors); /* Default sectors per track */
582 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
583 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
584 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
585 padstr((uint8_t *)(p + 10), buf, 20); /* Serial number in ASCII */
586 put_le16(p + 22, 0x0004); /* ECC bytes */
587 padstr((uint8_t *) (p + 23), QEMU_VERSION, 8); /* Firmware Revision */
588 padstr((uint8_t *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */
589 #if MAX_MULT_SECTORS > 1
590 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
591 #else
592 put_le16(p + 47, 0x0000);
593 #endif
594 put_le16(p + 49, 0x0f00); /* Capabilities */
595 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
596 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
597 put_le16(p + 53, 0x0003); /* Translation params valid */
598 put_le16(p + 54, s->cylinders); /* Current cylinders */
599 put_le16(p + 55, s->heads); /* Current heads */
600 put_le16(p + 56, s->sectors); /* Current sectors */
601 put_le16(p + 57, cur_sec); /* Current capacity */
602 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
603 if (s->mult_sectors) /* Multiple sector setting */
604 put_le16(p + 59, 0x100 | s->mult_sectors);
605 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
606 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
607 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
608 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
609 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
610 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
611 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
612 put_le16(p + 82, 0x400c); /* Command Set supported */
613 put_le16(p + 83, 0x7068); /* Command Set supported */
614 put_le16(p + 84, 0x4000); /* Features supported */
615 put_le16(p + 85, 0x000c); /* Command Set enabled */
616 put_le16(p + 86, 0x7044); /* Command Set enabled */
617 put_le16(p + 87, 0x4000); /* Features enabled */
618 put_le16(p + 91, 0x4060); /* Current APM level */
619 put_le16(p + 129, 0x0002); /* Current features option */
620 put_le16(p + 130, 0x0005); /* Reassigned sectors */
621 put_le16(p + 131, 0x0001); /* Initial power mode */
622 put_le16(p + 132, 0x0000); /* User signature */
623 put_le16(p + 160, 0x8100); /* Power requirement */
624 put_le16(p + 161, 0x8001); /* CF command set */
625
626 s->identify_set = 1;
627
628 fill_buffer:
629 memcpy(s->io_buffer, p, sizeof(s->identify_data));
630 }
631
632 static void ide_set_signature(IDEState *s)
633 {
634 s->select &= 0xf0; /* clear head */
635 /* put signature */
636 s->nsector = 1;
637 s->sector = 1;
638 if (s->is_cdrom) {
639 s->lcyl = 0x14;
640 s->hcyl = 0xeb;
641 } else if (s->bs) {
642 s->lcyl = 0;
643 s->hcyl = 0;
644 } else {
645 s->lcyl = 0xff;
646 s->hcyl = 0xff;
647 }
648 }
649
650 static inline void ide_abort_command(IDEState *s)
651 {
652 s->status = READY_STAT | ERR_STAT;
653 s->error = ABRT_ERR;
654 }
655
656 static inline void ide_set_irq(IDEState *s)
657 {
658 BMDMAState *bm = s->bmdma;
659 if (!(s->cmd & IDE_CMD_DISABLE_IRQ)) {
660 if (bm) {
661 bm->status |= BM_STATUS_INT;
662 }
663 qemu_irq_raise(s->irq);
664 }
665 }
666
667 /* prepare data transfer and tell what to do after */
668 static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
669 EndTransferFunc *end_transfer_func)
670 {
671 s->end_transfer_func = end_transfer_func;
672 s->data_ptr = buf;
673 s->data_end = buf + size;
674 if (!(s->status & ERR_STAT))
675 s->status |= DRQ_STAT;
676 }
677
678 static void ide_transfer_stop(IDEState *s)
679 {
680 s->end_transfer_func = ide_transfer_stop;
681 s->data_ptr = s->io_buffer;
682 s->data_end = s->io_buffer;
683 s->status &= ~DRQ_STAT;
684 }
685
686 static int64_t ide_get_sector(IDEState *s)
687 {
688 int64_t sector_num;
689 if (s->select & 0x40) {
690 /* lba */
691 if (!s->lba48) {
692 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
693 (s->lcyl << 8) | s->sector;
694 } else {
695 sector_num = ((int64_t)s->hob_hcyl << 40) |
696 ((int64_t) s->hob_lcyl << 32) |
697 ((int64_t) s->hob_sector << 24) |
698 ((int64_t) s->hcyl << 16) |
699 ((int64_t) s->lcyl << 8) | s->sector;
700 }
701 } else {
702 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
703 (s->select & 0x0f) * s->sectors + (s->sector - 1);
704 }
705 return sector_num;
706 }
707
708 static void ide_set_sector(IDEState *s, int64_t sector_num)
709 {
710 unsigned int cyl, r;
711 if (s->select & 0x40) {
712 if (!s->lba48) {
713 s->select = (s->select & 0xf0) | (sector_num >> 24);
714 s->hcyl = (sector_num >> 16);
715 s->lcyl = (sector_num >> 8);
716 s->sector = (sector_num);
717 } else {
718 s->sector = sector_num;
719 s->lcyl = sector_num >> 8;
720 s->hcyl = sector_num >> 16;
721 s->hob_sector = sector_num >> 24;
722 s->hob_lcyl = sector_num >> 32;
723 s->hob_hcyl = sector_num >> 40;
724 }
725 } else {
726 cyl = sector_num / (s->heads * s->sectors);
727 r = sector_num % (s->heads * s->sectors);
728 s->hcyl = cyl >> 8;
729 s->lcyl = cyl;
730 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
731 s->sector = (r % s->sectors) + 1;
732 }
733 }
734
735 static void ide_sector_read(IDEState *s)
736 {
737 int64_t sector_num;
738 int ret, n;
739
740 s->status = READY_STAT | SEEK_STAT;
741 s->error = 0; /* not needed by IDE spec, but needed by Windows */
742 sector_num = ide_get_sector(s);
743 n = s->nsector;
744 if (n == 0) {
745 /* no more sector to read from disk */
746 ide_transfer_stop(s);
747 } else {
748 #if defined(DEBUG_IDE)
749 printf("read sector=%Ld\n", sector_num);
750 #endif
751 if (n > s->req_nb_sectors)
752 n = s->req_nb_sectors;
753 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
754 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
755 ide_set_irq(s);
756 ide_set_sector(s, sector_num + n);
757 s->nsector -= n;
758 }
759 }
760
761 /* return 0 if buffer completed */
762 static int dma_buf_rw(BMDMAState *bm, int is_write)
763 {
764 IDEState *s = bm->ide_if;
765 struct {
766 uint32_t addr;
767 uint32_t size;
768 } prd;
769 int l, len;
770
771 for(;;) {
772 l = s->io_buffer_size - s->io_buffer_index;
773 if (l <= 0)
774 break;
775 if (bm->cur_prd_len == 0) {
776 /* end of table (with a fail safe of one page) */
777 if (bm->cur_prd_last ||
778 (bm->cur_addr - bm->addr) >= 4096)
779 return 0;
780 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
781 bm->cur_addr += 8;
782 prd.addr = le32_to_cpu(prd.addr);
783 prd.size = le32_to_cpu(prd.size);
784 len = prd.size & 0xfffe;
785 if (len == 0)
786 len = 0x10000;
787 bm->cur_prd_len = len;
788 bm->cur_prd_addr = prd.addr;
789 bm->cur_prd_last = (prd.size & 0x80000000);
790 }
791 if (l > bm->cur_prd_len)
792 l = bm->cur_prd_len;
793 if (l > 0) {
794 if (is_write) {
795 cpu_physical_memory_write(bm->cur_prd_addr,
796 s->io_buffer + s->io_buffer_index, l);
797 } else {
798 cpu_physical_memory_read(bm->cur_prd_addr,
799 s->io_buffer + s->io_buffer_index, l);
800 }
801 bm->cur_prd_addr += l;
802 bm->cur_prd_len -= l;
803 s->io_buffer_index += l;
804 }
805 }
806 return 1;
807 }
808
809 /* XXX: handle errors */
810 static void ide_read_dma_cb(void *opaque, int ret)
811 {
812 BMDMAState *bm = opaque;
813 IDEState *s = bm->ide_if;
814 int n;
815 int64_t sector_num;
816
817 n = s->io_buffer_size >> 9;
818 sector_num = ide_get_sector(s);
819 if (n > 0) {
820 sector_num += n;
821 ide_set_sector(s, sector_num);
822 s->nsector -= n;
823 if (dma_buf_rw(bm, 1) == 0)
824 goto eot;
825 }
826
827 /* end of transfer ? */
828 if (s->nsector == 0) {
829 s->status = READY_STAT | SEEK_STAT;
830 ide_set_irq(s);
831 eot:
832 bm->status &= ~BM_STATUS_DMAING;
833 bm->status |= BM_STATUS_INT;
834 bm->dma_cb = NULL;
835 bm->ide_if = NULL;
836 bm->aiocb = NULL;
837 return;
838 }
839
840 /* launch next transfer */
841 n = s->nsector;
842 if (n > MAX_MULT_SECTORS)
843 n = MAX_MULT_SECTORS;
844 s->io_buffer_index = 0;
845 s->io_buffer_size = n * 512;
846 #ifdef DEBUG_AIO
847 printf("aio_read: sector_num=%lld n=%d\n", sector_num, n);
848 #endif
849 bm->aiocb = bdrv_aio_read(s->bs, sector_num, s->io_buffer, n,
850 ide_read_dma_cb, bm);
851 }
852
853 static void ide_sector_read_dma(IDEState *s)
854 {
855 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
856 s->io_buffer_index = 0;
857 s->io_buffer_size = 0;
858 ide_dma_start(s, ide_read_dma_cb);
859 }
860
861 static void ide_sector_write_timer_cb(void *opaque)
862 {
863 IDEState *s = opaque;
864 ide_set_irq(s);
865 }
866
867 static void ide_sector_write(IDEState *s)
868 {
869 int64_t sector_num;
870 int ret, n, n1;
871
872 s->status = READY_STAT | SEEK_STAT;
873 sector_num = ide_get_sector(s);
874 #if defined(DEBUG_IDE)
875 printf("write sector=%Ld\n", sector_num);
876 #endif
877 n = s->nsector;
878 if (n > s->req_nb_sectors)
879 n = s->req_nb_sectors;
880 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
881 s->nsector -= n;
882 if (s->nsector == 0) {
883 /* no more sectors to write */
884 ide_transfer_stop(s);
885 } else {
886 n1 = s->nsector;
887 if (n1 > s->req_nb_sectors)
888 n1 = s->req_nb_sectors;
889 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
890 }
891 ide_set_sector(s, sector_num + n);
892
893 #ifdef TARGET_I386
894 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
895 /* It seems there is a bug in the Windows 2000 installer HDD
896 IDE driver which fills the disk with empty logs when the
897 IDE write IRQ comes too early. This hack tries to correct
898 that at the expense of slower write performances. Use this
899 option _only_ to install Windows 2000. You must disable it
900 for normal use. */
901 qemu_mod_timer(s->sector_write_timer,
902 qemu_get_clock(vm_clock) + (ticks_per_sec / 1000));
903 } else
904 #endif
905 {
906 ide_set_irq(s);
907 }
908 }
909
910 /* XXX: handle errors */
911 static void ide_write_dma_cb(void *opaque, int ret)
912 {
913 BMDMAState *bm = opaque;
914 IDEState *s = bm->ide_if;
915 int n;
916 int64_t sector_num;
917
918 n = s->io_buffer_size >> 9;
919 sector_num = ide_get_sector(s);
920 if (n > 0) {
921 sector_num += n;
922 ide_set_sector(s, sector_num);
923 s->nsector -= n;
924 }
925
926 /* end of transfer ? */
927 if (s->nsector == 0) {
928 s->status = READY_STAT | SEEK_STAT;
929 ide_set_irq(s);
930 eot:
931 bm->status &= ~BM_STATUS_DMAING;
932 bm->status |= BM_STATUS_INT;
933 bm->dma_cb = NULL;
934 bm->ide_if = NULL;
935 bm->aiocb = NULL;
936 return;
937 }
938
939 /* launch next transfer */
940 n = s->nsector;
941 if (n > MAX_MULT_SECTORS)
942 n = MAX_MULT_SECTORS;
943 s->io_buffer_index = 0;
944 s->io_buffer_size = n * 512;
945
946 if (dma_buf_rw(bm, 0) == 0)
947 goto eot;
948 #ifdef DEBUG_AIO
949 printf("aio_write: sector_num=%lld n=%d\n", sector_num, n);
950 #endif
951 bm->aiocb = bdrv_aio_write(s->bs, sector_num, s->io_buffer, n,
952 ide_write_dma_cb, bm);
953 }
954
955 static void ide_sector_write_dma(IDEState *s)
956 {
957 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
958 s->io_buffer_index = 0;
959 s->io_buffer_size = 0;
960 ide_dma_start(s, ide_write_dma_cb);
961 }
962
963 static void ide_atapi_cmd_ok(IDEState *s)
964 {
965 s->error = 0;
966 s->status = READY_STAT;
967 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
968 ide_set_irq(s);
969 }
970
971 static void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
972 {
973 #ifdef DEBUG_IDE_ATAPI
974 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
975 #endif
976 s->error = sense_key << 4;
977 s->status = READY_STAT | ERR_STAT;
978 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
979 s->sense_key = sense_key;
980 s->asc = asc;
981 ide_set_irq(s);
982 }
983
984 static inline void cpu_to_ube16(uint8_t *buf, int val)
985 {
986 buf[0] = val >> 8;
987 buf[1] = val;
988 }
989
990 static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
991 {
992 buf[0] = val >> 24;
993 buf[1] = val >> 16;
994 buf[2] = val >> 8;
995 buf[3] = val;
996 }
997
998 static inline int ube16_to_cpu(const uint8_t *buf)
999 {
1000 return (buf[0] << 8) | buf[1];
1001 }
1002
1003 static inline int ube32_to_cpu(const uint8_t *buf)
1004 {
1005 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
1006 }
1007
1008 static void lba_to_msf(uint8_t *buf, int lba)
1009 {
1010 lba += 150;
1011 buf[0] = (lba / 75) / 60;
1012 buf[1] = (lba / 75) % 60;
1013 buf[2] = lba % 75;
1014 }
1015
1016 static void cd_data_to_raw(uint8_t *buf, int lba)
1017 {
1018 /* sync bytes */
1019 buf[0] = 0x00;
1020 memset(buf + 1, 0xff, 10);
1021 buf[11] = 0x00;
1022 buf += 12;
1023 /* MSF */
1024 lba_to_msf(buf, lba);
1025 buf[3] = 0x01; /* mode 1 data */
1026 buf += 4;
1027 /* data */
1028 buf += 2048;
1029 /* XXX: ECC not computed */
1030 memset(buf, 0, 288);
1031 }
1032
1033 static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
1034 int sector_size)
1035 {
1036 int ret;
1037
1038 switch(sector_size) {
1039 case 2048:
1040 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
1041 break;
1042 case 2352:
1043 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
1044 if (ret < 0)
1045 return ret;
1046 cd_data_to_raw(buf, lba);
1047 break;
1048 default:
1049 ret = -EIO;
1050 break;
1051 }
1052 return ret;
1053 }
1054
1055 static void ide_atapi_io_error(IDEState *s, int ret)
1056 {
1057 /* XXX: handle more errors */
1058 if (ret == -ENOMEDIUM) {
1059 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1060 ASC_MEDIUM_NOT_PRESENT);
1061 } else {
1062 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1063 ASC_LOGICAL_BLOCK_OOR);
1064 }
1065 }
1066
1067 /* The whole ATAPI transfer logic is handled in this function */
1068 static void ide_atapi_cmd_reply_end(IDEState *s)
1069 {
1070 int byte_count_limit, size, ret;
1071 #ifdef DEBUG_IDE_ATAPI
1072 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
1073 s->packet_transfer_size,
1074 s->elementary_transfer_size,
1075 s->io_buffer_index);
1076 #endif
1077 if (s->packet_transfer_size <= 0) {
1078 /* end of transfer */
1079 ide_transfer_stop(s);
1080 s->status = READY_STAT;
1081 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1082 ide_set_irq(s);
1083 #ifdef DEBUG_IDE_ATAPI
1084 printf("status=0x%x\n", s->status);
1085 #endif
1086 } else {
1087 /* see if a new sector must be read */
1088 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
1089 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
1090 if (ret < 0) {
1091 ide_transfer_stop(s);
1092 ide_atapi_io_error(s, ret);
1093 return;
1094 }
1095 s->lba++;
1096 s->io_buffer_index = 0;
1097 }
1098 if (s->elementary_transfer_size > 0) {
1099 /* there are some data left to transmit in this elementary
1100 transfer */
1101 size = s->cd_sector_size - s->io_buffer_index;
1102 if (size > s->elementary_transfer_size)
1103 size = s->elementary_transfer_size;
1104 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1105 size, ide_atapi_cmd_reply_end);
1106 s->packet_transfer_size -= size;
1107 s->elementary_transfer_size -= size;
1108 s->io_buffer_index += size;
1109 } else {
1110 /* a new transfer is needed */
1111 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
1112 byte_count_limit = s->lcyl | (s->hcyl << 8);
1113 #ifdef DEBUG_IDE_ATAPI
1114 printf("byte_count_limit=%d\n", byte_count_limit);
1115 #endif
1116 if (byte_count_limit == 0xffff)
1117 byte_count_limit--;
1118 size = s->packet_transfer_size;
1119 if (size > byte_count_limit) {
1120 /* byte count limit must be even if this case */
1121 if (byte_count_limit & 1)
1122 byte_count_limit--;
1123 size = byte_count_limit;
1124 }
1125 s->lcyl = size;
1126 s->hcyl = size >> 8;
1127 s->elementary_transfer_size = size;
1128 /* we cannot transmit more than one sector at a time */
1129 if (s->lba != -1) {
1130 if (size > (s->cd_sector_size - s->io_buffer_index))
1131 size = (s->cd_sector_size - s->io_buffer_index);
1132 }
1133 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1134 size, ide_atapi_cmd_reply_end);
1135 s->packet_transfer_size -= size;
1136 s->elementary_transfer_size -= size;
1137 s->io_buffer_index += size;
1138 ide_set_irq(s);
1139 #ifdef DEBUG_IDE_ATAPI
1140 printf("status=0x%x\n", s->status);
1141 #endif
1142 }
1143 }
1144 }
1145
1146 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
1147 static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
1148 {
1149 if (size > max_size)
1150 size = max_size;
1151 s->lba = -1; /* no sector read */
1152 s->packet_transfer_size = size;
1153 s->io_buffer_size = size; /* dma: send the reply data as one chunk */
1154 s->elementary_transfer_size = 0;
1155 s->io_buffer_index = 0;
1156
1157 if (s->atapi_dma) {
1158 s->status = READY_STAT | DRQ_STAT;
1159 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1160 } else {
1161 s->status = READY_STAT;
1162 ide_atapi_cmd_reply_end(s);
1163 }
1164 }
1165
1166 /* start a CD-CDROM read command */
1167 static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
1168 int sector_size)
1169 {
1170 s->lba = lba;
1171 s->packet_transfer_size = nb_sectors * sector_size;
1172 s->elementary_transfer_size = 0;
1173 s->io_buffer_index = sector_size;
1174 s->cd_sector_size = sector_size;
1175
1176 s->status = READY_STAT;
1177 ide_atapi_cmd_reply_end(s);
1178 }
1179
1180 /* ATAPI DMA support */
1181
1182 /* XXX: handle read errors */
1183 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
1184 {
1185 BMDMAState *bm = opaque;
1186 IDEState *s = bm->ide_if;
1187 int data_offset, n;
1188
1189 if (ret < 0) {
1190 ide_atapi_io_error(s, ret);
1191 goto eot;
1192 }
1193
1194 if (s->io_buffer_size > 0) {
1195 /*
1196 * For a cdrom read sector command (s->lba != -1),
1197 * adjust the lba for the next s->io_buffer_size chunk
1198 * and dma the current chunk.
1199 * For a command != read (s->lba == -1), just transfer
1200 * the reply data.
1201 */
1202 if (s->lba != -1) {
1203 if (s->cd_sector_size == 2352) {
1204 n = 1;
1205 cd_data_to_raw(s->io_buffer, s->lba);
1206 } else {
1207 n = s->io_buffer_size >> 11;
1208 }
1209 s->lba += n;
1210 }
1211 s->packet_transfer_size -= s->io_buffer_size;
1212 if (dma_buf_rw(bm, 1) == 0)
1213 goto eot;
1214 }
1215
1216 if (s->packet_transfer_size <= 0) {
1217 s->status = READY_STAT;
1218 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1219 ide_set_irq(s);
1220 eot:
1221 bm->status &= ~BM_STATUS_DMAING;
1222 bm->status |= BM_STATUS_INT;
1223 bm->dma_cb = NULL;
1224 bm->ide_if = NULL;
1225 bm->aiocb = NULL;
1226 return;
1227 }
1228
1229 s->io_buffer_index = 0;
1230 if (s->cd_sector_size == 2352) {
1231 n = 1;
1232 s->io_buffer_size = s->cd_sector_size;
1233 data_offset = 16;
1234 } else {
1235 n = s->packet_transfer_size >> 11;
1236 if (n > (MAX_MULT_SECTORS / 4))
1237 n = (MAX_MULT_SECTORS / 4);
1238 s->io_buffer_size = n * 2048;
1239 data_offset = 0;
1240 }
1241 #ifdef DEBUG_AIO
1242 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
1243 #endif
1244 bm->aiocb = bdrv_aio_read(s->bs, (int64_t)s->lba << 2,
1245 s->io_buffer + data_offset, n * 4,
1246 ide_atapi_cmd_read_dma_cb, bm);
1247 if (!bm->aiocb) {
1248 /* Note: media not present is the most likely case */
1249 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1250 ASC_MEDIUM_NOT_PRESENT);
1251 goto eot;
1252 }
1253 }
1254
1255 /* start a CD-CDROM read command with DMA */
1256 /* XXX: test if DMA is available */
1257 static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1258 int sector_size)
1259 {
1260 s->lba = lba;
1261 s->packet_transfer_size = nb_sectors * sector_size;
1262 s->io_buffer_index = 0;
1263 s->io_buffer_size = 0;
1264 s->cd_sector_size = sector_size;
1265
1266 /* XXX: check if BUSY_STAT should be set */
1267 s->status = READY_STAT | DRQ_STAT | BUSY_STAT;
1268 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1269 }
1270
1271 static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
1272 int sector_size)
1273 {
1274 #ifdef DEBUG_IDE_ATAPI
1275 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
1276 lba, nb_sectors);
1277 #endif
1278 if (s->atapi_dma) {
1279 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1280 } else {
1281 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1282 }
1283 }
1284
1285 static void ide_atapi_cmd(IDEState *s)
1286 {
1287 const uint8_t *packet;
1288 uint8_t *buf;
1289 int max_len;
1290
1291 packet = s->io_buffer;
1292 buf = s->io_buffer;
1293 #ifdef DEBUG_IDE_ATAPI
1294 {
1295 int i;
1296 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1297 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1298 printf(" %02x", packet[i]);
1299 }
1300 printf("\n");
1301 }
1302 #endif
1303 switch(s->io_buffer[0]) {
1304 case GPCMD_TEST_UNIT_READY:
1305 if (bdrv_is_inserted(s->bs)) {
1306 ide_atapi_cmd_ok(s);
1307 } else {
1308 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1309 ASC_MEDIUM_NOT_PRESENT);
1310 }
1311 break;
1312 case GPCMD_MODE_SENSE_10:
1313 {
1314 int action, code;
1315 max_len = ube16_to_cpu(packet + 7);
1316 action = packet[2] >> 6;
1317 code = packet[2] & 0x3f;
1318 switch(action) {
1319 case 0: /* current values */
1320 switch(code) {
1321 case 0x01: /* error recovery */
1322 cpu_to_ube16(&buf[0], 16 + 6);
1323 buf[2] = 0x70;
1324 buf[3] = 0;
1325 buf[4] = 0;
1326 buf[5] = 0;
1327 buf[6] = 0;
1328 buf[7] = 0;
1329
1330 buf[8] = 0x01;
1331 buf[9] = 0x06;
1332 buf[10] = 0x00;
1333 buf[11] = 0x05;
1334 buf[12] = 0x00;
1335 buf[13] = 0x00;
1336 buf[14] = 0x00;
1337 buf[15] = 0x00;
1338 ide_atapi_cmd_reply(s, 16, max_len);
1339 break;
1340 case 0x2a:
1341 cpu_to_ube16(&buf[0], 28 + 6);
1342 buf[2] = 0x70;
1343 buf[3] = 0;
1344 buf[4] = 0;
1345 buf[5] = 0;
1346 buf[6] = 0;
1347 buf[7] = 0;
1348
1349 buf[8] = 0x2a;
1350 buf[9] = 0x12;
1351 buf[10] = 0x00;
1352 buf[11] = 0x00;
1353
1354 buf[12] = 0x70;
1355 buf[13] = 3 << 5;
1356 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
1357 if (bdrv_is_locked(s->bs))
1358 buf[6] |= 1 << 1;
1359 buf[15] = 0x00;
1360 cpu_to_ube16(&buf[16], 706);
1361 buf[18] = 0;
1362 buf[19] = 2;
1363 cpu_to_ube16(&buf[20], 512);
1364 cpu_to_ube16(&buf[22], 706);
1365 buf[24] = 0;
1366 buf[25] = 0;
1367 buf[26] = 0;
1368 buf[27] = 0;
1369 ide_atapi_cmd_reply(s, 28, max_len);
1370 break;
1371 default:
1372 goto error_cmd;
1373 }
1374 break;
1375 case 1: /* changeable values */
1376 goto error_cmd;
1377 case 2: /* default values */
1378 goto error_cmd;
1379 default:
1380 case 3: /* saved values */
1381 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1382 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1383 break;
1384 }
1385 }
1386 break;
1387 case GPCMD_REQUEST_SENSE:
1388 max_len = packet[4];
1389 memset(buf, 0, 18);
1390 buf[0] = 0x70 | (1 << 7);
1391 buf[2] = s->sense_key;
1392 buf[7] = 10;
1393 buf[12] = s->asc;
1394 ide_atapi_cmd_reply(s, 18, max_len);
1395 break;
1396 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
1397 if (bdrv_is_inserted(s->bs)) {
1398 bdrv_set_locked(s->bs, packet[4] & 1);
1399 ide_atapi_cmd_ok(s);
1400 } else {
1401 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1402 ASC_MEDIUM_NOT_PRESENT);
1403 }
1404 break;
1405 case GPCMD_READ_10:
1406 case GPCMD_READ_12:
1407 {
1408 int nb_sectors, lba;
1409
1410 if (packet[0] == GPCMD_READ_10)
1411 nb_sectors = ube16_to_cpu(packet + 7);
1412 else
1413 nb_sectors = ube32_to_cpu(packet + 6);
1414 lba = ube32_to_cpu(packet + 2);
1415 if (nb_sectors == 0) {
1416 ide_atapi_cmd_ok(s);
1417 break;
1418 }
1419 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1420 }
1421 break;
1422 case GPCMD_READ_CD:
1423 {
1424 int nb_sectors, lba, transfer_request;
1425
1426 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1427 lba = ube32_to_cpu(packet + 2);
1428 if (nb_sectors == 0) {
1429 ide_atapi_cmd_ok(s);
1430 break;
1431 }
1432 transfer_request = packet[9];
1433 switch(transfer_request & 0xf8) {
1434 case 0x00:
1435 /* nothing */
1436 ide_atapi_cmd_ok(s);
1437 break;
1438 case 0x10:
1439 /* normal read */
1440 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1441 break;
1442 case 0xf8:
1443 /* read all data */
1444 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1445 break;
1446 default:
1447 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1448 ASC_INV_FIELD_IN_CMD_PACKET);
1449 break;
1450 }
1451 }
1452 break;
1453 case GPCMD_SEEK:
1454 {
1455 int lba;
1456 int64_t total_sectors;
1457
1458 bdrv_get_geometry(s->bs, &total_sectors);
1459 total_sectors >>= 2;
1460 if (total_sectors <= 0) {
1461 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1462 ASC_MEDIUM_NOT_PRESENT);
1463 break;
1464 }
1465 lba = ube32_to_cpu(packet + 2);
1466 if (lba >= total_sectors) {
1467 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1468 ASC_LOGICAL_BLOCK_OOR);
1469 break;
1470 }
1471 ide_atapi_cmd_ok(s);
1472 }
1473 break;
1474 case GPCMD_START_STOP_UNIT:
1475 {
1476 int start, eject;
1477 start = packet[4] & 1;
1478 eject = (packet[4] >> 1) & 1;
1479
1480 if (eject && !start) {
1481 /* eject the disk */
1482 bdrv_eject(s->bs, 1);
1483 } else if (eject && start) {
1484 /* close the tray */
1485 bdrv_eject(s->bs, 0);
1486 }
1487 ide_atapi_cmd_ok(s);
1488 }
1489 break;
1490 case GPCMD_MECHANISM_STATUS:
1491 {
1492 max_len = ube16_to_cpu(packet + 8);
1493 cpu_to_ube16(buf, 0);
1494 /* no current LBA */
1495 buf[2] = 0;
1496 buf[3] = 0;
1497 buf[4] = 0;
1498 buf[5] = 1;
1499 cpu_to_ube16(buf + 6, 0);
1500 ide_atapi_cmd_reply(s, 8, max_len);
1501 }
1502 break;
1503 case GPCMD_READ_TOC_PMA_ATIP:
1504 {
1505 int format, msf, start_track, len;
1506 int64_t total_sectors;
1507
1508 bdrv_get_geometry(s->bs, &total_sectors);
1509 total_sectors >>= 2;
1510 if (total_sectors <= 0) {
1511 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1512 ASC_MEDIUM_NOT_PRESENT);
1513 break;
1514 }
1515 max_len = ube16_to_cpu(packet + 7);
1516 format = packet[9] >> 6;
1517 msf = (packet[1] >> 1) & 1;
1518 start_track = packet[6];
1519 switch(format) {
1520 case 0:
1521 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
1522 if (len < 0)
1523 goto error_cmd;
1524 ide_atapi_cmd_reply(s, len, max_len);
1525 break;
1526 case 1:
1527 /* multi session : only a single session defined */
1528 memset(buf, 0, 12);
1529 buf[1] = 0x0a;
1530 buf[2] = 0x01;
1531 buf[3] = 0x01;
1532 ide_atapi_cmd_reply(s, 12, max_len);
1533 break;
1534 case 2:
1535 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
1536 if (len < 0)
1537 goto error_cmd;
1538 ide_atapi_cmd_reply(s, len, max_len);
1539 break;
1540 default:
1541 error_cmd:
1542 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1543 ASC_INV_FIELD_IN_CMD_PACKET);
1544 break;
1545 }
1546 }
1547 break;
1548 case GPCMD_READ_CDVD_CAPACITY:
1549 {
1550 int64_t total_sectors;
1551
1552 bdrv_get_geometry(s->bs, &total_sectors);
1553 total_sectors >>= 2;
1554 if (total_sectors <= 0) {
1555 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1556 ASC_MEDIUM_NOT_PRESENT);
1557 break;
1558 }
1559 /* NOTE: it is really the number of sectors minus 1 */
1560 cpu_to_ube32(buf, total_sectors - 1);
1561 cpu_to_ube32(buf + 4, 2048);
1562 ide_atapi_cmd_reply(s, 8, 8);
1563 }
1564 break;
1565 case GPCMD_INQUIRY:
1566 max_len = packet[4];
1567 buf[0] = 0x05; /* CD-ROM */
1568 buf[1] = 0x80; /* removable */
1569 buf[2] = 0x00; /* ISO */
1570 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1571 buf[4] = 31; /* additional length */
1572 buf[5] = 0; /* reserved */
1573 buf[6] = 0; /* reserved */
1574 buf[7] = 0; /* reserved */
1575 padstr8(buf + 8, 8, "QEMU");
1576 padstr8(buf + 16, 16, "QEMU CD-ROM");
1577 padstr8(buf + 32, 4, QEMU_VERSION);
1578 ide_atapi_cmd_reply(s, 36, max_len);
1579 break;
1580 default:
1581 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1582 ASC_ILLEGAL_OPCODE);
1583 break;
1584 }
1585 }
1586
1587 static void ide_cfata_metadata_inquiry(IDEState *s)
1588 {
1589 uint16_t *p;
1590 uint32_t spd;
1591
1592 p = (uint16_t *) s->io_buffer;
1593 memset(p, 0, 0x200);
1594 spd = ((s->mdata_size - 1) >> 9) + 1;
1595
1596 put_le16(p + 0, 0x0001); /* Data format revision */
1597 put_le16(p + 1, 0x0000); /* Media property: silicon */
1598 put_le16(p + 2, s->media_changed); /* Media status */
1599 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
1600 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
1601 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
1602 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
1603 }
1604
1605 static void ide_cfata_metadata_read(IDEState *s)
1606 {
1607 uint16_t *p;
1608
1609 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1610 s->status = ERR_STAT;
1611 s->error = ABRT_ERR;
1612 return;
1613 }
1614
1615 p = (uint16_t *) s->io_buffer;
1616 memset(p, 0, 0x200);
1617
1618 put_le16(p + 0, s->media_changed); /* Media status */
1619 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1620 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1621 s->nsector << 9), 0x200 - 2));
1622 }
1623
1624 static void ide_cfata_metadata_write(IDEState *s)
1625 {
1626 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1627 s->status = ERR_STAT;
1628 s->error = ABRT_ERR;
1629 return;
1630 }
1631
1632 s->media_changed = 0;
1633
1634 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1635 s->io_buffer + 2,
1636 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1637 s->nsector << 9), 0x200 - 2));
1638 }
1639
1640 /* called when the inserted state of the media has changed */
1641 static void cdrom_change_cb(void *opaque)
1642 {
1643 IDEState *s = opaque;
1644 int64_t nb_sectors;
1645
1646 /* XXX: send interrupt too */
1647 bdrv_get_geometry(s->bs, &nb_sectors);
1648 s->nb_sectors = nb_sectors;
1649 }
1650
1651 static void ide_cmd_lba48_transform(IDEState *s, int lba48)
1652 {
1653 s->lba48 = lba48;
1654
1655 /* handle the 'magic' 0 nsector count conversion here. to avoid
1656 * fiddling with the rest of the read logic, we just store the
1657 * full sector count in ->nsector and ignore ->hob_nsector from now
1658 */
1659 if (!s->lba48) {
1660 if (!s->nsector)
1661 s->nsector = 256;
1662 } else {
1663 if (!s->nsector && !s->hob_nsector)
1664 s->nsector = 65536;
1665 else {
1666 int lo = s->nsector;
1667 int hi = s->hob_nsector;
1668
1669 s->nsector = (hi << 8) | lo;
1670 }
1671 }
1672 }
1673
1674 static void ide_clear_hob(IDEState *ide_if)
1675 {
1676 /* any write clears HOB high bit of device control register */
1677 ide_if[0].select &= ~(1 << 7);
1678 ide_if[1].select &= ~(1 << 7);
1679 }
1680
1681 static void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
1682 {
1683 IDEState *ide_if = opaque;
1684 IDEState *s;
1685 int unit, n;
1686 int lba48 = 0;
1687
1688 #ifdef DEBUG_IDE
1689 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1690 #endif
1691
1692 addr &= 7;
1693 switch(addr) {
1694 case 0:
1695 break;
1696 case 1:
1697 ide_clear_hob(ide_if);
1698 /* NOTE: data is written to the two drives */
1699 ide_if[0].hob_feature = ide_if[0].feature;
1700 ide_if[1].hob_feature = ide_if[1].feature;
1701 ide_if[0].feature = val;
1702 ide_if[1].feature = val;
1703 break;
1704 case 2:
1705 ide_clear_hob(ide_if);
1706 ide_if[0].hob_nsector = ide_if[0].nsector;
1707 ide_if[1].hob_nsector = ide_if[1].nsector;
1708 ide_if[0].nsector = val;
1709 ide_if[1].nsector = val;
1710 break;
1711 case 3:
1712 ide_clear_hob(ide_if);
1713 ide_if[0].hob_sector = ide_if[0].sector;
1714 ide_if[1].hob_sector = ide_if[1].sector;
1715 ide_if[0].sector = val;
1716 ide_if[1].sector = val;
1717 break;
1718 case 4:
1719 ide_clear_hob(ide_if);
1720 ide_if[0].hob_lcyl = ide_if[0].lcyl;
1721 ide_if[1].hob_lcyl = ide_if[1].lcyl;
1722 ide_if[0].lcyl = val;
1723 ide_if[1].lcyl = val;
1724 break;
1725 case 5:
1726 ide_clear_hob(ide_if);
1727 ide_if[0].hob_hcyl = ide_if[0].hcyl;
1728 ide_if[1].hob_hcyl = ide_if[1].hcyl;
1729 ide_if[0].hcyl = val;
1730 ide_if[1].hcyl = val;
1731 break;
1732 case 6:
1733 /* FIXME: HOB readback uses bit 7 */
1734 ide_if[0].select = (val & ~0x10) | 0xa0;
1735 ide_if[1].select = (val | 0x10) | 0xa0;
1736 /* select drive */
1737 unit = (val >> 4) & 1;
1738 s = ide_if + unit;
1739 ide_if->cur_drive = s;
1740 break;
1741 default:
1742 case 7:
1743 /* command */
1744 #if defined(DEBUG_IDE)
1745 printf("ide: CMD=%02x\n", val);
1746 #endif
1747 s = ide_if->cur_drive;
1748 /* ignore commands to non existant slave */
1749 if (s != ide_if && !s->bs)
1750 break;
1751
1752 switch(val) {
1753 case WIN_IDENTIFY:
1754 if (s->bs && !s->is_cdrom) {
1755 if (!s->is_cf)
1756 ide_identify(s);
1757 else
1758 ide_cfata_identify(s);
1759 s->status = READY_STAT | SEEK_STAT;
1760 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1761 } else {
1762 if (s->is_cdrom) {
1763 ide_set_signature(s);
1764 }
1765 ide_abort_command(s);
1766 }
1767 ide_set_irq(s);
1768 break;
1769 case WIN_SPECIFY:
1770 case WIN_RECAL:
1771 s->error = 0;
1772 s->status = READY_STAT | SEEK_STAT;
1773 ide_set_irq(s);
1774 break;
1775 case WIN_SETMULT:
1776 if (s->is_cf && s->nsector == 0) {
1777 /* Disable Read and Write Multiple */
1778 s->mult_sectors = 0;
1779 s->status = READY_STAT;
1780 } else if ((s->nsector & 0xff) != 0 &&
1781 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
1782 (s->nsector & (s->nsector - 1)) != 0)) {
1783 ide_abort_command(s);
1784 } else {
1785 s->mult_sectors = s->nsector & 0xff;
1786 s->status = READY_STAT;
1787 }
1788 ide_set_irq(s);
1789 break;
1790 case WIN_VERIFY_EXT:
1791 lba48 = 1;
1792 case WIN_VERIFY:
1793 case WIN_VERIFY_ONCE:
1794 /* do sector number check ? */
1795 ide_cmd_lba48_transform(s, lba48);
1796 s->status = READY_STAT;
1797 ide_set_irq(s);
1798 break;
1799 case WIN_READ_EXT:
1800 lba48 = 1;
1801 case WIN_READ:
1802 case WIN_READ_ONCE:
1803 if (!s->bs)
1804 goto abort_cmd;
1805 ide_cmd_lba48_transform(s, lba48);
1806 s->req_nb_sectors = 1;
1807 ide_sector_read(s);
1808 break;
1809 case WIN_WRITE_EXT:
1810 lba48 = 1;
1811 case WIN_WRITE:
1812 case WIN_WRITE_ONCE:
1813 case CFA_WRITE_SECT_WO_ERASE:
1814 case WIN_WRITE_VERIFY:
1815 ide_cmd_lba48_transform(s, lba48);
1816 s->error = 0;
1817 s->status = SEEK_STAT | READY_STAT;
1818 s->req_nb_sectors = 1;
1819 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1820 s->media_changed = 1;
1821 break;
1822 case WIN_MULTREAD_EXT:
1823 lba48 = 1;
1824 case WIN_MULTREAD:
1825 if (!s->mult_sectors)
1826 goto abort_cmd;
1827 ide_cmd_lba48_transform(s, lba48);
1828 s->req_nb_sectors = s->mult_sectors;
1829 ide_sector_read(s);
1830 break;
1831 case WIN_MULTWRITE_EXT:
1832 lba48 = 1;
1833 case WIN_MULTWRITE:
1834 case CFA_WRITE_MULTI_WO_ERASE:
1835 if (!s->mult_sectors)
1836 goto abort_cmd;
1837 ide_cmd_lba48_transform(s, lba48);
1838 s->error = 0;
1839 s->status = SEEK_STAT | READY_STAT;
1840 s->req_nb_sectors = s->mult_sectors;
1841 n = s->nsector;
1842 if (n > s->req_nb_sectors)
1843 n = s->req_nb_sectors;
1844 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1845 s->media_changed = 1;
1846 break;
1847 case WIN_READDMA_EXT:
1848 lba48 = 1;
1849 case WIN_READDMA:
1850 case WIN_READDMA_ONCE:
1851 if (!s->bs)
1852 goto abort_cmd;
1853 ide_cmd_lba48_transform(s, lba48);
1854 ide_sector_read_dma(s);
1855 break;
1856 case WIN_WRITEDMA_EXT:
1857 lba48 = 1;
1858 case WIN_WRITEDMA:
1859 case WIN_WRITEDMA_ONCE:
1860 if (!s->bs)
1861 goto abort_cmd;
1862 ide_cmd_lba48_transform(s, lba48);
1863 ide_sector_write_dma(s);
1864 s->media_changed = 1;
1865 break;
1866 case WIN_READ_NATIVE_MAX_EXT:
1867 lba48 = 1;
1868 case WIN_READ_NATIVE_MAX:
1869 ide_cmd_lba48_transform(s, lba48);
1870 ide_set_sector(s, s->nb_sectors - 1);
1871 s->status = READY_STAT;
1872 ide_set_irq(s);
1873 break;
1874 case WIN_CHECKPOWERMODE1:
1875 case WIN_CHECKPOWERMODE2:
1876 s->nsector = 0xff; /* device active or idle */
1877 s->status = READY_STAT;
1878 ide_set_irq(s);
1879 break;
1880 case WIN_SETFEATURES:
1881 if (!s->bs)
1882 goto abort_cmd;
1883 /* XXX: valid for CDROM ? */
1884 switch(s->feature) {
1885 case 0xcc: /* reverting to power-on defaults enable */
1886 case 0x66: /* reverting to power-on defaults disable */
1887 case 0x02: /* write cache enable */
1888 case 0x82: /* write cache disable */
1889 case 0xaa: /* read look-ahead enable */
1890 case 0x55: /* read look-ahead disable */
1891 case 0x05: /* set advanced power management mode */
1892 case 0x85: /* disable advanced power management mode */
1893 case 0x69: /* NOP */
1894 case 0x67: /* NOP */
1895 case 0x96: /* NOP */
1896 case 0x9a: /* NOP */
1897 s->status = READY_STAT | SEEK_STAT;
1898 ide_set_irq(s);
1899 break;
1900 case 0x03: { /* set transfer mode */
1901 uint8_t val = s->nsector & 0x07;
1902
1903 switch (s->nsector >> 3) {
1904 case 0x00: /* pio default */
1905 case 0x01: /* pio mode */
1906 put_le16(s->identify_data + 63,0x07);
1907 put_le16(s->identify_data + 88,0x3f);
1908 break;
1909 case 0x04: /* mdma mode */
1910 put_le16(s->identify_data + 63,0x07 | (1 << (val + 8)));
1911 put_le16(s->identify_data + 88,0x3f);
1912 break;
1913 case 0x08: /* udma mode */
1914 put_le16(s->identify_data + 63,0x07);
1915 put_le16(s->identify_data + 88,0x3f | (1 << (val + 8)));
1916 break;
1917 default:
1918 goto abort_cmd;
1919 }
1920 s->status = READY_STAT | SEEK_STAT;
1921 ide_set_irq(s);
1922 break;
1923 }
1924 default:
1925 goto abort_cmd;
1926 }
1927 break;
1928 case WIN_FLUSH_CACHE:
1929 case WIN_FLUSH_CACHE_EXT:
1930 if (s->bs)
1931 bdrv_flush(s->bs);
1932 s->status = READY_STAT;
1933 ide_set_irq(s);
1934 break;
1935 case WIN_STANDBYNOW1:
1936 case WIN_STANDBYNOW2:
1937 case WIN_IDLEIMMEDIATE:
1938 case CFA_IDLEIMMEDIATE:
1939 case WIN_SETIDLE1:
1940 case WIN_SETIDLE2:
1941 s->status = READY_STAT;
1942 ide_set_irq(s);
1943 break;
1944 /* ATAPI commands */
1945 case WIN_PIDENTIFY:
1946 if (s->is_cdrom) {
1947 ide_atapi_identify(s);
1948 s->status = READY_STAT | SEEK_STAT;
1949 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1950 } else {
1951 ide_abort_command(s);
1952 }
1953 ide_set_irq(s);
1954 break;
1955 case WIN_DIAGNOSE:
1956 ide_set_signature(s);
1957 s->status = 0x00; /* NOTE: READY is _not_ set */
1958 s->error = 0x01;
1959 break;
1960 case WIN_SRST:
1961 if (!s->is_cdrom)
1962 goto abort_cmd;
1963 ide_set_signature(s);
1964 s->status = 0x00; /* NOTE: READY is _not_ set */
1965 s->error = 0x01;
1966 break;
1967 case WIN_PACKETCMD:
1968 if (!s->is_cdrom)
1969 goto abort_cmd;
1970 /* overlapping commands not supported */
1971 if (s->feature & 0x02)
1972 goto abort_cmd;
1973 s->status = READY_STAT;
1974 s->atapi_dma = s->feature & 1;
1975 s->nsector = 1;
1976 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
1977 ide_atapi_cmd);
1978 break;
1979 /* CF-ATA commands */
1980 case CFA_REQ_EXT_ERROR_CODE:
1981 if (!s->is_cf)
1982 goto abort_cmd;
1983 s->error = 0x09; /* miscellaneous error */
1984 s->status = READY_STAT;
1985 ide_set_irq(s);
1986 break;
1987 case CFA_ERASE_SECTORS:
1988 case CFA_WEAR_LEVEL:
1989 if (!s->is_cf)
1990 goto abort_cmd;
1991 if (val == CFA_WEAR_LEVEL)
1992 s->nsector = 0;
1993 if (val == CFA_ERASE_SECTORS)
1994 s->media_changed = 1;
1995 s->error = 0x00;
1996 s->status = READY_STAT;
1997 ide_set_irq(s);
1998 break;
1999 case CFA_TRANSLATE_SECTOR:
2000 if (!s->is_cf)
2001 goto abort_cmd;
2002 s->error = 0x00;
2003 s->status = READY_STAT;
2004 memset(s->io_buffer, 0, 0x200);
2005 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
2006 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
2007 s->io_buffer[0x02] = s->select; /* Head */
2008 s->io_buffer[0x03] = s->sector; /* Sector */
2009 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
2010 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
2011 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
2012 s->io_buffer[0x13] = 0x00; /* Erase flag */
2013 s->io_buffer[0x18] = 0x00; /* Hot count */
2014 s->io_buffer[0x19] = 0x00; /* Hot count */
2015 s->io_buffer[0x1a] = 0x01; /* Hot count */
2016 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2017 ide_set_irq(s);
2018 break;
2019 case CFA_ACCESS_METADATA_STORAGE:
2020 if (!s->is_cf)
2021 goto abort_cmd;
2022 switch (s->feature) {
2023 case 0x02: /* Inquiry Metadata Storage */
2024 ide_cfata_metadata_inquiry(s);
2025 break;
2026 case 0x03: /* Read Metadata Storage */
2027 ide_cfata_metadata_read(s);
2028 break;
2029 case 0x04: /* Write Metadata Storage */
2030 ide_cfata_metadata_write(s);
2031 break;
2032 default:
2033 goto abort_cmd;
2034 }
2035 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2036 s->status = 0x00; /* NOTE: READY is _not_ set */
2037 ide_set_irq(s);
2038 break;
2039 case IBM_SENSE_CONDITION:
2040 if (!s->is_cf)
2041 goto abort_cmd;
2042 switch (s->feature) {
2043 case 0x01: /* sense temperature in device */
2044 s->nsector = 0x50; /* +20 C */
2045 break;
2046 default:
2047 goto abort_cmd;
2048 }
2049 s->status = READY_STAT;
2050 ide_set_irq(s);
2051 break;
2052 default:
2053 abort_cmd:
2054 ide_abort_command(s);
2055 ide_set_irq(s);
2056 break;
2057 }
2058 }
2059 }
2060
2061 static uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
2062 {
2063 IDEState *ide_if = opaque;
2064 IDEState *s = ide_if->cur_drive;
2065 uint32_t addr;
2066 int ret, hob;
2067
2068 addr = addr1 & 7;
2069 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2070 //hob = s->select & (1 << 7);
2071 hob = 0;
2072 switch(addr) {
2073 case 0:
2074 ret = 0xff;
2075 break;
2076 case 1:
2077 if (!ide_if[0].bs && !ide_if[1].bs)
2078 ret = 0;
2079 else if (!hob)
2080 ret = s->error;
2081 else
2082 ret = s->hob_feature;
2083 break;
2084 case 2:
2085 if (!ide_if[0].bs && !ide_if[1].bs)
2086 ret = 0;
2087 else if (!hob)
2088 ret = s->nsector & 0xff;
2089 else
2090 ret = s->hob_nsector;
2091 break;
2092 case 3:
2093 if (!ide_if[0].bs && !ide_if[1].bs)
2094 ret = 0;
2095 else if (!hob)
2096 ret = s->sector;
2097 else
2098 ret = s->hob_sector;
2099 break;
2100 case 4:
2101 if (!ide_if[0].bs && !ide_if[1].bs)
2102 ret = 0;
2103 else if (!hob)
2104 ret = s->lcyl;
2105 else
2106 ret = s->hob_lcyl;
2107 break;
2108 case 5:
2109 if (!ide_if[0].bs && !ide_if[1].bs)
2110 ret = 0;
2111 else if (!hob)
2112 ret = s->hcyl;
2113 else
2114 ret = s->hob_hcyl;
2115 break;
2116 case 6:
2117 if (!ide_if[0].bs && !ide_if[1].bs)
2118 ret = 0;
2119 else
2120 ret = s->select;
2121 break;
2122 default:
2123 case 7:
2124 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2125 (s != ide_if && !s->bs))
2126 ret = 0;
2127 else
2128 ret = s->status;
2129 qemu_irq_lower(s->irq);
2130 break;
2131 }
2132 #ifdef DEBUG_IDE
2133 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
2134 #endif
2135 return ret;
2136 }
2137
2138 static uint32_t ide_status_read(void *opaque, uint32_t addr)
2139 {
2140 IDEState *ide_if = opaque;
2141 IDEState *s = ide_if->cur_drive;
2142 int ret;
2143
2144 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2145 (s != ide_if && !s->bs))
2146 ret = 0;
2147 else
2148 ret = s->status;
2149 #ifdef DEBUG_IDE
2150 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
2151 #endif
2152 return ret;
2153 }
2154
2155 static void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
2156 {
2157 IDEState *ide_if = opaque;
2158 IDEState *s;
2159 int i;
2160
2161 #ifdef DEBUG_IDE
2162 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
2163 #endif
2164 /* common for both drives */
2165 if (!(ide_if[0].cmd & IDE_CMD_RESET) &&
2166 (val & IDE_CMD_RESET)) {
2167 /* reset low to high */
2168 for(i = 0;i < 2; i++) {
2169 s = &ide_if[i];
2170 s->status = BUSY_STAT | SEEK_STAT;
2171 s->error = 0x01;
2172 }
2173 } else if ((ide_if[0].cmd & IDE_CMD_RESET) &&
2174 !(val & IDE_CMD_RESET)) {
2175 /* high to low */
2176 for(i = 0;i < 2; i++) {
2177 s = &ide_if[i];
2178 if (s->is_cdrom)
2179 s->status = 0x00; /* NOTE: READY is _not_ set */
2180 else
2181 s->status = READY_STAT | SEEK_STAT;
2182 ide_set_signature(s);
2183 }
2184 }
2185
2186 ide_if[0].cmd = val;
2187 ide_if[1].cmd = val;
2188 }
2189
2190 static void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
2191 {
2192 IDEState *s = ((IDEState *)opaque)->cur_drive;
2193 uint8_t *p;
2194
2195 p = s->data_ptr;
2196 *(uint16_t *)p = le16_to_cpu(val);
2197 p += 2;
2198 s->data_ptr = p;
2199 if (p >= s->data_end)
2200 s->end_transfer_func(s);
2201 }
2202
2203 static uint32_t ide_data_readw(void *opaque, uint32_t addr)
2204 {
2205 IDEState *s = ((IDEState *)opaque)->cur_drive;
2206 uint8_t *p;
2207 int ret;
2208 p = s->data_ptr;
2209 ret = cpu_to_le16(*(uint16_t *)p);
2210 p += 2;
2211 s->data_ptr = p;
2212 if (p >= s->data_end)
2213 s->end_transfer_func(s);
2214 return ret;
2215 }
2216
2217 static void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
2218 {
2219 IDEState *s = ((IDEState *)opaque)->cur_drive;
2220 uint8_t *p;
2221
2222 p = s->data_ptr;
2223 *(uint32_t *)p = le32_to_cpu(val);
2224 p += 4;
2225 s->data_ptr = p;
2226 if (p >= s->data_end)
2227 s->end_transfer_func(s);
2228 }
2229
2230 static uint32_t ide_data_readl(void *opaque, uint32_t addr)
2231 {
2232 IDEState *s = ((IDEState *)opaque)->cur_drive;
2233 uint8_t *p;
2234 int ret;
2235
2236 p = s->data_ptr;
2237 ret = cpu_to_le32(*(uint32_t *)p);
2238 p += 4;
2239 s->data_ptr = p;
2240 if (p >= s->data_end)
2241 s->end_transfer_func(s);
2242 return ret;
2243 }
2244
2245 static void ide_dummy_transfer_stop(IDEState *s)
2246 {
2247 s->data_ptr = s->io_buffer;
2248 s->data_end = s->io_buffer;
2249 s->io_buffer[0] = 0xff;
2250 s->io_buffer[1] = 0xff;
2251 s->io_buffer[2] = 0xff;
2252 s->io_buffer[3] = 0xff;
2253 }
2254
2255 static void ide_reset(IDEState *s)
2256 {
2257 if (s->is_cf)
2258 s->mult_sectors = 0;
2259 else
2260 s->mult_sectors = MAX_MULT_SECTORS;
2261 s->cur_drive = s;
2262 s->select = 0xa0;
2263 s->status = READY_STAT;
2264 ide_set_signature(s);
2265 /* init the transfer handler so that 0xffff is returned on data
2266 accesses */
2267 s->end_transfer_func = ide_dummy_transfer_stop;
2268 ide_dummy_transfer_stop(s);
2269 s->media_changed = 0;
2270 }
2271
2272 struct partition {
2273 uint8_t boot_ind; /* 0x80 - active */
2274 uint8_t head; /* starting head */
2275 uint8_t sector; /* starting sector */
2276 uint8_t cyl; /* starting cylinder */
2277 uint8_t sys_ind; /* What partition type */
2278 uint8_t end_head; /* end head */
2279 uint8_t end_sector; /* end sector */
2280 uint8_t end_cyl; /* end cylinder */
2281 uint32_t start_sect; /* starting sector counting from 0 */
2282 uint32_t nr_sects; /* nr of sectors in partition */
2283 } __attribute__((packed));
2284
2285 /* try to guess the disk logical geometry from the MSDOS partition table. Return 0 if OK, -1 if could not guess */
2286 static int guess_disk_lchs(IDEState *s,
2287 int *pcylinders, int *pheads, int *psectors)
2288 {
2289 uint8_t buf[512];
2290 int ret, i, heads, sectors, cylinders;
2291 struct partition *p;
2292 uint32_t nr_sects;
2293
2294 ret = bdrv_read(s->bs, 0, buf, 1);
2295 if (ret < 0)
2296 return -1;
2297 /* test msdos magic */
2298 if (buf[510] != 0x55 || buf[511] != 0xaa)
2299 return -1;
2300 for(i = 0; i < 4; i++) {
2301 p = ((struct partition *)(buf + 0x1be)) + i;
2302 nr_sects = le32_to_cpu(p->nr_sects);
2303 if (nr_sects && p->end_head) {
2304 /* We make the assumption that the partition terminates on
2305 a cylinder boundary */
2306 heads = p->end_head + 1;
2307 sectors = p->end_sector & 63;
2308 if (sectors == 0)
2309 continue;
2310 cylinders = s->nb_sectors / (heads * sectors);
2311 if (cylinders < 1 || cylinders > 16383)
2312 continue;
2313 *pheads = heads;
2314 *psectors = sectors;
2315 *pcylinders = cylinders;
2316 #if 0
2317 printf("guessed geometry: LCHS=%d %d %d\n",
2318 cylinders, heads, sectors);
2319 #endif
2320 return 0;
2321 }
2322 }
2323 return -1;
2324 }
2325
2326 static void ide_init2(IDEState *ide_state,
2327 BlockDriverState *hd0, BlockDriverState *hd1,
2328 qemu_irq irq)
2329 {
2330 IDEState *s;
2331 static int drive_serial = 1;
2332 int i, cylinders, heads, secs, translation, lba_detected = 0;
2333 int64_t nb_sectors;
2334
2335 for(i = 0; i < 2; i++) {
2336 s = ide_state + i;
2337 if (i == 0)
2338 s->bs = hd0;
2339 else
2340 s->bs = hd1;
2341 if (s->bs) {
2342 bdrv_get_geometry(s->bs, &nb_sectors);
2343 s->nb_sectors = nb_sectors;
2344 /* if a geometry hint is available, use it */
2345 bdrv_get_geometry_hint(s->bs, &cylinders, &heads, &secs);
2346 translation = bdrv_get_translation_hint(s->bs);
2347 if (cylinders != 0) {
2348 s->cylinders = cylinders;
2349 s->heads = heads;
2350 s->sectors = secs;
2351 } else {
2352 if (guess_disk_lchs(s, &cylinders, &heads, &secs) == 0) {
2353 if (heads > 16) {
2354 /* if heads > 16, it means that a BIOS LBA
2355 translation was active, so the default
2356 hardware geometry is OK */
2357 lba_detected = 1;
2358 goto default_geometry;
2359 } else {
2360 s->cylinders = cylinders;
2361 s->heads = heads;
2362 s->sectors = secs;
2363 /* disable any translation to be in sync with
2364 the logical geometry */
2365 if (translation == BIOS_ATA_TRANSLATION_AUTO) {
2366 bdrv_set_translation_hint(s->bs,
2367 BIOS_ATA_TRANSLATION_NONE);
2368 }
2369 }
2370 } else {
2371 default_geometry:
2372 /* if no geometry, use a standard physical disk geometry */
2373 cylinders = nb_sectors / (16 * 63);
2374 if (cylinders > 16383)
2375 cylinders = 16383;
2376 else if (cylinders < 2)
2377 cylinders = 2;
2378 s->cylinders = cylinders;
2379 s->heads = 16;
2380 s->sectors = 63;
2381 if ((lba_detected == 1) && (translation == BIOS_ATA_TRANSLATION_AUTO)) {
2382 if ((s->cylinders * s->heads) <= 131072) {
2383 bdrv_set_translation_hint(s->bs,
2384 BIOS_ATA_TRANSLATION_LARGE);
2385 } else {
2386 bdrv_set_translation_hint(s->bs,
2387 BIOS_ATA_TRANSLATION_LBA);
2388 }
2389 }
2390 }
2391 bdrv_set_geometry_hint(s->bs, s->cylinders, s->heads, s->sectors);
2392 }
2393 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
2394 s->is_cdrom = 1;
2395 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
2396 }
2397 }
2398 s->drive_serial = drive_serial++;
2399 s->irq = irq;
2400 s->sector_write_timer = qemu_new_timer(vm_clock,
2401 ide_sector_write_timer_cb, s);
2402 ide_reset(s);
2403 }
2404 }
2405
2406 static void ide_init_ioport(IDEState *ide_state, int iobase, int iobase2)
2407 {
2408 register_ioport_write(iobase, 8, 1, ide_ioport_write, ide_state);
2409 register_ioport_read(iobase, 8, 1, ide_ioport_read, ide_state);
2410 if (iobase2) {
2411 register_ioport_read(iobase2, 1, 1, ide_status_read, ide_state);
2412 register_ioport_write(iobase2, 1, 1, ide_cmd_write, ide_state);
2413 }
2414
2415 /* data ports */
2416 register_ioport_write(iobase, 2, 2, ide_data_writew, ide_state);
2417 register_ioport_read(iobase, 2, 2, ide_data_readw, ide_state);
2418 register_ioport_write(iobase, 4, 4, ide_data_writel, ide_state);
2419 register_ioport_read(iobase, 4, 4, ide_data_readl, ide_state);
2420 }
2421
2422 /* save per IDE drive data */
2423 static void ide_save(QEMUFile* f, IDEState *s)
2424 {
2425 qemu_put_be32s(f, &s->mult_sectors);
2426 qemu_put_be32s(f, &s->identify_set);
2427 if (s->identify_set) {
2428 qemu_put_buffer(f, (const uint8_t *)s->identify_data, 512);
2429 }
2430 qemu_put_8s(f, &s->feature);
2431 qemu_put_8s(f, &s->error);
2432 qemu_put_be32s(f, &s->nsector);
2433 qemu_put_8s(f, &s->sector);
2434 qemu_put_8s(f, &s->lcyl);
2435 qemu_put_8s(f, &s->hcyl);
2436 qemu_put_8s(f, &s->hob_feature);
2437 qemu_put_8s(f, &s->hob_nsector);
2438 qemu_put_8s(f, &s->hob_sector);
2439 qemu_put_8s(f, &s->hob_lcyl);
2440 qemu_put_8s(f, &s->hob_hcyl);
2441 qemu_put_8s(f, &s->select);
2442 qemu_put_8s(f, &s->status);
2443 qemu_put_8s(f, &s->lba48);
2444
2445 qemu_put_8s(f, &s->sense_key);
2446 qemu_put_8s(f, &s->asc);
2447 /* XXX: if a transfer is pending, we do not save it yet */
2448 }
2449
2450 /* load per IDE drive data */
2451 static void ide_load(QEMUFile* f, IDEState *s)
2452 {
2453 qemu_get_be32s(f, &s->mult_sectors);
2454 qemu_get_be32s(f, &s->identify_set);
2455 if (s->identify_set) {
2456 qemu_get_buffer(f, (uint8_t *)s->identify_data, 512);
2457 }
2458 qemu_get_8s(f, &s->feature);
2459 qemu_get_8s(f, &s->error);
2460 qemu_get_be32s(f, &s->nsector);
2461 qemu_get_8s(f, &s->sector);
2462 qemu_get_8s(f, &s->lcyl);
2463 qemu_get_8s(f, &s->hcyl);
2464 qemu_get_8s(f, &s->hob_feature);
2465 qemu_get_8s(f, &s->hob_nsector);
2466 qemu_get_8s(f, &s->hob_sector);
2467 qemu_get_8s(f, &s->hob_lcyl);
2468 qemu_get_8s(f, &s->hob_hcyl);
2469 qemu_get_8s(f, &s->select);
2470 qemu_get_8s(f, &s->status);
2471 qemu_get_8s(f, &s->lba48);
2472
2473 qemu_get_8s(f, &s->sense_key);
2474 qemu_get_8s(f, &s->asc);
2475 /* XXX: if a transfer is pending, we do not save it yet */
2476 }
2477
2478 /***********************************************************/
2479 /* ISA IDE definitions */
2480
2481 void isa_ide_init(int iobase, int iobase2, qemu_irq irq,
2482 BlockDriverState *hd0, BlockDriverState *hd1)
2483 {
2484 IDEState *ide_state;
2485
2486 ide_state = qemu_mallocz(sizeof(IDEState) * 2);
2487 if (!ide_state)
2488 return;
2489
2490 ide_init2(ide_state, hd0, hd1, irq);
2491 ide_init_ioport(ide_state, iobase, iobase2);
2492 }
2493
2494 /***********************************************************/
2495 /* PCI IDE definitions */
2496
2497 static void cmd646_update_irq(PCIIDEState *d);
2498
2499 static void ide_map(PCIDevice *pci_dev, int region_num,
2500 uint32_t addr, uint32_t size, int type)
2501 {
2502 PCIIDEState *d = (PCIIDEState *)pci_dev;
2503 IDEState *ide_state;
2504
2505 if (region_num <= 3) {
2506 ide_state = &d->ide_if[(region_num >> 1) * 2];
2507 if (region_num & 1) {
2508 register_ioport_read(addr + 2, 1, 1, ide_status_read, ide_state);
2509 register_ioport_write(addr + 2, 1, 1, ide_cmd_write, ide_state);
2510 } else {
2511 register_ioport_write(addr, 8, 1, ide_ioport_write, ide_state);
2512 register_ioport_read(addr, 8, 1, ide_ioport_read, ide_state);
2513
2514 /* data ports */
2515 register_ioport_write(addr, 2, 2, ide_data_writew, ide_state);
2516 register_ioport_read(addr, 2, 2, ide_data_readw, ide_state);
2517 register_ioport_write(addr, 4, 4, ide_data_writel, ide_state);
2518 register_ioport_read(addr, 4, 4, ide_data_readl, ide_state);
2519 }
2520 }
2521 }
2522
2523 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb)
2524 {
2525 BMDMAState *bm = s->bmdma;
2526 if(!bm)
2527 return;
2528 bm->ide_if = s;
2529 bm->dma_cb = dma_cb;
2530 bm->cur_prd_last = 0;
2531 bm->cur_prd_addr = 0;
2532 bm->cur_prd_len = 0;
2533 if (bm->status & BM_STATUS_DMAING) {
2534 bm->dma_cb(bm, 0);
2535 }
2536 }
2537
2538 static void bmdma_cmd_writeb(void *opaque, uint32_t addr, uint32_t val)
2539 {
2540 BMDMAState *bm = opaque;
2541 #ifdef DEBUG_IDE
2542 printf("%s: 0x%08x\n", __func__, val);
2543 #endif
2544 if (!(val & BM_CMD_START)) {
2545 /* XXX: do it better */
2546 if (bm->status & BM_STATUS_DMAING) {
2547 bm->status &= ~BM_STATUS_DMAING;
2548 /* cancel DMA request */
2549 bm->ide_if = NULL;
2550 bm->dma_cb = NULL;
2551 if (bm->aiocb) {
2552 #ifdef DEBUG_AIO
2553 printf("aio_cancel\n");
2554 #endif
2555 bdrv_aio_cancel(bm->aiocb);
2556 bm->aiocb = NULL;
2557 }
2558 }
2559 bm->cmd = val & 0x09;
2560 } else {
2561 if (!(bm->status & BM_STATUS_DMAING)) {
2562 bm->status |= BM_STATUS_DMAING;
2563 /* start dma transfer if possible */
2564 if (bm->dma_cb)
2565 bm->dma_cb(bm, 0);
2566 }
2567 bm->cmd = val & 0x09;
2568 }
2569 }
2570
2571 static uint32_t bmdma_readb(void *opaque, uint32_t addr)
2572 {
2573 BMDMAState *bm = opaque;
2574 PCIIDEState *pci_dev;
2575 uint32_t val;
2576
2577 switch(addr & 3) {
2578 case 0:
2579 val = bm->cmd;
2580 break;
2581 case 1:
2582 pci_dev = bm->pci_dev;
2583 if (pci_dev->type == IDE_TYPE_CMD646) {
2584 val = pci_dev->dev.config[MRDMODE];
2585 } else {
2586 val = 0xff;
2587 }
2588 break;
2589 case 2:
2590 val = bm->status;
2591 break;
2592 case 3:
2593 pci_dev = bm->pci_dev;
2594 if (pci_dev->type == IDE_TYPE_CMD646) {
2595 if (bm == &pci_dev->bmdma[0])
2596 val = pci_dev->dev.config[UDIDETCR0];
2597 else
2598 val = pci_dev->dev.config[UDIDETCR1];
2599 } else {
2600 val = 0xff;
2601 }
2602 break;
2603 default:
2604 val = 0xff;
2605 break;
2606 }
2607 #ifdef DEBUG_IDE
2608 printf("bmdma: readb 0x%02x : 0x%02x\n", addr, val);
2609 #endif
2610 return val;
2611 }
2612
2613 static void bmdma_writeb(void *opaque, uint32_t addr, uint32_t val)
2614 {
2615 BMDMAState *bm = opaque;
2616 PCIIDEState *pci_dev;
2617 #ifdef DEBUG_IDE
2618 printf("bmdma: writeb 0x%02x : 0x%02x\n", addr, val);
2619 #endif
2620 switch(addr & 3) {
2621 case 1:
2622 pci_dev = bm->pci_dev;
2623 if (pci_dev->type == IDE_TYPE_CMD646) {
2624 pci_dev->dev.config[MRDMODE] =
2625 (pci_dev->dev.config[MRDMODE] & ~0x30) | (val & 0x30);
2626 cmd646_update_irq(pci_dev);
2627 }
2628 break;
2629 case 2:
2630 bm->status = (val & 0x60) | (bm->status & 1) | (bm->status & ~val & 0x06);
2631 break;
2632 case 3:
2633 pci_dev = bm->pci_dev;
2634 if (pci_dev->type == IDE_TYPE_CMD646) {
2635 if (bm == &pci_dev->bmdma[0])
2636 pci_dev->dev.config[UDIDETCR0] = val;
2637 else
2638 pci_dev->dev.config[UDIDETCR1] = val;
2639 }
2640 break;
2641 }
2642 }
2643
2644 static uint32_t bmdma_addr_readl(void *opaque, uint32_t addr)
2645 {
2646 BMDMAState *bm = opaque;
2647 uint32_t val;
2648 val = bm->addr;
2649 #ifdef DEBUG_IDE
2650 printf("%s: 0x%08x\n", __func__, val);
2651 #endif
2652 return val;
2653 }
2654
2655 static void bmdma_addr_writel(void *opaque, uint32_t addr, uint32_t val)
2656 {
2657 BMDMAState *bm = opaque;
2658 #ifdef DEBUG_IDE
2659 printf("%s: 0x%08x\n", __func__, val);
2660 #endif
2661 bm->addr = val & ~3;
2662 bm->cur_addr = bm->addr;
2663 }
2664
2665 static void bmdma_map(PCIDevice *pci_dev, int region_num,
2666 uint32_t addr, uint32_t size, int type)
2667 {
2668 PCIIDEState *d = (PCIIDEState *)pci_dev;
2669 int i;
2670
2671 for(i = 0;i < 2; i++) {
2672 BMDMAState *bm = &d->bmdma[i];
2673 d->ide_if[2 * i].bmdma = bm;
2674 d->ide_if[2 * i + 1].bmdma = bm;
2675 bm->pci_dev = (PCIIDEState *)pci_dev;
2676
2677 register_ioport_write(addr, 1, 1, bmdma_cmd_writeb, bm);
2678
2679 register_ioport_write(addr + 1, 3, 1, bmdma_writeb, bm);
2680 register_ioport_read(addr, 4, 1, bmdma_readb, bm);
2681
2682 register_ioport_write(addr + 4, 4, 4, bmdma_addr_writel, bm);
2683 register_ioport_read(addr + 4, 4, 4, bmdma_addr_readl, bm);
2684 addr += 8;
2685 }
2686 }
2687
2688 /* XXX: call it also when the MRDMODE is changed from the PCI config
2689 registers */
2690 static void cmd646_update_irq(PCIIDEState *d)
2691 {
2692 int pci_level;
2693 pci_level = ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH0) &&
2694 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH0)) ||
2695 ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH1) &&
2696 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH1));
2697 qemu_set_irq(d->dev.irq[0], pci_level);
2698 }
2699
2700 /* the PCI irq level is the logical OR of the two channels */
2701 static void cmd646_set_irq(void *opaque, int channel, int level)
2702 {
2703 PCIIDEState *d = opaque;
2704 int irq_mask;
2705
2706 irq_mask = MRDMODE_INTR_CH0 << channel;
2707 if (level)
2708 d->dev.config[MRDMODE] |= irq_mask;
2709 else
2710 d->dev.config[MRDMODE] &= ~irq_mask;
2711 cmd646_update_irq(d);
2712 }
2713
2714 /* CMD646 PCI IDE controller */
2715 void pci_cmd646_ide_init(PCIBus *bus, BlockDriverState **hd_table,
2716 int secondary_ide_enabled)
2717 {
2718 PCIIDEState *d;
2719 uint8_t *pci_conf;
2720 int i;
2721 qemu_irq *irq;
2722
2723 d = (PCIIDEState *)pci_register_device(bus, "CMD646 IDE",
2724 sizeof(PCIIDEState),
2725 -1,
2726 NULL, NULL);
2727 d->type = IDE_TYPE_CMD646;
2728 pci_conf = d->dev.config;
2729 pci_conf[0x00] = 0x95; // CMD646
2730 pci_conf[0x01] = 0x10;
2731 pci_conf[0x02] = 0x46;
2732 pci_conf[0x03] = 0x06;
2733
2734 pci_conf[0x08] = 0x07; // IDE controller revision
2735 pci_conf[0x09] = 0x8f;
2736
2737 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2738 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2739 pci_conf[0x0e] = 0x00; // header_type
2740
2741 if (secondary_ide_enabled) {
2742 /* XXX: if not enabled, really disable the seconday IDE controller */
2743 pci_conf[0x51] = 0x80; /* enable IDE1 */
2744 }
2745
2746 pci_register_io_region((PCIDevice *)d, 0, 0x8,
2747 PCI_ADDRESS_SPACE_IO, ide_map);
2748 pci_register_io_region((PCIDevice *)d, 1, 0x4,
2749 PCI_ADDRESS_SPACE_IO, ide_map);
2750 pci_register_io_region((PCIDevice *)d, 2, 0x8,
2751 PCI_ADDRESS_SPACE_IO, ide_map);
2752 pci_register_io_region((PCIDevice *)d, 3, 0x4,
2753 PCI_ADDRESS_SPACE_IO, ide_map);
2754 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2755 PCI_ADDRESS_SPACE_IO, bmdma_map);
2756
2757 pci_conf[0x3d] = 0x01; // interrupt on pin 1
2758
2759 for(i = 0; i < 4; i++)
2760 d->ide_if[i].pci_dev = (PCIDevice *)d;
2761
2762 irq = qemu_allocate_irqs(cmd646_set_irq, d, 2);
2763 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], irq[0]);
2764 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], irq[1]);
2765 }
2766
2767 static void pci_ide_save(QEMUFile* f, void *opaque)
2768 {
2769 PCIIDEState *d = opaque;
2770 int i;
2771
2772 pci_device_save(&d->dev, f);
2773
2774 for(i = 0; i < 2; i++) {
2775 BMDMAState *bm = &d->bmdma[i];
2776 qemu_put_8s(f, &bm->cmd);
2777 qemu_put_8s(f, &bm->status);
2778 qemu_put_be32s(f, &bm->addr);
2779 /* XXX: if a transfer is pending, we do not save it yet */
2780 }
2781
2782 /* per IDE interface data */
2783 for(i = 0; i < 2; i++) {
2784 IDEState *s = &d->ide_if[i * 2];
2785 uint8_t drive1_selected;
2786 qemu_put_8s(f, &s->cmd);
2787 drive1_selected = (s->cur_drive != s);
2788 qemu_put_8s(f, &drive1_selected);
2789 }
2790
2791 /* per IDE drive data */
2792 for(i = 0; i < 4; i++) {
2793 ide_save(f, &d->ide_if[i]);
2794 }
2795 }
2796
2797 static int pci_ide_load(QEMUFile* f, void *opaque, int version_id)
2798 {
2799 PCIIDEState *d = opaque;
2800 int ret, i;
2801
2802 if (version_id != 1)
2803 return -EINVAL;
2804 ret = pci_device_load(&d->dev, f);
2805 if (ret < 0)
2806 return ret;
2807
2808 for(i = 0; i < 2; i++) {
2809 BMDMAState *bm = &d->bmdma[i];
2810 qemu_get_8s(f, &bm->cmd);
2811 qemu_get_8s(f, &bm->status);
2812 qemu_get_be32s(f, &bm->addr);
2813 /* XXX: if a transfer is pending, we do not save it yet */
2814 }
2815
2816 /* per IDE interface data */
2817 for(i = 0; i < 2; i++) {
2818 IDEState *s = &d->ide_if[i * 2];
2819 uint8_t drive1_selected;
2820 qemu_get_8s(f, &s->cmd);
2821 qemu_get_8s(f, &drive1_selected);
2822 s->cur_drive = &d->ide_if[i * 2 + (drive1_selected != 0)];
2823 }
2824
2825 /* per IDE drive data */
2826 for(i = 0; i < 4; i++) {
2827 ide_load(f, &d->ide_if[i]);
2828 }
2829 return 0;
2830 }
2831
2832 static void piix3_reset(PCIIDEState *d)
2833 {
2834 uint8_t *pci_conf = d->dev.config;
2835
2836 pci_conf[0x04] = 0x00;
2837 pci_conf[0x05] = 0x00;
2838 pci_conf[0x06] = 0x80; /* FBC */
2839 pci_conf[0x07] = 0x02; // PCI_status_devsel_medium
2840 pci_conf[0x20] = 0x01; /* BMIBA: 20-23h */
2841 }
2842
2843 /* hd_table must contain 4 block drivers */
2844 /* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
2845 void pci_piix3_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
2846 qemu_irq *pic)
2847 {
2848 PCIIDEState *d;
2849 uint8_t *pci_conf;
2850
2851 /* register a function 1 of PIIX3 */
2852 d = (PCIIDEState *)pci_register_device(bus, "PIIX3 IDE",
2853 sizeof(PCIIDEState),
2854 devfn,
2855 NULL, NULL);
2856 d->type = IDE_TYPE_PIIX3;
2857
2858 pci_conf = d->dev.config;
2859 pci_conf[0x00] = 0x86; // Intel
2860 pci_conf[0x01] = 0x80;
2861 pci_conf[0x02] = 0x10;
2862 pci_conf[0x03] = 0x70;
2863 pci_conf[0x09] = 0x80; // legacy ATA mode
2864 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2865 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2866 pci_conf[0x0e] = 0x00; // header_type
2867
2868 piix3_reset(d);
2869
2870 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2871 PCI_ADDRESS_SPACE_IO, bmdma_map);
2872
2873 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
2874 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
2875 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
2876 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
2877
2878 register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
2879 }
2880
2881 /* hd_table must contain 4 block drivers */
2882 /* NOTE: for the PIIX4, the IRQs and IOports are hardcoded */
2883 void pci_piix4_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
2884 qemu_irq *pic)
2885 {
2886 PCIIDEState *d;
2887 uint8_t *pci_conf;
2888
2889 /* register a function 1 of PIIX4 */
2890 d = (PCIIDEState *)pci_register_device(bus, "PIIX4 IDE",
2891 sizeof(PCIIDEState),
2892 devfn,
2893 NULL, NULL);
2894 d->type = IDE_TYPE_PIIX4;
2895
2896 pci_conf = d->dev.config;
2897 pci_conf[0x00] = 0x86; // Intel
2898 pci_conf[0x01] = 0x80;
2899 pci_conf[0x02] = 0x11;
2900 pci_conf[0x03] = 0x71;
2901 pci_conf[0x09] = 0x80; // legacy ATA mode
2902 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2903 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2904 pci_conf[0x0e] = 0x00; // header_type
2905
2906 piix3_reset(d);
2907
2908 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2909 PCI_ADDRESS_SPACE_IO, bmdma_map);
2910
2911 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
2912 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
2913 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
2914 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
2915
2916 register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
2917 }
2918
2919 /***********************************************************/
2920 /* MacIO based PowerPC IDE */
2921
2922 /* PowerMac IDE memory IO */
2923 static void pmac_ide_writeb (void *opaque,
2924 target_phys_addr_t addr, uint32_t val)
2925 {
2926 addr = (addr & 0xFFF) >> 4;
2927 switch (addr) {
2928 case 1 ... 7:
2929 ide_ioport_write(opaque, addr, val);
2930 break;
2931 case 8:
2932 case 22:
2933 ide_cmd_write(opaque, 0, val);
2934 break;
2935 default:
2936 break;
2937 }
2938 }
2939
2940 static uint32_t pmac_ide_readb (void *opaque,target_phys_addr_t addr)
2941 {
2942 uint8_t retval;
2943
2944 addr = (addr & 0xFFF) >> 4;
2945 switch (addr) {
2946 case 1 ... 7:
2947 retval = ide_ioport_read(opaque, addr);
2948 break;
2949 case 8:
2950 case 22:
2951 retval = ide_status_read(opaque, 0);
2952 break;
2953 default:
2954 retval = 0xFF;
2955 break;
2956 }
2957 return retval;
2958 }
2959
2960 static void pmac_ide_writew (void *opaque,
2961 target_phys_addr_t addr, uint32_t val)
2962 {
2963 addr = (addr & 0xFFF) >> 4;
2964 #ifdef TARGET_WORDS_BIGENDIAN
2965 val = bswap16(val);
2966 #endif
2967 if (addr == 0) {
2968 ide_data_writew(opaque, 0, val);
2969 }
2970 }
2971
2972 static uint32_t pmac_ide_readw (void *opaque,target_phys_addr_t addr)
2973 {
2974 uint16_t retval;
2975
2976 addr = (addr & 0xFFF) >> 4;
2977 if (addr == 0) {
2978 retval = ide_data_readw(opaque, 0);
2979 } else {
2980 retval = 0xFFFF;
2981 }
2982 #ifdef TARGET_WORDS_BIGENDIAN
2983 retval = bswap16(retval);
2984 #endif
2985 return retval;
2986 }
2987
2988 static void pmac_ide_writel (void *opaque,
2989 target_phys_addr_t addr, uint32_t val)
2990 {
2991 addr = (addr & 0xFFF) >> 4;
2992 #ifdef TARGET_WORDS_BIGENDIAN
2993 val = bswap32(val);
2994 #endif
2995 if (addr == 0) {
2996 ide_data_writel(opaque, 0, val);
2997 }
2998 }
2999
3000 static uint32_t pmac_ide_readl (void *opaque,target_phys_addr_t addr)
3001 {
3002 uint32_t retval;
3003
3004 addr = (addr & 0xFFF) >> 4;
3005 if (addr == 0) {
3006 retval = ide_data_readl(opaque, 0);
3007 } else {
3008 retval = 0xFFFFFFFF;
3009 }
3010 #ifdef TARGET_WORDS_BIGENDIAN
3011 retval = bswap32(retval);
3012 #endif
3013 return retval;
3014 }
3015
3016 static CPUWriteMemoryFunc *pmac_ide_write[] = {
3017 pmac_ide_writeb,
3018 pmac_ide_writew,
3019 pmac_ide_writel,
3020 };
3021
3022 static CPUReadMemoryFunc *pmac_ide_read[] = {
3023 pmac_ide_readb,
3024 pmac_ide_readw,
3025 pmac_ide_readl,
3026 };
3027
3028 /* hd_table must contain 4 block drivers */
3029 /* PowerMac uses memory mapped registers, not I/O. Return the memory
3030 I/O index to access the ide. */
3031 int pmac_ide_init (BlockDriverState **hd_table, qemu_irq irq)
3032 {
3033 IDEState *ide_if;
3034 int pmac_ide_memory;
3035
3036 ide_if = qemu_mallocz(sizeof(IDEState) * 2);
3037 ide_init2(&ide_if[0], hd_table[0], hd_table[1], irq);
3038
3039 pmac_ide_memory = cpu_register_io_memory(0, pmac_ide_read,
3040 pmac_ide_write, &ide_if[0]);
3041 return pmac_ide_memory;
3042 }
3043
3044 /***********************************************************/
3045 /* CF-ATA Microdrive */
3046
3047 #define METADATA_SIZE 0x20
3048
3049 /* DSCM-1XXXX Microdrive hard disk with CF+ II / PCMCIA interface. */
3050 struct md_s {
3051 IDEState ide[2];
3052 struct pcmcia_card_s card;
3053 uint32_t attr_base;
3054 uint32_t io_base;
3055
3056 /* Card state */
3057 uint8_t opt;
3058 uint8_t stat;
3059 uint8_t pins;
3060
3061 uint8_t ctrl;
3062 uint16_t io;
3063 int cycle;
3064 };
3065
3066 /* Register bitfields */
3067 enum md_opt {
3068 OPT_MODE_MMAP = 0,
3069 OPT_MODE_IOMAP16 = 1,
3070 OPT_MODE_IOMAP1 = 2,
3071 OPT_MODE_IOMAP2 = 3,
3072 OPT_MODE = 0x3f,
3073 OPT_LEVIREQ = 0x40,
3074 OPT_SRESET = 0x80,
3075 };
3076 enum md_cstat {
3077 STAT_INT = 0x02,
3078 STAT_PWRDWN = 0x04,
3079 STAT_XE = 0x10,
3080 STAT_IOIS8 = 0x20,
3081 STAT_SIGCHG = 0x40,
3082 STAT_CHANGED = 0x80,
3083 };
3084 enum md_pins {
3085 PINS_MRDY = 0x02,
3086 PINS_CRDY = 0x20,
3087 };
3088 enum md_ctrl {
3089 CTRL_IEN = 0x02,
3090 CTRL_SRST = 0x04,
3091 };
3092
3093 static inline void md_interrupt_update(struct md_s *s)
3094 {
3095 if (!s->card.slot)
3096 return;
3097
3098 qemu_set_irq(s->card.slot->irq,
3099 !(s->stat & STAT_INT) && /* Inverted */
3100 !(s->ctrl & (CTRL_IEN | CTRL_SRST)) &&
3101 !(s->opt & OPT_SRESET));
3102 }
3103
3104 static void md_set_irq(void *opaque, int irq, int level)
3105 {
3106 struct md_s *s = (struct md_s *) opaque;
3107 if (level)
3108 s->stat |= STAT_INT;
3109 else
3110 s->stat &= ~STAT_INT;
3111
3112 md_interrupt_update(s);
3113 }
3114
3115 static void md_reset(struct md_s *s)
3116 {
3117 s->opt = OPT_MODE_MMAP;
3118 s->stat = 0;
3119 s->pins = 0;
3120 s->cycle = 0;
3121 s->ctrl = 0;
3122 ide_reset(s->ide);
3123 }
3124
3125 static uint8_t md_attr_read(void *opaque, uint32_t at)
3126 {
3127 struct md_s *s = (struct md_s *) opaque;
3128 if (at < s->attr_base) {
3129 if (at < s->card.cis_len)
3130 return s->card.cis[at];
3131 else
3132 return 0x00;
3133 }
3134
3135 at -= s->attr_base;
3136
3137 switch (at) {
3138 case 0x00: /* Configuration Option Register */
3139 return s->opt;
3140 case 0x02: /* Card Configuration Status Register */
3141 if (s->ctrl & CTRL_IEN)
3142 return s->stat & ~STAT_INT;
3143 else
3144 return s->stat;
3145 case 0x04: /* Pin Replacement Register */
3146 return (s->pins & PINS_CRDY) | 0x0c;
3147 case 0x06: /* Socket and Copy Register */
3148 return 0x00;
3149 #ifdef VERBOSE
3150 default:
3151 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3152 #endif
3153 }
3154
3155 return 0;
3156 }
3157
3158 static void md_attr_write(void *opaque, uint32_t at, uint8_t value)
3159 {
3160 struct md_s *s = (struct md_s *) opaque;
3161 at -= s->attr_base;
3162
3163 switch (at) {
3164 case 0x00: /* Configuration Option Register */
3165 s->opt = value & 0xcf;
3166 if (value & OPT_SRESET)
3167 md_reset(s);
3168 md_interrupt_update(s);
3169 break;
3170 case 0x02: /* Card Configuration Status Register */
3171 if ((s->stat ^ value) & STAT_PWRDWN)
3172 s->pins |= PINS_CRDY;
3173 s->stat &= 0x82;
3174 s->stat |= value & 0x74;
3175 md_interrupt_update(s);
3176 /* Word 170 in Identify Device must be equal to STAT_XE */
3177 break;
3178 case 0x04: /* Pin Replacement Register */
3179 s->pins &= PINS_CRDY;
3180 s->pins |= value & PINS_MRDY;
3181 break;
3182 case 0x06: /* Socket and Copy Register */
3183 break;
3184 default:
3185 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3186 }
3187 }
3188
3189 static uint16_t md_common_read(void *opaque, uint32_t at)
3190 {
3191 struct md_s *s = (struct md_s *) opaque;
3192 uint16_t ret;
3193 at -= s->io_base;
3194
3195 switch (s->opt & OPT_MODE) {
3196 case OPT_MODE_MMAP:
3197 if ((at & ~0x3ff) == 0x400)
3198 at = 0;
3199 break;
3200 case OPT_MODE_IOMAP16:
3201 at &= 0xf;
3202 break;
3203 case OPT_MODE_IOMAP1:
3204 if ((at & ~0xf) == 0x3f0)
3205 at -= 0x3e8;
3206 else if ((at & ~0xf) == 0x1f0)
3207 at -= 0x1f0;
3208 break;
3209 case OPT_MODE_IOMAP2:
3210 if ((at & ~0xf) == 0x370)
3211 at -= 0x368;
3212 else if ((at & ~0xf) == 0x170)
3213 at -= 0x170;
3214 }
3215
3216 switch (at) {
3217 case 0x0: /* Even RD Data */
3218 case 0x8:
3219 return ide_data_readw(s->ide, 0);
3220
3221 /* TODO: 8-bit accesses */
3222 if (s->cycle)
3223 ret = s->io >> 8;
3224 else {
3225 s->io = ide_data_readw(s->ide, 0);
3226 ret = s->io & 0xff;
3227 }
3228 s->cycle = !s->cycle;
3229 return ret;
3230 case 0x9: /* Odd RD Data */
3231 return s->io >> 8;
3232 case 0xd: /* Error */
3233 return ide_ioport_read(s->ide, 0x1);
3234 case 0xe: /* Alternate Status */
3235 if (s->ide->cur_drive->bs)
3236 return s->ide->cur_drive->status;
3237 else
3238 return 0;
3239 case 0xf: /* Device Address */
3240 return 0xc2 | ((~s->ide->select << 2) & 0x3c);
3241 default:
3242 return ide_ioport_read(s->ide, at);
3243 }
3244
3245 return 0;
3246 }
3247
3248 static void md_common_write(void *opaque, uint32_t at, uint16_t value)
3249 {
3250 struct md_s *s = (struct md_s *) opaque;
3251 at -= s->io_base;
3252
3253 switch (s->opt & OPT_MODE) {
3254 case OPT_MODE_MMAP:
3255 if ((at & ~0x3ff) == 0x400)
3256 at = 0;
3257 break;
3258 case OPT_MODE_IOMAP16:
3259 at &= 0xf;
3260 break;
3261 case OPT_MODE_IOMAP1:
3262 if ((at & ~0xf) == 0x3f0)
3263 at -= 0x3e8;
3264 else if ((at & ~0xf) == 0x1f0)
3265 at -= 0x1f0;
3266 break;
3267 case OPT_MODE_IOMAP2:
3268 if ((at & ~0xf) == 0x370)
3269 at -= 0x368;
3270 else if ((at & ~0xf) == 0x170)
3271 at -= 0x170;
3272 }
3273
3274 switch (at) {
3275 case 0x0: /* Even WR Data */
3276 case 0x8:
3277 ide_data_writew(s->ide, 0, value);
3278 break;
3279
3280 /* TODO: 8-bit accesses */
3281 if (s->cycle)
3282 ide_data_writew(s->ide, 0, s->io | (value << 8));
3283 else
3284 s->io = value & 0xff;
3285 s->cycle = !s->cycle;
3286 break;
3287 case 0x9:
3288 s->io = value & 0xff;
3289 s->cycle = !s->cycle;
3290 break;
3291 case 0xd: /* Features */
3292 ide_ioport_write(s->ide, 0x1, value);
3293 break;
3294 case 0xe: /* Device Control */
3295 s->ctrl = value;
3296 if (value & CTRL_SRST)
3297 md_reset(s);
3298 md_interrupt_update(s);
3299 break;
3300 default:
3301 if (s->stat & STAT_PWRDWN) {
3302 s->pins |= PINS_CRDY;
3303 s->stat &= ~STAT_PWRDWN;
3304 }
3305 ide_ioport_write(s->ide, at, value);
3306 }
3307 }
3308
3309 static void md_save(QEMUFile *f, void *opaque)
3310 {
3311 struct md_s *s = (struct md_s *) opaque;
3312 int i;
3313 uint8_t drive1_selected;
3314
3315 qemu_put_8s(f, &s->opt);
3316 qemu_put_8s(f, &s->stat);
3317 qemu_put_8s(f, &s->pins);
3318
3319 qemu_put_8s(f, &s->ctrl);
3320 qemu_put_be16s(f, &s->io);
3321 qemu_put_byte(f, s->cycle);
3322
3323 drive1_selected = (s->ide->cur_drive != s->ide);
3324 qemu_put_8s(f, &s->ide->cmd);
3325 qemu_put_8s(f, &drive1_selected);
3326
3327 for (i = 0; i < 2; i ++)
3328 ide_save(f, &s->ide[i]);
3329 }
3330
3331 static int md_load(QEMUFile *f, void *opaque, int version_id)
3332 {
3333 struct md_s *s = (struct md_s *) opaque;
3334 int i;
3335 uint8_t drive1_selected;
3336
3337 qemu_get_8s(f, &s->opt);
3338 qemu_get_8s(f, &s->stat);
3339 qemu_get_8s(f, &s->pins);
3340
3341 qemu_get_8s(f, &s->ctrl);
3342 qemu_get_be16s(f, &s->io);
3343 s->cycle = qemu_get_byte(f);
3344
3345 qemu_get_8s(f, &s->ide->cmd);
3346 qemu_get_8s(f, &drive1_selected);
3347 s->ide->cur_drive = &s->ide[(drive1_selected != 0)];
3348
3349 for (i = 0; i < 2; i ++)
3350 ide_load(f, &s->ide[i]);
3351
3352 return 0;
3353 }
3354
3355 static int md_iid = 0;
3356
3357 static const uint8_t dscm1xxxx_cis[0x14a] = {
3358 [0x000] = CISTPL_DEVICE, /* 5V Device Information */
3359 [0x002] = 0x03, /* Tuple length = 4 bytes */
3360 [0x004] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3361 [0x006] = 0x01, /* Size = 2K bytes */
3362 [0x008] = CISTPL_ENDMARK,
3363
3364 [0x00a] = CISTPL_DEVICE_OC, /* Additional Device Information */
3365 [0x00c] = 0x04, /* Tuple length = 4 byest */
3366 [0x00e] = 0x03, /* Conditions: Ext = 0, Vcc 3.3V, MWAIT = 1 */
3367 [0x010] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3368 [0x012] = 0x01, /* Size = 2K bytes */
3369 [0x014] = CISTPL_ENDMARK,
3370
3371 [0x016] = CISTPL_JEDEC_C, /* JEDEC ID */
3372 [0x018] = 0x02, /* Tuple length = 2 bytes */
3373 [0x01a] = 0xdf, /* PC Card ATA with no Vpp required */
3374 [0x01c] = 0x01,
3375
3376 [0x01e] = CISTPL_MANFID, /* Manufacture ID */
3377 [0x020] = 0x04, /* Tuple length = 4 bytes */
3378 [0x022] = 0xa4, /* TPLMID_MANF = 00a4 (IBM) */
3379 [0x024] = 0x00,
3380 [0x026] = 0x00, /* PLMID_CARD = 0000 */
3381 [0x028] = 0x00,
3382
3383 [0x02a] = CISTPL_VERS_1, /* Level 1 Version */
3384 [0x02c] = 0x12, /* Tuple length = 23 bytes */
3385 [0x02e] = 0x04, /* Major Version = JEIDA 4.2 / PCMCIA 2.1 */
3386 [0x030] = 0x01, /* Minor Version = 1 */
3387 [0x032] = 'I',
3388 [0x034] = 'B',
3389 [0x036] = 'M',
3390 [0x038] = 0x00,
3391 [0x03a] = 'm',
3392 [0x03c] = 'i',
3393 [0x03e] = 'c',
3394 [0x040] = 'r',
3395 [0x042] = 'o',
3396 [0x044] = 'd',
3397 [0x046] = 'r',
3398 [0x048] = 'i',
3399 [0x04a] = 'v',
3400 [0x04c] = 'e',
3401 [0x04e] = 0x00,
3402 [0x050] = CISTPL_ENDMARK,
3403
3404 [0x052] = CISTPL_FUNCID, /* Function ID */
3405 [0x054] = 0x02, /* Tuple length = 2 bytes */
3406 [0x056] = 0x04, /* TPLFID_FUNCTION = Fixed Disk */
3407 [0x058] = 0x01, /* TPLFID_SYSINIT: POST = 1, ROM = 0 */
3408
3409 [0x05a] = CISTPL_FUNCE, /* Function Extension */
3410 [0x05c] = 0x02, /* Tuple length = 2 bytes */
3411 [0x05e] = 0x01, /* TPLFE_TYPE = Disk Device Interface */
3412 [0x060] = 0x01, /* TPLFE_DATA = PC Card ATA Interface */
3413
3414 [0x062] = CISTPL_FUNCE, /* Function Extension */
3415 [0x064] = 0x03, /* Tuple length = 3 bytes */
3416 [0x066] = 0x02, /* TPLFE_TYPE = Basic PC Card ATA Interface */
3417 [0x068] = 0x08, /* TPLFE_DATA: Rotating, Unique, Single */
3418 [0x06a] = 0x0f, /* TPLFE_DATA: Sleep, Standby, Idle, Auto */
3419
3420 [0x06c] = CISTPL_CONFIG, /* Configuration */
3421 [0x06e] = 0x05, /* Tuple length = 5 bytes */
3422 [0x070] = 0x01, /* TPCC_RASZ = 2 bytes, TPCC_RMSZ = 1 byte */
3423 [0x072] = 0x07, /* TPCC_LAST = 7 */
3424 [0x074] = 0x00, /* TPCC_RADR = 0200 */
3425 [0x076] = 0x02,
3426 [0x078] = 0x0f, /* TPCC_RMSK = 200, 202, 204, 206 */
3427
3428 [0x07a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3429 [0x07c] = 0x0b, /* Tuple length = 11 bytes */
3430 [0x07e] = 0xc0, /* TPCE_INDX = Memory Mode, Default, Iface */
3431 [0x080] = 0xc0, /* TPCE_IF = Memory, no BVDs, no WP, READY */
3432 [0x082] = 0xa1, /* TPCE_FS = Vcc only, no I/O, Memory, Misc */
3433 [0x084] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3434 [0x086] = 0x55, /* NomV: 5.0 V */
3435 [0x088] = 0x4d, /* MinV: 4.5 V */
3436 [0x08a] = 0x5d, /* MaxV: 5.5 V */
3437 [0x08c] = 0x4e, /* Peakl: 450 mA */
3438 [0x08e] = 0x08, /* TPCE_MS = 1 window, 1 byte, Host address */
3439 [0x090] = 0x00, /* Window descriptor: Window length = 0 */
3440 [0x092] = 0x20, /* TPCE_MI: support power down mode, RW */
3441
3442 [0x094] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3443 [0x096] = 0x06, /* Tuple length = 6 bytes */
3444 [0x098] = 0x00, /* TPCE_INDX = Memory Mode, no Default */
3445 [0x09a] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3446 [0x09c] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3447 [0x09e] = 0xb5, /* NomV: 3.3 V */
3448 [0x0a0] = 0x1e,
3449 [0x0a2] = 0x3e, /* Peakl: 350 mA */
3450
3451 [0x0a4] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3452 [0x0a6] = 0x0d, /* Tuple length = 13 bytes */
3453 [0x0a8] = 0xc1, /* TPCE_INDX = I/O and Memory Mode, Default */
3454 [0x0aa] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3455 [0x0ac] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3456 [0x0ae] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3457 [0x0b0] = 0x55, /* NomV: 5.0 V */
3458 [0x0b2] = 0x4d, /* MinV: 4.5 V */
3459 [0x0b4] = 0x5d, /* MaxV: 5.5 V */
3460 [0x0b6] = 0x4e, /* Peakl: 450 mA */
3461 [0x0b8] = 0x64, /* TPCE_IO = 16-byte boundary, 16/8 accesses */
3462 [0x0ba] = 0xf0, /* TPCE_IR = MASK, Level, Pulse, Share */
3463 [0x0bc] = 0xff, /* IRQ0..IRQ7 supported */
3464 [0x0be] = 0xff, /* IRQ8..IRQ15 supported */
3465 [0x0c0] = 0x20, /* TPCE_MI = support power down mode */
3466
3467 [0x0c2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3468 [0x0c4] = 0x06, /* Tuple length = 6 bytes */
3469 [0x0c6] = 0x01, /* TPCE_INDX = I/O and Memory Mode */
3470 [0x0c8] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3471 [0x0ca] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3472 [0x0cc] = 0xb5, /* NomV: 3.3 V */
3473 [0x0ce] = 0x1e,
3474 [0x0d0] = 0x3e, /* Peakl: 350 mA */
3475
3476 [0x0d2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3477 [0x0d4] = 0x12, /* Tuple length = 18 bytes */
3478 [0x0d6] = 0xc2, /* TPCE_INDX = I/O Primary Mode */
3479 [0x0d8] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3480 [0x0da] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3481 [0x0dc] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3482 [0x0de] = 0x55, /* NomV: 5.0 V */
3483 [0x0e0] = 0x4d, /* MinV: 4.5 V */
3484 [0x0e2] = 0x5d, /* MaxV: 5.5 V */
3485 [0x0e4] = 0x4e, /* Peakl: 450 mA */
3486 [0x0e6] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3487 [0x0e8] = 0x61, /* Range: 2 fields, 2 bytes addr, 1 byte len */
3488 [0x0ea] = 0xf0, /* Field 1 address = 0x01f0 */
3489 [0x0ec] = 0x01,
3490 [0x0ee] = 0x07, /* Address block length = 8 */
3491 [0x0f0] = 0xf6, /* Field 2 address = 0x03f6 */
3492 [0x0f2] = 0x03,
3493 [0x0f4] = 0x01, /* Address block length = 2 */
3494 [0x0f6] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3495 [0x0f8] = 0x20, /* TPCE_MI = support power down mode */
3496
3497 [0x0fa] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3498 [0x0fc] = 0x06, /* Tuple length = 6 bytes */
3499 [0x0fe] = 0x02, /* TPCE_INDX = I/O Primary Mode, no Default */
3500 [0x100] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3501 [0x102] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3502 [0x104] = 0xb5, /* NomV: 3.3 V */
3503 [0x106] = 0x1e,
3504 [0x108] = 0x3e, /* Peakl: 350 mA */
3505
3506 [0x10a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3507 [0x10c] = 0x12, /* Tuple length = 18 bytes */
3508 [0x10e] = 0xc3, /* TPCE_INDX = I/O Secondary Mode, Default */
3509 [0x110] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3510 [0x112] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3511 [0x114] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3512 [0x116] = 0x55, /* NomV: 5.0 V */
3513 [0x118] = 0x4d, /* MinV: 4.5 V */
3514 [0x11a] = 0x5d, /* MaxV: 5.5 V */
3515 [0x11c] = 0x4e, /* Peakl: 450 mA */
3516 [0x11e] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3517 [0x120] = 0x61, /* Range: 2 fields, 2 byte addr, 1 byte len */
3518 [0x122] = 0x70, /* Field 1 address = 0x0170 */
3519 [0x124] = 0x01,
3520 [0x126] = 0x07, /* Address block length = 8 */
3521 [0x128] = 0x76, /* Field 2 address = 0x0376 */
3522 [0x12a] = 0x03,
3523 [0x12c] = 0x01, /* Address block length = 2 */
3524 [0x12e] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3525 [0x130] = 0x20, /* TPCE_MI = support power down mode */
3526
3527 [0x132] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3528 [0x134] = 0x06, /* Tuple length = 6 bytes */
3529 [0x136] = 0x03, /* TPCE_INDX = I/O Secondary Mode */
3530 [0x138] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3531 [0x13a] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3532 [0x13c] = 0xb5, /* NomV: 3.3 V */
3533 [0x13e] = 0x1e,
3534 [0x140] = 0x3e, /* Peakl: 350 mA */
3535
3536 [0x142] = CISTPL_NO_LINK, /* No Link */
3537 [0x144] = 0x00, /* Tuple length = 0 bytes */
3538
3539 [0x146] = CISTPL_END, /* Tuple End */
3540 };
3541
3542 static int dscm1xxxx_attach(void *opaque)
3543 {
3544 struct md_s *md = (struct md_s *) opaque;
3545 md->card.attr_read = md_attr_read;
3546 md->card.attr_write = md_attr_write;
3547 md->card.common_read = md_common_read;
3548 md->card.common_write = md_common_write;
3549 md->card.io_read = md_common_read;
3550 md->card.io_write = md_common_write;
3551
3552 md->attr_base = md->card.cis[0x74] | (md->card.cis[0x76] << 8);
3553 md->io_base = 0x0;
3554
3555 md_reset(md);
3556 md_interrupt_update(md);
3557
3558 md->card.slot->card_string = "DSCM-1xxxx Hitachi Microdrive";
3559 return 0;
3560 }
3561
3562 static int dscm1xxxx_detach(void *opaque)
3563 {
3564 struct md_s *md = (struct md_s *) opaque;
3565 md_reset(md);
3566 return 0;
3567 }
3568
3569 struct pcmcia_card_s *dscm1xxxx_init(BlockDriverState *bdrv)
3570 {
3571 struct md_s *md = (struct md_s *) qemu_mallocz(sizeof(struct md_s));
3572 md->card.state = md;
3573 md->card.attach = dscm1xxxx_attach;
3574 md->card.detach = dscm1xxxx_detach;
3575 md->card.cis = dscm1xxxx_cis;
3576 md->card.cis_len = sizeof(dscm1xxxx_cis);
3577
3578 ide_init2(md->ide, bdrv, 0, qemu_allocate_irqs(md_set_irq, md, 1)[0]);
3579 md->ide->is_cf = 1;
3580 md->ide->mdata_size = METADATA_SIZE;
3581 md->ide->mdata_storage = (uint8_t *) qemu_mallocz(METADATA_SIZE);
3582
3583 register_savevm("microdrive", md_iid ++, 0, md_save, md_load, md);
3584
3585 return &md->card;
3586 }
Random branches for QEmu