search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
add roms/pcbios
[armpft.git] / hw / ide / core.c
blobfffcd0028081c5e6a22e2ddd8a6eef6e7e9b7ab0
1 /*
2 * QEMU IDE disk and CD/DVD-ROM Emulator
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
25 #include <hw/hw.h>
26 #include <hw/pc.h>
27 #include <hw/pci.h>
28 #include <hw/scsi-disk.h>
29 #include <hw/sh.h>
30 #include "block.h"
31 #include "block_int.h"
32 #include "qemu-timer.h"
33 #include "sysemu.h"
34 #include "dma.h"
35
36 #include <hw/ide/internal.h>
37
38 static int smart_attributes[][5] = {
39 /* id, flags, val, wrst, thrsh */
40 { 0x01, 0x03, 0x64, 0x64, 0x06}, /* raw read */
41 { 0x03, 0x03, 0x64, 0x64, 0x46}, /* spin up */
42 { 0x04, 0x02, 0x64, 0x64, 0x14}, /* start stop count */
43 { 0x05, 0x03, 0x64, 0x64, 0x36}, /* remapped sectors */
44 { 0x00, 0x00, 0x00, 0x00, 0x00}
45 };
46
47 /* XXX: DVDs that could fit on a CD will be reported as a CD */
48 static inline int media_present(IDEState *s)
49 {
50 return (s->nb_sectors > 0);
51 }
52
53 static inline int media_is_dvd(IDEState *s)
54 {
55 return (media_present(s) && s->nb_sectors > CD_MAX_SECTORS);
56 }
57
58 static inline int media_is_cd(IDEState *s)
59 {
60 return (media_present(s) && s->nb_sectors <= CD_MAX_SECTORS);
61 }
62
63 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb);
64 static void ide_dma_restart(IDEState *s);
65 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
66
67 static void padstr(char *str, const char *src, int len)
68 {
69 int i, v;
70 for(i = 0; i < len; i++) {
71 if (*src)
72 v = *src++;
73 else
74 v = ' ';
75 str[i^1] = v;
76 }
77 }
78
79 static void padstr8(uint8_t *buf, int buf_size, const char *src)
80 {
81 int i;
82 for(i = 0; i < buf_size; i++) {
83 if (*src)
84 buf[i] = *src++;
85 else
86 buf[i] = ' ';
87 }
88 }
89
90 static void put_le16(uint16_t *p, unsigned int v)
91 {
92 *p = cpu_to_le16(v);
93 }
94
95 static void ide_identify(IDEState *s)
96 {
97 uint16_t *p;
98 unsigned int oldsize;
99
100 if (s->identify_set) {
101 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
102 return;
103 }
104
105 memset(s->io_buffer, 0, 512);
106 p = (uint16_t *)s->io_buffer;
107 put_le16(p + 0, 0x0040);
108 put_le16(p + 1, s->cylinders);
109 put_le16(p + 3, s->heads);
110 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
111 put_le16(p + 5, 512); /* XXX: retired, remove ? */
112 put_le16(p + 6, s->sectors);
113 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
114 put_le16(p + 20, 3); /* XXX: retired, remove ? */
115 put_le16(p + 21, 512); /* cache size in sectors */
116 put_le16(p + 22, 4); /* ecc bytes */
117 padstr((char *)(p + 23), QEMU_VERSION, 8); /* firmware version */
118 padstr((char *)(p + 27), "QEMU HARDDISK", 40); /* model */
119 #if MAX_MULT_SECTORS > 1
120 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
121 #endif
122 put_le16(p + 48, 1); /* dword I/O */
123 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
124 put_le16(p + 51, 0x200); /* PIO transfer cycle */
125 put_le16(p + 52, 0x200); /* DMA transfer cycle */
126 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
127 put_le16(p + 54, s->cylinders);
128 put_le16(p + 55, s->heads);
129 put_le16(p + 56, s->sectors);
130 oldsize = s->cylinders * s->heads * s->sectors;
131 put_le16(p + 57, oldsize);
132 put_le16(p + 58, oldsize >> 16);
133 if (s->mult_sectors)
134 put_le16(p + 59, 0x100 | s->mult_sectors);
135 put_le16(p + 60, s->nb_sectors);
136 put_le16(p + 61, s->nb_sectors >> 16);
137 put_le16(p + 62, 0x07); /* single word dma0-2 supported */
138 put_le16(p + 63, 0x07); /* mdma0-2 supported */
139 put_le16(p + 65, 120);
140 put_le16(p + 66, 120);
141 put_le16(p + 67, 120);
142 put_le16(p + 68, 120);
143 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
144 put_le16(p + 81, 0x16); /* conforms to ata5 */
145 /* 14=NOP supported, 0=SMART supported */
146 put_le16(p + 82, (1 << 14) | 1);
147 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
148 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
149 /* 14=set to 1, 1=SMART self test, 0=SMART error logging */
150 put_le16(p + 84, (1 << 14) | 0);
151 /* 14 = NOP supported, 5=WCACHE enabled, 0=SMART feature set enabled */
152 if (bdrv_enable_write_cache(s->bs))
153 put_le16(p + 85, (1 << 14) | (1 << 5) | 1);
154 else
155 put_le16(p + 85, (1 << 14) | 1);
156 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
157 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
158 /* 14=set to 1, 1=smart self test, 0=smart error logging */
159 put_le16(p + 87, (1 << 14) | 0);
160 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
161 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
162 put_le16(p + 100, s->nb_sectors);
163 put_le16(p + 101, s->nb_sectors >> 16);
164 put_le16(p + 102, s->nb_sectors >> 32);
165 put_le16(p + 103, s->nb_sectors >> 48);
166
167 memcpy(s->identify_data, p, sizeof(s->identify_data));
168 s->identify_set = 1;
169 }
170
171 static void ide_atapi_identify(IDEState *s)
172 {
173 uint16_t *p;
174
175 if (s->identify_set) {
176 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
177 return;
178 }
179
180 memset(s->io_buffer, 0, 512);
181 p = (uint16_t *)s->io_buffer;
182 /* Removable CDROM, 50us response, 12 byte packets */
183 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
184 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
185 put_le16(p + 20, 3); /* buffer type */
186 put_le16(p + 21, 512); /* cache size in sectors */
187 put_le16(p + 22, 4); /* ecc bytes */
188 padstr((char *)(p + 23), QEMU_VERSION, 8); /* firmware version */
189 padstr((char *)(p + 27), "QEMU DVD-ROM", 40); /* model */
190 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
191 #ifdef USE_DMA_CDROM
192 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
193 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
194 put_le16(p + 62, 7); /* single word dma0-2 supported */
195 put_le16(p + 63, 7); /* mdma0-2 supported */
196 put_le16(p + 64, 0x3f); /* PIO modes supported */
197 #else
198 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
199 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
200 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
201 put_le16(p + 64, 1); /* PIO modes */
202 #endif
203 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
204 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
205 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
206 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
207
208 put_le16(p + 71, 30); /* in ns */
209 put_le16(p + 72, 30); /* in ns */
210
211 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
212 #ifdef USE_DMA_CDROM
213 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
214 #endif
215 memcpy(s->identify_data, p, sizeof(s->identify_data));
216 s->identify_set = 1;
217 }
218
219 static void ide_cfata_identify(IDEState *s)
220 {
221 uint16_t *p;
222 uint32_t cur_sec;
223
224 p = (uint16_t *) s->identify_data;
225 if (s->identify_set)
226 goto fill_buffer;
227
228 memset(p, 0, sizeof(s->identify_data));
229
230 cur_sec = s->cylinders * s->heads * s->sectors;
231
232 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
233 put_le16(p + 1, s->cylinders); /* Default cylinders */
234 put_le16(p + 3, s->heads); /* Default heads */
235 put_le16(p + 6, s->sectors); /* Default sectors per track */
236 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
237 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
238 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
239 put_le16(p + 22, 0x0004); /* ECC bytes */
240 padstr((char *) (p + 23), QEMU_VERSION, 8); /* Firmware Revision */
241 padstr((char *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */
242 #if MAX_MULT_SECTORS > 1
243 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
244 #else
245 put_le16(p + 47, 0x0000);
246 #endif
247 put_le16(p + 49, 0x0f00); /* Capabilities */
248 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
249 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
250 put_le16(p + 53, 0x0003); /* Translation params valid */
251 put_le16(p + 54, s->cylinders); /* Current cylinders */
252 put_le16(p + 55, s->heads); /* Current heads */
253 put_le16(p + 56, s->sectors); /* Current sectors */
254 put_le16(p + 57, cur_sec); /* Current capacity */
255 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
256 if (s->mult_sectors) /* Multiple sector setting */
257 put_le16(p + 59, 0x100 | s->mult_sectors);
258 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
259 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
260 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
261 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
262 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
263 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
264 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
265 put_le16(p + 82, 0x400c); /* Command Set supported */
266 put_le16(p + 83, 0x7068); /* Command Set supported */
267 put_le16(p + 84, 0x4000); /* Features supported */
268 put_le16(p + 85, 0x000c); /* Command Set enabled */
269 put_le16(p + 86, 0x7044); /* Command Set enabled */
270 put_le16(p + 87, 0x4000); /* Features enabled */
271 put_le16(p + 91, 0x4060); /* Current APM level */
272 put_le16(p + 129, 0x0002); /* Current features option */
273 put_le16(p + 130, 0x0005); /* Reassigned sectors */
274 put_le16(p + 131, 0x0001); /* Initial power mode */
275 put_le16(p + 132, 0x0000); /* User signature */
276 put_le16(p + 160, 0x8100); /* Power requirement */
277 put_le16(p + 161, 0x8001); /* CF command set */
278
279 s->identify_set = 1;
280
281 fill_buffer:
282 memcpy(s->io_buffer, p, sizeof(s->identify_data));
283 }
284
285 static void ide_set_signature(IDEState *s)
286 {
287 s->select &= 0xf0; /* clear head */
288 /* put signature */
289 s->nsector = 1;
290 s->sector = 1;
291 if (s->is_cdrom) {
292 s->lcyl = 0x14;
293 s->hcyl = 0xeb;
294 } else if (s->bs) {
295 s->lcyl = 0;
296 s->hcyl = 0;
297 } else {
298 s->lcyl = 0xff;
299 s->hcyl = 0xff;
300 }
301 }
302
303 static inline void ide_abort_command(IDEState *s)
304 {
305 s->status = READY_STAT | ERR_STAT;
306 s->error = ABRT_ERR;
307 }
308
309 static inline void ide_dma_submit_check(IDEState *s,
310 BlockDriverCompletionFunc *dma_cb, BMDMAState *bm)
311 {
312 if (bm->aiocb)
313 return;
314 dma_cb(bm, -1);
315 }
316
317 /* prepare data transfer and tell what to do after */
318 static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
319 EndTransferFunc *end_transfer_func)
320 {
321 s->end_transfer_func = end_transfer_func;
322 s->data_ptr = buf;
323 s->data_end = buf + size;
324 if (!(s->status & ERR_STAT))
325 s->status |= DRQ_STAT;
326 }
327
328 static void ide_transfer_stop(IDEState *s)
329 {
330 s->end_transfer_func = ide_transfer_stop;
331 s->data_ptr = s->io_buffer;
332 s->data_end = s->io_buffer;
333 s->status &= ~DRQ_STAT;
334 }
335
336 int64_t ide_get_sector(IDEState *s)
337 {
338 int64_t sector_num;
339 if (s->select & 0x40) {
340 /* lba */
341 if (!s->lba48) {
342 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
343 (s->lcyl << 8) | s->sector;
344 } else {
345 sector_num = ((int64_t)s->hob_hcyl << 40) |
346 ((int64_t) s->hob_lcyl << 32) |
347 ((int64_t) s->hob_sector << 24) |
348 ((int64_t) s->hcyl << 16) |
349 ((int64_t) s->lcyl << 8) | s->sector;
350 }
351 } else {
352 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
353 (s->select & 0x0f) * s->sectors + (s->sector - 1);
354 }
355 return sector_num;
356 }
357
358 void ide_set_sector(IDEState *s, int64_t sector_num)
359 {
360 unsigned int cyl, r;
361 if (s->select & 0x40) {
362 if (!s->lba48) {
363 s->select = (s->select & 0xf0) | (sector_num >> 24);
364 s->hcyl = (sector_num >> 16);
365 s->lcyl = (sector_num >> 8);
366 s->sector = (sector_num);
367 } else {
368 s->sector = sector_num;
369 s->lcyl = sector_num >> 8;
370 s->hcyl = sector_num >> 16;
371 s->hob_sector = sector_num >> 24;
372 s->hob_lcyl = sector_num >> 32;
373 s->hob_hcyl = sector_num >> 40;
374 }
375 } else {
376 cyl = sector_num / (s->heads * s->sectors);
377 r = sector_num % (s->heads * s->sectors);
378 s->hcyl = cyl >> 8;
379 s->lcyl = cyl;
380 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
381 s->sector = (r % s->sectors) + 1;
382 }
383 }
384
385 static void ide_rw_error(IDEState *s) {
386 ide_abort_command(s);
387 ide_set_irq(s->bus);
388 }
389
390 static void ide_sector_read(IDEState *s)
391 {
392 int64_t sector_num;
393 int ret, n;
394
395 s->status = READY_STAT | SEEK_STAT;
396 s->error = 0; /* not needed by IDE spec, but needed by Windows */
397 sector_num = ide_get_sector(s);
398 n = s->nsector;
399 if (n == 0) {
400 /* no more sector to read from disk */
401 ide_transfer_stop(s);
402 } else {
403 #if defined(DEBUG_IDE)
404 printf("read sector=%" PRId64 "\n", sector_num);
405 #endif
406 if (n > s->req_nb_sectors)
407 n = s->req_nb_sectors;
408 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
409 if (ret != 0) {
410 ide_rw_error(s);
411 return;
412 }
413 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
414 ide_set_irq(s->bus);
415 ide_set_sector(s, sector_num + n);
416 s->nsector -= n;
417 }
418 }
419
420
421 /* return 0 if buffer completed */
422 static int dma_buf_prepare(BMDMAState *bm, int is_write)
423 {
424 IDEState *s = bmdma_active_if(bm);
425 struct {
426 uint32_t addr;
427 uint32_t size;
428 } prd;
429 int l, len;
430
431 qemu_sglist_init(&s->sg, s->nsector / (TARGET_PAGE_SIZE/512) + 1);
432 s->io_buffer_size = 0;
433 for(;;) {
434 if (bm->cur_prd_len == 0) {
435 /* end of table (with a fail safe of one page) */
436 if (bm->cur_prd_last ||
437 (bm->cur_addr - bm->addr) >= 4096)
438 return s->io_buffer_size != 0;
439 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
440 bm->cur_addr += 8;
441 prd.addr = le32_to_cpu(prd.addr);
442 prd.size = le32_to_cpu(prd.size);
443 len = prd.size & 0xfffe;
444 if (len == 0)
445 len = 0x10000;
446 bm->cur_prd_len = len;
447 bm->cur_prd_addr = prd.addr;
448 bm->cur_prd_last = (prd.size & 0x80000000);
449 }
450 l = bm->cur_prd_len;
451 if (l > 0) {
452 qemu_sglist_add(&s->sg, bm->cur_prd_addr, l);
453 bm->cur_prd_addr += l;
454 bm->cur_prd_len -= l;
455 s->io_buffer_size += l;
456 }
457 }
458 return 1;
459 }
460
461 static void dma_buf_commit(IDEState *s, int is_write)
462 {
463 qemu_sglist_destroy(&s->sg);
464 }
465
466 void ide_dma_error(IDEState *s)
467 {
468 ide_transfer_stop(s);
469 s->error = ABRT_ERR;
470 s->status = READY_STAT | ERR_STAT;
471 ide_set_irq(s->bus);
472 }
473
474 static int ide_handle_write_error(IDEState *s, int error, int op)
475 {
476 BlockInterfaceErrorAction action = drive_get_onerror(s->bs);
477
478 if (action == BLOCK_ERR_IGNORE)
479 return 0;
480
481 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
482 || action == BLOCK_ERR_STOP_ANY) {
483 s->bus->bmdma->unit = s->unit;
484 s->bus->bmdma->status |= op;
485 vm_stop(0);
486 } else {
487 if (op == BM_STATUS_DMA_RETRY) {
488 dma_buf_commit(s, 0);
489 ide_dma_error(s);
490 } else {
491 ide_rw_error(s);
492 }
493 }
494
495 return 1;
496 }
497
498 /* return 0 if buffer completed */
499 static int dma_buf_rw(BMDMAState *bm, int is_write)
500 {
501 IDEState *s = bmdma_active_if(bm);
502 struct {
503 uint32_t addr;
504 uint32_t size;
505 } prd;
506 int l, len;
507
508 for(;;) {
509 l = s->io_buffer_size - s->io_buffer_index;
510 if (l <= 0)
511 break;
512 if (bm->cur_prd_len == 0) {
513 /* end of table (with a fail safe of one page) */
514 if (bm->cur_prd_last ||
515 (bm->cur_addr - bm->addr) >= 4096)
516 return 0;
517 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
518 bm->cur_addr += 8;
519 prd.addr = le32_to_cpu(prd.addr);
520 prd.size = le32_to_cpu(prd.size);
521 len = prd.size & 0xfffe;
522 if (len == 0)
523 len = 0x10000;
524 bm->cur_prd_len = len;
525 bm->cur_prd_addr = prd.addr;
526 bm->cur_prd_last = (prd.size & 0x80000000);
527 }
528 if (l > bm->cur_prd_len)
529 l = bm->cur_prd_len;
530 if (l > 0) {
531 if (is_write) {
532 cpu_physical_memory_write(bm->cur_prd_addr,
533 s->io_buffer + s->io_buffer_index, l);
534 } else {
535 cpu_physical_memory_read(bm->cur_prd_addr,
536 s->io_buffer + s->io_buffer_index, l);
537 }
538 bm->cur_prd_addr += l;
539 bm->cur_prd_len -= l;
540 s->io_buffer_index += l;
541 }
542 }
543 return 1;
544 }
545
546 static void ide_read_dma_cb(void *opaque, int ret)
547 {
548 BMDMAState *bm = opaque;
549 IDEState *s = bmdma_active_if(bm);
550 int n;
551 int64_t sector_num;
552
553 if (ret < 0) {
554 dma_buf_commit(s, 1);
555 ide_dma_error(s);
556 return;
557 }
558
559 n = s->io_buffer_size >> 9;
560 sector_num = ide_get_sector(s);
561 if (n > 0) {
562 dma_buf_commit(s, 1);
563 sector_num += n;
564 ide_set_sector(s, sector_num);
565 s->nsector -= n;
566 }
567
568 /* end of transfer ? */
569 if (s->nsector == 0) {
570 s->status = READY_STAT | SEEK_STAT;
571 ide_set_irq(s->bus);
572 eot:
573 bm->status &= ~BM_STATUS_DMAING;
574 bm->status |= BM_STATUS_INT;
575 bm->dma_cb = NULL;
576 bm->unit = -1;
577 bm->aiocb = NULL;
578 return;
579 }
580
581 /* launch next transfer */
582 n = s->nsector;
583 s->io_buffer_index = 0;
584 s->io_buffer_size = n * 512;
585 if (dma_buf_prepare(bm, 1) == 0)
586 goto eot;
587 #ifdef DEBUG_AIO
588 printf("aio_read: sector_num=%" PRId64 " n=%d\n", sector_num, n);
589 #endif
590 bm->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num, ide_read_dma_cb, bm);
591 ide_dma_submit_check(s, ide_read_dma_cb, bm);
592 }
593
594 static void ide_sector_read_dma(IDEState *s)
595 {
596 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
597 s->io_buffer_index = 0;
598 s->io_buffer_size = 0;
599 s->is_read = 1;
600 ide_dma_start(s, ide_read_dma_cb);
601 }
602
603 static void ide_sector_write_timer_cb(void *opaque)
604 {
605 IDEState *s = opaque;
606 ide_set_irq(s->bus);
607 }
608
609 static void ide_sector_write(IDEState *s)
610 {
611 int64_t sector_num;
612 int ret, n, n1;
613
614 s->status = READY_STAT | SEEK_STAT;
615 sector_num = ide_get_sector(s);
616 #if defined(DEBUG_IDE)
617 printf("write sector=%" PRId64 "\n", sector_num);
618 #endif
619 n = s->nsector;
620 if (n > s->req_nb_sectors)
621 n = s->req_nb_sectors;
622 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
623
624 if (ret != 0) {
625 if (ide_handle_write_error(s, -ret, BM_STATUS_PIO_RETRY))
626 return;
627 }
628
629 s->nsector -= n;
630 if (s->nsector == 0) {
631 /* no more sectors to write */
632 ide_transfer_stop(s);
633 } else {
634 n1 = s->nsector;
635 if (n1 > s->req_nb_sectors)
636 n1 = s->req_nb_sectors;
637 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
638 }
639 ide_set_sector(s, sector_num + n);
640
641 #ifdef TARGET_I386
642 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
643 /* It seems there is a bug in the Windows 2000 installer HDD
644 IDE driver which fills the disk with empty logs when the
645 IDE write IRQ comes too early. This hack tries to correct
646 that at the expense of slower write performances. Use this
647 option _only_ to install Windows 2000. You must disable it
648 for normal use. */
649 qemu_mod_timer(s->sector_write_timer,
650 qemu_get_clock(vm_clock) + (get_ticks_per_sec() / 1000));
651 } else
652 #endif
653 {
654 ide_set_irq(s->bus);
655 }
656 }
657
658 static void ide_dma_restart_bh(void *opaque)
659 {
660 BMDMAState *bm = opaque;
661
662 qemu_bh_delete(bm->bh);
663 bm->bh = NULL;
664
665 if (bm->status & BM_STATUS_DMA_RETRY) {
666 bm->status &= ~BM_STATUS_DMA_RETRY;
667 ide_dma_restart(bmdma_active_if(bm));
668 } else if (bm->status & BM_STATUS_PIO_RETRY) {
669 bm->status &= ~BM_STATUS_PIO_RETRY;
670 ide_sector_write(bmdma_active_if(bm));
671 }
672 }
673
674 void ide_dma_restart_cb(void *opaque, int running, int reason)
675 {
676 BMDMAState *bm = opaque;
677
678 if (!running)
679 return;
680
681 if (!bm->bh) {
682 bm->bh = qemu_bh_new(ide_dma_restart_bh, bm);
683 qemu_bh_schedule(bm->bh);
684 }
685 }
686
687 static void ide_write_dma_cb(void *opaque, int ret)
688 {
689 BMDMAState *bm = opaque;
690 IDEState *s = bmdma_active_if(bm);
691 int n;
692 int64_t sector_num;
693
694 if (ret < 0) {
695 if (ide_handle_write_error(s, -ret, BM_STATUS_DMA_RETRY))
696 return;
697 }
698
699 n = s->io_buffer_size >> 9;
700 sector_num = ide_get_sector(s);
701 if (n > 0) {
702 dma_buf_commit(s, 0);
703 sector_num += n;
704 ide_set_sector(s, sector_num);
705 s->nsector -= n;
706 }
707
708 /* end of transfer ? */
709 if (s->nsector == 0) {
710 s->status = READY_STAT | SEEK_STAT;
711 ide_set_irq(s->bus);
712 eot:
713 bm->status &= ~BM_STATUS_DMAING;
714 bm->status |= BM_STATUS_INT;
715 bm->dma_cb = NULL;
716 bm->unit = -1;
717 bm->aiocb = NULL;
718 return;
719 }
720
721 n = s->nsector;
722 s->io_buffer_size = n * 512;
723 /* launch next transfer */
724 if (dma_buf_prepare(bm, 0) == 0)
725 goto eot;
726 #ifdef DEBUG_AIO
727 printf("aio_write: sector_num=%" PRId64 " n=%d\n", sector_num, n);
728 #endif
729 bm->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num, ide_write_dma_cb, bm);
730 ide_dma_submit_check(s, ide_write_dma_cb, bm);
731 }
732
733 static void ide_sector_write_dma(IDEState *s)
734 {
735 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
736 s->io_buffer_index = 0;
737 s->io_buffer_size = 0;
738 s->is_read = 0;
739 ide_dma_start(s, ide_write_dma_cb);
740 }
741
742 void ide_atapi_cmd_ok(IDEState *s)
743 {
744 s->error = 0;
745 s->status = READY_STAT | SEEK_STAT;
746 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
747 ide_set_irq(s->bus);
748 }
749
750 void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
751 {
752 #ifdef DEBUG_IDE_ATAPI
753 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
754 #endif
755 s->error = sense_key << 4;
756 s->status = READY_STAT | ERR_STAT;
757 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
758 s->sense_key = sense_key;
759 s->asc = asc;
760 ide_set_irq(s->bus);
761 }
762
763 static void ide_atapi_cmd_check_status(IDEState *s)
764 {
765 #ifdef DEBUG_IDE_ATAPI
766 printf("atapi_cmd_check_status\n");
767 #endif
768 s->error = MC_ERR | (SENSE_UNIT_ATTENTION << 4);
769 s->status = ERR_STAT;
770 s->nsector = 0;
771 ide_set_irq(s->bus);
772 }
773
774 static void ide_flush_cb(void *opaque, int ret)
775 {
776 IDEState *s = opaque;
777
778 /* XXX: how do we signal I/O errors here? */
779
780 s->status = READY_STAT | SEEK_STAT;
781 ide_set_irq(s->bus);
782 }
783
784 static inline void cpu_to_ube16(uint8_t *buf, int val)
785 {
786 buf[0] = val >> 8;
787 buf[1] = val & 0xff;
788 }
789
790 static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
791 {
792 buf[0] = val >> 24;
793 buf[1] = val >> 16;
794 buf[2] = val >> 8;
795 buf[3] = val & 0xff;
796 }
797
798 static inline int ube16_to_cpu(const uint8_t *buf)
799 {
800 return (buf[0] << 8) | buf[1];
801 }
802
803 static inline int ube32_to_cpu(const uint8_t *buf)
804 {
805 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
806 }
807
808 static void lba_to_msf(uint8_t *buf, int lba)
809 {
810 lba += 150;
811 buf[0] = (lba / 75) / 60;
812 buf[1] = (lba / 75) % 60;
813 buf[2] = lba % 75;
814 }
815
816 static void cd_data_to_raw(uint8_t *buf, int lba)
817 {
818 /* sync bytes */
819 buf[0] = 0x00;
820 memset(buf + 1, 0xff, 10);
821 buf[11] = 0x00;
822 buf += 12;
823 /* MSF */
824 lba_to_msf(buf, lba);
825 buf[3] = 0x01; /* mode 1 data */
826 buf += 4;
827 /* data */
828 buf += 2048;
829 /* XXX: ECC not computed */
830 memset(buf, 0, 288);
831 }
832
833 static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
834 int sector_size)
835 {
836 int ret;
837
838 switch(sector_size) {
839 case 2048:
840 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
841 break;
842 case 2352:
843 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
844 if (ret < 0)
845 return ret;
846 cd_data_to_raw(buf, lba);
847 break;
848 default:
849 ret = -EIO;
850 break;
851 }
852 return ret;
853 }
854
855 void ide_atapi_io_error(IDEState *s, int ret)
856 {
857 /* XXX: handle more errors */
858 if (ret == -ENOMEDIUM) {
859 ide_atapi_cmd_error(s, SENSE_NOT_READY,
860 ASC_MEDIUM_NOT_PRESENT);
861 } else {
862 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
863 ASC_LOGICAL_BLOCK_OOR);
864 }
865 }
866
867 /* The whole ATAPI transfer logic is handled in this function */
868 static void ide_atapi_cmd_reply_end(IDEState *s)
869 {
870 int byte_count_limit, size, ret;
871 #ifdef DEBUG_IDE_ATAPI
872 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
873 s->packet_transfer_size,
874 s->elementary_transfer_size,
875 s->io_buffer_index);
876 #endif
877 if (s->packet_transfer_size <= 0) {
878 /* end of transfer */
879 ide_transfer_stop(s);
880 s->status = READY_STAT | SEEK_STAT;
881 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
882 ide_set_irq(s->bus);
883 #ifdef DEBUG_IDE_ATAPI
884 printf("status=0x%x\n", s->status);
885 #endif
886 } else {
887 /* see if a new sector must be read */
888 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
889 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
890 if (ret < 0) {
891 ide_transfer_stop(s);
892 ide_atapi_io_error(s, ret);
893 return;
894 }
895 s->lba++;
896 s->io_buffer_index = 0;
897 }
898 if (s->elementary_transfer_size > 0) {
899 /* there are some data left to transmit in this elementary
900 transfer */
901 size = s->cd_sector_size - s->io_buffer_index;
902 if (size > s->elementary_transfer_size)
903 size = s->elementary_transfer_size;
904 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
905 size, ide_atapi_cmd_reply_end);
906 s->packet_transfer_size -= size;
907 s->elementary_transfer_size -= size;
908 s->io_buffer_index += size;
909 } else {
910 /* a new transfer is needed */
911 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
912 byte_count_limit = s->lcyl | (s->hcyl << 8);
913 #ifdef DEBUG_IDE_ATAPI
914 printf("byte_count_limit=%d\n", byte_count_limit);
915 #endif
916 if (byte_count_limit == 0xffff)
917 byte_count_limit--;
918 size = s->packet_transfer_size;
919 if (size > byte_count_limit) {
920 /* byte count limit must be even if this case */
921 if (byte_count_limit & 1)
922 byte_count_limit--;
923 size = byte_count_limit;
924 }
925 s->lcyl = size;
926 s->hcyl = size >> 8;
927 s->elementary_transfer_size = size;
928 /* we cannot transmit more than one sector at a time */
929 if (s->lba != -1) {
930 if (size > (s->cd_sector_size - s->io_buffer_index))
931 size = (s->cd_sector_size - s->io_buffer_index);
932 }
933 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
934 size, ide_atapi_cmd_reply_end);
935 s->packet_transfer_size -= size;
936 s->elementary_transfer_size -= size;
937 s->io_buffer_index += size;
938 ide_set_irq(s->bus);
939 #ifdef DEBUG_IDE_ATAPI
940 printf("status=0x%x\n", s->status);
941 #endif
942 }
943 }
944 }
945
946 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
947 static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
948 {
949 if (size > max_size)
950 size = max_size;
951 s->lba = -1; /* no sector read */
952 s->packet_transfer_size = size;
953 s->io_buffer_size = size; /* dma: send the reply data as one chunk */
954 s->elementary_transfer_size = 0;
955 s->io_buffer_index = 0;
956
957 if (s->atapi_dma) {
958 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
959 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
960 } else {
961 s->status = READY_STAT | SEEK_STAT;
962 ide_atapi_cmd_reply_end(s);
963 }
964 }
965
966 /* start a CD-CDROM read command */
967 static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
968 int sector_size)
969 {
970 s->lba = lba;
971 s->packet_transfer_size = nb_sectors * sector_size;
972 s->elementary_transfer_size = 0;
973 s->io_buffer_index = sector_size;
974 s->cd_sector_size = sector_size;
975
976 s->status = READY_STAT | SEEK_STAT;
977 ide_atapi_cmd_reply_end(s);
978 }
979
980 /* ATAPI DMA support */
981
982 /* XXX: handle read errors */
983 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
984 {
985 BMDMAState *bm = opaque;
986 IDEState *s = bmdma_active_if(bm);
987 int data_offset, n;
988
989 if (ret < 0) {
990 ide_atapi_io_error(s, ret);
991 goto eot;
992 }
993
994 if (s->io_buffer_size > 0) {
995 /*
996 * For a cdrom read sector command (s->lba != -1),
997 * adjust the lba for the next s->io_buffer_size chunk
998 * and dma the current chunk.
999 * For a command != read (s->lba == -1), just transfer
1000 * the reply data.
1001 */
1002 if (s->lba != -1) {
1003 if (s->cd_sector_size == 2352) {
1004 n = 1;
1005 cd_data_to_raw(s->io_buffer, s->lba);
1006 } else {
1007 n = s->io_buffer_size >> 11;
1008 }
1009 s->lba += n;
1010 }
1011 s->packet_transfer_size -= s->io_buffer_size;
1012 if (dma_buf_rw(bm, 1) == 0)
1013 goto eot;
1014 }
1015
1016 if (s->packet_transfer_size <= 0) {
1017 s->status = READY_STAT | SEEK_STAT;
1018 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1019 ide_set_irq(s->bus);
1020 eot:
1021 bm->status &= ~BM_STATUS_DMAING;
1022 bm->status |= BM_STATUS_INT;
1023 bm->dma_cb = NULL;
1024 bm->unit = -1;
1025 bm->aiocb = NULL;
1026 return;
1027 }
1028
1029 s->io_buffer_index = 0;
1030 if (s->cd_sector_size == 2352) {
1031 n = 1;
1032 s->io_buffer_size = s->cd_sector_size;
1033 data_offset = 16;
1034 } else {
1035 n = s->packet_transfer_size >> 11;
1036 if (n > (IDE_DMA_BUF_SECTORS / 4))
1037 n = (IDE_DMA_BUF_SECTORS / 4);
1038 s->io_buffer_size = n * 2048;
1039 data_offset = 0;
1040 }
1041 #ifdef DEBUG_AIO
1042 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
1043 #endif
1044 bm->iov.iov_base = (void *)(s->io_buffer + data_offset);
1045 bm->iov.iov_len = n * 4 * 512;
1046 qemu_iovec_init_external(&bm->qiov, &bm->iov, 1);
1047 bm->aiocb = bdrv_aio_readv(s->bs, (int64_t)s->lba << 2, &bm->qiov,
1048 n * 4, ide_atapi_cmd_read_dma_cb, bm);
1049 if (!bm->aiocb) {
1050 /* Note: media not present is the most likely case */
1051 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1052 ASC_MEDIUM_NOT_PRESENT);
1053 goto eot;
1054 }
1055 }
1056
1057 /* start a CD-CDROM read command with DMA */
1058 /* XXX: test if DMA is available */
1059 static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1060 int sector_size)
1061 {
1062 s->lba = lba;
1063 s->packet_transfer_size = nb_sectors * sector_size;
1064 s->io_buffer_index = 0;
1065 s->io_buffer_size = 0;
1066 s->cd_sector_size = sector_size;
1067
1068 /* XXX: check if BUSY_STAT should be set */
1069 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
1070 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1071 }
1072
1073 static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
1074 int sector_size)
1075 {
1076 #ifdef DEBUG_IDE_ATAPI
1077 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
1078 lba, nb_sectors);
1079 #endif
1080 if (s->atapi_dma) {
1081 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1082 } else {
1083 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1084 }
1085 }
1086
1087 static inline uint8_t ide_atapi_set_profile(uint8_t *buf, uint8_t *index,
1088 uint16_t profile)
1089 {
1090 uint8_t *buf_profile = buf + 12; /* start of profiles */
1091
1092 buf_profile += ((*index) * 4); /* start of indexed profile */
1093 cpu_to_ube16 (buf_profile, profile);
1094 buf_profile[2] = ((buf_profile[0] == buf[6]) && (buf_profile[1] == buf[7]));
1095
1096 /* each profile adds 4 bytes to the response */
1097 (*index)++;
1098 buf[11] += 4; /* Additional Length */
1099
1100 return 4;
1101 }
1102
1103 static int ide_dvd_read_structure(IDEState *s, int format,
1104 const uint8_t *packet, uint8_t *buf)
1105 {
1106 switch (format) {
1107 case 0x0: /* Physical format information */
1108 {
1109 int layer = packet[6];
1110 uint64_t total_sectors;
1111
1112 if (layer != 0)
1113 return -ASC_INV_FIELD_IN_CMD_PACKET;
1114
1115 bdrv_get_geometry(s->bs, &total_sectors);
1116 total_sectors >>= 2;
1117 if (total_sectors == 0)
1118 return -ASC_MEDIUM_NOT_PRESENT;
1119
1120 buf[4] = 1; /* DVD-ROM, part version 1 */
1121 buf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
1122 buf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
1123 buf[7] = 0; /* default densities */
1124
1125 /* FIXME: 0x30000 per spec? */
1126 cpu_to_ube32(buf + 8, 0); /* start sector */
1127 cpu_to_ube32(buf + 12, total_sectors - 1); /* end sector */
1128 cpu_to_ube32(buf + 16, total_sectors - 1); /* l0 end sector */
1129
1130 /* Size of buffer, not including 2 byte size field */
1131 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1132
1133 /* 2k data + 4 byte header */
1134 return (2048 + 4);
1135 }
1136
1137 case 0x01: /* DVD copyright information */
1138 buf[4] = 0; /* no copyright data */
1139 buf[5] = 0; /* no region restrictions */
1140
1141 /* Size of buffer, not including 2 byte size field */
1142 cpu_to_be16wu((uint16_t *)buf, 4 + 2);
1143
1144 /* 4 byte header + 4 byte data */
1145 return (4 + 4);
1146
1147 case 0x03: /* BCA information - invalid field for no BCA info */
1148 return -ASC_INV_FIELD_IN_CMD_PACKET;
1149
1150 case 0x04: /* DVD disc manufacturing information */
1151 /* Size of buffer, not including 2 byte size field */
1152 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1153
1154 /* 2k data + 4 byte header */
1155 return (2048 + 4);
1156
1157 case 0xff:
1158 /*
1159 * This lists all the command capabilities above. Add new ones
1160 * in order and update the length and buffer return values.
1161 */
1162
1163 buf[4] = 0x00; /* Physical format */
1164 buf[5] = 0x40; /* Not writable, is readable */
1165 cpu_to_be16wu((uint16_t *)(buf + 6), 2048 + 4);
1166
1167 buf[8] = 0x01; /* Copyright info */
1168 buf[9] = 0x40; /* Not writable, is readable */
1169 cpu_to_be16wu((uint16_t *)(buf + 10), 4 + 4);
1170
1171 buf[12] = 0x03; /* BCA info */
1172 buf[13] = 0x40; /* Not writable, is readable */
1173 cpu_to_be16wu((uint16_t *)(buf + 14), 188 + 4);
1174
1175 buf[16] = 0x04; /* Manufacturing info */
1176 buf[17] = 0x40; /* Not writable, is readable */
1177 cpu_to_be16wu((uint16_t *)(buf + 18), 2048 + 4);
1178
1179 /* Size of buffer, not including 2 byte size field */
1180 cpu_to_be16wu((uint16_t *)buf, 16 + 2);
1181
1182 /* data written + 4 byte header */
1183 return (16 + 4);
1184
1185 default: /* TODO: formats beyond DVD-ROM requires */
1186 return -ASC_INV_FIELD_IN_CMD_PACKET;
1187 }
1188 }
1189
1190 static void ide_atapi_cmd(IDEState *s)
1191 {
1192 const uint8_t *packet;
1193 uint8_t *buf;
1194 int max_len;
1195
1196 packet = s->io_buffer;
1197 buf = s->io_buffer;
1198 #ifdef DEBUG_IDE_ATAPI
1199 {
1200 int i;
1201 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1202 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1203 printf(" %02x", packet[i]);
1204 }
1205 printf("\n");
1206 }
1207 #endif
1208 /* If there's a UNIT_ATTENTION condition pending, only
1209 REQUEST_SENSE and INQUIRY commands are allowed to complete. */
1210 if (s->sense_key == SENSE_UNIT_ATTENTION &&
1211 s->io_buffer[0] != GPCMD_REQUEST_SENSE &&
1212 s->io_buffer[0] != GPCMD_INQUIRY) {
1213 ide_atapi_cmd_check_status(s);
1214 return;
1215 }
1216 switch(s->io_buffer[0]) {
1217 case GPCMD_TEST_UNIT_READY:
1218 if (bdrv_is_inserted(s->bs) && !s->cdrom_changed) {
1219 ide_atapi_cmd_ok(s);
1220 } else {
1221 s->cdrom_changed = 0;
1222 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1223 ASC_MEDIUM_NOT_PRESENT);
1224 }
1225 break;
1226 case GPCMD_MODE_SENSE_6:
1227 case GPCMD_MODE_SENSE_10:
1228 {
1229 int action, code;
1230 if (packet[0] == GPCMD_MODE_SENSE_10)
1231 max_len = ube16_to_cpu(packet + 7);
1232 else
1233 max_len = packet[4];
1234 action = packet[2] >> 6;
1235 code = packet[2] & 0x3f;
1236 switch(action) {
1237 case 0: /* current values */
1238 switch(code) {
1239 case 0x01: /* error recovery */
1240 cpu_to_ube16(&buf[0], 16 + 6);
1241 buf[2] = 0x70;
1242 buf[3] = 0;
1243 buf[4] = 0;
1244 buf[5] = 0;
1245 buf[6] = 0;
1246 buf[7] = 0;
1247
1248 buf[8] = 0x01;
1249 buf[9] = 0x06;
1250 buf[10] = 0x00;
1251 buf[11] = 0x05;
1252 buf[12] = 0x00;
1253 buf[13] = 0x00;
1254 buf[14] = 0x00;
1255 buf[15] = 0x00;
1256 ide_atapi_cmd_reply(s, 16, max_len);
1257 break;
1258 case 0x2a:
1259 cpu_to_ube16(&buf[0], 28 + 6);
1260 buf[2] = 0x70;
1261 buf[3] = 0;
1262 buf[4] = 0;
1263 buf[5] = 0;
1264 buf[6] = 0;
1265 buf[7] = 0;
1266
1267 buf[8] = 0x2a;
1268 buf[9] = 0x12;
1269 buf[10] = 0x00;
1270 buf[11] = 0x00;
1271
1272 /* Claim PLAY_AUDIO capability (0x01) since some Linux
1273 code checks for this to automount media. */
1274 buf[12] = 0x71;
1275 buf[13] = 3 << 5;
1276 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
1277 if (bdrv_is_locked(s->bs))
1278 buf[6] |= 1 << 1;
1279 buf[15] = 0x00;
1280 cpu_to_ube16(&buf[16], 706);
1281 buf[18] = 0;
1282 buf[19] = 2;
1283 cpu_to_ube16(&buf[20], 512);
1284 cpu_to_ube16(&buf[22], 706);
1285 buf[24] = 0;
1286 buf[25] = 0;
1287 buf[26] = 0;
1288 buf[27] = 0;
1289 ide_atapi_cmd_reply(s, 28, max_len);
1290 break;
1291 default:
1292 goto error_cmd;
1293 }
1294 break;
1295 case 1: /* changeable values */
1296 goto error_cmd;
1297 case 2: /* default values */
1298 goto error_cmd;
1299 default:
1300 case 3: /* saved values */
1301 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1302 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1303 break;
1304 }
1305 }
1306 break;
1307 case GPCMD_REQUEST_SENSE:
1308 max_len = packet[4];
1309 memset(buf, 0, 18);
1310 buf[0] = 0x70 | (1 << 7);
1311 buf[2] = s->sense_key;
1312 buf[7] = 10;
1313 buf[12] = s->asc;
1314 if (s->sense_key == SENSE_UNIT_ATTENTION)
1315 s->sense_key = SENSE_NONE;
1316 ide_atapi_cmd_reply(s, 18, max_len);
1317 break;
1318 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
1319 if (bdrv_is_inserted(s->bs)) {
1320 bdrv_set_locked(s->bs, packet[4] & 1);
1321 ide_atapi_cmd_ok(s);
1322 } else {
1323 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1324 ASC_MEDIUM_NOT_PRESENT);
1325 }
1326 break;
1327 case GPCMD_READ_10:
1328 case GPCMD_READ_12:
1329 {
1330 int nb_sectors, lba;
1331
1332 if (packet[0] == GPCMD_READ_10)
1333 nb_sectors = ube16_to_cpu(packet + 7);
1334 else
1335 nb_sectors = ube32_to_cpu(packet + 6);
1336 lba = ube32_to_cpu(packet + 2);
1337 if (nb_sectors == 0) {
1338 ide_atapi_cmd_ok(s);
1339 break;
1340 }
1341 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1342 }
1343 break;
1344 case GPCMD_READ_CD:
1345 {
1346 int nb_sectors, lba, transfer_request;
1347
1348 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1349 lba = ube32_to_cpu(packet + 2);
1350 if (nb_sectors == 0) {
1351 ide_atapi_cmd_ok(s);
1352 break;
1353 }
1354 transfer_request = packet[9];
1355 switch(transfer_request & 0xf8) {
1356 case 0x00:
1357 /* nothing */
1358 ide_atapi_cmd_ok(s);
1359 break;
1360 case 0x10:
1361 /* normal read */
1362 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1363 break;
1364 case 0xf8:
1365 /* read all data */
1366 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1367 break;
1368 default:
1369 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1370 ASC_INV_FIELD_IN_CMD_PACKET);
1371 break;
1372 }
1373 }
1374 break;
1375 case GPCMD_SEEK:
1376 {
1377 unsigned int lba;
1378 uint64_t total_sectors;
1379
1380 bdrv_get_geometry(s->bs, &total_sectors);
1381 total_sectors >>= 2;
1382 if (total_sectors == 0) {
1383 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1384 ASC_MEDIUM_NOT_PRESENT);
1385 break;
1386 }
1387 lba = ube32_to_cpu(packet + 2);
1388 if (lba >= total_sectors) {
1389 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1390 ASC_LOGICAL_BLOCK_OOR);
1391 break;
1392 }
1393 ide_atapi_cmd_ok(s);
1394 }
1395 break;
1396 case GPCMD_START_STOP_UNIT:
1397 {
1398 int start, eject, err = 0;
1399 start = packet[4] & 1;
1400 eject = (packet[4] >> 1) & 1;
1401
1402 if (eject) {
1403 err = bdrv_eject(s->bs, !start);
1404 }
1405
1406 switch (err) {
1407 case 0:
1408 ide_atapi_cmd_ok(s);
1409 break;
1410 case -EBUSY:
1411 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1412 ASC_MEDIA_REMOVAL_PREVENTED);
1413 break;
1414 default:
1415 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1416 ASC_MEDIUM_NOT_PRESENT);
1417 break;
1418 }
1419 }
1420 break;
1421 case GPCMD_MECHANISM_STATUS:
1422 {
1423 max_len = ube16_to_cpu(packet + 8);
1424 cpu_to_ube16(buf, 0);
1425 /* no current LBA */
1426 buf[2] = 0;
1427 buf[3] = 0;
1428 buf[4] = 0;
1429 buf[5] = 1;
1430 cpu_to_ube16(buf + 6, 0);
1431 ide_atapi_cmd_reply(s, 8, max_len);
1432 }
1433 break;
1434 case GPCMD_READ_TOC_PMA_ATIP:
1435 {
1436 int format, msf, start_track, len;
1437 uint64_t total_sectors;
1438
1439 bdrv_get_geometry(s->bs, &total_sectors);
1440 total_sectors >>= 2;
1441 if (total_sectors == 0) {
1442 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1443 ASC_MEDIUM_NOT_PRESENT);
1444 break;
1445 }
1446 max_len = ube16_to_cpu(packet + 7);
1447 format = packet[9] >> 6;
1448 msf = (packet[1] >> 1) & 1;
1449 start_track = packet[6];
1450 switch(format) {
1451 case 0:
1452 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
1453 if (len < 0)
1454 goto error_cmd;
1455 ide_atapi_cmd_reply(s, len, max_len);
1456 break;
1457 case 1:
1458 /* multi session : only a single session defined */
1459 memset(buf, 0, 12);
1460 buf[1] = 0x0a;
1461 buf[2] = 0x01;
1462 buf[3] = 0x01;
1463 ide_atapi_cmd_reply(s, 12, max_len);
1464 break;
1465 case 2:
1466 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
1467 if (len < 0)
1468 goto error_cmd;
1469 ide_atapi_cmd_reply(s, len, max_len);
1470 break;
1471 default:
1472 error_cmd:
1473 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1474 ASC_INV_FIELD_IN_CMD_PACKET);
1475 break;
1476 }
1477 }
1478 break;
1479 case GPCMD_READ_CDVD_CAPACITY:
1480 {
1481 uint64_t total_sectors;
1482
1483 bdrv_get_geometry(s->bs, &total_sectors);
1484 total_sectors >>= 2;
1485 if (total_sectors == 0) {
1486 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1487 ASC_MEDIUM_NOT_PRESENT);
1488 break;
1489 }
1490 /* NOTE: it is really the number of sectors minus 1 */
1491 cpu_to_ube32(buf, total_sectors - 1);
1492 cpu_to_ube32(buf + 4, 2048);
1493 ide_atapi_cmd_reply(s, 8, 8);
1494 }
1495 break;
1496 case GPCMD_READ_DVD_STRUCTURE:
1497 {
1498 int media = packet[1];
1499 int format = packet[7];
1500 int ret;
1501
1502 max_len = ube16_to_cpu(packet + 8);
1503
1504 if (format < 0xff) {
1505 if (media_is_cd(s)) {
1506 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1507 ASC_INCOMPATIBLE_FORMAT);
1508 break;
1509 } else if (!media_present(s)) {
1510 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1511 ASC_INV_FIELD_IN_CMD_PACKET);
1512 break;
1513 }
1514 }
1515
1516 memset(buf, 0, max_len > IDE_DMA_BUF_SECTORS * 512 + 4 ?
1517 IDE_DMA_BUF_SECTORS * 512 + 4 : max_len);
1518
1519 switch (format) {
1520 case 0x00 ... 0x7f:
1521 case 0xff:
1522 if (media == 0) {
1523 ret = ide_dvd_read_structure(s, format, packet, buf);
1524
1525 if (ret < 0)
1526 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, -ret);
1527 else
1528 ide_atapi_cmd_reply(s, ret, max_len);
1529
1530 break;
1531 }
1532 /* TODO: BD support, fall through for now */
1533
1534 /* Generic disk structures */
1535 case 0x80: /* TODO: AACS volume identifier */
1536 case 0x81: /* TODO: AACS media serial number */
1537 case 0x82: /* TODO: AACS media identifier */
1538 case 0x83: /* TODO: AACS media key block */
1539 case 0x90: /* TODO: List of recognized format layers */
1540 case 0xc0: /* TODO: Write protection status */
1541 default:
1542 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1543 ASC_INV_FIELD_IN_CMD_PACKET);
1544 break;
1545 }
1546 }
1547 break;
1548 case GPCMD_SET_SPEED:
1549 ide_atapi_cmd_ok(s);
1550 break;
1551 case GPCMD_INQUIRY:
1552 max_len = packet[4];
1553 buf[0] = 0x05; /* CD-ROM */
1554 buf[1] = 0x80; /* removable */
1555 buf[2] = 0x00; /* ISO */
1556 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1557 buf[4] = 31; /* additional length */
1558 buf[5] = 0; /* reserved */
1559 buf[6] = 0; /* reserved */
1560 buf[7] = 0; /* reserved */
1561 padstr8(buf + 8, 8, "QEMU");
1562 padstr8(buf + 16, 16, "QEMU DVD-ROM");
1563 padstr8(buf + 32, 4, QEMU_VERSION);
1564 ide_atapi_cmd_reply(s, 36, max_len);
1565 break;
1566 case GPCMD_GET_CONFIGURATION:
1567 {
1568 uint32_t len;
1569 uint8_t index = 0;
1570
1571 /* only feature 0 is supported */
1572 if (packet[2] != 0 || packet[3] != 0) {
1573 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1574 ASC_INV_FIELD_IN_CMD_PACKET);
1575 break;
1576 }
1577
1578 /* XXX: could result in alignment problems in some architectures */
1579 max_len = ube16_to_cpu(packet + 7);
1580
1581 /*
1582 * XXX: avoid overflow for io_buffer if max_len is bigger than
1583 * the size of that buffer (dimensioned to max number of
1584 * sectors to transfer at once)
1585 *
1586 * Only a problem if the feature/profiles grow.
1587 */
1588 if (max_len > 512) /* XXX: assume 1 sector */
1589 max_len = 512;
1590
1591 memset(buf, 0, max_len);
1592 /*
1593 * the number of sectors from the media tells us which profile
1594 * to use as current. 0 means there is no media
1595 */
1596 if (media_is_dvd(s))
1597 cpu_to_ube16(buf + 6, MMC_PROFILE_DVD_ROM);
1598 else if (media_is_cd(s))
1599 cpu_to_ube16(buf + 6, MMC_PROFILE_CD_ROM);
1600
1601 buf[10] = 0x02 | 0x01; /* persistent and current */
1602 len = 12; /* headers: 8 + 4 */
1603 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_DVD_ROM);
1604 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_CD_ROM);
1605 cpu_to_ube32(buf, len - 4); /* data length */
1606
1607 ide_atapi_cmd_reply(s, len, max_len);
1608 break;
1609 }
1610 default:
1611 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1612 ASC_ILLEGAL_OPCODE);
1613 break;
1614 }
1615 }
1616
1617 static void ide_cfata_metadata_inquiry(IDEState *s)
1618 {
1619 uint16_t *p;
1620 uint32_t spd;
1621
1622 p = (uint16_t *) s->io_buffer;
1623 memset(p, 0, 0x200);
1624 spd = ((s->mdata_size - 1) >> 9) + 1;
1625
1626 put_le16(p + 0, 0x0001); /* Data format revision */
1627 put_le16(p + 1, 0x0000); /* Media property: silicon */
1628 put_le16(p + 2, s->media_changed); /* Media status */
1629 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
1630 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
1631 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
1632 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
1633 }
1634
1635 static void ide_cfata_metadata_read(IDEState *s)
1636 {
1637 uint16_t *p;
1638
1639 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1640 s->status = ERR_STAT;
1641 s->error = ABRT_ERR;
1642 return;
1643 }
1644
1645 p = (uint16_t *) s->io_buffer;
1646 memset(p, 0, 0x200);
1647
1648 put_le16(p + 0, s->media_changed); /* Media status */
1649 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1650 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1651 s->nsector << 9), 0x200 - 2));
1652 }
1653
1654 static void ide_cfata_metadata_write(IDEState *s)
1655 {
1656 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1657 s->status = ERR_STAT;
1658 s->error = ABRT_ERR;
1659 return;
1660 }
1661
1662 s->media_changed = 0;
1663
1664 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1665 s->io_buffer + 2,
1666 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1667 s->nsector << 9), 0x200 - 2));
1668 }
1669
1670 /* called when the inserted state of the media has changed */
1671 static void cdrom_change_cb(void *opaque)
1672 {
1673 IDEState *s = opaque;
1674 uint64_t nb_sectors;
1675
1676 bdrv_get_geometry(s->bs, &nb_sectors);
1677 s->nb_sectors = nb_sectors;
1678
1679 s->sense_key = SENSE_UNIT_ATTENTION;
1680 s->asc = ASC_MEDIUM_MAY_HAVE_CHANGED;
1681 s->cdrom_changed = 1;
1682 ide_set_irq(s->bus);
1683 }
1684
1685 static void ide_cmd_lba48_transform(IDEState *s, int lba48)
1686 {
1687 s->lba48 = lba48;
1688
1689 /* handle the 'magic' 0 nsector count conversion here. to avoid
1690 * fiddling with the rest of the read logic, we just store the
1691 * full sector count in ->nsector and ignore ->hob_nsector from now
1692 */
1693 if (!s->lba48) {
1694 if (!s->nsector)
1695 s->nsector = 256;
1696 } else {
1697 if (!s->nsector && !s->hob_nsector)
1698 s->nsector = 65536;
1699 else {
1700 int lo = s->nsector;
1701 int hi = s->hob_nsector;
1702
1703 s->nsector = (hi << 8) | lo;
1704 }
1705 }
1706 }
1707
1708 static void ide_clear_hob(IDEBus *bus)
1709 {
1710 /* any write clears HOB high bit of device control register */
1711 bus->ifs[0].select &= ~(1 << 7);
1712 bus->ifs[1].select &= ~(1 << 7);
1713 }
1714
1715 void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
1716 {
1717 IDEBus *bus = opaque;
1718 IDEState *s;
1719 int n;
1720 int lba48 = 0;
1721
1722 #ifdef DEBUG_IDE
1723 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1724 #endif
1725
1726 addr &= 7;
1727
1728 /* ignore writes to command block while busy with previous command */
1729 if (addr != 7 && (idebus_active_if(bus)->status & (BUSY_STAT|DRQ_STAT)))
1730 return;
1731
1732 switch(addr) {
1733 case 0:
1734 break;
1735 case 1:
1736 ide_clear_hob(bus);
1737 /* NOTE: data is written to the two drives */
1738 bus->ifs[0].hob_feature = bus->ifs[0].feature;
1739 bus->ifs[1].hob_feature = bus->ifs[1].feature;
1740 bus->ifs[0].feature = val;
1741 bus->ifs[1].feature = val;
1742 break;
1743 case 2:
1744 ide_clear_hob(bus);
1745 bus->ifs[0].hob_nsector = bus->ifs[0].nsector;
1746 bus->ifs[1].hob_nsector = bus->ifs[1].nsector;
1747 bus->ifs[0].nsector = val;
1748 bus->ifs[1].nsector = val;
1749 break;
1750 case 3:
1751 ide_clear_hob(bus);
1752 bus->ifs[0].hob_sector = bus->ifs[0].sector;
1753 bus->ifs[1].hob_sector = bus->ifs[1].sector;
1754 bus->ifs[0].sector = val;
1755 bus->ifs[1].sector = val;
1756 break;
1757 case 4:
1758 ide_clear_hob(bus);
1759 bus->ifs[0].hob_lcyl = bus->ifs[0].lcyl;
1760 bus->ifs[1].hob_lcyl = bus->ifs[1].lcyl;
1761 bus->ifs[0].lcyl = val;
1762 bus->ifs[1].lcyl = val;
1763 break;
1764 case 5:
1765 ide_clear_hob(bus);
1766 bus->ifs[0].hob_hcyl = bus->ifs[0].hcyl;
1767 bus->ifs[1].hob_hcyl = bus->ifs[1].hcyl;
1768 bus->ifs[0].hcyl = val;
1769 bus->ifs[1].hcyl = val;
1770 break;
1771 case 6:
1772 /* FIXME: HOB readback uses bit 7 */
1773 bus->ifs[0].select = (val & ~0x10) | 0xa0;
1774 bus->ifs[1].select = (val | 0x10) | 0xa0;
1775 /* select drive */
1776 bus->unit = (val >> 4) & 1;
1777 break;
1778 default:
1779 case 7:
1780 /* command */
1781 #if defined(DEBUG_IDE)
1782 printf("ide: CMD=%02x\n", val);
1783 #endif
1784 s = idebus_active_if(bus);
1785 /* ignore commands to non existant slave */
1786 if (s != bus->ifs && !s->bs)
1787 break;
1788
1789 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */
1790 if ((s->status & (BUSY_STAT|DRQ_STAT)) && val != WIN_DEVICE_RESET)
1791 break;
1792
1793 switch(val) {
1794 case WIN_IDENTIFY:
1795 if (s->bs && !s->is_cdrom) {
1796 if (!s->is_cf)
1797 ide_identify(s);
1798 else
1799 ide_cfata_identify(s);
1800 s->status = READY_STAT | SEEK_STAT;
1801 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1802 } else {
1803 if (s->is_cdrom) {
1804 ide_set_signature(s);
1805 }
1806 ide_abort_command(s);
1807 }
1808 ide_set_irq(s->bus);
1809 break;
1810 case WIN_SPECIFY:
1811 case WIN_RECAL:
1812 s->error = 0;
1813 s->status = READY_STAT | SEEK_STAT;
1814 ide_set_irq(s->bus);
1815 break;
1816 case WIN_SETMULT:
1817 if (s->is_cf && s->nsector == 0) {
1818 /* Disable Read and Write Multiple */
1819 s->mult_sectors = 0;
1820 s->status = READY_STAT | SEEK_STAT;
1821 } else if ((s->nsector & 0xff) != 0 &&
1822 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
1823 (s->nsector & (s->nsector - 1)) != 0)) {
1824 ide_abort_command(s);
1825 } else {
1826 s->mult_sectors = s->nsector & 0xff;
1827 s->status = READY_STAT | SEEK_STAT;
1828 }
1829 ide_set_irq(s->bus);
1830 break;
1831 case WIN_VERIFY_EXT:
1832 lba48 = 1;
1833 case WIN_VERIFY:
1834 case WIN_VERIFY_ONCE:
1835 /* do sector number check ? */
1836 ide_cmd_lba48_transform(s, lba48);
1837 s->status = READY_STAT | SEEK_STAT;
1838 ide_set_irq(s->bus);
1839 break;
1840 case WIN_READ_EXT:
1841 lba48 = 1;
1842 case WIN_READ:
1843 case WIN_READ_ONCE:
1844 if (!s->bs)
1845 goto abort_cmd;
1846 ide_cmd_lba48_transform(s, lba48);
1847 s->req_nb_sectors = 1;
1848 ide_sector_read(s);
1849 break;
1850 case WIN_WRITE_EXT:
1851 lba48 = 1;
1852 case WIN_WRITE:
1853 case WIN_WRITE_ONCE:
1854 case CFA_WRITE_SECT_WO_ERASE:
1855 case WIN_WRITE_VERIFY:
1856 ide_cmd_lba48_transform(s, lba48);
1857 s->error = 0;
1858 s->status = SEEK_STAT | READY_STAT;
1859 s->req_nb_sectors = 1;
1860 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1861 s->media_changed = 1;
1862 break;
1863 case WIN_MULTREAD_EXT:
1864 lba48 = 1;
1865 case WIN_MULTREAD:
1866 if (!s->mult_sectors)
1867 goto abort_cmd;
1868 ide_cmd_lba48_transform(s, lba48);
1869 s->req_nb_sectors = s->mult_sectors;
1870 ide_sector_read(s);
1871 break;
1872 case WIN_MULTWRITE_EXT:
1873 lba48 = 1;
1874 case WIN_MULTWRITE:
1875 case CFA_WRITE_MULTI_WO_ERASE:
1876 if (!s->mult_sectors)
1877 goto abort_cmd;
1878 ide_cmd_lba48_transform(s, lba48);
1879 s->error = 0;
1880 s->status = SEEK_STAT | READY_STAT;
1881 s->req_nb_sectors = s->mult_sectors;
1882 n = s->nsector;
1883 if (n > s->req_nb_sectors)
1884 n = s->req_nb_sectors;
1885 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1886 s->media_changed = 1;
1887 break;
1888 case WIN_READDMA_EXT:
1889 lba48 = 1;
1890 case WIN_READDMA:
1891 case WIN_READDMA_ONCE:
1892 if (!s->bs)
1893 goto abort_cmd;
1894 ide_cmd_lba48_transform(s, lba48);
1895 ide_sector_read_dma(s);
1896 break;
1897 case WIN_WRITEDMA_EXT:
1898 lba48 = 1;
1899 case WIN_WRITEDMA:
1900 case WIN_WRITEDMA_ONCE:
1901 if (!s->bs)
1902 goto abort_cmd;
1903 ide_cmd_lba48_transform(s, lba48);
1904 ide_sector_write_dma(s);
1905 s->media_changed = 1;
1906 break;
1907 case WIN_READ_NATIVE_MAX_EXT:
1908 lba48 = 1;
1909 case WIN_READ_NATIVE_MAX:
1910 ide_cmd_lba48_transform(s, lba48);
1911 ide_set_sector(s, s->nb_sectors - 1);
1912 s->status = READY_STAT | SEEK_STAT;
1913 ide_set_irq(s->bus);
1914 break;
1915 case WIN_CHECKPOWERMODE1:
1916 case WIN_CHECKPOWERMODE2:
1917 s->nsector = 0xff; /* device active or idle */
1918 s->status = READY_STAT | SEEK_STAT;
1919 ide_set_irq(s->bus);
1920 break;
1921 case WIN_SETFEATURES:
1922 if (!s->bs)
1923 goto abort_cmd;
1924 /* XXX: valid for CDROM ? */
1925 switch(s->feature) {
1926 case 0xcc: /* reverting to power-on defaults enable */
1927 case 0x66: /* reverting to power-on defaults disable */
1928 case 0x02: /* write cache enable */
1929 case 0x82: /* write cache disable */
1930 case 0xaa: /* read look-ahead enable */
1931 case 0x55: /* read look-ahead disable */
1932 case 0x05: /* set advanced power management mode */
1933 case 0x85: /* disable advanced power management mode */
1934 case 0x69: /* NOP */
1935 case 0x67: /* NOP */
1936 case 0x96: /* NOP */
1937 case 0x9a: /* NOP */
1938 case 0x42: /* enable Automatic Acoustic Mode */
1939 case 0xc2: /* disable Automatic Acoustic Mode */
1940 s->status = READY_STAT | SEEK_STAT;
1941 ide_set_irq(s->bus);
1942 break;
1943 case 0x03: { /* set transfer mode */
1944 uint8_t val = s->nsector & 0x07;
1945 uint16_t *identify_data = (uint16_t *)s->identify_data;
1946
1947 switch (s->nsector >> 3) {
1948 case 0x00: /* pio default */
1949 case 0x01: /* pio mode */
1950 put_le16(identify_data + 62,0x07);
1951 put_le16(identify_data + 63,0x07);
1952 put_le16(identify_data + 88,0x3f);
1953 break;
1954 case 0x02: /* sigle word dma mode*/
1955 put_le16(identify_data + 62,0x07 | (1 << (val + 8)));
1956 put_le16(identify_data + 63,0x07);
1957 put_le16(identify_data + 88,0x3f);
1958 break;
1959 case 0x04: /* mdma mode */
1960 put_le16(identify_data + 62,0x07);
1961 put_le16(identify_data + 63,0x07 | (1 << (val + 8)));
1962 put_le16(identify_data + 88,0x3f);
1963 break;
1964 case 0x08: /* udma mode */
1965 put_le16(identify_data + 62,0x07);
1966 put_le16(identify_data + 63,0x07);
1967 put_le16(identify_data + 88,0x3f | (1 << (val + 8)));
1968 break;
1969 default:
1970 goto abort_cmd;
1971 }
1972 s->status = READY_STAT | SEEK_STAT;
1973 ide_set_irq(s->bus);
1974 break;
1975 }
1976 default:
1977 goto abort_cmd;
1978 }
1979 break;
1980 case WIN_FLUSH_CACHE:
1981 case WIN_FLUSH_CACHE_EXT:
1982 if (s->bs)
1983 bdrv_aio_flush(s->bs, ide_flush_cb, s);
1984 else
1985 ide_flush_cb(s, 0);
1986 break;
1987 case WIN_STANDBY:
1988 case WIN_STANDBY2:
1989 case WIN_STANDBYNOW1:
1990 case WIN_STANDBYNOW2:
1991 case WIN_IDLEIMMEDIATE:
1992 case CFA_IDLEIMMEDIATE:
1993 case WIN_SETIDLE1:
1994 case WIN_SETIDLE2:
1995 case WIN_SLEEPNOW1:
1996 case WIN_SLEEPNOW2:
1997 s->status = READY_STAT;
1998 ide_set_irq(s->bus);
1999 break;
2000 case WIN_SEEK:
2001 if(s->is_cdrom)
2002 goto abort_cmd;
2003 /* XXX: Check that seek is within bounds */
2004 s->status = READY_STAT | SEEK_STAT;
2005 ide_set_irq(s->bus);
2006 break;
2007 /* ATAPI commands */
2008 case WIN_PIDENTIFY:
2009 if (s->is_cdrom) {
2010 ide_atapi_identify(s);
2011 s->status = READY_STAT | SEEK_STAT;
2012 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2013 } else {
2014 ide_abort_command(s);
2015 }
2016 ide_set_irq(s->bus);
2017 break;
2018 case WIN_DIAGNOSE:
2019 ide_set_signature(s);
2020 if (s->is_cdrom)
2021 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet
2022 * devices to return a clear status register
2023 * with READY_STAT *not* set. */
2024 else
2025 s->status = READY_STAT | SEEK_STAT;
2026 s->error = 0x01; /* Device 0 passed, Device 1 passed or not
2027 * present.
2028 */
2029 ide_set_irq(s->bus);
2030 break;
2031 case WIN_SRST:
2032 if (!s->is_cdrom)
2033 goto abort_cmd;
2034 ide_set_signature(s);
2035 s->status = 0x00; /* NOTE: READY is _not_ set */
2036 s->error = 0x01;
2037 break;
2038 case WIN_PACKETCMD:
2039 if (!s->is_cdrom)
2040 goto abort_cmd;
2041 /* overlapping commands not supported */
2042 if (s->feature & 0x02)
2043 goto abort_cmd;
2044 s->status = READY_STAT | SEEK_STAT;
2045 s->atapi_dma = s->feature & 1;
2046 s->nsector = 1;
2047 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
2048 ide_atapi_cmd);
2049 break;
2050 /* CF-ATA commands */
2051 case CFA_REQ_EXT_ERROR_CODE:
2052 if (!s->is_cf)
2053 goto abort_cmd;
2054 s->error = 0x09; /* miscellaneous error */
2055 s->status = READY_STAT | SEEK_STAT;
2056 ide_set_irq(s->bus);
2057 break;
2058 case CFA_ERASE_SECTORS:
2059 case CFA_WEAR_LEVEL:
2060 if (!s->is_cf)
2061 goto abort_cmd;
2062 if (val == CFA_WEAR_LEVEL)
2063 s->nsector = 0;
2064 if (val == CFA_ERASE_SECTORS)
2065 s->media_changed = 1;
2066 s->error = 0x00;
2067 s->status = READY_STAT | SEEK_STAT;
2068 ide_set_irq(s->bus);
2069 break;
2070 case CFA_TRANSLATE_SECTOR:
2071 if (!s->is_cf)
2072 goto abort_cmd;
2073 s->error = 0x00;
2074 s->status = READY_STAT | SEEK_STAT;
2075 memset(s->io_buffer, 0, 0x200);
2076 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
2077 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
2078 s->io_buffer[0x02] = s->select; /* Head */
2079 s->io_buffer[0x03] = s->sector; /* Sector */
2080 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
2081 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
2082 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
2083 s->io_buffer[0x13] = 0x00; /* Erase flag */
2084 s->io_buffer[0x18] = 0x00; /* Hot count */
2085 s->io_buffer[0x19] = 0x00; /* Hot count */
2086 s->io_buffer[0x1a] = 0x01; /* Hot count */
2087 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2088 ide_set_irq(s->bus);
2089 break;
2090 case CFA_ACCESS_METADATA_STORAGE:
2091 if (!s->is_cf)
2092 goto abort_cmd;
2093 switch (s->feature) {
2094 case 0x02: /* Inquiry Metadata Storage */
2095 ide_cfata_metadata_inquiry(s);
2096 break;
2097 case 0x03: /* Read Metadata Storage */
2098 ide_cfata_metadata_read(s);
2099 break;
2100 case 0x04: /* Write Metadata Storage */
2101 ide_cfata_metadata_write(s);
2102 break;
2103 default:
2104 goto abort_cmd;
2105 }
2106 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2107 s->status = 0x00; /* NOTE: READY is _not_ set */
2108 ide_set_irq(s->bus);
2109 break;
2110 case IBM_SENSE_CONDITION:
2111 if (!s->is_cf)
2112 goto abort_cmd;
2113 switch (s->feature) {
2114 case 0x01: /* sense temperature in device */
2115 s->nsector = 0x50; /* +20 C */
2116 break;
2117 default:
2118 goto abort_cmd;
2119 }
2120 s->status = READY_STAT | SEEK_STAT;
2121 ide_set_irq(s->bus);
2122 break;
2123
2124 case WIN_SMART:
2125 if (s->is_cdrom)
2126 goto abort_cmd;
2127 if (s->hcyl != 0xc2 || s->lcyl != 0x4f)
2128 goto abort_cmd;
2129 if (!s->smart_enabled && s->feature != SMART_ENABLE)
2130 goto abort_cmd;
2131 switch (s->feature) {
2132 case SMART_DISABLE:
2133 s->smart_enabled = 0;
2134 s->status = READY_STAT | SEEK_STAT;
2135 ide_set_irq(s->bus);
2136 break;
2137 case SMART_ENABLE:
2138 s->smart_enabled = 1;
2139 s->status = READY_STAT | SEEK_STAT;
2140 ide_set_irq(s->bus);
2141 break;
2142 case SMART_ATTR_AUTOSAVE:
2143 switch (s->sector) {
2144 case 0x00:
2145 s->smart_autosave = 0;
2146 break;
2147 case 0xf1:
2148 s->smart_autosave = 1;
2149 break;
2150 default:
2151 goto abort_cmd;
2152 }
2153 s->status = READY_STAT | SEEK_STAT;
2154 ide_set_irq(s->bus);
2155 break;
2156 case SMART_STATUS:
2157 if (!s->smart_errors) {
2158 s->hcyl = 0xc2;
2159 s->lcyl = 0x4f;
2160 } else {
2161 s->hcyl = 0x2c;
2162 s->lcyl = 0xf4;
2163 }
2164 s->status = READY_STAT | SEEK_STAT;
2165 ide_set_irq(s->bus);
2166 break;
2167 case SMART_READ_THRESH:
2168 memset(s->io_buffer, 0, 0x200);
2169 s->io_buffer[0] = 0x01; /* smart struct version */
2170 for (n=0; n<30; n++) {
2171 if (smart_attributes[n][0] == 0)
2172 break;
2173 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0];
2174 s->io_buffer[2+1+(n*12)] = smart_attributes[n][4];
2175 }
2176 for (n=0; n<511; n++) /* checksum */
2177 s->io_buffer[511] += s->io_buffer[n];
2178 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2179 s->status = READY_STAT | SEEK_STAT;
2180 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2181 ide_set_irq(s->bus);
2182 break;
2183 case SMART_READ_DATA:
2184 memset(s->io_buffer, 0, 0x200);
2185 s->io_buffer[0] = 0x01; /* smart struct version */
2186 for (n=0; n<30; n++) {
2187 if (smart_attributes[n][0] == 0)
2188 break;
2189 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0];
2190 s->io_buffer[2+1+(n*12)] = smart_attributes[n][1];
2191 s->io_buffer[2+3+(n*12)] = smart_attributes[n][2];
2192 s->io_buffer[2+4+(n*12)] = smart_attributes[n][3];
2193 }
2194 s->io_buffer[362] = 0x02 | (s->smart_autosave?0x80:0x00);
2195 if (s->smart_selftest_count == 0) {
2196 s->io_buffer[363] = 0;
2197 } else {
2198 s->io_buffer[363] =
2199 s->smart_selftest_data[3 +
2200 (s->smart_selftest_count - 1) *
2201 24];
2202 }
2203 s->io_buffer[364] = 0x20;
2204 s->io_buffer[365] = 0x01;
2205 /* offline data collection capacity: execute + self-test*/
2206 s->io_buffer[367] = (1<<4 | 1<<3 | 1);
2207 s->io_buffer[368] = 0x03; /* smart capability (1) */
2208 s->io_buffer[369] = 0x00; /* smart capability (2) */
2209 s->io_buffer[370] = 0x01; /* error logging supported */
2210 s->io_buffer[372] = 0x02; /* minutes for poll short test */
2211 s->io_buffer[373] = 0x36; /* minutes for poll ext test */
2212 s->io_buffer[374] = 0x01; /* minutes for poll conveyance */
2213
2214 for (n=0; n<511; n++)
2215 s->io_buffer[511] += s->io_buffer[n];
2216 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2217 s->status = READY_STAT | SEEK_STAT;
2218 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2219 ide_set_irq(s->bus);
2220 break;
2221 case SMART_READ_LOG:
2222 switch (s->sector) {
2223 case 0x01: /* summary smart error log */
2224 memset(s->io_buffer, 0, 0x200);
2225 s->io_buffer[0] = 0x01;
2226 s->io_buffer[1] = 0x00; /* no error entries */
2227 s->io_buffer[452] = s->smart_errors & 0xff;
2228 s->io_buffer[453] = (s->smart_errors & 0xff00) >> 8;
2229
2230 for (n=0; n<511; n++)
2231 s->io_buffer[511] += s->io_buffer[n];
2232 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2233 break;
2234 case 0x06: /* smart self test log */
2235 memset(s->io_buffer, 0, 0x200);
2236 s->io_buffer[0] = 0x01;
2237 if (s->smart_selftest_count == 0) {
2238 s->io_buffer[508] = 0;
2239 } else {
2240 s->io_buffer[508] = s->smart_selftest_count;
2241 for (n=2; n<506; n++)
2242 s->io_buffer[n] = s->smart_selftest_data[n];
2243 }
2244 for (n=0; n<511; n++)
2245 s->io_buffer[511] += s->io_buffer[n];
2246 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2247 break;
2248 default:
2249 goto abort_cmd;
2250 }
2251 s->status = READY_STAT | SEEK_STAT;
2252 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2253 ide_set_irq(s->bus);
2254 break;
2255 case SMART_EXECUTE_OFFLINE:
2256 switch (s->sector) {
2257 case 0: /* off-line routine */
2258 case 1: /* short self test */
2259 case 2: /* extended self test */
2260 s->smart_selftest_count++;
2261 if(s->smart_selftest_count > 21)
2262 s->smart_selftest_count = 0;
2263 n = 2 + (s->smart_selftest_count - 1) * 24;
2264 s->smart_selftest_data[n] = s->sector;
2265 s->smart_selftest_data[n+1] = 0x00; /* OK and finished */
2266 s->smart_selftest_data[n+2] = 0x34; /* hour count lsb */
2267 s->smart_selftest_data[n+3] = 0x12; /* hour count msb */
2268 s->status = READY_STAT | SEEK_STAT;
2269 ide_set_irq(s->bus);
2270 break;
2271 default:
2272 goto abort_cmd;
2273 }
2274 break;
2275 default:
2276 goto abort_cmd;
2277 }
2278 break;
2279 default:
2280 abort_cmd:
2281 ide_abort_command(s);
2282 ide_set_irq(s->bus);
2283 break;
2284 }
2285 }
2286 }
2287
2288 uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
2289 {
2290 IDEBus *bus = opaque;
2291 IDEState *s = idebus_active_if(bus);
2292 uint32_t addr;
2293 int ret, hob;
2294
2295 addr = addr1 & 7;
2296 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2297 //hob = s->select & (1 << 7);
2298 hob = 0;
2299 switch(addr) {
2300 case 0:
2301 ret = 0xff;
2302 break;
2303 case 1:
2304 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2305 (s != bus->ifs && !s->bs))
2306 ret = 0;
2307 else if (!hob)
2308 ret = s->error;
2309 else
2310 ret = s->hob_feature;
2311 break;
2312 case 2:
2313 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2314 ret = 0;
2315 else if (!hob)
2316 ret = s->nsector & 0xff;
2317 else
2318 ret = s->hob_nsector;
2319 break;
2320 case 3:
2321 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2322 ret = 0;
2323 else if (!hob)
2324 ret = s->sector;
2325 else
2326 ret = s->hob_sector;
2327 break;
2328 case 4:
2329 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2330 ret = 0;
2331 else if (!hob)
2332 ret = s->lcyl;
2333 else
2334 ret = s->hob_lcyl;
2335 break;
2336 case 5:
2337 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2338 ret = 0;
2339 else if (!hob)
2340 ret = s->hcyl;
2341 else
2342 ret = s->hob_hcyl;
2343 break;
2344 case 6:
2345 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2346 ret = 0;
2347 else
2348 ret = s->select;
2349 break;
2350 default:
2351 case 7:
2352 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2353 (s != bus->ifs && !s->bs))
2354 ret = 0;
2355 else
2356 ret = s->status;
2357 qemu_irq_lower(bus->irq);
2358 break;
2359 }
2360 #ifdef DEBUG_IDE
2361 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
2362 #endif
2363 return ret;
2364 }
2365
2366 uint32_t ide_status_read(void *opaque, uint32_t addr)
2367 {
2368 IDEBus *bus = opaque;
2369 IDEState *s = idebus_active_if(bus);
2370 int ret;
2371
2372 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2373 (s != bus->ifs && !s->bs))
2374 ret = 0;
2375 else
2376 ret = s->status;
2377 #ifdef DEBUG_IDE
2378 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
2379 #endif
2380 return ret;
2381 }
2382
2383 void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
2384 {
2385 IDEBus *bus = opaque;
2386 IDEState *s;
2387 int i;
2388
2389 #ifdef DEBUG_IDE
2390 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
2391 #endif
2392 /* common for both drives */
2393 if (!(bus->cmd & IDE_CMD_RESET) &&
2394 (val & IDE_CMD_RESET)) {
2395 /* reset low to high */
2396 for(i = 0;i < 2; i++) {
2397 s = &bus->ifs[i];
2398 s->status = BUSY_STAT | SEEK_STAT;
2399 s->error = 0x01;
2400 }
2401 } else if ((bus->cmd & IDE_CMD_RESET) &&
2402 !(val & IDE_CMD_RESET)) {
2403 /* high to low */
2404 for(i = 0;i < 2; i++) {
2405 s = &bus->ifs[i];
2406 if (s->is_cdrom)
2407 s->status = 0x00; /* NOTE: READY is _not_ set */
2408 else
2409 s->status = READY_STAT | SEEK_STAT;
2410 ide_set_signature(s);
2411 }
2412 }
2413
2414 bus->cmd = val;
2415 }
2416
2417 void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
2418 {
2419 IDEBus *bus = opaque;
2420 IDEState *s = idebus_active_if(bus);
2421 uint8_t *p;
2422
2423 /* PIO data access allowed only when DRQ bit is set */
2424 if (!(s->status & DRQ_STAT))
2425 return;
2426
2427 p = s->data_ptr;
2428 *(uint16_t *)p = le16_to_cpu(val);
2429 p += 2;
2430 s->data_ptr = p;
2431 if (p >= s->data_end)
2432 s->end_transfer_func(s);
2433 }
2434
2435 uint32_t ide_data_readw(void *opaque, uint32_t addr)
2436 {
2437 IDEBus *bus = opaque;
2438 IDEState *s = idebus_active_if(bus);
2439 uint8_t *p;
2440 int ret;
2441
2442 /* PIO data access allowed only when DRQ bit is set */
2443 if (!(s->status & DRQ_STAT))
2444 return 0;
2445
2446 p = s->data_ptr;
2447 ret = cpu_to_le16(*(uint16_t *)p);
2448 p += 2;
2449 s->data_ptr = p;
2450 if (p >= s->data_end)
2451 s->end_transfer_func(s);
2452 return ret;
2453 }
2454
2455 void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
2456 {
2457 IDEBus *bus = opaque;
2458 IDEState *s = idebus_active_if(bus);
2459 uint8_t *p;
2460
2461 /* PIO data access allowed only when DRQ bit is set */
2462 if (!(s->status & DRQ_STAT))
2463 return;
2464
2465 p = s->data_ptr;
2466 *(uint32_t *)p = le32_to_cpu(val);
2467 p += 4;
2468 s->data_ptr = p;
2469 if (p >= s->data_end)
2470 s->end_transfer_func(s);
2471 }
2472
2473 uint32_t ide_data_readl(void *opaque, uint32_t addr)
2474 {
2475 IDEBus *bus = opaque;
2476 IDEState *s = idebus_active_if(bus);
2477 uint8_t *p;
2478 int ret;
2479
2480 /* PIO data access allowed only when DRQ bit is set */
2481 if (!(s->status & DRQ_STAT))
2482 return 0;
2483
2484 p = s->data_ptr;
2485 ret = cpu_to_le32(*(uint32_t *)p);
2486 p += 4;
2487 s->data_ptr = p;
2488 if (p >= s->data_end)
2489 s->end_transfer_func(s);
2490 return ret;
2491 }
2492
2493 static void ide_dummy_transfer_stop(IDEState *s)
2494 {
2495 s->data_ptr = s->io_buffer;
2496 s->data_end = s->io_buffer;
2497 s->io_buffer[0] = 0xff;
2498 s->io_buffer[1] = 0xff;
2499 s->io_buffer[2] = 0xff;
2500 s->io_buffer[3] = 0xff;
2501 }
2502
2503 void ide_reset(IDEState *s)
2504 {
2505 IDEBus *bus = s->bus;
2506
2507 if (s->is_cf)
2508 s->mult_sectors = 0;
2509 else
2510 s->mult_sectors = MAX_MULT_SECTORS;
2511 bus->unit = s->unit;
2512 s->select = 0xa0;
2513 s->status = READY_STAT | SEEK_STAT;
2514 ide_set_signature(s);
2515 /* init the transfer handler so that 0xffff is returned on data
2516 accesses */
2517 s->end_transfer_func = ide_dummy_transfer_stop;
2518 ide_dummy_transfer_stop(s);
2519 s->media_changed = 0;
2520 }
2521
2522 void ide_init_drive(IDEState *s, DriveInfo *dinfo)
2523 {
2524 int cylinders, heads, secs;
2525 uint64_t nb_sectors;
2526
2527 if (dinfo && dinfo->bdrv) {
2528 s->bs = dinfo->bdrv;
2529 bdrv_get_geometry(s->bs, &nb_sectors);
2530 bdrv_guess_geometry(s->bs, &cylinders, &heads, &secs);
2531 s->cylinders = cylinders;
2532 s->heads = heads;
2533 s->sectors = secs;
2534 s->nb_sectors = nb_sectors;
2535 /* The SMART values should be preserved across power cycles
2536 but they aren't. */
2537 s->smart_enabled = 1;
2538 s->smart_autosave = 1;
2539 s->smart_errors = 0;
2540 s->smart_selftest_count = 0;
2541 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
2542 s->is_cdrom = 1;
2543 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
2544 }
2545 strncpy(s->drive_serial_str, drive_get_serial(s->bs),
2546 sizeof(s->drive_serial_str));
2547 }
2548 if (strlen(s->drive_serial_str) == 0)
2549 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str),
2550 "QM%05d", s->drive_serial);
2551 ide_reset(s);
2552 }
2553
2554 void ide_init2(IDEBus *bus, DriveInfo *hd0, DriveInfo *hd1,
2555 qemu_irq irq)
2556 {
2557 IDEState *s;
2558 static int drive_serial = 1;
2559 int i;
2560
2561 for(i = 0; i < 2; i++) {
2562 s = bus->ifs + i;
2563 s->bus = bus;
2564 s->unit = i;
2565 s->drive_serial = drive_serial++;
2566 s->io_buffer = qemu_blockalign(s->bs, IDE_DMA_BUF_SECTORS*512 + 4);
2567 s->smart_selftest_data = qemu_blockalign(s->bs, 512);
2568 s->sector_write_timer = qemu_new_timer(vm_clock,
2569 ide_sector_write_timer_cb, s);
2570 if (i == 0)
2571 ide_init_drive(s, hd0);
2572 if (i == 1)
2573 ide_init_drive(s, hd1);
2574 }
2575 bus->irq = irq;
2576 }
2577
2578 void ide_init_ioport(IDEBus *bus, int iobase, int iobase2)
2579 {
2580 register_ioport_write(iobase, 8, 1, ide_ioport_write, bus);
2581 register_ioport_read(iobase, 8, 1, ide_ioport_read, bus);
2582 if (iobase2) {
2583 register_ioport_read(iobase2, 1, 1, ide_status_read, bus);
2584 register_ioport_write(iobase2, 1, 1, ide_cmd_write, bus);
2585 }
2586
2587 /* data ports */
2588 register_ioport_write(iobase, 2, 2, ide_data_writew, bus);
2589 register_ioport_read(iobase, 2, 2, ide_data_readw, bus);
2590 register_ioport_write(iobase, 4, 4, ide_data_writel, bus);
2591 register_ioport_read(iobase, 4, 4, ide_data_readl, bus);
2592 }
2593
2594 static bool is_identify_set(void *opaque, int version_id)
2595 {
2596 IDEState *s = opaque;
2597
2598 return s->identify_set != 0;
2599 }
2600
2601 static int ide_drive_post_load(void *opaque, int version_id)
2602 {
2603 IDEState *s = opaque;
2604
2605 if (version_id < 3) {
2606 if (s->sense_key == SENSE_UNIT_ATTENTION &&
2607 s->asc == ASC_MEDIUM_MAY_HAVE_CHANGED) {
2608 s->cdrom_changed = 1;
2609 }
2610 }
2611 return 0;
2612 }
2613
2614 const VMStateDescription vmstate_ide_drive = {
2615 .name = "ide_drive",
2616 .version_id = 3,
2617 .minimum_version_id = 0,
2618 .minimum_version_id_old = 0,
2619 .post_load = ide_drive_post_load,
2620 .fields = (VMStateField []) {
2621 VMSTATE_INT32(mult_sectors, IDEState),
2622 VMSTATE_INT32(identify_set, IDEState),
2623 VMSTATE_BUFFER_TEST(identify_data, IDEState, is_identify_set),
2624 VMSTATE_UINT8(feature, IDEState),
2625 VMSTATE_UINT8(error, IDEState),
2626 VMSTATE_UINT32(nsector, IDEState),
2627 VMSTATE_UINT8(sector, IDEState),
2628 VMSTATE_UINT8(lcyl, IDEState),
2629 VMSTATE_UINT8(hcyl, IDEState),
2630 VMSTATE_UINT8(hob_feature, IDEState),
2631 VMSTATE_UINT8(hob_sector, IDEState),
2632 VMSTATE_UINT8(hob_nsector, IDEState),
2633 VMSTATE_UINT8(hob_lcyl, IDEState),
2634 VMSTATE_UINT8(hob_hcyl, IDEState),
2635 VMSTATE_UINT8(select, IDEState),
2636 VMSTATE_UINT8(status, IDEState),
2637 VMSTATE_UINT8(lba48, IDEState),
2638 VMSTATE_UINT8(sense_key, IDEState),
2639 VMSTATE_UINT8(asc, IDEState),
2640 VMSTATE_UINT8_V(cdrom_changed, IDEState, 3),
2641 /* XXX: if a transfer is pending, we do not save it yet */
2642 VMSTATE_END_OF_LIST()
2643 }
2644 };
2645
2646 const VMStateDescription vmstate_ide_bus = {
2647 .name = "ide_bus",
2648 .version_id = 1,
2649 .minimum_version_id = 1,
2650 .minimum_version_id_old = 1,
2651 .fields = (VMStateField []) {
2652 VMSTATE_UINT8(cmd, IDEBus),
2653 VMSTATE_UINT8(unit, IDEBus),
2654 VMSTATE_END_OF_LIST()
2655 }
2656 };
2657
2658 /***********************************************************/
2659 /* PCI IDE definitions */
2660
2661 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb)
2662 {
2663 BMDMAState *bm = s->bus->bmdma;
2664 if(!bm)
2665 return;
2666 bm->unit = s->unit;
2667 bm->dma_cb = dma_cb;
2668 bm->cur_prd_last = 0;
2669 bm->cur_prd_addr = 0;
2670 bm->cur_prd_len = 0;
2671 bm->sector_num = ide_get_sector(s);
2672 bm->nsector = s->nsector;
2673 if (bm->status & BM_STATUS_DMAING) {
2674 bm->dma_cb(bm, 0);
2675 }
2676 }
2677
2678 static void ide_dma_restart(IDEState *s)
2679 {
2680 BMDMAState *bm = s->bus->bmdma;
2681 ide_set_sector(s, bm->sector_num);
2682 s->io_buffer_index = 0;
2683 s->io_buffer_size = 0;
2684 s->nsector = bm->nsector;
2685 bm->cur_addr = bm->addr;
2686 bm->dma_cb = ide_write_dma_cb;
2687 ide_dma_start(s, bm->dma_cb);
2688 }
2689
2690 void ide_dma_cancel(BMDMAState *bm)
2691 {
2692 if (bm->status & BM_STATUS_DMAING) {
2693 bm->status &= ~BM_STATUS_DMAING;
2694 /* cancel DMA request */
2695 bm->unit = -1;
2696 bm->dma_cb = NULL;
2697 if (bm->aiocb) {
2698 #ifdef DEBUG_AIO
2699 printf("aio_cancel\n");
2700 #endif
2701 bdrv_aio_cancel(bm->aiocb);
2702 bm->aiocb = NULL;
2703 }
2704 }
2705 }
2706
Adding pft support to QEMU's arm cpus