fix broken migration
[qemu-kvm/fedora.git] / hw / ide.c
blob1e56786f1872d7883fa53b8112b2f998481c84a1
1 /*
2 * QEMU IDE disk and CD/DVD-ROM Emulator
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
25 #include "hw.h"
26 #include "pc.h"
27 #include "pci.h"
28 #include "scsi-disk.h"
29 #include "pcmcia.h"
30 #include "block.h"
31 #include "block_int.h"
32 #include "qemu-timer.h"
33 #include "sysemu.h"
34 #include "ppc_mac.h"
35 #include "mac_dbdma.h"
36 #include "sh.h"
37 #include "dma.h"
39 /* debug IDE devices */
40 //#define DEBUG_IDE
41 //#define DEBUG_IDE_ATAPI
42 //#define DEBUG_AIO
43 #define USE_DMA_CDROM
45 /* Bits of HD_STATUS */
46 #define ERR_STAT 0x01
47 #define INDEX_STAT 0x02
48 #define ECC_STAT 0x04 /* Corrected error */
49 #define DRQ_STAT 0x08
50 #define SEEK_STAT 0x10
51 #define SRV_STAT 0x10
52 #define WRERR_STAT 0x20
53 #define READY_STAT 0x40
54 #define BUSY_STAT 0x80
56 /* Bits for HD_ERROR */
57 #define MARK_ERR 0x01 /* Bad address mark */
58 #define TRK0_ERR 0x02 /* couldn't find track 0 */
59 #define ABRT_ERR 0x04 /* Command aborted */
60 #define MCR_ERR 0x08 /* media change request */
61 #define ID_ERR 0x10 /* ID field not found */
62 #define MC_ERR 0x20 /* media changed */
63 #define ECC_ERR 0x40 /* Uncorrectable ECC error */
64 #define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
65 #define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
67 /* Bits of HD_NSECTOR */
68 #define CD 0x01
69 #define IO 0x02
70 #define REL 0x04
71 #define TAG_MASK 0xf8
73 #define IDE_CMD_RESET 0x04
74 #define IDE_CMD_DISABLE_IRQ 0x02
76 /* ATA/ATAPI Commands pre T13 Spec */
77 #define WIN_NOP 0x00
79 * 0x01->0x02 Reserved
81 #define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
83 * 0x04->0x07 Reserved
85 #define WIN_SRST 0x08 /* ATAPI soft reset command */
86 #define WIN_DEVICE_RESET 0x08
88 * 0x09->0x0F Reserved
90 #define WIN_RECAL 0x10
91 #define WIN_RESTORE WIN_RECAL
93 * 0x10->0x1F Reserved
95 #define WIN_READ 0x20 /* 28-Bit */
96 #define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
97 #define WIN_READ_LONG 0x22 /* 28-Bit */
98 #define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
99 #define WIN_READ_EXT 0x24 /* 48-Bit */
100 #define WIN_READDMA_EXT 0x25 /* 48-Bit */
101 #define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
102 #define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
104 * 0x28
106 #define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
108 * 0x2A->0x2F Reserved
110 #define WIN_WRITE 0x30 /* 28-Bit */
111 #define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
112 #define WIN_WRITE_LONG 0x32 /* 28-Bit */
113 #define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
114 #define WIN_WRITE_EXT 0x34 /* 48-Bit */
115 #define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
116 #define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
117 #define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
118 #define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
119 #define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
121 * 0x3A->0x3B Reserved
123 #define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
125 * 0x3D->0x3F Reserved
127 #define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
128 #define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
129 #define WIN_VERIFY_EXT 0x42 /* 48-Bit */
131 * 0x43->0x4F Reserved
133 #define WIN_FORMAT 0x50
135 * 0x51->0x5F Reserved
137 #define WIN_INIT 0x60
139 * 0x61->0x5F Reserved
141 #define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
142 #define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
143 #define WIN_DIAGNOSE 0x90
144 #define WIN_SPECIFY 0x91 /* set drive geometry translation */
145 #define WIN_DOWNLOAD_MICROCODE 0x92
146 #define WIN_STANDBYNOW2 0x94
147 #define CFA_IDLEIMMEDIATE 0x95 /* force drive to become "ready" */
148 #define WIN_STANDBY2 0x96
149 #define WIN_SETIDLE2 0x97
150 #define WIN_CHECKPOWERMODE2 0x98
151 #define WIN_SLEEPNOW2 0x99
153 * 0x9A VENDOR
155 #define WIN_PACKETCMD 0xA0 /* Send a packet command. */
156 #define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
157 #define WIN_QUEUED_SERVICE 0xA2
158 #define WIN_SMART 0xB0 /* self-monitoring and reporting */
159 #define CFA_ACCESS_METADATA_STORAGE 0xB8
160 #define CFA_ERASE_SECTORS 0xC0 /* microdrives implement as NOP */
161 #define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
162 #define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
163 #define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
164 #define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
165 #define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
166 #define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
167 #define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
168 #define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
169 #define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
170 #define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
171 #define WIN_GETMEDIASTATUS 0xDA
172 #define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
173 #define WIN_POSTBOOT 0xDC
174 #define WIN_PREBOOT 0xDD
175 #define WIN_DOORLOCK 0xDE /* lock door on removable drives */
176 #define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
177 #define WIN_STANDBYNOW1 0xE0
178 #define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
179 #define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
180 #define WIN_SETIDLE1 0xE3
181 #define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
182 #define WIN_CHECKPOWERMODE1 0xE5
183 #define WIN_SLEEPNOW1 0xE6
184 #define WIN_FLUSH_CACHE 0xE7
185 #define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
186 #define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
187 /* SET_FEATURES 0x22 or 0xDD */
188 #define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
189 #define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
190 #define WIN_MEDIAEJECT 0xED
191 #define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
192 #define WIN_SETFEATURES 0xEF /* set special drive features */
193 #define EXABYTE_ENABLE_NEST 0xF0
194 #define IBM_SENSE_CONDITION 0xF0 /* measure disk temperature */
195 #define WIN_SECURITY_SET_PASS 0xF1
196 #define WIN_SECURITY_UNLOCK 0xF2
197 #define WIN_SECURITY_ERASE_PREPARE 0xF3
198 #define WIN_SECURITY_ERASE_UNIT 0xF4
199 #define WIN_SECURITY_FREEZE_LOCK 0xF5
200 #define CFA_WEAR_LEVEL 0xF5 /* microdrives implement as NOP */
201 #define WIN_SECURITY_DISABLE 0xF6
202 #define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
203 #define WIN_SET_MAX 0xF9
204 #define DISABLE_SEAGATE 0xFB
206 /* set to 1 set disable mult support */
207 #define MAX_MULT_SECTORS 16
209 #define IDE_DMA_BUF_SECTORS 256
211 #if (IDE_DMA_BUF_SECTORS < MAX_MULT_SECTORS)
212 #error "IDE_DMA_BUF_SECTORS must be bigger or equal to MAX_MULT_SECTORS"
213 #endif
215 /* ATAPI defines */
217 #define ATAPI_PACKET_SIZE 12
219 /* The generic packet command opcodes for CD/DVD Logical Units,
220 * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
221 #define GPCMD_BLANK 0xa1
222 #define GPCMD_CLOSE_TRACK 0x5b
223 #define GPCMD_FLUSH_CACHE 0x35
224 #define GPCMD_FORMAT_UNIT 0x04
225 #define GPCMD_GET_CONFIGURATION 0x46
226 #define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
227 #define GPCMD_GET_PERFORMANCE 0xac
228 #define GPCMD_INQUIRY 0x12
229 #define GPCMD_LOAD_UNLOAD 0xa6
230 #define GPCMD_MECHANISM_STATUS 0xbd
231 #define GPCMD_MODE_SELECT_10 0x55
232 #define GPCMD_MODE_SENSE_10 0x5a
233 #define GPCMD_PAUSE_RESUME 0x4b
234 #define GPCMD_PLAY_AUDIO_10 0x45
235 #define GPCMD_PLAY_AUDIO_MSF 0x47
236 #define GPCMD_PLAY_AUDIO_TI 0x48
237 #define GPCMD_PLAY_CD 0xbc
238 #define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
239 #define GPCMD_READ_10 0x28
240 #define GPCMD_READ_12 0xa8
241 #define GPCMD_READ_CDVD_CAPACITY 0x25
242 #define GPCMD_READ_CD 0xbe
243 #define GPCMD_READ_CD_MSF 0xb9
244 #define GPCMD_READ_DISC_INFO 0x51
245 #define GPCMD_READ_DVD_STRUCTURE 0xad
246 #define GPCMD_READ_FORMAT_CAPACITIES 0x23
247 #define GPCMD_READ_HEADER 0x44
248 #define GPCMD_READ_TRACK_RZONE_INFO 0x52
249 #define GPCMD_READ_SUBCHANNEL 0x42
250 #define GPCMD_READ_TOC_PMA_ATIP 0x43
251 #define GPCMD_REPAIR_RZONE_TRACK 0x58
252 #define GPCMD_REPORT_KEY 0xa4
253 #define GPCMD_REQUEST_SENSE 0x03
254 #define GPCMD_RESERVE_RZONE_TRACK 0x53
255 #define GPCMD_SCAN 0xba
256 #define GPCMD_SEEK 0x2b
257 #define GPCMD_SEND_DVD_STRUCTURE 0xad
258 #define GPCMD_SEND_EVENT 0xa2
259 #define GPCMD_SEND_KEY 0xa3
260 #define GPCMD_SEND_OPC 0x54
261 #define GPCMD_SET_READ_AHEAD 0xa7
262 #define GPCMD_SET_STREAMING 0xb6
263 #define GPCMD_START_STOP_UNIT 0x1b
264 #define GPCMD_STOP_PLAY_SCAN 0x4e
265 #define GPCMD_TEST_UNIT_READY 0x00
266 #define GPCMD_VERIFY_10 0x2f
267 #define GPCMD_WRITE_10 0x2a
268 #define GPCMD_WRITE_AND_VERIFY_10 0x2e
269 /* This is listed as optional in ATAPI 2.6, but is (curiously)
270 * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
271 * Table 377 as an MMC command for SCSi devices though... Most ATAPI
272 * drives support it. */
273 #define GPCMD_SET_SPEED 0xbb
274 /* This seems to be a SCSI specific CD-ROM opcode
275 * to play data at track/index */
276 #define GPCMD_PLAYAUDIO_TI 0x48
278 * From MS Media Status Notification Support Specification. For
279 * older drives only.
281 #define GPCMD_GET_MEDIA_STATUS 0xda
282 #define GPCMD_MODE_SENSE_6 0x1a
284 /* Mode page codes for mode sense/set */
285 #define GPMODE_R_W_ERROR_PAGE 0x01
286 #define GPMODE_WRITE_PARMS_PAGE 0x05
287 #define GPMODE_AUDIO_CTL_PAGE 0x0e
288 #define GPMODE_POWER_PAGE 0x1a
289 #define GPMODE_FAULT_FAIL_PAGE 0x1c
290 #define GPMODE_TO_PROTECT_PAGE 0x1d
291 #define GPMODE_CAPABILITIES_PAGE 0x2a
292 #define GPMODE_ALL_PAGES 0x3f
293 /* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
294 * of MODE_SENSE_POWER_PAGE */
295 #define GPMODE_CDROM_PAGE 0x0d
298 * Based on values from <linux/cdrom.h> but extending CD_MINS
299 * to the maximum common size allowed by the Orange's Book ATIP
301 * 90 and 99 min CDs are also available but using them as the
302 * upper limit reduces the effectiveness of the heuristic to
303 * detect DVDs burned to less than 25% of their maximum capacity
306 /* Some generally useful CD-ROM information */
307 #define CD_MINS 80 /* max. minutes per CD */
308 #define CD_SECS 60 /* seconds per minute */
309 #define CD_FRAMES 75 /* frames per second */
310 #define CD_FRAMESIZE 2048 /* bytes per frame, "cooked" mode */
311 #define CD_MAX_BYTES (CD_MINS * CD_SECS * CD_FRAMES * CD_FRAMESIZE)
312 #define CD_MAX_SECTORS (CD_MAX_BYTES / 512)
315 * The MMC values are not IDE specific and might need to be moved
316 * to a common header if they are also needed for the SCSI emulation
319 /* Profile list from MMC-6 revision 1 table 91 */
320 #define MMC_PROFILE_NONE 0x0000
321 #define MMC_PROFILE_CD_ROM 0x0008
322 #define MMC_PROFILE_CD_R 0x0009
323 #define MMC_PROFILE_CD_RW 0x000A
324 #define MMC_PROFILE_DVD_ROM 0x0010
325 #define MMC_PROFILE_DVD_R_SR 0x0011
326 #define MMC_PROFILE_DVD_RAM 0x0012
327 #define MMC_PROFILE_DVD_RW_RO 0x0013
328 #define MMC_PROFILE_DVD_RW_SR 0x0014
329 #define MMC_PROFILE_DVD_R_DL_SR 0x0015
330 #define MMC_PROFILE_DVD_R_DL_JR 0x0016
331 #define MMC_PROFILE_DVD_RW_DL 0x0017
332 #define MMC_PROFILE_DVD_DDR 0x0018
333 #define MMC_PROFILE_DVD_PLUS_RW 0x001A
334 #define MMC_PROFILE_DVD_PLUS_R 0x001B
335 #define MMC_PROFILE_DVD_PLUS_RW_DL 0x002A
336 #define MMC_PROFILE_DVD_PLUS_R_DL 0x002B
337 #define MMC_PROFILE_BD_ROM 0x0040
338 #define MMC_PROFILE_BD_R_SRM 0x0041
339 #define MMC_PROFILE_BD_R_RRM 0x0042
340 #define MMC_PROFILE_BD_RE 0x0043
341 #define MMC_PROFILE_HDDVD_ROM 0x0050
342 #define MMC_PROFILE_HDDVD_R 0x0051
343 #define MMC_PROFILE_HDDVD_RAM 0x0052
344 #define MMC_PROFILE_HDDVD_RW 0x0053
345 #define MMC_PROFILE_HDDVD_R_DL 0x0058
346 #define MMC_PROFILE_HDDVD_RW_DL 0x005A
347 #define MMC_PROFILE_INVALID 0xFFFF
349 #define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
350 #define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
351 #define ATAPI_INT_REASON_REL 0x04
352 #define ATAPI_INT_REASON_TAG 0xf8
354 /* same constants as bochs */
355 #define ASC_ILLEGAL_OPCODE 0x20
356 #define ASC_LOGICAL_BLOCK_OOR 0x21
357 #define ASC_INV_FIELD_IN_CMD_PACKET 0x24
358 #define ASC_MEDIUM_MAY_HAVE_CHANGED 0x28
359 #define ASC_INCOMPATIBLE_FORMAT 0x30
360 #define ASC_MEDIUM_NOT_PRESENT 0x3a
361 #define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
362 #define ASC_MEDIA_REMOVAL_PREVENTED 0x53
364 #define CFA_NO_ERROR 0x00
365 #define CFA_MISC_ERROR 0x09
366 #define CFA_INVALID_COMMAND 0x20
367 #define CFA_INVALID_ADDRESS 0x21
368 #define CFA_ADDRESS_OVERFLOW 0x2f
370 #define SENSE_NONE 0
371 #define SENSE_NOT_READY 2
372 #define SENSE_ILLEGAL_REQUEST 5
373 #define SENSE_UNIT_ATTENTION 6
375 struct IDEState;
377 typedef void EndTransferFunc(struct IDEState *);
379 /* NOTE: IDEState represents in fact one drive */
380 typedef struct IDEState {
381 /* ide config */
382 int is_cdrom;
383 int is_cf;
384 int cylinders, heads, sectors;
385 int64_t nb_sectors;
386 int mult_sectors;
387 int identify_set;
388 uint16_t identify_data[256];
389 qemu_irq irq;
390 PCIDevice *pci_dev;
391 struct BMDMAState *bmdma;
392 int drive_serial;
393 char drive_serial_str[21];
394 /* ide regs */
395 uint8_t feature;
396 uint8_t error;
397 uint32_t nsector;
398 uint8_t sector;
399 uint8_t lcyl;
400 uint8_t hcyl;
401 /* other part of tf for lba48 support */
402 uint8_t hob_feature;
403 uint8_t hob_nsector;
404 uint8_t hob_sector;
405 uint8_t hob_lcyl;
406 uint8_t hob_hcyl;
408 uint8_t select;
409 uint8_t status;
411 /* 0x3f6 command, only meaningful for drive 0 */
412 uint8_t cmd;
413 /* set for lba48 access */
414 uint8_t lba48;
415 /* depends on bit 4 in select, only meaningful for drive 0 */
416 struct IDEState *cur_drive;
417 BlockDriverState *bs;
418 /* ATAPI specific */
419 uint8_t sense_key;
420 uint8_t asc;
421 int packet_transfer_size;
422 int elementary_transfer_size;
423 int io_buffer_index;
424 int lba;
425 int cd_sector_size;
426 int atapi_dma; /* true if dma is requested for the packet cmd */
427 /* ATA DMA state */
428 int io_buffer_size;
429 QEMUSGList sg;
430 /* PIO transfer handling */
431 int req_nb_sectors; /* number of sectors per interrupt */
432 EndTransferFunc *end_transfer_func;
433 uint8_t *data_ptr;
434 uint8_t *data_end;
435 uint8_t *io_buffer;
436 QEMUTimer *sector_write_timer; /* only used for win2k install hack */
437 uint32_t irq_count; /* counts IRQs when using win2k install hack */
438 /* CF-ATA extended error */
439 uint8_t ext_error;
440 /* CF-ATA metadata storage */
441 uint32_t mdata_size;
442 uint8_t *mdata_storage;
443 int media_changed;
444 /* for pmac */
445 int is_read;
446 } IDEState;
448 /* XXX: DVDs that could fit on a CD will be reported as a CD */
449 static inline int media_present(IDEState *s)
451 return (s->nb_sectors > 0);
454 static inline int media_is_dvd(IDEState *s)
456 return (media_present(s) && s->nb_sectors > CD_MAX_SECTORS);
459 static inline int media_is_cd(IDEState *s)
461 return (media_present(s) && s->nb_sectors <= CD_MAX_SECTORS);
464 #define BM_STATUS_DMAING 0x01
465 #define BM_STATUS_ERROR 0x02
466 #define BM_STATUS_INT 0x04
467 #define BM_STATUS_DMA_RETRY 0x08
468 #define BM_STATUS_PIO_RETRY 0x10
470 #define BM_CMD_START 0x01
471 #define BM_CMD_READ 0x08
473 #define IDE_TYPE_PIIX3 0
474 #define IDE_TYPE_CMD646 1
475 #define IDE_TYPE_PIIX4 2
477 /* CMD646 specific */
478 #define MRDMODE 0x71
479 #define MRDMODE_INTR_CH0 0x04
480 #define MRDMODE_INTR_CH1 0x08
481 #define MRDMODE_BLK_CH0 0x10
482 #define MRDMODE_BLK_CH1 0x20
483 #define UDIDETCR0 0x73
484 #define UDIDETCR1 0x7B
486 typedef struct BMDMAState {
487 uint8_t cmd;
488 uint8_t status;
489 uint32_t addr;
491 struct PCIIDEState *pci_dev;
492 /* current transfer state */
493 uint32_t cur_addr;
494 uint32_t cur_prd_last;
495 uint32_t cur_prd_addr;
496 uint32_t cur_prd_len;
497 IDEState *ide_if;
498 BlockDriverCompletionFunc *dma_cb;
499 BlockDriverAIOCB *aiocb;
500 struct iovec iov;
501 QEMUIOVector qiov;
502 int64_t sector_num;
503 uint32_t nsector;
504 } BMDMAState;
506 typedef struct PCIIDEState {
507 PCIDevice dev;
508 IDEState ide_if[4];
509 BMDMAState bmdma[2];
510 int type; /* see IDE_TYPE_xxx */
511 } PCIIDEState;
513 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb);
514 static void ide_dma_restart(IDEState *s);
515 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
517 static void padstr(char *str, const char *src, int len)
519 int i, v;
520 for(i = 0; i < len; i++) {
521 if (*src)
522 v = *src++;
523 else
524 v = ' ';
525 str[i^1] = v;
529 static void padstr8(uint8_t *buf, int buf_size, const char *src)
531 int i;
532 for(i = 0; i < buf_size; i++) {
533 if (*src)
534 buf[i] = *src++;
535 else
536 buf[i] = ' ';
540 static void put_le16(uint16_t *p, unsigned int v)
542 *p = cpu_to_le16(v);
545 static void ide_identify(IDEState *s)
547 uint16_t *p;
548 unsigned int oldsize;
550 if (s->identify_set) {
551 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
552 return;
555 memset(s->io_buffer, 0, 512);
556 p = (uint16_t *)s->io_buffer;
557 put_le16(p + 0, 0x0040);
558 put_le16(p + 1, s->cylinders);
559 put_le16(p + 3, s->heads);
560 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
561 put_le16(p + 5, 512); /* XXX: retired, remove ? */
562 put_le16(p + 6, s->sectors);
563 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
564 put_le16(p + 20, 3); /* XXX: retired, remove ? */
565 put_le16(p + 21, 512); /* cache size in sectors */
566 put_le16(p + 22, 4); /* ecc bytes */
567 padstr((char *)(p + 23), QEMU_VERSION, 8); /* firmware version */
568 padstr((char *)(p + 27), "QEMU HARDDISK", 40); /* model */
569 #if MAX_MULT_SECTORS > 1
570 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
571 #endif
572 put_le16(p + 48, 1); /* dword I/O */
573 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
574 put_le16(p + 51, 0x200); /* PIO transfer cycle */
575 put_le16(p + 52, 0x200); /* DMA transfer cycle */
576 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
577 put_le16(p + 54, s->cylinders);
578 put_le16(p + 55, s->heads);
579 put_le16(p + 56, s->sectors);
580 oldsize = s->cylinders * s->heads * s->sectors;
581 put_le16(p + 57, oldsize);
582 put_le16(p + 58, oldsize >> 16);
583 if (s->mult_sectors)
584 put_le16(p + 59, 0x100 | s->mult_sectors);
585 put_le16(p + 60, s->nb_sectors);
586 put_le16(p + 61, s->nb_sectors >> 16);
587 put_le16(p + 62, 0x07); /* single word dma0-2 supported */
588 put_le16(p + 63, 0x07); /* mdma0-2 supported */
589 put_le16(p + 65, 120);
590 put_le16(p + 66, 120);
591 put_le16(p + 67, 120);
592 put_le16(p + 68, 120);
593 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
594 put_le16(p + 81, 0x16); /* conforms to ata5 */
595 put_le16(p + 82, (1 << 14));
596 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
597 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
598 put_le16(p + 84, (1 << 14));
599 put_le16(p + 85, (1 << 14));
600 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
601 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
602 put_le16(p + 87, (1 << 14));
603 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
604 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
605 put_le16(p + 100, s->nb_sectors);
606 put_le16(p + 101, s->nb_sectors >> 16);
607 put_le16(p + 102, s->nb_sectors >> 32);
608 put_le16(p + 103, s->nb_sectors >> 48);
610 memcpy(s->identify_data, p, sizeof(s->identify_data));
611 s->identify_set = 1;
614 static void ide_atapi_identify(IDEState *s)
616 uint16_t *p;
618 if (s->identify_set) {
619 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
620 return;
623 memset(s->io_buffer, 0, 512);
624 p = (uint16_t *)s->io_buffer;
625 /* Removable CDROM, 50us response, 12 byte packets */
626 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
627 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
628 put_le16(p + 20, 3); /* buffer type */
629 put_le16(p + 21, 512); /* cache size in sectors */
630 put_le16(p + 22, 4); /* ecc bytes */
631 padstr((char *)(p + 23), QEMU_VERSION, 8); /* firmware version */
632 padstr((char *)(p + 27), "QEMU DVD-ROM", 40); /* model */
633 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
634 #ifdef USE_DMA_CDROM
635 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
636 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
637 put_le16(p + 62, 7); /* single word dma0-2 supported */
638 put_le16(p + 63, 7); /* mdma0-2 supported */
639 put_le16(p + 64, 0x3f); /* PIO modes supported */
640 #else
641 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
642 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
643 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
644 put_le16(p + 64, 1); /* PIO modes */
645 #endif
646 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
647 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
648 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
649 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
651 put_le16(p + 71, 30); /* in ns */
652 put_le16(p + 72, 30); /* in ns */
654 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
655 #ifdef USE_DMA_CDROM
656 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
657 #endif
658 memcpy(s->identify_data, p, sizeof(s->identify_data));
659 s->identify_set = 1;
662 static void ide_cfata_identify(IDEState *s)
664 uint16_t *p;
665 uint32_t cur_sec;
667 p = (uint16_t *) s->identify_data;
668 if (s->identify_set)
669 goto fill_buffer;
671 memset(p, 0, sizeof(s->identify_data));
673 cur_sec = s->cylinders * s->heads * s->sectors;
675 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
676 put_le16(p + 1, s->cylinders); /* Default cylinders */
677 put_le16(p + 3, s->heads); /* Default heads */
678 put_le16(p + 6, s->sectors); /* Default sectors per track */
679 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
680 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
681 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
682 put_le16(p + 22, 0x0004); /* ECC bytes */
683 padstr((char *) (p + 23), QEMU_VERSION, 8); /* Firmware Revision */
684 padstr((char *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */
685 #if MAX_MULT_SECTORS > 1
686 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
687 #else
688 put_le16(p + 47, 0x0000);
689 #endif
690 put_le16(p + 49, 0x0f00); /* Capabilities */
691 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
692 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
693 put_le16(p + 53, 0x0003); /* Translation params valid */
694 put_le16(p + 54, s->cylinders); /* Current cylinders */
695 put_le16(p + 55, s->heads); /* Current heads */
696 put_le16(p + 56, s->sectors); /* Current sectors */
697 put_le16(p + 57, cur_sec); /* Current capacity */
698 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
699 if (s->mult_sectors) /* Multiple sector setting */
700 put_le16(p + 59, 0x100 | s->mult_sectors);
701 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
702 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
703 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
704 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
705 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
706 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
707 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
708 put_le16(p + 82, 0x400c); /* Command Set supported */
709 put_le16(p + 83, 0x7068); /* Command Set supported */
710 put_le16(p + 84, 0x4000); /* Features supported */
711 put_le16(p + 85, 0x000c); /* Command Set enabled */
712 put_le16(p + 86, 0x7044); /* Command Set enabled */
713 put_le16(p + 87, 0x4000); /* Features enabled */
714 put_le16(p + 91, 0x4060); /* Current APM level */
715 put_le16(p + 129, 0x0002); /* Current features option */
716 put_le16(p + 130, 0x0005); /* Reassigned sectors */
717 put_le16(p + 131, 0x0001); /* Initial power mode */
718 put_le16(p + 132, 0x0000); /* User signature */
719 put_le16(p + 160, 0x8100); /* Power requirement */
720 put_le16(p + 161, 0x8001); /* CF command set */
722 s->identify_set = 1;
724 fill_buffer:
725 memcpy(s->io_buffer, p, sizeof(s->identify_data));
728 static void ide_set_signature(IDEState *s)
730 s->select &= 0xf0; /* clear head */
731 /* put signature */
732 s->nsector = 1;
733 s->sector = 1;
734 if (s->is_cdrom) {
735 s->lcyl = 0x14;
736 s->hcyl = 0xeb;
737 } else if (s->bs) {
738 s->lcyl = 0;
739 s->hcyl = 0;
740 } else {
741 s->lcyl = 0xff;
742 s->hcyl = 0xff;
746 static inline void ide_abort_command(IDEState *s)
748 s->status = READY_STAT | ERR_STAT;
749 s->error = ABRT_ERR;
752 static inline void ide_dma_submit_check(IDEState *s,
753 BlockDriverCompletionFunc *dma_cb, BMDMAState *bm)
755 if (bm->aiocb)
756 return;
757 dma_cb(bm, -1);
760 static inline void ide_set_irq(IDEState *s)
762 BMDMAState *bm = s->bmdma;
763 if (!(s->cmd & IDE_CMD_DISABLE_IRQ)) {
764 if (bm) {
765 bm->status |= BM_STATUS_INT;
767 qemu_irq_raise(s->irq);
771 /* prepare data transfer and tell what to do after */
772 static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
773 EndTransferFunc *end_transfer_func)
775 s->end_transfer_func = end_transfer_func;
776 s->data_ptr = buf;
777 s->data_end = buf + size;
778 if (!(s->status & ERR_STAT))
779 s->status |= DRQ_STAT;
782 static void ide_transfer_stop(IDEState *s)
784 s->end_transfer_func = ide_transfer_stop;
785 s->data_ptr = s->io_buffer;
786 s->data_end = s->io_buffer;
787 s->status &= ~DRQ_STAT;
790 static int64_t ide_get_sector(IDEState *s)
792 int64_t sector_num;
793 if (s->select & 0x40) {
794 /* lba */
795 if (!s->lba48) {
796 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
797 (s->lcyl << 8) | s->sector;
798 } else {
799 sector_num = ((int64_t)s->hob_hcyl << 40) |
800 ((int64_t) s->hob_lcyl << 32) |
801 ((int64_t) s->hob_sector << 24) |
802 ((int64_t) s->hcyl << 16) |
803 ((int64_t) s->lcyl << 8) | s->sector;
805 } else {
806 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
807 (s->select & 0x0f) * s->sectors + (s->sector - 1);
809 return sector_num;
812 static void ide_set_sector(IDEState *s, int64_t sector_num)
814 unsigned int cyl, r;
815 if (s->select & 0x40) {
816 if (!s->lba48) {
817 s->select = (s->select & 0xf0) | (sector_num >> 24);
818 s->hcyl = (sector_num >> 16);
819 s->lcyl = (sector_num >> 8);
820 s->sector = (sector_num);
821 } else {
822 s->sector = sector_num;
823 s->lcyl = sector_num >> 8;
824 s->hcyl = sector_num >> 16;
825 s->hob_sector = sector_num >> 24;
826 s->hob_lcyl = sector_num >> 32;
827 s->hob_hcyl = sector_num >> 40;
829 } else {
830 cyl = sector_num / (s->heads * s->sectors);
831 r = sector_num % (s->heads * s->sectors);
832 s->hcyl = cyl >> 8;
833 s->lcyl = cyl;
834 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
835 s->sector = (r % s->sectors) + 1;
839 static void ide_rw_error(IDEState *s) {
840 ide_abort_command(s);
841 ide_set_irq(s);
844 static void ide_sector_read(IDEState *s)
846 int64_t sector_num;
847 int ret, n;
849 s->status = READY_STAT | SEEK_STAT;
850 s->error = 0; /* not needed by IDE spec, but needed by Windows */
851 sector_num = ide_get_sector(s);
852 n = s->nsector;
853 if (n == 0) {
854 /* no more sector to read from disk */
855 ide_transfer_stop(s);
856 } else {
857 #if defined(DEBUG_IDE)
858 printf("read sector=%" PRId64 "\n", sector_num);
859 #endif
860 if (n > s->req_nb_sectors)
861 n = s->req_nb_sectors;
862 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
863 if (ret != 0) {
864 ide_rw_error(s);
865 return;
867 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
868 ide_set_irq(s);
869 ide_set_sector(s, sector_num + n);
870 s->nsector -= n;
875 /* return 0 if buffer completed */
876 static int dma_buf_prepare(BMDMAState *bm, int is_write)
878 IDEState *s = bm->ide_if;
879 struct {
880 uint32_t addr;
881 uint32_t size;
882 } prd;
883 int l, len;
885 qemu_sglist_init(&s->sg, s->nsector / (TARGET_PAGE_SIZE/512) + 1);
886 s->io_buffer_size = 0;
887 for(;;) {
888 if (bm->cur_prd_len == 0) {
889 /* end of table (with a fail safe of one page) */
890 if (bm->cur_prd_last ||
891 (bm->cur_addr - bm->addr) >= 4096)
892 return s->io_buffer_size != 0;
893 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
894 bm->cur_addr += 8;
895 prd.addr = le32_to_cpu(prd.addr);
896 prd.size = le32_to_cpu(prd.size);
897 len = prd.size & 0xfffe;
898 if (len == 0)
899 len = 0x10000;
900 bm->cur_prd_len = len;
901 bm->cur_prd_addr = prd.addr;
902 bm->cur_prd_last = (prd.size & 0x80000000);
904 l = bm->cur_prd_len;
905 if (l > 0) {
906 qemu_sglist_add(&s->sg, bm->cur_prd_addr, l);
907 bm->cur_prd_addr += l;
908 bm->cur_prd_len -= l;
909 s->io_buffer_size += l;
912 return 1;
915 static void dma_buf_commit(IDEState *s, int is_write)
917 qemu_sglist_destroy(&s->sg);
920 static void ide_dma_error(IDEState *s)
922 ide_transfer_stop(s);
923 s->error = ABRT_ERR;
924 s->status = READY_STAT | ERR_STAT;
925 ide_set_irq(s);
928 static int ide_handle_write_error(IDEState *s, int error, int op)
930 BlockInterfaceErrorAction action = drive_get_onerror(s->bs);
932 if (action == BLOCK_ERR_IGNORE)
933 return 0;
935 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
936 || action == BLOCK_ERR_STOP_ANY) {
937 s->bmdma->ide_if = s;
938 s->bmdma->status |= op;
939 vm_stop(0);
940 } else {
941 if (op == BM_STATUS_DMA_RETRY) {
942 dma_buf_commit(s, 0);
943 ide_dma_error(s);
944 } else {
945 ide_rw_error(s);
949 return 1;
952 /* return 0 if buffer completed */
953 static int dma_buf_rw(BMDMAState *bm, int is_write)
955 IDEState *s = bm->ide_if;
956 struct {
957 uint32_t addr;
958 uint32_t size;
959 } prd;
960 int l, len;
962 for(;;) {
963 l = s->io_buffer_size - s->io_buffer_index;
964 if (l <= 0)
965 break;
966 if (bm->cur_prd_len == 0) {
967 /* end of table (with a fail safe of one page) */
968 if (bm->cur_prd_last ||
969 (bm->cur_addr - bm->addr) >= 4096)
970 return 0;
971 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
972 bm->cur_addr += 8;
973 prd.addr = le32_to_cpu(prd.addr);
974 prd.size = le32_to_cpu(prd.size);
975 len = prd.size & 0xfffe;
976 if (len == 0)
977 len = 0x10000;
978 bm->cur_prd_len = len;
979 bm->cur_prd_addr = prd.addr;
980 bm->cur_prd_last = (prd.size & 0x80000000);
982 if (l > bm->cur_prd_len)
983 l = bm->cur_prd_len;
984 if (l > 0) {
985 if (is_write) {
986 cpu_physical_memory_write(bm->cur_prd_addr,
987 s->io_buffer + s->io_buffer_index, l);
988 } else {
989 cpu_physical_memory_read(bm->cur_prd_addr,
990 s->io_buffer + s->io_buffer_index, l);
992 bm->cur_prd_addr += l;
993 bm->cur_prd_len -= l;
994 s->io_buffer_index += l;
997 return 1;
1000 static void ide_read_dma_cb(void *opaque, int ret)
1002 BMDMAState *bm = opaque;
1003 IDEState *s = bm->ide_if;
1004 int n;
1005 int64_t sector_num;
1007 if (ret < 0) {
1008 dma_buf_commit(s, 1);
1009 ide_dma_error(s);
1010 return;
1013 n = s->io_buffer_size >> 9;
1014 sector_num = ide_get_sector(s);
1015 if (n > 0) {
1016 dma_buf_commit(s, 1);
1017 sector_num += n;
1018 ide_set_sector(s, sector_num);
1019 s->nsector -= n;
1022 /* end of transfer ? */
1023 if (s->nsector == 0) {
1024 s->status = READY_STAT | SEEK_STAT;
1025 ide_set_irq(s);
1026 eot:
1027 bm->status &= ~BM_STATUS_DMAING;
1028 bm->status |= BM_STATUS_INT;
1029 bm->dma_cb = NULL;
1030 bm->ide_if = NULL;
1031 bm->aiocb = NULL;
1032 return;
1035 /* launch next transfer */
1036 n = s->nsector;
1037 s->io_buffer_index = 0;
1038 s->io_buffer_size = n * 512;
1039 if (dma_buf_prepare(bm, 1) == 0)
1040 goto eot;
1041 #ifdef DEBUG_AIO
1042 printf("aio_read: sector_num=%" PRId64 " n=%d\n", sector_num, n);
1043 #endif
1044 bm->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num, ide_read_dma_cb, bm);
1045 ide_dma_submit_check(s, ide_read_dma_cb, bm);
1048 static void ide_sector_read_dma(IDEState *s)
1050 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
1051 s->io_buffer_index = 0;
1052 s->io_buffer_size = 0;
1053 s->is_read = 1;
1054 ide_dma_start(s, ide_read_dma_cb);
1057 static void ide_sector_write_timer_cb(void *opaque)
1059 IDEState *s = opaque;
1060 ide_set_irq(s);
1063 static void ide_sector_write(IDEState *s)
1065 int64_t sector_num;
1066 int ret, n, n1;
1068 s->status = READY_STAT | SEEK_STAT;
1069 sector_num = ide_get_sector(s);
1070 #if defined(DEBUG_IDE)
1071 printf("write sector=%" PRId64 "\n", sector_num);
1072 #endif
1073 n = s->nsector;
1074 if (n > s->req_nb_sectors)
1075 n = s->req_nb_sectors;
1076 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
1078 if (ret != 0) {
1079 if (ide_handle_write_error(s, -ret, BM_STATUS_PIO_RETRY))
1080 return;
1083 s->nsector -= n;
1084 if (s->nsector == 0) {
1085 /* no more sectors to write */
1086 ide_transfer_stop(s);
1087 } else {
1088 n1 = s->nsector;
1089 if (n1 > s->req_nb_sectors)
1090 n1 = s->req_nb_sectors;
1091 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
1093 ide_set_sector(s, sector_num + n);
1095 #ifdef TARGET_I386
1096 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
1097 /* It seems there is a bug in the Windows 2000 installer HDD
1098 IDE driver which fills the disk with empty logs when the
1099 IDE write IRQ comes too early. This hack tries to correct
1100 that at the expense of slower write performances. Use this
1101 option _only_ to install Windows 2000. You must disable it
1102 for normal use. */
1103 qemu_mod_timer(s->sector_write_timer,
1104 qemu_get_clock(vm_clock) + (ticks_per_sec / 1000));
1105 } else
1106 #endif
1108 ide_set_irq(s);
1112 static void ide_dma_restart_cb(void *opaque, int running, int reason)
1114 BMDMAState *bm = opaque;
1115 if (!running)
1116 return;
1117 if (bm->status & BM_STATUS_DMA_RETRY) {
1118 bm->status &= ~BM_STATUS_DMA_RETRY;
1119 ide_dma_restart(bm->ide_if);
1120 } else if (bm->status & BM_STATUS_PIO_RETRY) {
1121 bm->status &= ~BM_STATUS_PIO_RETRY;
1122 ide_sector_write(bm->ide_if);
1126 static void ide_write_dma_cb(void *opaque, int ret)
1128 BMDMAState *bm = opaque;
1129 IDEState *s = bm->ide_if;
1130 int n;
1131 int64_t sector_num;
1133 if (ret < 0) {
1134 if (ide_handle_write_error(s, -ret, BM_STATUS_DMA_RETRY))
1135 return;
1138 n = s->io_buffer_size >> 9;
1139 sector_num = ide_get_sector(s);
1140 if (n > 0) {
1141 dma_buf_commit(s, 0);
1142 sector_num += n;
1143 ide_set_sector(s, sector_num);
1144 s->nsector -= n;
1147 /* end of transfer ? */
1148 if (s->nsector == 0) {
1149 s->status = READY_STAT | SEEK_STAT;
1150 ide_set_irq(s);
1151 eot:
1152 bm->status &= ~BM_STATUS_DMAING;
1153 bm->status |= BM_STATUS_INT;
1154 bm->dma_cb = NULL;
1155 bm->ide_if = NULL;
1156 bm->aiocb = NULL;
1157 return;
1160 n = s->nsector;
1161 s->io_buffer_size = n * 512;
1162 /* launch next transfer */
1163 if (dma_buf_prepare(bm, 0) == 0)
1164 goto eot;
1165 #ifdef DEBUG_AIO
1166 printf("aio_write: sector_num=%" PRId64 " n=%d\n", sector_num, n);
1167 #endif
1168 bm->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num, ide_write_dma_cb, bm);
1169 ide_dma_submit_check(s, ide_write_dma_cb, bm);
1172 static void ide_sector_write_dma(IDEState *s)
1174 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
1175 s->io_buffer_index = 0;
1176 s->io_buffer_size = 0;
1177 s->is_read = 0;
1178 ide_dma_start(s, ide_write_dma_cb);
1181 static void ide_atapi_cmd_ok(IDEState *s)
1183 s->error = 0;
1184 s->status = READY_STAT | SEEK_STAT;
1185 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1186 ide_set_irq(s);
1189 static void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
1191 #ifdef DEBUG_IDE_ATAPI
1192 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
1193 #endif
1194 s->error = sense_key << 4;
1195 s->status = READY_STAT | ERR_STAT;
1196 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1197 s->sense_key = sense_key;
1198 s->asc = asc;
1199 ide_set_irq(s);
1202 static void ide_atapi_cmd_check_status(IDEState *s)
1204 #ifdef DEBUG_IDE_ATAPI
1205 printf("atapi_cmd_check_status\n");
1206 #endif
1207 s->error = MC_ERR | (SENSE_UNIT_ATTENTION << 4);
1208 s->status = ERR_STAT;
1209 s->nsector = 0;
1210 ide_set_irq(s);
1213 static inline void cpu_to_ube16(uint8_t *buf, int val)
1215 buf[0] = val >> 8;
1216 buf[1] = val & 0xff;
1219 static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
1221 buf[0] = val >> 24;
1222 buf[1] = val >> 16;
1223 buf[2] = val >> 8;
1224 buf[3] = val & 0xff;
1227 static inline int ube16_to_cpu(const uint8_t *buf)
1229 return (buf[0] << 8) | buf[1];
1232 static inline int ube32_to_cpu(const uint8_t *buf)
1234 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
1237 static void lba_to_msf(uint8_t *buf, int lba)
1239 lba += 150;
1240 buf[0] = (lba / 75) / 60;
1241 buf[1] = (lba / 75) % 60;
1242 buf[2] = lba % 75;
1245 static void cd_data_to_raw(uint8_t *buf, int lba)
1247 /* sync bytes */
1248 buf[0] = 0x00;
1249 memset(buf + 1, 0xff, 10);
1250 buf[11] = 0x00;
1251 buf += 12;
1252 /* MSF */
1253 lba_to_msf(buf, lba);
1254 buf[3] = 0x01; /* mode 1 data */
1255 buf += 4;
1256 /* data */
1257 buf += 2048;
1258 /* XXX: ECC not computed */
1259 memset(buf, 0, 288);
1262 static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
1263 int sector_size)
1265 int ret;
1267 switch(sector_size) {
1268 case 2048:
1269 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
1270 break;
1271 case 2352:
1272 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
1273 if (ret < 0)
1274 return ret;
1275 cd_data_to_raw(buf, lba);
1276 break;
1277 default:
1278 ret = -EIO;
1279 break;
1281 return ret;
1284 static void ide_atapi_io_error(IDEState *s, int ret)
1286 /* XXX: handle more errors */
1287 if (ret == -ENOMEDIUM) {
1288 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1289 ASC_MEDIUM_NOT_PRESENT);
1290 } else {
1291 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1292 ASC_LOGICAL_BLOCK_OOR);
1296 /* The whole ATAPI transfer logic is handled in this function */
1297 static void ide_atapi_cmd_reply_end(IDEState *s)
1299 int byte_count_limit, size, ret;
1300 #ifdef DEBUG_IDE_ATAPI
1301 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
1302 s->packet_transfer_size,
1303 s->elementary_transfer_size,
1304 s->io_buffer_index);
1305 #endif
1306 if (s->packet_transfer_size <= 0) {
1307 /* end of transfer */
1308 ide_transfer_stop(s);
1309 s->status = READY_STAT | SEEK_STAT;
1310 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1311 ide_set_irq(s);
1312 #ifdef DEBUG_IDE_ATAPI
1313 printf("status=0x%x\n", s->status);
1314 #endif
1315 } else {
1316 /* see if a new sector must be read */
1317 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
1318 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
1319 if (ret < 0) {
1320 ide_transfer_stop(s);
1321 ide_atapi_io_error(s, ret);
1322 return;
1324 s->lba++;
1325 s->io_buffer_index = 0;
1327 if (s->elementary_transfer_size > 0) {
1328 /* there are some data left to transmit in this elementary
1329 transfer */
1330 size = s->cd_sector_size - s->io_buffer_index;
1331 if (size > s->elementary_transfer_size)
1332 size = s->elementary_transfer_size;
1333 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1334 size, ide_atapi_cmd_reply_end);
1335 s->packet_transfer_size -= size;
1336 s->elementary_transfer_size -= size;
1337 s->io_buffer_index += size;
1338 } else {
1339 /* a new transfer is needed */
1340 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
1341 byte_count_limit = s->lcyl | (s->hcyl << 8);
1342 #ifdef DEBUG_IDE_ATAPI
1343 printf("byte_count_limit=%d\n", byte_count_limit);
1344 #endif
1345 if (byte_count_limit == 0xffff)
1346 byte_count_limit--;
1347 size = s->packet_transfer_size;
1348 if (size > byte_count_limit) {
1349 /* byte count limit must be even if this case */
1350 if (byte_count_limit & 1)
1351 byte_count_limit--;
1352 size = byte_count_limit;
1354 s->lcyl = size;
1355 s->hcyl = size >> 8;
1356 s->elementary_transfer_size = size;
1357 /* we cannot transmit more than one sector at a time */
1358 if (s->lba != -1) {
1359 if (size > (s->cd_sector_size - s->io_buffer_index))
1360 size = (s->cd_sector_size - s->io_buffer_index);
1362 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1363 size, ide_atapi_cmd_reply_end);
1364 s->packet_transfer_size -= size;
1365 s->elementary_transfer_size -= size;
1366 s->io_buffer_index += size;
1367 ide_set_irq(s);
1368 #ifdef DEBUG_IDE_ATAPI
1369 printf("status=0x%x\n", s->status);
1370 #endif
1375 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
1376 static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
1378 if (size > max_size)
1379 size = max_size;
1380 s->lba = -1; /* no sector read */
1381 s->packet_transfer_size = size;
1382 s->io_buffer_size = size; /* dma: send the reply data as one chunk */
1383 s->elementary_transfer_size = 0;
1384 s->io_buffer_index = 0;
1386 if (s->atapi_dma) {
1387 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
1388 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1389 } else {
1390 s->status = READY_STAT | SEEK_STAT;
1391 ide_atapi_cmd_reply_end(s);
1395 /* start a CD-CDROM read command */
1396 static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
1397 int sector_size)
1399 s->lba = lba;
1400 s->packet_transfer_size = nb_sectors * sector_size;
1401 s->elementary_transfer_size = 0;
1402 s->io_buffer_index = sector_size;
1403 s->cd_sector_size = sector_size;
1405 s->status = READY_STAT | SEEK_STAT;
1406 ide_atapi_cmd_reply_end(s);
1409 /* ATAPI DMA support */
1411 /* XXX: handle read errors */
1412 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
1414 BMDMAState *bm = opaque;
1415 IDEState *s = bm->ide_if;
1416 int data_offset, n;
1418 if (ret < 0) {
1419 ide_atapi_io_error(s, ret);
1420 goto eot;
1423 if (s->io_buffer_size > 0) {
1425 * For a cdrom read sector command (s->lba != -1),
1426 * adjust the lba for the next s->io_buffer_size chunk
1427 * and dma the current chunk.
1428 * For a command != read (s->lba == -1), just transfer
1429 * the reply data.
1431 if (s->lba != -1) {
1432 if (s->cd_sector_size == 2352) {
1433 n = 1;
1434 cd_data_to_raw(s->io_buffer, s->lba);
1435 } else {
1436 n = s->io_buffer_size >> 11;
1438 s->lba += n;
1440 s->packet_transfer_size -= s->io_buffer_size;
1441 if (dma_buf_rw(bm, 1) == 0)
1442 goto eot;
1445 if (s->packet_transfer_size <= 0) {
1446 s->status = READY_STAT | SEEK_STAT;
1447 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1448 ide_set_irq(s);
1449 eot:
1450 bm->status &= ~BM_STATUS_DMAING;
1451 bm->status |= BM_STATUS_INT;
1452 bm->dma_cb = NULL;
1453 bm->ide_if = NULL;
1454 bm->aiocb = NULL;
1455 return;
1458 s->io_buffer_index = 0;
1459 if (s->cd_sector_size == 2352) {
1460 n = 1;
1461 s->io_buffer_size = s->cd_sector_size;
1462 data_offset = 16;
1463 } else {
1464 n = s->packet_transfer_size >> 11;
1465 if (n > (IDE_DMA_BUF_SECTORS / 4))
1466 n = (IDE_DMA_BUF_SECTORS / 4);
1467 s->io_buffer_size = n * 2048;
1468 data_offset = 0;
1470 #ifdef DEBUG_AIO
1471 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
1472 #endif
1473 bm->iov.iov_base = (void *)(s->io_buffer + data_offset);
1474 bm->iov.iov_len = n * 4 * 512;
1475 qemu_iovec_init_external(&bm->qiov, &bm->iov, 1);
1476 bm->aiocb = bdrv_aio_readv(s->bs, (int64_t)s->lba << 2, &bm->qiov,
1477 n * 4, ide_atapi_cmd_read_dma_cb, bm);
1478 if (!bm->aiocb) {
1479 /* Note: media not present is the most likely case */
1480 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1481 ASC_MEDIUM_NOT_PRESENT);
1482 goto eot;
1486 /* start a CD-CDROM read command with DMA */
1487 /* XXX: test if DMA is available */
1488 static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1489 int sector_size)
1491 s->lba = lba;
1492 s->packet_transfer_size = nb_sectors * sector_size;
1493 s->io_buffer_index = 0;
1494 s->io_buffer_size = 0;
1495 s->cd_sector_size = sector_size;
1497 /* XXX: check if BUSY_STAT should be set */
1498 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
1499 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1502 static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
1503 int sector_size)
1505 #ifdef DEBUG_IDE_ATAPI
1506 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
1507 lba, nb_sectors);
1508 #endif
1509 if (s->atapi_dma) {
1510 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1511 } else {
1512 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1516 static inline uint8_t ide_atapi_set_profile(uint8_t *buf, uint8_t *index,
1517 uint16_t profile)
1519 uint8_t *buf_profile = buf + 12; /* start of profiles */
1521 buf_profile += ((*index) * 4); /* start of indexed profile */
1522 cpu_to_ube16 (buf_profile, profile);
1523 buf_profile[2] = ((buf_profile[0] == buf[6]) && (buf_profile[1] == buf[7]));
1525 /* each profile adds 4 bytes to the response */
1526 (*index)++;
1527 buf[11] += 4; /* Additional Length */
1529 return 4;
1532 static int ide_dvd_read_structure(IDEState *s, int format,
1533 const uint8_t *packet, uint8_t *buf)
1535 switch (format) {
1536 case 0x0: /* Physical format information */
1538 int layer = packet[6];
1539 uint64_t total_sectors;
1541 if (layer != 0)
1542 return -ASC_INV_FIELD_IN_CMD_PACKET;
1544 bdrv_get_geometry(s->bs, &total_sectors);
1545 total_sectors >>= 2;
1546 if (total_sectors == 0)
1547 return -ASC_MEDIUM_NOT_PRESENT;
1549 buf[4] = 1; /* DVD-ROM, part version 1 */
1550 buf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
1551 buf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
1552 buf[7] = 0; /* default densities */
1554 /* FIXME: 0x30000 per spec? */
1555 cpu_to_ube32(buf + 8, 0); /* start sector */
1556 cpu_to_ube32(buf + 12, total_sectors - 1); /* end sector */
1557 cpu_to_ube32(buf + 16, total_sectors - 1); /* l0 end sector */
1559 /* Size of buffer, not including 2 byte size field */
1560 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1562 /* 2k data + 4 byte header */
1563 return (2048 + 4);
1566 case 0x01: /* DVD copyright information */
1567 buf[4] = 0; /* no copyright data */
1568 buf[5] = 0; /* no region restrictions */
1570 /* Size of buffer, not including 2 byte size field */
1571 cpu_to_be16wu((uint16_t *)buf, 4 + 2);
1573 /* 4 byte header + 4 byte data */
1574 return (4 + 4);
1576 case 0x03: /* BCA information - invalid field for no BCA info */
1577 return -ASC_INV_FIELD_IN_CMD_PACKET;
1579 case 0x04: /* DVD disc manufacturing information */
1580 /* Size of buffer, not including 2 byte size field */
1581 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1583 /* 2k data + 4 byte header */
1584 return (2048 + 4);
1586 case 0xff:
1588 * This lists all the command capabilities above. Add new ones
1589 * in order and update the length and buffer return values.
1592 buf[4] = 0x00; /* Physical format */
1593 buf[5] = 0x40; /* Not writable, is readable */
1594 cpu_to_be16wu((uint16_t *)(buf + 6), 2048 + 4);
1596 buf[8] = 0x01; /* Copyright info */
1597 buf[9] = 0x40; /* Not writable, is readable */
1598 cpu_to_be16wu((uint16_t *)(buf + 10), 4 + 4);
1600 buf[12] = 0x03; /* BCA info */
1601 buf[13] = 0x40; /* Not writable, is readable */
1602 cpu_to_be16wu((uint16_t *)(buf + 14), 188 + 4);
1604 buf[16] = 0x04; /* Manufacturing info */
1605 buf[17] = 0x40; /* Not writable, is readable */
1606 cpu_to_be16wu((uint16_t *)(buf + 18), 2048 + 4);
1608 /* Size of buffer, not including 2 byte size field */
1609 cpu_to_be16wu((uint16_t *)buf, 16 + 2);
1611 /* data written + 4 byte header */
1612 return (16 + 4);
1614 default: /* TODO: formats beyond DVD-ROM requires */
1615 return -ASC_INV_FIELD_IN_CMD_PACKET;
1619 static void ide_atapi_cmd(IDEState *s)
1621 const uint8_t *packet;
1622 uint8_t *buf;
1623 int max_len;
1625 packet = s->io_buffer;
1626 buf = s->io_buffer;
1627 #ifdef DEBUG_IDE_ATAPI
1629 int i;
1630 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1631 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1632 printf(" %02x", packet[i]);
1634 printf("\n");
1636 #endif
1637 /* If there's a UNIT_ATTENTION condition pending, only
1638 REQUEST_SENSE and INQUIRY commands are allowed to complete. */
1639 if (s->sense_key == SENSE_UNIT_ATTENTION &&
1640 s->io_buffer[0] != GPCMD_REQUEST_SENSE &&
1641 s->io_buffer[0] != GPCMD_INQUIRY) {
1642 ide_atapi_cmd_check_status(s);
1643 return;
1645 switch(s->io_buffer[0]) {
1646 case GPCMD_TEST_UNIT_READY:
1647 if (bdrv_is_inserted(s->bs)) {
1648 ide_atapi_cmd_ok(s);
1649 } else {
1650 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1651 ASC_MEDIUM_NOT_PRESENT);
1653 break;
1654 case GPCMD_MODE_SENSE_6:
1655 case GPCMD_MODE_SENSE_10:
1657 int action, code;
1658 if (packet[0] == GPCMD_MODE_SENSE_10)
1659 max_len = ube16_to_cpu(packet + 7);
1660 else
1661 max_len = packet[4];
1662 action = packet[2] >> 6;
1663 code = packet[2] & 0x3f;
1664 switch(action) {
1665 case 0: /* current values */
1666 switch(code) {
1667 case 0x01: /* error recovery */
1668 cpu_to_ube16(&buf[0], 16 + 6);
1669 buf[2] = 0x70;
1670 buf[3] = 0;
1671 buf[4] = 0;
1672 buf[5] = 0;
1673 buf[6] = 0;
1674 buf[7] = 0;
1676 buf[8] = 0x01;
1677 buf[9] = 0x06;
1678 buf[10] = 0x00;
1679 buf[11] = 0x05;
1680 buf[12] = 0x00;
1681 buf[13] = 0x00;
1682 buf[14] = 0x00;
1683 buf[15] = 0x00;
1684 ide_atapi_cmd_reply(s, 16, max_len);
1685 break;
1686 case 0x2a:
1687 cpu_to_ube16(&buf[0], 28 + 6);
1688 buf[2] = 0x70;
1689 buf[3] = 0;
1690 buf[4] = 0;
1691 buf[5] = 0;
1692 buf[6] = 0;
1693 buf[7] = 0;
1695 buf[8] = 0x2a;
1696 buf[9] = 0x12;
1697 buf[10] = 0x00;
1698 buf[11] = 0x00;
1700 /* Claim PLAY_AUDIO capability (0x01) since some Linux
1701 code checks for this to automount media. */
1702 buf[12] = 0x71;
1703 buf[13] = 3 << 5;
1704 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
1705 if (bdrv_is_locked(s->bs))
1706 buf[6] |= 1 << 1;
1707 buf[15] = 0x00;
1708 cpu_to_ube16(&buf[16], 706);
1709 buf[18] = 0;
1710 buf[19] = 2;
1711 cpu_to_ube16(&buf[20], 512);
1712 cpu_to_ube16(&buf[22], 706);
1713 buf[24] = 0;
1714 buf[25] = 0;
1715 buf[26] = 0;
1716 buf[27] = 0;
1717 ide_atapi_cmd_reply(s, 28, max_len);
1718 break;
1719 default:
1720 goto error_cmd;
1722 break;
1723 case 1: /* changeable values */
1724 goto error_cmd;
1725 case 2: /* default values */
1726 goto error_cmd;
1727 default:
1728 case 3: /* saved values */
1729 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1730 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1731 break;
1734 break;
1735 case GPCMD_REQUEST_SENSE:
1736 max_len = packet[4];
1737 memset(buf, 0, 18);
1738 buf[0] = 0x70 | (1 << 7);
1739 buf[2] = s->sense_key;
1740 buf[7] = 10;
1741 buf[12] = s->asc;
1742 if (s->sense_key == SENSE_UNIT_ATTENTION)
1743 s->sense_key = SENSE_NONE;
1744 ide_atapi_cmd_reply(s, 18, max_len);
1745 break;
1746 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
1747 if (bdrv_is_inserted(s->bs)) {
1748 bdrv_set_locked(s->bs, packet[4] & 1);
1749 ide_atapi_cmd_ok(s);
1750 } else {
1751 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1752 ASC_MEDIUM_NOT_PRESENT);
1754 break;
1755 case GPCMD_READ_10:
1756 case GPCMD_READ_12:
1758 int nb_sectors, lba;
1760 if (packet[0] == GPCMD_READ_10)
1761 nb_sectors = ube16_to_cpu(packet + 7);
1762 else
1763 nb_sectors = ube32_to_cpu(packet + 6);
1764 lba = ube32_to_cpu(packet + 2);
1765 if (nb_sectors == 0) {
1766 ide_atapi_cmd_ok(s);
1767 break;
1769 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1771 break;
1772 case GPCMD_READ_CD:
1774 int nb_sectors, lba, transfer_request;
1776 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1777 lba = ube32_to_cpu(packet + 2);
1778 if (nb_sectors == 0) {
1779 ide_atapi_cmd_ok(s);
1780 break;
1782 transfer_request = packet[9];
1783 switch(transfer_request & 0xf8) {
1784 case 0x00:
1785 /* nothing */
1786 ide_atapi_cmd_ok(s);
1787 break;
1788 case 0x10:
1789 /* normal read */
1790 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1791 break;
1792 case 0xf8:
1793 /* read all data */
1794 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1795 break;
1796 default:
1797 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1798 ASC_INV_FIELD_IN_CMD_PACKET);
1799 break;
1802 break;
1803 case GPCMD_SEEK:
1805 unsigned int lba;
1806 uint64_t total_sectors;
1808 bdrv_get_geometry(s->bs, &total_sectors);
1809 total_sectors >>= 2;
1810 if (total_sectors == 0) {
1811 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1812 ASC_MEDIUM_NOT_PRESENT);
1813 break;
1815 lba = ube32_to_cpu(packet + 2);
1816 if (lba >= total_sectors) {
1817 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1818 ASC_LOGICAL_BLOCK_OOR);
1819 break;
1821 ide_atapi_cmd_ok(s);
1823 break;
1824 case GPCMD_START_STOP_UNIT:
1826 int start, eject, err = 0;
1827 start = packet[4] & 1;
1828 eject = (packet[4] >> 1) & 1;
1830 if (eject) {
1831 err = bdrv_eject(s->bs, !start);
1834 switch (err) {
1835 case 0:
1836 ide_atapi_cmd_ok(s);
1837 break;
1838 case -EBUSY:
1839 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1840 ASC_MEDIA_REMOVAL_PREVENTED);
1841 break;
1842 default:
1843 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1844 ASC_MEDIUM_NOT_PRESENT);
1845 break;
1848 break;
1849 case GPCMD_MECHANISM_STATUS:
1851 max_len = ube16_to_cpu(packet + 8);
1852 cpu_to_ube16(buf, 0);
1853 /* no current LBA */
1854 buf[2] = 0;
1855 buf[3] = 0;
1856 buf[4] = 0;
1857 buf[5] = 1;
1858 cpu_to_ube16(buf + 6, 0);
1859 ide_atapi_cmd_reply(s, 8, max_len);
1861 break;
1862 case GPCMD_READ_TOC_PMA_ATIP:
1864 int format, msf, start_track, len;
1865 uint64_t total_sectors;
1867 bdrv_get_geometry(s->bs, &total_sectors);
1868 total_sectors >>= 2;
1869 if (total_sectors == 0) {
1870 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1871 ASC_MEDIUM_NOT_PRESENT);
1872 break;
1874 max_len = ube16_to_cpu(packet + 7);
1875 format = packet[9] >> 6;
1876 msf = (packet[1] >> 1) & 1;
1877 start_track = packet[6];
1878 switch(format) {
1879 case 0:
1880 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
1881 if (len < 0)
1882 goto error_cmd;
1883 ide_atapi_cmd_reply(s, len, max_len);
1884 break;
1885 case 1:
1886 /* multi session : only a single session defined */
1887 memset(buf, 0, 12);
1888 buf[1] = 0x0a;
1889 buf[2] = 0x01;
1890 buf[3] = 0x01;
1891 ide_atapi_cmd_reply(s, 12, max_len);
1892 break;
1893 case 2:
1894 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
1895 if (len < 0)
1896 goto error_cmd;
1897 ide_atapi_cmd_reply(s, len, max_len);
1898 break;
1899 default:
1900 error_cmd:
1901 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1902 ASC_INV_FIELD_IN_CMD_PACKET);
1903 break;
1906 break;
1907 case GPCMD_READ_CDVD_CAPACITY:
1909 uint64_t total_sectors;
1911 bdrv_get_geometry(s->bs, &total_sectors);
1912 total_sectors >>= 2;
1913 if (total_sectors == 0) {
1914 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1915 ASC_MEDIUM_NOT_PRESENT);
1916 break;
1918 /* NOTE: it is really the number of sectors minus 1 */
1919 cpu_to_ube32(buf, total_sectors - 1);
1920 cpu_to_ube32(buf + 4, 2048);
1921 ide_atapi_cmd_reply(s, 8, 8);
1923 break;
1924 case GPCMD_READ_DVD_STRUCTURE:
1926 int media = packet[1];
1927 int format = packet[7];
1928 int ret;
1930 max_len = ube16_to_cpu(packet + 8);
1932 if (format < 0xff) {
1933 if (media_is_cd(s)) {
1934 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1935 ASC_INCOMPATIBLE_FORMAT);
1936 break;
1937 } else if (!media_present(s)) {
1938 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1939 ASC_INV_FIELD_IN_CMD_PACKET);
1940 break;
1944 memset(buf, 0, max_len > IDE_DMA_BUF_SECTORS * 512 + 4 ?
1945 IDE_DMA_BUF_SECTORS * 512 + 4 : max_len);
1947 switch (format) {
1948 case 0x00 ... 0x7f:
1949 case 0xff:
1950 if (media == 0) {
1951 ret = ide_dvd_read_structure(s, format, packet, buf);
1953 if (ret < 0)
1954 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, -ret);
1955 else
1956 ide_atapi_cmd_reply(s, ret, max_len);
1958 break;
1960 /* TODO: BD support, fall through for now */
1962 /* Generic disk structures */
1963 case 0x80: /* TODO: AACS volume identifier */
1964 case 0x81: /* TODO: AACS media serial number */
1965 case 0x82: /* TODO: AACS media identifier */
1966 case 0x83: /* TODO: AACS media key block */
1967 case 0x90: /* TODO: List of recognized format layers */
1968 case 0xc0: /* TODO: Write protection status */
1969 default:
1970 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1971 ASC_INV_FIELD_IN_CMD_PACKET);
1972 break;
1975 break;
1976 case GPCMD_SET_SPEED:
1977 ide_atapi_cmd_ok(s);
1978 break;
1979 case GPCMD_INQUIRY:
1980 max_len = packet[4];
1981 buf[0] = 0x05; /* CD-ROM */
1982 buf[1] = 0x80; /* removable */
1983 buf[2] = 0x00; /* ISO */
1984 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1985 buf[4] = 31; /* additional length */
1986 buf[5] = 0; /* reserved */
1987 buf[6] = 0; /* reserved */
1988 buf[7] = 0; /* reserved */
1989 padstr8(buf + 8, 8, "QEMU");
1990 padstr8(buf + 16, 16, "QEMU DVD-ROM");
1991 padstr8(buf + 32, 4, QEMU_VERSION);
1992 ide_atapi_cmd_reply(s, 36, max_len);
1993 break;
1994 case GPCMD_GET_CONFIGURATION:
1996 uint32_t len;
1997 uint8_t index = 0;
1999 /* only feature 0 is supported */
2000 if (packet[2] != 0 || packet[3] != 0) {
2001 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
2002 ASC_INV_FIELD_IN_CMD_PACKET);
2003 break;
2006 /* XXX: could result in alignment problems in some architectures */
2007 max_len = ube16_to_cpu(packet + 7);
2010 * XXX: avoid overflow for io_buffer if max_len is bigger than
2011 * the size of that buffer (dimensioned to max number of
2012 * sectors to transfer at once)
2014 * Only a problem if the feature/profiles grow.
2016 if (max_len > 512) /* XXX: assume 1 sector */
2017 max_len = 512;
2019 memset(buf, 0, max_len);
2021 * the number of sectors from the media tells us which profile
2022 * to use as current. 0 means there is no media
2024 if (media_is_dvd(s))
2025 cpu_to_ube16(buf + 6, MMC_PROFILE_DVD_ROM);
2026 else if (media_is_cd(s))
2027 cpu_to_ube16(buf + 6, MMC_PROFILE_CD_ROM);
2029 buf[10] = 0x02 | 0x01; /* persistent and current */
2030 len = 12; /* headers: 8 + 4 */
2031 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_DVD_ROM);
2032 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_CD_ROM);
2033 cpu_to_ube32(buf, len - 4); /* data length */
2035 ide_atapi_cmd_reply(s, len, max_len);
2036 break;
2038 default:
2039 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
2040 ASC_ILLEGAL_OPCODE);
2041 break;
2045 static void ide_cfata_metadata_inquiry(IDEState *s)
2047 uint16_t *p;
2048 uint32_t spd;
2050 p = (uint16_t *) s->io_buffer;
2051 memset(p, 0, 0x200);
2052 spd = ((s->mdata_size - 1) >> 9) + 1;
2054 put_le16(p + 0, 0x0001); /* Data format revision */
2055 put_le16(p + 1, 0x0000); /* Media property: silicon */
2056 put_le16(p + 2, s->media_changed); /* Media status */
2057 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
2058 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
2059 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
2060 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
2063 static void ide_cfata_metadata_read(IDEState *s)
2065 uint16_t *p;
2067 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
2068 s->status = ERR_STAT;
2069 s->error = ABRT_ERR;
2070 return;
2073 p = (uint16_t *) s->io_buffer;
2074 memset(p, 0, 0x200);
2076 put_le16(p + 0, s->media_changed); /* Media status */
2077 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
2078 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
2079 s->nsector << 9), 0x200 - 2));
2082 static void ide_cfata_metadata_write(IDEState *s)
2084 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
2085 s->status = ERR_STAT;
2086 s->error = ABRT_ERR;
2087 return;
2090 s->media_changed = 0;
2092 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
2093 s->io_buffer + 2,
2094 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
2095 s->nsector << 9), 0x200 - 2));
2098 /* called when the inserted state of the media has changed */
2099 static void cdrom_change_cb(void *opaque)
2101 IDEState *s = opaque;
2102 uint64_t nb_sectors;
2104 bdrv_get_geometry(s->bs, &nb_sectors);
2105 s->nb_sectors = nb_sectors;
2107 s->sense_key = SENSE_UNIT_ATTENTION;
2108 s->asc = ASC_MEDIUM_MAY_HAVE_CHANGED;
2110 ide_set_irq(s);
2113 static void ide_cmd_lba48_transform(IDEState *s, int lba48)
2115 s->lba48 = lba48;
2117 /* handle the 'magic' 0 nsector count conversion here. to avoid
2118 * fiddling with the rest of the read logic, we just store the
2119 * full sector count in ->nsector and ignore ->hob_nsector from now
2121 if (!s->lba48) {
2122 if (!s->nsector)
2123 s->nsector = 256;
2124 } else {
2125 if (!s->nsector && !s->hob_nsector)
2126 s->nsector = 65536;
2127 else {
2128 int lo = s->nsector;
2129 int hi = s->hob_nsector;
2131 s->nsector = (hi << 8) | lo;
2136 static void ide_clear_hob(IDEState *ide_if)
2138 /* any write clears HOB high bit of device control register */
2139 ide_if[0].select &= ~(1 << 7);
2140 ide_if[1].select &= ~(1 << 7);
2143 static void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
2145 IDEState *ide_if = opaque;
2146 IDEState *s;
2147 int unit, n;
2148 int lba48 = 0;
2150 #ifdef DEBUG_IDE
2151 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
2152 #endif
2154 addr &= 7;
2156 /* ignore writes to command block while busy with previous command */
2157 if (addr != 7 && (ide_if->cur_drive->status & (BUSY_STAT|DRQ_STAT)))
2158 return;
2160 switch(addr) {
2161 case 0:
2162 break;
2163 case 1:
2164 ide_clear_hob(ide_if);
2165 /* NOTE: data is written to the two drives */
2166 ide_if[0].hob_feature = ide_if[0].feature;
2167 ide_if[1].hob_feature = ide_if[1].feature;
2168 ide_if[0].feature = val;
2169 ide_if[1].feature = val;
2170 break;
2171 case 2:
2172 ide_clear_hob(ide_if);
2173 ide_if[0].hob_nsector = ide_if[0].nsector;
2174 ide_if[1].hob_nsector = ide_if[1].nsector;
2175 ide_if[0].nsector = val;
2176 ide_if[1].nsector = val;
2177 break;
2178 case 3:
2179 ide_clear_hob(ide_if);
2180 ide_if[0].hob_sector = ide_if[0].sector;
2181 ide_if[1].hob_sector = ide_if[1].sector;
2182 ide_if[0].sector = val;
2183 ide_if[1].sector = val;
2184 break;
2185 case 4:
2186 ide_clear_hob(ide_if);
2187 ide_if[0].hob_lcyl = ide_if[0].lcyl;
2188 ide_if[1].hob_lcyl = ide_if[1].lcyl;
2189 ide_if[0].lcyl = val;
2190 ide_if[1].lcyl = val;
2191 break;
2192 case 5:
2193 ide_clear_hob(ide_if);
2194 ide_if[0].hob_hcyl = ide_if[0].hcyl;
2195 ide_if[1].hob_hcyl = ide_if[1].hcyl;
2196 ide_if[0].hcyl = val;
2197 ide_if[1].hcyl = val;
2198 break;
2199 case 6:
2200 /* FIXME: HOB readback uses bit 7 */
2201 ide_if[0].select = (val & ~0x10) | 0xa0;
2202 ide_if[1].select = (val | 0x10) | 0xa0;
2203 /* select drive */
2204 unit = (val >> 4) & 1;
2205 s = ide_if + unit;
2206 ide_if->cur_drive = s;
2207 break;
2208 default:
2209 case 7:
2210 /* command */
2211 #if defined(DEBUG_IDE)
2212 printf("ide: CMD=%02x\n", val);
2213 #endif
2214 s = ide_if->cur_drive;
2215 /* ignore commands to non existant slave */
2216 if (s != ide_if && !s->bs)
2217 break;
2219 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */
2220 if ((s->status & (BUSY_STAT|DRQ_STAT)) && val != WIN_DEVICE_RESET)
2221 break;
2223 switch(val) {
2224 case WIN_IDENTIFY:
2225 if (s->bs && !s->is_cdrom) {
2226 if (!s->is_cf)
2227 ide_identify(s);
2228 else
2229 ide_cfata_identify(s);
2230 s->status = READY_STAT | SEEK_STAT;
2231 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2232 } else {
2233 if (s->is_cdrom) {
2234 ide_set_signature(s);
2236 ide_abort_command(s);
2238 ide_set_irq(s);
2239 break;
2240 case WIN_SPECIFY:
2241 case WIN_RECAL:
2242 s->error = 0;
2243 s->status = READY_STAT | SEEK_STAT;
2244 ide_set_irq(s);
2245 break;
2246 case WIN_SETMULT:
2247 if (s->is_cf && s->nsector == 0) {
2248 /* Disable Read and Write Multiple */
2249 s->mult_sectors = 0;
2250 s->status = READY_STAT | SEEK_STAT;
2251 } else if ((s->nsector & 0xff) != 0 &&
2252 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
2253 (s->nsector & (s->nsector - 1)) != 0)) {
2254 ide_abort_command(s);
2255 } else {
2256 s->mult_sectors = s->nsector & 0xff;
2257 s->status = READY_STAT | SEEK_STAT;
2259 ide_set_irq(s);
2260 break;
2261 case WIN_VERIFY_EXT:
2262 lba48 = 1;
2263 case WIN_VERIFY:
2264 case WIN_VERIFY_ONCE:
2265 /* do sector number check ? */
2266 ide_cmd_lba48_transform(s, lba48);
2267 s->status = READY_STAT | SEEK_STAT;
2268 ide_set_irq(s);
2269 break;
2270 case WIN_READ_EXT:
2271 lba48 = 1;
2272 case WIN_READ:
2273 case WIN_READ_ONCE:
2274 if (!s->bs)
2275 goto abort_cmd;
2276 ide_cmd_lba48_transform(s, lba48);
2277 s->req_nb_sectors = 1;
2278 ide_sector_read(s);
2279 break;
2280 case WIN_WRITE_EXT:
2281 lba48 = 1;
2282 case WIN_WRITE:
2283 case WIN_WRITE_ONCE:
2284 case CFA_WRITE_SECT_WO_ERASE:
2285 case WIN_WRITE_VERIFY:
2286 ide_cmd_lba48_transform(s, lba48);
2287 s->error = 0;
2288 s->status = SEEK_STAT | READY_STAT;
2289 s->req_nb_sectors = 1;
2290 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
2291 s->media_changed = 1;
2292 break;
2293 case WIN_MULTREAD_EXT:
2294 lba48 = 1;
2295 case WIN_MULTREAD:
2296 if (!s->mult_sectors)
2297 goto abort_cmd;
2298 ide_cmd_lba48_transform(s, lba48);
2299 s->req_nb_sectors = s->mult_sectors;
2300 ide_sector_read(s);
2301 break;
2302 case WIN_MULTWRITE_EXT:
2303 lba48 = 1;
2304 case WIN_MULTWRITE:
2305 case CFA_WRITE_MULTI_WO_ERASE:
2306 if (!s->mult_sectors)
2307 goto abort_cmd;
2308 ide_cmd_lba48_transform(s, lba48);
2309 s->error = 0;
2310 s->status = SEEK_STAT | READY_STAT;
2311 s->req_nb_sectors = s->mult_sectors;
2312 n = s->nsector;
2313 if (n > s->req_nb_sectors)
2314 n = s->req_nb_sectors;
2315 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
2316 s->media_changed = 1;
2317 break;
2318 case WIN_READDMA_EXT:
2319 lba48 = 1;
2320 case WIN_READDMA:
2321 case WIN_READDMA_ONCE:
2322 if (!s->bs)
2323 goto abort_cmd;
2324 ide_cmd_lba48_transform(s, lba48);
2325 ide_sector_read_dma(s);
2326 break;
2327 case WIN_WRITEDMA_EXT:
2328 lba48 = 1;
2329 case WIN_WRITEDMA:
2330 case WIN_WRITEDMA_ONCE:
2331 if (!s->bs)
2332 goto abort_cmd;
2333 ide_cmd_lba48_transform(s, lba48);
2334 ide_sector_write_dma(s);
2335 s->media_changed = 1;
2336 break;
2337 case WIN_READ_NATIVE_MAX_EXT:
2338 lba48 = 1;
2339 case WIN_READ_NATIVE_MAX:
2340 ide_cmd_lba48_transform(s, lba48);
2341 ide_set_sector(s, s->nb_sectors - 1);
2342 s->status = READY_STAT | SEEK_STAT;
2343 ide_set_irq(s);
2344 break;
2345 case WIN_CHECKPOWERMODE1:
2346 case WIN_CHECKPOWERMODE2:
2347 s->nsector = 0xff; /* device active or idle */
2348 s->status = READY_STAT | SEEK_STAT;
2349 ide_set_irq(s);
2350 break;
2351 case WIN_SETFEATURES:
2352 if (!s->bs)
2353 goto abort_cmd;
2354 /* XXX: valid for CDROM ? */
2355 switch(s->feature) {
2356 case 0xcc: /* reverting to power-on defaults enable */
2357 case 0x66: /* reverting to power-on defaults disable */
2358 case 0x02: /* write cache enable */
2359 case 0x82: /* write cache disable */
2360 case 0xaa: /* read look-ahead enable */
2361 case 0x55: /* read look-ahead disable */
2362 case 0x05: /* set advanced power management mode */
2363 case 0x85: /* disable advanced power management mode */
2364 case 0x69: /* NOP */
2365 case 0x67: /* NOP */
2366 case 0x96: /* NOP */
2367 case 0x9a: /* NOP */
2368 case 0x42: /* enable Automatic Acoustic Mode */
2369 case 0xc2: /* disable Automatic Acoustic Mode */
2370 s->status = READY_STAT | SEEK_STAT;
2371 ide_set_irq(s);
2372 break;
2373 case 0x03: { /* set transfer mode */
2374 uint8_t val = s->nsector & 0x07;
2376 switch (s->nsector >> 3) {
2377 case 0x00: /* pio default */
2378 case 0x01: /* pio mode */
2379 put_le16(s->identify_data + 62,0x07);
2380 put_le16(s->identify_data + 63,0x07);
2381 put_le16(s->identify_data + 88,0x3f);
2382 break;
2383 case 0x02: /* sigle word dma mode*/
2384 put_le16(s->identify_data + 62,0x07 | (1 << (val + 8)));
2385 put_le16(s->identify_data + 63,0x07);
2386 put_le16(s->identify_data + 88,0x3f);
2387 break;
2388 case 0x04: /* mdma mode */
2389 put_le16(s->identify_data + 62,0x07);
2390 put_le16(s->identify_data + 63,0x07 | (1 << (val + 8)));
2391 put_le16(s->identify_data + 88,0x3f);
2392 break;
2393 case 0x08: /* udma mode */
2394 put_le16(s->identify_data + 62,0x07);
2395 put_le16(s->identify_data + 63,0x07);
2396 put_le16(s->identify_data + 88,0x3f | (1 << (val + 8)));
2397 break;
2398 default:
2399 goto abort_cmd;
2401 s->status = READY_STAT | SEEK_STAT;
2402 ide_set_irq(s);
2403 break;
2405 default:
2406 goto abort_cmd;
2408 break;
2409 case WIN_FLUSH_CACHE:
2410 case WIN_FLUSH_CACHE_EXT:
2411 if (s->bs)
2412 bdrv_flush(s->bs);
2413 s->status = READY_STAT | SEEK_STAT;
2414 ide_set_irq(s);
2415 break;
2416 case WIN_STANDBY:
2417 case WIN_STANDBY2:
2418 case WIN_STANDBYNOW1:
2419 case WIN_STANDBYNOW2:
2420 case WIN_IDLEIMMEDIATE:
2421 case CFA_IDLEIMMEDIATE:
2422 case WIN_SETIDLE1:
2423 case WIN_SETIDLE2:
2424 case WIN_SLEEPNOW1:
2425 case WIN_SLEEPNOW2:
2426 s->status = READY_STAT;
2427 ide_set_irq(s);
2428 break;
2429 case WIN_SEEK:
2430 if(s->is_cdrom)
2431 goto abort_cmd;
2432 /* XXX: Check that seek is within bounds */
2433 s->status = READY_STAT | SEEK_STAT;
2434 ide_set_irq(s);
2435 break;
2436 /* ATAPI commands */
2437 case WIN_PIDENTIFY:
2438 if (s->is_cdrom) {
2439 ide_atapi_identify(s);
2440 s->status = READY_STAT | SEEK_STAT;
2441 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2442 } else {
2443 ide_abort_command(s);
2445 ide_set_irq(s);
2446 break;
2447 case WIN_DIAGNOSE:
2448 ide_set_signature(s);
2449 if (s->is_cdrom)
2450 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet
2451 * devices to return a clear status register
2452 * with READY_STAT *not* set. */
2453 else
2454 s->status = READY_STAT | SEEK_STAT;
2455 s->error = 0x01; /* Device 0 passed, Device 1 passed or not
2456 * present.
2458 ide_set_irq(s);
2459 break;
2460 case WIN_SRST:
2461 if (!s->is_cdrom)
2462 goto abort_cmd;
2463 ide_set_signature(s);
2464 s->status = 0x00; /* NOTE: READY is _not_ set */
2465 s->error = 0x01;
2466 break;
2467 case WIN_PACKETCMD:
2468 if (!s->is_cdrom)
2469 goto abort_cmd;
2470 /* overlapping commands not supported */
2471 if (s->feature & 0x02)
2472 goto abort_cmd;
2473 s->status = READY_STAT | SEEK_STAT;
2474 s->atapi_dma = s->feature & 1;
2475 s->nsector = 1;
2476 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
2477 ide_atapi_cmd);
2478 break;
2479 /* CF-ATA commands */
2480 case CFA_REQ_EXT_ERROR_CODE:
2481 if (!s->is_cf)
2482 goto abort_cmd;
2483 s->error = 0x09; /* miscellaneous error */
2484 s->status = READY_STAT | SEEK_STAT;
2485 ide_set_irq(s);
2486 break;
2487 case CFA_ERASE_SECTORS:
2488 case CFA_WEAR_LEVEL:
2489 if (!s->is_cf)
2490 goto abort_cmd;
2491 if (val == CFA_WEAR_LEVEL)
2492 s->nsector = 0;
2493 if (val == CFA_ERASE_SECTORS)
2494 s->media_changed = 1;
2495 s->error = 0x00;
2496 s->status = READY_STAT | SEEK_STAT;
2497 ide_set_irq(s);
2498 break;
2499 case CFA_TRANSLATE_SECTOR:
2500 if (!s->is_cf)
2501 goto abort_cmd;
2502 s->error = 0x00;
2503 s->status = READY_STAT | SEEK_STAT;
2504 memset(s->io_buffer, 0, 0x200);
2505 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
2506 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
2507 s->io_buffer[0x02] = s->select; /* Head */
2508 s->io_buffer[0x03] = s->sector; /* Sector */
2509 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
2510 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
2511 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
2512 s->io_buffer[0x13] = 0x00; /* Erase flag */
2513 s->io_buffer[0x18] = 0x00; /* Hot count */
2514 s->io_buffer[0x19] = 0x00; /* Hot count */
2515 s->io_buffer[0x1a] = 0x01; /* Hot count */
2516 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2517 ide_set_irq(s);
2518 break;
2519 case CFA_ACCESS_METADATA_STORAGE:
2520 if (!s->is_cf)
2521 goto abort_cmd;
2522 switch (s->feature) {
2523 case 0x02: /* Inquiry Metadata Storage */
2524 ide_cfata_metadata_inquiry(s);
2525 break;
2526 case 0x03: /* Read Metadata Storage */
2527 ide_cfata_metadata_read(s);
2528 break;
2529 case 0x04: /* Write Metadata Storage */
2530 ide_cfata_metadata_write(s);
2531 break;
2532 default:
2533 goto abort_cmd;
2535 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2536 s->status = 0x00; /* NOTE: READY is _not_ set */
2537 ide_set_irq(s);
2538 break;
2539 case IBM_SENSE_CONDITION:
2540 if (!s->is_cf)
2541 goto abort_cmd;
2542 switch (s->feature) {
2543 case 0x01: /* sense temperature in device */
2544 s->nsector = 0x50; /* +20 C */
2545 break;
2546 default:
2547 goto abort_cmd;
2549 s->status = READY_STAT | SEEK_STAT;
2550 ide_set_irq(s);
2551 break;
2552 default:
2553 abort_cmd:
2554 ide_abort_command(s);
2555 ide_set_irq(s);
2556 break;
2561 static uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
2563 IDEState *ide_if = opaque;
2564 IDEState *s = ide_if->cur_drive;
2565 uint32_t addr;
2566 int ret, hob;
2568 addr = addr1 & 7;
2569 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2570 //hob = s->select & (1 << 7);
2571 hob = 0;
2572 switch(addr) {
2573 case 0:
2574 ret = 0xff;
2575 break;
2576 case 1:
2577 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2578 (s != ide_if && !s->bs))
2579 ret = 0;
2580 else if (!hob)
2581 ret = s->error;
2582 else
2583 ret = s->hob_feature;
2584 break;
2585 case 2:
2586 if (!ide_if[0].bs && !ide_if[1].bs)
2587 ret = 0;
2588 else if (!hob)
2589 ret = s->nsector & 0xff;
2590 else
2591 ret = s->hob_nsector;
2592 break;
2593 case 3:
2594 if (!ide_if[0].bs && !ide_if[1].bs)
2595 ret = 0;
2596 else if (!hob)
2597 ret = s->sector;
2598 else
2599 ret = s->hob_sector;
2600 break;
2601 case 4:
2602 if (!ide_if[0].bs && !ide_if[1].bs)
2603 ret = 0;
2604 else if (!hob)
2605 ret = s->lcyl;
2606 else
2607 ret = s->hob_lcyl;
2608 break;
2609 case 5:
2610 if (!ide_if[0].bs && !ide_if[1].bs)
2611 ret = 0;
2612 else if (!hob)
2613 ret = s->hcyl;
2614 else
2615 ret = s->hob_hcyl;
2616 break;
2617 case 6:
2618 if (!ide_if[0].bs && !ide_if[1].bs)
2619 ret = 0;
2620 else
2621 ret = s->select;
2622 break;
2623 default:
2624 case 7:
2625 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2626 (s != ide_if && !s->bs))
2627 ret = 0;
2628 else
2629 ret = s->status;
2630 qemu_irq_lower(s->irq);
2631 break;
2633 #ifdef DEBUG_IDE
2634 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
2635 #endif
2636 return ret;
2639 static uint32_t ide_status_read(void *opaque, uint32_t addr)
2641 IDEState *ide_if = opaque;
2642 IDEState *s = ide_if->cur_drive;
2643 int ret;
2645 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2646 (s != ide_if && !s->bs))
2647 ret = 0;
2648 else
2649 ret = s->status;
2650 #ifdef DEBUG_IDE
2651 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
2652 #endif
2653 return ret;
2656 static void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
2658 IDEState *ide_if = opaque;
2659 IDEState *s;
2660 int i;
2662 #ifdef DEBUG_IDE
2663 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
2664 #endif
2665 /* common for both drives */
2666 if (!(ide_if[0].cmd & IDE_CMD_RESET) &&
2667 (val & IDE_CMD_RESET)) {
2668 /* reset low to high */
2669 for(i = 0;i < 2; i++) {
2670 s = &ide_if[i];
2671 s->status = BUSY_STAT | SEEK_STAT;
2672 s->error = 0x01;
2674 } else if ((ide_if[0].cmd & IDE_CMD_RESET) &&
2675 !(val & IDE_CMD_RESET)) {
2676 /* high to low */
2677 for(i = 0;i < 2; i++) {
2678 s = &ide_if[i];
2679 if (s->is_cdrom)
2680 s->status = 0x00; /* NOTE: READY is _not_ set */
2681 else
2682 s->status = READY_STAT | SEEK_STAT;
2683 ide_set_signature(s);
2687 ide_if[0].cmd = val;
2688 ide_if[1].cmd = val;
2691 static void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
2693 IDEState *s = ((IDEState *)opaque)->cur_drive;
2694 uint8_t *p;
2696 /* PIO data access allowed only when DRQ bit is set */
2697 if (!(s->status & DRQ_STAT))
2698 return;
2700 p = s->data_ptr;
2701 *(uint16_t *)p = le16_to_cpu(val);
2702 p += 2;
2703 s->data_ptr = p;
2704 if (p >= s->data_end)
2705 s->end_transfer_func(s);
2708 static uint32_t ide_data_readw(void *opaque, uint32_t addr)
2710 IDEState *s = ((IDEState *)opaque)->cur_drive;
2711 uint8_t *p;
2712 int ret;
2714 /* PIO data access allowed only when DRQ bit is set */
2715 if (!(s->status & DRQ_STAT))
2716 return 0;
2718 p = s->data_ptr;
2719 ret = cpu_to_le16(*(uint16_t *)p);
2720 p += 2;
2721 s->data_ptr = p;
2722 if (p >= s->data_end)
2723 s->end_transfer_func(s);
2724 return ret;
2727 static void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
2729 IDEState *s = ((IDEState *)opaque)->cur_drive;
2730 uint8_t *p;
2732 /* PIO data access allowed only when DRQ bit is set */
2733 if (!(s->status & DRQ_STAT))
2734 return;
2736 p = s->data_ptr;
2737 *(uint32_t *)p = le32_to_cpu(val);
2738 p += 4;
2739 s->data_ptr = p;
2740 if (p >= s->data_end)
2741 s->end_transfer_func(s);
2744 static uint32_t ide_data_readl(void *opaque, uint32_t addr)
2746 IDEState *s = ((IDEState *)opaque)->cur_drive;
2747 uint8_t *p;
2748 int ret;
2750 /* PIO data access allowed only when DRQ bit is set */
2751 if (!(s->status & DRQ_STAT))
2752 return 0;
2754 p = s->data_ptr;
2755 ret = cpu_to_le32(*(uint32_t *)p);
2756 p += 4;
2757 s->data_ptr = p;
2758 if (p >= s->data_end)
2759 s->end_transfer_func(s);
2760 return ret;
2763 static void ide_dummy_transfer_stop(IDEState *s)
2765 s->data_ptr = s->io_buffer;
2766 s->data_end = s->io_buffer;
2767 s->io_buffer[0] = 0xff;
2768 s->io_buffer[1] = 0xff;
2769 s->io_buffer[2] = 0xff;
2770 s->io_buffer[3] = 0xff;
2773 static void ide_reset(IDEState *s)
2775 if (s->is_cf)
2776 s->mult_sectors = 0;
2777 else
2778 s->mult_sectors = MAX_MULT_SECTORS;
2779 s->cur_drive = s;
2780 s->select = 0xa0;
2781 s->status = READY_STAT | SEEK_STAT;
2782 ide_set_signature(s);
2783 /* init the transfer handler so that 0xffff is returned on data
2784 accesses */
2785 s->end_transfer_func = ide_dummy_transfer_stop;
2786 ide_dummy_transfer_stop(s);
2787 s->media_changed = 0;
2790 static void ide_init2(IDEState *ide_state,
2791 BlockDriverState *hd0, BlockDriverState *hd1,
2792 qemu_irq irq)
2794 IDEState *s;
2795 static int drive_serial = 1;
2796 int i, cylinders, heads, secs;
2797 uint64_t nb_sectors;
2799 for(i = 0; i < 2; i++) {
2800 s = ide_state + i;
2801 if (i == 0)
2802 s->bs = hd0;
2803 else
2804 s->bs = hd1;
2805 s->io_buffer = qemu_blockalign(s->bs, IDE_DMA_BUF_SECTORS*512 + 4);
2806 if (s->bs) {
2807 bdrv_get_geometry(s->bs, &nb_sectors);
2808 bdrv_guess_geometry(s->bs, &cylinders, &heads, &secs);
2809 s->cylinders = cylinders;
2810 s->heads = heads;
2811 s->sectors = secs;
2812 s->nb_sectors = nb_sectors;
2814 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
2815 s->is_cdrom = 1;
2816 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
2819 s->drive_serial = drive_serial++;
2820 strncpy(s->drive_serial_str, drive_get_serial(s->bs),
2821 sizeof(s->drive_serial_str));
2822 if (strlen(s->drive_serial_str) == 0)
2823 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str),
2824 "QM%05d", s->drive_serial);
2825 s->irq = irq;
2826 s->sector_write_timer = qemu_new_timer(vm_clock,
2827 ide_sector_write_timer_cb, s);
2828 ide_reset(s);
2832 static void ide_init_ioport(IDEState *ide_state, int iobase, int iobase2)
2834 register_ioport_write(iobase, 8, 1, ide_ioport_write, ide_state);
2835 register_ioport_read(iobase, 8, 1, ide_ioport_read, ide_state);
2836 if (iobase2) {
2837 register_ioport_read(iobase2, 1, 1, ide_status_read, ide_state);
2838 register_ioport_write(iobase2, 1, 1, ide_cmd_write, ide_state);
2841 /* data ports */
2842 register_ioport_write(iobase, 2, 2, ide_data_writew, ide_state);
2843 register_ioport_read(iobase, 2, 2, ide_data_readw, ide_state);
2844 register_ioport_write(iobase, 4, 4, ide_data_writel, ide_state);
2845 register_ioport_read(iobase, 4, 4, ide_data_readl, ide_state);
2848 /* save per IDE drive data */
2849 static void ide_save(QEMUFile* f, IDEState *s)
2851 qemu_put_be32(f, s->mult_sectors);
2852 qemu_put_be32(f, s->identify_set);
2853 if (s->identify_set) {
2854 qemu_put_buffer(f, (const uint8_t *)s->identify_data, 512);
2856 qemu_put_8s(f, &s->feature);
2857 qemu_put_8s(f, &s->error);
2858 qemu_put_be32s(f, &s->nsector);
2859 qemu_put_8s(f, &s->sector);
2860 qemu_put_8s(f, &s->lcyl);
2861 qemu_put_8s(f, &s->hcyl);
2862 qemu_put_8s(f, &s->hob_feature);
2863 qemu_put_8s(f, &s->hob_nsector);
2864 qemu_put_8s(f, &s->hob_sector);
2865 qemu_put_8s(f, &s->hob_lcyl);
2866 qemu_put_8s(f, &s->hob_hcyl);
2867 qemu_put_8s(f, &s->select);
2868 qemu_put_8s(f, &s->status);
2869 qemu_put_8s(f, &s->lba48);
2871 qemu_put_8s(f, &s->sense_key);
2872 qemu_put_8s(f, &s->asc);
2873 /* XXX: if a transfer is pending, we do not save it yet */
2876 /* load per IDE drive data */
2877 static void ide_load(QEMUFile* f, IDEState *s)
2879 s->mult_sectors=qemu_get_be32(f);
2880 s->identify_set=qemu_get_be32(f);
2881 if (s->identify_set) {
2882 qemu_get_buffer(f, (uint8_t *)s->identify_data, 512);
2884 qemu_get_8s(f, &s->feature);
2885 qemu_get_8s(f, &s->error);
2886 qemu_get_be32s(f, &s->nsector);
2887 qemu_get_8s(f, &s->sector);
2888 qemu_get_8s(f, &s->lcyl);
2889 qemu_get_8s(f, &s->hcyl);
2890 qemu_get_8s(f, &s->hob_feature);
2891 qemu_get_8s(f, &s->hob_nsector);
2892 qemu_get_8s(f, &s->hob_sector);
2893 qemu_get_8s(f, &s->hob_lcyl);
2894 qemu_get_8s(f, &s->hob_hcyl);
2895 qemu_get_8s(f, &s->select);
2896 qemu_get_8s(f, &s->status);
2897 qemu_get_8s(f, &s->lba48);
2899 qemu_get_8s(f, &s->sense_key);
2900 qemu_get_8s(f, &s->asc);
2901 /* XXX: if a transfer is pending, we do not save it yet */
2904 /***********************************************************/
2905 /* ISA IDE definitions */
2907 void isa_ide_init(int iobase, int iobase2, qemu_irq irq,
2908 BlockDriverState *hd0, BlockDriverState *hd1)
2910 IDEState *ide_state;
2912 ide_state = qemu_mallocz(sizeof(IDEState) * 2);
2914 ide_init2(ide_state, hd0, hd1, irq);
2915 ide_init_ioport(ide_state, iobase, iobase2);
2918 /***********************************************************/
2919 /* PCI IDE definitions */
2921 static void cmd646_update_irq(PCIIDEState *d);
2923 static void ide_map(PCIDevice *pci_dev, int region_num,
2924 uint32_t addr, uint32_t size, int type)
2926 PCIIDEState *d = (PCIIDEState *)pci_dev;
2927 IDEState *ide_state;
2929 if (region_num <= 3) {
2930 ide_state = &d->ide_if[(region_num >> 1) * 2];
2931 if (region_num & 1) {
2932 register_ioport_read(addr + 2, 1, 1, ide_status_read, ide_state);
2933 register_ioport_write(addr + 2, 1, 1, ide_cmd_write, ide_state);
2934 } else {
2935 register_ioport_write(addr, 8, 1, ide_ioport_write, ide_state);
2936 register_ioport_read(addr, 8, 1, ide_ioport_read, ide_state);
2938 /* data ports */
2939 register_ioport_write(addr, 2, 2, ide_data_writew, ide_state);
2940 register_ioport_read(addr, 2, 2, ide_data_readw, ide_state);
2941 register_ioport_write(addr, 4, 4, ide_data_writel, ide_state);
2942 register_ioport_read(addr, 4, 4, ide_data_readl, ide_state);
2947 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb)
2949 BMDMAState *bm = s->bmdma;
2950 if(!bm)
2951 return;
2952 bm->ide_if = s;
2953 bm->dma_cb = dma_cb;
2954 bm->cur_prd_last = 0;
2955 bm->cur_prd_addr = 0;
2956 bm->cur_prd_len = 0;
2957 bm->sector_num = ide_get_sector(s);
2958 bm->nsector = s->nsector;
2959 if (bm->status & BM_STATUS_DMAING) {
2960 bm->dma_cb(bm, 0);
2964 static void ide_dma_restart(IDEState *s)
2966 BMDMAState *bm = s->bmdma;
2967 ide_set_sector(s, bm->sector_num);
2968 s->io_buffer_index = 0;
2969 s->io_buffer_size = 0;
2970 s->nsector = bm->nsector;
2971 bm->cur_addr = bm->addr;
2972 bm->dma_cb = ide_write_dma_cb;
2973 ide_dma_start(s, bm->dma_cb);
2976 static void ide_dma_cancel(BMDMAState *bm)
2978 if (bm->status & BM_STATUS_DMAING) {
2979 bm->status &= ~BM_STATUS_DMAING;
2980 /* cancel DMA request */
2981 bm->ide_if = NULL;
2982 bm->dma_cb = NULL;
2983 if (bm->aiocb) {
2984 #ifdef DEBUG_AIO
2985 printf("aio_cancel\n");
2986 #endif
2987 bdrv_aio_cancel(bm->aiocb);
2988 bm->aiocb = NULL;
2993 static void bmdma_cmd_writeb(void *opaque, uint32_t addr, uint32_t val)
2995 BMDMAState *bm = opaque;
2996 #ifdef DEBUG_IDE
2997 printf("%s: 0x%08x\n", __func__, val);
2998 #endif
2999 if (!(val & BM_CMD_START)) {
3000 /* XXX: do it better */
3001 ide_dma_cancel(bm);
3002 bm->cmd = val & 0x09;
3003 } else {
3004 if (!(bm->status & BM_STATUS_DMAING)) {
3005 bm->status |= BM_STATUS_DMAING;
3006 /* start dma transfer if possible */
3007 if (bm->dma_cb)
3008 bm->dma_cb(bm, 0);
3010 bm->cmd = val & 0x09;
3014 static uint32_t bmdma_readb(void *opaque, uint32_t addr)
3016 BMDMAState *bm = opaque;
3017 PCIIDEState *pci_dev;
3018 uint32_t val;
3020 switch(addr & 3) {
3021 case 0:
3022 val = bm->cmd;
3023 break;
3024 case 1:
3025 pci_dev = bm->pci_dev;
3026 if (pci_dev->type == IDE_TYPE_CMD646) {
3027 val = pci_dev->dev.config[MRDMODE];
3028 } else {
3029 val = 0xff;
3031 break;
3032 case 2:
3033 val = bm->status;
3034 break;
3035 case 3:
3036 pci_dev = bm->pci_dev;
3037 if (pci_dev->type == IDE_TYPE_CMD646) {
3038 if (bm == &pci_dev->bmdma[0])
3039 val = pci_dev->dev.config[UDIDETCR0];
3040 else
3041 val = pci_dev->dev.config[UDIDETCR1];
3042 } else {
3043 val = 0xff;
3045 break;
3046 default:
3047 val = 0xff;
3048 break;
3050 #ifdef DEBUG_IDE
3051 printf("bmdma: readb 0x%02x : 0x%02x\n", addr, val);
3052 #endif
3053 return val;
3056 static void bmdma_writeb(void *opaque, uint32_t addr, uint32_t val)
3058 BMDMAState *bm = opaque;
3059 PCIIDEState *pci_dev;
3060 #ifdef DEBUG_IDE
3061 printf("bmdma: writeb 0x%02x : 0x%02x\n", addr, val);
3062 #endif
3063 switch(addr & 3) {
3064 case 1:
3065 pci_dev = bm->pci_dev;
3066 if (pci_dev->type == IDE_TYPE_CMD646) {
3067 pci_dev->dev.config[MRDMODE] =
3068 (pci_dev->dev.config[MRDMODE] & ~0x30) | (val & 0x30);
3069 cmd646_update_irq(pci_dev);
3071 break;
3072 case 2:
3073 bm->status = (val & 0x60) | (bm->status & 1) | (bm->status & ~val & 0x06);
3074 break;
3075 case 3:
3076 pci_dev = bm->pci_dev;
3077 if (pci_dev->type == IDE_TYPE_CMD646) {
3078 if (bm == &pci_dev->bmdma[0])
3079 pci_dev->dev.config[UDIDETCR0] = val;
3080 else
3081 pci_dev->dev.config[UDIDETCR1] = val;
3083 break;
3087 static uint32_t bmdma_addr_readb(void *opaque, uint32_t addr)
3089 BMDMAState *bm = opaque;
3090 uint32_t val;
3091 val = (bm->addr >> ((addr & 3) * 8)) & 0xff;
3092 #ifdef DEBUG_IDE
3093 printf("%s: 0x%08x\n", __func__, val);
3094 #endif
3095 return val;
3098 static void bmdma_addr_writeb(void *opaque, uint32_t addr, uint32_t val)
3100 BMDMAState *bm = opaque;
3101 int shift = (addr & 3) * 8;
3102 #ifdef DEBUG_IDE
3103 printf("%s: 0x%08x\n", __func__, val);
3104 #endif
3105 bm->addr &= ~(0xFF << shift);
3106 bm->addr |= ((val & 0xFF) << shift) & ~3;
3107 bm->cur_addr = bm->addr;
3110 static uint32_t bmdma_addr_readw(void *opaque, uint32_t addr)
3112 BMDMAState *bm = opaque;
3113 uint32_t val;
3114 val = (bm->addr >> ((addr & 3) * 8)) & 0xffff;
3115 #ifdef DEBUG_IDE
3116 printf("%s: 0x%08x\n", __func__, val);
3117 #endif
3118 return val;
3121 static void bmdma_addr_writew(void *opaque, uint32_t addr, uint32_t val)
3123 BMDMAState *bm = opaque;
3124 int shift = (addr & 3) * 8;
3125 #ifdef DEBUG_IDE
3126 printf("%s: 0x%08x\n", __func__, val);
3127 #endif
3128 bm->addr &= ~(0xFFFF << shift);
3129 bm->addr |= ((val & 0xFFFF) << shift) & ~3;
3130 bm->cur_addr = bm->addr;
3133 static uint32_t bmdma_addr_readl(void *opaque, uint32_t addr)
3135 BMDMAState *bm = opaque;
3136 uint32_t val;
3137 val = bm->addr;
3138 #ifdef DEBUG_IDE
3139 printf("%s: 0x%08x\n", __func__, val);
3140 #endif
3141 return val;
3144 static void bmdma_addr_writel(void *opaque, uint32_t addr, uint32_t val)
3146 BMDMAState *bm = opaque;
3147 #ifdef DEBUG_IDE
3148 printf("%s: 0x%08x\n", __func__, val);
3149 #endif
3150 bm->addr = val & ~3;
3151 bm->cur_addr = bm->addr;
3154 static void bmdma_map(PCIDevice *pci_dev, int region_num,
3155 uint32_t addr, uint32_t size, int type)
3157 PCIIDEState *d = (PCIIDEState *)pci_dev;
3158 int i;
3160 for(i = 0;i < 2; i++) {
3161 BMDMAState *bm = &d->bmdma[i];
3162 d->ide_if[2 * i].bmdma = bm;
3163 d->ide_if[2 * i + 1].bmdma = bm;
3164 bm->pci_dev = (PCIIDEState *)pci_dev;
3165 qemu_add_vm_change_state_handler(ide_dma_restart_cb, bm);
3167 register_ioport_write(addr, 1, 1, bmdma_cmd_writeb, bm);
3169 register_ioport_write(addr + 1, 3, 1, bmdma_writeb, bm);
3170 register_ioport_read(addr, 4, 1, bmdma_readb, bm);
3172 register_ioport_write(addr + 4, 4, 1, bmdma_addr_writeb, bm);
3173 register_ioport_read(addr + 4, 4, 1, bmdma_addr_readb, bm);
3174 register_ioport_write(addr + 4, 4, 2, bmdma_addr_writew, bm);
3175 register_ioport_read(addr + 4, 4, 2, bmdma_addr_readw, bm);
3176 register_ioport_write(addr + 4, 4, 4, bmdma_addr_writel, bm);
3177 register_ioport_read(addr + 4, 4, 4, bmdma_addr_readl, bm);
3178 addr += 8;
3182 static void pci_ide_save(QEMUFile* f, void *opaque)
3184 PCIIDEState *d = opaque;
3185 int i;
3187 pci_device_save(&d->dev, f);
3189 for(i = 0; i < 2; i++) {
3190 BMDMAState *bm = &d->bmdma[i];
3191 uint8_t ifidx;
3192 qemu_put_8s(f, &bm->cmd);
3193 qemu_put_8s(f, &bm->status);
3194 qemu_put_be32s(f, &bm->addr);
3195 qemu_put_sbe64s(f, &bm->sector_num);
3196 qemu_put_be32s(f, &bm->nsector);
3197 ifidx = bm->ide_if ? bm->ide_if - d->ide_if : 0;
3198 qemu_put_8s(f, &ifidx);
3199 /* XXX: if a transfer is pending, we do not save it yet */
3202 /* per IDE interface data */
3203 for(i = 0; i < 2; i++) {
3204 IDEState *s = &d->ide_if[i * 2];
3205 uint8_t drive1_selected;
3206 qemu_put_8s(f, &s->cmd);
3207 drive1_selected = (s->cur_drive != s);
3208 qemu_put_8s(f, &drive1_selected);
3211 /* per IDE drive data */
3212 for(i = 0; i < 4; i++) {
3213 ide_save(f, &d->ide_if[i]);
3217 static int pci_ide_load(QEMUFile* f, void *opaque, int version_id)
3219 PCIIDEState *d = opaque;
3220 int ret, i;
3222 if (version_id != 2)
3223 return -EINVAL;
3224 ret = pci_device_load(&d->dev, f);
3225 if (ret < 0)
3226 return ret;
3228 for(i = 0; i < 2; i++) {
3229 BMDMAState *bm = &d->bmdma[i];
3230 uint8_t ifidx;
3231 qemu_get_8s(f, &bm->cmd);
3232 qemu_get_8s(f, &bm->status);
3233 qemu_get_be32s(f, &bm->addr);
3234 qemu_get_sbe64s(f, &bm->sector_num);
3235 qemu_get_be32s(f, &bm->nsector);
3236 qemu_get_8s(f, &ifidx);
3237 bm->ide_if = &d->ide_if[ifidx];
3238 /* XXX: if a transfer is pending, we do not save it yet */
3241 /* per IDE interface data */
3242 for(i = 0; i < 2; i++) {
3243 IDEState *s = &d->ide_if[i * 2];
3244 uint8_t drive1_selected;
3245 qemu_get_8s(f, &s->cmd);
3246 qemu_get_8s(f, &drive1_selected);
3247 s->cur_drive = &d->ide_if[i * 2 + (drive1_selected != 0)];
3250 /* per IDE drive data */
3251 for(i = 0; i < 4; i++) {
3252 ide_load(f, &d->ide_if[i]);
3254 return 0;
3257 /* XXX: call it also when the MRDMODE is changed from the PCI config
3258 registers */
3259 static void cmd646_update_irq(PCIIDEState *d)
3261 int pci_level;
3262 pci_level = ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH0) &&
3263 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH0)) ||
3264 ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH1) &&
3265 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH1));
3266 qemu_set_irq(d->dev.irq[0], pci_level);
3269 /* the PCI irq level is the logical OR of the two channels */
3270 static void cmd646_set_irq(void *opaque, int channel, int level)
3272 PCIIDEState *d = opaque;
3273 int irq_mask;
3275 irq_mask = MRDMODE_INTR_CH0 << channel;
3276 if (level)
3277 d->dev.config[MRDMODE] |= irq_mask;
3278 else
3279 d->dev.config[MRDMODE] &= ~irq_mask;
3280 cmd646_update_irq(d);
3283 static void cmd646_reset(void *opaque)
3285 PCIIDEState *d = opaque;
3286 unsigned int i;
3288 for (i = 0; i < 2; i++)
3289 ide_dma_cancel(&d->bmdma[i]);
3292 /* CMD646 PCI IDE controller */
3293 void pci_cmd646_ide_init(PCIBus *bus, BlockDriverState **hd_table,
3294 int secondary_ide_enabled)
3296 PCIIDEState *d;
3297 uint8_t *pci_conf;
3298 int i;
3299 qemu_irq *irq;
3301 d = (PCIIDEState *)pci_register_device(bus, "CMD646 IDE",
3302 sizeof(PCIIDEState),
3304 NULL, NULL);
3305 d->type = IDE_TYPE_CMD646;
3306 pci_conf = d->dev.config;
3307 pci_config_set_vendor_id(pci_conf, PCI_VENDOR_ID_CMD);
3308 pci_config_set_device_id(pci_conf, PCI_DEVICE_ID_CMD_646);
3310 pci_conf[0x08] = 0x07; // IDE controller revision
3311 pci_conf[0x09] = 0x8f;
3313 pci_config_set_class(pci_conf, PCI_CLASS_STORAGE_IDE);
3314 pci_conf[PCI_HEADER_TYPE] = PCI_HEADER_TYPE_NORMAL; // header_type
3316 pci_conf[0x51] = 0x04; // enable IDE0
3317 if (secondary_ide_enabled) {
3318 /* XXX: if not enabled, really disable the seconday IDE controller */
3319 pci_conf[0x51] |= 0x08; /* enable IDE1 */
3322 pci_register_bar((PCIDevice *)d, 0, 0x8,
3323 PCI_ADDRESS_SPACE_IO, ide_map);
3324 pci_register_bar((PCIDevice *)d, 1, 0x4,
3325 PCI_ADDRESS_SPACE_IO, ide_map);
3326 pci_register_bar((PCIDevice *)d, 2, 0x8,
3327 PCI_ADDRESS_SPACE_IO, ide_map);
3328 pci_register_bar((PCIDevice *)d, 3, 0x4,
3329 PCI_ADDRESS_SPACE_IO, ide_map);
3330 pci_register_bar((PCIDevice *)d, 4, 0x10,
3331 PCI_ADDRESS_SPACE_IO, bmdma_map);
3333 pci_conf[0x3d] = 0x01; // interrupt on pin 1
3335 for(i = 0; i < 4; i++)
3336 d->ide_if[i].pci_dev = (PCIDevice *)d;
3338 irq = qemu_allocate_irqs(cmd646_set_irq, d, 2);
3339 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], irq[0]);
3340 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], irq[1]);
3342 register_savevm("ide", 0, 2, pci_ide_save, pci_ide_load, d);
3343 qemu_register_reset(cmd646_reset, d);
3344 cmd646_reset(d);
3347 static void piix3_reset(void *opaque)
3349 PCIIDEState *d = opaque;
3350 uint8_t *pci_conf = d->dev.config;
3351 int i;
3353 for (i = 0; i < 2; i++)
3354 ide_dma_cancel(&d->bmdma[i]);
3356 pci_conf[0x04] = 0x00;
3357 pci_conf[0x05] = 0x00;
3358 pci_conf[0x06] = 0x80; /* FBC */
3359 pci_conf[0x07] = 0x02; // PCI_status_devsel_medium
3360 pci_conf[0x20] = 0x01; /* BMIBA: 20-23h */
3363 /* hd_table must contain 4 block drivers */
3364 /* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
3365 void pci_piix3_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
3366 qemu_irq *pic)
3368 PCIIDEState *d;
3369 uint8_t *pci_conf;
3370 int i;
3372 /* register a function 1 of PIIX3 */
3373 d = (PCIIDEState *)pci_register_device(bus, "PIIX3 IDE",
3374 sizeof(PCIIDEState),
3375 devfn,
3376 NULL, NULL);
3377 d->type = IDE_TYPE_PIIX3;
3379 pci_conf = d->dev.config;
3380 pci_config_set_vendor_id(pci_conf, PCI_VENDOR_ID_INTEL);
3381 pci_config_set_device_id(pci_conf, PCI_DEVICE_ID_INTEL_82371SB_1);
3382 pci_conf[0x09] = 0x80; // legacy ATA mode
3383 pci_config_set_class(pci_conf, PCI_CLASS_STORAGE_IDE);
3384 pci_conf[PCI_HEADER_TYPE] = PCI_HEADER_TYPE_NORMAL; // header_type
3386 qemu_register_reset(piix3_reset, d);
3387 piix3_reset(d);
3389 pci_register_bar((PCIDevice *)d, 4, 0x10,
3390 PCI_ADDRESS_SPACE_IO, bmdma_map);
3392 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
3393 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
3394 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
3395 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
3397 for (i = 0; i < 4; i++)
3398 if (hd_table[i])
3399 hd_table[i]->private = &d->dev;
3401 register_savevm("ide", 0, 2, pci_ide_save, pci_ide_load, d);
3404 /* hd_table must contain 4 block drivers */
3405 /* NOTE: for the PIIX4, the IRQs and IOports are hardcoded */
3406 void pci_piix4_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
3407 qemu_irq *pic)
3409 PCIIDEState *d;
3410 uint8_t *pci_conf;
3412 /* register a function 1 of PIIX4 */
3413 d = (PCIIDEState *)pci_register_device(bus, "PIIX4 IDE",
3414 sizeof(PCIIDEState),
3415 devfn,
3416 NULL, NULL);
3417 d->type = IDE_TYPE_PIIX4;
3419 pci_conf = d->dev.config;
3420 pci_config_set_vendor_id(pci_conf, PCI_VENDOR_ID_INTEL);
3421 pci_config_set_device_id(pci_conf, PCI_DEVICE_ID_INTEL_82371AB);
3422 pci_conf[0x09] = 0x80; // legacy ATA mode
3423 pci_config_set_class(pci_conf, PCI_CLASS_STORAGE_IDE);
3424 pci_conf[PCI_HEADER_TYPE] = PCI_HEADER_TYPE_NORMAL; // header_type
3426 qemu_register_reset(piix3_reset, d);
3427 piix3_reset(d);
3429 pci_register_bar((PCIDevice *)d, 4, 0x10,
3430 PCI_ADDRESS_SPACE_IO, bmdma_map);
3432 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
3433 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
3434 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
3435 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
3437 register_savevm("ide", 0, 2, pci_ide_save, pci_ide_load, d);
3440 #if defined(TARGET_PPC)
3441 /***********************************************************/
3442 /* MacIO based PowerPC IDE */
3444 typedef struct MACIOIDEState {
3445 IDEState ide_if[2];
3446 BlockDriverAIOCB *aiocb;
3447 } MACIOIDEState;
3449 static void pmac_ide_atapi_transfer_cb(void *opaque, int ret)
3451 DBDMA_io *io = opaque;
3452 MACIOIDEState *m = io->opaque;
3453 IDEState *s = m->ide_if->cur_drive;
3455 if (ret < 0) {
3456 m->aiocb = NULL;
3457 qemu_sglist_destroy(&s->sg);
3458 ide_atapi_io_error(s, ret);
3459 io->dma_end(opaque);
3460 return;
3463 if (s->io_buffer_size > 0) {
3464 m->aiocb = NULL;
3465 qemu_sglist_destroy(&s->sg);
3467 s->packet_transfer_size -= s->io_buffer_size;
3469 s->io_buffer_index += s->io_buffer_size;
3470 s->lba += s->io_buffer_index >> 11;
3471 s->io_buffer_index &= 0x7ff;
3474 if (s->packet_transfer_size <= 0)
3475 ide_atapi_cmd_ok(s);
3477 if (io->len == 0) {
3478 io->dma_end(opaque);
3479 return;
3482 /* launch next transfer */
3484 s->io_buffer_size = io->len;
3486 qemu_sglist_init(&s->sg, io->len / TARGET_PAGE_SIZE + 1);
3487 qemu_sglist_add(&s->sg, io->addr, io->len);
3488 io->addr += io->len;
3489 io->len = 0;
3491 m->aiocb = dma_bdrv_read(s->bs, &s->sg,
3492 (int64_t)(s->lba << 2) + (s->io_buffer_index >> 9),
3493 pmac_ide_atapi_transfer_cb, io);
3494 if (!m->aiocb) {
3495 qemu_sglist_destroy(&s->sg);
3496 /* Note: media not present is the most likely case */
3497 ide_atapi_cmd_error(s, SENSE_NOT_READY,
3498 ASC_MEDIUM_NOT_PRESENT);
3499 io->dma_end(opaque);
3500 return;
3504 static void pmac_ide_transfer_cb(void *opaque, int ret)
3506 DBDMA_io *io = opaque;
3507 MACIOIDEState *m = io->opaque;
3508 IDEState *s = m->ide_if->cur_drive;
3509 int n;
3510 int64_t sector_num;
3512 if (ret < 0) {
3513 m->aiocb = NULL;
3514 qemu_sglist_destroy(&s->sg);
3515 ide_dma_error(s);
3516 io->dma_end(io);
3517 return;
3520 sector_num = ide_get_sector(s);
3521 if (s->io_buffer_size > 0) {
3522 m->aiocb = NULL;
3523 qemu_sglist_destroy(&s->sg);
3524 n = (s->io_buffer_size + 0x1ff) >> 9;
3525 sector_num += n;
3526 ide_set_sector(s, sector_num);
3527 s->nsector -= n;
3530 /* end of transfer ? */
3531 if (s->nsector == 0) {
3532 s->status = READY_STAT | SEEK_STAT;
3533 ide_set_irq(s);
3536 /* end of DMA ? */
3538 if (io->len == 0) {
3539 io->dma_end(io);
3540 return;
3543 /* launch next transfer */
3545 s->io_buffer_index = 0;
3546 s->io_buffer_size = io->len;
3548 qemu_sglist_init(&s->sg, io->len / TARGET_PAGE_SIZE + 1);
3549 qemu_sglist_add(&s->sg, io->addr, io->len);
3550 io->addr += io->len;
3551 io->len = 0;
3553 if (s->is_read)
3554 m->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num,
3555 pmac_ide_transfer_cb, io);
3556 else
3557 m->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num,
3558 pmac_ide_transfer_cb, io);
3559 if (!m->aiocb)
3560 pmac_ide_transfer_cb(io, -1);
3563 static void pmac_ide_transfer(DBDMA_io *io)
3565 MACIOIDEState *m = io->opaque;
3566 IDEState *s = m->ide_if->cur_drive;
3568 s->io_buffer_size = 0;
3569 if (s->is_cdrom) {
3570 pmac_ide_atapi_transfer_cb(io, 0);
3571 return;
3574 pmac_ide_transfer_cb(io, 0);
3577 static void pmac_ide_flush(DBDMA_io *io)
3579 MACIOIDEState *m = io->opaque;
3581 if (m->aiocb)
3582 qemu_aio_flush();
3585 /* PowerMac IDE memory IO */
3586 static void pmac_ide_writeb (void *opaque,
3587 target_phys_addr_t addr, uint32_t val)
3589 MACIOIDEState *d = opaque;
3591 addr = (addr & 0xFFF) >> 4;
3592 switch (addr) {
3593 case 1 ... 7:
3594 ide_ioport_write(d->ide_if, addr, val);
3595 break;
3596 case 8:
3597 case 22:
3598 ide_cmd_write(d->ide_if, 0, val);
3599 break;
3600 default:
3601 break;
3605 static uint32_t pmac_ide_readb (void *opaque,target_phys_addr_t addr)
3607 uint8_t retval;
3608 MACIOIDEState *d = opaque;
3610 addr = (addr & 0xFFF) >> 4;
3611 switch (addr) {
3612 case 1 ... 7:
3613 retval = ide_ioport_read(d->ide_if, addr);
3614 break;
3615 case 8:
3616 case 22:
3617 retval = ide_status_read(d->ide_if, 0);
3618 break;
3619 default:
3620 retval = 0xFF;
3621 break;
3623 return retval;
3626 static void pmac_ide_writew (void *opaque,
3627 target_phys_addr_t addr, uint32_t val)
3629 MACIOIDEState *d = opaque;
3631 addr = (addr & 0xFFF) >> 4;
3632 #ifdef TARGET_WORDS_BIGENDIAN
3633 val = bswap16(val);
3634 #endif
3635 if (addr == 0) {
3636 ide_data_writew(d->ide_if, 0, val);
3640 static uint32_t pmac_ide_readw (void *opaque,target_phys_addr_t addr)
3642 uint16_t retval;
3643 MACIOIDEState *d = opaque;
3645 addr = (addr & 0xFFF) >> 4;
3646 if (addr == 0) {
3647 retval = ide_data_readw(d->ide_if, 0);
3648 } else {
3649 retval = 0xFFFF;
3651 #ifdef TARGET_WORDS_BIGENDIAN
3652 retval = bswap16(retval);
3653 #endif
3654 return retval;
3657 static void pmac_ide_writel (void *opaque,
3658 target_phys_addr_t addr, uint32_t val)
3660 MACIOIDEState *d = opaque;
3662 addr = (addr & 0xFFF) >> 4;
3663 #ifdef TARGET_WORDS_BIGENDIAN
3664 val = bswap32(val);
3665 #endif
3666 if (addr == 0) {
3667 ide_data_writel(d->ide_if, 0, val);
3671 static uint32_t pmac_ide_readl (void *opaque,target_phys_addr_t addr)
3673 uint32_t retval;
3674 MACIOIDEState *d = opaque;
3676 addr = (addr & 0xFFF) >> 4;
3677 if (addr == 0) {
3678 retval = ide_data_readl(d->ide_if, 0);
3679 } else {
3680 retval = 0xFFFFFFFF;
3682 #ifdef TARGET_WORDS_BIGENDIAN
3683 retval = bswap32(retval);
3684 #endif
3685 return retval;
3688 static CPUWriteMemoryFunc *pmac_ide_write[] = {
3689 pmac_ide_writeb,
3690 pmac_ide_writew,
3691 pmac_ide_writel,
3694 static CPUReadMemoryFunc *pmac_ide_read[] = {
3695 pmac_ide_readb,
3696 pmac_ide_readw,
3697 pmac_ide_readl,
3700 static void pmac_ide_save(QEMUFile *f, void *opaque)
3702 MACIOIDEState *d = opaque;
3703 IDEState *s = d->ide_if;
3704 uint8_t drive1_selected;
3705 unsigned int i;
3707 /* per IDE interface data */
3708 qemu_put_8s(f, &s->cmd);
3709 drive1_selected = (s->cur_drive != s);
3710 qemu_put_8s(f, &drive1_selected);
3712 /* per IDE drive data */
3713 for(i = 0; i < 2; i++) {
3714 ide_save(f, &s[i]);
3718 static int pmac_ide_load(QEMUFile *f, void *opaque, int version_id)
3720 MACIOIDEState *d = opaque;
3721 IDEState *s = d->ide_if;
3722 uint8_t drive1_selected;
3723 unsigned int i;
3725 if (version_id != 1)
3726 return -EINVAL;
3728 /* per IDE interface data */
3729 qemu_get_8s(f, &s->cmd);
3730 qemu_get_8s(f, &drive1_selected);
3731 s->cur_drive = &s[(drive1_selected != 0)];
3733 /* per IDE drive data */
3734 for(i = 0; i < 2; i++) {
3735 ide_load(f, &s[i]);
3737 return 0;
3740 static void pmac_ide_reset(void *opaque)
3742 MACIOIDEState *d = opaque;
3743 IDEState *s = d->ide_if;
3745 ide_reset(&s[0]);
3746 ide_reset(&s[1]);
3749 /* hd_table must contain 4 block drivers */
3750 /* PowerMac uses memory mapped registers, not I/O. Return the memory
3751 I/O index to access the ide. */
3752 int pmac_ide_init (BlockDriverState **hd_table, qemu_irq irq,
3753 void *dbdma, int channel, qemu_irq dma_irq)
3755 MACIOIDEState *d;
3756 int pmac_ide_memory;
3758 d = qemu_mallocz(sizeof(MACIOIDEState));
3759 ide_init2(d->ide_if, hd_table[0], hd_table[1], irq);
3761 if (dbdma)
3762 DBDMA_register_channel(dbdma, channel, dma_irq, pmac_ide_transfer, pmac_ide_flush, d);
3764 pmac_ide_memory = cpu_register_io_memory(pmac_ide_read,
3765 pmac_ide_write, d);
3766 register_savevm("ide", 0, 1, pmac_ide_save, pmac_ide_load, d);
3767 qemu_register_reset(pmac_ide_reset, d);
3768 pmac_ide_reset(d);
3770 return pmac_ide_memory;
3772 #endif /* TARGET_PPC */
3774 /***********************************************************/
3775 /* MMIO based ide port
3776 * This emulates IDE device connected directly to the CPU bus without
3777 * dedicated ide controller, which is often seen on embedded boards.
3780 typedef struct {
3781 void *dev;
3782 int shift;
3783 } MMIOState;
3785 static uint32_t mmio_ide_read (void *opaque, target_phys_addr_t addr)
3787 MMIOState *s = (MMIOState*)opaque;
3788 IDEState *ide = (IDEState*)s->dev;
3789 addr >>= s->shift;
3790 if (addr & 7)
3791 return ide_ioport_read(ide, addr);
3792 else
3793 return ide_data_readw(ide, 0);
3796 static void mmio_ide_write (void *opaque, target_phys_addr_t addr,
3797 uint32_t val)
3799 MMIOState *s = (MMIOState*)opaque;
3800 IDEState *ide = (IDEState*)s->dev;
3801 addr >>= s->shift;
3802 if (addr & 7)
3803 ide_ioport_write(ide, addr, val);
3804 else
3805 ide_data_writew(ide, 0, val);
3808 static CPUReadMemoryFunc *mmio_ide_reads[] = {
3809 mmio_ide_read,
3810 mmio_ide_read,
3811 mmio_ide_read,
3814 static CPUWriteMemoryFunc *mmio_ide_writes[] = {
3815 mmio_ide_write,
3816 mmio_ide_write,
3817 mmio_ide_write,
3820 static uint32_t mmio_ide_status_read (void *opaque, target_phys_addr_t addr)
3822 MMIOState *s= (MMIOState*)opaque;
3823 IDEState *ide = (IDEState*)s->dev;
3824 return ide_status_read(ide, 0);
3827 static void mmio_ide_cmd_write (void *opaque, target_phys_addr_t addr,
3828 uint32_t val)
3830 MMIOState *s = (MMIOState*)opaque;
3831 IDEState *ide = (IDEState*)s->dev;
3832 ide_cmd_write(ide, 0, val);
3835 static CPUReadMemoryFunc *mmio_ide_status[] = {
3836 mmio_ide_status_read,
3837 mmio_ide_status_read,
3838 mmio_ide_status_read,
3841 static CPUWriteMemoryFunc *mmio_ide_cmd[] = {
3842 mmio_ide_cmd_write,
3843 mmio_ide_cmd_write,
3844 mmio_ide_cmd_write,
3847 void mmio_ide_init (target_phys_addr_t membase, target_phys_addr_t membase2,
3848 qemu_irq irq, int shift,
3849 BlockDriverState *hd0, BlockDriverState *hd1)
3851 MMIOState *s = qemu_mallocz(sizeof(MMIOState));
3852 IDEState *ide = qemu_mallocz(sizeof(IDEState) * 2);
3853 int mem1, mem2;
3855 ide_init2(ide, hd0, hd1, irq);
3857 s->dev = ide;
3858 s->shift = shift;
3860 mem1 = cpu_register_io_memory(mmio_ide_reads, mmio_ide_writes, s);
3861 mem2 = cpu_register_io_memory(mmio_ide_status, mmio_ide_cmd, s);
3862 cpu_register_physical_memory(membase, 16 << shift, mem1);
3863 cpu_register_physical_memory(membase2, 2 << shift, mem2);
3866 /***********************************************************/
3867 /* CF-ATA Microdrive */
3869 #define METADATA_SIZE 0x20
3871 /* DSCM-1XXXX Microdrive hard disk with CF+ II / PCMCIA interface. */
3872 typedef struct {
3873 IDEState ide[2];
3874 PCMCIACardState card;
3875 uint32_t attr_base;
3876 uint32_t io_base;
3878 /* Card state */
3879 uint8_t opt;
3880 uint8_t stat;
3881 uint8_t pins;
3883 uint8_t ctrl;
3884 uint16_t io;
3885 int cycle;
3886 } MicroDriveState;
3888 /* Register bitfields */
3889 enum md_opt {
3890 OPT_MODE_MMAP = 0,
3891 OPT_MODE_IOMAP16 = 1,
3892 OPT_MODE_IOMAP1 = 2,
3893 OPT_MODE_IOMAP2 = 3,
3894 OPT_MODE = 0x3f,
3895 OPT_LEVIREQ = 0x40,
3896 OPT_SRESET = 0x80,
3898 enum md_cstat {
3899 STAT_INT = 0x02,
3900 STAT_PWRDWN = 0x04,
3901 STAT_XE = 0x10,
3902 STAT_IOIS8 = 0x20,
3903 STAT_SIGCHG = 0x40,
3904 STAT_CHANGED = 0x80,
3906 enum md_pins {
3907 PINS_MRDY = 0x02,
3908 PINS_CRDY = 0x20,
3910 enum md_ctrl {
3911 CTRL_IEN = 0x02,
3912 CTRL_SRST = 0x04,
3915 static inline void md_interrupt_update(MicroDriveState *s)
3917 if (!s->card.slot)
3918 return;
3920 qemu_set_irq(s->card.slot->irq,
3921 !(s->stat & STAT_INT) && /* Inverted */
3922 !(s->ctrl & (CTRL_IEN | CTRL_SRST)) &&
3923 !(s->opt & OPT_SRESET));
3926 static void md_set_irq(void *opaque, int irq, int level)
3928 MicroDriveState *s = (MicroDriveState *) opaque;
3929 if (level)
3930 s->stat |= STAT_INT;
3931 else
3932 s->stat &= ~STAT_INT;
3934 md_interrupt_update(s);
3937 static void md_reset(MicroDriveState *s)
3939 s->opt = OPT_MODE_MMAP;
3940 s->stat = 0;
3941 s->pins = 0;
3942 s->cycle = 0;
3943 s->ctrl = 0;
3944 ide_reset(s->ide);
3947 static uint8_t md_attr_read(void *opaque, uint32_t at)
3949 MicroDriveState *s = (MicroDriveState *) opaque;
3950 if (at < s->attr_base) {
3951 if (at < s->card.cis_len)
3952 return s->card.cis[at];
3953 else
3954 return 0x00;
3957 at -= s->attr_base;
3959 switch (at) {
3960 case 0x00: /* Configuration Option Register */
3961 return s->opt;
3962 case 0x02: /* Card Configuration Status Register */
3963 if (s->ctrl & CTRL_IEN)
3964 return s->stat & ~STAT_INT;
3965 else
3966 return s->stat;
3967 case 0x04: /* Pin Replacement Register */
3968 return (s->pins & PINS_CRDY) | 0x0c;
3969 case 0x06: /* Socket and Copy Register */
3970 return 0x00;
3971 #ifdef VERBOSE
3972 default:
3973 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3974 #endif
3977 return 0;
3980 static void md_attr_write(void *opaque, uint32_t at, uint8_t value)
3982 MicroDriveState *s = (MicroDriveState *) opaque;
3983 at -= s->attr_base;
3985 switch (at) {
3986 case 0x00: /* Configuration Option Register */
3987 s->opt = value & 0xcf;
3988 if (value & OPT_SRESET)
3989 md_reset(s);
3990 md_interrupt_update(s);
3991 break;
3992 case 0x02: /* Card Configuration Status Register */
3993 if ((s->stat ^ value) & STAT_PWRDWN)
3994 s->pins |= PINS_CRDY;
3995 s->stat &= 0x82;
3996 s->stat |= value & 0x74;
3997 md_interrupt_update(s);
3998 /* Word 170 in Identify Device must be equal to STAT_XE */
3999 break;
4000 case 0x04: /* Pin Replacement Register */
4001 s->pins &= PINS_CRDY;
4002 s->pins |= value & PINS_MRDY;
4003 break;
4004 case 0x06: /* Socket and Copy Register */
4005 break;
4006 default:
4007 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
4011 static uint16_t md_common_read(void *opaque, uint32_t at)
4013 MicroDriveState *s = (MicroDriveState *) opaque;
4014 uint16_t ret;
4015 at -= s->io_base;
4017 switch (s->opt & OPT_MODE) {
4018 case OPT_MODE_MMAP:
4019 if ((at & ~0x3ff) == 0x400)
4020 at = 0;
4021 break;
4022 case OPT_MODE_IOMAP16:
4023 at &= 0xf;
4024 break;
4025 case OPT_MODE_IOMAP1:
4026 if ((at & ~0xf) == 0x3f0)
4027 at -= 0x3e8;
4028 else if ((at & ~0xf) == 0x1f0)
4029 at -= 0x1f0;
4030 break;
4031 case OPT_MODE_IOMAP2:
4032 if ((at & ~0xf) == 0x370)
4033 at -= 0x368;
4034 else if ((at & ~0xf) == 0x170)
4035 at -= 0x170;
4038 switch (at) {
4039 case 0x0: /* Even RD Data */
4040 case 0x8:
4041 return ide_data_readw(s->ide, 0);
4043 /* TODO: 8-bit accesses */
4044 if (s->cycle)
4045 ret = s->io >> 8;
4046 else {
4047 s->io = ide_data_readw(s->ide, 0);
4048 ret = s->io & 0xff;
4050 s->cycle = !s->cycle;
4051 return ret;
4052 case 0x9: /* Odd RD Data */
4053 return s->io >> 8;
4054 case 0xd: /* Error */
4055 return ide_ioport_read(s->ide, 0x1);
4056 case 0xe: /* Alternate Status */
4057 if (s->ide->cur_drive->bs)
4058 return s->ide->cur_drive->status;
4059 else
4060 return 0;
4061 case 0xf: /* Device Address */
4062 return 0xc2 | ((~s->ide->select << 2) & 0x3c);
4063 default:
4064 return ide_ioport_read(s->ide, at);
4067 return 0;
4070 static void md_common_write(void *opaque, uint32_t at, uint16_t value)
4072 MicroDriveState *s = (MicroDriveState *) opaque;
4073 at -= s->io_base;
4075 switch (s->opt & OPT_MODE) {
4076 case OPT_MODE_MMAP:
4077 if ((at & ~0x3ff) == 0x400)
4078 at = 0;
4079 break;
4080 case OPT_MODE_IOMAP16:
4081 at &= 0xf;
4082 break;
4083 case OPT_MODE_IOMAP1:
4084 if ((at & ~0xf) == 0x3f0)
4085 at -= 0x3e8;
4086 else if ((at & ~0xf) == 0x1f0)
4087 at -= 0x1f0;
4088 break;
4089 case OPT_MODE_IOMAP2:
4090 if ((at & ~0xf) == 0x370)
4091 at -= 0x368;
4092 else if ((at & ~0xf) == 0x170)
4093 at -= 0x170;
4096 switch (at) {
4097 case 0x0: /* Even WR Data */
4098 case 0x8:
4099 ide_data_writew(s->ide, 0, value);
4100 break;
4102 /* TODO: 8-bit accesses */
4103 if (s->cycle)
4104 ide_data_writew(s->ide, 0, s->io | (value << 8));
4105 else
4106 s->io = value & 0xff;
4107 s->cycle = !s->cycle;
4108 break;
4109 case 0x9:
4110 s->io = value & 0xff;
4111 s->cycle = !s->cycle;
4112 break;
4113 case 0xd: /* Features */
4114 ide_ioport_write(s->ide, 0x1, value);
4115 break;
4116 case 0xe: /* Device Control */
4117 s->ctrl = value;
4118 if (value & CTRL_SRST)
4119 md_reset(s);
4120 md_interrupt_update(s);
4121 break;
4122 default:
4123 if (s->stat & STAT_PWRDWN) {
4124 s->pins |= PINS_CRDY;
4125 s->stat &= ~STAT_PWRDWN;
4127 ide_ioport_write(s->ide, at, value);
4131 static void md_save(QEMUFile *f, void *opaque)
4133 MicroDriveState *s = (MicroDriveState *) opaque;
4134 int i;
4135 uint8_t drive1_selected;
4137 qemu_put_8s(f, &s->opt);
4138 qemu_put_8s(f, &s->stat);
4139 qemu_put_8s(f, &s->pins);
4141 qemu_put_8s(f, &s->ctrl);
4142 qemu_put_be16s(f, &s->io);
4143 qemu_put_byte(f, s->cycle);
4145 drive1_selected = (s->ide->cur_drive != s->ide);
4146 qemu_put_8s(f, &s->ide->cmd);
4147 qemu_put_8s(f, &drive1_selected);
4149 for (i = 0; i < 2; i ++)
4150 ide_save(f, &s->ide[i]);
4153 static int md_load(QEMUFile *f, void *opaque, int version_id)
4155 MicroDriveState *s = (MicroDriveState *) opaque;
4156 int i;
4157 uint8_t drive1_selected;
4159 qemu_get_8s(f, &s->opt);
4160 qemu_get_8s(f, &s->stat);
4161 qemu_get_8s(f, &s->pins);
4163 qemu_get_8s(f, &s->ctrl);
4164 qemu_get_be16s(f, &s->io);
4165 s->cycle = qemu_get_byte(f);
4167 qemu_get_8s(f, &s->ide->cmd);
4168 qemu_get_8s(f, &drive1_selected);
4169 s->ide->cur_drive = &s->ide[(drive1_selected != 0)];
4171 for (i = 0; i < 2; i ++)
4172 ide_load(f, &s->ide[i]);
4174 return 0;
4177 static const uint8_t dscm1xxxx_cis[0x14a] = {
4178 [0x000] = CISTPL_DEVICE, /* 5V Device Information */
4179 [0x002] = 0x03, /* Tuple length = 4 bytes */
4180 [0x004] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
4181 [0x006] = 0x01, /* Size = 2K bytes */
4182 [0x008] = CISTPL_ENDMARK,
4184 [0x00a] = CISTPL_DEVICE_OC, /* Additional Device Information */
4185 [0x00c] = 0x04, /* Tuple length = 4 byest */
4186 [0x00e] = 0x03, /* Conditions: Ext = 0, Vcc 3.3V, MWAIT = 1 */
4187 [0x010] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
4188 [0x012] = 0x01, /* Size = 2K bytes */
4189 [0x014] = CISTPL_ENDMARK,
4191 [0x016] = CISTPL_JEDEC_C, /* JEDEC ID */
4192 [0x018] = 0x02, /* Tuple length = 2 bytes */
4193 [0x01a] = 0xdf, /* PC Card ATA with no Vpp required */
4194 [0x01c] = 0x01,
4196 [0x01e] = CISTPL_MANFID, /* Manufacture ID */
4197 [0x020] = 0x04, /* Tuple length = 4 bytes */
4198 [0x022] = 0xa4, /* TPLMID_MANF = 00a4 (IBM) */
4199 [0x024] = 0x00,
4200 [0x026] = 0x00, /* PLMID_CARD = 0000 */
4201 [0x028] = 0x00,
4203 [0x02a] = CISTPL_VERS_1, /* Level 1 Version */
4204 [0x02c] = 0x12, /* Tuple length = 23 bytes */
4205 [0x02e] = 0x04, /* Major Version = JEIDA 4.2 / PCMCIA 2.1 */
4206 [0x030] = 0x01, /* Minor Version = 1 */
4207 [0x032] = 'I',
4208 [0x034] = 'B',
4209 [0x036] = 'M',
4210 [0x038] = 0x00,
4211 [0x03a] = 'm',
4212 [0x03c] = 'i',
4213 [0x03e] = 'c',
4214 [0x040] = 'r',
4215 [0x042] = 'o',
4216 [0x044] = 'd',
4217 [0x046] = 'r',
4218 [0x048] = 'i',
4219 [0x04a] = 'v',
4220 [0x04c] = 'e',
4221 [0x04e] = 0x00,
4222 [0x050] = CISTPL_ENDMARK,
4224 [0x052] = CISTPL_FUNCID, /* Function ID */
4225 [0x054] = 0x02, /* Tuple length = 2 bytes */
4226 [0x056] = 0x04, /* TPLFID_FUNCTION = Fixed Disk */
4227 [0x058] = 0x01, /* TPLFID_SYSINIT: POST = 1, ROM = 0 */
4229 [0x05a] = CISTPL_FUNCE, /* Function Extension */
4230 [0x05c] = 0x02, /* Tuple length = 2 bytes */
4231 [0x05e] = 0x01, /* TPLFE_TYPE = Disk Device Interface */
4232 [0x060] = 0x01, /* TPLFE_DATA = PC Card ATA Interface */
4234 [0x062] = CISTPL_FUNCE, /* Function Extension */
4235 [0x064] = 0x03, /* Tuple length = 3 bytes */
4236 [0x066] = 0x02, /* TPLFE_TYPE = Basic PC Card ATA Interface */
4237 [0x068] = 0x08, /* TPLFE_DATA: Rotating, Unique, Single */
4238 [0x06a] = 0x0f, /* TPLFE_DATA: Sleep, Standby, Idle, Auto */
4240 [0x06c] = CISTPL_CONFIG, /* Configuration */
4241 [0x06e] = 0x05, /* Tuple length = 5 bytes */
4242 [0x070] = 0x01, /* TPCC_RASZ = 2 bytes, TPCC_RMSZ = 1 byte */
4243 [0x072] = 0x07, /* TPCC_LAST = 7 */
4244 [0x074] = 0x00, /* TPCC_RADR = 0200 */
4245 [0x076] = 0x02,
4246 [0x078] = 0x0f, /* TPCC_RMSK = 200, 202, 204, 206 */
4248 [0x07a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4249 [0x07c] = 0x0b, /* Tuple length = 11 bytes */
4250 [0x07e] = 0xc0, /* TPCE_INDX = Memory Mode, Default, Iface */
4251 [0x080] = 0xc0, /* TPCE_IF = Memory, no BVDs, no WP, READY */
4252 [0x082] = 0xa1, /* TPCE_FS = Vcc only, no I/O, Memory, Misc */
4253 [0x084] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
4254 [0x086] = 0x55, /* NomV: 5.0 V */
4255 [0x088] = 0x4d, /* MinV: 4.5 V */
4256 [0x08a] = 0x5d, /* MaxV: 5.5 V */
4257 [0x08c] = 0x4e, /* Peakl: 450 mA */
4258 [0x08e] = 0x08, /* TPCE_MS = 1 window, 1 byte, Host address */
4259 [0x090] = 0x00, /* Window descriptor: Window length = 0 */
4260 [0x092] = 0x20, /* TPCE_MI: support power down mode, RW */
4262 [0x094] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4263 [0x096] = 0x06, /* Tuple length = 6 bytes */
4264 [0x098] = 0x00, /* TPCE_INDX = Memory Mode, no Default */
4265 [0x09a] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
4266 [0x09c] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
4267 [0x09e] = 0xb5, /* NomV: 3.3 V */
4268 [0x0a0] = 0x1e,
4269 [0x0a2] = 0x3e, /* Peakl: 350 mA */
4271 [0x0a4] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4272 [0x0a6] = 0x0d, /* Tuple length = 13 bytes */
4273 [0x0a8] = 0xc1, /* TPCE_INDX = I/O and Memory Mode, Default */
4274 [0x0aa] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
4275 [0x0ac] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
4276 [0x0ae] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
4277 [0x0b0] = 0x55, /* NomV: 5.0 V */
4278 [0x0b2] = 0x4d, /* MinV: 4.5 V */
4279 [0x0b4] = 0x5d, /* MaxV: 5.5 V */
4280 [0x0b6] = 0x4e, /* Peakl: 450 mA */
4281 [0x0b8] = 0x64, /* TPCE_IO = 16-byte boundary, 16/8 accesses */
4282 [0x0ba] = 0xf0, /* TPCE_IR = MASK, Level, Pulse, Share */
4283 [0x0bc] = 0xff, /* IRQ0..IRQ7 supported */
4284 [0x0be] = 0xff, /* IRQ8..IRQ15 supported */
4285 [0x0c0] = 0x20, /* TPCE_MI = support power down mode */
4287 [0x0c2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4288 [0x0c4] = 0x06, /* Tuple length = 6 bytes */
4289 [0x0c6] = 0x01, /* TPCE_INDX = I/O and Memory Mode */
4290 [0x0c8] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
4291 [0x0ca] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
4292 [0x0cc] = 0xb5, /* NomV: 3.3 V */
4293 [0x0ce] = 0x1e,
4294 [0x0d0] = 0x3e, /* Peakl: 350 mA */
4296 [0x0d2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4297 [0x0d4] = 0x12, /* Tuple length = 18 bytes */
4298 [0x0d6] = 0xc2, /* TPCE_INDX = I/O Primary Mode */
4299 [0x0d8] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
4300 [0x0da] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
4301 [0x0dc] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
4302 [0x0de] = 0x55, /* NomV: 5.0 V */
4303 [0x0e0] = 0x4d, /* MinV: 4.5 V */
4304 [0x0e2] = 0x5d, /* MaxV: 5.5 V */
4305 [0x0e4] = 0x4e, /* Peakl: 450 mA */
4306 [0x0e6] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
4307 [0x0e8] = 0x61, /* Range: 2 fields, 2 bytes addr, 1 byte len */
4308 [0x0ea] = 0xf0, /* Field 1 address = 0x01f0 */
4309 [0x0ec] = 0x01,
4310 [0x0ee] = 0x07, /* Address block length = 8 */
4311 [0x0f0] = 0xf6, /* Field 2 address = 0x03f6 */
4312 [0x0f2] = 0x03,
4313 [0x0f4] = 0x01, /* Address block length = 2 */
4314 [0x0f6] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
4315 [0x0f8] = 0x20, /* TPCE_MI = support power down mode */
4317 [0x0fa] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4318 [0x0fc] = 0x06, /* Tuple length = 6 bytes */
4319 [0x0fe] = 0x02, /* TPCE_INDX = I/O Primary Mode, no Default */
4320 [0x100] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
4321 [0x102] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
4322 [0x104] = 0xb5, /* NomV: 3.3 V */
4323 [0x106] = 0x1e,
4324 [0x108] = 0x3e, /* Peakl: 350 mA */
4326 [0x10a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4327 [0x10c] = 0x12, /* Tuple length = 18 bytes */
4328 [0x10e] = 0xc3, /* TPCE_INDX = I/O Secondary Mode, Default */
4329 [0x110] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
4330 [0x112] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
4331 [0x114] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
4332 [0x116] = 0x55, /* NomV: 5.0 V */
4333 [0x118] = 0x4d, /* MinV: 4.5 V */
4334 [0x11a] = 0x5d, /* MaxV: 5.5 V */
4335 [0x11c] = 0x4e, /* Peakl: 450 mA */
4336 [0x11e] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
4337 [0x120] = 0x61, /* Range: 2 fields, 2 byte addr, 1 byte len */
4338 [0x122] = 0x70, /* Field 1 address = 0x0170 */
4339 [0x124] = 0x01,
4340 [0x126] = 0x07, /* Address block length = 8 */
4341 [0x128] = 0x76, /* Field 2 address = 0x0376 */
4342 [0x12a] = 0x03,
4343 [0x12c] = 0x01, /* Address block length = 2 */
4344 [0x12e] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
4345 [0x130] = 0x20, /* TPCE_MI = support power down mode */
4347 [0x132] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
4348 [0x134] = 0x06, /* Tuple length = 6 bytes */
4349 [0x136] = 0x03, /* TPCE_INDX = I/O Secondary Mode */
4350 [0x138] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
4351 [0x13a] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
4352 [0x13c] = 0xb5, /* NomV: 3.3 V */
4353 [0x13e] = 0x1e,
4354 [0x140] = 0x3e, /* Peakl: 350 mA */
4356 [0x142] = CISTPL_NO_LINK, /* No Link */
4357 [0x144] = 0x00, /* Tuple length = 0 bytes */
4359 [0x146] = CISTPL_END, /* Tuple End */
4362 static int dscm1xxxx_attach(void *opaque)
4364 MicroDriveState *md = (MicroDriveState *) opaque;
4365 md->card.attr_read = md_attr_read;
4366 md->card.attr_write = md_attr_write;
4367 md->card.common_read = md_common_read;
4368 md->card.common_write = md_common_write;
4369 md->card.io_read = md_common_read;
4370 md->card.io_write = md_common_write;
4372 md->attr_base = md->card.cis[0x74] | (md->card.cis[0x76] << 8);
4373 md->io_base = 0x0;
4375 md_reset(md);
4376 md_interrupt_update(md);
4378 md->card.slot->card_string = "DSCM-1xxxx Hitachi Microdrive";
4379 return 0;
4382 static int dscm1xxxx_detach(void *opaque)
4384 MicroDriveState *md = (MicroDriveState *) opaque;
4385 md_reset(md);
4386 return 0;
4389 PCMCIACardState *dscm1xxxx_init(BlockDriverState *bdrv)
4391 MicroDriveState *md = (MicroDriveState *) qemu_mallocz(sizeof(MicroDriveState));
4392 md->card.state = md;
4393 md->card.attach = dscm1xxxx_attach;
4394 md->card.detach = dscm1xxxx_detach;
4395 md->card.cis = dscm1xxxx_cis;
4396 md->card.cis_len = sizeof(dscm1xxxx_cis);
4398 ide_init2(md->ide, bdrv, 0, qemu_allocate_irqs(md_set_irq, md, 1)[0]);
4399 md->ide->is_cf = 1;
4400 md->ide->mdata_size = METADATA_SIZE;
4401 md->ide->mdata_storage = (uint8_t *) qemu_mallocz(METADATA_SIZE);
4403 register_savevm("microdrive", -1, 0, md_save, md_load, md);
4405 return &md->card;