search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
kvm: external module: adjust for new host kernels install location
[qemu-kvm/fedora.git] / hw / ide.c
blobb42f252cceee7104b97f9b60c2c17b9ba2000356
1 /*
2 * QEMU IDE disk and CD/DVD-ROM Emulator
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
25 #include "hw.h"
26 #include "pc.h"
27 #include "pci.h"
28 #include "scsi-disk.h"
29 #include "pcmcia.h"
30 #include "block.h"
31 #include "block_int.h"
32 #include "qemu-timer.h"
33 #include "sysemu.h"
34 #include "ppc_mac.h"
35
36 /* debug IDE devices */
37 //#define DEBUG_IDE
38 //#define DEBUG_IDE_ATAPI
39 //#define DEBUG_AIO
40 #define USE_DMA_CDROM
41
42 /* Bits of HD_STATUS */
43 #define ERR_STAT 0x01
44 #define INDEX_STAT 0x02
45 #define ECC_STAT 0x04 /* Corrected error */
46 #define DRQ_STAT 0x08
47 #define SEEK_STAT 0x10
48 #define SRV_STAT 0x10
49 #define WRERR_STAT 0x20
50 #define READY_STAT 0x40
51 #define BUSY_STAT 0x80
52
53 /* Bits for HD_ERROR */
54 #define MARK_ERR 0x01 /* Bad address mark */
55 #define TRK0_ERR 0x02 /* couldn't find track 0 */
56 #define ABRT_ERR 0x04 /* Command aborted */
57 #define MCR_ERR 0x08 /* media change request */
58 #define ID_ERR 0x10 /* ID field not found */
59 #define MC_ERR 0x20 /* media changed */
60 #define ECC_ERR 0x40 /* Uncorrectable ECC error */
61 #define BBD_ERR 0x80 /* pre-EIDE meaning: block marked bad */
62 #define ICRC_ERR 0x80 /* new meaning: CRC error during transfer */
63
64 /* Bits of HD_NSECTOR */
65 #define CD 0x01
66 #define IO 0x02
67 #define REL 0x04
68 #define TAG_MASK 0xf8
69
70 #define IDE_CMD_RESET 0x04
71 #define IDE_CMD_DISABLE_IRQ 0x02
72
73 /* ATA/ATAPI Commands pre T13 Spec */
74 #define WIN_NOP 0x00
75 /*
76 * 0x01->0x02 Reserved
77 */
78 #define CFA_REQ_EXT_ERROR_CODE 0x03 /* CFA Request Extended Error Code */
79 /*
80 * 0x04->0x07 Reserved
81 */
82 #define WIN_SRST 0x08 /* ATAPI soft reset command */
83 #define WIN_DEVICE_RESET 0x08
84 /*
85 * 0x09->0x0F Reserved
86 */
87 #define WIN_RECAL 0x10
88 #define WIN_RESTORE WIN_RECAL
89 /*
90 * 0x10->0x1F Reserved
91 */
92 #define WIN_READ 0x20 /* 28-Bit */
93 #define WIN_READ_ONCE 0x21 /* 28-Bit without retries */
94 #define WIN_READ_LONG 0x22 /* 28-Bit */
95 #define WIN_READ_LONG_ONCE 0x23 /* 28-Bit without retries */
96 #define WIN_READ_EXT 0x24 /* 48-Bit */
97 #define WIN_READDMA_EXT 0x25 /* 48-Bit */
98 #define WIN_READDMA_QUEUED_EXT 0x26 /* 48-Bit */
99 #define WIN_READ_NATIVE_MAX_EXT 0x27 /* 48-Bit */
100 /*
101 * 0x28
102 */
103 #define WIN_MULTREAD_EXT 0x29 /* 48-Bit */
104 /*
105 * 0x2A->0x2F Reserved
106 */
107 #define WIN_WRITE 0x30 /* 28-Bit */
108 #define WIN_WRITE_ONCE 0x31 /* 28-Bit without retries */
109 #define WIN_WRITE_LONG 0x32 /* 28-Bit */
110 #define WIN_WRITE_LONG_ONCE 0x33 /* 28-Bit without retries */
111 #define WIN_WRITE_EXT 0x34 /* 48-Bit */
112 #define WIN_WRITEDMA_EXT 0x35 /* 48-Bit */
113 #define WIN_WRITEDMA_QUEUED_EXT 0x36 /* 48-Bit */
114 #define WIN_SET_MAX_EXT 0x37 /* 48-Bit */
115 #define CFA_WRITE_SECT_WO_ERASE 0x38 /* CFA Write Sectors without erase */
116 #define WIN_MULTWRITE_EXT 0x39 /* 48-Bit */
117 /*
118 * 0x3A->0x3B Reserved
119 */
120 #define WIN_WRITE_VERIFY 0x3C /* 28-Bit */
121 /*
122 * 0x3D->0x3F Reserved
123 */
124 #define WIN_VERIFY 0x40 /* 28-Bit - Read Verify Sectors */
125 #define WIN_VERIFY_ONCE 0x41 /* 28-Bit - without retries */
126 #define WIN_VERIFY_EXT 0x42 /* 48-Bit */
127 /*
128 * 0x43->0x4F Reserved
129 */
130 #define WIN_FORMAT 0x50
131 /*
132 * 0x51->0x5F Reserved
133 */
134 #define WIN_INIT 0x60
135 /*
136 * 0x61->0x5F Reserved
137 */
138 #define WIN_SEEK 0x70 /* 0x70-0x7F Reserved */
139 #define CFA_TRANSLATE_SECTOR 0x87 /* CFA Translate Sector */
140 #define WIN_DIAGNOSE 0x90
141 #define WIN_SPECIFY 0x91 /* set drive geometry translation */
142 #define WIN_DOWNLOAD_MICROCODE 0x92
143 #define WIN_STANDBYNOW2 0x94
144 #define CFA_IDLEIMMEDIATE 0x95 /* force drive to become "ready" */
145 #define WIN_STANDBY2 0x96
146 #define WIN_SETIDLE2 0x97
147 #define WIN_CHECKPOWERMODE2 0x98
148 #define WIN_SLEEPNOW2 0x99
149 /*
150 * 0x9A VENDOR
151 */
152 #define WIN_PACKETCMD 0xA0 /* Send a packet command. */
153 #define WIN_PIDENTIFY 0xA1 /* identify ATAPI device */
154 #define WIN_QUEUED_SERVICE 0xA2
155 #define WIN_SMART 0xB0 /* self-monitoring and reporting */
156 #define CFA_ACCESS_METADATA_STORAGE 0xB8
157 #define CFA_ERASE_SECTORS 0xC0 /* microdrives implement as NOP */
158 #define WIN_MULTREAD 0xC4 /* read sectors using multiple mode*/
159 #define WIN_MULTWRITE 0xC5 /* write sectors using multiple mode */
160 #define WIN_SETMULT 0xC6 /* enable/disable multiple mode */
161 #define WIN_READDMA_QUEUED 0xC7 /* read sectors using Queued DMA transfers */
162 #define WIN_READDMA 0xC8 /* read sectors using DMA transfers */
163 #define WIN_READDMA_ONCE 0xC9 /* 28-Bit - without retries */
164 #define WIN_WRITEDMA 0xCA /* write sectors using DMA transfers */
165 #define WIN_WRITEDMA_ONCE 0xCB /* 28-Bit - without retries */
166 #define WIN_WRITEDMA_QUEUED 0xCC /* write sectors using Queued DMA transfers */
167 #define CFA_WRITE_MULTI_WO_ERASE 0xCD /* CFA Write multiple without erase */
168 #define WIN_GETMEDIASTATUS 0xDA
169 #define WIN_ACKMEDIACHANGE 0xDB /* ATA-1, ATA-2 vendor */
170 #define WIN_POSTBOOT 0xDC
171 #define WIN_PREBOOT 0xDD
172 #define WIN_DOORLOCK 0xDE /* lock door on removable drives */
173 #define WIN_DOORUNLOCK 0xDF /* unlock door on removable drives */
174 #define WIN_STANDBYNOW1 0xE0
175 #define WIN_IDLEIMMEDIATE 0xE1 /* force drive to become "ready" */
176 #define WIN_STANDBY 0xE2 /* Set device in Standby Mode */
177 #define WIN_SETIDLE1 0xE3
178 #define WIN_READ_BUFFER 0xE4 /* force read only 1 sector */
179 #define WIN_CHECKPOWERMODE1 0xE5
180 #define WIN_SLEEPNOW1 0xE6
181 #define WIN_FLUSH_CACHE 0xE7
182 #define WIN_WRITE_BUFFER 0xE8 /* force write only 1 sector */
183 #define WIN_WRITE_SAME 0xE9 /* read ata-2 to use */
184 /* SET_FEATURES 0x22 or 0xDD */
185 #define WIN_FLUSH_CACHE_EXT 0xEA /* 48-Bit */
186 #define WIN_IDENTIFY 0xEC /* ask drive to identify itself */
187 #define WIN_MEDIAEJECT 0xED
188 #define WIN_IDENTIFY_DMA 0xEE /* same as WIN_IDENTIFY, but DMA */
189 #define WIN_SETFEATURES 0xEF /* set special drive features */
190 #define EXABYTE_ENABLE_NEST 0xF0
191 #define IBM_SENSE_CONDITION 0xF0 /* measure disk temperature */
192 #define WIN_SECURITY_SET_PASS 0xF1
193 #define WIN_SECURITY_UNLOCK 0xF2
194 #define WIN_SECURITY_ERASE_PREPARE 0xF3
195 #define WIN_SECURITY_ERASE_UNIT 0xF4
196 #define WIN_SECURITY_FREEZE_LOCK 0xF5
197 #define CFA_WEAR_LEVEL 0xF5 /* microdrives implement as NOP */
198 #define WIN_SECURITY_DISABLE 0xF6
199 #define WIN_READ_NATIVE_MAX 0xF8 /* return the native maximum address */
200 #define WIN_SET_MAX 0xF9
201 #define DISABLE_SEAGATE 0xFB
202
203 /* set to 1 set disable mult support */
204 #define MAX_MULT_SECTORS 16
205 #define IDE_DMA_BUF_SIZE 131072
206 #if (IDE_DMA_BUF_SIZE < MAX_MULT_SECTORS * 512)
207 #error "IDE_DMA_BUF_SIZE must be bigger or equal to MAX_MULT_SECTORS * 512"
208 #endif
209
210 /* ATAPI defines */
211
212 #define ATAPI_PACKET_SIZE 12
213
214 /* The generic packet command opcodes for CD/DVD Logical Units,
215 * From Table 57 of the SFF8090 Ver. 3 (Mt. Fuji) draft standard. */
216 #define GPCMD_BLANK 0xa1
217 #define GPCMD_CLOSE_TRACK 0x5b
218 #define GPCMD_FLUSH_CACHE 0x35
219 #define GPCMD_FORMAT_UNIT 0x04
220 #define GPCMD_GET_CONFIGURATION 0x46
221 #define GPCMD_GET_EVENT_STATUS_NOTIFICATION 0x4a
222 #define GPCMD_GET_PERFORMANCE 0xac
223 #define GPCMD_INQUIRY 0x12
224 #define GPCMD_LOAD_UNLOAD 0xa6
225 #define GPCMD_MECHANISM_STATUS 0xbd
226 #define GPCMD_MODE_SELECT_10 0x55
227 #define GPCMD_MODE_SENSE_10 0x5a
228 #define GPCMD_PAUSE_RESUME 0x4b
229 #define GPCMD_PLAY_AUDIO_10 0x45
230 #define GPCMD_PLAY_AUDIO_MSF 0x47
231 #define GPCMD_PLAY_AUDIO_TI 0x48
232 #define GPCMD_PLAY_CD 0xbc
233 #define GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL 0x1e
234 #define GPCMD_READ_10 0x28
235 #define GPCMD_READ_12 0xa8
236 #define GPCMD_READ_CDVD_CAPACITY 0x25
237 #define GPCMD_READ_CD 0xbe
238 #define GPCMD_READ_CD_MSF 0xb9
239 #define GPCMD_READ_DISC_INFO 0x51
240 #define GPCMD_READ_DVD_STRUCTURE 0xad
241 #define GPCMD_READ_FORMAT_CAPACITIES 0x23
242 #define GPCMD_READ_HEADER 0x44
243 #define GPCMD_READ_TRACK_RZONE_INFO 0x52
244 #define GPCMD_READ_SUBCHANNEL 0x42
245 #define GPCMD_READ_TOC_PMA_ATIP 0x43
246 #define GPCMD_REPAIR_RZONE_TRACK 0x58
247 #define GPCMD_REPORT_KEY 0xa4
248 #define GPCMD_REQUEST_SENSE 0x03
249 #define GPCMD_RESERVE_RZONE_TRACK 0x53
250 #define GPCMD_SCAN 0xba
251 #define GPCMD_SEEK 0x2b
252 #define GPCMD_SEND_DVD_STRUCTURE 0xad
253 #define GPCMD_SEND_EVENT 0xa2
254 #define GPCMD_SEND_KEY 0xa3
255 #define GPCMD_SEND_OPC 0x54
256 #define GPCMD_SET_READ_AHEAD 0xa7
257 #define GPCMD_SET_STREAMING 0xb6
258 #define GPCMD_START_STOP_UNIT 0x1b
259 #define GPCMD_STOP_PLAY_SCAN 0x4e
260 #define GPCMD_TEST_UNIT_READY 0x00
261 #define GPCMD_VERIFY_10 0x2f
262 #define GPCMD_WRITE_10 0x2a
263 #define GPCMD_WRITE_AND_VERIFY_10 0x2e
264 /* This is listed as optional in ATAPI 2.6, but is (curiously)
265 * missing from Mt. Fuji, Table 57. It _is_ mentioned in Mt. Fuji
266 * Table 377 as an MMC command for SCSi devices though... Most ATAPI
267 * drives support it. */
268 #define GPCMD_SET_SPEED 0xbb
269 /* This seems to be a SCSI specific CD-ROM opcode
270 * to play data at track/index */
271 #define GPCMD_PLAYAUDIO_TI 0x48
272 /*
273 * From MS Media Status Notification Support Specification. For
274 * older drives only.
275 */
276 #define GPCMD_GET_MEDIA_STATUS 0xda
277 #define GPCMD_MODE_SENSE_6 0x1a
278
279 /* Mode page codes for mode sense/set */
280 #define GPMODE_R_W_ERROR_PAGE 0x01
281 #define GPMODE_WRITE_PARMS_PAGE 0x05
282 #define GPMODE_AUDIO_CTL_PAGE 0x0e
283 #define GPMODE_POWER_PAGE 0x1a
284 #define GPMODE_FAULT_FAIL_PAGE 0x1c
285 #define GPMODE_TO_PROTECT_PAGE 0x1d
286 #define GPMODE_CAPABILITIES_PAGE 0x2a
287 #define GPMODE_ALL_PAGES 0x3f
288 /* Not in Mt. Fuji, but in ATAPI 2.6 -- depricated now in favor
289 * of MODE_SENSE_POWER_PAGE */
290 #define GPMODE_CDROM_PAGE 0x0d
291
292 /*
293 * Based on values from <linux/cdrom.h> but extending CD_MINS
294 * to the maximum common size allowed by the Orange's Book ATIP
295 *
296 * 90 and 99 min CDs are also available but using them as the
297 * upper limit reduces the effectiveness of the heuristic to
298 * detect DVDs burned to less than 25% of their maximum capacity
299 */
300
301 /* Some generally useful CD-ROM information */
302 #define CD_MINS 80 /* max. minutes per CD */
303 #define CD_SECS 60 /* seconds per minute */
304 #define CD_FRAMES 75 /* frames per second */
305 #define CD_FRAMESIZE 2048 /* bytes per frame, "cooked" mode */
306 #define CD_MAX_BYTES (CD_MINS * CD_SECS * CD_FRAMES * CD_FRAMESIZE)
307 #define CD_MAX_SECTORS (CD_MAX_BYTES / 512)
308
309 /*
310 * The MMC values are not IDE specific and might need to be moved
311 * to a common header if they are also needed for the SCSI emulation
312 */
313
314 /* Profile list from MMC-6 revision 1 table 91 */
315 #define MMC_PROFILE_NONE 0x0000
316 #define MMC_PROFILE_CD_ROM 0x0008
317 #define MMC_PROFILE_CD_R 0x0009
318 #define MMC_PROFILE_CD_RW 0x000A
319 #define MMC_PROFILE_DVD_ROM 0x0010
320 #define MMC_PROFILE_DVD_R_SR 0x0011
321 #define MMC_PROFILE_DVD_RAM 0x0012
322 #define MMC_PROFILE_DVD_RW_RO 0x0013
323 #define MMC_PROFILE_DVD_RW_SR 0x0014
324 #define MMC_PROFILE_DVD_R_DL_SR 0x0015
325 #define MMC_PROFILE_DVD_R_DL_JR 0x0016
326 #define MMC_PROFILE_DVD_RW_DL 0x0017
327 #define MMC_PROFILE_DVD_DDR 0x0018
328 #define MMC_PROFILE_DVD_PLUS_RW 0x001A
329 #define MMC_PROFILE_DVD_PLUS_R 0x001B
330 #define MMC_PROFILE_DVD_PLUS_RW_DL 0x002A
331 #define MMC_PROFILE_DVD_PLUS_R_DL 0x002B
332 #define MMC_PROFILE_BD_ROM 0x0040
333 #define MMC_PROFILE_BD_R_SRM 0x0041
334 #define MMC_PROFILE_BD_R_RRM 0x0042
335 #define MMC_PROFILE_BD_RE 0x0043
336 #define MMC_PROFILE_HDDVD_ROM 0x0050
337 #define MMC_PROFILE_HDDVD_R 0x0051
338 #define MMC_PROFILE_HDDVD_RAM 0x0052
339 #define MMC_PROFILE_HDDVD_RW 0x0053
340 #define MMC_PROFILE_HDDVD_R_DL 0x0058
341 #define MMC_PROFILE_HDDVD_RW_DL 0x005A
342 #define MMC_PROFILE_INVALID 0xFFFF
343
344 #define ATAPI_INT_REASON_CD 0x01 /* 0 = data transfer */
345 #define ATAPI_INT_REASON_IO 0x02 /* 1 = transfer to the host */
346 #define ATAPI_INT_REASON_REL 0x04
347 #define ATAPI_INT_REASON_TAG 0xf8
348
349 /* same constants as bochs */
350 #define ASC_ILLEGAL_OPCODE 0x20
351 #define ASC_LOGICAL_BLOCK_OOR 0x21
352 #define ASC_INV_FIELD_IN_CMD_PACKET 0x24
353 #define ASC_MEDIUM_NOT_PRESENT 0x3a
354 #define ASC_SAVING_PARAMETERS_NOT_SUPPORTED 0x39
355
356 #define CFA_NO_ERROR 0x00
357 #define CFA_MISC_ERROR 0x09
358 #define CFA_INVALID_COMMAND 0x20
359 #define CFA_INVALID_ADDRESS 0x21
360 #define CFA_ADDRESS_OVERFLOW 0x2f
361
362 #define SENSE_NONE 0
363 #define SENSE_NOT_READY 2
364 #define SENSE_ILLEGAL_REQUEST 5
365 #define SENSE_UNIT_ATTENTION 6
366
367 struct IDEState;
368
369 typedef void EndTransferFunc(struct IDEState *);
370
371 /* NOTE: IDEState represents in fact one drive */
372 typedef struct IDEState {
373 /* ide config */
374 int is_cdrom;
375 int is_cf;
376 int cylinders, heads, sectors;
377 int64_t nb_sectors;
378 int mult_sectors;
379 int identify_set;
380 uint16_t identify_data[256];
381 qemu_irq irq;
382 PCIDevice *pci_dev;
383 struct BMDMAState *bmdma;
384 int drive_serial;
385 /* ide regs */
386 uint8_t feature;
387 uint8_t error;
388 uint32_t nsector;
389 uint8_t sector;
390 uint8_t lcyl;
391 uint8_t hcyl;
392 /* other part of tf for lba48 support */
393 uint8_t hob_feature;
394 uint8_t hob_nsector;
395 uint8_t hob_sector;
396 uint8_t hob_lcyl;
397 uint8_t hob_hcyl;
398
399 uint8_t select;
400 uint8_t status;
401
402 /* 0x3f6 command, only meaningful for drive 0 */
403 uint8_t cmd;
404 /* set for lba48 access */
405 uint8_t lba48;
406 /* depends on bit 4 in select, only meaningful for drive 0 */
407 struct IDEState *cur_drive;
408 BlockDriverState *bs;
409 /* ATAPI specific */
410 uint8_t sense_key;
411 uint8_t asc;
412 int packet_transfer_size;
413 int elementary_transfer_size;
414 int io_buffer_index;
415 int lba;
416 int cd_sector_size;
417 int atapi_dma; /* true if dma is requested for the packet cmd */
418 /* ATA DMA state */
419 int io_buffer_size;
420 /* PIO transfer handling */
421 int req_nb_sectors; /* number of sectors per interrupt */
422 EndTransferFunc *end_transfer_func;
423 uint8_t *data_ptr;
424 uint8_t *data_end;
425 uint8_t *io_buffer;
426 QEMUTimer *sector_write_timer; /* only used for win2k install hack */
427 uint32_t irq_count; /* counts IRQs when using win2k install hack */
428 /* CF-ATA extended error */
429 uint8_t ext_error;
430 /* CF-ATA metadata storage */
431 uint32_t mdata_size;
432 uint8_t *mdata_storage;
433 int media_changed;
434 } IDEState;
435
436 #define BM_STATUS_DMAING 0x01
437 #define BM_STATUS_ERROR 0x02
438 #define BM_STATUS_INT 0x04
439
440 #define BM_CMD_START 0x01
441 #define BM_CMD_READ 0x08
442
443 #define IDE_TYPE_PIIX3 0
444 #define IDE_TYPE_CMD646 1
445 #define IDE_TYPE_PIIX4 2
446
447 /* CMD646 specific */
448 #define MRDMODE 0x71
449 #define MRDMODE_INTR_CH0 0x04
450 #define MRDMODE_INTR_CH1 0x08
451 #define MRDMODE_BLK_CH0 0x10
452 #define MRDMODE_BLK_CH1 0x20
453 #define UDIDETCR0 0x73
454 #define UDIDETCR1 0x7B
455
456 typedef struct BMDMAState {
457 uint8_t cmd;
458 uint8_t status;
459 uint32_t addr;
460
461 struct PCIIDEState *pci_dev;
462 /* current transfer state */
463 uint32_t cur_addr;
464 uint32_t cur_prd_last;
465 uint32_t cur_prd_addr;
466 uint32_t cur_prd_len;
467 IDEState *ide_if;
468 BlockDriverCompletionFunc *dma_cb;
469 BlockDriverAIOCB *aiocb;
470 } BMDMAState;
471
472 typedef struct PCIIDEState {
473 PCIDevice dev;
474 IDEState ide_if[4];
475 BMDMAState bmdma[2];
476 int type; /* see IDE_TYPE_xxx */
477 } PCIIDEState;
478
479 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb);
480 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
481
482 static void padstr(char *str, const char *src, int len)
483 {
484 int i, v;
485 for(i = 0; i < len; i++) {
486 if (*src)
487 v = *src++;
488 else
489 v = ' ';
490 str[i^1] = v;
491 }
492 }
493
494 static void padstr8(uint8_t *buf, int buf_size, const char *src)
495 {
496 int i;
497 for(i = 0; i < buf_size; i++) {
498 if (*src)
499 buf[i] = *src++;
500 else
501 buf[i] = ' ';
502 }
503 }
504
505 static void put_le16(uint16_t *p, unsigned int v)
506 {
507 *p = cpu_to_le16(v);
508 }
509
510 static void ide_identify(IDEState *s)
511 {
512 uint16_t *p;
513 unsigned int oldsize;
514 char buf[20];
515
516 if (s->identify_set) {
517 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
518 return;
519 }
520
521 memset(s->io_buffer, 0, 512);
522 p = (uint16_t *)s->io_buffer;
523 put_le16(p + 0, 0x0040);
524 put_le16(p + 1, s->cylinders);
525 put_le16(p + 3, s->heads);
526 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
527 put_le16(p + 5, 512); /* XXX: retired, remove ? */
528 put_le16(p + 6, s->sectors);
529 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
530 padstr((char *)(p + 10), buf, 20); /* serial number */
531 put_le16(p + 20, 3); /* XXX: retired, remove ? */
532 put_le16(p + 21, 512); /* cache size in sectors */
533 put_le16(p + 22, 4); /* ecc bytes */
534 padstr((char *)(p + 23), QEMU_VERSION, 8); /* firmware version */
535 padstr((char *)(p + 27), "QEMU HARDDISK", 40); /* model */
536 #if MAX_MULT_SECTORS > 1
537 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
538 #endif
539 put_le16(p + 48, 1); /* dword I/O */
540 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
541 put_le16(p + 51, 0x200); /* PIO transfer cycle */
542 put_le16(p + 52, 0x200); /* DMA transfer cycle */
543 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
544 put_le16(p + 54, s->cylinders);
545 put_le16(p + 55, s->heads);
546 put_le16(p + 56, s->sectors);
547 oldsize = s->cylinders * s->heads * s->sectors;
548 put_le16(p + 57, oldsize);
549 put_le16(p + 58, oldsize >> 16);
550 if (s->mult_sectors)
551 put_le16(p + 59, 0x100 | s->mult_sectors);
552 put_le16(p + 60, s->nb_sectors);
553 put_le16(p + 61, s->nb_sectors >> 16);
554 put_le16(p + 63, 0x07); /* mdma0-2 supported */
555 put_le16(p + 65, 120);
556 put_le16(p + 66, 120);
557 put_le16(p + 67, 120);
558 put_le16(p + 68, 120);
559 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
560 put_le16(p + 81, 0x16); /* conforms to ata5 */
561 put_le16(p + 82, (1 << 14));
562 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
563 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
564 put_le16(p + 84, (1 << 14));
565 put_le16(p + 85, (1 << 14));
566 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
567 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
568 put_le16(p + 87, (1 << 14));
569 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
570 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
571 put_le16(p + 100, s->nb_sectors);
572 put_le16(p + 101, s->nb_sectors >> 16);
573 put_le16(p + 102, s->nb_sectors >> 32);
574 put_le16(p + 103, s->nb_sectors >> 48);
575
576 memcpy(s->identify_data, p, sizeof(s->identify_data));
577 s->identify_set = 1;
578 }
579
580 static void ide_atapi_identify(IDEState *s)
581 {
582 uint16_t *p;
583 char buf[20];
584
585 if (s->identify_set) {
586 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
587 return;
588 }
589
590 memset(s->io_buffer, 0, 512);
591 p = (uint16_t *)s->io_buffer;
592 /* Removable CDROM, 50us response, 12 byte packets */
593 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
594 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
595 padstr((char *)(p + 10), buf, 20); /* serial number */
596 put_le16(p + 20, 3); /* buffer type */
597 put_le16(p + 21, 512); /* cache size in sectors */
598 put_le16(p + 22, 4); /* ecc bytes */
599 padstr((char *)(p + 23), QEMU_VERSION, 8); /* firmware version */
600 padstr((char *)(p + 27), "QEMU DVD-ROM", 40); /* model */
601 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
602 #ifdef USE_DMA_CDROM
603 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
604 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
605 put_le16(p + 63, 7); /* mdma0-2 supported */
606 put_le16(p + 64, 0x3f); /* PIO modes supported */
607 #else
608 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
609 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
610 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
611 put_le16(p + 64, 1); /* PIO modes */
612 #endif
613 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
614 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
615 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
616 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
617
618 put_le16(p + 71, 30); /* in ns */
619 put_le16(p + 72, 30); /* in ns */
620
621 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
622 #ifdef USE_DMA_CDROM
623 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
624 #endif
625 memcpy(s->identify_data, p, sizeof(s->identify_data));
626 s->identify_set = 1;
627 }
628
629 static void ide_cfata_identify(IDEState *s)
630 {
631 uint16_t *p;
632 uint32_t cur_sec;
633 char buf[20];
634
635 p = (uint16_t *) s->identify_data;
636 if (s->identify_set)
637 goto fill_buffer;
638
639 memset(p, 0, sizeof(s->identify_data));
640
641 cur_sec = s->cylinders * s->heads * s->sectors;
642
643 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
644 put_le16(p + 1, s->cylinders); /* Default cylinders */
645 put_le16(p + 3, s->heads); /* Default heads */
646 put_le16(p + 6, s->sectors); /* Default sectors per track */
647 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
648 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
649 snprintf(buf, sizeof(buf), "QM%05d", s->drive_serial);
650 padstr((char *)(p + 10), buf, 20); /* Serial number in ASCII */
651 put_le16(p + 22, 0x0004); /* ECC bytes */
652 padstr((char *) (p + 23), QEMU_VERSION, 8); /* Firmware Revision */
653 padstr((char *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */
654 #if MAX_MULT_SECTORS > 1
655 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
656 #else
657 put_le16(p + 47, 0x0000);
658 #endif
659 put_le16(p + 49, 0x0f00); /* Capabilities */
660 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
661 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
662 put_le16(p + 53, 0x0003); /* Translation params valid */
663 put_le16(p + 54, s->cylinders); /* Current cylinders */
664 put_le16(p + 55, s->heads); /* Current heads */
665 put_le16(p + 56, s->sectors); /* Current sectors */
666 put_le16(p + 57, cur_sec); /* Current capacity */
667 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
668 if (s->mult_sectors) /* Multiple sector setting */
669 put_le16(p + 59, 0x100 | s->mult_sectors);
670 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
671 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
672 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
673 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
674 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
675 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
676 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
677 put_le16(p + 82, 0x400c); /* Command Set supported */
678 put_le16(p + 83, 0x7068); /* Command Set supported */
679 put_le16(p + 84, 0x4000); /* Features supported */
680 put_le16(p + 85, 0x000c); /* Command Set enabled */
681 put_le16(p + 86, 0x7044); /* Command Set enabled */
682 put_le16(p + 87, 0x4000); /* Features enabled */
683 put_le16(p + 91, 0x4060); /* Current APM level */
684 put_le16(p + 129, 0x0002); /* Current features option */
685 put_le16(p + 130, 0x0005); /* Reassigned sectors */
686 put_le16(p + 131, 0x0001); /* Initial power mode */
687 put_le16(p + 132, 0x0000); /* User signature */
688 put_le16(p + 160, 0x8100); /* Power requirement */
689 put_le16(p + 161, 0x8001); /* CF command set */
690
691 s->identify_set = 1;
692
693 fill_buffer:
694 memcpy(s->io_buffer, p, sizeof(s->identify_data));
695 }
696
697 static void ide_set_signature(IDEState *s)
698 {
699 s->select &= 0xf0; /* clear head */
700 /* put signature */
701 s->nsector = 1;
702 s->sector = 1;
703 if (s->is_cdrom) {
704 s->lcyl = 0x14;
705 s->hcyl = 0xeb;
706 } else if (s->bs) {
707 s->lcyl = 0;
708 s->hcyl = 0;
709 } else {
710 s->lcyl = 0xff;
711 s->hcyl = 0xff;
712 }
713 }
714
715 static inline void ide_abort_command(IDEState *s)
716 {
717 s->status = READY_STAT | ERR_STAT;
718 s->error = ABRT_ERR;
719 }
720
721 static inline void ide_set_irq(IDEState *s)
722 {
723 BMDMAState *bm = s->bmdma;
724 if (!(s->cmd & IDE_CMD_DISABLE_IRQ)) {
725 if (bm) {
726 bm->status |= BM_STATUS_INT;
727 }
728 qemu_irq_raise(s->irq);
729 }
730 }
731
732 /* prepare data transfer and tell what to do after */
733 static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
734 EndTransferFunc *end_transfer_func)
735 {
736 s->end_transfer_func = end_transfer_func;
737 s->data_ptr = buf;
738 s->data_end = buf + size;
739 if (!(s->status & ERR_STAT))
740 s->status |= DRQ_STAT;
741 }
742
743 static void ide_transfer_stop(IDEState *s)
744 {
745 s->end_transfer_func = ide_transfer_stop;
746 s->data_ptr = s->io_buffer;
747 s->data_end = s->io_buffer;
748 s->status &= ~DRQ_STAT;
749 }
750
751 static int64_t ide_get_sector(IDEState *s)
752 {
753 int64_t sector_num;
754 if (s->select & 0x40) {
755 /* lba */
756 if (!s->lba48) {
757 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
758 (s->lcyl << 8) | s->sector;
759 } else {
760 sector_num = ((int64_t)s->hob_hcyl << 40) |
761 ((int64_t) s->hob_lcyl << 32) |
762 ((int64_t) s->hob_sector << 24) |
763 ((int64_t) s->hcyl << 16) |
764 ((int64_t) s->lcyl << 8) | s->sector;
765 }
766 } else {
767 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
768 (s->select & 0x0f) * s->sectors + (s->sector - 1);
769 }
770 return sector_num;
771 }
772
773 static void ide_set_sector(IDEState *s, int64_t sector_num)
774 {
775 unsigned int cyl, r;
776 if (s->select & 0x40) {
777 if (!s->lba48) {
778 s->select = (s->select & 0xf0) | (sector_num >> 24);
779 s->hcyl = (sector_num >> 16);
780 s->lcyl = (sector_num >> 8);
781 s->sector = (sector_num);
782 } else {
783 s->sector = sector_num;
784 s->lcyl = sector_num >> 8;
785 s->hcyl = sector_num >> 16;
786 s->hob_sector = sector_num >> 24;
787 s->hob_lcyl = sector_num >> 32;
788 s->hob_hcyl = sector_num >> 40;
789 }
790 } else {
791 cyl = sector_num / (s->heads * s->sectors);
792 r = sector_num % (s->heads * s->sectors);
793 s->hcyl = cyl >> 8;
794 s->lcyl = cyl;
795 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
796 s->sector = (r % s->sectors) + 1;
797 }
798 }
799
800 static void ide_sector_read(IDEState *s)
801 {
802 int64_t sector_num;
803 int ret, n;
804
805 s->status = READY_STAT | SEEK_STAT;
806 s->error = 0; /* not needed by IDE spec, but needed by Windows */
807 sector_num = ide_get_sector(s);
808 n = s->nsector;
809 if (n == 0) {
810 /* no more sector to read from disk */
811 ide_transfer_stop(s);
812 } else {
813 #if defined(DEBUG_IDE)
814 printf("read sector=%Ld\n", sector_num);
815 #endif
816 if (n > s->req_nb_sectors)
817 n = s->req_nb_sectors;
818 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
819 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
820 ide_set_irq(s);
821 ide_set_sector(s, sector_num + n);
822 s->nsector -= n;
823 }
824 }
825
826 /* return 0 if buffer completed */
827 static int dma_buf_rw(BMDMAState *bm, int is_write)
828 {
829 IDEState *s = bm->ide_if;
830 struct {
831 uint32_t addr;
832 uint32_t size;
833 } prd;
834 int l, len;
835
836 for(;;) {
837 l = s->io_buffer_size - s->io_buffer_index;
838 if (l <= 0)
839 break;
840 if (bm->cur_prd_len == 0) {
841 /* end of table (with a fail safe of one page) */
842 if (bm->cur_prd_last ||
843 (bm->cur_addr - bm->addr) >= 4096)
844 return 0;
845 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
846 bm->cur_addr += 8;
847 prd.addr = le32_to_cpu(prd.addr);
848 prd.size = le32_to_cpu(prd.size);
849 len = prd.size & 0xfffe;
850 if (len == 0)
851 len = 0x10000;
852 bm->cur_prd_len = len;
853 bm->cur_prd_addr = prd.addr;
854 bm->cur_prd_last = (prd.size & 0x80000000);
855 }
856 if (l > bm->cur_prd_len)
857 l = bm->cur_prd_len;
858 if (l > 0) {
859 if (is_write) {
860 cpu_physical_memory_write(bm->cur_prd_addr,
861 s->io_buffer + s->io_buffer_index, l);
862 } else {
863 cpu_physical_memory_read(bm->cur_prd_addr,
864 s->io_buffer + s->io_buffer_index, l);
865 }
866 bm->cur_prd_addr += l;
867 bm->cur_prd_len -= l;
868 s->io_buffer_index += l;
869 }
870 }
871 return 1;
872 }
873
874 /* XXX: handle errors */
875 static void ide_read_dma_cb(void *opaque, int ret)
876 {
877 BMDMAState *bm = opaque;
878 IDEState *s = bm->ide_if;
879 int n;
880 int64_t sector_num;
881
882 n = s->io_buffer_size >> 9;
883 sector_num = ide_get_sector(s);
884 if (n > 0) {
885 sector_num += n;
886 ide_set_sector(s, sector_num);
887 s->nsector -= n;
888 if (dma_buf_rw(bm, 1) == 0)
889 goto eot;
890 }
891
892 /* end of transfer ? */
893 if (s->nsector == 0) {
894 s->status = READY_STAT | SEEK_STAT;
895 ide_set_irq(s);
896 eot:
897 bm->status &= ~BM_STATUS_DMAING;
898 bm->status |= BM_STATUS_INT;
899 bm->dma_cb = NULL;
900 bm->ide_if = NULL;
901 bm->aiocb = NULL;
902 return;
903 }
904
905 /* launch next transfer */
906 n = s->nsector;
907 if (n > IDE_DMA_BUF_SIZE / 512)
908 n = IDE_DMA_BUF_SIZE / 512;
909 s->io_buffer_index = 0;
910 s->io_buffer_size = n * 512;
911 #ifdef DEBUG_AIO
912 printf("aio_read: sector_num=%lld n=%d\n", sector_num, n);
913 #endif
914 bm->aiocb = bdrv_aio_read(s->bs, sector_num, s->io_buffer, n,
915 ide_read_dma_cb, bm);
916 }
917
918 static void ide_sector_read_dma(IDEState *s)
919 {
920 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
921 s->io_buffer_index = 0;
922 s->io_buffer_size = 0;
923 ide_dma_start(s, ide_read_dma_cb);
924 }
925
926 static void ide_sector_write_timer_cb(void *opaque)
927 {
928 IDEState *s = opaque;
929 ide_set_irq(s);
930 }
931
932 static void ide_sector_write(IDEState *s)
933 {
934 int64_t sector_num;
935 int ret, n, n1;
936
937 s->status = READY_STAT | SEEK_STAT;
938 sector_num = ide_get_sector(s);
939 #if defined(DEBUG_IDE)
940 printf("write sector=%Ld\n", sector_num);
941 #endif
942 n = s->nsector;
943 if (n > s->req_nb_sectors)
944 n = s->req_nb_sectors;
945 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
946 s->nsector -= n;
947 if (s->nsector == 0) {
948 /* no more sectors to write */
949 ide_transfer_stop(s);
950 } else {
951 n1 = s->nsector;
952 if (n1 > s->req_nb_sectors)
953 n1 = s->req_nb_sectors;
954 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
955 }
956 ide_set_sector(s, sector_num + n);
957
958 #ifdef TARGET_I386
959 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
960 /* It seems there is a bug in the Windows 2000 installer HDD
961 IDE driver which fills the disk with empty logs when the
962 IDE write IRQ comes too early. This hack tries to correct
963 that at the expense of slower write performances. Use this
964 option _only_ to install Windows 2000. You must disable it
965 for normal use. */
966 qemu_mod_timer(s->sector_write_timer,
967 qemu_get_clock(vm_clock) + (ticks_per_sec / 1000));
968 } else
969 #endif
970 {
971 ide_set_irq(s);
972 }
973 }
974
975 /* XXX: handle errors */
976 static void ide_write_dma_cb(void *opaque, int ret)
977 {
978 BMDMAState *bm = opaque;
979 IDEState *s = bm->ide_if;
980 int n;
981 int64_t sector_num;
982
983 n = s->io_buffer_size >> 9;
984 sector_num = ide_get_sector(s);
985 if (n > 0) {
986 sector_num += n;
987 ide_set_sector(s, sector_num);
988 s->nsector -= n;
989 }
990
991 /* end of transfer ? */
992 if (s->nsector == 0) {
993 s->status = READY_STAT | SEEK_STAT;
994 ide_set_irq(s);
995 eot:
996 bm->status &= ~BM_STATUS_DMAING;
997 bm->status |= BM_STATUS_INT;
998 bm->dma_cb = NULL;
999 bm->ide_if = NULL;
1000 bm->aiocb = NULL;
1001 return;
1002 }
1003
1004 /* launch next transfer */
1005 n = s->nsector;
1006 if (n > IDE_DMA_BUF_SIZE / 512)
1007 n = IDE_DMA_BUF_SIZE / 512;
1008 s->io_buffer_index = 0;
1009 s->io_buffer_size = n * 512;
1010
1011 if (dma_buf_rw(bm, 0) == 0)
1012 goto eot;
1013 #ifdef DEBUG_AIO
1014 printf("aio_write: sector_num=%lld n=%d\n", sector_num, n);
1015 #endif
1016 bm->aiocb = bdrv_aio_write(s->bs, sector_num, s->io_buffer, n,
1017 ide_write_dma_cb, bm);
1018 }
1019
1020 static void ide_sector_write_dma(IDEState *s)
1021 {
1022 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
1023 s->io_buffer_index = 0;
1024 s->io_buffer_size = 0;
1025 ide_dma_start(s, ide_write_dma_cb);
1026 }
1027
1028 static void ide_atapi_cmd_ok(IDEState *s)
1029 {
1030 s->error = 0;
1031 s->status = READY_STAT;
1032 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1033 ide_set_irq(s);
1034 }
1035
1036 static void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
1037 {
1038 #ifdef DEBUG_IDE_ATAPI
1039 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
1040 #endif
1041 s->error = sense_key << 4;
1042 s->status = READY_STAT | ERR_STAT;
1043 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1044 s->sense_key = sense_key;
1045 s->asc = asc;
1046 ide_set_irq(s);
1047 }
1048
1049 static inline void cpu_to_ube16(uint8_t *buf, int val)
1050 {
1051 buf[0] = val >> 8;
1052 buf[1] = val;
1053 }
1054
1055 static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
1056 {
1057 buf[0] = val >> 24;
1058 buf[1] = val >> 16;
1059 buf[2] = val >> 8;
1060 buf[3] = val;
1061 }
1062
1063 static inline int ube16_to_cpu(const uint8_t *buf)
1064 {
1065 return (buf[0] << 8) | buf[1];
1066 }
1067
1068 static inline int ube32_to_cpu(const uint8_t *buf)
1069 {
1070 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
1071 }
1072
1073 static void lba_to_msf(uint8_t *buf, int lba)
1074 {
1075 lba += 150;
1076 buf[0] = (lba / 75) / 60;
1077 buf[1] = (lba / 75) % 60;
1078 buf[2] = lba % 75;
1079 }
1080
1081 static void cd_data_to_raw(uint8_t *buf, int lba)
1082 {
1083 /* sync bytes */
1084 buf[0] = 0x00;
1085 memset(buf + 1, 0xff, 10);
1086 buf[11] = 0x00;
1087 buf += 12;
1088 /* MSF */
1089 lba_to_msf(buf, lba);
1090 buf[3] = 0x01; /* mode 1 data */
1091 buf += 4;
1092 /* data */
1093 buf += 2048;
1094 /* XXX: ECC not computed */
1095 memset(buf, 0, 288);
1096 }
1097
1098 static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
1099 int sector_size)
1100 {
1101 int ret;
1102
1103 switch(sector_size) {
1104 case 2048:
1105 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
1106 break;
1107 case 2352:
1108 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
1109 if (ret < 0)
1110 return ret;
1111 cd_data_to_raw(buf, lba);
1112 break;
1113 default:
1114 ret = -EIO;
1115 break;
1116 }
1117 return ret;
1118 }
1119
1120 static void ide_atapi_io_error(IDEState *s, int ret)
1121 {
1122 /* XXX: handle more errors */
1123 if (ret == -ENOMEDIUM) {
1124 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1125 ASC_MEDIUM_NOT_PRESENT);
1126 } else {
1127 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1128 ASC_LOGICAL_BLOCK_OOR);
1129 }
1130 }
1131
1132 /* The whole ATAPI transfer logic is handled in this function */
1133 static void ide_atapi_cmd_reply_end(IDEState *s)
1134 {
1135 int byte_count_limit, size, ret;
1136 #ifdef DEBUG_IDE_ATAPI
1137 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
1138 s->packet_transfer_size,
1139 s->elementary_transfer_size,
1140 s->io_buffer_index);
1141 #endif
1142 if (s->packet_transfer_size <= 0) {
1143 /* end of transfer */
1144 ide_transfer_stop(s);
1145 s->status = READY_STAT;
1146 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1147 ide_set_irq(s);
1148 #ifdef DEBUG_IDE_ATAPI
1149 printf("status=0x%x\n", s->status);
1150 #endif
1151 } else {
1152 /* see if a new sector must be read */
1153 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
1154 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
1155 if (ret < 0) {
1156 ide_transfer_stop(s);
1157 ide_atapi_io_error(s, ret);
1158 return;
1159 }
1160 s->lba++;
1161 s->io_buffer_index = 0;
1162 }
1163 if (s->elementary_transfer_size > 0) {
1164 /* there are some data left to transmit in this elementary
1165 transfer */
1166 size = s->cd_sector_size - s->io_buffer_index;
1167 if (size > s->elementary_transfer_size)
1168 size = s->elementary_transfer_size;
1169 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1170 size, ide_atapi_cmd_reply_end);
1171 s->packet_transfer_size -= size;
1172 s->elementary_transfer_size -= size;
1173 s->io_buffer_index += size;
1174 } else {
1175 /* a new transfer is needed */
1176 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
1177 byte_count_limit = s->lcyl | (s->hcyl << 8);
1178 #ifdef DEBUG_IDE_ATAPI
1179 printf("byte_count_limit=%d\n", byte_count_limit);
1180 #endif
1181 if (byte_count_limit == 0xffff)
1182 byte_count_limit--;
1183 size = s->packet_transfer_size;
1184 if (size > byte_count_limit) {
1185 /* byte count limit must be even if this case */
1186 if (byte_count_limit & 1)
1187 byte_count_limit--;
1188 size = byte_count_limit;
1189 }
1190 s->lcyl = size;
1191 s->hcyl = size >> 8;
1192 s->elementary_transfer_size = size;
1193 /* we cannot transmit more than one sector at a time */
1194 if (s->lba != -1) {
1195 if (size > (s->cd_sector_size - s->io_buffer_index))
1196 size = (s->cd_sector_size - s->io_buffer_index);
1197 }
1198 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
1199 size, ide_atapi_cmd_reply_end);
1200 s->packet_transfer_size -= size;
1201 s->elementary_transfer_size -= size;
1202 s->io_buffer_index += size;
1203 ide_set_irq(s);
1204 #ifdef DEBUG_IDE_ATAPI
1205 printf("status=0x%x\n", s->status);
1206 #endif
1207 }
1208 }
1209 }
1210
1211 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
1212 static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
1213 {
1214 if (size > max_size)
1215 size = max_size;
1216 s->lba = -1; /* no sector read */
1217 s->packet_transfer_size = size;
1218 s->io_buffer_size = size; /* dma: send the reply data as one chunk */
1219 s->elementary_transfer_size = 0;
1220 s->io_buffer_index = 0;
1221
1222 if (s->atapi_dma) {
1223 s->status = READY_STAT | DRQ_STAT;
1224 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1225 } else {
1226 s->status = READY_STAT;
1227 ide_atapi_cmd_reply_end(s);
1228 }
1229 }
1230
1231 /* start a CD-CDROM read command */
1232 static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
1233 int sector_size)
1234 {
1235 s->lba = lba;
1236 s->packet_transfer_size = nb_sectors * sector_size;
1237 s->elementary_transfer_size = 0;
1238 s->io_buffer_index = sector_size;
1239 s->cd_sector_size = sector_size;
1240
1241 s->status = READY_STAT;
1242 ide_atapi_cmd_reply_end(s);
1243 }
1244
1245 /* ATAPI DMA support */
1246
1247 /* XXX: handle read errors */
1248 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
1249 {
1250 BMDMAState *bm = opaque;
1251 IDEState *s = bm->ide_if;
1252 int data_offset, n;
1253
1254 if (ret < 0) {
1255 ide_atapi_io_error(s, ret);
1256 goto eot;
1257 }
1258
1259 if (s->io_buffer_size > 0) {
1260 /*
1261 * For a cdrom read sector command (s->lba != -1),
1262 * adjust the lba for the next s->io_buffer_size chunk
1263 * and dma the current chunk.
1264 * For a command != read (s->lba == -1), just transfer
1265 * the reply data.
1266 */
1267 if (s->lba != -1) {
1268 if (s->cd_sector_size == 2352) {
1269 n = 1;
1270 cd_data_to_raw(s->io_buffer, s->lba);
1271 } else {
1272 n = s->io_buffer_size >> 11;
1273 }
1274 s->lba += n;
1275 }
1276 s->packet_transfer_size -= s->io_buffer_size;
1277 if (dma_buf_rw(bm, 1) == 0)
1278 goto eot;
1279 }
1280
1281 if (s->packet_transfer_size <= 0) {
1282 s->status = READY_STAT;
1283 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1284 ide_set_irq(s);
1285 eot:
1286 bm->status &= ~BM_STATUS_DMAING;
1287 bm->status |= BM_STATUS_INT;
1288 bm->dma_cb = NULL;
1289 bm->ide_if = NULL;
1290 bm->aiocb = NULL;
1291 return;
1292 }
1293
1294 s->io_buffer_index = 0;
1295 if (s->cd_sector_size == 2352) {
1296 n = 1;
1297 s->io_buffer_size = s->cd_sector_size;
1298 data_offset = 16;
1299 } else {
1300 n = s->packet_transfer_size >> 11;
1301 if (n > (IDE_DMA_BUF_SIZE / 2048))
1302 n = (IDE_DMA_BUF_SIZE / 2048);
1303 s->io_buffer_size = n * 2048;
1304 data_offset = 0;
1305 }
1306 #ifdef DEBUG_AIO
1307 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
1308 #endif
1309 bm->aiocb = bdrv_aio_read(s->bs, (int64_t)s->lba << 2,
1310 s->io_buffer + data_offset, n * 4,
1311 ide_atapi_cmd_read_dma_cb, bm);
1312 if (!bm->aiocb) {
1313 /* Note: media not present is the most likely case */
1314 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1315 ASC_MEDIUM_NOT_PRESENT);
1316 goto eot;
1317 }
1318 }
1319
1320 /* start a CD-CDROM read command with DMA */
1321 /* XXX: test if DMA is available */
1322 static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1323 int sector_size)
1324 {
1325 s->lba = lba;
1326 s->packet_transfer_size = nb_sectors * sector_size;
1327 s->io_buffer_index = 0;
1328 s->io_buffer_size = 0;
1329 s->cd_sector_size = sector_size;
1330
1331 /* XXX: check if BUSY_STAT should be set */
1332 s->status = READY_STAT | DRQ_STAT | BUSY_STAT;
1333 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1334 }
1335
1336 static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
1337 int sector_size)
1338 {
1339 #ifdef DEBUG_IDE_ATAPI
1340 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
1341 lba, nb_sectors);
1342 #endif
1343 if (s->atapi_dma) {
1344 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1345 } else {
1346 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1347 }
1348 }
1349
1350 static inline uint8_t ide_atapi_set_profile(uint8_t *buf, uint8_t *index,
1351 uint16_t profile)
1352 {
1353 uint8_t *buf_profile = buf + 12; /* start of profiles */
1354
1355 buf_profile += ((*index) * 4); /* start of indexed profile */
1356 cpu_to_ube16 (buf_profile, profile);
1357 buf_profile[2] = ((buf_profile[0] == buf[6]) && (buf_profile[1] == buf[7]));
1358
1359 /* each profile adds 4 bytes to the response */
1360 (*index)++;
1361 buf[11] += 4; /* Additional Length */
1362
1363 return 4;
1364 }
1365
1366 static void ide_atapi_cmd(IDEState *s)
1367 {
1368 const uint8_t *packet;
1369 uint8_t *buf;
1370 int max_len;
1371
1372 packet = s->io_buffer;
1373 buf = s->io_buffer;
1374 #ifdef DEBUG_IDE_ATAPI
1375 {
1376 int i;
1377 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1378 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1379 printf(" %02x", packet[i]);
1380 }
1381 printf("\n");
1382 }
1383 #endif
1384 switch(s->io_buffer[0]) {
1385 case GPCMD_TEST_UNIT_READY:
1386 if (bdrv_is_inserted(s->bs)) {
1387 ide_atapi_cmd_ok(s);
1388 } else {
1389 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1390 ASC_MEDIUM_NOT_PRESENT);
1391 }
1392 break;
1393 case GPCMD_MODE_SENSE_6:
1394 case GPCMD_MODE_SENSE_10:
1395 {
1396 int action, code;
1397 if (packet[0] == GPCMD_MODE_SENSE_10)
1398 max_len = ube16_to_cpu(packet + 7);
1399 else
1400 max_len = packet[4];
1401 action = packet[2] >> 6;
1402 code = packet[2] & 0x3f;
1403 switch(action) {
1404 case 0: /* current values */
1405 switch(code) {
1406 case 0x01: /* error recovery */
1407 cpu_to_ube16(&buf[0], 16 + 6);
1408 buf[2] = 0x70;
1409 buf[3] = 0;
1410 buf[4] = 0;
1411 buf[5] = 0;
1412 buf[6] = 0;
1413 buf[7] = 0;
1414
1415 buf[8] = 0x01;
1416 buf[9] = 0x06;
1417 buf[10] = 0x00;
1418 buf[11] = 0x05;
1419 buf[12] = 0x00;
1420 buf[13] = 0x00;
1421 buf[14] = 0x00;
1422 buf[15] = 0x00;
1423 ide_atapi_cmd_reply(s, 16, max_len);
1424 break;
1425 case 0x2a:
1426 cpu_to_ube16(&buf[0], 28 + 6);
1427 buf[2] = 0x70;
1428 buf[3] = 0;
1429 buf[4] = 0;
1430 buf[5] = 0;
1431 buf[6] = 0;
1432 buf[7] = 0;
1433
1434 buf[8] = 0x2a;
1435 buf[9] = 0x12;
1436 buf[10] = 0x00;
1437 buf[11] = 0x00;
1438
1439 buf[12] = 0x70;
1440 buf[13] = 3 << 5;
1441 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
1442 if (bdrv_is_locked(s->bs))
1443 buf[6] |= 1 << 1;
1444 buf[15] = 0x00;
1445 cpu_to_ube16(&buf[16], 706);
1446 buf[18] = 0;
1447 buf[19] = 2;
1448 cpu_to_ube16(&buf[20], 512);
1449 cpu_to_ube16(&buf[22], 706);
1450 buf[24] = 0;
1451 buf[25] = 0;
1452 buf[26] = 0;
1453 buf[27] = 0;
1454 ide_atapi_cmd_reply(s, 28, max_len);
1455 break;
1456 default:
1457 goto error_cmd;
1458 }
1459 break;
1460 case 1: /* changeable values */
1461 goto error_cmd;
1462 case 2: /* default values */
1463 goto error_cmd;
1464 default:
1465 case 3: /* saved values */
1466 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1467 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1468 break;
1469 }
1470 }
1471 break;
1472 case GPCMD_REQUEST_SENSE:
1473 max_len = packet[4];
1474 memset(buf, 0, 18);
1475 buf[0] = 0x70 | (1 << 7);
1476 buf[2] = s->sense_key;
1477 buf[7] = 10;
1478 buf[12] = s->asc;
1479 ide_atapi_cmd_reply(s, 18, max_len);
1480 break;
1481 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
1482 if (bdrv_is_inserted(s->bs)) {
1483 bdrv_set_locked(s->bs, packet[4] & 1);
1484 ide_atapi_cmd_ok(s);
1485 } else {
1486 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1487 ASC_MEDIUM_NOT_PRESENT);
1488 }
1489 break;
1490 case GPCMD_READ_10:
1491 case GPCMD_READ_12:
1492 {
1493 int nb_sectors, lba;
1494
1495 if (packet[0] == GPCMD_READ_10)
1496 nb_sectors = ube16_to_cpu(packet + 7);
1497 else
1498 nb_sectors = ube32_to_cpu(packet + 6);
1499 lba = ube32_to_cpu(packet + 2);
1500 if (nb_sectors == 0) {
1501 ide_atapi_cmd_ok(s);
1502 break;
1503 }
1504 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1505 }
1506 break;
1507 case GPCMD_READ_CD:
1508 {
1509 int nb_sectors, lba, transfer_request;
1510
1511 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1512 lba = ube32_to_cpu(packet + 2);
1513 if (nb_sectors == 0) {
1514 ide_atapi_cmd_ok(s);
1515 break;
1516 }
1517 transfer_request = packet[9];
1518 switch(transfer_request & 0xf8) {
1519 case 0x00:
1520 /* nothing */
1521 ide_atapi_cmd_ok(s);
1522 break;
1523 case 0x10:
1524 /* normal read */
1525 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1526 break;
1527 case 0xf8:
1528 /* read all data */
1529 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1530 break;
1531 default:
1532 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1533 ASC_INV_FIELD_IN_CMD_PACKET);
1534 break;
1535 }
1536 }
1537 break;
1538 case GPCMD_SEEK:
1539 {
1540 unsigned int lba;
1541 uint64_t total_sectors;
1542
1543 bdrv_get_geometry(s->bs, &total_sectors);
1544 total_sectors >>= 2;
1545 if (total_sectors == 0) {
1546 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1547 ASC_MEDIUM_NOT_PRESENT);
1548 break;
1549 }
1550 lba = ube32_to_cpu(packet + 2);
1551 if (lba >= total_sectors) {
1552 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1553 ASC_LOGICAL_BLOCK_OOR);
1554 break;
1555 }
1556 ide_atapi_cmd_ok(s);
1557 }
1558 break;
1559 case GPCMD_START_STOP_UNIT:
1560 {
1561 int start, eject;
1562 start = packet[4] & 1;
1563 eject = (packet[4] >> 1) & 1;
1564
1565 if (eject && !start) {
1566 /* eject the disk */
1567 bdrv_eject(s->bs, 1);
1568 } else if (eject && start) {
1569 /* close the tray */
1570 bdrv_eject(s->bs, 0);
1571 }
1572 ide_atapi_cmd_ok(s);
1573 }
1574 break;
1575 case GPCMD_MECHANISM_STATUS:
1576 {
1577 max_len = ube16_to_cpu(packet + 8);
1578 cpu_to_ube16(buf, 0);
1579 /* no current LBA */
1580 buf[2] = 0;
1581 buf[3] = 0;
1582 buf[4] = 0;
1583 buf[5] = 1;
1584 cpu_to_ube16(buf + 6, 0);
1585 ide_atapi_cmd_reply(s, 8, max_len);
1586 }
1587 break;
1588 case GPCMD_READ_TOC_PMA_ATIP:
1589 {
1590 int format, msf, start_track, len;
1591 uint64_t total_sectors;
1592
1593 bdrv_get_geometry(s->bs, &total_sectors);
1594 total_sectors >>= 2;
1595 if (total_sectors == 0) {
1596 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1597 ASC_MEDIUM_NOT_PRESENT);
1598 break;
1599 }
1600 max_len = ube16_to_cpu(packet + 7);
1601 format = packet[9] >> 6;
1602 msf = (packet[1] >> 1) & 1;
1603 start_track = packet[6];
1604 switch(format) {
1605 case 0:
1606 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
1607 if (len < 0)
1608 goto error_cmd;
1609 ide_atapi_cmd_reply(s, len, max_len);
1610 break;
1611 case 1:
1612 /* multi session : only a single session defined */
1613 memset(buf, 0, 12);
1614 buf[1] = 0x0a;
1615 buf[2] = 0x01;
1616 buf[3] = 0x01;
1617 ide_atapi_cmd_reply(s, 12, max_len);
1618 break;
1619 case 2:
1620 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
1621 if (len < 0)
1622 goto error_cmd;
1623 ide_atapi_cmd_reply(s, len, max_len);
1624 break;
1625 default:
1626 error_cmd:
1627 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1628 ASC_INV_FIELD_IN_CMD_PACKET);
1629 break;
1630 }
1631 }
1632 break;
1633 case GPCMD_READ_CDVD_CAPACITY:
1634 {
1635 uint64_t total_sectors;
1636
1637 bdrv_get_geometry(s->bs, &total_sectors);
1638 total_sectors >>= 2;
1639 if (total_sectors == 0) {
1640 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1641 ASC_MEDIUM_NOT_PRESENT);
1642 break;
1643 }
1644 /* NOTE: it is really the number of sectors minus 1 */
1645 cpu_to_ube32(buf, total_sectors - 1);
1646 cpu_to_ube32(buf + 4, 2048);
1647 ide_atapi_cmd_reply(s, 8, 8);
1648 }
1649 break;
1650 case GPCMD_READ_DVD_STRUCTURE:
1651 {
1652 int media = packet[1];
1653 int layer = packet[6];
1654 int format = packet[2];
1655 uint64_t total_sectors;
1656
1657 if (media != 0 || layer != 0)
1658 {
1659 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1660 ASC_INV_FIELD_IN_CMD_PACKET);
1661 }
1662
1663 switch (format) {
1664 case 0:
1665 bdrv_get_geometry(s->bs, &total_sectors);
1666 total_sectors >>= 2;
1667 if (total_sectors == 0) {
1668 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1669 ASC_MEDIUM_NOT_PRESENT);
1670 break;
1671 }
1672
1673 memset(buf, 0, 2052);
1674
1675 buf[4] = 1; // DVD-ROM, part version 1
1676 buf[5] = 0xf; // 120mm disc, maximum rate unspecified
1677 buf[6] = 0; // one layer, embossed data
1678 buf[7] = 0;
1679
1680 cpu_to_ube32(buf + 8, 0);
1681 cpu_to_ube32(buf + 12, total_sectors - 1);
1682 cpu_to_ube32(buf + 16, total_sectors - 1);
1683
1684 cpu_to_be16wu((uint16_t *)buf, 2048 + 4);
1685
1686 ide_atapi_cmd_reply(s, 2048 + 3, 2048 + 4);
1687 break;
1688
1689 default:
1690 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1691 ASC_INV_FIELD_IN_CMD_PACKET);
1692 break;
1693 }
1694 }
1695 break;
1696 case GPCMD_SET_SPEED:
1697 ide_atapi_cmd_ok(s);
1698 break;
1699 case GPCMD_INQUIRY:
1700 max_len = packet[4];
1701 buf[0] = 0x05; /* CD-ROM */
1702 buf[1] = 0x80; /* removable */
1703 buf[2] = 0x00; /* ISO */
1704 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1705 buf[4] = 31; /* additional length */
1706 buf[5] = 0; /* reserved */
1707 buf[6] = 0; /* reserved */
1708 buf[7] = 0; /* reserved */
1709 padstr8(buf + 8, 8, "QEMU");
1710 padstr8(buf + 16, 16, "QEMU DVD-ROM");
1711 padstr8(buf + 32, 4, QEMU_VERSION);
1712 ide_atapi_cmd_reply(s, 36, max_len);
1713 break;
1714 case GPCMD_GET_CONFIGURATION:
1715 {
1716 uint32_t len;
1717
1718 /* only feature 0 is supported */
1719 if (packet[2] != 0 || packet[3] != 0) {
1720 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1721 ASC_INV_FIELD_IN_CMD_PACKET);
1722 break;
1723 }
1724
1725 /* XXX: could result in alignment problems in some architectures */
1726 max_len = ube16_to_cpu(packet + 7);
1727 /*
1728 * XXX: avoid overflow for io_buffer if max_len is bigger than the
1729 * size of that buffer (dimensioned to max number of sectors
1730 * to transfer at once)
1731 *
1732 * Only a problem if the feature/profiles grow exponentially.
1733 */
1734 if (max_len > 512) /* XXX: assume 1 sector */
1735 max_len = 512;
1736
1737 memset(buf, 0, max_len);
1738 /*
1739 * the number of sectors from the media tells us which profile
1740 * to use as current. 0 means there is no media
1741 *
1742 * XXX: fails to detect correctly DVDs with less data burned
1743 * than what a CD can hold
1744 */
1745 if ((s -> nb_sectors)) {
1746 if ((s -> nb_sectors > CD_MAX_SECTORS))
1747 cpu_to_ube16(buf + 6, MMC_PROFILE_DVD_ROM);
1748 else
1749 cpu_to_ube16(buf + 6, MMC_PROFILE_CD_ROM);
1750 }
1751
1752 len = 8; /* header completed */
1753 if (max_len > len) {
1754 uint8_t index = 0;
1755
1756 buf[10] = 0x02 | 0x01; /* persistent and current */
1757 len += 4; /* header */
1758 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_DVD_ROM);
1759 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_CD_ROM);
1760 }
1761 cpu_to_ube32(buf, len - 4); /* data length */
1762
1763 ide_atapi_cmd_reply(s, len, max_len);
1764 break;
1765 }
1766 default:
1767 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1768 ASC_ILLEGAL_OPCODE);
1769 break;
1770 }
1771 }
1772
1773 static void ide_cfata_metadata_inquiry(IDEState *s)
1774 {
1775 uint16_t *p;
1776 uint32_t spd;
1777
1778 p = (uint16_t *) s->io_buffer;
1779 memset(p, 0, 0x200);
1780 spd = ((s->mdata_size - 1) >> 9) + 1;
1781
1782 put_le16(p + 0, 0x0001); /* Data format revision */
1783 put_le16(p + 1, 0x0000); /* Media property: silicon */
1784 put_le16(p + 2, s->media_changed); /* Media status */
1785 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
1786 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
1787 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
1788 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
1789 }
1790
1791 static void ide_cfata_metadata_read(IDEState *s)
1792 {
1793 uint16_t *p;
1794
1795 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1796 s->status = ERR_STAT;
1797 s->error = ABRT_ERR;
1798 return;
1799 }
1800
1801 p = (uint16_t *) s->io_buffer;
1802 memset(p, 0, 0x200);
1803
1804 put_le16(p + 0, s->media_changed); /* Media status */
1805 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1806 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1807 s->nsector << 9), 0x200 - 2));
1808 }
1809
1810 static void ide_cfata_metadata_write(IDEState *s)
1811 {
1812 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1813 s->status = ERR_STAT;
1814 s->error = ABRT_ERR;
1815 return;
1816 }
1817
1818 s->media_changed = 0;
1819
1820 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1821 s->io_buffer + 2,
1822 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1823 s->nsector << 9), 0x200 - 2));
1824 }
1825
1826 /* called when the inserted state of the media has changed */
1827 static void cdrom_change_cb(void *opaque)
1828 {
1829 IDEState *s = opaque;
1830 uint64_t nb_sectors;
1831
1832 /* XXX: send interrupt too */
1833 bdrv_get_geometry(s->bs, &nb_sectors);
1834 s->nb_sectors = nb_sectors;
1835 }
1836
1837 static void ide_cmd_lba48_transform(IDEState *s, int lba48)
1838 {
1839 s->lba48 = lba48;
1840
1841 /* handle the 'magic' 0 nsector count conversion here. to avoid
1842 * fiddling with the rest of the read logic, we just store the
1843 * full sector count in ->nsector and ignore ->hob_nsector from now
1844 */
1845 if (!s->lba48) {
1846 if (!s->nsector)
1847 s->nsector = 256;
1848 } else {
1849 if (!s->nsector && !s->hob_nsector)
1850 s->nsector = 65536;
1851 else {
1852 int lo = s->nsector;
1853 int hi = s->hob_nsector;
1854
1855 s->nsector = (hi << 8) | lo;
1856 }
1857 }
1858 }
1859
1860 static void ide_clear_hob(IDEState *ide_if)
1861 {
1862 /* any write clears HOB high bit of device control register */
1863 ide_if[0].select &= ~(1 << 7);
1864 ide_if[1].select &= ~(1 << 7);
1865 }
1866
1867 static void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
1868 {
1869 IDEState *ide_if = opaque;
1870 IDEState *s;
1871 int unit, n;
1872 int lba48 = 0;
1873
1874 #ifdef DEBUG_IDE
1875 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1876 #endif
1877
1878 addr &= 7;
1879 switch(addr) {
1880 case 0:
1881 break;
1882 case 1:
1883 ide_clear_hob(ide_if);
1884 /* NOTE: data is written to the two drives */
1885 ide_if[0].hob_feature = ide_if[0].feature;
1886 ide_if[1].hob_feature = ide_if[1].feature;
1887 ide_if[0].feature = val;
1888 ide_if[1].feature = val;
1889 break;
1890 case 2:
1891 ide_clear_hob(ide_if);
1892 ide_if[0].hob_nsector = ide_if[0].nsector;
1893 ide_if[1].hob_nsector = ide_if[1].nsector;
1894 ide_if[0].nsector = val;
1895 ide_if[1].nsector = val;
1896 break;
1897 case 3:
1898 ide_clear_hob(ide_if);
1899 ide_if[0].hob_sector = ide_if[0].sector;
1900 ide_if[1].hob_sector = ide_if[1].sector;
1901 ide_if[0].sector = val;
1902 ide_if[1].sector = val;
1903 break;
1904 case 4:
1905 ide_clear_hob(ide_if);
1906 ide_if[0].hob_lcyl = ide_if[0].lcyl;
1907 ide_if[1].hob_lcyl = ide_if[1].lcyl;
1908 ide_if[0].lcyl = val;
1909 ide_if[1].lcyl = val;
1910 break;
1911 case 5:
1912 ide_clear_hob(ide_if);
1913 ide_if[0].hob_hcyl = ide_if[0].hcyl;
1914 ide_if[1].hob_hcyl = ide_if[1].hcyl;
1915 ide_if[0].hcyl = val;
1916 ide_if[1].hcyl = val;
1917 break;
1918 case 6:
1919 /* FIXME: HOB readback uses bit 7 */
1920 ide_if[0].select = (val & ~0x10) | 0xa0;
1921 ide_if[1].select = (val | 0x10) | 0xa0;
1922 /* select drive */
1923 unit = (val >> 4) & 1;
1924 s = ide_if + unit;
1925 ide_if->cur_drive = s;
1926 break;
1927 default:
1928 case 7:
1929 /* command */
1930 #if defined(DEBUG_IDE)
1931 printf("ide: CMD=%02x\n", val);
1932 #endif
1933 s = ide_if->cur_drive;
1934 /* ignore commands to non existant slave */
1935 if (s != ide_if && !s->bs)
1936 break;
1937
1938 switch(val) {
1939 case WIN_IDENTIFY:
1940 if (s->bs && !s->is_cdrom) {
1941 if (!s->is_cf)
1942 ide_identify(s);
1943 else
1944 ide_cfata_identify(s);
1945 s->status = READY_STAT | SEEK_STAT;
1946 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1947 } else {
1948 if (s->is_cdrom) {
1949 ide_set_signature(s);
1950 }
1951 ide_abort_command(s);
1952 }
1953 ide_set_irq(s);
1954 break;
1955 case WIN_SPECIFY:
1956 case WIN_RECAL:
1957 s->error = 0;
1958 s->status = READY_STAT | SEEK_STAT;
1959 ide_set_irq(s);
1960 break;
1961 case WIN_SETMULT:
1962 if (s->is_cf && s->nsector == 0) {
1963 /* Disable Read and Write Multiple */
1964 s->mult_sectors = 0;
1965 s->status = READY_STAT;
1966 } else if ((s->nsector & 0xff) != 0 &&
1967 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
1968 (s->nsector & (s->nsector - 1)) != 0)) {
1969 ide_abort_command(s);
1970 } else {
1971 s->mult_sectors = s->nsector & 0xff;
1972 s->status = READY_STAT;
1973 }
1974 ide_set_irq(s);
1975 break;
1976 case WIN_VERIFY_EXT:
1977 lba48 = 1;
1978 case WIN_VERIFY:
1979 case WIN_VERIFY_ONCE:
1980 /* do sector number check ? */
1981 ide_cmd_lba48_transform(s, lba48);
1982 s->status = READY_STAT;
1983 ide_set_irq(s);
1984 break;
1985 case WIN_READ_EXT:
1986 lba48 = 1;
1987 case WIN_READ:
1988 case WIN_READ_ONCE:
1989 if (!s->bs)
1990 goto abort_cmd;
1991 ide_cmd_lba48_transform(s, lba48);
1992 s->req_nb_sectors = 1;
1993 ide_sector_read(s);
1994 break;
1995 case WIN_WRITE_EXT:
1996 lba48 = 1;
1997 case WIN_WRITE:
1998 case WIN_WRITE_ONCE:
1999 case CFA_WRITE_SECT_WO_ERASE:
2000 case WIN_WRITE_VERIFY:
2001 ide_cmd_lba48_transform(s, lba48);
2002 s->error = 0;
2003 s->status = SEEK_STAT | READY_STAT;
2004 s->req_nb_sectors = 1;
2005 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
2006 s->media_changed = 1;
2007 break;
2008 case WIN_MULTREAD_EXT:
2009 lba48 = 1;
2010 case WIN_MULTREAD:
2011 if (!s->mult_sectors)
2012 goto abort_cmd;
2013 ide_cmd_lba48_transform(s, lba48);
2014 s->req_nb_sectors = s->mult_sectors;
2015 ide_sector_read(s);
2016 break;
2017 case WIN_MULTWRITE_EXT:
2018 lba48 = 1;
2019 case WIN_MULTWRITE:
2020 case CFA_WRITE_MULTI_WO_ERASE:
2021 if (!s->mult_sectors)
2022 goto abort_cmd;
2023 ide_cmd_lba48_transform(s, lba48);
2024 s->error = 0;
2025 s->status = SEEK_STAT | READY_STAT;
2026 s->req_nb_sectors = s->mult_sectors;
2027 n = s->nsector;
2028 if (n > s->req_nb_sectors)
2029 n = s->req_nb_sectors;
2030 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
2031 s->media_changed = 1;
2032 break;
2033 case WIN_READDMA_EXT:
2034 lba48 = 1;
2035 case WIN_READDMA:
2036 case WIN_READDMA_ONCE:
2037 if (!s->bs)
2038 goto abort_cmd;
2039 ide_cmd_lba48_transform(s, lba48);
2040 ide_sector_read_dma(s);
2041 break;
2042 case WIN_WRITEDMA_EXT:
2043 lba48 = 1;
2044 case WIN_WRITEDMA:
2045 case WIN_WRITEDMA_ONCE:
2046 if (!s->bs)
2047 goto abort_cmd;
2048 ide_cmd_lba48_transform(s, lba48);
2049 ide_sector_write_dma(s);
2050 s->media_changed = 1;
2051 break;
2052 case WIN_READ_NATIVE_MAX_EXT:
2053 lba48 = 1;
2054 case WIN_READ_NATIVE_MAX:
2055 ide_cmd_lba48_transform(s, lba48);
2056 ide_set_sector(s, s->nb_sectors - 1);
2057 s->status = READY_STAT;
2058 ide_set_irq(s);
2059 break;
2060 case WIN_CHECKPOWERMODE1:
2061 case WIN_CHECKPOWERMODE2:
2062 s->nsector = 0xff; /* device active or idle */
2063 s->status = READY_STAT;
2064 ide_set_irq(s);
2065 break;
2066 case WIN_SETFEATURES:
2067 if (!s->bs)
2068 goto abort_cmd;
2069 /* XXX: valid for CDROM ? */
2070 switch(s->feature) {
2071 case 0xcc: /* reverting to power-on defaults enable */
2072 case 0x66: /* reverting to power-on defaults disable */
2073 case 0x02: /* write cache enable */
2074 case 0x82: /* write cache disable */
2075 case 0xaa: /* read look-ahead enable */
2076 case 0x55: /* read look-ahead disable */
2077 case 0x05: /* set advanced power management mode */
2078 case 0x85: /* disable advanced power management mode */
2079 case 0x69: /* NOP */
2080 case 0x67: /* NOP */
2081 case 0x96: /* NOP */
2082 case 0x9a: /* NOP */
2083 case 0x42: /* enable Automatic Acoustic Mode */
2084 case 0xc2: /* disable Automatic Acoustic Mode */
2085 s->status = READY_STAT | SEEK_STAT;
2086 ide_set_irq(s);
2087 break;
2088 case 0x03: { /* set transfer mode */
2089 uint8_t val = s->nsector & 0x07;
2090
2091 switch (s->nsector >> 3) {
2092 case 0x00: /* pio default */
2093 case 0x01: /* pio mode */
2094 put_le16(s->identify_data + 63,0x07);
2095 put_le16(s->identify_data + 88,0x3f);
2096 break;
2097 case 0x04: /* mdma mode */
2098 put_le16(s->identify_data + 63,0x07 | (1 << (val + 8)));
2099 put_le16(s->identify_data + 88,0x3f);
2100 break;
2101 case 0x08: /* udma mode */
2102 put_le16(s->identify_data + 63,0x07);
2103 put_le16(s->identify_data + 88,0x3f | (1 << (val + 8)));
2104 break;
2105 default:
2106 goto abort_cmd;
2107 }
2108 s->status = READY_STAT | SEEK_STAT;
2109 ide_set_irq(s);
2110 break;
2111 }
2112 default:
2113 goto abort_cmd;
2114 }
2115 break;
2116 case WIN_FLUSH_CACHE:
2117 case WIN_FLUSH_CACHE_EXT:
2118 if (s->bs)
2119 bdrv_flush(s->bs);
2120 s->status = READY_STAT;
2121 ide_set_irq(s);
2122 break;
2123 case WIN_STANDBY:
2124 case WIN_STANDBY2:
2125 case WIN_STANDBYNOW1:
2126 case WIN_STANDBYNOW2:
2127 case WIN_IDLEIMMEDIATE:
2128 case CFA_IDLEIMMEDIATE:
2129 case WIN_SETIDLE1:
2130 case WIN_SETIDLE2:
2131 case WIN_SLEEPNOW1:
2132 case WIN_SLEEPNOW2:
2133 s->status = READY_STAT;
2134 ide_set_irq(s);
2135 break;
2136 /* ATAPI commands */
2137 case WIN_PIDENTIFY:
2138 if (s->is_cdrom) {
2139 ide_atapi_identify(s);
2140 s->status = READY_STAT | SEEK_STAT;
2141 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2142 } else {
2143 ide_abort_command(s);
2144 }
2145 ide_set_irq(s);
2146 break;
2147 case WIN_DIAGNOSE:
2148 ide_set_signature(s);
2149 s->status = READY_STAT;
2150 s->error = 0x01;
2151 ide_set_irq(s);
2152 break;
2153 case WIN_SRST:
2154 if (!s->is_cdrom)
2155 goto abort_cmd;
2156 ide_set_signature(s);
2157 s->status = 0x00; /* NOTE: READY is _not_ set */
2158 s->error = 0x01;
2159 break;
2160 case WIN_PACKETCMD:
2161 if (!s->is_cdrom)
2162 goto abort_cmd;
2163 /* overlapping commands not supported */
2164 if (s->feature & 0x02)
2165 goto abort_cmd;
2166 s->status = READY_STAT;
2167 s->atapi_dma = s->feature & 1;
2168 s->nsector = 1;
2169 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
2170 ide_atapi_cmd);
2171 break;
2172 /* CF-ATA commands */
2173 case CFA_REQ_EXT_ERROR_CODE:
2174 if (!s->is_cf)
2175 goto abort_cmd;
2176 s->error = 0x09; /* miscellaneous error */
2177 s->status = READY_STAT;
2178 ide_set_irq(s);
2179 break;
2180 case CFA_ERASE_SECTORS:
2181 case CFA_WEAR_LEVEL:
2182 if (!s->is_cf)
2183 goto abort_cmd;
2184 if (val == CFA_WEAR_LEVEL)
2185 s->nsector = 0;
2186 if (val == CFA_ERASE_SECTORS)
2187 s->media_changed = 1;
2188 s->error = 0x00;
2189 s->status = READY_STAT;
2190 ide_set_irq(s);
2191 break;
2192 case CFA_TRANSLATE_SECTOR:
2193 if (!s->is_cf)
2194 goto abort_cmd;
2195 s->error = 0x00;
2196 s->status = READY_STAT;
2197 memset(s->io_buffer, 0, 0x200);
2198 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
2199 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
2200 s->io_buffer[0x02] = s->select; /* Head */
2201 s->io_buffer[0x03] = s->sector; /* Sector */
2202 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
2203 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
2204 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
2205 s->io_buffer[0x13] = 0x00; /* Erase flag */
2206 s->io_buffer[0x18] = 0x00; /* Hot count */
2207 s->io_buffer[0x19] = 0x00; /* Hot count */
2208 s->io_buffer[0x1a] = 0x01; /* Hot count */
2209 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2210 ide_set_irq(s);
2211 break;
2212 case CFA_ACCESS_METADATA_STORAGE:
2213 if (!s->is_cf)
2214 goto abort_cmd;
2215 switch (s->feature) {
2216 case 0x02: /* Inquiry Metadata Storage */
2217 ide_cfata_metadata_inquiry(s);
2218 break;
2219 case 0x03: /* Read Metadata Storage */
2220 ide_cfata_metadata_read(s);
2221 break;
2222 case 0x04: /* Write Metadata Storage */
2223 ide_cfata_metadata_write(s);
2224 break;
2225 default:
2226 goto abort_cmd;
2227 }
2228 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2229 s->status = 0x00; /* NOTE: READY is _not_ set */
2230 ide_set_irq(s);
2231 break;
2232 case IBM_SENSE_CONDITION:
2233 if (!s->is_cf)
2234 goto abort_cmd;
2235 switch (s->feature) {
2236 case 0x01: /* sense temperature in device */
2237 s->nsector = 0x50; /* +20 C */
2238 break;
2239 default:
2240 goto abort_cmd;
2241 }
2242 s->status = READY_STAT;
2243 ide_set_irq(s);
2244 break;
2245 default:
2246 abort_cmd:
2247 ide_abort_command(s);
2248 ide_set_irq(s);
2249 break;
2250 }
2251 }
2252 }
2253
2254 static uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
2255 {
2256 IDEState *ide_if = opaque;
2257 IDEState *s = ide_if->cur_drive;
2258 uint32_t addr;
2259 int ret, hob;
2260
2261 addr = addr1 & 7;
2262 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2263 //hob = s->select & (1 << 7);
2264 hob = 0;
2265 switch(addr) {
2266 case 0:
2267 ret = 0xff;
2268 break;
2269 case 1:
2270 if (!ide_if[0].bs && !ide_if[1].bs)
2271 ret = 0;
2272 else if (!hob)
2273 ret = s->error;
2274 else
2275 ret = s->hob_feature;
2276 break;
2277 case 2:
2278 if (!ide_if[0].bs && !ide_if[1].bs)
2279 ret = 0;
2280 else if (!hob)
2281 ret = s->nsector & 0xff;
2282 else
2283 ret = s->hob_nsector;
2284 break;
2285 case 3:
2286 if (!ide_if[0].bs && !ide_if[1].bs)
2287 ret = 0;
2288 else if (!hob)
2289 ret = s->sector;
2290 else
2291 ret = s->hob_sector;
2292 break;
2293 case 4:
2294 if (!ide_if[0].bs && !ide_if[1].bs)
2295 ret = 0;
2296 else if (!hob)
2297 ret = s->lcyl;
2298 else
2299 ret = s->hob_lcyl;
2300 break;
2301 case 5:
2302 if (!ide_if[0].bs && !ide_if[1].bs)
2303 ret = 0;
2304 else if (!hob)
2305 ret = s->hcyl;
2306 else
2307 ret = s->hob_hcyl;
2308 break;
2309 case 6:
2310 if (!ide_if[0].bs && !ide_if[1].bs)
2311 ret = 0;
2312 else
2313 ret = s->select;
2314 break;
2315 default:
2316 case 7:
2317 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2318 (s != ide_if && !s->bs))
2319 ret = 0;
2320 else
2321 ret = s->status;
2322 qemu_irq_lower(s->irq);
2323 break;
2324 }
2325 #ifdef DEBUG_IDE
2326 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
2327 #endif
2328 return ret;
2329 }
2330
2331 static uint32_t ide_status_read(void *opaque, uint32_t addr)
2332 {
2333 IDEState *ide_if = opaque;
2334 IDEState *s = ide_if->cur_drive;
2335 int ret;
2336
2337 if ((!ide_if[0].bs && !ide_if[1].bs) ||
2338 (s != ide_if && !s->bs))
2339 ret = 0;
2340 else
2341 ret = s->status;
2342 #ifdef DEBUG_IDE
2343 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
2344 #endif
2345 return ret;
2346 }
2347
2348 static void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
2349 {
2350 IDEState *ide_if = opaque;
2351 IDEState *s;
2352 int i;
2353
2354 #ifdef DEBUG_IDE
2355 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
2356 #endif
2357 /* common for both drives */
2358 if (!(ide_if[0].cmd & IDE_CMD_RESET) &&
2359 (val & IDE_CMD_RESET)) {
2360 /* reset low to high */
2361 for(i = 0;i < 2; i++) {
2362 s = &ide_if[i];
2363 s->status = BUSY_STAT | SEEK_STAT;
2364 s->error = 0x01;
2365 }
2366 } else if ((ide_if[0].cmd & IDE_CMD_RESET) &&
2367 !(val & IDE_CMD_RESET)) {
2368 /* high to low */
2369 for(i = 0;i < 2; i++) {
2370 s = &ide_if[i];
2371 if (s->is_cdrom)
2372 s->status = 0x00; /* NOTE: READY is _not_ set */
2373 else
2374 s->status = READY_STAT | SEEK_STAT;
2375 ide_set_signature(s);
2376 }
2377 }
2378
2379 ide_if[0].cmd = val;
2380 ide_if[1].cmd = val;
2381 }
2382
2383 static void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
2384 {
2385 IDEState *s = ((IDEState *)opaque)->cur_drive;
2386 uint8_t *p;
2387
2388 p = s->data_ptr;
2389 *(uint16_t *)p = le16_to_cpu(val);
2390 p += 2;
2391 s->data_ptr = p;
2392 if (p >= s->data_end)
2393 s->end_transfer_func(s);
2394 }
2395
2396 static uint32_t ide_data_readw(void *opaque, uint32_t addr)
2397 {
2398 IDEState *s = ((IDEState *)opaque)->cur_drive;
2399 uint8_t *p;
2400 int ret;
2401 p = s->data_ptr;
2402 ret = cpu_to_le16(*(uint16_t *)p);
2403 p += 2;
2404 s->data_ptr = p;
2405 if (p >= s->data_end)
2406 s->end_transfer_func(s);
2407 return ret;
2408 }
2409
2410 static void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
2411 {
2412 IDEState *s = ((IDEState *)opaque)->cur_drive;
2413 uint8_t *p;
2414
2415 p = s->data_ptr;
2416 *(uint32_t *)p = le32_to_cpu(val);
2417 p += 4;
2418 s->data_ptr = p;
2419 if (p >= s->data_end)
2420 s->end_transfer_func(s);
2421 }
2422
2423 static uint32_t ide_data_readl(void *opaque, uint32_t addr)
2424 {
2425 IDEState *s = ((IDEState *)opaque)->cur_drive;
2426 uint8_t *p;
2427 int ret;
2428
2429 p = s->data_ptr;
2430 ret = cpu_to_le32(*(uint32_t *)p);
2431 p += 4;
2432 s->data_ptr = p;
2433 if (p >= s->data_end)
2434 s->end_transfer_func(s);
2435 return ret;
2436 }
2437
2438 static void ide_dummy_transfer_stop(IDEState *s)
2439 {
2440 s->data_ptr = s->io_buffer;
2441 s->data_end = s->io_buffer;
2442 s->io_buffer[0] = 0xff;
2443 s->io_buffer[1] = 0xff;
2444 s->io_buffer[2] = 0xff;
2445 s->io_buffer[3] = 0xff;
2446 }
2447
2448 static void ide_reset(IDEState *s)
2449 {
2450 if (s->is_cf)
2451 s->mult_sectors = 0;
2452 else
2453 s->mult_sectors = MAX_MULT_SECTORS;
2454 s->cur_drive = s;
2455 s->select = 0xa0;
2456 s->status = READY_STAT;
2457 ide_set_signature(s);
2458 /* init the transfer handler so that 0xffff is returned on data
2459 accesses */
2460 s->end_transfer_func = ide_dummy_transfer_stop;
2461 ide_dummy_transfer_stop(s);
2462 s->media_changed = 0;
2463 }
2464
2465 static void ide_init2(IDEState *ide_state,
2466 BlockDriverState *hd0, BlockDriverState *hd1,
2467 qemu_irq irq)
2468 {
2469 IDEState *s;
2470 static int drive_serial = 1;
2471 int i, cylinders, heads, secs;
2472 uint64_t nb_sectors;
2473
2474 for(i = 0; i < 2; i++) {
2475 s = ide_state + i;
2476 s->io_buffer = qemu_memalign(512, IDE_DMA_BUF_SIZE + 4);
2477 if (i == 0)
2478 s->bs = hd0;
2479 else
2480 s->bs = hd1;
2481 if (s->bs) {
2482 bdrv_get_geometry(s->bs, &nb_sectors);
2483 bdrv_guess_geometry(s->bs, &cylinders, &heads, &secs);
2484 s->cylinders = cylinders;
2485 s->heads = heads;
2486 s->sectors = secs;
2487 s->nb_sectors = nb_sectors;
2488
2489 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
2490 s->is_cdrom = 1;
2491 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
2492 }
2493 }
2494 s->drive_serial = drive_serial++;
2495 s->irq = irq;
2496 s->sector_write_timer = qemu_new_timer(vm_clock,
2497 ide_sector_write_timer_cb, s);
2498 ide_reset(s);
2499 }
2500 }
2501
2502 static void ide_init_ioport(IDEState *ide_state, int iobase, int iobase2)
2503 {
2504 register_ioport_write(iobase, 8, 1, ide_ioport_write, ide_state);
2505 register_ioport_read(iobase, 8, 1, ide_ioport_read, ide_state);
2506 if (iobase2) {
2507 register_ioport_read(iobase2, 1, 1, ide_status_read, ide_state);
2508 register_ioport_write(iobase2, 1, 1, ide_cmd_write, ide_state);
2509 }
2510
2511 /* data ports */
2512 register_ioport_write(iobase, 2, 2, ide_data_writew, ide_state);
2513 register_ioport_read(iobase, 2, 2, ide_data_readw, ide_state);
2514 register_ioport_write(iobase, 4, 4, ide_data_writel, ide_state);
2515 register_ioport_read(iobase, 4, 4, ide_data_readl, ide_state);
2516 }
2517
2518 /* save per IDE drive data */
2519 static void ide_save(QEMUFile* f, IDEState *s)
2520 {
2521 qemu_put_be32(f, s->mult_sectors);
2522 qemu_put_be32(f, s->identify_set);
2523 if (s->identify_set) {
2524 qemu_put_buffer(f, (const uint8_t *)s->identify_data, 512);
2525 }
2526 qemu_put_8s(f, &s->feature);
2527 qemu_put_8s(f, &s->error);
2528 qemu_put_be32s(f, &s->nsector);
2529 qemu_put_8s(f, &s->sector);
2530 qemu_put_8s(f, &s->lcyl);
2531 qemu_put_8s(f, &s->hcyl);
2532 qemu_put_8s(f, &s->hob_feature);
2533 qemu_put_8s(f, &s->hob_nsector);
2534 qemu_put_8s(f, &s->hob_sector);
2535 qemu_put_8s(f, &s->hob_lcyl);
2536 qemu_put_8s(f, &s->hob_hcyl);
2537 qemu_put_8s(f, &s->select);
2538 qemu_put_8s(f, &s->status);
2539 qemu_put_8s(f, &s->lba48);
2540
2541 qemu_put_8s(f, &s->sense_key);
2542 qemu_put_8s(f, &s->asc);
2543 /* XXX: if a transfer is pending, we do not save it yet */
2544 }
2545
2546 /* load per IDE drive data */
2547 static void ide_load(QEMUFile* f, IDEState *s)
2548 {
2549 s->mult_sectors=qemu_get_be32(f);
2550 s->identify_set=qemu_get_be32(f);
2551 if (s->identify_set) {
2552 qemu_get_buffer(f, (uint8_t *)s->identify_data, 512);
2553 }
2554 qemu_get_8s(f, &s->feature);
2555 qemu_get_8s(f, &s->error);
2556 qemu_get_be32s(f, &s->nsector);
2557 qemu_get_8s(f, &s->sector);
2558 qemu_get_8s(f, &s->lcyl);
2559 qemu_get_8s(f, &s->hcyl);
2560 qemu_get_8s(f, &s->hob_feature);
2561 qemu_get_8s(f, &s->hob_nsector);
2562 qemu_get_8s(f, &s->hob_sector);
2563 qemu_get_8s(f, &s->hob_lcyl);
2564 qemu_get_8s(f, &s->hob_hcyl);
2565 qemu_get_8s(f, &s->select);
2566 qemu_get_8s(f, &s->status);
2567 qemu_get_8s(f, &s->lba48);
2568
2569 qemu_get_8s(f, &s->sense_key);
2570 qemu_get_8s(f, &s->asc);
2571 /* XXX: if a transfer is pending, we do not save it yet */
2572 }
2573
2574 /***********************************************************/
2575 /* ISA IDE definitions */
2576
2577 void isa_ide_init(int iobase, int iobase2, qemu_irq irq,
2578 BlockDriverState *hd0, BlockDriverState *hd1)
2579 {
2580 IDEState *ide_state;
2581
2582 ide_state = qemu_mallocz(sizeof(IDEState) * 2);
2583 if (!ide_state)
2584 return;
2585
2586 ide_init2(ide_state, hd0, hd1, irq);
2587 ide_init_ioport(ide_state, iobase, iobase2);
2588 }
2589
2590 /***********************************************************/
2591 /* PCI IDE definitions */
2592
2593 static void cmd646_update_irq(PCIIDEState *d);
2594
2595 static void ide_map(PCIDevice *pci_dev, int region_num,
2596 uint32_t addr, uint32_t size, int type)
2597 {
2598 PCIIDEState *d = (PCIIDEState *)pci_dev;
2599 IDEState *ide_state;
2600
2601 if (region_num <= 3) {
2602 ide_state = &d->ide_if[(region_num >> 1) * 2];
2603 if (region_num & 1) {
2604 register_ioport_read(addr + 2, 1, 1, ide_status_read, ide_state);
2605 register_ioport_write(addr + 2, 1, 1, ide_cmd_write, ide_state);
2606 } else {
2607 register_ioport_write(addr, 8, 1, ide_ioport_write, ide_state);
2608 register_ioport_read(addr, 8, 1, ide_ioport_read, ide_state);
2609
2610 /* data ports */
2611 register_ioport_write(addr, 2, 2, ide_data_writew, ide_state);
2612 register_ioport_read(addr, 2, 2, ide_data_readw, ide_state);
2613 register_ioport_write(addr, 4, 4, ide_data_writel, ide_state);
2614 register_ioport_read(addr, 4, 4, ide_data_readl, ide_state);
2615 }
2616 }
2617 }
2618
2619 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb)
2620 {
2621 BMDMAState *bm = s->bmdma;
2622 if(!bm)
2623 return;
2624 bm->ide_if = s;
2625 bm->dma_cb = dma_cb;
2626 bm->cur_prd_last = 0;
2627 bm->cur_prd_addr = 0;
2628 bm->cur_prd_len = 0;
2629 if (bm->status & BM_STATUS_DMAING) {
2630 bm->dma_cb(bm, 0);
2631 }
2632 }
2633
2634 static void bmdma_cmd_writeb(void *opaque, uint32_t addr, uint32_t val)
2635 {
2636 BMDMAState *bm = opaque;
2637 #ifdef DEBUG_IDE
2638 printf("%s: 0x%08x\n", __func__, val);
2639 #endif
2640 if (!(val & BM_CMD_START)) {
2641 /* XXX: do it better */
2642 if (bm->status & BM_STATUS_DMAING) {
2643 bm->status &= ~BM_STATUS_DMAING;
2644 /* cancel DMA request */
2645 bm->ide_if = NULL;
2646 bm->dma_cb = NULL;
2647 if (bm->aiocb) {
2648 #ifdef DEBUG_AIO
2649 printf("aio_cancel\n");
2650 #endif
2651 bdrv_aio_cancel(bm->aiocb);
2652 bm->aiocb = NULL;
2653 }
2654 }
2655 bm->cmd = val & 0x09;
2656 } else {
2657 if (!(bm->status & BM_STATUS_DMAING)) {
2658 bm->status |= BM_STATUS_DMAING;
2659 /* start dma transfer if possible */
2660 if (bm->dma_cb)
2661 bm->dma_cb(bm, 0);
2662 }
2663 bm->cmd = val & 0x09;
2664 }
2665 }
2666
2667 static uint32_t bmdma_readb(void *opaque, uint32_t addr)
2668 {
2669 BMDMAState *bm = opaque;
2670 PCIIDEState *pci_dev;
2671 uint32_t val;
2672
2673 switch(addr & 3) {
2674 case 0:
2675 val = bm->cmd;
2676 break;
2677 case 1:
2678 pci_dev = bm->pci_dev;
2679 if (pci_dev->type == IDE_TYPE_CMD646) {
2680 val = pci_dev->dev.config[MRDMODE];
2681 } else {
2682 val = 0xff;
2683 }
2684 break;
2685 case 2:
2686 val = bm->status;
2687 break;
2688 case 3:
2689 pci_dev = bm->pci_dev;
2690 if (pci_dev->type == IDE_TYPE_CMD646) {
2691 if (bm == &pci_dev->bmdma[0])
2692 val = pci_dev->dev.config[UDIDETCR0];
2693 else
2694 val = pci_dev->dev.config[UDIDETCR1];
2695 } else {
2696 val = 0xff;
2697 }
2698 break;
2699 default:
2700 val = 0xff;
2701 break;
2702 }
2703 #ifdef DEBUG_IDE
2704 printf("bmdma: readb 0x%02x : 0x%02x\n", addr, val);
2705 #endif
2706 return val;
2707 }
2708
2709 static void bmdma_writeb(void *opaque, uint32_t addr, uint32_t val)
2710 {
2711 BMDMAState *bm = opaque;
2712 PCIIDEState *pci_dev;
2713 #ifdef DEBUG_IDE
2714 printf("bmdma: writeb 0x%02x : 0x%02x\n", addr, val);
2715 #endif
2716 switch(addr & 3) {
2717 case 1:
2718 pci_dev = bm->pci_dev;
2719 if (pci_dev->type == IDE_TYPE_CMD646) {
2720 pci_dev->dev.config[MRDMODE] =
2721 (pci_dev->dev.config[MRDMODE] & ~0x30) | (val & 0x30);
2722 cmd646_update_irq(pci_dev);
2723 }
2724 break;
2725 case 2:
2726 bm->status = (val & 0x60) | (bm->status & 1) | (bm->status & ~val & 0x06);
2727 break;
2728 case 3:
2729 pci_dev = bm->pci_dev;
2730 if (pci_dev->type == IDE_TYPE_CMD646) {
2731 if (bm == &pci_dev->bmdma[0])
2732 pci_dev->dev.config[UDIDETCR0] = val;
2733 else
2734 pci_dev->dev.config[UDIDETCR1] = val;
2735 }
2736 break;
2737 }
2738 }
2739
2740 static uint32_t bmdma_addr_readl(void *opaque, uint32_t addr)
2741 {
2742 BMDMAState *bm = opaque;
2743 uint32_t val;
2744 val = bm->addr;
2745 #ifdef DEBUG_IDE
2746 printf("%s: 0x%08x\n", __func__, val);
2747 #endif
2748 return val;
2749 }
2750
2751 static void bmdma_addr_writel(void *opaque, uint32_t addr, uint32_t val)
2752 {
2753 BMDMAState *bm = opaque;
2754 #ifdef DEBUG_IDE
2755 printf("%s: 0x%08x\n", __func__, val);
2756 #endif
2757 bm->addr = val & ~3;
2758 bm->cur_addr = bm->addr;
2759 }
2760
2761 static void bmdma_map(PCIDevice *pci_dev, int region_num,
2762 uint32_t addr, uint32_t size, int type)
2763 {
2764 PCIIDEState *d = (PCIIDEState *)pci_dev;
2765 int i;
2766
2767 for(i = 0;i < 2; i++) {
2768 BMDMAState *bm = &d->bmdma[i];
2769 d->ide_if[2 * i].bmdma = bm;
2770 d->ide_if[2 * i + 1].bmdma = bm;
2771 bm->pci_dev = (PCIIDEState *)pci_dev;
2772
2773 register_ioport_write(addr, 1, 1, bmdma_cmd_writeb, bm);
2774
2775 register_ioport_write(addr + 1, 3, 1, bmdma_writeb, bm);
2776 register_ioport_read(addr, 4, 1, bmdma_readb, bm);
2777
2778 register_ioport_write(addr + 4, 4, 4, bmdma_addr_writel, bm);
2779 register_ioport_read(addr + 4, 4, 4, bmdma_addr_readl, bm);
2780 addr += 8;
2781 }
2782 }
2783
2784 /* XXX: call it also when the MRDMODE is changed from the PCI config
2785 registers */
2786 static void cmd646_update_irq(PCIIDEState *d)
2787 {
2788 int pci_level;
2789 pci_level = ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH0) &&
2790 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH0)) ||
2791 ((d->dev.config[MRDMODE] & MRDMODE_INTR_CH1) &&
2792 !(d->dev.config[MRDMODE] & MRDMODE_BLK_CH1));
2793 qemu_set_irq(d->dev.irq[0], pci_level);
2794 }
2795
2796 /* the PCI irq level is the logical OR of the two channels */
2797 static void cmd646_set_irq(void *opaque, int channel, int level)
2798 {
2799 PCIIDEState *d = opaque;
2800 int irq_mask;
2801
2802 irq_mask = MRDMODE_INTR_CH0 << channel;
2803 if (level)
2804 d->dev.config[MRDMODE] |= irq_mask;
2805 else
2806 d->dev.config[MRDMODE] &= ~irq_mask;
2807 cmd646_update_irq(d);
2808 }
2809
2810 /* CMD646 PCI IDE controller */
2811 void pci_cmd646_ide_init(PCIBus *bus, BlockDriverState **hd_table,
2812 int secondary_ide_enabled)
2813 {
2814 PCIIDEState *d;
2815 uint8_t *pci_conf;
2816 int i;
2817 qemu_irq *irq;
2818
2819 d = (PCIIDEState *)pci_register_device(bus, "CMD646 IDE",
2820 sizeof(PCIIDEState),
2821 -1,
2822 NULL, NULL);
2823 d->type = IDE_TYPE_CMD646;
2824 pci_conf = d->dev.config;
2825 pci_conf[0x00] = 0x95; // CMD646
2826 pci_conf[0x01] = 0x10;
2827 pci_conf[0x02] = 0x46;
2828 pci_conf[0x03] = 0x06;
2829
2830 pci_conf[0x08] = 0x07; // IDE controller revision
2831 pci_conf[0x09] = 0x8f;
2832
2833 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2834 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2835 pci_conf[0x0e] = 0x00; // header_type
2836
2837 if (secondary_ide_enabled) {
2838 /* XXX: if not enabled, really disable the seconday IDE controller */
2839 pci_conf[0x51] = 0x80; /* enable IDE1 */
2840 }
2841
2842 pci_register_io_region((PCIDevice *)d, 0, 0x8,
2843 PCI_ADDRESS_SPACE_IO, ide_map);
2844 pci_register_io_region((PCIDevice *)d, 1, 0x4,
2845 PCI_ADDRESS_SPACE_IO, ide_map);
2846 pci_register_io_region((PCIDevice *)d, 2, 0x8,
2847 PCI_ADDRESS_SPACE_IO, ide_map);
2848 pci_register_io_region((PCIDevice *)d, 3, 0x4,
2849 PCI_ADDRESS_SPACE_IO, ide_map);
2850 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2851 PCI_ADDRESS_SPACE_IO, bmdma_map);
2852
2853 pci_conf[0x3d] = 0x01; // interrupt on pin 1
2854
2855 for(i = 0; i < 4; i++)
2856 d->ide_if[i].pci_dev = (PCIDevice *)d;
2857
2858 irq = qemu_allocate_irqs(cmd646_set_irq, d, 2);
2859 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], irq[0]);
2860 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], irq[1]);
2861 }
2862
2863 static void pci_ide_save(QEMUFile* f, void *opaque)
2864 {
2865 PCIIDEState *d = opaque;
2866 int i;
2867
2868 pci_device_save(&d->dev, f);
2869
2870 for(i = 0; i < 2; i++) {
2871 BMDMAState *bm = &d->bmdma[i];
2872 qemu_put_8s(f, &bm->cmd);
2873 qemu_put_8s(f, &bm->status);
2874 qemu_put_be32s(f, &bm->addr);
2875 /* XXX: if a transfer is pending, we do not save it yet */
2876 }
2877
2878 /* per IDE interface data */
2879 for(i = 0; i < 2; i++) {
2880 IDEState *s = &d->ide_if[i * 2];
2881 uint8_t drive1_selected;
2882 qemu_put_8s(f, &s->cmd);
2883 drive1_selected = (s->cur_drive != s);
2884 qemu_put_8s(f, &drive1_selected);
2885 }
2886
2887 /* per IDE drive data */
2888 for(i = 0; i < 4; i++) {
2889 ide_save(f, &d->ide_if[i]);
2890 }
2891 }
2892
2893 static int pci_ide_load(QEMUFile* f, void *opaque, int version_id)
2894 {
2895 PCIIDEState *d = opaque;
2896 int ret, i;
2897
2898 if (version_id != 1)
2899 return -EINVAL;
2900 ret = pci_device_load(&d->dev, f);
2901 if (ret < 0)
2902 return ret;
2903
2904 for(i = 0; i < 2; i++) {
2905 BMDMAState *bm = &d->bmdma[i];
2906 qemu_get_8s(f, &bm->cmd);
2907 qemu_get_8s(f, &bm->status);
2908 qemu_get_be32s(f, &bm->addr);
2909 /* XXX: if a transfer is pending, we do not save it yet */
2910 }
2911
2912 /* per IDE interface data */
2913 for(i = 0; i < 2; i++) {
2914 IDEState *s = &d->ide_if[i * 2];
2915 uint8_t drive1_selected;
2916 qemu_get_8s(f, &s->cmd);
2917 qemu_get_8s(f, &drive1_selected);
2918 s->cur_drive = &d->ide_if[i * 2 + (drive1_selected != 0)];
2919 }
2920
2921 /* per IDE drive data */
2922 for(i = 0; i < 4; i++) {
2923 ide_load(f, &d->ide_if[i]);
2924 }
2925 return 0;
2926 }
2927
2928 static void piix3_reset(PCIIDEState *d)
2929 {
2930 uint8_t *pci_conf = d->dev.config;
2931
2932 pci_conf[0x04] = 0x00;
2933 pci_conf[0x05] = 0x00;
2934 pci_conf[0x06] = 0x80; /* FBC */
2935 pci_conf[0x07] = 0x02; // PCI_status_devsel_medium
2936 pci_conf[0x20] = 0x01; /* BMIBA: 20-23h */
2937 }
2938
2939 /* hd_table must contain 4 block drivers */
2940 /* NOTE: for the PIIX3, the IRQs and IOports are hardcoded */
2941 void pci_piix3_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
2942 qemu_irq *pic)
2943 {
2944 PCIIDEState *d;
2945 uint8_t *pci_conf;
2946 int i;
2947
2948 /* register a function 1 of PIIX3 */
2949 d = (PCIIDEState *)pci_register_device(bus, "PIIX3 IDE",
2950 sizeof(PCIIDEState),
2951 devfn,
2952 NULL, NULL);
2953 d->type = IDE_TYPE_PIIX3;
2954
2955 pci_conf = d->dev.config;
2956 pci_conf[0x00] = 0x86; // Intel
2957 pci_conf[0x01] = 0x80;
2958 pci_conf[0x02] = 0x10;
2959 pci_conf[0x03] = 0x70;
2960 pci_conf[0x09] = 0x80; // legacy ATA mode
2961 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
2962 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
2963 pci_conf[0x0e] = 0x00; // header_type
2964
2965 piix3_reset(d);
2966
2967 pci_register_io_region((PCIDevice *)d, 4, 0x10,
2968 PCI_ADDRESS_SPACE_IO, bmdma_map);
2969
2970 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
2971 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
2972 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
2973 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
2974
2975 for (i = 0; i < 4; i++)
2976 if (hd_table[i])
2977 hd_table[i]->devfn = d->dev.devfn;
2978
2979 register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
2980 }
2981
2982 /* hd_table must contain 4 block drivers */
2983 /* NOTE: for the PIIX4, the IRQs and IOports are hardcoded */
2984 void pci_piix4_ide_init(PCIBus *bus, BlockDriverState **hd_table, int devfn,
2985 qemu_irq *pic)
2986 {
2987 PCIIDEState *d;
2988 uint8_t *pci_conf;
2989
2990 /* register a function 1 of PIIX4 */
2991 d = (PCIIDEState *)pci_register_device(bus, "PIIX4 IDE",
2992 sizeof(PCIIDEState),
2993 devfn,
2994 NULL, NULL);
2995 d->type = IDE_TYPE_PIIX4;
2996
2997 pci_conf = d->dev.config;
2998 pci_conf[0x00] = 0x86; // Intel
2999 pci_conf[0x01] = 0x80;
3000 pci_conf[0x02] = 0x11;
3001 pci_conf[0x03] = 0x71;
3002 pci_conf[0x09] = 0x80; // legacy ATA mode
3003 pci_conf[0x0a] = 0x01; // class_sub = PCI_IDE
3004 pci_conf[0x0b] = 0x01; // class_base = PCI_mass_storage
3005 pci_conf[0x0e] = 0x00; // header_type
3006
3007 piix3_reset(d);
3008
3009 pci_register_io_region((PCIDevice *)d, 4, 0x10,
3010 PCI_ADDRESS_SPACE_IO, bmdma_map);
3011
3012 ide_init2(&d->ide_if[0], hd_table[0], hd_table[1], pic[14]);
3013 ide_init2(&d->ide_if[2], hd_table[2], hd_table[3], pic[15]);
3014 ide_init_ioport(&d->ide_if[0], 0x1f0, 0x3f6);
3015 ide_init_ioport(&d->ide_if[2], 0x170, 0x376);
3016
3017 register_savevm("ide", 0, 1, pci_ide_save, pci_ide_load, d);
3018 }
3019
3020 /***********************************************************/
3021 /* MacIO based PowerPC IDE */
3022
3023 /* PowerMac IDE memory IO */
3024 static void pmac_ide_writeb (void *opaque,
3025 target_phys_addr_t addr, uint32_t val)
3026 {
3027 addr = (addr & 0xFFF) >> 4;
3028 switch (addr) {
3029 case 1 ... 7:
3030 ide_ioport_write(opaque, addr, val);
3031 break;
3032 case 8:
3033 case 22:
3034 ide_cmd_write(opaque, 0, val);
3035 break;
3036 default:
3037 break;
3038 }
3039 }
3040
3041 static uint32_t pmac_ide_readb (void *opaque,target_phys_addr_t addr)
3042 {
3043 uint8_t retval;
3044
3045 addr = (addr & 0xFFF) >> 4;
3046 switch (addr) {
3047 case 1 ... 7:
3048 retval = ide_ioport_read(opaque, addr);
3049 break;
3050 case 8:
3051 case 22:
3052 retval = ide_status_read(opaque, 0);
3053 break;
3054 default:
3055 retval = 0xFF;
3056 break;
3057 }
3058 return retval;
3059 }
3060
3061 static void pmac_ide_writew (void *opaque,
3062 target_phys_addr_t addr, uint32_t val)
3063 {
3064 addr = (addr & 0xFFF) >> 4;
3065 #ifdef TARGET_WORDS_BIGENDIAN
3066 val = bswap16(val);
3067 #endif
3068 if (addr == 0) {
3069 ide_data_writew(opaque, 0, val);
3070 }
3071 }
3072
3073 static uint32_t pmac_ide_readw (void *opaque,target_phys_addr_t addr)
3074 {
3075 uint16_t retval;
3076
3077 addr = (addr & 0xFFF) >> 4;
3078 if (addr == 0) {
3079 retval = ide_data_readw(opaque, 0);
3080 } else {
3081 retval = 0xFFFF;
3082 }
3083 #ifdef TARGET_WORDS_BIGENDIAN
3084 retval = bswap16(retval);
3085 #endif
3086 return retval;
3087 }
3088
3089 static void pmac_ide_writel (void *opaque,
3090 target_phys_addr_t addr, uint32_t val)
3091 {
3092 addr = (addr & 0xFFF) >> 4;
3093 #ifdef TARGET_WORDS_BIGENDIAN
3094 val = bswap32(val);
3095 #endif
3096 if (addr == 0) {
3097 ide_data_writel(opaque, 0, val);
3098 }
3099 }
3100
3101 static uint32_t pmac_ide_readl (void *opaque,target_phys_addr_t addr)
3102 {
3103 uint32_t retval;
3104
3105 addr = (addr & 0xFFF) >> 4;
3106 if (addr == 0) {
3107 retval = ide_data_readl(opaque, 0);
3108 } else {
3109 retval = 0xFFFFFFFF;
3110 }
3111 #ifdef TARGET_WORDS_BIGENDIAN
3112 retval = bswap32(retval);
3113 #endif
3114 return retval;
3115 }
3116
3117 static CPUWriteMemoryFunc *pmac_ide_write[] = {
3118 pmac_ide_writeb,
3119 pmac_ide_writew,
3120 pmac_ide_writel,
3121 };
3122
3123 static CPUReadMemoryFunc *pmac_ide_read[] = {
3124 pmac_ide_readb,
3125 pmac_ide_readw,
3126 pmac_ide_readl,
3127 };
3128
3129 /* hd_table must contain 4 block drivers */
3130 /* PowerMac uses memory mapped registers, not I/O. Return the memory
3131 I/O index to access the ide. */
3132 int pmac_ide_init (BlockDriverState **hd_table, qemu_irq irq)
3133 {
3134 IDEState *ide_if;
3135 int pmac_ide_memory;
3136
3137 ide_if = qemu_mallocz(sizeof(IDEState) * 2);
3138 ide_init2(&ide_if[0], hd_table[0], hd_table[1], irq);
3139
3140 pmac_ide_memory = cpu_register_io_memory(0, pmac_ide_read,
3141 pmac_ide_write, &ide_if[0]);
3142 return pmac_ide_memory;
3143 }
3144
3145 /***********************************************************/
3146 /* CF-ATA Microdrive */
3147
3148 #define METADATA_SIZE 0x20
3149
3150 /* DSCM-1XXXX Microdrive hard disk with CF+ II / PCMCIA interface. */
3151 struct md_s {
3152 IDEState ide[2];
3153 struct pcmcia_card_s card;
3154 uint32_t attr_base;
3155 uint32_t io_base;
3156
3157 /* Card state */
3158 uint8_t opt;
3159 uint8_t stat;
3160 uint8_t pins;
3161
3162 uint8_t ctrl;
3163 uint16_t io;
3164 int cycle;
3165 };
3166
3167 /* Register bitfields */
3168 enum md_opt {
3169 OPT_MODE_MMAP = 0,
3170 OPT_MODE_IOMAP16 = 1,
3171 OPT_MODE_IOMAP1 = 2,
3172 OPT_MODE_IOMAP2 = 3,
3173 OPT_MODE = 0x3f,
3174 OPT_LEVIREQ = 0x40,
3175 OPT_SRESET = 0x80,
3176 };
3177 enum md_cstat {
3178 STAT_INT = 0x02,
3179 STAT_PWRDWN = 0x04,
3180 STAT_XE = 0x10,
3181 STAT_IOIS8 = 0x20,
3182 STAT_SIGCHG = 0x40,
3183 STAT_CHANGED = 0x80,
3184 };
3185 enum md_pins {
3186 PINS_MRDY = 0x02,
3187 PINS_CRDY = 0x20,
3188 };
3189 enum md_ctrl {
3190 CTRL_IEN = 0x02,
3191 CTRL_SRST = 0x04,
3192 };
3193
3194 static inline void md_interrupt_update(struct md_s *s)
3195 {
3196 if (!s->card.slot)
3197 return;
3198
3199 qemu_set_irq(s->card.slot->irq,
3200 !(s->stat & STAT_INT) && /* Inverted */
3201 !(s->ctrl & (CTRL_IEN | CTRL_SRST)) &&
3202 !(s->opt & OPT_SRESET));
3203 }
3204
3205 static void md_set_irq(void *opaque, int irq, int level)
3206 {
3207 struct md_s *s = (struct md_s *) opaque;
3208 if (level)
3209 s->stat |= STAT_INT;
3210 else
3211 s->stat &= ~STAT_INT;
3212
3213 md_interrupt_update(s);
3214 }
3215
3216 static void md_reset(struct md_s *s)
3217 {
3218 s->opt = OPT_MODE_MMAP;
3219 s->stat = 0;
3220 s->pins = 0;
3221 s->cycle = 0;
3222 s->ctrl = 0;
3223 ide_reset(s->ide);
3224 }
3225
3226 static uint8_t md_attr_read(void *opaque, uint32_t at)
3227 {
3228 struct md_s *s = (struct md_s *) opaque;
3229 if (at < s->attr_base) {
3230 if (at < s->card.cis_len)
3231 return s->card.cis[at];
3232 else
3233 return 0x00;
3234 }
3235
3236 at -= s->attr_base;
3237
3238 switch (at) {
3239 case 0x00: /* Configuration Option Register */
3240 return s->opt;
3241 case 0x02: /* Card Configuration Status Register */
3242 if (s->ctrl & CTRL_IEN)
3243 return s->stat & ~STAT_INT;
3244 else
3245 return s->stat;
3246 case 0x04: /* Pin Replacement Register */
3247 return (s->pins & PINS_CRDY) | 0x0c;
3248 case 0x06: /* Socket and Copy Register */
3249 return 0x00;
3250 #ifdef VERBOSE
3251 default:
3252 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3253 #endif
3254 }
3255
3256 return 0;
3257 }
3258
3259 static void md_attr_write(void *opaque, uint32_t at, uint8_t value)
3260 {
3261 struct md_s *s = (struct md_s *) opaque;
3262 at -= s->attr_base;
3263
3264 switch (at) {
3265 case 0x00: /* Configuration Option Register */
3266 s->opt = value & 0xcf;
3267 if (value & OPT_SRESET)
3268 md_reset(s);
3269 md_interrupt_update(s);
3270 break;
3271 case 0x02: /* Card Configuration Status Register */
3272 if ((s->stat ^ value) & STAT_PWRDWN)
3273 s->pins |= PINS_CRDY;
3274 s->stat &= 0x82;
3275 s->stat |= value & 0x74;
3276 md_interrupt_update(s);
3277 /* Word 170 in Identify Device must be equal to STAT_XE */
3278 break;
3279 case 0x04: /* Pin Replacement Register */
3280 s->pins &= PINS_CRDY;
3281 s->pins |= value & PINS_MRDY;
3282 break;
3283 case 0x06: /* Socket and Copy Register */
3284 break;
3285 default:
3286 printf("%s: Bad attribute space register %02x\n", __FUNCTION__, at);
3287 }
3288 }
3289
3290 static uint16_t md_common_read(void *opaque, uint32_t at)
3291 {
3292 struct md_s *s = (struct md_s *) opaque;
3293 uint16_t ret;
3294 at -= s->io_base;
3295
3296 switch (s->opt & OPT_MODE) {
3297 case OPT_MODE_MMAP:
3298 if ((at & ~0x3ff) == 0x400)
3299 at = 0;
3300 break;
3301 case OPT_MODE_IOMAP16:
3302 at &= 0xf;
3303 break;
3304 case OPT_MODE_IOMAP1:
3305 if ((at & ~0xf) == 0x3f0)
3306 at -= 0x3e8;
3307 else if ((at & ~0xf) == 0x1f0)
3308 at -= 0x1f0;
3309 break;
3310 case OPT_MODE_IOMAP2:
3311 if ((at & ~0xf) == 0x370)
3312 at -= 0x368;
3313 else if ((at & ~0xf) == 0x170)
3314 at -= 0x170;
3315 }
3316
3317 switch (at) {
3318 case 0x0: /* Even RD Data */
3319 case 0x8:
3320 return ide_data_readw(s->ide, 0);
3321
3322 /* TODO: 8-bit accesses */
3323 if (s->cycle)
3324 ret = s->io >> 8;
3325 else {
3326 s->io = ide_data_readw(s->ide, 0);
3327 ret = s->io & 0xff;
3328 }
3329 s->cycle = !s->cycle;
3330 return ret;
3331 case 0x9: /* Odd RD Data */
3332 return s->io >> 8;
3333 case 0xd: /* Error */
3334 return ide_ioport_read(s->ide, 0x1);
3335 case 0xe: /* Alternate Status */
3336 if (s->ide->cur_drive->bs)
3337 return s->ide->cur_drive->status;
3338 else
3339 return 0;
3340 case 0xf: /* Device Address */
3341 return 0xc2 | ((~s->ide->select << 2) & 0x3c);
3342 default:
3343 return ide_ioport_read(s->ide, at);
3344 }
3345
3346 return 0;
3347 }
3348
3349 static void md_common_write(void *opaque, uint32_t at, uint16_t value)
3350 {
3351 struct md_s *s = (struct md_s *) opaque;
3352 at -= s->io_base;
3353
3354 switch (s->opt & OPT_MODE) {
3355 case OPT_MODE_MMAP:
3356 if ((at & ~0x3ff) == 0x400)
3357 at = 0;
3358 break;
3359 case OPT_MODE_IOMAP16:
3360 at &= 0xf;
3361 break;
3362 case OPT_MODE_IOMAP1:
3363 if ((at & ~0xf) == 0x3f0)
3364 at -= 0x3e8;
3365 else if ((at & ~0xf) == 0x1f0)
3366 at -= 0x1f0;
3367 break;
3368 case OPT_MODE_IOMAP2:
3369 if ((at & ~0xf) == 0x370)
3370 at -= 0x368;
3371 else if ((at & ~0xf) == 0x170)
3372 at -= 0x170;
3373 }
3374
3375 switch (at) {
3376 case 0x0: /* Even WR Data */
3377 case 0x8:
3378 ide_data_writew(s->ide, 0, value);
3379 break;
3380
3381 /* TODO: 8-bit accesses */
3382 if (s->cycle)
3383 ide_data_writew(s->ide, 0, s->io | (value << 8));
3384 else
3385 s->io = value & 0xff;
3386 s->cycle = !s->cycle;
3387 break;
3388 case 0x9:
3389 s->io = value & 0xff;
3390 s->cycle = !s->cycle;
3391 break;
3392 case 0xd: /* Features */
3393 ide_ioport_write(s->ide, 0x1, value);
3394 break;
3395 case 0xe: /* Device Control */
3396 s->ctrl = value;
3397 if (value & CTRL_SRST)
3398 md_reset(s);
3399 md_interrupt_update(s);
3400 break;
3401 default:
3402 if (s->stat & STAT_PWRDWN) {
3403 s->pins |= PINS_CRDY;
3404 s->stat &= ~STAT_PWRDWN;
3405 }
3406 ide_ioport_write(s->ide, at, value);
3407 }
3408 }
3409
3410 static void md_save(QEMUFile *f, void *opaque)
3411 {
3412 struct md_s *s = (struct md_s *) opaque;
3413 int i;
3414 uint8_t drive1_selected;
3415
3416 qemu_put_8s(f, &s->opt);
3417 qemu_put_8s(f, &s->stat);
3418 qemu_put_8s(f, &s->pins);
3419
3420 qemu_put_8s(f, &s->ctrl);
3421 qemu_put_be16s(f, &s->io);
3422 qemu_put_byte(f, s->cycle);
3423
3424 drive1_selected = (s->ide->cur_drive != s->ide);
3425 qemu_put_8s(f, &s->ide->cmd);
3426 qemu_put_8s(f, &drive1_selected);
3427
3428 for (i = 0; i < 2; i ++)
3429 ide_save(f, &s->ide[i]);
3430 }
3431
3432 static int md_load(QEMUFile *f, void *opaque, int version_id)
3433 {
3434 struct md_s *s = (struct md_s *) opaque;
3435 int i;
3436 uint8_t drive1_selected;
3437
3438 qemu_get_8s(f, &s->opt);
3439 qemu_get_8s(f, &s->stat);
3440 qemu_get_8s(f, &s->pins);
3441
3442 qemu_get_8s(f, &s->ctrl);
3443 qemu_get_be16s(f, &s->io);
3444 s->cycle = qemu_get_byte(f);
3445
3446 qemu_get_8s(f, &s->ide->cmd);
3447 qemu_get_8s(f, &drive1_selected);
3448 s->ide->cur_drive = &s->ide[(drive1_selected != 0)];
3449
3450 for (i = 0; i < 2; i ++)
3451 ide_load(f, &s->ide[i]);
3452
3453 return 0;
3454 }
3455
3456 static int md_iid = 0;
3457
3458 static const uint8_t dscm1xxxx_cis[0x14a] = {
3459 [0x000] = CISTPL_DEVICE, /* 5V Device Information */
3460 [0x002] = 0x03, /* Tuple length = 4 bytes */
3461 [0x004] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3462 [0x006] = 0x01, /* Size = 2K bytes */
3463 [0x008] = CISTPL_ENDMARK,
3464
3465 [0x00a] = CISTPL_DEVICE_OC, /* Additional Device Information */
3466 [0x00c] = 0x04, /* Tuple length = 4 byest */
3467 [0x00e] = 0x03, /* Conditions: Ext = 0, Vcc 3.3V, MWAIT = 1 */
3468 [0x010] = 0xdb, /* ID: DTYPE_FUNCSPEC, non WP, DSPEED_150NS */
3469 [0x012] = 0x01, /* Size = 2K bytes */
3470 [0x014] = CISTPL_ENDMARK,
3471
3472 [0x016] = CISTPL_JEDEC_C, /* JEDEC ID */
3473 [0x018] = 0x02, /* Tuple length = 2 bytes */
3474 [0x01a] = 0xdf, /* PC Card ATA with no Vpp required */
3475 [0x01c] = 0x01,
3476
3477 [0x01e] = CISTPL_MANFID, /* Manufacture ID */
3478 [0x020] = 0x04, /* Tuple length = 4 bytes */
3479 [0x022] = 0xa4, /* TPLMID_MANF = 00a4 (IBM) */
3480 [0x024] = 0x00,
3481 [0x026] = 0x00, /* PLMID_CARD = 0000 */
3482 [0x028] = 0x00,
3483
3484 [0x02a] = CISTPL_VERS_1, /* Level 1 Version */
3485 [0x02c] = 0x12, /* Tuple length = 23 bytes */
3486 [0x02e] = 0x04, /* Major Version = JEIDA 4.2 / PCMCIA 2.1 */
3487 [0x030] = 0x01, /* Minor Version = 1 */
3488 [0x032] = 'I',
3489 [0x034] = 'B',
3490 [0x036] = 'M',
3491 [0x038] = 0x00,
3492 [0x03a] = 'm',
3493 [0x03c] = 'i',
3494 [0x03e] = 'c',
3495 [0x040] = 'r',
3496 [0x042] = 'o',
3497 [0x044] = 'd',
3498 [0x046] = 'r',
3499 [0x048] = 'i',
3500 [0x04a] = 'v',
3501 [0x04c] = 'e',
3502 [0x04e] = 0x00,
3503 [0x050] = CISTPL_ENDMARK,
3504
3505 [0x052] = CISTPL_FUNCID, /* Function ID */
3506 [0x054] = 0x02, /* Tuple length = 2 bytes */
3507 [0x056] = 0x04, /* TPLFID_FUNCTION = Fixed Disk */
3508 [0x058] = 0x01, /* TPLFID_SYSINIT: POST = 1, ROM = 0 */
3509
3510 [0x05a] = CISTPL_FUNCE, /* Function Extension */
3511 [0x05c] = 0x02, /* Tuple length = 2 bytes */
3512 [0x05e] = 0x01, /* TPLFE_TYPE = Disk Device Interface */
3513 [0x060] = 0x01, /* TPLFE_DATA = PC Card ATA Interface */
3514
3515 [0x062] = CISTPL_FUNCE, /* Function Extension */
3516 [0x064] = 0x03, /* Tuple length = 3 bytes */
3517 [0x066] = 0x02, /* TPLFE_TYPE = Basic PC Card ATA Interface */
3518 [0x068] = 0x08, /* TPLFE_DATA: Rotating, Unique, Single */
3519 [0x06a] = 0x0f, /* TPLFE_DATA: Sleep, Standby, Idle, Auto */
3520
3521 [0x06c] = CISTPL_CONFIG, /* Configuration */
3522 [0x06e] = 0x05, /* Tuple length = 5 bytes */
3523 [0x070] = 0x01, /* TPCC_RASZ = 2 bytes, TPCC_RMSZ = 1 byte */
3524 [0x072] = 0x07, /* TPCC_LAST = 7 */
3525 [0x074] = 0x00, /* TPCC_RADR = 0200 */
3526 [0x076] = 0x02,
3527 [0x078] = 0x0f, /* TPCC_RMSK = 200, 202, 204, 206 */
3528
3529 [0x07a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3530 [0x07c] = 0x0b, /* Tuple length = 11 bytes */
3531 [0x07e] = 0xc0, /* TPCE_INDX = Memory Mode, Default, Iface */
3532 [0x080] = 0xc0, /* TPCE_IF = Memory, no BVDs, no WP, READY */
3533 [0x082] = 0xa1, /* TPCE_FS = Vcc only, no I/O, Memory, Misc */
3534 [0x084] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3535 [0x086] = 0x55, /* NomV: 5.0 V */
3536 [0x088] = 0x4d, /* MinV: 4.5 V */
3537 [0x08a] = 0x5d, /* MaxV: 5.5 V */
3538 [0x08c] = 0x4e, /* Peakl: 450 mA */
3539 [0x08e] = 0x08, /* TPCE_MS = 1 window, 1 byte, Host address */
3540 [0x090] = 0x00, /* Window descriptor: Window length = 0 */
3541 [0x092] = 0x20, /* TPCE_MI: support power down mode, RW */
3542
3543 [0x094] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3544 [0x096] = 0x06, /* Tuple length = 6 bytes */
3545 [0x098] = 0x00, /* TPCE_INDX = Memory Mode, no Default */
3546 [0x09a] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3547 [0x09c] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3548 [0x09e] = 0xb5, /* NomV: 3.3 V */
3549 [0x0a0] = 0x1e,
3550 [0x0a2] = 0x3e, /* Peakl: 350 mA */
3551
3552 [0x0a4] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3553 [0x0a6] = 0x0d, /* Tuple length = 13 bytes */
3554 [0x0a8] = 0xc1, /* TPCE_INDX = I/O and Memory Mode, Default */
3555 [0x0aa] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3556 [0x0ac] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3557 [0x0ae] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3558 [0x0b0] = 0x55, /* NomV: 5.0 V */
3559 [0x0b2] = 0x4d, /* MinV: 4.5 V */
3560 [0x0b4] = 0x5d, /* MaxV: 5.5 V */
3561 [0x0b6] = 0x4e, /* Peakl: 450 mA */
3562 [0x0b8] = 0x64, /* TPCE_IO = 16-byte boundary, 16/8 accesses */
3563 [0x0ba] = 0xf0, /* TPCE_IR = MASK, Level, Pulse, Share */
3564 [0x0bc] = 0xff, /* IRQ0..IRQ7 supported */
3565 [0x0be] = 0xff, /* IRQ8..IRQ15 supported */
3566 [0x0c0] = 0x20, /* TPCE_MI = support power down mode */
3567
3568 [0x0c2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3569 [0x0c4] = 0x06, /* Tuple length = 6 bytes */
3570 [0x0c6] = 0x01, /* TPCE_INDX = I/O and Memory Mode */
3571 [0x0c8] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3572 [0x0ca] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3573 [0x0cc] = 0xb5, /* NomV: 3.3 V */
3574 [0x0ce] = 0x1e,
3575 [0x0d0] = 0x3e, /* Peakl: 350 mA */
3576
3577 [0x0d2] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3578 [0x0d4] = 0x12, /* Tuple length = 18 bytes */
3579 [0x0d6] = 0xc2, /* TPCE_INDX = I/O Primary Mode */
3580 [0x0d8] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3581 [0x0da] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3582 [0x0dc] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3583 [0x0de] = 0x55, /* NomV: 5.0 V */
3584 [0x0e0] = 0x4d, /* MinV: 4.5 V */
3585 [0x0e2] = 0x5d, /* MaxV: 5.5 V */
3586 [0x0e4] = 0x4e, /* Peakl: 450 mA */
3587 [0x0e6] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3588 [0x0e8] = 0x61, /* Range: 2 fields, 2 bytes addr, 1 byte len */
3589 [0x0ea] = 0xf0, /* Field 1 address = 0x01f0 */
3590 [0x0ec] = 0x01,
3591 [0x0ee] = 0x07, /* Address block length = 8 */
3592 [0x0f0] = 0xf6, /* Field 2 address = 0x03f6 */
3593 [0x0f2] = 0x03,
3594 [0x0f4] = 0x01, /* Address block length = 2 */
3595 [0x0f6] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3596 [0x0f8] = 0x20, /* TPCE_MI = support power down mode */
3597
3598 [0x0fa] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3599 [0x0fc] = 0x06, /* Tuple length = 6 bytes */
3600 [0x0fe] = 0x02, /* TPCE_INDX = I/O Primary Mode, no Default */
3601 [0x100] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3602 [0x102] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3603 [0x104] = 0xb5, /* NomV: 3.3 V */
3604 [0x106] = 0x1e,
3605 [0x108] = 0x3e, /* Peakl: 350 mA */
3606
3607 [0x10a] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3608 [0x10c] = 0x12, /* Tuple length = 18 bytes */
3609 [0x10e] = 0xc3, /* TPCE_INDX = I/O Secondary Mode, Default */
3610 [0x110] = 0x41, /* TPCE_IF = I/O and Memory, no BVD, no WP */
3611 [0x112] = 0x99, /* TPCE_FS = Vcc only, I/O, Interrupt, Misc */
3612 [0x114] = 0x27, /* NomV = 1, MinV = 1, MaxV = 1, Peakl = 1 */
3613 [0x116] = 0x55, /* NomV: 5.0 V */
3614 [0x118] = 0x4d, /* MinV: 4.5 V */
3615 [0x11a] = 0x5d, /* MaxV: 5.5 V */
3616 [0x11c] = 0x4e, /* Peakl: 450 mA */
3617 [0x11e] = 0xea, /* TPCE_IO = 1K boundary, 16/8 access, Range */
3618 [0x120] = 0x61, /* Range: 2 fields, 2 byte addr, 1 byte len */
3619 [0x122] = 0x70, /* Field 1 address = 0x0170 */
3620 [0x124] = 0x01,
3621 [0x126] = 0x07, /* Address block length = 8 */
3622 [0x128] = 0x76, /* Field 2 address = 0x0376 */
3623 [0x12a] = 0x03,
3624 [0x12c] = 0x01, /* Address block length = 2 */
3625 [0x12e] = 0xee, /* TPCE_IR = IRQ E, Level, Pulse, Share */
3626 [0x130] = 0x20, /* TPCE_MI = support power down mode */
3627
3628 [0x132] = CISTPL_CFTABLE_ENTRY, /* 16-bit PC Card Configuration */
3629 [0x134] = 0x06, /* Tuple length = 6 bytes */
3630 [0x136] = 0x03, /* TPCE_INDX = I/O Secondary Mode */
3631 [0x138] = 0x01, /* TPCE_FS = Vcc only, no I/O, no Memory */
3632 [0x13a] = 0x21, /* NomV = 1, MinV = 0, MaxV = 0, Peakl = 1 */
3633 [0x13c] = 0xb5, /* NomV: 3.3 V */
3634 [0x13e] = 0x1e,
3635 [0x140] = 0x3e, /* Peakl: 350 mA */
3636
3637 [0x142] = CISTPL_NO_LINK, /* No Link */
3638 [0x144] = 0x00, /* Tuple length = 0 bytes */
3639
3640 [0x146] = CISTPL_END, /* Tuple End */
3641 };
3642
3643 static int dscm1xxxx_attach(void *opaque)
3644 {
3645 struct md_s *md = (struct md_s *) opaque;
3646 md->card.attr_read = md_attr_read;
3647 md->card.attr_write = md_attr_write;
3648 md->card.common_read = md_common_read;
3649 md->card.common_write = md_common_write;
3650 md->card.io_read = md_common_read;
3651 md->card.io_write = md_common_write;
3652
3653 md->attr_base = md->card.cis[0x74] | (md->card.cis[0x76] << 8);
3654 md->io_base = 0x0;
3655
3656 md_reset(md);
3657 md_interrupt_update(md);
3658
3659 md->card.slot->card_string = "DSCM-1xxxx Hitachi Microdrive";
3660 return 0;
3661 }
3662
3663 static int dscm1xxxx_detach(void *opaque)
3664 {
3665 struct md_s *md = (struct md_s *) opaque;
3666 md_reset(md);
3667 return 0;
3668 }
3669
3670 struct pcmcia_card_s *dscm1xxxx_init(BlockDriverState *bdrv)
3671 {
3672 struct md_s *md = (struct md_s *) qemu_mallocz(sizeof(struct md_s));
3673 md->card.state = md;
3674 md->card.attach = dscm1xxxx_attach;
3675 md->card.detach = dscm1xxxx_detach;
3676 md->card.cis = dscm1xxxx_cis;
3677 md->card.cis_len = sizeof(dscm1xxxx_cis);
3678
3679 ide_init2(md->ide, bdrv, 0, qemu_allocate_irqs(md_set_irq, md, 1)[0]);
3680 md->ide->is_cf = 1;
3681 md->ide->mdata_size = METADATA_SIZE;
3682 md->ide->mdata_storage = (uint8_t *) qemu_mallocz(METADATA_SIZE);
3683
3684 register_savevm("microdrive", md_iid ++, 0, md_save, md_load, md);
3685
3686 return &md->card;
3687 }
Patches shipped by Fedora